From 232b76f9f8b883db9ff7e7a3a9942ad7a28119e0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 6 May 2006 17:41:51 +1000 Subject: - dtucker@cvs.openbsd.org 2006/04/25 08:02:27 [authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c] Prevent ssh from trying to open private keys with bad permissions more than once or prompting for their passphrases (which it subsequently ignores anyway), similar to a previous change in ssh-add. bz #1186, ok djm@ --- authfile.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'authfile.c') diff --git a/authfile.c b/authfile.c index b95b9470b..b1a28528f 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.66 2006/03/25 13:17:01 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.67 2006/04/25 08:02:27 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -538,7 +538,7 @@ key_perm_ok(int fd, const char *filename) Key * key_load_private_type(int type, const char *filename, const char *passphrase, - char **commentp) + char **commentp, int *perm_ok) { int fd; @@ -546,10 +546,14 @@ key_load_private_type(int type, const char *filename, const char *passphrase, if (fd < 0) return NULL; if (!key_perm_ok(fd, filename)) { + if (perm_ok != NULL) + *perm_ok = 0; error("bad permissions: ignore key: %s", filename); close(fd); return NULL; } + if (perm_ok != NULL) + *perm_ok = 1; switch (type) { case KEY_RSA1: return key_load_private_rsa1(fd, filename, passphrase, -- cgit v1.2.3