Mercurial > dropbear

comparison signkey.c @ 436:7282370416a0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Improve known_hosts checking.
author Matt Johnston <matt@ucc.asn.au>
date Thu, 22 Feb 2007 15:29:32 +0000
parents eb7b9f2bb8e8
children c3f2ec71e3d4
comparison
equal deleted inserted replaced
435:337c45621e81 436:7282370416a0
430 #ifdef DROPBEAR_KEY_LINES /* ie we're using authorized_keys or known_hosts */ 430 #ifdef DROPBEAR_KEY_LINES /* ie we're using authorized_keys or known_hosts */
431 431
432 /* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE when given a buffer containing 432 /* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE when given a buffer containing
433 * a key, a key, and a type. The buffer is positioned at the start of the 433 * a key, a key, and a type. The buffer is positioned at the start of the
434 * base64 data, and contains no trailing data */ 434 * base64 data, and contains no trailing data */
435 /* If fingerprint is non-NULL, it will be set to a malloc()ed fingerprint
436 of the key if it is successfully decoded */
435 int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, 437 int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen,
436 const unsigned char* algoname, unsigned int algolen, 438 const unsigned char* algoname, unsigned int algolen,
437 buffer * line) { 439 buffer * line, char ** fingerprint) {
438 440
439 buffer * decodekey = NULL; 441 buffer * decodekey = NULL;
440 int ret = DROPBEAR_FAILURE; 442 int ret = DROPBEAR_FAILURE;
441 unsigned int len, filealgolen; 443 unsigned int len, filealgolen;
442 unsigned long decodekeylen; 444 unsigned long decodekeylen;
453 TRACE(("checkpubkey: base64 decode failed")) 455 TRACE(("checkpubkey: base64 decode failed"))
454 goto out; 456 goto out;
455 } 457 }
456 TRACE(("checkpubkey: base64_decode success")) 458 TRACE(("checkpubkey: base64_decode success"))
457 buf_incrlen(decodekey, decodekeylen); 459 buf_incrlen(decodekey, decodekeylen);
460
461 if (fingerprint) {
462 *fingerprint = sign_key_fingerprint(buf_getptr(decodekey, decodekeylen),
463 decodekeylen);
464 }
458 465
459 /* compare the keys */ 466 /* compare the keys */
460 if ( ( decodekeylen != keybloblen ) 467 if ( ( decodekeylen != keybloblen )
461 || memcmp( buf_getptr(decodekey, decodekey->len), 468 || memcmp( buf_getptr(decodekey, decodekey->len),
462 keyblob, decodekey->len) != 0) { 469 keyblob, decodekey->len) != 0) {