authfd.c (137019) | authfd.c (149753) |
---|---|
1/* 2 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * Functions for connecting the local authentication agent. 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this --- 21 unchanged lines hidden (view full) --- 30 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 31 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35 */ 36 37#include "includes.h" | 1/* 2 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * Functions for connecting the local authentication agent. 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this --- 21 unchanged lines hidden (view full) --- 30 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 31 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35 */ 36 37#include "includes.h" |
38RCSID("$OpenBSD: authfd.c,v 1.64 2004/08/11 21:44:31 avsm Exp $"); | 38RCSID("$OpenBSD: authfd.c,v 1.66 2005/06/17 02:44:32 djm Exp $"); |
39 40#include <openssl/evp.h> 41 42#include "ssh.h" 43#include "rsa.h" 44#include "buffer.h" 45#include "bufaux.h" 46#include "xmalloc.h" --- 62 unchanged lines hidden (view full) --- 109 } 110 agent_present = 1; 111 return sock; 112} 113 114static int 115ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply) 116{ | 39 40#include <openssl/evp.h> 41 42#include "ssh.h" 43#include "rsa.h" 44#include "buffer.h" 45#include "bufaux.h" 46#include "xmalloc.h" --- 62 unchanged lines hidden (view full) --- 109 } 110 agent_present = 1; 111 return sock; 112} 113 114static int 115ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply) 116{ |
117 int l; 118 u_int len; | 117 u_int l, len; |
119 char buf[1024]; 120 121 /* Get the length of the message, and format it in the buffer. */ 122 len = buffer_len(request); 123 PUT_32BIT(buf, len); 124 125 /* Send the length and then the packet to the agent. */ 126 if (atomicio(vwrite, auth->fd, buf, 4) != 4 || --- 17 unchanged lines hidden (view full) --- 144 fatal("Authentication response too long: %u", len); 145 146 /* Read the rest of the response in to the buffer. */ 147 buffer_clear(reply); 148 while (len > 0) { 149 l = len; 150 if (l > sizeof(buf)) 151 l = sizeof(buf); | 118 char buf[1024]; 119 120 /* Get the length of the message, and format it in the buffer. */ 121 len = buffer_len(request); 122 PUT_32BIT(buf, len); 123 124 /* Send the length and then the packet to the agent. */ 125 if (atomicio(vwrite, auth->fd, buf, 4) != 4 || --- 17 unchanged lines hidden (view full) --- 143 fatal("Authentication response too long: %u", len); 144 145 /* Read the rest of the response in to the buffer. */ 146 buffer_clear(reply); 147 while (len > 0) { 148 l = len; 149 if (l > sizeof(buf)) 150 l = sizeof(buf); |
152 l = atomicio(read, auth->fd, buf, l); 153 if (l <= 0) { | 151 if (atomicio(read, auth->fd, buf, l) != l) { |
154 error("Error reading response from authentication socket."); 155 return 0; 156 } 157 buffer_append(reply, buf, l); 158 len -= l; 159 } 160 return 1; 161} --- 136 unchanged lines hidden (view full) --- 298 if (ssh_get_num_identities(auth, version) > 0) 299 return ssh_get_next_identity(auth, comment, version); 300 return NULL; 301} 302 303Key * 304ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version) 305{ | 152 error("Error reading response from authentication socket."); 153 return 0; 154 } 155 buffer_append(reply, buf, l); 156 len -= l; 157 } 158 return 1; 159} --- 136 unchanged lines hidden (view full) --- 296 if (ssh_get_num_identities(auth, version) > 0) 297 return ssh_get_next_identity(auth, comment, version); 298 return NULL; 299} 300 301Key * 302ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version) 303{ |
304 int keybits; |
|
306 u_int bits; 307 u_char *blob; 308 u_int blen; 309 Key *key = NULL; 310 311 /* Return failure if no more entries. */ 312 if (auth->howmany <= 0) 313 return NULL; --- 4 unchanged lines hidden (view full) --- 318 */ 319 switch (version) { 320 case 1: 321 key = key_new(KEY_RSA1); 322 bits = buffer_get_int(&auth->identities); 323 buffer_get_bignum(&auth->identities, key->rsa->e); 324 buffer_get_bignum(&auth->identities, key->rsa->n); 325 *comment = buffer_get_string(&auth->identities, NULL); | 305 u_int bits; 306 u_char *blob; 307 u_int blen; 308 Key *key = NULL; 309 310 /* Return failure if no more entries. */ 311 if (auth->howmany <= 0) 312 return NULL; --- 4 unchanged lines hidden (view full) --- 317 */ 318 switch (version) { 319 case 1: 320 key = key_new(KEY_RSA1); 321 bits = buffer_get_int(&auth->identities); 322 buffer_get_bignum(&auth->identities, key->rsa->e); 323 buffer_get_bignum(&auth->identities, key->rsa->n); 324 *comment = buffer_get_string(&auth->identities, NULL); |
326 if (bits != BN_num_bits(key->rsa->n)) | 325 keybits = BN_num_bits(key->rsa->n); 326 if (keybits < 0 || bits != (u_int)keybits) |
327 logit("Warning: identity keysize mismatch: actual %d, announced %u", 328 BN_num_bits(key->rsa->n), bits); 329 break; 330 case 2: 331 blob = buffer_get_string(&auth->identities, &blen); 332 *comment = buffer_get_string(&auth->identities, NULL); 333 key = key_from_blob(blob, blen); 334 xfree(blob); --- 328 unchanged lines hidden --- | 327 logit("Warning: identity keysize mismatch: actual %d, announced %u", 328 BN_num_bits(key->rsa->n), bits); 329 break; 330 case 2: 331 blob = buffer_get_string(&auth->identities, &blen); 332 *comment = buffer_get_string(&auth->identities, NULL); 333 key = key_from_blob(blob, blen); 334 xfree(blob); --- 328 unchanged lines hidden --- |