| version 1.284, 2018/08/13 02:41:05 |
version 1.285, 2018/09/14 04:17:12 |
|
|
| return 0; |
return 0; |
| } |
} |
| |
|
| |
/* |
| |
* Format an identity for logging including filename, key type, fingerprint |
| |
* and location (agent, etc.). Caller must free. |
| |
*/ |
| |
static char * |
| |
format_identity(Identity *id) |
| |
{ |
| |
char *fp, *ret = NULL; |
| |
|
| |
if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash, |
| |
SSH_FP_DEFAULT)) == NULL) |
| |
fatal("%s: sshkey_fingerprint failed", __func__); |
| |
xasprintf(&ret, "%s %s %s%s%s%s", |
| |
id->filename, sshkey_type(id->key), fp, |
| |
id->userprovided ? ", explicit" : "", |
| |
(id->key->flags & SSHKEY_FLAG_EXT) ? ", token" : "", |
| |
id->agent_fd != -1 ? ", agent" : ""); |
| |
free(fp); |
| |
return ret; |
| |
} |
| |
|
| /* ARGSUSED */ |
/* ARGSUSED */ |
| int |
int |
| input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) |
input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) |
|
|
| Authctxt *authctxt = ssh->authctxt; |
Authctxt *authctxt = ssh->authctxt; |
| struct sshkey *key = NULL; |
struct sshkey *key = NULL; |
| Identity *id = NULL; |
Identity *id = NULL; |
| int pktype, sent = 0; |
int pktype, found = 0, sent = 0; |
| size_t blen; |
size_t blen; |
| char *pkalg = NULL, *fp; |
char *pkalg = NULL, *fp = NULL, *ident = NULL; |
| u_char *pkblob = NULL; |
u_char *pkblob = NULL; |
| int r; |
int r; |
| |
|
|
|
| (r = sshpkt_get_end(ssh)) != 0) |
(r = sshpkt_get_end(ssh)) != 0) |
| goto done; |
goto done; |
| |
|
| debug("Server accepts key: pkalg %s blen %zu", pkalg, blen); |
|
| |
|
| if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) { |
if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) { |
| debug("unknown pkalg %s", pkalg); |
debug("%s: server sent unknown pkalg %s", __func__, pkalg); |
| goto done; |
goto done; |
| } |
} |
| if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { |
if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { |
|
|
| key->type, pktype); |
key->type, pktype); |
| goto done; |
goto done; |
| } |
} |
| if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, |
|
| SSH_FP_DEFAULT)) == NULL) |
|
| goto done; |
|
| debug2("input_userauth_pk_ok: fp %s", fp); |
|
| free(fp); |
|
| |
|
| /* |
/* |
| * search keys in the reverse order, because last candidate has been |
* search keys in the reverse order, because last candidate has been |
|
|
| */ |
*/ |
| TAILQ_FOREACH_REVERSE(id, &authctxt->keys, idlist, next) { |
TAILQ_FOREACH_REVERSE(id, &authctxt->keys, idlist, next) { |
| if (sshkey_equal(key, id->key)) { |
if (sshkey_equal(key, id->key)) { |
| sent = sign_and_send_pubkey(ssh, authctxt, id); |
found = 1; |
| break; |
break; |
| } |
} |
| } |
} |
| |
if (!found || id == NULL) { |
| |
fp = sshkey_fingerprint(key, options.fingerprint_hash, |
| |
SSH_FP_DEFAULT); |
| |
error("%s: server replied with unknown key: %s %s", __func__, |
| |
sshkey_type(key), fp == NULL ? "<ERROR>" : fp); |
| |
goto done; |
| |
} |
| |
ident = format_identity(id); |
| |
debug("Server accepts key: %s", ident); |
| |
sent = sign_and_send_pubkey(ssh, authctxt, id); |
| r = 0; |
r = 0; |
| done: |
done: |
| sshkey_free(key); |
sshkey_free(key); |
| |
free(ident); |
| |
free(fp); |
| free(pkalg); |
free(pkalg); |
| free(pkblob); |
free(pkblob); |
| |
|
|
|
| int agent_fd = -1, i, r, found; |
int agent_fd = -1, i, r, found; |
| size_t j; |
size_t j; |
| struct ssh_identitylist *idlist; |
struct ssh_identitylist *idlist; |
| |
char *ident; |
| |
|
| TAILQ_INIT(&agent); /* keys from the agent */ |
TAILQ_INIT(&agent); /* keys from the agent */ |
| TAILQ_INIT(&files); /* keys from the config file */ |
TAILQ_INIT(&files); /* keys from the config file */ |
|
|
| memset(id, 0, sizeof(*id)); |
memset(id, 0, sizeof(*id)); |
| continue; |
continue; |
| } |
} |
| debug2("key: %s (%p)%s%s", id->filename, id->key, |
ident = format_identity(id); |
| id->userprovided ? ", explicit" : "", |
debug("Will attempt key: %s", ident); |
| id->agent_fd != -1 ? ", agent" : ""); |
free(ident); |
| } |
} |
| |
debug2("%s: done", __func__); |
| } |
} |
| |
|
| static void |
static void |
|
|
| struct ssh *ssh = active_state; /* XXX */ |
struct ssh *ssh = active_state; /* XXX */ |
| Identity *id; |
Identity *id; |
| int sent = 0; |
int sent = 0; |
| char *fp; |
char *ident; |
| |
|
| while ((id = TAILQ_FIRST(&authctxt->keys))) { |
while ((id = TAILQ_FIRST(&authctxt->keys))) { |
| if (id->tried++) |
if (id->tried++) |
|
|
| */ |
*/ |
| if (id->key != NULL) { |
if (id->key != NULL) { |
| if (try_identity(id)) { |
if (try_identity(id)) { |
| if ((fp = sshkey_fingerprint(id->key, |
ident = format_identity(id); |
| options.fingerprint_hash, |
debug("Offering public key: %s", ident); |
| SSH_FP_DEFAULT)) == NULL) { |
free(ident); |
| error("%s: sshkey_fingerprint failed", |
|
| __func__); |
|
| return 0; |
|
| } |
|
| debug("Offering public key: %s %s %s", |
|
| sshkey_type(id->key), fp, id->filename); |
|
| free(fp); |
|
| sent = send_pubkey_test(ssh, authctxt, id); |
sent = send_pubkey_test(ssh, authctxt, id); |
| } |
} |
| } else { |
} else { |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshconnect2.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh