version 1.64.2.2, 2006/11/08 00:17:14 |
version 1.65, 2006/03/19 18:51:18 |
|
|
/* $OpenBSD$ */ |
|
/* |
/* |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
|
|
* called by a name other than "ssh" or "Secure Shell". |
* called by a name other than "ssh" or "Secure Shell". |
*/ |
*/ |
|
|
|
#include "includes.h" |
|
|
#include <sys/types.h> |
#include <sys/types.h> |
#include <sys/stat.h> |
#include <sys/stat.h> |
|
|
#include <openssl/rsa.h> |
#include <openssl/rsa.h> |
#include <openssl/md5.h> |
#include <openssl/md5.h> |
|
|
#include <pwd.h> |
|
#include <stdio.h> |
|
#include <string.h> |
|
|
|
#include "xmalloc.h" |
|
#include "rsa.h" |
#include "rsa.h" |
#include "packet.h" |
#include "packet.h" |
|
#include "xmalloc.h" |
#include "ssh1.h" |
#include "ssh1.h" |
#include "uidswap.h" |
#include "uidswap.h" |
#include "match.h" |
#include "match.h" |
#include "buffer.h" |
|
#include "auth-options.h" |
#include "auth-options.h" |
#include "pathnames.h" |
#include "pathnames.h" |
#include "log.h" |
#include "log.h" |
#include "servconf.h" |
#include "servconf.h" |
#include "key.h" |
|
#include "hostfile.h" |
|
#include "auth.h" |
#include "auth.h" |
#ifdef GSSAPI |
#include "hostfile.h" |
#include "ssh-gss.h" |
|
#endif |
|
#include "monitor_wrap.h" |
#include "monitor_wrap.h" |
#include "ssh.h" |
#include "ssh.h" |
#include "misc.h" |
#include "misc.h" |
|
|
if ((challenge = BN_new()) == NULL) |
if ((challenge = BN_new()) == NULL) |
fatal("auth_rsa_generate_challenge: BN_new() failed"); |
fatal("auth_rsa_generate_challenge: BN_new() failed"); |
/* Generate a random challenge. */ |
/* Generate a random challenge. */ |
if (BN_rand(challenge, 256, 0, 0) == 0) |
BN_rand(challenge, 256, 0, 0); |
fatal("auth_rsa_generate_challenge: BN_rand failed"); |
|
if ((ctx = BN_CTX_new()) == NULL) |
if ((ctx = BN_CTX_new()) == NULL) |
fatal("auth_rsa_generate_challenge: BN_CTX_new failed"); |
fatal("auth_rsa_generate_challenge: BN_CTX_new() failed"); |
if (BN_mod(challenge, challenge, key->rsa->n, ctx) == 0) |
BN_mod(challenge, challenge, key->rsa->n, ctx); |
fatal("auth_rsa_generate_challenge: BN_mod failed"); |
|
BN_CTX_free(ctx); |
BN_CTX_free(ctx); |
|
|
return challenge; |
return challenge; |
|
|
/* Wait for a response. */ |
/* Wait for a response. */ |
packet_read_expect(SSH_CMSG_AUTH_RSA_RESPONSE); |
packet_read_expect(SSH_CMSG_AUTH_RSA_RESPONSE); |
for (i = 0; i < 16; i++) |
for (i = 0; i < 16; i++) |
response[i] = (u_char)packet_get_char(); |
response[i] = packet_get_char(); |
packet_check_eom(); |
packet_check_eom(); |
|
|
success = PRIVSEP(auth_rsa_verify_response(key, challenge, response)); |
success = PRIVSEP(auth_rsa_verify_response(key, challenge, response)); |