diff options
| -rw-r--r-- | ChangeLog | 8 | ||||
| -rw-r--r-- | authfile.c | 11 | ||||
| -rw-r--r-- | ssh-keygen.c | 6 |
3 files changed, 22 insertions, 3 deletions
| @@ -36,6 +36,12 @@ | |||
| 36 | [sshd.8] | 36 | [sshd.8] |
| 37 | fix invalid .Pf macro usage introduced in previous commit | 37 | fix invalid .Pf macro usage introduced in previous commit |
| 38 | ok jmc@ mouring@ | 38 | ok jmc@ mouring@ |
| 39 | - markus@cvs.openbsd.org 2003/05/11 16:56:48 | ||
| 40 | [authfile.c ssh-keygen.c] | ||
| 41 | change key_load_public to try to read a public from: | ||
| 42 | rsa1 private or rsa1 public and ssh2 keys. | ||
| 43 | this makes ssh-keygen -e fail for ssh1 keys more gracefully | ||
| 44 | for example; report from itojun (netbsd pr 20550). | ||
| 39 | 45 | ||
| 40 | 20030512 | 46 | 20030512 |
| 41 | - (djm) Redhat spec: Don't install profile.d scripts when not | 47 | - (djm) Redhat spec: Don't install profile.d scripts when not |
| @@ -1423,4 +1429,4 @@ | |||
| 1423 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1429 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
| 1424 | ok provos@ | 1430 | ok provos@ |
| 1425 | 1431 | ||
| 1426 | $Id: ChangeLog,v 1.2686 2003/05/14 03:44:58 djm Exp $ | 1432 | $Id: ChangeLog,v 1.2687 2003/05/14 03:45:22 djm Exp $ |
diff --git a/authfile.c b/authfile.c index 90618efde..d563abb71 100644 --- a/authfile.c +++ b/authfile.c | |||
| @@ -36,7 +36,7 @@ | |||
| 36 | */ | 36 | */ |
| 37 | 37 | ||
| 38 | #include "includes.h" | 38 | #include "includes.h" |
| 39 | RCSID("$OpenBSD: authfile.c,v 1.52 2003/03/13 11:42:18 markus Exp $"); | 39 | RCSID("$OpenBSD: authfile.c,v 1.53 2003/05/11 16:56:48 markus Exp $"); |
| 40 | 40 | ||
| 41 | #include <openssl/err.h> | 41 | #include <openssl/err.h> |
| 42 | #include <openssl/evp.h> | 42 | #include <openssl/evp.h> |
| @@ -629,9 +629,18 @@ key_load_public(const char *filename, char **commentp) | |||
| 629 | Key *pub; | 629 | Key *pub; |
| 630 | char file[MAXPATHLEN]; | 630 | char file[MAXPATHLEN]; |
| 631 | 631 | ||
| 632 | /* try rsa1 private key */ | ||
| 632 | pub = key_load_public_type(KEY_RSA1, filename, commentp); | 633 | pub = key_load_public_type(KEY_RSA1, filename, commentp); |
| 633 | if (pub != NULL) | 634 | if (pub != NULL) |
| 634 | return pub; | 635 | return pub; |
| 636 | |||
| 637 | /* try rsa1 public key */ | ||
| 638 | pub = key_new(KEY_RSA1); | ||
| 639 | if (key_try_load_public(pub, filename, commentp) == 1) | ||
| 640 | return pub; | ||
| 641 | key_free(pub); | ||
| 642 | |||
| 643 | /* try ssh2 public key */ | ||
| 635 | pub = key_new(KEY_UNSPEC); | 644 | pub = key_new(KEY_UNSPEC); |
| 636 | if (key_try_load_public(pub, filename, commentp) == 1) | 645 | if (key_try_load_public(pub, filename, commentp) == 1) |
| 637 | return pub; | 646 | return pub; |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 4bd79af6a..1d08c7cec 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
| @@ -12,7 +12,7 @@ | |||
| 12 | */ | 12 | */ |
| 13 | 13 | ||
| 14 | #include "includes.h" | 14 | #include "includes.h" |
| 15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.103 2003/04/08 20:21:29 itojun Exp $"); | 15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.104 2003/05/11 16:56:48 markus Exp $"); |
| 16 | 16 | ||
| 17 | #include <openssl/evp.h> | 17 | #include <openssl/evp.h> |
| 18 | #include <openssl/pem.h> | 18 | #include <openssl/pem.h> |
| @@ -163,6 +163,10 @@ do_convert_to_ssh2(struct passwd *pw) | |||
| 163 | exit(1); | 163 | exit(1); |
| 164 | } | 164 | } |
| 165 | } | 165 | } |
| 166 | if (k->type == KEY_RSA1) { | ||
| 167 | fprintf(stderr, "version 1 keys are not supported\n"); | ||
| 168 | exit(1); | ||
| 169 | } | ||
| 166 | if (key_to_blob(k, &blob, &len) <= 0) { | 170 | if (key_to_blob(k, &blob, &len) <= 0) { |
| 167 | fprintf(stderr, "key_to_blob failed\n"); | 171 | fprintf(stderr, "key_to_blob failed\n"); |
| 168 | exit(1); | 172 | exit(1); |