ssh: Fix adding an ed25519 key with a zero length comment.

* agent/command-ssh.c (sexp_key_construct): Do not put an empty string into an S-expression. (stream_read_string): Do not not try to a read a zero length block. -- Actually we could handles this different by not putting a comment tag into the s-expression, however this requires more code and at other places we already return "(none)" instead of an empty comment. The second fix is more or less a cosmetic thing to get better error messages in case the underlying read system call returns an error. GnuPG-bug-id: 5794
author: Werner Koch <[email protected]> 2022-01-28 18:59:11 +0000
committer: Werner Koch <[email protected]> 2022-01-28 19:00:50 +0000
commit: 2331900d1cc022c04177272a51c00690229bb989 (patch)
tree: bbf14315039f4f247f8c87c785e565735d699708
parent: gpgconf: Tweak the use of ldapserver. (diff)
download: gnupg-2331900d1cc022c04177272a51c00690229bb989.tar.gz
gnupg-2331900d1cc022c04177272a51c00690229bb989.zip
1 files changed, 10 insertions, 4 deletions
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 1ed541621..6836fb2e9 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -613,7 +613,7 @@ stream_read_string (estream_t stream, unsigned int secure,
         }
 
       /* Read data.  */
-      err = stream_read_data (stream, buffer, length);
+      err = length? stream_read_data (stream, buffer, length) : 0;
       if (err)
         goto out;
 
@@ -623,7 +623,7 @@ stream_read_string (estream_t stream, unsigned int secure,
     }
   else  /* Dummy read requested.  */
     {
-      err = stream_read_skip (stream, length);
+      err = length? stream_read_skip (stream, length) : 0;
       if (err)
         goto out;
     }
@@ -1725,6 +1725,11 @@ sexp_key_construct (gcry_sexp_t *r_sexp,
   estream_t format = NULL;
   char *algo_name = NULL;
 
+  /* We can't encode an empty string in an S-expression, thus to keep
+   * the code simple we use "(none)" instead.  */
+  if (!comment || !*comment)
+    comment = "(none)";
+
   if ((key_spec.flags & SPEC_FLAG_IS_EdDSA))
     {
       /* It is much easier and more readable to use a separate code
@@ -1744,7 +1749,7 @@ sexp_key_construct (gcry_sexp_t *r_sexp,
                                "(comment%s))",
                                curve_name,
                                mpis[0], mpis[1],
-                               comment? comment:"");
+                               comment);
       else
         err = gcry_sexp_build (&sexp_new, NULL,
                                "(public-key(ecc(curve %s)"
@@ -1752,7 +1757,8 @@ sexp_key_construct (gcry_sexp_t *r_sexp,
                                "(comment%s))",
                                curve_name,
                                mpis[0],
-                               comment? comment:"");
+                               comment);
+
     }
   else
     {
author	Werner Koch <[email protected]>	2022-01-28 18:59:11 +0000
committer	Werner Koch <[email protected]>	2022-01-28 19:00:50 +0000
commit	2331900d1cc022c04177272a51c00690229bb989 (patch)
tree	bbf14315039f4f247f8c87c785e565735d699708
parent	gpgconf: Tweak the use of ldapserver. (diff)
download	gnupg-2331900d1cc022c04177272a51c00690229bb989.tar.gz gnupg-2331900d1cc022c04177272a51c00690229bb989.zip