vishalmishra434 / rpms / openssh

Forked from rpms/openssh a month ago
Clone
Blob Blame History Raw
diff --git a/pam_ssh_agent_auth-0.9.3/iterate_ssh_agent_keys.c b/pam_ssh_agent_auth-0.9.3/iterate_ssh_agent_keys.c
index 9555e7e..c17aae6 100644
--- a/iterate_ssh_agent_keys.c	2015-05-27 14:09:13.591407306 +0200
+++ b/iterate_ssh_agent_keys.c	2015-05-27 14:10:33.216267826 +0200
@@ -37,6 +37,7 @@
 #include "buffer.h"
 #include "key.h"
 #include "authfd.h"
+#include "ssherr.h"
 #include "ssh.h"
 #include <stdio.h>
 #include <sys/types.h>
@@ -177,22 +177,28 @@ int
 find_authorized_keys(uid_t uid)
 {
     Identity *id;
-    Key *key;
     AuthenticationConnection *ac;
-    char *comment;
     uint8_t retval = 0;
+	struct ssh_identitylist *idlist;
+	int r, i;
 
     OpenSSL_add_all_digests();
     session_id2 = session_id2_gen();
 
     if ((ac = ssh_get_authentication_connection_for_uid(uid))) {
         verbose("Contacted ssh-agent of user %s (%u)", getpwuid(uid)->pw_name, uid);
-        for (key = ssh_get_first_identity(ac, &comment, 2); key != NULL; key = ssh_get_next_identity(ac, &comment, 2)) 
+		if ((r = ssh_fetch_identitylist(ac->fd, 2,
+		    &idlist)) != 0) {
+			if (r != SSH_ERR_AGENT_NO_IDENTITIES)
+				fprintf(stderr, "error fetching identities for "
+				    "protocol %d: %s\n", 2, ssh_err(r));
+		}
+		for (i = 0; i < idlist->nkeys; i++)
         {
-            if(key != NULL) {
+            if(idlist->keys[i] != NULL) {
                 id = xcalloc(1, sizeof(*id));
-                id->key = key;
-                id->filename = comment;
+                id->key = idlist->keys[i];
+                id->filename = idlist->comments[i];
                 id->ac = ac;
                 if(userauth_pubkey_from_id(id)) {
                     retval = 1;
@@ -204,7 +211,10 @@ find_authorized_keys(uid_t uid)
                     break;
             }
         }
+		ssh_free_identitylist(idlist);
+		ssh_close_authentication_socket(ac->fd);
+		buffer_free(&ac->identities);
+		free(ac);
-        ssh_close_authentication_connection(ac);
     }
     else {
         verbose("No ssh-agent could be contacted");
diff --git a/pam_ssh_agent_auth-0.9.3/identity.h b/pam_ssh_agent_auth-0.9.3/identity.h
index eb21320..c00da34 100644
--- a/pam_ssh_agent_auth-0.9.3/identity.h
+++ b/pam_ssh_agent_auth-0.9.3/identity.h
@@ -14,6 +14,12 @@
 typedef struct identity Identity;
 typedef struct idlist Idlist;
 
+typedef struct {
+       int     fd;
+       Buffer  identities;
+       int     howmany;
+}      AuthenticationConnection;
+
 struct identity {
     TAILQ_ENTRY(identity) next;
     AuthenticationConnection *ac;   /* set if agent supports key */
diff --git a/pam_ssh_agent_auth-0.9.3/userauth_pubkey_from_id.c b/pam_ssh_agent_auth-0.9.3/userauth_pubkey_from_id.c
index 323817a..93b928f 100644
--- a/pam_ssh_agent_auth-0.9.3/userauth_pubkey_from_id.c
+++ b/pam_ssh_agent_auth-0.9.3/userauth_pubkey_from_id.c
@@ -81,7 +81,7 @@ userauth_pubkey_from_id(Identity * id)
     buffer_put_cstring(&b, pkalg);
     buffer_put_string(&b, pkblob, blen);
 
-    if(ssh_agent_sign(id->ac, id->key, &sig, &slen, buffer_ptr(&b), buffer_len(&b)) != 0)
+    if(ssh_agent_sign(id->ac->fd, id->key, &sig, &slen, buffer_ptr(&b), buffer_len(&b), 1) != 0)
         goto user_auth_clean_exit;
 
     /* test for correct signature */