diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2018-06-28 17:52:58 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-06-29 14:41:14 +0200 |
commit | 206f3ff895d3d822ac4f23426136537129f9f062 (patch) | |
tree | 59728e18437ec9308d14a50082ef831b5b158612 /src/known_hosts.c | |
parent | 81b4320318966e83678641a06717c301b071971b (diff) | |
download | libssh-206f3ff895d3d822ac4f23426136537129f9f062.tar.gz libssh-206f3ff895d3d822ac4f23426136537129f9f062.tar.xz libssh-206f3ff895d3d822ac4f23426136537129f9f062.zip |
Rest in Peace SSHv1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'src/known_hosts.c')
-rw-r--r-- | src/known_hosts.c | 129 |
1 files changed, 16 insertions, 113 deletions
diff --git a/src/known_hosts.c b/src/known_hosts.c index 481e81ff..bef71200 100644 --- a/src/known_hosts.c +++ b/src/known_hosts.c @@ -59,18 +59,6 @@ * @{ */ -static int alldigits(const char *s) { - while (*s) { - if (isdigit(*s)) { - s++; - } else { - return 0; - } - } - - return 1; -} - /** * @internal * @@ -103,7 +91,7 @@ static void tokens_free(char **tokens) { * @param[out] found_type A pointer to a string to be set with the found key * type. * - * @returns The found_type type of key (ie "dsa","ssh-rsa1"). Don't + * @returns The found_type type of key (ie "dsa","ssh-rsa"). Don't * free that value. NULL if no match was found or the file * was not found. */ @@ -151,20 +139,14 @@ static char **ssh_get_knownhost_line(FILE **file, const char *filename, *found_type = tokens[1]; if (tokens[3]) { - /* openssh rsa1 format has 4 tokens on the line. Recognize it - by the fact that everything is all digits */ if (tokens[4]) { /* that's never valid */ tokens_free(tokens); continue; } - if (alldigits(tokens[1]) && alldigits(tokens[2]) && alldigits(tokens[3])) { - *found_type = "ssh-rsa1"; - } else { - /* 3 tokens only, not four */ - tokens_free(tokens); - continue; - } + /* 3 tokens only, not four */ + tokens_free(tokens); + continue; } return tokens; @@ -194,77 +176,9 @@ static int check_public_key(ssh_session session, char **tokens) { char *pubkey_64; int rc; - /* ok we found some public key in known hosts file. now un-base64it */ - if (alldigits(tokens[1])) { - /* openssh rsa1 format */ - bignum tmpbn; - ssh_string tmpstring; - unsigned int len; - int i; - - pubkey_buffer = ssh_buffer_new(); - if (pubkey_buffer == NULL) { - return -1; - } - - tmpstring = ssh_string_from_char("ssh-rsa1"); - if (tmpstring == NULL) { - ssh_buffer_free(pubkey_buffer); - return -1; - } - - if (ssh_buffer_add_ssh_string(pubkey_buffer, tmpstring) < 0) { - ssh_buffer_free(pubkey_buffer); - ssh_string_free(tmpstring); - return -1; - } - ssh_string_free(tmpstring); - - for (i = 2; i < 4; i++) { /* e, then n */ - tmpbn = NULL; -#ifdef HAVE_LIBMBEDCRYPTO - bignum_dec2bn(tokens[i], tmpbn); -#else - bignum_dec2bn(tokens[i], &tmpbn); -#endif - if (tmpbn == NULL) { - ssh_buffer_free(pubkey_buffer); - return -1; - } - /* for some reason, ssh_make_bignum_string does not work - because of the padding which it does --kv */ - /* tmpstring = ssh_make_bignum_string(tmpbn); */ - /* do it manually instead */ - len = bignum_num_bytes(tmpbn); - tmpstring = malloc(4 + len); - if (tmpstring == NULL) { - ssh_buffer_free(pubkey_buffer); - bignum_free(tmpbn); - return -1; - } - /* TODO: fix the hardcoding */ - tmpstring->size = htonl(len); -#ifdef HAVE_LIBGCRYPT - bignum_bn2bin(tmpbn, len, ssh_string_data(tmpstring)); -#elif defined HAVE_LIBCRYPTO - bignum_bn2bin(tmpbn, ssh_string_data(tmpstring)); -#elif defined HAVE_LIBMBEDCRYPTO - bignum_bn2bin(tmpbn, ssh_string_data(tmpstring)); -#endif - bignum_free(tmpbn); - if (ssh_buffer_add_ssh_string(pubkey_buffer, tmpstring) < 0) { - ssh_buffer_free(pubkey_buffer); - ssh_string_free(tmpstring); - bignum_free(tmpbn); - return -1; - } - ssh_string_free(tmpstring); - } - } else { /* ssh-dss or ssh-rsa */ pubkey_64 = tokens[2]; pubkey_buffer = base64_to_bin(pubkey_64); - } if (pubkey_buffer == NULL) { ssh_set_error(session, SSH_FATAL, @@ -588,32 +502,21 @@ char * ssh_dump_knownhost(ssh_session session) { return NULL; } - if (ssh_key_type(server_pubkey) == SSH_KEYTYPE_RSA1) { - /* openssh uses a different format for ssh-rsa1 keys. - Be compatible --kv */ - rc = ssh_pki_export_pubkey_rsa1(server_pubkey, host, buffer, len); + rc = ssh_pki_export_pubkey_base64(server_pubkey, &b64_key); + if (rc < 0) { + SAFE_FREE(buffer); SAFE_FREE(host); - if (rc < 0) { - SAFE_FREE(buffer); - return NULL; - } - } else { - rc = ssh_pki_export_pubkey_base64(server_pubkey, &b64_key); - if (rc < 0) { - SAFE_FREE(buffer); - SAFE_FREE(host); - return NULL; - } + return NULL; + } - snprintf(buffer, len, - "%s %s %s\n", - host, - server_pubkey->type_c, - b64_key); + snprintf(buffer, len, + "%s %s %s\n", + host, + server_pubkey->type_c, + b64_key); - SAFE_FREE(host); - SAFE_FREE(b64_key); - } + SAFE_FREE(host); + SAFE_FREE(b64_key); return buffer; } |