diff options
author | des <des@FreeBSD.org> | 2003-04-23 16:53:02 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2003-04-23 16:53:02 +0000 |
commit | 85b37b9574631df0f7e774dda373514195c74b29 (patch) | |
tree | 70033bf9d0551c1f485a8bf5c04d41148812e33a /crypto/openssh/authfile.c | |
parent | 099d1a58f7bc088a9f71af6d32542ca3949468a3 (diff) | |
download | FreeBSD-src-85b37b9574631df0f7e774dda373514195c74b29.zip FreeBSD-src-85b37b9574631df0f7e774dda373514195c74b29.tar.gz |
Vendor import of OpenSSH-portable 3.6.1p1.
Diffstat (limited to 'crypto/openssh/authfile.c')
-rw-r--r-- | crypto/openssh/authfile.c | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/crypto/openssh/authfile.c b/crypto/openssh/authfile.c index 1fa5d81..90618ef 100644 --- a/crypto/openssh/authfile.c +++ b/crypto/openssh/authfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.50 2002/06/24 14:55:38 markus Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.52 2003/03/13 11:42:18 markus Exp $"); #include <openssl/err.h> #include <openssl/evp.h> @@ -232,12 +232,17 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) { Buffer buffer; Key *pub; + struct stat st; char *cp; int i; off_t len; - len = lseek(fd, (off_t) 0, SEEK_END); - lseek(fd, (off_t) 0, SEEK_SET); + if (fstat(fd, &st) < 0) { + error("fstat for key file %.200s failed: %.100s", + filename, strerror(errno)); + return NULL; + } + len = st.st_size; buffer_init(&buffer); cp = buffer_append_space(&buffer, len); @@ -318,9 +323,15 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, CipherContext ciphercontext; Cipher *cipher; Key *prv = NULL; + struct stat st; - len = lseek(fd, (off_t) 0, SEEK_END); - lseek(fd, (off_t) 0, SEEK_SET); + if (fstat(fd, &st) < 0) { + error("fstat for key file %.200s failed: %.100s", + filename, strerror(errno)); + close(fd); + return NULL; + } + len = st.st_size; buffer_init(&buffer); cp = buffer_append_space(&buffer, len); @@ -410,6 +421,12 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, rsa_generate_additional_parameters(prv->rsa); buffer_free(&decrypted); + + /* enable blinding */ + if (RSA_blinding_on(prv->rsa, NULL) != 1) { + error("key_load_private_rsa1: RSA_blinding_on failed"); + goto fail; + } close(fd); return prv; @@ -449,6 +466,11 @@ key_load_private_pem(int fd, int type, const char *passphrase, #ifdef DEBUG_PK RSA_print_fp(stderr, prv->rsa, 8); #endif + if (RSA_blinding_on(prv->rsa, NULL) != 1) { + error("key_load_private_pem: RSA_blinding_on failed"); + key_free(prv); + prv = NULL; + } } else if (pk->type == EVP_PKEY_DSA && (type == KEY_UNSPEC||type==KEY_DSA)) { prv = key_new(KEY_UNSPEC); |