packet_cb: Properly verify the signature type

Issue reported by Tilo Eckert <tilo.eckert@flam.de> Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit bc91fa98ea)
2026-02-04 12:20:42 +09:00 · 2018-11-22 10:45:20 +01:00
parent c3a57fe2dc
commit 1df272c3cc
1 changed files with 4 additions and 4 deletions
--- a/src/packet_cb.c
+++ b/src/packet_cb.c
@@ -194,15 +194,15 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){
        goto error;
    }

-    /* check if public key from server matches user preferences */
+    /* Check if signature from server matches user preferences */
    if (session->opts.wanted_methods[SSH_HOSTKEYS]) {
-        if(!ssh_match_group(session->opts.wanted_methods[SSH_HOSTKEYS],
-                            server_key->type_c)) {
+        if (!ssh_match_group(session->opts.wanted_methods[SSH_HOSTKEYS],
+                             sig->type_c)) {
            ssh_set_error(session,
                          SSH_FATAL,
                          "Public key from server (%s) doesn't match user "
                          "preference (%s)",
-                          server_key->type_c,
+                          sig->type_c,
                          session->opts.wanted_methods[SSH_HOSTKEYS]);
            goto error;
        }