diff options
-rw-r--r-- | authfile.c | 24 | ||||
-rw-r--r-- | authfile.h | 6 | ||||
-rw-r--r-- | sshconnect2.c | 6 |
3 files changed, 14 insertions, 22 deletions
diff --git a/authfile.c b/authfile.c index 851c1a8a1..5e335ce43 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfile.c,v 1.133 2019/07/15 13:16:29 djm Exp $ */ | 1 | /* $OpenBSD: authfile.c,v 1.134 2019/08/05 11:50:33 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -164,10 +164,9 @@ sshkey_perm_ok(int fd, const char *filename) | |||
164 | return 0; | 164 | return 0; |
165 | } | 165 | } |
166 | 166 | ||
167 | /* XXX kill perm_ok now that we have SSH_ERR_KEY_BAD_PERMISSIONS? */ | ||
168 | int | 167 | int |
169 | sshkey_load_private_type(int type, const char *filename, const char *passphrase, | 168 | sshkey_load_private_type(int type, const char *filename, const char *passphrase, |
170 | struct sshkey **keyp, char **commentp, int *perm_ok) | 169 | struct sshkey **keyp, char **commentp) |
171 | { | 170 | { |
172 | int fd, r; | 171 | int fd, r; |
173 | 172 | ||
@@ -176,19 +175,12 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, | |||
176 | if (commentp != NULL) | 175 | if (commentp != NULL) |
177 | *commentp = NULL; | 176 | *commentp = NULL; |
178 | 177 | ||
179 | if ((fd = open(filename, O_RDONLY)) == -1) { | 178 | if ((fd = open(filename, O_RDONLY)) == -1) |
180 | if (perm_ok != NULL) | ||
181 | *perm_ok = 0; | ||
182 | return SSH_ERR_SYSTEM_ERROR; | 179 | return SSH_ERR_SYSTEM_ERROR; |
183 | } | 180 | |
184 | if (sshkey_perm_ok(fd, filename) != 0) { | 181 | r = sshkey_perm_ok(fd, filename); |
185 | if (perm_ok != NULL) | 182 | if (r != 0) |
186 | *perm_ok = 0; | ||
187 | r = SSH_ERR_KEY_BAD_PERMISSIONS; | ||
188 | goto out; | 183 | goto out; |
189 | } | ||
190 | if (perm_ok != NULL) | ||
191 | *perm_ok = 1; | ||
192 | 184 | ||
193 | r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); | 185 | r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); |
194 | if (r == 0 && keyp && *keyp) | 186 | if (r == 0 && keyp && *keyp) |
@@ -387,7 +379,7 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp) | |||
387 | /* Load private key and certificate */ | 379 | /* Load private key and certificate */ |
388 | int | 380 | int |
389 | sshkey_load_private_cert(int type, const char *filename, const char *passphrase, | 381 | sshkey_load_private_cert(int type, const char *filename, const char *passphrase, |
390 | struct sshkey **keyp, int *perm_ok) | 382 | struct sshkey **keyp) |
391 | { | 383 | { |
392 | struct sshkey *key = NULL, *cert = NULL; | 384 | struct sshkey *key = NULL, *cert = NULL; |
393 | int r; | 385 | int r; |
@@ -410,7 +402,7 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, | |||
410 | } | 402 | } |
411 | 403 | ||
412 | if ((r = sshkey_load_private_type(type, filename, | 404 | if ((r = sshkey_load_private_type(type, filename, |
413 | passphrase, &key, NULL, perm_ok)) != 0 || | 405 | passphrase, &key, NULL)) != 0 || |
414 | (r = sshkey_load_cert(filename, &cert)) != 0) | 406 | (r = sshkey_load_cert(filename, &cert)) != 0) |
415 | goto out; | 407 | goto out; |
416 | 408 | ||
diff --git a/authfile.h b/authfile.h index 624d269f1..54df169b3 100644 --- a/authfile.h +++ b/authfile.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfile.h,v 1.21 2015/01/08 10:14:08 djm Exp $ */ | 1 | /* $OpenBSD: authfile.h,v 1.22 2019/08/05 11:50:33 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. |
@@ -40,9 +40,9 @@ int sshkey_load_cert(const char *, struct sshkey **); | |||
40 | int sshkey_load_public(const char *, struct sshkey **, char **); | 40 | int sshkey_load_public(const char *, struct sshkey **, char **); |
41 | int sshkey_load_private(const char *, const char *, struct sshkey **, char **); | 41 | int sshkey_load_private(const char *, const char *, struct sshkey **, char **); |
42 | int sshkey_load_private_cert(int, const char *, const char *, | 42 | int sshkey_load_private_cert(int, const char *, const char *, |
43 | struct sshkey **, int *); | 43 | struct sshkey **); |
44 | int sshkey_load_private_type(int, const char *, const char *, | 44 | int sshkey_load_private_type(int, const char *, const char *, |
45 | struct sshkey **, char **, int *); | 45 | struct sshkey **, char **); |
46 | int sshkey_load_private_type_fd(int fd, int type, const char *passphrase, | 46 | int sshkey_load_private_type_fd(int fd, int type, const char *passphrase, |
47 | struct sshkey **keyp, char **commentp); | 47 | struct sshkey **keyp, char **commentp); |
48 | int sshkey_perm_ok(int, const char *); | 48 | int sshkey_perm_ok(int, const char *); |
diff --git a/sshconnect2.c b/sshconnect2.c index cb8d2193d..87fa70a40 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.307 2019/07/07 01:05:00 dtucker Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.308 2019/08/05 11:50:33 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -1404,7 +1404,7 @@ load_identity_file(Identity *id) | |||
1404 | { | 1404 | { |
1405 | struct sshkey *private = NULL; | 1405 | struct sshkey *private = NULL; |
1406 | char prompt[300], *passphrase, *comment; | 1406 | char prompt[300], *passphrase, *comment; |
1407 | int r, perm_ok = 0, quit = 0, i; | 1407 | int r, quit = 0, i; |
1408 | struct stat st; | 1408 | struct stat st; |
1409 | 1409 | ||
1410 | if (stat(id->filename, &st) == -1) { | 1410 | if (stat(id->filename, &st) == -1) { |
@@ -1426,7 +1426,7 @@ load_identity_file(Identity *id) | |||
1426 | } | 1426 | } |
1427 | } | 1427 | } |
1428 | switch ((r = sshkey_load_private_type(KEY_UNSPEC, id->filename, | 1428 | switch ((r = sshkey_load_private_type(KEY_UNSPEC, id->filename, |
1429 | passphrase, &private, &comment, &perm_ok))) { | 1429 | passphrase, &private, &comment))) { |
1430 | case 0: | 1430 | case 0: |
1431 | break; | 1431 | break; |
1432 | case SSH_ERR_KEY_WRONG_PASSPHRASE: | 1432 | case SSH_ERR_KEY_WRONG_PASSPHRASE: |