| version 1.286, 2022/01/12 03:30:32 |
version 1.287, 2022/01/14 03:43:48 |
|
|
| u_char *signature = NULL; |
u_char *signature = NULL; |
| size_t slen = 0; |
size_t slen = 0; |
| u_int compat = 0, flags; |
u_int compat = 0, flags; |
| int r, ok = -1; |
int r, ok = -1, retried = 0; |
| char *fp = NULL, *user = NULL, *sig_dest = NULL; |
char *fp = NULL, *pin = NULL, *prompt = NULL; |
| |
char *user = NULL, *sig_dest = NULL; |
| const char *fwd_host = NULL, *dest_host = NULL; |
const char *fwd_host = NULL, *dest_host = NULL; |
| struct sshbuf *msg = NULL, *data = NULL, *sid = NULL; |
struct sshbuf *msg = NULL, *data = NULL, *sid = NULL; |
| struct sshkey *key = NULL, *hostkey = NULL; |
struct sshkey *key = NULL, *hostkey = NULL; |
|
|
| /* error already logged */ |
/* error already logged */ |
| goto send; |
goto send; |
| } |
} |
| if ((id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { |
if ((id->key->sk_flags & SSH_SK_USER_VERIFICATION_REQD)) { |
| |
/* XXX include sig_dest */ |
| |
xasprintf(&prompt, "Enter PIN%sfor %s key %s: ", |
| |
(id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD) ? |
| |
" and confirm user presence " : " ", |
| |
sshkey_type(id->key), fp); |
| |
pin = read_passphrase(prompt, RP_USE_ASKPASS); |
| |
free(prompt); |
| |
prompt = NULL; |
| |
} else if ((id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { |
| notifier = notify_start(0, |
notifier = notify_start(0, |
| "Confirm user presence for key %s %s%s%s", |
"Confirm user presence for key %s %s%s%s", |
| sshkey_type(id->key), fp, |
sshkey_type(id->key), fp, |
|
|
| sig_dest == NULL ? "" : sig_dest); |
sig_dest == NULL ? "" : sig_dest); |
| } |
} |
| } |
} |
| /* XXX support PIN required FIDO keys */ |
retry_pin: |
| if ((r = sshkey_sign(id->key, &signature, &slen, |
if ((r = sshkey_sign(id->key, &signature, &slen, |
| sshbuf_ptr(data), sshbuf_len(data), agent_decode_alg(key, flags), |
sshbuf_ptr(data), sshbuf_len(data), agent_decode_alg(key, flags), |
| id->sk_provider, NULL, compat)) != 0) { |
id->sk_provider, pin, compat)) != 0) { |
| |
debug_fr(r, "sshkey_sign"); |
| |
if (pin == NULL && !retried && sshkey_is_sk(id->key) && |
| |
r == SSH_ERR_KEY_WRONG_PASSPHRASE) { |
| |
if (notifier) { |
| |
notify_complete(notifier, NULL); |
| |
notifier = NULL; |
| |
} |
| |
/* XXX include sig_dest */ |
| |
xasprintf(&prompt, "Enter PIN%sfor %s key %s: ", |
| |
(id->key->sk_flags & SSH_SK_USER_PRESENCE_REQD) ? |
| |
" and confirm user presence " : " ", |
| |
sshkey_type(id->key), fp); |
| |
pin = read_passphrase(prompt, RP_USE_ASKPASS); |
| |
retried = 1; |
| |
goto retry_pin; |
| |
} |
| error_fr(r, "sshkey_sign"); |
error_fr(r, "sshkey_sign"); |
| goto send; |
goto send; |
| } |
} |
|
|
| free(signature); |
free(signature); |
| free(sig_dest); |
free(sig_dest); |
| free(user); |
free(user); |
| |
free(prompt); |
| |
if (pin != NULL) |
| |
freezero(pin, strlen(pin)); |
| } |
} |
| |
|
| /* shared */ |
/* shared */ |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-agent.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh