diff options
Diffstat (limited to 'ssh-keysign.c')
-rw-r--r-- | ssh-keysign.c | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c index d05156005..4172491c2 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keysign.c,v 1.35 2010/08/31 12:33:38 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keysign.c,v 1.36 2011/02/16 00:31:14 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -150,9 +150,10 @@ main(int argc, char **argv) | |||
150 | { | 150 | { |
151 | Buffer b; | 151 | Buffer b; |
152 | Options options; | 152 | Options options; |
153 | Key *keys[2], *key = NULL; | 153 | #define NUM_KEYTYPES 3 |
154 | Key *keys[NUM_KEYTYPES], *key = NULL; | ||
154 | struct passwd *pw; | 155 | struct passwd *pw; |
155 | int key_fd[2], i, found, version = 2, fd; | 156 | int key_fd[NUM_KEYTYPES], i, found, version = 2, fd; |
156 | u_char *signature, *data; | 157 | u_char *signature, *data; |
157 | char *host; | 158 | char *host; |
158 | u_int slen, dlen; | 159 | u_int slen, dlen; |
@@ -165,8 +166,10 @@ main(int argc, char **argv) | |||
165 | if (fd > 2) | 166 | if (fd > 2) |
166 | close(fd); | 167 | close(fd); |
167 | 168 | ||
168 | key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); | 169 | i = 0; |
169 | key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); | 170 | key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); |
171 | key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY); | ||
172 | key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); | ||
170 | 173 | ||
171 | original_real_uid = getuid(); /* XXX readconf.c needs this */ | 174 | original_real_uid = getuid(); /* XXX readconf.c needs this */ |
172 | if ((pw = getpwuid(original_real_uid)) == NULL) | 175 | if ((pw = getpwuid(original_real_uid)) == NULL) |
@@ -191,7 +194,11 @@ main(int argc, char **argv) | |||
191 | fatal("ssh-keysign not enabled in %s", | 194 | fatal("ssh-keysign not enabled in %s", |
192 | _PATH_HOST_CONFIG_FILE); | 195 | _PATH_HOST_CONFIG_FILE); |
193 | 196 | ||
194 | if (key_fd[0] == -1 && key_fd[1] == -1) | 197 | for (i = found = 0; i < NUM_KEYTYPES; i++) { |
198 | if (key_fd[i] != -1) | ||
199 | found = 1; | ||
200 | } | ||
201 | if (found == 0) | ||
195 | fatal("could not open any host key"); | 202 | fatal("could not open any host key"); |
196 | 203 | ||
197 | OpenSSL_add_all_algorithms(); | 204 | OpenSSL_add_all_algorithms(); |
@@ -200,7 +207,7 @@ main(int argc, char **argv) | |||
200 | RAND_seed(rnd, sizeof(rnd)); | 207 | RAND_seed(rnd, sizeof(rnd)); |
201 | 208 | ||
202 | found = 0; | 209 | found = 0; |
203 | for (i = 0; i < 2; i++) { | 210 | for (i = 0; i < NUM_KEYTYPES; i++) { |
204 | keys[i] = NULL; | 211 | keys[i] = NULL; |
205 | if (key_fd[i] == -1) | 212 | if (key_fd[i] == -1) |
206 | continue; | 213 | continue; |
@@ -230,7 +237,7 @@ main(int argc, char **argv) | |||
230 | xfree(host); | 237 | xfree(host); |
231 | 238 | ||
232 | found = 0; | 239 | found = 0; |
233 | for (i = 0; i < 2; i++) { | 240 | for (i = 0; i < NUM_KEYTYPES; i++) { |
234 | if (keys[i] != NULL && | 241 | if (keys[i] != NULL && |
235 | key_equal_public(key, keys[i])) { | 242 | key_equal_public(key, keys[i])) { |
236 | found = 1; | 243 | found = 1; |