upstream: Remove now-redundant perm_ok arg since

sshkey_load_private_type will now return SSH_ERR_KEY_BAD_PERMISSIONS in that
case.  Patch from jitendra.sharma at intel.com, ok djm@

OpenBSD-Commit-ID: 07916a17ed0a252591b71e7fb4be2599cb5b0c77

diff --git a/authfile.c b/authfile.c
index 851c1a8a1ae5b0af6be93e292007d418f8b22fa7..5e335ce4386ae744f5cc5e9327aa47ac0d1eb4c3 100644 (file)
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.133 2019/07/15 13:16:29 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.134 2019/08/05 11:50:33 dtucker Exp $ */
 /*
  * Copyright (c) 2000, 2013 Markus Friedl.  All rights reserved.
  *
@@ -164,10 +164,9 @@ sshkey_perm_ok(int fd, const char *filename)
        return 0;
 }
 
-/* XXX kill perm_ok now that we have SSH_ERR_KEY_BAD_PERMISSIONS? */
 int
 sshkey_load_private_type(int type, const char *filename, const char *passphrase,
-    struct sshkey **keyp, char **commentp, int *perm_ok)
+    struct sshkey **keyp, char **commentp)
 {
        int fd, r;
 
@@ -176,19 +175,12 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase,
        if (commentp != NULL)
                *commentp = NULL;
 
-       if ((fd = open(filename, O_RDONLY)) == -1) {
-               if (perm_ok != NULL)
-                       *perm_ok = 0;
+       if ((fd = open(filename, O_RDONLY)) == -1)
                return SSH_ERR_SYSTEM_ERROR;
-       }
-       if (sshkey_perm_ok(fd, filename) != 0) {
-               if (perm_ok != NULL)
-                       *perm_ok = 0;
-               r = SSH_ERR_KEY_BAD_PERMISSIONS;
+
+       r = sshkey_perm_ok(fd, filename);
+       if (r != 0)
                goto out;
-       }
-       if (perm_ok != NULL)
-               *perm_ok = 1;
 
        r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp);
        if (r == 0 && keyp && *keyp)
@@ -387,7 +379,7 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp)
 /* Load private key and certificate */
 int
 sshkey_load_private_cert(int type, const char *filename, const char *passphrase,
-    struct sshkey **keyp, int *perm_ok)
+    struct sshkey **keyp)
 {
        struct sshkey *key = NULL, *cert = NULL;
        int r;
@@ -410,7 +402,7 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase,
        }
 
        if ((r = sshkey_load_private_type(type, filename,
-           passphrase, &key, NULL, perm_ok)) != 0 ||
+           passphrase, &key, NULL)) != 0 ||
            (r = sshkey_load_cert(filename, &cert)) != 0)
                goto out;
 

diff --git a/authfile.h b/authfile.h
index 624d269f1bdb12c964ae983eae4c0991c4228dde..54df169b3dd0c08093b63d63063d51c9591161dc 100644 (file)
--- a/authfile.h
+++ b/authfile.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.h,v 1.21 2015/01/08 10:14:08 djm Exp $ */
+/* $OpenBSD: authfile.h,v 1.22 2019/08/05 11:50:33 dtucker Exp $ */
 
 /*
  * Copyright (c) 2000, 2013 Markus Friedl.  All rights reserved.
@@ -40,9 +40,9 @@ int sshkey_load_cert(const char *, struct sshkey **);
 int sshkey_load_public(const char *, struct sshkey **, char **);
 int sshkey_load_private(const char *, const char *, struct sshkey **, char **);
 int sshkey_load_private_cert(int, const char *, const char *,
-    struct sshkey **, int *);
+    struct sshkey **);
 int sshkey_load_private_type(int, const char *, const char *,
-    struct sshkey **, char **, int *);
+    struct sshkey **, char **);
 int sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
     struct sshkey **keyp, char **commentp);
 int sshkey_perm_ok(int, const char *);

diff --git a/sshconnect2.c b/sshconnect2.c
index cb8d2193d910de4c59b2a6b1a721306cc8c89963..87fa70a40cf2204248416faeb07214dca54016a7 100644 (file)
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.307 2019/07/07 01:05:00 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.308 2019/08/05 11:50:33 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -1404,7 +1404,7 @@ load_identity_file(Identity *id)
 {
        struct sshkey *private = NULL;
        char prompt[300], *passphrase, *comment;
-       int r, perm_ok = 0, quit = 0, i;
+       int r, quit = 0, i;
        struct stat st;
 
        if (stat(id->filename, &st) == -1) {
@@ -1426,7 +1426,7 @@ load_identity_file(Identity *id)
                        }
                }
                switch ((r = sshkey_load_private_type(KEY_UNSPEC, id->filename,
-                   passphrase, &private, &comment, &perm_ok))) {
+                   passphrase, &private, &comment))) {
                case 0:
                        break;
                case SSH_ERR_KEY_WRONG_PASSPHRASE: