comparison svr-authpubkey.c @ 910:89555751c489 asm

merge up to 2013.63, improve ASM makefile rules a bit
author Matt Johnston <matt@ucc.asn.au>
date Thu, 27 Feb 2014 21:35:58 +0800
parents b11cb2518116
children 703c7cdd2577
comparison
equal deleted inserted replaced
909:e4b75744acab 910:89555751c489
87 unsigned char* keyblob = NULL; 87 unsigned char* keyblob = NULL;
88 unsigned int keybloblen; 88 unsigned int keybloblen;
89 buffer * signbuf = NULL; 89 buffer * signbuf = NULL;
90 sign_key * key = NULL; 90 sign_key * key = NULL;
91 char* fp = NULL; 91 char* fp = NULL;
92 int type = -1; 92 enum signkey_type type = -1;
93 93
94 TRACE(("enter pubkeyauth")) 94 TRACE(("enter pubkeyauth"))
95 95
96 /* 0 indicates user just wants to check if key can be used, 1 is an 96 /* 0 indicates user just wants to check if key can be used, 1 is an
97 * actual attempt*/ 97 * actual attempt*/
123 goto out; 123 goto out;
124 } 124 }
125 125
126 /* create the data which has been signed - this a string containing 126 /* create the data which has been signed - this a string containing
127 * session_id, concatenated with the payload packet up to the signature */ 127 * session_id, concatenated with the payload packet up to the signature */
128 signbuf = buf_new(ses.payload->pos + 4 + SHA1_HASH_SIZE); 128 signbuf = buf_new(ses.payload->pos + 4 + ses.session_id->len);
129 buf_putstring(signbuf, ses.session_id, SHA1_HASH_SIZE); 129 buf_putbufstring(signbuf, ses.session_id);
130 buf_putbytes(signbuf, ses.payload->data, ses.payload->pos); 130 buf_putbytes(signbuf, ses.payload->data, ses.payload->pos);
131 buf_setpos(signbuf, 0); 131 buf_setpos(signbuf, 0);
132 132
133 /* ... and finally verify the signature */ 133 /* ... and finally verify the signature */
134 fp = sign_key_fingerprint(keyblob, keybloblen); 134 fp = sign_key_fingerprint(keyblob, keybloblen);
135 if (buf_verify(ses.payload, key, buf_getptr(signbuf, signbuf->len), 135 if (buf_verify(ses.payload, key, signbuf) == DROPBEAR_SUCCESS) {
136 signbuf->len) == DROPBEAR_SUCCESS) {
137 dropbear_log(LOG_NOTICE, 136 dropbear_log(LOG_NOTICE,
138 "Pubkey auth succeeded for '%s' with key %s from %s", 137 "Pubkey auth succeeded for '%s' with key %s from %s",
139 ses.authstate.pw_name, fp, svr_ses.addrstring); 138 ses.authstate.pw_name, fp, svr_ses.addrstring);
140 send_msg_userauth_success(); 139 send_msg_userauth_success();
141 } else { 140 } else {
293 options_len++; 292 options_len++;
294 } 293 }
295 options_buf = buf_new(options_len); 294 options_buf = buf_new(options_len);
296 buf_putbytes(options_buf, options_start, options_len); 295 buf_putbytes(options_buf, options_start, options_len);
297 296
298 /* compare the algorithm */ 297 /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */
299 if (line->pos + algolen > line->len) { 298 if (line->pos + algolen+3 > line->len) {
300 continue; 299 continue;
301 } 300 }
302 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { 301 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) {
303 continue; 302 continue;
304 } 303 }