From e8f3207a0dd9304b446d268d07559dae7eaa4aeb Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Fri, 19 Oct 2018 11:40:44 +0200
Subject: [PATCH] messages: Check that the requested service is
 'ssh-connection'

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 9c200d3ef4f62d724d3bae2563b81c38cc31e215)
---
 src/messages.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/messages.c b/src/messages.c
index 8733875c..c225a80c 100644
--- a/src/messages.c
+++ b/src/messages.c
@@ -704,6 +704,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
   ssh_message msg = NULL;
   char *service = NULL;
   char *method = NULL;
+  int cmp;
   int rc;
 
   (void)user;
@@ -730,6 +731,13 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
       service, method,
       msg->auth_request.username);
 
+  cmp = strcmp(service, "ssh-connection");
+  if (cmp != 0) {
+      SSH_LOG(SSH_LOG_WARNING,
+              "Invalid service request: %s",
+              service);
+      goto end;
+  }
 
   if (strcmp(method, "none") == 0) {
     msg->auth_request.method = SSH_AUTH_METHOD_NONE;