| version 1.45.2.5, 2002/10/11 14:53:06 |
version 1.46, 2001/12/05 10:06:12 |
|
|
| #include "log.h" |
#include "log.h" |
| #include "atomicio.h" |
#include "atomicio.h" |
| |
|
| static int agent_present = 0; |
|
| |
|
| /* helper */ |
/* helper */ |
| int decode_reply(int type); |
int decode_reply(int type); |
| |
|
| /* macro to check for "agent failure" message */ |
/* macro to check for "agent failure" message */ |
| #define agent_failed(x) \ |
#define agent_failed(x) \ |
| ((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE) || \ |
((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE) || \ |
| (x == SSH2_AGENT_FAILURE)) |
(x == SSH2_AGENT_FAILURE)) |
| |
|
| int |
|
| ssh_agent_present(void) |
|
| { |
|
| int authfd; |
|
| |
|
| if (agent_present) |
|
| return 1; |
|
| if ((authfd = ssh_get_authentication_socket()) == -1) |
|
| return 0; |
|
| else { |
|
| ssh_close_authentication_socket(authfd); |
|
| return 1; |
|
| } |
|
| } |
|
| |
|
| /* Returns the number of the authentication fd, or -1 if there is none. */ |
/* Returns the number of the authentication fd, or -1 if there is none. */ |
| |
|
| int |
int |
|
|
| close(sock); |
close(sock); |
| return -1; |
return -1; |
| } |
} |
| agent_present = 1; |
|
| return sock; |
return sock; |
| } |
} |
| |
|
|
|
| error("Error reading response from authentication socket."); |
error("Error reading response from authentication socket."); |
| return 0; |
return 0; |
| } |
} |
| buffer_append(reply, buf, l); |
buffer_append(reply, (char *) buf, l); |
| len -= l; |
len -= l; |
| } |
} |
| return 1; |
return 1; |
|
|
| xfree(auth); |
xfree(auth); |
| } |
} |
| |
|
| /* Lock/unlock agent */ |
|
| int |
|
| ssh_lock_agent(AuthenticationConnection *auth, int lock, const char *password) |
|
| { |
|
| int type; |
|
| Buffer msg; |
|
| |
|
| buffer_init(&msg); |
|
| buffer_put_char(&msg, lock ? SSH_AGENTC_LOCK : SSH_AGENTC_UNLOCK); |
|
| buffer_put_cstring(&msg, password); |
|
| |
|
| if (ssh_request_reply(auth, &msg, &msg) == 0) { |
|
| buffer_free(&msg); |
|
| return 0; |
|
| } |
|
| type = buffer_get_char(&msg); |
|
| buffer_free(&msg); |
|
| return decode_reply(type); |
|
| } |
|
| |
|
| /* |
/* |
| * Returns the first authentication identity held by the agent. |
* Returns the first authentication identity held by the agent. |
| */ |
*/ |
|
|
| buffer_put_bignum(&buffer, key->rsa->e); |
buffer_put_bignum(&buffer, key->rsa->e); |
| buffer_put_bignum(&buffer, key->rsa->n); |
buffer_put_bignum(&buffer, key->rsa->n); |
| buffer_put_bignum(&buffer, challenge); |
buffer_put_bignum(&buffer, challenge); |
| buffer_append(&buffer, session_id, 16); |
buffer_append(&buffer, (char *) session_id, 16); |
| buffer_put_int(&buffer, response_type); |
buffer_put_int(&buffer, response_type); |
| |
|
| if (ssh_request_reply(auth, &buffer, &buffer) == 0) { |
if (ssh_request_reply(auth, &buffer, &buffer) == 0) { |
|
|
| int |
int |
| ssh_agent_sign(AuthenticationConnection *auth, |
ssh_agent_sign(AuthenticationConnection *auth, |
| Key *key, |
Key *key, |
| u_char **sigp, u_int *lenp, |
u_char **sigp, int *lenp, |
| u_char *data, u_int datalen) |
u_char *data, int datalen) |
| { |
{ |
| extern int datafellows; |
extern int datafellows; |
| Buffer msg; |
Buffer msg; |
|
|
| static void |
static void |
| ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) |
ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) |
| { |
{ |
| |
buffer_clear(b); |
| |
buffer_put_char(b, SSH_AGENTC_ADD_RSA_IDENTITY); |
| buffer_put_int(b, BN_num_bits(key->n)); |
buffer_put_int(b, BN_num_bits(key->n)); |
| buffer_put_bignum(b, key->n); |
buffer_put_bignum(b, key->n); |
| buffer_put_bignum(b, key->e); |
buffer_put_bignum(b, key->e); |
|
|
| static void |
static void |
| ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) |
ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) |
| { |
{ |
| |
buffer_clear(b); |
| |
buffer_put_char(b, SSH2_AGENTC_ADD_IDENTITY); |
| buffer_put_cstring(b, key_ssh_name(key)); |
buffer_put_cstring(b, key_ssh_name(key)); |
| switch (key->type) { |
switch (key->type) { |
| case KEY_RSA: |
case KEY_RSA: |
|
|
| */ |
*/ |
| |
|
| int |
int |
| ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key, |
ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment) |
| const char *comment, u_int life) |
|
| { |
{ |
| Buffer msg; |
Buffer msg; |
| int type, constrained = (life != 0); |
int type; |
| |
|
| buffer_init(&msg); |
buffer_init(&msg); |
| |
|
| switch (key->type) { |
switch (key->type) { |
| case KEY_RSA1: |
case KEY_RSA1: |
| type = constrained ? |
|
| SSH_AGENTC_ADD_RSA_ID_CONSTRAINED : |
|
| SSH_AGENTC_ADD_RSA_IDENTITY; |
|
| buffer_put_char(&msg, type); |
|
| ssh_encode_identity_rsa1(&msg, key->rsa, comment); |
ssh_encode_identity_rsa1(&msg, key->rsa, comment); |
| break; |
break; |
| case KEY_RSA: |
case KEY_RSA: |
| case KEY_DSA: |
case KEY_DSA: |
| type = constrained ? |
|
| SSH2_AGENTC_ADD_ID_CONSTRAINED : |
|
| SSH2_AGENTC_ADD_IDENTITY; |
|
| buffer_put_char(&msg, type); |
|
| ssh_encode_identity_ssh2(&msg, key, comment); |
ssh_encode_identity_ssh2(&msg, key, comment); |
| break; |
break; |
| default: |
default: |
|
|
| return 0; |
return 0; |
| break; |
break; |
| } |
} |
| if (constrained) { |
|
| if (life != 0) { |
|
| buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME); |
|
| buffer_put_int(&msg, life); |
|
| } |
|
| } |
|
| if (ssh_request_reply(auth, &msg, &msg) == 0) { |
if (ssh_request_reply(auth, &msg, &msg) == 0) { |
| buffer_free(&msg); |
buffer_free(&msg); |
| return 0; |
return 0; |
|
|
| return decode_reply(type); |
return decode_reply(type); |
| } |
} |
| |
|
| int |
|
| ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment) |
|
| { |
|
| return ssh_add_identity_constrained(auth, key, comment, 0); |
|
| } |
|
| |
|
| /* |
/* |
| * Removes an identity from the authentication server. This call is not |
* Removes an identity from the authentication server. This call is not |
| * meant to be used by normal applications. |
* meant to be used by normal applications. |
|
|
| } |
} |
| |
|
| int |
int |
| ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id, const char *pin) |
ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id) |
| { |
{ |
| Buffer msg; |
Buffer msg; |
| int type; |
int type; |
|
|
| buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : |
buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : |
| SSH_AGENTC_REMOVE_SMARTCARD_KEY); |
SSH_AGENTC_REMOVE_SMARTCARD_KEY); |
| buffer_put_cstring(&msg, reader_id); |
buffer_put_cstring(&msg, reader_id); |
| buffer_put_cstring(&msg, pin); |
|
| if (ssh_request_reply(auth, &msg, &msg) == 0) { |
if (ssh_request_reply(auth, &msg, &msg) == 0) { |
| buffer_free(&msg); |
buffer_free(&msg); |
| return 0; |
return 0; |
![[BACK]](/icons/back.gif){kind=icon}
Return to authfd.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh