commit 68177b7f3d78ede22807ce3038e8e08009f55f37
author Michal Vasko <mvasko@cesnet.cz> Mon Apr 27 15:46:53 2020 +0200
committer Michal Vasko <mvasko@cesnet.cz> Mon Apr 27 15:46:53 2020 +0200
tree 0f1e426e1c94fe1c969ad512c74099edf6c34bfe
parent 4df0561903163f53e5c6bcf8df656d3cd33e3913

server session CHANGE support for PKCS#8 keys

Refs #224

src/session_server.h

diff --git a/src/session_server.h b/src/session_server.h
index ca5ad56..7d9fb41 100644
--- a/src/session_server.h
+++ b/src/session_server.h
@@ -581,7 +581,8 @@
  *                        to be set. The one set will be freed.
  *                        - \p privkey_path expects a PEM file,
  *                        - \p privkey_data expects a base-64 encoded ANS.1 DER data,
- *                        - \p privkey_type type of the key in \p privkey_data.
+ *                        - \p privkey_type type of the key in \p privkey_data. Use ::NC_SSH_KEY_UNKNOWN for
+ *                          PKCS#8 key that includes the information about the key in its data.
  * @param[in] user_data Optional arbitrary user data that will be passed to \p hostkey_clb.
  * @param[in] free_user_data Optional callback that will be called during cleanup to free any \p user_data.
  */

src/session_server_ssh.c

diff --git a/src/session_server_ssh.c b/src/session_server_ssh.c
index 329c152..3069ae6 100644
--- a/src/session_server_ssh.c
+++ b/src/session_server_ssh.c
@@ -69,18 +69,30 @@
     }
 
     /* write the key into the file */
-    written = fwrite("-----BEGIN ", 1, 11, file);
-    written += fwrite(key_str, 1, strlen(key_str), file);
-    written += fwrite(" PRIVATE KEY-----\n", 1, 18, file);
-    written += fwrite(in, 1, strlen(in), file);
-    written += fwrite("\n-----END ", 1, 10, file);
-    written += fwrite(key_str, 1, strlen(key_str), file);
-    written += fwrite(" PRIVATE KEY-----", 1, 17, file);
+    if (key_str) {
+        written = fwrite("-----BEGIN ", 1, 11, file);
+        written += fwrite(key_str, 1, strlen(key_str), file);
+        written += fwrite(" PRIVATE KEY-----\n", 1, 18, file);
+        written += fwrite(in, 1, strlen(in), file);
+        written += fwrite("\n-----END ", 1, 10, file);
+        written += fwrite(key_str, 1, strlen(key_str), file);
+        written += fwrite(" PRIVATE KEY-----", 1, 17, file);
 
-    fclose(file);
-    if ((unsigned)written != 11 + strlen(key_str) + 18 + strlen(in) + 10 + strlen(key_str) + 17) {
-        unlink(path);
-        return NULL;
+        fclose(file);
+        if ((unsigned)written != 11 + strlen(key_str) + 18 + strlen(in) + 10 + strlen(key_str) + 17) {
+            unlink(path);
+            return NULL;
+        }
+    } else {
+        written = fwrite("-----BEGIN PRIVATE KEY-----\n", 1, 28, file);
+        written += fwrite(in, 1, strlen(in), file);
+        written += fwrite("\n-----END PRIVATE KEY-----", 1, 26, file);
+
+        fclose(file);
+        if ((unsigned)written != 28 + strlen(in) + 26) {
+            unlink(path);
+            return NULL;
+        }
     }
 
     return strdup(path);