[Midnightbsd-cvs] CVS Commit: x509.c: x509 fix

[laffer1 at midnightbsd.org]

Log Message:
-----------
x509 fix

Modified Files:
--------------
    src/usr.sbin/pkg_install/sign:
        x509.c (r1.1.1.1 -> r1.2)

-------------- next part --------------
Index: x509.c
===================================================================
RCS file: /home/cvs/src/usr.sbin/pkg_install/sign/x509.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -Lusr.sbin/pkg_install/sign/x509.c -Lusr.sbin/pkg_install/sign/x509.c -u -r1.1.1.1 -r1.2
--- usr.sbin/pkg_install/sign/x509.c
+++ usr.sbin/pkg_install/sign/x509.c
@@ -152,7 +152,8 @@
 		break;
 
 	    default:
-		warnx("Uknown certificate type");
+		warnx("Unknown certificate type: %d", EVP_PKEY_type(X509_get_pubkey(x509)->type));
+		fclose(fp);
 		return 0;
 	    }
 
@@ -234,13 +235,15 @@
 		break;
 
 	    default:
+		warnx("Unknown public key type: %d", EVP_PKEY_type(pkey->type));
+		md_ctx = NULL;
 		break;
 	    }
 
-	    status = EVP_VerifyFinal(md_ctx,
-				     n->signature->data,
-				     n->signature->length,
-				     pkey);
+	    status = (md_ctx == NULL) ? 0 : EVP_VerifyFinal(md_ctx,
+						n->signature->data,
+						n->signature->length,
+						pkey);
 
 	    EVP_PKEY_free(pkey);
 	    X509_free(x509);
@@ -291,13 +294,11 @@
 
 	f = fopen(filename, "r");
 	if (f == NULL) {
-	    free(n);
 	    return 0;
 	}
 	if (gzip_read_header(f, &h, sign) == GZIP_NOT_GZIP) {
 	    warnx("File %s is not a gzip file\n", filename);
 	    fclose(f);
-	    free(n);
 	    return 0;
 	}
 
@@ -314,6 +315,7 @@
 	if (keyf == NULL)
 	{
 	    warnx("Cannot open private key %s.", keyfile);
+	    fclose(f);
 	    return 0;
 	}
 	
@@ -335,16 +337,15 @@
 	{
 	case EVP_PKEY_RSA:
 	    md_type = EVP_sha1();
-printf("*** It's an RSA key.\n");
 	    break;
 
 	case EVP_PKEY_DSA:
 	    md_type = EVP_dss1();
-printf("@@@ It's a DSA key, yippee!\n");
 	    break;
 
 	default:
-	    warnx("Uknown key type");
+	    warnx("Unknown key type");
+	    fclose(f);
 	    return 0;
 	}
 
@@ -353,6 +354,8 @@
 	while ((length = fread(buffer, 1, sizeof buffer, f)) > 0)
 		EVP_SignUpdate(&md_ctx, buffer, length);
 
+	fclose(f);
+
 	sig_buf = malloc(sig_len);
 	if (sig_buf == NULL) {
 	    warnx("Cannot allocated %u bytes for signature buffer", sig_len);