diff options
author | djm <djm> | 2010-11-04 23:19:49 +0000 |
---|---|---|
committer | djm <djm> | 2010-11-04 23:19:49 +0000 |
commit | ac85e76824b51f6ddb930414c573ca09bb90d185 (patch) | |
tree | b9623ec39695b535063d4d8c73ab1a14effc7439 /ssh-keygen.c | |
parent | b197eeee74a5e667594e88f579ff059c9556e4e7 (diff) | |
download | openssh-ac85e76824b51f6ddb930414c573ca09bb90d185.tar.gz |
- djm@cvs.openbsd.org 2010/10/28 11:22:09
[authfile.c key.c key.h ssh-keygen.c]
fix a possible NULL deref on loading a corrupt ECDH key
store ECDH group information in private keys files as "named groups"
rather than as a set of explicit group parameters (by setting
the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
retrieves the group's OpenSSL NID that we need for various things.
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index bbd434b0..560c4818 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.203 2010/09/02 17:21:50 naddy Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.204 2010/10/28 11:22:09 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -556,8 +556,7 @@ do_convert_from_pkcs8(Key **k, int *private) *k = key_new(KEY_UNSPEC); (*k)->type = KEY_ECDSA; (*k)->ecdsa = EVP_PKEY_get1_EC_KEY(pubkey); - (*k)->ecdsa_nid = key_ecdsa_group_to_nid( - EC_KEY_get0_group((*k)->ecdsa)); + (*k)->ecdsa_nid = key_ecdsa_key_to_nid((*k)->ecdsa); break; #endif default: |