Diffstat (limited to 'noncore/comm/keypebble/vncauth.c') (more/less context) (ignore whitespace changes)
-rw-r--r-- | noncore/comm/keypebble/vncauth.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/noncore/comm/keypebble/vncauth.c b/noncore/comm/keypebble/vncauth.c index 277d145..7de837a 100644 --- a/noncore/comm/keypebble/vncauth.c +++ b/noncore/comm/keypebble/vncauth.c @@ -49,102 +49,106 @@ int vncEncryptAndStorePasswd(char *passwd, char *fname) { FILE *fp; uint i; unsigned char encryptedPasswd[8]; if ((fp = fopen(fname,"w")) == NULL) return 1; chmod(fname, S_IRUSR|S_IWUSR); /* pad password with nulls */ for (i = 0; i < 8; i++) { if (i < strlen(passwd)) { encryptedPasswd[i] = passwd[i]; } else { encryptedPasswd[i] = 0; } } /* Do encryption in-place - this way we overwrite our copy of the plaintext password */ deskey(fixedkey, EN0); des(encryptedPasswd, encryptedPasswd); for (i = 0; i < 8; i++) { putc(encryptedPasswd[i], fp); } fclose(fp); return 0; } /* * Decrypt a password from a file. Returns a pointer to a newly allocated * string containing the password or a null pointer if the password could * not be retrieved for some reason. */ char * vncDecryptPasswdFromFile(char *fname) { FILE *fp; int i, ch; unsigned char *passwd = (unsigned char *)malloc(9); - if ((fp = fopen(fname,"r")) == NULL) return NULL; + if ((fp = fopen(fname,"r")) == NULL) { + free(passwd); + return NULL; + } for (i = 0; i < 8; i++) { ch = getc(fp); if (ch == EOF) { fclose(fp); + free(passwd); return NULL; } passwd[i] = ch; } deskey(fixedkey, DE1); des(passwd, passwd); passwd[8] = 0; return (char *)passwd; } /* * Generate CHALLENGESIZE random bytes for use in challenge-response * authentication. */ void vncRandomBytes(unsigned char *bytes) { int i; unsigned int seed = (unsigned int) time(0); srandom(seed); for (i = 0; i < CHALLENGESIZE; i++) { bytes[i] = (unsigned char)(random() & 255); } } /* * Encrypt CHALLENGESIZE bytes in memory using a password. */ void vncEncryptBytes(unsigned char *bytes, char *passwd) { unsigned char key[8]; int i; /* key is simply password padded with nulls */ for (i = 0; i < 8; i++) { if (i < strlen(passwd)) { key[i] = passwd[i]; } else { |