summaryrefslogtreecommitdiff
path: root/agent
diff options
context:
space:
mode:
authorDongHun Kwak <dh0128.kwak@samsung.com>2021-02-09 16:00:35 +0900
committerDongHun Kwak <dh0128.kwak@samsung.com>2021-02-09 16:00:35 +0900
commite761a9d6e4f22fb519b7fd34e1978caf44c0872e (patch)
treea2a30c3097bb53eee4835a45b74d780940c636f8 /agent
parent7a22f5e8cd3e5a40c2a3a8e87a95bd98a64e7cb2 (diff)
downloadgpg2-e761a9d6e4f22fb519b7fd34e1978caf44c0872e.tar.gz
gpg2-e761a9d6e4f22fb519b7fd34e1978caf44c0872e.tar.bz2
gpg2-e761a9d6e4f22fb519b7fd34e1978caf44c0872e.zip
Imported Upstream version 2.2.7upstream/2.2.7
Diffstat (limited to 'agent')
-rw-r--r--agent/command-ssh.c55
-rw-r--r--agent/command.c18
2 files changed, 54 insertions, 19 deletions
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index d1158e7..20dc3fe 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -27,8 +27,10 @@
RFC-4253 - Transport Layer Protocol
RFC-5656 - ECC support
- The protocol for the agent is defined in OpenSSH's PROTOCL.agent
- file.
+ The protocol for the agent is defined in:
+
+ https://tools.ietf.org/html/draft-miller-ssh-agent
+
*/
#include <config.h>
@@ -2862,7 +2864,6 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response)
unsigned char *sig = NULL;
size_t sig_n;
u32 data_size;
- u32 flags;
gpg_error_t err;
gpg_error_t ret_err;
int hash_algo;
@@ -2882,23 +2883,39 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response)
if (err)
goto out;
- err = stream_read_uint32 (request, &flags);
- if (err)
- goto out;
+ /* Flag processing. */
+ {
+ u32 flags;
- if (spec.algo == GCRY_PK_RSA)
- {
- if ((flags & SSH_AGENT_RSA_SHA2_256))
- {
- spec.ssh_identifier = "rsa-sha2-256";
- spec.hash_algo = GCRY_MD_SHA256;
- }
- else if ((flags & SSH_AGENT_RSA_SHA2_512))
- {
- spec.ssh_identifier = "rsa-sha2-512";
- spec.hash_algo = GCRY_MD_SHA512;
- }
- }
+ err = stream_read_uint32 (request, &flags);
+ if (err)
+ goto out;
+
+ if (spec.algo == GCRY_PK_RSA)
+ {
+ if ((flags & SSH_AGENT_RSA_SHA2_512))
+ {
+ flags &= ~SSH_AGENT_RSA_SHA2_512;
+ spec.ssh_identifier = "rsa-sha2-512";
+ spec.hash_algo = GCRY_MD_SHA512;
+ }
+ if ((flags & SSH_AGENT_RSA_SHA2_256))
+ {
+ /* Note: We prefer SHA256 over SHA512. */
+ flags &= ~SSH_AGENT_RSA_SHA2_256;
+ spec.ssh_identifier = "rsa-sha2-256";
+ spec.hash_algo = GCRY_MD_SHA256;
+ }
+ }
+
+ /* Some flag is present that we do not know about. Note that
+ * processed or known flags have been cleared at this point. */
+ if (flags)
+ {
+ err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
+ goto out;
+ }
+ }
hash_algo = spec.hash_algo;
if (!hash_algo)
diff --git a/agent/command.c b/agent/command.c
index f2d0389..20abb28 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -2825,6 +2825,7 @@ static const char hlp_getinfo[] =
" std_env_names - List the names of the standard environment.\n"
" std_session_env - List the standard session environment.\n"
" std_startup_env - List the standard startup environment.\n"
+ " getenv NAME - Return value of envvar NAME.\n"
" connections - Return number of active connections.\n"
" jent_active - Returns OK if Libgcrypt's JENT is active.\n"
" restricted - Returns OK if the connection is in restricted mode.\n"
@@ -2961,6 +2962,23 @@ cmd_getinfo (assuan_context_t ctx, char *line)
}
}
}
+ else if (!strncmp (line, "getenv", 6)
+ && (line[6] == ' ' || line[6] == '\t' || !line[6]))
+ {
+ line += 6;
+ while (*line == ' ' || *line == '\t')
+ line++;
+ if (!*line)
+ rc = gpg_error (GPG_ERR_MISSING_VALUE);
+ else
+ {
+ const char *s = getenv (line);
+ if (!s)
+ rc = set_error (GPG_ERR_NOT_FOUND, "No such envvar");
+ else
+ rc = assuan_send_data (ctx, s, strlen (s));
+ }
+ }
else if (!strcmp (line, "connections"))
{
char numbuf[20];
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 22:29:21 +0000