From 704c36ef6689739296d1c295b6eadcf3a1b900a5 Mon Sep 17 00:00:00 2001
From: djm <djm@openbsd.org>
Date: Thu, 21 Dec 2017 00:00:28 +0000
Subject: [PATCH] revert stricter key type / signature type checking in
 userauth path; too much software generates inconsistent messages, so we need
 a better plan.

---
 usr.bin/ssh/auth2-pubkey.c | 4 ++--
 usr.bin/ssh/monitor.c      | 9 ++++++++-
 usr.bin/ssh/monitor_wrap.c | 4 ++--
 3 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/usr.bin/ssh/auth2-pubkey.c b/usr.bin/ssh/auth2-pubkey.c
index 1f25650b014..da0aa4f88ed 100644
--- a/usr.bin/ssh/auth2-pubkey.c
+++ b/usr.bin/ssh/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.73 2017/12/19 00:24:34 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.74 2017/12/21 00:00:28 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -211,7 +211,7 @@ userauth_pubkey(struct ssh *ssh)
 		authenticated = 0;
 		if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) &&
 		    PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b),
-		    sshbuf_len(b), pkalg, ssh->compat)) == 0) {
+		    sshbuf_len(b), NULL, ssh->compat)) == 0) {
 			authenticated = 1;
 		}
 		sshbuf_free(b);
diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c
index 49c6237b558..d3396b8ac7e 100644
--- a/usr.bin/ssh/monitor.c
+++ b/usr.bin/ssh/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.176 2017/12/18 02:25:15 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.177 2017/12/21 00:00:28 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1062,6 +1062,12 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
 	  !monitor_allowed_key(blob, bloblen))
 		fatal("%s: bad key, not previously allowed", __func__);
 
+	/* Empty signature algorithm means NULL. */
+	if (*sigalg == '\0') {
+		free(sigalg);
+		sigalg = NULL;
+	}
+
 	/* XXX use sshkey_froms here; need to change key_blob, etc. */
 	if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0)
 		fatal("%s: bad public key blob: %s", __func__, ssh_err(r));
@@ -1092,6 +1098,7 @@ mm_answer_keyverify(int sock, struct sshbuf *m)
 	free(blob);
 	free(signature);
 	free(data);
+	free(sigalg);
 
 	monitor_reset_key_state();
 
diff --git a/usr.bin/ssh/monitor_wrap.c b/usr.bin/ssh/monitor_wrap.c
index 806548877d7..fd1e20f848d 100644
--- a/usr.bin/ssh/monitor_wrap.c
+++ b/usr.bin/ssh/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.96 2017/12/18 02:25:15 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.97 2017/12/21 00:00:28 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -440,7 +440,7 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
 	buffer_put_string(&m, blob, len);
 	buffer_put_string(&m, sig, siglen);
 	buffer_put_string(&m, data, datalen);
-	buffer_put_cstring(&m, sigalg);
+	buffer_put_cstring(&m, sigalg == NULL ? "" : sigalg);
 	free(blob);
 
 	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);
-- 
2.20.1