| version 1.64, 2020/08/27 01:06:18 |
version 1.65, 2020/10/18 11:32:02 |
|
|
| fail = 0; |
fail = 0; |
| |
|
| if ((b = sshbuf_from(data, datalen)) == NULL) |
if ((b = sshbuf_from(data, datalen)) == NULL) |
| fatal("%s: sshbuf_from failed", __func__); |
fatal_f("sshbuf_from failed"); |
| |
|
| /* session id, currently limited to SHA1 (20 bytes) or SHA256 (32) */ |
/* session id, currently limited to SHA1 (20 bytes) or SHA256 (32) */ |
| if ((r = sshbuf_get_string(b, NULL, &len)) != 0) |
if ((r = sshbuf_get_string(b, NULL, &len)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal_fr(r, "parse session ID"); |
| if (len != 20 && len != 32) |
if (len != 20 && len != 32) |
| fail++; |
fail++; |
| |
|
| if ((r = sshbuf_get_u8(b, &type)) != 0) |
if ((r = sshbuf_get_u8(b, &type)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal_fr(r, "parse type"); |
| if (type != SSH2_MSG_USERAUTH_REQUEST) |
if (type != SSH2_MSG_USERAUTH_REQUEST) |
| fail++; |
fail++; |
| |
|
| /* server user */ |
/* server user */ |
| if ((r = sshbuf_skip_string(b)) != 0) |
if ((r = sshbuf_skip_string(b)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal_fr(r, "parse user"); |
| |
|
| /* service */ |
/* service */ |
| if ((r = sshbuf_get_cstring(b, &p, NULL)) != 0) |
if ((r = sshbuf_get_cstring(b, &p, NULL)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal_fr(r, "parse service"); |
| if (strcmp("ssh-connection", p) != 0) |
if (strcmp("ssh-connection", p) != 0) |
| fail++; |
fail++; |
| free(p); |
free(p); |
| |
|
| /* method */ |
/* method */ |
| if ((r = sshbuf_get_cstring(b, &p, NULL)) != 0) |
if ((r = sshbuf_get_cstring(b, &p, NULL)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal_fr(r, "parse method"); |
| if (strcmp("hostbased", p) != 0) |
if (strcmp("hostbased", p) != 0) |
| fail++; |
fail++; |
| free(p); |
free(p); |
|
|
| /* pubkey */ |
/* pubkey */ |
| if ((r = sshbuf_get_cstring(b, &pkalg, NULL)) != 0 || |
if ((r = sshbuf_get_cstring(b, &pkalg, NULL)) != 0 || |
| (r = sshbuf_get_string(b, &pkblob, &blen)) != 0) |
(r = sshbuf_get_string(b, &pkblob, &blen)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal_fr(r, "parse pk"); |
| |
|
| pktype = sshkey_type_from_name(pkalg); |
pktype = sshkey_type_from_name(pkalg); |
| if (pktype == KEY_UNSPEC) |
if (pktype == KEY_UNSPEC) |
| fail++; |
fail++; |
| else if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { |
else if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { |
| error("%s: bad key blob: %s", __func__, ssh_err(r)); |
error_fr(r, "decode key"); |
| fail++; |
fail++; |
| } else if (key->type != pktype) |
} else if (key->type != pktype) |
| fail++; |
fail++; |
|
|
| |
|
| /* client host name, handle trailing dot */ |
/* client host name, handle trailing dot */ |
| if ((r = sshbuf_get_cstring(b, &p, &len)) != 0) |
if ((r = sshbuf_get_cstring(b, &p, &len)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal_fr(r, "parse hostname"); |
| debug2("%s: check expect chost %s got %s", __func__, host, p); |
debug2_f("check expect chost %s got %s", host, p); |
| if (strlen(host) != len - 1) |
if (strlen(host) != len - 1) |
| fail++; |
fail++; |
| else if (p[len - 1] != '.') |
else if (p[len - 1] != '.') |
|
|
| |
|
| /* local user */ |
/* local user */ |
| if ((r = sshbuf_get_cstring(b, &luser, NULL)) != 0) |
if ((r = sshbuf_get_cstring(b, &luser, NULL)) != 0) |
| fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
fatal_fr(r, "parse luser"); |
| |
|
| if (strcmp(pw->pw_name, luser) != 0) |
if (strcmp(pw->pw_name, luser) != 0) |
| fail++; |
fail++; |
|
|
| fail++; |
fail++; |
| sshbuf_free(b); |
sshbuf_free(b); |
| |
|
| debug3("%s: fail %d", __func__, fail); |
debug3_f("fail %d", fail); |
| |
|
| if (fail) |
if (fail) |
| sshkey_free(key); |
sshkey_free(key); |
|
|
| NULL, &key, NULL); |
NULL, &key, NULL); |
| close(key_fd[i]); |
close(key_fd[i]); |
| if (r != 0) |
if (r != 0) |
| debug("parse key %d: %s", i, ssh_err(r)); |
debug_r(r, "parse key %d", i); |
| else if (key != NULL) { |
else if (key != NULL) { |
| keys[i] = key; |
keys[i] = key; |
| found = 1; |
found = 1; |
|
|
| if ((b = sshbuf_new()) == NULL) |
if ((b = sshbuf_new()) == NULL) |
| fatal("%s: sshbuf_new failed", __progname); |
fatal("%s: sshbuf_new failed", __progname); |
| if (ssh_msg_recv(STDIN_FILENO, b) < 0) |
if (ssh_msg_recv(STDIN_FILENO, b) < 0) |
| fatal("ssh_msg_recv failed"); |
fatal("%s: ssh_msg_recv failed", __progname); |
| if ((r = sshbuf_get_u8(b, &rver)) != 0) |
if ((r = sshbuf_get_u8(b, &rver)) != 0) |
| fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
fatal_r(r, "%s: buffer error", __progname); |
| if (rver != version) |
if (rver != version) |
| fatal("bad version: received %d, expected %d", rver, version); |
fatal("%s: bad version: received %d, expected %d", |
| |
__progname, rver, version); |
| if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0) |
if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0) |
| fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
fatal_r(r, "%s: buffer error", __progname); |
| if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO) |
if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO) |
| fatal("bad fd = %d", fd); |
fatal("%s: bad fd = %d", __progname, fd); |
| if ((host = get_local_name(fd)) == NULL) |
if ((host = get_local_name(fd)) == NULL) |
| fatal("cannot get local name for fd"); |
fatal("%s: cannot get local name for fd", __progname); |
| |
|
| if ((r = sshbuf_get_string(b, &data, &dlen)) != 0) |
if ((r = sshbuf_get_string(b, &data, &dlen)) != 0) |
| fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
fatal_r(r, "%s: buffer error", __progname); |
| if (valid_request(pw, host, &key, data, dlen) < 0) |
if (valid_request(pw, host, &key, data, dlen) < 0) |
| fatal("not a valid request"); |
fatal("%s: not a valid request", __progname); |
| free(host); |
free(host); |
| |
|
| found = 0; |
found = 0; |
|
|
| if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, |
if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, |
| SSH_FP_DEFAULT)) == NULL) |
SSH_FP_DEFAULT)) == NULL) |
| fatal("%s: sshkey_fingerprint failed", __progname); |
fatal("%s: sshkey_fingerprint failed", __progname); |
| fatal("no matching hostkey found for key %s %s", |
fatal("%s: no matching hostkey found for key %s %s", __progname, |
| sshkey_type(key), fp ? fp : ""); |
sshkey_type(key), fp ? fp : ""); |
| } |
} |
| |
|
| if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, |
if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, |
| NULL, NULL, NULL, 0)) != 0) |
NULL, NULL, NULL, 0)) != 0) |
| fatal("sshkey_sign failed: %s", ssh_err(r)); |
fatal_r(r, "%s: sshkey_sign failed", __progname); |
| free(data); |
free(data); |
| |
|
| /* send reply */ |
/* send reply */ |
| sshbuf_reset(b); |
sshbuf_reset(b); |
| if ((r = sshbuf_put_string(b, signature, slen)) != 0) |
if ((r = sshbuf_put_string(b, signature, slen)) != 0) |
| fatal("%s: buffer error: %s", __progname, ssh_err(r)); |
fatal_r(r, "%s: buffer error", __progname); |
| if (ssh_msg_send(STDOUT_FILENO, version, b) == -1) |
if (ssh_msg_send(STDOUT_FILENO, version, b) == -1) |
| fatal("ssh_msg_send failed"); |
fatal("%s: ssh_msg_send failed", __progname); |
| |
|
| return (0); |
return (0); |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keysign.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh