messages: Check that the requested service is 'ssh-connection'

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 9c200d3ef4f62d724d3bae2563b81c38cc31e215)

1 files changed, 8 insertions, 0 deletions

diff --git a/src/messages.c b/src/messages.c
index 98fbb7f7..3ddb6ada 100644
--- a/src/messages.c
+++ b/src/messages.c
@@ -649,6 +649,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
   ssh_message msg = NULL;
   char *service = NULL;
   char *method = NULL;
+  int cmp;
   int rc;
 
   (void)user;
@@ -675,6 +676,13 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_request){
       service, method,
       msg->auth_request.username);
 
+  cmp = strcmp(service, "ssh-connection");
+  if (cmp != 0) {
+      SSH_LOG(SSH_LOG_WARNING,
+              "Invalid service request: %s",
+              service);
+      goto end;
+  }
 
   if (strcmp(method, "none") == 0) {
     msg->auth_request.method = SSH_AUTH_METHOD_NONE;