version 1.1, 2002/05/23 19:24:30 |
version 1.2, 2002/05/31 10:30:33 |
|
|
#include "bufaux.h" |
#include "bufaux.h" |
#include "authfile.h" |
#include "authfile.h" |
#include "msg.h" |
#include "msg.h" |
|
#include "canohost.h" |
#include "pathnames.h" |
#include "pathnames.h" |
|
|
static int |
static int |
valid_request(struct passwd *pw, Key **ret, u_char *data, u_int datalen) |
valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, |
|
u_int datalen) |
{ |
{ |
Buffer b; |
Buffer b; |
Key *key; |
Key *key; |
u_char *p, *pkblob; |
u_char *pkblob; |
u_int blen; |
u_int blen, len; |
char *pkalg; |
char *pkalg, *p; |
int pktype, fail; |
int pktype, fail; |
|
|
fail = 0; |
fail = 0; |
|
|
xfree(pkalg); |
xfree(pkalg); |
xfree(pkblob); |
xfree(pkblob); |
|
|
/* chost */ |
/* client host name, handle trailing dot */ |
buffer_skip_string(&b); |
p = buffer_get_string(&b, &len); |
|
debug2("valid_request: check expect chost %s got %s", host, p); |
|
if (strlen(host) != len - 1) |
|
fail++; |
|
else if (p[len - 1] != '.') |
|
fail++; |
|
else if (strncasecmp(host, p, len - 1) != 0) |
|
fail++; |
|
xfree(p); |
|
|
/* local user */ |
/* local user */ |
p = buffer_get_string(&b, NULL); |
p = buffer_get_string(&b, NULL); |
|
|
if (strcmp(pw->pw_name, p) != 0) |
if (strcmp(pw->pw_name, p) != 0) |
fail++; |
fail++; |
xfree(p); |
xfree(p); |
|
|
Buffer b; |
Buffer b; |
Key *keys[2], *key; |
Key *keys[2], *key; |
struct passwd *pw; |
struct passwd *pw; |
int key_fd[2], i, found, version = 1; |
int key_fd[2], i, found, version = 2, fd; |
u_char *signature, *data; |
u_char *signature, *data; |
|
char *host; |
u_int slen, dlen; |
u_int slen, dlen; |
|
|
key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); |
key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); |
|
|
fatal("msg_recv failed"); |
fatal("msg_recv failed"); |
if (buffer_get_char(&b) != version) |
if (buffer_get_char(&b) != version) |
fatal("bad version"); |
fatal("bad version"); |
|
fd = buffer_get_int(&b); |
|
if ((fd == STDIN_FILENO) || (fd == STDOUT_FILENO)) |
|
fatal("bad fd"); |
|
if ((host = get_local_name(fd)) == NULL) |
|
fatal("cannot get sockname for fd"); |
|
|
data = buffer_get_string(&b, &dlen); |
data = buffer_get_string(&b, &dlen); |
if (valid_request(pw, &key, data, dlen) < 0) |
if (valid_request(pw, host, &key, data, dlen) < 0) |
fatal("not a valid request"); |
fatal("not a valid request"); |
xfree(data); |
xfree(data); |
|
xfree(host); |
|
|
found = 0; |
found = 0; |
for (i = 0; i < 2; i++) { |
for (i = 0; i < 2; i++) { |