[PATCH 2/2] Remove sshkey_load_private()

Jitendra Sharma jitendra.sharma at intel.com
Tue Jul 9 20:59:08 AEST 2019 

Remove sshkey_load_private(), as this function's role
is similar to sshkey_load_private_type().
---
 authfile.c   | 38 --------------------------------------
 ssh-keygen.c | 20 +++++++++++---------
 sshd.c       |  5 +++--
 3 files changed, 14 insertions(+), 49 deletions(-)

diff --git a/authfile.c b/authfile.c
index 269209c1..2854299b 100644
--- a/authfile.c
+++ b/authfile.c
@@ -215,44 +215,6 @@ sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
 	return r;
 }
 
-/* XXX this is almost identical to sshkey_load_private_type() */
-int
-sshkey_load_private(const char *filename, const char *passphrase,
-    struct sshkey **keyp, char **commentp)
-{
-	struct sshbuf *buffer = NULL;
-	int r, fd;
-
-	if (keyp != NULL)
-		*keyp = NULL;
-	if (commentp != NULL)
-		*commentp = NULL;
-
-	if ((fd = open(filename, O_RDONLY)) == -1)
-		return SSH_ERR_SYSTEM_ERROR;
-	if (sshkey_perm_ok(fd, filename) != 0) {
-		r = SSH_ERR_KEY_BAD_PERMISSIONS;
-		goto out;
-	}
-
-	if ((buffer = sshbuf_new()) == NULL) {
-		r = SSH_ERR_ALLOC_FAIL;
-		goto out;
-	}
-	if ((r = sshkey_load_file(fd, buffer)) != 0 ||
-	    (r = sshkey_parse_private_fileblob(buffer, passphrase, keyp,
-	    commentp)) != 0)
-		goto out;
-	if (keyp && *keyp &&
-	    (r = sshkey_set_filename(*keyp, filename)) != 0)
-		goto out;
-	r = 0;
- out:
-	close(fd);
-	sshbuf_free(buffer);
-	return r;
-}
-
 static int
 sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp)
 {
diff --git a/ssh-keygen.c b/ssh-keygen.c
index b019a02f..429c5f54 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -276,7 +276,8 @@ load_identity(char *filename)
 	struct sshkey *prv;
 	int r;
 
-	if ((r = sshkey_load_private(filename, "", &prv, NULL)) == 0)
+	if ((r = sshkey_load_private_type(KEY_UNSPEC, filename, "",
+					&prv, NULL)) == 0)
 		return prv;
 	if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
 		fatal("Load key \"%s\": %s", filename, ssh_err(r));
@@ -284,7 +285,7 @@ load_identity(char *filename)
 		pass = xstrdup(identity_passphrase);
 	else
 		pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN);
-	r = sshkey_load_private(filename, pass, &prv, NULL);
+	r = sshkey_load_private_type(KEY_UNSPEC, filename, pass, &prv, NULL);
 	explicit_bzero(pass, strlen(pass));
 	free(pass);
 	if (r != 0)
@@ -858,7 +859,7 @@ fingerprint_private(const char *path)
 		fatal("%s: %s", path, strerror(errno));
 	if ((r = sshkey_load_public(path, &public, &comment)) != 0) {
 		debug("load public \"%s\": %s", path, ssh_err(r));
-		if ((r = sshkey_load_private(path, NULL,
+		if ((r = sshkey_load_private_type(KEY_UNSPEC, path, NULL,
 		    &public, &comment)) != 0) {
 			debug("load private \"%s\": %s", path, ssh_err(r));
 			fatal("%s is not a key file.", path);
@@ -1343,7 +1344,8 @@ do_change_passphrase(struct passwd *pw)
 	if (stat(identity_file, &st) == -1)
 		fatal("%s: %s", identity_file, strerror(errno));
 	/* Try to load the file with empty passphrase. */
-	r = sshkey_load_private(identity_file, "", &private, &comment);
+	r = sshkey_load_private_type(KEY_UNSPEC, identity_file, "",
+			&private, &comment);
 	if (r == SSH_ERR_KEY_WRONG_PASSPHRASE) {
 		if (identity_passphrase)
 			old_passphrase = xstrdup(identity_passphrase);
@@ -1351,8 +1353,8 @@ do_change_passphrase(struct passwd *pw)
 			old_passphrase =
 			    read_passphrase("Enter old passphrase: ",
 			    RP_ALLOW_STDIN);
-		r = sshkey_load_private(identity_file, old_passphrase,
-		    &private, &comment);
+		r = sshkey_load_private_type(KEY_UNSPEC, identity_file,
+				old_passphrase, &private, &comment);
 		explicit_bzero(old_passphrase, strlen(old_passphrase));
 		free(old_passphrase);
 		if (r != 0)
@@ -1455,7 +1457,7 @@ do_change_comment(struct passwd *pw, const char *identity_comment)
 		ask_filename(pw, "Enter file in which the key is");
 	if (stat(identity_file, &st) == -1)
 		fatal("%s: %s", identity_file, strerror(errno));
-	if ((r = sshkey_load_private(identity_file, "",
+	if ((r = sshkey_load_private_type(KEY_UNSPEC, identity_file, "",
 	    &private, &comment)) == 0)
 		passphrase = xstrdup("");
 	else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE)
@@ -1470,8 +1472,8 @@ do_change_comment(struct passwd *pw, const char *identity_comment)
 			passphrase = read_passphrase("Enter passphrase: ",
 			    RP_ALLOW_STDIN);
 		/* Try to load using the passphrase. */
-		if ((r = sshkey_load_private(identity_file, passphrase,
-		    &private, &comment)) != 0) {
+		if ((r = sshkey_load_private_type(KEY_UNSPEC, identity_file,
+		    passphrase, &private, &comment)) != 0) {
 			explicit_bzero(passphrase, strlen(passphrase));
 			free(passphrase);
 			fatal("Cannot load private key \"%s\": %s.",
diff --git a/sshd.c b/sshd.c
index 11571c01..cea85de2 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1719,8 +1719,9 @@ main(int ac, char **av)
 
 		if (options.host_key_files[i] == NULL)
 			continue;
-		if ((r = sshkey_load_private(options.host_key_files[i], "",
-		    &key, NULL)) != 0 && r != SSH_ERR_SYSTEM_ERROR)
+		if ((r = sshkey_load_private_type(KEY_UNSPEC,
+			options.host_key_files[i], "", &key, NULL)) != 0 &&
+				r != SSH_ERR_SYSTEM_ERROR)
 			do_log2(ll, "Unable to load host key \"%s\": %s",
 			    options.host_key_files[i], ssh_err(r));
 		if (r == 0 && (r = sshkey_shield_private(key)) != 0) {
-- 
2.20.1

More information about the openssh-unix-dev mailing list