| version 1.172, 2011/06/03 01:37:40 |
version 1.173, 2013/05/17 00:13:14 |
|
|
| free_identity(Identity *id) |
free_identity(Identity *id) |
| { |
{ |
| key_free(id->key); |
key_free(id->key); |
| if (id->provider != NULL) |
free(id->provider); |
| xfree(id->provider); |
free(id->comment); |
| xfree(id->comment); |
free(id); |
| xfree(id); |
|
| } |
} |
| |
|
| /* return matching private key for given public key */ |
/* return matching private key for given public key */ |
|
|
| if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", |
if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", |
| id->comment, p)) |
id->comment, p)) |
| ret = 0; |
ret = 0; |
| xfree(p); |
free(p); |
| |
|
| return (ret); |
return (ret); |
| } |
} |
|
|
| u_int blen; |
u_int blen; |
| key_to_blob(id->key, &blob, &blen); |
key_to_blob(id->key, &blob, &blen); |
| buffer_put_string(&msg, blob, blen); |
buffer_put_string(&msg, blob, blen); |
| xfree(blob); |
free(blob); |
| } |
} |
| buffer_put_cstring(&msg, id->comment); |
buffer_put_cstring(&msg, id->comment); |
| } |
} |
|
|
| buffer_append(&e->output, buffer_ptr(&msg), |
buffer_append(&e->output, buffer_ptr(&msg), |
| buffer_len(&msg)); |
buffer_len(&msg)); |
| buffer_free(&msg); |
buffer_free(&msg); |
| xfree(data); |
free(data); |
| xfree(blob); |
free(blob); |
| if (signature != NULL) |
free(signature); |
| xfree(signature); |
|
| datafellows = odatafellows; |
datafellows = odatafellows; |
| } |
} |
| |
|
|
|
| case 2: |
case 2: |
| blob = buffer_get_string(&e->request, &blen); |
blob = buffer_get_string(&e->request, &blen); |
| key = key_from_blob(blob, blen); |
key = key_from_blob(blob, blen); |
| xfree(blob); |
free(blob); |
| break; |
break; |
| } |
} |
| if (key != NULL) { |
if (key != NULL) { |
|
|
| cert = buffer_get_string(&e->request, &len); |
cert = buffer_get_string(&e->request, &len); |
| if ((k = key_from_blob(cert, len)) == NULL) |
if ((k = key_from_blob(cert, len)) == NULL) |
| fatal("Certificate parse failed"); |
fatal("Certificate parse failed"); |
| xfree(cert); |
free(cert); |
| key_add_private(k); |
key_add_private(k); |
| buffer_get_bignum2(&e->request, k->dsa->priv_key); |
buffer_get_bignum2(&e->request, k->dsa->priv_key); |
| break; |
break; |
|
|
| curve = buffer_get_string(&e->request, NULL); |
curve = buffer_get_string(&e->request, NULL); |
| if (k->ecdsa_nid != key_curve_name_to_nid(curve)) |
if (k->ecdsa_nid != key_curve_name_to_nid(curve)) |
| fatal("%s: curve names mismatch", __func__); |
fatal("%s: curve names mismatch", __func__); |
| xfree(curve); |
free(curve); |
| k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); |
k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); |
| if (k->ecdsa == NULL) |
if (k->ecdsa == NULL) |
| fatal("%s: EC_KEY_new_by_curve_name failed", |
fatal("%s: EC_KEY_new_by_curve_name failed", |
|
|
| cert = buffer_get_string(&e->request, &len); |
cert = buffer_get_string(&e->request, &len); |
| if ((k = key_from_blob(cert, len)) == NULL) |
if ((k = key_from_blob(cert, len)) == NULL) |
| fatal("Certificate parse failed"); |
fatal("Certificate parse failed"); |
| xfree(cert); |
free(cert); |
| key_add_private(k); |
key_add_private(k); |
| if ((exponent = BN_new()) == NULL) |
if ((exponent = BN_new()) == NULL) |
| fatal("%s: BN_new failed", __func__); |
fatal("%s: BN_new failed", __func__); |
|
|
| cert = buffer_get_string(&e->request, &len); |
cert = buffer_get_string(&e->request, &len); |
| if ((k = key_from_blob(cert, len)) == NULL) |
if ((k = key_from_blob(cert, len)) == NULL) |
| fatal("Certificate parse failed"); |
fatal("Certificate parse failed"); |
| xfree(cert); |
free(cert); |
| key_add_private(k); |
key_add_private(k); |
| buffer_get_bignum2(&e->request, k->rsa->d); |
buffer_get_bignum2(&e->request, k->rsa->d); |
| buffer_get_bignum2(&e->request, k->rsa->iqmp); |
buffer_get_bignum2(&e->request, k->rsa->iqmp); |
|
|
| buffer_get_bignum2(&e->request, k->rsa->q); |
buffer_get_bignum2(&e->request, k->rsa->q); |
| break; |
break; |
| default: |
default: |
| xfree(type_name); |
free(type_name); |
| buffer_clear(&e->request); |
buffer_clear(&e->request); |
| goto send; |
goto send; |
| } |
} |
| xfree(type_name); |
free(type_name); |
| break; |
break; |
| } |
} |
| /* enable blinding */ |
/* enable blinding */ |
|
|
| } |
} |
| comment = buffer_get_string(&e->request, NULL); |
comment = buffer_get_string(&e->request, NULL); |
| if (k == NULL) { |
if (k == NULL) { |
| xfree(comment); |
free(comment); |
| goto send; |
goto send; |
| } |
} |
| while (buffer_len(&e->request)) { |
while (buffer_len(&e->request)) { |
|
|
| default: |
default: |
| error("process_add_identity: " |
error("process_add_identity: " |
| "Unknown constraint type %d", type); |
"Unknown constraint type %d", type); |
| xfree(comment); |
free(comment); |
| key_free(k); |
key_free(k); |
| goto send; |
goto send; |
| } |
} |
|
|
| tab->nentries++; |
tab->nentries++; |
| } else { |
} else { |
| key_free(k); |
key_free(k); |
| xfree(id->comment); |
free(id->comment); |
| } |
} |
| id->comment = comment; |
id->comment = comment; |
| id->death = death; |
id->death = death; |
|
|
| if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { |
if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { |
| locked = 0; |
locked = 0; |
| memset(lock_passwd, 0, strlen(lock_passwd)); |
memset(lock_passwd, 0, strlen(lock_passwd)); |
| xfree(lock_passwd); |
free(lock_passwd); |
| lock_passwd = NULL; |
lock_passwd = NULL; |
| success = 1; |
success = 1; |
| } else if (!locked && lock) { |
} else if (!locked && lock) { |
|
|
| success = 1; |
success = 1; |
| } |
} |
| memset(passwd, 0, strlen(passwd)); |
memset(passwd, 0, strlen(passwd)); |
| xfree(passwd); |
free(passwd); |
| |
|
| buffer_put_int(&e->output, 1); |
buffer_put_int(&e->output, 1); |
| buffer_put_char(&e->output, |
buffer_put_char(&e->output, |
|
|
| keys[i] = NULL; |
keys[i] = NULL; |
| } |
} |
| send: |
send: |
| if (pin) |
free(pin); |
| xfree(pin); |
free(provider); |
| if (provider) |
free(keys); |
| xfree(provider); |
|
| if (keys) |
|
| xfree(keys); |
|
| buffer_put_int(&e->output, 1); |
buffer_put_int(&e->output, 1); |
| buffer_put_char(&e->output, |
buffer_put_char(&e->output, |
| success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
|
|
| |
|
| provider = buffer_get_string(&e->request, NULL); |
provider = buffer_get_string(&e->request, NULL); |
| pin = buffer_get_string(&e->request, NULL); |
pin = buffer_get_string(&e->request, NULL); |
| xfree(pin); |
free(pin); |
| |
|
| for (version = 1; version < 3; version++) { |
for (version = 1; version < 3; version++) { |
| tab = idtab_lookup(version); |
tab = idtab_lookup(version); |
|
|
| else |
else |
| error("process_remove_smartcard_key:" |
error("process_remove_smartcard_key:" |
| " pkcs11_del_provider failed"); |
" pkcs11_del_provider failed"); |
| xfree(provider); |
free(provider); |
| buffer_put_int(&e->output, 1); |
buffer_put_int(&e->output, 1); |
| buffer_put_char(&e->output, |
buffer_put_char(&e->output, |
| success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
|
|
| |
|
| sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); |
sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); |
| if (*fdrp == NULL || sz > *nallocp) { |
if (*fdrp == NULL || sz > *nallocp) { |
| if (*fdrp) |
free(*fdrp); |
| xfree(*fdrp); |
free(*fdwp); |
| if (*fdwp) |
|
| xfree(*fdwp); |
|
| *fdrp = xmalloc(sz); |
*fdrp = xmalloc(sz); |
| *fdwp = xmalloc(sz); |
*fdwp = xmalloc(sz); |
| *nallocp = sz; |
*nallocp = sz; |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-agent.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh