Attachment #3428 for bug #3190




int
sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
{
	char *pubfile = NULL, *privcmt = NULL;
	int r, oerrno;
	struct sshkey *privkey;

	if (keyp != NULL)
		*keyp = NULL;

	if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0)
		goto out;

	/* Try to extract public key from private key file */
	if ((r = sshkey_load_pubkey_from_private(filename, keyp)) == 0)
		goto out;

	/*
	 * If all else fails, try to load private key (assuming no passphrase)
	 * and discard private elements.
	 */
	if ((r = sshkey_load_private(filename, "", &privkey, &privcmt)) == 0) {
		if ((r = sshkey_from_private(privkey, keyp)) == 0) {
			if (commentp != NULL)
				*commentp = privccmt;
				privcmt = NULL; /* transferred */
			}
			goto out;
		}
	}

	/* Pretend we couldn't find the key */
	r = SSH_ERR_SYSTEM_ERROR;
	errno = ENOENT;

 out:
	oerrno = errno;
	sshkey_free(privkey);
	free(privcmt);
	free(pubfile);
	errno = oerrno;
	return r;




		    &pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
			do_log2(ll, "Unable to load host key \"%s\": %s",
			    options.host_key_files[i], ssh_err(r));
		if (pubkey == NULL && key != NULL) {
			fatal("loaded private key %s but not public",
			    options.host_key_files[i]);
		}
		if (pubkey != NULL && key != NULL) {
			if (!sshkey_equal(pubkey, key)) {
				error("Public key for %s does not match "

				sshkey_free(pubkey);
				pubkey = NULL;
			}
		}
		if (pubkey == NULL && key != NULL) {
			if ((r = sshkey_from_private(key, &pubkey)) != 0)
				fatal("Could not demote key: \"%s\": %s",
				    options.host_key_files[i], ssh_err(r));
		}
		sensitive_data.host_keys[i] = key;
		sensitive_data.host_pubkeys[i] = pubkey;

Return to bug 3190

Lines 257-264 sshkey_try_load_public(struct sshkey **k Link Here

(-)authfile.c (-2 / +19 lines)
257	int	257	int
258	sshkey_load_public(const char filename, struct sshkey keyp, char *commentp)	258	sshkey_load_public(const char filename, struct sshkey keyp, char *commentp)
259	{	259	{
260	char *pubfile = NULL;	260	char pubfile = NULL, privcmt = NULL;
261	int r, oerrno;	261	int r, oerrno;
		262	struct sshkey *privkey;
262		263
263	if (keyp != NULL)	264	if (keyp != NULL)
264	*keyp = NULL;	265	*keyp = NULL;
Lines 274-289 sshkey_load_public(const char *filename, Link Here
274	if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0)	275	if ((r = sshkey_try_load_public(keyp, pubfile, commentp)) == 0)
275	goto out;	276	goto out;
276		277
277	/* finally, try to extract public key from private key file */	278	/* Try to extract public key from private key file */
278	if ((r = sshkey_load_pubkey_from_private(filename, keyp)) == 0)	279	if ((r = sshkey_load_pubkey_from_private(filename, keyp)) == 0)
279	goto out;	280	goto out;
280		281
		282	/*
		283	* If all else fails, try to load private key (assuming no passphrase)
		284	* and discard private elements.
		285	*/
		286	if ((r = sshkey_load_private(filename, "", &privkey, &privcmt)) == 0) {
		287	if ((r = sshkey_from_private(privkey, keyp)) == 0) {
		288	if (commentp != NULL)
		289	*commentp = privccmt;
		290	privcmt = NULL; /* transferred */
		291	}
		292	goto out;
		293	}
		294	}
		295
281	/* Pretend we couldn't find the key */	296	/* Pretend we couldn't find the key */
282	r = SSH_ERR_SYSTEM_ERROR;	297	r = SSH_ERR_SYSTEM_ERROR;
283	errno = ENOENT;	298	errno = ENOENT;
284		299
285	out:	300	out:
286	oerrno = errno;	301	oerrno = errno;
		302	sshkey_free(privkey);
		303	free(privcmt);
287	free(pubfile);	304	free(pubfile);
288	errno = oerrno;	305	errno = oerrno;
289	return r;	306	return r;

Lines 1727-1732 main(int ac, char **av) Link Here

(-)sshd.c (-5 / +4 lines)
1727	&pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)	1727	&pubkey, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
1728	do_log2(ll, "Unable to load host key \"%s\": %s",	1728	do_log2(ll, "Unable to load host key \"%s\": %s",
1729	options.host_key_files[i], ssh_err(r));	1729	options.host_key_files[i], ssh_err(r));
		1730	if (pubkey == NULL && key != NULL) {
		1731	fatal("loaded private key %s but not public",
		1732	options.host_key_files[i]);
		1733	}
1730	if (pubkey != NULL && key != NULL) {	1734	if (pubkey != NULL && key != NULL) {
1731	if (!sshkey_equal(pubkey, key)) {	1735	if (!sshkey_equal(pubkey, key)) {
1732	error("Public key for %s does not match "	1736	error("Public key for %s does not match "
Lines 1734-1744 main(int ac, char **av) Link Here
1734	sshkey_free(pubkey);	1738	sshkey_free(pubkey);
1735	pubkey = NULL;	1739	pubkey = NULL;
1736	}	1740	}
1737	}
1738	if (pubkey == NULL && key != NULL) {
1739	if ((r = sshkey_from_private(key, &pubkey)) != 0)
1740	fatal("Could not demote key: \"%s\": %s",
1741	options.host_key_files[i], ssh_err(r));
1742	}	1741	}
1743	sensitive_data.host_keys[i] = key;	1742	sensitive_data.host_keys[i] = key;
1744	sensitive_data.host_pubkeys[i] = pubkey;	1743	sensitive_data.host_pubkeys[i] = pubkey;