diff options
-rw-r--r-- | authfile.c | 58 |
1 files changed, 19 insertions, 39 deletions
diff --git a/authfile.c b/authfile.c index 20b66d9bd..953812f4f 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfile.c,v 1.137 2020/01/25 23:02:13 djm Exp $ */ | 1 | /* $OpenBSD: authfile.c,v 1.138 2020/04/08 00:09:24 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -195,17 +195,24 @@ sshkey_load_private(const char *filename, const char *passphrase, | |||
195 | } | 195 | } |
196 | 196 | ||
197 | static int | 197 | static int |
198 | sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp) | 198 | sshkey_try_load_public(struct sshkey **kp, const char *filename, |
199 | char **commentp) | ||
199 | { | 200 | { |
200 | FILE *f; | 201 | FILE *f; |
201 | char *line = NULL, *cp; | 202 | char *line = NULL, *cp; |
202 | size_t linesize = 0; | 203 | size_t linesize = 0; |
203 | int r; | 204 | int r; |
205 | struct sshkey *k = NULL; | ||
204 | 206 | ||
207 | *kp = NULL; | ||
205 | if (commentp != NULL) | 208 | if (commentp != NULL) |
206 | *commentp = NULL; | 209 | *commentp = NULL; |
207 | if ((f = fopen(filename, "r")) == NULL) | 210 | if ((f = fopen(filename, "r")) == NULL) |
208 | return SSH_ERR_SYSTEM_ERROR; | 211 | return SSH_ERR_SYSTEM_ERROR; |
212 | if ((k = sshkey_new(KEY_UNSPEC)) == NULL) { | ||
213 | fclose(f); | ||
214 | return SSH_ERR_ALLOC_FAIL; | ||
215 | } | ||
209 | while (getline(&line, &linesize, f) != -1) { | 216 | while (getline(&line, &linesize, f) != -1) { |
210 | cp = line; | 217 | cp = line; |
211 | switch (*cp) { | 218 | switch (*cp) { |
@@ -230,12 +237,15 @@ sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp) | |||
230 | if (*commentp == NULL) | 237 | if (*commentp == NULL) |
231 | r = SSH_ERR_ALLOC_FAIL; | 238 | r = SSH_ERR_ALLOC_FAIL; |
232 | } | 239 | } |
240 | /* success */ | ||
241 | *kp = k; | ||
233 | free(line); | 242 | free(line); |
234 | fclose(f); | 243 | fclose(f); |
235 | return r; | 244 | return r; |
236 | } | 245 | } |
237 | } | 246 | } |
238 | } | 247 | } |
248 | free(k); | ||
239 | free(line); | 249 | free(line); |
240 | fclose(f); | 250 | fclose(f); |
241 | return SSH_ERR_INVALID_FORMAT; | 251 | return SSH_ERR_INVALID_FORMAT; |
@@ -245,8 +255,7 @@ sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp) | |||
245 | int | 255 | int |
246 | sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) | 256 | sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) |
247 | { | 257 | { |
248 | struct sshkey *pub = NULL; | 258 | char *pubfile = NULL; |
249 | char *file = NULL; | ||
250 | int r; | 259 | int r; |
251 | 260 | ||
252 | if (keyp != NULL) | 261 | if (keyp != NULL) |
@@ -254,35 +263,17 @@ sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) | |||
254 | if (commentp != NULL) | 263 | if (commentp != NULL) |
255 | *commentp = NULL; | 264 | *commentp = NULL; |
256 | 265 | ||
257 | if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) | 266 | if ((r = sshkey_try_load_public(keyp, filename, commentp)) == 0) |
258 | return SSH_ERR_ALLOC_FAIL; | ||
259 | if ((r = sshkey_try_load_public(pub, filename, commentp)) == 0) { | ||
260 | if (keyp != NULL) { | ||
261 | *keyp = pub; | ||
262 | pub = NULL; | ||
263 | } | ||
264 | r = 0; | ||
265 | goto out; | 267 | goto out; |
266 | } | ||
267 | sshkey_free(pub); | ||
268 | 268 | ||
269 | /* try .pub suffix */ | 269 | /* try .pub suffix */ |
270 | if (asprintf(&file, "%s.pub", filename) == -1) | 270 | if (asprintf(&pubfile, "%s.pub", filename) == -1) |
271 | return SSH_ERR_ALLOC_FAIL; | 271 | return SSH_ERR_ALLOC_FAIL; |
272 | if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { | 272 | if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0) |
273 | r = SSH_ERR_ALLOC_FAIL; | ||
274 | goto out; | 273 | goto out; |
275 | } | 274 | |
276 | if ((r = sshkey_try_load_public(pub, file, commentp)) == 0) { | ||
277 | if (keyp != NULL) { | ||
278 | *keyp = pub; | ||
279 | pub = NULL; | ||
280 | } | ||
281 | r = 0; | ||
282 | } | ||
283 | out: | 275 | out: |
284 | free(file); | 276 | free(pubfile); |
285 | sshkey_free(pub); | ||
286 | return r; | 277 | return r; |
287 | } | 278 | } |
288 | 279 | ||
@@ -300,18 +291,7 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp) | |||
300 | if (asprintf(&file, "%s-cert.pub", filename) == -1) | 291 | if (asprintf(&file, "%s-cert.pub", filename) == -1) |
301 | return SSH_ERR_ALLOC_FAIL; | 292 | return SSH_ERR_ALLOC_FAIL; |
302 | 293 | ||
303 | if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { | 294 | r = sshkey_try_load_public(keyp, file, NULL); |
304 | goto out; | ||
305 | } | ||
306 | if ((r = sshkey_try_load_public(pub, file, NULL)) != 0) | ||
307 | goto out; | ||
308 | /* success */ | ||
309 | if (keyp != NULL) { | ||
310 | *keyp = pub; | ||
311 | pub = NULL; | ||
312 | } | ||
313 | r = 0; | ||
314 | out: | ||
315 | free(file); | 295 | free(file); |
316 | sshkey_free(pub); | 296 | sshkey_free(pub); |
317 | return r; | 297 | return r; |