- markus@cvs.openbsd.org 2001/06/06 23:13:54

[ssh-dss.c ssh-rsa.c] cleanup, remove old code
2001-06-09 01:36:21 +00:00 · 2001-06-09 01:36:21 +00:00 · c66d436f60
parent cb3929d1d9
commit c66d436f60
3 changed files with 18 additions and 47 deletions
--- a/5
+++ b/5
@ -56,6 +56,9 @@
   - markus@cvs.openbsd.org 2001/06/05 16:46:19
     [session.c]
     let session_close() delete the pty.  deny x11fwd if xauthfile is set.
+   - markus@cvs.openbsd.org 2001/06/06 23:13:54
+     [ssh-dss.c ssh-rsa.c]
+     cleanup, remove old code

 20010606
 - OpenBSD CVS Sync
@ -5567,4 +5570,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1

-$Id: ChangeLog,v 1.1263 2001/06/09 01:34:15 mouring Exp $
+$Id: ChangeLog,v 1.1264 2001/06/09 01:36:21 mouring Exp $
--- a/ssh-dss.c
+++ b/ssh-dss.c
@ -23,7 +23,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.7 2001/06/06 23:13:54 markus Exp $");

 #include <openssl/bn.h>
 #include <openssl/evp.h>
@ -45,15 +45,11 @@ ssh_dss_sign(
    u_char **sigp, int *lenp,
    u_char *data, int datalen)
 {
-	u_char *digest;
-	u_char *ret;
 	DSA_SIG *sig;
 	EVP_MD *evp_md = EVP_sha1();
 	EVP_MD_CTX md;
-	u_int rlen;
-	u_int slen;
-	u_int len, dlen;
-	u_char sigblob[SIGBLOB_LEN];
+	u_char *digest, *ret, sigblob[SIGBLOB_LEN];
+	u_int rlen, slen, len, dlen;
 	Buffer b;

 	if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
@ -67,11 +63,13 @@ ssh_dss_sign(
 	EVP_DigestFinal(&md, digest, NULL);

 	sig = DSA_do_sign(digest, dlen, key->dsa);
-	if (sig == NULL) {
-		fatal("ssh_dss_sign: cannot sign");
-	}
+
 	memset(digest, 0, dlen);
 	xfree(digest);
+	if (sig == NULL) {
+		error("ssh_dss_sign: sign failed");
+		return -1;
+	}

 	rlen = BN_num_bytes(sig->r);
 	slen = BN_num_bytes(sig->s);
@ -80,15 +78,12 @@ ssh_dss_sign(
 		DSA_SIG_free(sig);
 		return -1;
 	}
-	debug("sig size %d %d", rlen, slen);
-
 	memset(sigblob, 0, SIGBLOB_LEN);
 	BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
 	BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
 	DSA_SIG_free(sig);

 	if (datafellows & SSH_BUG_SIGBLOB) {
-		debug("datafellows");
 		ret = xmalloc(SIGBLOB_LEN);
 		memcpy(ret, sigblob, SIGBLOB_LEN);
 		if (lenp != NULL)
@ -117,34 +112,19 @@ ssh_dss_verify(
    u_char *signature, int signaturelen,
    u_char *data, int datalen)
 {
-	Buffer b;
-	u_char *digest;
 	DSA_SIG *sig;
 	EVP_MD *evp_md = EVP_sha1();
 	EVP_MD_CTX md;
-	u_char *sigblob;
-	char *txt;
+	u_char *digest, *sigblob;
 	u_int len, dlen;
-	int rlen;
-	int ret;
+	int rlen, ret;
+	Buffer b;

 	if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
 		error("ssh_dss_verify: no DSA key");
 		return -1;
 	}

-	if (!(datafellows & SSH_BUG_SIGBLOB) &&
-	    signaturelen == SIGBLOB_LEN) {
-		datafellows |= ~SSH_BUG_SIGBLOB;
-		log("autodetect SSH_BUG_SIGBLOB");
-	} else if ((datafellows & SSH_BUG_SIGBLOB) &&
-	    signaturelen != SIGBLOB_LEN) {
-		log("autoremove SSH_BUG_SIGBLOB");
-		datafellows &= ~SSH_BUG_SIGBLOB;
-	}
-
-	debug("len %d datafellows %d", signaturelen, datafellows);
-
 	/* fetch signature */
 	if (datafellows & SSH_BUG_SIGBLOB) {
 		sigblob = signature;
@ -200,18 +180,7 @@ ssh_dss_verify(
 	xfree(digest);
 	DSA_SIG_free(sig);

-	switch (ret) {
-	case 1:
-		txt = "correct";
-		break;
-	case 0:
-		txt = "incorrect";
-		break;
-	case -1:
-	default:
-		txt = "error";
-		break;
-	}
-	debug("ssh_dss_verify: signature %s", txt);
+	debug("ssh_dss_verify: signature %s",
+	    ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
 	return ret;
 }
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@ -23,7 +23,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.8 2001/03/27 10:57:00 markus Exp $");
+RCSID("$OpenBSD: ssh-rsa.c,v 1.9 2001/06/06 23:13:54 markus Exp $");

 #include <openssl/evp.h>
 #include <openssl/err.h>
@ -103,7 +103,6 @@ ssh_rsa_sign(
 		*lenp = len;
 	if (sigp != NULL)
 		*sigp = ret;
-	debug2("ssh_rsa_sign: done");
 	return 0;
 }