userauth: Provide more informations if ssh pub key extraction fails
If the function that extracts/computes the public key from a private key
fails the errors it reports were masked by the function calling it. This
patch modifies the key extraction function to return errors using
_libssh_error() function. The error messages are tweaked to contain
reference to the failed operaton in addition to the reason.
* AUTHORS: - add my name
* libgcrypt.c: _libssh2_pub_priv_keyfile(): - return a more verbose
error using
_libssh2_error() func.
* openssl.c: - modify call graph of _libssh2_pub_priv_keyfile() to use
_libssh2_error for error reporting();
* userauth.c: - tweak functions calling _libssh2_pub_priv_keyfile() not
to shadow error messages
Этот коммит содержится в:
Peter Krempa
Daniel Stenberg
родитель
b8dd697796
Коммит
209de22299
1
AUTHORS
1
AUTHORS
@ -29,6 +29,7 @@ Mikhail Gusarov
|
||||
Neil Gierman
|
||||
Olivier Hervieu
|
||||
Paul Veldkamp
|
||||
Peter Krempa
|
||||
Peter O'Gorman
|
||||
Peter Stuge
|
||||
Romain Bondue
|
||||
|
||||
@ -581,8 +581,9 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
|
||||
const char *privatekey,
|
||||
const char *passphrase)
|
||||
{
|
||||
return -1; /* not yet supported; interpreted by userauth.c to call
|
||||
libssh2_error */
|
||||
return _libssh_error(session, LIBSSH2_ERROR_FILE,
|
||||
"Unable to extract public key from private key file: "
|
||||
"Method unimplemented in libgcrypt backend");
|
||||
}
|
||||
|
||||
void _libssh2_init_aes_ctr(void)
|
||||
|
||||
@ -666,10 +666,9 @@ gen_publickey_from_rsa_evp(LIBSSH2_SESSION *session,
|
||||
LIBSSH2_FREE(session, method_buf);
|
||||
}
|
||||
|
||||
_libssh2_error(session,
|
||||
LIBSSH2_ERROR_ALLOC,
|
||||
"Unable to allocate memory for private key data");
|
||||
return -1;
|
||||
return _libssh2_error(session,
|
||||
LIBSSH2_ERROR_ALLOC,
|
||||
"Unable to allocate memory for private key data");
|
||||
}
|
||||
|
||||
static int
|
||||
@ -721,10 +720,9 @@ gen_publickey_from_dsa_evp(LIBSSH2_SESSION *session,
|
||||
LIBSSH2_FREE(session, method_buf);
|
||||
}
|
||||
|
||||
_libssh2_error(session,
|
||||
LIBSSH2_ERROR_ALLOC,
|
||||
"Unable to allocate memory for private key data");
|
||||
return -1;
|
||||
return _libssh2_error(session,
|
||||
LIBSSH2_ERROR_ALLOC,
|
||||
"Unable to allocate memory for private key data");
|
||||
}
|
||||
|
||||
int
|
||||
@ -747,10 +745,10 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
|
||||
|
||||
bp = BIO_new_file(privatekey, "r");
|
||||
if (bp == NULL) {
|
||||
_libssh2_error(session,
|
||||
LIBSSH2_ERROR_FILE,
|
||||
"Unable to open private key file");
|
||||
return -1;
|
||||
return _libssh2_error(session,
|
||||
LIBSSH2_ERROR_FILE,
|
||||
"Unable to extract public key from private key "
|
||||
"file: Unable to open private key file");
|
||||
}
|
||||
if (!EVP_get_cipherbyname("des")) {
|
||||
/* If this cipher isn't loaded it's a pretty good indication that none
|
||||
@ -765,11 +763,12 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
|
||||
BIO_free(bp);
|
||||
|
||||
if (pk == NULL) {
|
||||
_libssh2_error(session,
|
||||
LIBSSH2_ERROR_FILE,
|
||||
"Wrong passphrase or invalid/unrecognized "
|
||||
"private key file format");
|
||||
return -1;
|
||||
return _libssh2_error(session,
|
||||
LIBSSH2_ERROR_FILE,
|
||||
"Unable to extract public key "
|
||||
"from private key file: "
|
||||
"Wrong passphrase or invalid/unrecognized "
|
||||
"private key file format");
|
||||
}
|
||||
|
||||
switch (pk->type) {
|
||||
@ -784,10 +783,11 @@ _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
|
||||
break;
|
||||
|
||||
default :
|
||||
st = -1;
|
||||
_libssh2_error(session,
|
||||
LIBSSH2_ERROR_FILE,
|
||||
"Unsupported private key file format");
|
||||
st = _libssh2_error(session,
|
||||
LIBSSH2_ERROR_FILE,
|
||||
"Unable to extract public key "
|
||||
"from private key file: "
|
||||
"Unsupported private key file format");
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
@ -665,14 +665,14 @@ userauth_hostbased_fromfile(LIBSSH2_SESSION *session,
|
||||
}
|
||||
else {
|
||||
/* Compute public key from private key. */
|
||||
if (_libssh2_pub_priv_keyfile(session,
|
||||
&session->userauth_host_method,
|
||||
&session->userauth_host_method_len,
|
||||
&pubkeydata, &pubkeydata_len,
|
||||
privatekey, passphrase))
|
||||
return _libssh2_error(session, LIBSSH2_ERROR_FILE,
|
||||
"Unable to extract public key "
|
||||
"from private key file");
|
||||
rc = _libssh2_pub_priv_keyfile(session,
|
||||
&session->userauth_host_method,
|
||||
&session->userauth_host_method_len,
|
||||
&pubkeydata, &pubkeydata_len,
|
||||
privatekey, passphrase);
|
||||
if (rc)
|
||||
/* libssh2_pub_priv_keyfile calls _libssh2_error() */
|
||||
return rc;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -1237,19 +1237,20 @@ userauth_publickey_fromfile(LIBSSH2_SESSION *session,
|
||||
rc = file_read_publickey(session, &session->userauth_pblc_method,
|
||||
&session->userauth_pblc_method_len,
|
||||
&pubkeydata, &pubkeydata_len,publickey);
|
||||
if(rc)
|
||||
if (rc)
|
||||
return rc;
|
||||
}
|
||||
else {
|
||||
/* Compute public key from private key. */
|
||||
if (_libssh2_pub_priv_keyfile(session,
|
||||
&session->userauth_pblc_method,
|
||||
&session->userauth_pblc_method_len,
|
||||
&pubkeydata, &pubkeydata_len,
|
||||
privatekey, passphrase))
|
||||
return _libssh2_error(session, LIBSSH2_ERROR_FILE,
|
||||
"Unable to extract public key "
|
||||
"from private key file");
|
||||
rc = _libssh2_pub_priv_keyfile(session,
|
||||
&session->userauth_pblc_method,
|
||||
&session->userauth_pblc_method_len,
|
||||
&pubkeydata, &pubkeydata_len,
|
||||
privatekey, passphrase);
|
||||
|
||||
/* _libssh2_pub_priv_keyfile calls _libssh2_error() */
|
||||
if (rc)
|
||||
return rc;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Загрузка…
x
Ссылка в новой задаче
Block a user