mirror of
https://github.com/PowerShell/Win32-OpenSSH.git
synced 2025-10-24 09:13:56 +02:00
5-14 C4
This commit is contained in:
parent
03c8d962d7
commit
ead199c2ff
@ -94,20 +94,6 @@ extern u_int session_id2_len;
|
|||||||
static int
|
static int
|
||||||
userauth_pubkey(Authctxt *authctxt)
|
userauth_pubkey(Authctxt *authctxt)
|
||||||
{
|
{
|
||||||
#ifdef WIN32_FIXME
|
|
||||||
|
|
||||||
int loginStat = 1;
|
|
||||||
|
|
||||||
char currentUser[MAX_PATH] = {0};
|
|
||||||
|
|
||||||
DWORD currentUserSize = sizeof(currentUser);
|
|
||||||
|
|
||||||
int targetIsCurrent = 0;
|
|
||||||
|
|
||||||
int doOpenSSHVerify = 0;
|
|
||||||
|
|
||||||
#endif
|
|
||||||
|
|
||||||
Buffer b;
|
Buffer b;
|
||||||
Key *key = NULL;
|
Key *key = NULL;
|
||||||
char *pkalg, *userstyle;
|
char *pkalg, *userstyle;
|
||||||
@ -203,9 +189,6 @@ userauth_pubkey(Authctxt *authctxt)
|
|||||||
|
|
||||||
/* test for correct signature */
|
/* test for correct signature */
|
||||||
authenticated = 0;
|
authenticated = 0;
|
||||||
/*
|
|
||||||
* On pure win32 try to logon using lsa first.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifdef WIN32_FIXME
|
#ifdef WIN32_FIXME
|
||||||
{
|
{
|
||||||
@ -234,13 +217,18 @@ userauth_pubkey(Authctxt *authctxt)
|
|||||||
OPEN_EXISTING, // opens existing pipe
|
OPEN_EXISTING, // opens existing pipe
|
||||||
FILE_FLAG_OVERLAPPED, // attributes
|
FILE_FLAG_OVERLAPPED, // attributes
|
||||||
NULL); // no template file
|
NULL); // no template file
|
||||||
if (h == INVALID_HANDLE_VALUE)
|
if (h == INVALID_HANDLE_VALUE) {
|
||||||
|
debug("cannot connect to auth agent");
|
||||||
break;
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
if (!GetNamedPipeServerProcessId(h, &pipe_server_pid) || (agent_pid != pipe_server_pid))
|
if (!GetNamedPipeServerProcessId(h, &pipe_server_pid) || (agent_pid != pipe_server_pid)) {
|
||||||
|
debug("auth agent pid mismatch");
|
||||||
break;
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
sock = w32_allocate_fd_for_handle(h, FALSE);
|
if ((sock = w32_allocate_fd_for_handle(h, FALSE)) < 0)
|
||||||
|
break;
|
||||||
msg = sshbuf_new();
|
msg = sshbuf_new();
|
||||||
if (!msg)
|
if (!msg)
|
||||||
break;
|
break;
|
||||||
@ -251,8 +239,10 @@ userauth_pubkey(Authctxt *authctxt)
|
|||||||
(r = sshbuf_put_string(msg, sig, slen)) != 0 ||
|
(r = sshbuf_put_string(msg, sig, slen)) != 0 ||
|
||||||
(r = sshbuf_put_string(msg, buffer_ptr(&b), buffer_len(&b))) != 0 ||
|
(r = sshbuf_put_string(msg, buffer_ptr(&b), buffer_len(&b))) != 0 ||
|
||||||
(r = ssh_request_reply(sock, msg, msg)) != 0 ||
|
(r = ssh_request_reply(sock, msg, msg)) != 0 ||
|
||||||
(r = sshbuf_get_u32(msg, &token)) != 0 )
|
(r = sshbuf_get_u32(msg, &token)) != 0) {
|
||||||
|
debug("auth agent did not authorize client %s", authctxt->pw->pw_name);
|
||||||
break;
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
61
authfd.c
61
authfd.c
@ -95,35 +95,42 @@ ssh_get_authentication_socket(int *fdp)
|
|||||||
*fdp = -1;
|
*fdp = -1;
|
||||||
|
|
||||||
#ifdef WIN32_FIXME
|
#ifdef WIN32_FIXME
|
||||||
|
{
|
||||||
#define SSH_AGENT_ROOT "SOFTWARE\\SSH\\Agent"
|
#define SSH_AGENT_ROOT "SOFTWARE\\SSH\\Agent"
|
||||||
HKEY agent_root = 0;
|
HKEY agent_root = 0;
|
||||||
DWORD agent_pid = 0, tmp_size = 4, pipe_server_pid = 0xff;
|
DWORD agent_pid = 0, tmp_size = 4, pipe_server_pid = 0xff;
|
||||||
RegOpenKeyEx(HKEY_LOCAL_MACHINE, SSH_AGENT_ROOT, 0, KEY_QUERY_VALUE, &agent_root);
|
HANDLE h;
|
||||||
if (agent_root) {
|
RegOpenKeyEx(HKEY_LOCAL_MACHINE, SSH_AGENT_ROOT, 0, KEY_QUERY_VALUE, &agent_root);
|
||||||
RegQueryValueEx(agent_root, "ProcessId", 0, NULL, &agent_pid, &tmp_size);
|
if (agent_root) {
|
||||||
RegCloseKey(agent_root);
|
RegQueryValueEx(agent_root, "ProcessId", 0, NULL, &agent_pid, &tmp_size);
|
||||||
|
RegCloseKey(agent_root);
|
||||||
|
}
|
||||||
|
|
||||||
|
h = CreateFile(
|
||||||
|
"\\\\.\\pipe\\ssh-keyagent", // pipe name
|
||||||
|
GENERIC_READ | // read and write access
|
||||||
|
GENERIC_WRITE,
|
||||||
|
0, // no sharing
|
||||||
|
NULL, // default security attributes
|
||||||
|
OPEN_EXISTING, // opens existing pipe
|
||||||
|
FILE_FLAG_OVERLAPPED, // attributes
|
||||||
|
NULL); // no template file
|
||||||
|
if (h == INVALID_HANDLE_VALUE) {
|
||||||
|
return SSH_ERR_AGENT_NOT_PRESENT;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!GetNamedPipeServerProcessId(h, &pipe_server_pid) || (agent_pid != pipe_server_pid)) {
|
||||||
|
debug("agent pid mismatch");
|
||||||
|
CloseHandle(h);
|
||||||
|
return SSH_ERR_AGENT_COMMUNICATION;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((sock = w32_allocate_fd_for_handle(h, FALSE)) < 0) {
|
||||||
|
CloseHandle(h);
|
||||||
|
return SSH_ERR_SYSTEM_ERROR;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
HANDLE h = CreateFile(
|
|
||||||
"\\\\.\\pipe\\ssh-keyagent", // pipe name
|
|
||||||
GENERIC_READ | // read and write access
|
|
||||||
GENERIC_WRITE,
|
|
||||||
0, // no sharing
|
|
||||||
NULL, // default security attributes
|
|
||||||
OPEN_EXISTING, // opens existing pipe
|
|
||||||
FILE_FLAG_OVERLAPPED, // attributes
|
|
||||||
NULL); // no template file
|
|
||||||
if (h == INVALID_HANDLE_VALUE) {
|
|
||||||
return SSH_ERR_AGENT_NOT_PRESENT;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!GetNamedPipeServerProcessId(h, &pipe_server_pid) || (agent_pid != pipe_server_pid)) {
|
|
||||||
return SSH_ERR_AGENT_COMMUNICATION;
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
sock = w32_allocate_fd_for_handle(h, FALSE);
|
|
||||||
|
|
||||||
#else
|
#else
|
||||||
authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
|
authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
|
||||||
if (!authsocket)
|
if (!authsocket)
|
||||||
|
@ -42,21 +42,7 @@ process_add_request(struct sshbuf* request, struct sshbuf* response, struct agen
|
|||||||
|
|
||||||
|
|
||||||
int process_pubkeyagent_request(struct sshbuf* request, struct sshbuf* response, struct agent_connection* con) {
|
int process_pubkeyagent_request(struct sshbuf* request, struct sshbuf* response, struct agent_connection* con) {
|
||||||
int r = 0;
|
int r = -1;
|
||||||
const u_char *op;
|
|
||||||
size_t op_len;
|
|
||||||
|
|
||||||
if ((r = sshbuf_get_string_direct(request, &op, &op_len)) != 0)
|
|
||||||
goto done;
|
|
||||||
|
|
||||||
if (op_len > 10) {
|
|
||||||
r = EINVAL;
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ((op_len == 3) && (strncmp(op, PK_REQUEST_ADD, 3) == 0))
|
|
||||||
r = 0;
|
|
||||||
|
|
||||||
|
|
||||||
done:
|
done:
|
||||||
return r;
|
return r;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user