mirror of git://anongit.mindrot.org/openssh.git
upstream commit
revise sshkey_load_public(): remove ssh1 related comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if 'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@ Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca
This commit is contained in:
markus@openbsd.org
Damien Miller
parent
813f55336a
commit
afbfa68fa1
46
authfile.c
46
authfile.c
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: authfile.c,v 1.124 2017/04/30 23:10:43 djm Exp $ */
|
||||
/* $OpenBSD: authfile.c,v 1.125 2017/05/30 08:49:32 markus Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
|
||||
*
|
||||
|
|
@ -316,50 +316,48 @@ sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp)
|
|||
return SSH_ERR_INVALID_FORMAT;
|
||||
}
|
||||
|
||||
/* load public key from ssh v1 private or any pubkey file */
|
||||
/* load public key from any pubkey file */
|
||||
int
|
||||
sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
|
||||
{
|
||||
struct sshkey *pub = NULL;
|
||||
char file[PATH_MAX];
|
||||
int r, fd;
|
||||
char *file = NULL;
|
||||
int r;
|
||||
|
||||
if (keyp != NULL)
|
||||
*keyp = NULL;
|
||||
if (commentp != NULL)
|
||||
*commentp = NULL;
|
||||
|
||||
/* XXX should load file once and attempt to parse each format */
|
||||
|
||||
if ((fd = open(filename, O_RDONLY)) < 0)
|
||||
goto skip;
|
||||
close(fd);
|
||||
|
||||
/* try ssh2 public key */
|
||||
if ((pub = sshkey_new(KEY_UNSPEC)) == NULL)
|
||||
return SSH_ERR_ALLOC_FAIL;
|
||||
if ((r = sshkey_try_load_public(pub, filename, commentp)) == 0) {
|
||||
if (keyp != NULL)
|
||||
if (keyp != NULL) {
|
||||
*keyp = pub;
|
||||
return 0;
|
||||
pub = NULL;
|
||||
}
|
||||
r = 0;
|
||||
goto out;
|
||||
}
|
||||
sshkey_free(pub);
|
||||
|
||||
|
||||
skip:
|
||||
/* try .pub suffix */
|
||||
if ((pub = sshkey_new(KEY_UNSPEC)) == NULL)
|
||||
if (asprintf(&file, "%s.pub", filename) == -1)
|
||||
return SSH_ERR_ALLOC_FAIL;
|
||||
r = SSH_ERR_ALLOC_FAIL; /* in case strlcpy or strlcat fail */
|
||||
if ((strlcpy(file, filename, sizeof file) < sizeof(file)) &&
|
||||
(strlcat(file, ".pub", sizeof file) < sizeof(file)) &&
|
||||
(r = sshkey_try_load_public(pub, file, commentp)) == 0) {
|
||||
if (keyp != NULL)
|
||||
*keyp = pub;
|
||||
return 0;
|
||||
if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) {
|
||||
r = SSH_ERR_ALLOC_FAIL;
|
||||
goto out;
|
||||
}
|
||||
if ((r = sshkey_try_load_public(pub, file, commentp)) == 0) {
|
||||
if (keyp != NULL) {
|
||||
*keyp = pub;
|
||||
pub = NULL;
|
||||
}
|
||||
r = 0;
|
||||
}
|
||||
out:
|
||||
free(file);
|
||||
sshkey_free(pub);
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue