From 660a2c7d1bf7f5fba905b525bc7c3b9a5ac2ec99 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Sun, 7 Dec 2014 17:20:18 +0100 Subject: [PATCH] Check validity of Ed25519 key during an upgrade. --- src/protocol_auth.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 73a591e..be90d92 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -730,6 +730,12 @@ static bool upgrade_h(connection_t *c, const char *request) { return false; } + c->ecdsa = ecdsa_set_base64_public_key(pubkey); + if(!c->ecdsa) { + logger(DEBUG_ALWAYS, LOG_INFO, "Got bad Ed25519 public key from %s (%s), not upgrading.", c->name, c->hostname); + return false; + } + logger(DEBUG_ALWAYS, LOG_INFO, "Got Ed25519 public key from %s (%s), upgrading!", c->name, c->hostname); append_config_file(c->name, "Ed25519PublicKey", pubkey); c->allow_request = TERMREQ; -- 2.25.1