[openssh-commits] [openssh] 05/06: upstream: refactor sshkey_read() to make it a little more, err,

git+noreply at mindrot.org git+noreply at mindrot.org
Sat Mar 3 14:18:13 AEDT 2018


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 94b4e2d29afaaaef89a95289b16c18bf5627f7cd
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Mar 2 02:08:03 2018 +0000

    upstream: refactor sshkey_read() to make it a little more, err,
    
    readable. ok markus
    
    OpenBSD-Commit-ID: 2e9247b5762fdac3b6335dc606d3822121714c28
---
 .depend  |  16 ++---
 sshkey.c | 248 ++++++++++++++++++++++++++++++++++-----------------------------
 2 files changed, 143 insertions(+), 121 deletions(-)

diff --git a/.depend b/.depend
index ba657e97..4c6b49d5 100644
--- a/.depend
+++ b/.depend
@@ -147,7 +147,7 @@ ssh-pkcs11-client.o: includes.h config.h defines.h platform.h openbsd-compat/ope
 ssh-pkcs11-helper.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bs [...]
 ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitp [...]
 ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid. [...]
-ssh-xmss.o: log.h sshbuf.h sshkey.h sshkey-xmss.h ssherr.h ssh.h xmss_fast.h xmss_wots.h
+ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid [...]
 ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h op [...]
 ssh.o: dispatch.h opacket.h channels.h key.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h sshpty.h match.h msg.h uidswap.h version.h ssherr.h myproposal.h utf8.h
 ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid. [...]
@@ -163,8 +163,8 @@ sshconnect2.o: myproposal.h sshconnect.h authfile.h dh.h authfd.h log.h misc.h r
 sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h o [...]
 sshd.o: chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h key.h sshkey.h kex.h mac.h myproposal.h authfile.h pathnames.h atomicio.h canohost.h hostfile.h auth.h auth-pam.h audit.h loginrec.h authfd.h msg.h channels.h session.h monitor.h monitor_wrap.h ssh-sandbox.h version.h ssherr.h
 ssherr.o: ssherr.h
-sshkey-xmss.o: ssh2.h ssherr.h sshbuf.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h sshkey-xmss.h atomicio.h xmss_fast.h xmss_wots.h
-sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h [...]
+sshkey-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-wait [...]
+sshkey.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h [...]
 sshlogin.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid [...]
 sshpty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h [...]
 sshtty.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h [...]
@@ -176,8 +176,8 @@ utf8.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h
 uuencode.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid [...]
 verify.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h [...]
 xmalloc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid. [...]
-xmss_commons.o: xmss_commons.h
-xmss_fast.o: xmss_fast.h xmss_wots.h crypto_api.h includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bs [...]
-xmss_hash.o: xmss_hash_address.h xmss_commons.h xmss_hash.h
-xmss_hash_address.o: xmss_hash_address.h
-xmss_wots.o: xmss_commons.h xmss_hash.h xmss_wots.h xmss_hash_address.h
+xmss_commons.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-wai [...]
+xmss_fast.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpi [...]
+xmss_hash.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpi [...]
+xmss_hash_address.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bs [...]
+xmss_wots.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpi [...]
diff --git a/sshkey.c b/sshkey.c
index d8ee70ca..b7c392be 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.62 2018/02/23 15:58:38 markus Exp $ */
+/* $OpenBSD: sshkey.c,v 1.63 2018/03/02 02:08:03 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -1215,22 +1215,37 @@ sshkey_fingerprint(const struct sshkey *k, int dgst_alg,
 	return retval;
 }
 
+static int
+peek_type_nid(const char *s, size_t l, int *nid)
+{
+	const struct keytype *kt;
 
-/* returns 0 ok, and < 0 error */
+	for (kt = keytypes; kt->type != -1; kt++) {
+		if (kt->name == NULL || strlen(kt->name) != l)
+			continue;
+		if (memcmp(s, kt->name, l) == 0) {
+			*nid = -1;
+			if (kt->type == KEY_ECDSA || kt->type == KEY_ECDSA_CERT)
+				*nid = kt->nid;
+			return kt->type;
+		}
+	}
+	return KEY_UNSPEC;
+}
+
+/* XXX this can now be made const char * */
 int
 sshkey_read(struct sshkey *ret, char **cpp)
 {
 	struct sshkey *k;
-	int retval = SSH_ERR_INVALID_FORMAT;
-	char *ep, *cp, *space;
+	char *cp, *blobcopy;
+	size_t space;
 	int r, type, curve_nid = -1;
 	struct sshbuf *blob;
 
 	if (ret == NULL)
 		return SSH_ERR_INVALID_ARGUMENT;
 
-	cp = *cpp;
-
 	switch (ret->type) {
 	case KEY_UNSPEC:
 	case KEY_RSA:
@@ -1245,136 +1260,143 @@ sshkey_read(struct sshkey *ret, char **cpp)
 	case KEY_XMSS:
 	case KEY_XMSS_CERT:
 #endif /* WITH_XMSS */
-		space = strchr(cp, ' ');
-		if (space == NULL)
-			return SSH_ERR_INVALID_FORMAT;
-		*space = '\0';
-		type = sshkey_type_from_name(cp);
-		if (sshkey_type_plain(type) == KEY_ECDSA &&
-		    (curve_nid = sshkey_ecdsa_nid_from_name(cp)) == -1)
-			return SSH_ERR_EC_CURVE_INVALID;
-		*space = ' ';
-		if (type == KEY_UNSPEC)
-			return SSH_ERR_INVALID_FORMAT;
-		cp = space+1;
-		if (*cp == '\0')
-			return SSH_ERR_INVALID_FORMAT;
-		if (ret->type != KEY_UNSPEC && ret->type != type)
-			return SSH_ERR_KEY_TYPE_MISMATCH;
-		if ((blob = sshbuf_new()) == NULL)
-			return SSH_ERR_ALLOC_FAIL;
-		/* trim comment */
-		space = strchr(cp, ' ');
-		if (space) {
-			/* advance 'space': skip whitespace */
-			*space++ = '\0';
-			while (*space == ' ' || *space == '\t')
-				space++;
-			ep = space;
-		} else
-			ep = cp + strlen(cp);
-		if ((r = sshbuf_b64tod(blob, cp)) != 0) {
-			sshbuf_free(blob);
-			return r;
-		}
-		if ((r = sshkey_from_blob(sshbuf_ptr(blob),
-		    sshbuf_len(blob), &k)) != 0) {
-			sshbuf_free(blob);
-			return r;
-		}
+		break; /* ok */
+	default:
+		return SSH_ERR_INVALID_ARGUMENT;
+	}
+
+	/* Decode type */
+	cp = *cpp;
+	space = strcspn(cp, " \t");
+	if (space == strlen(cp))
+		return SSH_ERR_INVALID_FORMAT;
+	if ((type = peek_type_nid(cp, space, &curve_nid)) == KEY_UNSPEC)
+		return SSH_ERR_INVALID_FORMAT;
+
+	/* skip whitespace */
+	for (cp += space; *cp == ' ' || *cp == '\t'; cp++)
+		;
+	if (*cp == '\0')
+		return SSH_ERR_INVALID_FORMAT;
+	if (ret->type != KEY_UNSPEC && ret->type != type)
+		return SSH_ERR_KEY_TYPE_MISMATCH;
+	if ((blob = sshbuf_new()) == NULL)
+		return SSH_ERR_ALLOC_FAIL;
+
+	/* find end of keyblob and decode */
+	space = strcspn(cp, " \t");
+	if ((blobcopy = strndup(cp, space)) == NULL) {
 		sshbuf_free(blob);
-		if (k->type != type) {
-			sshkey_free(k);
-			return SSH_ERR_KEY_TYPE_MISMATCH;
-		}
-		if (sshkey_type_plain(type) == KEY_ECDSA &&
-		    curve_nid != k->ecdsa_nid) {
+		return SSH_ERR_ALLOC_FAIL;
+	}
+	if ((r = sshbuf_b64tod(blob, blobcopy)) != 0) {
+		free(blobcopy);
+		sshbuf_free(blob);
+		return r;
+	}
+	free(blobcopy);
+	if ((r = sshkey_fromb(blob, &k)) != 0) {
+		sshbuf_free(blob);
+		return r;
+	}
+	sshbuf_free(blob);
+
+	/* skip whitespace and leave cp at start of comment */
+	for (cp += space; *cp == ' ' || *cp == '\t'; cp++)
+		;
+
+	/* ensure type of blob matches type at start of line */
+	if (k->type != type) {
+		sshkey_free(k);
+		return SSH_ERR_KEY_TYPE_MISMATCH;
+	}
+	if (sshkey_type_plain(type) == KEY_ECDSA && curve_nid != k->ecdsa_nid) {
+		sshkey_free(k);
+		return SSH_ERR_EC_CURVE_MISMATCH;
+	}
+
+	/* Fill in ret from parsed key */
+	ret->type = type;
+	if (sshkey_is_cert(ret)) {
+		if (!sshkey_is_cert(k)) {
 			sshkey_free(k);
-			return SSH_ERR_EC_CURVE_MISMATCH;
-		}
-		ret->type = type;
-		if (sshkey_is_cert(ret)) {
-			if (!sshkey_is_cert(k)) {
-				sshkey_free(k);
-				return SSH_ERR_EXPECTED_CERT;
-			}
-			if (ret->cert != NULL)
-				cert_free(ret->cert);
-			ret->cert = k->cert;
-			k->cert = NULL;
+			return SSH_ERR_EXPECTED_CERT;
 		}
-		switch (sshkey_type_plain(ret->type)) {
+		if (ret->cert != NULL)
+			cert_free(ret->cert);
+		ret->cert = k->cert;
+		k->cert = NULL;
+	}
+	switch (sshkey_type_plain(ret->type)) {
 #ifdef WITH_OPENSSL
-		case KEY_RSA:
-			RSA_free(ret->rsa);
-			ret->rsa = k->rsa;
-			k->rsa = NULL;
+	case KEY_RSA:
+		RSA_free(ret->rsa);
+		ret->rsa = k->rsa;
+		k->rsa = NULL;
 #ifdef DEBUG_PK
-			RSA_print_fp(stderr, ret->rsa, 8);
+		RSA_print_fp(stderr, ret->rsa, 8);
 #endif
-			break;
-		case KEY_DSA:
-			DSA_free(ret->dsa);
-			ret->dsa = k->dsa;
-			k->dsa = NULL;
+		break;
+	case KEY_DSA:
+		DSA_free(ret->dsa);
+		ret->dsa = k->dsa;
+		k->dsa = NULL;
 #ifdef DEBUG_PK
-			DSA_print_fp(stderr, ret->dsa, 8);
+		DSA_print_fp(stderr, ret->dsa, 8);
 #endif
-			break;
+		break;
 # ifdef OPENSSL_HAS_ECC
-		case KEY_ECDSA:
-			EC_KEY_free(ret->ecdsa);
-			ret->ecdsa = k->ecdsa;
-			ret->ecdsa_nid = k->ecdsa_nid;
-			k->ecdsa = NULL;
-			k->ecdsa_nid = -1;
+	case KEY_ECDSA:
+		EC_KEY_free(ret->ecdsa);
+		ret->ecdsa = k->ecdsa;
+		ret->ecdsa_nid = k->ecdsa_nid;
+		k->ecdsa = NULL;
+		k->ecdsa_nid = -1;
 #ifdef DEBUG_PK
-			sshkey_dump_ec_key(ret->ecdsa);
+		sshkey_dump_ec_key(ret->ecdsa);
 #endif
-			break;
+		break;
 # endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
-		case KEY_ED25519:
-			freezero(ret->ed25519_pk, ED25519_PK_SZ);
-			ret->ed25519_pk = k->ed25519_pk;
-			k->ed25519_pk = NULL;
+	case KEY_ED25519:
+		freezero(ret->ed25519_pk, ED25519_PK_SZ);
+		ret->ed25519_pk = k->ed25519_pk;
+		k->ed25519_pk = NULL;
 #ifdef DEBUG_PK
-			/* XXX */
+		/* XXX */
 #endif
-			break;
+		break;
 #ifdef WITH_XMSS
-		case KEY_XMSS:
-			free(ret->xmss_pk);
-			ret->xmss_pk = k->xmss_pk;
-			k->xmss_pk = NULL;
-			free(ret->xmss_state);
-			ret->xmss_state = k->xmss_state;
-			k->xmss_state = NULL;
-			free(ret->xmss_name);
-			ret->xmss_name = k->xmss_name;
-			k->xmss_name = NULL;
-			free(ret->xmss_filename);
-			ret->xmss_filename = k->xmss_filename;
-			k->xmss_filename = NULL;
+	case KEY_XMSS:
+		free(ret->xmss_pk);
+		ret->xmss_pk = k->xmss_pk;
+		k->xmss_pk = NULL;
+		free(ret->xmss_state);
+		ret->xmss_state = k->xmss_state;
+		k->xmss_state = NULL;
+		free(ret->xmss_name);
+		ret->xmss_name = k->xmss_name;
+		k->xmss_name = NULL;
+		free(ret->xmss_filename);
+		ret->xmss_filename = k->xmss_filename;
+		k->xmss_filename = NULL;
 #ifdef DEBUG_PK
-			/* XXX */
+		/* XXX */
 #endif
-			break;
+		break;
 #endif /* WITH_XMSS */
-		}
-		*cpp = ep;
-		retval = 0;
-/*XXXX*/
-		sshkey_free(k);
-		if (retval != 0)
-			break;
-		break;
 	default:
-		return SSH_ERR_INVALID_ARGUMENT;
+		sshkey_free(k);
+		return SSH_ERR_INTERNAL_ERROR;
 	}
-	return retval;
+	sshkey_free(k);
+
+	/* success */
+	*cpp = cp;
+	return 0;
 }
 
+
 int
 sshkey_to_base64(const struct sshkey *key, char **b64p)
 {

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list