diff options
| author | Darren Tucker <dtucker@cvs.openbsd.org> | 2019-08-05 11:50:34 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@cvs.openbsd.org> | 2019-08-05 11:50:34 +0000 |
| commit | 2fc697e8eed7501d0079670c9f0662174e8a4eba (patch) | |
| tree | f19378a279674ef078c35684af4aee79a863f9f5 | |
| parent | 338fa2e2ad0a7b139b2b9c87f3efe951d91904a5 (diff) | |
Remove now-redundant perm_ok arg since sshkey_load_private_type will
now return SSH_ERR_KEY_BAD_PERMISSIONS in that case. Patch from
jitendra.sharma at intel.com, ok djm@
| -rw-r--r-- | usr.bin/ssh/authfile.c | 24 | ||||
| -rw-r--r-- | usr.bin/ssh/authfile.h | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect2.c | 6 |
3 files changed, 14 insertions, 22 deletions
diff --git a/usr.bin/ssh/authfile.c b/usr.bin/ssh/authfile.c index d6b03a4d77b..1be58654256 100644 --- a/usr.bin/ssh/authfile.c +++ b/usr.bin/ssh/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.133 2019/07/15 13:16:29 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.134 2019/08/05 11:50:33 dtucker Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -159,10 +159,9 @@ sshkey_perm_ok(int fd, const char *filename) return 0; } -/* XXX kill perm_ok now that we have SSH_ERR_KEY_BAD_PERMISSIONS? */ int sshkey_load_private_type(int type, const char *filename, const char *passphrase, - struct sshkey **keyp, char **commentp, int *perm_ok) + struct sshkey **keyp, char **commentp) { int fd, r; @@ -171,19 +170,12 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, if (commentp != NULL) *commentp = NULL; - if ((fd = open(filename, O_RDONLY)) == -1) { - if (perm_ok != NULL) - *perm_ok = 0; + if ((fd = open(filename, O_RDONLY)) == -1) return SSH_ERR_SYSTEM_ERROR; - } - if (sshkey_perm_ok(fd, filename) != 0) { - if (perm_ok != NULL) - *perm_ok = 0; - r = SSH_ERR_KEY_BAD_PERMISSIONS; + + r = sshkey_perm_ok(fd, filename); + if (r != 0) goto out; - } - if (perm_ok != NULL) - *perm_ok = 1; r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); if (r == 0 && keyp && *keyp) @@ -382,7 +374,7 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp) /* Load private key and certificate */ int sshkey_load_private_cert(int type, const char *filename, const char *passphrase, - struct sshkey **keyp, int *perm_ok) + struct sshkey **keyp) { struct sshkey *key = NULL, *cert = NULL; int r; @@ -405,7 +397,7 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, } if ((r = sshkey_load_private_type(type, filename, - passphrase, &key, NULL, perm_ok)) != 0 || + passphrase, &key, NULL)) != 0 || (r = sshkey_load_cert(filename, &cert)) != 0) goto out; diff --git a/usr.bin/ssh/authfile.h b/usr.bin/ssh/authfile.h index 624d269f1bd..54df169b3dd 100644 --- a/usr.bin/ssh/authfile.h +++ b/usr.bin/ssh/authfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.h,v 1.21 2015/01/08 10:14:08 djm Exp $ */ +/* $OpenBSD: authfile.h,v 1.22 2019/08/05 11:50:33 dtucker Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. @@ -40,9 +40,9 @@ int sshkey_load_cert(const char *, struct sshkey **); int sshkey_load_public(const char *, struct sshkey **, char **); int sshkey_load_private(const char *, const char *, struct sshkey **, char **); int sshkey_load_private_cert(int, const char *, const char *, - struct sshkey **, int *); + struct sshkey **); int sshkey_load_private_type(int, const char *, const char *, - struct sshkey **, char **, int *); + struct sshkey **, char **); int sshkey_load_private_type_fd(int fd, int type, const char *passphrase, struct sshkey **keyp, char **commentp); int sshkey_perm_ok(int, const char *); diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index 5c33a74ad31..d0a73d7e389 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.307 2019/07/07 01:05:00 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.308 2019/08/05 11:50:33 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1396,7 +1396,7 @@ load_identity_file(Identity *id) { struct sshkey *private = NULL; char prompt[300], *passphrase, *comment; - int r, perm_ok = 0, quit = 0, i; + int r, quit = 0, i; struct stat st; if (stat(id->filename, &st) == -1) { @@ -1418,7 +1418,7 @@ load_identity_file(Identity *id) } } switch ((r = sshkey_load_private_type(KEY_UNSPEC, id->filename, - passphrase, &private, &comment, &perm_ok))) { + passphrase, &private, &comment))) { case 0: break; case SSH_ERR_KEY_WRONG_PASSPHRASE: |