diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-26 13:44:06 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-26 13:44:06 +0000 |
| commit | d0fca423fcee576f4787d01f8bad3f9c0efd62ab (patch) | |
| tree | 696cb73350804862b8e39ccb53dc4edff2f68976 /ssh.c | |
| parent | 7bfff36ca3acf469de9fcad98826562ea6c1fbbe (diff) | |
- markus@cvs.openbsd.org 2001/03/26 08:07:09
[authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
simpler key load/save interface, see authfile.h
Diffstat (limited to 'ssh.c')
| -rw-r--r-- | ssh.c | 54 |
1 files changed, 9 insertions, 45 deletions
| @@ -39,7 +39,7 @@ | |||
| 39 | */ | 39 | */ |
| 40 | 40 | ||
| 41 | #include "includes.h" | 41 | #include "includes.h" |
| 42 | RCSID("$OpenBSD: ssh.c,v 1.104 2001/03/08 21:42:32 markus Exp $"); | 42 | RCSID("$OpenBSD: ssh.c,v 1.105 2001/03/26 08:07:09 markus Exp $"); |
| 43 | 43 | ||
| 44 | #include <openssl/evp.h> | 44 | #include <openssl/evp.h> |
| 45 | #include <openssl/err.h> | 45 | #include <openssl/err.h> |
| @@ -130,11 +130,8 @@ struct sockaddr_storage hostaddr; | |||
| 130 | */ | 130 | */ |
| 131 | volatile int received_window_change_signal = 0; | 131 | volatile int received_window_change_signal = 0; |
| 132 | 132 | ||
| 133 | /* Flag indicating whether we have a valid host private key loaded. */ | ||
| 134 | int host_private_key_loaded = 0; | ||
| 135 | |||
| 136 | /* Host private key. */ | 133 | /* Host private key. */ |
| 137 | RSA *host_private_key = NULL; | 134 | Key *host_private_key = NULL; |
| 138 | 135 | ||
| 139 | /* Original real UID. */ | 136 | /* Original real UID. */ |
| 140 | uid_t original_real_uid; | 137 | uid_t original_real_uid; |
| @@ -631,12 +628,8 @@ main(int ac, char **av) | |||
| 631 | * privileges, because the file is only readable by root. | 628 | * privileges, because the file is only readable by root. |
| 632 | */ | 629 | */ |
| 633 | if (ok && (options.protocol & SSH_PROTO_1)) { | 630 | if (ok && (options.protocol & SSH_PROTO_1)) { |
| 634 | Key k; | 631 | host_private_key = key_load_private_type(KEY_RSA1, |
| 635 | host_private_key = RSA_new(); | 632 | _PATH_HOST_KEY_FILE, "", NULL); |
| 636 | k.type = KEY_RSA1; | ||
| 637 | k.rsa = host_private_key; | ||
| 638 | if (load_private_key(_PATH_HOST_KEY_FILE, "", &k, NULL)) | ||
| 639 | host_private_key_loaded = 1; | ||
| 640 | } | 633 | } |
| 641 | /* | 634 | /* |
| 642 | * Get rid of any extra privileges that we may have. We will no | 635 | * Get rid of any extra privileges that we may have. We will no |
| @@ -695,12 +688,12 @@ main(int ac, char **av) | |||
| 695 | tilde_expand_filename(options.user_hostfile2, original_real_uid); | 688 | tilde_expand_filename(options.user_hostfile2, original_real_uid); |
| 696 | 689 | ||
| 697 | /* Log into the remote system. This never returns if the login fails. */ | 690 | /* Log into the remote system. This never returns if the login fails. */ |
| 698 | ssh_login(host_private_key_loaded, host_private_key, | 691 | ssh_login(host_private_key, host, (struct sockaddr *)&hostaddr, |
| 699 | host, (struct sockaddr *)&hostaddr, original_real_uid); | 692 | original_real_uid); |
| 700 | 693 | ||
| 701 | /* We no longer need the host private key. Clear it now. */ | 694 | /* We no longer need the host private key. Clear it now. */ |
| 702 | if (host_private_key_loaded) | 695 | if (host_private_key != NULL) |
| 703 | RSA_free(host_private_key); /* Destroys contents safely */ | 696 | key_free(host_private_key); /* Destroys contents safely */ |
| 704 | 697 | ||
| 705 | exit_status = compat20 ? ssh_session2() : ssh_session(); | 698 | exit_status = compat20 ? ssh_session2() : ssh_session(); |
| 706 | packet_close(); | 699 | packet_close(); |
| @@ -1074,26 +1067,6 @@ ssh_session2(void) | |||
| 1074 | return client_loop(tty_flag, tty_flag ? options.escape_char : -1, id); | 1067 | return client_loop(tty_flag, tty_flag ? options.escape_char : -1, id); |
| 1075 | } | 1068 | } |
| 1076 | 1069 | ||
| 1077 | int | ||
| 1078 | guess_identity_file_type(const char *filename) | ||
| 1079 | { | ||
| 1080 | struct stat st; | ||
| 1081 | Key *public; | ||
| 1082 | int type = KEY_RSA1; /* default */ | ||
| 1083 | |||
| 1084 | if (stat(filename, &st) < 0) { | ||
| 1085 | /* ignore this key */ | ||
| 1086 | return KEY_UNSPEC; | ||
| 1087 | } | ||
| 1088 | public = key_new(type); | ||
| 1089 | if (!load_public_key(filename, public, NULL)) { | ||
| 1090 | /* ok, so we will assume this is 'some' key */ | ||
| 1091 | type = KEY_UNSPEC; | ||
| 1092 | } | ||
| 1093 | key_free(public); | ||
| 1094 | return type; | ||
| 1095 | } | ||
| 1096 | |||
| 1097 | void | 1070 | void |
| 1098 | load_public_identity_files(void) | 1071 | load_public_identity_files(void) |
| 1099 | { | 1072 | { |
| @@ -1104,16 +1077,7 @@ load_public_identity_files(void) | |||
| 1104 | for (i = 0; i < options.num_identity_files; i++) { | 1077 | for (i = 0; i < options.num_identity_files; i++) { |
| 1105 | filename = tilde_expand_filename(options.identity_files[i], | 1078 | filename = tilde_expand_filename(options.identity_files[i], |
| 1106 | original_real_uid); | 1079 | original_real_uid); |
| 1107 | public = key_new(KEY_RSA1); | 1080 | public = key_load_public(filename, NULL); |
| 1108 | if (!load_public_key(filename, public, NULL)) { | ||
| 1109 | key_free(public); | ||
| 1110 | public = key_new(KEY_UNSPEC); | ||
| 1111 | if (!try_load_public_key(filename, public, NULL)) { | ||
| 1112 | debug("unknown identity file %s", filename); | ||
| 1113 | key_free(public); | ||
| 1114 | public = NULL; | ||
| 1115 | } | ||
| 1116 | } | ||
| 1117 | debug("identity file %s type %d", filename, | 1081 | debug("identity file %s type %d", filename, |
| 1118 | public ? public->type : -1); | 1082 | public ? public->type : -1); |
| 1119 | xfree(options.identity_files[i]); | 1083 | xfree(options.identity_files[i]); |