diff options
| author | Colin Watson <cjwatson@debian.org> | 2003-09-01 18:42:19 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2003-09-01 18:42:19 +0000 |
| commit | 8d6b7f4c46de3feb66f704ab483e51ea1a3bb0e1 (patch) | |
| tree | 41fe3dd71501bbec5b0393f1536c925eaee180e9 /authfile.c | |
| parent | f045c69060bfdd5cf8759a5f29d7008d02e4de5b (diff) | |
| parent | 58bfa257481a1c6938ada9bbd38801cc45633fb0 (diff) | |
Debian release 3.6p1-1.
Diffstat (limited to 'authfile.c')
| -rw-r--r-- | authfile.c | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/authfile.c b/authfile.c index 1fa5d811a..90618efde 100644 --- a/authfile.c +++ b/authfile.c | |||
| @@ -36,7 +36,7 @@ | |||
| 36 | */ | 36 | */ |
| 37 | 37 | ||
| 38 | #include "includes.h" | 38 | #include "includes.h" |
| 39 | RCSID("$OpenBSD: authfile.c,v 1.50 2002/06/24 14:55:38 markus Exp $"); | 39 | RCSID("$OpenBSD: authfile.c,v 1.52 2003/03/13 11:42:18 markus Exp $"); |
| 40 | 40 | ||
| 41 | #include <openssl/err.h> | 41 | #include <openssl/err.h> |
| 42 | #include <openssl/evp.h> | 42 | #include <openssl/evp.h> |
| @@ -232,12 +232,17 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) | |||
| 232 | { | 232 | { |
| 233 | Buffer buffer; | 233 | Buffer buffer; |
| 234 | Key *pub; | 234 | Key *pub; |
| 235 | struct stat st; | ||
| 235 | char *cp; | 236 | char *cp; |
| 236 | int i; | 237 | int i; |
| 237 | off_t len; | 238 | off_t len; |
| 238 | 239 | ||
| 239 | len = lseek(fd, (off_t) 0, SEEK_END); | 240 | if (fstat(fd, &st) < 0) { |
| 240 | lseek(fd, (off_t) 0, SEEK_SET); | 241 | error("fstat for key file %.200s failed: %.100s", |
| 242 | filename, strerror(errno)); | ||
| 243 | return NULL; | ||
| 244 | } | ||
| 245 | len = st.st_size; | ||
| 241 | 246 | ||
| 242 | buffer_init(&buffer); | 247 | buffer_init(&buffer); |
| 243 | cp = buffer_append_space(&buffer, len); | 248 | cp = buffer_append_space(&buffer, len); |
| @@ -318,9 +323,15 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | |||
| 318 | CipherContext ciphercontext; | 323 | CipherContext ciphercontext; |
| 319 | Cipher *cipher; | 324 | Cipher *cipher; |
| 320 | Key *prv = NULL; | 325 | Key *prv = NULL; |
| 326 | struct stat st; | ||
| 321 | 327 | ||
| 322 | len = lseek(fd, (off_t) 0, SEEK_END); | 328 | if (fstat(fd, &st) < 0) { |
| 323 | lseek(fd, (off_t) 0, SEEK_SET); | 329 | error("fstat for key file %.200s failed: %.100s", |
| 330 | filename, strerror(errno)); | ||
| 331 | close(fd); | ||
| 332 | return NULL; | ||
| 333 | } | ||
| 334 | len = st.st_size; | ||
| 324 | 335 | ||
| 325 | buffer_init(&buffer); | 336 | buffer_init(&buffer); |
| 326 | cp = buffer_append_space(&buffer, len); | 337 | cp = buffer_append_space(&buffer, len); |
| @@ -410,6 +421,12 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | |||
| 410 | rsa_generate_additional_parameters(prv->rsa); | 421 | rsa_generate_additional_parameters(prv->rsa); |
| 411 | 422 | ||
| 412 | buffer_free(&decrypted); | 423 | buffer_free(&decrypted); |
| 424 | |||
| 425 | /* enable blinding */ | ||
| 426 | if (RSA_blinding_on(prv->rsa, NULL) != 1) { | ||
| 427 | error("key_load_private_rsa1: RSA_blinding_on failed"); | ||
| 428 | goto fail; | ||
| 429 | } | ||
| 413 | close(fd); | 430 | close(fd); |
| 414 | return prv; | 431 | return prv; |
| 415 | 432 | ||
| @@ -449,6 +466,11 @@ key_load_private_pem(int fd, int type, const char *passphrase, | |||
| 449 | #ifdef DEBUG_PK | 466 | #ifdef DEBUG_PK |
| 450 | RSA_print_fp(stderr, prv->rsa, 8); | 467 | RSA_print_fp(stderr, prv->rsa, 8); |
| 451 | #endif | 468 | #endif |
| 469 | if (RSA_blinding_on(prv->rsa, NULL) != 1) { | ||
| 470 | error("key_load_private_pem: RSA_blinding_on failed"); | ||
| 471 | key_free(prv); | ||
| 472 | prv = NULL; | ||
| 473 | } | ||
| 452 | } else if (pk->type == EVP_PKEY_DSA && | 474 | } else if (pk->type == EVP_PKEY_DSA && |
| 453 | (type == KEY_UNSPEC||type==KEY_DSA)) { | 475 | (type == KEY_UNSPEC||type==KEY_DSA)) { |
| 454 | prv = key_new(KEY_UNSPEC); | 476 | prv = key_new(KEY_UNSPEC); |