mirror of
https://github.com/jtesta/ssh-audit.git
synced 2025-10-30 21:15:27 +01:00
Fixed crash when receiving unexpected response during host key test.
This commit is contained in:
Joe Testa
@@ -159,6 +159,7 @@ For convenience, a web front-end on top of the command-line tool is available at
|
|||||||
## ChangeLog
|
## ChangeLog
|
||||||
### v2.4.0-dev (???)
|
### v2.4.0-dev (???)
|
||||||
- Added version check for OpenSSH user enumeration (CVE-2018-15473).
|
- Added version check for OpenSSH user enumeration (CVE-2018-15473).
|
||||||
|
- Fixed crash when receiving unexpected response during host key test.
|
||||||
|
|
||||||
### v2.3.1 (2020-10-28)
|
### v2.3.1 (2020-10-28)
|
||||||
- Now parses public key sizes for `rsa-sha2-256-cert-v01@openssh.com` and `rsa-sha2-512-cert-v01@openssh.com` host key types.
|
- Now parses public key sizes for `rsa-sha2-256-cert-v01@openssh.com` and `rsa-sha2-512-cert-v01@openssh.com` host key types.
|
||||||
|
|||||||
@@ -135,9 +135,12 @@ class HostKeyTest:
|
|||||||
# Do the initial DH exchange. The server responds back
|
# Do the initial DH exchange. The server responds back
|
||||||
# with the host key and its length. Bingo. We also get back the host key fingerprint.
|
# with the host key and its length. Bingo. We also get back the host key fingerprint.
|
||||||
kex_group.send_init(s)
|
kex_group.send_init(s)
|
||||||
host_key = kex_group.recv_reply(s, variable_key_len)
|
try:
|
||||||
if host_key is not None:
|
host_key = kex_group.recv_reply(s, variable_key_len)
|
||||||
server_kex.set_host_key(host_key_type, host_key)
|
if host_key is not None:
|
||||||
|
server_kex.set_host_key(host_key_type, host_key)
|
||||||
|
except Exception:
|
||||||
|
pass
|
||||||
|
|
||||||
hostkey_modulus_size = kex_group.get_hostkey_size()
|
hostkey_modulus_size = kex_group.get_hostkey_size()
|
||||||
ca_modulus_size = kex_group.get_ca_size()
|
ca_modulus_size = kex_group.get_ca_size()
|
||||||
|
|||||||
Reference in New Issue
Block a user