diff options
author | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:31:17 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:31:17 +1000 |
commit | a627d42e51ffa71e014d7b2d2c07118122fd3ec3 (patch) | |
tree | 7bda769de81f509e28d800916fa20abd37906d79 /auth2-pubkey.c | |
parent | c7aad0058c957afeb26a3f703e8cb0eddeb62365 (diff) |
- djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
Diffstat (limited to 'auth2-pubkey.c')
-rw-r--r-- | auth2-pubkey.c | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index c28bef7a2..4c326df7a 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-pubkey.c,v 1.35 2013/03/07 00:19:59 djm Exp $ */ | 1 | /* $OpenBSD: auth2-pubkey.c,v 1.36 2013/05/17 00:13:13 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -154,7 +154,7 @@ userauth_pubkey(Authctxt *authctxt) | |||
154 | buffer_len(&b))) == 1) | 154 | buffer_len(&b))) == 1) |
155 | authenticated = 1; | 155 | authenticated = 1; |
156 | buffer_free(&b); | 156 | buffer_free(&b); |
157 | xfree(sig); | 157 | free(sig); |
158 | } else { | 158 | } else { |
159 | debug("test whether pkalg/pkblob are acceptable"); | 159 | debug("test whether pkalg/pkblob are acceptable"); |
160 | packet_check_eom(); | 160 | packet_check_eom(); |
@@ -182,8 +182,8 @@ done: | |||
182 | debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg); | 182 | debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg); |
183 | if (key != NULL) | 183 | if (key != NULL) |
184 | key_free(key); | 184 | key_free(key); |
185 | xfree(pkalg); | 185 | free(pkalg); |
186 | xfree(pkblob); | 186 | free(pkblob); |
187 | return authenticated; | 187 | return authenticated; |
188 | } | 188 | } |
189 | 189 | ||
@@ -200,7 +200,7 @@ match_principals_option(const char *principal_list, struct KeyCert *cert) | |||
200 | principal_list, NULL)) != NULL) { | 200 | principal_list, NULL)) != NULL) { |
201 | debug3("matched principal from key options \"%.100s\"", | 201 | debug3("matched principal from key options \"%.100s\"", |
202 | result); | 202 | result); |
203 | xfree(result); | 203 | free(result); |
204 | return 1; | 204 | return 1; |
205 | } | 205 | } |
206 | } | 206 | } |
@@ -336,7 +336,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | |||
336 | reason = "Certificate does not contain an " | 336 | reason = "Certificate does not contain an " |
337 | "authorized principal"; | 337 | "authorized principal"; |
338 | fail_reason: | 338 | fail_reason: |
339 | xfree(fp); | 339 | free(fp); |
340 | error("%s", reason); | 340 | error("%s", reason); |
341 | auth_debug_add("%s", reason); | 341 | auth_debug_add("%s", reason); |
342 | continue; | 342 | continue; |
@@ -346,13 +346,13 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | |||
346 | &reason) != 0) | 346 | &reason) != 0) |
347 | goto fail_reason; | 347 | goto fail_reason; |
348 | if (auth_cert_options(key, pw) != 0) { | 348 | if (auth_cert_options(key, pw) != 0) { |
349 | xfree(fp); | 349 | free(fp); |
350 | continue; | 350 | continue; |
351 | } | 351 | } |
352 | verbose("Accepted certificate ID \"%s\" " | 352 | verbose("Accepted certificate ID \"%s\" " |
353 | "signed by %s CA %s via %s", key->cert->key_id, | 353 | "signed by %s CA %s via %s", key->cert->key_id, |
354 | key_type(found), fp, file); | 354 | key_type(found), fp, file); |
355 | xfree(fp); | 355 | free(fp); |
356 | found_key = 1; | 356 | found_key = 1; |
357 | break; | 357 | break; |
358 | } else if (key_equal(found, key)) { | 358 | } else if (key_equal(found, key)) { |
@@ -367,7 +367,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) | |||
367 | fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); | 367 | fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); |
368 | verbose("Found matching %s key: %s", | 368 | verbose("Found matching %s key: %s", |
369 | key_type(found), fp); | 369 | key_type(found), fp); |
370 | xfree(fp); | 370 | free(fp); |
371 | break; | 371 | break; |
372 | } | 372 | } |
373 | } | 373 | } |
@@ -425,10 +425,8 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) | |||
425 | ret = 1; | 425 | ret = 1; |
426 | 426 | ||
427 | out: | 427 | out: |
428 | if (principals_file != NULL) | 428 | free(principals_file); |
429 | xfree(principals_file); | 429 | free(ca_fp); |
430 | if (ca_fp != NULL) | ||
431 | xfree(ca_fp); | ||
432 | return ret; | 430 | return ret; |
433 | } | 431 | } |
434 | 432 | ||
@@ -633,7 +631,7 @@ user_key_allowed(struct passwd *pw, Key *key) | |||
633 | options.authorized_keys_files[i], pw); | 631 | options.authorized_keys_files[i], pw); |
634 | 632 | ||
635 | success = user_key_allowed2(pw, key, file); | 633 | success = user_key_allowed2(pw, key, file); |
636 | xfree(file); | 634 | free(file); |
637 | } | 635 | } |
638 | 636 | ||
639 | return success; | 637 | return success; |