Upgrade to OpenSSH 5.6p1.

This commit is contained in:
Dag-Erling Smørgrav
2010-11-11 11:46:19 +00:00
68 changed files with 3251 additions and 994 deletions
+61 -1
View File
@@ -1,4 +1,4 @@
/* $OpenBSD: authfile.c,v 1.80 2010/03/04 10:36:03 djm Exp $ */
/* $OpenBSD: authfile.c,v 1.82 2010/08/04 05:49:22 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -693,6 +693,66 @@ key_load_public(const char *filename, char **commentp)
return NULL;
}
/* Load the certificate associated with the named private key */
Key *
key_load_cert(const char *filename)
{
Key *pub;
char *file;
pub = key_new(KEY_UNSPEC);
xasprintf(&file, "%s-cert.pub", filename);
if (key_try_load_public(pub, file, NULL) == 1) {
xfree(file);
return pub;
}
xfree(file);
key_free(pub);
return NULL;
}
/* Load private key and certificate */
Key *
key_load_private_cert(int type, const char *filename, const char *passphrase,
int *perm_ok)
{
Key *key, *pub;
switch (type) {
case KEY_RSA:
case KEY_DSA:
break;
default:
error("%s: unsupported key type", __func__);
return NULL;
}
if ((key = key_load_private_type(type, filename,
passphrase, NULL, perm_ok)) == NULL)
return NULL;
if ((pub = key_load_cert(filename)) == NULL) {
key_free(key);
return NULL;
}
/* Make sure the private key matches the certificate */
if (key_equal_public(key, pub) == 0) {
error("%s: certificate does not match private key %s",
__func__, filename);
} else if (key_to_certified(key, key_cert_is_legacy(pub)) != 0) {
error("%s: key_to_certified failed", __func__);
} else {
key_cert_copy(pub, key);
key_free(pub);
return key;
}
key_free(key);
key_free(pub);
return NULL;
}
/*
* Returns 1 if the specified "key" is listed in the file "filename",
* 0 if the key is not listed or -1 on error.