upstream: factor out kex_load_hostkey() - this is duplicated in

both the client and server implementations for most KEX methods.

from markus@ ok djm@

OpenBSD-Commit-ID: 8232fa7c21fbfbcaf838313b0c166dc6c8762f3c

diff --git a/kex.c b/kex.c
index 0d5618ecc68ec7f08a6ec22a5d501ecbc8fc9d55..a0d13a88062cedf6efe1c021b287c95a9636794e 100644 (file)
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.144 2019/01/21 09:55:52 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.145 2019/01/21 10:05:09 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -1052,6 +1052,24 @@ kex_derive_keys_bn(struct ssh *ssh, u_char *hash, u_int hashlen,
 }
 #endif
 
+int
+kex_load_hostkey(struct ssh *ssh, struct sshkey **pubp, struct sshkey **prvp)
+{
+       struct kex *kex = ssh->kex;
+
+       *pubp = NULL;
+       *prvp = NULL;
+       if (kex->load_host_public_key == NULL ||
+           kex->load_host_private_key == NULL)
+               return SSH_ERR_INVALID_ARGUMENT;
+       *pubp = kex->load_host_public_key(kex->hostkey_type,
+           kex->hostkey_nid, ssh);
+       *prvp = kex->load_host_private_key(kex->hostkey_type,
+           kex->hostkey_nid, ssh);
+       if (*pubp == NULL)
+               return SSH_ERR_NO_HOSTKEY_LOADED;
+       return 0;
+}
 
 #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)
 void

diff --git a/kex.h b/kex.h
index a11bd5ae6371a3dcb1bfbe678041027784c2da12..fa65b865728bc5030fc4f25c276c35b6524695d7 100644 (file)
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.96 2019/01/21 10:03:37 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.97 2019/01/21 10:05:09 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -184,6 +184,7 @@ void         kex_free(struct kex *);
 int     kex_buf2prop(struct sshbuf *, int *, char ***);
 int     kex_prop2buf(struct sshbuf *, char *proposal[PROPOSAL_MAX]);
 void    kex_prop_free(char **);
+int     kex_load_hostkey(struct ssh *, struct sshkey **, struct sshkey **);
 
 int     kex_send_kexinit(struct ssh *);
 int     kex_input_kexinit(int, u_int32_t, struct ssh *);

diff --git a/kexc25519s.c b/kexc25519s.c
index 65df18c4b5795e348f1176438367330ee42e98ff..d7cc70feee2d321b6936cd4ba23ab798ecb4b17e 100644 (file)
--- a/kexc25519s.c
+++ b/kexc25519s.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexc25519s.c,v 1.14 2019/01/21 09:55:52 djm Exp $ */
+/* $OpenBSD: kexc25519s.c,v 1.15 2019/01/21 10:05:09 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -70,20 +70,9 @@ input_kex_c25519_init(int type, u_int32_t seq, struct ssh *ssh)
 #ifdef DEBUG_KEXECDH
        dump_digest("server private key:", server_key, sizeof(server_key));
 #endif
-       if (kex->load_host_public_key == NULL ||
-           kex->load_host_private_key == NULL) {
-               r = SSH_ERR_INVALID_ARGUMENT;
+       if ((r = kex_load_hostkey(ssh, &server_host_private,
+           &server_host_public)) != 0)
                goto out;
-       }
-       server_host_public = kex->load_host_public_key(kex->hostkey_type,
-           kex->hostkey_nid, ssh);
-       server_host_private = kex->load_host_private_key(kex->hostkey_type,
-           kex->hostkey_nid, ssh);
-       if (server_host_public == NULL) {
-               r = SSH_ERR_NO_HOSTKEY_LOADED;
-               goto out;
-       }
-
        if ((r = sshpkt_get_string(ssh, &client_pubkey, &pklen)) != 0 ||
            (r = sshpkt_get_end(ssh)) != 0)
                goto out;

diff --git a/kexdhs.c b/kexdhs.c
index 0f028aaeb38ec3a4e70a45fc6eb40ac3f54c629e..e33901bbfaaa7f9236118be295cc3a36ca76d9f8 100644 (file)
--- a/kexdhs.c
+++ b/kexdhs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhs.c,v 1.34 2019/01/21 10:03:37 djm Exp $ */
+/* $OpenBSD: kexdhs.c,v 1.35 2019/01/21 10:05:09 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -81,19 +81,9 @@ input_kex_dh_init(int type, u_int32_t seq, struct ssh *ssh)
        size_t hashlen;
        int r;
 
-       if (kex->load_host_public_key == NULL ||
-           kex->load_host_private_key == NULL) {
-               r = SSH_ERR_INVALID_ARGUMENT;
+       if ((r = kex_load_hostkey(ssh, &server_host_private,
+           &server_host_public)) != 0)
                goto out;
-       }
-       server_host_public = kex->load_host_public_key(kex->hostkey_type,
-           kex->hostkey_nid, ssh);
-       server_host_private = kex->load_host_private_key(kex->hostkey_type,
-           kex->hostkey_nid, ssh);
-       if (server_host_public == NULL) {
-               r = SSH_ERR_NO_HOSTKEY_LOADED;
-               goto out;
-       }
 
        /* key, cert */
        if ((r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 ||

diff --git a/kexecdhs.c b/kexecdhs.c
index 4ba2072dfb79935a31005c6c8dc37a16658f35f0..b9254eed7feb067424ceeaa4b8f4b93e8fae6e70 100644 (file)
--- a/kexecdhs.c
+++ b/kexecdhs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexecdhs.c,v 1.20 2019/01/21 09:55:52 djm Exp $ */
+/* $OpenBSD: kexecdhs.c,v 1.21 2019/01/21 10:05:09 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -89,19 +89,9 @@ input_kex_ecdh_init(int type, u_int32_t seq, struct ssh *ssh)
        sshkey_dump_ec_key(server_key);
 #endif
 
-       if (kex->load_host_public_key == NULL ||
-           kex->load_host_private_key == NULL) {
-               r = SSH_ERR_INVALID_ARGUMENT;
+       if ((r = kex_load_hostkey(ssh, &server_host_private,
+           &server_host_public)) != 0)
                goto out;
-       }
-       server_host_public = kex->load_host_public_key(kex->hostkey_type,
-           kex->hostkey_nid, ssh);
-       server_host_private = kex->load_host_private_key(kex->hostkey_type,
-           kex->hostkey_nid, ssh);
-       if (server_host_public == NULL) {
-               r = SSH_ERR_NO_HOSTKEY_LOADED;
-               goto out;
-       }
        if ((client_public = EC_POINT_new(group)) == NULL) {
                r = SSH_ERR_ALLOC_FAIL;
                goto out;

diff --git a/kexgexs.c b/kexgexs.c
index f8eb365455c1f8775adeabae5df54c60342d91c7..a617d44530526f4d5d424977d1caa87e4a6f8ff8 100644 (file)
--- a/kexgexs.c
+++ b/kexgexs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexs.c,v 1.40 2019/01/21 10:03:37 djm Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.41 2019/01/21 10:05:09 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -136,19 +136,9 @@ input_kex_dh_gex_init(int type, u_int32_t seq, struct ssh *ssh)
        size_t hashlen;
        int r;
 
-       if (kex->load_host_public_key == NULL ||
-           kex->load_host_private_key == NULL) {
-               r = SSH_ERR_INVALID_ARGUMENT;
+       if ((r = kex_load_hostkey(ssh, &server_host_private,
+           &server_host_public)) != 0)
                goto out;
-       }
-       server_host_public = kex->load_host_public_key(kex->hostkey_type,
-           kex->hostkey_nid, ssh);
-       server_host_private = kex->load_host_private_key(kex->hostkey_type,
-           kex->hostkey_nid, ssh);
-       if (server_host_public == NULL) {
-               r = SSH_ERR_NO_HOSTKEY_LOADED;
-               goto out;
-       }
 
        /* key, cert */
        if ((r = sshpkt_get_bignum2(ssh, &dh_client_pub)) != 0 ||