From 9a22681ed0ab81d2222179906e6672418a134d70 Mon Sep 17 00:00:00 2001 From: Pekka Riikonen Date: Sat, 13 Apr 2002 17:15:58 +0000 Subject: [PATCH] Check for mandatory random data length if public key auth. --- lib/silccore/silcauth.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/silccore/silcauth.c b/lib/silccore/silcauth.c index e38eff0b..0ac79369 100644 --- a/lib/silccore/silcauth.c +++ b/lib/silccore/silcauth.c @@ -79,6 +79,12 @@ SilcAuthPayload silc_auth_payload_parse(const unsigned char *data, return NULL; } + /* If public key authentication, random data must be at least 128 bytes */ + if (newp->auth_method == SILC_AUTH_PUBLIC_KEY && newp->random_len < 128) { + silc_auth_payload_free(newp); + return NULL; + } + return newp; } -- 2.43.0