Bugzilla – Attachment 3183 Details for
Bug 2913
Reading PEM keys might fail if they decrypt to garbage with zero-length passprahse with new OpenSSL 1.1.0i
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed patch
file_2913.txt (text/plain), 1.14 KB, created by
Jakub Jelen
on 2018-10-03 20:31:37 AEST
(
hide
)
Description:
proposed patch
Filename:
MIME Type:
Creator:
Jakub Jelen
Created:
2018-10-03 20:31:37 AEST
Size:
1.14 KB
patch
obsolete
>From 5f8764ec24df1e19ef828ea6ad27ffb8bcdfc5ee Mon Sep 17 00:00:00 2001 >From: Jakub Jelen <jjelen@redhat.com> >Date: Wed, 3 Oct 2018 11:17:38 +0200 >Subject: [PATCH] sshkey: Do not use default passphrase callback > >--- > sshkey.c | 10 ++++++++-- > 1 file changed, 8 insertions(+), 2 deletions(-) > >diff --git a/sshkey.c b/sshkey.c >index 14d4bfd2..ca6ca087 100644 >--- a/sshkey.c >+++ b/sshkey.c >@@ -3914,6 +3914,12 @@ convert_libcrypto_error(void) > return translate_libcrypto_error(ERR_peek_last_error()); > } > >+static int >+sshkey_no_passphrase_callback(char *buf, int size, int rwflag, void *u) >+{ >+ return -1; >+} >+ > static int > sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, > const char *passphrase, struct sshkey **keyp) >@@ -3935,8 +3941,8 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, > } > > clear_libcrypto_errors(); >- if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, >- (char *)passphrase)) == NULL) { >+ if ((pk = PEM_read_bio_PrivateKey(bio, NULL, >+ sshkey_no_passphrase_callback, (char *)passphrase)) == NULL) { > r = convert_libcrypto_error(); > goto out; > } >-- >2.17.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3183">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2913
:
3183
|
3184
|
3190
|
3192