aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHans Nilsson <[email protected]>2017-10-11 14:55:34 +0200
committerHans Nilsson <[email protected]>2017-10-30 11:59:23 +0100
commitc34bbd1fa8606f47ddf31e3135b8d716f71a804d (patch)
treeb2f7665ade2b9b9413372a26f742b7ce0c4c2ec6
parent9fc2073320b27f003764c2d78541a41e306a7f2a (diff)
downloadotp-c34bbd1fa8606f47ddf31e3135b8d716f71a804d.tar.gz
otp-c34bbd1fa8606f47ddf31e3135b8d716f71a804d.tar.bz2
otp-c34bbd1fa8606f47ddf31e3135b8d716f71a804d.zip
ssh: Client checks user's public key
-rw-r--r--lib/ssh/src/ssh_auth.erl5
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/ssh/src/ssh_auth.erl b/lib/ssh/src/ssh_auth.erl
index ac64a7bf14..894877f8bf 100644
--- a/lib/ssh/src/ssh_auth.erl
+++ b/lib/ssh/src/ssh_auth.erl
@@ -145,14 +145,17 @@ get_public_key(SigAlg, #ssh{opts = Opts}) ->
case KeyCb:user_key(KeyAlg, [{key_cb_private,KeyCbOpts}|UserOpts]) of
{ok, PrivKey} ->
try
+ %% Check the key - the KeyCb may be a buggy plugin
+ true = ssh_transport:valid_key_sha_alg(PrivKey, KeyAlg),
Key = ssh_transport:extract_public_key(PrivKey),
public_key:ssh_encode(Key, ssh2_pubkey)
of
PubKeyBlob -> {ok,{PrivKey,PubKeyBlob}}
catch
_:_ ->
- not_ok
+ not_ok
end;
+
_Error ->
not_ok
end.