From ec69b55cd32339eeb7a9eec9a9e7e92357ada772 Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Wed, 4 May 2022 11:03:32 +0200 Subject: [PATCH] Fix handling of SSH keys in modify_credential If the private key header and footer are not recognized by truncate_private_key, the original key is now used as intended instead of reverting to the old private key. Also, the truncate_private_key function will now work with "-----BEGIN OPENSSH PRIVATE KEY-----" and the corresponding footer. --- src/manage.c | 14 ++++++++++++++ src/manage_sql.c | 4 ++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/src/manage.c b/src/manage.c index 5bf61dfeb..6e9017ee8 100644 --- a/src/manage.c +++ b/src/manage.c @@ -317,6 +317,20 @@ truncate_private_key (const gchar* private_key) } } + if (key_start == NULL) + { + key_start = strstr (private_key, "-----BEGIN OPENSSH PRIVATE KEY-----"); + if (key_start) + { + key_end = strstr (key_start, "-----END OPENSSH PRIVATE KEY-----"); + + if (key_end) + key_end += strlen ("-----END OPENSSH PRIVATE KEY-----"); + else + return NULL; + } + } + if (key_end && key_end[0] == '\n') key_end++; diff --git a/src/manage_sql.c b/src/manage_sql.c index e1043c813..88c0f37f7 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -34465,7 +34465,7 @@ modify_credential (const char *credential_id, { if (key_private_to_use || password) { - if (check_private_key (key_private_truncated + if (check_private_key (key_private_to_use ? key_private_to_use : credential_iterator_private_key (&iterator), @@ -34481,7 +34481,7 @@ modify_credential (const char *credential_id, set_credential_private_key (credential, - key_private_truncated + key_private_to_use ? key_private_to_use : credential_iterator_private_key (&iterator), password