OLD | NEW |
1 // Copyright 2011 The Go Authors. All rights reserved. | 1 // Copyright 2011 The Go Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style | 2 // Use of this source code is governed by a BSD-style |
3 // license that can be found in the LICENSE file. | 3 // license that can be found in the LICENSE file. |
4 | 4 |
5 package ssh | 5 package ssh |
6 | 6 |
7 import ( | 7 import ( |
8 "bytes" | 8 "bytes" |
9 "crypto/rand" | 9 "crypto/rand" |
10 "encoding/binary" | 10 "encoding/binary" |
(...skipping 402 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
413 } | 413 } |
414 // Ensure the public key algo and signature algo | 414 // Ensure the public key algo and signature algo |
415 // are supported. Compare the private key | 415 // are supported. Compare the private key |
416 // algorithm name that corresponds to algo with | 416 // algorithm name that corresponds to algo with |
417 // sig.Format. This is usually the same, but | 417 // sig.Format. This is usually the same, but |
418 // for certs, the names differ. | 418 // for certs, the names differ. |
419 if !isAcceptableAlgo(algo) || !isAcceptableAlgo(
sig.Format) || pubAlgoToPrivAlgo(algo) != sig.Format { | 419 if !isAcceptableAlgo(algo) || !isAcceptableAlgo(
sig.Format) || pubAlgoToPrivAlgo(algo) != sig.Format { |
420 break | 420 break |
421 } | 421 } |
422 signedData := buildDataSignedForAuth(H, userAuth
Req, algoBytes, pubKey) | 422 signedData := buildDataSignedForAuth(H, userAuth
Req, algoBytes, pubKey) |
423 » » » » key, _, ok := parsePubKey(pubKey) | 423 » » » » key, _, ok := ParsePublicKey(pubKey) |
424 if !ok { | 424 if !ok { |
425 return ParseError{msgUserAuthRequest} | 425 return ParseError{msgUserAuthRequest} |
426 } | 426 } |
427 | 427 |
428 if !key.Verify(signedData, sig.Blob) { | 428 if !key.Verify(signedData, sig.Blob) { |
429 return ParseError{msgUserAuthRequest} | 429 return ParseError{msgUserAuthRequest} |
430 } | 430 } |
431 // TODO(jmpittman): Implement full validation fo
r certificates. | 431 // TODO(jmpittman): Implement full validation fo
r certificates. |
432 s.User = userAuthReq.User | 432 s.User = userAuthReq.User |
433 if s.testPubKey(userAuthReq.User, algo, pubKey)
{ | 433 if s.testPubKey(userAuthReq.User, algo, pubKey)
{ |
(...skipping 259 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
693 func Listen(network, addr string, config *ServerConfig) (*Listener, error) { | 693 func Listen(network, addr string, config *ServerConfig) (*Listener, error) { |
694 l, err := net.Listen(network, addr) | 694 l, err := net.Listen(network, addr) |
695 if err != nil { | 695 if err != nil { |
696 return nil, err | 696 return nil, err |
697 } | 697 } |
698 return &Listener{ | 698 return &Listener{ |
699 l, | 699 l, |
700 config, | 700 config, |
701 }, nil | 701 }, nil |
702 } | 702 } |
OLD | NEW |