aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2023-03-10 16:14:08 +0100
committerAndreas Schneider <asn@cryptomilk.org>2023-05-04 11:52:06 +0200
commita30339d7b16da7784413e4a4667feb3604ed0458 (patch)
tree4dc6b8bdc490e62049aacc1d271acd657aee64db
parent8dde4e19248ae4fd1c17173f677b17ed493aaa3b (diff)
downloadlibssh-a30339d7b16da7784413e4a4667feb3604ed0458.tar.gz
libssh-a30339d7b16da7784413e4a4667feb3604ed0458.tar.xz
libssh-a30339d7b16da7784413e4a4667feb3604ed0458.zip
CVE-2023-1667:packet_cb: Log more verbose error if signature verification fails
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--src/packet_cb.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/packet_cb.c b/src/packet_cb.c
index 9f226893..0ecf8771 100644
--- a/src/packet_cb.c
+++ b/src/packet_cb.c
@@ -161,6 +161,9 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){
session->next_crypto->digest_len);
SSH_SIGNATURE_FREE(sig);
if (rc == SSH_ERROR) {
+ ssh_set_error(session,
+ SSH_FATAL,
+ "Failed to verify server hostkey signature");
goto error;
}
SSH_LOG(SSH_LOG_PROTOCOL,"Signature verified and valid");