lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-11 03:42:35 +03:00
Code Activity

CVE-2023-1667:packet_cb: Log more verbose error if signature verification fails

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2023-03-10 16:14:08 +01:00
committed by Andreas Schneider
parent df350d3aa4
commit fa902a37ae
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/packet_cb.c
View File

@@ -161,6 +161,9 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){
session->next_crypto->digest_len); session->next_crypto->digest_len);
SSH_SIGNATURE_FREE(sig); SSH_SIGNATURE_FREE(sig);
if (rc == SSH_ERROR) { if (rc == SSH_ERROR) {
ssh_set_error(session,
SSH_FATAL,
"Failed to verify server hostkey signature");
goto error; goto error;
} }
SSH_LOG(SSH_LOG_DEBUG,"Signature verified and valid"); SSH_LOG(SSH_LOG_DEBUG,"Signature verified and valid");