Add more error checks to RSA_do_sign().

git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@539 7dcaeef0-15fb-0310-b436-a5af3365683c

1 files changed, 30 insertions, 21 deletions

diff --git a/libssh/keys.c b/libssh/keys.c
index b11debe..53bf047 100644
--- a/libssh/keys.c
+++ b/libssh/keys.c
@@ -1080,28 +1080,37 @@ void signature_free(SIGNATURE *sign) {
 }
 
 #ifdef HAVE_LIBCRYPTO
-/* maybe the missing function from libcrypto */
-/* i think now, maybe it's a bad idea to name it has it should have be named in libcrypto */
-static STRING *RSA_do_sign(void *payload,int len,RSA *privkey){
-    STRING *sign;
-    void *buffer;
-    unsigned int size;
-    int err;
-
-    buffer = malloc(RSA_size(privkey));
-    if (buffer == NULL) {
-      return NULL;
-    }
+/*
+ * Maybe the missing function from libcrypto
+ *
+ * I think now, maybe it's a bad idea to name it has it should have be
+ * named in libcrypto
+ */
+static STRING *RSA_do_sign(const unsigned char *payload, int len, RSA *privkey) {
+  STRING *sign = NULL;
+  unsigned char *buffer = NULL;
+  unsigned int size;
 
-    err=RSA_sign(NID_sha1,payload,len,buffer,&size,privkey);
-    if(!err){
-        free(buffer);
-        return NULL;
-    }
-    sign=string_new(size);
-    string_fill(sign,buffer,size);
-    free(buffer);
-    return sign;
+  buffer = malloc(RSA_size(privkey));
+  if (buffer == NULL) {
+    return NULL;
+  }
+
+  if (RSA_sign(NID_sha1, payload, len, buffer, &size, privkey) == 0) {
+    SAFE_FREE(buffer);
+    return NULL;
+  }
+
+  sign = string_new(size);
+  if (sign == NULL) {
+    SAFE_FREE(buffer);
+    return NULL;
+  }
+
+  string_fill(sign, buffer, size);
+  SAFE_FREE(buffer);
+
+  return sign;
 }
 #endif