comparison svr-authpubkey.c @ 1122:aaf576b27a10

Merge pull request #13 from gazoo74/fix-warnings Fix warnings
author Matt Johnston <matt@ucc.asn.au>
date Thu, 04 Jun 2015 23:08:50 +0800
parents 83025b7063ec
children 9169e4e7cbee
comparison
equal deleted inserted replaced
1087:1e486f368ec3 1122:aaf576b27a10
68 #ifdef ENABLE_SVR_PUBKEY_AUTH 68 #ifdef ENABLE_SVR_PUBKEY_AUTH
69 69
70 #define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */ 70 #define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */
71 #define MAX_AUTHKEYS_LINE 4200 /* max length of a line in authkeys */ 71 #define MAX_AUTHKEYS_LINE 4200 /* max length of a line in authkeys */
72 72
73 static int checkpubkey(unsigned char* algo, unsigned int algolen, 73 static int checkpubkey(char* algo, unsigned int algolen,
74 unsigned char* keyblob, unsigned int keybloblen); 74 unsigned char* keyblob, unsigned int keybloblen);
75 static int checkpubkeyperms(); 75 static int checkpubkeyperms();
76 static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen, 76 static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
77 unsigned char* keyblob, unsigned int keybloblen); 77 unsigned char* keyblob, unsigned int keybloblen);
78 static int checkfileperm(char * filename); 78 static int checkfileperm(char * filename);
79 79
80 /* process a pubkey auth request, sending success or failure message as 80 /* process a pubkey auth request, sending success or failure message as
81 * appropriate */ 81 * appropriate */
82 void svr_auth_pubkey() { 82 void svr_auth_pubkey() {
83 83
84 unsigned char testkey; /* whether we're just checking if a key is usable */ 84 unsigned char testkey; /* whether we're just checking if a key is usable */
85 unsigned char* algo = NULL; /* pubkey algo */ 85 char* algo = NULL; /* pubkey algo */
86 unsigned int algolen; 86 unsigned int algolen;
87 unsigned char* keyblob = NULL; 87 unsigned char* keyblob = NULL;
88 unsigned int keybloblen; 88 unsigned int keybloblen;
89 unsigned int sign_payload_length; 89 unsigned int sign_payload_length;
90 buffer * signbuf = NULL; 90 buffer * signbuf = NULL;
171 } 171 }
172 172
173 /* Reply that the key is valid for auth, this is sent when the user sends 173 /* Reply that the key is valid for auth, this is sent when the user sends
174 * a straight copy of their pubkey to test, to avoid having to perform 174 * a straight copy of their pubkey to test, to avoid having to perform
175 * expensive signing operations with a worthless key */ 175 * expensive signing operations with a worthless key */
176 static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen, 176 static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
177 unsigned char* keyblob, unsigned int keybloblen) { 177 unsigned char* keyblob, unsigned int keybloblen) {
178 178
179 TRACE(("enter send_msg_userauth_pk_ok")) 179 TRACE(("enter send_msg_userauth_pk_ok"))
180 CHECKCLEARTOWRITE(); 180 CHECKCLEARTOWRITE();
181 181
182 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_PK_OK); 182 buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_PK_OK);
183 buf_putstring(ses.writepayload, algo, algolen); 183 buf_putstring(ses.writepayload, algo, algolen);
184 buf_putstring(ses.writepayload, keyblob, keybloblen); 184 buf_putstring(ses.writepayload, (const char*)keyblob, keybloblen);
185 185
186 encrypt_packet(); 186 encrypt_packet();
187 TRACE(("leave send_msg_userauth_pk_ok")) 187 TRACE(("leave send_msg_userauth_pk_ok"))
188 188
189 } 189 }
190 190
191 /* Checks whether a specified publickey (and associated algorithm) is an 191 /* Checks whether a specified publickey (and associated algorithm) is an
192 * acceptable key for authentication */ 192 * acceptable key for authentication */
193 /* Returns DROPBEAR_SUCCESS if key is ok for auth, DROPBEAR_FAILURE otherwise */ 193 /* Returns DROPBEAR_SUCCESS if key is ok for auth, DROPBEAR_FAILURE otherwise */
194 static int checkpubkey(unsigned char* algo, unsigned int algolen, 194 static int checkpubkey(char* algo, unsigned int algolen,
195 unsigned char* keyblob, unsigned int keybloblen) { 195 unsigned char* keyblob, unsigned int keybloblen) {
196 196
197 FILE * authfile = NULL; 197 FILE * authfile = NULL;
198 char * filename = NULL; 198 char * filename = NULL;
199 int ret = DROPBEAR_FAILURE; 199 int ret = DROPBEAR_FAILURE;
258 } 258 }
259 259
260 /* check the key type - will fail if there are options */ 260 /* check the key type - will fail if there are options */
261 TRACE(("a line!")) 261 TRACE(("a line!"))
262 262
263 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { 263 if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) {
264 int is_comment = 0; 264 int is_comment = 0;
265 char *options_start = NULL; 265 unsigned char *options_start = NULL;
266 int options_len = 0; 266 int options_len = 0;
267 int escape, quoted; 267 int escape, quoted;
268 268
269 /* skip over any comments or leading whitespace */ 269 /* skip over any comments or leading whitespace */
270 while (line->pos < line->len) { 270 while (line->pos < line->len) {
306 306
307 /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */ 307 /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */
308 if (line->pos + algolen+3 > line->len) { 308 if (line->pos + algolen+3 > line->len) {
309 continue; 309 continue;
310 } 310 }
311 if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { 311 if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) {
312 continue; 312 continue;
313 } 313 }
314 } 314 }
315 buf_incrpos(line, algolen); 315 buf_incrpos(line, algolen);
316 316
328 buf_setpos(line, pos); 328 buf_setpos(line, pos);
329 buf_setlen(line, line->pos + len); 329 buf_setlen(line, line->pos + len);
330 330
331 TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len)) 331 TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len))
332 332
333 ret = cmp_base64_key(keyblob, keybloblen, algo, algolen, line, NULL); 333 ret = cmp_base64_key(keyblob, keybloblen, (const unsigned char *) algo, algolen, line, NULL);
334 334
335 if (ret == DROPBEAR_SUCCESS && options_buf) { 335 if (ret == DROPBEAR_SUCCESS && options_buf) {
336 ret = svr_add_pubkey_options(options_buf, line_num, filename); 336 ret = svr_add_pubkey_options(options_buf, line_num, filename);
337 } 337 }
338 338