upstream commit
more simplification and removal of SSHv1-related code; ok djm@ Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
This commit is contained in:
parent
2e9c324b3a
commit
3e371bd212
46
authfd.c
46
authfd.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: authfd.c,v 1.102 2017/05/04 06:10:57 djm Exp $ */
|
||||
/* $OpenBSD: authfd.c,v 1.103 2017/05/05 10:42:49 naddy Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -227,35 +227,21 @@ deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp)
|
|||
* Fetch list of identities held by the agent.
|
||||
*/
|
||||
int
|
||||
ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
|
||||
ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp)
|
||||
{
|
||||
u_char type, code1 = 0, code2 = 0;
|
||||
u_char type;
|
||||
u_int32_t num, i;
|
||||
struct sshbuf *msg;
|
||||
struct ssh_identitylist *idl = NULL;
|
||||
int r;
|
||||
|
||||
/* Determine request and expected response types */
|
||||
switch (version) {
|
||||
case 1:
|
||||
code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES;
|
||||
code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER;
|
||||
break;
|
||||
case 2:
|
||||
code1 = SSH2_AGENTC_REQUEST_IDENTITIES;
|
||||
code2 = SSH2_AGENT_IDENTITIES_ANSWER;
|
||||
break;
|
||||
default:
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
}
|
||||
|
||||
/*
|
||||
* Send a message to the agent requesting for a list of the
|
||||
* identities it can represent.
|
||||
*/
|
||||
if ((msg = sshbuf_new()) == NULL)
|
||||
return SSH_ERR_ALLOC_FAIL;
|
||||
if ((r = sshbuf_put_u8(msg, code1)) != 0)
|
||||
if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_REQUEST_IDENTITIES)) != 0)
|
||||
goto out;
|
||||
|
||||
if ((r = ssh_request_reply(sock, msg, msg)) != 0)
|
||||
|
@ -267,7 +253,7 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
|
|||
if (agent_failed(type)) {
|
||||
r = SSH_ERR_AGENT_FAILURE;
|
||||
goto out;
|
||||
} else if (type != code2) {
|
||||
} else if (type != SSH2_AGENT_IDENTITIES_ANSWER) {
|
||||
r = SSH_ERR_INVALID_FORMAT;
|
||||
goto out;
|
||||
}
|
||||
|
@ -292,20 +278,14 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
|
|||
goto out;
|
||||
}
|
||||
for (i = 0; i < num;) {
|
||||
switch (version) {
|
||||
case 1:
|
||||
break;
|
||||
case 2:
|
||||
if ((r = deserialise_identity2(msg,
|
||||
&(idl->keys[i]), &(idl->comments[i]))) != 0) {
|
||||
if (r == SSH_ERR_KEY_TYPE_UNKNOWN) {
|
||||
/* Gracefully skip unknown key types */
|
||||
num--;
|
||||
continue;
|
||||
} else
|
||||
goto out;
|
||||
}
|
||||
break;
|
||||
if ((r = deserialise_identity2(msg, &(idl->keys[i]),
|
||||
&(idl->comments[i]))) != 0) {
|
||||
if (r == SSH_ERR_KEY_TYPE_UNKNOWN) {
|
||||
/* Gracefully skip unknown key types */
|
||||
num--;
|
||||
continue;
|
||||
} else
|
||||
goto out;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
|
|
5
authfd.h
5
authfd.h
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: authfd.h,v 1.39 2015/12/04 16:41:28 markus Exp $ */
|
||||
/* $OpenBSD: authfd.h,v 1.40 2017/05/05 10:42:49 naddy Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
|
@ -27,8 +27,7 @@ int ssh_get_authentication_socket(int *fdp);
|
|||
void ssh_close_authentication_socket(int sock);
|
||||
|
||||
int ssh_lock_agent(int sock, int lock, const char *password);
|
||||
int ssh_fetch_identitylist(int sock, int version,
|
||||
struct ssh_identitylist **idlp);
|
||||
int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp);
|
||||
void ssh_free_identitylist(struct ssh_identitylist *idl);
|
||||
int ssh_add_identity_constrained(int sock, struct sshkey *key,
|
||||
const char *comment, u_int life, u_int confirm);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: pathnames.h,v 1.26 2017/05/03 21:08:09 naddy Exp $ */
|
||||
/* $OpenBSD: pathnames.h,v 1.27 2017/05/05 10:42:49 naddy Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
|
@ -71,7 +71,6 @@
|
|||
* Name of the default file containing client-side authentication key. This
|
||||
* file should only be readable by the user him/herself.
|
||||
*/
|
||||
#define _PATH_SSH_CLIENT_IDENTITY _PATH_SSH_USER_DIR "/identity"
|
||||
#define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa"
|
||||
#define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa"
|
||||
#define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa"
|
||||
|
|
62
ssh-add.c
62
ssh-add.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ssh-add.c,v 1.130 2017/05/04 06:10:57 djm Exp $ */
|
||||
/* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -362,46 +362,36 @@ static int
|
|||
list_identities(int agent_fd, int do_fp)
|
||||
{
|
||||
char *fp;
|
||||
int r, had_identities = 0;
|
||||
int r;
|
||||
struct ssh_identitylist *idlist;
|
||||
size_t i;
|
||||
int version = 2;
|
||||
|
||||
for (; version <= 2; version++) {
|
||||
if ((r = ssh_fetch_identitylist(agent_fd, version,
|
||||
&idlist)) != 0) {
|
||||
if (r != SSH_ERR_AGENT_NO_IDENTITIES)
|
||||
fprintf(stderr, "error fetching identities for "
|
||||
"protocol %d: %s\n", version, ssh_err(r));
|
||||
continue;
|
||||
}
|
||||
for (i = 0; i < idlist->nkeys; i++) {
|
||||
had_identities = 1;
|
||||
if (do_fp) {
|
||||
fp = sshkey_fingerprint(idlist->keys[i],
|
||||
fingerprint_hash, SSH_FP_DEFAULT);
|
||||
printf("%u %s %s (%s)\n",
|
||||
sshkey_size(idlist->keys[i]),
|
||||
fp == NULL ? "(null)" : fp,
|
||||
idlist->comments[i],
|
||||
sshkey_type(idlist->keys[i]));
|
||||
free(fp);
|
||||
} else {
|
||||
if ((r = sshkey_write(idlist->keys[i],
|
||||
stdout)) != 0) {
|
||||
fprintf(stderr, "sshkey_write: %s\n",
|
||||
ssh_err(r));
|
||||
continue;
|
||||
}
|
||||
fprintf(stdout, " %s\n", idlist->comments[i]);
|
||||
}
|
||||
}
|
||||
ssh_free_identitylist(idlist);
|
||||
}
|
||||
if (!had_identities) {
|
||||
printf("The agent has no identities.\n");
|
||||
if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) {
|
||||
if (r != SSH_ERR_AGENT_NO_IDENTITIES)
|
||||
fprintf(stderr, "error fetching identities: %s\n",
|
||||
ssh_err(r));
|
||||
else
|
||||
printf("The agent has no identities.\n");
|
||||
return -1;
|
||||
}
|
||||
for (i = 0; i < idlist->nkeys; i++) {
|
||||
if (do_fp) {
|
||||
fp = sshkey_fingerprint(idlist->keys[i],
|
||||
fingerprint_hash, SSH_FP_DEFAULT);
|
||||
printf("%u %s %s (%s)\n", sshkey_size(idlist->keys[i]),
|
||||
fp == NULL ? "(null)" : fp, idlist->comments[i],
|
||||
sshkey_type(idlist->keys[i]));
|
||||
free(fp);
|
||||
} else {
|
||||
if ((r = sshkey_write(idlist->keys[i], stdout)) != 0) {
|
||||
fprintf(stderr, "sshkey_write: %s\n",
|
||||
ssh_err(r));
|
||||
continue;
|
||||
}
|
||||
fprintf(stdout, " %s\n", idlist->comments[i]);
|
||||
}
|
||||
}
|
||||
ssh_free_identitylist(idlist);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: sshconnect2.c,v 1.257 2017/04/30 23:18:44 djm Exp $ */
|
||||
/* $OpenBSD: sshconnect2.c,v 1.258 2017/05/05 10:42:49 naddy Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
* Copyright (c) 2008 Damien Miller. All rights reserved.
|
||||
|
@ -1345,7 +1345,7 @@ pubkey_prepare(Authctxt *authctxt)
|
|||
if (r != SSH_ERR_AGENT_NOT_PRESENT)
|
||||
debug("%s: ssh_get_authentication_socket: %s",
|
||||
__func__, ssh_err(r));
|
||||
} else if ((r = ssh_fetch_identitylist(agent_fd, 2, &idlist)) != 0) {
|
||||
} else if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) {
|
||||
if (r != SSH_ERR_AGENT_NO_IDENTITIES)
|
||||
debug("%s: ssh_fetch_identitylist: %s",
|
||||
__func__, ssh_err(r));
|
||||
|
|
Loading…
Reference in New Issue