summaryrefslogtreecommitdiff
path: root/authfd.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-07-21 10:19:44 +1000
committerDamien Miller <djm@mindrot.org>2000-07-21 10:19:44 +1000
commit994cf1426d176e2ee9ba310416544c325e04b155 (patch)
tree8e8978bcec4c8a2aa83533936f90e7c3070e9def /authfd.c
parent9dec7762798a4f9268e6033945c6dde44925d853 (diff)
- (djm) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/07/16 02:27:22 [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c] make ssh-add accept dsa keys (the agent does not) - djm@cvs.openbsd.org 2000/07/17 19:25:02 [sshd.c] Another closing of stdin; ok deraadt - markus@cvs.openbsd.org 2000/07/19 18:33:12 [dsa.c] missing free, reorder - markus@cvs.openbsd.org 2000/07/20 16:23:14 [ssh-keygen.1] document input and output files
Diffstat (limited to 'authfd.c')
-rw-r--r--authfd.c73
1 files changed, 54 insertions, 19 deletions
diff --git a/authfd.c b/authfd.c
index 69fe2ae41..227c99286 100644
--- a/authfd.c
+++ b/authfd.c
@@ -14,17 +14,21 @@
14 */ 14 */
15 15
16#include "includes.h" 16#include "includes.h"
17RCSID("$OpenBSD: authfd.c,v 1.21 2000/06/26 09:22:29 markus Exp $"); 17RCSID("$OpenBSD: authfd.c,v 1.22 2000/07/16 08:27:20 markus Exp $");
18 18
19#include "ssh.h" 19#include "ssh.h"
20#include "rsa.h" 20#include "rsa.h"
21#include "authfd.h"
22#include "buffer.h" 21#include "buffer.h"
23#include "bufaux.h" 22#include "bufaux.h"
24#include "xmalloc.h" 23#include "xmalloc.h"
25#include "getput.h" 24#include "getput.h"
26 25
27#include <openssl/rsa.h> 26#include <openssl/rsa.h>
27#include <openssl/dsa.h>
28#include <openssl/evp.h>
29#include "key.h"
30#include "authfd.h"
31#include "kex.h"
28 32
29/* helper */ 33/* helper */
30int ssh_agent_get_reply(AuthenticationConnection *auth); 34int ssh_agent_get_reply(AuthenticationConnection *auth);
@@ -138,10 +142,7 @@ ssh_get_first_identity(AuthenticationConnection *auth,
138 * Send a message to the agent requesting for a list of the 142 * Send a message to the agent requesting for a list of the
139 * identities it can represent. 143 * identities it can represent.
140 */ 144 */
141 msg[0] = 0; 145 PUT_32BIT(msg, 1);
142 msg[1] = 0;
143 msg[2] = 0;
144 msg[3] = 1;
145 msg[4] = SSH_AGENTC_REQUEST_RSA_IDENTITIES; 146 msg[4] = SSH_AGENTC_REQUEST_RSA_IDENTITIES;
146 if (atomicio(write, auth->fd, msg, 5) != 5) { 147 if (atomicio(write, auth->fd, msg, 5) != 5) {
147 error("write auth->fd: %.100s", strerror(errno)); 148 error("write auth->fd: %.100s", strerror(errno));
@@ -336,31 +337,64 @@ error_cleanup:
336 return 1; 337 return 1;
337} 338}
338 339
340/* Encode key for a message to the agent. */
341
342void
343ssh_encode_identity_rsa(Buffer *b, RSA *key, const char *comment)
344{
345 buffer_clear(b);
346 buffer_put_char(b, SSH_AGENTC_ADD_RSA_IDENTITY);
347 buffer_put_int(b, BN_num_bits(key->n));
348 buffer_put_bignum(b, key->n);
349 buffer_put_bignum(b, key->e);
350 buffer_put_bignum(b, key->d);
351 /* To keep within the protocol: p < q for ssh. in SSL p > q */
352 buffer_put_bignum(b, key->iqmp); /* ssh key->u */
353 buffer_put_bignum(b, key->q); /* ssh key->p, SSL key->q */
354 buffer_put_bignum(b, key->p); /* ssh key->q, SSL key->p */
355 buffer_put_string(b, comment, strlen(comment));
356}
357
358void
359ssh_encode_identity_dsa(Buffer *b, DSA *key, const char *comment)
360{
361 buffer_clear(b);
362 buffer_put_char(b, SSH2_AGENTC_ADD_IDENTITY);
363 buffer_put_cstring(b, KEX_DSS);
364 buffer_put_bignum2(b, key->p);
365 buffer_put_bignum2(b, key->q);
366 buffer_put_bignum2(b, key->g);
367 buffer_put_bignum2(b, key->pub_key);
368 buffer_put_bignum2(b, key->priv_key);
369 buffer_put_string(b, comment, strlen(comment));
370}
371
339/* 372/*
340 * Adds an identity to the authentication server. This call is not meant to 373 * Adds an identity to the authentication server. This call is not meant to
341 * be used by normal applications. 374 * be used by normal applications.
342 */ 375 */
343 376
344int 377int
345ssh_add_identity(AuthenticationConnection *auth, 378ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment)
346 RSA * key, const char *comment)
347{ 379{
348 Buffer buffer; 380 Buffer buffer;
349 unsigned char buf[8192]; 381 unsigned char buf[8192];
350 int len; 382 int len;
351 383
352 /* Format a message to the agent. */
353 buffer_init(&buffer); 384 buffer_init(&buffer);
354 buffer_put_char(&buffer, SSH_AGENTC_ADD_RSA_IDENTITY); 385
355 buffer_put_int(&buffer, BN_num_bits(key->n)); 386 switch (key->type) {
356 buffer_put_bignum(&buffer, key->n); 387 case KEY_RSA:
357 buffer_put_bignum(&buffer, key->e); 388 ssh_encode_identity_rsa(&buffer, key->rsa, comment);
358 buffer_put_bignum(&buffer, key->d); 389 break;
359 /* To keep within the protocol: p < q for ssh. in SSL p > q */ 390 case KEY_DSA:
360 buffer_put_bignum(&buffer, key->iqmp); /* ssh key->u */ 391 ssh_encode_identity_dsa(&buffer, key->dsa, comment);
361 buffer_put_bignum(&buffer, key->q); /* ssh key->p, SSL key->q */ 392 break;
362 buffer_put_bignum(&buffer, key->p); /* ssh key->q, SSL key->p */ 393 default:
363 buffer_put_string(&buffer, comment, strlen(comment)); 394 buffer_free(&buffer);
395 return 0;
396 break;
397 }
364 398
365 /* Get the length of the message, and format it in the buffer. */ 399 /* Get the length of the message, and format it in the buffer. */
366 len = buffer_len(&buffer); 400 len = buffer_len(&buffer);
@@ -487,6 +521,7 @@ ssh_agent_get_reply(AuthenticationConnection *auth)
487 buffer_free(&buffer); 521 buffer_free(&buffer);
488 switch (type) { 522 switch (type) {
489 case SSH_AGENT_FAILURE: 523 case SSH_AGENT_FAILURE:
524log("SSH_AGENT_FAILURE");
490 return 0; 525 return 0;
491 case SSH_AGENT_SUCCESS: 526 case SSH_AGENT_SUCCESS:
492 return 1; 527 return 1;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 07:40:31 +0000