summaryrefslogtreecommitdiff
path: root/sshd.c
diff options
context:
space:
mode:
authormarkus@openbsd.org <markus@openbsd.org>2015-01-19 20:16:15 +0000
committerDamien Miller <djm@mindrot.org>2015-01-20 09:19:39 +1100
commit57d10cbe861a235dd269c74fb2fe248469ecee9d (patch)
treec65deed24700490bd3b20300c4829d4d5466ff6d /sshd.c
parent3fdc88a0def4f86aa88a5846ac079dc964c0546a (diff)
upstream commit
adapt kex to sshbuf and struct ssh; ok djm@
Diffstat (limited to 'sshd.c')
-rw-r--r--sshd.c47
1 files changed, 24 insertions, 23 deletions
diff --git a/sshd.c b/sshd.c
index e45303988..21d8dd699 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshd.c,v 1.434 2015/01/19 19:52:16 markus Exp $ */ 1/* $OpenBSD: sshd.c,v 1.435 2015/01/19 20:16:15 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -836,7 +836,7 @@ list_hostkey_types(void)
836} 836}
837 837
838static Key * 838static Key *
839get_hostkey_by_type(int type, int need_private) 839get_hostkey_by_type(int type, int need_private, struct ssh *ssh)
840{ 840{
841 int i; 841 int i;
842 Key *key; 842 Key *key;
@@ -865,15 +865,15 @@ get_hostkey_by_type(int type, int need_private)
865} 865}
866 866
867Key * 867Key *
868get_hostkey_public_by_type(int type) 868get_hostkey_public_by_type(int type, struct ssh *ssh)
869{ 869{
870 return get_hostkey_by_type(type, 0); 870 return get_hostkey_by_type(type, 0, ssh);
871} 871}
872 872
873Key * 873Key *
874get_hostkey_private_by_type(int type) 874get_hostkey_private_by_type(int type, struct ssh *ssh)
875{ 875{
876 return get_hostkey_by_type(type, 1); 876 return get_hostkey_by_type(type, 1, ssh);
877} 877}
878 878
879Key * 879Key *
@@ -885,7 +885,7 @@ get_hostkey_by_index(int ind)
885} 885}
886 886
887Key * 887Key *
888get_hostkey_public_by_index(int ind) 888get_hostkey_public_by_index(int ind, struct ssh *ssh)
889{ 889{
890 if (ind < 0 || ind >= options.num_host_key_files) 890 if (ind < 0 || ind >= options.num_host_key_files)
891 return (NULL); 891 return (NULL);
@@ -893,7 +893,7 @@ get_hostkey_public_by_index(int ind)
893} 893}
894 894
895int 895int
896get_hostkey_index(Key *key) 896get_hostkey_index(Key *key, struct ssh *ssh)
897{ 897{
898 int i; 898 int i;
899 899
@@ -2432,29 +2432,30 @@ do_ssh1_kex(void)
2432} 2432}
2433#endif 2433#endif
2434 2434
2435void 2435int
2436sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, u_int *slen, 2436sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, size_t *slen,
2437 u_char *data, u_int dlen) 2437 u_char *data, size_t dlen, u_int flag)
2438{ 2438{
2439 int r; 2439 int r;
2440 u_int xxx_slen, xxx_dlen = dlen;
2440 2441
2441 if (privkey) { 2442 if (privkey) {
2442 if (PRIVSEP(key_sign(privkey, signature, slen, data, dlen) < 0)) 2443 if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen) < 0))
2443 fatal("%s: key_sign failed", __func__); 2444 fatal("%s: key_sign failed", __func__);
2445 if (slen)
2446 *slen = xxx_slen;
2444 } else if (use_privsep) { 2447 } else if (use_privsep) {
2445 if (mm_key_sign(pubkey, signature, slen, data, dlen) < 0) 2448 if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen) < 0)
2446 fatal("%s: pubkey_sign failed", __func__); 2449 fatal("%s: pubkey_sign failed", __func__);
2450 if (slen)
2451 *slen = xxx_slen;
2447 } else { 2452 } else {
2448 size_t xxx_slen; 2453 if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen,
2449
2450 if ((r = ssh_agent_sign(auth_sock, pubkey, signature, &xxx_slen,
2451 data, dlen, datafellows)) != 0) 2454 data, dlen, datafellows)) != 0)
2452 fatal("%s: ssh_agent_sign failed: %s", 2455 fatal("%s: ssh_agent_sign failed: %s",
2453 __func__, ssh_err(r)); 2456 __func__, ssh_err(r));
2454 /* XXX: Old API is u_int; new size_t */
2455 if (slen != NULL)
2456 *slen = xxx_slen;
2457 } 2457 }
2458 return 0;
2458} 2459}
2459 2460
2460/* 2461/*
@@ -2464,7 +2465,7 @@ static void
2464do_ssh2_kex(void) 2465do_ssh2_kex(void)
2465{ 2466{
2466 char *myproposal[PROPOSAL_MAX] = { KEX_SERVER }; 2467 char *myproposal[PROPOSAL_MAX] = { KEX_SERVER };
2467 Kex *kex; 2468 struct kex *kex;
2468 2469
2469 if (options.ciphers != NULL) { 2470 if (options.ciphers != NULL) {
2470 myproposal[PROPOSAL_ENC_ALGS_CTOS] = 2471 myproposal[PROPOSAL_ENC_ALGS_CTOS] =
@@ -2500,8 +2501,8 @@ do_ssh2_kex(void)
2500 list_hostkey_types()); 2501 list_hostkey_types());
2501 2502
2502 /* start key exchange */ 2503 /* start key exchange */
2503 kex = kex_setup(myproposal); 2504 kex_setup(active_state, myproposal);
2504 active_state->kex = kex; 2505 kex = active_state->kex;
2505#ifdef WITH_OPENSSL 2506#ifdef WITH_OPENSSL
2506 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 2507 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
2507 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; 2508 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
@@ -2518,7 +2519,7 @@ do_ssh2_kex(void)
2518 kex->host_key_index=&get_hostkey_index; 2519 kex->host_key_index=&get_hostkey_index;
2519 kex->sign = sshd_hostkey_sign; 2520 kex->sign = sshd_hostkey_sign;
2520 2521
2521 dispatch_run(DISPATCH_BLOCK, &kex->done, kex); 2522 dispatch_run(DISPATCH_BLOCK, &kex->done, active_state);
2522 2523
2523 session_id2 = kex->session_id; 2524 session_id2 = kex->session_id;
2524 session_id2_len = kex->session_id_len; 2525 session_id2_len = kex->session_id_len;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 16:48:21 +0000