| version 1.311, 2019/11/12 19:33:08 |
version 1.312, 2019/11/12 22:36:44 |
|
|
| #include "ssherr.h" |
#include "ssherr.h" |
| #include "utf8.h" |
#include "utf8.h" |
| #include "ssh-sk.h" |
#include "ssh-sk.h" |
| |
#include "sk-api.h" |
| |
|
| #ifdef GSSAPI |
#ifdef GSSAPI |
| #include "ssh-gss.h" |
#include "ssh-gss.h" |
|
|
| { |
{ |
| struct sshkey *sign_key = NULL, *prv = NULL; |
struct sshkey *sign_key = NULL, *prv = NULL; |
| int r = SSH_ERR_INTERNAL_ERROR; |
int r = SSH_ERR_INTERNAL_ERROR; |
| |
struct notifier_ctx *notifier = NULL; |
| |
char *fp = NULL; |
| |
|
| *sigp = NULL; |
*sigp = NULL; |
| *lenp = 0; |
*lenp = 0; |
|
|
| goto out; |
goto out; |
| } |
} |
| sign_key = prv; |
sign_key = prv; |
| |
if (sshkey_is_sk(sign_key) && |
| |
(sign_key->sk_flags & SSH_SK_USER_PRESENCE_REQD)) { |
| |
/* XXX match batch mode should just skip these keys? */ |
| |
if ((fp = sshkey_fingerprint(sign_key, |
| |
options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) |
| |
fatal("%s: sshkey_fingerprint", __func__); |
| |
notifier = notify_start(options.batch_mode, |
| |
"Confirm user presence for key %s %s", |
| |
sshkey_type(sign_key), fp); |
| |
free(fp); |
| |
} |
| } |
} |
| if ((r = sshkey_sign(sign_key, sigp, lenp, data, datalen, |
if ((r = sshkey_sign(sign_key, sigp, lenp, data, datalen, |
| alg, options.sk_provider, compat)) != 0) { |
alg, options.sk_provider, compat)) != 0) { |
| debug("%s: sshkey_sign: %s", __func__, ssh_err(r)); |
debug("%s: sshkey_sign: %s", __func__, ssh_err(r)); |
| goto out; |
goto out; |
| } |
} |
| |
notify_complete(notifier); |
| /* |
/* |
| * PKCS#11 tokens may not support all signature algorithms, |
* PKCS#11 tokens may not support all signature algorithms, |
| * so check what we get back. |
* so check what we get back. |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshconnect2.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh