This month's Index
Subject: Bug in sign_fromfile (userauth.c)
Bug in sign_fromfile (userauth.c)
From: Graham Bradshaw <Graham.Bradshaw_at_serverassist.com>
Date: Sun, 20 Oct 2013 15:28:00 +0000
There might be a bug in userauth.c, in sign_fromfile. privkeyobj->dtor is called to clean up, but the first time it is called (if privkeyobj->signv returns non-zero), it passes abstract in. The other time it passes in hostkey_abstract, which seems sensible. abstract is passed in and points to a pointer to a privkey_file structure which is declared on the stack in userauth_publickey_fromfile, so freeing it looks wrong.
I'm actually trying to find out how to authenticate using a private key, but one that I already have in memory. I realise I can simply write it out to a temporary file and use that temporary file in a call to userauth_publickey_fromfile, but I'd like to avoid having the private key on disk at all if possible.
I've looked at http://libssh2.org/libssh2_userauth_publickey.html, but the information on what's needed for the callback function isn't complete. Are there any other examples anywhere, or can someone point me in the right direction?