bmh10 / rpms / openssh

Forked from rpms/openssh a day ago
Clone
Source Code
GIT

Blame openssh-8.7p1-sk-ecdsa-webauthn.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   c9s-sig-hyperscale
  2.   openssh-8.7p1-sk-ecdsa-webauthn.patch
Blob History Raw
Ben Homer 1e2159 
Index: openssh-8.7p1/ssh-ecdsa-sk.c
Ben Homer 1e2159 
===================================================================
Ben Homer 1e2159 
--- openssh-8.7p1.orig/ssh-ecdsa-sk.c
Ben Homer 1e2159 
+++ openssh-8.7p1/ssh-ecdsa-sk.c
Ben Homer 1e2159 
@@ -191,14 +191,17 @@ ssh_ecdsa_sk_verify(const struct sshkey
Ben Homer 1e2159 
 		ret = SSH_ERR_INVALID_FORMAT;
Ben Homer 1e2159 
 		goto out;
Ben Homer 1e2159 
 	}
Ben Homer 1e2159 
-	if (is_webauthn) {
Ben Homer 1e2159 
-		if (sshbuf_get_cstring(b, &webauthn_origin, NULL) != 0 ||
Ben Homer 1e2159 
-		    sshbuf_froms(b, &webauthn_wrapper) != 0 ||
Ben Homer 1e2159 
-		    sshbuf_froms(b, &webauthn_exts) != 0) {
Ben Homer 1e2159 
-			ret = SSH_ERR_INVALID_FORMAT;
Ben Homer 1e2159 
-			goto out;
Ben Homer 1e2159 
-		}
Ben Homer 1e2159 
-	}
Ben Homer 1e2159 
+	if (sshbuf_get_cstring(b, &webauthn_origin, NULL) != 0 ||
Ben Homer 1e2159 
+            sshbuf_froms(b, &webauthn_wrapper) != 0 ||
Ben Homer 1e2159 
+            sshbuf_froms(b, &webauthn_exts) != 0) {
Ben Homer 1e2159 
+                if (is_webauthn) {
Ben Homer 1e2159 
+		    ret = SSH_ERR_INVALID_FORMAT;
Ben Homer 1e2159 
+		    goto out;
Ben Homer 1e2159 
+                }
Ben Homer 1e2159 
+        } else {
Ben Homer 1e2159 
+            // webauthn signature detected based on structure
Ben Homer 1e2159 
+            is_webauthn = 1;
Ben Homer 1e2159 
+        }
Ben Homer 1e2159 
 	if (sshbuf_len(b) != 0) {
Ben Homer 1e2159 
 		ret = SSH_ERR_UNEXPECTED_TRAILING_DATA;
Ben Homer 1e2159 
 		goto out;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation