shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-11 18:50:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

Use the new expand functions.

Browse Source 
This implements escape chars for IdentityFile in ssh_config and reads
the system ssh_config.
This commit is contained in:
Andreas Schneider
2010-05-11 02:08:29 +02:00
parent b8bc3a6582
commit 9d7fc9d50b
5 changed files with 106 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/libssh/priv.h
View File

@@ -249,8 +249,8 @@ int gettimeofday(struct timeval *__p, void *__t);
/* options.c */ /* options.c */
char *dir_expand_dup(ssh_session session, const char *value, int allowsshdir);
int ssh_options_set_algo(ssh_session session, int algo, const char *list); int ssh_options_set_algo(ssh_session session, int algo, const char *list);
int ssh_options_apply(ssh_session session);
/** Free memory space */ /** Free memory space */
#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0) #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0)

18
libssh/auth.c
View File

@@ -864,16 +864,11 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
for (it = ssh_list_get_iterator(session->identity); for (it = ssh_list_get_iterator(session->identity);
it != NULL; it != NULL;
it = it->next) { it = it->next) {
char *privkey_file = NULL; const char *privkey_file = it->data;
int privkey_open = 0; int privkey_open = 0;
privkey = NULL; privkey = NULL;
privkey_file = dir_expand_dup(session, it->data, 1);
if (privkey_file == NULL) {
continue;
}
ssh_log(session, SSH_LOG_PROTOCOL, "Trying to read privatekey %s", privkey_file); ssh_log(session, SSH_LOG_PROTOCOL, "Trying to read privatekey %s", privkey_file);
rc = ssh_try_publickey_from_file(session, privkey_file, &pubkey_string, &type); rc = ssh_try_publickey_from_file(session, privkey_file, &pubkey_string, &type);
@@ -886,7 +881,6 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
ssh_log(session, SSH_LOG_RARE, ssh_log(session, SSH_LOG_RARE,
"Reading private key %s failed (bad passphrase ?)", "Reading private key %s failed (bad passphrase ?)",
privkey_file); privkey_file);
SAFE_FREE(privkey_file);
leave_function(); leave_function();
return SSH_AUTH_ERROR; return SSH_AUTH_ERROR;
} }
@@ -894,7 +888,6 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
pubkey = publickey_from_privatekey(privkey); pubkey = publickey_from_privatekey(privkey);
if (pubkey == NULL) { if (pubkey == NULL) {
SAFE_FREE(privkey_file);
privatekey_free(privkey); privatekey_free(privkey);
ssh_set_error_oom(session); ssh_set_error_oom(session);
leave_function(); leave_function();
@@ -905,7 +898,6 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
type = pubkey->type; type = pubkey->type;
publickey_free(pubkey); publickey_free(pubkey);
if (pubkey_string == NULL) { if (pubkey_string == NULL) {
SAFE_FREE(privkey_file);
ssh_set_error_oom(session); ssh_set_error_oom(session);
leave_function(); leave_function();
return SSH_AUTH_ERROR; return SSH_AUTH_ERROR;
@@ -914,7 +906,6 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
len = strlen(privkey_file) + 5; len = strlen(privkey_file) + 5;
publickey_file = malloc(len); publickey_file = malloc(len);
if (publickey_file == NULL) { if (publickey_file == NULL) {
SAFE_FREE(privkey_file);
ssh_set_error_oom(session); ssh_set_error_oom(session);
leave_function(); leave_function();
return SSH_AUTH_ERROR; return SSH_AUTH_ERROR;
@@ -927,13 +918,11 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
} }
SAFE_FREE(publickey_file); SAFE_FREE(publickey_file);
} else if (rc < 0) { } else if (rc < 0) {
SAFE_FREE(privkey_file);
continue; continue;
} }
rc = ssh_userauth_offer_pubkey(session, NULL, type, pubkey_string); rc = ssh_userauth_offer_pubkey(session, NULL, type, pubkey_string);
if (rc == SSH_AUTH_ERROR){ if (rc == SSH_AUTH_ERROR){
SAFE_FREE(privkey_file);
string_free(pubkey_string); string_free(pubkey_string);
ssh_log(session, SSH_LOG_RARE, "Publickey authentication error"); ssh_log(session, SSH_LOG_RARE, "Publickey authentication error");
leave_function(); leave_function();
@@ -941,7 +930,6 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
} else { } else {
if (rc != SSH_AUTH_SUCCESS){ if (rc != SSH_AUTH_SUCCESS){
ssh_log(session, SSH_LOG_PROTOCOL, "Publickey refused by server"); ssh_log(session, SSH_LOG_PROTOCOL, "Publickey refused by server");
SAFE_FREE(privkey_file);
string_free(pubkey_string); string_free(pubkey_string);
continue; continue;
} }
@@ -956,7 +944,6 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
ssh_log(session, SSH_LOG_RARE, ssh_log(session, SSH_LOG_RARE,
"Reading private key %s failed (bad passphrase ?)", "Reading private key %s failed (bad passphrase ?)",
privkey_file); privkey_file);
SAFE_FREE(privkey_file);
string_free(pubkey_string); string_free(pubkey_string);
continue; /* continue the loop with other pubkey */ continue; /* continue the loop with other pubkey */
} }
@@ -964,7 +951,6 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
rc = ssh_userauth_pubkey(session, NULL, pubkey_string, privkey); rc = ssh_userauth_pubkey(session, NULL, pubkey_string, privkey);
if (rc == SSH_AUTH_ERROR) { if (rc == SSH_AUTH_ERROR) {
SAFE_FREE(privkey_file);
string_free(pubkey_string); string_free(pubkey_string);
privatekey_free(privkey); privatekey_free(privkey);
leave_function(); leave_function();
@@ -973,7 +959,6 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
if (rc != SSH_AUTH_SUCCESS){ if (rc != SSH_AUTH_SUCCESS){
ssh_log(session, SSH_LOG_FUNCTIONS, ssh_log(session, SSH_LOG_FUNCTIONS,
"The server accepted the public key but refused the signature"); "The server accepted the public key but refused the signature");
SAFE_FREE(privkey_file);
string_free(pubkey_string); string_free(pubkey_string);
privatekey_free(privkey); privatekey_free(privkey);
continue; continue;
@@ -983,7 +968,6 @@ int ssh_userauth_autopubkey(ssh_session session, const char *passphrase) {
/* auth success */ /* auth success */
ssh_log(session, SSH_LOG_PROTOCOL, ssh_log(session, SSH_LOG_PROTOCOL,
"Successfully authenticated using %s", privkey_file); "Successfully authenticated using %s", privkey_file);
SAFE_FREE(privkey_file);
string_free(pubkey_string); string_free(pubkey_string);
privatekey_free(privkey); privatekey_free(privkey);

9
libssh/client.c
View File

@@ -482,6 +482,7 @@ int ssh_connect(ssh_session session) {
int ssh1 = 0; int ssh1 = 0;
int ssh2 = 0; int ssh2 = 0;
int fd = -1; int fd = -1;
int ret;
if (session == NULL) { if (session == NULL) {
ssh_set_error(session, SSH_FATAL, "Invalid session pointer"); ssh_set_error(session, SSH_FATAL, "Invalid session pointer");
@@ -503,6 +504,14 @@ int ssh_connect(ssh_session session) {
leave_function(); leave_function();
return SSH_ERROR; return SSH_ERROR;
} }
ret = ssh_options_apply(session);
if (ret < 0) {
ssh_set_error(session, SSH_FATAL, "Couldn't apply options");
leave_function();
return SSH_ERROR;
}
if (session->fd != -1) { if (session->fd != -1) {
fd = session->fd; fd = session->fd;
#ifndef _WIN32 #ifndef _WIN32

30
libssh/keyfiles.c
View File

@@ -1130,8 +1130,6 @@ int ssh_try_publickey_from_file(ssh_session session, const char *keyfile,
ssh_string try_publickey_from_file(ssh_session session, struct ssh_keys_struct keytab, ssh_string try_publickey_from_file(ssh_session session, struct ssh_keys_struct keytab,
char **privkeyfile, int *type) { char **privkeyfile, int *type) {
char *public;
char *private;
const char *priv; const char *priv;
const char *pub; const char *pub;
char *new; char *new;
@@ -1152,21 +1150,15 @@ ssh_string try_publickey_from_file(ssh_session session, struct ssh_keys_struct k
} }
} }
/* are them readable ? */ ssh_log(session, SSH_LOG_PACKET, "Trying to open publickey %s", pub);
public=dir_expand_dup(session,pub,1); if (!ssh_file_readaccess_ok(pub)) {
private=dir_expand_dup(session,priv,1); ssh_log(session, SSH_LOG_PACKET, "Failed to open publickey %s", pub);
//snprintf(public, sizeof(public), "%s/%s", session->sshdir, pub);
//snprintf(private, sizeof(private), "%s/%s", session->sshdir, priv);
ssh_log(session, SSH_LOG_PACKET, "Trying to open publickey %s", public);
if (!ssh_file_readaccess_ok(public)) {
ssh_log(session, SSH_LOG_PACKET, "Failed to open publickey %s", public);
goto error; goto error;
} }
ssh_log(session, SSH_LOG_PACKET, "Trying to open privatekey %s", private); ssh_log(session, SSH_LOG_PACKET, "Trying to open privatekey %s", priv);
if (!ssh_file_readaccess_ok(private)) { if (!ssh_file_readaccess_ok(priv)) {
ssh_log(session, SSH_LOG_PACKET, "Failed to open privatekey %s", private); ssh_log(session, SSH_LOG_PACKET, "Failed to open privatekey %s", priv);
goto error; goto error;
} }
@@ -1176,26 +1168,24 @@ ssh_string try_publickey_from_file(ssh_session session, struct ssh_keys_struct k
* We are sure both the private and public key file is readable. We return * We are sure both the private and public key file is readable. We return
* the public as a string, and the private filename as an argument * the public as a string, and the private filename as an argument
*/ */
pubkey = publickey_from_file(session, public, type); pubkey = publickey_from_file(session, pub, type);
if (pubkey == NULL) { if (pubkey == NULL) {
ssh_log(session, SSH_LOG_PACKET, ssh_log(session, SSH_LOG_PACKET,
"Wasn't able to open public key file %s: %s", "Wasn't able to open public key file %s: %s",
public, pub,
ssh_get_error(session)); ssh_get_error(session));
goto error; goto error;
} }
new = realloc(*privkeyfile, strlen(private) + 1); new = realloc(*privkeyfile, strlen(priv) + 1);
if (new == NULL) { if (new == NULL) {
string_free(pubkey); string_free(pubkey);
goto error; goto error;
} }
strcpy(new, private); strcpy(new, priv);
*privkeyfile = new; *privkeyfile = new;
error: error:
SAFE_FREE(public);
SAFE_FREE(private);
return pubkey; return pubkey;
} }

150
libssh/options.c
View File

@@ -162,58 +162,6 @@ int ssh_options_set_algo(ssh_session session, int algo,
return 0; return 0;
} }
char *dir_expand_dup(ssh_session session, const char *value, int allowsshdir) {
char *new;
if (value[0] == '~' && value[1] == '/') {
char *homedir = ssh_get_user_home_dir();
size_t lv, lh;
if (homedir == NULL) {
return NULL;
}
lv = strlen(value + 1);
lh = strlen(homedir);
new = malloc(lv + lh + 1);
if (new == NULL) {
ssh_set_error_oom(session);
SAFE_FREE(homedir);
return NULL;
}
memcpy(new, homedir, lh);
SAFE_FREE(homedir);
memcpy(new + lh, value + 1, lv + 1);
return new;
}
if (allowsshdir && strncmp(value, "SSH_DIR/", 8) == 0) {
size_t lv, ls;
if (session->sshdir == NULL) {
if (ssh_options_set(session, SSH_OPTIONS_SSH_DIR, NULL) < 0)
return NULL;
}
value += 7;
lv = strlen(value);
ls = strlen(session->sshdir);
new = malloc(lv + ls + 1);
if (new == NULL) {
ssh_set_error_oom(session);
return NULL;
}
memcpy(new, session->sshdir, ls);
memcpy(new + ls, value, lv + 1);
return new;
}
new = strdup(value);
if (new == NULL) {
ssh_set_error_oom(session);
return NULL;
}
return new;
}
/** /**
* @brief This function can set all possible ssh options. * @brief This function can set all possible ssh options.
* *
@@ -468,15 +416,14 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
case SSH_OPTIONS_SSH_DIR: case SSH_OPTIONS_SSH_DIR:
if (value == NULL) { if (value == NULL) {
SAFE_FREE(session->sshdir); SAFE_FREE(session->sshdir);
/* TODO: why ~/.ssh/ instead of ~/.ssh ? */
session->sshdir = dir_expand_dup(session, "~/.ssh/", 0); session->sshdir = ssh_path_expand_tilde("~/.ssh/");
if (session->sshdir == NULL) { if (session->sshdir == NULL) {
return -1; return -1;
} }
} else { } else {
SAFE_FREE(session->sshdir); SAFE_FREE(session->sshdir);
session->sshdir = dir_expand_dup(session, value, 0); session->sshdir = ssh_path_expand_tilde(value);
if (session->sshdir == NULL) { if (session->sshdir == NULL) {
return -1; return -1;
} }
@@ -488,27 +435,28 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
ssh_set_error_invalid(session, __FUNCTION__); ssh_set_error_invalid(session, __FUNCTION__);
return -1; return -1;
} }
q = dir_expand_dup(session, value, 1); q = strdup(value);
if (q == NULL) { if (q == NULL) {
return -1; return -1;
} }
rc = ssh_list_prepend(session->identity, q); rc = ssh_list_prepend(session->identity, q);
if (rc < 0) { if (rc < 0) {
SAFE_FREE(q);
return -1; return -1;
} }
break; break;
case SSH_OPTIONS_KNOWNHOSTS: case SSH_OPTIONS_KNOWNHOSTS:
if (value == NULL) { if (value == NULL) {
SAFE_FREE(session->knownhosts); SAFE_FREE(session->knownhosts);
session->knownhosts = dir_expand_dup(session, if (session->sshdir == NULL) {
"SSH_DIR/known_hosts", 1); return -1;
}
session->knownhosts = ssh_path_expand_escape(session, "%d/known_hosts");
if (session->knownhosts == NULL) { if (session->knownhosts == NULL) {
return -1; return -1;
} }
} else { } else {
SAFE_FREE(session->knownhosts); SAFE_FREE(session->knownhosts);
session->knownhosts = dir_expand_dup(session, value, 1); session->knownhosts = strdup(value);
if (session->knownhosts == NULL) { if (session->knownhosts == NULL) {
return -1; return -1;
} }
@@ -621,7 +569,12 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
ssh_set_error_invalid(session, __FUNCTION__); ssh_set_error_invalid(session, __FUNCTION__);
return -1; return -1;
} else { } else {
session->ProxyCommand = strdup(value); SAFE_FREE(session->ProxyCommand);
q = strdup(value);
if (q == NULL) {
return -1;
}
session->ProxyCommand = q;
} }
break; break;
default: default:
@@ -1062,19 +1015,84 @@ int ssh_options_parse_config(ssh_session session, const char *filename) {
return -1; return -1;
} }
if (session->sshdir == NULL) {
r = ssh_options_set(session, SSH_OPTIONS_SSH_DIR, NULL);
if (r < 0) {
ssh_set_error_oom(session);
return -1;
}
}
/* set default filename */ /* set default filename */
if (filename == NULL) { if (filename == NULL) {
expanded_filename = dir_expand_dup(session, "SSH_DIR/config", 1); expanded_filename = ssh_path_expand_escape(session, "%d/config");
} else { } else {
expanded_filename = dir_expand_dup(session, filename, 1); expanded_filename = ssh_path_expand_escape(session, filename);
} }
if (expanded_filename == NULL) if (expanded_filename == NULL) {
return -1; return -1;
}
r = ssh_config_parse_file(session, expanded_filename); r = ssh_config_parse_file(session, expanded_filename);
if (r < 0) {
goto out;
}
if (filename == NULL) {
r = ssh_config_parse_file(session, "/etc/ssh/ssh_config");
}
out:
free(expanded_filename); free(expanded_filename);
return r; return r;
} }
/** @} */ int ssh_options_apply(ssh_session session) {
/* vim: set ts=2 sw=2 et cindent: */ struct ssh_iterator *it;
char *tmp;
int rc;
if (session->sshdir == NULL) {
rc = ssh_options_set(session, SSH_OPTIONS_SSH_DIR, NULL);
if (rc < 0) {
return -1;
}
}
if (session->knownhosts == NULL) {
tmp = ssh_path_expand_escape(session, "%d/known_hosts");
} else {
tmp = ssh_path_expand_escape(session, session->knownhosts);
}
if (tmp == NULL) {
return -1;
}
free(session->knownhosts);
session->knownhosts = tmp;
if (session->ProxyCommand != NULL) {
tmp = ssh_path_expand_escape(session, session->ProxyCommand);
if (tmp == NULL) {
return -1;
}
free(session->ProxyCommand);
session->ProxyCommand = tmp;
}
for (it = ssh_list_get_iterator(session->identity);
it != NULL;
it = it->next) {
char *id = (char *) it->data;
tmp = ssh_path_expand_escape(session, id);
if (tmp == NULL) {
return -1;
}
free(id);
it->data = tmp;
}
return 0;
}
/* @} */
/* vim: set ts=4 sw=4 et cindent: */