OpenCoverage

authfd.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/authfd.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: authfd.c,v 1.111 2018/07/09 21:59:10 markus Exp $ */-
2/*-
3 * Author: Tatu Ylonen <ylo@cs.hut.fi>-
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland-
5 * All rights reserved-
6 * Functions for connecting the local authentication agent.-
7 *-
8 * As far as I am concerned, the code I have written for this software-
9 * can be used freely for any purpose. Any derived versions of this-
10 * software must be clearly marked as such, and if the derived work is-
11 * incompatible with the protocol description in the RFC file, it must be-
12 * called by a name other than "ssh" or "Secure Shell".-
13 *-
14 * SSH2 implementation,-
15 * Copyright (c) 2000 Markus Friedl. All rights reserved.-
16 *-
17 * Redistribution and use in source and binary forms, with or without-
18 * modification, are permitted provided that the following conditions-
19 * are met:-
20 * 1. Redistributions of source code must retain the above copyright-
21 * notice, this list of conditions and the following disclaimer.-
22 * 2. Redistributions in binary form must reproduce the above copyright-
23 * notice, this list of conditions and the following disclaimer in the-
24 * documentation and/or other materials provided with the distribution.-
25 *-
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR-
27 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES-
28 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.-
29 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,-
30 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
31 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,-
32 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY-
33 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT-
34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF-
35 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.-
36 */-
37-
38#include "includes.h"-
39-
40#include <sys/types.h>-
41#include <sys/un.h>-
42#include <sys/socket.h>-
43-
44#include <fcntl.h>-
45#include <stdlib.h>-
46#include <signal.h>-
47#include <stdarg.h>-
48#include <string.h>-
49#include <unistd.h>-
50#include <errno.h>-
51-
52#include "xmalloc.h"-
53#include "ssh.h"-
54#include "sshbuf.h"-
55#include "sshkey.h"-
56#include "authfd.h"-
57#include "cipher.h"-
58#include "compat.h"-
59#include "log.h"-
60#include "atomicio.h"-
61#include "misc.h"-
62#include "ssherr.h"-
63-
64#define MAX_AGENT_IDENTITIES 2048 /* Max keys in agent reply */-
65#define MAX_AGENT_REPLY_LEN (256 * 1024) /* Max bytes in agent reply */-
66-
67/* macro to check for "agent failure" message */-
68#define agent_failed(x) \-
69 ((x == SSH_AGENT_FAILURE) || \-
70 (x == SSH_COM_AGENT2_FAILURE) || \-
71 (x == SSH2_AGENT_FAILURE))-
72-
73/* Convert success/failure response from agent to a err.h status */-
74static int-
75decode_reply(u_char type)-
76{-
77 if (agent_failed(type))
(type == 5)Description
TRUEnever evaluated
FALSEnever evaluated
(type == 102)Description
TRUEnever evaluated
FALSEnever evaluated
(type == 30)Description
TRUEnever evaluated
FALSEnever evaluated
0
78 return SSH_ERR_AGENT_FAILURE;
never executed: return -27;
0
79 else if (type == SSH_AGENT_SUCCESS)
type == 6Description
TRUEnever evaluated
FALSEnever evaluated
0
80 return 0;
never executed: return 0;
0
81 else-
82 return SSH_ERR_INVALID_FORMAT;
never executed: return -4;
0
83}-
84-
85/* Returns the number of the authentication fd, or -1 if there is none. */-
86int-
87ssh_get_authentication_socket(int *fdp)-
88{-
89 const char *authsocket;-
90 int sock, oerrno;-
91 struct sockaddr_un sunaddr;-
92-
93 if (fdp != NULL)
fdp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
94 *fdp = -1;
never executed: *fdp = -1;
0
95-
96 authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);-
97 if (!authsocket)
!authsocketDescription
TRUEnever evaluated
FALSEnever evaluated
0
98 return SSH_ERR_AGENT_NOT_PRESENT;
never executed: return -47;
0
99-
100 memset(&sunaddr, 0, sizeof(sunaddr));-
101 sunaddr.sun_family = AF_UNIX;-
102 strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));-
103-
104 if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
(sock = socket...REAM , 0)) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
105 return SSH_ERR_SYSTEM_ERROR;
never executed: return -24;
0
106-
107 /* close on exec */-
108 if (fcntl(sock, F_SETFD, FD_CLOEXEC) == -1 ||
fcntl(sock, 2 , 1 ) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
109 connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) {
connect(sock, ...(sunaddr)) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
110 oerrno = errno;-
111 close(sock);-
112 errno = oerrno;-
113 return SSH_ERR_SYSTEM_ERROR;
never executed: return -24;
0
114 }-
115 if (fdp != NULL)
fdp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
116 *fdp = sock;
never executed: *fdp = sock;
0
117 else-
118 close(sock);
never executed: close(sock);
0
119 return 0;
never executed: return 0;
0
120}-
121-
122/* Communicate with agent: send request and read reply */-
123static int-
124ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply)-
125{-
126 int r;-
127 size_t l, len;-
128 char buf[1024];-
129-
130 /* Get the length of the message, and format it in the buffer. */-
131 len = sshbuf_len(request);-
132 POKE_U32(buf, len);-
133-
134 /* Send the length and then the packet to the agent. */-
135 if (atomicio(vwrite, sock, buf, 4) != 4 ||
atomicio((ssiz..., buf, 4) != 4Description
TRUEnever evaluated
FALSEnever evaluated
0
136 atomicio(vwrite, sock, sshbuf_mutable_ptr(request),
atomicio((ssiz...f_len(request)Description
TRUEnever evaluated
FALSEnever evaluated
0
137 sshbuf_len(request)) != sshbuf_len(request))
atomicio((ssiz...f_len(request)Description
TRUEnever evaluated
FALSEnever evaluated
0
138 return SSH_ERR_AGENT_COMMUNICATION;
never executed: return -26;
0
139 /*-
140 * Wait for response from the agent. First read the length of the-
141 * response packet.-
142 */-
143 if (atomicio(read, sock, buf, 4) != 4)
atomicio(read,..., buf, 4) != 4Description
TRUEnever evaluated
FALSEnever evaluated
0
144 return SSH_ERR_AGENT_COMMUNICATION;
never executed: return -26;
0
145-
146 /* Extract the length, and check it for sanity. */-
147 len = PEEK_U32(buf);-
148 if (len > MAX_AGENT_REPLY_LEN)
len > (256 * 1024)Description
TRUEnever evaluated
FALSEnever evaluated
0
149 return SSH_ERR_INVALID_FORMAT;
never executed: return -4;
0
150-
151 /* Read the rest of the response in to the buffer. */-
152 sshbuf_reset(reply);-
153 while (len > 0) {
len > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
154 l = len;-
155 if (l > sizeof(buf))
l > sizeof(buf)Description
TRUEnever evaluated
FALSEnever evaluated
0
156 l = sizeof(buf);
never executed: l = sizeof(buf);
0
157 if (atomicio(read, sock, buf, l) != l)
atomicio(read,..., buf, l) != lDescription
TRUEnever evaluated
FALSEnever evaluated
0
158 return SSH_ERR_AGENT_COMMUNICATION;
never executed: return -26;
0
159 if ((r = sshbuf_put(reply, buf, l)) != 0)
(r = sshbuf_pu... buf, l)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
160 return r;
never executed: return r;
0
161 len -= l;-
162 }
never executed: end of block
0
163 return 0;
never executed: return 0;
0
164}-
165-
166/*-
167 * Closes the agent socket if it should be closed (depends on how it was-
168 * obtained). The argument must have been returned by-
169 * ssh_get_authentication_socket().-
170 */-
171void-
172ssh_close_authentication_socket(int sock)-
173{-
174 if (getenv(SSH_AUTHSOCKET_ENV_NAME))
getenv("SSH_AUTH_SOCK")Description
TRUEnever evaluated
FALSEnever evaluated
0
175 close(sock);
never executed: close(sock);
0
176}
never executed: end of block
0
177-
178/* Lock/unlock agent */-
179int-
180ssh_lock_agent(int sock, int lock, const char *password)-
181{-
182 int r;-
183 u_char type = lock ? SSH_AGENTC_LOCK : SSH_AGENTC_UNLOCK;
lockDescription
TRUEnever evaluated
FALSEnever evaluated
0
184 struct sshbuf *msg;-
185-
186 if ((msg = sshbuf_new()) == NULL)
(msg = sshbuf_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
187 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
188 if ((r = sshbuf_put_u8(msg, type)) != 0 ||
(r = sshbuf_pu...g, type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
189 (r = sshbuf_put_cstring(msg, password)) != 0)
(r = sshbuf_pu...assword)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
190 goto out;
never executed: goto out;
0
191 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
(r = ssh_reque...sg, msg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
192 goto out;
never executed: goto out;
0
193 if ((r = sshbuf_get_u8(msg, &type)) != 0)
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
194 goto out;
never executed: goto out;
0
195 r = decode_reply(type);-
196 out:
code before this statement never executed: out:
0
197 sshbuf_free(msg);-
198 return r;
never executed: return r;
0
199}-
200-
201-
202static int-
203deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp)-
204{-
205 int r;-
206 char *comment = NULL;-
207 const u_char *blob;-
208 size_t blen;-
209-
210 if ((r = sshbuf_get_string_direct(ids, &blob, &blen)) != 0 ||
(r = sshbuf_ge..., &blen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
211 (r = sshbuf_get_cstring(ids, &comment, NULL)) != 0)
(r = sshbuf_ge...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
212 goto out;
never executed: goto out;
0
213 if ((r = sshkey_from_blob(blob, blen, keyp)) != 0)
(r = sshkey_fr...n, keyp)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
214 goto out;
never executed: goto out;
0
215 if (commentp != NULL) {
commentp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
216 *commentp = comment;-
217 comment = NULL;-
218 }
never executed: end of block
0
219 r = 0;-
220 out:
code before this statement never executed: out:
0
221 free(comment);-
222 return r;
never executed: return r;
0
223}-
224-
225/*-
226 * Fetch list of identities held by the agent.-
227 */-
228int-
229ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp)-
230{-
231 u_char type;-
232 u_int32_t num, i;-
233 struct sshbuf *msg;-
234 struct ssh_identitylist *idl = NULL;-
235 int r;-
236-
237 /*-
238 * Send a message to the agent requesting for a list of the-
239 * identities it can represent.-
240 */-
241 if ((msg = sshbuf_new()) == NULL)
(msg = sshbuf_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
242 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
243 if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_REQUEST_IDENTITIES)) != 0)
(r = sshbuf_pu...msg, 11)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
244 goto out;
never executed: goto out;
0
245-
246 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
(r = ssh_reque...sg, msg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
247 goto out;
never executed: goto out;
0
248-
249 /* Get message type, and verify that we got a proper answer. */-
250 if ((r = sshbuf_get_u8(msg, &type)) != 0)
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
251 goto out;
never executed: goto out;
0
252 if (agent_failed(type)) {
(type == 5)Description
TRUEnever evaluated
FALSEnever evaluated
(type == 102)Description
TRUEnever evaluated
FALSEnever evaluated
(type == 30)Description
TRUEnever evaluated
FALSEnever evaluated
0
253 r = SSH_ERR_AGENT_FAILURE;-
254 goto out;
never executed: goto out;
0
255 } else if (type != SSH2_AGENT_IDENTITIES_ANSWER) {
type != 12Description
TRUEnever evaluated
FALSEnever evaluated
0
256 r = SSH_ERR_INVALID_FORMAT;-
257 goto out;
never executed: goto out;
0
258 }-
259-
260 /* Get the number of entries in the response and check it for sanity. */-
261 if ((r = sshbuf_get_u32(msg, &num)) != 0)
(r = sshbuf_ge...g, &num)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
262 goto out;
never executed: goto out;
0
263 if (num > MAX_AGENT_IDENTITIES) {
num > 2048Description
TRUEnever evaluated
FALSEnever evaluated
0
264 r = SSH_ERR_INVALID_FORMAT;-
265 goto out;
never executed: goto out;
0
266 }-
267 if (num == 0) {
num == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
268 r = SSH_ERR_AGENT_NO_IDENTITIES;-
269 goto out;
never executed: goto out;
0
270 }-
271-
272 /* Deserialise the response into a list of keys/comments */-
273 if ((idl = calloc(1, sizeof(*idl))) == NULL ||
(idl = calloc(...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
274 (idl->keys = calloc(num, sizeof(*idl->keys))) == NULL ||
(idl->keys = c...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
275 (idl->comments = calloc(num, sizeof(*idl->comments))) == NULL) {
(idl->comments...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
276 r = SSH_ERR_ALLOC_FAIL;-
277 goto out;
never executed: goto out;
0
278 }-
279 for (i = 0; i < num;) {
i < numDescription
TRUEnever evaluated
FALSEnever evaluated
0
280 if ((r = deserialise_identity2(msg, &(idl->keys[i]),
(r = deseriali...nts[i]))) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
281 &(idl->comments[i]))) != 0) {
(r = deseriali...nts[i]))) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
282 if (r == SSH_ERR_KEY_TYPE_UNKNOWN) {
r == -14Description
TRUEnever evaluated
FALSEnever evaluated
0
283 /* Gracefully skip unknown key types */-
284 num--;-
285 continue;
never executed: continue;
0
286 } else-
287 goto out;
never executed: goto out;
0
288 }-
289 i++;-
290 }
never executed: end of block
0
291 idl->nkeys = num;-
292 *idlp = idl;-
293 idl = NULL;-
294 r = 0;-
295 out:
code before this statement never executed: out:
0
296 sshbuf_free(msg);-
297 if (idl != NULL)
idl != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
298 ssh_free_identitylist(idl);
never executed: ssh_free_identitylist(idl);
0
299 return r;
never executed: return r;
0
300}-
301-
302void-
303ssh_free_identitylist(struct ssh_identitylist *idl)-
304{-
305 size_t i;-
306-
307 if (idl == NULL)
idl == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
308 return;
never executed: return;
0
309 for (i = 0; i < idl->nkeys; i++) {
i < idl->nkeysDescription
TRUEnever evaluated
FALSEnever evaluated
0
310 if (idl->keys != NULL)
idl->keys != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
311 sshkey_free(idl->keys[i]);
never executed: sshkey_free(idl->keys[i]);
0
312 if (idl->comments != NULL)
idl->comments != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
313 free(idl->comments[i]);
never executed: free(idl->comments[i]);
0
314 }
never executed: end of block
0
315 free(idl);-
316}
never executed: end of block
0
317-
318/*-
319 * Sends a challenge (typically from a server via ssh(1)) to the agent,-
320 * and waits for a response from the agent.-
321 * Returns true (non-zero) if the agent gave the correct answer, zero-
322 * otherwise.-
323 */-
324-
325-
326/* encode signature algorithm in flag bits, so we can keep the msg format */-
327static u_int-
328agent_encode_alg(const struct sshkey *key, const char *alg)-
329{-
330 if (alg != NULL && key->type == KEY_RSA) {
alg != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
key->type == KEY_RSADescription
TRUEnever evaluated
FALSEnever evaluated
0
331 if (strcmp(alg, "rsa-sha2-256") == 0)
never executed: __result = (((const unsigned char *) (const char *) ( alg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "rsa-sha2-256" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
332 return SSH_AGENT_RSA_SHA2_256;
never executed: return 0x02;
0
333 else if (strcmp(alg, "rsa-sha2-512") == 0)
never executed: __result = (((const unsigned char *) (const char *) ( alg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "rsa-sha2-512" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
334 return SSH_AGENT_RSA_SHA2_512;
never executed: return 0x04;
0
335 }
never executed: end of block
0
336 return 0;
never executed: return 0;
0
337}-
338-
339/* ask agent to sign data, returns err.h code on error, 0 on success */-
340int-
341ssh_agent_sign(int sock, const struct sshkey *key,-
342 u_char **sigp, size_t *lenp,-
343 const u_char *data, size_t datalen, const char *alg, u_int compat)-
344{-
345 struct sshbuf *msg;-
346 u_char *sig = NULL, type = 0;-
347 size_t len = 0;-
348 u_int flags = 0;-
349 int r = SSH_ERR_INTERNAL_ERROR;-
350-
351 *sigp = NULL;-
352 *lenp = 0;-
353-
354 if (datalen > SSH_KEY_MAX_SIGN_DATA_SIZE)
datalen > (1 << 20)Description
TRUEnever evaluated
FALSEnever evaluated
0
355 return SSH_ERR_INVALID_ARGUMENT;
never executed: return -10;
0
356 if ((msg = sshbuf_new()) == NULL)
(msg = sshbuf_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
357 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
358 flags |= agent_encode_alg(key, alg);-
359 if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 ||
(r = sshbuf_pu...msg, 13)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
360 (r = sshkey_puts(key, msg)) != 0 ||
(r = sshkey_pu...ey, msg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
361 (r = sshbuf_put_string(msg, data, datalen)) != 0 ||
(r = sshbuf_pu...datalen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
362 (r = sshbuf_put_u32(msg, flags)) != 0)
(r = sshbuf_pu..., flags)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
363 goto out;
never executed: goto out;
0
364 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
(r = ssh_reque...sg, msg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
365 goto out;
never executed: goto out;
0
366 if ((r = sshbuf_get_u8(msg, &type)) != 0)
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
367 goto out;
never executed: goto out;
0
368 if (agent_failed(type)) {
(type == 5)Description
TRUEnever evaluated
FALSEnever evaluated
(type == 102)Description
TRUEnever evaluated
FALSEnever evaluated
(type == 30)Description
TRUEnever evaluated
FALSEnever evaluated
0
369 r = SSH_ERR_AGENT_FAILURE;-
370 goto out;
never executed: goto out;
0
371 } else if (type != SSH2_AGENT_SIGN_RESPONSE) {
type != 14Description
TRUEnever evaluated
FALSEnever evaluated
0
372 r = SSH_ERR_INVALID_FORMAT;-
373 goto out;
never executed: goto out;
0
374 }-
375 if ((r = sshbuf_get_string(msg, &sig, &len)) != 0)
(r = sshbuf_ge...g, &len)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
376 goto out;
never executed: goto out;
0
377 /* Check what we actually got back from the agent. */-
378 if ((r = sshkey_check_sigtype(sig, len, alg)) != 0)
(r = sshkey_ch...en, alg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
379 goto out;
never executed: goto out;
0
380 /* success */-
381 *sigp = sig;-
382 *lenp = len;-
383 sig = NULL;-
384 len = 0;-
385 r = 0;-
386 out:
code before this statement never executed: out:
0
387 freezero(sig, len);-
388 sshbuf_free(msg);-
389 return r;
never executed: return r;
0
390}-
391-
392/* Encode key for a message to the agent. */-
393-
394-
395static int-
396encode_constraints(struct sshbuf *m, u_int life, u_int confirm, u_int maxsign)-
397{-
398 int r;-
399-
400 if (life != 0) {
life != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
401 if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_LIFETIME)) != 0 ||
(r = sshbuf_put_u8(m, 1)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
402 (r = sshbuf_put_u32(m, life)) != 0)
(r = sshbuf_pu...m, life)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
403 goto out;
never executed: goto out;
0
404 }
never executed: end of block
0
405 if (confirm != 0) {
confirm != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
406 if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_CONFIRM)) != 0)
(r = sshbuf_put_u8(m, 2)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
407 goto out;
never executed: goto out;
0
408 }
never executed: end of block
0
409 if (maxsign != 0) {
maxsign != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
410 if ((r = sshbuf_put_u8(m, SSH_AGENT_CONSTRAIN_MAXSIGN)) != 0 ||
(r = sshbuf_put_u8(m, 3)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
411 (r = sshbuf_put_u32(m, maxsign)) != 0)
(r = sshbuf_pu...maxsign)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
412 goto out;
never executed: goto out;
0
413 }
never executed: end of block
0
414 r = 0;-
415 out:
code before this statement never executed: out:
0
416 return r;
never executed: return r;
0
417}-
418-
419/*-
420 * Adds an identity to the authentication server.-
421 * This call is intended only for use by ssh-add(1) and like applications.-
422 */-
423int-
424ssh_add_identity_constrained(int sock, const struct sshkey *key,-
425 const char *comment, u_int life, u_int confirm, u_int maxsign)-
426{-
427 struct sshbuf *msg;-
428 int r, constrained = (life || confirm || maxsign);
lifeDescription
TRUEnever evaluated
FALSEnever evaluated
confirmDescription
TRUEnever evaluated
FALSEnever evaluated
maxsignDescription
TRUEnever evaluated
FALSEnever evaluated
0
429 u_char type;-
430-
431 if ((msg = sshbuf_new()) == NULL)
(msg = sshbuf_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
432 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
433-
434 switch (key->type) {-
435#ifdef WITH_OPENSSL-
436 case KEY_RSA:
never executed: case KEY_RSA:
0
437 case KEY_RSA_CERT:
never executed: case KEY_RSA_CERT:
0
438 case KEY_DSA:
never executed: case KEY_DSA:
0
439 case KEY_DSA_CERT:
never executed: case KEY_DSA_CERT:
0
440 case KEY_ECDSA:
never executed: case KEY_ECDSA:
0
441 case KEY_ECDSA_CERT:
never executed: case KEY_ECDSA_CERT:
0
442#endif-
443 case KEY_ED25519:
never executed: case KEY_ED25519:
0
444 case KEY_ED25519_CERT:
never executed: case KEY_ED25519_CERT:
0
445 case KEY_XMSS:
never executed: case KEY_XMSS:
0
446 case KEY_XMSS_CERT:
never executed: case KEY_XMSS_CERT:
0
447 type = constrained ?
constrainedDescription
TRUEnever evaluated
FALSEnever evaluated
0
448 SSH2_AGENTC_ADD_ID_CONSTRAINED :-
449 SSH2_AGENTC_ADD_IDENTITY;-
450 if ((r = sshbuf_put_u8(msg, type)) != 0 ||
(r = sshbuf_pu...g, type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
451 (r = sshkey_private_serialize_maxsign(key, msg, maxsign,
(r = sshkey_pr...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
452 NULL)) != 0 ||
(r = sshkey_pr...d *)0) )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
453 (r = sshbuf_put_cstring(msg, comment)) != 0)
(r = sshbuf_pu...comment)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
454 goto out;
never executed: goto out;
0
455 break;
never executed: break;
0
456 default:
never executed: default:
0
457 r = SSH_ERR_INVALID_ARGUMENT;-
458 goto out;
never executed: goto out;
0
459 }-
460 if (constrained &&
constrainedDescription
TRUEnever evaluated
FALSEnever evaluated
0
461 (r = encode_constraints(msg, life, confirm, maxsign)) != 0)
(r = encode_co...maxsign)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
462 goto out;
never executed: goto out;
0
463 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
(r = ssh_reque...sg, msg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
464 goto out;
never executed: goto out;
0
465 if ((r = sshbuf_get_u8(msg, &type)) != 0)
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
466 goto out;
never executed: goto out;
0
467 r = decode_reply(type);-
468 out:
code before this statement never executed: out:
0
469 sshbuf_free(msg);-
470 return r;
never executed: return r;
0
471}-
472-
473/*-
474 * Removes an identity from the authentication server.-
475 * This call is intended only for use by ssh-add(1) and like applications.-
476 */-
477int-
478ssh_remove_identity(int sock, struct sshkey *key)-
479{-
480 struct sshbuf *msg;-
481 int r;-
482 u_char type, *blob = NULL;-
483 size_t blen;-
484-
485 if ((msg = sshbuf_new()) == NULL)
(msg = sshbuf_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
486 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
487-
488 if (key->type != KEY_UNSPEC) {
key->type != KEY_UNSPECDescription
TRUEnever evaluated
FALSEnever evaluated
0
489 if ((r = sshkey_to_blob(key, &blob, &blen)) != 0)
(r = sshkey_to..., &blen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
490 goto out;
never executed: goto out;
0
491 if ((r = sshbuf_put_u8(msg,
(r = sshbuf_pu...msg, 18)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
492 SSH2_AGENTC_REMOVE_IDENTITY)) != 0 ||
(r = sshbuf_pu...msg, 18)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
493 (r = sshbuf_put_string(msg, blob, blen)) != 0)
(r = sshbuf_pu...b, blen)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
494 goto out;
never executed: goto out;
0
495 } else {
never executed: end of block
0
496 r = SSH_ERR_INVALID_ARGUMENT;-
497 goto out;
never executed: goto out;
0
498 }-
499 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
(r = ssh_reque...sg, msg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
500 goto out;
never executed: goto out;
0
501 if ((r = sshbuf_get_u8(msg, &type)) != 0)
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
502 goto out;
never executed: goto out;
0
503 r = decode_reply(type);-
504 out:
code before this statement never executed: out:
0
505 if (blob != NULL) {
blob != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
506 explicit_bzero(blob, blen);-
507 free(blob);-
508 }
never executed: end of block
0
509 sshbuf_free(msg);-
510 return r;
never executed: return r;
0
511}-
512-
513/*-
514 * Add/remove an token-based identity from the authentication server.-
515 * This call is intended only for use by ssh-add(1) and like applications.-
516 */-
517int-
518ssh_update_card(int sock, int add, const char *reader_id, const char *pin,-
519 u_int life, u_int confirm)-
520{-
521 struct sshbuf *msg;-
522 int r, constrained = (life || confirm);
lifeDescription
TRUEnever evaluated
FALSEnever evaluated
confirmDescription
TRUEnever evaluated
FALSEnever evaluated
0
523 u_char type;-
524-
525 if (add) {
addDescription
TRUEnever evaluated
FALSEnever evaluated
0
526 type = constrained ?
constrainedDescription
TRUEnever evaluated
FALSEnever evaluated
0
527 SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED :-
528 SSH_AGENTC_ADD_SMARTCARD_KEY;-
529 } else
never executed: end of block
0
530 type = SSH_AGENTC_REMOVE_SMARTCARD_KEY;
never executed: type = 21;
0
531-
532 if ((msg = sshbuf_new()) == NULL)
(msg = sshbuf_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
533 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
534 if ((r = sshbuf_put_u8(msg, type)) != 0 ||
(r = sshbuf_pu...g, type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
535 (r = sshbuf_put_cstring(msg, reader_id)) != 0 ||
(r = sshbuf_pu...ader_id)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
536 (r = sshbuf_put_cstring(msg, pin)) != 0)
(r = sshbuf_pu...sg, pin)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
537 goto out;
never executed: goto out;
0
538 if (constrained &&
constrainedDescription
TRUEnever evaluated
FALSEnever evaluated
0
539 (r = encode_constraints(msg, life, confirm, 0)) != 0)
(r = encode_co...firm, 0)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
540 goto out;
never executed: goto out;
0
541 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
(r = ssh_reque...sg, msg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
542 goto out;
never executed: goto out;
0
543 if ((r = sshbuf_get_u8(msg, &type)) != 0)
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
544 goto out;
never executed: goto out;
0
545 r = decode_reply(type);-
546 out:
code before this statement never executed: out:
0
547 sshbuf_free(msg);-
548 return r;
never executed: return r;
0
549}-
550-
551/*-
552 * Removes all identities from the agent.-
553 * This call is intended only for use by ssh-add(1) and like applications.-
554 *-
555 * This supports the SSH protocol 1 message to because, when clearing all-
556 * keys from an agent, we generally want to clear both protocol v1 and v2-
557 * keys.-
558 */-
559int-
560ssh_remove_all_identities(int sock, int version)-
561{-
562 struct sshbuf *msg;-
563 u_char type = (version == 1) ?
(version == 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
564 SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES :-
565 SSH2_AGENTC_REMOVE_ALL_IDENTITIES;-
566 int r;-
567-
568 if ((msg = sshbuf_new()) == NULL)
(msg = sshbuf_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
569 return SSH_ERR_ALLOC_FAIL;
never executed: return -2;
0
570 if ((r = sshbuf_put_u8(msg, type)) != 0)
(r = sshbuf_pu...g, type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
571 goto out;
never executed: goto out;
0
572 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
(r = ssh_reque...sg, msg)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
573 goto out;
never executed: goto out;
0
574 if ((r = sshbuf_get_u8(msg, &type)) != 0)
(r = sshbuf_ge..., &type)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
575 goto out;
never executed: goto out;
0
576 r = decode_reply(type);-
577 out:
code before this statement never executed: out:
0
578 sshbuf_free(msg);-
579 return r;
never executed: return r;
0
580}-
Source codeSwitch to Preprocessed file

Generated by Squish Coco 4.2.2