aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2011-08-22 18:20:54 +0200
committerAndreas Schneider <asn@cryptomilk.org>2011-08-22 18:41:47 +0200
commit8edf57fbf21c2f23c38f6483db5a3beac0454e28 (patch)
treeeca880b848fc9bd77b51d5b790eaa39482dcb3c9
parent8c8a91a9b750e9730327c991fd44d7a4a90c16b6 (diff)
downloadlibssh-8edf57fbf21c2f23c38f6483db5a3beac0454e28.tar.gz
libssh-8edf57fbf21c2f23c38f6483db5a3beac0454e28.tar.xz
libssh-8edf57fbf21c2f23c38f6483db5a3beac0454e28.zip
client: Migrate to new signature pki.
-rw-r--r--src/client.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/src/client.c b/src/client.c
index 4396fb1..6a7b497 100644
--- a/src/client.c
+++ b/src/client.c
@@ -39,6 +39,7 @@
#include "libssh/ecdh.h"
#include "libssh/threads.h"
#include "libssh/misc.h"
+#include "libssh/pki.h"
#define set_status(session, status) do {\
if (session->common.callbacks && session->common.callbacks->connect_status_function) \
@@ -211,7 +212,7 @@ error:
}
SSH_PACKET_CALLBACK(ssh_packet_newkeys){
- ssh_string signature = NULL;
+ ssh_string sig_blob = NULL;
int rc;
(void)packet;
(void)user;
@@ -246,16 +247,19 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){
}
/* Verify the host's signature. FIXME do it sooner */
- signature = session->next_crypto->dh_server_signature;
+ sig_blob = session->next_crypto->dh_server_signature;
session->next_crypto->dh_server_signature = NULL;
- if (signature_verify(session, signature)) {
+ rc = ssh_pki_signature_verify_blob(session,
+ sig_blob);
+ if (rc == SSH_ERROR) {
goto error;
}
ssh_log(session,SSH_LOG_PROTOCOL,"Signature verified and valid");
/* forget it for now ... */
- ssh_string_burn(signature);
- ssh_string_free(signature);
- signature=NULL;
+ ssh_string_burn(sig_blob);
+ ssh_string_free(sig_blob);
+ sig_blob = NULL;
+
/*
* Once we got SSH2_MSG_NEWKEYS we can switch next_crypto and
* current_crypto