diff options
author | Jakub Jelen <jjelen@redhat.com> | 2018-07-13 16:21:29 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-08-01 16:03:48 +0200 |
commit | c8429113faddce47db2f5cabd6f544564c2c3770 (patch) | |
tree | 3dde837bb07d2ed5104cbfa5ad2e57c404edda51 /src/bind.c | |
parent | e1d2454dd74cf27d1a404b053f6b3442f23fd1ff (diff) | |
download | libssh-c8429113faddce47db2f5cabd6f544564c2c3770.tar.gz libssh-c8429113faddce47db2f5cabd6f544564c2c3770.tar.xz libssh-c8429113faddce47db2f5cabd6f544564c2c3770.zip |
bind: Complete loading ed25519 in server
Previously, the support was only partial and if the ed25519 key was
the only one, the internal checks were failing the tests.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/bind.c')
-rw-r--r-- | src/bind.c | 36 |
1 files changed, 32 insertions, 4 deletions
@@ -149,9 +149,10 @@ static int ssh_bind_import_keys(ssh_bind sshbind) { if (sshbind->ecdsakey == NULL && sshbind->dsakey == NULL && - sshbind->rsakey == NULL) { + sshbind->rsakey == NULL && + sshbind->ed25519key == NULL) { ssh_set_error(sshbind, SSH_FATAL, - "ECDSA, DSA, or RSA host key file must be set"); + "ECDSA, ED25519, DSA, or RSA host key file must be set"); return SSH_ERROR; } @@ -223,6 +224,27 @@ static int ssh_bind_import_keys(ssh_bind sshbind) { } } + if (sshbind->ed25519 == NULL && sshbind->ed25519key != NULL) { + rc = ssh_pki_import_privkey_file(sshbind->ed25519key, + NULL, + NULL, + NULL, + &sshbind->ed25519); + if (rc == SSH_ERROR || rc == SSH_EOF) { + ssh_set_error(sshbind, SSH_FATAL, + "Failed to import private ED25519 host key"); + return SSH_ERROR; + } + + if (ssh_key_type(sshbind->ed25519) != SSH_KEYTYPE_ED25519) { + ssh_set_error(sshbind, SSH_FATAL, + "The ED25519 host key has the wrong type"); + ssh_key_free(sshbind->ed25519); + sshbind->ed25519 = NULL; + return SSH_ERROR; + } + } + return SSH_OK; } @@ -236,7 +258,10 @@ int ssh_bind_listen(ssh_bind sshbind) { return -1; } - if (sshbind->rsa == NULL && sshbind->dsa == NULL && sshbind->ecdsa == NULL) { + if (sshbind->rsa == NULL && + sshbind->dsa == NULL && + sshbind->ecdsa == NULL && + sshbind->ed25519 == NULL) { rc = ssh_bind_import_keys(sshbind); if (rc != SSH_OK) { return SSH_ERROR; @@ -255,6 +280,7 @@ int ssh_bind_listen(ssh_bind sshbind) { sshbind->dsa = NULL; ssh_key_free(sshbind->rsa); sshbind->rsa = NULL; + /* XXX should this clear also other structures that were allocated */ return -1; } @@ -267,6 +293,7 @@ int ssh_bind_listen(ssh_bind sshbind) { sshbind->dsa = NULL; ssh_key_free(sshbind->rsa); sshbind->rsa = NULL; + /* XXX should this clear also other structures that were allocated */ return -1; } @@ -434,7 +461,8 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd){ */ if (sshbind->rsa == NULL && sshbind->dsa == NULL && - sshbind->ecdsa == NULL) { + sshbind->ecdsa == NULL && + sshbind->ed25519 == NULL) { rc = ssh_bind_import_keys(sshbind); if (rc != SSH_OK) { return SSH_ERROR; |