From 1117b003fa25c2e29e3a679ba3a1a3b92b5a4587 Mon Sep 17 00:00:00 2001
From: TJ Saunders <tj@castaglia.org>
Date: Sat, 25 Jul 2020 16:51:26 -0700
Subject: [PATCH] Issue #1061: While investigating some reported issues with
 Ed25519 keys and mod_sftp, I reproduced one segfault when verifying such keys
 during publickey authentication.

---
 contrib/mod_sftp/kex.c  | 2 +-
 contrib/mod_sftp/keys.c | 7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/contrib/mod_sftp/kex.c b/contrib/mod_sftp/kex.c
index 17e853fe2..59c76f3c0 100644
--- a/contrib/mod_sftp/kex.c
+++ b/contrib/mod_sftp/kex.c
@@ -2869,7 +2869,7 @@ static int write_ext_info_server_sig_algs(struct ssh2_packet *pkt, char **buf,
   char *sig_algs = "";
 
 #if defined(PR_USE_SODIUM)
-  sig_algs = pstrcat(pkt->pool, sig_algs, *sig_algs ? "," : "", "ssh-ec25519",
+  sig_algs = pstrcat(pkt->pool, sig_algs, *sig_algs ? "," : "", "ssh-ed25519",
     NULL);
 #endif /* PR_USE_SODIUM */
 
diff --git a/contrib/mod_sftp/keys.c b/contrib/mod_sftp/keys.c
index b2e03f722..c94a3b201 100644
--- a/contrib/mod_sftp/keys.c
+++ b/contrib/mod_sftp/keys.c
@@ -4453,7 +4453,7 @@ const unsigned char *sftp_keys_sign_data(pool *p,
 
 int sftp_keys_verify_pubkey_type(pool *p, unsigned char *pubkey_data,
     uint32_t pubkey_len, enum sftp_key_type_e pubkey_type) {
-  EVP_PKEY *pkey;
+  EVP_PKEY *pkey = NULL;
   int res = FALSE;
   uint32_t len;
 
@@ -4542,7 +4542,10 @@ int sftp_keys_verify_pubkey_type(pool *p, unsigned char *pubkey_data,
       break;
   }
 
-  EVP_PKEY_free(pkey);
+  if (pkey != NULL) {
+    EVP_PKEY_free(pkey);
+  }
+
   return res;
 }
 
