aboutsummaryrefslogtreecommitdiff
path: root/lib/libpam
diff options
context:
space:
mode:
authorDag-Erling Smørgrav <des@FreeBSD.org>2018-09-10 16:20:12 +0000
committerDag-Erling Smørgrav <des@FreeBSD.org>2018-09-10 16:20:12 +0000
commit190cef3d52236565eb22e18b33e9e865ec634aa3 (patch)
treee1c537d439ea51b661a8c4bdc625eb9e1b7e9e1e /lib/libpam
parent90f900fcea568ff88026e6246f9693be3245e957 (diff)
parentd46065df2d60bfbd08939733bd79b2a440d6fbc8 (diff)
downloadsrc-190cef3d52236565eb22e18b33e9e865ec634aa3.tar.gz
src-190cef3d52236565eb22e18b33e9e865ec634aa3.zip
Upgrade to OpenSSH 7.8p1.
Approved by: re (kib@)
Notes
Notes: svn path=/head/; revision=338561
Diffstat (limited to 'lib/libpam')
-rw-r--r--lib/libpam/modules/pam_ssh/pam_ssh.c29
1 files changed, 14 insertions, 15 deletions
diff --git a/lib/libpam/modules/pam_ssh/pam_ssh.c b/lib/libpam/modules/pam_ssh/pam_ssh.c
index 23d18a897cae..9b30ba935a7b 100644
--- a/lib/libpam/modules/pam_ssh/pam_ssh.c
+++ b/lib/libpam/modules/pam_ssh/pam_ssh.c
@@ -60,10 +60,9 @@ __FBSDID("$FreeBSD$");
#include <openssl/evp.h>
#define __bounded__(x, y, z)
-#include "key.h"
-#include "buffer.h"
#include "authfd.h"
#include "authfile.h"
+#include "sshkey.h"
#define ssh_add_identity(auth, key, comment) \
ssh_add_identity_constrained(auth, key, comment, 0, 0, 0)
@@ -71,8 +70,8 @@ __FBSDID("$FreeBSD$");
extern char **environ;
struct pam_ssh_key {
- Key *key;
- char *comment;
+ struct sshkey *key;
+ char *comment;
};
static const char *pam_ssh_prompt = "SSH passphrase: ";
@@ -101,14 +100,14 @@ static struct pam_ssh_key *
pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase,
int nullok)
{
- struct pam_ssh_key *psk;
char fn[PATH_MAX];
+ struct pam_ssh_key *psk;
+ struct sshkey *key;
char *comment;
- Key *key;
+ int ret;
if (snprintf(fn, sizeof(fn), "%s/%s", dir, kfn) > (int)sizeof(fn))
return (NULL);
- comment = NULL;
/*
* If the key is unencrypted, OpenSSL ignores the passphrase, so
* it will seem like the user typed in the right one. This allows
@@ -117,21 +116,21 @@ pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase,
* with an empty passphrase, and if the key is not encrypted,
* accept only an empty passphrase.
*/
- key = key_load_private(fn, "", &comment);
- if (key != NULL && !(*passphrase == '\0' && nullok)) {
- key_free(key);
+ ret = sshkey_load_private(fn, "", &key, &comment);
+ if (ret == 0 && !(*passphrase == '\0' && nullok)) {
+ sshkey_free(key);
return (NULL);
}
- if (key == NULL)
- key = key_load_private(fn, passphrase, &comment);
- if (key == NULL) {
+ if (ret != 0)
+ ret = sshkey_load_private(fn, passphrase, &key, &comment);
+ if (ret != 0) {
openpam_log(PAM_LOG_DEBUG, "failed to load key from %s", fn);
return (NULL);
}
openpam_log(PAM_LOG_DEBUG, "loaded '%s' from %s", comment, fn);
if ((psk = malloc(sizeof(*psk))) == NULL) {
- key_free(key);
+ sshkey_free(key);
free(comment);
return (NULL);
}
@@ -150,7 +149,7 @@ pam_ssh_free_key(pam_handle_t *pamh __unused,
struct pam_ssh_key *psk;
psk = data;
- key_free(psk->key);
+ sshkey_free(psk->key);
free(psk->comment);
free(psk);
}