| version 1.45, 2001/09/19 19:35:30 |
version 1.45.2.3, 2002/06/22 07:23:17 |
|
|
| /* macro to check for "agent failure" message */ |
/* macro to check for "agent failure" message */ |
| #define agent_failed(x) \ |
#define agent_failed(x) \ |
| ((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE) || \ |
((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE) || \ |
| (x == SSH2_AGENT_FAILURE)) |
(x == SSH2_AGENT_FAILURE)) |
| |
|
| /* Returns the number of the authentication fd, or -1 if there is none. */ |
/* Returns the number of the authentication fd, or -1 if there is none. */ |
| |
|
|
|
| xfree(auth); |
xfree(auth); |
| } |
} |
| |
|
| |
/* Lock/unlock agent */ |
| |
int |
| |
ssh_lock_agent(AuthenticationConnection *auth, int lock, const char *password) |
| |
{ |
| |
int type; |
| |
Buffer msg; |
| |
|
| |
buffer_init(&msg); |
| |
buffer_put_char(&msg, lock ? SSH_AGENTC_LOCK : SSH_AGENTC_UNLOCK); |
| |
buffer_put_cstring(&msg, password); |
| |
|
| |
if (ssh_request_reply(auth, &msg, &msg) == 0) { |
| |
buffer_free(&msg); |
| |
return 0; |
| |
} |
| |
type = buffer_get_char(&msg); |
| |
buffer_free(&msg); |
| |
return decode_reply(type); |
| |
} |
| |
|
| /* |
/* |
| * Returns the first authentication identity held by the agent. |
* Returns the first authentication identity held by the agent. |
| */ |
*/ |
|
|
| int type, code1 = 0, code2 = 0; |
int type, code1 = 0, code2 = 0; |
| Buffer request; |
Buffer request; |
| |
|
| switch(version){ |
switch (version) { |
| case 1: |
case 1: |
| code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES; |
code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES; |
| code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER; |
code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER; |
|
|
| * Get the next entry from the packet. These will abort with a fatal |
* Get the next entry from the packet. These will abort with a fatal |
| * error if the packet is too short or contains corrupt data. |
* error if the packet is too short or contains corrupt data. |
| */ |
*/ |
| switch(version){ |
switch (version) { |
| case 1: |
case 1: |
| key = key_new(KEY_RSA1); |
key = key_new(KEY_RSA1); |
| bits = buffer_get_int(&auth->identities); |
bits = buffer_get_int(&auth->identities); |
|
|
| buffer_put_bignum(&buffer, key->rsa->e); |
buffer_put_bignum(&buffer, key->rsa->e); |
| buffer_put_bignum(&buffer, key->rsa->n); |
buffer_put_bignum(&buffer, key->rsa->n); |
| buffer_put_bignum(&buffer, challenge); |
buffer_put_bignum(&buffer, challenge); |
| buffer_append(&buffer, (char *) session_id, 16); |
buffer_append(&buffer, session_id, 16); |
| buffer_put_int(&buffer, response_type); |
buffer_put_int(&buffer, response_type); |
| |
|
| if (ssh_request_reply(auth, &buffer, &buffer) == 0) { |
if (ssh_request_reply(auth, &buffer, &buffer) == 0) { |
|
|
| int |
int |
| ssh_agent_sign(AuthenticationConnection *auth, |
ssh_agent_sign(AuthenticationConnection *auth, |
| Key *key, |
Key *key, |
| u_char **sigp, int *lenp, |
u_char **sigp, u_int *lenp, |
| u_char *data, int datalen) |
u_char *data, u_int datalen) |
| { |
{ |
| extern int datafellows; |
extern int datafellows; |
| Buffer msg; |
Buffer msg; |
|
|
| static void |
static void |
| ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) |
ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) |
| { |
{ |
| buffer_clear(b); |
|
| buffer_put_char(b, SSH_AGENTC_ADD_RSA_IDENTITY); |
|
| buffer_put_int(b, BN_num_bits(key->n)); |
buffer_put_int(b, BN_num_bits(key->n)); |
| buffer_put_bignum(b, key->n); |
buffer_put_bignum(b, key->n); |
| buffer_put_bignum(b, key->e); |
buffer_put_bignum(b, key->e); |
|
|
| static void |
static void |
| ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) |
ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) |
| { |
{ |
| buffer_clear(b); |
|
| buffer_put_char(b, SSH2_AGENTC_ADD_IDENTITY); |
|
| buffer_put_cstring(b, key_ssh_name(key)); |
buffer_put_cstring(b, key_ssh_name(key)); |
| switch(key->type){ |
switch (key->type) { |
| case KEY_RSA: |
case KEY_RSA: |
| buffer_put_bignum2(b, key->rsa->n); |
buffer_put_bignum2(b, key->rsa->n); |
| buffer_put_bignum2(b, key->rsa->e); |
buffer_put_bignum2(b, key->rsa->e); |
|
|
| */ |
*/ |
| |
|
| int |
int |
| ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment) |
ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key, |
| |
const char *comment, u_int life) |
| { |
{ |
| Buffer msg; |
Buffer msg; |
| int type; |
int type, constrained = (life != 0); |
| |
|
| buffer_init(&msg); |
buffer_init(&msg); |
| |
|
| switch (key->type) { |
switch (key->type) { |
| case KEY_RSA1: |
case KEY_RSA1: |
| |
type = constrained ? |
| |
SSH_AGENTC_ADD_RSA_ID_CONSTRAINED : |
| |
SSH_AGENTC_ADD_RSA_IDENTITY; |
| |
buffer_put_char(&msg, type); |
| ssh_encode_identity_rsa1(&msg, key->rsa, comment); |
ssh_encode_identity_rsa1(&msg, key->rsa, comment); |
| break; |
break; |
| case KEY_RSA: |
case KEY_RSA: |
| case KEY_DSA: |
case KEY_DSA: |
| |
type = constrained ? |
| |
SSH2_AGENTC_ADD_ID_CONSTRAINED : |
| |
SSH2_AGENTC_ADD_IDENTITY; |
| |
buffer_put_char(&msg, type); |
| ssh_encode_identity_ssh2(&msg, key, comment); |
ssh_encode_identity_ssh2(&msg, key, comment); |
| break; |
break; |
| default: |
default: |
|
|
| return 0; |
return 0; |
| break; |
break; |
| } |
} |
| |
if (constrained) { |
| |
if (life != 0) { |
| |
buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME); |
| |
buffer_put_int(&msg, life); |
| |
} |
| |
} |
| if (ssh_request_reply(auth, &msg, &msg) == 0) { |
if (ssh_request_reply(auth, &msg, &msg) == 0) { |
| buffer_free(&msg); |
buffer_free(&msg); |
| return 0; |
return 0; |
|
|
| return decode_reply(type); |
return decode_reply(type); |
| } |
} |
| |
|
| |
int |
| |
ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment) |
| |
{ |
| |
return ssh_add_identity_constrained(auth, key, comment, 0); |
| |
} |
| |
|
| /* |
/* |
| * Removes an identity from the authentication server. This call is not |
* Removes an identity from the authentication server. This call is not |
| * meant to be used by normal applications. |
* meant to be used by normal applications. |
|
|
| } |
} |
| |
|
| int |
int |
| ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id) |
ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id, const char *pin) |
| { |
{ |
| Buffer msg; |
Buffer msg; |
| int type; |
int type; |
|
|
| buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : |
buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : |
| SSH_AGENTC_REMOVE_SMARTCARD_KEY); |
SSH_AGENTC_REMOVE_SMARTCARD_KEY); |
| buffer_put_cstring(&msg, reader_id); |
buffer_put_cstring(&msg, reader_id); |
| |
buffer_put_cstring(&msg, pin); |
| if (ssh_request_reply(auth, &msg, &msg) == 0) { |
if (ssh_request_reply(auth, &msg, &msg) == 0) { |
| buffer_free(&msg); |
buffer_free(&msg); |
| return 0; |
return 0; |
![[BACK]](/icons/back.gif){kind=icon}
Return to authfd.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh