summaryrefslogtreecommitdiff
path: root/sshsig.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshsig.c')
-rw-r--r--sshsig.c26
1 files changed, 15 insertions, 11 deletions
diff --git a/sshsig.c b/sshsig.c
index e63a36e1e..15f9cead6 100644
--- a/sshsig.c
+++ b/sshsig.c
@@ -209,8 +209,10 @@ sshsig_wrap_sign(struct sshkey *key, const char *hashalg,
209 goto done; 209 goto done;
210 } 210 }
211 211
212 *out = blob; 212 if (out != NULL) {
213 blob = NULL; 213 *out = blob;
214 blob = NULL;
215 }
214 r = 0; 216 r = 0;
215done: 217done:
216 free(sig); 218 free(sig);
@@ -424,7 +426,7 @@ hash_buffer(const struct sshbuf *m, const char *hashalg, struct sshbuf **bp)
424 out: 426 out:
425 sshbuf_free(b); 427 sshbuf_free(b);
426 explicit_bzero(hash, sizeof(hash)); 428 explicit_bzero(hash, sizeof(hash));
427 return 0; 429 return r;
428} 430}
429 431
430int 432int
@@ -552,7 +554,7 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp)
552 sshbuf_free(b); 554 sshbuf_free(b);
553 ssh_digest_free(ctx); 555 ssh_digest_free(ctx);
554 explicit_bzero(hash, sizeof(hash)); 556 explicit_bzero(hash, sizeof(hash));
555 return 0; 557 return r;
556} 558}
557 559
558int 560int
@@ -835,7 +837,7 @@ sshsig_check_allowed_keys(const char *path, const struct sshkey *sign_key,
835 char *line = NULL; 837 char *line = NULL;
836 size_t linesize = 0; 838 size_t linesize = 0;
837 u_long linenum = 0; 839 u_long linenum = 0;
838 int r, oerrno; 840 int r = SSH_ERR_INTERNAL_ERROR, oerrno;
839 841
840 /* Check key and principal against file */ 842 /* Check key and principal against file */
841 if ((f = fopen(path, "r")) == NULL) { 843 if ((f = fopen(path, "r")) == NULL) {
@@ -879,8 +881,10 @@ cert_filter_principals(const char *path, u_long linenum,
879 oprincipals = principals = *principalsp; 881 oprincipals = principals = *principalsp;
880 *principalsp = NULL; 882 *principalsp = NULL;
881 883
882 if ((nprincipals = sshbuf_new()) == NULL) 884 if ((nprincipals = sshbuf_new()) == NULL) {
883 return SSH_ERR_ALLOC_FAIL; 885 r = SSH_ERR_ALLOC_FAIL;
886 goto out;
887 }
884 888
885 while ((cp = strsep(&principals, ",")) != NULL && *cp != '\0') { 889 while ((cp = strsep(&principals, ",")) != NULL && *cp != '\0') {
886 if (strcspn(cp, "!?*") != strlen(cp)) { 890 if (strcspn(cp, "!?*") != strlen(cp)) {
@@ -961,7 +965,7 @@ get_matching_principals_from_line(const char *path, u_long linenum, char *line,
961 goto done; 965 goto done;
962 } 966 }
963 done: 967 done:
964 if (found) { 968 if (found && principalsp != NULL) {
965 *principalsp = principals; 969 *principalsp = principals;
966 principals = NULL; /* transferred */ 970 principals = NULL; /* transferred */
967 } 971 }
@@ -979,7 +983,7 @@ sshsig_find_principals(const char *path, const struct sshkey *sign_key,
979 char *line = NULL; 983 char *line = NULL;
980 size_t linesize = 0; 984 size_t linesize = 0;
981 u_long linenum = 0; 985 u_long linenum = 0;
982 int r, oerrno; 986 int r = SSH_ERR_INTERNAL_ERROR, oerrno;
983 987
984 if ((f = fopen(path, "r")) == NULL) { 988 if ((f = fopen(path, "r")) == NULL) {
985 oerrno = errno; 989 oerrno = errno;
@@ -1024,8 +1028,8 @@ sshsig_get_pubkey(struct sshbuf *signature, struct sshkey **pubkey)
1024 struct sshkey *pk = NULL; 1028 struct sshkey *pk = NULL;
1025 int r = SSH_ERR_SIGNATURE_INVALID; 1029 int r = SSH_ERR_SIGNATURE_INVALID;
1026 1030
1027 if (pubkey != NULL) 1031 if (pubkey == NULL)
1028 *pubkey = NULL; 1032 return SSH_ERR_INTERNAL_ERROR;
1029 if ((r = sshsig_parse_preamble(signature)) != 0) 1033 if ((r = sshsig_parse_preamble(signature)) != 0)
1030 return r; 1034 return r;
1031 if ((r = sshkey_froms(signature, &pk)) != 0) 1035 if ((r = sshkey_froms(signature, &pk)) != 0)
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-19 05:16:02 +0000