diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-26 13:44:06 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-03-26 13:44:06 +0000 |
commit | d0fca423fcee576f4787d01f8bad3f9c0efd62ab (patch) | |
tree | 696cb73350804862b8e39ccb53dc4edff2f68976 /sshd.c | |
parent | 7bfff36ca3acf469de9fcad98826562ea6c1fbbe (diff) |
- markus@cvs.openbsd.org 2001/03/26 08:07:09
[authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
simpler key load/save interface, see authfile.h
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 43 |
1 files changed, 7 insertions, 36 deletions
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: sshd.c,v 1.178 2001/03/23 14:28:32 markus Exp $"); | 43 | RCSID("$OpenBSD: sshd.c,v 1.179 2001/03/26 08:07:09 markus Exp $"); |
44 | 44 | ||
45 | #include <openssl/dh.h> | 45 | #include <openssl/dh.h> |
46 | #include <openssl/bn.h> | 46 | #include <openssl/bn.h> |
@@ -454,39 +454,6 @@ destroy_sensitive_data(void) | |||
454 | sensitive_data.ssh1_host_key = NULL; | 454 | sensitive_data.ssh1_host_key = NULL; |
455 | memset(sensitive_data.ssh1_cookie, 0, SSH_SESSION_KEY_LENGTH); | 455 | memset(sensitive_data.ssh1_cookie, 0, SSH_SESSION_KEY_LENGTH); |
456 | } | 456 | } |
457 | Key * | ||
458 | load_private_key_autodetect(const char *filename) | ||
459 | { | ||
460 | struct stat st; | ||
461 | int type; | ||
462 | Key *public, *private; | ||
463 | |||
464 | if (stat(filename, &st) < 0) { | ||
465 | perror(filename); | ||
466 | return NULL; | ||
467 | } | ||
468 | /* | ||
469 | * try to load the public key. right now this only works for RSA1, | ||
470 | * since SSH2 keys are fully encrypted | ||
471 | */ | ||
472 | type = KEY_RSA1; | ||
473 | public = key_new(type); | ||
474 | if (!load_public_key(filename, public, NULL)) { | ||
475 | /* ok, so we will assume this is 'some' key */ | ||
476 | type = KEY_UNSPEC; | ||
477 | } | ||
478 | key_free(public); | ||
479 | |||
480 | /* Ok, try key with empty passphrase */ | ||
481 | private = key_new(type); | ||
482 | if (load_private_key(filename, "", private, NULL)) { | ||
483 | debug("load_private_key_autodetect: type %d %s", | ||
484 | private->type, key_type(private)); | ||
485 | return private; | ||
486 | } | ||
487 | key_free(private); | ||
488 | return NULL; | ||
489 | } | ||
490 | 457 | ||
491 | char * | 458 | char * |
492 | list_hostkey_types(void) | 459 | list_hostkey_types(void) |
@@ -579,6 +546,7 @@ main(int ac, char **av) | |||
579 | int listen_sock, maxfd; | 546 | int listen_sock, maxfd; |
580 | int startup_p[2]; | 547 | int startup_p[2]; |
581 | int startups = 0; | 548 | int startups = 0; |
549 | Key *key; | ||
582 | int ret, key_used = 0; | 550 | int ret, key_used = 0; |
583 | 551 | ||
584 | __progname = get_progname(av[0]); | 552 | __progname = get_progname(av[0]); |
@@ -716,10 +684,12 @@ main(int ac, char **av) | |||
716 | sensitive_data.have_ssh2_key = 0; | 684 | sensitive_data.have_ssh2_key = 0; |
717 | 685 | ||
718 | for(i = 0; i < options.num_host_key_files; i++) { | 686 | for(i = 0; i < options.num_host_key_files; i++) { |
719 | Key *key = load_private_key_autodetect(options.host_key_files[i]); | 687 | key = key_load_private(options.host_key_files[i], "", NULL); |
688 | sensitive_data.host_keys[i] = key; | ||
720 | if (key == NULL) { | 689 | if (key == NULL) { |
721 | error("Could not load host key: %.200s: %.100s", | 690 | error("Could not load host key: %.200s: %.100s", |
722 | options.host_key_files[i], strerror(errno)); | 691 | options.host_key_files[i], strerror(errno)); |
692 | sensitive_data.host_keys[i] = NULL; | ||
723 | continue; | 693 | continue; |
724 | } | 694 | } |
725 | switch(key->type){ | 695 | switch(key->type){ |
@@ -732,7 +702,8 @@ main(int ac, char **av) | |||
732 | sensitive_data.have_ssh2_key = 1; | 702 | sensitive_data.have_ssh2_key = 1; |
733 | break; | 703 | break; |
734 | } | 704 | } |
735 | sensitive_data.host_keys[i] = key; | 705 | debug("private host key: #%d type %d %s", i, key->type, |
706 | key_type(key)); | ||
736 | } | 707 | } |
737 | if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) { | 708 | if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) { |
738 | log("Disabling protocol version 1. Could not load host key"); | 709 | log("Disabling protocol version 1. Could not load host key"); |