mirror of
https://github.com/PowerShell/openssh-portable.git
synced 2025-07-26 23:34:55 +02:00
- markus@cvs.openbsd.org 2001/04/15 16:58:03
[authfile.c ssh-keygen.c sshd.c] don't use errno for key_{load,save}_private; discussion w/ solar@openwall
This commit is contained in:
parent
897741eeaa
commit
15f33866a6
@ -6,6 +6,9 @@
|
|||||||
- markus@cvs.openbsd.org 2001/04/15 08:43:47
|
- markus@cvs.openbsd.org 2001/04/15 08:43:47
|
||||||
[dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c]
|
[dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c]
|
||||||
some unused variable and typos; from tomh@po.crl.go.jp
|
some unused variable and typos; from tomh@po.crl.go.jp
|
||||||
|
- markus@cvs.openbsd.org 2001/04/15 16:58:03
|
||||||
|
[authfile.c ssh-keygen.c sshd.c]
|
||||||
|
don't use errno for key_{load,save}_private; discussion w/ solar@openwall
|
||||||
- (djm) Convert mandoc manpages to man automatically. Patch from Mark D.
|
- (djm) Convert mandoc manpages to man automatically. Patch from Mark D.
|
||||||
Roth <roth+openssh@feep.net>
|
Roth <roth+openssh@feep.net>
|
||||||
|
|
||||||
@ -5093,4 +5096,4 @@
|
|||||||
- Wrote replacements for strlcpy and mkdtemp
|
- Wrote replacements for strlcpy and mkdtemp
|
||||||
- Released 1.0pre1
|
- Released 1.0pre1
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.1119 2001/04/16 00:41:46 djm Exp $
|
$Id: ChangeLog,v 1.1120 2001/04/16 02:00:02 mouring Exp $
|
||||||
|
32
authfile.c
32
authfile.c
@ -36,7 +36,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: authfile.c,v 1.30 2001/03/26 23:12:42 markus Exp $");
|
RCSID("$OpenBSD: authfile.c,v 1.31 2001/04/15 16:58:03 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
@ -140,11 +140,13 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
|
|||||||
buffer_free(&buffer);
|
buffer_free(&buffer);
|
||||||
|
|
||||||
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
|
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
|
||||||
if (fd < 0)
|
if (fd < 0) {
|
||||||
|
error("open %s failed: %s.", filename, strerror(errno));
|
||||||
return 0;
|
return 0;
|
||||||
|
}
|
||||||
if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) !=
|
if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) !=
|
||||||
buffer_len(&encrypted)) {
|
buffer_len(&encrypted)) {
|
||||||
debug("Write to key file %.200s failed: %.100s", filename,
|
error("write to key file %s failed: %s", filename,
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
buffer_free(&encrypted);
|
buffer_free(&encrypted);
|
||||||
close(fd);
|
close(fd);
|
||||||
@ -169,18 +171,17 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase,
|
|||||||
EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL;
|
EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL;
|
||||||
|
|
||||||
if (len > 0 && len <= 4) {
|
if (len > 0 && len <= 4) {
|
||||||
error("passphrase too short: %d bytes", len);
|
error("passphrase too short: have %d bytes, need > 4", len);
|
||||||
errno = 0;
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
|
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
debug("open %s failed", filename);
|
error("open %s failed: %s.", filename, strerror(errno));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
fp = fdopen(fd, "w");
|
fp = fdopen(fd, "w");
|
||||||
if (fp == NULL ) {
|
if (fp == NULL ) {
|
||||||
debug("fdopen %s failed", filename);
|
error("fdopen %s failed: %s.", filename, strerror(errno));
|
||||||
close(fd);
|
close(fd);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -215,6 +216,7 @@ key_save_private(Key *key, const char *filename, const char *passphrase,
|
|||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
error("key_save_private: cannot save key type %d", key->type);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -248,7 +250,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp)
|
|||||||
|
|
||||||
/* Check that it is at least big enough to contain the ID string. */
|
/* Check that it is at least big enough to contain the ID string. */
|
||||||
if (len < sizeof(authfile_id_string)) {
|
if (len < sizeof(authfile_id_string)) {
|
||||||
debug3("Bad RSA1 key file %.200s.", filename);
|
debug3("No RSA1 key file %.200s.", filename);
|
||||||
buffer_free(&buffer);
|
buffer_free(&buffer);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -258,7 +260,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp)
|
|||||||
*/
|
*/
|
||||||
for (i = 0; i < sizeof(authfile_id_string); i++)
|
for (i = 0; i < sizeof(authfile_id_string); i++)
|
||||||
if (buffer_get_char(&buffer) != authfile_id_string[i]) {
|
if (buffer_get_char(&buffer) != authfile_id_string[i]) {
|
||||||
debug3("Bad RSA1 key file %.200s.", filename);
|
debug3("No RSA1 key file %.200s.", filename);
|
||||||
buffer_free(&buffer);
|
buffer_free(&buffer);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -334,7 +336,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase,
|
|||||||
|
|
||||||
/* Check that it is at least big enough to contain the ID string. */
|
/* Check that it is at least big enough to contain the ID string. */
|
||||||
if (len < sizeof(authfile_id_string)) {
|
if (len < sizeof(authfile_id_string)) {
|
||||||
debug3("Bad RSA1 key file %.200s.", filename);
|
debug3("No RSA1 key file %.200s.", filename);
|
||||||
buffer_free(&buffer);
|
buffer_free(&buffer);
|
||||||
close(fd);
|
close(fd);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -345,7 +347,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase,
|
|||||||
*/
|
*/
|
||||||
for (i = 0; i < sizeof(authfile_id_string); i++)
|
for (i = 0; i < sizeof(authfile_id_string); i++)
|
||||||
if (buffer_get_char(&buffer) != authfile_id_string[i]) {
|
if (buffer_get_char(&buffer) != authfile_id_string[i]) {
|
||||||
debug3("Bad RSA1 key file %.200s.", filename);
|
debug3("No RSA1 key file %.200s.", filename);
|
||||||
buffer_free(&buffer);
|
buffer_free(&buffer);
|
||||||
close(fd);
|
close(fd);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -439,13 +441,13 @@ key_load_private_pem(int fd, int type, const char *passphrase,
|
|||||||
|
|
||||||
fp = fdopen(fd, "r");
|
fp = fdopen(fd, "r");
|
||||||
if (fp == NULL) {
|
if (fp == NULL) {
|
||||||
error("fdopen failed");
|
error("fdopen failed: %s", strerror(errno));
|
||||||
close(fd);
|
close(fd);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase);
|
pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase);
|
||||||
if (pk == NULL) {
|
if (pk == NULL) {
|
||||||
debug("PEM_read_PrivateKey failed");
|
error("PEM_read_PrivateKey failed");
|
||||||
(void)ERR_get_error();
|
(void)ERR_get_error();
|
||||||
} else if (pk->type == EVP_PKEY_RSA &&
|
} else if (pk->type == EVP_PKEY_RSA &&
|
||||||
(type == KEY_UNSPEC||type==KEY_RSA)) {
|
(type == KEY_UNSPEC||type==KEY_RSA)) {
|
||||||
@ -514,7 +516,7 @@ key_load_private_type(int type, const char *filename, const char *passphrase,
|
|||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (!key_perm_ok(fd, filename)) {
|
if (!key_perm_ok(fd, filename)) {
|
||||||
debug("bad permissions: ignore key: %s", filename);
|
error("bad permissions: ignore key: %s", filename);
|
||||||
close(fd);
|
close(fd);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -548,7 +550,7 @@ key_load_private(const char *filename, const char *passphrase,
|
|||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return NULL;
|
return NULL;
|
||||||
if (!key_perm_ok(fd, filename)) {
|
if (!key_perm_ok(fd, filename)) {
|
||||||
debug("bad permissions: ignore key: %s", filename);
|
error("bad permissions: ignore key: %s", filename);
|
||||||
close(fd);
|
close(fd);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
11
ssh-keygen.c
11
ssh-keygen.c
@ -12,7 +12,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: ssh-keygen.c,v 1.55 2001/04/05 10:42:54 markus Exp $");
|
RCSID("$OpenBSD: ssh-keygen.c,v 1.56 2001/04/15 16:58:03 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/pem.h>
|
#include <openssl/pem.h>
|
||||||
@ -512,8 +512,7 @@ do_change_passphrase(struct passwd *pw)
|
|||||||
|
|
||||||
/* Save the file using the new passphrase. */
|
/* Save the file using the new passphrase. */
|
||||||
if (!key_save_private(private, identity_file, passphrase1, comment)) {
|
if (!key_save_private(private, identity_file, passphrase1, comment)) {
|
||||||
printf("Saving the key failed: %s: %s.\n",
|
printf("Saving the key failed: %s.\n", identity_file);
|
||||||
identity_file, strerror(errno));
|
|
||||||
memset(passphrase1, 0, strlen(passphrase1));
|
memset(passphrase1, 0, strlen(passphrase1));
|
||||||
xfree(passphrase1);
|
xfree(passphrase1);
|
||||||
key_free(private);
|
key_free(private);
|
||||||
@ -591,8 +590,7 @@ do_change_comment(struct passwd *pw)
|
|||||||
|
|
||||||
/* Save the file using the new passphrase. */
|
/* Save the file using the new passphrase. */
|
||||||
if (!key_save_private(private, identity_file, passphrase, new_comment)) {
|
if (!key_save_private(private, identity_file, passphrase, new_comment)) {
|
||||||
printf("Saving the key failed: %s: %s.\n",
|
printf("Saving the key failed: %s.\n", identity_file);
|
||||||
identity_file, strerror(errno));
|
|
||||||
memset(passphrase, 0, strlen(passphrase));
|
memset(passphrase, 0, strlen(passphrase));
|
||||||
xfree(passphrase);
|
xfree(passphrase);
|
||||||
key_free(private);
|
key_free(private);
|
||||||
@ -838,8 +836,7 @@ passphrase_again:
|
|||||||
|
|
||||||
/* Save the key with the given passphrase and comment. */
|
/* Save the key with the given passphrase and comment. */
|
||||||
if (!key_save_private(private, identity_file, passphrase1, comment)) {
|
if (!key_save_private(private, identity_file, passphrase1, comment)) {
|
||||||
printf("Saving the key failed: %s: %s.\n",
|
printf("Saving the key failed: %s.\n", identity_file);
|
||||||
identity_file, strerror(errno));
|
|
||||||
memset(passphrase1, 0, strlen(passphrase1));
|
memset(passphrase1, 0, strlen(passphrase1));
|
||||||
xfree(passphrase1);
|
xfree(passphrase1);
|
||||||
exit(1);
|
exit(1);
|
||||||
|
6
sshd.c
6
sshd.c
@ -40,7 +40,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshd.c,v 1.194 2001/04/15 08:43:47 markus Exp $");
|
RCSID("$OpenBSD: sshd.c,v 1.195 2001/04/15 16:58:03 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/dh.h>
|
#include <openssl/dh.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
@ -700,8 +700,8 @@ main(int ac, char **av)
|
|||||||
key = key_load_private(options.host_key_files[i], "", NULL);
|
key = key_load_private(options.host_key_files[i], "", NULL);
|
||||||
sensitive_data.host_keys[i] = key;
|
sensitive_data.host_keys[i] = key;
|
||||||
if (key == NULL) {
|
if (key == NULL) {
|
||||||
error("Could not load host key: %.200s: %.100s",
|
error("Could not load host key: %s",
|
||||||
options.host_key_files[i], strerror(errno));
|
options.host_key_files[i]);
|
||||||
sensitive_data.host_keys[i] = NULL;
|
sensitive_data.host_keys[i] = NULL;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user