Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | static int | - |
10 | decode_reply(u_char type) | - |
11 | { | - |
12 | if (((TRUE | never evaluated | FALSE | never evaluated |
type == 5)TRUE | never evaluated | FALSE | never evaluated |
|| (TRUE | never evaluated | FALSE | never evaluated |
type == 102)TRUE | never evaluated | FALSE | never evaluated |
|| (TRUE | never evaluated | FALSE | never evaluated |
type == 30)TRUE | never evaluated | FALSE | never evaluated |
)) | 0 |
13 | return never executed: return -27; -27;never executed: return -27; | 0 |
14 | else if (type == 6TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
15 | return never executed: return 0; 0;never executed: return 0; | 0 |
16 | else | - |
17 | return never executed: return -4; -4;never executed: return -4; | 0 |
18 | } | - |
19 | | - |
20 | | - |
21 | int | - |
22 | ssh_get_authentication_socket(int *fdp) | - |
23 | { | - |
24 | const char *authsocket; | - |
25 | int sock, oerrno; | - |
26 | struct sockaddr_un sunaddr; | - |
27 | | - |
28 | if (fdp != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
29 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
30 | ) | - |
31 | * never executed: *fdp = -1; fdp = -1;never executed: *fdp = -1; | 0 |
32 | | - |
33 | authsocket = getenv("SSH_AUTH_SOCK"); | - |
34 | if (!authsocketTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
35 | return never executed: return -47; -47;never executed: return -47; | 0 |
36 | | - |
37 | memset(&sunaddr, 0, sizeof(sunaddr)); | - |
38 | sunaddr.sun_family = | - |
39 | 1 | - |
40 | ; | - |
41 | strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); | - |
42 | | - |
43 | if ((TRUE | never evaluated | FALSE | never evaluated |
sock = socket(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
44 | 1TRUE | never evaluated | FALSE | never evaluated |
| 0 |
45 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
46 | SOCK_STREAMTRUE | never evaluated | FALSE | never evaluated |
| 0 |
47 | , 0)) < 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
48 | return never executed: return -24; -24;never executed: return -24; | 0 |
49 | | - |
50 | | - |
51 | if (fcntl(sock, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
52 | 2TRUE | never evaluated | FALSE | never evaluated |
| 0 |
53 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
54 | 1TRUE | never evaluated | FALSE | never evaluated |
| 0 |
55 | ) == -1TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
56 | connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
57 | oerrno = | - |
58 | (*__errno_location ()) | - |
59 | ; | - |
60 | close(sock); | - |
61 | | - |
62 | (*__errno_location ()) | - |
63 | = oerrno; | - |
64 | return never executed: return -24; -24;never executed: return -24; | 0 |
65 | } | - |
66 | if (fdp != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
67 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
68 | ) | - |
69 | * never executed: *fdp = sock; fdp = sock;never executed: *fdp = sock; | 0 |
70 | else | - |
71 | close(sock); never executed: close(sock); | 0 |
72 | return never executed: return 0; 0;never executed: return 0; | 0 |
73 | } | - |
74 | | - |
75 | | - |
76 | static int | - |
77 | ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) | - |
78 | { | - |
79 | int r; | - |
80 | size_t l, len; | - |
81 | char buf[1024]; | - |
82 | | - |
83 | | - |
84 | len = sshbuf_len(request); | - |
85 | do { const u_int32_t __v = (len); ((u_char *)(buf))[0] = (__v >> 24) & 0xff; ((u_char *)(buf))[1] = (__v >> 16) & 0xff; ((u_char *)(buf))[2] = (__v >> 8) & 0xff; ((u_char *)(buf))[3] = __v & 0xff; } while (0); | - |
86 | | - |
87 | | - |
88 | if (atomicio((ssize_t (*)(int, void *, size_t))write, sock, buf, 4) != 4TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
89 | atomicio((ssize_t (*)(int, void *, size_t))write, sock, sshbuf_mutable_ptr(request),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
90 | sshbuf_len(request)) != sshbuf_len(request)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
91 | return never executed: return -26; -26;never executed: return -26; | 0 |
92 | | - |
93 | | - |
94 | | - |
95 | | - |
96 | if (atomicio(read, sock, buf, 4) != 4TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
97 | return never executed: return -26; -26;never executed: return -26; | 0 |
98 | | - |
99 | | - |
100 | len = (((u_int32_t)(((const u_char *)(buf))[0]) << 24) | ((u_int32_t)(((const u_char *)(buf))[1]) << 16) | ((u_int32_t)(((const u_char *)(buf))[2]) << 8) | (u_int32_t)(((const u_char *)(buf))[3])); | - |
101 | if (len > (256 * 1024)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
102 | return never executed: return -4; -4;never executed: return -4; | 0 |
103 | | - |
104 | | - |
105 | sshbuf_reset(reply); | - |
106 | while (len > 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
107 | l = len; | - |
108 | if (l > sizeof(buf)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
109 | l = sizeof(buf); never executed: l = sizeof(buf); | 0 |
110 | if (atomicio(read, sock, buf, l) != lTRUE | never evaluated | FALSE | never evaluated |
) | 0 |
111 | return never executed: return -26; -26;never executed: return -26; | 0 |
112 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put(reply, buf, l)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
113 | return never executed: return r; r;never executed: return r; | 0 |
114 | len -= l; | - |
115 | } never executed: end of block | 0 |
116 | return never executed: return 0; 0;never executed: return 0; | 0 |
117 | } | - |
118 | | - |
119 | | - |
120 | | - |
121 | | - |
122 | | - |
123 | | - |
124 | void | - |
125 | ssh_close_authentication_socket(int sock) | - |
126 | { | - |
127 | if (getenv("SSH_AUTH_SOCK")TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
128 | close(sock); never executed: close(sock); | 0 |
129 | } never executed: end of block | 0 |
130 | | - |
131 | | - |
132 | int | - |
133 | ssh_lock_agent(int sock, int lock, const char *password) | - |
134 | { | - |
135 | int r; | - |
136 | u_char type = lockTRUE | never evaluated | FALSE | never evaluated |
? 22 : 23; | 0 |
137 | struct sshbuf *msg; | - |
138 | | - |
139 | if ((TRUE | never evaluated | FALSE | never evaluated |
msg = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
140 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
141 | ) | - |
142 | return never executed: return -2; -2;never executed: return -2; | 0 |
143 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(msg, type)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
144 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(msg, password)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
145 | goto never executed: goto out; out;never executed: goto out; | 0 |
146 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_request_reply(sock, msg, msg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
147 | goto never executed: goto out; out;never executed: goto out; | 0 |
148 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(msg, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
149 | goto never executed: goto out; out;never executed: goto out; | 0 |
150 | r = decode_reply(type); | - |
151 | out: code before this statement never executed: out: | 0 |
152 | sshbuf_free(msg); | - |
153 | return never executed: return r; r;never executed: return r; | 0 |
154 | } | - |
155 | | - |
156 | | - |
157 | static int | - |
158 | deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp) | - |
159 | { | - |
160 | int r; | - |
161 | char *comment = | - |
162 | ((void *)0) | - |
163 | ; | - |
164 | const u_char *blob; | - |
165 | size_t blen; | - |
166 | | - |
167 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string_direct(ids, &blob, &blen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
168 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_cstring(ids, &comment, TRUE | never evaluated | FALSE | never evaluated |
| 0 |
169 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
170 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
171 | goto never executed: goto out; out;never executed: goto out; | 0 |
172 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_from_blob(blob, blen, keyp)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
173 | goto never executed: goto out; out;never executed: goto out; | 0 |
174 | if (commentp != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
175 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
176 | ) { | - |
177 | *commentp = comment; | - |
178 | comment = | - |
179 | ((void *)0) | - |
180 | ; | - |
181 | } never executed: end of block | 0 |
182 | r = 0; | - |
183 | out: code before this statement never executed: out: | 0 |
184 | free(comment); | - |
185 | return never executed: return r; r;never executed: return r; | 0 |
186 | } | - |
187 | | - |
188 | | - |
189 | | - |
190 | | - |
191 | int | - |
192 | ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp) | - |
193 | { | - |
194 | u_char type; | - |
195 | u_int32_t num, i; | - |
196 | struct sshbuf *msg; | - |
197 | struct ssh_identitylist *idl = | - |
198 | ((void *)0) | - |
199 | ; | - |
200 | int r; | - |
201 | | - |
202 | | - |
203 | | - |
204 | | - |
205 | | - |
206 | if ((TRUE | never evaluated | FALSE | never evaluated |
msg = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
207 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
208 | ) | - |
209 | return never executed: return -2; -2;never executed: return -2; | 0 |
210 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(msg, 11)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
211 | goto never executed: goto out; out;never executed: goto out; | 0 |
212 | | - |
213 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_request_reply(sock, msg, msg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
214 | goto never executed: goto out; out;never executed: goto out; | 0 |
215 | | - |
216 | | - |
217 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(msg, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
218 | goto never executed: goto out; out;never executed: goto out; | 0 |
219 | if (((TRUE | never evaluated | FALSE | never evaluated |
type == 5)TRUE | never evaluated | FALSE | never evaluated |
|| (TRUE | never evaluated | FALSE | never evaluated |
type == 102)TRUE | never evaluated | FALSE | never evaluated |
|| (TRUE | never evaluated | FALSE | never evaluated |
type == 30)TRUE | never evaluated | FALSE | never evaluated |
)) { | 0 |
220 | r = -27; | - |
221 | goto never executed: goto out; out;never executed: goto out; | 0 |
222 | } else if (type != 12TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
223 | r = -4; | - |
224 | goto never executed: goto out; out;never executed: goto out; | 0 |
225 | } | - |
226 | | - |
227 | | - |
228 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u32(msg, &num)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
229 | goto never executed: goto out; out;never executed: goto out; | 0 |
230 | if (num > 2048TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
231 | r = -4; | - |
232 | goto never executed: goto out; out;never executed: goto out; | 0 |
233 | } | - |
234 | if (num == 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
235 | r = -48; | - |
236 | goto never executed: goto out; out;never executed: goto out; | 0 |
237 | } | - |
238 | | - |
239 | | - |
240 | if ((TRUE | never evaluated | FALSE | never evaluated |
idl = calloc(1, sizeof(*idl))) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
241 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
242 | || | - |
243 | (TRUE | never evaluated | FALSE | never evaluated |
idl->keys = calloc(num, sizeof(*idl->keys))) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
244 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
245 | || | - |
246 | (TRUE | never evaluated | FALSE | never evaluated |
idl->comments = calloc(num, sizeof(*idl->comments))) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
247 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
248 | ) { | - |
249 | r = -2; | - |
250 | goto never executed: goto out; out;never executed: goto out; | 0 |
251 | } | - |
252 | for (i = 0; i < numTRUE | never evaluated | FALSE | never evaluated |
;) { | 0 |
253 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = deserialise_identity2(msg, &(idl->keys[i]),TRUE | never evaluated | FALSE | never evaluated |
| 0 |
254 | &(idl->comments[i]))) != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
255 | if (r == -14TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
256 | | - |
257 | num--; | - |
258 | continue; never executed: continue; | 0 |
259 | } else | - |
260 | goto never executed: goto out; out;never executed: goto out; | 0 |
261 | } | - |
262 | i++; | - |
263 | } never executed: end of block | 0 |
264 | idl->nkeys = num; | - |
265 | *idlp = idl; | - |
266 | idl = | - |
267 | ((void *)0) | - |
268 | ; | - |
269 | r = 0; | - |
270 | out: code before this statement never executed: out: | 0 |
271 | sshbuf_free(msg); | - |
272 | if (idl != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
273 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
274 | ) | - |
275 | ssh_free_identitylist(idl); never executed: ssh_free_identitylist(idl); | 0 |
276 | return never executed: return r; r;never executed: return r; | 0 |
277 | } | - |
278 | | - |
279 | void | - |
280 | ssh_free_identitylist(struct ssh_identitylist *idl) | - |
281 | { | - |
282 | size_t i; | - |
283 | | - |
284 | if (idl == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
285 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
286 | ) | - |
287 | return; never executed: return; | 0 |
288 | for (i = 0; i < idl->nkeysTRUE | never evaluated | FALSE | never evaluated |
; i++) { | 0 |
289 | if (idl->keys != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
290 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
291 | ) | - |
292 | sshkey_free(idl->keys[i]); never executed: sshkey_free(idl->keys[i]); | 0 |
293 | if (idl->comments != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
294 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
295 | ) | - |
296 | free(idl->comments[i]); never executed: free(idl->comments[i]); | 0 |
297 | } never executed: end of block | 0 |
298 | free(idl); | - |
299 | } never executed: end of block | 0 |
300 | static u_int | - |
301 | agent_encode_alg(const struct sshkey *key, const char *alg) | - |
302 | { | - |
303 | if (alg != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
304 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
305 | && key->type == KEY_RSATRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
306 | if ( | - |
307 | __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
308 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
309 | ) && __builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
310 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
311 | ) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
312 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
313 | ), __s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
314 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
315 | ), (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
316 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
317 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
318 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
319 | ) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
320 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
321 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
322 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
323 | ) == 1) || __s2_len >= 4)) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
324 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
325 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
326 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
327 | ) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
328 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
329 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
330 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
331 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
332 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
333 | ) == 1) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
334 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
335 | ), __s1_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
336 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
337 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
338 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
339 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
340 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
341 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
342 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
343 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
344 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
345 | ) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
346 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
347 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
348 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
349 | ))[0] - __s2[0]); if (__s1_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
350 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
351 | ))[1] - __s2[1]); if (__s1_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
352 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
353 | ))[2] - __s2[2]); if (__s1_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( alg ))[3] - __s2[3]); | 0 |
354 | algTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( alg ))[3] - __s2[3]); | 0 |
355 | ))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
356 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
357 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
358 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
359 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
360 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
361 | ) == 1) && (__s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
362 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
363 | ), __s2_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
364 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
365 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
366 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
367 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
368 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
369 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
370 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
371 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
372 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
373 | ) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
374 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
375 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
376 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
377 | ))[0] - __s2[0]); if (__s2_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
378 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
379 | ))[1] - __s2[1]); if (__s2_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
380 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
381 | ))[2] - __s2[2]); if (__s2_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( "rsa-sha2-256" ))[3] - __s2[3]); | 0 |
382 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( "rsa-sha2-256" ))[3] - __s2[3]); | 0 |
383 | ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
384 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
385 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
386 | "rsa-sha2-256"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
387 | )))); }) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
388 | == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
389 | return never executed: return 0x02; 0x02;never executed: return 0x02; | 0 |
390 | else if ( | - |
391 | __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
392 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
393 | ) && __builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
394 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
395 | ) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
396 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
397 | ), __s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
398 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
399 | ), (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
400 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
401 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
402 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
403 | ) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
404 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
405 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
406 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
407 | ) == 1) || __s2_len >= 4)) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
408 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
409 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
410 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
411 | ) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
412 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
413 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
414 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
415 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
416 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
417 | ) == 1) && (__s1_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
418 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
419 | ), __s1_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
420 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
421 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
422 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
423 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
424 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
425 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
426 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
427 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
428 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
429 | ) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
430 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
431 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
432 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
433 | ))[0] - __s2[0]); if (__s1_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
434 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
435 | ))[1] - __s2[1]); if (__s1_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
436 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
437 | ))[2] - __s2[2]); if (__s1_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( alg ))[3] - __s2[3]); | 0 |
438 | algTRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( alg ))[3] - __s2[3]); | 0 |
439 | ))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
440 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
441 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
442 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
443 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
444 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
445 | ) == 1) && (__s2_len = __builtin_strlen (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
446 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
447 | ), __s2_len < 4) ? (__builtin_constant_p (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
448 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
449 | ) && ((size_t)(const void *)((TRUE | never evaluated | FALSE | never evaluated |
| 0 |
450 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
451 | ) + 1) - (size_t)(const void *)(TRUE | never evaluated | FALSE | never evaluated |
| 0 |
452 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
453 | ) == 1) ? __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
454 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
455 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
456 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
457 | ) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
458 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
459 | ); int __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
460 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
461 | ))[0] - __s2[0]); if (__s2_len > 0TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
462 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
463 | ))[1] - __s2[1]); if (__s2_len > 1TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) { __result = (((const unsigned char *) (const char *) (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
464 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
465 | ))[2] - __s2[2]); if (__s2_len > 2TRUE | never evaluated | FALSE | never evaluated |
&& __result == 0TRUE | never evaluated | FALSE | never evaluated |
) __result = (((const unsigned char *) (const char *) (never executed: __result = (((const unsigned char *) (const char *) ( "rsa-sha2-512" ))[3] - __s2[3]); | 0 |
466 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
never executed: __result = (((const unsigned char *) (const char *) ( "rsa-sha2-512" ))[3] - __s2[3]); | 0 |
467 | ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (TRUE | never evaluated | FALSE | never evaluated |
| 0 |
468 | algTRUE | never evaluated | FALSE | never evaluated |
| 0 |
469 | , TRUE | never evaluated | FALSE | never evaluated |
| 0 |
470 | "rsa-sha2-512"TRUE | never evaluated | FALSE | never evaluated |
| 0 |
471 | )))); }) TRUE | never evaluated | FALSE | never evaluated |
| 0 |
472 | == 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
473 | return never executed: return 0x04; 0x04;never executed: return 0x04; | 0 |
474 | } never executed: end of block | 0 |
475 | return never executed: return 0; 0;never executed: return 0; | 0 |
476 | } | - |
477 | | - |
478 | | - |
479 | int | - |
480 | ssh_agent_sign(int sock, const struct sshkey *key, | - |
481 | u_char **sigp, size_t *lenp, | - |
482 | const u_char *data, size_t datalen, const char *alg, u_int compat) | - |
483 | { | - |
484 | struct sshbuf *msg; | - |
485 | u_char *sig = | - |
486 | ((void *)0) | - |
487 | , type = 0; | - |
488 | size_t len = 0; | - |
489 | u_int flags = 0; | - |
490 | int r = -1; | - |
491 | | - |
492 | *sigp = | - |
493 | ((void *)0) | - |
494 | ; | - |
495 | *lenp = 0; | - |
496 | | - |
497 | if (datalen > (1 << 20)TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
498 | return never executed: return -10; -10;never executed: return -10; | 0 |
499 | if ((TRUE | never evaluated | FALSE | never evaluated |
msg = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
500 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
501 | ) | - |
502 | return never executed: return -2; -2;never executed: return -2; | 0 |
503 | flags |= agent_encode_alg(key, alg); | - |
504 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(msg, 13)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
505 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_puts(key, msg)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
506 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_string(msg, data, datalen)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
507 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(msg, flags)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
508 | goto never executed: goto out; out;never executed: goto out; | 0 |
509 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_request_reply(sock, msg, msg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
510 | goto never executed: goto out; out;never executed: goto out; | 0 |
511 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(msg, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
512 | goto never executed: goto out; out;never executed: goto out; | 0 |
513 | if (((TRUE | never evaluated | FALSE | never evaluated |
type == 5)TRUE | never evaluated | FALSE | never evaluated |
|| (TRUE | never evaluated | FALSE | never evaluated |
type == 102)TRUE | never evaluated | FALSE | never evaluated |
|| (TRUE | never evaluated | FALSE | never evaluated |
type == 30)TRUE | never evaluated | FALSE | never evaluated |
)) { | 0 |
514 | r = -27; | - |
515 | goto never executed: goto out; out;never executed: goto out; | 0 |
516 | } else if (type != 14TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
517 | r = -4; | - |
518 | goto never executed: goto out; out;never executed: goto out; | 0 |
519 | } | - |
520 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_string(msg, &sig, &len)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
521 | goto never executed: goto out; out;never executed: goto out; | 0 |
522 | | - |
523 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_check_sigtype(sig, len, alg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
524 | goto never executed: goto out; out;never executed: goto out; | 0 |
525 | | - |
526 | *sigp = sig; | - |
527 | *lenp = len; | - |
528 | sig = | - |
529 | ((void *)0) | - |
530 | ; | - |
531 | len = 0; | - |
532 | r = 0; | - |
533 | out: code before this statement never executed: out: | 0 |
534 | freezero(sig, len); | - |
535 | sshbuf_free(msg); | - |
536 | return never executed: return r; r;never executed: return r; | 0 |
537 | } | - |
538 | | - |
539 | | - |
540 | | - |
541 | | - |
542 | static int | - |
543 | encode_constraints(struct sshbuf *m, u_int life, u_int confirm, u_int maxsign) | - |
544 | { | - |
545 | int r; | - |
546 | | - |
547 | if (life != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
548 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(m, 1)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
549 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, life)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
550 | goto never executed: goto out; out;never executed: goto out; | 0 |
551 | } never executed: end of block | 0 |
552 | if (confirm != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
553 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(m, 2)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
554 | goto never executed: goto out; out;never executed: goto out; | 0 |
555 | } never executed: end of block | 0 |
556 | if (maxsign != 0TRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
557 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(m, 3)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
558 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u32(m, maxsign)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
559 | goto never executed: goto out; out;never executed: goto out; | 0 |
560 | } never executed: end of block | 0 |
561 | r = 0; | - |
562 | out: code before this statement never executed: out: | 0 |
563 | return never executed: return r; r;never executed: return r; | 0 |
564 | } | - |
565 | | - |
566 | | - |
567 | | - |
568 | | - |
569 | | - |
570 | int | - |
571 | ssh_add_identity_constrained(int sock, const struct sshkey *key, | - |
572 | const char *comment, u_int life, u_int confirm, u_int maxsign) | - |
573 | { | - |
574 | struct sshbuf *msg; | - |
575 | int r, constrained = (lifeTRUE | never evaluated | FALSE | never evaluated |
|| confirmTRUE | never evaluated | FALSE | never evaluated |
|| maxsignTRUE | never evaluated | FALSE | never evaluated |
); | 0 |
576 | u_char type; | - |
577 | | - |
578 | if ((TRUE | never evaluated | FALSE | never evaluated |
msg = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
579 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
580 | ) | - |
581 | return never executed: return -2; -2;never executed: return -2; | 0 |
582 | | - |
583 | switch (key->type) { | - |
584 | | - |
585 | case never executed: case KEY_RSA: KEY_RSA:never executed: case KEY_RSA: | 0 |
586 | case never executed: case KEY_RSA_CERT: KEY_RSA_CERT:never executed: case KEY_RSA_CERT: | 0 |
587 | case never executed: case KEY_DSA: KEY_DSA:never executed: case KEY_DSA: | 0 |
588 | case never executed: case KEY_DSA_CERT: KEY_DSA_CERT:never executed: case KEY_DSA_CERT: | 0 |
589 | case never executed: case KEY_ECDSA: KEY_ECDSA:never executed: case KEY_ECDSA: | 0 |
590 | case never executed: case KEY_ECDSA_CERT: KEY_ECDSA_CERT:never executed: case KEY_ECDSA_CERT: | 0 |
591 | | - |
592 | case never executed: case KEY_ED25519: KEY_ED25519:never executed: case KEY_ED25519: | 0 |
593 | case never executed: case KEY_ED25519_CERT: KEY_ED25519_CERT:never executed: case KEY_ED25519_CERT: | 0 |
594 | case never executed: case KEY_XMSS: KEY_XMSS:never executed: case KEY_XMSS: | 0 |
595 | case never executed: case KEY_XMSS_CERT: KEY_XMSS_CERT:never executed: case KEY_XMSS_CERT: | 0 |
596 | type = constrainedTRUE | never evaluated | FALSE | never evaluated |
? | 0 |
597 | 25 : | - |
598 | 17; | - |
599 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(msg, type)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
600 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_private_serialize_maxsign(key, msg, maxsign,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
601 | TRUE | never evaluated | FALSE | never evaluated |
| 0 |
602 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
603 | )) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
604 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(msg, comment)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
605 | goto never executed: goto out; out;never executed: goto out; | 0 |
606 | break; never executed: break; | 0 |
607 | default never executed: default: :never executed: default: | 0 |
608 | r = -10; | - |
609 | goto never executed: goto out; out;never executed: goto out; | 0 |
610 | } | - |
611 | if (constrainedTRUE | never evaluated | FALSE | never evaluated |
&& | 0 |
612 | (TRUE | never evaluated | FALSE | never evaluated |
r = encode_constraints(msg, life, confirm, maxsign)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
613 | goto never executed: goto out; out;never executed: goto out; | 0 |
614 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_request_reply(sock, msg, msg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
615 | goto never executed: goto out; out;never executed: goto out; | 0 |
616 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(msg, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
617 | goto never executed: goto out; out;never executed: goto out; | 0 |
618 | r = decode_reply(type); | - |
619 | out: code before this statement never executed: out: | 0 |
620 | sshbuf_free(msg); | - |
621 | return never executed: return r; r;never executed: return r; | 0 |
622 | } | - |
623 | | - |
624 | | - |
625 | | - |
626 | | - |
627 | | - |
628 | int | - |
629 | ssh_remove_identity(int sock, struct sshkey *key) | - |
630 | { | - |
631 | struct sshbuf *msg; | - |
632 | int r; | - |
633 | u_char type, *blob = | - |
634 | ((void *)0) | - |
635 | ; | - |
636 | size_t blen; | - |
637 | | - |
638 | if ((TRUE | never evaluated | FALSE | never evaluated |
msg = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
639 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
640 | ) | - |
641 | return never executed: return -2; -2;never executed: return -2; | 0 |
642 | | - |
643 | if (key->type != KEY_UNSPECTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
644 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshkey_to_blob(key, &blob, &blen)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
645 | goto never executed: goto out; out;never executed: goto out; | 0 |
646 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(msg,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
647 | 18)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
648 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_string(msg, blob, blen)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
649 | goto never executed: goto out; out;never executed: goto out; | 0 |
650 | } never executed: end of block else { | 0 |
651 | r = -10; | - |
652 | goto never executed: goto out; out;never executed: goto out; | 0 |
653 | } | - |
654 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_request_reply(sock, msg, msg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
655 | goto never executed: goto out; out;never executed: goto out; | 0 |
656 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(msg, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
657 | goto never executed: goto out; out;never executed: goto out; | 0 |
658 | r = decode_reply(type); | - |
659 | out: code before this statement never executed: out: | 0 |
660 | if (blob != TRUE | never evaluated | FALSE | never evaluated |
| 0 |
661 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
662 | ) { | - |
663 | explicit_bzero(blob, blen); | - |
664 | free(blob); | - |
665 | } never executed: end of block | 0 |
666 | sshbuf_free(msg); | - |
667 | return never executed: return r; r;never executed: return r; | 0 |
668 | } | - |
669 | | - |
670 | | - |
671 | | - |
672 | | - |
673 | | - |
674 | int | - |
675 | ssh_update_card(int sock, int add, const char *reader_id, const char *pin, | - |
676 | u_int life, u_int confirm) | - |
677 | { | - |
678 | struct sshbuf *msg; | - |
679 | int r, constrained = (lifeTRUE | never evaluated | FALSE | never evaluated |
|| confirmTRUE | never evaluated | FALSE | never evaluated |
); | 0 |
680 | u_char type; | - |
681 | | - |
682 | if (addTRUE | never evaluated | FALSE | never evaluated |
) { | 0 |
683 | type = constrainedTRUE | never evaluated | FALSE | never evaluated |
? | 0 |
684 | 26 : | - |
685 | 20; | - |
686 | } never executed: end of block else | 0 |
687 | type = 21; never executed: type = 21; | 0 |
688 | | - |
689 | if ((TRUE | never evaluated | FALSE | never evaluated |
msg = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
690 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
691 | ) | - |
692 | return never executed: return -2; -2;never executed: return -2; | 0 |
693 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(msg, type)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
694 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(msg, reader_id)) != 0TRUE | never evaluated | FALSE | never evaluated |
|| | 0 |
695 | (TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_cstring(msg, pin)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
696 | goto never executed: goto out; out;never executed: goto out; | 0 |
697 | if (constrainedTRUE | never evaluated | FALSE | never evaluated |
&& | 0 |
698 | (TRUE | never evaluated | FALSE | never evaluated |
r = encode_constraints(msg, life, confirm, 0)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
699 | goto never executed: goto out; out;never executed: goto out; | 0 |
700 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_request_reply(sock, msg, msg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
701 | goto never executed: goto out; out;never executed: goto out; | 0 |
702 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(msg, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
703 | goto never executed: goto out; out;never executed: goto out; | 0 |
704 | r = decode_reply(type); | - |
705 | out: code before this statement never executed: out: | 0 |
706 | sshbuf_free(msg); | - |
707 | return never executed: return r; r;never executed: return r; | 0 |
708 | } | - |
709 | int | - |
710 | ssh_remove_all_identities(int sock, int version) | - |
711 | { | - |
712 | struct sshbuf *msg; | - |
713 | u_char type = (TRUE | never evaluated | FALSE | never evaluated |
version == 1)TRUE | never evaluated | FALSE | never evaluated |
? | 0 |
714 | 9 : | - |
715 | 19; | - |
716 | int r; | - |
717 | | - |
718 | if ((TRUE | never evaluated | FALSE | never evaluated |
msg = sshbuf_new()) == TRUE | never evaluated | FALSE | never evaluated |
| 0 |
719 | ((void *)0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
720 | ) | - |
721 | return never executed: return -2; -2;never executed: return -2; | 0 |
722 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_put_u8(msg, type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
723 | goto never executed: goto out; out;never executed: goto out; | 0 |
724 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = ssh_request_reply(sock, msg, msg)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
725 | goto never executed: goto out; out;never executed: goto out; | 0 |
726 | if ((TRUE | never evaluated | FALSE | never evaluated |
r = sshbuf_get_u8(msg, &type)) != 0TRUE | never evaluated | FALSE | never evaluated |
) | 0 |
727 | goto never executed: goto out; out;never executed: goto out; | 0 |
728 | r = decode_reply(type); | - |
729 | out: code before this statement never executed: out: | 0 |
730 | sshbuf_free(msg); | - |
731 | return never executed: return r; r;never executed: return r; | 0 |
732 | } | - |
| | |