14 |
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
15 |
|
*/ |
16 |
|
|
17 |
< |
/* $OpenBSD: krl.c,v 1.13 2013/07/20 22:20:42 djm Exp $ */ |
17 |
> |
/* $OpenBSD: krl.c,v 1.14 2014/01/31 16:39:19 tedu Exp $ */ |
18 |
|
|
19 |
|
#include "includes.h" |
20 |
|
|
238 |
|
struct revoked_serial rs, *ers, *crs, *irs; |
239 |
|
|
240 |
|
KRL_DBG(("%s: insert %llu:%llu", __func__, lo, hi)); |
241 |
< |
bzero(&rs, sizeof(rs)); |
241 |
> |
memset(&rs, 0, sizeof(rs)); |
242 |
|
rs.lo = lo; |
243 |
|
rs.hi = hi; |
244 |
|
ers = RB_NFIND(revoked_serial_tree, rt, &rs); |
1115 |
|
struct revoked_certs *rc; |
1116 |
|
|
1117 |
|
/* Check explicitly revoked hashes first */ |
1118 |
< |
bzero(&rb, sizeof(rb)); |
1118 |
> |
memset(&rb, 0, sizeof(rb)); |
1119 |
|
if ((rb.blob = key_fingerprint_raw(key, SSH_FP_SHA1, &rb.len)) == NULL) |
1120 |
|
return -1; |
1121 |
|
erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb); |
1126 |
|
} |
1127 |
|
|
1128 |
|
/* Next, explicit keys */ |
1129 |
< |
bzero(&rb, sizeof(rb)); |
1129 |
> |
memset(&rb, 0, sizeof(rb)); |
1130 |
|
if (plain_key_blob(key, &rb.blob, &rb.len) != 0) |
1131 |
|
return -1; |
1132 |
|
erb = RB_FIND(revoked_blob_tree, &krl->revoked_keys, &rb); |
1147 |
|
return 0; /* No entry for this CA */ |
1148 |
|
|
1149 |
|
/* Check revocation by cert key ID */ |
1150 |
< |
bzero(&rki, sizeof(rki)); |
1150 |
> |
memset(&rki, 0, sizeof(rki)); |
1151 |
|
rki.key_id = key->cert->key_id; |
1152 |
|
erki = RB_FIND(revoked_key_id_tree, &rc->revoked_key_ids, &rki); |
1153 |
|
if (erki != NULL) { |
1162 |
|
if (key_cert_is_legacy(key) || key->cert->serial == 0) |
1163 |
|
return 0; |
1164 |
|
|
1165 |
< |
bzero(&rs, sizeof(rs)); |
1165 |
> |
memset(&rs, 0, sizeof(rs)); |
1166 |
|
rs.lo = rs.hi = key->cert->serial; |
1167 |
|
ers = RB_FIND(revoked_serial_tree, &rc->revoked_serials, &rs); |
1168 |
|
if (ers != NULL) { |