summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2017-05-30 08:52:21 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2017-05-30 08:52:21 +0000
commitcc2efdc778a9071f7f5b35d3fa3c9a26d6525008 (patch)
tree1e6a377a566575001a832a532a65960c899528c8 /usr.bin/ssh
parent34bf482284da013917fbcc08be5c439207272f32 (diff)
switch from Key typedef with struct sshkey; ok djm@
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r--usr.bin/ssh/auth.c6
-rw-r--r--usr.bin/ssh/auth.h27
-rw-r--r--usr.bin/ssh/auth2-hostbased.c6
-rw-r--r--usr.bin/ssh/auth2-pubkey.c19
-rw-r--r--usr.bin/ssh/monitor.c6
-rw-r--r--usr.bin/ssh/monitor_wrap.c14
-rw-r--r--usr.bin/ssh/monitor_wrap.h14
-rw-r--r--usr.bin/ssh/ssh-pkcs11-client.c6
-rw-r--r--usr.bin/ssh/ssh-pkcs11-helper.c14
-rw-r--r--usr.bin/ssh/ssh.c10
-rw-r--r--usr.bin/ssh/sshconnect.c22
-rw-r--r--usr.bin/ssh/sshconnect.h12
-rw-r--r--usr.bin/ssh/sshconnect2.c14
-rw-r--r--usr.bin/ssh/sshd.c43
14 files changed, 110 insertions, 103 deletions
diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c
index b8008a541b4..8f0b8ed2c2c 100644
--- a/usr.bin/ssh/auth.c
+++ b/usr.bin/ssh/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.120 2017/05/17 01:24:17 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.121 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -336,7 +336,7 @@ authorized_principals_file(struct passwd *pw)
/* return ok if key exists in sysfile or userfile */
HostStatus
-check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
+check_key_in_hostfiles(struct passwd *pw, struct sshkey *key, const char *host,
const char *sysfile, const char *userfile)
{
char *user_hostfile;
@@ -567,7 +567,7 @@ getpwnamallow(const char *user)
/* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */
int
-auth_key_is_revoked(Key *key)
+auth_key_is_revoked(struct sshkey *key)
{
char *fp = NULL;
int r;
diff --git a/usr.bin/ssh/auth.h b/usr.bin/ssh/auth.h
index 2ce0d373dfb..dfc280a1a6a 100644
--- a/usr.bin/ssh/auth.h
+++ b/usr.bin/ssh/auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.h,v 1.89 2016/08/13 17:47:41 markus Exp $ */
+/* $OpenBSD: auth.h,v 1.90 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -108,9 +108,10 @@ auth_rhosts2(struct passwd *, const char *, const char *, const char *);
int auth_password(Authctxt *, const char *);
-int hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
-int user_key_allowed(struct passwd *, Key *, int);
-void pubkey_auth_info(Authctxt *, const Key *, const char *, ...)
+int hostbased_key_allowed(struct passwd *, const char *, char *,
+ struct sshkey *);
+int user_key_allowed(struct passwd *, struct sshkey *, int);
+void pubkey_auth_info(Authctxt *, const struct sshkey *, const char *, ...)
__attribute__((__format__ (printf, 3, 4)));
void auth2_record_userkey(Authctxt *, struct sshkey *);
int auth2_userkey_already_used(Authctxt *, struct sshkey *);
@@ -157,22 +158,22 @@ char *authorized_principals_file(struct passwd *);
FILE *auth_openkeyfile(const char *, struct passwd *, int);
FILE *auth_openprincipals(const char *, struct passwd *, int);
-int auth_key_is_revoked(Key *);
+int auth_key_is_revoked(struct sshkey *);
const char *auth_get_canonical_hostname(struct ssh *, int);
HostStatus
-check_key_in_hostfiles(struct passwd *, Key *, const char *,
+check_key_in_hostfiles(struct passwd *, struct sshkey *, const char *,
const char *, const char *);
/* hostkey handling */
-Key *get_hostkey_by_index(int);
-Key *get_hostkey_public_by_index(int, struct ssh *);
-Key *get_hostkey_public_by_type(int, int, struct ssh *);
-Key *get_hostkey_private_by_type(int, int, struct ssh *);
-int get_hostkey_index(Key *, int, struct ssh *);
-int sshd_hostkey_sign(Key *, Key *, u_char **, size_t *,
- const u_char *, size_t, const char *, u_int);
+struct sshkey *get_hostkey_by_index(int);
+struct sshkey *get_hostkey_public_by_index(int, struct ssh *);
+struct sshkey *get_hostkey_public_by_type(int, int, struct ssh *);
+struct sshkey *get_hostkey_private_by_type(int, int, struct ssh *);
+int get_hostkey_index(struct sshkey *, int, struct ssh *);
+int sshd_hostkey_sign(struct sshkey *, struct sshkey *, u_char **,
+ size_t *, const u_char *, size_t, const char *, u_int);
/* debug messages during authentication */
void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
diff --git a/usr.bin/ssh/auth2-hostbased.c b/usr.bin/ssh/auth2-hostbased.c
index 9edfb3098d8..cf24777b094 100644
--- a/usr.bin/ssh/auth2-hostbased.c
+++ b/usr.bin/ssh/auth2-hostbased.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-hostbased.c,v 1.26 2016/03/07 19:02:43 djm Exp $ */
+/* $OpenBSD: auth2-hostbased.c,v 1.27 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -58,7 +58,7 @@ static int
userauth_hostbased(Authctxt *authctxt)
{
Buffer b;
- Key *key = NULL;
+ struct sshkey *key = NULL;
char *pkalg, *cuser, *chost, *service;
u_char *pkblob, *sig;
u_int alen, blen, slen;
@@ -157,7 +157,7 @@ done:
/* return 1 if given hostkey is allowed */
int
hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
- Key *key)
+ struct sshkey *key)
{
struct ssh *ssh = active_state; /* XXX */
const char *resolvedname, *ipaddr, *lookup, *reason;
diff --git a/usr.bin/ssh/auth2-pubkey.c b/usr.bin/ssh/auth2-pubkey.c
index 04be69c0f54..90221e4b5b9 100644
--- a/usr.bin/ssh/auth2-pubkey.c
+++ b/usr.bin/ssh/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.62 2017/01/30 01:03:00 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.63 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -75,7 +75,7 @@ static int
userauth_pubkey(Authctxt *authctxt)
{
Buffer b;
- Key *key = NULL;
+ struct sshkey *key = NULL;
char *pkalg, *userstyle, *fp = NULL;
u_char *pkblob, *sig;
u_int alen, blen, slen;
@@ -217,7 +217,8 @@ done:
}
void
-pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...)
+pubkey_auth_info(Authctxt *authctxt, const struct sshkey *key,
+ const char *fmt, ...)
{
char *fp, *extra;
va_list ap;
@@ -758,12 +759,12 @@ match_principals_command(struct passwd *user_pw, const struct sshkey *key)
* returns 1 if the key is allowed or 0 otherwise.
*/
static int
-check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
+check_authkeys_file(FILE *f, char *file, struct sshkey* key, struct passwd *pw)
{
char line[SSH_MAX_PUBKEY_BYTES];
int found_key = 0;
u_long linenum = 0;
- Key *found;
+ struct sshkey *found;
found_key = 0;
@@ -873,7 +874,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
/* Authenticate a certificate key against TrustedUserCAKeys */
static int
-user_cert_trusted_ca(struct passwd *pw, Key *key)
+user_cert_trusted_ca(struct passwd *pw, struct sshkey *key)
{
char *ca_fp, *principals_file = NULL;
const char *reason;
@@ -939,7 +940,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
* returns 1 if the key is allowed or 0 otherwise.
*/
static int
-user_key_allowed2(struct passwd *pw, Key *key, char *file)
+user_key_allowed2(struct passwd *pw, struct sshkey *key, char *file)
{
FILE *f;
int found_key = 0;
@@ -962,7 +963,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
* returns 1 if the key is allowed or 0 otherwise.
*/
static int
-user_key_command_allowed2(struct passwd *user_pw, Key *key)
+user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key)
{
FILE *f = NULL;
int r, ok, found_key = 0;
@@ -1085,7 +1086,7 @@ user_key_command_allowed2(struct passwd *user_pw, Key *key)
* Check whether key authenticates and authorises the user.
*/
int
-user_key_allowed(struct passwd *pw, Key *key, int auth_attempt)
+user_key_allowed(struct passwd *pw, struct sshkey *key, int auth_attempt)
{
u_int success, i;
char *file;
diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c
index b67efc7bd0e..84cf31e91e9 100644
--- a/usr.bin/ssh/monitor.c
+++ b/usr.bin/ssh/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.167 2017/02/03 23:05:57 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.168 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -828,7 +828,7 @@ mm_answer_bsdauthrespond(int sock, Buffer *m)
int
mm_answer_keyallowed(int sock, Buffer *m)
{
- Key *key;
+ struct sshkey *key;
char *cuser, *chost;
u_char *blob;
u_int bloblen, pubkey_auth_attempt;
@@ -1041,7 +1041,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
int
mm_answer_keyverify(int sock, Buffer *m)
{
- Key *key;
+ struct sshkey *key;
u_char *signature, *data, *blob;
u_int signaturelen, datalen, bloblen;
int verified = 0;
diff --git a/usr.bin/ssh/monitor_wrap.c b/usr.bin/ssh/monitor_wrap.c
index 8909424ca9a..7aaca9f9e79 100644
--- a/usr.bin/ssh/monitor_wrap.c
+++ b/usr.bin/ssh/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.90 2017/05/17 01:24:17 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.91 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -205,7 +205,7 @@ mm_choose_dh(int min, int nbits, int max)
#endif
int
-mm_key_sign(Key *key, u_char **sigp, u_int *lenp,
+mm_key_sign(struct sshkey *key, u_char **sigp, u_int *lenp,
const u_char *data, u_int datalen, const char *hostkey_alg)
{
struct kex *kex = *pmonitor->m_pkex;
@@ -357,7 +357,8 @@ mm_auth_password(Authctxt *authctxt, char *password)
}
int
-mm_user_key_allowed(struct passwd *pw, Key *key, int pubkey_auth_attempt)
+mm_user_key_allowed(struct passwd *pw, struct sshkey *key,
+ int pubkey_auth_attempt)
{
return (mm_key_allowed(MM_USERKEY, NULL, NULL, key,
pubkey_auth_attempt));
@@ -365,14 +366,14 @@ mm_user_key_allowed(struct passwd *pw, Key *key, int pubkey_auth_attempt)
int
mm_hostbased_key_allowed(struct passwd *pw, const char *user, const char *host,
- Key *key)
+ struct sshkey *key)
{
return (mm_key_allowed(MM_HOSTKEY, user, host, key, 0));
}
int
mm_key_allowed(enum mm_keytype type, const char *user, const char *host,
- Key *key, int pubkey_auth_attempt)
+ struct sshkey *key, int pubkey_auth_attempt)
{
Buffer m;
u_char *blob;
@@ -417,7 +418,8 @@ mm_key_allowed(enum mm_keytype type, const char *user, const char *host,
*/
int
-mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
+mm_key_verify(struct sshkey *key, u_char *sig, u_int siglen, u_char *data,
+ u_int datalen)
{
Buffer m;
u_char *blob;
diff --git a/usr.bin/ssh/monitor_wrap.h b/usr.bin/ssh/monitor_wrap.h
index 995584f4703..155eb3aa699 100644
--- a/usr.bin/ssh/monitor_wrap.h
+++ b/usr.bin/ssh/monitor_wrap.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.h,v 1.32 2016/09/28 16:33:07 djm Exp $ */
+/* $OpenBSD: monitor_wrap.h,v 1.33 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -40,16 +40,18 @@ struct Authctxt;
void mm_log_handler(LogLevel, const char *, void *);
int mm_is_monitor(void);
DH *mm_choose_dh(int, int, int);
-int mm_key_sign(Key *, u_char **, u_int *, const u_char *, u_int, const char *);
+int mm_key_sign(struct sshkey *, u_char **, u_int *, const u_char *, u_int,
+ const char *);
void mm_inform_authserv(char *, char *);
struct passwd *mm_getpwnamallow(const char *);
char *mm_auth2_read_banner(void);
int mm_auth_password(struct Authctxt *, char *);
-int mm_key_allowed(enum mm_keytype, const char *, const char *, Key *, int);
-int mm_user_key_allowed(struct passwd *, Key *, int);
+int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *,
+ int);
+int mm_user_key_allowed(struct passwd *, struct sshkey *, int);
int mm_hostbased_key_allowed(struct passwd *, const char *,
- const char *, Key *);
-int mm_key_verify(Key *, u_char *, u_int, u_char *, u_int);
+ const char *, struct sshkey *);
+int mm_key_verify(struct sshkey *, u_char *, u_int, u_char *, u_int);
#ifdef GSSAPI
OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
diff --git a/usr.bin/ssh/ssh-pkcs11-client.c b/usr.bin/ssh/ssh-pkcs11-client.c
index 9317cae3b7d..e1aca101039 100644
--- a/usr.bin/ssh/ssh-pkcs11-client.c
+++ b/usr.bin/ssh/ssh-pkcs11-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-client.c,v 1.6 2015/12/11 00:20:04 mmcc Exp $ */
+/* $OpenBSD: ssh-pkcs11-client.c,v 1.7 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright (c) 2010 Markus Friedl. All rights reserved.
*
@@ -100,7 +100,7 @@ static int
pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
int padding)
{
- Key key;
+ struct sshkey key; /* XXX */
u_char *blob, *signature = NULL;
u_int blen, slen = 0;
int ret = -1;
@@ -180,7 +180,7 @@ pkcs11_start_helper(void)
int
pkcs11_add_provider(char *name, char *pin, Key ***keysp)
{
- Key *k;
+ struct sshkey *k;
int i, nkeys;
u_char *blob;
u_int blen;
diff --git a/usr.bin/ssh/ssh-pkcs11-helper.c b/usr.bin/ssh/ssh-pkcs11-helper.c
index 5e0b64a6ad7..bd1003b089a 100644
--- a/usr.bin/ssh/ssh-pkcs11-helper.c
+++ b/usr.bin/ssh/ssh-pkcs11-helper.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-helper.c,v 1.12 2016/02/15 09:47:49 dtucker Exp $ */
+/* $OpenBSD: ssh-pkcs11-helper.c,v 1.13 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright (c) 2010 Markus Friedl. All rights reserved.
*
@@ -35,7 +35,7 @@
/* borrows code from sftp-server and ssh-agent */
struct pkcs11_keyinfo {
- Key *key;
+ struct sshkey *key;
char *providername;
TAILQ_ENTRY(pkcs11_keyinfo) next;
};
@@ -53,7 +53,7 @@ Buffer iqueue;
Buffer oqueue;
static void
-add_key(Key *k, char *name)
+add_key(struct sshkey *k, char *name)
{
struct pkcs11_keyinfo *ki;
@@ -80,8 +80,8 @@ del_keys_by_name(char *name)
}
/* lookup matching 'private' key */
-static Key *
-lookup_key(Key *k)
+static struct sshkey *
+lookup_key(struct sshkey *k)
{
struct pkcs11_keyinfo *ki;
@@ -107,7 +107,7 @@ static void
process_add(void)
{
char *name, *pin;
- Key **keys;
+ struct sshkey **keys;
int i, nkeys;
u_char *blob;
u_int blen;
@@ -163,7 +163,7 @@ process_sign(void)
u_char *blob, *data, *signature = NULL;
u_int blen, dlen, slen = 0;
int ok = -1;
- Key *key, *found;
+ struct sshkey *key, *found;
Buffer msg;
blob = get_string(&blen);
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index d183a67b560..2cb6a1d4b19 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.459 2017/05/02 08:06:33 jmc Exp $ */
+/* $OpenBSD: ssh.c,v 1.460 2017/05/30 08:52:19 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1244,7 +1244,7 @@ main(int ac, char **av)
if (options.hostbased_authentication) {
sensitive_data.nkeys = 9;
sensitive_data.keys = xcalloc(sensitive_data.nkeys,
- sizeof(Key));
+ sizeof(struct sshkey)); /* XXX */
PRIV_START;
sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA,
@@ -1799,16 +1799,16 @@ load_public_identity_files(void)
{
char *filename, *cp, thishost[NI_MAXHOST];
char *pwdir = NULL, *pwname = NULL;
- Key *public;
+ struct sshkey *public;
struct passwd *pw;
int i;
u_int n_ids, n_certs;
char *identity_files[SSH_MAX_IDENTITY_FILES];
- Key *identity_keys[SSH_MAX_IDENTITY_FILES];
+ struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES];
char *certificate_files[SSH_MAX_CERTIFICATE_FILES];
struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES];
#ifdef ENABLE_PKCS11
- Key **keys;
+ struct sshkey **keys;
int nkeys;
#endif /* PKCS11 */
diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c
index b80660094ce..4d522e558a9 100644
--- a/usr.bin/ssh/sshconnect.c
+++ b/usr.bin/ssh/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.278 2017/05/01 02:27:11 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.279 2017/05/30 08:52:19 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -57,7 +57,7 @@
char *client_version_string = NULL;
char *server_version_string = NULL;
-Key *previous_host_key = NULL;
+struct sshkey *previous_host_key = NULL;
static int matching_host_key_dns = 0;
@@ -69,8 +69,8 @@ extern char *__progname;
extern uid_t original_real_uid;
extern uid_t original_effective_uid;
-static int show_other_keys(struct hostkeys *, Key *);
-static void warn_changed_key(Key *);
+static int show_other_keys(struct hostkeys *, struct sshkey *);
+static void warn_changed_key(struct sshkey *);
/* Expand a proxy command */
static char *
@@ -657,7 +657,7 @@ confirm(const char *prompt)
}
static int
-check_host_cert(const char *host, const Key *host_key)
+check_host_cert(const char *host, const struct sshkey *host_key)
{
const char *reason;
@@ -739,13 +739,13 @@ get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr,
#define ROQUIET 2
static int
check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
- Key *host_key, int readonly,
+ struct sshkey *host_key, int readonly,
char **user_hostfiles, u_int num_user_hostfiles,
char **system_hostfiles, u_int num_system_hostfiles)
{
HostStatus host_status;
HostStatus ip_status;
- Key *raw_key = NULL;
+ struct sshkey *raw_key = NULL;
char *ip = NULL, *host = NULL;
char hostline[1000], *hostp, *fp, *ra;
char msg[1024];
@@ -1170,7 +1170,7 @@ fail:
/* returns 0 if key verifies or -1 if key does NOT verify */
int
-verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
+verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key)
{
u_int i;
int r = -1, flags = 0;
@@ -1336,7 +1336,7 @@ ssh_put_password(char *password)
/* print all known host keys for a given host, but skip keys of given type */
static int
-show_other_keys(struct hostkeys *hostkeys, Key *key)
+show_other_keys(struct hostkeys *hostkeys, struct sshkey *key)
{
int type[] = {
KEY_RSA,
@@ -1376,7 +1376,7 @@ show_other_keys(struct hostkeys *hostkeys, Key *key)
}
static void
-warn_changed_key(Key *host_key)
+warn_changed_key(struct sshkey *host_key)
{
char *fp;
@@ -1439,7 +1439,7 @@ ssh_local_cmd(const char *args)
}
void
-maybe_add_key_to_agent(char *authfile, Key *private, char *comment,
+maybe_add_key_to_agent(char *authfile, struct sshkey *private, char *comment,
char *passphrase)
{
int auth_sock = -1, r;
diff --git a/usr.bin/ssh/sshconnect.h b/usr.bin/ssh/sshconnect.h
index cf1851a959b..f4e73f7b151 100644
--- a/usr.bin/ssh/sshconnect.h
+++ b/usr.bin/ssh/sshconnect.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.h,v 1.29 2015/11/15 22:26:49 jcs Exp $ */
+/* $OpenBSD: sshconnect.h,v 1.30 2017/05/30 08:52:19 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -26,9 +26,9 @@
typedef struct Sensitive Sensitive;
struct Sensitive {
- Key **keys;
- int nkeys;
- int external_keysign;
+ struct sshkey **keys;
+ int nkeys;
+ int external_keysign;
};
struct addrinfo;
@@ -41,7 +41,7 @@ void ssh_login(Sensitive *, const char *, struct sockaddr *, u_short,
void ssh_exchange_identification(int);
-int verify_host_key(char *, struct sockaddr *, Key *);
+int verify_host_key(char *, struct sockaddr *, struct sshkey *);
void get_hostfile_hostname_ipaddr(char *, struct sockaddr *, u_short,
char **, char **);
@@ -55,7 +55,7 @@ void ssh_userauth2(const char *, const char *, char *, Sensitive *);
void ssh_put_password(char *);
int ssh_local_cmd(const char *);
-void maybe_add_key_to_agent(char *, Key *, char *, char *);
+void maybe_add_key_to_agent(char *, struct sshkey *, char *, char *);
/*
* Macros to raise/lower permissions.
diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c
index 1b257f5d3e7..518853dfdd3 100644
--- a/usr.bin/ssh/sshconnect2.c
+++ b/usr.bin/ssh/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.258 2017/05/05 10:42:49 naddy Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.259 2017/05/30 08:52:20 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -87,7 +87,7 @@ char *xxx_host;
struct sockaddr *xxx_hostaddr;
static int
-verify_host_key_callback(Key *hostkey, struct ssh *ssh)
+verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh)
{
if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1)
fatal("Host key verification failed.");
@@ -311,7 +311,7 @@ static int sign_and_send_pubkey(Authctxt *, Identity *);
static void pubkey_prepare(Authctxt *);
static void pubkey_cleanup(Authctxt *);
static void pubkey_reset(Authctxt *);
-static Key *load_identity_file(Identity *);
+static struct sshkey *load_identity_file(Identity *);
static Authmethod *authmethod_get(char *authlist);
static Authmethod *authmethod_lookup(const char *name);
@@ -566,7 +566,7 @@ int
input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt)
{
Authctxt *authctxt = ctxt;
- Key *key = NULL;
+ struct sshkey *key = NULL;
Identity *id = NULL;
Buffer b;
int pktype, sent = 0;
@@ -1007,7 +1007,7 @@ static int
identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
const u_char *data, size_t datalen, u_int compat)
{
- Key *prv;
+ struct sshkey *prv;
int ret;
/* the agent supports this key */
@@ -1217,10 +1217,10 @@ send_pubkey_test(Authctxt *authctxt, Identity *id)
return 1;
}
-static Key *
+static struct sshkey *
load_identity_file(Identity *id)
{
- Key *private = NULL;
+ struct sshkey *private = NULL;
char prompt[300], *passphrase, *comment;
int r, perm_ok = 0, quit = 0, i;
struct stat st;
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index e943cb256d9..9044016e97c 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.487 2017/04/30 23:18:44 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.488 2017/05/30 08:52:20 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -176,10 +176,10 @@ int have_agent = 0;
* not very useful. Currently, memory locking is not implemented.
*/
struct {
- Key **host_keys; /* all private host keys */
- Key **host_pubkeys; /* all public host keys */
- Key **host_certificates; /* all public host certificates */
- int have_ssh2_key;
+ struct sshkey **host_keys; /* all private host keys */
+ struct sshkey **host_pubkeys; /* all public host keys */
+ struct sshkey **host_certificates; /* all public host certificates */
+ int have_ssh2_key;
} sensitive_data;
/* This is set to true when a signal is received. */
@@ -462,7 +462,7 @@ destroy_sensitive_data(void)
void
demote_sensitive_data(void)
{
- Key *tmp;
+ struct sshkey *tmp;
int i;
for (i = 0; i < options.num_host_key_files; i++) {
@@ -643,7 +643,7 @@ list_hostkey_types(void)
const char *p;
char *ret;
int i;
- Key *key;
+ struct sshkey *key;
buffer_init(&b);
for (i = 0; i < options.num_host_key_files; i++) {
@@ -699,11 +699,11 @@ list_hostkey_types(void)
return ret;
}
-static Key *
+static struct sshkey *
get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh)
{
int i;
- Key *key;
+ struct sshkey *key;
for (i = 0; i < options.num_host_key_files; i++) {
switch (type) {
@@ -727,19 +727,19 @@ get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh)
return NULL;
}
-Key *
+struct sshkey *
get_hostkey_public_by_type(int type, int nid, struct ssh *ssh)
{
return get_hostkey_by_type(type, nid, 0, ssh);
}
-Key *
+struct sshkey *
get_hostkey_private_by_type(int type, int nid, struct ssh *ssh)
{
return get_hostkey_by_type(type, nid, 1, ssh);
}
-Key *
+struct sshkey *
get_hostkey_by_index(int ind)
{
if (ind < 0 || ind >= options.num_host_key_files)
@@ -747,7 +747,7 @@ get_hostkey_by_index(int ind)
return (sensitive_data.host_keys[ind]);
}
-Key *
+struct sshkey *
get_hostkey_public_by_index(int ind, struct ssh *ssh)
{
if (ind < 0 || ind >= options.num_host_key_files)
@@ -756,7 +756,7 @@ get_hostkey_public_by_index(int ind, struct ssh *ssh)
}
int
-get_hostkey_index(Key *key, int compare, struct ssh *ssh)
+get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh)
{
int i;
@@ -1290,8 +1290,8 @@ main(int ac, char **av)
u_int n;
u_int64_t ibytes, obytes;
mode_t new_umask;
- Key *key;
- Key *pubkey;
+ struct sshkey *key;
+ struct sshkey *pubkey;
int keytype;
Authctxt *authctxt;
struct connection_info *connection_info = get_connection_info(0, 0);
@@ -1529,9 +1529,9 @@ main(int ac, char **av)
/* load host keys */
sensitive_data.host_keys = xcalloc(options.num_host_key_files,
- sizeof(Key *));
+ sizeof(struct sshkey *));
sensitive_data.host_pubkeys = xcalloc(options.num_host_key_files,
- sizeof(Key *));
+ sizeof(struct sshkey *));
if (options.host_key_agent) {
if (strcmp(options.host_key_agent, SSH_AUTHSOCKET_ENV_NAME))
@@ -1595,7 +1595,7 @@ main(int ac, char **av)
* indices to the public keys that they relate to.
*/
sensitive_data.host_certificates = xcalloc(options.num_host_key_files,
- sizeof(Key *));
+ sizeof(struct sshkey *));
for (i = 0; i < options.num_host_key_files; i++)
sensitive_data.host_certificates[i] = NULL;
@@ -1926,8 +1926,9 @@ main(int ac, char **av)
}
int
-sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, size_t *slen,
- const u_char *data, size_t dlen, const char *alg, u_int flag)
+sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey,
+ u_char **signature, size_t *slen, const u_char *data, size_t dlen,
+ const char *alg, u_int flag)
{
int r;
u_int xxx_slen, xxx_dlen = dlen;