lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-12-17 06:18:58 +03:00
Code Activity

Remove support for DSA Keys

Browse Source 
Solving issue #110. The original work is at !231
Some changes were needed because the newly added features in master through time

Signed-off-by: Mohammad Shehar Yaar Tausif <sheharyaar48@gmail.com>
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This commit is contained in:
Mohammad Shehar Yaar Tausif
2022-03-11 22:00:20 +05:30
committed by Jakub Jelen
parent 486df37a84
commit a3a13eb3a8
60 changed files with 80 additions and 2912 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
src/bind.c
View File

@@ -150,11 +150,10 @@ static int ssh_bind_import_keys(ssh_bind sshbind) {
int rc;
if (sshbind->ecdsakey == NULL &&
sshbind->dsakey == NULL &&
sshbind->rsakey == NULL &&
sshbind->ed25519key == NULL) {
ssh_set_error(sshbind, SSH_FATAL,
"ECDSA, ED25519, DSA, or RSA host key file must be set");
"ECDSA, ED25519, or RSA host key file must be set");
return SSH_ERROR;
}
@@ -181,30 +180,6 @@ static int ssh_bind_import_keys(ssh_bind sshbind) {
}
#endif
#ifdef HAVE_DSA
if (sshbind->dsa == NULL && sshbind->dsakey != NULL) {
rc = ssh_pki_import_privkey_file(sshbind->dsakey,
NULL,
NULL,
NULL,
&sshbind->dsa);
if (rc == SSH_ERROR || rc == SSH_EOF) {
ssh_set_error(sshbind, SSH_FATAL,
"Failed to import private DSA host key");
return SSH_ERROR;
}
if (ssh_key_type(sshbind->dsa) != SSH_KEYTYPE_DSS) {
ssh_set_error(sshbind, SSH_FATAL,
"The DSA host key has the wrong type: %d",
ssh_key_type(sshbind->dsa));
ssh_key_free(sshbind->dsa);
sshbind->dsa = NULL;
return SSH_ERROR;
}
}
#endif
if (sshbind->rsa == NULL && sshbind->rsakey != NULL) {
rc = ssh_pki_import_privkey_file(sshbind->rsakey,
NULL,
@@ -256,7 +231,6 @@ int ssh_bind_listen(ssh_bind sshbind) {
int rc;
if (sshbind->rsa == NULL &&
sshbind->dsa == NULL &&
sshbind->ecdsa == NULL &&
sshbind->ed25519 == NULL) {
rc = ssh_bind_import_keys(sshbind);
@@ -273,8 +247,6 @@ int ssh_bind_listen(ssh_bind sshbind) {
fd = bind_socket(sshbind, host, sshbind->bindport);
if (fd == SSH_INVALID_SOCKET) {
ssh_key_free(sshbind->dsa);
sshbind->dsa = NULL;
ssh_key_free(sshbind->rsa);
sshbind->rsa = NULL;
/* XXX should this clear also other structures that were allocated */
@@ -287,8 +259,6 @@ int ssh_bind_listen(ssh_bind sshbind) {
"Listening to socket %d: %s",
fd, ssh_strerror(errno, err_msg, SSH_ERRNO_MSG_MAX));
CLOSE_SOCKET(fd);
ssh_key_free(sshbind->dsa);
sshbind->dsa = NULL;
ssh_key_free(sshbind->rsa);
sshbind->rsa = NULL;
/* XXX should this clear also other structures that were allocated */
@@ -401,13 +371,10 @@ void ssh_bind_free(ssh_bind sshbind){
SAFE_FREE(sshbind->config_dir);
SAFE_FREE(sshbind->pubkey_accepted_key_types);
SAFE_FREE(sshbind->dsakey);
SAFE_FREE(sshbind->rsakey);
SAFE_FREE(sshbind->ecdsakey);
SAFE_FREE(sshbind->ed25519key);
ssh_key_free(sshbind->dsa);
sshbind->dsa = NULL;
ssh_key_free(sshbind->rsa);
sshbind->rsa = NULL;
ssh_key_free(sshbind->ecdsa);
@@ -531,7 +498,6 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd)
* only using ssh_bind_accept_fd to manage sockets ourselves.
*/
if (sshbind->rsa == NULL &&
sshbind->dsa == NULL &&
sshbind->ecdsa == NULL &&
sshbind->ed25519 == NULL) {
rc = ssh_bind_import_keys(sshbind);
@@ -548,15 +514,6 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd)
return SSH_ERROR;
}
}
#endif
#ifdef HAVE_DSA
if (sshbind->dsa) {
session->srv.dsa_key = ssh_key_dup(sshbind->dsa);
if (session->srv.dsa_key == NULL) {
ssh_set_error_oom(sshbind);
return SSH_ERROR;
}
}
#endif
if (sshbind->rsa) {
session->srv.rsa_key = ssh_key_dup(sshbind->rsa);