| version 1.86, 2002/06/05 16:08:07 |
version 1.87, 2002/06/05 16:48:54 |
|
|
| sock_type type; |
sock_type type; |
| Buffer input; |
Buffer input; |
| Buffer output; |
Buffer output; |
| |
Buffer request; |
| } SocketEntry; |
} SocketEntry; |
| |
|
| u_int sockets_alloc = 0; |
u_int sockets_alloc = 0; |
|
|
| if ((challenge = BN_new()) == NULL) |
if ((challenge = BN_new()) == NULL) |
| fatal("process_authentication_challenge1: BN_new failed"); |
fatal("process_authentication_challenge1: BN_new failed"); |
| |
|
| buffer_get_int(&e->input); /* ignored */ |
buffer_get_int(&e->request); /* ignored */ |
| buffer_get_bignum(&e->input, key->rsa->e); |
buffer_get_bignum(&e->request, key->rsa->e); |
| buffer_get_bignum(&e->input, key->rsa->n); |
buffer_get_bignum(&e->request, key->rsa->n); |
| buffer_get_bignum(&e->input, challenge); |
buffer_get_bignum(&e->request, challenge); |
| |
|
| /* Only protocol 1.1 is supported */ |
/* Only protocol 1.1 is supported */ |
| if (buffer_len(&e->input) == 0) |
if (buffer_len(&e->request) == 0) |
| goto failure; |
goto failure; |
| buffer_get(&e->input, session_id, 16); |
buffer_get(&e->request, session_id, 16); |
| response_type = buffer_get_int(&e->input); |
response_type = buffer_get_int(&e->request); |
| if (response_type != 1) |
if (response_type != 1) |
| goto failure; |
goto failure; |
| |
|
|
|
| |
|
| datafellows = 0; |
datafellows = 0; |
| |
|
| blob = buffer_get_string(&e->input, &blen); |
blob = buffer_get_string(&e->request, &blen); |
| data = buffer_get_string(&e->input, &dlen); |
data = buffer_get_string(&e->request, &dlen); |
| |
|
| flags = buffer_get_int(&e->input); |
flags = buffer_get_int(&e->request); |
| if (flags & SSH_AGENT_OLD_SIGNATURE) |
if (flags & SSH_AGENT_OLD_SIGNATURE) |
| datafellows = SSH_BUG_SIGBLOB; |
datafellows = SSH_BUG_SIGBLOB; |
| |
|
|
|
| switch (version) { |
switch (version) { |
| case 1: |
case 1: |
| key = key_new(KEY_RSA1); |
key = key_new(KEY_RSA1); |
| bits = buffer_get_int(&e->input); |
bits = buffer_get_int(&e->request); |
| buffer_get_bignum(&e->input, key->rsa->e); |
buffer_get_bignum(&e->request, key->rsa->e); |
| buffer_get_bignum(&e->input, key->rsa->n); |
buffer_get_bignum(&e->request, key->rsa->n); |
| |
|
| if (bits != key_size(key)) |
if (bits != key_size(key)) |
| log("Warning: identity keysize mismatch: actual %d, announced %d", |
log("Warning: identity keysize mismatch: actual %d, announced %d", |
| key_size(key), bits); |
key_size(key), bits); |
| break; |
break; |
| case 2: |
case 2: |
| blob = buffer_get_string(&e->input, &blen); |
blob = buffer_get_string(&e->request, &blen); |
| key = key_from_blob(blob, blen); |
key = key_from_blob(blob, blen); |
| xfree(blob); |
xfree(blob); |
| break; |
break; |
|
|
| switch (version) { |
switch (version) { |
| case 1: |
case 1: |
| k = key_new_private(KEY_RSA1); |
k = key_new_private(KEY_RSA1); |
| buffer_get_int(&e->input); /* ignored */ |
buffer_get_int(&e->request); /* ignored */ |
| buffer_get_bignum(&e->input, k->rsa->n); |
buffer_get_bignum(&e->request, k->rsa->n); |
| buffer_get_bignum(&e->input, k->rsa->e); |
buffer_get_bignum(&e->request, k->rsa->e); |
| buffer_get_bignum(&e->input, k->rsa->d); |
buffer_get_bignum(&e->request, k->rsa->d); |
| buffer_get_bignum(&e->input, k->rsa->iqmp); |
buffer_get_bignum(&e->request, k->rsa->iqmp); |
| |
|
| /* SSH and SSL have p and q swapped */ |
/* SSH and SSL have p and q swapped */ |
| buffer_get_bignum(&e->input, k->rsa->q); /* p */ |
buffer_get_bignum(&e->request, k->rsa->q); /* p */ |
| buffer_get_bignum(&e->input, k->rsa->p); /* q */ |
buffer_get_bignum(&e->request, k->rsa->p); /* q */ |
| |
|
| /* Generate additional parameters */ |
/* Generate additional parameters */ |
| rsa_generate_additional_parameters(k->rsa); |
rsa_generate_additional_parameters(k->rsa); |
| break; |
break; |
| case 2: |
case 2: |
| type_name = buffer_get_string(&e->input, NULL); |
type_name = buffer_get_string(&e->request, NULL); |
| type = key_type_from_name(type_name); |
type = key_type_from_name(type_name); |
| xfree(type_name); |
xfree(type_name); |
| switch (type) { |
switch (type) { |
| case KEY_DSA: |
case KEY_DSA: |
| k = key_new_private(type); |
k = key_new_private(type); |
| buffer_get_bignum2(&e->input, k->dsa->p); |
buffer_get_bignum2(&e->request, k->dsa->p); |
| buffer_get_bignum2(&e->input, k->dsa->q); |
buffer_get_bignum2(&e->request, k->dsa->q); |
| buffer_get_bignum2(&e->input, k->dsa->g); |
buffer_get_bignum2(&e->request, k->dsa->g); |
| buffer_get_bignum2(&e->input, k->dsa->pub_key); |
buffer_get_bignum2(&e->request, k->dsa->pub_key); |
| buffer_get_bignum2(&e->input, k->dsa->priv_key); |
buffer_get_bignum2(&e->request, k->dsa->priv_key); |
| break; |
break; |
| case KEY_RSA: |
case KEY_RSA: |
| k = key_new_private(type); |
k = key_new_private(type); |
| buffer_get_bignum2(&e->input, k->rsa->n); |
buffer_get_bignum2(&e->request, k->rsa->n); |
| buffer_get_bignum2(&e->input, k->rsa->e); |
buffer_get_bignum2(&e->request, k->rsa->e); |
| buffer_get_bignum2(&e->input, k->rsa->d); |
buffer_get_bignum2(&e->request, k->rsa->d); |
| buffer_get_bignum2(&e->input, k->rsa->iqmp); |
buffer_get_bignum2(&e->request, k->rsa->iqmp); |
| buffer_get_bignum2(&e->input, k->rsa->p); |
buffer_get_bignum2(&e->request, k->rsa->p); |
| buffer_get_bignum2(&e->input, k->rsa->q); |
buffer_get_bignum2(&e->request, k->rsa->q); |
| |
|
| /* Generate additional parameters */ |
/* Generate additional parameters */ |
| rsa_generate_additional_parameters(k->rsa); |
rsa_generate_additional_parameters(k->rsa); |
| break; |
break; |
| default: |
default: |
| buffer_clear(&e->input); |
buffer_clear(&e->request); |
| goto send; |
goto send; |
| } |
} |
| break; |
break; |
| } |
} |
| comment = buffer_get_string(&e->input, NULL); |
comment = buffer_get_string(&e->request, NULL); |
| if (k == NULL) { |
if (k == NULL) { |
| xfree(comment); |
xfree(comment); |
| goto send; |
goto send; |
|
|
| char *sc_reader_id = NULL, *pin; |
char *sc_reader_id = NULL, *pin; |
| int i, version, success = 0; |
int i, version, success = 0; |
| |
|
| sc_reader_id = buffer_get_string(&e->input, NULL); |
sc_reader_id = buffer_get_string(&e->request, NULL); |
| pin = buffer_get_string(&e->input, NULL); |
pin = buffer_get_string(&e->request, NULL); |
| keys = sc_get_keys(sc_reader_id, pin); |
keys = sc_get_keys(sc_reader_id, pin); |
| xfree(sc_reader_id); |
xfree(sc_reader_id); |
| xfree(pin); |
xfree(pin); |
|
|
| char *sc_reader_id = NULL, *pin; |
char *sc_reader_id = NULL, *pin; |
| int i, version, success = 0; |
int i, version, success = 0; |
| |
|
| sc_reader_id = buffer_get_string(&e->input, NULL); |
sc_reader_id = buffer_get_string(&e->request, NULL); |
| pin = buffer_get_string(&e->input, NULL); |
pin = buffer_get_string(&e->request, NULL); |
| keys = sc_get_keys(sc_reader_id, pin); |
keys = sc_get_keys(sc_reader_id, pin); |
| xfree(sc_reader_id); |
xfree(sc_reader_id); |
| xfree(pin); |
xfree(pin); |
|
|
| shutdown(e->fd, SHUT_RDWR); |
shutdown(e->fd, SHUT_RDWR); |
| close(e->fd); |
close(e->fd); |
| e->type = AUTH_UNUSED; |
e->type = AUTH_UNUSED; |
| |
buffer_free(&e->input); |
| |
buffer_free(&e->output); |
| |
buffer_free(&e->request); |
| return; |
return; |
| } |
} |
| if (buffer_len(&e->input) < msg_len + 4) |
if (buffer_len(&e->input) < msg_len + 4) |
| return; |
return; |
| |
|
| |
/* move the current input to e->request */ |
| buffer_consume(&e->input, 4); |
buffer_consume(&e->input, 4); |
| type = buffer_get_char(&e->input); |
buffer_clear(&e->request); |
| |
buffer_append(&e->request, buffer_ptr(&e->input), msg_len); |
| |
buffer_consume(&e->input, msg_len); |
| |
type = buffer_get_char(&e->request); |
| |
|
| debug("type %d", type); |
debug("type %d", type); |
| switch (type) { |
switch (type) { |
|
|
| default: |
default: |
| /* Unknown message. Respond with failure. */ |
/* Unknown message. Respond with failure. */ |
| error("Unknown message %d", type); |
error("Unknown message %d", type); |
| buffer_clear(&e->input); |
buffer_clear(&e->request); |
| buffer_put_int(&e->output, 1); |
buffer_put_int(&e->output, 1); |
| buffer_put_char(&e->output, SSH_AGENT_FAILURE); |
buffer_put_char(&e->output, SSH_AGENT_FAILURE); |
| break; |
break; |
|
|
| sockets[i].type = type; |
sockets[i].type = type; |
| buffer_init(&sockets[i].input); |
buffer_init(&sockets[i].input); |
| buffer_init(&sockets[i].output); |
buffer_init(&sockets[i].output); |
| |
buffer_init(&sockets[i].request); |
| return; |
return; |
| } |
} |
| old_alloc = sockets_alloc; |
old_alloc = sockets_alloc; |
|
|
| sockets[old_alloc].fd = fd; |
sockets[old_alloc].fd = fd; |
| buffer_init(&sockets[old_alloc].input); |
buffer_init(&sockets[old_alloc].input); |
| buffer_init(&sockets[old_alloc].output); |
buffer_init(&sockets[old_alloc].output); |
| |
buffer_init(&sockets[old_alloc].request); |
| } |
} |
| |
|
| static int |
static int |
|
|
| sockets[i].type = AUTH_UNUSED; |
sockets[i].type = AUTH_UNUSED; |
| buffer_free(&sockets[i].input); |
buffer_free(&sockets[i].input); |
| buffer_free(&sockets[i].output); |
buffer_free(&sockets[i].output); |
| |
buffer_free(&sockets[i].request); |
| break; |
break; |
| } |
} |
| buffer_consume(&sockets[i].output, len); |
buffer_consume(&sockets[i].output, len); |
|
|
| sockets[i].type = AUTH_UNUSED; |
sockets[i].type = AUTH_UNUSED; |
| buffer_free(&sockets[i].input); |
buffer_free(&sockets[i].input); |
| buffer_free(&sockets[i].output); |
buffer_free(&sockets[i].output); |
| |
buffer_free(&sockets[i].request); |
| break; |
break; |
| } |
} |
| buffer_append(&sockets[i].input, buf, len); |
buffer_append(&sockets[i].input, buf, len); |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-agent.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh