In sshkey_in_file(), ignore keys that are considered for being too

short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered to
be "in the file". This allows key revocation lists to contain short
keys without the entire revocation list being considered invalid.

bz#2897; ok dtucker

diff --git a/usr.bin/ssh/authfile.c b/usr.bin/ssh/authfile.c
index 6309e18..3b81fa7 100644 (file)
--- a/usr.bin/ssh/authfile.c
+++ b/usr.bin/ssh/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.130 2018/07/09 21:59:10 markus Exp $ */
+/* $OpenBSD: authfile.c,v 1.131 2018/09/21 12:20:12 djm Exp $ */
 /*
  * Copyright (c) 2000, 2013 Markus Friedl.  All rights reserved.
  *
@@ -454,6 +454,8 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
                return SSH_ERR_SYSTEM_ERROR;
 
        while (getline(&line, &linesize, f) != -1) {
+               sshkey_free(pub);
+               pub = NULL;
                cp = line;
 
                /* Skip leading whitespace. */
@@ -472,16 +474,20 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
                        r = SSH_ERR_ALLOC_FAIL;
                        goto out;
                }
-               if ((r = sshkey_read(pub, &cp)) != 0)
+               switch (r = sshkey_read(pub, &cp)) {
+               case 0:
+                       break;
+               case SSH_ERR_KEY_LENGTH:
+                       continue;
+               default:
                        goto out;
+               }
                if (sshkey_compare(key, pub) ||
                    (check_ca && sshkey_is_cert(key) &&
                    sshkey_compare(key->cert->signature_key, pub))) {
                        r = 0;
                        goto out;
                }
-               sshkey_free(pub);
-               pub = NULL;
        }
        r = SSH_ERR_KEY_NOT_FOUND;
  out: