security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-20 14:37:08 +01:00
Code Activity

agent: Factor out handling scanning over ssh keys.

Browse Source 
* agent/command-ssh.c (ssh_send_available_keys): New.
(ssh_handler_request_identities): Use ssh_send_available_keys.

--

GnuPG-bug-id: 5985
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2022-05-20 15:46:49 +09:00
parent 5986310866
commit ef3e5fd403
1 changed files with 48 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
agent/command-ssh.c
View File

@ -2449,7 +2449,50 @@ card_key_available (ctrl_t ctrl, const struct card_key_info_s *keyinfo,
return 0; return 0;
} }
static gpg_error_t
ssh_send_available_keys (ctrl_t ctrl, estream_t key_blobs, u32 *key_counter_p)
{
gpg_error_t err;
ssh_control_file_t cf = NULL;
err = open_control_file (&cf, 0);
if (err)
return err;
while (!read_control_file_item (cf))
{
unsigned char grip[20];
gcry_sexp_t key_public = NULL;
if (!cf->item.valid)
continue; /* Should not happen. */
if (cf->item.disabled)
continue;
log_assert (strlen (cf->item.hexgrip) == 40);
hex2bin (cf->item.hexgrip, grip, sizeof (grip));
err = agent_public_key_from_file (ctrl, grip, &key_public);
if (err)
{
log_error ("%s:%d: key '%s' skipped: %s\n",
cf->fname, cf->lnr, cf->item.hexgrip,
gpg_strerror (err));
/* Clear ERR, skiping the key in question. */
err = 0;
continue;
}
err = ssh_send_key_public (key_blobs, key_public, NULL);
if (err)
break;
gcry_sexp_release (key_public);
(*key_counter_p)++;
}
close_control_file (cf);
return err;
}
/* /*
@ -2471,7 +2514,6 @@ ssh_handler_request_identities (ctrl_t ctrl,
gcry_sexp_t key_public; gcry_sexp_t key_public;
gpg_error_t err; gpg_error_t err;
int ret; int ret;
ssh_control_file_t cf = NULL;
gpg_error_t ret_err; gpg_error_t ret_err;
(void)request; (void)request;
@ -2552,52 +2594,17 @@ ssh_handler_request_identities (ctrl_t ctrl,
scd_out: scd_out:
/* Then look at all the registered and non-disabled keys. */ /* Then look at all the registered and non-disabled keys. */
err = open_control_file (&cf, 0); err = ssh_send_available_keys (ctrl, key_blobs, &key_counter);
if (err) if (!err)
goto out;
while (!read_control_file_item (cf))
{ {
unsigned char grip[20];
if (!cf->item.valid)
continue; /* Should not happen. */
if (cf->item.disabled)
continue;
log_assert (strlen (cf->item.hexgrip) == 40);
hex2bin (cf->item.hexgrip, grip, sizeof (grip));
err = agent_public_key_from_file (ctrl, grip, &key_public);
if (err)
{
log_error ("%s:%d: key '%s' skipped: %s\n",
cf->fname, cf->lnr, cf->item.hexgrip,
gpg_strerror (err));
continue;
}
err = ssh_send_key_public (key_blobs, key_public, NULL);
if (err)
goto out;
gcry_sexp_release (key_public);
key_public = NULL;
key_counter++;
}
err = 0;
ret = es_fseek (key_blobs, 0, SEEK_SET); ret = es_fseek (key_blobs, 0, SEEK_SET);
if (ret) if (ret)
{
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
goto out;
} }
out: out:
/* Send response. */ /* Send response. */
gcry_sexp_release (key_public);
if (!err) if (!err)
{ {
ret_err = stream_write_byte (response, SSH_RESPONSE_IDENTITIES_ANSWER); ret_err = stream_write_byte (response, SSH_RESPONSE_IDENTITIES_ANSWER);
@ -2614,7 +2621,6 @@ ssh_handler_request_identities (ctrl_t ctrl,
} }
es_fclose (key_blobs); es_fclose (key_blobs);
close_control_file (cf);
return ret_err; return ret_err;
} }