diff options
author | Darren Tucker <dtucker@zip.com.au> | 2006-05-06 17:41:51 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2006-05-06 17:41:51 +1000 |
commit | 232b76f9f8b883db9ff7e7a3a9942ad7a28119e0 (patch) | |
tree | d7570bab5a189d98e81a837116c32197eae94774 /authfile.c | |
parent | d8093e49bf06813a8c97cbc90810f4863388af77 (diff) |
- dtucker@cvs.openbsd.org 2006/04/25 08:02:27
[authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c]
Prevent ssh from trying to open private keys with bad permissions more than
once or prompting for their passphrases (which it subsequently ignores
anyway), similar to a previous change in ssh-add. bz #1186, ok djm@
Diffstat (limited to 'authfile.c')
-rw-r--r-- | authfile.c | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.66 2006/03/25 13:17:01 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.67 2006/04/25 08:02:27 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -538,7 +538,7 @@ key_perm_ok(int fd, const char *filename) Key * key_load_private_type(int type, const char *filename, const char *passphrase, - char **commentp) + char **commentp, int *perm_ok) { int fd; @@ -546,10 +546,14 @@ key_load_private_type(int type, const char *filename, const char *passphrase, if (fd < 0) return NULL; if (!key_perm_ok(fd, filename)) { + if (perm_ok != NULL) + *perm_ok = 0; error("bad permissions: ignore key: %s", filename); close(fd); return NULL; } + if (perm_ok != NULL) + *perm_ok = 1; switch (type) { case KEY_RSA1: return key_load_private_rsa1(fd, filename, passphrase, |