diff options
| author | green <green@FreeBSD.org> | 2000-12-05 02:20:19 +0000 |
|---|---|---|
| committer | green <green@FreeBSD.org> | 2000-12-05 02:20:19 +0000 |
| commit | 2aecee364f2b1fa8b38c4d29600f05f33075cddf (patch) | |
| tree | bf0881ca432b88e84b40b65bc72970ba5b2a3120 /crypto/openssh/authfd.c | |
| parent | 100d82038d69581b72d61ea79acb559a97322110 (diff) | |
| download | FreeBSD-src-2aecee364f2b1fa8b38c4d29600f05f33075cddf.zip FreeBSD-src-2aecee364f2b1fa8b38c4d29600f05f33075cddf.tar.gz | |
Import of OpenSSH 2.3.0 (virgin OpenBSD source release).
Diffstat (limited to 'crypto/openssh/authfd.c')
| -rw-r--r-- | crypto/openssh/authfd.c | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/crypto/openssh/authfd.c b/crypto/openssh/authfd.c index 9586385..d62b8d6 100644 --- a/crypto/openssh/authfd.c +++ b/crypto/openssh/authfd.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.27 2000/09/07 20:27:49 deraadt Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.29 2000/10/09 21:51:00 markus Exp $"); #include "ssh.h" #include "rsa.h" @@ -51,10 +51,15 @@ RCSID("$OpenBSD: authfd.c,v 1.27 2000/09/07 20:27:49 deraadt Exp $"); #include "authfd.h" #include "kex.h" #include "dsa.h" +#include "compat.h" /* helper */ int decode_reply(int type); +/* macro to check for "agent failure" message */ +#define agent_failed(x) \ + ((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE)) + /* Returns the number of the authentication fd, or -1 if there is none. */ int @@ -237,7 +242,7 @@ ssh_get_first_identity(AuthenticationConnection *auth, char **comment, int versi /* Get message type, and verify that we got a proper answer. */ type = buffer_get_char(&auth->identities); - if (type == SSH_AGENT_FAILURE) { + if (agent_failed(type)) { return NULL; } else if (type != code2) { fatal("Bad authentication reply message type: %d", type); @@ -336,7 +341,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth, } type = buffer_get_char(&buffer); - if (type == SSH_AGENT_FAILURE) { + if (agent_failed(type)) { log("Agent admitted failure to authenticate using the key."); } else if (type != SSH_AGENT_RSA_RESPONSE) { fatal("Bad authentication response: %d", type); @@ -360,20 +365,24 @@ ssh_agent_sign(AuthenticationConnection *auth, unsigned char **sigp, int *lenp, unsigned char *data, int datalen) { + extern int datafellows; Buffer msg; unsigned char *blob; unsigned int blen; - int type; + int type, flags = 0; int ret = -1; if (dsa_make_key_blob(key, &blob, &blen) == 0) return -1; + if (datafellows & SSH_BUG_SIGBLOB) + flags = SSH_AGENT_OLD_SIGNATURE; + buffer_init(&msg); buffer_put_char(&msg, SSH2_AGENTC_SIGN_REQUEST); buffer_put_string(&msg, blob, blen); buffer_put_string(&msg, data, datalen); - buffer_put_int(&msg, 0); /* flags, unused */ + buffer_put_int(&msg, flags); xfree(blob); if (ssh_request_reply(auth, &msg, &msg) == 0) { @@ -381,7 +390,7 @@ ssh_agent_sign(AuthenticationConnection *auth, return -1; } type = buffer_get_char(&msg); - if (type == SSH_AGENT_FAILURE) { + if (agent_failed(type)) { log("Agent admitted failure to sign using the key."); } else if (type != SSH2_AGENT_SIGN_RESPONSE) { fatal("Bad authentication response: %d", type); @@ -528,6 +537,7 @@ decode_reply(int type) { switch (type) { case SSH_AGENT_FAILURE: + case SSH_COM_AGENT2_FAILURE: log("SSH_AGENT_FAILURE"); return 0; case SSH_AGENT_SUCCESS: |
