The error handling here is a bit fragile: we rely on not having set
`ok' inappropriately. Indeed actually we *do* set `ok'
inappropriately if we lack defhash, but in that case we set sigpriv to
0 so do return 0 as needed. So we are fixing a latent bug.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
slilog(log,M_ERR,"failed to open private key file %s",
path);
}
slilog(log,M_ERR,"failed to open private key file %s",
path);
}
if (ferror(f)) {
slilog(log,M_ERR,"failed to read private-key file %s",
path);
if (ferror(f)) {
slilog(log,M_ERR,"failed to read private-key file %s",
path);
}
if (!feof(f)) {
slilog(log,M_ERR,"private key file %s longer than max %d",
path, (int)databuf->alloclen);
}
if (!feof(f)) {
slilog(log,M_ERR,"private key file %s longer than max %d",
path, (int)databuf->alloclen);
databuf->size=got;
struct cloc loc = { .file=path, .line=0 };
ok=scheme->loadpriv(scheme, databuf, &sigpriv, log, loc);
databuf->size=got;
struct cloc loc = { .file=path, .line=0 };
ok=scheme->loadpriv(scheme, databuf, &sigpriv, log, loc);
- if (!ok) goto out; /* loadpriv will have logged */
+ if (!ok) goto error_out; /* loadpriv will have logged */
if (sigpriv->sethash) {
if (!defhash) {
if (sigpriv->sethash) {
if (!defhash) {
path);
sigpriv->dispose(sigpriv->st);
sigpriv=0;
path);
sigpriv->dispose(sigpriv->st);
sigpriv=0;
}
sigpriv->sethash(sigpriv->st,defhash);
}
}
sigpriv->sethash(sigpriv->st,defhash);
}
out:
if (f) fclose(f);
return ok ? sigpriv : 0;
out:
if (f) fclose(f);
return ok ? sigpriv : 0;
+
+ error_out:
+ ok=False;
+ goto out;
}
static struct sigprivkey_if *privcache_lookup(void *sst,
}
static struct sigprivkey_if *privcache_lookup(void *sst,