search for: debug_pk

...name); + debug3("%s", ERR_error_string(ERR_get_error(), NULL)); + if (x != NULL) + X509_free(x); + return NULL; + } else { + pub = key_new(KEY_UNSPEC); + pub->rsa = RSAPublicKey_dup(EVP_PKEY_get1_RSA(pk)); + pub->type = KEY_RSA; + name = "rsa w/o comment"; +#ifdef DEBUG_PK + RSA_print_fp(stderr, prv->rsa, 8); +#endif + } + + fclose(fp); + + if (pk != NULL) + EVP_PKEY_free(pk); + if (x != NULL) + X509_free(x); + + if (pub != NULL && commentp) + *commentp = xstrdup(name); + debug("read PEM public key done: type %s", + pub ? key_type(pub) :...

...AM */ /* Log before sending the reply */ - auth_log(authctxt, authenticated, method, " ssh2"); + auth_log(authctxt, authenticated, method, real_info); if (authctxt->postponed) return; /* XXX todo: check if multiple auth methods are needed */ @@ -475,12 +479,16 @@ #ifdef DEBUG_PK buffer_dump(&b); #endif /* test for correct signature */ if (user_key_allowed(authctxt->pw, key) && - key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) + key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) { au...

...); > goto finish; > } else if (pk->type == EVP_PKEY_RSA) { > prv = key_new(KEY_UNSPEC); > prv->rsa = EVP_PKEY_get1_RSA(pk); > prv->type = KEY_RSA; > name = "rsa w/o comment"; > #ifdef DEBUG_PK > RSA_print_fp(stderr, prv->rsa, 8); > #endif > if (RSA_blinding_on(prv->rsa, NULL) != 1) { > ERR_print_errors_fp(stderr); > error("key_load_eng_prv: RSA_blinding failed"); > key_free(pr...

...buffer_put_cstring(&b, service); buffer_put_cstring(&b, "hostbased"); buffer_put_string(&b, pkalg, alen); - buffer_put_string(&b, pkblob, blen); + buffer_put_binary(&b, pkblob, blen); buffer_put_cstring(&b, chost); buffer_put_cstring(&b, cuser); #ifdef DEBUG_PK diff -bur openssh-3.7.1p2.orig/auth2-pubkey.c openssh-3.7.1p2/auth2-pubkey.c --- openssh-3.7.1p2.orig/auth2-pubkey.c Sat Jun 28 04:38:02 2003 +++ openssh-3.7.1p2/auth2-pubkey.c Tue Oct 7 08:21:59 2003 @@ -65,7 +65,7 @@ if (datafellows & SSH_BUG_PKAUTH) { debug2("userauth_pubkey: SSH_...

I've architected this in a way that looks future proof at least to the openssl provider transition. What will happen in openssl 3.0.0 is that providers become active and will accept keys via URI. The current file mechanisms will still be available but internally it will become a file URI. To support the provider interface, openssl will have to accept keys by URI instead of file and may

...ing(&b, key_ssh_name(id->key)); + } + buffer_put_string(&b, blob, bloblen); + + /* generate signature */ + ret = identity_sign(id, &signature, &slen, + buffer_ptr(&b), buffer_len(&b)); + if (ret == -1) { + xfree(blob); + buffer_free(&b); + return 0; + } +#ifdef DEBUG_PK + buffer_dump(&b); +#endif + if (datafellows & SSH_BUG_PKSERVICE) { + buffer_clear(&b); + buffer_append(&b, session_id2, session_id2_len); + skip = session_id2_len; + buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); + buffer_put_cstring(&b, authctxt->server_user); +...