upstream commit

revert 1.34; causes problems loading public keys reported by semarie@ Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179
author: djm@openbsd.org <djm@openbsd.org> 2016-06-19 07:48:02 +0000
committer: Damien Miller <djm@mindrot.org> 2016-06-24 13:35:28 +1000
commit: 3147e7595d0f2f842a666c844ac53e6c7a253d7e (patch)
tree: 65356c00ae27f023a166d61395f71fc11e09060e
parent: ad23a75509f4320d43f628c50f0817e3ad12bfa7 (diff)
1 files changed, 2 insertions, 39 deletions
diff --git a/sshkey.c b/sshkey.c
index c642c2619..c9f04cd67 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.34 2016/06/17 05:06:23 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.35 2016/06/19 07:48:02 djm Exp $ */
 /*
 * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
 * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -3786,44 +3786,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type,
        if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL,
            (char *)passphrase)) == NULL) {
-                unsigned long pem_err = ERR_peek_last_error();
+                r = SSH_ERR_KEY_WRONG_PASSPHRASE;
-                int pem_reason = ERR_GET_REASON(pem_err);
-                /*
-                 * Translate OpenSSL error codes to determine whether
-                 * passphrase is required/incorrect.
-                 */
-                switch (ERR_GET_LIB(pem_err)) {
-                case ERR_LIB_PEM:
-                        switch (pem_reason) {
-                        case PEM_R_BAD_PASSWORD_READ:
-                        case PEM_R_PROBLEMS_GETTING_PASSWORD:
-                        case PEM_R_BAD_DECRYPT:
-                                r = SSH_ERR_KEY_WRONG_PASSPHRASE;
-                                goto out;
-                        default:
-                                r = SSH_ERR_INVALID_FORMAT;
-                                goto out;
-                        }
-                case ERR_LIB_EVP:
-                        switch (pem_reason) {
-                        case EVP_R_BAD_DECRYPT:
-                                r = SSH_ERR_KEY_WRONG_PASSPHRASE;
-                                goto out;
-                        case EVP_R_BN_DECODE_ERROR:
-                        case EVP_R_DECODE_ERROR:
-                        case EVP_R_PRIVATE_KEY_DECODE_ERROR:
-                                r = SSH_ERR_INVALID_FORMAT;
-                                goto out;
-                        default:
-                                r = SSH_ERR_LIBCRYPTO_ERROR;
-                                goto out;
-                        }
-                case ERR_LIB_ASN1:
-                        r = SSH_ERR_INVALID_FORMAT;
-                        goto out;
-                }
-                r = SSH_ERR_LIBCRYPTO_ERROR;
                goto out;
        }
        if (pk->type == EVP_PKEY_RSA &&
author	djm@openbsd.org <djm@openbsd.org>	2016-06-19 07:48:02 +0000
committer	Damien Miller <djm@mindrot.org>	2016-06-24 13:35:28 +1000
commit	3147e7595d0f2f842a666c844ac53e6c7a253d7e (patch)
tree	65356c00ae27f023a166d61395f71fc11e09060e
parent	ad23a75509f4320d43f628c50f0817e3ad12bfa7 (diff)

diff --git a/sshkey.c b/sshkey.c index c642c2619..c9f04cd67 100644 --- a/sshkey.c +++ b/sshkey.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshkey.c,v 1.34 2016/06/17 05:06:23 djm Exp $ */	1	/* $OpenBSD: sshkey.c,v 1.35 2016/06/19 07:48:02 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4	* Copyright (c) 2008 Alexander von Gernler. All rights reserved.	4	* Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -3786,44 +3786,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type,
3786		3786
3787	if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL,	3787	if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL,
3788	(char *)passphrase)) == NULL) {	3788	(char *)passphrase)) == NULL) {
3789	unsigned long pem_err = ERR_peek_last_error();	3789	r = SSH_ERR_KEY_WRONG_PASSPHRASE;
3790	int pem_reason = ERR_GET_REASON(pem_err);
3791
3792	/*
3793	* Translate OpenSSL error codes to determine whether
3794	* passphrase is required/incorrect.
3795	*/
3796	switch (ERR_GET_LIB(pem_err)) {
3797	case ERR_LIB_PEM:
3798	switch (pem_reason) {
3799	case PEM_R_BAD_PASSWORD_READ:
3800	case PEM_R_PROBLEMS_GETTING_PASSWORD:
3801	case PEM_R_BAD_DECRYPT:
3802	r = SSH_ERR_KEY_WRONG_PASSPHRASE;
3803	goto out;
3804	default:
3805	r = SSH_ERR_INVALID_FORMAT;
3806	goto out;
3807	}
3808	case ERR_LIB_EVP:
3809	switch (pem_reason) {
3810	case EVP_R_BAD_DECRYPT:
3811	r = SSH_ERR_KEY_WRONG_PASSPHRASE;
3812	goto out;
3813	case EVP_R_BN_DECODE_ERROR:
3814	case EVP_R_DECODE_ERROR:
3815	case EVP_R_PRIVATE_KEY_DECODE_ERROR:
3816	r = SSH_ERR_INVALID_FORMAT;
3817	goto out;
3818	default:
3819	r = SSH_ERR_LIBCRYPTO_ERROR;
3820	goto out;
3821	}
3822	case ERR_LIB_ASN1:
3823	r = SSH_ERR_INVALID_FORMAT;
3824	goto out;
3825	}
3826	r = SSH_ERR_LIBCRYPTO_ERROR;
3827	goto out;	3790	goto out;
3828	}	3791	}
3829	if (pk->type == EVP_PKEY_RSA &&	3792	if (pk->type == EVP_PKEY_RSA &&