Subversion Repositories lsh

Compare Revisions

Regard whitespace Rev 79 → Rev 80

/trunk/debian/patches/blacklist.patch
17,6 → 17,36
liblsh_a_LIBADD = @LIBOBJS@
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -94,7 +94,8 @@ am_liblsh_a_OBJECTS = abstract_io.$(OBJE
tty.$(OBJEXT) unix_interact.$(OBJEXT) unix_process.$(OBJEXT) \
unix_random.$(OBJEXT) unix_user.$(OBJEXT) userauth.$(OBJEXT) \
werror.$(OBJEXT) write_buffer.$(OBJEXT) write_packet.$(OBJEXT) \
- xalloc.$(OBJEXT) xauth.$(OBJEXT) zlib.$(OBJEXT)
+ xalloc.$(OBJEXT) xauth.$(OBJEXT) zlib.$(OBJEXT) \
+ blacklist.$(OBJEXT)
liblsh_a_OBJECTS = $(am_liblsh_a_OBJECTS)
am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" \
"$(DESTDIR)$(bindir)"
@@ -554,7 +555,8 @@ liblsh_a_SOURCES = abstract_io.c abstrac
unix_interact.c unix_process.c unix_random.c unix_user.c \
userauth.c \
werror.c write_buffer.c write_packet.c \
- xalloc.c xauth.c zlib.c
+ xalloc.c xauth.c zlib.c \
+ blacklist.c
liblsh_a_LIBADD = @LIBOBJS@
@@ -793,6 +795,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/algorithms.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/alist.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/atoms.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blacklist.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel_commands.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel_forward.Po@am__quote@
--- a/src/abstract_crypto.h
+++ b/src/abstract_crypto.h
@@ -162,7 +162,9 @@ MAC_DIGEST((instance), lsh_string_alloc(
51,7 → 81,7
#endif /* !GABA_DEFINE */
--- /dev/null
+++ b/src/blacklist.c
@@ -0,0 +1,150 @@
@@ -0,0 +1,152 @@
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif
199,6 → 229,8
+ if (ret > 0) {
+ werror("Key is compromised: %z %i %fS\n", keytype, keysize,
+ lsh_string_colonize(lsh_hash, 2, 0));
+ } else if (ret < 0) {
+ verbose("No blacklist for key type %z size %i", keytype, keysize);
+ }
+ return ret;
+}
233,7 → 265,7
werror("Invalid dsa key.\n");
return NULL;
}
+ else if (blacklisted_key(v, type))
+ else if (blacklisted_key(v, type) > 0)
+ {
+ return NULL;
+ }
244,7 → 276,7
werror("Invalid rsa key.\n");
return NULL;
}
+ else if (blacklisted_key(v, type))
+ else if (blacklisted_key(v, type) > 0)
+ {
+ return NULL;
+ }
267,7 → 299,7
v = SIGNER_GET_VERIFIER(s);
assert(v);
+ if (blacklisted_key(v, algorithm_name)) {
+ if (blacklisted_key(v, algorithm_name) > 0) {
+ return NULL;
+ }