-/* $OpenBSD: auth-rsa.c,v 1.71 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.73 2008/07/02 12:03:51 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
#include <pwd.h>
#include <stdio.h>
+#include <stdarg.h>
#include <string.h>
#include "xmalloc.h"
if ((challenge = BN_new()) == NULL)
fatal("auth_rsa_generate_challenge: BN_new() failed");
/* Generate a random challenge. */
- BN_rand(challenge, 256, 0, 0);
+ if (BN_rand(challenge, 256, 0, 0) == 0)
+ fatal("auth_rsa_generate_challenge: BN_rand failed");
if ((ctx = BN_CTX_new()) == NULL)
- fatal("auth_rsa_generate_challenge: BN_CTX_new() failed");
- BN_mod(challenge, challenge, key->rsa->n, ctx);
+ fatal("auth_rsa_generate_challenge: BN_CTX_new failed");
+ if (BN_mod(challenge, challenge, key->rsa->n, ctx) == 0)
+ fatal("auth_rsa_generate_challenge: BN_mod failed");
BN_CTX_free(ctx);
return challenge;
u_int bits;
FILE *f;
u_long linenum = 0;
- struct stat st;
Key *key;
/* Temporarily use the user's uid. */
/* The authorized keys. */
file = authorized_keys_file(pw);
debug("trying public RSA key file %s", file);
-
- /* Fail quietly if file does not exist */
- if (stat(file, &st) < 0) {
- /* Restore the privileged uid. */
- restore_uid();
- xfree(file);
- return (0);
- }
- /* Open the file containing the authorized keys. */
- f = fopen(file, "r");
+ f = auth_openkeyfile(file, pw, options.strict_modes);
if (!f) {
- /* Restore the privileged uid. */
- restore_uid();
- xfree(file);
- return (0);
- }
- if (options.strict_modes &&
- secure_filename(f, file, pw, line, sizeof(line)) != 0) {
xfree(file);
- fclose(f);
- logit("Authentication refused: %s", line);
restore_uid();
return (0);
}