diff options
author | markus@openbsd.org <markus@openbsd.org> | 2017-05-30 10:49:32 +0200 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-05-31 02:46:03 +0200 |
commit | afbfa68fa18081ef05a9cd294958509a5d3cda8b (patch) | |
tree | 807b81229a95598958e9c8b7494a130c3dea7b85 /authfile.c | |
parent | upstream commit (diff) | |
download | openssh-afbfa68fa18081ef05a9cd294958509a5d3cda8b.tar.xz openssh-afbfa68fa18081ef05a9cd294958509a5d3cda8b.zip |
upstream commit
revise sshkey_load_public(): remove ssh1 related
comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if
'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@
Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca
Diffstat (limited to 'authfile.c')
-rw-r--r-- | authfile.c | 44 |
1 files changed, 21 insertions, 23 deletions
diff --git a/authfile.c b/authfile.c index d28ae0d38..af4190eeb 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.124 2017/04/30 23:10:43 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.125 2017/05/30 08:49:32 markus Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -316,50 +316,48 @@ sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp) return SSH_ERR_INVALID_FORMAT; } -/* load public key from ssh v1 private or any pubkey file */ +/* load public key from any pubkey file */ int sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp) { struct sshkey *pub = NULL; - char file[PATH_MAX]; - int r, fd; + char *file = NULL; + int r; if (keyp != NULL) *keyp = NULL; if (commentp != NULL) *commentp = NULL; - /* XXX should load file once and attempt to parse each format */ - - if ((fd = open(filename, O_RDONLY)) < 0) - goto skip; - close(fd); - - /* try ssh2 public key */ if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) return SSH_ERR_ALLOC_FAIL; if ((r = sshkey_try_load_public(pub, filename, commentp)) == 0) { - if (keyp != NULL) + if (keyp != NULL) { *keyp = pub; - return 0; + pub = NULL; + } + r = 0; + goto out; } sshkey_free(pub); - - skip: /* try .pub suffix */ - if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) + if (asprintf(&file, "%s.pub", filename) == -1) return SSH_ERR_ALLOC_FAIL; - r = SSH_ERR_ALLOC_FAIL; /* in case strlcpy or strlcat fail */ - if ((strlcpy(file, filename, sizeof file) < sizeof(file)) && - (strlcat(file, ".pub", sizeof file) < sizeof(file)) && - (r = sshkey_try_load_public(pub, file, commentp)) == 0) { - if (keyp != NULL) + if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto out; + } + if ((r = sshkey_try_load_public(pub, file, commentp)) == 0) { + if (keyp != NULL) { *keyp = pub; - return 0; + pub = NULL; + } + r = 0; } + out: + free(file); sshkey_free(pub); - return r; } |