| version 1.10, 1999/11/24 19:53:44 |
version 1.11, 1999/12/06 19:11:15 |
|
|
| { |
{ |
| Buffer buffer, encrypted; |
Buffer buffer, encrypted; |
| char buf[100], *cp; |
char buf[100], *cp; |
| int f, i; |
int fd, i; |
| CipherContext cipher; |
CipherContext cipher; |
| int cipher_type; |
int cipher_type; |
| u_int32_t rand; |
u_int32_t rand; |
|
|
| memset(buf, 0, sizeof(buf)); |
memset(buf, 0, sizeof(buf)); |
| buffer_free(&buffer); |
buffer_free(&buffer); |
| |
|
| f = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
| if (f < 0) |
if (fd < 0) |
| return 0; |
return 0; |
| if (write(f, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
| buffer_len(&encrypted)) { |
buffer_len(&encrypted)) { |
| debug("Write to key file %.200s failed: %.100s", filename, |
debug("Write to key file %.200s failed: %.100s", filename, |
| strerror(errno)); |
strerror(errno)); |
| buffer_free(&encrypted); |
buffer_free(&encrypted); |
| close(f); |
close(fd); |
| remove(filename); |
remove(filename); |
| return 0; |
return 0; |
| } |
} |
| close(f); |
close(fd); |
| buffer_free(&encrypted); |
buffer_free(&encrypted); |
| return 1; |
return 1; |
| } |
} |
|
|
| load_public_key(const char *filename, RSA * pub, |
load_public_key(const char *filename, RSA * pub, |
| char **comment_return) |
char **comment_return) |
| { |
{ |
| int f, i; |
int fd, i; |
| off_t len; |
off_t len; |
| Buffer buffer; |
Buffer buffer; |
| char *cp; |
char *cp; |
| |
|
| f = open(filename, O_RDONLY); |
fd = open(filename, O_RDONLY); |
| if (f < 0) |
if (fd < 0) |
| return 0; |
return 0; |
| len = lseek(f, (off_t) 0, SEEK_END); |
len = lseek(fd, (off_t) 0, SEEK_END); |
| lseek(f, (off_t) 0, SEEK_SET); |
lseek(fd, (off_t) 0, SEEK_SET); |
| |
|
| buffer_init(&buffer); |
buffer_init(&buffer); |
| buffer_append_space(&buffer, &cp, len); |
buffer_append_space(&buffer, &cp, len); |
| |
|
| if (read(f, cp, (size_t) len) != (size_t) len) { |
if (read(fd, cp, (size_t) len) != (size_t) len) { |
| debug("Read from key file %.200s failed: %.100s", filename, |
debug("Read from key file %.200s failed: %.100s", filename, |
| strerror(errno)); |
strerror(errno)); |
| buffer_free(&buffer); |
buffer_free(&buffer); |
| close(f); |
close(fd); |
| return 0; |
return 0; |
| } |
} |
| close(f); |
close(fd); |
| |
|
| /* Check that it is at least big enought to contain the ID string. */ |
/* Check that it is at least big enought to contain the ID string. */ |
| if (len < strlen(AUTHFILE_ID_STRING) + 1) { |
if (len < strlen(AUTHFILE_ID_STRING) + 1) { |
|
|
| * from the buffer. |
* from the buffer. |
| */ |
*/ |
| for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++) |
for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++) |
| if (buffer_get_char(&buffer) != (unsigned char) AUTHFILE_ID_STRING[i]) { |
if (buffer_get_char(&buffer) != (u_char) AUTHFILE_ID_STRING[i]) { |
| debug("Bad key file %.200s.", filename); |
debug("Bad key file %.200s.", filename); |
| buffer_free(&buffer); |
buffer_free(&buffer); |
| return 0; |
return 0; |
|
|
| load_private_key(const char *filename, const char *passphrase, |
load_private_key(const char *filename, const char *passphrase, |
| RSA * prv, char **comment_return) |
RSA * prv, char **comment_return) |
| { |
{ |
| int f, i, check1, check2, cipher_type; |
int fd, i, check1, check2, cipher_type; |
| off_t len; |
off_t len; |
| Buffer buffer, decrypted; |
Buffer buffer, decrypted; |
| char *cp; |
char *cp; |
|
|
| BIGNUM *aux; |
BIGNUM *aux; |
| struct stat st; |
struct stat st; |
| |
|
| f = open(filename, O_RDONLY); |
fd = open(filename, O_RDONLY); |
| if (f < 0) |
if (fd < 0) |
| return 0; |
return 0; |
| |
|
| /* check owner and modes */ |
/* check owner and modes */ |
| if (fstat(f, &st) < 0 || |
if (fstat(fd, &st) < 0 || |
| (st.st_uid != 0 && st.st_uid != getuid()) || |
(st.st_uid != 0 && st.st_uid != getuid()) || |
| (st.st_mode & 077) != 0) { |
(st.st_mode & 077) != 0) { |
| |
close(fd); |
| error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
| error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); |
error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); |
| error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
|
|
| error("It is recommended that your private key files are NOT accessible by others."); |
error("It is recommended that your private key files are NOT accessible by others."); |
| return 0; |
return 0; |
| } |
} |
| len = lseek(f, (off_t) 0, SEEK_END); |
len = lseek(fd, (off_t) 0, SEEK_END); |
| lseek(f, (off_t) 0, SEEK_SET); |
lseek(fd, (off_t) 0, SEEK_SET); |
| |
|
| buffer_init(&buffer); |
buffer_init(&buffer); |
| buffer_append_space(&buffer, &cp, len); |
buffer_append_space(&buffer, &cp, len); |
| |
|
| if (read(f, cp, (size_t) len) != (size_t) len) { |
if (read(fd, cp, (size_t) len) != (size_t) len) { |
| debug("Read from key file %.200s failed: %.100s", filename, |
debug("Read from key file %.200s failed: %.100s", filename, |
| strerror(errno)); |
strerror(errno)); |
| buffer_free(&buffer); |
buffer_free(&buffer); |
| close(f); |
close(fd); |
| return 0; |
return 0; |
| } |
} |
| close(f); |
close(fd); |
| |
|
| /* Check that it is at least big enought to contain the ID string. */ |
/* Check that it is at least big enought to contain the ID string. */ |
| if (len < strlen(AUTHFILE_ID_STRING) + 1) { |
if (len < strlen(AUTHFILE_ID_STRING) + 1) { |
![[BACK]](/icons/back.gif){kind=icon}
Return to authfile.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh