aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssh/src/ssh_auth.erl
diff options
context:
space:
mode:
authorHans Nilsson <hans@erlang.org>2016-08-31 10:06:18 +0200
committerHans Nilsson <hans@erlang.org>2016-08-31 10:06:18 +0200
commitc4ad47cbd88a3570116b3f60210d6cae2c62f7b5 (patch)
tree5b1a82794fca17133bfb90ea345d83cfd01ef44f /lib/ssh/src/ssh_auth.erl
parent88a20d25f8a9584a78cc8fce1c8f624a15dd2bb3 (diff)
parent3430829486d4c2a2af32214107ba39f9028d7aa8 (diff)
downloadotp-c4ad47cbd88a3570116b3f60210d6cae2c62f7b5.tar.gz
otp-c4ad47cbd88a3570116b3f60210d6cae2c62f7b5.tar.bz2
otp-c4ad47cbd88a3570116b3f60210d6cae2c62f7b5.zip
Merge branch 'hans/ssh/test_fixes/OTP-13854' into maint
Fixes problems found by test suites as well as by Codenomicon/Defensics: - reduce max random padding to 15 bytes (Codenomicon/Defensics) - inclomplete pdu handling (Codenomicon/Defensics) - badmatch - non-blocking send fixes deadlock in ssh_connection_SUITE:interrupted_send
Diffstat (limited to 'lib/ssh/src/ssh_auth.erl')
-rw-r--r--lib/ssh/src/ssh_auth.erl21
1 files changed, 16 insertions, 5 deletions
diff --git a/lib/ssh/src/ssh_auth.erl b/lib/ssh/src/ssh_auth.erl
index fb5e086656..1dcf5d0708 100644
--- a/lib/ssh/src/ssh_auth.erl
+++ b/lib/ssh/src/ssh_auth.erl
@@ -264,12 +264,23 @@ handle_userauth_request(#ssh_msg_userauth_request{user = User,
SessionId,
#ssh{opts = Opts,
userauth_supported_methods = Methods} = Ssh) ->
- <<?BYTE(HaveSig), ?UINT32(ALen), BAlg:ALen/binary,
- ?UINT32(KLen), KeyBlob:KLen/binary, SigWLen/binary>> = Data,
- Alg = binary_to_list(BAlg),
+
+ <<?BYTE(HaveSig),
+ ?UINT32(ALen), BAlg:ALen/binary,
+ Rest/binary>> = Data,
+
+ {KeyBlob, SigWLen} =
+ case Rest of
+ <<?UINT32(KLen0), KeyBlob0:KLen0/binary, SigWLen0/binary>> ->
+ {KeyBlob0, SigWLen0};
+ <<>> ->
+ {<<>>, <<>>}
+ end,
+
case HaveSig of
?TRUE ->
- case verify_sig(SessionId, User, "ssh-connection", Alg,
+ case verify_sig(SessionId, User, "ssh-connection",
+ binary_to_list(BAlg),
KeyBlob, SigWLen, Opts) of
true ->
{authorized, User,
@@ -284,7 +295,7 @@ handle_userauth_request(#ssh_msg_userauth_request{user = User,
?FALSE ->
{not_authorized, {User, undefined},
ssh_transport:ssh_packet(
- #ssh_msg_userauth_pk_ok{algorithm_name = Alg,
+ #ssh_msg_userauth_pk_ok{algorithm_name = binary_to_list(BAlg),
key_blob = KeyBlob}, Ssh)}
end;