|
Lines 1240-1245
identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
Link Here
|
| 1240 |
|
1240 |
|
| 1241 |
/* The agent supports this key. */ |
1241 |
/* The agent supports this key. */ |
| 1242 |
if (id->key != NULL && id->agent_fd != -1) { |
1242 |
if (id->key != NULL && id->agent_fd != -1) { |
|
|
1243 |
id->key->type = sshkey_type_plain(id->key->type); |
| 1243 |
return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, |
1244 |
return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, |
| 1244 |
data, datalen, alg, compat); |
1245 |
data, datalen, alg, compat); |
| 1245 |
} |
1246 |
} |
|
Lines 1342-1348
sign_and_send_pubkey(struct ssh *ssh, Identity *id)
Link Here
|
| 1342 |
Identity *private_id, *sign_id = NULL; |
1343 |
Identity *private_id, *sign_id = NULL; |
| 1343 |
u_char *signature = NULL; |
1344 |
u_char *signature = NULL; |
| 1344 |
size_t slen = 0, skip = 0; |
1345 |
size_t slen = 0, skip = 0; |
| 1345 |
int r, fallback_sigtype, sent = 0; |
1346 |
int r, fallback_sigtype, sent = 0, old_type; |
| 1346 |
char *alg = NULL, *fp = NULL; |
1347 |
char *alg = NULL, *fp = NULL; |
| 1347 |
const char *loc = ""; |
1348 |
const char *loc = ""; |
| 1348 |
|
1349 |
|
|
Lines 1365-1370
sign_and_send_pubkey(struct ssh *ssh, Identity *id)
Link Here
|
| 1365 |
if (sshkey_equal_public(id->key, private_id->key) && |
1366 |
if (sshkey_equal_public(id->key, private_id->key) && |
| 1366 |
id->key->type != private_id->key->type) { |
1367 |
id->key->type != private_id->key->type) { |
| 1367 |
sign_id = private_id; |
1368 |
sign_id = private_id; |
|
|
1369 |
/* |
| 1370 |
* Try to add the certificate to the private key so the agent will keep it |
| 1371 |
*/ |
| 1372 |
if ((r = sshkey_to_certified(sign_id->key)) != 0) { |
| 1373 |
error_fr(r, "sshkey_to_certified"); |
| 1374 |
sshkey_free(sign_id->key); |
| 1375 |
goto out; |
| 1376 |
} |
| 1377 |
if ((r = sshkey_cert_copy(id->key, sign_id->key)) != 0) { |
| 1378 |
error_fr(r, "sshkey_cert_copy"); |
| 1379 |
sshkey_free(sign_id->key); |
| 1380 |
goto out; |
| 1381 |
} |
| 1368 |
break; |
1382 |
break; |
| 1369 |
} |
1383 |
} |
| 1370 |
} |
1384 |
} |
|
Lines 1438-1445
sign_and_send_pubkey(struct ssh *ssh, Identity *id)
Link Here
|
| 1438 |
} |
1452 |
} |
| 1439 |
|
1453 |
|
| 1440 |
/* generate signature */ |
1454 |
/* generate signature */ |
|
|
1455 |
old_type = sign_id->key->type; |
| 1456 |
sign_id->key->type = id->key->type; |
| 1441 |
r = identity_sign(sign_id, &signature, &slen, |
1457 |
r = identity_sign(sign_id, &signature, &slen, |
| 1442 |
sshbuf_ptr(b), sshbuf_len(b), ssh->compat, alg); |
1458 |
sshbuf_ptr(b), sshbuf_len(b), ssh->compat, alg); |
|
|
1459 |
sign_id->key->type = old_type; |
| 1443 |
if (r == 0) |
1460 |
if (r == 0) |
| 1444 |
break; |
1461 |
break; |
| 1445 |
else if (r == SSH_ERR_KEY_NOT_FOUND) |
1462 |
else if (r == SSH_ERR_KEY_NOT_FOUND) |
|
Lines 1535-1541
load_identity_file(Identity *id)
Link Here
|
| 1535 |
{ |
1552 |
{ |
| 1536 |
struct sshkey *private = NULL; |
1553 |
struct sshkey *private = NULL; |
| 1537 |
char prompt[300], *passphrase, *comment; |
1554 |
char prompt[300], *passphrase, *comment; |
| 1538 |
int r, quit = 0, i; |
1555 |
int r, quit = 0, i, old_type; |
| 1539 |
struct stat st; |
1556 |
struct stat st; |
| 1540 |
|
1557 |
|
| 1541 |
if (stat(id->filename, &st) == -1) { |
1558 |
if (stat(id->filename, &st) == -1) { |
|
Lines 1590-1598
load_identity_file(Identity *id)
Link Here
|
| 1590 |
quit = 1; |
1607 |
quit = 1; |
| 1591 |
} |
1608 |
} |
| 1592 |
if (!quit && private != NULL && id->agent_fd == -1 && |
1609 |
if (!quit && private != NULL && id->agent_fd == -1 && |
| 1593 |
!(id->key && id->isprivate)) |
1610 |
!(id->key && id->isprivate)){ |
|
|
1611 |
/* |
| 1612 |
* Try to add the certificate to the private key so the agent will keep it |
| 1613 |
*/ |
| 1614 |
if(sshkey_type_is_cert(id->key->type) > 0){ |
| 1615 |
if ((r = sshkey_to_certified(private)) != 0) { |
| 1616 |
error_fr(r, "sshkey_to_certified"); |
| 1617 |
sshkey_free(private); |
| 1618 |
goto out; |
| 1619 |
} |
| 1620 |
if ((r = sshkey_cert_copy(id->key, private)) != 0) { |
| 1621 |
error_fr(r, "sshkey_cert_copy"); |
| 1622 |
sshkey_free(private); |
| 1623 |
goto out; |
| 1624 |
} |
| 1625 |
|
| 1626 |
old_type = private->type; |
| 1627 |
private->type = id->key->type; |
| 1628 |
maybe_add_key_to_agent(id->filename, private, comment, |
| 1629 |
""); |
| 1630 |
private->type = sshkey_type_plain(old_type); |
| 1631 |
} |
| 1594 |
maybe_add_key_to_agent(id->filename, private, comment, |
1632 |
maybe_add_key_to_agent(id->filename, private, comment, |
| 1595 |
passphrase); |
1633 |
passphrase); |
|
|
1634 |
} |
| 1596 |
if (i > 0) |
1635 |
if (i > 0) |
| 1597 |
freezero(passphrase, strlen(passphrase)); |
1636 |
freezero(passphrase, strlen(passphrase)); |
| 1598 |
free(comment); |
1637 |
free(comment); |
|
Lines 1600-1605
load_identity_file(Identity *id)
Link Here
|
| 1600 |
break; |
1639 |
break; |
| 1601 |
} |
1640 |
} |
| 1602 |
return private; |
1641 |
return private; |
|
|
1642 |
out: |
| 1643 |
return NULL; |
| 1603 |
} |
1644 |
} |
| 1604 |
|
1645 |
|
| 1605 |
static int |
1646 |
static int |