src/usr.bin/ssh/ssh-pkcs11-helper.c - diff

Return to ssh-pkcs11-helper.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-pkcs11-helper.c between version 1.23 and 1.24

version 1.23, 2020/03/06 18:26:21

version 1.24, 2020/10/18 11:32:02

Line 102

int r;

if ((r = sshbuf_put_stringb(oqueue, m)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "enqueue");

}

static void

Line 117

char **labels = NULL;

if ((msg = sshbuf_new()) == NULL)

fatal("%s: sshbuf_new failed", __func__);

fatal_f("sshbuf_new failed");

if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 ||

(r = sshbuf_get_cstring(iqueue, &pin, NULL)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "parse");

if ((nkeys = pkcs11_add_provider(name, pin, &keys, &labels)) > 0) {

if ((r = sshbuf_put_u8(msg,

SSH2_AGENT_IDENTITIES_ANSWER)) != 0 ||

(r = sshbuf_put_u32(msg, nkeys)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "compose");

for (i = 0; i < nkeys; i++) {

if ((r = sshkey_to_blob(keys[i], &blob, &blen)) != 0) {

debug("%s: sshkey_to_blob: %s",

debug_fr(r, "encode key");

__func__, ssh_err(r));

continue;

}

if ((r = sshbuf_put_string(msg, blob, blen)) != 0 ||

(r = sshbuf_put_cstring(msg, labels[i])) != 0)

fatal("%s: buffer error: %s",

fatal_fr(r, "compose key");

__func__, ssh_err(r));

free(blob);

add_key(keys[i], name, labels[i]);

free(labels[i]);

}

} else {

} else if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0 ||

if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0)

(r = sshbuf_put_u32(msg, -nkeys)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "compose");

if ((r = sshbuf_put_u32(msg, -nkeys)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

}

free(labels);

free(keys); /* keys themselves are transferred to pkcs11_keylist */

free(pin);

Line 162

Line 157

int r;

if ((msg = sshbuf_new()) == NULL)

fatal("%s: sshbuf_new failed", __func__);

fatal_f("sshbuf_new failed");

if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 ||

(r = sshbuf_get_cstring(iqueue, &pin, NULL)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "parse");

del_keys_by_name(name);

if ((r = sshbuf_put_u8(msg, pkcs11_del_provider(name) == 0 ?

SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "compose");

free(pin);

free(name);

send_msg(msg);

Line 189

Line 184

if ((r = sshbuf_get_string(iqueue, &blob, &blen)) != 0 ||

(r = sshbuf_get_string(iqueue, &data, &dlen)) != 0 ||

(r = sshbuf_get_u32(iqueue, NULL)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "parse");

if ((r = sshkey_from_blob(blob, blen, &key)) != 0)

error("%s: sshkey_from_blob: %s", __func__, ssh_err(r));

fatal_fr(r, "decode key");

else {

if ((found = lookup_key(key)) != NULL) {

#ifdef WITH_OPENSSL

Line 217

Line 212

if (ret != 0)

ok = 0;

else

error("%s: ECDSA_sign"

error_f("ECDSA_sign returned %d", ret);

" returns %d", __func__, ret);

slen = xslen;

} else

error("%s: don't know how to sign with key "

error_f("don't know how to sign with key "

"type %d", __func__, (int)key->type);

"type %d", (int)key->type);

#endif /* WITH_OPENSSL */

}

sshkey_free(key);

}

if ((msg = sshbuf_new()) == NULL)

fatal("%s: sshbuf_new failed", __func__);

fatal_f("sshbuf_new failed");

if (ok == 0) {

if ((r = sshbuf_put_u8(msg, SSH2_AGENT_SIGN_RESPONSE)) != 0 ||

(r = sshbuf_put_string(msg, signature, slen)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "compose response");

} else {

if ((r = sshbuf_put_u8(msg, SSH2_AGENT_FAILURE)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "compose failure response");

}

free(data);

free(blob);

Line 267

Line 261

return;

if ((r = sshbuf_consume(iqueue, 4)) != 0 ||

(r = sshbuf_get_u8(iqueue, &type)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "parse type/len");

buf_len -= 4;

switch (type) {

case SSH_AGENTC_ADD_SMARTCARD_KEY:

Line 298

Line 292

}

if (msg_len > consumed) {

if ((r = sshbuf_consume(iqueue, msg_len - consumed)) != 0)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "consume");

}

Line 347

Line 341

out = STDOUT_FILENO;

if ((iqueue = sshbuf_new()) == NULL)

fatal("%s: sshbuf_new failed", __func__);

fatal_f("sshbuf_new failed");

if ((oqueue = sshbuf_new()) == NULL)

fatal("%s: sshbuf_new failed", __func__);

fatal_f("sshbuf_new failed");

while (1) {

memset(pfd, 0, sizeof(pfd));

Line 365

Line 359

(r = sshbuf_check_reserve(oqueue, MAX_MSG_LENGTH)) == 0)

pfd[0].events = POLLIN;

else if (r != SSH_ERR_NO_BUFFER_SPACE)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "reserve");

if (sshbuf_len(oqueue) > 0)

pfd[1].events = POLLOUT;

Line 385

Line 379

} else if (len < 0) {

error("read: %s", strerror(errno));

cleanup_exit(1);

} else if ((r = sshbuf_put(iqueue, buf, len)) != 0) {

} else if ((r = sshbuf_put(iqueue, buf, len)) != 0)

fatal("%s: buffer error: %s",

fatal_fr(r, "sshbuf_put");

__func__, ssh_err(r));

}

/* send oqueue to stdout */

if ((pfd[1].revents & (POLLOUT|POLLHUP)) != 0) {

Line 397

Line 389

if (len < 0) {

error("write: %s", strerror(errno));

cleanup_exit(1);

} else if ((r = sshbuf_consume(oqueue, len)) != 0) {

} else if ((r = sshbuf_consume(oqueue, len)) != 0)

fatal("%s: buffer error: %s",

fatal_fr(r, "consume");

__func__, ssh_err(r));

}

Line 411

Line 401

if ((r = sshbuf_check_reserve(oqueue, MAX_MSG_LENGTH)) == 0)

process();

else if (r != SSH_ERR_NO_BUFFER_SPACE)

fatal("%s: buffer error: %s", __func__, ssh_err(r));

fatal_fr(r, "reserve");

}