Updated privatekey_from_file() to use BIO* as well [Oliver Stöneberg]

1 files changed, 28 insertions, 10 deletions

diff --git a/src/keyfiles.c b/src/keyfiles.c
index d59924ce..d0f30076 100644
--- a/src/keyfiles.c
+++ b/src/keyfiles.c
@@ -677,6 +677,7 @@ ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
 #elif defined HAVE_LIBCRYPTO
   DSA *dsa = NULL;
   RSA *rsa = NULL;
+  BIO *bio = NULL;
 #endif
   /* TODO Implement to read both DSA and RSA at once. */
 
@@ -693,6 +694,15 @@ ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
     return NULL;
   }
 
+#ifdef HAVE_LIBCRYPTO
+  bio = BIO_new_file(filename,"r");
+  if (bio == NULL) {
+	  fclose(file);
+      ssh_set_error(session, SSH_FATAL, "Could not create BIO.");
+      return NULL;
+  }
+#endif
+
   ssh_log(session, SSH_LOG_RARE, "Trying to read %s, passphase=%s, authcb=%s",
       filename, passphrase ? "true" : "false",
       session->callbacks && session->callbacks->auth_function ? "true" : "false");
@@ -723,25 +733,28 @@ ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
             (void *) passphrase, NULL);
       }
 
+      fclose(file);
+
       if (!valid) {
         ssh_set_error(session, SSH_FATAL, "Parsing private key %s", filename);
 #elif defined HAVE_LIBCRYPTO
         if (session->callbacks && session->callbacks->auth_function) {
-          dsa = PEM_read_DSAPrivateKey(file, NULL, pem_get_password, session);
+          dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, pem_get_password, session);
         } else { /* authcb */
           /* openssl uses its own callback to get the passphrase here */
-          dsa = PEM_read_DSAPrivateKey(file, NULL, NULL, NULL);
+          dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, NULL);
         } /* authcb */
       } else { /* passphrase */
-        dsa = PEM_read_DSAPrivateKey(file, NULL, NULL, (void *) passphrase);
+        dsa = PEM_read_bio_DSAPrivateKey(bio, NULL, NULL, (void *) passphrase);
       }
 
+	  BIO_free(bio);
+      fclose(file);
       if (dsa == NULL) {
         ssh_set_error(session, SSH_FATAL,
             "Parsing private key %s: %s",
             filename, ERR_error_string(ERR_get_error(), NULL));
 #endif
-        fclose(file);
         return NULL;
       }
       break;
@@ -761,36 +774,41 @@ ssh_private_key privatekey_from_file(ssh_session session, const char *filename,
             (void *) passphrase, NULL);
       }
 
+      fclose(file);
+
       if (!valid) {
         ssh_set_error(session,SSH_FATAL, "Parsing private key %s", filename);
 #elif defined HAVE_LIBCRYPTO
         if (session->callbacks && session->callbacks->auth_function) {
-          rsa = PEM_read_RSAPrivateKey(file, NULL, pem_get_password, session);
+			rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, pem_get_password, session);
         } else { /* authcb */
           /* openssl uses its own callback to get the passphrase here */
-          rsa = PEM_read_RSAPrivateKey(file, NULL, NULL, NULL);
+          rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
         } /* authcb */
       } else { /* passphrase */
-        rsa = PEM_read_RSAPrivateKey(file, NULL, NULL, (void *) passphrase);
+        rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, (void *) passphrase);
       }
 
+	  BIO_free(bio);
+      fclose(file);
+
       if (rsa == NULL) {
         ssh_set_error(session, SSH_FATAL,
             "Parsing private key %s: %s",
             filename, ERR_error_string(ERR_get_error(),NULL));
 #endif
-        fclose(file);
         return NULL;
       }
       break;
     default:
+#ifdef HAVE_LIBCRYPTO
+	  BIO_free(bio);
+#endif
       fclose(file);
       ssh_set_error(session, SSH_FATAL, "Invalid private key type %d", type);
       return NULL;
   } /* switch */
 
-  fclose(file);
-
   privkey = malloc(sizeof(struct ssh_private_key_struct));
   if (privkey == NULL) {
 #ifdef HAVE_LIBGCRYPT