diff options
| author | Andreas Schneider <asn@cryptomilk.org> | 2011-08-22 16:16:34 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2011-08-22 16:16:34 +0200 |
| commit | 6c03b7a9c9831021207e01d51157a9ec79e570dc (patch) | |
| tree | a2158883f4c1b78c7f5ba68643414456063df14b | |
| parent | 90167f09d3c797422a3701be8c576c92de520d8c (diff) | |
| download | libssh-6c03b7a9c9831021207e01d51157a9ec79e570dc.tar.gz libssh-6c03b7a9c9831021207e01d51157a9ec79e570dc.tar.xz libssh-6c03b7a9c9831021207e01d51157a9ec79e570dc.zip | |
misc: Add ssh_match_group().
| -rw-r--r-- | include/libssh/misc.h | 2 | ||||
| -rw-r--r-- | src/dh.c | 27 | ||||
| -rw-r--r-- | src/misc.c | 27 |
3 files changed, 31 insertions, 25 deletions
diff --git a/include/libssh/misc.h b/include/libssh/misc.h index 9e562e2c..be013372 100644 --- a/include/libssh/misc.h +++ b/include/libssh/misc.h @@ -81,4 +81,6 @@ void ssh_timestamp_init(struct ssh_timestamp *ts); int ssh_timeout_elapsed(struct ssh_timestamp *ts, int timeout); int ssh_timeout_update(struct ssh_timestamp *ts, int timeout); +int ssh_match_group(const char *group, const char *object); + #endif /* MISC_H_ */ @@ -54,6 +54,7 @@ #include "libssh/buffer.h" #include "libssh/session.h" #include "libssh/keys.h" +#include "libssh/misc.h" #include "libssh/dh.h" #include "libssh/ssh2.h" @@ -1016,30 +1017,6 @@ ssh_string ssh_get_pubkey(ssh_session session){ return ssh_string_copy(session->current_crypto->server_pubkey); } -static int match(const char *group, const char *object){ - const char *a; - const char *z; - - z = group; - do { - a = strchr(z, ','); - if (a == NULL) { - if (strcmp(z, object) == 0) { - return 1; - } - return 0; - } else { - if (strncmp(z, object, a - z) == 0) { - return 1; - } - } - z = a + 1; - } while(1); - - /* not reached */ - return 0; -} - int sig_verify(ssh_session session, ssh_public_key pubkey, SIGNATURE *signature, unsigned char *digest, int size) { #ifdef HAVE_LIBGCRYPT @@ -1149,7 +1126,7 @@ int signature_verify(ssh_session session, ssh_string signature) { } if (session->wanted_methods[SSH_HOSTKEYS]) { - if(!match(session->wanted_methods[SSH_HOSTKEYS],pubkey->type_c)) { + if(!ssh_match_group(session->wanted_methods[SSH_HOSTKEYS],pubkey->type_c)) { ssh_set_error(session, SSH_FATAL, "Public key from server (%s) doesn't match user preference (%s)", pubkey->type_c, session->wanted_methods[SSH_HOSTKEYS]); @@ -952,6 +952,33 @@ int ssh_timeout_update(struct ssh_timestamp *ts, int timeout){ ret = timeout - ms; return ret >= 0 ? ret: 0; } + + +int ssh_match_group(const char *group, const char *object) +{ + const char *a; + const char *z; + + z = group; + do { + a = strchr(z, ','); + if (a == NULL) { + if (strcmp(z, object) == 0) { + return 1; + } + return 0; + } else { + if (strncmp(z, object, a - z) == 0) { + return 1; + } + } + z = a + 1; + } while(1); + + /* not reached */ + return 0; +} + /** @} */ /* vim: set ts=4 sw=4 et cindent: */ |