1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-03 04:22:47 -05:00

Move verify_ssh_manual_host_key into sshcommon.c

This is essentially trivial, because the only thing it needed from the
Ssh structure was the Conf. So the version in sshcommon.c just takes
an actual Conf as an argument, and now it doesn't need access to the
big structure definition any more.
This commit is contained in:
Simon Tatham
2018-09-24 14:15:32 +01:00
parent 43767fff04
commit 96622d17a3
3 changed files with 61 additions and 55 deletions

View File

@ -655,3 +655,58 @@ int ssh2_bpp_check_unimplemented(BinaryPacketProtocol *bpp, PktIn *pktin)
#undef BITMAP_UNIVERSAL
#undef BITMAP_CONDITIONAL
#undef SSH1_BITMAP_WORD
/* ----------------------------------------------------------------------
* Function to check a host key against any manually configured in Conf.
*/
int verify_ssh_manual_host_key(
Conf *conf, const char *fingerprint, ssh_key *key)
{
if (!conf_get_str_nthstrkey(conf, CONF_ssh_manual_hostkeys, 0))
return -1; /* no manual keys configured */
if (fingerprint) {
/*
* The fingerprint string we've been given will have things
* like 'ssh-rsa 2048' at the front of it. Strip those off and
* narrow down to just the colon-separated hex block at the
* end of the string.
*/
const char *p = strrchr(fingerprint, ' ');
fingerprint = p ? p+1 : fingerprint;
/* Quick sanity checks, including making sure it's in lowercase */
assert(strlen(fingerprint) == 16*3 - 1);
assert(fingerprint[2] == ':');
assert(fingerprint[strspn(fingerprint, "0123456789abcdef:")] == 0);
if (conf_get_str_str_opt(conf, CONF_ssh_manual_hostkeys, fingerprint))
return 1; /* success */
}
if (key) {
/*
* Construct the base64-encoded public key blob and see if
* that's listed.
*/
strbuf *binblob;
char *base64blob;
int atoms, i;
binblob = strbuf_new();
ssh_key_public_blob(key, BinarySink_UPCAST(binblob));
atoms = (binblob->len + 2) / 3;
base64blob = snewn(atoms * 4 + 1, char);
for (i = 0; i < atoms; i++)
base64_encode_atom(binblob->u + 3*i,
binblob->len - 3*i, base64blob + 4*i);
base64blob[atoms * 4] = '\0';
strbuf_free(binblob);
if (conf_get_str_str_opt(conf, CONF_ssh_manual_hostkeys, base64blob)) {
sfree(base64blob);
return 1; /* success */
}
sfree(base64blob);
}
return 0;
}