diff options
| author | Christian Weisgerber <naddy@cvs.openbsd.org> | 2017-05-05 10:42:50 +0000 |
|---|---|---|
| committer | Christian Weisgerber <naddy@cvs.openbsd.org> | 2017-05-05 10:42:50 +0000 |
| commit | 5ac74aa8fe9652dbd879cd387ea23950ba0abd3d (patch) | |
| tree | 86d0e6905b34d1a66a4078483c33ed4f65a40196 | |
| parent | 602ecd9b21c75fe279274d28502b986e4163a0bb (diff) | |
more simplification and removal of SSHv1-related code; ok djm@
| -rw-r--r-- | usr.bin/ssh/authfd.c | 46 | ||||
| -rw-r--r-- | usr.bin/ssh/authfd.h | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/pathnames.h | 3 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-add.c | 62 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect2.c | 4 |
5 files changed, 44 insertions, 76 deletions
diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c index 827d31b5dea..3e7962dd77e 100644 --- a/usr.bin/ssh/authfd.c +++ b/usr.bin/ssh/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.102 2017/05/04 06:10:57 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.103 2017/05/05 10:42:49 naddy Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -225,35 +225,21 @@ deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp) * Fetch list of identities held by the agent. */ int -ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp) +ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp) { - u_char type, code1 = 0, code2 = 0; + u_char type; u_int32_t num, i; struct sshbuf *msg; struct ssh_identitylist *idl = NULL; int r; - /* Determine request and expected response types */ - switch (version) { - case 1: - code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES; - code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER; - break; - case 2: - code1 = SSH2_AGENTC_REQUEST_IDENTITIES; - code2 = SSH2_AGENT_IDENTITIES_ANSWER; - break; - default: - return SSH_ERR_INVALID_ARGUMENT; - } - /* * Send a message to the agent requesting for a list of the * identities it can represent. */ if ((msg = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_put_u8(msg, code1)) != 0) + if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_REQUEST_IDENTITIES)) != 0) goto out; if ((r = ssh_request_reply(sock, msg, msg)) != 0) @@ -265,7 +251,7 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp) if (agent_failed(type)) { r = SSH_ERR_AGENT_FAILURE; goto out; - } else if (type != code2) { + } else if (type != SSH2_AGENT_IDENTITIES_ANSWER) { r = SSH_ERR_INVALID_FORMAT; goto out; } @@ -290,20 +276,14 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp) goto out; } for (i = 0; i < num;) { - switch (version) { - case 1: - break; - case 2: - if ((r = deserialise_identity2(msg, - &(idl->keys[i]), &(idl->comments[i]))) != 0) { - if (r == SSH_ERR_KEY_TYPE_UNKNOWN) { - /* Gracefully skip unknown key types */ - num--; - continue; - } else - goto out; - } - break; + if ((r = deserialise_identity2(msg, &(idl->keys[i]), + &(idl->comments[i]))) != 0) { + if (r == SSH_ERR_KEY_TYPE_UNKNOWN) { + /* Gracefully skip unknown key types */ + num--; + continue; + } else + goto out; } i++; } diff --git a/usr.bin/ssh/authfd.h b/usr.bin/ssh/authfd.h index 4b417e3f4a2..0e98331d7b4 100644 --- a/usr.bin/ssh/authfd.h +++ b/usr.bin/ssh/authfd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.39 2015/12/04 16:41:28 markus Exp $ */ +/* $OpenBSD: authfd.h,v 1.40 2017/05/05 10:42:49 naddy Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -27,8 +27,7 @@ int ssh_get_authentication_socket(int *fdp); void ssh_close_authentication_socket(int sock); int ssh_lock_agent(int sock, int lock, const char *password); -int ssh_fetch_identitylist(int sock, int version, - struct ssh_identitylist **idlp); +int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp); void ssh_free_identitylist(struct ssh_identitylist *idl); int ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment, u_int life, u_int confirm); diff --git a/usr.bin/ssh/pathnames.h b/usr.bin/ssh/pathnames.h index 314849bc002..b1bd7b82e5b 100644 --- a/usr.bin/ssh/pathnames.h +++ b/usr.bin/ssh/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.26 2017/05/03 21:08:09 naddy Exp $ */ +/* $OpenBSD: pathnames.h,v 1.27 2017/05/05 10:42:49 naddy Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -63,7 +63,6 @@ * Name of the default file containing client-side authentication key. This * file should only be readable by the user him/herself. */ -#define _PATH_SSH_CLIENT_IDENTITY _PATH_SSH_USER_DIR "/identity" #define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa" #define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa" #define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa" diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c index 11ae9eaee34..b24a6c982f9 100644 --- a/usr.bin/ssh/ssh-add.c +++ b/usr.bin/ssh/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.130 2017/05/04 06:10:57 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -354,46 +354,36 @@ static int list_identities(int agent_fd, int do_fp) { char *fp; - int r, had_identities = 0; + int r; struct ssh_identitylist *idlist; size_t i; - int version = 2; - - for (; version <= 2; version++) { - if ((r = ssh_fetch_identitylist(agent_fd, version, - &idlist)) != 0) { - if (r != SSH_ERR_AGENT_NO_IDENTITIES) - fprintf(stderr, "error fetching identities for " - "protocol %d: %s\n", version, ssh_err(r)); - continue; - } - for (i = 0; i < idlist->nkeys; i++) { - had_identities = 1; - if (do_fp) { - fp = sshkey_fingerprint(idlist->keys[i], - fingerprint_hash, SSH_FP_DEFAULT); - printf("%u %s %s (%s)\n", - sshkey_size(idlist->keys[i]), - fp == NULL ? "(null)" : fp, - idlist->comments[i], - sshkey_type(idlist->keys[i])); - free(fp); - } else { - if ((r = sshkey_write(idlist->keys[i], - stdout)) != 0) { - fprintf(stderr, "sshkey_write: %s\n", - ssh_err(r)); - continue; - } - fprintf(stdout, " %s\n", idlist->comments[i]); + + if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { + if (r != SSH_ERR_AGENT_NO_IDENTITIES) + fprintf(stderr, "error fetching identities: %s\n", + ssh_err(r)); + else + printf("The agent has no identities.\n"); + return -1; + } + for (i = 0; i < idlist->nkeys; i++) { + if (do_fp) { + fp = sshkey_fingerprint(idlist->keys[i], + fingerprint_hash, SSH_FP_DEFAULT); + printf("%u %s %s (%s)\n", sshkey_size(idlist->keys[i]), + fp == NULL ? "(null)" : fp, idlist->comments[i], + sshkey_type(idlist->keys[i])); + free(fp); + } else { + if ((r = sshkey_write(idlist->keys[i], stdout)) != 0) { + fprintf(stderr, "sshkey_write: %s\n", + ssh_err(r)); + continue; } + fprintf(stdout, " %s\n", idlist->comments[i]); } - ssh_free_identitylist(idlist); - } - if (!had_identities) { - printf("The agent has no identities.\n"); - return -1; } + ssh_free_identitylist(idlist); return 0; } diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index 41af1329848..1b257f5d3e7 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.257 2017/04/30 23:18:44 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.258 2017/05/05 10:42:49 naddy Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1337,7 +1337,7 @@ pubkey_prepare(Authctxt *authctxt) if (r != SSH_ERR_AGENT_NOT_PRESENT) debug("%s: ssh_get_authentication_socket: %s", __func__, ssh_err(r)); - } else if ((r = ssh_fetch_identitylist(agent_fd, 2, &idlist)) != 0) { + } else if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { if (r != SSH_ERR_AGENT_NO_IDENTITIES) debug("%s: ssh_fetch_identitylist: %s", __func__, ssh_err(r)); |