upstream commit

revise keys/principals command hang fix (bz#2655) to consume entire output, avoiding sending SIGPIPE to subprocesses early; ok dtucker@ Upstream-ID: 7cb04b31a61f8c78c4e48ceededcd2fd5c4ee1bc
2025-02-05 16:41:32 +00:00 · 2017-01-30 01:03:00 +00:00 · 2017-01-30 01:03:00 +00:00 · 52763dd3fe
commit 52763dd3fe
parent 381a2615a1
1 changed files with 12 additions and 5 deletions
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.61 2016/12/30 22:08:02 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.62 2017/01/30 01:03:00 djm Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@ -564,9 +564,12 @@ process_principals(FILE *f, char *file, struct passwd *pw,
 {
 	char line[SSH_MAX_PUBKEY_BYTES], *cp, *ep, *line_opts;
 	u_long linenum = 0;
-	u_int i;
+	u_int i, found_principal = 0;
 	while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
 		/* Always consume entire input */
 		if (found_principal)
 			continue;
 		/* Skip leading whitespace. */
 		for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
 			;
@ -599,11 +602,12 @@ process_principals(FILE *f, char *file, struct passwd *pw,
 				if (auth_parse_options(pw, line_opts,
 				    file, linenum) != 1)
 					continue;
-				return 1;
+				found_principal = 1;
 				continue;
 			}
 		}
 	}
-	return 0;
+	return found_principal;
 }
 static int
@ -771,6 +775,9 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
 		char *cp, *key_options = NULL, *fp = NULL;
 		const char *reason = NULL;
 		/* Always consume entrire file */
 		if (found_key)
 			continue;
 		if (found != NULL)
 			key_free(found);
 		found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);
@ -857,7 +864,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
 			    file, linenum, key_type(found), fp);
 			free(fp);
 			found_key = 1;
-			break;
+			continue;
 		}
 	}
 	if (found != NULL)