pki: Fix accidental ECC switch case fallthroughs into ed25119 cases when built without ECC

Summary: When ed25519 was introduced in commit 93c7b81b4e, the ed25519 case was added after the ecdsa case in src/pki.c. The ecdsa case seems to have relied on falling through to report an error, when HAVE_ECC is not defined. If HAVE_ECC is not defined, but ecdsa keys are used, with for example, ssh_pki_import_pubkey_file, the code fallthroughs into the ed25519 case. Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr> Test Plan: Unit tests passed. No memory leaks found with valgrind. Reviewers: asn Differential Revision: https://bugs.libssh.org/D13 Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-08-08 19:02:06 +03:00 · 2017-12-28 20:45:49 +01:00
parent c3c492a190
commit ea99215664
2 changed files with 5 additions and 3 deletions
--- a/src/pki.c
+++ b/src/pki.c
@@ -771,8 +771,8 @@ static int pki_import_pubkey_buffer(ssh_buffer buffer,
                }
            }
            break;
-        case SSH_KEYTYPE_ECDSA:
 #ifdef HAVE_ECC
+        case SSH_KEYTYPE_ECDSA:
            {
                ssh_string e;
                ssh_string i;
@@ -1201,8 +1201,8 @@ int ssh_pki_generate(enum ssh_keytypes_e type, int parameter,
            if(rc == SSH_ERROR)
                goto error;
            break;
-        case SSH_KEYTYPE_ECDSA:
 #ifdef HAVE_ECC
+        case SSH_KEYTYPE_ECDSA:
            rc = pki_key_generate_ecdsa(key, parameter);
            if (rc == SSH_ERROR) {
                goto error;
@@ -1221,6 +1221,7 @@ int ssh_pki_generate(enum ssh_keytypes_e type, int parameter,
        case SSH_KEYTYPE_DSS_CERT01:
        case SSH_KEYTYPE_RSA_CERT01:
        case SSH_KEYTYPE_UNKNOWN:
+        default:
            goto error;
    }