* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-keysign.c,v 1.3 2002/06/08 05:07:09 markus Exp $");
+RCSID("$OpenBSD: ssh-keysign.c,v 1.4 2002/06/19 00:27:55 deraadt Exp $");
#include <openssl/evp.h>
buffer_init(&b);
buffer_append(&b, data, datalen);
-
+
/* session id, currently limited to SHA1 (20 bytes) */
p = buffer_get_string(&b, &len);
if (len != 20)
if (strlen(host) != len - 1)
fail++;
else if (p[len - 1] != '.')
- fail++;
+ fail++;
else if (strncasecmp(host, p, len - 1) != 0)
- fail++;
+ fail++;
xfree(p);
/* local user */
#ifdef DEBUG_SSH_KEYSIGN
log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0);
-#endif
+#endif
if (key_fd[0] == -1 && key_fd[1] == -1)
fatal("could not open any host key");
if ((pw = getpwuid(getuid())) == NULL)
fatal("getpwuid failed");
- pw = pwcopy(pw);
+ pw = pwcopy(pw);
SSLeay_add_all_algorithms();
fatal("bad fd");
if ((host = get_local_name(fd)) == NULL)
fatal("cannot get sockname for fd");
-
+
data = buffer_get_string(&b, &dlen);
if (valid_request(pw, host, &key, data, dlen) < 0)
fatal("not a valid request");
if (key_sign(keys[i], &signature, &slen, data, dlen) != 0)
fatal("key_sign failed");
-
+
/* send reply */
buffer_clear(&b);
buffer_put_string(&b, signature, slen);
andersk / openssh.git / blobdiff