Tree - rpms/openssh - src.fedoraproject.org

rpms / openssh

Blame pam_ssh_agent_auth-0.9.3-agent_structure.patch

Blob History Raw

		87ab5fc	`diff -up openssh-7.1p2/pam_ssh_agent_auth-0.10.2/identity.h.psaa-agent openssh-7.1p2/pam_ssh_agent_auth-0.10.2/identity.h`
		87ab5fc	`--- openssh-7.1p2/pam_ssh_agent_auth-0.10.2/identity.h.psaa-agent 2014-03-31 19:35:16.000000000 +0200`
		87ab5fc	`+++ openssh-7.1p2/pam_ssh_agent_auth-0.10.2/identity.h 2016-01-22 15:47:15.999919059 +0100`
		87ab5fc	`@@ -38,6 +38,12 @@`
		87ab5fc	`typedef struct identity Identity;`
		87ab5fc	`typedef struct idlist Idlist;`
		87ab5fc
		87ab5fc	`+typedef struct {`
		87ab5fc	`+ int fd;`
		87ab5fc	`+ Buffer identities;`
		87ab5fc	`+ int howmany;`
		87ab5fc	`+} AuthenticationConnection;`
		87ab5fc	`+`
		87ab5fc	`struct identity {`
		87ab5fc	`TAILQ_ENTRY(identity) next;`
		87ab5fc	`AuthenticationConnection ac; / set if agent supports key */`
		87ab5fc	`diff -up openssh-7.1p2/pam_ssh_agent_auth-0.10.2/iterate_ssh_agent_keys.c.psaa-agent openssh-7.1p2/pam_ssh_agent_auth-0.10.2/iterate_ssh_agent_keys.c`
		87ab5fc	`--- openssh-7.1p2/pam_ssh_agent_auth-0.10.2/iterate_ssh_agent_keys.c.psaa-agent 2016-01-22 15:47:15.998919060 +0100`
		87ab5fc	`+++ openssh-7.1p2/pam_ssh_agent_auth-0.10.2/iterate_ssh_agent_keys.c 2016-01-22 15:53:38.427768239 +0100`
		87ab5fc	`@@ -39,6 +39,7 @@`
		637556d	`#include "buffer.h"`
		637556d	`#include "key.h"`
		637556d	`#include "authfd.h"`
		637556d	`+#include "ssherr.h"`
		637556d	`#include <stdio.h>`
		87ab5fc	`#include <openssl/evp.h>`
		87ab5fc	`#include "ssh2.h"`
		87ab5fc	`@@ -285,36 +286,43 @@ pamsshagentauth_find_authorized_keys(con`
		637556d	`{`
		87ab5fc	`Buffer session_id2 = { 0 };`
		637556d	`Identity *id;`
		637556d	`- Key *key;`
		637556d	`AuthenticationConnection *ac;`
		637556d	`- char *comment;`
		637556d	`uint8_t retval = 0;`
		87ab5fc	`uid_t uid = getpwnam(ruser)->pw_uid;`
		73d45fa	`+ struct ssh_identitylist *idlist;`
		73d45fa	`+ int r, i;`
		637556d
		637556d	`OpenSSL_add_all_digests();`
		87ab5fc	`pamsshagentauth_session_id2_gen(&session_id2, user, ruser, servicename);`
		637556d
		637556d	`if ((ac = ssh_get_authentication_connection_for_uid(uid))) {`
		87ab5fc	`verbose("Contacted ssh-agent of user %s (%u)", ruser, uid);`
		637556d	`- for (key = ssh_get_first_identity(ac, &comment, 2); key != NULL; key = ssh_get_next_identity(ac, &comment, 2))`
		637556d	`+ if ((r = ssh_fetch_identitylist(ac->fd, 2,`
		637556d	`+ &idlist)) != 0) {`
		637556d	`+ if (r != SSH_ERR_AGENT_NO_IDENTITIES)`
		637556d	`+ fprintf(stderr, "error fetching identities for "`
		637556d	`+ "protocol %d: %s\n", 2, ssh_err(r));`
		405790e	`+ } else {`
		637556d	`+ for (i = 0; i < idlist->nkeys; i++)`
		637556d	`{`
		637556d	`- if(key != NULL) {`
		637556d	`+ if(idlist->keys[i] != NULL) {`
		637556d	`id = xcalloc(1, sizeof(*id));`
		637556d	`- id->key = key;`
		637556d	`- id->filename = comment;`
		637556d	`+ id->key = idlist->keys[i];`
		637556d	`+ id->filename = idlist->comments[i];`
		637556d	`id->ac = ac;`
		87ab5fc	`if(userauth_pubkey_from_id(ruser, id, &session_id2)) {`
		637556d	`retval = 1;`
		73d45fa	`}`
		73d45fa	`- free(id->filename);`
		73d45fa	`- key_free(id->key);`
		73d45fa	`free(id);`
		73d45fa	`if(retval == 1)`
		637556d	`break;`
		637556d	`}`
		637556d	`}`
		87ab5fc	`buffer_free(&session_id2);`
		637556d	`- ssh_close_authentication_connection(ac);`
		73d45fa	`+ ssh_free_identitylist(idlist);`
		73d45fa	`+ ssh_close_authentication_socket(ac->fd);`
		73d45fa	`+ free(ac);`
		405790e	`+ }`
		637556d	`}`
		637556d	`else {`
		637556d	`verbose("No ssh-agent could be contacted");`
		87ab5fc	`diff -up openssh-7.1p2/pam_ssh_agent_auth-0.10.2/userauth_pubkey_from_id.c.psaa-agent openssh-7.1p2/pam_ssh_agent_auth-0.10.2/userauth_pubkey_from_id.c`
		87ab5fc	`--- openssh-7.1p2/pam_ssh_agent_auth-0.10.2/userauth_pubkey_from_id.c.psaa-agent 2016-01-22 15:47:15.995919061 +0100`
		87ab5fc	`+++ openssh-7.1p2/pam_ssh_agent_auth-0.10.2/userauth_pubkey_from_id.c 2016-01-22 16:06:20.611464261 +0100`
		87ab5fc	`@@ -55,10 +55,11 @@ extern uint8_t session_id_len;`
		73d45fa	`int`
		87ab5fc	`userauth_pubkey_from_id(const char ruser, Identity id, Buffer * session_id2)`
		73d45fa	`{`
		73d45fa	`- Buffer b = { 0 };`
		73d45fa	`+ Buffer b;`
		73d45fa	`char *pkalg = NULL;`
		73d45fa	`u_char pkblob = NULL, sig = NULL;`
		73d45fa	`- u_int blen = 0, slen = 0;`
		73d45fa	`+ u_int blen = 0;`
		73d45fa	`+ size_t slen = 0;`
		73d45fa	`int authenticated = 0;`
		73d45fa
		73d45fa	`pkalg = (char *) key_ssh_name(id->key);`
		87ab5fc	`@@ -82,7 +83,7 @@ userauth_pubkey_from_id(const char *ruse`
		637556d	`buffer_put_cstring(&b, pkalg);`
		637556d	`buffer_put_string(&b, pkblob, blen);`
		637556d
		637556d	`- if(ssh_agent_sign(id->ac, id->key, &sig, &slen, buffer_ptr(&b), buffer_len(&b)) != 0)`
		459bd27	`+ if(ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, buffer_ptr(&b), buffer_len(&b), 0) != 0)`
		637556d	`goto user_auth_clean_exit;`
		637556d
		637556d	`/* test for correct signature */`
		13073f8	`diff --git a/pam_ssh_agent_auth-0.10.2/userauth_pubkey_from_id.c b/pam_ssh_agent_auth-0.10.2/userauth_pubkey_from_id.c`
		13073f8	`--- a/pam_ssh_agent_auth-0.10.2/userauth_pubkey_from_id.c`
		13073f8	`+++ b/pam_ssh_agent_auth-0.10.2/userauth_pubkey_from_id.c`
		13073f8	`@@ -85,7 +85,7 @@ userauth_pubkey_from_id(const char ruser, Identity id, Buffer * session_id2)`
		13073f8	`buffer_put_cstring(&b, pkalg);`
		13073f8	`buffer_put_string(&b, pkblob, blen);`
		13073f8
		13073f8	`- if(ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, buffer_ptr(&b), buffer_len(&b), 0) != 0)`
		13073f8	`+ if(ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, buffer_ptr(&b), buffer_len(&b), NULL, 0) != 0)`
		13073f8	`goto user_auth_clean_exit;`
		13073f8
		13073f8	`/* test for correct signature */`
		13073f8

rpms / openssh

Source Code

Blame pam_ssh_agent_auth-0.9.3-agent_structure.patch