www.libssh2.org | Daily snapshots | Mailing list archive | Docs | Examples | github

Archive Index This month's Index

Subject: Bug in sign_fromfile (userauth.c)

Bug in sign_fromfile (userauth.c)

From: Graham Bradshaw <Graham.Bradshaw_at_serverassist.com>
Date: Sun, 20 Oct 2013 15:28:00 +0000

There might be a bug in userauth.c, in sign_fromfile. privkeyobj->dtor is called to clean up, but the first time it is called (if privkeyobj->signv returns non-zero), it passes abstract in. The other time it passes in hostkey_abstract, which seems sensible. abstract is passed in and points to a pointer to a privkey_file structure which is declared on the stack in userauth_publickey_fromfile, so freeing it looks wrong.

I'm actually trying to find out how to authenticate using a private key, but one that I already have in memory. I realise I can simply write it out to a temporary file and use that temporary file in a call to userauth_publickey_fromfile, but I'd like to avoid having the private key on disk at all if possible.

I've looked at http://libssh2.org/libssh2_userauth_publickey.html, but the information on what's needed for the callback function isn't complete. Are there any other examples anywhere, or can someone point me in the right direction?

libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2013-10-20

the libssh2 team