upstream commit
don't ignore PKCS#11 hosted keys that return empty CKA_ID; patch by Jakub Jelen via bz#2429; ok markus Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485
This commit is contained in:
parent
b15fd989c8
commit
63ebcd0005
20
ssh-pkcs11.c
20
ssh-pkcs11.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ssh-pkcs11.c,v 1.20 2015/07/18 08:00:21 djm Exp $ */
|
||||
/* $OpenBSD: ssh-pkcs11.c,v 1.21 2015/07/18 08:02:17 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2010 Markus Friedl. All rights reserved.
|
||||
*
|
||||
|
@ -481,15 +481,23 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx,
|
|||
error("C_GetAttributeValue failed: %lu", rv);
|
||||
continue;
|
||||
}
|
||||
/* check that none of the attributes are zero length */
|
||||
if (attribs[0].ulValueLen == 0 ||
|
||||
attribs[1].ulValueLen == 0 ||
|
||||
/*
|
||||
* Allow CKA_ID (always first attribute) to be empty, but
|
||||
* ensure that none of the others are zero length.
|
||||
* XXX assumes CKA_ID is always first.
|
||||
*/
|
||||
if (attribs[1].ulValueLen == 0 ||
|
||||
attribs[2].ulValueLen == 0) {
|
||||
continue;
|
||||
}
|
||||
/* allocate buffers for attributes */
|
||||
for (i = 0; i < 3; i++)
|
||||
attribs[i].pValue = xmalloc(attribs[i].ulValueLen);
|
||||
for (i = 0; i < 3; i++) {
|
||||
if (attribs[i].ulValueLen > 0) {
|
||||
attribs[i].pValue = xmalloc(
|
||||
attribs[i].ulValueLen);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* retrieve ID, modulus and public exponent of RSA key,
|
||||
* or ID, subject and value for certificates.
|
||||
|
|
Loading…
Reference in New Issue