diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-16 02:00:02 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-16 02:00:02 +0000 |
| commit | 15f33866a6fb9e67f2a89f5edc8b8c7635f6d984 (patch) | |
| tree | 71e6283773761cceccd9bca3341348f6a073d333 /authfile.c | |
| parent | 897741eeaa0ebb5e2ce10a6b0ada8f3e55d22777 (diff) | |
- markus@cvs.openbsd.org 2001/04/15 16:58:03
[authfile.c ssh-keygen.c sshd.c]
don't use errno for key_{load,save}_private; discussion w/ solar@openwall
Diffstat (limited to 'authfile.c')
| -rw-r--r-- | authfile.c | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/authfile.c b/authfile.c index e02b301fd..2e51785a6 100644 --- a/authfile.c +++ b/authfile.c | |||
| @@ -36,7 +36,7 @@ | |||
| 36 | */ | 36 | */ |
| 37 | 37 | ||
| 38 | #include "includes.h" | 38 | #include "includes.h" |
| 39 | RCSID("$OpenBSD: authfile.c,v 1.30 2001/03/26 23:12:42 markus Exp $"); | 39 | RCSID("$OpenBSD: authfile.c,v 1.31 2001/04/15 16:58:03 markus Exp $"); |
| 40 | 40 | ||
| 41 | #include <openssl/err.h> | 41 | #include <openssl/err.h> |
| 42 | #include <openssl/evp.h> | 42 | #include <openssl/evp.h> |
| @@ -140,11 +140,13 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, | |||
| 140 | buffer_free(&buffer); | 140 | buffer_free(&buffer); |
| 141 | 141 | ||
| 142 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); | 142 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
| 143 | if (fd < 0) | 143 | if (fd < 0) { |
| 144 | error("open %s failed: %s.", filename, strerror(errno)); | ||
| 144 | return 0; | 145 | return 0; |
| 146 | } | ||
| 145 | if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != | 147 | if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
| 146 | buffer_len(&encrypted)) { | 148 | buffer_len(&encrypted)) { |
| 147 | debug("Write to key file %.200s failed: %.100s", filename, | 149 | error("write to key file %s failed: %s", filename, |
| 148 | strerror(errno)); | 150 | strerror(errno)); |
| 149 | buffer_free(&encrypted); | 151 | buffer_free(&encrypted); |
| 150 | close(fd); | 152 | close(fd); |
| @@ -169,18 +171,17 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase, | |||
| 169 | EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; | 171 | EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; |
| 170 | 172 | ||
| 171 | if (len > 0 && len <= 4) { | 173 | if (len > 0 && len <= 4) { |
| 172 | error("passphrase too short: %d bytes", len); | 174 | error("passphrase too short: have %d bytes, need > 4", len); |
| 173 | errno = 0; | ||
| 174 | return 0; | 175 | return 0; |
| 175 | } | 176 | } |
| 176 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); | 177 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
| 177 | if (fd < 0) { | 178 | if (fd < 0) { |
| 178 | debug("open %s failed", filename); | 179 | error("open %s failed: %s.", filename, strerror(errno)); |
| 179 | return 0; | 180 | return 0; |
| 180 | } | 181 | } |
| 181 | fp = fdopen(fd, "w"); | 182 | fp = fdopen(fd, "w"); |
| 182 | if (fp == NULL ) { | 183 | if (fp == NULL ) { |
| 183 | debug("fdopen %s failed", filename); | 184 | error("fdopen %s failed: %s.", filename, strerror(errno)); |
| 184 | close(fd); | 185 | close(fd); |
| 185 | return 0; | 186 | return 0; |
| 186 | } | 187 | } |
| @@ -215,6 +216,7 @@ key_save_private(Key *key, const char *filename, const char *passphrase, | |||
| 215 | default: | 216 | default: |
| 216 | break; | 217 | break; |
| 217 | } | 218 | } |
| 219 | error("key_save_private: cannot save key type %d", key->type); | ||
| 218 | return 0; | 220 | return 0; |
| 219 | } | 221 | } |
| 220 | 222 | ||
| @@ -248,7 +250,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) | |||
| 248 | 250 | ||
| 249 | /* Check that it is at least big enough to contain the ID string. */ | 251 | /* Check that it is at least big enough to contain the ID string. */ |
| 250 | if (len < sizeof(authfile_id_string)) { | 252 | if (len < sizeof(authfile_id_string)) { |
| 251 | debug3("Bad RSA1 key file %.200s.", filename); | 253 | debug3("No RSA1 key file %.200s.", filename); |
| 252 | buffer_free(&buffer); | 254 | buffer_free(&buffer); |
| 253 | return NULL; | 255 | return NULL; |
| 254 | } | 256 | } |
| @@ -258,7 +260,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) | |||
| 258 | */ | 260 | */ |
| 259 | for (i = 0; i < sizeof(authfile_id_string); i++) | 261 | for (i = 0; i < sizeof(authfile_id_string); i++) |
| 260 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { | 262 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
| 261 | debug3("Bad RSA1 key file %.200s.", filename); | 263 | debug3("No RSA1 key file %.200s.", filename); |
| 262 | buffer_free(&buffer); | 264 | buffer_free(&buffer); |
| 263 | return NULL; | 265 | return NULL; |
| 264 | } | 266 | } |
| @@ -334,7 +336,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | |||
| 334 | 336 | ||
| 335 | /* Check that it is at least big enough to contain the ID string. */ | 337 | /* Check that it is at least big enough to contain the ID string. */ |
| 336 | if (len < sizeof(authfile_id_string)) { | 338 | if (len < sizeof(authfile_id_string)) { |
| 337 | debug3("Bad RSA1 key file %.200s.", filename); | 339 | debug3("No RSA1 key file %.200s.", filename); |
| 338 | buffer_free(&buffer); | 340 | buffer_free(&buffer); |
| 339 | close(fd); | 341 | close(fd); |
| 340 | return NULL; | 342 | return NULL; |
| @@ -345,7 +347,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | |||
| 345 | */ | 347 | */ |
| 346 | for (i = 0; i < sizeof(authfile_id_string); i++) | 348 | for (i = 0; i < sizeof(authfile_id_string); i++) |
| 347 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { | 349 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
| 348 | debug3("Bad RSA1 key file %.200s.", filename); | 350 | debug3("No RSA1 key file %.200s.", filename); |
| 349 | buffer_free(&buffer); | 351 | buffer_free(&buffer); |
| 350 | close(fd); | 352 | close(fd); |
| 351 | return NULL; | 353 | return NULL; |
| @@ -439,13 +441,13 @@ key_load_private_pem(int fd, int type, const char *passphrase, | |||
| 439 | 441 | ||
| 440 | fp = fdopen(fd, "r"); | 442 | fp = fdopen(fd, "r"); |
| 441 | if (fp == NULL) { | 443 | if (fp == NULL) { |
| 442 | error("fdopen failed"); | 444 | error("fdopen failed: %s", strerror(errno)); |
| 443 | close(fd); | 445 | close(fd); |
| 444 | return NULL; | 446 | return NULL; |
| 445 | } | 447 | } |
| 446 | pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); | 448 | pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); |
| 447 | if (pk == NULL) { | 449 | if (pk == NULL) { |
| 448 | debug("PEM_read_PrivateKey failed"); | 450 | error("PEM_read_PrivateKey failed"); |
| 449 | (void)ERR_get_error(); | 451 | (void)ERR_get_error(); |
| 450 | } else if (pk->type == EVP_PKEY_RSA && | 452 | } else if (pk->type == EVP_PKEY_RSA && |
| 451 | (type == KEY_UNSPEC||type==KEY_RSA)) { | 453 | (type == KEY_UNSPEC||type==KEY_RSA)) { |
| @@ -514,7 +516,7 @@ key_load_private_type(int type, const char *filename, const char *passphrase, | |||
| 514 | if (fd < 0) | 516 | if (fd < 0) |
| 515 | return NULL; | 517 | return NULL; |
| 516 | if (!key_perm_ok(fd, filename)) { | 518 | if (!key_perm_ok(fd, filename)) { |
| 517 | debug("bad permissions: ignore key: %s", filename); | 519 | error("bad permissions: ignore key: %s", filename); |
| 518 | close(fd); | 520 | close(fd); |
| 519 | return NULL; | 521 | return NULL; |
| 520 | } | 522 | } |
| @@ -548,7 +550,7 @@ key_load_private(const char *filename, const char *passphrase, | |||
| 548 | if (fd < 0) | 550 | if (fd < 0) |
| 549 | return NULL; | 551 | return NULL; |
| 550 | if (!key_perm_ok(fd, filename)) { | 552 | if (!key_perm_ok(fd, filename)) { |
| 551 | debug("bad permissions: ignore key: %s", filename); | 553 | error("bad permissions: ignore key: %s", filename); |
| 552 | close(fd); | 554 | close(fd); |
| 553 | return NULL; | 555 | return NULL; |
| 554 | } | 556 | } |