upstream commit
switch auth2-pubkey.c to modern APIs; with & ok djm@
Upstream-ID: 8f08d4316eb1b0c4ffe4a206c05cdd45ed1daf07
diff --git a/monitor.c b/monitor.c
index cd40893..2dee972 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.168 2017/05/30 08:52:19 markus Exp $ */
+/* $OpenBSD: monitor.c,v 1.169 2017/05/30 14:10:53 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1330,25 +1330,25 @@
}
int
-mm_answer_keyverify(int sock, Buffer *m)
+mm_answer_keyverify(int sock, struct sshbuf *m)
{
struct sshkey *key;
u_char *signature, *data, *blob;
- u_int signaturelen, datalen, bloblen;
- int verified = 0;
- int valid_data = 0;
+ size_t signaturelen, datalen, bloblen;
+ int r, ret, valid_data = 0, encoded_ret;
- blob = buffer_get_string(m, &bloblen);
- signature = buffer_get_string(m, &signaturelen);
- data = buffer_get_string(m, &datalen);
+ if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||
+ (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 ||
+ (r = sshbuf_get_string(m, &data, &datalen)) != 0)
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
if (hostbased_cuser == NULL || hostbased_chost == NULL ||
!monitor_allowed_key(blob, bloblen))
fatal("%s: bad key, not previously allowed", __func__);
- key = key_from_blob(blob, bloblen);
- if (key == NULL)
- fatal("%s: bad public key blob", __func__);
+ /* XXX use sshkey_froms here; need to change key_blob, etc. */
+ if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0)
+ fatal("%s: bad public key blob: %s", __func__, ssh_err(r));
switch (key_blobtype) {
case MM_USERKEY:
@@ -1365,15 +1365,16 @@
if (!valid_data)
fatal("%s: bad signature data blob", __func__);
- verified = key_verify(key, signature, signaturelen, data, datalen);
+ ret = sshkey_verify(key, signature, signaturelen, data, datalen,
+ active_state->compat);
debug3("%s: key %p signature %s",
- __func__, key, (verified == 1) ? "verified" : "unverified");
+ __func__, key, (ret == 0) ? "verified" : "unverified");
/* If auth was successful then record key to ensure it isn't reused */
- if (verified == 1 && key_blobtype == MM_USERKEY)
+ if (ret == 0 && key_blobtype == MM_USERKEY)
auth2_record_userkey(authctxt, key);
else
- key_free(key);
+ sshkey_free(key);
free(blob);
free(signature);
@@ -1383,11 +1384,15 @@
monitor_reset_key_state();
- buffer_clear(m);
- buffer_put_int(m, verified);
+ sshbuf_reset(m);
+
+ /* encode ret != 0 as positive integer, since we're sending u32 */
+ encoded_ret = (ret != 0);
+ if ((r = sshbuf_put_u32(m, encoded_ret)) != 0)
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
- return (verified == 1);
+ return ret == 0;
}
static void