version 1.102, 2013/05/10 04:08:01 |
version 1.103, 2013/05/17 00:13:13 |
|
|
buffer_free(&cert->certblob); |
buffer_free(&cert->certblob); |
buffer_free(&cert->critical); |
buffer_free(&cert->critical); |
buffer_free(&cert->extensions); |
buffer_free(&cert->extensions); |
if (cert->key_id != NULL) |
free(cert->key_id); |
xfree(cert->key_id); |
|
for (i = 0; i < cert->nprincipals; i++) |
for (i = 0; i < cert->nprincipals; i++) |
xfree(cert->principals[i]); |
free(cert->principals[i]); |
if (cert->principals != NULL) |
free(cert->principals); |
xfree(cert->principals); |
|
if (cert->signature_key != NULL) |
if (cert->signature_key != NULL) |
key_free(cert->signature_key); |
key_free(cert->signature_key); |
xfree(cert); |
free(cert); |
} |
} |
|
|
void |
void |
|
|
k->cert = NULL; |
k->cert = NULL; |
} |
} |
|
|
xfree(k); |
free(k); |
} |
} |
|
|
static int |
static int |
|
|
EVP_DigestUpdate(&ctx, blob, len); |
EVP_DigestUpdate(&ctx, blob, len); |
EVP_DigestFinal(&ctx, retval, dgst_raw_length); |
EVP_DigestFinal(&ctx, retval, dgst_raw_length); |
memset(blob, 0, len); |
memset(blob, 0, len); |
xfree(blob); |
free(blob); |
} else { |
} else { |
fatal("key_fingerprint_raw: blob is null"); |
fatal("key_fingerprint_raw: blob is null"); |
} |
} |
|
|
break; |
break; |
} |
} |
memset(dgst_raw, 0, dgst_raw_len); |
memset(dgst_raw, 0, dgst_raw_len); |
xfree(dgst_raw); |
free(dgst_raw); |
return retval; |
return retval; |
} |
} |
|
|
|
|
n = uudecode(cp, blob, len); |
n = uudecode(cp, blob, len); |
if (n < 0) { |
if (n < 0) { |
error("key_read: uudecode %s failed", cp); |
error("key_read: uudecode %s failed", cp); |
xfree(blob); |
free(blob); |
return -1; |
return -1; |
} |
} |
k = key_from_blob(blob, (u_int)n); |
k = key_from_blob(blob, (u_int)n); |
xfree(blob); |
free(blob); |
if (k == NULL) { |
if (k == NULL) { |
error("key_read: key_from_blob %s failed", cp); |
error("key_read: key_from_blob %s failed", cp); |
return -1; |
return -1; |
|
|
fprintf(f, "%s %s", key_ssh_name(key), uu); |
fprintf(f, "%s %s", key_ssh_name(key), uu); |
success = 1; |
success = 1; |
} |
} |
xfree(blob); |
free(blob); |
xfree(uu); |
free(uu); |
|
|
return success; |
return success; |
} |
} |
|
|
switch (key_type_from_name(p)) { |
switch (key_type_from_name(p)) { |
case KEY_RSA1: |
case KEY_RSA1: |
case KEY_UNSPEC: |
case KEY_UNSPEC: |
xfree(s); |
free(s); |
return 0; |
return 0; |
} |
} |
} |
} |
debug3("key names ok: [%s]", names); |
debug3("key names ok: [%s]", names); |
xfree(s); |
free(s); |
return 1; |
return 1; |
} |
} |
|
|
|
|
|
|
out: |
out: |
buffer_free(&tmp); |
buffer_free(&tmp); |
if (principals != NULL) |
free(principals); |
xfree(principals); |
free(critical); |
if (critical != NULL) |
free(exts); |
xfree(critical); |
free(sig_key); |
if (exts != NULL) |
free(sig); |
xfree(exts); |
|
if (sig_key != NULL) |
|
xfree(sig_key); |
|
if (sig != NULL) |
|
xfree(sig); |
|
return ret; |
return ret; |
} |
} |
|
|
|
|
if (key != NULL && rlen != 0) |
if (key != NULL && rlen != 0) |
error("key_from_blob: remaining bytes in key blob %d", rlen); |
error("key_from_blob: remaining bytes in key blob %d", rlen); |
out: |
out: |
if (ktype != NULL) |
free(ktype); |
xfree(ktype); |
free(curve); |
if (curve != NULL) |
|
xfree(curve); |
|
if (q != NULL) |
if (q != NULL) |
EC_POINT_free(q); |
EC_POINT_free(q); |
buffer_free(&b); |
buffer_free(&b); |
|
|
default: |
default: |
error("%s: key has incorrect type %s", __func__, key_type(k)); |
error("%s: key has incorrect type %s", __func__, key_type(k)); |
buffer_clear(&k->cert->certblob); |
buffer_clear(&k->cert->certblob); |
xfree(ca_blob); |
free(ca_blob); |
return -1; |
return -1; |
} |
} |
|
|
|
|
|
|
buffer_put_string(&k->cert->certblob, NULL, 0); /* reserved */ |
buffer_put_string(&k->cert->certblob, NULL, 0); /* reserved */ |
buffer_put_string(&k->cert->certblob, ca_blob, ca_len); |
buffer_put_string(&k->cert->certblob, ca_blob, ca_len); |
xfree(ca_blob); |
free(ca_blob); |
|
|
/* Sign the whole mess */ |
/* Sign the whole mess */ |
if (key_sign(ca, &sig_blob, &sig_len, buffer_ptr(&k->cert->certblob), |
if (key_sign(ca, &sig_blob, &sig_len, buffer_ptr(&k->cert->certblob), |
|
|
} |
} |
/* Append signature and we are done */ |
/* Append signature and we are done */ |
buffer_put_string(&k->cert->certblob, sig_blob, sig_len); |
buffer_put_string(&k->cert->certblob, sig_blob, sig_len); |
xfree(sig_blob); |
free(sig_blob); |
|
|
return 0; |
return 0; |
} |
} |