summaryrefslogtreecommitdiffstats
path: root/authfile.c
diff options
context:
space:
mode:
authormarkus@openbsd.org <markus@openbsd.org>2017-05-30 10:49:32 +0200
committerDamien Miller <djm@mindrot.org>2017-05-31 02:46:03 +0200
commitafbfa68fa18081ef05a9cd294958509a5d3cda8b (patch)
tree807b81229a95598958e9c8b7494a130c3dea7b85 /authfile.c
parentupstream commit (diff)
downloadopenssh-afbfa68fa18081ef05a9cd294958509a5d3cda8b.tar.xz
openssh-afbfa68fa18081ef05a9cd294958509a5d3cda8b.zip
upstream commit
revise sshkey_load_public(): remove ssh1 related comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if 'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@ Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca
Diffstat (limited to 'authfile.c')
-rw-r--r--authfile.c44
1 files changed, 21 insertions, 23 deletions
diff --git a/authfile.c b/authfile.c
index d28ae0d38..af4190eeb 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.124 2017/04/30 23:10:43 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.125 2017/05/30 08:49:32 markus Exp $ */
/*
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
*
@@ -316,50 +316,48 @@ sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp)
return SSH_ERR_INVALID_FORMAT;
}
-/* load public key from ssh v1 private or any pubkey file */
+/* load public key from any pubkey file */
int
sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
{
struct sshkey *pub = NULL;
- char file[PATH_MAX];
- int r, fd;
+ char *file = NULL;
+ int r;
if (keyp != NULL)
*keyp = NULL;
if (commentp != NULL)
*commentp = NULL;
- /* XXX should load file once and attempt to parse each format */
-
- if ((fd = open(filename, O_RDONLY)) < 0)
- goto skip;
- close(fd);
-
- /* try ssh2 public key */
if ((pub = sshkey_new(KEY_UNSPEC)) == NULL)
return SSH_ERR_ALLOC_FAIL;
if ((r = sshkey_try_load_public(pub, filename, commentp)) == 0) {
- if (keyp != NULL)
+ if (keyp != NULL) {
*keyp = pub;
- return 0;
+ pub = NULL;
+ }
+ r = 0;
+ goto out;
}
sshkey_free(pub);
-
- skip:
/* try .pub suffix */
- if ((pub = sshkey_new(KEY_UNSPEC)) == NULL)
+ if (asprintf(&file, "%s.pub", filename) == -1)
return SSH_ERR_ALLOC_FAIL;
- r = SSH_ERR_ALLOC_FAIL; /* in case strlcpy or strlcat fail */
- if ((strlcpy(file, filename, sizeof file) < sizeof(file)) &&
- (strlcat(file, ".pub", sizeof file) < sizeof(file)) &&
- (r = sshkey_try_load_public(pub, file, commentp)) == 0) {
- if (keyp != NULL)
+ if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) {
+ r = SSH_ERR_ALLOC_FAIL;
+ goto out;
+ }
+ if ((r = sshkey_try_load_public(pub, file, commentp)) == 0) {
+ if (keyp != NULL) {
*keyp = pub;
- return 0;
+ pub = NULL;
+ }
+ r = 0;
}
+ out:
+ free(file);
sshkey_free(pub);
-
return r;
}