Correct ntpd(8) cryptographic signature bypass [SA-09:04].

Correct BIND DNSSEC incorrect checks for malformed signatures [SA-09:04]. Security: FreeBSD-SA-09:03.ntpd Security: FreeBSD-SA-09:04.bind Obtained from: ISC [SA-09:04] Approved by: so (simon)
2009-01-13 21:19:27 +00:00 · 2009-01-13 21:19:27 +00:00 · 49eb227b50
commit 49eb227b50
parent 2bfcbeed12
1 changed files with 1 additions and 1 deletions
--- a/contrib/ntp/ntpd/ntp_crypto.c
+++ b/contrib/ntp/ntpd/ntp_crypto.c
@ -1612,7 +1612,7 @@ crypto_verify(
 	 */
 	EVP_VerifyInit(&ctx, peer->digest);
 	EVP_VerifyUpdate(&ctx, (u_char *)&ep->tstamp, vallen + 12);
-	if (!EVP_VerifyFinal(&ctx, (u_char *)&ep->pkt[i], siglen, pkey))
+	if (EVP_VerifyFinal(&ctx, (u_char *)&ep->pkt[i], siglen, pkey) <= 0)
 		return (XEVNT_SIG);

 	if (peer->crypto & CRYPTO_FLAG_VRFY) {