Key authentication broken in current development build
Jessica Stokes
hello at jessicastokes.net
Tue Sep 5 13:35:59 AWST 2017
Hi there,
Just wanting to let you know that it looks like this commit <https://github.com/mkj/dropbear/commit/6e0b539e9ca0b5628c6c5a3d118ad6a2e79e8039> (6e0b539e9ca0b5628c6c5a3d118ad6a2e79e8039) renders key-based auth inoperable, as in the “checkpubkey” function it is now impossible for “ret” to be changed from “DROPBEAR_FAILURE”, so you end up with key auth being rejected with no stated reason when built with DEBUG_TRACE enabled.
It was formerly relying directly upon the return value of cmp_base64_key <https://github.com/mkj/dropbear/commit/6e0b539e9ca0b5628c6c5a3d118ad6a2e79e8039#diff-20756035b9b25f61dcc641e0854861d3L348>.
I’ve submitted a Pull Request (#51) <https://github.com/mkj/dropbear/pull/51> which fixes this by relying upon the return value of the checkpubkey_line function which was introduced by 6e0b539e.
Thanks,
–Jessica
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20170904/f0f88e86/attachment.htm
More information about the Dropbear
mailing list