diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-16 02:00:02 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-16 02:00:02 +0000 |
| commit | 15f33866a6fb9e67f2a89f5edc8b8c7635f6d984 (patch) | |
| tree | 71e6283773761cceccd9bca3341348f6a073d333 | |
| parent | 897741eeaa0ebb5e2ce10a6b0ada8f3e55d22777 (diff) | |
- markus@cvs.openbsd.org 2001/04/15 16:58:03
[authfile.c ssh-keygen.c sshd.c]
don't use errno for key_{load,save}_private; discussion w/ solar@openwall
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | authfile.c | 32 | ||||
| -rw-r--r-- | ssh-keygen.c | 11 | ||||
| -rw-r--r-- | sshd.c | 6 |
4 files changed, 28 insertions, 26 deletions
@@ -6,6 +6,9 @@ - markus@cvs.openbsd.org 2001/04/15 08:43:47 [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c] some unused variable and typos; from tomh@po.crl.go.jp + - markus@cvs.openbsd.org 2001/04/15 16:58:03 + [authfile.c ssh-keygen.c sshd.c] + don't use errno for key_{load,save}_private; discussion w/ solar@openwall - (djm) Convert mandoc manpages to man automatically. Patch from Mark D. Roth <roth+openssh@feep.net> @@ -5093,4 +5096,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1119 2001/04/16 00:41:46 djm Exp $ +$Id: ChangeLog,v 1.1120 2001/04/16 02:00:02 mouring Exp $ @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.30 2001/03/26 23:12:42 markus Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.31 2001/04/15 16:58:03 markus Exp $"); #include <openssl/err.h> #include <openssl/evp.h> @@ -140,11 +140,13 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, buffer_free(&buffer); fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); - if (fd < 0) + if (fd < 0) { + error("open %s failed: %s.", filename, strerror(errno)); return 0; + } if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != buffer_len(&encrypted)) { - debug("Write to key file %.200s failed: %.100s", filename, + error("write to key file %s failed: %s", filename, strerror(errno)); buffer_free(&encrypted); close(fd); @@ -169,18 +171,17 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase, EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; if (len > 0 && len <= 4) { - error("passphrase too short: %d bytes", len); - errno = 0; + error("passphrase too short: have %d bytes, need > 4", len); return 0; } fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); if (fd < 0) { - debug("open %s failed", filename); + error("open %s failed: %s.", filename, strerror(errno)); return 0; } fp = fdopen(fd, "w"); if (fp == NULL ) { - debug("fdopen %s failed", filename); + error("fdopen %s failed: %s.", filename, strerror(errno)); close(fd); return 0; } @@ -215,6 +216,7 @@ key_save_private(Key *key, const char *filename, const char *passphrase, default: break; } + error("key_save_private: cannot save key type %d", key->type); return 0; } @@ -248,7 +250,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) /* Check that it is at least big enough to contain the ID string. */ if (len < sizeof(authfile_id_string)) { - debug3("Bad RSA1 key file %.200s.", filename); + debug3("No RSA1 key file %.200s.", filename); buffer_free(&buffer); return NULL; } @@ -258,7 +260,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) */ for (i = 0; i < sizeof(authfile_id_string); i++) if (buffer_get_char(&buffer) != authfile_id_string[i]) { - debug3("Bad RSA1 key file %.200s.", filename); + debug3("No RSA1 key file %.200s.", filename); buffer_free(&buffer); return NULL; } @@ -334,7 +336,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, /* Check that it is at least big enough to contain the ID string. */ if (len < sizeof(authfile_id_string)) { - debug3("Bad RSA1 key file %.200s.", filename); + debug3("No RSA1 key file %.200s.", filename); buffer_free(&buffer); close(fd); return NULL; @@ -345,7 +347,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, */ for (i = 0; i < sizeof(authfile_id_string); i++) if (buffer_get_char(&buffer) != authfile_id_string[i]) { - debug3("Bad RSA1 key file %.200s.", filename); + debug3("No RSA1 key file %.200s.", filename); buffer_free(&buffer); close(fd); return NULL; @@ -439,13 +441,13 @@ key_load_private_pem(int fd, int type, const char *passphrase, fp = fdopen(fd, "r"); if (fp == NULL) { - error("fdopen failed"); + error("fdopen failed: %s", strerror(errno)); close(fd); return NULL; } pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); if (pk == NULL) { - debug("PEM_read_PrivateKey failed"); + error("PEM_read_PrivateKey failed"); (void)ERR_get_error(); } else if (pk->type == EVP_PKEY_RSA && (type == KEY_UNSPEC||type==KEY_RSA)) { @@ -514,7 +516,7 @@ key_load_private_type(int type, const char *filename, const char *passphrase, if (fd < 0) return NULL; if (!key_perm_ok(fd, filename)) { - debug("bad permissions: ignore key: %s", filename); + error("bad permissions: ignore key: %s", filename); close(fd); return NULL; } @@ -548,7 +550,7 @@ key_load_private(const char *filename, const char *passphrase, if (fd < 0) return NULL; if (!key_perm_ok(fd, filename)) { - debug("bad permissions: ignore key: %s", filename); + error("bad permissions: ignore key: %s", filename); close(fd); return NULL; } diff --git a/ssh-keygen.c b/ssh-keygen.c index 0469ca5b..d4ba23a4 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.55 2001/04/05 10:42:54 markus Exp $"); +RCSID("$OpenBSD: ssh-keygen.c,v 1.56 2001/04/15 16:58:03 markus Exp $"); #include <openssl/evp.h> #include <openssl/pem.h> @@ -512,8 +512,7 @@ do_change_passphrase(struct passwd *pw) /* Save the file using the new passphrase. */ if (!key_save_private(private, identity_file, passphrase1, comment)) { - printf("Saving the key failed: %s: %s.\n", - identity_file, strerror(errno)); + printf("Saving the key failed: %s.\n", identity_file); memset(passphrase1, 0, strlen(passphrase1)); xfree(passphrase1); key_free(private); @@ -591,8 +590,7 @@ do_change_comment(struct passwd *pw) /* Save the file using the new passphrase. */ if (!key_save_private(private, identity_file, passphrase, new_comment)) { - printf("Saving the key failed: %s: %s.\n", - identity_file, strerror(errno)); + printf("Saving the key failed: %s.\n", identity_file); memset(passphrase, 0, strlen(passphrase)); xfree(passphrase); key_free(private); @@ -838,8 +836,7 @@ passphrase_again: /* Save the key with the given passphrase and comment. */ if (!key_save_private(private, identity_file, passphrase1, comment)) { - printf("Saving the key failed: %s: %s.\n", - identity_file, strerror(errno)); + printf("Saving the key failed: %s.\n", identity_file); memset(passphrase1, 0, strlen(passphrase1)); xfree(passphrase1); exit(1); @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.194 2001/04/15 08:43:47 markus Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.195 2001/04/15 16:58:03 markus Exp $"); #include <openssl/dh.h> #include <openssl/bn.h> @@ -700,8 +700,8 @@ main(int ac, char **av) key = key_load_private(options.host_key_files[i], "", NULL); sensitive_data.host_keys[i] = key; if (key == NULL) { - error("Could not load host key: %.200s: %.100s", - options.host_key_files[i], strerror(errno)); + error("Could not load host key: %s", + options.host_key_files[i]); sensitive_data.host_keys[i] = NULL; continue; } |