agent: Clean up SSH support.

* agent/command-ssh.c (file_to_buffer): Remove. (ssh_handler_request_identities): Use agent_public_key_from_file. -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-06-02 22:38:02 +02:00 · 2016-08-06 14:47:29 +09:00 · 2016-08-06 14:47:29 +09:00 · 894789c329
commit 894789c329
parent c9387e41db
1 changed files with 11 additions and 127 deletions
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@ -814,67 +814,6 @@ stream_copy (estream_t dst, estream_t src)
  return err;
 }
 /* Read the content of the file specified by FILENAME into a newly
   create buffer, which is to be stored in BUFFER; store length of
   buffer in BUFFER_N.  */
 static gpg_error_t
 file_to_buffer (const char *filename, unsigned char **buffer, size_t *buffer_n)
 {
  unsigned char *buffer_new;
  struct stat statbuf;
  estream_t stream;
  gpg_error_t err;
  int ret;
  *buffer = NULL;
  *buffer_n = 0;
  buffer_new = NULL;
  err = 0;
  stream = es_fopen (filename, "rb");
  if (! stream)
    {
      err = gpg_error_from_syserror ();
      goto out;
    }
  ret = fstat (es_fileno (stream), &statbuf);
  if (ret)
    {
      err = gpg_error_from_syserror ();
      goto out;
    }
  buffer_new = xtrymalloc (statbuf.st_size);
  if (! buffer_new)
    {
      err = gpg_error_from_syserror ();
      goto out;
    }
  err = stream_read_data (stream, buffer_new, statbuf.st_size);
  if (err)
    goto out;
  *buffer = buffer_new;
  *buffer_n = statbuf.st_size;
 out:
  if (stream)
    es_fclose (stream);
  if (err)
    xfree (buffer_new);
  return err;
 }
 /* Open the ssh control file and create it if not available.  With
   APPEND passed as true the file will be opened in append mode,
@ -2683,12 +2622,8 @@ static gpg_error_t
 ssh_handler_request_identities (ctrl_t ctrl,
                                estream_t request, estream_t response)
 {
  ssh_key_type_spec_t spec;
  char *key_fname = NULL;
  char *fnameptr;
  u32 key_counter;
  estream_t key_blobs;
  gcry_sexp_t key_secret;
  gcry_sexp_t key_public;
  gpg_error_t err;
  int ret;
@ -2700,7 +2635,6 @@ ssh_handler_request_identities (ctrl_t ctrl,
  /* Prepare buffer stream.  */
  key_secret = NULL;
  key_public = NULL;
  key_counter = 0;
  err = 0;
@ -2729,29 +2663,6 @@ ssh_handler_request_identities (ctrl_t ctrl,
      key_counter++;
    }
  /* Prepare buffer for key name construction.  */
  {
    char *dname;
    dname = make_filename (gnupg_homedir (), GNUPG_PRIVATE_KEYS_DIR, NULL);
    if (!dname)
      {
        err = gpg_err_code_from_syserror ();
        goto out;
      }
    key_fname = xtrymalloc (strlen (dname) + 1 + 40 + 4 + 1);
    if (!key_fname)
      {
        err = gpg_err_code_from_syserror ();
        xfree (dname);
        goto out;
      }
    fnameptr = stpcpy (stpcpy (key_fname, dname), "/");
    xfree (dname);
  }
  /* Then look at all the registered and non-disabled keys. */
  err = open_control_file (&cf, 0);
  if (err)
@ -2759,52 +2670,27 @@ ssh_handler_request_identities (ctrl_t ctrl,
  while (!read_control_file_item (cf))
    {
      unsigned char grip[20];
      if (!cf->item.valid)
        continue; /* Should not happen.  */
      if (cf->item.disabled)
        continue;
      assert (strlen (cf->item.hexgrip) == 40);
      hex2bin (cf->item.hexgrip, grip, sizeof (grip));
-      stpcpy (stpcpy (fnameptr, cf->item.hexgrip), ".key");
+      err = agent_public_key_from_file (ctrl, grip, &key_public);
-
+      if (err)
-      /* Read file content.  */
+        {
-      {
+          log_error ("failed to read the public key\n");
        unsigned char *buffer;
        size_t buffer_n;
        err = file_to_buffer (key_fname, &buffer, &buffer_n);
        if (err)
          {
            log_error ("%s:%d: key '%s' skipped: %s\n",
                       cf->fname, cf->lnr, cf->item.hexgrip,
                       gpg_strerror (err));
            continue;
          }
        err = gcry_sexp_sscan (&key_secret, NULL, (char*)buffer, buffer_n);
        xfree (buffer);
        if (err)
          goto out;
-      }
+        }
-      {
+      err = ssh_send_key_public (key_blobs, key_public, NULL);
        char *key_type = NULL;
        err = sexp_extract_identifier (key_secret, &key_type);
        if (err)
          goto out;
        err = ssh_key_type_lookup (NULL, key_type, &spec);
        xfree (key_type);
        if (err)
          goto out;
      }
      err = ssh_send_key_public (key_blobs, key_secret, NULL);
      if (err)
        goto out;
-      gcry_sexp_release (key_secret);
+      gcry_sexp_release (key_public);
-      key_secret = NULL;
+      key_public = NULL;
      key_counter++;
    }
@ -2820,7 +2706,6 @@ ssh_handler_request_identities (ctrl_t ctrl,
 out:
  /* Send response.  */
  gcry_sexp_release (key_secret);
  gcry_sexp_release (key_public);
  if (!err)
@ -2838,7 +2723,6 @@ ssh_handler_request_identities (ctrl_t ctrl,
  es_fclose (key_blobs);
  close_control_file (cf);
  xfree (key_fname);
  return ret_err;
 }