diff options
author | Hans Nilsson <hans@erlang.org> | 2016-08-31 10:06:18 +0200 |
---|---|---|
committer | Hans Nilsson <hans@erlang.org> | 2016-08-31 10:06:18 +0200 |
commit | c4ad47cbd88a3570116b3f60210d6cae2c62f7b5 (patch) | |
tree | 5b1a82794fca17133bfb90ea345d83cfd01ef44f /lib/ssh/src/ssh_auth.erl | |
parent | 88a20d25f8a9584a78cc8fce1c8f624a15dd2bb3 (diff) | |
parent | 3430829486d4c2a2af32214107ba39f9028d7aa8 (diff) | |
download | otp-c4ad47cbd88a3570116b3f60210d6cae2c62f7b5.tar.gz otp-c4ad47cbd88a3570116b3f60210d6cae2c62f7b5.tar.bz2 otp-c4ad47cbd88a3570116b3f60210d6cae2c62f7b5.zip |
Merge branch 'hans/ssh/test_fixes/OTP-13854' into maint
Fixes problems found by test suites as well as by Codenomicon/Defensics:
- reduce max random padding to 15 bytes (Codenomicon/Defensics)
- inclomplete pdu handling (Codenomicon/Defensics)
- badmatch
- non-blocking send fixes deadlock in ssh_connection_SUITE:interrupted_send
Diffstat (limited to 'lib/ssh/src/ssh_auth.erl')
-rw-r--r-- | lib/ssh/src/ssh_auth.erl | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/lib/ssh/src/ssh_auth.erl b/lib/ssh/src/ssh_auth.erl index fb5e086656..1dcf5d0708 100644 --- a/lib/ssh/src/ssh_auth.erl +++ b/lib/ssh/src/ssh_auth.erl @@ -264,12 +264,23 @@ handle_userauth_request(#ssh_msg_userauth_request{user = User, SessionId, #ssh{opts = Opts, userauth_supported_methods = Methods} = Ssh) -> - <<?BYTE(HaveSig), ?UINT32(ALen), BAlg:ALen/binary, - ?UINT32(KLen), KeyBlob:KLen/binary, SigWLen/binary>> = Data, - Alg = binary_to_list(BAlg), + + <<?BYTE(HaveSig), + ?UINT32(ALen), BAlg:ALen/binary, + Rest/binary>> = Data, + + {KeyBlob, SigWLen} = + case Rest of + <<?UINT32(KLen0), KeyBlob0:KLen0/binary, SigWLen0/binary>> -> + {KeyBlob0, SigWLen0}; + <<>> -> + {<<>>, <<>>} + end, + case HaveSig of ?TRUE -> - case verify_sig(SessionId, User, "ssh-connection", Alg, + case verify_sig(SessionId, User, "ssh-connection", + binary_to_list(BAlg), KeyBlob, SigWLen, Opts) of true -> {authorized, User, @@ -284,7 +295,7 @@ handle_userauth_request(#ssh_msg_userauth_request{user = User, ?FALSE -> {not_authorized, {User, undefined}, ssh_transport:ssh_packet( - #ssh_msg_userauth_pk_ok{algorithm_name = Alg, + #ssh_msg_userauth_pk_ok{algorithm_name = binary_to_list(BAlg), key_blob = KeyBlob}, Ssh)} end; |