diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-10-31 21:23:19 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-11-01 09:46:10 +1100 |
commit | 9a14c64c38fc14d0029f1c7bc70cf62cc7f0fdf9 (patch) | |
tree | d79bb8d66eeba8e353f18dac919cb65d0ad896c7 /sshd.c | |
parent | 07da39f71d36fb547749a5b16aa8892e621a7e4a (diff) |
upstream: Refactor signing - use sshkey_sign for everything,
including the new U2F signatures.
Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.
Suggested by / ok markus@
OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.538 2019/10/29 07:47:27 dtucker Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.539 2019/10/31 21:23:19 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -2209,17 +2209,17 @@ sshd_hostkey_sign(struct ssh *ssh, struct sshkey *privkey, | |||
2209 | if (use_privsep) { | 2209 | if (use_privsep) { |
2210 | if (privkey) { | 2210 | if (privkey) { |
2211 | if (mm_sshkey_sign(ssh, privkey, signature, slenp, | 2211 | if (mm_sshkey_sign(ssh, privkey, signature, slenp, |
2212 | data, dlen, alg, ssh->compat) < 0) | 2212 | data, dlen, alg, NULL, ssh->compat) < 0) |
2213 | fatal("%s: privkey sign failed", __func__); | 2213 | fatal("%s: privkey sign failed", __func__); |
2214 | } else { | 2214 | } else { |
2215 | if (mm_sshkey_sign(ssh, pubkey, signature, slenp, | 2215 | if (mm_sshkey_sign(ssh, pubkey, signature, slenp, |
2216 | data, dlen, alg, ssh->compat) < 0) | 2216 | data, dlen, alg, NULL, ssh->compat) < 0) |
2217 | fatal("%s: pubkey sign failed", __func__); | 2217 | fatal("%s: pubkey sign failed", __func__); |
2218 | } | 2218 | } |
2219 | } else { | 2219 | } else { |
2220 | if (privkey) { | 2220 | if (privkey) { |
2221 | if (sshkey_sign(privkey, signature, slenp, data, dlen, | 2221 | if (sshkey_sign(privkey, signature, slenp, data, dlen, |
2222 | alg, ssh->compat) < 0) | 2222 | alg, NULL, ssh->compat) < 0) |
2223 | fatal("%s: privkey sign failed", __func__); | 2223 | fatal("%s: privkey sign failed", __func__); |
2224 | } else { | 2224 | } else { |
2225 | if ((r = ssh_agent_sign(auth_sock, pubkey, | 2225 | if ((r = ssh_agent_sign(auth_sock, pubkey, |