diff options
Diffstat (limited to 'sshsig.c')
-rw-r--r-- | sshsig.c | 26 |
1 files changed, 15 insertions, 11 deletions
@@ -209,8 +209,10 @@ sshsig_wrap_sign(struct sshkey *key, const char *hashalg, | |||
209 | goto done; | 209 | goto done; |
210 | } | 210 | } |
211 | 211 | ||
212 | *out = blob; | 212 | if (out != NULL) { |
213 | blob = NULL; | 213 | *out = blob; |
214 | blob = NULL; | ||
215 | } | ||
214 | r = 0; | 216 | r = 0; |
215 | done: | 217 | done: |
216 | free(sig); | 218 | free(sig); |
@@ -424,7 +426,7 @@ hash_buffer(const struct sshbuf *m, const char *hashalg, struct sshbuf **bp) | |||
424 | out: | 426 | out: |
425 | sshbuf_free(b); | 427 | sshbuf_free(b); |
426 | explicit_bzero(hash, sizeof(hash)); | 428 | explicit_bzero(hash, sizeof(hash)); |
427 | return 0; | 429 | return r; |
428 | } | 430 | } |
429 | 431 | ||
430 | int | 432 | int |
@@ -552,7 +554,7 @@ hash_file(int fd, const char *hashalg, struct sshbuf **bp) | |||
552 | sshbuf_free(b); | 554 | sshbuf_free(b); |
553 | ssh_digest_free(ctx); | 555 | ssh_digest_free(ctx); |
554 | explicit_bzero(hash, sizeof(hash)); | 556 | explicit_bzero(hash, sizeof(hash)); |
555 | return 0; | 557 | return r; |
556 | } | 558 | } |
557 | 559 | ||
558 | int | 560 | int |
@@ -835,7 +837,7 @@ sshsig_check_allowed_keys(const char *path, const struct sshkey *sign_key, | |||
835 | char *line = NULL; | 837 | char *line = NULL; |
836 | size_t linesize = 0; | 838 | size_t linesize = 0; |
837 | u_long linenum = 0; | 839 | u_long linenum = 0; |
838 | int r, oerrno; | 840 | int r = SSH_ERR_INTERNAL_ERROR, oerrno; |
839 | 841 | ||
840 | /* Check key and principal against file */ | 842 | /* Check key and principal against file */ |
841 | if ((f = fopen(path, "r")) == NULL) { | 843 | if ((f = fopen(path, "r")) == NULL) { |
@@ -879,8 +881,10 @@ cert_filter_principals(const char *path, u_long linenum, | |||
879 | oprincipals = principals = *principalsp; | 881 | oprincipals = principals = *principalsp; |
880 | *principalsp = NULL; | 882 | *principalsp = NULL; |
881 | 883 | ||
882 | if ((nprincipals = sshbuf_new()) == NULL) | 884 | if ((nprincipals = sshbuf_new()) == NULL) { |
883 | return SSH_ERR_ALLOC_FAIL; | 885 | r = SSH_ERR_ALLOC_FAIL; |
886 | goto out; | ||
887 | } | ||
884 | 888 | ||
885 | while ((cp = strsep(&principals, ",")) != NULL && *cp != '\0') { | 889 | while ((cp = strsep(&principals, ",")) != NULL && *cp != '\0') { |
886 | if (strcspn(cp, "!?*") != strlen(cp)) { | 890 | if (strcspn(cp, "!?*") != strlen(cp)) { |
@@ -961,7 +965,7 @@ get_matching_principals_from_line(const char *path, u_long linenum, char *line, | |||
961 | goto done; | 965 | goto done; |
962 | } | 966 | } |
963 | done: | 967 | done: |
964 | if (found) { | 968 | if (found && principalsp != NULL) { |
965 | *principalsp = principals; | 969 | *principalsp = principals; |
966 | principals = NULL; /* transferred */ | 970 | principals = NULL; /* transferred */ |
967 | } | 971 | } |
@@ -979,7 +983,7 @@ sshsig_find_principals(const char *path, const struct sshkey *sign_key, | |||
979 | char *line = NULL; | 983 | char *line = NULL; |
980 | size_t linesize = 0; | 984 | size_t linesize = 0; |
981 | u_long linenum = 0; | 985 | u_long linenum = 0; |
982 | int r, oerrno; | 986 | int r = SSH_ERR_INTERNAL_ERROR, oerrno; |
983 | 987 | ||
984 | if ((f = fopen(path, "r")) == NULL) { | 988 | if ((f = fopen(path, "r")) == NULL) { |
985 | oerrno = errno; | 989 | oerrno = errno; |
@@ -1024,8 +1028,8 @@ sshsig_get_pubkey(struct sshbuf *signature, struct sshkey **pubkey) | |||
1024 | struct sshkey *pk = NULL; | 1028 | struct sshkey *pk = NULL; |
1025 | int r = SSH_ERR_SIGNATURE_INVALID; | 1029 | int r = SSH_ERR_SIGNATURE_INVALID; |
1026 | 1030 | ||
1027 | if (pubkey != NULL) | 1031 | if (pubkey == NULL) |
1028 | *pubkey = NULL; | 1032 | return SSH_ERR_INTERNAL_ERROR; |
1029 | if ((r = sshsig_parse_preamble(signature)) != 0) | 1033 | if ((r = sshsig_parse_preamble(signature)) != 0) |
1030 | return r; | 1034 | return r; |
1031 | if ((r = sshkey_froms(signature, &pk)) != 0) | 1035 | if ((r = sshkey_froms(signature, &pk)) != 0) |