From dc1f09cd765e500c5b75ed954aef94b37a344537 Mon Sep 17 00:00:00 2001 From: Rose <83477269+AtariDreams@users.noreply.github.com> Date: Tue, 4 Jul 2023 19:26:59 -0400 Subject: [PATCH] Remove unused parameters from functions that it is safe to do so in Every case has been proven to be safe as they were not even used to begin with are not used as callbacks or as part of an API. --- channels.c | 21 +++++++++------------ kex.c | 4 ++-- packet.c | 4 ++-- serverloop.c | 4 ++-- session.c | 12 ++++++------ sftp-client.c | 6 +++--- sntrup761.c | 4 ++-- ssh-keygen.c | 39 +++++++++++++++++---------------------- sshconnect.c | 18 +++++++----------- sshconnect2.c | 4 ++-- sshd.c | 6 +++--- 11 files changed, 55 insertions(+), 67 deletions(-) diff --git a/channels.c b/channels.c index f2c873d70ef5..0a84da6beec7 100644 --- a/channels.c +++ b/channels.c @@ -381,7 +381,7 @@ channel_set_xtype(struct ssh *ssh, int id, const char *xctype) * when the channel consumer/producer is ready, e.g. shell exec'd */ static void -channel_register_fds(struct ssh *ssh, Channel *c, int rfd, int wfd, int efd, +channel_register_fds(Channel *c, int rfd, int wfd, int efd, int extusage, int nonblock, int is_tty) { int val; @@ -488,7 +488,7 @@ channel_new(struct ssh *ssh, char *ctype, int type, int rfd, int wfd, int efd, fatal_fr(r, "sshbuf_set_max_size"); c->ostate = CHAN_OUTPUT_OPEN; c->istate = CHAN_INPUT_OPEN; - channel_register_fds(ssh, c, rfd, wfd, efd, extusage, nonblock, 0); + channel_register_fds(c, rfd, wfd, efd, extusage, nonblock, 0); c->self = found; c->type = type; c->ctype = ctype; @@ -1178,7 +1178,7 @@ channel_set_fds(struct ssh *ssh, int id, int rfd, int wfd, int efd, if (!c->have_remote_id) fatal_f("channel %d: no remote id", c->self); - channel_register_fds(ssh, c, rfd, wfd, efd, extusage, nonblock, is_tty); + channel_register_fds(c, rfd, wfd, efd, extusage, nonblock, is_tty); c->type = SSH_CHANNEL_OPEN; c->lastused = monotime(); c->local_window = c->local_window_max = window_max; @@ -1650,7 +1650,7 @@ channel_connect_stdio_fwd(struct ssh *ssh, c->listening_port = 0; c->force_drain = 1; - channel_register_fds(ssh, c, in, out, -1, 0, 1, 0); + channel_register_fds(c, in, out, -1, 0, 1, 0); port_open_helper(ssh, c, "direct-tcpip"); return c; @@ -4596,7 +4596,7 @@ channel_connect_ctx_free(struct channel_connect *cctx) */ static int connect_to_helper(struct ssh *ssh, const char *name, int port, int socktype, - char *ctype, char *rname, struct channel_connect *cctx, + struct channel_connect *cctx, int *reason, const char **errmsg) { struct addrinfo hints; @@ -4669,8 +4669,7 @@ connect_to(struct ssh *ssh, const char *host, int port, int sock; memset(&cctx, 0, sizeof(cctx)); - sock = connect_to_helper(ssh, host, port, SOCK_STREAM, ctype, rname, - &cctx, NULL, NULL); + sock = connect_to_helper(ssh, host, port, SOCK_STREAM, &cctx, NULL, NULL); if (sock == -1) { channel_connect_ctx_free(&cctx); return NULL; @@ -4783,8 +4782,7 @@ channel_connect_to_port(struct ssh *ssh, const char *host, u_short port, } memset(&cctx, 0, sizeof(cctx)); - sock = connect_to_helper(ssh, host, port, SOCK_STREAM, ctype, rname, - &cctx, reason, errmsg); + sock = connect_to_helper(ssh, host, port, SOCK_STREAM, &cctx, reason, errmsg); if (sock == -1) { channel_connect_ctx_free(&cctx); return NULL; @@ -4915,15 +4913,14 @@ rdynamic_connect_finish(struct ssh *ssh, Channel *c) } memset(&cctx, 0, sizeof(cctx)); - sock = connect_to_helper(ssh, c->path, c->host_port, SOCK_STREAM, NULL, - NULL, &cctx, NULL, NULL); + sock = connect_to_helper(ssh, c->path, c->host_port, SOCK_STREAM, &cctx, NULL, NULL); if (sock == -1) channel_connect_ctx_free(&cctx); else { /* similar to SSH_CHANNEL_CONNECTING but we've already sent the open */ c->type = SSH_CHANNEL_RDYNAMIC_FINISH; c->connect_ctx = cctx; - channel_register_fds(ssh, c, sock, sock, -1, 0, 1, 0); + channel_register_fds(c, sock, sock, -1, 0, 1, 0); } return sock; } diff --git a/kex.c b/kex.c index b4e2ab75f541..ce13c9b777c7 100644 --- a/kex.c +++ b/kex.c @@ -855,7 +855,7 @@ choose_enc(struct sshenc *enc, char *client, char *server) } static int -choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server) +choose_mac(struct sshmac *mac, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -1050,7 +1050,7 @@ kex_choose_conf(struct ssh *ssh) authlen = cipher_authlen(newkeys->enc.cipher); /* ignore mac for authenticated encryption */ if (authlen == 0 && - (r = choose_mac(ssh, &newkeys->mac, cprop[nmac], + (r = choose_mac(&newkeys->mac, cprop[nmac], sprop[nmac])) != 0) { kex->failed_choice = peer[nmac]; peer[nmac] = NULL; diff --git a/packet.c b/packet.c index fdb8783bc315..e1361879ed0a 100644 --- a/packet.c +++ b/packet.c @@ -1438,7 +1438,7 @@ ssh_packet_read_expect(struct ssh *ssh, u_int expected_type) } static int -ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) +ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep) { struct session_state *state = ssh->state; const u_char *cp; @@ -1488,7 +1488,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) int r; if (state->mux) - return ssh_packet_read_poll2_mux(ssh, typep, seqnr_p); + return ssh_packet_read_poll2_mux(ssh, typep); *typep = SSH_MSG_NONE; diff --git a/serverloop.c b/serverloop.c index de5fa2e3c2e8..9e640f637ead 100644 --- a/serverloop.c +++ b/serverloop.c @@ -303,7 +303,7 @@ process_input(struct ssh *ssh, int connection_in) * Sends data from internal buffers to client program stdin. */ static void -process_output(struct ssh *ssh, int connection_out) +process_output(struct ssh *ssh) { int r; @@ -397,7 +397,7 @@ server_loop2(struct ssh *ssh, Authctxt *authctxt) if ((r = ssh_packet_check_rekey(ssh)) != 0) fatal_fr(r, "cannot start rekeying"); if (conn_out_ready) - process_output(ssh, connection_out); + process_output(ssh); } collect_children(ssh); free(pfd); diff --git a/session.c b/session.c index 89dcfdab628c..b2e5d77f8fc9 100644 --- a/session.c +++ b/session.c @@ -291,7 +291,7 @@ prepare_auth_info_file(struct passwd *pw, struct sshbuf *info) } static void -set_fwdpermit_from_authopts(struct ssh *ssh, const struct sshauthopt *opts) +set_fwdpermit_from_authopts(struct ssh *ssh) { char *tmp, *cp, *host; int port; @@ -338,7 +338,7 @@ do_authenticated(struct ssh *ssh, Authctxt *authctxt) /* setup the channel layer */ /* XXX - streamlocal? */ - set_fwdpermit_from_authopts(ssh, auth_opts); + set_fwdpermit_from_authopts(ssh); if (!auth_opts->permit_port_forwarding_flag || options.disable_forwarding) { @@ -1198,7 +1198,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell) * first in this order). */ static void -do_rc_files(struct ssh *ssh, Session *s, const char *shell) +do_rc_files(Session *s, const char *shell) { FILE *f = NULL; char *cmd = NULL, *user_rc = NULL; @@ -1304,7 +1304,7 @@ do_nologin(struct passwd *pw) * must be root-owned directories with strict permissions. */ static void -safely_chroot(const char *path, uid_t uid) +safely_chroot(const char *path) { const char *cp; char component[PATH_MAX]; @@ -1393,7 +1393,7 @@ do_setusercontext(struct passwd *pw) (unsigned long long)pw->pw_uid); chroot_path = percent_expand(tmp, "h", pw->pw_dir, "u", pw->pw_name, "U", uidstr, (char *)NULL); - safely_chroot(chroot_path, pw->pw_uid); + safely_chroot(chroot_path); free(tmp); free(chroot_path); /* Make sure we don't attempt to chroot again */ @@ -1637,7 +1637,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) closefrom(STDERR_FILENO + 1); - do_rc_files(ssh, s, shell); + do_rc_files(s, shell); /* restore SIGPIPE for child */ ssh_signal(SIGPIPE, SIG_DFL); diff --git a/sftp-client.c b/sftp-client.c index 098b9121a015..ebe4d1889b02 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -2354,7 +2354,7 @@ upload_dir(struct sftp_conn *conn, const char *src, const char *dst, } static void -handle_dest_replies(struct sftp_conn *to, const char *to_path, int synchronous, +handle_dest_replies(struct sftp_conn *to, int synchronous, u_int *nreqsp, u_int *write_errorp) { struct sshbuf *msg; @@ -2517,7 +2517,7 @@ do_crossload(struct sftp_conn *from, struct sftp_conn *to, } /* Try to eat replies from the upload side (nonblocking) */ - handle_dest_replies(to, to_path, 0, + handle_dest_replies(to, 0, &num_upload_req, &write_error); sshbuf_reset(msg); @@ -2614,7 +2614,7 @@ do_crossload(struct sftp_conn *from, struct sftp_conn *to, /* Drain replies from the server (blocking) */ debug3_f("waiting for %u replies from destination", num_upload_req); - handle_dest_replies(to, to_path, 1, &num_upload_req, &write_error); + handle_dest_replies(to, 1, &num_upload_req, &write_error); /* Sanity check */ if (TAILQ_FIRST(&requests) != NULL) diff --git a/sntrup761.c b/sntrup761.c index 57368bd80610..ea3ac506f039 100644 --- a/sntrup761.c +++ b/sntrup761.c @@ -1148,7 +1148,7 @@ static void ZDecrypt(Inputs r,const unsigned char *c,const unsigned char *sk) #define Confirm_bytes 32 /* h = HashConfirm(r,pk,cache); cache is Hash4(pk) */ -static void HashConfirm(unsigned char *h,const unsigned char *r,const unsigned char *pk,const unsigned char *cache) +static void HashConfirm(unsigned char *h,const unsigned char *r,const unsigned char *cache) { #ifndef LPR unsigned char x[Hash_bytes*2]; @@ -1205,7 +1205,7 @@ static void Hide(unsigned char *c,unsigned char *r_enc,const Inputs r,const unsi { Inputs_encode(r_enc,r); ZEncrypt(c,r,pk); c += Ciphertexts_bytes; - HashConfirm(c,r_enc,pk,cache); + HashConfirm(c,r_enc,cache); } /* c,k = Encap(pk) */ diff --git a/ssh-keygen.c b/ssh-keygen.c index fd2725c25a9d..43dca3e2b995 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -835,7 +835,7 @@ do_print_public(struct passwd *pw) } static void -do_download(struct passwd *pw) +do_download(void) { #ifdef ENABLE_PKCS11 struct sshkey **keys = NULL; @@ -1481,7 +1481,7 @@ do_change_passphrase(struct passwd *pw) * Print the SSHFP RR. */ static int -do_print_resource_record(struct passwd *pw, char *fname, char *hname, +do_print_resource_record(char *fname, char *hname, int print_generic, char * const *opts, size_t nopts) { struct sshkey *public; @@ -1709,7 +1709,7 @@ finalise_cert_exts(void) } static struct sshkey * -load_pkcs11_key(char *path) +load_pkcs11_key() { #ifdef ENABLE_PKCS11 struct sshkey **keys = NULL, *public, *private = NULL; @@ -1771,7 +1771,7 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, tmp = tilde_expand_filename(ca_key_path, pw->pw_uid); if (pkcs11provider != NULL) { /* If a PKCS#11 token was specified then try to use it */ - if ((ca = load_pkcs11_key(tmp)) == NULL) + if ((ca = load_pkcs11_key()) == NULL) fatal("No PKCS#11 key matching %s found", ca_key_path); } else if (prefer_agent) { /* @@ -2471,7 +2471,7 @@ do_gen_krl(struct passwd *pw, int updating, const char *ca_key_path, } static void -do_check_krl(struct passwd *pw, int print_krl, int argc, char **argv) +do_check_krl(int print_krl, int argc, char **argv) { int i, r, ret = 0; char *comment; @@ -2946,7 +2946,7 @@ sig_match_principals(const char *allowed_keys, char *principal, } static void -do_moduli_gen(const char *out_file, char **opts, size_t nopts) +do_moduli_gen(char **opts, size_t nopts) { #ifdef WITH_OPENSSL /* Moduli generation/screening */ @@ -2999,7 +2999,7 @@ do_moduli_gen(const char *out_file, char **opts, size_t nopts) } static void -do_moduli_screen(const char *out_file, char **opts, size_t nopts) +do_moduli_screen(char **opts, size_t nopts) { #ifdef WITH_OPENSSL /* Moduli generation/screening */ @@ -3690,7 +3690,7 @@ main(int argc, char **argv) return (0); } if (check_krl) { - do_check_krl(pw, print_fingerprint, argc, argv); + do_check_krl(print_fingerprint, argc, argv); return (0); } if (ca_key_path != NULL) { @@ -3708,7 +3708,7 @@ main(int argc, char **argv) delete_host, hash_hosts); } if (pkcs11provider != NULL) - do_download(pw); + do_download(); if (download_sk) { for (i = 0; i < nopts; i++) { if (strncasecmp(opts[i], "device=", 7) == 0) { @@ -3741,27 +3741,22 @@ main(int argc, char **argv) unsigned int n = 0; if (have_identity) { - n = do_print_resource_record(pw, identity_file, + n = do_print_resource_record(identity_file, rr_hostname, print_generic, opts, nopts); if (n == 0) fatal("%s: %s", identity_file, strerror(errno)); exit(0); } else { - n += do_print_resource_record(pw, - _PATH_HOST_RSA_KEY_FILE, rr_hostname, + n += do_print_resource_record(_PATH_HOST_RSA_KEY_FILE, rr_hostname, print_generic, opts, nopts); - n += do_print_resource_record(pw, - _PATH_HOST_DSA_KEY_FILE, rr_hostname, + n += do_print_resource_record(_PATH_HOST_DSA_KEY_FILE, rr_hostname, print_generic, opts, nopts); - n += do_print_resource_record(pw, - _PATH_HOST_ECDSA_KEY_FILE, rr_hostname, + n += do_print_resource_record(_PATH_HOST_ECDSA_KEY_FILE, rr_hostname, print_generic, opts, nopts); - n += do_print_resource_record(pw, - _PATH_HOST_ED25519_KEY_FILE, rr_hostname, + n += do_print_resource_record(_PATH_HOST_ED25519_KEY_FILE, rr_hostname, print_generic, opts, nopts); - n += do_print_resource_record(pw, - _PATH_HOST_XMSS_KEY_FILE, rr_hostname, + n += do_print_resource_record(_PATH_HOST_XMSS_KEY_FILE, rr_hostname, print_generic, opts, nopts); if (n == 0) fatal("no keys found."); @@ -3776,11 +3771,11 @@ main(int argc, char **argv) fatal("Too many output files specified"); } if (do_gen_candidates) { - do_moduli_gen(argv[0], opts, nopts); + do_moduli_gen(opts, nopts); return 0; } if (do_screen_candidates) { - do_moduli_screen(argv[0], opts, nopts); + do_moduli_screen(opts, nopts); return 0; } diff --git a/sshconnect.c b/sshconnect.c index e6012f01e4d9..e86ea9b7e918 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -85,8 +85,7 @@ static void warn_changed_key(struct sshkey *); /* Expand a proxy command */ static char * -expand_proxy_command(const char *proxy_command, const char *user, - const char *host, const char *host_arg, int port) +expand_proxy_command(const char *proxy_command, const char *host, const char *host_arg, int port) { char *tmp, *ret, strport[NI_MAXSERV]; const char *keyalias = options.host_key_alias ? @@ -125,8 +124,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, fatal("Could not create socketpair to communicate with " "proxy dialer: %.100s", strerror(errno)); - command_string = expand_proxy_command(proxy_command, options.user, - host, host_arg, port); + command_string = expand_proxy_command(proxy_command, host, host_arg, port); debug("Executing proxy dialer command: %.500s", command_string); /* Fork and execute the proxy command. */ @@ -208,8 +206,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, const char *host_arg, fatal("Could not create pipes to communicate with the proxy: %.100s", strerror(errno)); - command_string = expand_proxy_command(proxy_command, options.user, - host, host_arg, port); + command_string = expand_proxy_command(proxy_command, host, host_arg, port); debug("Executing proxy command: %.500s", command_string); /* Fork and execute the proxy command. */ @@ -289,7 +286,7 @@ ssh_kill_proxy_command(void) * Returns 0 and fills in *resultp and *rlenp on success. Returns -1 on failure. */ static int -check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs, +check_ifaddrs(int af, const struct ifaddrs *ifaddrs, struct sockaddr_storage *resultp, socklen_t *rlenp) { struct sockaddr_in6 *sa6; @@ -399,7 +396,7 @@ ssh_create_socket(struct addrinfo *ai) goto fail; } bindaddrlen = sizeof(bindaddr); - if (check_ifaddrs(options.bind_interface, ai->ai_family, + if (check_ifaddrs(ai->ai_family, ifaddrs, &bindaddr, &bindaddrlen) != 0) { logit("getifaddrs: %s: no suitable addresses", options.bind_interface); @@ -445,7 +442,7 @@ ssh_create_socket(struct addrinfo *ai) */ static int ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, - struct sockaddr_storage *hostaddr, u_short port, int connection_attempts, + struct sockaddr_storage *hostaddr, int connection_attempts, int *timeout_ms, int want_keepalive) { int on = 1, saved_timeout_ms = *timeout_ms; @@ -541,8 +538,7 @@ ssh_connect(struct ssh *ssh, const char *host, const char *host_arg, int in, out; if (options.proxy_command == NULL) { - return ssh_connect_direct(ssh, host, addrs, hostaddr, port, - connection_attempts, timeout_ms, want_keepalive); + return ssh_connect_direct(ssh, host, addrs, hostaddr, connection_attempts, timeout_ms, want_keepalive); } else if (strcmp(options.proxy_command, "-") == 0) { if ((in = dup(STDIN_FILENO)) == -1 || (out = dup(STDOUT_FILENO)) == -1) { diff --git a/sshconnect2.c b/sshconnect2.c index bc05f02142fd..f007c3098753 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -2001,7 +2001,7 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh) } static int -ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, +ssh_keysign(struct ssh *ssh, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen) { struct sshbuf *b; @@ -2217,7 +2217,7 @@ userauth_hostbased(struct ssh *ssh) #ifdef DEBUG_PK sshbuf_dump(b, stderr); #endif - if ((r = ssh_keysign(ssh, private, &sig, &siglen, + if ((r = ssh_keysign(ssh, &sig, &siglen, sshbuf_ptr(b), sshbuf_len(b))) != 0) { error("sign using hostkey %s %s failed", sshkey_ssh_name(private), fp); diff --git a/sshd.c b/sshd.c index 264e81ac705b..10bedb880900 100644 --- a/sshd.c +++ b/sshd.c @@ -659,7 +659,7 @@ list_hostkey_types(void) } static struct sshkey * -get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) +get_hostkey_by_type(int type, int nid, int need_private) { u_int i; struct sshkey *key; @@ -702,13 +702,13 @@ get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) struct sshkey * get_hostkey_public_by_type(int type, int nid, struct ssh *ssh) { - return get_hostkey_by_type(type, nid, 0, ssh); + return get_hostkey_by_type(type, nid, 0); } struct sshkey * get_hostkey_private_by_type(int type, int nid, struct ssh *ssh) { - return get_hostkey_by_type(type, nid, 1, ssh); + return get_hostkey_by_type(type, nid, 1); } struct sshkey *