From 6b39a7b49ebacec4e70e24bfc8ea2f11057aac22 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 5 Aug 2019 11:50:33 +0000 Subject: upstream: Remove now-redundant perm_ok arg since sshkey_load_private_type will now return SSH_ERR_KEY_BAD_PERMISSIONS in that case. Patch from jitendra.sharma at intel.com, ok djm@ OpenBSD-Commit-ID: 07916a17ed0a252591b71e7fb4be2599cb5b0c77 --- authfile.c | 24 ++++++++---------------- 1 file changed, 8 insertions(+), 16 deletions(-) (limited to 'authfile.c') diff --git a/authfile.c b/authfile.c index 851c1a8a1..5e335ce43 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.133 2019/07/15 13:16:29 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.134 2019/08/05 11:50:33 dtucker Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -164,10 +164,9 @@ sshkey_perm_ok(int fd, const char *filename) return 0; } -/* XXX kill perm_ok now that we have SSH_ERR_KEY_BAD_PERMISSIONS? */ int sshkey_load_private_type(int type, const char *filename, const char *passphrase, - struct sshkey **keyp, char **commentp, int *perm_ok) + struct sshkey **keyp, char **commentp) { int fd, r; @@ -176,19 +175,12 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, if (commentp != NULL) *commentp = NULL; - if ((fd = open(filename, O_RDONLY)) == -1) { - if (perm_ok != NULL) - *perm_ok = 0; + if ((fd = open(filename, O_RDONLY)) == -1) return SSH_ERR_SYSTEM_ERROR; - } - if (sshkey_perm_ok(fd, filename) != 0) { - if (perm_ok != NULL) - *perm_ok = 0; - r = SSH_ERR_KEY_BAD_PERMISSIONS; + + r = sshkey_perm_ok(fd, filename); + if (r != 0) goto out; - } - if (perm_ok != NULL) - *perm_ok = 1; r = sshkey_load_private_type_fd(fd, type, passphrase, keyp, commentp); if (r == 0 && keyp && *keyp) @@ -387,7 +379,7 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp) /* Load private key and certificate */ int sshkey_load_private_cert(int type, const char *filename, const char *passphrase, - struct sshkey **keyp, int *perm_ok) + struct sshkey **keyp) { struct sshkey *key = NULL, *cert = NULL; int r; @@ -410,7 +402,7 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, } if ((r = sshkey_load_private_type(type, filename, - passphrase, &key, NULL, perm_ok)) != 0 || + passphrase, &key, NULL)) != 0 || (r = sshkey_load_cert(filename, &cert)) != 0) goto out; -- cgit v1.2.3