Mercurial > dropbear
comparison svr-authpubkey.c @ 1122:aaf576b27a10
Merge pull request #13 from gazoo74/fix-warnings
Fix warnings
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 04 Jun 2015 23:08:50 +0800 |
| parents | 83025b7063ec |
| children | 9169e4e7cbee |
comparison
equal
deleted
inserted
replaced
| 1087:1e486f368ec3 | 1122:aaf576b27a10 |
|---|---|
| 68 #ifdef ENABLE_SVR_PUBKEY_AUTH | 68 #ifdef ENABLE_SVR_PUBKEY_AUTH |
| 69 | 69 |
| 70 #define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */ | 70 #define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */ |
| 71 #define MAX_AUTHKEYS_LINE 4200 /* max length of a line in authkeys */ | 71 #define MAX_AUTHKEYS_LINE 4200 /* max length of a line in authkeys */ |
| 72 | 72 |
| 73 static int checkpubkey(unsigned char* algo, unsigned int algolen, | 73 static int checkpubkey(char* algo, unsigned int algolen, |
| 74 unsigned char* keyblob, unsigned int keybloblen); | 74 unsigned char* keyblob, unsigned int keybloblen); |
| 75 static int checkpubkeyperms(); | 75 static int checkpubkeyperms(); |
| 76 static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen, | 76 static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen, |
| 77 unsigned char* keyblob, unsigned int keybloblen); | 77 unsigned char* keyblob, unsigned int keybloblen); |
| 78 static int checkfileperm(char * filename); | 78 static int checkfileperm(char * filename); |
| 79 | 79 |
| 80 /* process a pubkey auth request, sending success or failure message as | 80 /* process a pubkey auth request, sending success or failure message as |
| 81 * appropriate */ | 81 * appropriate */ |
| 82 void svr_auth_pubkey() { | 82 void svr_auth_pubkey() { |
| 83 | 83 |
| 84 unsigned char testkey; /* whether we're just checking if a key is usable */ | 84 unsigned char testkey; /* whether we're just checking if a key is usable */ |
| 85 unsigned char* algo = NULL; /* pubkey algo */ | 85 char* algo = NULL; /* pubkey algo */ |
| 86 unsigned int algolen; | 86 unsigned int algolen; |
| 87 unsigned char* keyblob = NULL; | 87 unsigned char* keyblob = NULL; |
| 88 unsigned int keybloblen; | 88 unsigned int keybloblen; |
| 89 unsigned int sign_payload_length; | 89 unsigned int sign_payload_length; |
| 90 buffer * signbuf = NULL; | 90 buffer * signbuf = NULL; |
| 171 } | 171 } |
| 172 | 172 |
| 173 /* Reply that the key is valid for auth, this is sent when the user sends | 173 /* Reply that the key is valid for auth, this is sent when the user sends |
| 174 * a straight copy of their pubkey to test, to avoid having to perform | 174 * a straight copy of their pubkey to test, to avoid having to perform |
| 175 * expensive signing operations with a worthless key */ | 175 * expensive signing operations with a worthless key */ |
| 176 static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen, | 176 static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen, |
| 177 unsigned char* keyblob, unsigned int keybloblen) { | 177 unsigned char* keyblob, unsigned int keybloblen) { |
| 178 | 178 |
| 179 TRACE(("enter send_msg_userauth_pk_ok")) | 179 TRACE(("enter send_msg_userauth_pk_ok")) |
| 180 CHECKCLEARTOWRITE(); | 180 CHECKCLEARTOWRITE(); |
| 181 | 181 |
| 182 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_PK_OK); | 182 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_PK_OK); |
| 183 buf_putstring(ses.writepayload, algo, algolen); | 183 buf_putstring(ses.writepayload, algo, algolen); |
| 184 buf_putstring(ses.writepayload, keyblob, keybloblen); | 184 buf_putstring(ses.writepayload, (const char*)keyblob, keybloblen); |
| 185 | 185 |
| 186 encrypt_packet(); | 186 encrypt_packet(); |
| 187 TRACE(("leave send_msg_userauth_pk_ok")) | 187 TRACE(("leave send_msg_userauth_pk_ok")) |
| 188 | 188 |
| 189 } | 189 } |
| 190 | 190 |
| 191 /* Checks whether a specified publickey (and associated algorithm) is an | 191 /* Checks whether a specified publickey (and associated algorithm) is an |
| 192 * acceptable key for authentication */ | 192 * acceptable key for authentication */ |
| 193 /* Returns DROPBEAR_SUCCESS if key is ok for auth, DROPBEAR_FAILURE otherwise */ | 193 /* Returns DROPBEAR_SUCCESS if key is ok for auth, DROPBEAR_FAILURE otherwise */ |
| 194 static int checkpubkey(unsigned char* algo, unsigned int algolen, | 194 static int checkpubkey(char* algo, unsigned int algolen, |
| 195 unsigned char* keyblob, unsigned int keybloblen) { | 195 unsigned char* keyblob, unsigned int keybloblen) { |
| 196 | 196 |
| 197 FILE * authfile = NULL; | 197 FILE * authfile = NULL; |
| 198 char * filename = NULL; | 198 char * filename = NULL; |
| 199 int ret = DROPBEAR_FAILURE; | 199 int ret = DROPBEAR_FAILURE; |
| 258 } | 258 } |
| 259 | 259 |
| 260 /* check the key type - will fail if there are options */ | 260 /* check the key type - will fail if there are options */ |
| 261 TRACE(("a line!")) | 261 TRACE(("a line!")) |
| 262 | 262 |
| 263 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { | 263 if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) { |
| 264 int is_comment = 0; | 264 int is_comment = 0; |
| 265 char *options_start = NULL; | 265 unsigned char *options_start = NULL; |
| 266 int options_len = 0; | 266 int options_len = 0; |
| 267 int escape, quoted; | 267 int escape, quoted; |
| 268 | 268 |
| 269 /* skip over any comments or leading whitespace */ | 269 /* skip over any comments or leading whitespace */ |
| 270 while (line->pos < line->len) { | 270 while (line->pos < line->len) { |
| 306 | 306 |
| 307 /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */ | 307 /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */ |
| 308 if (line->pos + algolen+3 > line->len) { | 308 if (line->pos + algolen+3 > line->len) { |
| 309 continue; | 309 continue; |
| 310 } | 310 } |
| 311 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { | 311 if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) { |
| 312 continue; | 312 continue; |
| 313 } | 313 } |
| 314 } | 314 } |
| 315 buf_incrpos(line, algolen); | 315 buf_incrpos(line, algolen); |
| 316 | 316 |
| 328 buf_setpos(line, pos); | 328 buf_setpos(line, pos); |
| 329 buf_setlen(line, line->pos + len); | 329 buf_setlen(line, line->pos + len); |
| 330 | 330 |
| 331 TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len)) | 331 TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len)) |
| 332 | 332 |
| 333 ret = cmp_base64_key(keyblob, keybloblen, algo, algolen, line, NULL); | 333 ret = cmp_base64_key(keyblob, keybloblen, (const unsigned char *) algo, algolen, line, NULL); |
| 334 | 334 |
| 335 if (ret == DROPBEAR_SUCCESS && options_buf) { | 335 if (ret == DROPBEAR_SUCCESS && options_buf) { |
| 336 ret = svr_add_pubkey_options(options_buf, line_num, filename); | 336 ret = svr_add_pubkey_options(options_buf, line_num, filename); |
| 337 } | 337 } |
| 338 | 338 |