upstream: sshd: switch authentication to sshbuf API; ok djm@

OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641
author: markus@openbsd.org <markus@openbsd.org> 2018-07-09 21:35:50 +0000
committer: Damien Miller <djm@mindrot.org> 2018-07-10 15:27:43 +1000
commit: c7d39ac8dc3587c5f05bdd5bcd098eb5c201c0c8 (patch)
tree: 28e4a7c9d114a3ab3c7710850e54b1a8c41f840e /auth.c
parent: c3cb7790e9efb14ba74b2d9f543ad593b3d55b31 (diff)
1 files changed, 21 insertions, 18 deletions
diff --git a/auth.c b/auth.c
index 0424f1f79..2dddcf1f8 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.130 2018/06/06 18:23:32 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.131 2018/07/09 21:35:50 markus Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@@ -55,10 +55,10 @@
 #include "match.h"
 #include "groupaccess.h"
 #include "log.h"
-#include "buffer.h"
+#include "sshbuf.h"
 #include "misc.h"
 #include "servconf.h"
-#include "key.h"
+#include "sshkey.h"
 #include "hostfile.h"
 #include "auth.h"
 #include "auth-options.h"
@@ -84,8 +84,7 @@ extern struct passwd *privsep_pw;
 extern struct sshauthopt *auth_opts;
 /* Debugging messages */
-Buffer auth_debug;
+static struct sshbuf *auth_debug;
-int auth_debug_init;
 /*
 * Check if the user is allowed to log in via ssh. If user is listed
@@ -281,7 +280,7 @@ format_method_key(Authctxt *authctxt)
        if (key == NULL)
                return NULL;
-        if (key_is_cert(key)) {
+        if (sshkey_is_cert(key)) {
                fp = sshkey_fingerprint(key->cert->signature_key,
                    options.fingerprint_hash, SSH_FP_DEFAULT);
                xasprintf(&ret, "%s ID %s (serial %llu) CA %s %s%s%s",
@@ -672,26 +671,32 @@ auth_debug_add(const char *fmt,...)
 {
        char buf[1024];
        va_list args;
+        int r;
-        if (!auth_debug_init)
+        if (auth_debug == NULL)
                return;
        va_start(args, fmt);
        vsnprintf(buf, sizeof(buf), fmt, args);
        va_end(args);
-        buffer_put_cstring(&auth_debug, buf);
+        if ((r = sshbuf_put_cstring(auth_debug, buf)) != 0)
+                fatal("%s: sshbuf_put_cstring: %s", __func__, ssh_err(r));
 }
 void
 auth_debug_send(void)
 {
+        struct ssh *ssh = active_state;         /* XXX */
        char *msg;
+        int r;
-        if (!auth_debug_init)
+        if (auth_debug == NULL)
                return;
-        while (buffer_len(&auth_debug)) {
+        while (sshbuf_len(auth_debug) != 0) {
-                msg = buffer_get_string(&auth_debug, NULL);
+                if ((r = sshbuf_get_cstring(auth_debug, &msg, NULL)) != 0)
-                packet_send_debug("%s", msg);
+                        fatal("%s: sshbuf_get_cstring: %s",
+                            __func__, ssh_err(r));
+                ssh_packet_send_debug(ssh, "%s", msg);
                free(msg);
        }
 }
@@ -699,12 +704,10 @@ auth_debug_send(void)
 void
 auth_debug_reset(void)
 {
-        if (auth_debug_init)
+        if (auth_debug != NULL)
-                buffer_clear(&auth_debug);
+                sshbuf_reset(auth_debug);
-        else {
+        else if ((auth_debug = sshbuf_new()) == NULL)
-                buffer_init(&auth_debug);
+                fatal("%s: sshbuf_new failed", __func__);
-                auth_debug_init = 1;
-        }
 }
 struct passwd *
author	markus@openbsd.org <markus@openbsd.org>	2018-07-09 21:35:50 +0000
committer	Damien Miller <djm@mindrot.org>	2018-07-10 15:27:43 +1000
commit	c7d39ac8dc3587c5f05bdd5bcd098eb5c201c0c8 (patch)
tree	28e4a7c9d114a3ab3c7710850e54b1a8c41f840e /auth.c
parent	c3cb7790e9efb14ba74b2d9f543ad593b3d55b31 (diff)