search for: lookup_identity

Displaying 12 results from an estimated 12 matches for "lookup_identity".

2015 Jul 26
2
[PATCH] ssh-agent: Add support to load additional certificates
...ty *id) { - sshkey_free(id->key); + refkey_unref(id->idkey); + refkey_unref(id->shadowed_key); free(id->provider); free(id->comment); free(id); } -/* return matching private key for given public key */ +/* return matching Identity for given public key */ static Identity * lookup_identity(struct sshkey *key, int version) { @@ -205,7 +238,22 @@ lookup_identity(struct sshkey *key, int Idtab *tab = idtab_lookup(version); TAILQ_FOREACH(id, &tab->idlist, next) { - if (sshkey_equal(key, id->key)) + if (sshkey_equal(key, id->idkey->key)) + return (id); + } + retu...
2002 Mar 07
0
[Bug 146] New: OpenSSH 3.1p1 will not build on BSD/OS 4.2/4.1/4.01
...Version: BSDI Status: NEW Severity: major Priority: P2 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: spike at indra.com OpenSSH 3.1p1 will not build on BSD/OS 4.2 Two files fail: ssh-agent.c: In function `lookup_identity': ssh-agent.c:135: warning: implicit declaration of function `TAILQ_FOREACH' ssh-agent.c:135: `next' undeclared (first use in this function) ssh-agent.c:135: (Each undeclared identifier is reported only once ssh-agent.c:135: for each function it appears in.) ssh-agent.c:135: syntax erro...
2002 Mar 19
0
[Bug 174] New: compile error on BSDi 4.0.1
..._SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_PIDDIR=\"/var/run\" -DSSH_RAND_HELPER=\"/usr/local/libexec/ssh-rand-helper\" -DHAVE_CONFIG_H -c ssh-agent.c ssh-agent.c: In function `lookup_identity': ssh-agent.c:135: warning: implicit declaration of function `TAILQ_FOREACH' ssh-agent.c:135: `next' undeclared (first use this function) ssh-agent.c:135: (Each undeclared identifier is reported only once ssh-agent.c:135: for each function it appears in.) ssh-agent.c:135: syntax error b...
2006 Aug 28
0
patch for ssh-agent force confirm keys
...t.c.orig 2006-08-28 13:36:05.000000000 +0300 @@ -111,9 +111,6 @@ /* Default lifetime (0 == forever) */ static int lifetime = 0; -/* global confirm */ -static int confirm = 0; - static void close_socket(SocketEntry *e) { @@ -246,7 +243,7 @@ goto failure; id = lookup_identity(key, 1); - if (id != NULL && ((!confirm && !id->confirm) || confirm_key(id) == 0)) { + if (id != NULL && (!id->confirm || confirm_key(id) == 0)) { Key *private = id->key; /* Decrypt the challenge using the private key. *...
2002 Mar 10
1
[Bug 155] New: OpenSSH 3.1p1 fails to compile on BSDi 4.0
...H_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" - D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" - D_PATH_SSH_PIDDIR=\"/var/run\" -DSSH_RAND_HELPER=\"/usr/local/libexec/ssh-rand- helper\" -DHAVE_CONFIG_H -c ssh-agent.c ssh-agent.c: In function `lookup_identity': ssh-agent.c:135: warning: implicit declaration of function `TAILQ_FOREACH' ssh-agent.c:135: `next' undeclared (first use this function) ssh-agent.c:135: (Each undeclared identifier is reported only once ssh-agent.c:135: for each function it appears in.) ssh-agent.c:135: syntax error b...
2017 Nov 14
2
OpenSSH 7.6p1 ssh-agent exiting if passed an invalid key blob
Hello, I noticed a problem recently when running some test code against the OpenSSH 7.6p1 ssh-agent. These tests ran fine against OpenSSH 7.5p1 and earlier, but with OpenSSH 7.6p1, they were suddenly causing ssh-agent to exit. The request being made was a ?sign? request, and the point of the test was to have the sign operation fail. To trigger this, I was passing in an invalid key blob
2006 May 15
0
[PATCH 9/12] bug fix: openssh 4.3p2 possible NULL dereference
..., 1 deletion(-) diff -uprN openssh-4.3p2/ssh-agent.c openssh-4.3p2-kylie/ssh-agent.c --- openssh-4.3p2/ssh-agent.c 2005-11-04 22:15:00.000000000 -0600 +++ openssh-4.3p2-kylie/ssh-agent.c 2006-05-04 15:05:48.000000000 -0500 @@ -305,8 +305,8 @@ process_sign_request2(SocketEntry *e) Identity *id = lookup_identity(key, 2); if (id != NULL && (!id->confirm || confirm_key(id) == 0)) ok = key_sign(id->key, &signature, &slen, data, dlen); + key_free(key); } - key_free(key); buffer_init(&msg); if (ok == 0) { buffer_put_char(&msg, SSH2_AGENT_SIGN_RESPONSE);
2017 Nov 15
2
OpenSSH 7.6p1 ssh-agent exiting if passed an invalid key blob
...__, ssh_err(r)); > + (r = sshbuf_get_u32(e->request, &flags)) != 0) { > + error("%s: couldn't parse request: %s", __func__, ssh_err(r)); > + goto send; > + } > + > if (flags & SSH_AGENT_OLD_SIGNATURE) > compat = SSH_BUG_SIGBLOB; > if ((id = lookup_identity(key)) == NULL) { Thanks Damien, but I?m not sure this is a good fix. Now both cases turn into an error(), but if there is a problem reading the initial pair of strings and u32 value, you really can?t safely keep the connection open to receive additional requests. An error in reading any of those...
2020 Jun 09
3
[PATCH v2 0/2] Add openssl engine keys with provider upgrade path
I've architected this in a way that looks future proof at least to the openssl provider transition. What will happen in openssl 3.0.0 is that providers become active and will accept keys via URI. The current file mechanisms will still be available but internally it will become a file URI. To support the provider interface, openssl will have to accept keys by URI instead of file and may
2017 Oct 26
3
[RFC 0/2] add engine based keys
Engine keys are private key files which are only understood by openssl external engines. ?The problem is they can't be loaded with the usual openssl methods, they have to be loaded via ENGINE_load_private_key(). ?Because they're files, they fit well into openssh pub/private file structure, so they're not very appropriately handled by the pkcs11 interface because it assumes the private
2008 Aug 16
21
[Bug 1506] New: rationalize agent behavior on smartcard removal/reattachment
https://bugzilla.mindrot.org/show_bug.cgi?id=1506 Summary: rationalize agent behavior on smartcard removal/reattachment Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo:
2020 Jan 30
6
[PATCH 1/2] Add support for openssl engine based keys
...if (lifetime && !death) + death = monotime() + lifetime; + + if ((r = engine_process_add(engine, file, pin, &k)) < 0) + goto send; + + if (sshkey_load_public(file, &kp, &comment) < 0) + comment = xstrdup(file); + else + sshkey_free(kp); + + r = SSH_AGENT_SUCCESS; + if (lookup_identity(k) == NULL) { + id = xcalloc(1, sizeof(Identity)); + id->key = k; + id->provider = xstrdup(engine); + id->comment = comment; + id->death = death; + id->confirm = confirm; + TAILQ_INSERT_TAIL(&idtab->idlist, id, next); + idtab->nentries++; + } else { + /* key is alr...