diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2001-02-21 09:05:55 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2001-02-21 09:05:55 +0000 |
commit | cd03738b9249776b7eae4fdbadb3613b7743b2db (patch) | |
tree | 6659681378ffa71713ee15d7d6a9b1469d1bf46f /usr.bin/ssh/authfile.c | |
parent | 215b5197db001ea014f782ff1898ccdd38ba421d (diff) |
improve fd handling
Diffstat (limited to 'usr.bin/ssh/authfile.c')
-rw-r--r-- | usr.bin/ssh/authfile.c | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/usr.bin/ssh/authfile.c b/usr.bin/ssh/authfile.c index abc3220b159..461622f6945 100644 --- a/usr.bin/ssh/authfile.c +++ b/usr.bin/ssh/authfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.27 2001/02/08 19:30:51 itojun Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.28 2001/02/21 09:05:54 deraadt Exp $"); #include <openssl/err.h> #include <openssl/evp.h> @@ -336,12 +336,12 @@ load_private_key_rsa1(int fd, const char *filename, close(fd); return 0; } - close(fd); /* Check that it is at least big enough to contain the ID string. */ if (len < sizeof(authfile_id_string)) { debug3("Bad RSA1 key file %.200s.", filename); buffer_free(&buffer); + close(fd); return 0; } /* @@ -352,8 +352,10 @@ load_private_key_rsa1(int fd, const char *filename, if (buffer_get_char(&buffer) != authfile_id_string[i]) { debug3("Bad RSA1 key file %.200s.", filename); buffer_free(&buffer); + close(fd); return 0; } + /* Read cipher type. */ cipher_type = buffer_get_char(&buffer); (void) buffer_get_int(&buffer); /* Reserved data. */ @@ -403,6 +405,7 @@ fail: prv->e = NULL; if (comment_return) xfree(*comment_return); + close(fd); return 0; } /* Read the rest of the private key. */ @@ -431,7 +434,7 @@ fail: BN_CTX_free(ctx); buffer_free(&decrypted); - + close(fd); return 1; } @@ -446,6 +449,7 @@ load_private_key_ssh2(int fd, const char *passphrase, Key *k, char **comment_ret fp = fdopen(fd, "r"); if (fp == NULL) { error("fdopen failed"); + close(fd); return 0; } pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); @@ -512,7 +516,7 @@ load_private_key(const char *filename, const char *passphrase, Key *key, error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("Bad ownership or mode(0%3.3o) for '%s'.", - st.st_mode & 0777, filename); + st.st_mode & 0777, filename); error("It is recommended that your private key files are NOT accessible by others."); return 0; } @@ -527,16 +531,19 @@ load_private_key(const char *filename, const char *passphrase, Key *key, key->rsa->n = NULL; } ret = load_private_key_rsa1(fd, filename, passphrase, - key->rsa, comment_return); + key->rsa, comment_return); /* closes fd */ + break; case KEY_DSA: case KEY_RSA: case KEY_UNSPEC: - ret = load_private_key_ssh2(fd, passphrase, key, comment_return); + ret = load_private_key_ssh2(fd, passphrase, key, + comment_return); /* closes fd */ + break; default: + close(fd); break; } - close(fd); return ret; } |