diff options
author | Leah Neukirchen <leah@vuxu.org> | 2017-09-14 13:29:21 +0200 |
---|---|---|
committer | Leah Neukirchen <leah@vuxu.org> | 2017-09-14 13:29:21 +0200 |
commit | 21aa46256916122007b3db3ebc1096ad34105957 (patch) | |
tree | 6feb7fdbcaa936a5705cedf9b45262a01da55036 /src/usr.bin/signify/signify.c | |
parent | c6fe3a3f95b447a221ba51f9807d796d88a0580d (diff) | |
download | outils-21aa46256916122007b3db3ebc1096ad34105957.tar.gz outils-21aa46256916122007b3db3ebc1096ad34105957.tar.xz outils-21aa46256916122007b3db3ebc1096ad34105957.zip |
cvs update
Diffstat (limited to 'src/usr.bin/signify/signify.c')
-rw-r--r-- | src/usr.bin/signify/signify.c | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/src/usr.bin/signify/signify.c b/src/usr.bin/signify/signify.c index e7af943..3607e2f 100644 --- a/src/usr.bin/signify/signify.c +++ b/src/usr.bin/signify/signify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: signify.c,v 1.127 2017/04/18 02:20:50 deraadt Exp $ */ +/* $OpenBSD: signify.c,v 1.128 2017/07/11 23:27:13 tedu Exp $ */ /* * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org> * @@ -347,11 +347,15 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds, static void check_keyname_compliance(const char *pubkeyfile, const char *seckeyfile) { + const char *pos; size_t len; - len = strlen(pubkeyfile); - if (strlen(seckeyfile) != len) - goto bad; + /* basename may or may not modify input */ + pos = strrchr(seckeyfile, '/'); + if (pos != NULL) + seckeyfile = pos + 1; + + len = strlen(seckeyfile); if (len < 5) /* ?.key */ goto bad; if (strcmp(pubkeyfile + len - 4, ".pub") != 0 || @@ -359,6 +363,18 @@ check_keyname_compliance(const char *pubkeyfile, const char *seckeyfile) goto bad; if (strncmp(pubkeyfile, seckeyfile, len - 4) != 0) goto bad; + if (pubkeyfile != NULL) { + pos = strrchr(pubkeyfile, '/'); + if (pos != NULL) + pubkeyfile = pos + 1; + + if (strlen(pubkeyfile) != len) + goto bad; + if (strcmp(pubkeyfile + len - 4, ".pub") != 0) + goto bad; + if (strncmp(pubkeyfile, seckeyfile, len - 4) != 0) + goto bad; + } return; bad: |