| version 1.49, 2015/07/03 03:56:25 |
version 1.50, 2015/11/29 22:18:37 |
|
|
| #include <stdlib.h> |
#include <stdlib.h> |
| #include <string.h> |
#include <string.h> |
| #include <unistd.h> |
#include <unistd.h> |
| |
#include <errno.h> |
| |
|
| #include "xmalloc.h" |
#include "xmalloc.h" |
| #include "log.h" |
#include "log.h" |
|
|
| #include "sshkey.h" |
#include "sshkey.h" |
| #include "ssherr.h" |
#include "ssherr.h" |
| |
|
| |
extern char *__progname; |
| |
|
| /* XXX readconf.c needs these */ |
/* XXX readconf.c needs these */ |
| uid_t original_real_uid; |
uid_t original_real_uid; |
| |
|
|
|
| char *host, *fp; |
char *host, *fp; |
| size_t slen, dlen; |
size_t slen, dlen; |
| |
|
| |
if (pledge("stdio rpath getpw dns id", NULL) != 0) |
| |
fatal("%s: pledge: %s", __progname, strerror(errno)); |
| |
|
| /* Ensure that stdin and stdout are connected */ |
/* Ensure that stdin and stdout are connected */ |
| if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2) |
if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2) |
| exit(1); |
exit(1); |
|
|
| if (!found) |
if (!found) |
| fatal("no hostkey found"); |
fatal("no hostkey found"); |
| |
|
| |
if (pledge("stdio dns", NULL) != 0) |
| |
fatal("%s: pledge: %s", __progname, strerror(errno)); |
| |
|
| if ((b = sshbuf_new()) == NULL) |
if ((b = sshbuf_new()) == NULL) |
| fatal("%s: sshbuf_new failed", __func__); |
fatal("%s: sshbuf_new failed", __progname); |
| if (ssh_msg_recv(STDIN_FILENO, b) < 0) |
if (ssh_msg_recv(STDIN_FILENO, b) < 0) |
| fatal("ssh_msg_recv failed"); |
fatal("ssh_msg_recv failed"); |
| if ((r = sshbuf_get_u8(b, &rver)) != 0) |
if ((r = sshbuf_get_u8(b, &rver)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
| if (rver != version) |
if (rver != version) |
| fatal("bad version: received %d, expected %d", rver, version); |
fatal("bad version: received %d, expected %d", rver, version); |
| if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0) |
if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
| if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO) |
if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO) |
| fatal("bad fd"); |
fatal("bad fd"); |
| if ((host = get_local_name(fd)) == NULL) |
if ((host = get_local_name(fd)) == NULL) |
| fatal("cannot get local name for fd"); |
fatal("cannot get local name for fd"); |
| |
|
| if ((r = sshbuf_get_string(b, &data, &dlen)) != 0) |
if ((r = sshbuf_get_string(b, &data, &dlen)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
| if (valid_request(pw, host, &key, data, dlen) < 0) |
if (valid_request(pw, host, &key, data, dlen) < 0) |
| fatal("not a valid request"); |
fatal("not a valid request"); |
| free(host); |
free(host); |
|
|
| if (!found) { |
if (!found) { |
| if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, |
if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, |
| SSH_FP_DEFAULT)) == NULL) |
SSH_FP_DEFAULT)) == NULL) |
| fatal("%s: sshkey_fingerprint failed", __func__); |
fatal("%s: sshkey_fingerprint failed", __progname); |
| fatal("no matching hostkey found for key %s %s", |
fatal("no matching hostkey found for key %s %s", |
| sshkey_type(key), fp ? fp : ""); |
sshkey_type(key), fp ? fp : ""); |
| } |
} |
|
|
| /* send reply */ |
/* send reply */ |
| sshbuf_reset(b); |
sshbuf_reset(b); |
| if ((r = sshbuf_put_string(b, signature, slen)) != 0) |
if ((r = sshbuf_put_string(b, signature, slen)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
| if (ssh_msg_send(STDOUT_FILENO, version, b) == -1) |
if (ssh_msg_send(STDOUT_FILENO, version, b) == -1) |
| fatal("ssh_msg_send failed"); |
fatal("ssh_msg_send failed"); |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keysign.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh