aboutsummaryrefslogtreecommitdiff
path: root/crypto/openssh/monitor.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssh/monitor.c')
-rw-r--r--crypto/openssh/monitor.c11
1 files changed, 5 insertions, 6 deletions
diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c
index 91e0e62454b7..fda4a3660be7 100644
--- a/crypto/openssh/monitor.c
+++ b/crypto/openssh/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.234 2022/06/15 16:08:25 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.235 2023/02/17 04:22:50 dtucker Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1097,6 +1097,10 @@ mm_answer_pam_respond(struct ssh *ssh, int sock, struct sshbuf *m)
sshpam_authok = NULL;
if ((r = sshbuf_get_u32(m, &num)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ if (num > PAM_MAX_NUM_MSG) {
+ fatal_f("Too many PAM messages, got %u, expected <= %u",
+ num, (unsigned)PAM_MAX_NUM_MSG);
+ }
if (num > 0) {
resp = xcalloc(num, sizeof(char *));
for (i = 0; i < num; ++i) {
@@ -1161,11 +1165,6 @@ mm_answer_keyallowed(struct ssh *ssh, int sock, struct sshbuf *m)
fatal_fr(r, "parse");
if (key != NULL && authctxt->valid) {
- /* These should not make it past the privsep child */
- if (sshkey_type_plain(key->type) == KEY_RSA &&
- (ssh->compat & SSH_BUG_RSASIGMD5) != 0)
- fatal_f("passed a SSH_BUG_RSASIGMD5 key");
-
switch (type) {
case MM_USERKEY:
auth_method = "publickey";
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-11 10:44:17 +0000