summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--ssh-dss.c57
-rw-r--r--ssh-rsa.c3
3 files changed, 18 insertions, 47 deletions
diff --git a/ChangeLog b/ChangeLog
index 8dbaacb56..88bf1105e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -56,6 +56,9 @@
- markus@cvs.openbsd.org 2001/06/05 16:46:19
[session.c]
let session_close() delete the pty. deny x11fwd if xauthfile is set.
+ - markus@cvs.openbsd.org 2001/06/06 23:13:54
+ [ssh-dss.c ssh-rsa.c]
+ cleanup, remove old code
20010606
- OpenBSD CVS Sync
@@ -5567,4 +5570,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1263 2001/06/09 01:34:15 mouring Exp $
+$Id: ChangeLog,v 1.1264 2001/06/09 01:36:21 mouring Exp $
diff --git a/ssh-dss.c b/ssh-dss.c
index adc8f983e..5cf007667 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.7 2001/06/06 23:13:54 markus Exp $");
#include <openssl/bn.h>
#include <openssl/evp.h>
@@ -45,15 +45,11 @@ ssh_dss_sign(
u_char **sigp, int *lenp,
u_char *data, int datalen)
{
- u_char *digest;
- u_char *ret;
DSA_SIG *sig;
EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
- u_int rlen;
- u_int slen;
- u_int len, dlen;
- u_char sigblob[SIGBLOB_LEN];
+ u_char *digest, *ret, sigblob[SIGBLOB_LEN];
+ u_int rlen, slen, len, dlen;
Buffer b;
if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
@@ -67,11 +63,13 @@ ssh_dss_sign(
EVP_DigestFinal(&md, digest, NULL);
sig = DSA_do_sign(digest, dlen, key->dsa);
- if (sig == NULL) {
- fatal("ssh_dss_sign: cannot sign");
- }
+
memset(digest, 0, dlen);
xfree(digest);
+ if (sig == NULL) {
+ error("ssh_dss_sign: sign failed");
+ return -1;
+ }
rlen = BN_num_bytes(sig->r);
slen = BN_num_bytes(sig->s);
@@ -80,15 +78,12 @@ ssh_dss_sign(
DSA_SIG_free(sig);
return -1;
}
- debug("sig size %d %d", rlen, slen);
-
memset(sigblob, 0, SIGBLOB_LEN);
BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
DSA_SIG_free(sig);
if (datafellows & SSH_BUG_SIGBLOB) {
- debug("datafellows");
ret = xmalloc(SIGBLOB_LEN);
memcpy(ret, sigblob, SIGBLOB_LEN);
if (lenp != NULL)
@@ -117,34 +112,19 @@ ssh_dss_verify(
u_char *signature, int signaturelen,
u_char *data, int datalen)
{
- Buffer b;
- u_char *digest;
DSA_SIG *sig;
EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
- u_char *sigblob;
- char *txt;
+ u_char *digest, *sigblob;
u_int len, dlen;
- int rlen;
- int ret;
+ int rlen, ret;
+ Buffer b;
if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
error("ssh_dss_verify: no DSA key");
return -1;
}
- if (!(datafellows & SSH_BUG_SIGBLOB) &&
- signaturelen == SIGBLOB_LEN) {
- datafellows |= ~SSH_BUG_SIGBLOB;
- log("autodetect SSH_BUG_SIGBLOB");
- } else if ((datafellows & SSH_BUG_SIGBLOB) &&
- signaturelen != SIGBLOB_LEN) {
- log("autoremove SSH_BUG_SIGBLOB");
- datafellows &= ~SSH_BUG_SIGBLOB;
- }
-
- debug("len %d datafellows %d", signaturelen, datafellows);
-
/* fetch signature */
if (datafellows & SSH_BUG_SIGBLOB) {
sigblob = signature;
@@ -200,18 +180,7 @@ ssh_dss_verify(
xfree(digest);
DSA_SIG_free(sig);
- switch (ret) {
- case 1:
- txt = "correct";
- break;
- case 0:
- txt = "incorrect";
- break;
- case -1:
- default:
- txt = "error";
- break;
- }
- debug("ssh_dss_verify: signature %s", txt);
+ debug("ssh_dss_verify: signature %s",
+ ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
return ret;
}
diff --git a/ssh-rsa.c b/ssh-rsa.c
index b502ddb6e..a4ab3c516 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.8 2001/03/27 10:57:00 markus Exp $");
+RCSID("$OpenBSD: ssh-rsa.c,v 1.9 2001/06/06 23:13:54 markus Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@@ -103,7 +103,6 @@ ssh_rsa_sign(
*lenp = len;
if (sigp != NULL)
*sigp = ret;
- debug2("ssh_rsa_sign: done");
return 0;
}