ref: 74f9483f1b08becb7bd690515ecd706752f06a3d
parent: c6ca07ad4e2124c2e072ad63b54da494ac799312
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sat Jun 3 21:25:47 EDT 2023
auth/factotum: make sure we got a private key in ssh client protocol when cycling thru the keys in rsaread for the ssh client protocol, we must only consider private keys. when selecting a public key, rsawrite() would later crash when calling rsadecrypt().
--- a/sys/src/cmd/auth/factotum/rsa.c
+++ b/sys/src/cmd/auth/factotum/rsa.c
@@ -138,16 +138,19 @@
default:
return phaseerror(fss, "read");
case CHavePub:
- if(s->key){
- closekey(s->key);
- s->key = nil;
- }
- mkkeyinfo(&ki, fss, nil);
- ki.skip = s->off;
- ki.noconf = 1;
- if(findkey(&s->key, &ki, nil) != RpcOk)
- return failure(fss, nil);
- s->off++;
+ do {
+ if(s->key){
+ closekey(s->key);
+ s->key = nil;
+ }
+ mkkeyinfo(&ki, fss, nil);
+ ki.skip = s->off;
+ ki.noconf = 1;
+ if(findkey(&s->key, &ki, nil) != RpcOk)
+ return failure(fss, nil);
+ s->off++;
+ /* need private key */
+ } while(s->key->privattr == nil);
priv = s->key->priv;
*n = snprint(va, *n, "%B %B", priv->pub.n, priv->pub.ek);
return RpcOk;