aboutsummaryrefslogtreecommitdiff
path: root/libssh
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2009-12-20 18:05:02 +0100
committerAris Adamantiadis <aris@0xbadc0de.be>2009-12-20 18:05:02 +0100
commit2e22d6ef9931156d837f6747aa9e46943bc51edb (patch)
treedb9269139bbaa5d736923e3a65801be5cdab4d01 /libssh
parent6509b6e7421f480e481d087d613f334779cfb38b (diff)
downloadlibssh-2e22d6ef9931156d837f6747aa9e46943bc51edb.tar.gz
libssh-2e22d6ef9931156d837f6747aa9e46943bc51edb.tar.xz
libssh-2e22d6ef9931156d837f6747aa9e46943bc51edb.zip
Add key validation in server side authentication
Diffstat (limited to 'libssh')
-rw-r--r--libssh/messages.c10
-rw-r--r--libssh/server.c7
2 files changed, 12 insertions, 5 deletions
diff --git a/libssh/messages.c b/libssh/messages.c
index c6cec583..6d0d62d8 100644
--- a/libssh/messages.c
+++ b/libssh/messages.c
@@ -220,7 +220,7 @@ static ssh_message handle_userauth_request(ssh_session session){
if (msg->auth_request.public_key == NULL) {
goto error;
}
- msg->auth_request.signature_state = 0;
+ msg->auth_request.signature_state = SSH_PUBLICKEY_STATE_NONE;
// has a valid signature ?
if(has_sign) {
SIGNATURE *signature = NULL;
@@ -231,7 +231,7 @@ static ssh_message handle_userauth_request(ssh_session session){
sign = buffer_get_ssh_string(session->in_buffer);
if(sign == NULL) {
ssh_log(session, SSH_LOG_PACKET, "Invalid signature packet from peer");
- msg->auth_request.signature_state = -2;
+ msg->auth_request.signature_state = SSH_PUBLICKEY_STATE_ERROR;
goto error;
}
signature = signature_from_string(session, sign, public_key,
@@ -241,7 +241,7 @@ static ssh_message handle_userauth_request(ssh_session session){
(digest != NULL && signature != NULL &&
sig_verify(session, public_key, signature,
buffer_get(digest), buffer_get_len(digest)) < 0)) {
- ssh_log(session, SSH_LOG_PACKET, "Invalid signature from peer");
+ ssh_log(session, SSH_LOG_PACKET, "Wrong signature from peer");
string_free(sign);
sign = NULL;
@@ -250,7 +250,7 @@ static ssh_message handle_userauth_request(ssh_session session){
signature_free(signature);
signature = NULL;
- msg->auth_request.signature_state = -1;
+ msg->auth_request.signature_state = SSH_PUBLICKEY_STATE_WRONG;
goto error;
}
else
@@ -263,7 +263,7 @@ static ssh_message handle_userauth_request(ssh_session session){
signature_free(signature);
signature = NULL;
- msg->auth_request.signature_state = 1;
+ msg->auth_request.signature_state = SSH_PUBLICKEY_STATE_VALID;
}
SAFE_FREE(service_c);
leave_function();
diff --git a/libssh/server.c b/libssh/server.c
index d465c81e..bb260e3f 100644
--- a/libssh/server.c
+++ b/libssh/server.c
@@ -760,6 +760,13 @@ ssh_public_key ssh_message_auth_publickey(ssh_message msg){
return msg->auth_request.public_key;
}
+enum ssh_publickey_state_e ssh_message_auth_publickey_state(ssh_message msg){
+ if (msg == NULL) {
+ return -1;
+ }
+ return msg->auth_request.signature_state;
+}
+
int ssh_message_auth_set_methods(ssh_message msg, int methods) {
if (msg == NULL || msg->session == NULL) {
return -1;