Attachment #661 for bug #884

Lines 40-45 Link Here

(-)openssh-3.8.1p1/auth2-pubkey.c (-2 / +10 lines)
40	#include "auth-options.h"	40	#include "auth-options.h"
41	#include "canohost.h"	41	#include "canohost.h"
42	#include "monitor_wrap.h"	42	#include "monitor_wrap.h"
		43	#include "authfile.h"
43		44
44	/* import */	45	/* import */
45	extern ServerOptions options;	46	extern ServerOptions options;
Lines 167-173 Link Here
167	static int	168	static int
168	user_key_allowed2(struct passwd pw, Key key, char *file)	169	user_key_allowed2(struct passwd pw, Key key, char *file)
169	{	170	{
170	char line[8192];	171	size_t size;
		172	char *line;
171	int found_key = 0;	173	int found_key = 0;
172	FILE *f;	174	FILE *f;
173	u_long linenum = 0;	175	u_long linenum = 0;
Lines 204-210 Link Here
204	found_key = 0;	206	found_key = 0;
205	found = key_new(key->type);	207	found = key_new(key->type);
206		208
207	while (fgets(line, sizeof(line), f)) {	209	size = 4096;
		210	line = xmalloc(size);
		211
		212	while (read_whole_line(&line, &size, f)) {
208	char cp, options = NULL;	213	char cp, options = NULL;
209	linenum++;	214	linenum++;
210	/* Skip leading whitespace, empty and comment lines. */	215	/* Skip leading whitespace, empty and comment lines. */
Lines 245-250 Link Here
245	break;	250	break;
246	}	251	}
247	}	252	}
		253
		254	xfree(line);
		255
248	restore_uid();	256	restore_uid();
249	fclose(f);	257	fclose(f);
250	key_free(found);	258	key_free(found);




	return prv;
}

char *
read_whole_line(char **line, size_t *size, FILE *f)
{
	char *ln = *line;
	size_t i, sz = *size;

	if (!ln) {
		fatal("read_whole_line: NULL pointer given as line argument");
	}

	for (i = 0; ln[sz - 2] = '\0', fgets(ln + i, sz - i, f); i = sz - 1, sz <<= 1) {
		if (ln[sz - 2]) {
			ln = xrealloc(ln, sz << 1);
			continue;
		}

		*line = ln;
		*size = sz;

		return ln;
	}

	return NULL;
}

static int
key_try_load_public(Key *k, const char *filename, char **commentp)
{
	FILE *f;
	size_t size;
	char *line;
	char *cp;

	f = fopen(filename, "r");
	if (f != NULL) {
		size = 4096;
		line = xmalloc(size);

		while (read_whole_line(&line, &size, f)) {
			/* FIXME: is this useful? fgets already stores a '\0'
			 * after the last character in the buffer...
			 */
			line[size-1] = '\0';

			cp = line;
			switch (*cp) {
			case '#':

				if (key_read(k, &cp) == 1) {
					if (commentp)
						*commentp=xstrdup(filename);

					xfree(line);
					fclose(f);
					return 1;
				}
			}
		}

		xfree(line);
		fclose(f);
	}
	return 0;

Lines 15-20 Link Here

(-)openssh-3.8.1p1/authfile.h (+2 lines)
15	#ifndef AUTHFILE_H	15	#ifndef AUTHFILE_H
16	#define AUTHFILE_H	16	#define AUTHFILE_H
17		17
		18	char read_whole_line(char , size_t , FILE *);
		19
18	int key_save_private(Key , const char , const char , const char );	20	int key_save_private(Key , const char , const char , const char );
19	Key key_load_public(const char , char **);	21	Key key_load_public(const char , char **);
20	Key key_load_public_type(int, const char , char **);	22	Key key_load_public_type(int, const char , char **);

Return to bug 884

Lines 588-604 Link Here

(-)openssh-3.8.1p1/authfile.c (-3 / +40 lines)
588	return prv;	588	return prv;
589	}	589	}
590		590
		591	char *
		592	read_whole_line(char *line, size_t size, FILE *f)
		593	{
		594	char ln = line;
		595	size_t i, sz = *size;
		596
		597	if (!ln) {
		598	fatal("read_whole_line: NULL pointer given as line argument");
		599	}
		600
		601	for (i = 0; ln[sz - 2] = '\0', fgets(ln + i, sz - i, f); i = sz - 1, sz <<= 1) {
		602	if (ln[sz - 2]) {
		603	ln = xrealloc(ln, sz << 1);
		604	continue;
		605	}
		606
		607	*line = ln;
		608	*size = sz;
		609
		610	return ln;
		611	}
		612
		613	return NULL;
		614	}
		615
591	static int	616	static int
592	key_try_load_public(Key k, const char filename, char **commentp)	617	key_try_load_public(Key k, const char filename, char **commentp)
593	{	618	{
594	FILE *f;	619	FILE *f;
595	char line[4096];	620	size_t size;
		621	char *line;
596	char *cp;	622	char *cp;
597		623
598	f = fopen(filename, "r");	624	f = fopen(filename, "r");
599	if (f != NULL) {	625	if (f != NULL) {
600	while (fgets(line, sizeof(line), f)) {	626	size = 4096;
601	line[sizeof(line)-1] = '\0';	627	line = xmalloc(size);
		628
		629	while (read_whole_line(&line, &size, f)) {
		630	/* FIXME: is this useful? fgets already stores a '\0'
		631	* after the last character in the buffer...
		632	*/
		633	line[size-1] = '\0';
		634
602	cp = line;	635	cp = line;
603	switch (*cp) {	636	switch (*cp) {
604	case '#':	637	case '#':
Lines 613-623 Link Here
613	if (key_read(k, &cp) == 1) {	646	if (key_read(k, &cp) == 1) {
614	if (commentp)	647	if (commentp)
615	*commentp=xstrdup(filename);	648	*commentp=xstrdup(filename);
		649
		650	xfree(line);
616	fclose(f);	651	fclose(f);
617	return 1;	652	return 1;
618	}	653	}
619	}	654	}
620	}	655	}
		656
		657	xfree(line);
621	fclose(f);	658	fclose(f);
622	}	659	}
623	return 0;	660	return 0;