diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-01-22 05:34:40 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-01-22 05:34:40 +0000 |
| commit | 226cfa03781466907dd252916aeade6879e376b8 (patch) | |
| tree | 3251d15053db065d74994b95e17fd65874fcaa9b /ssh-dss.c | |
| parent | 401d58f3612fa030f309d01df9815a2fc1d3c6de (diff) | |
Hopefully things did not get mixed around too much. It compiles under
Linux and works. So that is at least a good sign. =)
20010122
- (bal) OpenBSD Resync
- markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
[servconf.c ssh.h sshd.c]
only auth-chall.c needs #ifdef SKEY
- markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
[auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
ssh1.h sshconnect1.c sshd.c ttymodes.c]
move ssh1 definitions to ssh1.h, pathnames to pathnames.h
- markus@cvs.openbsd.org 2001/01/19 16:48:14
[sshd.8]
fix typo; from stevesk@
- markus@cvs.openbsd.org 2001/01/19 16:50:58
[ssh-dss.c]
clear and free digest, make consistent with other code (use dlen); from
stevesk@
- markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
[auth-options.c auth-options.h auth-rsa.c auth2.c]
pass the filename to auth_parse_options()
- markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
[readconf.c]
fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
- stevesk@cvs.openbsd.org 2001/01/20 18:20:29
[sshconnect2.c]
dh_new_group() does not return NULL. ok markus@
- markus@cvs.openbsd.org 2001/01/20 21:33:42
[ssh-add.c]
do not loop forever if askpass does not exist; from
andrew@pimlott.ne.mediaone.net
- djm@cvs.openbsd.org 2001/01/20 23:00:56
[servconf.c]
Check for NULL return from strdelim; ok markus
- djm@cvs.openbsd.org 2001/01/20 23:02:07
[readconf.c]
KNF; ok markus
- jakob@cvs.openbsd.org 2001/01/21 9:00:33
[ssh-keygen.1]
remove -R flag; ok markus@
- markus@cvs.openbsd.org 2001/01/21 19:05:40
[atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
key.c key.h log-client.c log-server.c log.c log.h login.c login.h
match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
ttysmodes.c uidswap.c xmalloc.c]
split ssh.h and try to cleanup the #include mess. remove unnecessary
#includes. rename util.[ch] -> misc.[ch]
- (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
- (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
conflict when compiling for non-kerb install
- (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
on 1/19.
Diffstat (limited to 'ssh-dss.c')
| -rw-r--r-- | ssh-dss.c | 22 |
1 files changed, 11 insertions, 11 deletions
| @@ -23,19 +23,16 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | #include "includes.h" | 25 | #include "includes.h" |
| 26 | RCSID("$OpenBSD: ssh-dss.c,v 1.2 2000/12/19 23:17:58 markus Exp $"); | 26 | RCSID("$OpenBSD: ssh-dss.c,v 1.4 2001/01/21 19:05:57 markus Exp $"); |
| 27 | |||
| 28 | #include <openssl/bn.h> | ||
| 29 | #include <openssl/evp.h> | ||
| 27 | 30 | ||
| 28 | #include "ssh.h" | ||
| 29 | #include "xmalloc.h" | 31 | #include "xmalloc.h" |
| 30 | #include "buffer.h" | 32 | #include "buffer.h" |
| 31 | #include "bufaux.h" | 33 | #include "bufaux.h" |
| 32 | #include "compat.h" | 34 | #include "compat.h" |
| 33 | 35 | #include "log.h" | |
| 34 | #include <openssl/bn.h> | ||
| 35 | #include <openssl/rsa.h> | ||
| 36 | #include <openssl/dsa.h> | ||
| 37 | #include <openssl/evp.h> | ||
| 38 | |||
| 39 | #include "key.h" | 36 | #include "key.h" |
| 40 | 37 | ||
| 41 | #define INTBLOB_LEN 20 | 38 | #define INTBLOB_LEN 20 |
| @@ -54,7 +51,7 @@ ssh_dss_sign( | |||
| 54 | EVP_MD_CTX md; | 51 | EVP_MD_CTX md; |
| 55 | u_int rlen; | 52 | u_int rlen; |
| 56 | u_int slen; | 53 | u_int slen; |
| 57 | u_int len; | 54 | u_int len, dlen; |
| 58 | u_char sigblob[SIGBLOB_LEN]; | 55 | u_char sigblob[SIGBLOB_LEN]; |
| 59 | Buffer b; | 56 | Buffer b; |
| 60 | 57 | ||
| @@ -62,15 +59,18 @@ ssh_dss_sign( | |||
| 62 | error("ssh_dss_sign: no DSA key"); | 59 | error("ssh_dss_sign: no DSA key"); |
| 63 | return -1; | 60 | return -1; |
| 64 | } | 61 | } |
| 65 | digest = xmalloc(evp_md->md_size); | 62 | dlen = evp_md->md_size; |
| 63 | digest = xmalloc(dlen); | ||
| 66 | EVP_DigestInit(&md, evp_md); | 64 | EVP_DigestInit(&md, evp_md); |
| 67 | EVP_DigestUpdate(&md, data, datalen); | 65 | EVP_DigestUpdate(&md, data, datalen); |
| 68 | EVP_DigestFinal(&md, digest, NULL); | 66 | EVP_DigestFinal(&md, digest, NULL); |
| 69 | 67 | ||
| 70 | sig = DSA_do_sign(digest, evp_md->md_size, key->dsa); | 68 | sig = DSA_do_sign(digest, dlen, key->dsa); |
| 71 | if (sig == NULL) { | 69 | if (sig == NULL) { |
| 72 | fatal("ssh_dss_sign: cannot sign"); | 70 | fatal("ssh_dss_sign: cannot sign"); |
| 73 | } | 71 | } |
| 72 | memset(digest, 0, dlen); | ||
| 73 | xfree(digest); | ||
| 74 | 74 | ||
| 75 | rlen = BN_num_bytes(sig->r); | 75 | rlen = BN_num_bytes(sig->r); |
| 76 | slen = BN_num_bytes(sig->s); | 76 | slen = BN_num_bytes(sig->s); |