diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2017-01-30 01:03:00 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2017-01-30 12:04:10 +1100 |
| commit | 52763dd3fe0a4678dafdf7aeb32286e514130afc (patch) | |
| tree | 966cc6351f8b1afab76cfc4f018cde2c12d4f85f /auth2-pubkey.c | |
| parent | 381a2615a154a82c4c53b787f4a564ef894fe9ac (diff) | |
upstream commit
revise keys/principals command hang fix (bz#2655) to
consume entire output, avoiding sending SIGPIPE to subprocesses early; ok
dtucker@
Upstream-ID: 7cb04b31a61f8c78c4e48ceededcd2fd5c4ee1bc
Diffstat (limited to 'auth2-pubkey.c')
| -rw-r--r-- | auth2-pubkey.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 70c021589..3e5706f4d 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-pubkey.c,v 1.61 2016/12/30 22:08:02 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.62 2017/01/30 01:03:00 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -564,9 +564,12 @@ process_principals(FILE *f, char *file, struct passwd *pw, | |||
| 564 | { | 564 | { |
| 565 | char line[SSH_MAX_PUBKEY_BYTES], *cp, *ep, *line_opts; | 565 | char line[SSH_MAX_PUBKEY_BYTES], *cp, *ep, *line_opts; |
| 566 | u_long linenum = 0; | 566 | u_long linenum = 0; |
| 567 | u_int i; | 567 | u_int i, found_principal = 0; |
| 568 | 568 | ||
| 569 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 569 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
| 570 | /* Always consume entire input */ | ||
| 571 | if (found_principal) | ||
| 572 | continue; | ||
| 570 | /* Skip leading whitespace. */ | 573 | /* Skip leading whitespace. */ |
| 571 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) | 574 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) |
| 572 | ; | 575 | ; |
| @@ -599,11 +602,12 @@ process_principals(FILE *f, char *file, struct passwd *pw, | |||
| 599 | if (auth_parse_options(pw, line_opts, | 602 | if (auth_parse_options(pw, line_opts, |
| 600 | file, linenum) != 1) | 603 | file, linenum) != 1) |
| 601 | continue; | 604 | continue; |
| 602 | return 1; | 605 | found_principal = 1; |
| 606 | continue; | ||
| 603 | } | 607 | } |
| 604 | } | 608 | } |
| 605 | } | 609 | } |
| 606 | return 0; | 610 | return found_principal; |
| 607 | } | 611 | } |
| 608 | 612 | ||
| 609 | static int | 613 | static int |
| @@ -771,6 +775,9 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | |||
| 771 | char *cp, *key_options = NULL, *fp = NULL; | 775 | char *cp, *key_options = NULL, *fp = NULL; |
| 772 | const char *reason = NULL; | 776 | const char *reason = NULL; |
| 773 | 777 | ||
| 778 | /* Always consume entrire file */ | ||
| 779 | if (found_key) | ||
| 780 | continue; | ||
| 774 | if (found != NULL) | 781 | if (found != NULL) |
| 775 | key_free(found); | 782 | key_free(found); |
| 776 | found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type); | 783 | found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type); |
| @@ -857,7 +864,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | |||
| 857 | file, linenum, key_type(found), fp); | 864 | file, linenum, key_type(found), fp); |
| 858 | free(fp); | 865 | free(fp); |
| 859 | found_key = 1; | 866 | found_key = 1; |
| 860 | break; | 867 | continue; |
| 861 | } | 868 | } |
| 862 | } | 869 | } |
| 863 | if (found != NULL) | 870 | if (found != NULL) |