diff options
| author | Hakan Olsson <ho@cvs.openbsd.org> | 2001-08-22 17:24:46 +0000 |
|---|---|---|
| committer | Hakan Olsson <ho@cvs.openbsd.org> | 2001-08-22 17:24:46 +0000 |
| commit | f26bb28b9be469e104faca1d5c2a7b4264f97159 (patch) | |
| tree | cb69e872a1dec33eaef1afdb44c2050fc60fc9ca /sbin/isakmpd/ike_auth.c | |
| parent | cdda8f8970e64e02a7c4a7b17fcfc1f977af2f44 (diff) | |
If we fail to get a key from DNSSEC, RAWKEY can still succeed.
Diffstat (limited to 'sbin/isakmpd/ike_auth.c')
| -rw-r--r-- | sbin/isakmpd/ike_auth.c | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c index 58d0740228b..eb80eca1279 100644 --- a/sbin/isakmpd/ike_auth.c +++ b/sbin/isakmpd/ike_auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_auth.c,v 1.57 2001/08/16 16:51:57 ho Exp $ */ +/* $OpenBSD: ike_auth.c,v 1.58 2001/08/22 17:24:45 ho Exp $ */ /* $EOM: ike_auth.c,v 1.59 2000/11/21 00:21:31 angelos Exp $ */ /* @@ -787,17 +787,15 @@ rsa_sig_decode_hash (struct message *msg) if (!found) { rawkey = dns_get_key (IKE_AUTH_RSA_SIG, msg, &rawkeylen); - if (rawkey) - found++; /* We need to convert 'void *rawkey' into 'RSA *key'. */ - if (dns_RSA_dns_to_x509 (rawkey, rawkeylen, &key) == -1) - { - log_print ("rsa_sig_decode_hash: KEY to RSA key conversion failed"); - free (rawkey); - return -1; - } - free (rawkey); + if (dns_RSA_dns_to_x509 (rawkey, rawkeylen, &key) == 0) + found++; + else + log_print ("rsa_sig_decode_hash: KEY to RSA key conversion failed"); + + if (rawkey) + free (rawkey); } #endif /* USE_DNSSEC */ |