summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--authfile.c32
-rw-r--r--ssh-keygen.c11
-rw-r--r--sshd.c6
4 files changed, 28 insertions, 26 deletions
diff --git a/ChangeLog b/ChangeLog
index 965096908..9951503b8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,9 @@
6 - markus@cvs.openbsd.org 2001/04/15 08:43:47 6 - markus@cvs.openbsd.org 2001/04/15 08:43:47
7 [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c] 7 [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c]
8 some unused variable and typos; from tomh@po.crl.go.jp 8 some unused variable and typos; from tomh@po.crl.go.jp
9 - markus@cvs.openbsd.org 2001/04/15 16:58:03
10 [authfile.c ssh-keygen.c sshd.c]
11 don't use errno for key_{load,save}_private; discussion w/ solar@openwall
9 - (djm) Convert mandoc manpages to man automatically. Patch from Mark D. 12 - (djm) Convert mandoc manpages to man automatically. Patch from Mark D.
10 Roth <roth+openssh@feep.net> 13 Roth <roth+openssh@feep.net>
11 14
@@ -5093,4 +5096,4 @@
5093 - Wrote replacements for strlcpy and mkdtemp 5096 - Wrote replacements for strlcpy and mkdtemp
5094 - Released 1.0pre1 5097 - Released 1.0pre1
5095 5098
5096$Id: ChangeLog,v 1.1119 2001/04/16 00:41:46 djm Exp $ 5099$Id: ChangeLog,v 1.1120 2001/04/16 02:00:02 mouring Exp $
diff --git a/authfile.c b/authfile.c
index e02b301fd..2e51785a6 100644
--- a/authfile.c
+++ b/authfile.c
@@ -36,7 +36,7 @@
36 */ 36 */
37 37
38#include "includes.h" 38#include "includes.h"
39RCSID("$OpenBSD: authfile.c,v 1.30 2001/03/26 23:12:42 markus Exp $"); 39RCSID("$OpenBSD: authfile.c,v 1.31 2001/04/15 16:58:03 markus Exp $");
40 40
41#include <openssl/err.h> 41#include <openssl/err.h>
42#include <openssl/evp.h> 42#include <openssl/evp.h>
@@ -140,11 +140,13 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
140 buffer_free(&buffer); 140 buffer_free(&buffer);
141 141
142 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); 142 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
143 if (fd < 0) 143 if (fd < 0) {
144 error("open %s failed: %s.", filename, strerror(errno));
144 return 0; 145 return 0;
146 }
145 if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != 147 if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) !=
146 buffer_len(&encrypted)) { 148 buffer_len(&encrypted)) {
147 debug("Write to key file %.200s failed: %.100s", filename, 149 error("write to key file %s failed: %s", filename,
148 strerror(errno)); 150 strerror(errno));
149 buffer_free(&encrypted); 151 buffer_free(&encrypted);
150 close(fd); 152 close(fd);
@@ -169,18 +171,17 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase,
169 EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; 171 EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL;
170 172
171 if (len > 0 && len <= 4) { 173 if (len > 0 && len <= 4) {
172 error("passphrase too short: %d bytes", len); 174 error("passphrase too short: have %d bytes, need > 4", len);
173 errno = 0;
174 return 0; 175 return 0;
175 } 176 }
176 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); 177 fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
177 if (fd < 0) { 178 if (fd < 0) {
178 debug("open %s failed", filename); 179 error("open %s failed: %s.", filename, strerror(errno));
179 return 0; 180 return 0;
180 } 181 }
181 fp = fdopen(fd, "w"); 182 fp = fdopen(fd, "w");
182 if (fp == NULL ) { 183 if (fp == NULL ) {
183 debug("fdopen %s failed", filename); 184 error("fdopen %s failed: %s.", filename, strerror(errno));
184 close(fd); 185 close(fd);
185 return 0; 186 return 0;
186 } 187 }
@@ -215,6 +216,7 @@ key_save_private(Key *key, const char *filename, const char *passphrase,
215 default: 216 default:
216 break; 217 break;
217 } 218 }
219 error("key_save_private: cannot save key type %d", key->type);
218 return 0; 220 return 0;
219} 221}
220 222
@@ -248,7 +250,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp)
248 250
249 /* Check that it is at least big enough to contain the ID string. */ 251 /* Check that it is at least big enough to contain the ID string. */
250 if (len < sizeof(authfile_id_string)) { 252 if (len < sizeof(authfile_id_string)) {
251 debug3("Bad RSA1 key file %.200s.", filename); 253 debug3("No RSA1 key file %.200s.", filename);
252 buffer_free(&buffer); 254 buffer_free(&buffer);
253 return NULL; 255 return NULL;
254 } 256 }
@@ -258,7 +260,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp)
258 */ 260 */
259 for (i = 0; i < sizeof(authfile_id_string); i++) 261 for (i = 0; i < sizeof(authfile_id_string); i++)
260 if (buffer_get_char(&buffer) != authfile_id_string[i]) { 262 if (buffer_get_char(&buffer) != authfile_id_string[i]) {
261 debug3("Bad RSA1 key file %.200s.", filename); 263 debug3("No RSA1 key file %.200s.", filename);
262 buffer_free(&buffer); 264 buffer_free(&buffer);
263 return NULL; 265 return NULL;
264 } 266 }
@@ -334,7 +336,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase,
334 336
335 /* Check that it is at least big enough to contain the ID string. */ 337 /* Check that it is at least big enough to contain the ID string. */
336 if (len < sizeof(authfile_id_string)) { 338 if (len < sizeof(authfile_id_string)) {
337 debug3("Bad RSA1 key file %.200s.", filename); 339 debug3("No RSA1 key file %.200s.", filename);
338 buffer_free(&buffer); 340 buffer_free(&buffer);
339 close(fd); 341 close(fd);
340 return NULL; 342 return NULL;
@@ -345,7 +347,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase,
345 */ 347 */
346 for (i = 0; i < sizeof(authfile_id_string); i++) 348 for (i = 0; i < sizeof(authfile_id_string); i++)
347 if (buffer_get_char(&buffer) != authfile_id_string[i]) { 349 if (buffer_get_char(&buffer) != authfile_id_string[i]) {
348 debug3("Bad RSA1 key file %.200s.", filename); 350 debug3("No RSA1 key file %.200s.", filename);
349 buffer_free(&buffer); 351 buffer_free(&buffer);
350 close(fd); 352 close(fd);
351 return NULL; 353 return NULL;
@@ -439,13 +441,13 @@ key_load_private_pem(int fd, int type, const char *passphrase,
439 441
440 fp = fdopen(fd, "r"); 442 fp = fdopen(fd, "r");
441 if (fp == NULL) { 443 if (fp == NULL) {
442 error("fdopen failed"); 444 error("fdopen failed: %s", strerror(errno));
443 close(fd); 445 close(fd);
444 return NULL; 446 return NULL;
445 } 447 }
446 pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); 448 pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase);
447 if (pk == NULL) { 449 if (pk == NULL) {
448 debug("PEM_read_PrivateKey failed"); 450 error("PEM_read_PrivateKey failed");
449 (void)ERR_get_error(); 451 (void)ERR_get_error();
450 } else if (pk->type == EVP_PKEY_RSA && 452 } else if (pk->type == EVP_PKEY_RSA &&
451 (type == KEY_UNSPEC||type==KEY_RSA)) { 453 (type == KEY_UNSPEC||type==KEY_RSA)) {
@@ -514,7 +516,7 @@ key_load_private_type(int type, const char *filename, const char *passphrase,
514 if (fd < 0) 516 if (fd < 0)
515 return NULL; 517 return NULL;
516 if (!key_perm_ok(fd, filename)) { 518 if (!key_perm_ok(fd, filename)) {
517 debug("bad permissions: ignore key: %s", filename); 519 error("bad permissions: ignore key: %s", filename);
518 close(fd); 520 close(fd);
519 return NULL; 521 return NULL;
520 } 522 }
@@ -548,7 +550,7 @@ key_load_private(const char *filename, const char *passphrase,
548 if (fd < 0) 550 if (fd < 0)
549 return NULL; 551 return NULL;
550 if (!key_perm_ok(fd, filename)) { 552 if (!key_perm_ok(fd, filename)) {
551 debug("bad permissions: ignore key: %s", filename); 553 error("bad permissions: ignore key: %s", filename);
552 close(fd); 554 close(fd);
553 return NULL; 555 return NULL;
554 } 556 }
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 0469ca5b6..d4ba23a4b 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: ssh-keygen.c,v 1.55 2001/04/05 10:42:54 markus Exp $"); 15RCSID("$OpenBSD: ssh-keygen.c,v 1.56 2001/04/15 16:58:03 markus Exp $");
16 16
17#include <openssl/evp.h> 17#include <openssl/evp.h>
18#include <openssl/pem.h> 18#include <openssl/pem.h>
@@ -512,8 +512,7 @@ do_change_passphrase(struct passwd *pw)
512 512
513 /* Save the file using the new passphrase. */ 513 /* Save the file using the new passphrase. */
514 if (!key_save_private(private, identity_file, passphrase1, comment)) { 514 if (!key_save_private(private, identity_file, passphrase1, comment)) {
515 printf("Saving the key failed: %s: %s.\n", 515 printf("Saving the key failed: %s.\n", identity_file);
516 identity_file, strerror(errno));
517 memset(passphrase1, 0, strlen(passphrase1)); 516 memset(passphrase1, 0, strlen(passphrase1));
518 xfree(passphrase1); 517 xfree(passphrase1);
519 key_free(private); 518 key_free(private);
@@ -591,8 +590,7 @@ do_change_comment(struct passwd *pw)
591 590
592 /* Save the file using the new passphrase. */ 591 /* Save the file using the new passphrase. */
593 if (!key_save_private(private, identity_file, passphrase, new_comment)) { 592 if (!key_save_private(private, identity_file, passphrase, new_comment)) {
594 printf("Saving the key failed: %s: %s.\n", 593 printf("Saving the key failed: %s.\n", identity_file);
595 identity_file, strerror(errno));
596 memset(passphrase, 0, strlen(passphrase)); 594 memset(passphrase, 0, strlen(passphrase));
597 xfree(passphrase); 595 xfree(passphrase);
598 key_free(private); 596 key_free(private);
@@ -838,8 +836,7 @@ passphrase_again:
838 836
839 /* Save the key with the given passphrase and comment. */ 837 /* Save the key with the given passphrase and comment. */
840 if (!key_save_private(private, identity_file, passphrase1, comment)) { 838 if (!key_save_private(private, identity_file, passphrase1, comment)) {
841 printf("Saving the key failed: %s: %s.\n", 839 printf("Saving the key failed: %s.\n", identity_file);
842 identity_file, strerror(errno));
843 memset(passphrase1, 0, strlen(passphrase1)); 840 memset(passphrase1, 0, strlen(passphrase1));
844 xfree(passphrase1); 841 xfree(passphrase1);
845 exit(1); 842 exit(1);
diff --git a/sshd.c b/sshd.c
index d2c1cac09..552fa3b27 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
40 */ 40 */
41 41
42#include "includes.h" 42#include "includes.h"
43RCSID("$OpenBSD: sshd.c,v 1.194 2001/04/15 08:43:47 markus Exp $"); 43RCSID("$OpenBSD: sshd.c,v 1.195 2001/04/15 16:58:03 markus Exp $");
44 44
45#include <openssl/dh.h> 45#include <openssl/dh.h>
46#include <openssl/bn.h> 46#include <openssl/bn.h>
@@ -700,8 +700,8 @@ main(int ac, char **av)
700 key = key_load_private(options.host_key_files[i], "", NULL); 700 key = key_load_private(options.host_key_files[i], "", NULL);
701 sensitive_data.host_keys[i] = key; 701 sensitive_data.host_keys[i] = key;
702 if (key == NULL) { 702 if (key == NULL) {
703 error("Could not load host key: %.200s: %.100s", 703 error("Could not load host key: %s",
704 options.host_key_files[i], strerror(errno)); 704 options.host_key_files[i]);
705 sensitive_data.host_keys[i] = NULL; 705 sensitive_data.host_keys[i] = NULL;
706 continue; 706 continue;
707 } 707 }