[openssh-commits] [openssh] 07/20: upstream commit
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed May 31 14:57:04 AEST 2017
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 7da5df11ac788bc1133d8d598d298e33500524cc
Author: markus at openbsd.org <markus at openbsd.org>
Date: Tue May 30 14:16:41 2017 +0000
upstream commit
remove unused wrapper functions from key.[ch]; ok djm@
Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
---
key.c | 177 +----------------------------------------------------------
key.h | 36 +-----------
ssh-add.c | 4 +-
ssh-keygen.c | 20 +++----
4 files changed, 14 insertions(+), 223 deletions(-)
diff --git a/key.c b/key.c
index 93f4ccb2..6e338c49 100644
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.130 2016/05/02 09:36:42 djm Exp $ */
+/* $OpenBSD: key.c,v 1.131 2017/05/30 14:16:41 markus Exp $ */
/*
* placed in the public domain
*/
@@ -20,68 +20,6 @@
#include "log.h"
#include "authfile.h"
-void
-key_add_private(Key *k)
-{
- int r;
-
- if ((r = sshkey_add_private(k)) != 0)
- fatal("%s: %s", __func__, ssh_err(r));
-}
-
-Key *
-key_new_private(int type)
-{
- Key *ret = NULL;
-
- if ((ret = sshkey_new_private(type)) == NULL)
- fatal("%s: failed", __func__);
- return ret;
-}
-
-int
-key_read(Key *ret, char **cpp)
-{
- return sshkey_read(ret, cpp) == 0 ? 1 : -1;
-}
-
-int
-key_write(const Key *key, FILE *f)
-{
- return sshkey_write(key, f) == 0 ? 1 : 0;
-}
-
-Key *
-key_generate(int type, u_int bits)
-{
- int r;
- Key *ret = NULL;
-
- if ((r = sshkey_generate(type, bits, &ret)) != 0)
- fatal("%s: %s", __func__, ssh_err(r));
- return ret;
-}
-
-void
-key_cert_copy(const Key *from_key, Key *to_key)
-{
- int r;
-
- if ((r = sshkey_cert_copy(from_key, to_key)) != 0)
- fatal("%s: %s", __func__, ssh_err(r));
-}
-
-Key *
-key_from_private(const Key *k)
-{
- int r;
- Key *ret = NULL;
-
- if ((r = sshkey_from_private(k, &ret)) != 0)
- fatal("%s: %s", __func__, ssh_err(r));
- return ret;
-}
-
static void
fatal_on_fatal_errors(int r, const char *func, int extra_fatal)
{
@@ -184,19 +122,6 @@ key_demote(const Key *k)
}
int
-key_to_certified(Key *k)
-{
- int r;
-
- if ((r = sshkey_to_certified(k)) != 0) {
- fatal_on_fatal_errors(r, __func__, 0);
- error("%s: %s", __func__, ssh_err(r));
- return -1;
- }
- return 0;
-}
-
-int
key_drop_cert(Key *k)
{
int r;
@@ -210,19 +135,6 @@ key_drop_cert(Key *k)
}
int
-key_certify(Key *k, Key *ca)
-{
- int r;
-
- if ((r = sshkey_certify(k, ca, NULL)) != 0) {
- fatal_on_fatal_errors(r, __func__, 0);
- error("%s: %s", __func__, ssh_err(r));
- return -1;
- }
- return 0;
-}
-
-int
key_cert_check_authority(const Key *k, int want_host, int require_principal,
const char *name, const char **reason)
{
@@ -237,88 +149,8 @@ key_cert_check_authority(const Key *k, int want_host, int require_principal,
return 0;
}
-#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
-int
-key_ec_validate_public(const EC_GROUP *group, const EC_POINT *public)
-{
- int r;
-
- if ((r = sshkey_ec_validate_public(group, public)) != 0) {
- fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
- error("%s: %s", __func__, ssh_err(r));
- return -1;
- }
- return 0;
-}
-
-int
-key_ec_validate_private(const EC_KEY *key)
-{
- int r;
-
- if ((r = sshkey_ec_validate_private(key)) != 0) {
- fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
- error("%s: %s", __func__, ssh_err(r));
- return -1;
- }
- return 0;
-}
-#endif /* WITH_OPENSSL */
-
-void
-key_private_serialize(const Key *key, struct sshbuf *b)
-{
- int r;
-
- if ((r = sshkey_private_serialize(key, b)) != 0)
- fatal("%s: %s", __func__, ssh_err(r));
-}
-
-Key *
-key_private_deserialize(struct sshbuf *blob)
-{
- int r;
- Key *ret = NULL;
-
- if ((r = sshkey_private_deserialize(blob, &ret)) != 0) {
- fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
- error("%s: %s", __func__, ssh_err(r));
- return NULL;
- }
- return ret;
-}
-
/* authfile.c */
-int
-key_save_private(Key *key, const char *filename, const char *passphrase,
- const char *comment, int force_new_format, const char *new_format_cipher,
- int new_format_rounds)
-{
- int r;
-
- if ((r = sshkey_save_private(key, filename, passphrase, comment,
- force_new_format, new_format_cipher, new_format_rounds)) != 0) {
- fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
- error("%s: %s", __func__, ssh_err(r));
- return 0;
- }
- return 1;
-}
-
-int
-key_load_file(int fd, const char *filename, struct sshbuf *blob)
-{
- int r;
-
- if ((r = sshkey_load_file(fd, blob)) != 0) {
- fatal_on_fatal_errors(r, __func__, SSH_ERR_LIBCRYPTO_ERROR);
- error("%s: %s", __func__, ssh_err(r));
- return 0;
- }
- return 1;
-}
-
Key *
key_load_cert(const char *filename)
{
@@ -417,10 +249,3 @@ key_load_private_type(int type, const char *filename, const char *passphrase,
}
return ret;
}
-
-int
-key_perm_ok(int fd, const char *filename)
-{
- return sshkey_perm_ok(fd, filename) == 0 ? 1 : 0;
-}
-
diff --git a/key.h b/key.h
index 2e501a9f..a14f3703 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.h,v 1.50 2016/09/12 23:31:27 djm Exp $ */
+/* $OpenBSD: key.h,v 1.51 2017/05/30 14:16:41 markus Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -35,51 +35,24 @@ typedef struct sshkey Key;
#define fp_rep sshkey_fp_rep
#ifndef SSH_KEY_NO_DEFINE
-#define key_new sshkey_new
#define key_free sshkey_free
#define key_equal_public sshkey_equal_public
#define key_equal sshkey_equal
#define key_type sshkey_type
-#define key_cert_type sshkey_cert_type
#define key_ssh_name sshkey_ssh_name
#define key_ssh_name_plain sshkey_ssh_name_plain
#define key_type_from_name sshkey_type_from_name
-#define key_ecdsa_nid_from_name sshkey_ecdsa_nid_from_name
-#define key_type_is_cert sshkey_type_is_cert
-#define key_size sshkey_size
-#define key_ecdsa_bits_to_nid sshkey_ecdsa_bits_to_nid
-#define key_ecdsa_key_to_nid sshkey_ecdsa_key_to_nid
#define key_is_cert sshkey_is_cert
#define key_type_plain sshkey_type_plain
-#define key_curve_name_to_nid sshkey_curve_name_to_nid
-#define key_curve_nid_to_bits sshkey_curve_nid_to_bits
-#define key_curve_nid_to_name sshkey_curve_nid_to_name
-#define key_ec_nid_to_hash_alg sshkey_ec_nid_to_hash_alg
-#define key_dump_ec_point sshkey_dump_ec_point
-#define key_dump_ec_key sshkey_dump_ec_key
#endif
-void key_add_private(Key *);
-Key *key_new_private(int);
void key_free(Key *);
Key *key_demote(const Key *);
-int key_write(const Key *, FILE *);
-int key_read(Key *, char **);
-Key *key_generate(int, u_int);
-Key *key_from_private(const Key *);
-int key_to_certified(Key *);
int key_drop_cert(Key *);
-int key_certify(Key *, Key *);
-void key_cert_copy(const Key *, Key *);
int key_cert_check_authority(const Key *, int, int, const char *,
const char **);
-#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
-int key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
-int key_ec_validate_private(const EC_KEY *);
-#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
-
Key *key_from_blob(const u_char *, u_int);
int key_to_blob(const Key *, u_char **, u_int *);
@@ -87,18 +60,11 @@ int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int,
const char *);
int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
-void key_private_serialize(const Key *, struct sshbuf *);
-Key *key_private_deserialize(struct sshbuf *);
-
/* authfile.c */
-int key_save_private(Key *, const char *, const char *, const char *,
- int, const char *, int);
-int key_load_file(int, const char *, struct sshbuf *);
Key *key_load_cert(const char *);
Key *key_load_public(const char *, char **);
Key *key_load_private(const char *, const char *, char **);
Key *key_load_private_cert(int, const char *, const char *, int *);
Key *key_load_private_type(int, const char *, const char *, char **, int *);
-int key_perm_ok(int, const char *);
#endif
diff --git a/ssh-add.c b/ssh-add.c
index a1e0d464..438c1c25 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.132 2017/05/30 14:16:41 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -306,7 +306,7 @@ add_file(int agent_fd, const char *filename, int key_only)
goto out;
}
if ((r = sshkey_cert_copy(cert, private)) != 0) {
- error("%s: key_cert_copy: %s", __func__, ssh_err(r));
+ error("%s: sshkey_cert_copy: %s", __func__, ssh_err(r));
sshkey_free(cert);
goto out;
}
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 7886582d..cc3a7df1 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.303 2017/05/07 23:15:59 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.304 2017/05/30 14:16:41 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -488,7 +488,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
return NULL;
}
if ((key = sshkey_new_private(ktype)) == NULL)
- fatal("key_new_private failed");
+ fatal("sshkey_new_private failed");
free(type);
switch (key->type) {
@@ -770,7 +770,7 @@ do_print_public(struct passwd *pw)
fatal("%s: %s", identity_file, strerror(errno));
prv = load_identity(identity_file);
if ((r = sshkey_write(prv, stdout)) != 0)
- error("key_write failed: %s", ssh_err(r));
+ error("sshkey_write failed: %s", ssh_err(r));
sshkey_free(prv);
fprintf(stdout, "\n");
exit(0);
@@ -1019,7 +1019,7 @@ do_gen_all_hostkeys(struct passwd *pw)
bits = 0;
type_bits_valid(type, NULL, &bits);
if ((r = sshkey_generate(type, bits, &private)) != 0) {
- error("key_generate failed: %s", ssh_err(r));
+ error("sshkey_generate failed: %s", ssh_err(r));
first = 0;
continue;
}
@@ -1475,7 +1475,7 @@ do_change_comment(struct passwd *pw)
explicit_bzero(passphrase, strlen(passphrase));
free(passphrase);
if ((r = sshkey_from_private(private, &public)) != 0)
- fatal("key_from_private failed: %s", ssh_err(r));
+ fatal("sshkey_from_private failed: %s", ssh_err(r));
sshkey_free(private);
strlcat(identity_file, ".pub", sizeof(identity_file));
@@ -1662,7 +1662,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
OPTIONS_EXTENSIONS);
if ((r = sshkey_from_private(ca,
&public->cert->signature_key)) != 0)
- fatal("key_from_private (ca key): %s", ssh_err(r));
+ fatal("sshkey_from_private (ca key): %s", ssh_err(r));
if ((r = sshkey_certify(public, ca, key_type_name)) != 0)
fatal("Couldn't certify key %s: %s", tmp, ssh_err(r));
@@ -1980,7 +1980,7 @@ do_show_cert(struct passwd *pw)
if (*cp == '#' || *cp == '\0')
continue;
if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
- fatal("key_new");
+ fatal("sshkey_new");
if ((r = sshkey_read(key, &cp)) != 0) {
error("%s:%lu: invalid key: %s", path,
lnum, ssh_err(r));
@@ -2126,7 +2126,7 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
*/
}
if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
- fatal("key_new");
+ fatal("sshkey_new");
if ((r = sshkey_read(key, &cp)) != 0)
fatal("%s:%lu: invalid key: %s",
path, lnum, ssh_err(r));
@@ -2667,9 +2667,9 @@ main(int argc, char **argv)
printf("Generating public/private %s key pair.\n",
key_type_name);
if ((r = sshkey_generate(type, bits, &private)) != 0)
- fatal("key_generate failed");
+ fatal("sshkey_generate failed");
if ((r = sshkey_from_private(private, &public)) != 0)
- fatal("key_from_private failed: %s\n", ssh_err(r));
+ fatal("sshkey_from_private failed: %s\n", ssh_err(r));
if (!have_identity)
ask_filename(pw, "Enter file in which to save the key");
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list