exp/ssh: use ClientConfig.rand() for publickey authentication

Closes TODO from 5373055 R=agl CC=golang-dev https://golang.org/cl/5375081

exp/ssh: use ClientConfig.rand() for publickey authentication
Closes TODO from 5373055 R=agl CC=golang-dev https://golang.org/cl/5375081
59a92cde · Dave Cheney · Adam Langley · 3ee171d1 · 59a92cde
Commit 59a92cde authored Nov 14, 2011 by Dave Cheney Committed by Adam Langley Nov 14, 2011
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 8 deletions

client_auth.go src/pkg/exp/ssh/client_auth.go +6 -8

No files found.
--- a/src/pkg/exp/ssh/client_auth.go
+++ b/src/pkg/exp/ssh/client_auth.go
@@ -5,7 +5,6 @@
 package ssh
 import (
-	"crypto/rand"
 	"errors"
 	"io"
 )
@@ -28,7 +27,7 @@ func (c *ClientConn) authenticate(session []byte) error {
 	// then any untried methods suggested by the server. 
 	tried, remain := make(map[string]bool), make(map[string]bool)
 	for auth := ClientAuth(new(noneAuth)); auth != nil; {
-		ok, methods, err := auth.auth(session, c.config.User, c.transport)
+		ok, methods, err := auth.auth(session, c.config.User, c.transport, c.config.rand())
 		if err != nil {
 			return err
 		}
@@ -62,7 +61,7 @@ type ClientAuth interface {
 	// Returns true if authentication is successful.
 	// If authentication is not successful, a []string of alternative 
 	// method names is returned.
-	auth(session []byte, user string, t *transport) (bool, []string, error)
+	auth(session []byte, user string, t *transport, rand io.Reader) (bool, []string, error)
 	// method returns the RFC 4252 method name.
 	method() string
@@ -71,7 +70,7 @@ type ClientAuth interface {
 // "none" authentication, RFC 4252 section 5.2.
 type noneAuth int
-func (n *noneAuth) auth(session []byte, user string, t *transport) (bool, []string, error) {
+func (n *noneAuth) auth(session []byte, user string, t *transport, rand io.Reader) (bool, []string, error) {
 	if err := t.writePacket(marshal(msgUserAuthRequest, userAuthRequestMsg{
 		User:    user,
 		Service: serviceSSH,
@@ -104,7 +103,7 @@ type passwordAuth struct {
 	ClientPassword
 }
-func (p *passwordAuth) auth(session []byte, user string, t *transport) (bool, []string, error) {
+func (p *passwordAuth) auth(session []byte, user string, t *transport, rand io.Reader) (bool, []string, error) {
 	type passwordAuthMsg struct {
 		User     string
 		Service  string
@@ -174,7 +173,7 @@ type publickeyAuth struct {
 	ClientKeyring
 }
-func (p *publickeyAuth) auth(session []byte, user string, t *transport) (bool, []string, error) {
+func (p *publickeyAuth) auth(session []byte, user string, t *transport, rand io.Reader) (bool, []string, error) {
 	type publickeyAuthMsg struct {
 		User    string
 		Service string
@@ -241,8 +240,7 @@ func (p *publickeyAuth) auth(session []byte, user string, t *transport) (bool, [
 	for i, key := range validKeys {
 		pubkey := serializePublickey(key)
 		algoname := algoName(key)
-		// TODO(dfc) use random source from the ClientConfig
+		sign, err := p.Sign(i, rand, buildDataSignedForAuth(session, userAuthRequestMsg{
-		sign, err := p.Sign(i, rand.Reader, buildDataSignedForAuth(session, userAuthRequestMsg{
 			User:    user,
 			Service: serviceSSH,
 			Method:  p.method(),