diff options
Diffstat (limited to 'ssh-keysign.c')
-rw-r--r-- | ssh-keysign.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c index 520927829..7f1d25d8c 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c | |||
@@ -22,7 +22,7 @@ | |||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | */ | 23 | */ |
24 | #include "includes.h" | 24 | #include "includes.h" |
25 | RCSID("$OpenBSD: ssh-keysign.c,v 1.3 2002/06/08 05:07:09 markus Exp $"); | 25 | RCSID("$OpenBSD: ssh-keysign.c,v 1.4 2002/06/19 00:27:55 deraadt Exp $"); |
26 | 26 | ||
27 | #include <openssl/evp.h> | 27 | #include <openssl/evp.h> |
28 | 28 | ||
@@ -59,7 +59,7 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, | |||
59 | 59 | ||
60 | buffer_init(&b); | 60 | buffer_init(&b); |
61 | buffer_append(&b, data, datalen); | 61 | buffer_append(&b, data, datalen); |
62 | 62 | ||
63 | /* session id, currently limited to SHA1 (20 bytes) */ | 63 | /* session id, currently limited to SHA1 (20 bytes) */ |
64 | p = buffer_get_string(&b, &len); | 64 | p = buffer_get_string(&b, &len); |
65 | if (len != 20) | 65 | if (len != 20) |
@@ -104,9 +104,9 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, | |||
104 | if (strlen(host) != len - 1) | 104 | if (strlen(host) != len - 1) |
105 | fail++; | 105 | fail++; |
106 | else if (p[len - 1] != '.') | 106 | else if (p[len - 1] != '.') |
107 | fail++; | 107 | fail++; |
108 | else if (strncasecmp(host, p, len - 1) != 0) | 108 | else if (strncasecmp(host, p, len - 1) != 0) |
109 | fail++; | 109 | fail++; |
110 | xfree(p); | 110 | xfree(p); |
111 | 111 | ||
112 | /* local user */ | 112 | /* local user */ |
@@ -153,14 +153,14 @@ main(int argc, char **argv) | |||
153 | 153 | ||
154 | #ifdef DEBUG_SSH_KEYSIGN | 154 | #ifdef DEBUG_SSH_KEYSIGN |
155 | log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0); | 155 | log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0); |
156 | #endif | 156 | #endif |
157 | 157 | ||
158 | if (key_fd[0] == -1 && key_fd[1] == -1) | 158 | if (key_fd[0] == -1 && key_fd[1] == -1) |
159 | fatal("could not open any host key"); | 159 | fatal("could not open any host key"); |
160 | 160 | ||
161 | if ((pw = getpwuid(getuid())) == NULL) | 161 | if ((pw = getpwuid(getuid())) == NULL) |
162 | fatal("getpwuid failed"); | 162 | fatal("getpwuid failed"); |
163 | pw = pwcopy(pw); | 163 | pw = pwcopy(pw); |
164 | 164 | ||
165 | SSLeay_add_all_algorithms(); | 165 | SSLeay_add_all_algorithms(); |
166 | 166 | ||
@@ -188,7 +188,7 @@ main(int argc, char **argv) | |||
188 | fatal("bad fd"); | 188 | fatal("bad fd"); |
189 | if ((host = get_local_name(fd)) == NULL) | 189 | if ((host = get_local_name(fd)) == NULL) |
190 | fatal("cannot get sockname for fd"); | 190 | fatal("cannot get sockname for fd"); |
191 | 191 | ||
192 | data = buffer_get_string(&b, &dlen); | 192 | data = buffer_get_string(&b, &dlen); |
193 | if (valid_request(pw, host, &key, data, dlen) < 0) | 193 | if (valid_request(pw, host, &key, data, dlen) < 0) |
194 | fatal("not a valid request"); | 194 | fatal("not a valid request"); |
@@ -208,7 +208,7 @@ main(int argc, char **argv) | |||
208 | 208 | ||
209 | if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) | 209 | if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) |
210 | fatal("key_sign failed"); | 210 | fatal("key_sign failed"); |
211 | 211 | ||
212 | /* send reply */ | 212 | /* send reply */ |
213 | buffer_clear(&b); | 213 | buffer_clear(&b); |
214 | buffer_put_string(&b, signature, slen); | 214 | buffer_put_string(&b, signature, slen); |