diff options
author | markus@openbsd.org <markus@openbsd.org> | 2018-07-11 18:53:29 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-07-12 13:18:25 +1000 |
commit | 5467fbcb09528ecdcb914f4f2452216c24796790 (patch) | |
tree | 8fcef797ece697250f4c67d57a5063d6316fd203 /monitor.c | |
parent | 5dc4c59d5441a19c99e7945779f7ec9051126c25 (diff) | |
download | openssh-git-5467fbcb09528ecdcb914f4f2452216c24796790.tar.gz |
upstream: remove legacy key emulation layer; ok djm@
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
Diffstat (limited to 'monitor.c')
-rw-r--r-- | monitor.c | 15 |
1 files changed, 8 insertions, 7 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.184 2018/07/10 09:13:30 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.185 2018/07/11 18:53:29 markus Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * Copyright 2002 Markus Friedl <markus@openbsd.org> @@ -68,7 +68,7 @@ #include "atomicio.h" #include "xmalloc.h" #include "ssh.h" -#include "key.h" +#include "sshkey.h" #include "sshbuf.h" #include "hostfile.h" #include "auth.h" @@ -630,14 +630,15 @@ mm_answer_sign(int sock, struct sshbuf *m) char *alg = NULL; size_t datlen, siglen, alglen; int r, is_proof = 0; - u_int keyid; + u_int keyid, compat; const char proof_req[] = "hostkeys-prove-00@openssh.com"; debug3("%s", __func__); if ((r = sshbuf_get_u32(m, &keyid)) != 0 || (r = sshbuf_get_string(m, &p, &datlen)) != 0 || - (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0) + (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0 || + (r = sshbuf_get_u32(m, &compat)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (keyid > INT_MAX) fatal("%s: invalid key ID", __func__); @@ -687,13 +688,13 @@ mm_answer_sign(int sock, struct sshbuf *m) if ((key = get_hostkey_by_index(keyid)) != NULL) { if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg, - datafellows)) != 0) + compat)) != 0) fatal("%s: sshkey_sign failed: %s", __func__, ssh_err(r)); } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL && auth_sock > 0) { if ((r = ssh_agent_sign(auth_sock, key, &signature, &siglen, - p, datlen, alg, datafellows)) != 0) { + p, datlen, alg, compat)) != 0) { fatal("%s: ssh_agent_sign failed: %s", __func__, ssh_err(r)); } @@ -1208,7 +1209,7 @@ mm_answer_keyallowed(int sock, struct sshbuf *m) if (key != NULL && authctxt->valid) { /* These should not make it past the privsep child */ - if (key_type_plain(key->type) == KEY_RSA && + if (sshkey_type_plain(key->type) == KEY_RSA && (datafellows & SSH_BUG_RSASIGMD5) != 0) fatal("%s: passed a SSH_BUG_RSASIGMD5 key", __func__); |