diff options
author | Damien Miller <djm@mindrot.org> | 1999-12-07 15:38:31 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-12-07 15:38:31 +1100 |
commit | 037a0dc0835bb5a442bdcbeecdd5baed723f0b45 (patch) | |
tree | d02954d57ac437fd036e3e9544f24559ca8f0f0f /authfile.c | |
parent | eabf3417bc73ca9546a3ed489cd809ffdf303853 (diff) |
- Merged more OpenBSD changes:
- [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c]
move atomicio into it's own file. wrap all socket write()s which
were doing write(sock, buf, len) != len, with atomicio() calls.
- [auth-skey.c]
fd leak
- [authfile.c]
properly name fd variable
- [channels.c]
display great hatred towards strcpy
- [pty.c pty.h sshd.c]
use openpty() if it exists (it does on BSD4_4)
- [tildexpand.c]
check for ~ expansion past MAXPATHLEN
- Modified helper.c to use new atomicio function.
- Reformat Makefile a little
- Moved RC4 routines from rc4.[ch] into helper.c
- Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX)
Diffstat (limited to 'authfile.c')
-rw-r--r-- | authfile.c | 51 |
1 files changed, 26 insertions, 25 deletions
diff --git a/authfile.c b/authfile.c index 97d0a8783..b0e832a04 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -15,7 +15,7 @@ | |||
15 | */ | 15 | */ |
16 | 16 | ||
17 | #include "includes.h" | 17 | #include "includes.h" |
18 | RCSID("$Id: authfile.c,v 1.5 1999/11/25 00:54:58 damien Exp $"); | 18 | RCSID("$Id: authfile.c,v 1.6 1999/12/07 04:38:32 damien Exp $"); |
19 | 19 | ||
20 | #ifdef HAVE_OPENSSL | 20 | #ifdef HAVE_OPENSSL |
21 | #include <openssl/bn.h> | 21 | #include <openssl/bn.h> |
@@ -46,7 +46,7 @@ save_private_key(const char *filename, const char *passphrase, | |||
46 | { | 46 | { |
47 | Buffer buffer, encrypted; | 47 | Buffer buffer, encrypted; |
48 | char buf[100], *cp; | 48 | char buf[100], *cp; |
49 | int f, i; | 49 | int fd, i; |
50 | CipherContext cipher; | 50 | CipherContext cipher; |
51 | int cipher_type; | 51 | int cipher_type; |
52 | u_int32_t rand; | 52 | u_int32_t rand; |
@@ -117,19 +117,19 @@ save_private_key(const char *filename, const char *passphrase, | |||
117 | memset(buf, 0, sizeof(buf)); | 117 | memset(buf, 0, sizeof(buf)); |
118 | buffer_free(&buffer); | 118 | buffer_free(&buffer); |
119 | 119 | ||
120 | f = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); | 120 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
121 | if (f < 0) | 121 | if (fd < 0) |
122 | return 0; | 122 | return 0; |
123 | if (write(f, buffer_ptr(&encrypted), buffer_len(&encrypted)) != | 123 | if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
124 | buffer_len(&encrypted)) { | 124 | buffer_len(&encrypted)) { |
125 | debug("Write to key file %.200s failed: %.100s", filename, | 125 | debug("Write to key file %.200s failed: %.100s", filename, |
126 | strerror(errno)); | 126 | strerror(errno)); |
127 | buffer_free(&encrypted); | 127 | buffer_free(&encrypted); |
128 | close(f); | 128 | close(fd); |
129 | remove(filename); | 129 | remove(filename); |
130 | return 0; | 130 | return 0; |
131 | } | 131 | } |
132 | close(f); | 132 | close(fd); |
133 | buffer_free(&encrypted); | 133 | buffer_free(&encrypted); |
134 | return 1; | 134 | return 1; |
135 | } | 135 | } |
@@ -144,28 +144,28 @@ int | |||
144 | load_public_key(const char *filename, RSA * pub, | 144 | load_public_key(const char *filename, RSA * pub, |
145 | char **comment_return) | 145 | char **comment_return) |
146 | { | 146 | { |
147 | int f, i; | 147 | int fd, i; |
148 | off_t len; | 148 | off_t len; |
149 | Buffer buffer; | 149 | Buffer buffer; |
150 | char *cp; | 150 | char *cp; |
151 | 151 | ||
152 | f = open(filename, O_RDONLY); | 152 | fd = open(filename, O_RDONLY); |
153 | if (f < 0) | 153 | if (fd < 0) |
154 | return 0; | 154 | return 0; |
155 | len = lseek(f, (off_t) 0, SEEK_END); | 155 | len = lseek(fd, (off_t) 0, SEEK_END); |
156 | lseek(f, (off_t) 0, SEEK_SET); | 156 | lseek(fd, (off_t) 0, SEEK_SET); |
157 | 157 | ||
158 | buffer_init(&buffer); | 158 | buffer_init(&buffer); |
159 | buffer_append_space(&buffer, &cp, len); | 159 | buffer_append_space(&buffer, &cp, len); |
160 | 160 | ||
161 | if (read(f, cp, (size_t) len) != (size_t) len) { | 161 | if (read(fd, cp, (size_t) len) != (size_t) len) { |
162 | debug("Read from key file %.200s failed: %.100s", filename, | 162 | debug("Read from key file %.200s failed: %.100s", filename, |
163 | strerror(errno)); | 163 | strerror(errno)); |
164 | buffer_free(&buffer); | 164 | buffer_free(&buffer); |
165 | close(f); | 165 | close(fd); |
166 | return 0; | 166 | return 0; |
167 | } | 167 | } |
168 | close(f); | 168 | close(fd); |
169 | 169 | ||
170 | /* Check that it is at least big enought to contain the ID string. */ | 170 | /* Check that it is at least big enought to contain the ID string. */ |
171 | if (len < strlen(AUTHFILE_ID_STRING) + 1) { | 171 | if (len < strlen(AUTHFILE_ID_STRING) + 1) { |
@@ -178,7 +178,7 @@ load_public_key(const char *filename, RSA * pub, | |||
178 | * from the buffer. | 178 | * from the buffer. |
179 | */ | 179 | */ |
180 | for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++) | 180 | for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++) |
181 | if (buffer_get_char(&buffer) != (unsigned char) AUTHFILE_ID_STRING[i]) { | 181 | if (buffer_get_char(&buffer) != (u_char) AUTHFILE_ID_STRING[i]) { |
182 | debug("Bad key file %.200s.", filename); | 182 | debug("Bad key file %.200s.", filename); |
183 | buffer_free(&buffer); | 183 | buffer_free(&buffer); |
184 | return 0; | 184 | return 0; |
@@ -213,7 +213,7 @@ int | |||
213 | load_private_key(const char *filename, const char *passphrase, | 213 | load_private_key(const char *filename, const char *passphrase, |
214 | RSA * prv, char **comment_return) | 214 | RSA * prv, char **comment_return) |
215 | { | 215 | { |
216 | int f, i, check1, check2, cipher_type; | 216 | int fd, i, check1, check2, cipher_type; |
217 | off_t len; | 217 | off_t len; |
218 | Buffer buffer, decrypted; | 218 | Buffer buffer, decrypted; |
219 | char *cp; | 219 | char *cp; |
@@ -222,14 +222,15 @@ load_private_key(const char *filename, const char *passphrase, | |||
222 | BIGNUM *aux; | 222 | BIGNUM *aux; |
223 | struct stat st; | 223 | struct stat st; |
224 | 224 | ||
225 | f = open(filename, O_RDONLY); | 225 | fd = open(filename, O_RDONLY); |
226 | if (f < 0) | 226 | if (fd < 0) |
227 | return 0; | 227 | return 0; |
228 | 228 | ||
229 | /* check owner and modes */ | 229 | /* check owner and modes */ |
230 | if (fstat(f, &st) < 0 || | 230 | if (fstat(fd, &st) < 0 || |
231 | (st.st_uid != 0 && st.st_uid != getuid()) || | 231 | (st.st_uid != 0 && st.st_uid != getuid()) || |
232 | (st.st_mode & 077) != 0) { | 232 | (st.st_mode & 077) != 0) { |
233 | close(fd); | ||
233 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); | 234 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
234 | error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); | 235 | error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); |
235 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); | 236 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
@@ -238,20 +239,20 @@ load_private_key(const char *filename, const char *passphrase, | |||
238 | error("It is recommended that your private key files are NOT accessible by others."); | 239 | error("It is recommended that your private key files are NOT accessible by others."); |
239 | return 0; | 240 | return 0; |
240 | } | 241 | } |
241 | len = lseek(f, (off_t) 0, SEEK_END); | 242 | len = lseek(fd, (off_t) 0, SEEK_END); |
242 | lseek(f, (off_t) 0, SEEK_SET); | 243 | lseek(fd, (off_t) 0, SEEK_SET); |
243 | 244 | ||
244 | buffer_init(&buffer); | 245 | buffer_init(&buffer); |
245 | buffer_append_space(&buffer, &cp, len); | 246 | buffer_append_space(&buffer, &cp, len); |
246 | 247 | ||
247 | if (read(f, cp, (size_t) len) != (size_t) len) { | 248 | if (read(fd, cp, (size_t) len) != (size_t) len) { |
248 | debug("Read from key file %.200s failed: %.100s", filename, | 249 | debug("Read from key file %.200s failed: %.100s", filename, |
249 | strerror(errno)); | 250 | strerror(errno)); |
250 | buffer_free(&buffer); | 251 | buffer_free(&buffer); |
251 | close(f); | 252 | close(fd); |
252 | return 0; | 253 | return 0; |
253 | } | 254 | } |
254 | close(f); | 255 | close(fd); |
255 | 256 | ||
256 | /* Check that it is at least big enought to contain the ID string. */ | 257 | /* Check that it is at least big enought to contain the ID string. */ |
257 | if (len < strlen(AUTHFILE_ID_STRING) + 1) { | 258 | if (len < strlen(AUTHFILE_ID_STRING) + 1) { |