-/* $OpenBSD: sshconnect2.c,v 1.285 2018/09/14 04:17:12 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.286 2018/09/14 04:44:04 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
return 0;
}
-/*
- * Format an identity for logging including filename, key type, fingerprint
- * and location (agent, etc.). Caller must free.
- */
-static char *
-format_identity(Identity *id)
-{
- char *fp, *ret = NULL;
-
- if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash,
- SSH_FP_DEFAULT)) == NULL)
- fatal("%s: sshkey_fingerprint failed", __func__);
- xasprintf(&ret, "%s %s %s%s%s%s",
- id->filename, sshkey_type(id->key), fp,
- id->userprovided ? ", explicit" : "",
- (id->key->flags & SSHKEY_FLAG_EXT) ? ", token" : "",
- id->agent_fd != -1 ? ", agent" : "");
- free(fp);
- return ret;
-}
-
/* ARGSUSED */
int
input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh)
Authctxt *authctxt = ssh->authctxt;
struct sshkey *key = NULL;
Identity *id = NULL;
- int pktype, found = 0, sent = 0;
+ int pktype, sent = 0;
size_t blen;
- char *pkalg = NULL, *fp = NULL, *ident = NULL;
+ char *pkalg = NULL, *fp;
u_char *pkblob = NULL;
int r;
(r = sshpkt_get_end(ssh)) != 0)
goto done;
+ debug("Server accepts key: pkalg %s blen %zu", pkalg, blen);
+
if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) {
- debug("%s: server sent unknown pkalg %s", __func__, pkalg);
+ debug("unknown pkalg %s", pkalg);
goto done;
}
if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) {
key->type, pktype);
goto done;
}
+ if ((fp = sshkey_fingerprint(key, options.fingerprint_hash,
+ SSH_FP_DEFAULT)) == NULL)
+ goto done;
+ debug2("input_userauth_pk_ok: fp %s", fp);
+ free(fp);
/*
* search keys in the reverse order, because last candidate has been
*/
TAILQ_FOREACH_REVERSE(id, &authctxt->keys, idlist, next) {
if (sshkey_equal(key, id->key)) {
- found = 1;
+ sent = sign_and_send_pubkey(ssh, authctxt, id);
break;
}
}
- if (!found || id == NULL) {
- fp = sshkey_fingerprint(key, options.fingerprint_hash,
- SSH_FP_DEFAULT);
- error("%s: server replied with unknown key: %s %s", __func__,
- sshkey_type(key), fp == NULL ? "<ERROR>" : fp);
- goto done;
- }
- ident = format_identity(id);
- debug("Server accepts key: %s", ident);
- sent = sign_and_send_pubkey(ssh, authctxt, id);
r = 0;
done:
sshkey_free(key);
- free(ident);
- free(fp);
free(pkalg);
free(pkblob);
int agent_fd = -1, i, r, found;
size_t j;
struct ssh_identitylist *idlist;
- char *ident;
TAILQ_INIT(&agent); /* keys from the agent */
TAILQ_INIT(&files); /* keys from the config file */
memset(id, 0, sizeof(*id));
continue;
}
- ident = format_identity(id);
- debug("Will attempt key: %s", ident);
- free(ident);
+ debug2("key: %s (%p)%s%s", id->filename, id->key,
+ id->userprovided ? ", explicit" : "",
+ id->agent_fd != -1 ? ", agent" : "");
}
- debug2("%s: done", __func__);
}
static void
struct ssh *ssh = active_state; /* XXX */
Identity *id;
int sent = 0;
- char *ident;
+ char *fp;
while ((id = TAILQ_FIRST(&authctxt->keys))) {
if (id->tried++)
*/
if (id->key != NULL) {
if (try_identity(id)) {
- ident = format_identity(id);
- debug("Offering public key: %s", ident);
- free(ident);
+ if ((fp = sshkey_fingerprint(id->key,
+ options.fingerprint_hash,
+ SSH_FP_DEFAULT)) == NULL) {
+ error("%s: sshkey_fingerprint failed",
+ __func__);
+ return 0;
+ }
+ debug("Offering public key: %s %s %s",
+ sshkey_type(id->key), fp, id->filename);
+ free(fp);
sent = send_pubkey_test(ssh, authctxt, id);
}
} else {
projects / openbsd / commitdiff