mirror of git://anongit.mindrot.org/openssh.git
upstream commit
more simplification and removal of SSHv1-related code; ok djm@ Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
This commit is contained in:
naddy@openbsd.org
Damien Miller
parent
2e9c324b3a
commit
3e371bd212
34
authfd.c
34
authfd.c
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: authfd.c,v 1.102 2017/05/04 06:10:57 djm Exp $ */
|
/* $OpenBSD: authfd.c,v 1.103 2017/05/05 10:42:49 naddy Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
|
@ -227,35 +227,21 @@ deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp)
|
||||||
* Fetch list of identities held by the agent.
|
* Fetch list of identities held by the agent.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
|
ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp)
|
||||||
{
|
{
|
||||||
u_char type, code1 = 0, code2 = 0;
|
u_char type;
|
||||||
u_int32_t num, i;
|
u_int32_t num, i;
|
||||||
struct sshbuf *msg;
|
struct sshbuf *msg;
|
||||||
struct ssh_identitylist *idl = NULL;
|
struct ssh_identitylist *idl = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
/* Determine request and expected response types */
|
|
||||||
switch (version) {
|
|
||||||
case 1:
|
|
||||||
code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES;
|
|
||||||
code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER;
|
|
||||||
break;
|
|
||||||
case 2:
|
|
||||||
code1 = SSH2_AGENTC_REQUEST_IDENTITIES;
|
|
||||||
code2 = SSH2_AGENT_IDENTITIES_ANSWER;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
return SSH_ERR_INVALID_ARGUMENT;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Send a message to the agent requesting for a list of the
|
* Send a message to the agent requesting for a list of the
|
||||||
* identities it can represent.
|
* identities it can represent.
|
||||||
*/
|
*/
|
||||||
if ((msg = sshbuf_new()) == NULL)
|
if ((msg = sshbuf_new()) == NULL)
|
||||||
return SSH_ERR_ALLOC_FAIL;
|
return SSH_ERR_ALLOC_FAIL;
|
||||||
if ((r = sshbuf_put_u8(msg, code1)) != 0)
|
if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_REQUEST_IDENTITIES)) != 0)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
if ((r = ssh_request_reply(sock, msg, msg)) != 0)
|
if ((r = ssh_request_reply(sock, msg, msg)) != 0)
|
||||||
|
|
@ -267,7 +253,7 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
|
||||||
if (agent_failed(type)) {
|
if (agent_failed(type)) {
|
||||||
r = SSH_ERR_AGENT_FAILURE;
|
r = SSH_ERR_AGENT_FAILURE;
|
||||||
goto out;
|
goto out;
|
||||||
} else if (type != code2) {
|
} else if (type != SSH2_AGENT_IDENTITIES_ANSWER) {
|
||||||
r = SSH_ERR_INVALID_FORMAT;
|
r = SSH_ERR_INVALID_FORMAT;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
@ -292,12 +278,8 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
for (i = 0; i < num;) {
|
for (i = 0; i < num;) {
|
||||||
switch (version) {
|
if ((r = deserialise_identity2(msg, &(idl->keys[i]),
|
||||||
case 1:
|
&(idl->comments[i]))) != 0) {
|
||||||
break;
|
|
||||||
case 2:
|
|
||||||
if ((r = deserialise_identity2(msg,
|
|
||||||
&(idl->keys[i]), &(idl->comments[i]))) != 0) {
|
|
||||||
if (r == SSH_ERR_KEY_TYPE_UNKNOWN) {
|
if (r == SSH_ERR_KEY_TYPE_UNKNOWN) {
|
||||||
/* Gracefully skip unknown key types */
|
/* Gracefully skip unknown key types */
|
||||||
num--;
|
num--;
|
||||||
|
|
@ -305,8 +287,6 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
|
||||||
} else
|
} else
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
break;
|
|
||||||
}
|
|
||||||
i++;
|
i++;
|
||||||
}
|
}
|
||||||
idl->nkeys = num;
|
idl->nkeys = num;
|
||||||
|
|
|
||||||
5
authfd.h
5
authfd.h
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: authfd.h,v 1.39 2015/12/04 16:41:28 markus Exp $ */
|
/* $OpenBSD: authfd.h,v 1.40 2017/05/05 10:42:49 naddy Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
|
|
@ -27,8 +27,7 @@ int ssh_get_authentication_socket(int *fdp);
|
||||||
void ssh_close_authentication_socket(int sock);
|
void ssh_close_authentication_socket(int sock);
|
||||||
|
|
||||||
int ssh_lock_agent(int sock, int lock, const char *password);
|
int ssh_lock_agent(int sock, int lock, const char *password);
|
||||||
int ssh_fetch_identitylist(int sock, int version,
|
int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp);
|
||||||
struct ssh_identitylist **idlp);
|
|
||||||
void ssh_free_identitylist(struct ssh_identitylist *idl);
|
void ssh_free_identitylist(struct ssh_identitylist *idl);
|
||||||
int ssh_add_identity_constrained(int sock, struct sshkey *key,
|
int ssh_add_identity_constrained(int sock, struct sshkey *key,
|
||||||
const char *comment, u_int life, u_int confirm);
|
const char *comment, u_int life, u_int confirm);
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: pathnames.h,v 1.26 2017/05/03 21:08:09 naddy Exp $ */
|
/* $OpenBSD: pathnames.h,v 1.27 2017/05/05 10:42:49 naddy Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
|
|
@ -71,7 +71,6 @@
|
||||||
* Name of the default file containing client-side authentication key. This
|
* Name of the default file containing client-side authentication key. This
|
||||||
* file should only be readable by the user him/herself.
|
* file should only be readable by the user him/herself.
|
||||||
*/
|
*/
|
||||||
#define _PATH_SSH_CLIENT_IDENTITY _PATH_SSH_USER_DIR "/identity"
|
|
||||||
#define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa"
|
#define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa"
|
||||||
#define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa"
|
#define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa"
|
||||||
#define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa"
|
#define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa"
|
||||||
|
|
|
||||||
32
ssh-add.c
32
ssh-add.c
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: ssh-add.c,v 1.130 2017/05/04 06:10:57 djm Exp $ */
|
/* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
|
@ -362,33 +362,28 @@ static int
|
||||||
list_identities(int agent_fd, int do_fp)
|
list_identities(int agent_fd, int do_fp)
|
||||||
{
|
{
|
||||||
char *fp;
|
char *fp;
|
||||||
int r, had_identities = 0;
|
int r;
|
||||||
struct ssh_identitylist *idlist;
|
struct ssh_identitylist *idlist;
|
||||||
size_t i;
|
size_t i;
|
||||||
int version = 2;
|
|
||||||
|
|
||||||
for (; version <= 2; version++) {
|
if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) {
|
||||||
if ((r = ssh_fetch_identitylist(agent_fd, version,
|
|
||||||
&idlist)) != 0) {
|
|
||||||
if (r != SSH_ERR_AGENT_NO_IDENTITIES)
|
if (r != SSH_ERR_AGENT_NO_IDENTITIES)
|
||||||
fprintf(stderr, "error fetching identities for "
|
fprintf(stderr, "error fetching identities: %s\n",
|
||||||
"protocol %d: %s\n", version, ssh_err(r));
|
ssh_err(r));
|
||||||
continue;
|
else
|
||||||
|
printf("The agent has no identities.\n");
|
||||||
|
return -1;
|
||||||
}
|
}
|
||||||
for (i = 0; i < idlist->nkeys; i++) {
|
for (i = 0; i < idlist->nkeys; i++) {
|
||||||
had_identities = 1;
|
|
||||||
if (do_fp) {
|
if (do_fp) {
|
||||||
fp = sshkey_fingerprint(idlist->keys[i],
|
fp = sshkey_fingerprint(idlist->keys[i],
|
||||||
fingerprint_hash, SSH_FP_DEFAULT);
|
fingerprint_hash, SSH_FP_DEFAULT);
|
||||||
printf("%u %s %s (%s)\n",
|
printf("%u %s %s (%s)\n", sshkey_size(idlist->keys[i]),
|
||||||
sshkey_size(idlist->keys[i]),
|
fp == NULL ? "(null)" : fp, idlist->comments[i],
|
||||||
fp == NULL ? "(null)" : fp,
|
|
||||||
idlist->comments[i],
|
|
||||||
sshkey_type(idlist->keys[i]));
|
sshkey_type(idlist->keys[i]));
|
||||||
free(fp);
|
free(fp);
|
||||||
} else {
|
} else {
|
||||||
if ((r = sshkey_write(idlist->keys[i],
|
if ((r = sshkey_write(idlist->keys[i], stdout)) != 0) {
|
||||||
stdout)) != 0) {
|
|
||||||
fprintf(stderr, "sshkey_write: %s\n",
|
fprintf(stderr, "sshkey_write: %s\n",
|
||||||
ssh_err(r));
|
ssh_err(r));
|
||||||
continue;
|
continue;
|
||||||
|
|
@ -397,11 +392,6 @@ list_identities(int agent_fd, int do_fp)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
ssh_free_identitylist(idlist);
|
ssh_free_identitylist(idlist);
|
||||||
}
|
|
||||||
if (!had_identities) {
|
|
||||||
printf("The agent has no identities.\n");
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: sshconnect2.c,v 1.257 2017/04/30 23:18:44 djm Exp $ */
|
/* $OpenBSD: sshconnect2.c,v 1.258 2017/05/05 10:42:49 naddy Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||||
* Copyright (c) 2008 Damien Miller. All rights reserved.
|
* Copyright (c) 2008 Damien Miller. All rights reserved.
|
||||||
|
|
@ -1345,7 +1345,7 @@ pubkey_prepare(Authctxt *authctxt)
|
||||||
if (r != SSH_ERR_AGENT_NOT_PRESENT)
|
if (r != SSH_ERR_AGENT_NOT_PRESENT)
|
||||||
debug("%s: ssh_get_authentication_socket: %s",
|
debug("%s: ssh_get_authentication_socket: %s",
|
||||||
__func__, ssh_err(r));
|
__func__, ssh_err(r));
|
||||||
} else if ((r = ssh_fetch_identitylist(agent_fd, 2, &idlist)) != 0) {
|
} else if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) {
|
||||||
if (r != SSH_ERR_AGENT_NO_IDENTITIES)
|
if (r != SSH_ERR_AGENT_NO_IDENTITIES)
|
||||||
debug("%s: ssh_fetch_identitylist: %s",
|
debug("%s: ssh_fetch_identitylist: %s",
|
||||||
__func__, ssh_err(r));
|
__func__, ssh_err(r));
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue