diff options
| author | Colin Watson <cjwatson@debian.org> | 2017-10-04 11:23:58 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2017-10-04 11:23:58 +0100 |
| commit | 62f54f20bf351468e0124f63cc2902ee40d9b0e9 (patch) | |
| tree | 3e090f2711b94ca5029d3fa3e8047b1ed1448b1f /hostfile.c | |
| parent | 6fabaf6fd9b07cc8bc6a17c9c4a5b76849cfc874 (diff) | |
| parent | 66bf74a92131b7effe49fb0eefe5225151869dc5 (diff) | |
Import openssh_7.6p1.orig.tar.gz
Diffstat (limited to 'hostfile.c')
| -rw-r--r-- | hostfile.c | 33 |
1 files changed, 4 insertions, 29 deletions
diff --git a/hostfile.c b/hostfile.c index e23faa969..12f174ff9 100644 --- a/hostfile.c +++ b/hostfile.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: hostfile.c,v 1.68 2017/03/10 04:26:06 djm Exp $ */ | 1 | /* $OpenBSD: hostfile.c,v 1.71 2017/05/31 09:15:42 deraadt Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -251,7 +251,7 @@ record_hostkey(struct hostkey_foreach_line *l, void *_ctx) | |||
| 251 | l->marker == MRK_NONE ? "" : | 251 | l->marker == MRK_NONE ? "" : |
| 252 | (l->marker == MRK_CA ? "ca " : "revoked "), | 252 | (l->marker == MRK_CA ? "ca " : "revoked "), |
| 253 | sshkey_type(l->key), l->path, l->linenum); | 253 | sshkey_type(l->key), l->path, l->linenum); |
| 254 | if ((tmp = reallocarray(hostkeys->entries, | 254 | if ((tmp = recallocarray(hostkeys->entries, hostkeys->num_entries, |
| 255 | hostkeys->num_entries + 1, sizeof(*hostkeys->entries))) == NULL) | 255 | hostkeys->num_entries + 1, sizeof(*hostkeys->entries))) == NULL) |
| 256 | return SSH_ERR_ALLOC_FAIL; | 256 | return SSH_ERR_ALLOC_FAIL; |
| 257 | hostkeys->entries = tmp; | 257 | hostkeys->entries = tmp; |
| @@ -346,16 +346,11 @@ check_hostkeys_by_key_or_type(struct hostkeys *hostkeys, | |||
| 346 | HostStatus end_return = HOST_NEW; | 346 | HostStatus end_return = HOST_NEW; |
| 347 | int want_cert = sshkey_is_cert(k); | 347 | int want_cert = sshkey_is_cert(k); |
| 348 | HostkeyMarker want_marker = want_cert ? MRK_CA : MRK_NONE; | 348 | HostkeyMarker want_marker = want_cert ? MRK_CA : MRK_NONE; |
| 349 | int proto = (k ? k->type : keytype) == KEY_RSA1 ? 1 : 2; | ||
| 350 | 349 | ||
| 351 | if (found != NULL) | 350 | if (found != NULL) |
| 352 | *found = NULL; | 351 | *found = NULL; |
| 353 | 352 | ||
| 354 | for (i = 0; i < hostkeys->num_entries; i++) { | 353 | for (i = 0; i < hostkeys->num_entries; i++) { |
| 355 | if (proto == 1 && hostkeys->entries[i].key->type != KEY_RSA1) | ||
| 356 | continue; | ||
| 357 | if (proto == 2 && hostkeys->entries[i].key->type == KEY_RSA1) | ||
| 358 | continue; | ||
| 359 | if (hostkeys->entries[i].marker != want_marker) | 354 | if (hostkeys->entries[i].marker != want_marker) |
| 360 | continue; | 355 | continue; |
| 361 | if (k == NULL) { | 356 | if (k == NULL) { |
| @@ -490,13 +485,6 @@ host_delete(struct hostkey_foreach_line *l, void *_ctx) | |||
| 490 | return 0; | 485 | return 0; |
| 491 | } | 486 | } |
| 492 | 487 | ||
| 493 | /* XXX might need a knob for this later */ | ||
| 494 | /* Don't remove RSA1 keys */ | ||
| 495 | if (l->key->type == KEY_RSA1) { | ||
| 496 | fprintf(ctx->out, "%s\n", l->line); | ||
| 497 | return 0; | ||
| 498 | } | ||
| 499 | |||
| 500 | /* | 488 | /* |
| 501 | * If this line contains one of the keys that we will be | 489 | * If this line contains one of the keys that we will be |
| 502 | * adding later, then don't change it and mark the key for | 490 | * adding later, then don't change it and mark the key for |
| @@ -789,20 +777,7 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx, | |||
| 789 | break; | 777 | break; |
| 790 | } | 778 | } |
| 791 | if (!hostfile_read_key(&cp, &kbits, lineinfo.key)) { | 779 | if (!hostfile_read_key(&cp, &kbits, lineinfo.key)) { |
| 792 | #ifdef WITH_SSH1 | ||
| 793 | sshkey_free(lineinfo.key); | ||
| 794 | lineinfo.key = sshkey_new(KEY_RSA1); | ||
| 795 | if (lineinfo.key == NULL) { | ||
| 796 | error("%s: sshkey_new fail", __func__); | ||
| 797 | r = SSH_ERR_ALLOC_FAIL; | ||
| 798 | break; | ||
| 799 | } | ||
| 800 | if (!hostfile_read_key(&cp, &kbits, | ||
| 801 | lineinfo.key)) | ||
| 802 | goto bad; | ||
| 803 | #else | ||
| 804 | goto bad; | 780 | goto bad; |
| 805 | #endif | ||
| 806 | } | 781 | } |
| 807 | lineinfo.keytype = lineinfo.key->type; | 782 | lineinfo.keytype = lineinfo.key->type; |
| 808 | lineinfo.comment = cp; | 783 | lineinfo.comment = cp; |
| @@ -817,12 +792,12 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx, | |||
| 817 | lineinfo.keytype = sshkey_type_from_name(ktype); | 792 | lineinfo.keytype = sshkey_type_from_name(ktype); |
| 818 | 793 | ||
| 819 | /* | 794 | /* |
| 820 | * Assume RSA1 if the first component is a short | 795 | * Assume legacy RSA1 if the first component is a short |
| 821 | * decimal number. | 796 | * decimal number. |
| 822 | */ | 797 | */ |
| 823 | if (lineinfo.keytype == KEY_UNSPEC && l < 8 && | 798 | if (lineinfo.keytype == KEY_UNSPEC && l < 8 && |
| 824 | strspn(ktype, "0123456789") == l) | 799 | strspn(ktype, "0123456789") == l) |
| 825 | lineinfo.keytype = KEY_RSA1; | 800 | goto bad; |
| 826 | 801 | ||
| 827 | /* | 802 | /* |
| 828 | * Check that something other than whitespace follows | 803 | * Check that something other than whitespace follows |