diff options
-rw-r--r-- | auth.c | 6 | ||||
-rw-r--r-- | auth.h | 27 | ||||
-rw-r--r-- | auth2-hostbased.c | 6 | ||||
-rw-r--r-- | auth2-pubkey.c | 19 | ||||
-rw-r--r-- | monitor.c | 6 | ||||
-rw-r--r-- | monitor_wrap.c | 14 | ||||
-rw-r--r-- | monitor_wrap.h | 14 | ||||
-rw-r--r-- | ssh-pkcs11-client.c | 6 | ||||
-rw-r--r-- | ssh-pkcs11-helper.c | 14 | ||||
-rw-r--r-- | ssh.c | 10 | ||||
-rw-r--r-- | sshconnect.c | 22 | ||||
-rw-r--r-- | sshconnect.h | 12 | ||||
-rw-r--r-- | sshconnect2.c | 14 | ||||
-rw-r--r-- | sshd.c | 43 |
14 files changed, 110 insertions, 103 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.c,v 1.120 2017/05/17 01:24:17 djm Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.121 2017/05/30 08:52:19 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -428,7 +428,7 @@ authorized_principals_file(struct passwd *pw) | |||
428 | 428 | ||
429 | /* return ok if key exists in sysfile or userfile */ | 429 | /* return ok if key exists in sysfile or userfile */ |
430 | HostStatus | 430 | HostStatus |
431 | check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, | 431 | check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host, |
432 | const char *sysfile, const char *userfile) | 432 | const char *sysfile, const char *userfile) |
433 | { | 433 | { |
434 | char *user_hostfile; | 434 | char *user_hostfile; |
@@ -695,7 +695,7 @@ getpwnamallow(const char *user) | |||
695 | 695 | ||
696 | /* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */ | 696 | /* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */ |
697 | int | 697 | int |
698 | auth_key_is_revoked(Key *key) | 698 | auth_key_is_revoked(struct sshkey *key) |
699 | { | 699 | { |
700 | char *fp = NULL; | 700 | char *fp = NULL; |
701 | int r; | 701 | int r; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.h,v 1.89 2016/08/13 17:47:41 markus Exp $ */ | 1 | /* $OpenBSD: auth.h,v 1.90 2017/05/30 08:52:19 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -117,9 +117,10 @@ auth_rhosts2(struct passwd *, const char *, const char *, const char *); | |||
117 | 117 | ||
118 | int auth_password(Authctxt *, const char *); | 118 | int auth_password(Authctxt *, const char *); |
119 | 119 | ||
120 | int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); | 120 | int hostbased_key_allowed(struct passwd *, const char *, char *, |
121 | int user_key_allowed(struct passwd *, Key *, int); | 121 | struct sshkey *); |
122 | void pubkey_auth_info(Authctxt *, const Key *, const char *, ...) | 122 | int user_key_allowed(struct passwd *, struct sshkey *, int); |
123 | void pubkey_auth_info(Authctxt *, const struct sshkey *, const char *, ...) | ||
123 | __attribute__((__format__ (printf, 3, 4))); | 124 | __attribute__((__format__ (printf, 3, 4))); |
124 | void auth2_record_userkey(Authctxt *, struct sshkey *); | 125 | void auth2_record_userkey(Authctxt *, struct sshkey *); |
125 | int auth2_userkey_already_used(Authctxt *, struct sshkey *); | 126 | int auth2_userkey_already_used(Authctxt *, struct sshkey *); |
@@ -182,22 +183,22 @@ char *authorized_principals_file(struct passwd *); | |||
182 | 183 | ||
183 | FILE *auth_openkeyfile(const char *, struct passwd *, int); | 184 | FILE *auth_openkeyfile(const char *, struct passwd *, int); |
184 | FILE *auth_openprincipals(const char *, struct passwd *, int); | 185 | FILE *auth_openprincipals(const char *, struct passwd *, int); |
185 | int auth_key_is_revoked(Key *); | 186 | int auth_key_is_revoked(struct sshkey *); |
186 | 187 | ||
187 | const char *auth_get_canonical_hostname(struct ssh *, int); | 188 | const char *auth_get_canonical_hostname(struct ssh *, int); |
188 | 189 | ||
189 | HostStatus | 190 | HostStatus |
190 | check_key_in_hostfiles(struct passwd *, Key *, const char *, | 191 | check_key_in_hostfiles(struct passwd *, struct sshkey *, const char *, |
191 | const char *, const char *); | 192 | const char *, const char *); |
192 | 193 | ||
193 | /* hostkey handling */ | 194 | /* hostkey handling */ |
194 | Key *get_hostkey_by_index(int); | 195 | struct sshkey *get_hostkey_by_index(int); |
195 | Key *get_hostkey_public_by_index(int, struct ssh *); | 196 | struct sshkey *get_hostkey_public_by_index(int, struct ssh *); |
196 | Key *get_hostkey_public_by_type(int, int, struct ssh *); | 197 | struct sshkey *get_hostkey_public_by_type(int, int, struct ssh *); |
197 | Key *get_hostkey_private_by_type(int, int, struct ssh *); | 198 | struct sshkey *get_hostkey_private_by_type(int, int, struct ssh *); |
198 | int get_hostkey_index(Key *, int, struct ssh *); | 199 | int get_hostkey_index(struct sshkey *, int, struct ssh *); |
199 | int sshd_hostkey_sign(Key *, Key *, u_char **, size_t *, | 200 | int sshd_hostkey_sign(struct sshkey *, struct sshkey *, u_char **, |
200 | const u_char *, size_t, const char *, u_int); | 201 | size_t *, const u_char *, size_t, const char *, u_int); |
201 | 202 | ||
202 | /* debug messages during authentication */ | 203 | /* debug messages during authentication */ |
203 | void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); | 204 | void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); |
diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 1b3c3b202..92ac20d90 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-hostbased.c,v 1.26 2016/03/07 19:02:43 djm Exp $ */ | 1 | /* $OpenBSD: auth2-hostbased.c,v 1.27 2017/05/30 08:52:19 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -59,7 +59,7 @@ static int | |||
59 | userauth_hostbased(Authctxt *authctxt) | 59 | userauth_hostbased(Authctxt *authctxt) |
60 | { | 60 | { |
61 | Buffer b; | 61 | Buffer b; |
62 | Key *key = NULL; | 62 | struct sshkey *key = NULL; |
63 | char *pkalg, *cuser, *chost, *service; | 63 | char *pkalg, *cuser, *chost, *service; |
64 | u_char *pkblob, *sig; | 64 | u_char *pkblob, *sig; |
65 | u_int alen, blen, slen; | 65 | u_int alen, blen, slen; |
@@ -158,7 +158,7 @@ done: | |||
158 | /* return 1 if given hostkey is allowed */ | 158 | /* return 1 if given hostkey is allowed */ |
159 | int | 159 | int |
160 | hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, | 160 | hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, |
161 | Key *key) | 161 | struct sshkey *key) |
162 | { | 162 | { |
163 | struct ssh *ssh = active_state; /* XXX */ | 163 | struct ssh *ssh = active_state; /* XXX */ |
164 | const char *resolvedname, *ipaddr, *lookup, *reason; | 164 | const char *resolvedname, *ipaddr, *lookup, *reason; |
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 3e5706f4d..38940a6d9 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-pubkey.c,v 1.62 2017/01/30 01:03:00 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.63 2017/05/30 08:52:19 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -78,7 +78,7 @@ static int | |||
78 | userauth_pubkey(Authctxt *authctxt) | 78 | userauth_pubkey(Authctxt *authctxt) |
79 | { | 79 | { |
80 | Buffer b; | 80 | Buffer b; |
81 | Key *key = NULL; | 81 | struct sshkey *key = NULL; |
82 | char *pkalg, *userstyle, *fp = NULL; | 82 | char *pkalg, *userstyle, *fp = NULL; |
83 | u_char *pkblob, *sig; | 83 | u_char *pkblob, *sig; |
84 | u_int alen, blen, slen; | 84 | u_int alen, blen, slen; |
@@ -220,7 +220,8 @@ done: | |||
220 | } | 220 | } |
221 | 221 | ||
222 | void | 222 | void |
223 | pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...) | 223 | pubkey_auth_info(Authctxt *authctxt, const struct sshkey *key, |
224 | const char *fmt, ...) | ||
224 | { | 225 | { |
225 | char *fp, *extra; | 226 | char *fp, *extra; |
226 | va_list ap; | 227 | va_list ap; |
@@ -761,12 +762,12 @@ match_principals_command(struct passwd *user_pw, const struct sshkey *key) | |||
761 | * returns 1 if the key is allowed or 0 otherwise. | 762 | * returns 1 if the key is allowed or 0 otherwise. |
762 | */ | 763 | */ |
763 | static int | 764 | static int |
764 | check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | 765 | check_authkeys_file(FILE *f, char *file, struct sshkey* key, struct passwd *pw) |
765 | { | 766 | { |
766 | char line[SSH_MAX_PUBKEY_BYTES]; | 767 | char line[SSH_MAX_PUBKEY_BYTES]; |
767 | int found_key = 0; | 768 | int found_key = 0; |
768 | u_long linenum = 0; | 769 | u_long linenum = 0; |
769 | Key *found; | 770 | struct sshkey *found; |
770 | 771 | ||
771 | found_key = 0; | 772 | found_key = 0; |
772 | 773 | ||
@@ -876,7 +877,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | |||
876 | 877 | ||
877 | /* Authenticate a certificate key against TrustedUserCAKeys */ | 878 | /* Authenticate a certificate key against TrustedUserCAKeys */ |
878 | static int | 879 | static int |
879 | user_cert_trusted_ca(struct passwd *pw, Key *key) | 880 | user_cert_trusted_ca(struct passwd *pw, struct sshkey *key) |
880 | { | 881 | { |
881 | char *ca_fp, *principals_file = NULL; | 882 | char *ca_fp, *principals_file = NULL; |
882 | const char *reason; | 883 | const char *reason; |
@@ -942,7 +943,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | |||
942 | * returns 1 if the key is allowed or 0 otherwise. | 943 | * returns 1 if the key is allowed or 0 otherwise. |
943 | */ | 944 | */ |
944 | static int | 945 | static int |
945 | user_key_allowed2(struct passwd *pw, Key *key, char *file) | 946 | user_key_allowed2(struct passwd *pw, struct sshkey *key, char *file) |
946 | { | 947 | { |
947 | FILE *f; | 948 | FILE *f; |
948 | int found_key = 0; | 949 | int found_key = 0; |
@@ -965,7 +966,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) | |||
965 | * returns 1 if the key is allowed or 0 otherwise. | 966 | * returns 1 if the key is allowed or 0 otherwise. |
966 | */ | 967 | */ |
967 | static int | 968 | static int |
968 | user_key_command_allowed2(struct passwd *user_pw, Key *key) | 969 | user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key) |
969 | { | 970 | { |
970 | FILE *f = NULL; | 971 | FILE *f = NULL; |
971 | int r, ok, found_key = 0; | 972 | int r, ok, found_key = 0; |
@@ -1088,7 +1089,7 @@ user_key_command_allowed2(struct passwd *user_pw, Key *key) | |||
1088 | * Check whether key authenticates and authorises the user. | 1089 | * Check whether key authenticates and authorises the user. |
1089 | */ | 1090 | */ |
1090 | int | 1091 | int |
1091 | user_key_allowed(struct passwd *pw, Key *key, int auth_attempt) | 1092 | user_key_allowed(struct passwd *pw, struct sshkey *key, int auth_attempt) |
1092 | { | 1093 | { |
1093 | u_int success, i; | 1094 | u_int success, i; |
1094 | char *file; | 1095 | char *file; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.c,v 1.167 2017/02/03 23:05:57 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.168 2017/05/30 08:52:19 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -1119,7 +1119,7 @@ mm_answer_pam_free_ctx(int sock, Buffer *m) | |||
1119 | int | 1119 | int |
1120 | mm_answer_keyallowed(int sock, Buffer *m) | 1120 | mm_answer_keyallowed(int sock, Buffer *m) |
1121 | { | 1121 | { |
1122 | Key *key; | 1122 | struct sshkey *key; |
1123 | char *cuser, *chost; | 1123 | char *cuser, *chost; |
1124 | u_char *blob; | 1124 | u_char *blob; |
1125 | u_int bloblen, pubkey_auth_attempt; | 1125 | u_int bloblen, pubkey_auth_attempt; |
@@ -1332,7 +1332,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, | |||
1332 | int | 1332 | int |
1333 | mm_answer_keyverify(int sock, Buffer *m) | 1333 | mm_answer_keyverify(int sock, Buffer *m) |
1334 | { | 1334 | { |
1335 | Key *key; | 1335 | struct sshkey *key; |
1336 | u_char *signature, *data, *blob; | 1336 | u_char *signature, *data, *blob; |
1337 | u_int signaturelen, datalen, bloblen; | 1337 | u_int signaturelen, datalen, bloblen; |
1338 | int verified = 0; | 1338 | int verified = 0; |
diff --git a/monitor_wrap.c b/monitor_wrap.c index f2eec5a77..0710a10b0 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.c,v 1.90 2017/05/17 01:24:17 djm Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.91 2017/05/30 08:52:19 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -216,7 +216,7 @@ mm_choose_dh(int min, int nbits, int max) | |||
216 | #endif | 216 | #endif |
217 | 217 | ||
218 | int | 218 | int |
219 | mm_key_sign(Key *key, u_char **sigp, u_int *lenp, | 219 | mm_key_sign(struct sshkey *key, u_char **sigp, u_int *lenp, |
220 | const u_char *data, u_int datalen, const char *hostkey_alg) | 220 | const u_char *data, u_int datalen, const char *hostkey_alg) |
221 | { | 221 | { |
222 | struct kex *kex = *pmonitor->m_pkex; | 222 | struct kex *kex = *pmonitor->m_pkex; |
@@ -375,7 +375,8 @@ mm_auth_password(Authctxt *authctxt, char *password) | |||
375 | } | 375 | } |
376 | 376 | ||
377 | int | 377 | int |
378 | mm_user_key_allowed(struct passwd *pw, Key *key, int pubkey_auth_attempt) | 378 | mm_user_key_allowed(struct passwd *pw, struct sshkey *key, |
379 | int pubkey_auth_attempt) | ||
379 | { | 380 | { |
380 | return (mm_key_allowed(MM_USERKEY, NULL, NULL, key, | 381 | return (mm_key_allowed(MM_USERKEY, NULL, NULL, key, |
381 | pubkey_auth_attempt)); | 382 | pubkey_auth_attempt)); |
@@ -383,14 +384,14 @@ mm_user_key_allowed(struct passwd *pw, Key *key, int pubkey_auth_attempt) | |||
383 | 384 | ||
384 | int | 385 | int |
385 | mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host, | 386 | mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host, |
386 | Key *key) | 387 | struct sshkey *key) |
387 | { | 388 | { |
388 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); | 389 | return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0)); |
389 | } | 390 | } |
390 | 391 | ||
391 | int | 392 | int |
392 | mm_key_allowed(enum mm_keytype type, const char *user, const char *host, | 393 | mm_key_allowed(enum mm_keytype type, const char *user, const char *host, |
393 | Key *key, int pubkey_auth_attempt) | 394 | struct sshkey *key, int pubkey_auth_attempt) |
394 | { | 395 | { |
395 | Buffer m; | 396 | Buffer m; |
396 | u_char *blob; | 397 | u_char *blob; |
@@ -435,7 +436,8 @@ mm_key_allowed(enum mm_keytype type, const char *user, const char *host, | |||
435 | */ | 436 | */ |
436 | 437 | ||
437 | int | 438 | int |
438 | mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen) | 439 | mm_key_verify(struct sshkey *key, u_char *sig, u_int siglen, u_char *data, |
440 | u_int datalen) | ||
439 | { | 441 | { |
440 | Buffer m; | 442 | Buffer m; |
441 | u_char *blob; | 443 | u_char *blob; |
diff --git a/monitor_wrap.h b/monitor_wrap.h index db5902f55..a1552d0c9 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.h,v 1.32 2016/09/28 16:33:07 djm Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.h,v 1.33 2017/05/30 08:52:19 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 4 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
@@ -40,16 +40,18 @@ struct Authctxt; | |||
40 | void mm_log_handler(LogLevel, const char *, void *); | 40 | void mm_log_handler(LogLevel, const char *, void *); |
41 | int mm_is_monitor(void); | 41 | int mm_is_monitor(void); |
42 | DH *mm_choose_dh(int, int, int); | 42 | DH *mm_choose_dh(int, int, int); |
43 | int mm_key_sign(Key *, u_char **, u_int *, const u_char *, u_int, const char *); | 43 | int mm_key_sign(struct sshkey *, u_char **, u_int *, const u_char *, u_int, |
44 | const char *); | ||
44 | void mm_inform_authserv(char *, char *); | 45 | void mm_inform_authserv(char *, char *); |
45 | struct passwd *mm_getpwnamallow(const char *); | 46 | struct passwd *mm_getpwnamallow(const char *); |
46 | char *mm_auth2_read_banner(void); | 47 | char *mm_auth2_read_banner(void); |
47 | int mm_auth_password(struct Authctxt *, char *); | 48 | int mm_auth_password(struct Authctxt *, char *); |
48 | int mm_key_allowed(enum mm_keytype, const char *, const char *, Key *, int); | 49 | int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *, |
49 | int mm_user_key_allowed(struct passwd *, Key *, int); | 50 | int); |
51 | int mm_user_key_allowed(struct passwd *, struct sshkey *, int); | ||
50 | int mm_hostbased_key_allowed(struct passwd *, const char *, | 52 | int mm_hostbased_key_allowed(struct passwd *, const char *, |
51 | const char *, Key *); | 53 | const char *, struct sshkey *); |
52 | int mm_key_verify(Key *, u_char *, u_int, u_char *, u_int); | 54 | int mm_key_verify(struct sshkey *, u_char *, u_int, u_char *, u_int); |
53 | 55 | ||
54 | #ifdef GSSAPI | 56 | #ifdef GSSAPI |
55 | OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); | 57 | OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); |
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c index fac0167e6..a79c87210 100644 --- a/ssh-pkcs11-client.c +++ b/ssh-pkcs11-client.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-pkcs11-client.c,v 1.6 2015/12/11 00:20:04 mmcc Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11-client.c,v 1.7 2017/05/30 08:52:19 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -106,7 +106,7 @@ static int | |||
106 | pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, | 106 | pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, |
107 | int padding) | 107 | int padding) |
108 | { | 108 | { |
109 | Key key; | 109 | struct sshkey key; /* XXX */ |
110 | u_char *blob, *signature = NULL; | 110 | u_char *blob, *signature = NULL; |
111 | u_int blen, slen = 0; | 111 | u_int blen, slen = 0; |
112 | int ret = -1; | 112 | int ret = -1; |
@@ -186,7 +186,7 @@ pkcs11_start_helper(void) | |||
186 | int | 186 | int |
187 | pkcs11_add_provider(char *name, char *pin, Key ***keysp) | 187 | pkcs11_add_provider(char *name, char *pin, Key ***keysp) |
188 | { | 188 | { |
189 | Key *k; | 189 | struct sshkey *k; |
190 | int i, nkeys; | 190 | int i, nkeys; |
191 | u_char *blob; | 191 | u_char *blob; |
192 | u_int blen; | 192 | u_int blen; |
diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index 53f41c555..fd3039c14 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-pkcs11-helper.c,v 1.12 2016/02/15 09:47:49 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11-helper.c,v 1.13 2017/05/30 08:52:19 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -42,7 +42,7 @@ | |||
42 | /* borrows code from sftp-server and ssh-agent */ | 42 | /* borrows code from sftp-server and ssh-agent */ |
43 | 43 | ||
44 | struct pkcs11_keyinfo { | 44 | struct pkcs11_keyinfo { |
45 | Key *key; | 45 | struct sshkey *key; |
46 | char *providername; | 46 | char *providername; |
47 | TAILQ_ENTRY(pkcs11_keyinfo) next; | 47 | TAILQ_ENTRY(pkcs11_keyinfo) next; |
48 | }; | 48 | }; |
@@ -60,7 +60,7 @@ Buffer iqueue; | |||
60 | Buffer oqueue; | 60 | Buffer oqueue; |
61 | 61 | ||
62 | static void | 62 | static void |
63 | add_key(Key *k, char *name) | 63 | add_key(struct sshkey *k, char *name) |
64 | { | 64 | { |
65 | struct pkcs11_keyinfo *ki; | 65 | struct pkcs11_keyinfo *ki; |
66 | 66 | ||
@@ -87,8 +87,8 @@ del_keys_by_name(char *name) | |||
87 | } | 87 | } |
88 | 88 | ||
89 | /* lookup matching 'private' key */ | 89 | /* lookup matching 'private' key */ |
90 | static Key * | 90 | static struct sshkey * |
91 | lookup_key(Key *k) | 91 | lookup_key(struct sshkey *k) |
92 | { | 92 | { |
93 | struct pkcs11_keyinfo *ki; | 93 | struct pkcs11_keyinfo *ki; |
94 | 94 | ||
@@ -114,7 +114,7 @@ static void | |||
114 | process_add(void) | 114 | process_add(void) |
115 | { | 115 | { |
116 | char *name, *pin; | 116 | char *name, *pin; |
117 | Key **keys; | 117 | struct sshkey **keys; |
118 | int i, nkeys; | 118 | int i, nkeys; |
119 | u_char *blob; | 119 | u_char *blob; |
120 | u_int blen; | 120 | u_int blen; |
@@ -170,7 +170,7 @@ process_sign(void) | |||
170 | u_char *blob, *data, *signature = NULL; | 170 | u_char *blob, *data, *signature = NULL; |
171 | u_int blen, dlen, slen = 0; | 171 | u_int blen, dlen, slen = 0; |
172 | int ok = -1; | 172 | int ok = -1; |
173 | Key *key, *found; | 173 | struct sshkey *key, *found; |
174 | Buffer msg; | 174 | Buffer msg; |
175 | 175 | ||
176 | blob = get_string(&blen); | 176 | blob = get_string(&blen); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.459 2017/05/02 08:06:33 jmc Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.460 2017/05/30 08:52:19 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1278,7 +1278,7 @@ main(int ac, char **av) | |||
1278 | if (options.hostbased_authentication) { | 1278 | if (options.hostbased_authentication) { |
1279 | sensitive_data.nkeys = 9; | 1279 | sensitive_data.nkeys = 9; |
1280 | sensitive_data.keys = xcalloc(sensitive_data.nkeys, | 1280 | sensitive_data.keys = xcalloc(sensitive_data.nkeys, |
1281 | sizeof(Key)); | 1281 | sizeof(struct sshkey)); /* XXX */ |
1282 | for (i = 0; i < sensitive_data.nkeys; i++) | 1282 | for (i = 0; i < sensitive_data.nkeys; i++) |
1283 | sensitive_data.keys[i] = NULL; | 1283 | sensitive_data.keys[i] = NULL; |
1284 | 1284 | ||
@@ -1849,16 +1849,16 @@ load_public_identity_files(void) | |||
1849 | { | 1849 | { |
1850 | char *filename, *cp, thishost[NI_MAXHOST]; | 1850 | char *filename, *cp, thishost[NI_MAXHOST]; |
1851 | char *pwdir = NULL, *pwname = NULL; | 1851 | char *pwdir = NULL, *pwname = NULL; |
1852 | Key *public; | 1852 | struct sshkey *public; |
1853 | struct passwd *pw; | 1853 | struct passwd *pw; |
1854 | int i; | 1854 | int i; |
1855 | u_int n_ids, n_certs; | 1855 | u_int n_ids, n_certs; |
1856 | char *identity_files[SSH_MAX_IDENTITY_FILES]; | 1856 | char *identity_files[SSH_MAX_IDENTITY_FILES]; |
1857 | Key *identity_keys[SSH_MAX_IDENTITY_FILES]; | 1857 | struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES]; |
1858 | char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; | 1858 | char *certificate_files[SSH_MAX_CERTIFICATE_FILES]; |
1859 | struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; | 1859 | struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES]; |
1860 | #ifdef ENABLE_PKCS11 | 1860 | #ifdef ENABLE_PKCS11 |
1861 | Key **keys; | 1861 | struct sshkey **keys; |
1862 | int nkeys; | 1862 | int nkeys; |
1863 | #endif /* PKCS11 */ | 1863 | #endif /* PKCS11 */ |
1864 | 1864 | ||
diff --git a/sshconnect.c b/sshconnect.c index 0af5f55bc..af7307eb5 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect.c,v 1.278 2017/05/01 02:27:11 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect.c,v 1.279 2017/05/30 08:52:19 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -67,7 +67,7 @@ | |||
67 | 67 | ||
68 | char *client_version_string = NULL; | 68 | char *client_version_string = NULL; |
69 | char *server_version_string = NULL; | 69 | char *server_version_string = NULL; |
70 | Key *previous_host_key = NULL; | 70 | struct sshkey *previous_host_key = NULL; |
71 | 71 | ||
72 | static int matching_host_key_dns = 0; | 72 | static int matching_host_key_dns = 0; |
73 | 73 | ||
@@ -79,8 +79,8 @@ extern char *__progname; | |||
79 | extern uid_t original_real_uid; | 79 | extern uid_t original_real_uid; |
80 | extern uid_t original_effective_uid; | 80 | extern uid_t original_effective_uid; |
81 | 81 | ||
82 | static int show_other_keys(struct hostkeys *, Key *); | 82 | static int show_other_keys(struct hostkeys *, struct sshkey *); |
83 | static void warn_changed_key(Key *); | 83 | static void warn_changed_key(struct sshkey *); |
84 | 84 | ||
85 | /* Expand a proxy command */ | 85 | /* Expand a proxy command */ |
86 | static char * | 86 | static char * |
@@ -667,7 +667,7 @@ confirm(const char *prompt) | |||
667 | } | 667 | } |
668 | 668 | ||
669 | static int | 669 | static int |
670 | check_host_cert(const char *host, const Key *host_key) | 670 | check_host_cert(const char *host, const struct sshkey *host_key) |
671 | { | 671 | { |
672 | const char *reason; | 672 | const char *reason; |
673 | 673 | ||
@@ -765,13 +765,13 @@ get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr, | |||
765 | #define ROQUIET 2 | 765 | #define ROQUIET 2 |
766 | static int | 766 | static int |
767 | check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | 767 | check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, |
768 | Key *host_key, int readonly, | 768 | struct sshkey *host_key, int readonly, |
769 | char **user_hostfiles, u_int num_user_hostfiles, | 769 | char **user_hostfiles, u_int num_user_hostfiles, |
770 | char **system_hostfiles, u_int num_system_hostfiles) | 770 | char **system_hostfiles, u_int num_system_hostfiles) |
771 | { | 771 | { |
772 | HostStatus host_status; | 772 | HostStatus host_status; |
773 | HostStatus ip_status; | 773 | HostStatus ip_status; |
774 | Key *raw_key = NULL; | 774 | struct sshkey *raw_key = NULL; |
775 | char *ip = NULL, *host = NULL; | 775 | char *ip = NULL, *host = NULL; |
776 | char hostline[1000], *hostp, *fp, *ra; | 776 | char hostline[1000], *hostp, *fp, *ra; |
777 | char msg[1024]; | 777 | char msg[1024]; |
@@ -1196,7 +1196,7 @@ fail: | |||
1196 | 1196 | ||
1197 | /* returns 0 if key verifies or -1 if key does NOT verify */ | 1197 | /* returns 0 if key verifies or -1 if key does NOT verify */ |
1198 | int | 1198 | int |
1199 | verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) | 1199 | verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key) |
1200 | { | 1200 | { |
1201 | u_int i; | 1201 | u_int i; |
1202 | int r = -1, flags = 0; | 1202 | int r = -1, flags = 0; |
@@ -1362,7 +1362,7 @@ ssh_put_password(char *password) | |||
1362 | 1362 | ||
1363 | /* print all known host keys for a given host, but skip keys of given type */ | 1363 | /* print all known host keys for a given host, but skip keys of given type */ |
1364 | static int | 1364 | static int |
1365 | show_other_keys(struct hostkeys *hostkeys, Key *key) | 1365 | show_other_keys(struct hostkeys *hostkeys, struct sshkey *key) |
1366 | { | 1366 | { |
1367 | int type[] = { | 1367 | int type[] = { |
1368 | KEY_RSA, | 1368 | KEY_RSA, |
@@ -1402,7 +1402,7 @@ show_other_keys(struct hostkeys *hostkeys, Key *key) | |||
1402 | } | 1402 | } |
1403 | 1403 | ||
1404 | static void | 1404 | static void |
1405 | warn_changed_key(Key *host_key) | 1405 | warn_changed_key(struct sshkey *host_key) |
1406 | { | 1406 | { |
1407 | char *fp; | 1407 | char *fp; |
1408 | 1408 | ||
@@ -1465,7 +1465,7 @@ ssh_local_cmd(const char *args) | |||
1465 | } | 1465 | } |
1466 | 1466 | ||
1467 | void | 1467 | void |
1468 | maybe_add_key_to_agent(char *authfile, Key *private, char *comment, | 1468 | maybe_add_key_to_agent(char *authfile, struct sshkey *private, char *comment, |
1469 | char *passphrase) | 1469 | char *passphrase) |
1470 | { | 1470 | { |
1471 | int auth_sock = -1, r; | 1471 | int auth_sock = -1, r; |
diff --git a/sshconnect.h b/sshconnect.h index cf1851a95..f4e73f7b1 100644 --- a/sshconnect.h +++ b/sshconnect.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect.h,v 1.29 2015/11/15 22:26:49 jcs Exp $ */ | 1 | /* $OpenBSD: sshconnect.h,v 1.30 2017/05/30 08:52:19 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -26,9 +26,9 @@ | |||
26 | 26 | ||
27 | typedef struct Sensitive Sensitive; | 27 | typedef struct Sensitive Sensitive; |
28 | struct Sensitive { | 28 | struct Sensitive { |
29 | Key **keys; | 29 | struct sshkey **keys; |
30 | int nkeys; | 30 | int nkeys; |
31 | int external_keysign; | 31 | int external_keysign; |
32 | }; | 32 | }; |
33 | 33 | ||
34 | struct addrinfo; | 34 | struct addrinfo; |
@@ -41,7 +41,7 @@ void ssh_login(Sensitive *, const char *, struct sockaddr *, u_short, | |||
41 | 41 | ||
42 | void ssh_exchange_identification(int); | 42 | void ssh_exchange_identification(int); |
43 | 43 | ||
44 | int verify_host_key(char *, struct sockaddr *, Key *); | 44 | int verify_host_key(char *, struct sockaddr *, struct sshkey *); |
45 | 45 | ||
46 | void get_hostfile_hostname_ipaddr(char *, struct sockaddr *, u_short, | 46 | void get_hostfile_hostname_ipaddr(char *, struct sockaddr *, u_short, |
47 | char **, char **); | 47 | char **, char **); |
@@ -55,7 +55,7 @@ void ssh_userauth2(const char *, const char *, char *, Sensitive *); | |||
55 | void ssh_put_password(char *); | 55 | void ssh_put_password(char *); |
56 | int ssh_local_cmd(const char *); | 56 | int ssh_local_cmd(const char *); |
57 | 57 | ||
58 | void maybe_add_key_to_agent(char *, Key *, char *, char *); | 58 | void maybe_add_key_to_agent(char *, struct sshkey *, char *, char *); |
59 | 59 | ||
60 | /* | 60 | /* |
61 | * Macros to raise/lower permissions. | 61 | * Macros to raise/lower permissions. |
diff --git a/sshconnect2.c b/sshconnect2.c index 1b79253da..5193c9cea 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.258 2017/05/05 10:42:49 naddy Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.259 2017/05/30 08:52:20 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -93,7 +93,7 @@ char *xxx_host; | |||
93 | struct sockaddr *xxx_hostaddr; | 93 | struct sockaddr *xxx_hostaddr; |
94 | 94 | ||
95 | static int | 95 | static int |
96 | verify_host_key_callback(Key *hostkey, struct ssh *ssh) | 96 | verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) |
97 | { | 97 | { |
98 | if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1) | 98 | if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1) |
99 | fatal("Host key verification failed."); | 99 | fatal("Host key verification failed."); |
@@ -319,7 +319,7 @@ static int sign_and_send_pubkey(Authctxt *, Identity *); | |||
319 | static void pubkey_prepare(Authctxt *); | 319 | static void pubkey_prepare(Authctxt *); |
320 | static void pubkey_cleanup(Authctxt *); | 320 | static void pubkey_cleanup(Authctxt *); |
321 | static void pubkey_reset(Authctxt *); | 321 | static void pubkey_reset(Authctxt *); |
322 | static Key *load_identity_file(Identity *); | 322 | static struct sshkey *load_identity_file(Identity *); |
323 | 323 | ||
324 | static Authmethod *authmethod_get(char *authlist); | 324 | static Authmethod *authmethod_get(char *authlist); |
325 | static Authmethod *authmethod_lookup(const char *name); | 325 | static Authmethod *authmethod_lookup(const char *name); |
@@ -574,7 +574,7 @@ int | |||
574 | input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) | 574 | input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) |
575 | { | 575 | { |
576 | Authctxt *authctxt = ctxt; | 576 | Authctxt *authctxt = ctxt; |
577 | Key *key = NULL; | 577 | struct sshkey *key = NULL; |
578 | Identity *id = NULL; | 578 | Identity *id = NULL; |
579 | Buffer b; | 579 | Buffer b; |
580 | int pktype, sent = 0; | 580 | int pktype, sent = 0; |
@@ -1015,7 +1015,7 @@ static int | |||
1015 | identity_sign(struct identity *id, u_char **sigp, size_t *lenp, | 1015 | identity_sign(struct identity *id, u_char **sigp, size_t *lenp, |
1016 | const u_char *data, size_t datalen, u_int compat) | 1016 | const u_char *data, size_t datalen, u_int compat) |
1017 | { | 1017 | { |
1018 | Key *prv; | 1018 | struct sshkey *prv; |
1019 | int ret; | 1019 | int ret; |
1020 | 1020 | ||
1021 | /* the agent supports this key */ | 1021 | /* the agent supports this key */ |
@@ -1225,10 +1225,10 @@ send_pubkey_test(Authctxt *authctxt, Identity *id) | |||
1225 | return 1; | 1225 | return 1; |
1226 | } | 1226 | } |
1227 | 1227 | ||
1228 | static Key * | 1228 | static struct sshkey * |
1229 | load_identity_file(Identity *id) | 1229 | load_identity_file(Identity *id) |
1230 | { | 1230 | { |
1231 | Key *private = NULL; | 1231 | struct sshkey *private = NULL; |
1232 | char prompt[300], *passphrase, *comment; | 1232 | char prompt[300], *passphrase, *comment; |
1233 | int r, perm_ok = 0, quit = 0, i; | 1233 | int r, perm_ok = 0, quit = 0, i; |
1234 | struct stat st; | 1234 | struct stat st; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.487 2017/04/30 23:18:44 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.488 2017/05/30 08:52:20 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -195,10 +195,10 @@ int have_agent = 0; | |||
195 | * not very useful. Currently, memory locking is not implemented. | 195 | * not very useful. Currently, memory locking is not implemented. |
196 | */ | 196 | */ |
197 | struct { | 197 | struct { |
198 | Key **host_keys; /* all private host keys */ | 198 | struct sshkey **host_keys; /* all private host keys */ |
199 | Key **host_pubkeys; /* all public host keys */ | 199 | struct sshkey **host_pubkeys; /* all public host keys */ |
200 | Key **host_certificates; /* all public host certificates */ | 200 | struct sshkey **host_certificates; /* all public host certificates */ |
201 | int have_ssh2_key; | 201 | int have_ssh2_key; |
202 | } sensitive_data; | 202 | } sensitive_data; |
203 | 203 | ||
204 | /* This is set to true when a signal is received. */ | 204 | /* This is set to true when a signal is received. */ |
@@ -486,7 +486,7 @@ destroy_sensitive_data(void) | |||
486 | void | 486 | void |
487 | demote_sensitive_data(void) | 487 | demote_sensitive_data(void) |
488 | { | 488 | { |
489 | Key *tmp; | 489 | struct sshkey *tmp; |
490 | int i; | 490 | int i; |
491 | 491 | ||
492 | for (i = 0; i < options.num_host_key_files; i++) { | 492 | for (i = 0; i < options.num_host_key_files; i++) { |
@@ -686,7 +686,7 @@ list_hostkey_types(void) | |||
686 | const char *p; | 686 | const char *p; |
687 | char *ret; | 687 | char *ret; |
688 | int i; | 688 | int i; |
689 | Key *key; | 689 | struct sshkey *key; |
690 | 690 | ||
691 | buffer_init(&b); | 691 | buffer_init(&b); |
692 | for (i = 0; i < options.num_host_key_files; i++) { | 692 | for (i = 0; i < options.num_host_key_files; i++) { |
@@ -742,11 +742,11 @@ list_hostkey_types(void) | |||
742 | return ret; | 742 | return ret; |
743 | } | 743 | } |
744 | 744 | ||
745 | static Key * | 745 | static struct sshkey * |
746 | get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) | 746 | get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) |
747 | { | 747 | { |
748 | int i; | 748 | int i; |
749 | Key *key; | 749 | struct sshkey *key; |
750 | 750 | ||
751 | for (i = 0; i < options.num_host_key_files; i++) { | 751 | for (i = 0; i < options.num_host_key_files; i++) { |
752 | switch (type) { | 752 | switch (type) { |
@@ -770,19 +770,19 @@ get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) | |||
770 | return NULL; | 770 | return NULL; |
771 | } | 771 | } |
772 | 772 | ||
773 | Key * | 773 | struct sshkey * |
774 | get_hostkey_public_by_type(int type, int nid, struct ssh *ssh) | 774 | get_hostkey_public_by_type(int type, int nid, struct ssh *ssh) |
775 | { | 775 | { |
776 | return get_hostkey_by_type(type, nid, 0, ssh); | 776 | return get_hostkey_by_type(type, nid, 0, ssh); |
777 | } | 777 | } |
778 | 778 | ||
779 | Key * | 779 | struct sshkey * |
780 | get_hostkey_private_by_type(int type, int nid, struct ssh *ssh) | 780 | get_hostkey_private_by_type(int type, int nid, struct ssh *ssh) |
781 | { | 781 | { |
782 | return get_hostkey_by_type(type, nid, 1, ssh); | 782 | return get_hostkey_by_type(type, nid, 1, ssh); |
783 | } | 783 | } |
784 | 784 | ||
785 | Key * | 785 | struct sshkey * |
786 | get_hostkey_by_index(int ind) | 786 | get_hostkey_by_index(int ind) |
787 | { | 787 | { |
788 | if (ind < 0 || ind >= options.num_host_key_files) | 788 | if (ind < 0 || ind >= options.num_host_key_files) |
@@ -790,7 +790,7 @@ get_hostkey_by_index(int ind) | |||
790 | return (sensitive_data.host_keys[ind]); | 790 | return (sensitive_data.host_keys[ind]); |
791 | } | 791 | } |
792 | 792 | ||
793 | Key * | 793 | struct sshkey * |
794 | get_hostkey_public_by_index(int ind, struct ssh *ssh) | 794 | get_hostkey_public_by_index(int ind, struct ssh *ssh) |
795 | { | 795 | { |
796 | if (ind < 0 || ind >= options.num_host_key_files) | 796 | if (ind < 0 || ind >= options.num_host_key_files) |
@@ -799,7 +799,7 @@ get_hostkey_public_by_index(int ind, struct ssh *ssh) | |||
799 | } | 799 | } |
800 | 800 | ||
801 | int | 801 | int |
802 | get_hostkey_index(Key *key, int compare, struct ssh *ssh) | 802 | get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh) |
803 | { | 803 | { |
804 | int i; | 804 | int i; |
805 | 805 | ||
@@ -1366,8 +1366,8 @@ main(int ac, char **av) | |||
1366 | u_int n; | 1366 | u_int n; |
1367 | u_int64_t ibytes, obytes; | 1367 | u_int64_t ibytes, obytes; |
1368 | mode_t new_umask; | 1368 | mode_t new_umask; |
1369 | Key *key; | 1369 | struct sshkey *key; |
1370 | Key *pubkey; | 1370 | struct sshkey *pubkey; |
1371 | int keytype; | 1371 | int keytype; |
1372 | Authctxt *authctxt; | 1372 | Authctxt *authctxt; |
1373 | struct connection_info *connection_info = get_connection_info(0, 0); | 1373 | struct connection_info *connection_info = get_connection_info(0, 0); |
@@ -1655,9 +1655,9 @@ main(int ac, char **av) | |||
1655 | 1655 | ||
1656 | /* load host keys */ | 1656 | /* load host keys */ |
1657 | sensitive_data.host_keys = xcalloc(options.num_host_key_files, | 1657 | sensitive_data.host_keys = xcalloc(options.num_host_key_files, |
1658 | sizeof(Key *)); | 1658 | sizeof(struct sshkey *)); |
1659 | sensitive_data.host_pubkeys = xcalloc(options.num_host_key_files, | 1659 | sensitive_data.host_pubkeys = xcalloc(options.num_host_key_files, |
1660 | sizeof(Key *)); | 1660 | sizeof(struct sshkey *)); |
1661 | 1661 | ||
1662 | if (options.host_key_agent) { | 1662 | if (options.host_key_agent) { |
1663 | if (strcmp(options.host_key_agent, SSH_AUTHSOCKET_ENV_NAME)) | 1663 | if (strcmp(options.host_key_agent, SSH_AUTHSOCKET_ENV_NAME)) |
@@ -1721,7 +1721,7 @@ main(int ac, char **av) | |||
1721 | * indices to the public keys that they relate to. | 1721 | * indices to the public keys that they relate to. |
1722 | */ | 1722 | */ |
1723 | sensitive_data.host_certificates = xcalloc(options.num_host_key_files, | 1723 | sensitive_data.host_certificates = xcalloc(options.num_host_key_files, |
1724 | sizeof(Key *)); | 1724 | sizeof(struct sshkey *)); |
1725 | for (i = 0; i < options.num_host_key_files; i++) | 1725 | for (i = 0; i < options.num_host_key_files; i++) |
1726 | sensitive_data.host_certificates[i] = NULL; | 1726 | sensitive_data.host_certificates[i] = NULL; |
1727 | 1727 | ||
@@ -2109,8 +2109,9 @@ main(int ac, char **av) | |||
2109 | } | 2109 | } |
2110 | 2110 | ||
2111 | int | 2111 | int |
2112 | sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, size_t *slen, | 2112 | sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey, |
2113 | const u_char *data, size_t dlen, const char *alg, u_int flag) | 2113 | u_char **signature, size_t *slen, const u_char *data, size_t dlen, |
2114 | const char *alg, u_int flag) | ||
2114 | { | 2115 | { |
2115 | int r; | 2116 | int r; |
2116 | u_int xxx_slen, xxx_dlen = dlen; | 2117 | u_int xxx_slen, xxx_dlen = dlen; |