jonathancammack / rpms / openssh

Forked from rpms/openssh 10 months ago
Clone

Blame SOURCES/openssh-7.4p1-canonize-pkcs11-provider.patch

1d31ef
diff --git a/ssh-agent.c b/ssh-agent.c
1d31ef
index 1320cda..2441329 100644
1d31ef
--- a/ssh-agent.c
1d31ef
+++ b/ssh-agent.c
1d31ef
@@ -821,7 +821,7 @@ send:
1d31ef
 static void
1d31ef
 process_remove_smartcard_key(SocketEntry *e)
1d31ef
 {
1d31ef
-	char *provider = NULL, *pin = NULL;
1d31ef
+	char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX];
1d31ef
 	int r, version, success = 0;
1d31ef
 	Identity *id, *nxt;
1d31ef
 	Idtab *tab;
1d31ef
@@ -831,6 +831,13 @@ process_remove_smartcard_key(SocketEntry *e)
1d31ef
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
1d31ef
 	free(pin);
1d31ef
 
1d31ef
+	if (realpath(provider, canonical_provider) == NULL) {
1d31ef
+		verbose("failed PKCS#11 add of \"%.100s\": realpath: %s",
1d31ef
+		    provider, strerror(errno));
1d31ef
+		goto send;
1d31ef
+	}
1d31ef
+
1d31ef
+	debug("%s: remove %.100s", __func__, canonical_provider);
1d31ef
 	for (version = 1; version < 3; version++) {
1d31ef
 		tab = idtab_lookup(version);
1d31ef
 		for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) {
1d31ef
@@ -838,18 +845,19 @@ process_remove_smartcard_key(SocketEntry *e)
1d31ef
 			/* Skip file--based keys */
1d31ef
 			if (id->provider == NULL)
1d31ef
 				continue;
1d31ef
-			if (!strcmp(provider, id->provider)) {
1d31ef
+			if (!strcmp(canonical_provider, id->provider)) {
1d31ef
 				TAILQ_REMOVE(&tab->idlist, id, next);
1d31ef
 				free_identity(id);
1d31ef
 				tab->nentries--;
1d31ef
 			}
1d31ef
 		}
1d31ef
 	}
1d31ef
-	if (pkcs11_del_provider(provider) == 0)
1d31ef
+	if (pkcs11_del_provider(canonical_provider) == 0)
1d31ef
 		success = 1;
1d31ef
 	else
1d31ef
 		error("process_remove_smartcard_key:"
1d31ef
 		    " pkcs11_del_provider failed");
1d31ef
+send:
1d31ef
 	free(provider);
1d31ef
 	send_status(e, success);
1d31ef
 }
1d31ef