tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-28 00:04:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

- OpenBSD CVS Sync

Browse Source 
- markus@cvs.openbsd.org 2001/03/12 22:02:02
     [key.c key.h ssh-add.c ssh-keygen.c sshconnect.c sshconnect2.c]
     remove old key_fingerprint interface, s/_ex//
This commit is contained in:
Ben Lindstrom 2001-03-13 04:57:58 +00:00
parent 9ae2bb6790
commit cfccef96a3
7 changed files with 39 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -1,3 +1,9 @@
20010313
- OpenBSD CVS Sync
- markus@cvs.openbsd.org 2001/03/12 22:02:02
[key.c key.h ssh-add.c ssh-keygen.c sshconnect.c sshconnect2.c]
remove old key_fingerprint interface, s/_ex//
20010312 20010312
- OpenBSD CVS Sync - OpenBSD CVS Sync
- markus@cvs.openbsd.org 2001/03/11 13:25:36 - markus@cvs.openbsd.org 2001/03/11 13:25:36
@ -4525,4 +4531,4 @@
- Wrote replacements for strlcpy and mkdtemp - Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1 - Released 1.0pre1
$Id: ChangeLog,v 1.950 2001/03/12 05:16:18 mouring Exp $ $Id: ChangeLog,v 1.951 2001/03/13 04:57:58 mouring Exp $

18
key.c
View File

@ -32,7 +32,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: key.c,v 1.21 2001/03/11 18:29:51 markus Exp $"); RCSID("$OpenBSD: key.c,v 1.22 2001/03/12 22:02:01 markus Exp $");
#include <openssl/evp.h> #include <openssl/evp.h>
@ -275,7 +275,7 @@ key_fingerprint_bubblebabble(u_char* dgst_raw, size_t dgst_raw_len)
} }
char* char*
key_fingerprint_ex(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
{ {
char *retval = NULL; char *retval = NULL;
u_char *dgst_raw; u_char *dgst_raw;
@ -283,7 +283,7 @@ key_fingerprint_ex(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
dgst_raw = key_fingerprint_raw(k, dgst_type, &dgst_raw_len); dgst_raw = key_fingerprint_raw(k, dgst_type, &dgst_raw_len);
if (!dgst_raw) if (!dgst_raw)
fatal("key_fingerprint_ex: null value returned from key_fingerprint_raw()"); fatal("key_fingerprint: null from key_fingerprint_raw()");
switch(dgst_rep) { switch(dgst_rep) {
case SSH_FP_HEX: case SSH_FP_HEX:
retval = key_fingerprint_hex(dgst_raw, dgst_raw_len); retval = key_fingerprint_hex(dgst_raw, dgst_raw_len);
@ -301,18 +301,6 @@ key_fingerprint_ex(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
return retval; return retval;
} }
char *
key_fingerprint(Key *k)
{
static char retval[(EVP_MAX_MD_SIZE + 1) * 3];
char *digest;
digest = key_fingerprint_ex(k, SSH_FP_MD5, SSH_FP_HEX);
strlcpy(retval, digest, sizeof(retval));
xfree(digest);
return retval;
}
/* /*
* Reads a multiple-precision integer in decimal from the buffer, and advances * Reads a multiple-precision integer in decimal from the buffer, and advances
* the pointer. The integer must already be initialized. This function is * the pointer. The integer must already be initialized. This function is

5
key.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: key.h,v 1.10 2001/03/11 15:03:16 jakob Exp $ */ /* $OpenBSD: key.h,v 1.11 2001/03/12 22:02:01 markus Exp $ */
/* /*
* Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -54,8 +54,7 @@ Key *key_new(int type);
Key *key_new_private(int type); Key *key_new_private(int type);
void key_free(Key *k); void key_free(Key *k);
int key_equal(Key *a, Key *b); int key_equal(Key *a, Key *b);
char *key_fingerprint_ex(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep); char *key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep);
char *key_fingerprint(Key *k);
char *key_type(Key *k); char *key_type(Key *k);
int key_write(Key *key, FILE *f); int key_write(Key *key, FILE *f);
int key_read(Key *key, char **cpp); int key_read(Key *key, char **cpp);

14
ssh-add.c
View File

@ -35,7 +35,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: ssh-add.c,v 1.29 2001/03/02 18:54:31 deraadt Exp $"); RCSID("$OpenBSD: ssh-add.c,v 1.30 2001/03/12 22:02:02 markus Exp $");
#include <openssl/evp.h> #include <openssl/evp.h>
@ -211,10 +211,10 @@ add_file(AuthenticationConnection *ac, const char *filename)
} }
void void
list_identities(AuthenticationConnection *ac, int fp) list_identities(AuthenticationConnection *ac, int do_fp)
{ {
Key *key; Key *key;
char *comment; char *comment, *fp;
int had_identities = 0; int had_identities = 0;
int version; int version;
@ -223,10 +223,12 @@ list_identities(AuthenticationConnection *ac, int fp)
key != NULL; key != NULL;
key = ssh_get_next_identity(ac, &comment, version)) { key = ssh_get_next_identity(ac, &comment, version)) {
had_identities = 1; had_identities = 1;
if (fp) { if (do_fp) {
fp = key_fingerprint(key, SSH_FP_MD5,
SSH_FP_HEX);
printf("%d %s %s (%s)\n", printf("%d %s %s (%s)\n",
key_size(key), key_fingerprint(key), key_size(key), fp, comment, key_type(key));
comment, key_type(key)); xfree(fp);
} else { } else {
if (!key_write(key, stdout)) if (!key_write(key, stdout))
fprintf(stderr, "key_write failed"); fprintf(stderr, "key_write failed");

10
ssh-keygen.c
View File

@ -12,7 +12,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: ssh-keygen.c,v 1.49 2001/03/11 22:33:24 markus Exp $"); RCSID("$OpenBSD: ssh-keygen.c,v 1.50 2001/03/12 22:02:02 markus Exp $");
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/pem.h> #include <openssl/pem.h>
@ -353,7 +353,7 @@ do_fingerprint(struct passwd *pw)
debug("try_load_public_key KEY_UNSPEC failed"); debug("try_load_public_key KEY_UNSPEC failed");
} }
if (success) { if (success) {
fp = key_fingerprint_ex(public, type, rep); fp = key_fingerprint(public, type, rep);
printf("%d %s %s\n", key_size(public), printf("%d %s %s\n", key_size(public),
fp, comment); fp, comment);
key_free(public); key_free(public);
@ -409,7 +409,7 @@ do_fingerprint(struct passwd *pw)
} }
} }
comment = *cp ? cp : comment; comment = *cp ? cp : comment;
fp = key_fingerprint_ex(public, type, rep); fp = key_fingerprint(public, type, rep);
printf("%d %s %s\n", key_size(public), fp, printf("%d %s %s\n", key_size(public), fp,
comment ? comment : "no comment"); comment ? comment : "no comment");
xfree(fp); xfree(fp);
@ -857,10 +857,12 @@ passphrase_again:
fclose(f); fclose(f);
if (!quiet) { if (!quiet) {
char *fp = key_fingerprint(public, SSH_FP_MD5, SSH_FP_HEX);
printf("Your public key has been saved in %s.\n", printf("Your public key has been saved in %s.\n",
identity_file); identity_file);
printf("The key fingerprint is:\n"); printf("The key fingerprint is:\n");
printf("%s %s\n", key_fingerprint(public), comment); printf("%s %s\n", fp, comment);
xfree(fp);
} }
key_free(public); key_free(public);

12
sshconnect.c
View File

@ -13,7 +13,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: sshconnect.c,v 1.99 2001/03/10 15:31:00 deraadt Exp $"); RCSID("$OpenBSD: sshconnect.c,v 1.100 2001/03/12 22:02:02 markus Exp $");
#include <openssl/bn.h> #include <openssl/bn.h>
@ -481,7 +481,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
Key *file_key; Key *file_key;
char *type = key_type(host_key); char *type = key_type(host_key);
char *ip = NULL; char *ip = NULL;
char hostline[1000], *hostp; char hostline[1000], *hostp, *fp;
HostStatus host_status; HostStatus host_status;
HostStatus ip_status; HostStatus ip_status;
int local = 0, host_ip_differ = 0; int local = 0, host_ip_differ = 0;
@ -612,11 +612,13 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
} else if (options.strict_host_key_checking == 2) { } else if (options.strict_host_key_checking == 2) {
/* The default */ /* The default */
char prompt[1024]; char prompt[1024];
fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
snprintf(prompt, sizeof(prompt), snprintf(prompt, sizeof(prompt),
"The authenticity of host '%.200s (%s)' can't be established.\n" "The authenticity of host '%.200s (%s)' can't be established.\n"
"%s key fingerprint is %s.\n" "%s key fingerprint is %s.\n"
"Are you sure you want to continue connecting (yes/no)? ", "Are you sure you want to continue connecting (yes/no)? ",
host, ip, type, key_fingerprint(host_key)); host, ip, type, fp);
xfree(fp);
if (!read_yes_or_no(prompt, -1)) if (!read_yes_or_no(prompt, -1))
fatal("Aborted by user!"); fatal("Aborted by user!");
} }
@ -655,6 +657,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
error("Offending key for IP in %s:%d", ip_file, ip_line); error("Offending key for IP in %s:%d", ip_file, ip_line);
} }
/* The host key has changed. */ /* The host key has changed. */
fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @"); error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @");
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
@ -662,11 +665,12 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
error("It is also possible that the %s host key has just been changed.", type); error("It is also possible that the %s host key has just been changed.", type);
error("The fingerprint for the %s key sent by the remote host is\n%s.", error("The fingerprint for the %s key sent by the remote host is\n%s.",
type, key_fingerprint(host_key)); type, fp);
error("Please contact your system administrator."); error("Please contact your system administrator.");
error("Add correct host key in %.100s to get rid of this message.", error("Add correct host key in %.100s to get rid of this message.",
user_hostfile); user_hostfile);
error("Offending key in %s:%d", host_file, host_line); error("Offending key in %s:%d", host_file, host_line);
xfree(fp);
/* /*
* If strict host key checking is in use, the user will have * If strict host key checking is in use, the user will have

9
sshconnect2.c
View File

@ -23,7 +23,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: sshconnect2.c,v 1.53 2001/03/10 17:51:04 markus Exp $"); RCSID("$OpenBSD: sshconnect2.c,v 1.54 2001/03/12 22:02:02 markus Exp $");
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/md5.h> #include <openssl/md5.h>
@ -660,7 +660,7 @@ input_userauth_pk_ok(int type, int plen, void *ctxt)
Key *key = NULL; Key *key = NULL;
Buffer b; Buffer b;
int alen, blen, pktype, sent = 0; int alen, blen, pktype, sent = 0;
char *pkalg, *pkblob; char *pkalg, *pkblob, *fp;
if (authctxt == NULL) if (authctxt == NULL)
fatal("input_userauth_pk_ok: no authentication context"); fatal("input_userauth_pk_ok: no authentication context");
@ -687,7 +687,6 @@ input_userauth_pk_ok(int type, int plen, void *ctxt)
debug("no last key or no sign cb"); debug("no last key or no sign cb");
break; break;
} }
debug2("last_key %s", key_fingerprint(authctxt->last_key));
if ((pktype = key_type_from_name(pkalg)) == KEY_UNSPEC) { if ((pktype = key_type_from_name(pkalg)) == KEY_UNSPEC) {
debug("unknown pkalg %s", pkalg); debug("unknown pkalg %s", pkalg);
break; break;
@ -696,7 +695,9 @@ input_userauth_pk_ok(int type, int plen, void *ctxt)
debug("no key from blob. pkalg %s", pkalg); debug("no key from blob. pkalg %s", pkalg);
break; break;
} }
debug2("input_userauth_pk_ok: fp %s", key_fingerprint(key)); fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
debug2("input_userauth_pk_ok: fp %s", fp);
xfree(fp);
if (!key_equal(key, authctxt->last_key)) { if (!key_equal(key, authctxt->last_key)) {
debug("key != last_key"); debug("key != last_key");
break; break;