* src/pki_gcrypt.c (pki_export_pubkey_rsa1): Rework to be more
idiomatic. Fix leaking MPIs.
Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* src/pki_gcrypt.c (pki_publickey_to_blob): Rework using the new
helper 'ssh_sexp_extract_mpi'.
Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* src/pki_gcrypt.c (pki_key_dup): Rework to be more idiomatic.
Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* src/options.c (ssh_options_getopt): Only call 'ssh_options_set' if
a port has been given.
Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* tests/torture.c (torture_setup_create_sshd_config): Rework how the
location of the sftp server is discovered, and add the Debian-specific
location.
Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* src/pki_gcrypt.c (asn1_get): Generalize from 'asn1_get_int'.
(asn1_get_int): New function simply calling 'asn1_get'.
Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
- enabled TrustedUserCAKeys option in torture.c
- adds a new set of (signed) keys for bob in a separate dir
The private key used to generate the certs is included, but not required.
Signed-off-by: Axel Eppe <aeppe@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Due to a byte/bit confusion, the DH secret was too short. This file was
completely reworked and will be commited in a future version.
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Documentation now is congruent with the code:
- SSH_OK is returned on success,
- SSH_ERROR is returned on error.
Signed-off-by: Younes Serraj <younes.serraj@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
ssh-agent needs to be executed as the local user and not a fake user or
we will not be able to add identies.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Note that removing ssh_buffer_get_begin() doesn't break API
compatibility, as this functions has never been exposed (it only
has the LIBSSH_API prefix).
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is a preparatory stage for removing ssh_buffer_get_begin().
Note that removing ssh_buffer_get_begin() doesn't break API
compatibility, as this functions has never been exposed (it only has the
LIBSSH_API prefix).
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
As ssh_buffer_get_len() actually calls ssh_buffer_get_rest_len(), let's
just use the first one. This is a preparatory step for removing
ssh_buffer_get_rest_len().
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This is a preparatory step for having the behavior of
ssh_buffer_get_rest_len() in the ssh_buffer_get_len() and then remove
the ssh_buffer_rest_len()
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
