diff options
Diffstat (limited to 'src/usr.bin/signify/signify.c')
| -rw-r--r-- | src/usr.bin/signify/signify.c | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/src/usr.bin/signify/signify.c b/src/usr.bin/signify/signify.c index e7af943..3607e2f 100644 --- a/src/usr.bin/signify/signify.c +++ b/src/usr.bin/signify/signify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: signify.c,v 1.127 2017/04/18 02:20:50 deraadt Exp $ */ +/* $OpenBSD: signify.c,v 1.128 2017/07/11 23:27:13 tedu Exp $ */ /* * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org> * @@ -347,11 +347,15 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds, static void check_keyname_compliance(const char *pubkeyfile, const char *seckeyfile) { + const char *pos; size_t len; - len = strlen(pubkeyfile); - if (strlen(seckeyfile) != len) - goto bad; + /* basename may or may not modify input */ + pos = strrchr(seckeyfile, '/'); + if (pos != NULL) + seckeyfile = pos + 1; + + len = strlen(seckeyfile); if (len < 5) /* ?.key */ goto bad; if (strcmp(pubkeyfile + len - 4, ".pub") != 0 || @@ -359,6 +363,18 @@ check_keyname_compliance(const char *pubkeyfile, const char *seckeyfile) goto bad; if (strncmp(pubkeyfile, seckeyfile, len - 4) != 0) goto bad; + if (pubkeyfile != NULL) { + pos = strrchr(pubkeyfile, '/'); + if (pos != NULL) + pubkeyfile = pos + 1; + + if (strlen(pubkeyfile) != len) + goto bad; + if (strcmp(pubkeyfile + len - 4, ".pub") != 0) + goto bad; + if (strncmp(pubkeyfile, seckeyfile, len - 4) != 0) + goto bad; + } return; bad: |