diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:31:17 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:31:17 +1000 |
| commit | a627d42e51ffa71e014d7b2d2c07118122fd3ec3 (patch) | |
| tree | 7bda769de81f509e28d800916fa20abd37906d79 /auth2-pubkey.c | |
| parent | c7aad0058c957afeb26a3f703e8cb0eddeb62365 (diff) | |
- djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
Diffstat (limited to 'auth2-pubkey.c')
| -rw-r--r-- | auth2-pubkey.c | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index c28bef7a2..4c326df7a 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-pubkey.c,v 1.35 2013/03/07 00:19:59 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.36 2013/05/17 00:13:13 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -154,7 +154,7 @@ userauth_pubkey(Authctxt *authctxt) | |||
| 154 | buffer_len(&b))) == 1) | 154 | buffer_len(&b))) == 1) |
| 155 | authenticated = 1; | 155 | authenticated = 1; |
| 156 | buffer_free(&b); | 156 | buffer_free(&b); |
| 157 | xfree(sig); | 157 | free(sig); |
| 158 | } else { | 158 | } else { |
| 159 | debug("test whether pkalg/pkblob are acceptable"); | 159 | debug("test whether pkalg/pkblob are acceptable"); |
| 160 | packet_check_eom(); | 160 | packet_check_eom(); |
| @@ -182,8 +182,8 @@ done: | |||
| 182 | debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg); | 182 | debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg); |
| 183 | if (key != NULL) | 183 | if (key != NULL) |
| 184 | key_free(key); | 184 | key_free(key); |
| 185 | xfree(pkalg); | 185 | free(pkalg); |
| 186 | xfree(pkblob); | 186 | free(pkblob); |
| 187 | return authenticated; | 187 | return authenticated; |
| 188 | } | 188 | } |
| 189 | 189 | ||
| @@ -200,7 +200,7 @@ match_principals_option(const char *principal_list, struct KeyCert *cert) | |||
| 200 | principal_list, NULL)) != NULL) { | 200 | principal_list, NULL)) != NULL) { |
| 201 | debug3("matched principal from key options \"%.100s\"", | 201 | debug3("matched principal from key options \"%.100s\"", |
| 202 | result); | 202 | result); |
| 203 | xfree(result); | 203 | free(result); |
| 204 | return 1; | 204 | return 1; |
| 205 | } | 205 | } |
| 206 | } | 206 | } |
| @@ -336,7 +336,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | |||
| 336 | reason = "Certificate does not contain an " | 336 | reason = "Certificate does not contain an " |
| 337 | "authorized principal"; | 337 | "authorized principal"; |
| 338 | fail_reason: | 338 | fail_reason: |
| 339 | xfree(fp); | 339 | free(fp); |
| 340 | error("%s", reason); | 340 | error("%s", reason); |
| 341 | auth_debug_add("%s", reason); | 341 | auth_debug_add("%s", reason); |
| 342 | continue; | 342 | continue; |
| @@ -346,13 +346,13 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | |||
| 346 | &reason) != 0) | 346 | &reason) != 0) |
| 347 | goto fail_reason; | 347 | goto fail_reason; |
| 348 | if (auth_cert_options(key, pw) != 0) { | 348 | if (auth_cert_options(key, pw) != 0) { |
| 349 | xfree(fp); | 349 | free(fp); |
| 350 | continue; | 350 | continue; |
| 351 | } | 351 | } |
| 352 | verbose("Accepted certificate ID \"%s\" " | 352 | verbose("Accepted certificate ID \"%s\" " |
| 353 | "signed by %s CA %s via %s", key->cert->key_id, | 353 | "signed by %s CA %s via %s", key->cert->key_id, |
| 354 | key_type(found), fp, file); | 354 | key_type(found), fp, file); |
| 355 | xfree(fp); | 355 | free(fp); |
| 356 | found_key = 1; | 356 | found_key = 1; |
| 357 | break; | 357 | break; |
| 358 | } else if (key_equal(found, key)) { | 358 | } else if (key_equal(found, key)) { |
| @@ -367,7 +367,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | |||
| 367 | fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); | 367 | fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); |
| 368 | verbose("Found matching %s key: %s", | 368 | verbose("Found matching %s key: %s", |
| 369 | key_type(found), fp); | 369 | key_type(found), fp); |
| 370 | xfree(fp); | 370 | free(fp); |
| 371 | break; | 371 | break; |
| 372 | } | 372 | } |
| 373 | } | 373 | } |
| @@ -425,10 +425,8 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | |||
| 425 | ret = 1; | 425 | ret = 1; |
| 426 | 426 | ||
| 427 | out: | 427 | out: |
| 428 | if (principals_file != NULL) | 428 | free(principals_file); |
| 429 | xfree(principals_file); | 429 | free(ca_fp); |
| 430 | if (ca_fp != NULL) | ||
| 431 | xfree(ca_fp); | ||
| 432 | return ret; | 430 | return ret; |
| 433 | } | 431 | } |
| 434 | 432 | ||
| @@ -633,7 +631,7 @@ user_key_allowed(struct passwd *pw, Key *key) | |||
| 633 | options.authorized_keys_files[i], pw); | 631 | options.authorized_keys_files[i], pw); |
| 634 | 632 | ||
| 635 | success = user_key_allowed2(pw, key, file); | 633 | success = user_key_allowed2(pw, key, file); |
| 636 | xfree(file); | 634 | free(file); |
| 637 | } | 635 | } |
| 638 | 636 | ||
| 639 | return success; | 637 | return success; |