diff options
author | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:31:17 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:31:17 +1000 |
commit | a627d42e51ffa71e014d7b2d2c07118122fd3ec3 (patch) | |
tree | 7bda769de81f509e28d800916fa20abd37906d79 /key.c | |
parent | c7aad0058c957afeb26a3f703e8cb0eddeb62365 (diff) |
- djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
Diffstat (limited to 'key.c')
-rw-r--r-- | key.c | 57 |
1 files changed, 24 insertions, 33 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: key.c,v 1.102 2013/05/10 04:08:01 djm Exp $ */ | 1 | /* $OpenBSD: key.c,v 1.103 2013/05/17 00:13:13 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * read_bignum(): | 3 | * read_bignum(): |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -187,15 +187,13 @@ cert_free(struct KeyCert *cert) | |||
187 | buffer_free(&cert->certblob); | 187 | buffer_free(&cert->certblob); |
188 | buffer_free(&cert->critical); | 188 | buffer_free(&cert->critical); |
189 | buffer_free(&cert->extensions); | 189 | buffer_free(&cert->extensions); |
190 | if (cert->key_id != NULL) | 190 | free(cert->key_id); |
191 | xfree(cert->key_id); | ||
192 | for (i = 0; i < cert->nprincipals; i++) | 191 | for (i = 0; i < cert->nprincipals; i++) |
193 | xfree(cert->principals[i]); | 192 | free(cert->principals[i]); |
194 | if (cert->principals != NULL) | 193 | free(cert->principals); |
195 | xfree(cert->principals); | ||
196 | if (cert->signature_key != NULL) | 194 | if (cert->signature_key != NULL) |
197 | key_free(cert->signature_key); | 195 | key_free(cert->signature_key); |
198 | xfree(cert); | 196 | free(cert); |
199 | } | 197 | } |
200 | 198 | ||
201 | void | 199 | void |
@@ -239,7 +237,7 @@ key_free(Key *k) | |||
239 | k->cert = NULL; | 237 | k->cert = NULL; |
240 | } | 238 | } |
241 | 239 | ||
242 | xfree(k); | 240 | free(k); |
243 | } | 241 | } |
244 | 242 | ||
245 | static int | 243 | static int |
@@ -389,7 +387,7 @@ key_fingerprint_raw(const Key *k, enum fp_type dgst_type, | |||
389 | EVP_DigestUpdate(&ctx, blob, len); | 387 | EVP_DigestUpdate(&ctx, blob, len); |
390 | EVP_DigestFinal(&ctx, retval, dgst_raw_length); | 388 | EVP_DigestFinal(&ctx, retval, dgst_raw_length); |
391 | memset(blob, 0, len); | 389 | memset(blob, 0, len); |
392 | xfree(blob); | 390 | free(blob); |
393 | } else { | 391 | } else { |
394 | fatal("key_fingerprint_raw: blob is null"); | 392 | fatal("key_fingerprint_raw: blob is null"); |
395 | } | 393 | } |
@@ -596,7 +594,7 @@ key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) | |||
596 | break; | 594 | break; |
597 | } | 595 | } |
598 | memset(dgst_raw, 0, dgst_raw_len); | 596 | memset(dgst_raw, 0, dgst_raw_len); |
599 | xfree(dgst_raw); | 597 | free(dgst_raw); |
600 | return retval; | 598 | return retval; |
601 | } | 599 | } |
602 | 600 | ||
@@ -741,11 +739,11 @@ key_read(Key *ret, char **cpp) | |||
741 | n = uudecode(cp, blob, len); | 739 | n = uudecode(cp, blob, len); |
742 | if (n < 0) { | 740 | if (n < 0) { |
743 | error("key_read: uudecode %s failed", cp); | 741 | error("key_read: uudecode %s failed", cp); |
744 | xfree(blob); | 742 | free(blob); |
745 | return -1; | 743 | return -1; |
746 | } | 744 | } |
747 | k = key_from_blob(blob, (u_int)n); | 745 | k = key_from_blob(blob, (u_int)n); |
748 | xfree(blob); | 746 | free(blob); |
749 | if (k == NULL) { | 747 | if (k == NULL) { |
750 | error("key_read: key_from_blob %s failed", cp); | 748 | error("key_read: key_from_blob %s failed", cp); |
751 | return -1; | 749 | return -1; |
@@ -886,8 +884,8 @@ key_write(const Key *key, FILE *f) | |||
886 | fprintf(f, "%s %s", key_ssh_name(key), uu); | 884 | fprintf(f, "%s %s", key_ssh_name(key), uu); |
887 | success = 1; | 885 | success = 1; |
888 | } | 886 | } |
889 | xfree(blob); | 887 | free(blob); |
890 | xfree(uu); | 888 | free(uu); |
891 | 889 | ||
892 | return success; | 890 | return success; |
893 | } | 891 | } |
@@ -1292,12 +1290,12 @@ key_names_valid2(const char *names) | |||
1292 | switch (key_type_from_name(p)) { | 1290 | switch (key_type_from_name(p)) { |
1293 | case KEY_RSA1: | 1291 | case KEY_RSA1: |
1294 | case KEY_UNSPEC: | 1292 | case KEY_UNSPEC: |
1295 | xfree(s); | 1293 | free(s); |
1296 | return 0; | 1294 | return 0; |
1297 | } | 1295 | } |
1298 | } | 1296 | } |
1299 | debug3("key names ok: [%s]", names); | 1297 | debug3("key names ok: [%s]", names); |
1300 | xfree(s); | 1298 | free(s); |
1301 | return 1; | 1299 | return 1; |
1302 | } | 1300 | } |
1303 | 1301 | ||
@@ -1419,16 +1417,11 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen) | |||
1419 | 1417 | ||
1420 | out: | 1418 | out: |
1421 | buffer_free(&tmp); | 1419 | buffer_free(&tmp); |
1422 | if (principals != NULL) | 1420 | free(principals); |
1423 | xfree(principals); | 1421 | free(critical); |
1424 | if (critical != NULL) | 1422 | free(exts); |
1425 | xfree(critical); | 1423 | free(sig_key); |
1426 | if (exts != NULL) | 1424 | free(sig); |
1427 | xfree(exts); | ||
1428 | if (sig_key != NULL) | ||
1429 | xfree(sig_key); | ||
1430 | if (sig != NULL) | ||
1431 | xfree(sig); | ||
1432 | return ret; | 1425 | return ret; |
1433 | } | 1426 | } |
1434 | 1427 | ||
@@ -1548,10 +1541,8 @@ key_from_blob(const u_char *blob, u_int blen) | |||
1548 | if (key != NULL && rlen != 0) | 1541 | if (key != NULL && rlen != 0) |
1549 | error("key_from_blob: remaining bytes in key blob %d", rlen); | 1542 | error("key_from_blob: remaining bytes in key blob %d", rlen); |
1550 | out: | 1543 | out: |
1551 | if (ktype != NULL) | 1544 | free(ktype); |
1552 | xfree(ktype); | 1545 | free(curve); |
1553 | if (curve != NULL) | ||
1554 | xfree(curve); | ||
1555 | #ifdef OPENSSL_HAS_ECC | 1546 | #ifdef OPENSSL_HAS_ECC |
1556 | if (q != NULL) | 1547 | if (q != NULL) |
1557 | EC_POINT_free(q); | 1548 | EC_POINT_free(q); |
@@ -1901,7 +1892,7 @@ key_certify(Key *k, Key *ca) | |||
1901 | default: | 1892 | default: |
1902 | error("%s: key has incorrect type %s", __func__, key_type(k)); | 1893 | error("%s: key has incorrect type %s", __func__, key_type(k)); |
1903 | buffer_clear(&k->cert->certblob); | 1894 | buffer_clear(&k->cert->certblob); |
1904 | xfree(ca_blob); | 1895 | free(ca_blob); |
1905 | return -1; | 1896 | return -1; |
1906 | } | 1897 | } |
1907 | 1898 | ||
@@ -1937,7 +1928,7 @@ key_certify(Key *k, Key *ca) | |||
1937 | 1928 | ||
1938 | buffer_put_string(&k->cert->certblob, NULL, 0); /* reserved */ | 1929 | buffer_put_string(&k->cert->certblob, NULL, 0); /* reserved */ |
1939 | buffer_put_string(&k->cert->certblob, ca_blob, ca_len); | 1930 | buffer_put_string(&k->cert->certblob, ca_blob, ca_len); |
1940 | xfree(ca_blob); | 1931 | free(ca_blob); |
1941 | 1932 | ||
1942 | /* Sign the whole mess */ | 1933 | /* Sign the whole mess */ |
1943 | if (key_sign(ca, &sig_blob, &sig_len, buffer_ptr(&k->cert->certblob), | 1934 | if (key_sign(ca, &sig_blob, &sig_len, buffer_ptr(&k->cert->certblob), |
@@ -1948,7 +1939,7 @@ key_certify(Key *k, Key *ca) | |||
1948 | } | 1939 | } |
1949 | /* Append signature and we are done */ | 1940 | /* Append signature and we are done */ |
1950 | buffer_put_string(&k->cert->certblob, sig_blob, sig_len); | 1941 | buffer_put_string(&k->cert->certblob, sig_blob, sig_len); |
1951 | xfree(sig_blob); | 1942 | free(sig_blob); |
1952 | 1943 | ||
1953 | return 0; | 1944 | return 0; |
1954 | } | 1945 | } |