diff options
Diffstat (limited to 'lib/libpam')
-rw-r--r-- | lib/libpam/modules/pam_ssh/pam_ssh.c | 29 |
1 files changed, 14 insertions, 15 deletions
diff --git a/lib/libpam/modules/pam_ssh/pam_ssh.c b/lib/libpam/modules/pam_ssh/pam_ssh.c index 23d18a897cae..9b30ba935a7b 100644 --- a/lib/libpam/modules/pam_ssh/pam_ssh.c +++ b/lib/libpam/modules/pam_ssh/pam_ssh.c @@ -60,10 +60,9 @@ __FBSDID("$FreeBSD$"); #include <openssl/evp.h> #define __bounded__(x, y, z) -#include "key.h" -#include "buffer.h" #include "authfd.h" #include "authfile.h" +#include "sshkey.h" #define ssh_add_identity(auth, key, comment) \ ssh_add_identity_constrained(auth, key, comment, 0, 0, 0) @@ -71,8 +70,8 @@ __FBSDID("$FreeBSD$"); extern char **environ; struct pam_ssh_key { - Key *key; - char *comment; + struct sshkey *key; + char *comment; }; static const char *pam_ssh_prompt = "SSH passphrase: "; @@ -101,14 +100,14 @@ static struct pam_ssh_key * pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase, int nullok) { - struct pam_ssh_key *psk; char fn[PATH_MAX]; + struct pam_ssh_key *psk; + struct sshkey *key; char *comment; - Key *key; + int ret; if (snprintf(fn, sizeof(fn), "%s/%s", dir, kfn) > (int)sizeof(fn)) return (NULL); - comment = NULL; /* * If the key is unencrypted, OpenSSL ignores the passphrase, so * it will seem like the user typed in the right one. This allows @@ -117,21 +116,21 @@ pam_ssh_load_key(const char *dir, const char *kfn, const char *passphrase, * with an empty passphrase, and if the key is not encrypted, * accept only an empty passphrase. */ - key = key_load_private(fn, "", &comment); - if (key != NULL && !(*passphrase == '\0' && nullok)) { - key_free(key); + ret = sshkey_load_private(fn, "", &key, &comment); + if (ret == 0 && !(*passphrase == '\0' && nullok)) { + sshkey_free(key); return (NULL); } - if (key == NULL) - key = key_load_private(fn, passphrase, &comment); - if (key == NULL) { + if (ret != 0) + ret = sshkey_load_private(fn, passphrase, &key, &comment); + if (ret != 0) { openpam_log(PAM_LOG_DEBUG, "failed to load key from %s", fn); return (NULL); } openpam_log(PAM_LOG_DEBUG, "loaded '%s' from %s", comment, fn); if ((psk = malloc(sizeof(*psk))) == NULL) { - key_free(key); + sshkey_free(key); free(comment); return (NULL); } @@ -150,7 +149,7 @@ pam_ssh_free_key(pam_handle_t *pamh __unused, struct pam_ssh_key *psk; psk = data; - key_free(psk->key); + sshkey_free(psk->key); free(psk->comment); free(psk); } |