diff options
Diffstat (limited to 'authfile.c')
-rw-r--r-- | authfile.c | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/authfile.c b/authfile.c index e02b301fd..2e51785a6 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -36,7 +36,7 @@ | |||
36 | */ | 36 | */ |
37 | 37 | ||
38 | #include "includes.h" | 38 | #include "includes.h" |
39 | RCSID("$OpenBSD: authfile.c,v 1.30 2001/03/26 23:12:42 markus Exp $"); | 39 | RCSID("$OpenBSD: authfile.c,v 1.31 2001/04/15 16:58:03 markus Exp $"); |
40 | 40 | ||
41 | #include <openssl/err.h> | 41 | #include <openssl/err.h> |
42 | #include <openssl/evp.h> | 42 | #include <openssl/evp.h> |
@@ -140,11 +140,13 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, | |||
140 | buffer_free(&buffer); | 140 | buffer_free(&buffer); |
141 | 141 | ||
142 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); | 142 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
143 | if (fd < 0) | 143 | if (fd < 0) { |
144 | error("open %s failed: %s.", filename, strerror(errno)); | ||
144 | return 0; | 145 | return 0; |
146 | } | ||
145 | if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != | 147 | if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
146 | buffer_len(&encrypted)) { | 148 | buffer_len(&encrypted)) { |
147 | debug("Write to key file %.200s failed: %.100s", filename, | 149 | error("write to key file %s failed: %s", filename, |
148 | strerror(errno)); | 150 | strerror(errno)); |
149 | buffer_free(&encrypted); | 151 | buffer_free(&encrypted); |
150 | close(fd); | 152 | close(fd); |
@@ -169,18 +171,17 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase, | |||
169 | EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; | 171 | EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; |
170 | 172 | ||
171 | if (len > 0 && len <= 4) { | 173 | if (len > 0 && len <= 4) { |
172 | error("passphrase too short: %d bytes", len); | 174 | error("passphrase too short: have %d bytes, need > 4", len); |
173 | errno = 0; | ||
174 | return 0; | 175 | return 0; |
175 | } | 176 | } |
176 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); | 177 | fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
177 | if (fd < 0) { | 178 | if (fd < 0) { |
178 | debug("open %s failed", filename); | 179 | error("open %s failed: %s.", filename, strerror(errno)); |
179 | return 0; | 180 | return 0; |
180 | } | 181 | } |
181 | fp = fdopen(fd, "w"); | 182 | fp = fdopen(fd, "w"); |
182 | if (fp == NULL ) { | 183 | if (fp == NULL ) { |
183 | debug("fdopen %s failed", filename); | 184 | error("fdopen %s failed: %s.", filename, strerror(errno)); |
184 | close(fd); | 185 | close(fd); |
185 | return 0; | 186 | return 0; |
186 | } | 187 | } |
@@ -215,6 +216,7 @@ key_save_private(Key *key, const char *filename, const char *passphrase, | |||
215 | default: | 216 | default: |
216 | break; | 217 | break; |
217 | } | 218 | } |
219 | error("key_save_private: cannot save key type %d", key->type); | ||
218 | return 0; | 220 | return 0; |
219 | } | 221 | } |
220 | 222 | ||
@@ -248,7 +250,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) | |||
248 | 250 | ||
249 | /* Check that it is at least big enough to contain the ID string. */ | 251 | /* Check that it is at least big enough to contain the ID string. */ |
250 | if (len < sizeof(authfile_id_string)) { | 252 | if (len < sizeof(authfile_id_string)) { |
251 | debug3("Bad RSA1 key file %.200s.", filename); | 253 | debug3("No RSA1 key file %.200s.", filename); |
252 | buffer_free(&buffer); | 254 | buffer_free(&buffer); |
253 | return NULL; | 255 | return NULL; |
254 | } | 256 | } |
@@ -258,7 +260,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) | |||
258 | */ | 260 | */ |
259 | for (i = 0; i < sizeof(authfile_id_string); i++) | 261 | for (i = 0; i < sizeof(authfile_id_string); i++) |
260 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { | 262 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
261 | debug3("Bad RSA1 key file %.200s.", filename); | 263 | debug3("No RSA1 key file %.200s.", filename); |
262 | buffer_free(&buffer); | 264 | buffer_free(&buffer); |
263 | return NULL; | 265 | return NULL; |
264 | } | 266 | } |
@@ -334,7 +336,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | |||
334 | 336 | ||
335 | /* Check that it is at least big enough to contain the ID string. */ | 337 | /* Check that it is at least big enough to contain the ID string. */ |
336 | if (len < sizeof(authfile_id_string)) { | 338 | if (len < sizeof(authfile_id_string)) { |
337 | debug3("Bad RSA1 key file %.200s.", filename); | 339 | debug3("No RSA1 key file %.200s.", filename); |
338 | buffer_free(&buffer); | 340 | buffer_free(&buffer); |
339 | close(fd); | 341 | close(fd); |
340 | return NULL; | 342 | return NULL; |
@@ -345,7 +347,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | |||
345 | */ | 347 | */ |
346 | for (i = 0; i < sizeof(authfile_id_string); i++) | 348 | for (i = 0; i < sizeof(authfile_id_string); i++) |
347 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { | 349 | if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
348 | debug3("Bad RSA1 key file %.200s.", filename); | 350 | debug3("No RSA1 key file %.200s.", filename); |
349 | buffer_free(&buffer); | 351 | buffer_free(&buffer); |
350 | close(fd); | 352 | close(fd); |
351 | return NULL; | 353 | return NULL; |
@@ -439,13 +441,13 @@ key_load_private_pem(int fd, int type, const char *passphrase, | |||
439 | 441 | ||
440 | fp = fdopen(fd, "r"); | 442 | fp = fdopen(fd, "r"); |
441 | if (fp == NULL) { | 443 | if (fp == NULL) { |
442 | error("fdopen failed"); | 444 | error("fdopen failed: %s", strerror(errno)); |
443 | close(fd); | 445 | close(fd); |
444 | return NULL; | 446 | return NULL; |
445 | } | 447 | } |
446 | pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); | 448 | pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); |
447 | if (pk == NULL) { | 449 | if (pk == NULL) { |
448 | debug("PEM_read_PrivateKey failed"); | 450 | error("PEM_read_PrivateKey failed"); |
449 | (void)ERR_get_error(); | 451 | (void)ERR_get_error(); |
450 | } else if (pk->type == EVP_PKEY_RSA && | 452 | } else if (pk->type == EVP_PKEY_RSA && |
451 | (type == KEY_UNSPEC||type==KEY_RSA)) { | 453 | (type == KEY_UNSPEC||type==KEY_RSA)) { |
@@ -514,7 +516,7 @@ key_load_private_type(int type, const char *filename, const char *passphrase, | |||
514 | if (fd < 0) | 516 | if (fd < 0) |
515 | return NULL; | 517 | return NULL; |
516 | if (!key_perm_ok(fd, filename)) { | 518 | if (!key_perm_ok(fd, filename)) { |
517 | debug("bad permissions: ignore key: %s", filename); | 519 | error("bad permissions: ignore key: %s", filename); |
518 | close(fd); | 520 | close(fd); |
519 | return NULL; | 521 | return NULL; |
520 | } | 522 | } |
@@ -548,7 +550,7 @@ key_load_private(const char *filename, const char *passphrase, | |||
548 | if (fd < 0) | 550 | if (fd < 0) |
549 | return NULL; | 551 | return NULL; |
550 | if (!key_perm_ok(fd, filename)) { | 552 | if (!key_perm_ok(fd, filename)) { |
551 | debug("bad permissions: ignore key: %s", filename); | 553 | error("bad permissions: ignore key: %s", filename); |
552 | close(fd); | 554 | close(fd); |
553 | return NULL; | 555 | return NULL; |
554 | } | 556 | } |