Mercurial > dropbear
comparison svr-authpubkey.c @ 910:89555751c489 asm
merge up to 2013.63, improve ASM makefile rules a bit
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 27 Feb 2014 21:35:58 +0800 |
| parents | b11cb2518116 |
| children | 703c7cdd2577 |
comparison
equal
deleted
inserted
replaced
| 909:e4b75744acab | 910:89555751c489 |
|---|---|
| 87 unsigned char* keyblob = NULL; | 87 unsigned char* keyblob = NULL; |
| 88 unsigned int keybloblen; | 88 unsigned int keybloblen; |
| 89 buffer * signbuf = NULL; | 89 buffer * signbuf = NULL; |
| 90 sign_key * key = NULL; | 90 sign_key * key = NULL; |
| 91 char* fp = NULL; | 91 char* fp = NULL; |
| 92 int type = -1; | 92 enum signkey_type type = -1; |
| 93 | 93 |
| 94 TRACE(("enter pubkeyauth")) | 94 TRACE(("enter pubkeyauth")) |
| 95 | 95 |
| 96 /* 0 indicates user just wants to check if key can be used, 1 is an | 96 /* 0 indicates user just wants to check if key can be used, 1 is an |
| 97 * actual attempt*/ | 97 * actual attempt*/ |
| 123 goto out; | 123 goto out; |
| 124 } | 124 } |
| 125 | 125 |
| 126 /* create the data which has been signed - this a string containing | 126 /* create the data which has been signed - this a string containing |
| 127 * session_id, concatenated with the payload packet up to the signature */ | 127 * session_id, concatenated with the payload packet up to the signature */ |
| 128 signbuf = buf_new(ses.payload->pos + 4 + SHA1_HASH_SIZE); | 128 signbuf = buf_new(ses.payload->pos + 4 + ses.session_id->len); |
| 129 buf_putstring(signbuf, ses.session_id, SHA1_HASH_SIZE); | 129 buf_putbufstring(signbuf, ses.session_id); |
| 130 buf_putbytes(signbuf, ses.payload->data, ses.payload->pos); | 130 buf_putbytes(signbuf, ses.payload->data, ses.payload->pos); |
| 131 buf_setpos(signbuf, 0); | 131 buf_setpos(signbuf, 0); |
| 132 | 132 |
| 133 /* ... and finally verify the signature */ | 133 /* ... and finally verify the signature */ |
| 134 fp = sign_key_fingerprint(keyblob, keybloblen); | 134 fp = sign_key_fingerprint(keyblob, keybloblen); |
| 135 if (buf_verify(ses.payload, key, buf_getptr(signbuf, signbuf->len), | 135 if (buf_verify(ses.payload, key, signbuf) == DROPBEAR_SUCCESS) { |
| 136 signbuf->len) == DROPBEAR_SUCCESS) { | |
| 137 dropbear_log(LOG_NOTICE, | 136 dropbear_log(LOG_NOTICE, |
| 138 "Pubkey auth succeeded for '%s' with key %s from %s", | 137 "Pubkey auth succeeded for '%s' with key %s from %s", |
| 139 ses.authstate.pw_name, fp, svr_ses.addrstring); | 138 ses.authstate.pw_name, fp, svr_ses.addrstring); |
| 140 send_msg_userauth_success(); | 139 send_msg_userauth_success(); |
| 141 } else { | 140 } else { |
| 293 options_len++; | 292 options_len++; |
| 294 } | 293 } |
| 295 options_buf = buf_new(options_len); | 294 options_buf = buf_new(options_len); |
| 296 buf_putbytes(options_buf, options_start, options_len); | 295 buf_putbytes(options_buf, options_start, options_len); |
| 297 | 296 |
| 298 /* compare the algorithm */ | 297 /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */ |
| 299 if (line->pos + algolen > line->len) { | 298 if (line->pos + algolen+3 > line->len) { |
| 300 continue; | 299 continue; |
| 301 } | 300 } |
| 302 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { | 301 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { |
| 303 continue; | 302 continue; |
| 304 } | 303 } |