本文整理汇总了C++中buffer_len函数的典型用法代码示例。如果您正苦于以下问题:C++ buffer_len函数的具体用法?C++ buffer_len怎么用?C++ buffer_len使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了buffer_len函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: chan_obuf_empty
void
chan_obuf_empty(Channel *c)
{
debug2("channel %d: obuf empty", c->self);
if (buffer_len(&c->output)) {
error("channel %d: chan_obuf_empty for non empty buffer",
c->self);
return;
}
switch (c->ostate) {
case CHAN_OUTPUT_WAIT_DRAIN:
chan_shutdown_write(c);
if (!compat20)
chan_send_oclose1(c);
chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
break;
default:
error("channel %d: internal error: obuf_empty for ostate %d",
c->self, c->ostate);
break;
}
}
开发者ID:mpitzl,项目名称:libopenssh,代码行数:22,代码来源:nchan.c
示例2: input_gssapi_mic
static void
input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
{
Authctxt *authctxt = ctxt;
Gssctxt *gssctxt;
int authenticated = 0;
Buffer b;
gss_buffer_desc mic, gssbuf;
u_int len;
if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
fatal("No authentication or GSSAPI context");
gssctxt = authctxt->methoddata;
mic.value = packet_get_string(&len);
mic.length = len;
ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
"gssapi-with-mic");
gssbuf.value = buffer_ptr(&b);
gssbuf.length = buffer_len(&b);
if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
else
logit("GSSAPI MIC check failed");
buffer_free(&b);
free(mic.value);
authctxt->postponed = 0;
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL);
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_MIC, NULL);
dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
}
开发者ID:enukane,项目名称:netbsd-src,代码行数:39,代码来源:auth2-gss.c
示例3: jpake_confirm_hash
/* Confirmation hash calculation */
void
jpake_confirm_hash(const BIGNUM *k,
const u_char *endpoint_id, u_int endpoint_id_len,
const u_char *sess_id, u_int sess_id_len,
u_char **confirm_hash, u_int *confirm_hash_len)
{
Buffer b;
/*
* Calculate confirmation proof:
* client: H(k || client_id || session_id)
* server: H(k || server_id || session_id)
*/
buffer_init(&b);
buffer_put_bignum2(&b, k);
buffer_put_string(&b, endpoint_id, endpoint_id_len);
buffer_put_string(&b, sess_id, sess_id_len);
if (hash_buffer(buffer_ptr(&b), buffer_len(&b), EVP_sha256(),
confirm_hash, confirm_hash_len) != 0)
fatal("%s: hash_buffer", __func__);
buffer_free(&b);
}
开发者ID:UNGLinux,项目名称:Obase,代码行数:23,代码来源:jpake.c
示例4: buffer_get_bignum_ret
/*
* Retrieves a BIGNUM from the buffer.
*/
int
buffer_get_bignum_ret(Buffer *buffer, BIGNUM *value)
{
u_int bits, bytes;
u_char buf[2], *bin;
/* Get the number of bits. */
if (buffer_get_ret(buffer, (char *) buf, 2) == -1) {
error("buffer_get_bignum_ret: invalid length");
return (-1);
}
bits = get_u16(buf);
if (bits > 65535-7) {
error("buffer_get_bignum_ret: cannot handle BN of size %d",
bits);
return (-1);
}
/* Compute the number of binary bytes that follow. */
bytes = (bits + 7) / 8;
if (bytes > 8 * 1024) {
error("buffer_get_bignum_ret: cannot handle BN of size %d", bytes);
return (-1);
}
if (buffer_len(buffer) < bytes) {
error("buffer_get_bignum_ret: input buffer too small");
return (-1);
}
bin = buffer_ptr(buffer);
if (BN_bin2bn(bin, bytes, value) == NULL) {
error("buffer_get_bignum_ret: BN_bin2bn failed");
return (-1);
}
if (buffer_consume_ret(buffer, bytes) == -1) {
error("buffer_get_bignum_ret: buffer_consume failed");
return (-1);
}
return (0);
}
开发者ID:Alkzndr,项目名称:freebsd,代码行数:41,代码来源:bufbn.c
示例5: roaming_auth_required
static void
roaming_auth_required(void)
{
u_char digest[SHA_DIGEST_LENGTH];
EVP_MD_CTX md;
Buffer b;
const EVP_MD *evp_md = EVP_sha1();
u_int64_t chall, oldchall;
chall = packet_get_int64();
oldchall = packet_get_int64();
if (oldchall != lastseenchall) {
key1 = oldkey1;
key2 = oldkey2;
}
lastseenchall = chall;
buffer_init(&b);
buffer_put_int64(&b, cookie);
buffer_put_int64(&b, chall);
EVP_DigestInit(&md, evp_md);
EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
EVP_DigestFinal(&md, digest, NULL);
buffer_free(&b);
packet_start(SSH2_MSG_KEX_ROAMING_AUTH);
packet_put_int64(key1 ^ get_recv_bytes());
packet_put_raw(digest, sizeof(digest));
packet_send();
oldkey1 = key1;
oldkey2 = key2;
calculate_new_key(&key1, cookie, chall);
calculate_new_key(&key2, cookie, chall);
debug("Received %llu bytes", (unsigned long long)get_recv_bytes());
debug("Sent roaming_auth packet");
}
开发者ID:pombredanne,项目名称:NetBSD,代码行数:38,代码来源:roaming_client.c
示例6: http_compression_buffer_init
/*
* Init HTTP compression
*/
int http_compression_buffer_init(struct session *s, struct buffer *in, struct buffer *out)
{
struct http_msg *msg = &s->txn.rsp;
int left;
/* not enough space */
if (in->size - buffer_len(in) < 40)
return -1;
/*
* Skip data, we don't need them in the new buffer. They are results
* of CHUNK_CRLF and CHUNK_SIZE parsing.
*/
b_adv(in, msg->next);
msg->next = 0;
msg->sov = 0;
msg->sol = 0;
out->size = global.tune.bufsize;
out->i = 0;
out->o = 0;
out->p = out->data;
/* copy output data */
if (in->o > 0) {
left = in->o - bo_contig_data(in);
memcpy(out->data, bo_ptr(in), bo_contig_data(in));
out->p += bo_contig_data(in);
if (left > 0) { /* second part of the buffer */
memcpy(out->p, in->data, left);
out->p += left;
}
out->o = in->o;
}
out->i += http_emit_chunk_size(out->p, 0, 0);
return 0;
}
开发者ID:btorch,项目名称:haproxy,代码行数:40,代码来源:compression.c
示例7: buffer_uncompress
void buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer)
{
char buf[4096];
int status;
incoming_stream.next_in = (unsigned char *) buffer_ptr(input_buffer);
incoming_stream.avail_in = buffer_len(input_buffer);
incoming_stream.next_out = (unsigned char *) buf;
incoming_stream.avail_out = sizeof(buf);
for (;;) {
status = inflate(&incoming_stream, Z_PARTIAL_FLUSH);
switch (status) {
case Z_OK:
buffer_append(output_buffer, buf, sizeof(buf) - incoming_stream.avail_out);
incoming_stream.next_out = (unsigned char *) buf;
incoming_stream.avail_out = sizeof(buf);
break;
case Z_STREAM_END:
fatal("buffer_uncompress: inflate returned Z_STREAM_END");
/*NOTREACHED*/ case Z_DATA_ERROR:
fatal("buffer_uncompress: inflate returned Z_DATA_ERROR");
/*NOTREACHED*/ case Z_STREAM_ERROR:
fatal("buffer_uncompress: inflate returned Z_STREAM_ERROR");
/*NOTREACHED*/ case Z_BUF_ERROR:
/* Comments in zlib.h say that we should keep calling inflate()
until we get an error. This appears to be the error that we
get. */
return;
case Z_MEM_ERROR:
fatal("buffer_uncompress: inflate returned Z_MEM_ERROR");
/*NOTREACHED*/ default:
fatal("buffer_uncompress: inflate returned %d", status);
}
}
}
开发者ID:long5313828,项目名称:ythtbbs,代码行数:37,代码来源:compress.c
示例8: input_userauth_banner
void
input_userauth_banner(int type, u_int32_t seq, void *ctxt)
{
char *msg, *lang;
debug3("input_userauth_banner");
msg = packet_get_utf8_string(NULL);
lang = packet_get_string(NULL);
/*
* Banner is a warning message according to RFC 4252. So, never print
* a banner in error log level or lower. If the log level is higher,
* use DisableBanner option to decide whether to display it or not.
*/
if (options.log_level > SYSLOG_LEVEL_ERROR) {
if (options.disable_banner == 0 ||
(options.disable_banner == SSH_NO_BANNER_IN_EXEC_MODE &&
buffer_len(&command) == 0)) {
msg = g11n_filter_string(msg);
(void) fprintf(stderr, "%s", msg);
}
}
xfree(msg);
xfree(lang);
}
开发者ID:AlfredArouna,项目名称:illumos-gate,代码行数:24,代码来源:sshconnect2.c
示例9: filter_proposal
/*
* Filters a proposal string, excluding any algorithm matching the 'filter'
* pattern list.
*/
static char *
filter_proposal(char *proposal, const char *filter)
{
Buffer b;
char *orig_prop, *fix_prop;
char *cp, *tmp;
buffer_init(&b);
tmp = orig_prop = xstrdup(proposal);
while ((cp = strsep(&tmp, ",")) != NULL) {
if (match_pattern_list(cp, filter, 0) != 1) {
if (buffer_len(&b) > 0)
buffer_append(&b, ",", 1);
buffer_append(&b, cp, strlen(cp));
} else
debug2("Compat: skipping algorithm \"%s\"", cp);
}
buffer_append(&b, "\0", 1);
fix_prop = xstrdup((char *)buffer_ptr(&b));
buffer_free(&b);
free(orig_prop);
return fix_prop;
}
开发者ID:1chenping,项目名称:ncrack,代码行数:28,代码来源:compat.c
示例10: drain_output
/*
* Wait until all buffered output has been sent to the client.
* This is used when the program terminates.
*/
static void
drain_output(void)
{
/* Send any buffered stdout data to the client. */
if (buffer_len(&stdout_buffer) > 0) {
packet_start(SSH_SMSG_STDOUT_DATA);
packet_put_string(buffer_ptr(&stdout_buffer),
buffer_len(&stdout_buffer));
packet_send();
/* Update the count of sent bytes. */
stdout_bytes += buffer_len(&stdout_buffer);
}
/* Send any buffered stderr data to the client. */
if (buffer_len(&stderr_buffer) > 0) {
packet_start(SSH_SMSG_STDERR_DATA);
packet_put_string(buffer_ptr(&stderr_buffer),
buffer_len(&stderr_buffer));
packet_send();
/* Update the count of sent bytes. */
stderr_bytes += buffer_len(&stderr_buffer);
}
/* Wait until all buffered data has been written to the client. */
packet_write_wait();
}
开发者ID:bsloane1650,项目名称:Openssh-snooper,代码行数:28,代码来源:serverloop.c
示例11: userauth_finish
void
userauth_finish(Authctxt *authctxt, int authenticated, const char *method,
const char *submethod)
{
char *methods;
int partial = 0;
if (!authctxt->valid && authenticated)
fatal("INTERNAL ERROR: authenticated invalid user %s",
authctxt->user);
if (authenticated && authctxt->postponed)
fatal("INTERNAL ERROR: authenticated and postponed");
/* Special handling for root */
if (authenticated && authctxt->pw->pw_uid == 0 &&
!auth_root_allowed(method)) {
authenticated = 0;
#ifdef SSH_AUDIT_EVENTS
PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED));
#endif
}
if (authenticated && options.num_auth_methods != 0) {
if (!auth2_update_methods_lists(authctxt, method, submethod)) {
authenticated = 0;
partial = 1;
}
}
/* Log before sending the reply */
auth_log(authctxt, authenticated, partial, method, submethod);
if (authctxt->postponed)
return;
#ifdef USE_PAM
if (options.use_pam && authenticated) {
if (!PRIVSEP(do_pam_account())) {
/* if PAM returned a message, send it to the user */
if (buffer_len(&loginmsg) > 0) {
buffer_append(&loginmsg, "\0", 1);
userauth_send_banner(buffer_ptr(&loginmsg));
packet_write_wait();
}
fatal("Access denied for user %s by PAM account "
"configuration", authctxt->user);
}
}
#endif
#ifdef _UNICOS
if (authenticated && cray_access_denied(authctxt->user)) {
authenticated = 0;
fatal("Access denied for user %s.", authctxt->user);
}
#endif /* _UNICOS */
if (authenticated == 1) {
/* turn off userauth */
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore);
packet_start(SSH2_MSG_USERAUTH_SUCCESS);
packet_send();
packet_write_wait();
/* now we can break out */
authctxt->success = 1;
} else {
/* Allow initial try of "none" auth without failure penalty */
if (!authctxt->server_caused_failure &&
(authctxt->attempt > 1 || strcmp(method, "none") != 0))
authctxt->failures++;
if (authctxt->failures >= options.max_authtries) {
#ifdef SSH_AUDIT_EVENTS
PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
#endif
packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
}
methods = authmethods_get(authctxt);
debug3("%s: failure partial=%d next methods=\"%s\"", __func__,
partial, methods);
packet_start(SSH2_MSG_USERAUTH_FAILURE);
packet_put_cstring(methods);
packet_put_char(partial);
packet_send();
packet_write_wait();
free(methods);
}
}
开发者ID:ele7enxxh,项目名称:dtrace-pf,代码行数:88,代码来源:auth2.c
示例12: generate_SSH2_keysign
BOOL generate_SSH2_keysign(Key *keypair, char **sigptr, int *siglen, char *data, int datalen)
{
buffer_t *msg = NULL;
char *s;
int ret;
msg = buffer_init();
if (msg == NULL) {
// TODO: error check
return FALSE;
}
switch (keypair->type) {
case KEY_RSA: // RSA
{
const EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
u_char digest[EVP_MAX_MD_SIZE], *sig;
u_int slen, dlen, len;
int ok, nid = NID_sha1;
// ダイジェスト値の計算
EVP_DigestInit(&md, evp_md);
EVP_DigestUpdate(&md, data, datalen);
EVP_DigestFinal(&md, digest, &dlen);
slen = RSA_size(keypair->rsa);
sig = malloc(slen);
if (sig == NULL)
goto error;
// 電子署名を計算
ok = RSA_sign(nid, digest, dlen, sig, &len, keypair->rsa);
memset(digest, 'd', sizeof(digest));
if (ok != 1) { // error
free(sig);
goto error;
}
// 署名のサイズがバッファより小さい場合、後ろへずらす。先頭はゼロで埋める。
if (len < slen) {
u_int diff = slen - len;
memmove(sig + diff, sig, len);
memset(sig, 0, diff);
} else if (len > slen) {
free(sig);
goto error;
} else {
// do nothing
}
s = get_sshname_from_key(keypair);
buffer_put_string(msg, s, strlen(s));
buffer_append_length(msg, sig, slen);
len = buffer_len(msg);
// setting
*siglen = len;
*sigptr = malloc(len);
if (*sigptr == NULL) {
free(sig);
goto error;
}
memcpy(*sigptr, buffer_ptr(msg), len);
free(sig);
break;
}
case KEY_DSA: // DSA
{
DSA_SIG *sig;
const EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
u_char digest[EVP_MAX_MD_SIZE], sigblob[SIGBLOB_LEN];
u_int rlen, slen, len, dlen;
// ダイジェストの計算
EVP_DigestInit(&md, evp_md);
EVP_DigestUpdate(&md, data, datalen);
EVP_DigestFinal(&md, digest, &dlen);
// DSA電子署名を計算
sig = DSA_do_sign(digest, dlen, keypair->dsa);
memset(digest, 'd', sizeof(digest));
if (sig == NULL) {
goto error;
}
// BIGNUMからバイナリ値への変換
rlen = BN_num_bytes(sig->r);
slen = BN_num_bytes(sig->s);
if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
DSA_SIG_free(sig);
goto error;
}
memset(sigblob, 0, SIGBLOB_LEN);
BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
//.........这里部分代码省略.........
开发者ID:pakls,项目名称:teraterm-ttssh2,代码行数:101,代码来源:key.c
示例13: ssh_rsa_sign
/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
int
ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
const u_char *data, u_int datalen)
{
const EVP_MD *evp_md;
EVP_MD_CTX md;
u_char digest[EVP_MAX_MD_SIZE], *sig;
u_int slen, dlen, len;
int ok, nid;
Buffer b;
if (key == NULL ||
(key->type != KEY_RSA && key->type != KEY_RSA_CERT) ||
key->rsa == NULL) {
error("ssh_rsa_sign: no RSA key");
return -1;
}
nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
error("ssh_rsa_sign: EVP_get_digestbynid %d failed", nid);
return -1;
}
EVP_DigestInit(&md, evp_md);
EVP_DigestUpdate(&md, data, datalen);
EVP_DigestFinal(&md, digest, &dlen);
slen = RSA_size(key->rsa);
sig = xmalloc(slen);
ok = RSA_sign(nid, digest, dlen, sig, &len, key->rsa);
memset(digest, 'd', sizeof(digest));
if (ok != 1) {
int ecode = ERR_get_error();
error("ssh_rsa_sign: RSA_sign failed: %s",
ERR_error_string(ecode, NULL));
xfree(sig);
return -1;
}
if (len < slen) {
u_int diff = slen - len;
debug("slen %u > len %u", slen, len);
memmove(sig + diff, sig, len);
memset(sig, 0, diff);
} else if (len > slen) {
error("ssh_rsa_sign: slen %u slen2 %u", slen, len);
xfree(sig);
return -1;
}
/* encode signature */
buffer_init(&b);
buffer_put_cstring(&b, "ssh-rsa");
buffer_put_string(&b, sig, slen);
len = buffer_len(&b);
if (lenp != NULL)
*lenp = len;
if (sigp != NULL) {
*sigp = xmalloc(len);
memcpy(*sigp, buffer_ptr(&b), len);
}
buffer_free(&b);
memset(sig, 's', slen);
xfree(sig);
return 0;
}
开发者ID:dagreatk,项目名称:OpenSSH-LPK,代码行数:68,代码来源:ssh-rsa.c
示例14: ssh_rsa_verify
int
ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
const u_char *data, u_int datalen)
{
Buffer b;
const EVP_MD *evp_md;
EVP_MD_CTX md;
char *ktype;
u_char digest[EVP_MAX_MD_SIZE], *sigblob;
u_int len, dlen, modlen;
int rlen, ret, nid;
if (key == NULL ||
(key->type != KEY_RSA && key->type != KEY_RSA_CERT) ||
key->rsa == NULL) {
error("ssh_rsa_verify: no RSA key");
return -1;
}
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
error("ssh_rsa_verify: RSA modulus too small: %d < minimum %d bits",
BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE);
return -1;
}
buffer_init(&b);
buffer_append(&b, signature, signaturelen);
ktype = buffer_get_string(&b, NULL);
if (strcmp("ssh-rsa", ktype) != 0) {
error("ssh_rsa_verify: cannot handle type %s", ktype);
buffer_free(&b);
xfree(ktype);
return -1;
}
xfree(ktype);
sigblob = buffer_get_string(&b, &len);
rlen = buffer_len(&b);
buffer_free(&b);
if (rlen != 0) {
error("ssh_rsa_verify: remaining bytes in signature %d", rlen);
xfree(sigblob);
return -1;
}
/* RSA_verify expects a signature of RSA_size */
modlen = RSA_size(key->rsa);
if (len > modlen) {
error("ssh_rsa_verify: len %u > modlen %u", len, modlen);
xfree(sigblob);
return -1;
} else if (len < modlen) {
u_int diff = modlen - len;
debug("ssh_rsa_verify: add padding: modlen %u > len %u",
modlen, len);
sigblob = xrealloc(sigblob, 1, modlen);
memmove(sigblob + diff, sigblob, len);
memset(sigblob, 0, diff);
len = modlen;
}
nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
xfree(sigblob);
return -1;
}
EVP_DigestInit(&md, evp_md);
EVP_DigestUpdate(&md, data, datalen);
EVP_DigestFinal(&md, digest, &dlen);
ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa);
memset(digest, 'd', sizeof(digest));
memset(sigblob, 's', len);
xfree(sigblob);
debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
return ret;
}
开发者ID:dagreatk,项目名称:OpenSSH-LPK,代码行数:73,代码来源:ssh-rsa.c
示例15: main
//.........这里部分代码省略.........
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
/* Initialize the command to execute on remote host. */
buffer_init(&command);
if (options.request_tty == REQUEST_TTY_YES ||
options.request_tty == REQUEST_TTY_FORCE)
tty_flag = 1;
/*
* Save the command to execute on the remote host in a buffer. There
* is no limit on the length of the command, except by the maximum
* packet size. Also sets the tty flag if there is no command.
*/
if (!ac) {
/* No command specified - execute shell on a tty. */
tty_flag = options.request_tty != REQUEST_TTY_NO;
if (subsystem_flag) {
fprintf(stderr,
"You must specify a subsystem to invoke.\n");
usage();
}
} else {
/* A command has been specified. Store it into the buffer. */
for (i = 0; i < ac; i++) {
if (i)
buffer_append(&command, " ", 1);
buffer_append(&command, av[i], strlen(av[i]));
}
}
/* Cannot fork to background if no command. */
if (fork_after_authentication_flag && buffer_len(&command) == 0 &&
!no_shell_flag)
fatal("Cannot fork into background without a command "
"to execute.");
/* Allocate a tty by default if no command specified. */
if (buffer_len(&command) == 0)
tty_flag = options.request_tty != REQUEST_TTY_NO;
/* Force no tty */
if (options.request_tty == REQUEST_TTY_NO || muxclient_command != 0)
tty_flag = 0;
/* Do not allocate a tty if stdin is not a tty. */
if ((!isatty(fileno(stdin)) || stdin_null_flag) &&
options.request_tty != REQUEST_TTY_FORCE) {
if (tty_flag)
logit("Pseudo-terminal will not be allocated because "
"stdin is not a terminal.");
tty_flag = 0;
}
/*
* Initialize "log" output. Since we are the client all output
* actually goes to stderr.
*/
log_init(argv0,
options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
SYSLOG_FACILITY_USER, !use_syslog);
/*
* Read per-user configuration file. Ignore the system wide config
* file if the user specifies a config file on the command line.
*/
开发者ID:msoulard,项目名称:openssh-server-passlog,代码行数:67,代码来源:ssh.c
示例16: kexdh_client
void
kexdh_client(Kex *kex)
{
BIGNUM *dh_server_pub = NULL, *shared_secret = NULL;
DH *dh;
Key *server_host_key;
u_char *server_host_key_blob = NULL, *signature = NULL;
u_char *kbuf, *hash;
u_int klen, slen, sbloblen, hashlen;
int kout;
/* generate and send 'e', client DH public key */
switch (kex->kex_type) {
case KEX_DH_GRP1_SHA1:
dh = dh_new_group1();
break;
case KEX_DH_GRP14_SHA1:
dh = dh_new_group14();
break;
default:
fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type);
}
dh_gen_key(dh, kex->we_need * 8);
packet_start(SSH2_MSG_KEXDH_INIT);
packet_put_bignum2(dh->pub_key);
packet_send();
debug("sending SSH2_MSG_KEXDH_INIT");
#ifdef DEBUG_KEXDH
DHparams_print_fp(stderr, dh);
fprintf(stderr, "pub= ");
BN_print_fp(stderr, dh->pub_key);
fprintf(stderr, "\n");
#endif
debug("expecting SSH2_MSG_KEXDH_REPLY");
packet_read_expect(SSH2_MSG_KEXDH_REPLY);
/* key, cert */
server_host_key_blob = packet_get_string(&sbloblen);
server_host_key = key_from_blob(server_host_key_blob, sbloblen);
if (server_host_key == NULL)
fatal("cannot decode server_host_key_blob");
if (server_host_key->type != kex->hostkey_type)
fatal("type mismatch for decoded server_host_key_blob");
if (kex->verify_host_key == NULL)
fatal("cannot verify server_host_key");
if (kex->verify_host_key(server_host_key) == -1)
fatal("server_host_key verification failed");
/* DH parameter f, server public DH key */
if ((dh_server_pub = BN_new()) == NULL)
fatal("dh_server_pub == NULL");
packet_get_bignum2(dh_server_pub);
#ifdef DEBUG_KEXDH
fprintf(stderr, "dh_server_pub= ");
BN_print_fp(stderr, dh_server_pub);
fprintf(stderr, "\n");
debug("bits %d", BN_num_bits(dh_server_pub));
#endif
/* signed H */
signature = packet_get_string(&slen);
packet_check_eom();
if (!dh_pub_is_valid(dh, dh_server_pub))
packet_disconnect("bad server public DH value");
klen = DH_size(dh);
kbuf = xmalloc(klen);
if ((kout = DH_compute_key(kbuf, dh_server_pub, dh)) < 0)
fatal("DH_compute_key: failed");
#ifdef DEBUG_KEXDH
dump_digest("shared secret", kbuf, kout);
#endif
if ((shared_secret = BN_new()) == NULL)
fatal("kexdh_client: BN_new failed");
if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
fatal("kexdh_client: BN_bin2bn failed");
memset(kbuf, 0, klen);
free(kbuf);
/* calc and verify H */
kex_dh_hash(
kex->client_version_string,
kex->server_version_string,
buffer_ptr(&kex->my), buffer_len(&kex->my),
buffer_ptr(&kex->peer), buffer_len(&kex->peer),
server_host_key_blob, sbloblen,
dh->pub_key,
dh_server_pub,
shared_secret,
&hash, &hashlen
);
free(server_host_key_blob);
BN_clear_free(dh_server_pub);
DH_free(dh);
if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1)
//.........这里部分代码省略.........
开发者ID:lbdroid,项目名称:openssh,代码行数:101,代码来源:kexdhc.c
示例17: mm_send_keystate
void
mm_send_keystate(struct monitor *monitor)
{
Buffer m, *input, *output;
u_char *blob, *p;
u_int bloblen, plen;
u_int32_t seqnr, packets;
u_int64_t blocks, bytes;
buffer_init(&m);
if (!compat20) {
u_char iv[24];
u_char *key;
u_int ivlen, keylen;
buffer_put_int(&m, packet_get_protocol_flags());
buffer_put_int(&m, packet_get_ssh1_cipher());
debug3("%s: Sending ssh1 KEY+IV", __func__);
keylen = packet_get_encryption_key(NULL);
key = xmalloc(keylen+1); /* add 1 if keylen == 0 */
keylen = packet_get_encryption_key(key);
buffer_put_string(&m, key, keylen);
memset(key, 0, keylen);
xfree(key);
ivlen = packet_get_keyiv_len(MODE_OUT);
packet_get_keyiv(MODE_OUT, iv, ivlen);
buffer_put_string(&m, iv, ivlen);
ivlen = packet_get_keyiv_len(MODE_OUT);
packet_get_keyiv(MODE_IN, iv, ivlen);
buffer_put_string(&m, iv, ivlen);
goto skip;
} else {
/* Kex for rekeying */
mm_send_kex(&m, *monitor->m_pkex);
}
debug3("%s: Sending new keys: %p %p",
__func__, packet_get_newkeys(MODE_OUT),
packet_get_newkeys(MODE_IN));
/* Keys from Kex */
if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen))
fatal("%s: conversion of newkeys failed", __func__);
buffer_put_string(&m, blob, bloblen);
xfree(blob);
if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen))
fatal("%s: conversion of newkeys failed", __func__);
buffer_put_string(&m, blob, bloblen);
xfree(blob);
packet_get_state(MODE_OUT, &seqnr, &blocks, &packets, &bytes);
buffer_put_int(&m, seqnr);
buffer_put_int64(&m, blocks);
buffer_put_int(&m, packets);
buffer_put_int64(&m, bytes);
packet_get_state(MODE_IN, &seqnr, &blocks, &packets, &bytes);
buffer_put_int(&m, seqnr);
buffer_put_int64(&m, blocks);
buffer_put_int(&m, packets);
buffer_put_int64(&m, bytes);
debug3("%s: New keys have been sent", __func__);
skip:
/* More key context */
plen = packet_get_keycontext(MODE_OUT, NULL);
p = xmalloc(plen+1);
packet_get_keycontext(MODE_OUT, p);
buffer_put_string(&m, p, plen);
xfree(p);
plen = packet_get_keycontext(MODE_IN, NULL);
p = xmalloc(plen+1);
packet_get_keycontext(MODE_IN, p);
buffer_put_string(&m, p, plen);
xfree(p);
/* Compression state */
debug3("%s: Sending compression state", __func__);
buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream));
buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream));
/* Network I/O buffers */
input = (Buffer *)packet_get_input();
output = (Buffer *)packet_get_output();
buffer_put_string(&m, buffer_ptr(input), buffer_len(input));
buffer_put_string(&m, buffer_ptr(output), buffer_len(output));
/* Roaming */
if (compat20) {
buffer_put_int64(&m, get_sent_bytes());
buffer_put_int64(&m, get_recv_bytes());
}
//.........这里部分代码省略.........
开发者ID:2dot4,项目名称:Psiphon3-for-Linux,代码行数:101,代码来源:monitor_wrap.c
示例18: userauth_pubkey
static int
userauth_pubkey(Authctxt *authctxt)
{
Buffer b;
Key *key = NULL;
char *pkalg;
u_char *pkblob, *sig;
u_int alen, blen, slen;
int have_sig, pktype;
int authenticated = 0;
if (!authctxt->valid) {
debug2("userauth_pubkey: disabled because of invalid user");
return 0;
}
have_sig = packet_get_char();
if (datafellows & SSH_BUG_PKAUTH) {
debug2("userauth_pubkey: SSH_BUG_PKAUTH");
/* no explicit pkalg given */
pkblob = packet_get_string(&blen);
buffer_init(&b);
buffer_append(&b, pkblob, blen);
/* so we have to extract the pkalg from the pkblob */
pkalg = buffer_get_string(&b, &alen);
buffer_free(&b);
} else {
pkalg = packet_get_string(&alen);
pkblob = packet_get_string(&blen);
}
pktype = key_type_from_name(pkalg);
if (pktype == KEY_UNSPEC) {
/* this is perfectly legal */
logit("userauth_pubkey: unsupported public key algorithm: %s",
pkalg);
goto done;
}
key = key_from_blob(pkblob, blen);
if (key == NULL) {
error("userauth_pubkey: cannot decode key: %s", pkalg);
goto done;
}
if (key->type != pktype) {
error("userauth_pubkey: type mismatch for decoded key "
"(received %d, expected %d)", key->type, pktype);
goto done;
}
if (have_sig) {
sig = packet_get_string(&slen);
packet_check_eom();
buffer_init(&b);
if (datafellows & SSH_OLD_SESSIONID) {
buffer_append(&b, session_id2, session_id2_len);
} else {
buffer_put_string(&b, session_id2, session_id2_len);
}
/* reconstruct packet */
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
buffer_put_cstring(&b, authctxt->user);
buffer_put_cstring(&b,
datafellows & SSH_BUG_PKSERVICE ?
"ssh-userauth" :
authctxt->service);
if (datafellows & SSH_BUG_PKAUTH) {
buffer_put_char(&b, have_sig);
} else {
buffer_put_cstring(&b, "publickey");
buffer_put_char(&b, have_sig);
buffer_put_cstring(&b, pkalg);
}
buffer_put_string(&b, pkblob, blen);
#ifdef DEBUG_PK
buffer_dump(&b);
#endif
/* test for correct signature */
authenticated = 0;
if (PRIVSEP(user_key_allowed(authctxt->pw, key)) &&
PRIVSEP(key_verify(key, sig, slen, buffer_ptr(&b),
buffer_len(&b))) == 1)
authenticated = 1;
buffer_free(&b);
xfree(sig);
} else {
debug("test whether pkalg/pkblob are acceptable");
packet_check_eom();
/* XXX fake reply and always send PK_OK ? */
/*
* XXX this allows testing whether a user is allowed
* to login: if you happen to have a valid pubkey this
* message is sent. the message is NEVER sent at all
* if a user is not allowed to login. is this an
* issue? -markus
*/
if (PRIVSEP(user_key_allowed(authctxt->pw, key))) {
packet_start(SSH2_MSG_USERAUTH_PK_OK);
packet_put_string(pkalg, alen);
packet_put_string(pkblob, blen);
packet_send();
packet_write_wait();
authctxt->postponed = 1;
//.........这里部分代码省略.........
开发者ID:epriestley,项目名称:sshd-vcs,代码行数:101,代码来源:auth2-pubkey.c
示例19: do_authloop
//.........这里部分代码省略.........
/*
* If we started challenge-response authentication but the
* next packet is not a response to our challenge, release
* the resources allocated by get_challenge() (which would
* normally have been released by verify_response() had we
* received such a response)
*/
if (prev == SSH_CMSG_AUTH_TIS &&
type != SSH_CMSG_AUTH_TIS_RESPONSE)
abandon_challenge_response(authctxt);
if (authctxt->failures >= options.max_authtries)
goto skip;
if ((meth = lookup_authmethod1(type)) == NULL) {
logit("Unknown message during authentication: "
"type %d", type);
goto skip;
}
if (!*(meth->enabled)) {
verbose("%s authentication disabled.", meth->name);
goto skip;
}
authenticated = meth->method(authctxt);
if (authenticated == -1)
continue; /* "postponed" */
#ifdef BSD_AUTH
if (authctxt->as) {
auth_close(authctxt->as);
authctxt->as = NULL;
}
#endif
if (!authctxt->valid && authenticated)
fatal("INTERNAL ERROR: authenticated invalid user %s",
authctxt->user);
#ifdef _UNICOS
if (authenticated && cray_access_denied(authctxt->user)) {
authenticated = 0;
fatal("Access denied for user %s.",authctxt->user);
}
#endif /* _UNICOS */
#ifndef HAVE_CYGWIN
/* Special handling for root */
if (authenticated && authctxt->pw->pw_uid == 0 &&
!auth_root_allowed(meth->name)) {
authenticated = 0;
# ifdef SSH_AUDIT_EVENTS
PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED));
# endif
}
#endif
#ifdef USE_PAM
if (options.use_pam && authenticated &&
!PRIVSEP(do_pam_account())) {
char *msg;
size_t len;
error("Access denied for user %s by PAM account "
"configuration", authctxt->user);
len = buffer_len(&loginmsg);
buffer_append(&loginmsg, "\0", 1);
msg = buffer_ptr(&loginmsg);
/* strip trailing newlines */
if (len > 0)
while (len > 0 && msg[--len] == '\n')
msg[len] = '\0';
else
msg = "Access denied.";
packet_disconnect("%s", msg);
}
#endif
skip:
/* Log before sending the reply */
auth_log(authctxt, authenticated, 0, get_authname(type), NULL);
free(client_user);
client_user = NULL;
if (authenticated)
return;
if (++authctxt->failures >= options.max_authtries) {
#ifdef SSH_AUDIT_EVENTS
PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES));
#endif
packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
}
packet_start(SSH_SMSG_FAILURE);
packet_send();
packet_write_wait();
}
}
开发者ID:CTSRD-SOAAP,项目名称:openssh,代码行数:101,代码来源:auth1.c
示例20: main
int
main(int ac, char **av)
{
fd_set *rset, *wset;
int in, out, max;
ssize_t len, olen, set_size;
/* XXX should use getopt */
__progname = get_progname(av[0]);
handle_init();
#ifdef DEBUG_SFTP_SERVER
log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
#endif
in = dup(STDIN_FILENO);
out = dup(STDOUT_FILENO);
#ifdef HAVE_CYGWIN
setmode(in, O_BINARY);
setmode(out, O_BINARY);
#endif
max = 0;
if (in > max)
max = in;
if (out > max)
max = out;
buffer_init(&iqueue);
buffer_init(&oqueue);
set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
rset = (fd_set *)xmalloc(set_size);
wset = (fd_set *)xmalloc(set_size);
for (;;) {
memset(rset, 0, set_size);
memset(wset, 0, set_size);
FD_SET(in, rset);
olen = buffer_len(&oqueue);
if (olen > 0)
FD_SET(out, wset);
if (select(max+1, rset, wset, NULL, NULL) < 0) {
if (errno == EINTR)
continue;
exit(2);
}
/* copy stdin to iqueue */
if (FD_ISSET(in, rset)) {
char buf[4*4096];
len = read(in, buf, sizeof buf);
if (len == 0) {
debug("read eof");
exit(0);
} else if (len < 0) {
error("read error");
exit(1);
} else {
buffer_append(&iqueue, buf, len);
}
}
/* send oqueue to stdout */
if (FD_ISSET(out, wset)) {
len = write(out, buffer_ptr(&oqueue), olen);
if (len < 0) {
error("write error");
exit(1);
} else {
buffer_consume(&oqueue, len);
}
}
/* process requests from client */
process();
}
}
开发者ID:chromium-googlesource-mirror,项目名称:sctp-refimpl,代码行数:80,代码来源:sftp-server.c
注:本文中的buffer_len函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论