Mercurial > dropbear
comparison svr-authpubkey.c @ 910:89555751c489 asm
merge up to 2013.63, improve ASM makefile rules a bit
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 27 Feb 2014 21:35:58 +0800 |
parents | b11cb2518116 |
children | 703c7cdd2577 |
comparison
equal
deleted
inserted
replaced
909:e4b75744acab | 910:89555751c489 |
---|---|
87 unsigned char* keyblob = NULL; | 87 unsigned char* keyblob = NULL; |
88 unsigned int keybloblen; | 88 unsigned int keybloblen; |
89 buffer * signbuf = NULL; | 89 buffer * signbuf = NULL; |
90 sign_key * key = NULL; | 90 sign_key * key = NULL; |
91 char* fp = NULL; | 91 char* fp = NULL; |
92 int type = -1; | 92 enum signkey_type type = -1; |
93 | 93 |
94 TRACE(("enter pubkeyauth")) | 94 TRACE(("enter pubkeyauth")) |
95 | 95 |
96 /* 0 indicates user just wants to check if key can be used, 1 is an | 96 /* 0 indicates user just wants to check if key can be used, 1 is an |
97 * actual attempt*/ | 97 * actual attempt*/ |
123 goto out; | 123 goto out; |
124 } | 124 } |
125 | 125 |
126 /* create the data which has been signed - this a string containing | 126 /* create the data which has been signed - this a string containing |
127 * session_id, concatenated with the payload packet up to the signature */ | 127 * session_id, concatenated with the payload packet up to the signature */ |
128 signbuf = buf_new(ses.payload->pos + 4 + SHA1_HASH_SIZE); | 128 signbuf = buf_new(ses.payload->pos + 4 + ses.session_id->len); |
129 buf_putstring(signbuf, ses.session_id, SHA1_HASH_SIZE); | 129 buf_putbufstring(signbuf, ses.session_id); |
130 buf_putbytes(signbuf, ses.payload->data, ses.payload->pos); | 130 buf_putbytes(signbuf, ses.payload->data, ses.payload->pos); |
131 buf_setpos(signbuf, 0); | 131 buf_setpos(signbuf, 0); |
132 | 132 |
133 /* ... and finally verify the signature */ | 133 /* ... and finally verify the signature */ |
134 fp = sign_key_fingerprint(keyblob, keybloblen); | 134 fp = sign_key_fingerprint(keyblob, keybloblen); |
135 if (buf_verify(ses.payload, key, buf_getptr(signbuf, signbuf->len), | 135 if (buf_verify(ses.payload, key, signbuf) == DROPBEAR_SUCCESS) { |
136 signbuf->len) == DROPBEAR_SUCCESS) { | |
137 dropbear_log(LOG_NOTICE, | 136 dropbear_log(LOG_NOTICE, |
138 "Pubkey auth succeeded for '%s' with key %s from %s", | 137 "Pubkey auth succeeded for '%s' with key %s from %s", |
139 ses.authstate.pw_name, fp, svr_ses.addrstring); | 138 ses.authstate.pw_name, fp, svr_ses.addrstring); |
140 send_msg_userauth_success(); | 139 send_msg_userauth_success(); |
141 } else { | 140 } else { |
293 options_len++; | 292 options_len++; |
294 } | 293 } |
295 options_buf = buf_new(options_len); | 294 options_buf = buf_new(options_len); |
296 buf_putbytes(options_buf, options_start, options_len); | 295 buf_putbytes(options_buf, options_start, options_len); |
297 | 296 |
298 /* compare the algorithm */ | 297 /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */ |
299 if (line->pos + algolen > line->len) { | 298 if (line->pos + algolen+3 > line->len) { |
300 continue; | 299 continue; |
301 } | 300 } |
302 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { | 301 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { |
303 continue; | 302 continue; |
304 } | 303 } |