#include "includes.h"#include <openssl/evp.h>#include "ssh.h"#include "rsa.h"#include "buffer.h"#include "bufaux.h"#include "xmalloc.h"#include "getput.h"#include "key.h"#include "authfd.h"#include "cipher.h"#include "kex.h"#include "compat.h"#include "log.h"#include "atomicio.h"Go to the source code of this file.
|
|
Value: ((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE) || \ (x == SSH2_AGENT_FAILURE)) Definition at line 62 of file authfd.c. Referenced by ssh_agent_sign(), ssh_decrypt_challenge(), and ssh_get_num_identities(). |
|
|
Definition at line 647 of file authfd.c. References fatal(), logit(), SSH2_AGENT_FAILURE, SSH_AGENT_FAILURE, SSH_AGENT_SUCCESS, and SSH_COM_AGENT2_FAILURE. Referenced by ssh_add_identity_constrained(), ssh_lock_agent(), ssh_remove_all_identities(), ssh_remove_identity(), and ssh_update_card(). 00648 { 00649 switch (type) { 00650 case SSH_AGENT_FAILURE: 00651 case SSH_COM_AGENT2_FAILURE: 00652 case SSH2_AGENT_FAILURE: 00653 logit("SSH_AGENT_FAILURE"); 00654 return 0; 00655 case SSH_AGENT_SUCCESS: 00656 return 1; 00657 default: 00658 fatal("Bad response from authentication agent: %d", type); 00659 } 00660 /* NOTREACHED */ 00661 return 0; 00662 }
|
|
||||||||||||
|
|
|
||||||||||||||||
|
Definition at line 540 of file authfd.c. References ssh_add_identity_constrained(). Referenced by add_file(). 00541 { 00542 return ssh_add_identity_constrained(auth, key, comment, 0, 0); 00543 }
|
|
||||||||||||||||||||||||
|
|
Definition at line 67 of file authfd.c. References agent_present, ssh_close_authentication_socket(), and ssh_get_authentication_socket(). Referenced by check_agent_present(). 00068 { 00069 int authfd; 00070 00071 if (agent_present) 00072 return 1; 00073 if ((authfd = ssh_get_authentication_socket()) == -1) 00074 return 0; 00075 else { 00076 ssh_close_authentication_socket(authfd); 00077 return 1; 00078 } 00079 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 405 of file authfd.c. References agent_failed, buffer_free(), buffer_get_char(), buffer_get_string(), buffer_init(), buffer_put_char(), buffer_put_int(), buffer_put_string(), datafellows, fatal(), key_to_blob(), logit(), SSH2_AGENT_SIGN_RESPONSE, SSH2_AGENTC_SIGN_REQUEST, SSH_AGENT_OLD_SIGNATURE, SSH_BUG_SIGBLOB, ssh_request_reply(), and xfree(). Referenced by identity_sign(). 00409 { 00410 extern int datafellows; 00411 Buffer msg; 00412 u_char *blob; 00413 u_int blen; 00414 int type, flags = 0; 00415 int ret = -1; 00416 00417 if (key_to_blob(key, &blob, &blen) == 0) 00418 return -1; 00419 00420 if (datafellows & SSH_BUG_SIGBLOB) 00421 flags = SSH_AGENT_OLD_SIGNATURE; 00422 00423 buffer_init(&msg); 00424 buffer_put_char(&msg, SSH2_AGENTC_SIGN_REQUEST); 00425 buffer_put_string(&msg, blob, blen); 00426 buffer_put_string(&msg, data, datalen); 00427 buffer_put_int(&msg, flags); 00428 xfree(blob); 00429 00430 if (ssh_request_reply(auth, &msg, &msg) == 0) { 00431 buffer_free(&msg); 00432 return -1; 00433 } 00434 type = buffer_get_char(&msg); 00435 if (agent_failed(type)) { 00436 logit("Agent admitted failure to sign using the key."); 00437 } else if (type != SSH2_AGENT_SIGN_RESPONSE) { 00438 fatal("Bad authentication response: %d", type); 00439 } else { 00440 ret = 0; 00441 *sigp = buffer_get_string(&msg, lenp); 00442 } 00443 buffer_free(&msg); 00444 return ret; 00445 }
|
|
|
Definition at line 211 of file authfd.c. References buffer_free(), AuthenticationConnection::fd, AuthenticationConnection::identities, and xfree(). Referenced by main(), pubkey_cleanup(), and try_agent_authentication(). 00212 { 00213 buffer_free(&auth->identities); 00214 close(auth->fd); 00215 xfree(auth); 00216 }
|
|
|
Definition at line 168 of file authfd.c. References SSH_AUTHSOCKET_ENV_NAME. Referenced by ssh_agent_present(). 00169 { 00170 if (getenv(SSH_AUTHSOCKET_ENV_NAME)) 00171 close(sock); 00172 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 354 of file authfd.c. References agent_failed, buffer_append(), buffer_free(), buffer_get_char(), buffer_init(), buffer_put_bignum(), buffer_put_char(), buffer_put_int(), fatal(), KEY_RSA1, logit(), Key::rsa, SSH_AGENT_RSA_RESPONSE, SSH_AGENTC_RSA_CHALLENGE, ssh_request_reply(), and Key::type. Referenced by try_agent_authentication(). 00359 { 00360 Buffer buffer; 00361 int success = 0; 00362 int i; 00363 int type; 00364 00365 if (key->type != KEY_RSA1) 00366 return 0; 00367 if (response_type == 0) { 00368 logit("Compatibility with ssh protocol version 1.0 no longer supported."); 00369 return 0; 00370 } 00371 buffer_init(&buffer); 00372 buffer_put_char(&buffer, SSH_AGENTC_RSA_CHALLENGE); 00373 buffer_put_int(&buffer, BN_num_bits(key->rsa->n)); 00374 buffer_put_bignum(&buffer, key->rsa->e); 00375 buffer_put_bignum(&buffer, key->rsa->n); 00376 buffer_put_bignum(&buffer, challenge); 00377 buffer_append(&buffer, session_id, 16); 00378 buffer_put_int(&buffer, response_type); 00379 00380 if (ssh_request_reply(auth, &buffer, &buffer) == 0) { 00381 buffer_free(&buffer); 00382 return 0; 00383 } 00384 type = buffer_get_char(&buffer); 00385 00386 if (agent_failed(type)) { 00387 logit("Agent admitted failure to authenticate using the key."); 00388 } else if (type != SSH_AGENT_RSA_RESPONSE) { 00389 fatal("Bad authentication response: %d", type); 00390 } else { 00391 success = 1; 00392 /* 00393 * Get the response from the packet. This will abort with a 00394 * fatal error if the packet is corrupt. 00395 */ 00396 for (i = 0; i < 16; i++) 00397 response[i] = buffer_get_char(&buffer); 00398 } 00399 buffer_free(&buffer); 00400 return success; 00401 }
|
|
||||||||||||||||
|
Definition at line 450 of file authfd.c. References buffer_put_bignum(), buffer_put_cstring(), and buffer_put_int(). Referenced by ssh_add_identity_constrained(). 00451 { 00452 buffer_put_int(b, BN_num_bits(key->n)); 00453 buffer_put_bignum(b, key->n); 00454 buffer_put_bignum(b, key->e); 00455 buffer_put_bignum(b, key->d); 00456 /* To keep within the protocol: p < q for ssh. in SSL p > q */ 00457 buffer_put_bignum(b, key->iqmp); /* ssh key->u */ 00458 buffer_put_bignum(b, key->q); /* ssh key->p, SSL key->q */ 00459 buffer_put_bignum(b, key->p); /* ssh key->q, SSL key->p */ 00460 buffer_put_cstring(b, comment); 00461 }
|
|
||||||||||||||||
|
Definition at line 464 of file authfd.c. References buffer_put_bignum2(), buffer_put_cstring(), Key::dsa, KEY_DSA, KEY_RSA, key_ssh_name(), Key::rsa, and Key::type. Referenced by ssh_add_identity_constrained(). 00465 { 00466 buffer_put_cstring(b, key_ssh_name(key)); 00467 switch (key->type) { 00468 case KEY_RSA: 00469 buffer_put_bignum2(b, key->rsa->n); 00470 buffer_put_bignum2(b, key->rsa->e); 00471 buffer_put_bignum2(b, key->rsa->d); 00472 buffer_put_bignum2(b, key->rsa->iqmp); 00473 buffer_put_bignum2(b, key->rsa->p); 00474 buffer_put_bignum2(b, key->rsa->q); 00475 break; 00476 case KEY_DSA: 00477 buffer_put_bignum2(b, key->dsa->p); 00478 buffer_put_bignum2(b, key->dsa->q); 00479 buffer_put_bignum2(b, key->dsa->g); 00480 buffer_put_bignum2(b, key->dsa->pub_key); 00481 buffer_put_bignum2(b, key->dsa->priv_key); 00482 break; 00483 } 00484 buffer_put_cstring(b, comment); 00485 }
|
|
|
Definition at line 183 of file authfd.c. References buffer_init(), ssh_get_authentication_socket(), and xmalloc(). Referenced by main(), pubkey_prepare(), and try_agent_authentication(). 00184 { 00185 AuthenticationConnection *auth; 00186 int sock; 00187 00188 sock = ssh_get_authentication_socket(); 00189 00190 /* 00191 * Fail if we couldn't obtain a connection. This happens if we 00192 * exited due to a timeout. 00193 */ 00194 if (sock < 0) 00195 return NULL; 00196 00197 auth = xmalloc(sizeof(*auth)); 00198 auth->fd = sock; 00199 buffer_init(&auth->identities); 00200 auth->howmany = 0; 00201 00202 return auth; 00203 }
|
|
|
Definition at line 84 of file authfd.c. References agent_present, SSH_AUTHSOCKET_ENV_NAME, strlcpy(), sockaddr_un::sun_family, and sockaddr_un::sun_path. Referenced by client_input_agent_open(), client_request_agent(), ssh_agent_present(), and ssh_get_authentication_connection(). 00085 { 00086 const char *authsocket; 00087 int sock; 00088 struct sockaddr_un sunaddr; 00089 00090 authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); 00091 if (!authsocket) 00092 return -1; 00093 00094 sunaddr.sun_family = AF_UNIX; 00095 strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); 00096 00097 sock = socket(AF_UNIX, SOCK_STREAM, 0); 00098 if (sock < 0) 00099 return -1; 00100 00101 /* close on exec */ 00102 if (fcntl(sock, F_SETFD, 1) == -1) { 00103 close(sock); 00104 return -1; 00105 } 00106 if (connect(sock, (struct sockaddr *) &sunaddr, sizeof sunaddr) < 0) { 00107 close(sock); 00108 return -1; 00109 } 00110 agent_present = 1; 00111 return sock; 00112 }
|
|
||||||||||||||||
|
Definition at line 293 of file authfd.c. References ssh_get_next_identity(), and ssh_get_num_identities(). Referenced by list_identities(), pubkey_prepare(), and try_agent_authentication(). 00294 { 00295 /* get number of identities and return the first entry (if any). */ 00296 if (ssh_get_num_identities(auth, version) > 0) 00297 return ssh_get_next_identity(auth, comment, version); 00298 return NULL; 00299 }
|
|
||||||||||||||||
|
Definition at line 302 of file authfd.c. References bits, buffer_get_bignum(), buffer_get_int(), buffer_get_string(), AuthenticationConnection::howmany, AuthenticationConnection::identities, key_from_blob(), key_new(), KEY_RSA1, logit(), Key::rsa, and xfree(). Referenced by list_identities(), pubkey_prepare(), ssh_get_first_identity(), and try_agent_authentication(). 00303 { 00304 int keybits; 00305 u_int bits; 00306 u_char *blob; 00307 u_int blen; 00308 Key *key = NULL; 00309 00310 /* Return failure if no more entries. */ 00311 if (auth->howmany <= 0) 00312 return NULL; 00313 00314 /* 00315 * Get the next entry from the packet. These will abort with a fatal 00316 * error if the packet is too short or contains corrupt data. 00317 */ 00318 switch (version) { 00319 case 1: 00320 key = key_new(KEY_RSA1); 00321 bits = buffer_get_int(&auth->identities); 00322 buffer_get_bignum(&auth->identities, key->rsa->e); 00323 buffer_get_bignum(&auth->identities, key->rsa->n); 00324 *comment = buffer_get_string(&auth->identities, NULL); 00325 keybits = BN_num_bits(key->rsa->n); 00326 if (keybits < 0 || bits != (u_int)keybits) 00327 logit("Warning: identity keysize mismatch: actual %d, announced %u", 00328 BN_num_bits(key->rsa->n), bits); 00329 break; 00330 case 2: 00331 blob = buffer_get_string(&auth->identities, &blen); 00332 *comment = buffer_get_string(&auth->identities, NULL); 00333 key = key_from_blob(blob, blen); 00334 xfree(blob); 00335 break; 00336 default: 00337 return NULL; 00338 break; 00339 } 00340 /* Decrement the number of remaining entries. */ 00341 auth->howmany--; 00342 return key; 00343 }
|
|
||||||||||||
|
Definition at line 243 of file authfd.c. References agent_failed, buffer_clear(), buffer_free(), buffer_get_char(), buffer_get_int(), buffer_init(), buffer_put_char(), fatal(), AuthenticationConnection::howmany, AuthenticationConnection::identities, SSH2_AGENT_IDENTITIES_ANSWER, SSH2_AGENTC_REQUEST_IDENTITIES, SSH_AGENT_RSA_IDENTITIES_ANSWER, SSH_AGENTC_REQUEST_RSA_IDENTITIES, and ssh_request_reply(). Referenced by ssh_get_first_identity(). 00244 { 00245 int type, code1 = 0, code2 = 0; 00246 Buffer request; 00247 00248 switch (version) { 00249 case 1: 00250 code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES; 00251 code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER; 00252 break; 00253 case 2: 00254 code1 = SSH2_AGENTC_REQUEST_IDENTITIES; 00255 code2 = SSH2_AGENT_IDENTITIES_ANSWER; 00256 break; 00257 default: 00258 return 0; 00259 } 00260 00261 /* 00262 * Send a message to the agent requesting for a list of the 00263 * identities it can represent. 00264 */ 00265 buffer_init(&request); 00266 buffer_put_char(&request, code1); 00267 00268 buffer_clear(&auth->identities); 00269 if (ssh_request_reply(auth, &request, &auth->identities) == 0) { 00270 buffer_free(&request); 00271 return 0; 00272 } 00273 buffer_free(&request); 00274 00275 /* Get message type, and verify that we got a proper answer. */ 00276 type = buffer_get_char(&auth->identities); 00277 if (agent_failed(type)) { 00278 return 0; 00279 } else if (type != code2) { 00280 fatal("Bad authentication reply message type: %d", type); 00281 } 00282 00283 /* Get the number of entries in the response and check it for sanity. */ 00284 auth->howmany = buffer_get_int(&auth->identities); 00285 if ((u_int)auth->howmany > 1024) 00286 fatal("Too many identities in authentication reply: %d", 00287 auth->howmany); 00288 00289 return auth->howmany; 00290 }
|
|
||||||||||||||||
|
Definition at line 220 of file authfd.c. References buffer_free(), buffer_get_char(), buffer_init(), buffer_put_char(), buffer_put_cstring(), decode_reply(), SSH_AGENTC_LOCK, SSH_AGENTC_UNLOCK, and ssh_request_reply(). Referenced by lock_agent(). 00221 { 00222 int type; 00223 Buffer msg; 00224 00225 buffer_init(&msg); 00226 buffer_put_char(&msg, lock ? SSH_AGENTC_LOCK : SSH_AGENTC_UNLOCK); 00227 buffer_put_cstring(&msg, password); 00228 00229 if (ssh_request_reply(auth, &msg, &msg) == 0) { 00230 buffer_free(&msg); 00231 return 0; 00232 } 00233 type = buffer_get_char(&msg); 00234 buffer_free(&msg); 00235 return decode_reply(type); 00236 }
|
|
||||||||||||
|
Definition at line 626 of file authfd.c. References buffer_free(), buffer_get_char(), buffer_init(), buffer_put_char(), decode_reply(), SSH2_AGENTC_REMOVE_ALL_IDENTITIES, SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES, and ssh_request_reply(). Referenced by delete_all(). 00627 { 00628 Buffer msg; 00629 int type; 00630 int code = (version==1) ? 00631 SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES : 00632 SSH2_AGENTC_REMOVE_ALL_IDENTITIES; 00633 00634 buffer_init(&msg); 00635 buffer_put_char(&msg, code); 00636 00637 if (ssh_request_reply(auth, &msg, &msg) == 0) { 00638 buffer_free(&msg); 00639 return 0; 00640 } 00641 type = buffer_get_char(&msg); 00642 buffer_free(&msg); 00643 return decode_reply(type); 00644 }
|
|
||||||||||||
|
Definition at line 551 of file authfd.c. References buffer_free(), buffer_get_char(), buffer_init(), buffer_put_bignum(), buffer_put_char(), buffer_put_int(), buffer_put_string(), decode_reply(), KEY_DSA, KEY_RSA, KEY_RSA1, key_to_blob(), Key::rsa, SSH2_AGENTC_REMOVE_IDENTITY, SSH_AGENTC_REMOVE_RSA_IDENTITY, ssh_request_reply(), Key::type, and xfree(). Referenced by delete_file(). 00552 { 00553 Buffer msg; 00554 int type; 00555 u_char *blob; 00556 u_int blen; 00557 00558 buffer_init(&msg); 00559 00560 if (key->type == KEY_RSA1) { 00561 buffer_put_char(&msg, SSH_AGENTC_REMOVE_RSA_IDENTITY); 00562 buffer_put_int(&msg, BN_num_bits(key->rsa->n)); 00563 buffer_put_bignum(&msg, key->rsa->e); 00564 buffer_put_bignum(&msg, key->rsa->n); 00565 } else if (key->type == KEY_DSA || key->type == KEY_RSA) { 00566 key_to_blob(key, &blob, &blen); 00567 buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY); 00568 buffer_put_string(&msg, blob, blen); 00569 xfree(blob); 00570 } else { 00571 buffer_free(&msg); 00572 return 0; 00573 } 00574 if (ssh_request_reply(auth, &msg, &msg) == 0) { 00575 buffer_free(&msg); 00576 return 0; 00577 } 00578 type = buffer_get_char(&msg); 00579 buffer_free(&msg); 00580 return decode_reply(type); 00581 }
|
|
||||||||||||||||
|
Definition at line 115 of file authfd.c. References atomicio(), buffer_append(), buffer_clear(), buffer_len(), buffer_ptr(), error(), fatal(), AuthenticationConnection::fd, GET_32BIT, PUT_32BIT, and vwrite. Referenced by ssh_add_identity_constrained(), ssh_agent_sign(), ssh_decrypt_challenge(), ssh_get_num_identities(), ssh_lock_agent(), ssh_remove_all_identities(), ssh_remove_identity(), and ssh_update_card(). 00116 { 00117 u_int l, len; 00118 char buf[1024]; 00119 00120 /* Get the length of the message, and format it in the buffer. */ 00121 len = buffer_len(request); 00122 PUT_32BIT(buf, len); 00123 00124 /* Send the length and then the packet to the agent. */ 00125 if (atomicio(vwrite, auth->fd, buf, 4) != 4 || 00126 atomicio(vwrite, auth->fd, buffer_ptr(request), 00127 buffer_len(request)) != buffer_len(request)) { 00128 error("Error writing to authentication socket."); 00129 return 0; 00130 } 00131 /* 00132 * Wait for response from the agent. First read the length of the 00133 * response packet. 00134 */ 00135 if (atomicio(read, auth->fd, buf, 4) != 4) { 00136 error("Error reading response length from authentication socket."); 00137 return 0; 00138 } 00139 00140 /* Extract the length, and check it for sanity. */ 00141 len = GET_32BIT(buf); 00142 if (len > 256 * 1024) 00143 fatal("Authentication response too long: %u", len); 00144 00145 /* Read the rest of the response in to the buffer. */ 00146 buffer_clear(reply); 00147 while (len > 0) { 00148 l = len; 00149 if (l > sizeof(buf)) 00150 l = sizeof(buf); 00151 if (atomicio(read, auth->fd, buf, l) != l) { 00152 error("Error reading response from authentication socket."); 00153 return 0; 00154 } 00155 buffer_append(reply, buf, l); 00156 len -= l; 00157 } 00158 return 1; 00159 }
|
|
||||||||||||||||||||||||||||
|
|
Definition at line 56 of file authfd.c. Referenced by ssh_agent_present(), and ssh_get_authentication_socket(). |