Bugzilla – Attachment 3184 Details for
Bug 2913
Reading PEM keys might fail if they decrypt to garbage with zero-length passprahse with new OpenSSL 1.1.0i
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch v2
file_2913.txt (text/plain), 1.34 KB, created by
Jakub Jelen
on 2018-10-03 21:09:36 AEST
(
hide
)
Description:
patch v2
Filename:
MIME Type:
Creator:
Jakub Jelen
Created:
2018-10-03 21:09:36 AEST
Size:
1.34 KB
patch
obsolete
>From 1ff16fccc49ffde48715752896b1f94a19f341ec Mon Sep 17 00:00:00 2001 >From: Jakub Jelen <jjelen@redhat.com> >Date: Wed, 3 Oct 2018 11:17:38 +0200 >Subject: [PATCH] sshkey: Do not use default passphrase callback > >--- > sshkey.c | 24 ++++++++++++++++++++++-- > 1 file changed, 22 insertions(+), 2 deletions(-) > >diff --git a/sshkey.c b/sshkey.c >index 14d4bfd2..2c7213d4 100644 >--- a/sshkey.c >+++ b/sshkey.c >@@ -3914,6 +3914,26 @@ convert_libcrypto_error(void) > return translate_libcrypto_error(ERR_peek_last_error()); > } > >+static int >+sshkey_passphrase_callback(char *buf, int size, int rwflag, void *u) >+{ >+ char *p = (char *)u; >+ size_t len; >+ >+ if (p == NULL) >+ return -1; >+ >+ len = strlen(p); >+ if (len == 0) >+ return -1; >+ >+ if (len > size) >+ len = size; >+ memcpy(buf, p, len); >+ >+ return len; >+} >+ > static int > sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, > const char *passphrase, struct sshkey **keyp) >@@ -3935,8 +3955,8 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, > } > > clear_libcrypto_errors(); >- if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, >- (char *)passphrase)) == NULL) { >+ if ((pk = PEM_read_bio_PrivateKey(bio, NULL, >+ sshkey_passphrase_callback, (char *)passphrase)) == NULL) { > r = convert_libcrypto_error(); > goto out; > } >-- >2.17.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2913
:
3183
|
3184
|
3190
|
3192