Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

privatekey_dup() for ssh_bind_accept to hand off keys to session objects

  • Loading branch information...
commit 95aeaf81006b1fcfa14f8f3ff4a4efd85a285f71 1 parent aec30c8
James Halliday authored
Showing with 42 additions and 2 deletions.
  1. +1 −0  .gitignore
  2. +2 −0  include/libssh/keys.h
  3. +3 −2 src/bind.c
  4. +36 −0 src/keys.c
1  .gitignore
View
@@ -4,3 +4,4 @@
build
cscope.*
tags
+CPackConfig.cmake
2  include/libssh/keys.h
View
@@ -81,4 +81,6 @@ ssh_string ssh_do_sign(ssh_session session,ssh_buffer sigbuf,
ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey);
ssh_string ssh_encrypt_rsa1(ssh_session session, ssh_string data, ssh_public_key key);
+ssh_private_key privatekey_dup(ssh_private_key);
+
#endif /* KEYS_H_ */
5 src/bind.c
View
@@ -38,6 +38,7 @@
#include "libssh/buffer.h"
#include "libssh/socket.h"
#include "libssh/session.h"
+#include "libssh/keys.h"
/**
* @addtogroup libssh_server
@@ -375,8 +376,8 @@ int ssh_bind_accept(ssh_bind sshbind, ssh_session session) {
}
ssh_socket_set_fd(session->socket, fd);
ssh_socket_get_poll_handle_out(session->socket);
- session->dsa_key = sshbind->dsa;
- session->rsa_key = sshbind->rsa;
+ session->dsa_key = privatekey_dup(sshbind->dsa);
+ session->rsa_key = privatekey_dup(sshbind->rsa);
return SSH_OK;
}
36 src/keys.c
View
@@ -1498,6 +1498,42 @@ ssh_string ssh_sign_session_id(ssh_session session, ssh_private_key privatekey)
return signature;
}
+ssh_private_key privatekey_dup(ssh_private_key key) {
+ ssh_private_key *copy = (ssh_private_key *) malloc(sizeof(ssh_private_key));
+ (*copy)->type = key->type;
+
+#ifdef HAVE_LIBGCRYPT
+ #error not sure what a gcry_sexp is
+#elif defined HAVE_LIBCRYPTO
+ if (key->dsa_priv) {
+ (*copy)->dsa_priv = DSA_new();
+ (*copy)->dsa_priv->p = BN_dup(key->dsa_priv->p);
+ (*copy)->dsa_priv->q = BN_dup(key->dsa_priv->q);
+ (*copy)->dsa_priv->g = BN_dup(key->dsa_priv->g);
+ (*copy)->dsa_priv->pub_key = BN_dup(key->dsa_priv->pub_key);
+ (*copy)->dsa_priv->priv_key = BN_dup(key->dsa_priv->pub_key);
+
+ if (key->dsa_priv->p == NULL ||
+ key->dsa_priv->q == NULL ||
+ key->dsa_priv->g == NULL ||
+ key->dsa_priv->pub_key == NULL
+ ) { return NULL; }
+ }
+
+ if (key->rsa_priv) {
+ (*copy)->rsa_priv = RSA_new();
+ (*copy)->rsa_priv->e = BN_dup(key->rsa_priv->e);
+ (*copy)->rsa_priv->n = BN_dup(key->rsa_priv->n);
+
+ if (key->rsa_priv->e == NULL || key->rsa_priv->n == NULL) {
+ return NULL;
+ }
+ }
+#endif
+
+ return *copy;
+}
+
/** @} */
/* vim: set ts=4 sw=4 et cindent: */
Please sign in to comment.
Something went wrong with that request. Please try again.