[openssh-commits] [openssh] 07/20: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Wed May 31 14:57:04 AEST 2017


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 7da5df11ac788bc1133d8d598d298e33500524cc
Author: markus at openbsd.org <markus at openbsd.org>
Date:   Tue May 30 14:16:41 2017 +0000

    upstream commit
    
    remove unused wrapper functions from key.[ch]; ok djm@
    
    Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
---
 key.c        | 177 +----------------------------------------------------------
 key.h        |  36 +-----------
 ssh-add.c    |   4 +-
 ssh-keygen.c |  20 +++----
 4 files changed, 14 insertions(+), 223 deletions(-)

diff --git a/key.c b/key.c
index 93f4ccb2..6e338c49 100644
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.130 2016/05/02 09:36:42 djm Exp $ */
+/* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */
 /*
  * placed in the public domain
  */
@@ -20,68 +20,6 @@
 #include "log.h"
 #include "authfile.h"
 
-void
-key_add_private(Key *k)
-{
-	int r;
-
-	if ((r = sshkey_add_private(k)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
-}
-
-Key *
-key_new_private(int type)
-{
-	Key *ret = NULL;
-
-	if ((ret = sshkey_new_private(type)) == NULL)
-		fatal("%s: failed", __func__);
-	return ret;
-}
-
-int
-key_read(Key *ret, char **cpp)
-{
-	return sshkey_read(ret, cpp) == 0 ? 1 : -1;
-}
-
-int
-key_write(const Key *key, FILE *f)
-{
-	return sshkey_write(key, f) == 0 ? 1 : 0;
-}
-
-Key *
-key_generate(int type, u_int bits)
-{
-	int r;
-	Key *ret = NULL;
-
-	if ((r = sshkey_generate(type, bits, &ret)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
-	return ret;
-}
-
-void
-key_cert_copy(const Key *from_key, Key *to_key)
-{
-	int r;
-
-	if ((r = sshkey_cert_copy(from_key, to_key)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
-}
-
-Key *
-key_from_private(const Key *k)
-{
-	int r;
-	Key *ret = NULL;
-
-	if ((r = sshkey_from_private(k, &ret)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
-	return ret;
-}
-
 static void
 fatal_on_fatal_errors(int r, const char *func, int extra_fatal)
 {
@@ -184,19 +122,6 @@ key_demote(const Key *k)
 }
 
 int
-key_to_certified(Key *k)
-{
-	int r;
-
-	if ((r = sshkey_to_certified(k)) != 0) {
-		fatal_on_fatal_errors(r, __func__, 0);
-		error("%s: %s", __func__, ssh_err(r));
-		return -1;
-	}
-	return 0;
-}
-
-int
 key_drop_cert(Key *k)
 {
 	int r;
@@ -210,19 +135,6 @@ key_drop_cert(Key *k)
 }
 
 int
-key_certify(Key *k, Key *ca)
-{
-	int r;
-
-	if ((r = sshkey_certify(k, ca, NULL)) != 0) {
-		fatal_on_fatal_errors(r, __func__, 0);
-		error("%s: %s", __func__, ssh_err(r));
-		return -1;
-	}
-	return 0;
-}
-
-int
 key_cert_check_authority(const Key *k, int want_host, int require_principal,
     const char *name, const char **reason)
 {
@@ -237,88 +149,8 @@ key_cert_check_authority(const Key *k, int want_host, int require_principal,
 	return 0;
 }
 
-#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
-int
-key_ec_validate_public(const EC_GROUP *group, const EC_POINT *public)
-{
-	int r;
-
-	if ((r = sshkey_ec_validate_public(group, public)) != 0) {
-		fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
-		error("%s: %s", __func__, ssh_err(r));
-		return -1;
-	}
-	return 0;
-}
-
-int
-key_ec_validate_private(const EC_KEY *key)
-{
-	int r;
-
-	if ((r = sshkey_ec_validate_private(key)) != 0) {
-		fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
-		error("%s: %s", __func__, ssh_err(r));
-		return -1;
-	}
-	return 0;
-}
-#endif /* WITH_OPENSSL */
-
-void
-key_private_serialize(const Key *key, struct sshbuf *b)
-{
-	int r;
-
-	if ((r = sshkey_private_serialize(key, b)) != 0)
-		fatal("%s: %s", __func__, ssh_err(r));
-}
-
-Key *
-key_private_deserialize(struct sshbuf *blob)
-{
-	int r;
-	Key *ret = NULL;
-
-	if ((r = sshkey_private_deserialize(blob, &ret)) != 0) {
-		fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
-		error("%s: %s", __func__, ssh_err(r));
-		return NULL;
-	}
-	return ret;
-}
-
 /* authfile.c */
 
-int
-key_save_private(Key *key, const char *filename, const char *passphrase,
-    const char *comment, int force_new_format, const char *new_format_cipher,
-    int new_format_rounds)
-{
-	int r;
-
-	if ((r = sshkey_save_private(key, filename, passphrase, comment,
-	    force_new_format, new_format_cipher, new_format_rounds)) != 0) {
-		fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
-		error("%s: %s", __func__, ssh_err(r));
-		return 0;
-	}
-	return 1;
-}
-
-int
-key_load_file(int fd, const char *filename, struct sshbuf *blob)
-{
-	int r;
-
-	if ((r = sshkey_load_file(fd, blob)) != 0) {
-		fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
-		error("%s: %s", __func__, ssh_err(r));
-		return 0;
-	}
-	return 1;
-}
-
 Key *
 key_load_cert(const char *filename)
 {
@@ -417,10 +249,3 @@ key_load_private_type(int type, const char *filename, const char *passphrase,
 	}
 	return ret;
 }
-
-int
-key_perm_ok(int fd, const char *filename)
-{
-	return sshkey_perm_ok(fd, filename) == 0 ? 1 : 0;
-}
-
diff --git a/key.h b/key.h
index 2e501a9f..a14f3703 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.h,v 1.50 2016/09/12 23:31:27 djm Exp $ */
+/* $OpenBSD: key.h,v 1.51 2017/05/30 14:16:41 markus Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -35,51 +35,24 @@ typedef struct sshkey Key;
 #define fp_rep sshkey_fp_rep
 
 #ifndef SSH_KEY_NO_DEFINE
-#define key_new			sshkey_new
 #define key_free		sshkey_free
 #define key_equal_public	sshkey_equal_public
 #define key_equal		sshkey_equal
 #define key_type		sshkey_type
-#define key_cert_type		sshkey_cert_type
 #define key_ssh_name		sshkey_ssh_name
 #define key_ssh_name_plain	sshkey_ssh_name_plain
 #define key_type_from_name	sshkey_type_from_name
-#define key_ecdsa_nid_from_name	sshkey_ecdsa_nid_from_name
-#define key_type_is_cert	sshkey_type_is_cert
-#define key_size		sshkey_size
-#define key_ecdsa_bits_to_nid	sshkey_ecdsa_bits_to_nid
-#define key_ecdsa_key_to_nid	sshkey_ecdsa_key_to_nid
 #define key_is_cert		sshkey_is_cert
 #define key_type_plain		sshkey_type_plain
-#define key_curve_name_to_nid	sshkey_curve_name_to_nid
-#define key_curve_nid_to_bits	sshkey_curve_nid_to_bits
-#define key_curve_nid_to_name	sshkey_curve_nid_to_name
-#define key_ec_nid_to_hash_alg	sshkey_ec_nid_to_hash_alg
-#define key_dump_ec_point	sshkey_dump_ec_point
-#define key_dump_ec_key		sshkey_dump_ec_key
 #endif
 
-void	 key_add_private(Key *);
-Key	*key_new_private(int);
 void	 key_free(Key *);
 Key	*key_demote(const Key *);
-int	 key_write(const Key *, FILE *);
-int	 key_read(Key *, char **);
 
-Key	*key_generate(int, u_int);
-Key	*key_from_private(const Key *);
-int	 key_to_certified(Key *);
 int	 key_drop_cert(Key *);
-int	 key_certify(Key *, Key *);
-void	 key_cert_copy(const Key *, Key *);
 int	 key_cert_check_authority(const Key *, int, int, const char *,
 	    const char **);
 
-#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
-int	 key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
-int	 key_ec_validate_private(const EC_KEY *);
-#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
-
 Key	*key_from_blob(const u_char *, u_int);
 int	 key_to_blob(const Key *, u_char **, u_int *);
 
@@ -87,18 +60,11 @@ int	 key_sign(const Key *, u_char **, u_int *, const u_char *, u_int,
     const char *);
 int	 key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
 
-void     key_private_serialize(const Key *, struct sshbuf *);
-Key	*key_private_deserialize(struct sshbuf *);
-
 /* authfile.c */
-int	 key_save_private(Key *, const char *, const char *, const char *,
-    int, const char *, int);
-int	 key_load_file(int, const char *, struct sshbuf *);
 Key	*key_load_cert(const char *);
 Key	*key_load_public(const char *, char **);
 Key	*key_load_private(const char *, const char *, char **);
 Key	*key_load_private_cert(int, const char *, const char *, int *);
 Key	*key_load_private_type(int, const char *, const char *, char **, int *);
-int	 key_perm_ok(int, const char *);
 
 #endif
diff --git a/ssh-add.c b/ssh-add.c
index a1e0d464..438c1c25 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.132 2017/05/30 14:16:41 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -306,7 +306,7 @@ add_file(int agent_fd, const char *filename, int key_only)
 		goto out;
 	}
 	if ((r = sshkey_cert_copy(cert, private)) != 0) {
-		error("%s: key_cert_copy: %s", __func__, ssh_err(r));
+		error("%s: sshkey_cert_copy: %s", __func__, ssh_err(r));
 		sshkey_free(cert);
 		goto out;
 	}
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 7886582d..cc3a7df1 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.303 2017/05/07 23:15:59 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.304 2017/05/30 14:16:41 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -488,7 +488,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
 		return NULL;
 	}
 	if ((key = sshkey_new_private(ktype)) == NULL)
-		fatal("key_new_private failed");
+		fatal("sshkey_new_private failed");
 	free(type);
 
 	switch (key->type) {
@@ -770,7 +770,7 @@ do_print_public(struct passwd *pw)
 		fatal("%s: %s", identity_file, strerror(errno));
 	prv = load_identity(identity_file);
 	if ((r = sshkey_write(prv, stdout)) != 0)
-		error("key_write failed: %s", ssh_err(r));
+		error("sshkey_write failed: %s", ssh_err(r));
 	sshkey_free(prv);
 	fprintf(stdout, "\n");
 	exit(0);
@@ -1019,7 +1019,7 @@ do_gen_all_hostkeys(struct passwd *pw)
 		bits = 0;
 		type_bits_valid(type, NULL, &bits);
 		if ((r = sshkey_generate(type, bits, &private)) != 0) {
-			error("key_generate failed: %s", ssh_err(r));
+			error("sshkey_generate failed: %s", ssh_err(r));
 			first = 0;
 			continue;
 		}
@@ -1475,7 +1475,7 @@ do_change_comment(struct passwd *pw)
 	explicit_bzero(passphrase, strlen(passphrase));
 	free(passphrase);
 	if ((r = sshkey_from_private(private, &public)) != 0)
-		fatal("key_from_private failed: %s", ssh_err(r));
+		fatal("sshkey_from_private failed: %s", ssh_err(r));
 	sshkey_free(private);
 
 	strlcat(identity_file, ".pub", sizeof(identity_file));
@@ -1662,7 +1662,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
 		    OPTIONS_EXTENSIONS);
 		if ((r = sshkey_from_private(ca,
 		    &public->cert->signature_key)) != 0)
-			fatal("key_from_private (ca key): %s", ssh_err(r));
+			fatal("sshkey_from_private (ca key): %s", ssh_err(r));
 
 		if ((r = sshkey_certify(public, ca, key_type_name)) != 0)
 			fatal("Couldn't certify key %s: %s", tmp, ssh_err(r));
@@ -1980,7 +1980,7 @@ do_show_cert(struct passwd *pw)
 		if (*cp == '#' || *cp == '\0')
 			continue;
 		if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
-			fatal("key_new");
+			fatal("sshkey_new");
 		if ((r = sshkey_read(key, &cp)) != 0) {
 			error("%s:%lu: invalid key: %s", path,
 			    lnum, ssh_err(r));
@@ -2126,7 +2126,7 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
 				 */
 			}
 			if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
-				fatal("key_new");
+				fatal("sshkey_new");
 			if ((r = sshkey_read(key, &cp)) != 0)
 				fatal("%s:%lu: invalid key: %s",
 				    path, lnum, ssh_err(r));
@@ -2667,9 +2667,9 @@ main(int argc, char **argv)
 		printf("Generating public/private %s key pair.\n",
 		    key_type_name);
 	if ((r = sshkey_generate(type, bits, &private)) != 0)
-		fatal("key_generate failed");
+		fatal("sshkey_generate failed");
 	if ((r = sshkey_from_private(private, &public)) != 0)
-		fatal("key_from_private failed: %s\n", ssh_err(r));
+		fatal("sshkey_from_private failed: %s\n", ssh_err(r));
 
 	if (!have_identity)
 		ask_filename(pw, "Enter file in which to save the key");

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list