|
Line
Link Here
|
| 0 |
-- a/sshconnect2.c |
0 |
++ b/sshconnect2.c |
|
Lines 996-1006
input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
Link Here
|
| 996 |
} |
996 |
} |
| 997 |
|
997 |
|
| 998 |
static const char * |
998 |
static const char * |
| 999 |
identity_sign_encode(struct identity *id) |
999 |
key_sign_encode(Key *key) |
| 1000 |
{ |
1000 |
{ |
| 1001 |
struct ssh *ssh = active_state; |
1001 |
struct ssh *ssh = active_state; |
| 1002 |
|
1002 |
|
| 1003 |
if (id->key->type == KEY_RSA) { |
1003 |
if (key->type == KEY_RSA) { |
| 1004 |
switch (ssh->kex->rsa_sha2) { |
1004 |
switch (ssh->kex->rsa_sha2) { |
| 1005 |
case 256: |
1005 |
case 256: |
| 1006 |
return "rsa-sha2-256"; |
1006 |
return "rsa-sha2-256"; |
|
Lines 1008-1015
identity_sign_encode(struct identity *id)
Link Here
|
| 1008 |
return "rsa-sha2-512"; |
1008 |
return "rsa-sha2-512"; |
| 1009 |
} |
1009 |
} |
| 1010 |
} |
1010 |
} |
|
|
1011 |
return key_ssh_name(key); |
| 1012 |
} |
| 1011 |
|
1013 |
|
| 1012 |
return key_ssh_name(id->key); |
1014 |
static const char * |
|
|
1015 |
identity_sign_encode(struct identity *id) |
| 1016 |
{ |
| 1017 |
return key_sign_encode(id->key); |
| 1013 |
} |
1018 |
} |
| 1014 |
|
1019 |
|
| 1015 |
static int |
1020 |
static int |
|
Lines 1018-1043
identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
Link Here
|
| 1018 |
{ |
1023 |
{ |
| 1019 |
Key *prv; |
1024 |
Key *prv; |
| 1020 |
int ret; |
1025 |
int ret; |
| 1021 |
const char *alg; |
|
|
| 1022 |
|
| 1023 |
alg = identity_sign_encode(id); |
| 1024 |
|
1026 |
|
| 1025 |
/* the agent supports this key */ |
1027 |
/* the agent supports this key */ |
| 1026 |
if (id->agent_fd != -1) |
1028 |
if (id->key != NULL && id->agent_fd != -1) |
| 1027 |
return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, |
1029 |
return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, |
| 1028 |
data, datalen, alg, compat); |
1030 |
data, datalen, identity_sign_encode(id), compat); |
| 1029 |
|
1031 |
|
| 1030 |
/* |
1032 |
/* |
| 1031 |
* we have already loaded the private key or |
1033 |
* we have already loaded the private key or |
| 1032 |
* the private key is stored in external hardware |
1034 |
* the private key is stored in external hardware |
| 1033 |
*/ |
1035 |
*/ |
| 1034 |
if (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT)) |
1036 |
if (id->key != NULL && (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT))) |
| 1035 |
return (sshkey_sign(id->key, sigp, lenp, data, datalen, alg, |
1037 |
return (sshkey_sign(id->key, sigp, lenp, data, datalen, |
| 1036 |
compat)); |
1038 |
identity_sign_encode(id), compat)); |
|
|
1039 |
|
| 1037 |
/* load the private key from the file */ |
1040 |
/* load the private key from the file */ |
| 1038 |
if ((prv = load_identity_file(id)) == NULL) |
1041 |
if ((prv = load_identity_file(id)) == NULL) |
| 1039 |
return SSH_ERR_KEY_NOT_FOUND; |
1042 |
return SSH_ERR_KEY_NOT_FOUND; |
| 1040 |
ret = sshkey_sign(prv, sigp, lenp, data, datalen, alg, compat); |
1043 |
ret = sshkey_sign(prv, sigp, lenp, data, datalen, key_sign_encode(prv), compat); |
| 1041 |
sshkey_free(prv); |
1044 |
sshkey_free(prv); |
| 1042 |
return (ret); |
1045 |
return (ret); |
| 1043 |
} |
1046 |
} |