version 1.190, 2012/12/02 20:26:11 |
version 1.191, 2013/02/15 00:21:01 |
|
|
char *filename; /* comment for agent-only keys */ |
char *filename; /* comment for agent-only keys */ |
int tried; |
int tried; |
int isprivate; /* key points to the private key */ |
int isprivate; /* key points to the private key */ |
|
int userprovided; |
}; |
}; |
TAILQ_HEAD(idlist, identity); |
TAILQ_HEAD(idlist, identity); |
|
|
|
|
static int sign_and_send_pubkey(Authctxt *, Identity *); |
static int sign_and_send_pubkey(Authctxt *, Identity *); |
static void pubkey_prepare(Authctxt *); |
static void pubkey_prepare(Authctxt *); |
static void pubkey_cleanup(Authctxt *); |
static void pubkey_cleanup(Authctxt *); |
static Key *load_identity_file(char *); |
static Key *load_identity_file(char *, int); |
|
|
static Authmethod *authmethod_get(char *authlist); |
static Authmethod *authmethod_get(char *authlist); |
static Authmethod *authmethod_lookup(const char *name); |
static Authmethod *authmethod_lookup(const char *name); |
|
|
if (id->isprivate || (id->key->flags & KEY_FLAG_EXT)) |
if (id->isprivate || (id->key->flags & KEY_FLAG_EXT)) |
return (key_sign(id->key, sigp, lenp, data, datalen)); |
return (key_sign(id->key, sigp, lenp, data, datalen)); |
/* load the private key from the file */ |
/* load the private key from the file */ |
if ((prv = load_identity_file(id->filename)) == NULL) |
if ((prv = load_identity_file(id->filename, id->userprovided)) == NULL) |
return (-1); |
return (-1); |
ret = key_sign(prv, sigp, lenp, data, datalen); |
ret = key_sign(prv, sigp, lenp, data, datalen); |
key_free(prv); |
key_free(prv); |
|
|
} |
} |
|
|
static Key * |
static Key * |
load_identity_file(char *filename) |
load_identity_file(char *filename, int userprovided) |
{ |
{ |
Key *private; |
Key *private; |
char prompt[300], *passphrase; |
char prompt[300], *passphrase; |
|
|
struct stat st; |
struct stat st; |
|
|
if (stat(filename, &st) < 0) { |
if (stat(filename, &st) < 0) { |
debug3("no such identity: %s", filename); |
(userprovided ? logit : debug3)("no such identity: %s: %s", |
|
filename, strerror(errno)); |
return NULL; |
return NULL; |
} |
} |
private = key_load_private_type(KEY_UNSPEC, filename, "", NULL, &perm_ok); |
private = key_load_private_type(KEY_UNSPEC, filename, "", NULL, &perm_ok); |
|
|
id = xcalloc(1, sizeof(*id)); |
id = xcalloc(1, sizeof(*id)); |
id->key = key; |
id->key = key; |
id->filename = xstrdup(options.identity_files[i]); |
id->filename = xstrdup(options.identity_files[i]); |
|
id->userprovided = 1; |
TAILQ_INSERT_TAIL(&files, id, next); |
TAILQ_INSERT_TAIL(&files, id, next); |
} |
} |
/* Prefer PKCS11 keys that are explicitly listed */ |
/* Prefer PKCS11 keys that are explicitly listed */ |
|
|
TAILQ_INSERT_TAIL(preferred, id, next); |
TAILQ_INSERT_TAIL(preferred, id, next); |
} |
} |
TAILQ_FOREACH(id, preferred, next) { |
TAILQ_FOREACH(id, preferred, next) { |
debug2("key: %s (%p)", id->filename, id->key); |
debug2("key: %s (%p),%s", id->filename, id->key, |
|
id->userprovided ? " explicit" : ""); |
} |
} |
} |
} |
|
|
|
|
sent = send_pubkey_test(authctxt, id); |
sent = send_pubkey_test(authctxt, id); |
} else if (id->key == NULL) { |
} else if (id->key == NULL) { |
debug("Trying private key: %s", id->filename); |
debug("Trying private key: %s", id->filename); |
id->key = load_identity_file(id->filename); |
id->key = load_identity_file(id->filename, |
|
id->userprovided); |
if (id->key != NULL) { |
if (id->key != NULL) { |
id->isprivate = 1; |
id->isprivate = 1; |
sent = sign_and_send_pubkey(authctxt, id); |
sent = sign_and_send_pubkey(authctxt, id); |