upstream: remove mostly vestigal uuencode.[ch]; moving the only unique

functionality there (wrapping of base64-encoded data) to sshbuf functions;
feedback and ok markus@

OpenBSD-Commit-ID: 4dba6735d88c57232f6fccec8a08bdcfea44ac4c

8 files changed, 84 insertions, 188 deletions

diff --git a/Makefile.in b/Makefile.in
index 8b6754a68..92ba0b37e 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -90,7 +90,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
         compat.o fatal.o hostfile.o \
         log.o match.o moduli.o nchan.o packet.o \
         readpass.o ttymodes.o xmalloc.o addrmatch.o \
-        atomicio.o dispatch.o mac.o uuencode.o misc.o utf8.o \
+        atomicio.o dispatch.o mac.o misc.o utf8.o \
         monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
         msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
         ssh-pkcs11.o smult_curve25519_ref.o \
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 05fa5c9f8..32ce19250 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.90 2019/06/21 03:19:59 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.91 2019/07/16 13:18:39 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -109,7 +109,7 @@ userauth_pubkey(struct ssh *ssh)
 
                 if ((pkbuf = sshbuf_from(pkblob, blen)) == NULL)
                         fatal("%s: sshbuf_from failed", __func__);
-                if ((keystring = sshbuf_dtob64(pkbuf)) == NULL)
+                if ((keystring = sshbuf_dtob64_string(pkbuf, 0)) == NULL)
                         fatal("%s: sshbuf_dtob64 failed", __func__);
                 debug2("%s: %s user %s %s public key %s %s", __func__,
                     authctxt->valid ? "valid" : "invalid", authctxt->user,
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 5dcad1f61..c2cfe8df0 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.336 2019/07/15 13:16:29 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.337 2019/07/16 13:18:39 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -43,7 +43,6 @@
 #include "xmalloc.h"
 #include "sshkey.h"
 #include "authfile.h"
-#include "uuencode.h"
 #include "sshbuf.h"
 #include "pathnames.h"
 #include "log.h"
@@ -301,25 +300,30 @@ load_identity(char *filename)
 static void
 do_convert_to_ssh2(struct passwd *pw, struct sshkey *k)
 {
-        size_t len;
-        u_char *blob;
-        char comment[61];
+        struct sshbuf *b;
+        char comment[61], *b64;
         int r;
 
-        if ((r = sshkey_to_blob(k, &blob, &len)) != 0)
+        if ((b = sshbuf_new()) == NULL)
+                fatal("%s: sshbuf_new failed", __func__);
+        if ((r = sshkey_putb(k, b)) != 0)
                 fatal("key_to_blob failed: %s", ssh_err(r));
+        if ((b64 = sshbuf_dtob64_string(b, 1)) == NULL)
+                fatal("%s: sshbuf_dtob64_string failed", __func__);
+
         /* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */
         snprintf(comment, sizeof(comment),
             "%u-bit %s, converted by %s@%s from OpenSSH",
             sshkey_size(k), sshkey_type(k),
             pw->pw_name, hostname);
 
+        sshkey_free(k);
+        sshbuf_free(b);
+
         fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
-        fprintf(stdout, "Comment: \"%s\"\n", comment);
-        dump_base64(stdout, blob, len);
+        fprintf(stdout, "Comment: \"%s\"\n%s", comment, b64);
         fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END);
-        sshkey_free(k);
-        free(blob);
+        free(b64);
         exit(0);
 }
 
@@ -413,9 +417,8 @@ buffer_get_bignum_bits(struct sshbuf *b, BIGNUM *value)
 }
 
 static struct sshkey *
-do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
+do_convert_private_ssh2(struct sshbuf *b)
 {
-        struct sshbuf *b;
         struct sshkey *key = NULL;
         char *type, *cipher;
         u_char e1, e2, e3, *sig = NULL, data[] = "abcde12345";
@@ -427,15 +430,13 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
         BIGNUM *dsa_pub_key = NULL, *dsa_priv_key = NULL;
         BIGNUM *rsa_n = NULL, *rsa_e = NULL, *rsa_d = NULL;
         BIGNUM *rsa_p = NULL, *rsa_q = NULL, *rsa_iqmp = NULL;
-        if ((b = sshbuf_from(blob, blen)) == NULL)
-                fatal("%s: sshbuf_from failed", __func__);
+
         if ((r = sshbuf_get_u32(b, &magic)) != 0)
                 fatal("%s: buffer error: %s", __func__, ssh_err(r));
 
         if (magic != SSH_COM_PRIVATE_KEY_MAGIC) {
                 error("bad magic 0x%x != 0x%x", magic,
                     SSH_COM_PRIVATE_KEY_MAGIC);
-                sshbuf_free(b);
                 return NULL;
         }
         if ((r = sshbuf_get_u32(b, &i1)) != 0 ||
@@ -449,7 +450,6 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
         if (strcmp(cipher, "none") != 0) {
                 error("unsupported cipher %s", cipher);
                 free(cipher);
-                sshbuf_free(b);
                 free(type);
                 return NULL;
         }
@@ -460,7 +460,6 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
         } else if (strstr(type, "rsa")) {
                 ktype = KEY_RSA;
         } else {
-                sshbuf_free(b);
                 free(type);
                 return NULL;
         }
@@ -507,7 +506,6 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
                         fatal("%s: BN_new", __func__);
                 if (!BN_set_word(rsa_e, e)) {
                         BN_clear_free(rsa_e);
-                        sshbuf_free(b);
                         sshkey_free(key);
                         return NULL;
                 }
@@ -535,9 +533,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
         }
         rlen = sshbuf_len(b);
         if (rlen != 0)
-                error("do_convert_private_ssh2_from_blob: "
-                    "remaining bytes in key blob %d", rlen);
-        sshbuf_free(b);
+                error("%s: remaining bytes in key blob %d", __func__, rlen);
 
         /* try the key */
         if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 ||
@@ -582,10 +578,12 @@ do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private)
         int r, blen, escaped = 0;
         u_int len;
         char line[1024];
-        u_char blob[8096];
+        struct sshbuf *buf;
         char encoded[8096];
         FILE *fp;
 
+        if ((buf = sshbuf_new()) == NULL)
+                fatal("sshbuf_new failed");
         if ((fp = fopen(identity_file, "r")) == NULL)
                 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
         encoded[0] = '\0';
@@ -615,12 +613,11 @@ do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private)
             (encoded[len-2] == '=') &&
             (encoded[len-3] == '='))
                 encoded[len-3] = '\0';
-        blen = uudecode(encoded, blob, sizeof(blob));
-        if (blen < 0)
-                fatal("uudecode failed.");
+        if ((r = sshbuf_b64tod(buf, encoded)) != 0)
+                fatal("%s: base64 decoding failed: %s", __func__, ssh_err(r));
         if (*private)
-                *k = do_convert_private_ssh2_from_blob(blob, blen);
-        else if ((r = sshkey_from_blob(blob, blen, k)) != 0)
+                *k = do_convert_private_ssh2(buf);
+        else if ((r = sshkey_fromb(buf, k)) != 0)
                 fatal("decode blob failed: %s", ssh_err(r));
         fclose(fp);
 }
@@ -1739,7 +1736,7 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent,
                 }
                 if (n > SSHKEY_CERT_MAX_PRINCIPALS)
                         fatal("Too many certificate principals specified");
-        
+
                 tmp = tilde_expand_filename(argv[i], pw->pw_uid);
                 if ((r = sshkey_load_public(tmp, &public, &comment)) != 0)
                         fatal("%s: unable to open \"%s\": %s",
diff --git a/sshbuf-misc.c b/sshbuf-misc.c
index 83b598103..4a4985fd3 100644
--- a/sshbuf-misc.c
+++ b/sshbuf-misc.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshbuf-misc.c,v 1.8 2019/07/15 13:11:38 djm Exp $     */
+/*      $OpenBSD: sshbuf-misc.c,v 1.9 2019/07/16 13:18:39 djm Exp $     */
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -89,23 +89,58 @@ sshbuf_dtob16(struct sshbuf *buf)
         return ret;
 }
 
+int
+sshbuf_dtob64(const struct sshbuf *d, struct sshbuf *b64, int wrap)
+{
+        size_t i, slen = 0;
+        char *s = NULL;
+        int r;
+
+        if (d == NULL || b64 == NULL || sshbuf_len(d) >= SIZE_MAX / 2)
+                return SSH_ERR_INVALID_ARGUMENT;
+        if (sshbuf_len(d) == 0)
+                return 0;
+        slen = ((sshbuf_len(d) + 2) / 3) * 4 + 1;
+        if ((s = malloc(slen)) == NULL)
+                return SSH_ERR_ALLOC_FAIL;
+        if (b64_ntop(sshbuf_ptr(d), sshbuf_len(d), s, slen) == -1) {
+                r = SSH_ERR_INTERNAL_ERROR;
+                goto fail;
+        }
+        if (wrap) {
+                for (i = 0; s[i] != '\0'; i++) {
+                        if ((r = sshbuf_put_u8(b64, s[i])) != 0)
+                                goto fail;
+                        if (i % 70 == 69 && (r = sshbuf_put_u8(b64, '\n')) != 0)
+                                goto fail;
+                }
+                if (i % 70 != 69 && (r = sshbuf_put_u8(b64, '\n')) != 0)
+                        goto fail;
+        } else {
+                if ((r = sshbuf_put(b64, s, strlen(s))) != 0)
+                        goto fail;
+        }
+        /* Success */
+        r = 0;
+ fail:
+        freezero(s, slen);
+        return r;
+}
+
 char *
-sshbuf_dtob64(struct sshbuf *buf)
+sshbuf_dtob64_string(const struct sshbuf *buf, int wrap)
 {
-        size_t len = sshbuf_len(buf), plen;
-        const u_char *p = sshbuf_ptr(buf);
+        struct sshbuf *tmp;
         char *ret;
 
-        if (len == 0)
-                return strdup("");
-        plen = ((len + 2) / 3) * 4 + 1;
-        if (SIZE_MAX / 2 <= len || (ret = malloc(plen)) == NULL)
+        if ((tmp = sshbuf_new()) == NULL)
                 return NULL;
-        if (b64_ntop(p, len, ret, plen) == -1) {
-                explicit_bzero(ret, plen);
-                free(ret);
+        if (sshbuf_dtob64(buf, tmp, wrap) != 0) {
+                sshbuf_free(tmp);
                 return NULL;
         }
+        ret = sshbuf_dup_string(tmp);
+        sshbuf_free(tmp);
         return ret;
 }
 
diff --git a/sshbuf.h b/sshbuf.h
index 79700b54d..ea40e1677 100644
--- a/sshbuf.h
+++ b/sshbuf.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshbuf.h,v 1.15 2019/07/15 13:11:38 djm Exp $ */
+/*      $OpenBSD: sshbuf.h,v 1.16 2019/07/16 13:18:39 djm Exp $ */
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -251,7 +251,8 @@ void	sshbuf_dump_data(const void *s, size_t len, FILE *f);
 char    *sshbuf_dtob16(struct sshbuf *buf);
 
 /* Encode the contents of the buffer as base64 */
-char    *sshbuf_dtob64(struct sshbuf *buf);
+char    *sshbuf_dtob64_string(const struct sshbuf *buf, int wrap);
+int     sshbuf_dtob64(const struct sshbuf *d, struct sshbuf *b64, int wrap);
 
 /* Decode base64 data and append it to the buffer */
 int     sshbuf_b64tod(struct sshbuf *buf, const char *b64);
diff --git a/sshkey.c b/sshkey.c
index a0cea9257..9956a08b9 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.80 2019/07/15 13:16:29 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.81 2019/07/16 13:18:39 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -1402,7 +1402,7 @@ sshkey_to_base64(const struct sshkey *key, char **b64p)
                 return SSH_ERR_ALLOC_FAIL;
         if ((r = sshkey_putb(key, b)) != 0)
                 goto out;
-        if ((uu = sshbuf_dtob64(b)) == NULL) {
+        if ((uu = sshbuf_dtob64_string(b, 0)) == NULL) {
                 r = SSH_ERR_ALLOC_FAIL;
                 goto out;
         }
@@ -3709,25 +3709,12 @@ sshkey_private_to_blob2(struct sshkey *prv, struct sshbuf *blob,
             sshbuf_ptr(encrypted), sshbuf_len(encrypted), 0, authlen)) != 0)
                 goto out;
 
-        /* uuencode */
-        if ((b64 = sshbuf_dtob64(encoded)) == NULL) {
-                r = SSH_ERR_ALLOC_FAIL;
-                goto out;
-        }
-
         sshbuf_reset(blob);
-        if ((r = sshbuf_put(blob, MARK_BEGIN, MARK_BEGIN_LEN)) != 0)
-                goto out;
-        for (i = 0; i < strlen(b64); i++) {
-                if ((r = sshbuf_put_u8(blob, b64[i])) != 0)
-                        goto out;
-                /* insert line breaks */
-                if (i % 70 == 69 && (r = sshbuf_put_u8(blob, '\n')) != 0)
-                        goto out;
-        }
-        if (i % 70 != 69 && (r = sshbuf_put_u8(blob, '\n')) != 0)
-                goto out;
-        if ((r = sshbuf_put(blob, MARK_END, MARK_END_LEN)) != 0)
+
+        /* assemble uuencoded key */
+        if ((r = sshbuf_put(blob, MARK_BEGIN, MARK_BEGIN_LEN)) != 0 ||
+            (r = sshbuf_dtob64(encoded, blob, 1)) != 0 ||
+            (r = sshbuf_put(blob, MARK_END, MARK_END_LEN)) != 0)
                 goto out;
 
         /* success */
diff --git a/uuencode.c b/uuencode.c
deleted file mode 100644
index 7fc867a11..000000000
--- a/uuencode.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* $OpenBSD: uuencode.c,v 1.28 2015/04/24 01:36:24 deraadt Exp $ */
-/*
- * Copyright (c) 2000 Markus Friedl.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <resolv.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "xmalloc.h"
-#include "uuencode.h"
-
-/*
- * Encode binary 'src' of length 'srclength', writing base64-encoded text
- * to 'target' of size 'targsize'. Will always nul-terminate 'target'.
- * Returns the number of bytes stored in 'target' or -1 on error (inc.
- * 'targsize' too small).
- */
-int
-uuencode(const u_char *src, u_int srclength,
-    char *target, size_t targsize)
-{
-        return __b64_ntop(src, srclength, target, targsize);
-}
-
-/*
- * Decode base64-encoded 'src' into buffer 'target' of 'targsize' bytes.
- * Will skip leading and trailing whitespace. Returns the number of bytes
- * stored in 'target' or -1 on error (inc. targsize too small).
- */
-int
-uudecode(const char *src, u_char *target, size_t targsize)
-{
-        int len;
-        char *encoded, *p;
-
-        /* copy the 'readonly' source */
-        encoded = xstrdup(src);
-        /* skip whitespace and data */
-        for (p = encoded; *p == ' ' || *p == '\t'; p++)
-                ;
-        for (; *p != '\0' && *p != ' ' && *p != '\t'; p++)
-                ;
-        /* and remove trailing whitespace because __b64_pton needs this */
-        *p = '\0';
-        len = __b64_pton(encoded, target, targsize);
-        free(encoded);
-        return len;
-}
-
-void
-dump_base64(FILE *fp, const u_char *data, u_int len)
-{
-        char *buf;
-        int i, n;
-
-        if (len > 65536) {
-                fprintf(fp, "dump_base64: len > 65536\n");
-                return;
-        }
-        buf = xreallocarray(NULL, 2, len);
-        n = uuencode(data, len, buf, 2*len);
-        for (i = 0; i < n; i++) {
-                fprintf(fp, "%c", buf[i]);
-                if (i % 70 == 69)
-                        fprintf(fp, "\n");
-        }
-        if (i % 70 != 69)
-                fprintf(fp, "\n");
-        free(buf);
-}
diff --git a/uuencode.h b/uuencode.h
deleted file mode 100644
index 4d9888126..000000000
--- a/uuencode.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* $OpenBSD: uuencode.h,v 1.14 2010/08/31 11:54:45 djm Exp $ */
-
-/*
- * Copyright (c) 2000 Markus Friedl.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-int      uuencode(const u_char *, u_int, char *, size_t);
-int      uudecode(const char *, u_char *, size_t);
-void     dump_base64(FILE *, const u_char *, u_int);