[ssh_x509] Segfault with ECDSA

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Fri Nov 23 22:53:40 EET 2012


OK< that worked.  thanks.

On Fri, Nov 23, 2012 at 10:33:45PM +0200, SSH X509 wrote:
> Test.
> 
> ssh_x509 at roumenpetrov.info wrote:
> >
> >No patch was attached to that email (and I cannot find anything on download
> >page)!
> >
> >Andrew
> 
> Resent after correction in list filters.
> 
> Let me check result.
> 
> Roumen

> From e3d873ecc7274e6cb68ac5e8ce28a207ba29bf50 Mon Sep 17 00:00:00 2001
> From: Roumen Petrov <openssh at roumenpetrov.info>
> Date: Sun, 14 Oct 2012 00:36:22 +0300
> Subject: [PATCH 11/16] engine - do not load certificate if key is not
>  supported
> 
> ---
>  key-eng.c |   10 ++++++----
>  key-eng.h |    3 ++-
>  2 files changed, 8 insertions(+), 5 deletions(-)
> 
> diff --git a/key-eng.c b/key-eng.c
> index a3d2403..2e3e0bf 100644
> --- a/key-eng.c
> +++ b/key-eng.c
> @@ -1,5 +1,5 @@
>  /*
> - * Copyright (c) 2011 Roumen Petrov.  All rights reserved.
> + * Copyright (c) 2011,2012 Roumen Petrov.  All rights reserved.
>   *
>   * Redistribution and use in source and binary forms, with or without
>   * modification, are permitted provided that the following conditions
> @@ -28,11 +28,11 @@
>  #include <string.h>
>  #include <openssl/ui.h>
>  
> -#include "key.h"
>  #include "key-eng.h"
> +#include "ssh-x509.h"
> +#include "misc.h"
>  #include "log.h"
>  #include "xmalloc.h"
> -#include "misc.h"
>  
>  #define USE_SSH_UI_PROMPT
>  
> @@ -205,6 +205,9 @@ eng_try_load_cert(ENGINE *e, const char *keyid, EVP_PKEY *pk, Key *k) {
>  	if (e == NULL)
>  		return;
>  
> +	if ((k->type != KEY_RSA) && (k->type != KEY_DSA))
> +		return;
> +
>  	/* try to load certificate wth with LOAD_CERT_EVP command */
>  	{
>  		struct {
> @@ -240,7 +243,6 @@ eng_try_load_cert(ENGINE *e, const char *keyid, EVP_PKEY *pk, Key *k) {
>  	switch(k->type) {
>  	case KEY_RSA: k->type = KEY_X509_RSA; k->x509 = x509; break;
>  	case KEY_DSA: k->type = KEY_X509_DSA; k->x509 = x509; break;
> -	default: X509_free(x509); break;
>  	}
>  }
>  
> diff --git a/key-eng.h b/key-eng.h
> index 5a50b0f..3f76613 100644
> --- a/key-eng.h
> +++ b/key-eng.h
> @@ -1,7 +1,7 @@
>  #ifndef KEY_ENG_H
>  #define KEY_ENG_H
>  /*
> - * Copyright (c) 2011 Roumen Petrov.  All rights reserved.
> + * Copyright (c) 2011,2012 Roumen Petrov.  All rights reserved.
>   *
>   * Redistribution and use in source and binary forms, with or without
>   * modification, are permitted provided that the following conditions
> @@ -25,6 +25,7 @@
>   */
>  
>  #include "includes.h"
> +#include "key.h"
>  
>  extern void ssh_engines_startup(void);
>  extern void ssh_engines_shutdown(void);
> -- 
> 1.7.4.4
> 

> _______________________________________________
> ssh_x509 mailing list
> ssh_x509 at roumenpetrov.info
> http://roumenpetrov.info/mailman/listinfo/ssh_x509_roumenpetrov.info





More information about the ssh_x509 mailing list