1
1

Improve the autopubkey authentication.

git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@658 7dcaeef0-15fb-0310-b436-a5af3365683c
Этот коммит содержится в:
Andreas Schneider 2009-04-30 13:58:20 +00:00
родитель 06a0dea2ad
Коммит 567cc5984a
5 изменённых файлов: 22 добавлений и 33 удалений

Просмотреть файл

@ -256,9 +256,9 @@ PUBLIC_KEY *publickey_from_privatekey(PRIVATE_KEY *prv);
void privatekey_free(PRIVATE_KEY *prv);
STRING *publickey_from_file(SSH_SESSION *session, const char *filename,
int *type);
STRING *publickey_from_next_file(SSH_SESSION *session,
struct keys_struct *keytab, size_t keytab_size,
char **privkeyfile, int *type, unsigned int *count);
STRING *try_publickey_from_file(SSH_SESSION *session,
struct keys_struct keytab,
char **privkeyfile, int *type);
int ssh_is_server_known(SSH_SESSION *session);
int ssh_write_knownhost(SSH_SESSION *session);

Просмотреть файл

@ -88,6 +88,7 @@ set(libssh_SRCS
socket.c
string.c
wrapper.c
libssh.map
)
if (WITH_SFTP)

Просмотреть файл

@ -738,7 +738,7 @@ int ssh_userauth_autopubkey(SSH_SESSION *session, const char *passphrase) {
char *privkeyfile = NULL;
char *id = NULL;
size_t size;
unsigned int count = 0;
unsigned int i = 0;
int type = 0;
int rc;
@ -834,8 +834,15 @@ int ssh_userauth_autopubkey(SSH_SESSION *session, const char *passphrase) {
keytab[size - 1].public = id;
}
while ((pubkey = publickey_from_next_file(session, keytab, size,
&privkeyfile, &type, &count))) {
for (i = 0, pubkey = try_publickey_from_file(session, keytab[i],
&privkeyfile, &type);
i < size;
pubkey = try_publickey_from_file(session, keytab[++i],
&privkeyfile, &type)) {
if (pubkey == NULL) {
continue;
}
rc = ssh_userauth_offer_pubkey(session, NULL, type, pubkey);
if (rc == SSH_AUTH_ERROR){
if (id != NULL) {

Просмотреть файл

@ -919,18 +919,8 @@ STRING *publickey_from_file(SSH_SESSION *session, const char *filename,
return str;
}
/*
* Why a recursive function?
*
* publickey_from_next_file() will be executed until NULL is returned
* We can't return NULL if one of the possible keys is wrong. We want to
* test them before getting over
*/
STRING *publickey_from_next_file(SSH_SESSION *session,
struct keys_struct *keytab, size_t keytab_size,
char **privkeyfile, int *type,
unsigned int *count) {
STRING *try_publickey_from_file(SSH_SESSION *session, struct keys_struct keytab,
char **privkeyfile, int *type) {
static char *home = NULL;
char public[256] = {0};
@ -948,36 +938,28 @@ STRING *publickey_from_next_file(SSH_SESSION *session,
}
}
if (*count >= keytab_size) {
return NULL;
}
pub = keytab[*count].public;
pub = keytab.public;
if (pub == NULL) {
return NULL;
}
priv = keytab[*count].private;
priv = keytab.private;
if (priv == NULL) {
return NULL;
}
(*count)++;
/* are them readable ? */
snprintf(public, sizeof(public), pub, home);
ssh_log(session, SSH_LOG_PACKET, "Trying to open public key %s", public);
if (!ssh_file_readaccess_ok(public)) {
ssh_log(session, SSH_LOG_PACKET, "Failed");
return publickey_from_next_file(session, keytab, keytab_size,
privkeyfile, type, count);
return NULL;
}
snprintf(private, sizeof(private), priv, home);
ssh_log(session, SSH_LOG_PACKET, "Trying to open private key %s", private);
if (!ssh_file_readaccess_ok(private)) {
ssh_log(session, SSH_LOG_PACKET, "Failed");
return publickey_from_next_file(session, keytab, keytab_size,
privkeyfile, type, count);
return NULL;
}
ssh_log(session, SSH_LOG_PACKET, "Success reading public and private key");
@ -992,8 +974,7 @@ STRING *publickey_from_next_file(SSH_SESSION *session,
"Wasn't able to open public key file %s: %s",
public,
ssh_get_error(session));
return publickey_from_next_file(session, keytab, keytab_size,
privkeyfile, type, count);
return NULL;
}
new = realloc(*privkeyfile, strlen(private) + 1);

Просмотреть файл

@ -12,7 +12,7 @@ SSH_0.3 {
ssh_get_pubkey_hash; ssh_get_pubkey;
ssh_fd_poll; ssh_select; publickey_free;
privatekey_from_file; publickey_to_string; publickey_from_privatekey;
private_key_free; publickey_from_file; publickey_from_next_file;
private_key_free; publickey_from_file; try_publickey_from_file;
ssh_is_server_known; ssh_write_knownhost;
channel_new; channel_open_forward; channel_open_session; channel_free;
channel_request_pty; channel_request_pty_size; channel_change_pty_size;