version 1.86, 2002/06/05 16:08:07 |
version 1.87, 2002/06/05 16:48:54 |
|
|
sock_type type; |
sock_type type; |
Buffer input; |
Buffer input; |
Buffer output; |
Buffer output; |
|
Buffer request; |
} SocketEntry; |
} SocketEntry; |
|
|
u_int sockets_alloc = 0; |
u_int sockets_alloc = 0; |
|
|
if ((challenge = BN_new()) == NULL) |
if ((challenge = BN_new()) == NULL) |
fatal("process_authentication_challenge1: BN_new failed"); |
fatal("process_authentication_challenge1: BN_new failed"); |
|
|
buffer_get_int(&e->input); /* ignored */ |
buffer_get_int(&e->request); /* ignored */ |
buffer_get_bignum(&e->input, key->rsa->e); |
buffer_get_bignum(&e->request, key->rsa->e); |
buffer_get_bignum(&e->input, key->rsa->n); |
buffer_get_bignum(&e->request, key->rsa->n); |
buffer_get_bignum(&e->input, challenge); |
buffer_get_bignum(&e->request, challenge); |
|
|
/* Only protocol 1.1 is supported */ |
/* Only protocol 1.1 is supported */ |
if (buffer_len(&e->input) == 0) |
if (buffer_len(&e->request) == 0) |
goto failure; |
goto failure; |
buffer_get(&e->input, session_id, 16); |
buffer_get(&e->request, session_id, 16); |
response_type = buffer_get_int(&e->input); |
response_type = buffer_get_int(&e->request); |
if (response_type != 1) |
if (response_type != 1) |
goto failure; |
goto failure; |
|
|
|
|
|
|
datafellows = 0; |
datafellows = 0; |
|
|
blob = buffer_get_string(&e->input, &blen); |
blob = buffer_get_string(&e->request, &blen); |
data = buffer_get_string(&e->input, &dlen); |
data = buffer_get_string(&e->request, &dlen); |
|
|
flags = buffer_get_int(&e->input); |
flags = buffer_get_int(&e->request); |
if (flags & SSH_AGENT_OLD_SIGNATURE) |
if (flags & SSH_AGENT_OLD_SIGNATURE) |
datafellows = SSH_BUG_SIGBLOB; |
datafellows = SSH_BUG_SIGBLOB; |
|
|
|
|
switch (version) { |
switch (version) { |
case 1: |
case 1: |
key = key_new(KEY_RSA1); |
key = key_new(KEY_RSA1); |
bits = buffer_get_int(&e->input); |
bits = buffer_get_int(&e->request); |
buffer_get_bignum(&e->input, key->rsa->e); |
buffer_get_bignum(&e->request, key->rsa->e); |
buffer_get_bignum(&e->input, key->rsa->n); |
buffer_get_bignum(&e->request, key->rsa->n); |
|
|
if (bits != key_size(key)) |
if (bits != key_size(key)) |
log("Warning: identity keysize mismatch: actual %d, announced %d", |
log("Warning: identity keysize mismatch: actual %d, announced %d", |
key_size(key), bits); |
key_size(key), bits); |
break; |
break; |
case 2: |
case 2: |
blob = buffer_get_string(&e->input, &blen); |
blob = buffer_get_string(&e->request, &blen); |
key = key_from_blob(blob, blen); |
key = key_from_blob(blob, blen); |
xfree(blob); |
xfree(blob); |
break; |
break; |
|
|
switch (version) { |
switch (version) { |
case 1: |
case 1: |
k = key_new_private(KEY_RSA1); |
k = key_new_private(KEY_RSA1); |
buffer_get_int(&e->input); /* ignored */ |
buffer_get_int(&e->request); /* ignored */ |
buffer_get_bignum(&e->input, k->rsa->n); |
buffer_get_bignum(&e->request, k->rsa->n); |
buffer_get_bignum(&e->input, k->rsa->e); |
buffer_get_bignum(&e->request, k->rsa->e); |
buffer_get_bignum(&e->input, k->rsa->d); |
buffer_get_bignum(&e->request, k->rsa->d); |
buffer_get_bignum(&e->input, k->rsa->iqmp); |
buffer_get_bignum(&e->request, k->rsa->iqmp); |
|
|
/* SSH and SSL have p and q swapped */ |
/* SSH and SSL have p and q swapped */ |
buffer_get_bignum(&e->input, k->rsa->q); /* p */ |
buffer_get_bignum(&e->request, k->rsa->q); /* p */ |
buffer_get_bignum(&e->input, k->rsa->p); /* q */ |
buffer_get_bignum(&e->request, k->rsa->p); /* q */ |
|
|
/* Generate additional parameters */ |
/* Generate additional parameters */ |
rsa_generate_additional_parameters(k->rsa); |
rsa_generate_additional_parameters(k->rsa); |
break; |
break; |
case 2: |
case 2: |
type_name = buffer_get_string(&e->input, NULL); |
type_name = buffer_get_string(&e->request, NULL); |
type = key_type_from_name(type_name); |
type = key_type_from_name(type_name); |
xfree(type_name); |
xfree(type_name); |
switch (type) { |
switch (type) { |
case KEY_DSA: |
case KEY_DSA: |
k = key_new_private(type); |
k = key_new_private(type); |
buffer_get_bignum2(&e->input, k->dsa->p); |
buffer_get_bignum2(&e->request, k->dsa->p); |
buffer_get_bignum2(&e->input, k->dsa->q); |
buffer_get_bignum2(&e->request, k->dsa->q); |
buffer_get_bignum2(&e->input, k->dsa->g); |
buffer_get_bignum2(&e->request, k->dsa->g); |
buffer_get_bignum2(&e->input, k->dsa->pub_key); |
buffer_get_bignum2(&e->request, k->dsa->pub_key); |
buffer_get_bignum2(&e->input, k->dsa->priv_key); |
buffer_get_bignum2(&e->request, k->dsa->priv_key); |
break; |
break; |
case KEY_RSA: |
case KEY_RSA: |
k = key_new_private(type); |
k = key_new_private(type); |
buffer_get_bignum2(&e->input, k->rsa->n); |
buffer_get_bignum2(&e->request, k->rsa->n); |
buffer_get_bignum2(&e->input, k->rsa->e); |
buffer_get_bignum2(&e->request, k->rsa->e); |
buffer_get_bignum2(&e->input, k->rsa->d); |
buffer_get_bignum2(&e->request, k->rsa->d); |
buffer_get_bignum2(&e->input, k->rsa->iqmp); |
buffer_get_bignum2(&e->request, k->rsa->iqmp); |
buffer_get_bignum2(&e->input, k->rsa->p); |
buffer_get_bignum2(&e->request, k->rsa->p); |
buffer_get_bignum2(&e->input, k->rsa->q); |
buffer_get_bignum2(&e->request, k->rsa->q); |
|
|
/* Generate additional parameters */ |
/* Generate additional parameters */ |
rsa_generate_additional_parameters(k->rsa); |
rsa_generate_additional_parameters(k->rsa); |
break; |
break; |
default: |
default: |
buffer_clear(&e->input); |
buffer_clear(&e->request); |
goto send; |
goto send; |
} |
} |
break; |
break; |
} |
} |
comment = buffer_get_string(&e->input, NULL); |
comment = buffer_get_string(&e->request, NULL); |
if (k == NULL) { |
if (k == NULL) { |
xfree(comment); |
xfree(comment); |
goto send; |
goto send; |
|
|
char *sc_reader_id = NULL, *pin; |
char *sc_reader_id = NULL, *pin; |
int i, version, success = 0; |
int i, version, success = 0; |
|
|
sc_reader_id = buffer_get_string(&e->input, NULL); |
sc_reader_id = buffer_get_string(&e->request, NULL); |
pin = buffer_get_string(&e->input, NULL); |
pin = buffer_get_string(&e->request, NULL); |
keys = sc_get_keys(sc_reader_id, pin); |
keys = sc_get_keys(sc_reader_id, pin); |
xfree(sc_reader_id); |
xfree(sc_reader_id); |
xfree(pin); |
xfree(pin); |
|
|
char *sc_reader_id = NULL, *pin; |
char *sc_reader_id = NULL, *pin; |
int i, version, success = 0; |
int i, version, success = 0; |
|
|
sc_reader_id = buffer_get_string(&e->input, NULL); |
sc_reader_id = buffer_get_string(&e->request, NULL); |
pin = buffer_get_string(&e->input, NULL); |
pin = buffer_get_string(&e->request, NULL); |
keys = sc_get_keys(sc_reader_id, pin); |
keys = sc_get_keys(sc_reader_id, pin); |
xfree(sc_reader_id); |
xfree(sc_reader_id); |
xfree(pin); |
xfree(pin); |
|
|
shutdown(e->fd, SHUT_RDWR); |
shutdown(e->fd, SHUT_RDWR); |
close(e->fd); |
close(e->fd); |
e->type = AUTH_UNUSED; |
e->type = AUTH_UNUSED; |
|
buffer_free(&e->input); |
|
buffer_free(&e->output); |
|
buffer_free(&e->request); |
return; |
return; |
} |
} |
if (buffer_len(&e->input) < msg_len + 4) |
if (buffer_len(&e->input) < msg_len + 4) |
return; |
return; |
|
|
|
/* move the current input to e->request */ |
buffer_consume(&e->input, 4); |
buffer_consume(&e->input, 4); |
type = buffer_get_char(&e->input); |
buffer_clear(&e->request); |
|
buffer_append(&e->request, buffer_ptr(&e->input), msg_len); |
|
buffer_consume(&e->input, msg_len); |
|
type = buffer_get_char(&e->request); |
|
|
debug("type %d", type); |
debug("type %d", type); |
switch (type) { |
switch (type) { |
|
|
default: |
default: |
/* Unknown message. Respond with failure. */ |
/* Unknown message. Respond with failure. */ |
error("Unknown message %d", type); |
error("Unknown message %d", type); |
buffer_clear(&e->input); |
buffer_clear(&e->request); |
buffer_put_int(&e->output, 1); |
buffer_put_int(&e->output, 1); |
buffer_put_char(&e->output, SSH_AGENT_FAILURE); |
buffer_put_char(&e->output, SSH_AGENT_FAILURE); |
break; |
break; |
|
|
sockets[i].type = type; |
sockets[i].type = type; |
buffer_init(&sockets[i].input); |
buffer_init(&sockets[i].input); |
buffer_init(&sockets[i].output); |
buffer_init(&sockets[i].output); |
|
buffer_init(&sockets[i].request); |
return; |
return; |
} |
} |
old_alloc = sockets_alloc; |
old_alloc = sockets_alloc; |
|
|
sockets[old_alloc].fd = fd; |
sockets[old_alloc].fd = fd; |
buffer_init(&sockets[old_alloc].input); |
buffer_init(&sockets[old_alloc].input); |
buffer_init(&sockets[old_alloc].output); |
buffer_init(&sockets[old_alloc].output); |
|
buffer_init(&sockets[old_alloc].request); |
} |
} |
|
|
static int |
static int |
|
|
sockets[i].type = AUTH_UNUSED; |
sockets[i].type = AUTH_UNUSED; |
buffer_free(&sockets[i].input); |
buffer_free(&sockets[i].input); |
buffer_free(&sockets[i].output); |
buffer_free(&sockets[i].output); |
|
buffer_free(&sockets[i].request); |
break; |
break; |
} |
} |
buffer_consume(&sockets[i].output, len); |
buffer_consume(&sockets[i].output, len); |
|
|
sockets[i].type = AUTH_UNUSED; |
sockets[i].type = AUTH_UNUSED; |
buffer_free(&sockets[i].input); |
buffer_free(&sockets[i].input); |
buffer_free(&sockets[i].output); |
buffer_free(&sockets[i].output); |
|
buffer_free(&sockets[i].request); |
break; |
break; |
} |
} |
buffer_append(&sockets[i].input, buf, len); |
buffer_append(&sockets[i].input, buf, len); |