Bugzilla – Attachment 3348 Details for
Bug 3094
Signature verification fails on windows
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
accept \r\n at end of signature banner
bz3094.diff (text/plain), 2.03 KB, created by
Damien Miller
on 2020-01-23 21:49:10 AEDT
(
hide
)
Description:
accept \r\n at end of signature banner
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2020-01-23 21:49:10 AEDT
Size:
2.03 KB
patch
obsolete
>diff --git a/sshsig.c b/sshsig.c >index 8fbc716..32ce43e 100644 >--- a/sshsig.c >+++ b/sshsig.c >@@ -35,7 +35,7 @@ > #define SIG_VERSION 0x01 > #define MAGIC_PREAMBLE "SSHSIG" > #define MAGIC_PREAMBLE_LEN (sizeof(MAGIC_PREAMBLE) - 1) >-#define BEGIN_SIGNATURE "-----BEGIN SSH SIGNATURE-----\n" >+#define BEGIN_SIGNATURE "-----BEGIN SSH SIGNATURE-----" > #define END_SIGNATURE "-----END SSH SIGNATURE-----" > #define RSA_SIGN_ALG "rsa-sha2-512" /* XXX maybe make configurable */ > #define RSA_SIGN_ALLOWED "rsa-sha2-512,rsa-sha2-256" >@@ -56,8 +56,7 @@ sshsig_armor(const struct sshbuf *blob, struct sshbuf **out) > goto out; > } > >- if ((r = sshbuf_put(buf, BEGIN_SIGNATURE, >- sizeof(BEGIN_SIGNATURE)-1)) != 0) { >+ if ((r = sshbuf_putf(buf, "%s\n", BEGIN_SIGNATURE)) != 0) { > error("%s: sshbuf_putf failed: %s", __func__, ssh_err(r)); > goto out; > } >@@ -83,6 +82,26 @@ sshsig_armor(const struct sshbuf *blob, struct sshbuf **out) > return r; > } > >+static int >+consume_eol(struct sshbuf *buf) >+{ >+ int i, r; >+ char *eols[] = { "\r\n", "\n", NULL }; >+ >+ for (i = 0; eols[i] != NULL; i++) { >+ if ((r = sshbuf_cmp(buf, 0, eols[i], strlen(eols[i]))) == 0) { >+ if ((r = sshbuf_consume(buf, strlen(eols[i]))) != 0) { >+ error("%s: sshbuf_consume failed: %s", >+ __func__, ssh_err(r)); >+ return r; >+ } >+ return 0; >+ } else if (r != SSH_ERR_INVALID_FORMAT) >+ return r; >+ } >+ return SSH_ERR_INVALID_FORMAT; >+} >+ > int > sshsig_dearmor(struct sshbuf *sig, struct sshbuf **out) > { >@@ -102,12 +121,14 @@ sshsig_dearmor(struct sshbuf *sig, struct sshbuf **out) > error("Couldn't parse signature: missing header"); > goto done; > } >- > if ((r = sshbuf_consume(sbuf, sizeof(BEGIN_SIGNATURE)-1)) != 0) { > error("%s: sshbuf_consume failed: %s", __func__, ssh_err(r)); > goto done; > } >- >+ if ((r = consume_eol(sbuf)) != 0) { >+ error("%s: consume header EOL: %s", __func__, ssh_err(r)); >+ goto done; >+ } > if ((r = sshbuf_find(sbuf, 0, "\n" END_SIGNATURE, > sizeof("\n" END_SIGNATURE)-1, &eoffset)) != 0) { > error("Couldn't parse signature: missing footer");
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3348">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 3094
: 3348