From cf77c10b4214162ca8f4078b4ace728020d14cab Mon Sep 17 00:00:00 2001 From: simon Date: Thu, 30 Aug 2012 18:44:34 +0000 Subject: [PATCH] In openssh_read(), we shouldn't ever return SSH2_WRONG_PASSPHRASE for an unencrypted key. (The other import function, sshcom_read(), already got this right.) Thanks to David Wedderwille for the report. This is more than just an error-reporting mistake; it actually causes Windows PuTTYgen to tight-loop on attempting to load a corrupt OpenSSH key, because the 'wrong passphrase' return value causes the caller to loop round and try again, but of course it knows the key is unencrypted so it doesn't prompt for a different passphrase and just tries again with no change... git-svn-id: svn://svn.tartarus.org/sgt/putty@9643 cda61777-01e9-0310-a592-d414129be87e --- import.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/import.c b/import.c index 2ba2f9a0..bb863d77 100644 --- a/import.c +++ b/import.c @@ -592,12 +592,13 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase, p = key->keyblob; - /* Expect the SEQUENCE header. Take its absence as a failure to decrypt. */ + /* Expect the SEQUENCE header. Take its absence as a failure to + * decrypt, if the key was encrypted. */ ret = ber_read_id_len(p, key->keyblob_len, &id, &len, &flags); p += ret; if (ret < 0 || id != 16) { errmsg = "ASN.1 decoding failure"; - retval = SSH2_WRONG_PASSPHRASE; + retval = key->encrypted ? SSH2_WRONG_PASSPHRASE : NULL; goto error; } @@ -629,7 +630,7 @@ struct ssh2_userkey *openssh_read(const Filename *filename, char *passphrase, if (ret < 0 || id != 2 || key->keyblob+key->keyblob_len-p < len) { errmsg = "ASN.1 decoding failure"; - retval = SSH2_WRONG_PASSPHRASE; + retval = key->encrypted ? SSH2_WRONG_PASSPHRASE : NULL; goto error; } -- 2.11.0