diff options
| author | Damien Miller <djm@mindrot.org> | 2000-07-21 10:19:44 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2000-07-21 10:19:44 +1000 |
| commit | 994cf1426d176e2ee9ba310416544c325e04b155 (patch) | |
| tree | 8e8978bcec4c8a2aa83533936f90e7c3070e9def /sshconnect2.c | |
| parent | 9dec7762798a4f9268e6033945c6dde44925d853 (diff) | |
- (djm) OpenBSD CVS updates:
- markus@cvs.openbsd.org 2000/07/16 02:27:22
[authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c]
make ssh-add accept dsa keys (the agent does not)
- djm@cvs.openbsd.org 2000/07/17 19:25:02
[sshd.c]
Another closing of stdin; ok deraadt
- markus@cvs.openbsd.org 2000/07/19 18:33:12
[dsa.c]
missing free, reorder
- markus@cvs.openbsd.org 2000/07/20 16:23:14
[ssh-keygen.1]
document input and output files
Diffstat (limited to 'sshconnect2.c')
| -rw-r--r-- | sshconnect2.c | 73 |
1 files changed, 43 insertions, 30 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index ae96d534e..22ad39e7f 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
| @@ -28,7 +28,7 @@ | |||
| 28 | */ | 28 | */ |
| 29 | 29 | ||
| 30 | #include "includes.h" | 30 | #include "includes.h" |
| 31 | RCSID("$OpenBSD: sshconnect2.c,v 1.15 2000/06/21 16:46:10 markus Exp $"); | 31 | RCSID("$OpenBSD: sshconnect2.c,v 1.16 2000/07/16 08:27:22 markus Exp $"); |
| 32 | 32 | ||
| 33 | #include <openssl/bn.h> | 33 | #include <openssl/bn.h> |
| 34 | #include <openssl/rsa.h> | 34 | #include <openssl/rsa.h> |
| @@ -286,40 +286,20 @@ ssh2_try_passwd(const char *server_user, const char *host, const char *service) | |||
| 286 | return 1; | 286 | return 1; |
| 287 | } | 287 | } |
| 288 | 288 | ||
| 289 | int | 289 | typedef int sign_fn( |
| 290 | ssh2_try_pubkey(char *filename, | 290 | Key *key, |
| 291 | unsigned char **sigp, int *lenp, | ||
| 292 | unsigned char *data, int datalen); | ||
| 293 | |||
| 294 | void | ||
| 295 | ssh2_sign_and_send_pubkey(Key *k, sign_fn *do_sign, | ||
| 291 | const char *server_user, const char *host, const char *service) | 296 | const char *server_user, const char *host, const char *service) |
| 292 | { | 297 | { |
| 293 | Buffer b; | 298 | Buffer b; |
| 294 | Key *k; | ||
| 295 | unsigned char *blob, *signature; | 299 | unsigned char *blob, *signature; |
| 296 | int bloblen, slen; | 300 | int bloblen, slen; |
| 297 | struct stat st; | ||
| 298 | int skip = 0; | 301 | int skip = 0; |
| 299 | 302 | ||
| 300 | if (stat(filename, &st) != 0) { | ||
| 301 | debug("key does not exist: %s", filename); | ||
| 302 | return 0; | ||
| 303 | } | ||
| 304 | debug("try pubkey: %s", filename); | ||
| 305 | |||
| 306 | k = key_new(KEY_DSA); | ||
| 307 | if (!load_private_key(filename, "", k, NULL)) { | ||
| 308 | int success = 0; | ||
| 309 | char *passphrase; | ||
| 310 | char prompt[300]; | ||
| 311 | snprintf(prompt, sizeof prompt, | ||
| 312 | "Enter passphrase for DSA key '%.100s': ", | ||
| 313 | filename); | ||
| 314 | passphrase = read_passphrase(prompt, 0); | ||
| 315 | success = load_private_key(filename, passphrase, k, NULL); | ||
| 316 | memset(passphrase, 0, strlen(passphrase)); | ||
| 317 | xfree(passphrase); | ||
| 318 | if (!success) { | ||
| 319 | key_free(k); | ||
| 320 | return 0; | ||
| 321 | } | ||
| 322 | } | ||
| 323 | dsa_make_key_blob(k, &blob, &bloblen); | 303 | dsa_make_key_blob(k, &blob, &bloblen); |
| 324 | 304 | ||
| 325 | /* data to be signed */ | 305 | /* data to be signed */ |
| @@ -343,8 +323,8 @@ ssh2_try_pubkey(char *filename, | |||
| 343 | buffer_put_string(&b, blob, bloblen); | 323 | buffer_put_string(&b, blob, bloblen); |
| 344 | 324 | ||
| 345 | /* generate signature */ | 325 | /* generate signature */ |
| 346 | dsa_sign(k, &signature, &slen, buffer_ptr(&b), buffer_len(&b)); | 326 | do_sign(k, &signature, &slen, buffer_ptr(&b), buffer_len(&b)); |
| 347 | key_free(k); | 327 | key_free(k); /* XXX */ |
| 348 | #ifdef DEBUG_DSS | 328 | #ifdef DEBUG_DSS |
| 349 | buffer_dump(&b); | 329 | buffer_dump(&b); |
| 350 | #endif | 330 | #endif |
| @@ -377,6 +357,39 @@ ssh2_try_pubkey(char *filename, | |||
| 377 | /* send */ | 357 | /* send */ |
| 378 | packet_send(); | 358 | packet_send(); |
| 379 | packet_write_wait(); | 359 | packet_write_wait(); |
| 360 | } | ||
| 361 | |||
| 362 | int | ||
| 363 | ssh2_try_pubkey(char *filename, | ||
| 364 | const char *server_user, const char *host, const char *service) | ||
| 365 | { | ||
| 366 | Key *k; | ||
| 367 | struct stat st; | ||
| 368 | |||
| 369 | if (stat(filename, &st) != 0) { | ||
| 370 | debug("key does not exist: %s", filename); | ||
| 371 | return 0; | ||
| 372 | } | ||
| 373 | debug("try pubkey: %s", filename); | ||
| 374 | |||
| 375 | k = key_new(KEY_DSA); | ||
| 376 | if (!load_private_key(filename, "", k, NULL)) { | ||
| 377 | int success = 0; | ||
| 378 | char *passphrase; | ||
| 379 | char prompt[300]; | ||
| 380 | snprintf(prompt, sizeof prompt, | ||
| 381 | "Enter passphrase for DSA key '%.100s': ", | ||
| 382 | filename); | ||
| 383 | passphrase = read_passphrase(prompt, 0); | ||
| 384 | success = load_private_key(filename, passphrase, k, NULL); | ||
| 385 | memset(passphrase, 0, strlen(passphrase)); | ||
| 386 | xfree(passphrase); | ||
| 387 | if (!success) { | ||
| 388 | key_free(k); | ||
| 389 | return 0; | ||
| 390 | } | ||
| 391 | } | ||
| 392 | ssh2_sign_and_send_pubkey(k, dsa_sign, server_user, host, service); | ||
| 380 | return 1; | 393 | return 1; |
| 381 | } | 394 | } |
| 382 | 395 | ||