Check whether server pk_ok signature name is known

The would only happen from a misbehaved server, it hits an assertion. Fixes #285 on github
mkj · Mar 31, 2024 · 7d21cff · 7d21cff
1 parent 910af60
commit 7d21cff
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/src/cli-authpubkey.c b/src/cli-authpubkey.c
@@ -66,6 +66,10 @@ void recv_msg_userauth_pk_ok() {
 
 	algotype = buf_getstring(ses.payload, &algolen);
 	sigtype = signature_type_from_name(algotype, algolen);
+	if (sigtype == DROPBEAR_SIGNATURE_NONE) {
+		/* Server replied with an algorithm that we didn't send */
+		dropbear_exit("Bad pk_ok");
+	}
 	keytype = signkey_type_from_signature(sigtype);
 	TRACE(("recv_msg_userauth_pk_ok: type %d", sigtype))
 	m_free(algotype);