ports/libssh
ports/libssh
1
1
Форкнуть 0
Код Релизы 1 Активность
libssh/src
История
Jon Simons 465816f4a0 pki_crypto: pad RSA signature blobs 
Pad RSA signature blobs to the expected RSA signature length
when processing via 'pki_signature_to_blob'.

Some clients, notably PuTTY, may send unpadded RSA signatures
during the public key exchange: before this change, one can
sometimes observe failure in signature validation when using
PuTTY's 'plink' client, along these lines:

   ssh_packet_process: ssh_packet_process: Dispatching handler for packet type 50
   ssh_packet_userauth_request: ssh_packet_userauth_request: Auth request for service ssh-connection, method publickey for user 'foo'
   ssh_pki_signature_verify_blob: ssh_pki_signature_verify_blob: Going to verify a ssh-rsa type signature
   pki_signature_verify: pki_signature_verify: RSA error: error:04091077:rsa routines:INT_RSA_VERIFY:wrong signature length
   ssh_packet_userauth_request: ssh_packet_userauth_request: Received an invalid  signature from peer

For cross-reference this issue once also existed between
PuTTY and OpenSSH:

  http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/rsa-verify-failed.html

  http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh-rsa.c?rev=1.19;content-type=text%2Fx-cvsweb-markup

With the fix I am unable to reproduce the above failure mode when
testing with 'plink'.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2014-01-21 16:11:12 +01:00
..
threads
Fix typo.
2012-03-09 18:14:13 +01:00
agent.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
auth1.c
src: Remove enter_function() and leave_function().
2013-07-14 13:31:24 +02:00
auth.c
src: Rename buffer_init to ssh_buffer_init().
2014-01-19 20:43:29 +01:00
base64.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
bind.c
Import keys during ssh_bind_accept_fd
2014-01-21 16:07:04 +01:00
buffer.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
callbacks.c
src: Update my mail address.
2014-01-07 16:08:23 +01:00
channels1.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
channels.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
client.c
src: Rename buffer_init to ssh_buffer_init().
2014-01-19 20:43:29 +01:00
CMakeLists.txt
curve25519: include reference implementation
2013-11-03 14:58:10 +01:00
config.c
src: Update my mail address.
2014-01-07 16:08:23 +01:00
connect.c
update copyright information
2014-01-07 15:18:15 +01:00
crc32.c
priv: Create crc32.h.
2011-09-18 21:37:17 +02:00
curve25519_ref.c
curve25519: include reference implementation
2013-11-03 14:58:10 +01:00
curve25519.c
src: Rename buffer_init to ssh_buffer_init().
2014-01-19 20:43:29 +01:00
dh.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
ecdh.c
update copyright information
2014-01-07 15:18:15 +01:00
error.c
error: Fix logging in ssh_set_error().
2013-07-21 11:26:55 +02:00
gcrypt_missing.c
priv: Move gcrypt functions to gcrypt header.
2011-09-18 21:37:17 +02:00
getpass.c
update copyright information
2014-01-07 15:18:15 +01:00
gssapi.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
gzip.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
init.c
init: Some initialization fixes.
2011-05-01 19:42:50 +02:00
kex1.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
kex.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
known_hosts.c
src: Do not use deprecated functions.
2014-01-16 15:27:46 +01:00
legacy.c
src: Do not use deprecated functions.
2014-01-16 15:27:46 +01:00
libcrypto.c
wrapper: Add more evp functions.
2013-10-18 23:22:24 +02:00
libgcrypt.c
gcrypt: Fix simple DES support.
2012-10-05 11:22:15 +02:00
log.c
update copyright information
2014-01-07 15:18:15 +01:00
match.c
match: Don't dereference 's' directly.
2012-10-09 11:09:34 +02:00
messages.c
src: Do not use deprecated functions.
2014-01-16 15:27:46 +01:00
misc.c
src: Update my mail address.
2014-01-07 16:08:23 +01:00
options.c
src: Update my mail address.
2014-01-07 16:08:23 +01:00
packet1.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
packet_cb.c
kex: implement curve25519-sha256@libssh.org
2013-09-27 15:32:44 +02:00
packet_crypt.c
build: Fix missing struct in_addr warning.
2012-07-17 18:16:07 +02:00
packet.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
pcap.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
pki_crypto.c
pki_crypto: pad RSA signature blobs
2014-01-21 16:11:12 +01:00
pki_gcrypt.c
pki: Do not use deprecated string functions.
2014-01-17 09:29:24 +01:00
pki.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
poll.c
src: Update my mail address.
2014-01-07 16:08:23 +01:00
scp.c
scp: Fixed result of ssh_scp_string_mode() to get SCP working.
2013-10-18 14:58:47 +02:00
server.c
src: Rename buffer_init to ssh_buffer_init().
2014-01-19 20:43:29 +01:00
session.c
src: Rename buffer_init to ssh_buffer_init().
2014-01-19 20:43:29 +01:00
sftp.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
sftpserver.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
socket.c
src: Rename buffer_add_data() to ssh_buffer_add_data().
2014-01-19 20:55:55 +01:00
string.c
string: Fix memory leak in ssh_string_to_char().
2012-12-13 19:29:46 +01:00
threads.c
threads: support libgcrypt 1.6 hack
2014-01-08 18:57:31 +01:00
wrapper.c
update copyright information
2014-01-07 15:18:15 +01:00