- deraadt@cvs.openbsd.org 2001/02/21 09:05:54
[authfile.c]
improve fd handling
This commit is contained in:
Ben Lindstrom
parent
b0a4cd8f91
commit
b257cca769
|
|
@ -7,6 +7,9 @@
|
||||||
- deraadt@cvs.openbsd.org 2001/02/21 07:37:04
|
- deraadt@cvs.openbsd.org 2001/02/21 07:37:04
|
||||||
[ssh-keyscan.c]
|
[ssh-keyscan.c]
|
||||||
inline -> __inline__, and some indent
|
inline -> __inline__, and some indent
|
||||||
|
- deraadt@cvs.openbsd.org 2001/02/21 09:05:54
|
||||||
|
[authfile.c]
|
||||||
|
improve fd handling
|
||||||
|
|
||||||
20010304
|
20010304
|
||||||
- (bal) Remove make-ssh-known-hosts.1 since it's no longer valid.
|
- (bal) Remove make-ssh-known-hosts.1 since it's no longer valid.
|
||||||
|
|
@ -4199,4 +4202,4 @@
|
||||||
- Wrote replacements for strlcpy and mkdtemp
|
- Wrote replacements for strlcpy and mkdtemp
|
||||||
- Released 1.0pre1
|
- Released 1.0pre1
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.853 2001/03/05 04:54:49 mouring Exp $
|
$Id: ChangeLog,v 1.854 2001/03/05 04:59:27 mouring Exp $
|
||||||
|
|
|
||||||
21
authfile.c
21
authfile.c
|
|
@ -36,7 +36,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: authfile.c,v 1.27 2001/02/08 19:30:51 itojun Exp $");
|
RCSID("$OpenBSD: authfile.c,v 1.28 2001/02/21 09:05:54 deraadt Exp $");
|
||||||
|
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
|
@ -336,12 +336,12 @@ load_private_key_rsa1(int fd, const char *filename,
|
||||||
close(fd);
|
close(fd);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
close(fd);
|
|
||||||
|
|
||||||
/* Check that it is at least big enough to contain the ID string. */
|
/* Check that it is at least big enough to contain the ID string. */
|
||||||
if (len < sizeof(authfile_id_string)) {
|
if (len < sizeof(authfile_id_string)) {
|
||||||
debug3("Bad RSA1 key file %.200s.", filename);
|
debug3("Bad RSA1 key file %.200s.", filename);
|
||||||
buffer_free(&buffer);
|
buffer_free(&buffer);
|
||||||
|
close(fd);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
|
|
@ -352,8 +352,10 @@ load_private_key_rsa1(int fd, const char *filename,
|
||||||
if (buffer_get_char(&buffer) != authfile_id_string[i]) {
|
if (buffer_get_char(&buffer) != authfile_id_string[i]) {
|
||||||
debug3("Bad RSA1 key file %.200s.", filename);
|
debug3("Bad RSA1 key file %.200s.", filename);
|
||||||
buffer_free(&buffer);
|
buffer_free(&buffer);
|
||||||
|
close(fd);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Read cipher type. */
|
/* Read cipher type. */
|
||||||
cipher_type = buffer_get_char(&buffer);
|
cipher_type = buffer_get_char(&buffer);
|
||||||
(void) buffer_get_int(&buffer); /* Reserved data. */
|
(void) buffer_get_int(&buffer); /* Reserved data. */
|
||||||
|
|
@ -403,6 +405,7 @@ fail:
|
||||||
prv->e = NULL;
|
prv->e = NULL;
|
||||||
if (comment_return)
|
if (comment_return)
|
||||||
xfree(*comment_return);
|
xfree(*comment_return);
|
||||||
|
close(fd);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
/* Read the rest of the private key. */
|
/* Read the rest of the private key. */
|
||||||
|
|
@ -431,7 +434,7 @@ fail:
|
||||||
BN_CTX_free(ctx);
|
BN_CTX_free(ctx);
|
||||||
|
|
||||||
buffer_free(&decrypted);
|
buffer_free(&decrypted);
|
||||||
|
close(fd);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -446,6 +449,7 @@ load_private_key_ssh2(int fd, const char *passphrase, Key *k, char **comment_ret
|
||||||
fp = fdopen(fd, "r");
|
fp = fdopen(fd, "r");
|
||||||
if (fp == NULL) {
|
if (fp == NULL) {
|
||||||
error("fdopen failed");
|
error("fdopen failed");
|
||||||
|
close(fd);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase);
|
pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase);
|
||||||
|
|
@ -515,7 +519,7 @@ load_private_key(const char *filename, const char *passphrase, Key *key,
|
||||||
error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @");
|
error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @");
|
||||||
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
|
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
|
||||||
error("Bad ownership or mode(0%3.3o) for '%s'.",
|
error("Bad ownership or mode(0%3.3o) for '%s'.",
|
||||||
st.st_mode & 0777, filename);
|
st.st_mode & 0777, filename);
|
||||||
error("It is recommended that your private key files are NOT accessible by others.");
|
error("It is recommended that your private key files are NOT accessible by others.");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
@ -530,16 +534,19 @@ load_private_key(const char *filename, const char *passphrase, Key *key,
|
||||||
key->rsa->n = NULL;
|
key->rsa->n = NULL;
|
||||||
}
|
}
|
||||||
ret = load_private_key_rsa1(fd, filename, passphrase,
|
ret = load_private_key_rsa1(fd, filename, passphrase,
|
||||||
key->rsa, comment_return);
|
key->rsa, comment_return); /* closes fd */
|
||||||
|
|
||||||
break;
|
break;
|
||||||
case KEY_DSA:
|
case KEY_DSA:
|
||||||
case KEY_RSA:
|
case KEY_RSA:
|
||||||
case KEY_UNSPEC:
|
case KEY_UNSPEC:
|
||||||
ret = load_private_key_ssh2(fd, passphrase, key, comment_return);
|
ret = load_private_key_ssh2(fd, passphrase, key,
|
||||||
|
comment_return); /* closes fd */
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
|
close(fd);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
close(fd);
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue