version 1.16, 2000/07/16 08:27:22 |
version 1.17, 2000/08/19 21:34:44 |
|
|
#include "dsa.h" |
#include "dsa.h" |
#include "sshconnect.h" |
#include "sshconnect.h" |
#include "authfile.h" |
#include "authfile.h" |
|
#include "authfd.h" |
|
|
/* import */ |
/* import */ |
extern char *client_version_string; |
extern char *client_version_string; |
|
|
unsigned char **sigp, int *lenp, |
unsigned char **sigp, int *lenp, |
unsigned char *data, int datalen); |
unsigned char *data, int datalen); |
|
|
void |
int |
ssh2_sign_and_send_pubkey(Key *k, sign_fn *do_sign, |
ssh2_sign_and_send_pubkey(Key *k, sign_fn *do_sign, |
const char *server_user, const char *host, const char *service) |
const char *server_user, const char *host, const char *service) |
{ |
{ |
|
|
unsigned char *blob, *signature; |
unsigned char *blob, *signature; |
int bloblen, slen; |
int bloblen, slen; |
int skip = 0; |
int skip = 0; |
|
int ret = -1; |
|
|
dsa_make_key_blob(k, &blob, &bloblen); |
dsa_make_key_blob(k, &blob, &bloblen); |
|
|
|
|
buffer_put_string(&b, blob, bloblen); |
buffer_put_string(&b, blob, bloblen); |
|
|
/* generate signature */ |
/* generate signature */ |
do_sign(k, &signature, &slen, buffer_ptr(&b), buffer_len(&b)); |
ret = do_sign(k, &signature, &slen, buffer_ptr(&b), buffer_len(&b)); |
key_free(k); /* XXX */ |
if (ret == -1) { |
|
xfree(blob); |
|
buffer_free(&b); |
|
return 0; |
|
} |
#ifdef DEBUG_DSS |
#ifdef DEBUG_DSS |
buffer_dump(&b); |
buffer_dump(&b); |
#endif |
#endif |
|
|
/* send */ |
/* send */ |
packet_send(); |
packet_send(); |
packet_write_wait(); |
packet_write_wait(); |
|
|
|
return 1; |
} |
} |
|
|
int |
int |
|
|
const char *server_user, const char *host, const char *service) |
const char *server_user, const char *host, const char *service) |
{ |
{ |
Key *k; |
Key *k; |
|
int ret = 0; |
struct stat st; |
struct stat st; |
|
|
if (stat(filename, &st) != 0) { |
if (stat(filename, &st) != 0) { |
|
|
return 0; |
return 0; |
} |
} |
} |
} |
ssh2_sign_and_send_pubkey(k, dsa_sign, server_user, host, service); |
ret = ssh2_sign_and_send_pubkey(k, dsa_sign, server_user, host, service); |
return 1; |
key_free(k); |
|
return ret; |
} |
} |
|
|
|
int agent_sign( |
|
Key *key, |
|
unsigned char **sigp, int *lenp, |
|
unsigned char *data, int datalen) |
|
{ |
|
int ret = -1; |
|
AuthenticationConnection *ac = ssh_get_authentication_connection(); |
|
if (ac != NULL) { |
|
ret = ssh_agent_sign(ac, key, sigp, lenp, data, datalen); |
|
ssh_close_authentication_connection(ac); |
|
} |
|
return ret; |
|
} |
|
|
|
int |
|
ssh2_try_agent(AuthenticationConnection *ac, |
|
const char *server_user, const char *host, const char *service) |
|
{ |
|
static int called = 0; |
|
char *comment; |
|
Key *k; |
|
int ret; |
|
|
|
if (called == 0) { |
|
k = ssh_get_first_identity(ac, &comment, 2); |
|
called ++; |
|
} else { |
|
k = ssh_get_next_identity(ac, &comment, 2); |
|
} |
|
if (k == NULL) |
|
return 0; |
|
debug("trying DSA agent key %s", comment); |
|
xfree(comment); |
|
ret = ssh2_sign_and_send_pubkey(k, agent_sign, server_user, host, service); |
|
key_free(k); |
|
return ret; |
|
} |
|
|
void |
void |
ssh_userauth2(const char *server_user, char *host) |
ssh_userauth2(const char *server_user, char *host) |
{ |
{ |
|
AuthenticationConnection *ac = ssh_get_authentication_connection(); |
int type; |
int type; |
int plen; |
int plen; |
int sent; |
int sent; |
|
|
debug("partial success"); |
debug("partial success"); |
if (options.dsa_authentication && |
if (options.dsa_authentication && |
strstr(auths, "publickey") != NULL) { |
strstr(auths, "publickey") != NULL) { |
while (i < options.num_identity_files2) { |
if (ac != NULL) |
sent = ssh2_try_pubkey( |
sent = ssh2_try_agent(ac, |
options.identity_files2[i++], |
|
server_user, host, service); |
server_user, host, service); |
if (sent) |
if (!sent) { |
break; |
while (i < options.num_identity_files2) { |
|
sent = ssh2_try_pubkey( |
|
options.identity_files2[i++], |
|
server_user, host, service); |
|
if (sent) |
|
break; |
|
} |
} |
} |
} |
} |
if (!sent) { |
if (!sent) { |
|
|
fatal("Permission denied (%s).", auths); |
fatal("Permission denied (%s).", auths); |
xfree(auths); |
xfree(auths); |
} |
} |
|
if (ac != NULL) |
|
ssh_close_authentication_connection(ac); |
packet_done(); |
packet_done(); |
debug("ssh-userauth2 successfull"); |
debug("ssh-userauth2 successfull"); |
} |
} |