Wait to fail invalid usernamesbugfix

author: Matt Johnston <matt@ucc.asn.au> 2018-08-23 23:43:12 +0800
committer: Matt Johnston <matt@ucc.asn.au> 2018-08-23 23:43:12 +0800
commit: 52adbb34c32d3e2e1bcdb941e20a6f81138b8248 (patch)
tree: 9df84dc409fa0f2a6ed2d9a75d40f31f68a73bbe /svr-authpubkey.c
parent: 90f04384eeb0a80b9f5ee19823702a612ba1653d (diff)
download: dropbear-52adbb34c32d3e2e1bcdb941e20a6f81138b8248.tar.gz
1 files changed, 10 insertions, 1 deletions
diff --git a/svr-authpubkey.c b/svr-authpubkey.c
index aa6087c..ff481c8 100644
--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
@@ -79,7 +79,7 @@ static int checkfileperm(char * filename);
 
 /* process a pubkey auth request, sending success or failure message as
  * appropriate */
-void svr_auth_pubkey() {
+void svr_auth_pubkey(int valid_user) {
 
 	unsigned char testkey; /* whether we're just checking if a key is usable */
 	char* algo = NULL; /* pubkey algo */
@@ -102,6 +102,15 @@ void svr_auth_pubkey() {
 	keybloblen = buf_getint(ses.payload);
 	keyblob = buf_getptr(ses.payload, keybloblen);
 
+	if (!valid_user) {
+		/* Return failure once we have read the contents of the packet
+		required to validate a public key. 
+		Avoids blind user enumeration though it isn't possible to prevent
+		testing for user existence if the public key is known */
+		send_msg_userauth_failure(0, 0);
+		goto out;
+	}
+
 	/* check if the key is valid */
 	if (checkpubkey(algo, algolen, keyblob, keybloblen) == DROPBEAR_FAILURE) {
 		send_msg_userauth_failure(0, 0);
author	Matt Johnston <matt@ucc.asn.au>	2018-08-23 23:43:12 +0800
committer	Matt Johnston <matt@ucc.asn.au>	2018-08-23 23:43:12 +0800
commit	52adbb34c32d3e2e1bcdb941e20a6f81138b8248 (patch)
tree	9df84dc409fa0f2a6ed2d9a75d40f31f68a73bbe /svr-authpubkey.c
parent	90f04384eeb0a80b9f5ee19823702a612ba1653d (diff)
download	dropbear-52adbb34c32d3e2e1bcdb941e20a6f81138b8248.tar.gz