version 1.172, 2011/06/03 01:37:40 |
version 1.173, 2013/05/17 00:13:14 |
|
|
free_identity(Identity *id) |
free_identity(Identity *id) |
{ |
{ |
key_free(id->key); |
key_free(id->key); |
if (id->provider != NULL) |
free(id->provider); |
xfree(id->provider); |
free(id->comment); |
xfree(id->comment); |
free(id); |
xfree(id); |
|
} |
} |
|
|
/* return matching private key for given public key */ |
/* return matching private key for given public key */ |
|
|
if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", |
if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", |
id->comment, p)) |
id->comment, p)) |
ret = 0; |
ret = 0; |
xfree(p); |
free(p); |
|
|
return (ret); |
return (ret); |
} |
} |
|
|
u_int blen; |
u_int blen; |
key_to_blob(id->key, &blob, &blen); |
key_to_blob(id->key, &blob, &blen); |
buffer_put_string(&msg, blob, blen); |
buffer_put_string(&msg, blob, blen); |
xfree(blob); |
free(blob); |
} |
} |
buffer_put_cstring(&msg, id->comment); |
buffer_put_cstring(&msg, id->comment); |
} |
} |
|
|
buffer_append(&e->output, buffer_ptr(&msg), |
buffer_append(&e->output, buffer_ptr(&msg), |
buffer_len(&msg)); |
buffer_len(&msg)); |
buffer_free(&msg); |
buffer_free(&msg); |
xfree(data); |
free(data); |
xfree(blob); |
free(blob); |
if (signature != NULL) |
free(signature); |
xfree(signature); |
|
datafellows = odatafellows; |
datafellows = odatafellows; |
} |
} |
|
|
|
|
case 2: |
case 2: |
blob = buffer_get_string(&e->request, &blen); |
blob = buffer_get_string(&e->request, &blen); |
key = key_from_blob(blob, blen); |
key = key_from_blob(blob, blen); |
xfree(blob); |
free(blob); |
break; |
break; |
} |
} |
if (key != NULL) { |
if (key != NULL) { |
|
|
cert = buffer_get_string(&e->request, &len); |
cert = buffer_get_string(&e->request, &len); |
if ((k = key_from_blob(cert, len)) == NULL) |
if ((k = key_from_blob(cert, len)) == NULL) |
fatal("Certificate parse failed"); |
fatal("Certificate parse failed"); |
xfree(cert); |
free(cert); |
key_add_private(k); |
key_add_private(k); |
buffer_get_bignum2(&e->request, k->dsa->priv_key); |
buffer_get_bignum2(&e->request, k->dsa->priv_key); |
break; |
break; |
|
|
curve = buffer_get_string(&e->request, NULL); |
curve = buffer_get_string(&e->request, NULL); |
if (k->ecdsa_nid != key_curve_name_to_nid(curve)) |
if (k->ecdsa_nid != key_curve_name_to_nid(curve)) |
fatal("%s: curve names mismatch", __func__); |
fatal("%s: curve names mismatch", __func__); |
xfree(curve); |
free(curve); |
k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); |
k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); |
if (k->ecdsa == NULL) |
if (k->ecdsa == NULL) |
fatal("%s: EC_KEY_new_by_curve_name failed", |
fatal("%s: EC_KEY_new_by_curve_name failed", |
|
|
cert = buffer_get_string(&e->request, &len); |
cert = buffer_get_string(&e->request, &len); |
if ((k = key_from_blob(cert, len)) == NULL) |
if ((k = key_from_blob(cert, len)) == NULL) |
fatal("Certificate parse failed"); |
fatal("Certificate parse failed"); |
xfree(cert); |
free(cert); |
key_add_private(k); |
key_add_private(k); |
if ((exponent = BN_new()) == NULL) |
if ((exponent = BN_new()) == NULL) |
fatal("%s: BN_new failed", __func__); |
fatal("%s: BN_new failed", __func__); |
|
|
cert = buffer_get_string(&e->request, &len); |
cert = buffer_get_string(&e->request, &len); |
if ((k = key_from_blob(cert, len)) == NULL) |
if ((k = key_from_blob(cert, len)) == NULL) |
fatal("Certificate parse failed"); |
fatal("Certificate parse failed"); |
xfree(cert); |
free(cert); |
key_add_private(k); |
key_add_private(k); |
buffer_get_bignum2(&e->request, k->rsa->d); |
buffer_get_bignum2(&e->request, k->rsa->d); |
buffer_get_bignum2(&e->request, k->rsa->iqmp); |
buffer_get_bignum2(&e->request, k->rsa->iqmp); |
|
|
buffer_get_bignum2(&e->request, k->rsa->q); |
buffer_get_bignum2(&e->request, k->rsa->q); |
break; |
break; |
default: |
default: |
xfree(type_name); |
free(type_name); |
buffer_clear(&e->request); |
buffer_clear(&e->request); |
goto send; |
goto send; |
} |
} |
xfree(type_name); |
free(type_name); |
break; |
break; |
} |
} |
/* enable blinding */ |
/* enable blinding */ |
|
|
} |
} |
comment = buffer_get_string(&e->request, NULL); |
comment = buffer_get_string(&e->request, NULL); |
if (k == NULL) { |
if (k == NULL) { |
xfree(comment); |
free(comment); |
goto send; |
goto send; |
} |
} |
while (buffer_len(&e->request)) { |
while (buffer_len(&e->request)) { |
|
|
default: |
default: |
error("process_add_identity: " |
error("process_add_identity: " |
"Unknown constraint type %d", type); |
"Unknown constraint type %d", type); |
xfree(comment); |
free(comment); |
key_free(k); |
key_free(k); |
goto send; |
goto send; |
} |
} |
|
|
tab->nentries++; |
tab->nentries++; |
} else { |
} else { |
key_free(k); |
key_free(k); |
xfree(id->comment); |
free(id->comment); |
} |
} |
id->comment = comment; |
id->comment = comment; |
id->death = death; |
id->death = death; |
|
|
if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { |
if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { |
locked = 0; |
locked = 0; |
memset(lock_passwd, 0, strlen(lock_passwd)); |
memset(lock_passwd, 0, strlen(lock_passwd)); |
xfree(lock_passwd); |
free(lock_passwd); |
lock_passwd = NULL; |
lock_passwd = NULL; |
success = 1; |
success = 1; |
} else if (!locked && lock) { |
} else if (!locked && lock) { |
|
|
success = 1; |
success = 1; |
} |
} |
memset(passwd, 0, strlen(passwd)); |
memset(passwd, 0, strlen(passwd)); |
xfree(passwd); |
free(passwd); |
|
|
buffer_put_int(&e->output, 1); |
buffer_put_int(&e->output, 1); |
buffer_put_char(&e->output, |
buffer_put_char(&e->output, |
|
|
keys[i] = NULL; |
keys[i] = NULL; |
} |
} |
send: |
send: |
if (pin) |
free(pin); |
xfree(pin); |
free(provider); |
if (provider) |
free(keys); |
xfree(provider); |
|
if (keys) |
|
xfree(keys); |
|
buffer_put_int(&e->output, 1); |
buffer_put_int(&e->output, 1); |
buffer_put_char(&e->output, |
buffer_put_char(&e->output, |
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
|
|
|
|
provider = buffer_get_string(&e->request, NULL); |
provider = buffer_get_string(&e->request, NULL); |
pin = buffer_get_string(&e->request, NULL); |
pin = buffer_get_string(&e->request, NULL); |
xfree(pin); |
free(pin); |
|
|
for (version = 1; version < 3; version++) { |
for (version = 1; version < 3; version++) { |
tab = idtab_lookup(version); |
tab = idtab_lookup(version); |
|
|
else |
else |
error("process_remove_smartcard_key:" |
error("process_remove_smartcard_key:" |
" pkcs11_del_provider failed"); |
" pkcs11_del_provider failed"); |
xfree(provider); |
free(provider); |
buffer_put_int(&e->output, 1); |
buffer_put_int(&e->output, 1); |
buffer_put_char(&e->output, |
buffer_put_char(&e->output, |
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
|
|
|
|
sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); |
sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); |
if (*fdrp == NULL || sz > *nallocp) { |
if (*fdrp == NULL || sz > *nallocp) { |
if (*fdrp) |
free(*fdrp); |
xfree(*fdrp); |
free(*fdwp); |
if (*fdwp) |
|
xfree(*fdwp); |
|
*fdrp = xmalloc(sz); |
*fdrp = xmalloc(sz); |
*fdwp = xmalloc(sz); |
*fdwp = xmalloc(sz); |
*nallocp = sz; |
*nallocp = sz; |