diff options
| author | krion <krion@FreeBSD.org> | 2006-03-15 01:19:23 +0000 |
|---|---|---|
| committer | krion <krion@FreeBSD.org> | 2006-03-15 01:19:23 +0000 |
| commit | 3cfe57f1122a444de6d426f8209a0b1ffcea34f6 (patch) | |
| tree | 95bb42a296d4ca36af551821632cd943a0af2366 /usr.sbin | |
| parent | 8e7c13433121e3ca9bf5b204dfa2889c2b9f7aaf (diff) | |
| download | FreeBSD-src-3cfe57f1122a444de6d426f8209a0b1ffcea34f6.zip FreeBSD-src-3cfe57f1122a444de6d426f8209a0b1ffcea34f6.tar.gz | |
Close descriptor in retrieve_x509_marker function.
PR: bin/71594
Submitted by: Dan Lukes <dan@obluda.cz>
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/pkg_install/sign/sign.c | 3 | ||||
| -rw-r--r-- | usr.sbin/pkg_install/sign/x509.c | 23 |
2 files changed, 16 insertions, 10 deletions
diff --git a/usr.sbin/pkg_install/sign/sign.c b/usr.sbin/pkg_install/sign/sign.c index 073ffff..33fc351 100644 --- a/usr.sbin/pkg_install/sign/sign.c +++ b/usr.sbin/pkg_install/sign/sign.c @@ -116,6 +116,9 @@ sign(filename, type, userid, envp) case TAG_X509: success = retrieve_x509_marker(filename, &sign, userid); break; + default: + success = 0; + fprintf(stderr, "Unknown type %d\n", type); } if (!success) { diff --git a/usr.sbin/pkg_install/sign/x509.c b/usr.sbin/pkg_install/sign/x509.c index 3fd3b3e..5ecbd7c 100644 --- a/usr.sbin/pkg_install/sign/x509.c +++ b/usr.sbin/pkg_install/sign/x509.c @@ -152,7 +152,8 @@ new_x509_checker(h, sign, userid, envp, filename) break; default: - warnx("Uknown certificate type"); + warnx("Unknown certificate type: %d", EVP_PKEY_type(X509_get_pubkey(x509)->type)); + fclose(fp); return 0; } @@ -234,13 +235,15 @@ x509_sign_ok(arg) break; default: + warnx("Unknown public key type: %d", EVP_PKEY_type(pkey->type)); + md_ctx = NULL; break; } - status = EVP_VerifyFinal(md_ctx, - n->signature->data, - n->signature->length, - pkey); + status = (md_ctx == NULL) ? 0 : EVP_VerifyFinal(md_ctx, + n->signature->data, + n->signature->length, + pkey); EVP_PKEY_free(pkey); X509_free(x509); @@ -291,13 +294,11 @@ retrieve_x509_marker(filename, sign, userid) f = fopen(filename, "r"); if (f == NULL) { - free(n); return 0; } if (gzip_read_header(f, &h, sign) == GZIP_NOT_GZIP) { warnx("File %s is not a gzip file\n", filename); fclose(f); - free(n); return 0; } @@ -314,6 +315,7 @@ retrieve_x509_marker(filename, sign, userid) if (keyf == NULL) { warnx("Cannot open private key %s.", keyfile); + fclose(f); return 0; } @@ -335,16 +337,15 @@ retrieve_x509_marker(filename, sign, userid) { case EVP_PKEY_RSA: md_type = EVP_sha1(); -printf("*** It's an RSA key.\n"); break; case EVP_PKEY_DSA: md_type = EVP_dss1(); -printf("@@@ It's a DSA key, yippee!\n"); break; default: - warnx("Uknown key type"); + warnx("Unknown key type"); + fclose(f); return 0; } @@ -353,6 +354,8 @@ printf("@@@ It's a DSA key, yippee!\n"); while ((length = fread(buffer, 1, sizeof buffer, f)) > 0) EVP_SignUpdate(&md_ctx, buffer, length); + fclose(f); + sig_buf = malloc(sig_len); if (sig_buf == NULL) { warnx("Cannot allocated %u bytes for signature buffer", sig_len); |
