Check for blacklists in /usr/share/ssh/ as well as /etc/ssh/ (see

#481283).
author: Colin Watson <cjwatson@debian.org> 2008-05-25 19:57:41 +0000
committer: Colin Watson <cjwatson@debian.org> 2008-05-25 19:57:41 +0000
commit: 399dfbc499f54bccb81318cbe86acddcd4bdfeee (patch)
tree: 6cf28410fcfc165af7dc1c0b6700422721dda560 /ssh-vulnkey.c
parent: 56c12903717deaf5eecd4c1b772de1eeb6ec4499 (diff)
1 files changed, 4 insertions, 5 deletions
diff --git a/ssh-vulnkey.c b/ssh-vulnkey.c
index 3c7985448..f78615478 100644
--- a/ssh-vulnkey.c
+++ b/ssh-vulnkey.c
@@ -90,26 +90,25 @@ do_key(const char *filename, u_long linenum,
    const Key *key, const char *comment)
 {
        Key *public;
-        char *blacklist_file;
        struct stat st;
+        int blacklist_status;
        int ret = 1;
        public = key_demote(key);
        if (public->type == KEY_RSA1)
                public->type = KEY_RSA;
-        blacklist_file = blacklist_filename(public);
+        blacklist_status = blacklisted_key(public);
-        if (stat(blacklist_file, &st) < 0)
+        if (blacklist_status == -1)
                describe_key(filename, linenum,
                    "Unknown (no blacklist information)", key, comment);
-        else if (blacklisted_key(public)) {
+        else if (blacklist_status == 1) {
                describe_key(filename, linenum,
                    "COMPROMISED", key, comment);
                ret = 0;
        } else
                describe_key(filename, linenum,
                    "Not blacklisted", key, comment);
-        xfree(blacklist_file);
        key_free(public);
author	Colin Watson <cjwatson@debian.org>	2008-05-25 19:57:41 +0000
committer	Colin Watson <cjwatson@debian.org>	2008-05-25 19:57:41 +0000
commit	399dfbc499f54bccb81318cbe86acddcd4bdfeee (patch)
tree	6cf28410fcfc165af7dc1c0b6700422721dda560 /ssh-vulnkey.c
parent	56c12903717deaf5eecd4c1b772de1eeb6ec4499 (diff)