| version 1.30, 2001/03/26 23:12:42 |
version 1.31, 2001/04/15 16:58:03 |
|
|
| buffer_free(&buffer); |
buffer_free(&buffer); |
| |
|
| fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
| if (fd < 0) |
if (fd < 0) { |
| |
error("open %s failed: %s.", filename, strerror(errno)); |
| return 0; |
return 0; |
| |
} |
| if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
| buffer_len(&encrypted)) { |
buffer_len(&encrypted)) { |
| debug("Write to key file %.200s failed: %.100s", filename, |
error("write to key file %s failed: %s", filename, |
| strerror(errno)); |
strerror(errno)); |
| buffer_free(&encrypted); |
buffer_free(&encrypted); |
| close(fd); |
close(fd); |
|
|
| EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; |
EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; |
| |
|
| if (len > 0 && len <= 4) { |
if (len > 0 && len <= 4) { |
| error("passphrase too short: %d bytes", len); |
error("passphrase too short: have %d bytes, need > 4", len); |
| errno = 0; |
|
| return 0; |
return 0; |
| } |
} |
| fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
| if (fd < 0) { |
if (fd < 0) { |
| debug("open %s failed", filename); |
error("open %s failed: %s.", filename, strerror(errno)); |
| return 0; |
return 0; |
| } |
} |
| fp = fdopen(fd, "w"); |
fp = fdopen(fd, "w"); |
| if (fp == NULL ) { |
if (fp == NULL ) { |
| debug("fdopen %s failed", filename); |
error("fdopen %s failed: %s.", filename, strerror(errno)); |
| close(fd); |
close(fd); |
| return 0; |
return 0; |
| } |
} |
|
|
| default: |
default: |
| break; |
break; |
| } |
} |
| |
error("key_save_private: cannot save key type %d", key->type); |
| return 0; |
return 0; |
| } |
} |
| |
|
|
|
| |
|
| /* Check that it is at least big enough to contain the ID string. */ |
/* Check that it is at least big enough to contain the ID string. */ |
| if (len < sizeof(authfile_id_string)) { |
if (len < sizeof(authfile_id_string)) { |
| debug3("Bad RSA1 key file %.200s.", filename); |
debug3("No RSA1 key file %.200s.", filename); |
| buffer_free(&buffer); |
buffer_free(&buffer); |
| return NULL; |
return NULL; |
| } |
} |
|
|
| */ |
*/ |
| for (i = 0; i < sizeof(authfile_id_string); i++) |
for (i = 0; i < sizeof(authfile_id_string); i++) |
| if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
| debug3("Bad RSA1 key file %.200s.", filename); |
debug3("No RSA1 key file %.200s.", filename); |
| buffer_free(&buffer); |
buffer_free(&buffer); |
| return NULL; |
return NULL; |
| } |
} |
|
|
| |
|
| /* Check that it is at least big enough to contain the ID string. */ |
/* Check that it is at least big enough to contain the ID string. */ |
| if (len < sizeof(authfile_id_string)) { |
if (len < sizeof(authfile_id_string)) { |
| debug3("Bad RSA1 key file %.200s.", filename); |
debug3("No RSA1 key file %.200s.", filename); |
| buffer_free(&buffer); |
buffer_free(&buffer); |
| close(fd); |
close(fd); |
| return NULL; |
return NULL; |
|
|
| */ |
*/ |
| for (i = 0; i < sizeof(authfile_id_string); i++) |
for (i = 0; i < sizeof(authfile_id_string); i++) |
| if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
if (buffer_get_char(&buffer) != authfile_id_string[i]) { |
| debug3("Bad RSA1 key file %.200s.", filename); |
debug3("No RSA1 key file %.200s.", filename); |
| buffer_free(&buffer); |
buffer_free(&buffer); |
| close(fd); |
close(fd); |
| return NULL; |
return NULL; |
|
|
| |
|
| fp = fdopen(fd, "r"); |
fp = fdopen(fd, "r"); |
| if (fp == NULL) { |
if (fp == NULL) { |
| error("fdopen failed"); |
error("fdopen failed: %s", strerror(errno)); |
| close(fd); |
close(fd); |
| return NULL; |
return NULL; |
| } |
} |
| pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); |
pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); |
| if (pk == NULL) { |
if (pk == NULL) { |
| debug("PEM_read_PrivateKey failed"); |
error("PEM_read_PrivateKey failed"); |
| (void)ERR_get_error(); |
(void)ERR_get_error(); |
| } else if (pk->type == EVP_PKEY_RSA && |
} else if (pk->type == EVP_PKEY_RSA && |
| (type == KEY_UNSPEC||type==KEY_RSA)) { |
(type == KEY_UNSPEC||type==KEY_RSA)) { |
|
|
| if (fd < 0) |
if (fd < 0) |
| return NULL; |
return NULL; |
| if (!key_perm_ok(fd, filename)) { |
if (!key_perm_ok(fd, filename)) { |
| debug("bad permissions: ignore key: %s", filename); |
error("bad permissions: ignore key: %s", filename); |
| close(fd); |
close(fd); |
| return NULL; |
return NULL; |
| } |
} |
|
|
| if (fd < 0) |
if (fd < 0) |
| return NULL; |
return NULL; |
| if (!key_perm_ok(fd, filename)) { |
if (!key_perm_ok(fd, filename)) { |
| debug("bad permissions: ignore key: %s", filename); |
error("bad permissions: ignore key: %s", filename); |
| close(fd); |
close(fd); |
| return NULL; |
return NULL; |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to authfile.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh