Mercurial > dropbear

comparison cli-authpubkey.c @ 165:0cfba3034be5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
author Matt Johnston <matt@ucc.asn.au>
date Sun, 02 Jan 2005 20:25:56 +0000
parents e3adf4cf5465
children aad4b3f58556
comparison
equal deleted inserted replaced
161:b9d3f725e00b 165:0cfba3034be5
39 void cli_pubkeyfail() { 39 void cli_pubkeyfail() {
40 40
41 struct PubkeyList *keyitem; 41 struct PubkeyList *keyitem;
42 struct PubkeyList **previtem; 42 struct PubkeyList **previtem;
43 43
44 TRACE(("enter cli_pubkeyfail")); 44 TRACE(("enter cli_pubkeyfail"))
45 previtem = &cli_opts.pubkeys; 45 previtem = &cli_opts.pubkeys;
46 46
47 /* Find the key we failed with, and remove it */ 47 /* Find the key we failed with, and remove it */
48 for (keyitem = cli_opts.pubkeys; keyitem != NULL; keyitem = keyitem->next) { 48 for (keyitem = cli_opts.pubkeys; keyitem != NULL; keyitem = keyitem->next) {
49 if (keyitem == cli_ses.lastpubkey) { 49 if (keyitem == cli_ses.lastpubkey) {
53 } 53 }
54 54
55 sign_key_free(cli_ses.lastpubkey->key); /* It won't be used again */ 55 sign_key_free(cli_ses.lastpubkey->key); /* It won't be used again */
56 m_free(cli_ses.lastpubkey); 56 m_free(cli_ses.lastpubkey);
57 57
58 TRACE(("leave cli_pubkeyfail")); 58 TRACE(("leave cli_pubkeyfail"))
59 } 59 }
60 60
61 void recv_msg_userauth_pk_ok() { 61 void recv_msg_userauth_pk_ok() {
62 62
63 struct PubkeyList *keyitem; 63 struct PubkeyList *keyitem;
65 char* algotype = NULL; 65 char* algotype = NULL;
66 unsigned int algolen; 66 unsigned int algolen;
67 int keytype; 67 int keytype;
68 unsigned int remotelen; 68 unsigned int remotelen;
69 69
70 TRACE(("enter recv_msg_userauth_pk_ok")); 70 TRACE(("enter recv_msg_userauth_pk_ok"))
71 71
72 algotype = buf_getstring(ses.payload, &algolen); 72 algotype = buf_getstring(ses.payload, &algolen);
73 keytype = signkey_type_from_name(algotype, algolen); 73 keytype = signkey_type_from_name(algotype, algolen);
74 TRACE(("recv_msg_userauth_pk_ok: type %d", keytype)); 74 TRACE(("recv_msg_userauth_pk_ok: type %d", keytype))
75 m_free(algotype); 75 m_free(algotype);
76 76
77 keybuf = buf_new(MAX_PUBKEY_SIZE); 77 keybuf = buf_new(MAX_PUBKEY_SIZE);
78 78
79 remotelen = buf_getint(ses.payload); 79 remotelen = buf_getint(ses.payload);
82 * send a real request with that key */ 82 * send a real request with that key */
83 for (keyitem = cli_opts.pubkeys; keyitem != NULL; keyitem = keyitem->next) { 83 for (keyitem = cli_opts.pubkeys; keyitem != NULL; keyitem = keyitem->next) {
84 84
85 if (keyitem->type != keytype) { 85 if (keyitem->type != keytype) {
86 /* Types differed */ 86 /* Types differed */
87 TRACE(("types differed")); 87 TRACE(("types differed"))
88 continue; 88 continue;
89 } 89 }
90 90
91 /* Now we compare the contents of the key */ 91 /* Now we compare the contents of the key */
92 keybuf->pos = keybuf->len = 0; 92 keybuf->pos = keybuf->len = 0;
96 remotelen) which has already been taken from 96 remotelen) which has already been taken from
97 the remote buffer */ 97 the remote buffer */
98 98
99 99
100 if (keybuf->len-4 != remotelen) { 100 if (keybuf->len-4 != remotelen) {
101 TRACE(("lengths differed: localh %d remote %d", keybuf->len, remotelen)); 101 TRACE(("lengths differed: localh %d remote %d", keybuf->len, remotelen))
102 /* Lengths differed */ 102 /* Lengths differed */
103 continue; 103 continue;
104 } 104 }
105 if (memcmp(buf_getptr(keybuf, remotelen), 105 if (memcmp(buf_getptr(keybuf, remotelen),
106 buf_getptr(ses.payload, remotelen), remotelen) != 0) { 106 buf_getptr(ses.payload, remotelen), remotelen) != 0) {
107 /* Data didn't match this key */ 107 /* Data didn't match this key */
108 TRACE(("data differed")); 108 TRACE(("data differed"))
109 continue; 109 continue;
110 } 110 }
111 111
112 /* Success */ 112 /* Success */
113 break; 113 break;
114 } 114 }
115 115
116 if (keyitem != NULL) { 116 if (keyitem != NULL) {
117 TRACE(("matching key")); 117 TRACE(("matching key"))
118 /* XXX TODO: if it's an encrypted key, here we ask for their 118 /* XXX TODO: if it's an encrypted key, here we ask for their
119 * password */ 119 * password */
120 send_msg_userauth_pubkey(keyitem->key, keytype, 1); 120 send_msg_userauth_pubkey(keyitem->key, keytype, 1);
121 } else { 121 } else {
122 TRACE(("That was whacky. We got told that a key was valid, but it didn't match our list. Sounds like dodgy code on Dropbear's part")); 122 TRACE(("That was whacky. We got told that a key was valid, but it didn't match our list. Sounds like dodgy code on Dropbear's part"))
123 } 123 }
124 124
125 TRACE(("leave recv_msg_userauth_pk_ok")); 125 TRACE(("leave recv_msg_userauth_pk_ok"))
126 } 126 }
127 127
128 /* TODO: make it take an agent reference to use as well */ 128 /* TODO: make it take an agent reference to use as well */
129 static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign) { 129 static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign) {
130 130
131 const char *algoname = NULL; 131 const char *algoname = NULL;
132 int algolen; 132 int algolen;
133 buffer* sigbuf = NULL; 133 buffer* sigbuf = NULL;
134 134
135 TRACE(("enter send_msg_userauth_pubkey")); 135 TRACE(("enter send_msg_userauth_pubkey"))
136 CHECKCLEARTOWRITE(); 136 CHECKCLEARTOWRITE();
137 137
138 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); 138 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
139 139
140 buf_putstring(ses.writepayload, cli_opts.username, 140 buf_putstring(ses.writepayload, cli_opts.username,
152 152
153 buf_putstring(ses.writepayload, algoname, algolen); 153 buf_putstring(ses.writepayload, algoname, algolen);
154 buf_put_pub_key(ses.writepayload, key, type); 154 buf_put_pub_key(ses.writepayload, key, type);
155 155
156 if (realsign) { 156 if (realsign) {
157 TRACE(("realsign")); 157 TRACE(("realsign"))
158 /* We put the signature as well - this contains string(session id), then 158 /* We put the signature as well - this contains string(session id), then
159 * the contents of the write payload to this point */ 159 * the contents of the write payload to this point */
160 sigbuf = buf_new(4 + SHA1_HASH_SIZE + ses.writepayload->len); 160 sigbuf = buf_new(4 + SHA1_HASH_SIZE + ses.writepayload->len);
161 buf_putstring(sigbuf, ses.session_id, SHA1_HASH_SIZE); 161 buf_putstring(sigbuf, ses.session_id, SHA1_HASH_SIZE);
162 buf_putbytes(sigbuf, ses.writepayload->data, ses.writepayload->len); 162 buf_putbytes(sigbuf, ses.writepayload->data, ses.writepayload->len);
163 buf_put_sign(ses.writepayload, key, type, sigbuf->data, sigbuf->len); 163 buf_put_sign(ses.writepayload, key, type, sigbuf->data, sigbuf->len);
164 buf_free(sigbuf); /* Nothing confidential in the buffer */ 164 buf_free(sigbuf); /* Nothing confidential in the buffer */
165 } 165 }
166 166
167 encrypt_packet(); 167 encrypt_packet();
168 TRACE(("leave send_msg_userauth_pubkey")); 168 TRACE(("leave send_msg_userauth_pubkey"))
169 } 169 }
170 170
171 int cli_auth_pubkey() { 171 int cli_auth_pubkey() {
172 172
173 TRACE(("enter cli_auth_pubkey")); 173 TRACE(("enter cli_auth_pubkey"))
174 174
175 if (cli_opts.pubkeys != NULL) { 175 if (cli_opts.pubkeys != NULL) {
176 /* Send a trial request */ 176 /* Send a trial request */
177 send_msg_userauth_pubkey(cli_opts.pubkeys->key, 177 send_msg_userauth_pubkey(cli_opts.pubkeys->key,
178 cli_opts.pubkeys->type, 0); 178 cli_opts.pubkeys->type, 0);
179 cli_ses.lastpubkey = cli_opts.pubkeys; 179 cli_ses.lastpubkey = cli_opts.pubkeys;
180 TRACE(("leave cli_auth_pubkey-success")); 180 TRACE(("leave cli_auth_pubkey-success"))
181 return 1; 181 return 1;
182 } else { 182 } else {
183 TRACE(("leave cli_auth_pubkey-failure")); 183 TRACE(("leave cli_auth_pubkey-failure"))
184 return 0; 184 return 0;
185 } 185 }
186 } 186 }
187 #endif /* Pubkey auth */ 187 #endif /* Pubkey auth */