summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
diff options
context:
space:
mode:
authorjsg@openbsd.org <jsg@openbsd.org>2020-02-26 13:40:09 +0000
committerDamien Miller <djm@mindrot.org>2020-02-28 12:26:28 +1100
commitd5ba1c03278eb079438bb038266d80d7477d49cb (patch)
tree6d8dd2d802af796bcb7c9d6d018196a448bb9ff6 /ssh-keygen.c
parent9e3220b585c5be19a7431ea4ff8884c137b3a81c (diff)
upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r--ssh-keygen.c26
1 files changed, 9 insertions, 17 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 0d6ed1fff..d9c207b42 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.398 2020/02/07 03:27:54 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.399 2020/02/26 13:40:09 jsg Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -327,8 +327,7 @@ load_identity(const char *filename, char **commentp)
327 else 327 else
328 pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN); 328 pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN);
329 r = sshkey_load_private(filename, pass, &prv, commentp); 329 r = sshkey_load_private(filename, pass, &prv, commentp);
330 explicit_bzero(pass, strlen(pass)); 330 freezero(pass, strlen(pass));
331 free(pass);
332 if (r != 0) 331 if (r != 0)
333 fatal("Load key \"%s\": %s", filename, ssh_err(r)); 332 fatal("Load key \"%s\": %s", filename, ssh_err(r));
334 return prv; 333 return prv;
@@ -1424,8 +1423,7 @@ do_change_passphrase(struct passwd *pw)
1424 RP_ALLOW_STDIN); 1423 RP_ALLOW_STDIN);
1425 r = sshkey_load_private(identity_file, old_passphrase, 1424 r = sshkey_load_private(identity_file, old_passphrase,
1426 &private, &comment); 1425 &private, &comment);
1427 explicit_bzero(old_passphrase, strlen(old_passphrase)); 1426 freezero(old_passphrase, strlen(old_passphrase));
1428 free(old_passphrase);
1429 if (r != 0) 1427 if (r != 0)
1430 goto badkey; 1428 goto badkey;
1431 } else if (r != 0) { 1429 } else if (r != 0) {
@@ -1456,8 +1454,7 @@ do_change_passphrase(struct passwd *pw)
1456 exit(1); 1454 exit(1);
1457 } 1455 }
1458 /* Destroy the other copy. */ 1456 /* Destroy the other copy. */
1459 explicit_bzero(passphrase2, strlen(passphrase2)); 1457 freezero(passphrase2, strlen(passphrase2));
1460 free(passphrase2);
1461 } 1458 }
1462 1459
1463 /* Save the file using the new passphrase. */ 1460 /* Save the file using the new passphrase. */
@@ -1465,15 +1462,13 @@ do_change_passphrase(struct passwd *pw)
1465 comment, private_key_format, openssh_format_cipher, rounds)) != 0) { 1462 comment, private_key_format, openssh_format_cipher, rounds)) != 0) {
1466 error("Saving key \"%s\" failed: %s.", 1463 error("Saving key \"%s\" failed: %s.",
1467 identity_file, ssh_err(r)); 1464 identity_file, ssh_err(r));
1468 explicit_bzero(passphrase1, strlen(passphrase1)); 1465 freezero(passphrase1, strlen(passphrase1));
1469 free(passphrase1);
1470 sshkey_free(private); 1466 sshkey_free(private);
1471 free(comment); 1467 free(comment);
1472 exit(1); 1468 exit(1);
1473 } 1469 }
1474 /* Destroy the passphrase and the copy of the key in memory. */ 1470 /* Destroy the passphrase and the copy of the key in memory. */
1475 explicit_bzero(passphrase1, strlen(passphrase1)); 1471 freezero(passphrase1, strlen(passphrase1));
1476 free(passphrase1);
1477 sshkey_free(private); /* Destroys contents */ 1472 sshkey_free(private); /* Destroys contents */
1478 free(comment); 1473 free(comment);
1479 1474
@@ -1543,8 +1538,7 @@ do_change_comment(struct passwd *pw, const char *identity_comment)
1543 /* Try to load using the passphrase. */ 1538 /* Try to load using the passphrase. */
1544 if ((r = sshkey_load_private(identity_file, passphrase, 1539 if ((r = sshkey_load_private(identity_file, passphrase,
1545 &private, &comment)) != 0) { 1540 &private, &comment)) != 0) {
1546 explicit_bzero(passphrase, strlen(passphrase)); 1541 freezero(passphrase, strlen(passphrase));
1547 free(passphrase);
1548 fatal("Cannot load private key \"%s\": %s.", 1542 fatal("Cannot load private key \"%s\": %s.",
1549 identity_file, ssh_err(r)); 1543 identity_file, ssh_err(r));
1550 } 1544 }
@@ -1589,14 +1583,12 @@ do_change_comment(struct passwd *pw, const char *identity_comment)
1589 rounds)) != 0) { 1583 rounds)) != 0) {
1590 error("Saving key \"%s\" failed: %s", 1584 error("Saving key \"%s\" failed: %s",
1591 identity_file, ssh_err(r)); 1585 identity_file, ssh_err(r));
1592 explicit_bzero(passphrase, strlen(passphrase)); 1586 freezero(passphrase, strlen(passphrase));
1593 free(passphrase);
1594 sshkey_free(private); 1587 sshkey_free(private);
1595 free(comment); 1588 free(comment);
1596 exit(1); 1589 exit(1);
1597 } 1590 }
1598 explicit_bzero(passphrase, strlen(passphrase)); 1591 freezero(passphrase, strlen(passphrase));
1599 free(passphrase);
1600 if ((r = sshkey_from_private(private, &public)) != 0) 1592 if ((r = sshkey_from_private(private, &public)) != 0)
1601 fatal("sshkey_from_private failed: %s", ssh_err(r)); 1593 fatal("sshkey_from_private failed: %s", ssh_err(r));
1602 sshkey_free(private); 1594 sshkey_free(private);