upstream: let sshkey_try_load_public() load public keys from the
unencrypted envelope of private key files if not sidecar public key file is present. ok markus@ OpenBSD-Commit-ID: 252a0a580e10b9a6311632530d63b5ac76592040
This commit is contained in:
parent
d01f39304e
commit
2b13d3934d
38
authfile.c
38
authfile.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: authfile.c,v 1.138 2020/04/08 00:09:24 djm Exp $ */
|
/* $OpenBSD: authfile.c,v 1.139 2020/04/08 00:10:37 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
|
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
|
||||||
*
|
*
|
||||||
|
@ -194,6 +194,38 @@ sshkey_load_private(const char *filename, const char *passphrase,
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Load a pubkey from the unencrypted envelope of a new-format private key */
|
||||||
|
static int
|
||||||
|
sshkey_load_pubkey_from_private(const char *filename, struct sshkey **pubkeyp)
|
||||||
|
{
|
||||||
|
struct sshbuf *buffer = NULL;
|
||||||
|
struct sshkey *pubkey = NULL;
|
||||||
|
int r, fd;
|
||||||
|
|
||||||
|
if (pubkeyp != NULL)
|
||||||
|
*pubkeyp = NULL;
|
||||||
|
|
||||||
|
if ((fd = open(filename, O_RDONLY)) == -1)
|
||||||
|
return SSH_ERR_SYSTEM_ERROR;
|
||||||
|
if ((r = sshbuf_load_fd(fd, &buffer)) != 0 ||
|
||||||
|
(r = sshkey_parse_pubkey_from_private_fileblob_type(buffer,
|
||||||
|
KEY_UNSPEC, &pubkey)) != 0)
|
||||||
|
goto out;
|
||||||
|
if ((r = sshkey_set_filename(pubkey, filename)) != 0)
|
||||||
|
goto out;
|
||||||
|
/* success */
|
||||||
|
if (pubkeyp != NULL) {
|
||||||
|
*pubkeyp = pubkey;
|
||||||
|
pubkey = NULL;
|
||||||
|
}
|
||||||
|
r = 0;
|
||||||
|
out:
|
||||||
|
close(fd);
|
||||||
|
sshbuf_free(buffer);
|
||||||
|
sshkey_free(pubkey);
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
sshkey_try_load_public(struct sshkey **kp, const char *filename,
|
sshkey_try_load_public(struct sshkey **kp, const char *filename,
|
||||||
char **commentp)
|
char **commentp)
|
||||||
|
@ -272,6 +304,10 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
|
||||||
if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0)
|
if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
|
/* finally, try to extract public key from private key file */
|
||||||
|
if ((r = sshkey_load_pubkey_from_private(filename, keyp)) == 0)
|
||||||
|
goto out;
|
||||||
|
|
||||||
out:
|
out:
|
||||||
free(pubfile);
|
free(pubfile);
|
||||||
return r;
|
return r;
|
||||||
|
|
Loading…
Reference in New Issue