pam_mount/pam_mount-0.47-fix-decrypt-key.dif

59 lines
1.4 KiB
Plaintext

--- src/crypto.c
+++ src/crypto.c 2008/09/25 12:40:16
@@ -35,6 +35,7 @@
#include "crypto.h"
#include "misc.h"
#include "pam_mount.h"
+#include <stdio.h>
/* Functions */
#if defined(HAVE_LIBCRYPTO) && defined(HAVE_LIBSSL)
@@ -123,7 +124,7 @@
int decrypted_key(hmc_t **pt_fs_key, const char *fs_key_path,
const char *fs_key_cipher, const char *authtok)
{
- hmc_t *ct_fs_key = NULL, *line = NULL;
+ hmc_t *ct_fs_key = NULL;
int segment_len, pt_fs_key_len, ret = 1;
unsigned char hashed_authtok[EVP_MAX_KEY_LENGTH]; /* hash(system authtok) */
unsigned char iv[EVP_MAX_IV_LENGTH];
@@ -156,10 +157,26 @@
}
ct_fs_key = hmc_minit(NULL, 0);
- while (HX_getl(&line, fs_key_fp) != NULL)
- hmc_memcat(&ct_fs_key, line, hmc_length(line));
- hmc_free(line);
+ while (1)
+ {
+ unsigned char line[EVP_MAX_BLOCK_LENGTH];
+ size_t n = fread(&line, 1, EVP_MAX_BLOCK_LENGTH, fs_key_fp);
+ if (ferror(fs_key_fp))
+ {
+ l0g("failed to read the key(%d)", ferror(fs_key_fp));
+ goto out2;
+ }
+
+ if(n > 0)
+ {
+ hmc_memcat(&ct_fs_key, line, n);
+ }
+
+ if (feof(fs_key_fp))
+ break;
+ }
+
if (hmc_length(ct_fs_key) == 0) {
l0g("failed to read encrypted filesystem key from %s, "
"or file empty.\n", fs_key_path);
@@ -210,7 +227,7 @@
ERR_free_strings();
/* pt_fs_key_len is unsigned */
- assert(ret == 0);
+ assert(ret != 0);
return ret;
}