Commit 468b772d authored by Niels Möller's avatar Niels Möller
Browse files

* src/lshd.c: Deleted old code. Use a keypair_info alist for the

host key(s).

Rev: src/lshd.c:1.39
parent 4603fed7
......@@ -86,70 +86,9 @@ void usage(void)
exit(1);
}
#if 0
struct signer *secret_key;
struct lsh_string *public_key;
/* A key generated by gnupg */
static void init_host_key(struct randomness *r)
{
mpz_t p, q, g, y, a;
mpz_t tmp;
struct lsh_string *s;
mpz_init_set_str(p,
"BC7797D55CF2449CA4B02396246AF5C75CA38C52B6F2E543"
"6754198B137B25B0A81DFE269D5CDFD0AEA290A32BA5B918"
"B58D64762D40EAA8D70F282B3AC4A7771171B1B1D1AE89F4"
"1CD091FE95A6F42A2340081F9E97A4B5F953DE223F10F878"
"4C0619A9979643E5325DF71C9C088F3BC82FA0A6C47B5C64"
"BC07A31B9CDB2B07", 16);
mpz_init_set_str(q,
"867F7E6563B3FAF19B65C83E9B843150C5CC2201", 16);
mpz_init_set_str(g,
"7FA83EAEDFD8679A4A80C869AD7E353F3B517569C2079C79"
"97EA6655764581B073F71AA15C07A789AEB213B106741AAB"
"CA81B8300B1F8510D3CD1C3D9D7D11640C1608E8E2E71527"
"68B8FDCB5544E29A020D14CC5C12E264C59E57E9F6832DA7"
"10B805CD9866C1110D60069D31D5A72D1A1ED96F2B11CFEF"
"7AB347F0632CB0C7", 16);
mpz_init_set_str(y,
"2DA5B458DF3616097FA22DB6BDDD31A29E532054D4C208F7"
"EBF63EB2476E8E98E0885CFBC5669B56EC834E42058E8BCF"
"C259CA1BE981D7721306709499DE27E7B13F62359D9520D1"
"3D73C62E8E5C5F6B8E2C70217EC3B557FBCB98535BE3C6EE"
"0C71DEC1FE9C6791D3780DD8D593D5030969D303A5818B01"
"C4B855C07E8C4F64", 16);
mpz_init_set_str(a,
"295190AEDBBD6EBD2F817F7D8CCC8B0095DCD82E", 16);
mpz_init_set(tmp, g);
mpz_powm(tmp, tmp, a, p);
if (mpz_cmp(tmp, y))
fatal("Test key invalid\n");
mpz_clear(tmp);
public_key = ssh_format("%a%n%n%n%n", ATOM_SSH_DSS, p, q, g, y);
s = ssh_format("%n", a);
secret_key = MAKE_SIGNER(make_dsa_algorithm(r),
public_key->length, public_key->data,
s->length, s->data);
if (!secret_key)
fatal("Can't parse secret key\n");
lsh_string_free(s);
mpz_clear(p);
mpz_clear(q);
mpz_clear(g);
mpz_clear(y);
mpz_clear(a);
}
#endif
/* FIXME: We should have some more general functions for reading private keys. */
/* FIXME: We should have some more general functions for reading
* private keys. */
/* CLASS:
(class
......@@ -157,8 +96,8 @@ static void init_host_key(struct randomness *r)
(super sexp_handler)
(vars
(random object randomness)
(secret pointer (object signer))
(public pointer (string))))
;; Maps hostkey algorithm to a keyinfo structure
(keys object alist)))
*/
static int do_read_key(struct sexp_handler *h, struct sexp *private)
......@@ -213,19 +152,27 @@ static int do_read_key(struct sexp_handler *h, struct sexp *private)
{
struct lsh_string *public
= ssh_format("%a%n%n%n%n", ATOM_SSH_DSS, p, q, g, y);
struct signer *secret;
struct signer *private;
s = ssh_format("%n", x);
secret = MAKE_SIGNER(make_dsa_algorithm(closure->random),
public->length, public->data,
s->length, s->data);
assert(secret);
private = MAKE_SIGNER(make_dsa_algorithm(closure->random),
public->length, public->data,
s->length, s->data);
assert(private);
lsh_string_free(s);
*closure->public = public;
*closure->secret = secret;
/* FIXME: Check if we already have a key for this algorithm,
* and warn about multiple keys. */
ALIST_SET(closure->keys, ATOM_SSH_DSS,
make_keypair_info(public, private));
#if DATAFELLOWS_SSH2_SSH_DSA_KLUDGE
ALIST_SET(closure->keys, ATOM_SSH_DSS_KLUDGE,
make_keypair_info(public,
make_dsa_signer_kludge(private)));
#endif
verbose("lshd: Using (public) hostkey:\n"
" p=%hn\n"
" q=%hn\n"
......@@ -250,8 +197,7 @@ static int do_read_key(struct sexp_handler *h, struct sexp *private)
}
static int read_host_key(const char *name,
struct lsh_string **public,
struct signer **secret,
struct alist *keys,
struct randomness *r)
{
int fd = open(name, O_RDONLY);
......@@ -269,8 +215,7 @@ static int read_host_key(const char *name,
handler->super.handler = do_read_key;
handler->random = r;
handler->public = public;
handler->secret = secret;
handler->keys = keys;
res = blocking_read(fd, make_read_sexp(&handler->super,
2000, SEXP_TRANSPORT, 0));
......@@ -299,8 +244,7 @@ int main(int argc, char **argv)
char *sshd1 = NULL;
#endif
struct lsh_string *public_key = NULL;
struct signer *secret_key = NULL;
struct alist *keys;
int option;
......@@ -414,12 +358,16 @@ int main(int argc, char **argv)
usage();
/* Read the hostkey */
if (!read_host_key(hostkey, &public_key, &secret_key, r))
keys = make_alist(0, -1);
if (!read_host_key(hostkey, keys, r))
{
werror("lshd: Could not read hostkey.\n");
return EXIT_FAILURE;
}
/* FIXME: We should check that we have at aleast one host key.
* We should also extract the host-key algorithms for which we have keys,
* instead of hardcoding ssh-dss below. */
if (!get_inaddr(&local, host, port, "tcp"))
{
werror("lshd: No such host or service.\n");
......@@ -427,7 +375,7 @@ int main(int argc, char **argv)
}
#if 0
#ifdef HAVE_SYSLOG
#if HAVE_SYSLOG
{
int option = LOG_PID | LOG_CONS;
if (foreground_flag)
......@@ -443,7 +391,7 @@ int main(int argc, char **argv)
init_backend(backend);
reaper = make_reaper();
kex = make_dh_server(dh, public_key, secret_key);
kex = make_dh_server(dh, keys);
ALIST_SET(algorithms, ATOM_DIFFIE_HELLMAN_GROUP1_SHA1, kex);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment