| version 1.351, 2021/07/23 05:24:02 |
version 1.352, 2021/12/19 22:08:48 |
|
|
| |
|
| static void pubkey_cleanup(struct ssh *); |
static void pubkey_cleanup(struct ssh *); |
| static int sign_and_send_pubkey(struct ssh *ssh, Identity *); |
static int sign_and_send_pubkey(struct ssh *ssh, Identity *); |
| static void pubkey_prepare(Authctxt *); |
static void pubkey_prepare(struct ssh *, Authctxt *); |
| static void pubkey_reset(Authctxt *); |
static void pubkey_reset(Authctxt *); |
| static struct sshkey *load_identity_file(Identity *); |
static struct sshkey *load_identity_file(Identity *); |
| |
|
|
|
| authctxt.mech_tried = 0; |
authctxt.mech_tried = 0; |
| #endif |
#endif |
| authctxt.agent_fd = -1; |
authctxt.agent_fd = -1; |
| pubkey_prepare(&authctxt); |
pubkey_prepare(ssh, &authctxt); |
| if (authctxt.method == NULL) { |
if (authctxt.method == NULL) { |
| fatal_f("internal error: cannot send userauth none request"); |
fatal_f("internal error: cannot send userauth none request"); |
| } |
} |
|
|
| return 0; |
return 0; |
| } |
} |
| |
|
| |
/* obtain a list of keys from the agent */ |
| |
static int |
| |
get_agent_identities(struct ssh *ssh, int *agent_fdp, |
| |
struct ssh_identitylist **idlistp) |
| |
{ |
| |
int r, agent_fd; |
| |
struct ssh_identitylist *idlist; |
| |
|
| |
if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) { |
| |
if (r != SSH_ERR_AGENT_NOT_PRESENT) |
| |
debug_fr(r, "ssh_get_authentication_socket"); |
| |
return r; |
| |
} |
| |
if ((r = ssh_agent_bind_hostkey(agent_fd, ssh->kex->initial_hostkey, |
| |
ssh->kex->session_id, ssh->kex->initial_sig, 0)) == 0) |
| |
debug_f("bound agent to hostkey"); |
| |
else |
| |
debug2_fr(r, "ssh_agent_bind_hostkey"); |
| |
|
| |
if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { |
| |
debug_fr(r, "ssh_fetch_identitylist"); |
| |
close(agent_fd); |
| |
return r; |
| |
} |
| |
/* success */ |
| |
*agent_fdp = agent_fd; |
| |
*idlistp = idlist; |
| |
debug_f("agent returned %zu keys", idlist->nkeys); |
| |
return 0; |
| |
} |
| |
|
| /* |
/* |
| * try keys in the following order: |
* try keys in the following order: |
| * 1. certificates listed in the config file |
* 1. certificates listed in the config file |
|
|
| * 5. keys that are only listed in the config file |
* 5. keys that are only listed in the config file |
| */ |
*/ |
| static void |
static void |
| pubkey_prepare(Authctxt *authctxt) |
pubkey_prepare(struct ssh *ssh, Authctxt *authctxt) |
| { |
{ |
| struct identity *id, *id2, *tmp; |
struct identity *id, *id2, *tmp; |
| struct idlist agent, files, *preferred; |
struct idlist agent, files, *preferred; |
|
|
| TAILQ_INSERT_TAIL(preferred, id, next); |
TAILQ_INSERT_TAIL(preferred, id, next); |
| } |
} |
| /* list of keys supported by the agent */ |
/* list of keys supported by the agent */ |
| if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) { |
if ((r = get_agent_identities(ssh, &agent_fd, &idlist)) == 0) { |
| if (r != SSH_ERR_AGENT_NOT_PRESENT) |
|
| debug_fr(r, "ssh_get_authentication_socket"); |
|
| } else if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { |
|
| if (r != SSH_ERR_AGENT_NO_IDENTITIES) |
|
| debug_fr(r, "ssh_fetch_identitylist"); |
|
| close(agent_fd); |
|
| } else { |
|
| for (j = 0; j < idlist->nkeys; j++) { |
for (j = 0; j < idlist->nkeys; j++) { |
| found = 0; |
found = 0; |
| TAILQ_FOREACH(id, &files, next) { |
TAILQ_FOREACH(id, &files, next) { |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshconnect2.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh