diff --git a/get_shadow_line.c b/get_shadow_line.c
index a05fdd1..25bd55f 100644
--- a/get_shadow_line.c
+++ b/get_shadow_line.c
@@ -76,7 +76,9 @@ static int connect_with_timeout(int sockfd, struct sockaddr *addr, socklen_t add
     return status;
 }
 
-static int _get_shadow_line_from_server(char *user, char *buf, size_t buflen) {
+#define BUFLEN_SPWD (1024)
+
+int get_shadow_line(char *user, char **line) {
 
     struct sockaddr_in sockaddr;
     bzero(&sockaddr, sizeof(sockaddr));
@@ -112,33 +114,20 @@ static int _get_shadow_line_from_server(char *user, char *buf, size_t buflen) {
         return -1;
     }
 
-    len = ssl_read_with_timeout(ssl, sock, buf, buflen, 1000);
-    if (len<0)
-        return -1;
-    SSL_shutdown(ssl);
-    if (len == buflen) {
-        fprintf(stderr, "%s: buffer to small", __func__);
-        errno = ERANGE;   // as getspent
-        return -1;
-    }
-    buf[len] = '\0';
-    return 0;
-}
-
-#define BUFLEN_SPWD (1024)
-
-int get_shadow_line(char *user, char **line) {
     char *buffer _cleanup_(free_string) = malloc(BUFLEN_SPWD);
     if (buffer == NULL)
         return -1;
-    int status = _get_shadow_line_from_server(user, buffer, BUFLEN_SPWD);
-    if (status == -1) {
-        if (errno == ERANGE) {
-            /* we don't expect reply lines longer than BUFLEN_SPWD. If we get one, regard this as a protocol error */
-            errno = EPROTO;
-        }
+
+    len = ssl_read_with_timeout(ssl, sock, buffer, BUFLEN_SPWD, 1000);
+    if (len<0)
+        return -1;
+    SSL_shutdown(ssl);
+    if (len == BUFLEN_SPWD) {
+        /* we don't expect reply lines longer than BUFLEN_SPWD. If we get one, regard this as a protocol error */
+        errno = EPROTO;
         return -1;
     }
+    buffer[len] = '\0';
     *line = buffer;
     buffer = NULL;
     return 0;