diff --git a/crypto/openssh/ChangeLog b/crypto/openssh/ChangeLog index 826e8c337d2d..1a0d2545eeeb 100644 --- a/crypto/openssh/ChangeLog +++ b/crypto/openssh/ChangeLog @@ -1,11 +1,628 @@ +20130913 + - (djm) [channels.c] Fix unaligned access on sparc machines in SOCKS5 code; + ok dtucker@ + - (djm) [channels.c] sigh, typo s/buffet_/buffer_/ + - (djm) Release 6.3p1 + +20130808 + - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt + since some platforms (eg really old FreeBSD) don't have it. Instead, + run "make clean" before a complete regress run. ok djm. + - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime( + CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the + CLOCK_MONOTONIC define but don't actually support it. Found and tested + by Kevin Brott, ok djm. + - (dtucker) [misc.c] Remove define added for fallback testing that was + mistakenly included in the previous commit. + - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt + removal. The "make clean" removes modpipe which is built by the top-level + directory before running the tests. Spotted by tim@ + +20130804 + - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support + for building with older Heimdal versions. ok djm. + +20130801 + - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non- + blocking connecting socket will clear any stored errno that might + otherwise have been retrievable via getsockopt(). A hack to limit writes + to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap + it in an #ifdef. Diagnosis and patch from Ivo Raisr. + - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134 + +20130725 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/07/20 22:20:42 + [krl.c] + fix verification error in (as-yet usused) KRL signature checking path + - djm@cvs.openbsd.org 2013/07/22 05:00:17 + [umac.c] + make MAC key, data to be hashed and nonce for final hash const; + checked with -Wcast-qual + - djm@cvs.openbsd.org 2013/07/22 12:20:02 + [umac.h] + oops, forgot to commit corresponding header change; + spotted by jsg and jasper + - djm@cvs.openbsd.org 2013/07/25 00:29:10 + [ssh.c] + daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure + it is fully detached from its controlling terminal. based on debugging + - djm@cvs.openbsd.org 2013/07/25 00:56:52 + [sftp-client.c sftp-client.h sftp.1 sftp.c] + sftp support for resuming partial downloads; patch mostly by Loganaden + Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@ + "Just be careful" deraadt@ + - djm@cvs.openbsd.org 2013/07/25 00:57:37 + [version.h] + openssh-6.3 for release + - dtucker@cvs.openbsd.org 2013/05/30 20:12:32 + [regress/test-exec.sh] + use ssh and sshd as testdata since it needs to be >256k for the rekey test + - dtucker@cvs.openbsd.org 2013/06/10 21:56:43 + [regress/forwarding.sh] + Add test for forward config parsing + - djm@cvs.openbsd.org 2013/06/21 02:26:26 + [regress/sftp-cmds.sh regress/test-exec.sh] + unbreak sftp-cmds for renamed test data (s/ls/data/) + - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on + Solaris and UnixWare. Feedback and OK djm@ + - (tim) [regress/forwarding.sh] Fix for building outside source tree. + +20130720 + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2013/07/19 07:37:48 + [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] + [servconf.h session.c sshd.c sshd_config.5] + add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, + or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 + ok djm@ + - djm@cvs.openbsd.org 2013/07/20 01:43:46 + [umac.c] + use a union to ensure correct alignment; ok deraadt + - djm@cvs.openbsd.org 2013/07/20 01:44:37 + [ssh-keygen.c ssh.c] + More useful error message on missing current user in /etc/passwd + - djm@cvs.openbsd.org 2013/07/20 01:50:20 + [ssh-agent.c] + call cleanup_handler on SIGINT when in debug mode to ensure sockets + are cleaned up on manual exit; bz#2120 + - djm@cvs.openbsd.org 2013/07/20 01:55:13 + [auth-krb5.c gss-serv-krb5.c gss-serv.c] + fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@ + +20130718 + - (djm) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2013/06/10 19:19:44 + [readconf.c] + revert 1.203 while we investigate crashes reported by okan@ + - guenther@cvs.openbsd.org 2013/06/17 04:48:42 + [scp.c] + Handle time_t values as long long's when formatting them and when + parsing them from remote servers. + Improve error checking in parsing of 'T' lines. + ok dtucker@ deraadt@ + - markus@cvs.openbsd.org 2013/06/20 19:15:06 + [krl.c] + don't leak the rdata blob on errors; ok djm@ + - djm@cvs.openbsd.org 2013/06/21 00:34:49 + [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c] + for hostbased authentication, print the client host and user on + the auth success/failure line; bz#2064, ok dtucker@ + - djm@cvs.openbsd.org 2013/06/21 00:37:49 + [ssh_config.5] + explicitly mention that IdentitiesOnly can be used with IdentityFile + to control which keys are offered from an agent. + - djm@cvs.openbsd.org 2013/06/21 05:42:32 + [dh.c] + sprinkle in some error() to explain moduli(5) parse failures + - djm@cvs.openbsd.org 2013/06/21 05:43:10 + [scp.c] + make this -Wsign-compare clean after time_t conversion + - djm@cvs.openbsd.org 2013/06/22 06:31:57 + [scp.c] + improved time_t overflow check suggested by guenther@ + - jmc@cvs.openbsd.org 2013/06/27 14:05:37 + [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] + do not use Sx for sections outwith the man page - ingo informs me that + stuff like html will render with broken links; + issue reported by Eric S. Raymond, via djm + - markus@cvs.openbsd.org 2013/07/02 12:31:43 + [dh.c] + remove extra whitespace + - djm@cvs.openbsd.org 2013/07/12 00:19:59 + [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c] + [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c] + fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ + - djm@cvs.openbsd.org 2013/07/12 00:20:00 + [sftp.c ssh-keygen.c ssh-pkcs11.c] + fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ + - djm@cvs.openbsd.org 2013/07/12 00:43:50 + [misc.c] + in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when + errno == 0. Avoids confusing error message in some broken resolver + cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker + - djm@cvs.openbsd.org 2013/07/12 05:42:03 + [ssh-keygen.c] + do_print_resource_record() can never be called with a NULL filename, so + don't attempt (and bungle) asking for one if it has not been specified + bz#2127 ok dtucker@ + - djm@cvs.openbsd.org 2013/07/12 05:48:55 + [ssh.c] + set TCP nodelay for connections started with -N; bz#2124 ok dtucker@ + - schwarze@cvs.openbsd.org 2013/07/16 00:07:52 + [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8] + use .Mt for email addresses; from Jan Stary ; ok jmc@ + - djm@cvs.openbsd.org 2013/07/18 01:12:26 + [ssh.1] + be more exact wrt perms for ~/.ssh/config; bz#2078 + +20130702 + - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config + contrib/cygwin/ssh-user-config] Modernizes and improve readability of + the Cygwin README file (which hasn't been updated for ages), drop + unsupported OSes from the ssh-host-config help text, and drop an + unneeded option from ssh-user-config. Patch from vinschen at redhat com. + +20130610 + - (djm) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2013/06/07 15:37:52 + [channels.c channels.h clientloop.c] + Add an "ABANDONED" channel state and use for mux sessions that are + disconnected via the ~. escape sequence. Channels in this state will + be able to close if the server responds, but do not count as active channels. + This means that if you ~. all of the mux clients when using ControlPersist + on a broken network, the backgrounded mux master will exit when the + Control Persist time expires rather than hanging around indefinitely. + bz#1917, also reported and tested by tedu@. ok djm@ markus@. + - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported + algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages. + - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't have + the required OpenSSL support. Patch from naddy at freebsd. + - (dtucker) [myproposal.h] Make the conditional algorithm support consistent + and add some comments so it's clear what goes where. + +20130605 + - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of + the necessary functions, not from the openssl version. + - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test. + Patch from cjwatson at debian. + - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, the + forwarding test is extremely slow copying data on some machines so switch + back to copying the much smaller ls binary until we can figure out why + this is. + - (dtucker) [Makefile.in] append $CFLAGS to compiler options when building + modpipe in case there's anything in there we need. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2013/06/02 21:01:51 + [channels.h] + typo in comment + - dtucker@cvs.openbsd.org 2013/06/02 23:36:29 + [clientloop.h clientloop.c mux.c] + No need for the mux cleanup callback to be visible so restore it to static + and call it through the detach_user function pointer. ok djm@ + - dtucker@cvs.openbsd.org 2013/06/03 00:03:18 + [mac.c] + force the MAC output to be 64-bit aligned so umac won't see unaligned + accesses on strict-alignment architectures. bz#2101, patch from + tomas.kuthan at oracle.com, ok djm@ + - dtucker@cvs.openbsd.org 2013/06/04 19:12:23 + [scp.c] + use MAXPATHLEN for buffer size instead of fixed value. ok markus + - dtucker@cvs.openbsd.org 2013/06/04 20:42:36 + [sftp.c] + Make sftp's libedit interface marginally multibyte aware by building up + the quoted string by character instead of by byte. Prevents failures + when linked against a libedit built with wide character support (bz#1990). + "looks ok" djm + - dtucker@cvs.openbsd.org 2013/06/05 02:07:29 + [mux.c] + fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967, + ok djm + - dtucker@cvs.openbsd.org 2013/06/05 02:27:50 + [sshd.c] + When running sshd -D, close stderr unless we have explicitly requesting + logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch + so, err, ok dtucker. + - dtucker@cvs.openbsd.org 2013/06/05 12:52:38 + [sshconnect2.c] + Fix memory leaks found by Zhenbo Xu and the Melton tool. bz#1967, ok djm + - dtucker@cvs.openbsd.org 2013/06/05 22:00:28 + [readconf.c] + plug another memleak. bz#1967, from Zhenbo Xu, detected by Melton, ok djm + - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for + platforms that don't have multibyte character support (specifically, + mblen). + +20130602 + - (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy + linking regress/modpipe. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2013/06/02 13:33:05 + [progressmeter.c] + Add misc.h for monotime prototype. (ID sync only). + - dtucker@cvs.openbsd.org 2013/06/02 13:35:58 + [ssh-agent.c] + Make parent_alive_interval time_t to avoid signed/unsigned comparison + - (dtucker) [configure.ac] sys/un.h needs sys/socket.h on some platforms + to prevent noise from configure. Patch from Nathan Osman. (bz#2114). + - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android. + Patch from Nathan Osman. + - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we + need a shell that can handle "[ file1 -nt file2 ]". Rather than keep + dealing with shell portability issues in regression tests, we let + configure find us a capable shell on those platforms with an old /bin/sh. + - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr. + feedback and ok dtucker + - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker + - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h. + - (dtucker) [configure.ac] Some other platforms need sys/types.h before + sys/socket.h. + +20130601 + - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to + using openssl's DES_crypt function on platorms that don't have a native + one, eg Android. Based on a patch from Nathan Osman. + - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS + rather than trying to enumerate the plaforms that don't have them. + Based on a patch from Nathan Osman, with help from tim@. + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/05/17 00:13:13 + [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c + ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c + gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c + auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c + servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c + auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c + sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c + kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c + kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c + monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c + ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c + sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c + ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c + dns.c packet.c readpass.c authfd.c moduli.c] + bye, bye xfree(); ok markus@ + - djm@cvs.openbsd.org 2013/05/19 02:38:28 + [auth2-pubkey.c] + fix failure to recognise cert-authority keys if a key of a different type + appeared in authorized_keys before it; ok markus@ + - djm@cvs.openbsd.org 2013/05/19 02:42:42 + [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h] + Standardise logging of supplemental information during userauth. Keys + and ruser is now logged in the auth success/failure message alongside + the local username, remote host/port and protocol in use. Certificates + contents and CA are logged too. + Pushing all logging onto a single line simplifies log analysis as it is + no longer necessary to relate information scattered across multiple log + entries. "I like it" markus@ + - dtucker@cvs.openbsd.org 2013/05/31 12:28:10 + [ssh-agent.c] + Use time_t where appropriate. ok djm + - dtucker@cvs.openbsd.org 2013/06/01 13:15:52 + [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c + channels.c sandbox-systrace.c] + Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like + keepalives and rekeying will work properly over clock steps. Suggested by + markus@, "looks good" djm@. + - dtucker@cvs.openbsd.org 2013/06/01 20:59:25 + [scp.c sftp-client.c] + Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch + from Nathan Osman via bz#2085. ok deraadt. + - dtucker@cvs.openbsd.org 2013/06/01 22:34:50 + [sftp-client.c] + Update progressmeter when data is acked, not when it's sent. bz#2108, from + Debian via Colin Watson, ok djm@ + - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c + groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c + sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c + openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c + openbsd-compat/port-linux.c] Replace portable-specific instances of xfree + with the equivalent calls to free. + - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall + back to time(NULL) if we can't find it anywhere. + - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday. + +20130529 + - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null + implementation of endgrent for platforms that don't have it (eg Android). + Loosely based on a patch from Nathan Osman, ok djm + + 20130517 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/03/07 00:20:34 + [regress/proxy-connect.sh] + repeat test with a style appended to the username + - dtucker@cvs.openbsd.org 2013/03/23 11:09:43 + [regress/test-exec.sh] + Only regenerate host keys if they don't exist or if ssh-keygen has changed + since they were. Reduces test runtime by 5-30% depending on machine + speed. + - dtucker@cvs.openbsd.org 2013/04/06 06:00:22 + [regress/rekey.sh regress/test-exec.sh regress/integrity.sh + regress/multiplex.sh Makefile regress/cfgmatch.sh] + Split the regress log into 3 parts: the debug output from ssh, the debug + log from sshd and the output from the client command (ssh, scp or sftp). + Somewhat functional now, will become more useful when ssh/sshd -E is added. + - dtucker@cvs.openbsd.org 2013/04/07 02:16:03 + [regress/Makefile regress/rekey.sh regress/integrity.sh + regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh] + use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and + save the output from any failing tests. If a test fails the debug output + from ssh and sshd for the failing tests (and only the failing tests) should + be available in failed-ssh{,d}.log. + - djm@cvs.openbsd.org 2013/04/18 02:46:12 + [regress/Makefile regress/sftp-chroot.sh] + test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@ + - dtucker@cvs.openbsd.org 2013/04/22 07:23:08 + [regress/multiplex.sh] + Write mux master logs to regress.log instead of ssh.log to keep separate + - djm@cvs.openbsd.org 2013/05/10 03:46:14 + [regress/modpipe.c] + sync some portability changes from portable OpenSSH (id sync only) + - dtucker@cvs.openbsd.org 2013/05/16 02:10:35 + [regress/rekey.sh] + Add test for time-based rekeying + - dtucker@cvs.openbsd.org 2013/05/16 03:33:30 + [regress/rekey.sh] + test rekeying when there's no data being transferred + - dtucker@cvs.openbsd.org 2013/05/16 04:26:10 + [regress/rekey.sh] + add server-side rekey test + - dtucker@cvs.openbsd.org 2013/05/16 05:48:31 + [regress/rekey.sh] + add tests for RekeyLimit parsing + - dtucker@cvs.openbsd.org 2013/05/17 00:37:40 + [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh + regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh + regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh + regress/ssh-com.sh] + replace 'echo -n' with 'printf' since it's more portable + also remove "echon" hack. + - dtucker@cvs.openbsd.org 2013/05/17 01:16:09 + [regress/agent-timeout.sh] + Pull back some portability changes from -portable: + - TIMEOUT is a read-only variable in some shells + - not all greps have -q so redirect to /dev/null instead. + (ID sync only) + - dtucker@cvs.openbsd.org 2013/05/17 01:32:11 + [regress/integrity.sh] + don't print output from ssh before getting it (it's available in ssh.log) + - dtucker@cvs.openbsd.org 2013/05/17 04:29:14 + [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh + regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh + regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh + regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh + regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh + regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh + regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh + regress/multiplex.sh] + Move the setting of DATA and COPY into test-exec.sh + - dtucker@cvs.openbsd.org 2013/05/17 10:16:26 + [regress/try-ciphers.sh] + use expr for math to keep diffs vs portable down + (id sync only) + - dtucker@cvs.openbsd.org 2013/05/17 10:23:52 + [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh] + Use SUDO when cat'ing pid files and running the sshd log wrapper so that + it works with a restrictive umask and the pid files are not world readable. + Changes from -portable. (id sync only) + - dtucker@cvs.openbsd.org 2013/05/17 10:24:48 + [regress/localcommand.sh] + use backticks for portability. (id sync only) + - dtucker@cvs.openbsd.org 2013/05/17 10:26:26 + [regress/sftp-badcmds.sh] + remove unused BATCH variable. (id sync only) + - dtucker@cvs.openbsd.org 2013/05/17 10:28:11 + [regress/sftp.sh] + only compare copied data if sftp succeeds. from portable (id sync only) + - dtucker@cvs.openbsd.org 2013/05/17 10:30:07 + [regress/test-exec.sh] + wait a bit longer for startup and use case for absolute path. + from portable (id sync only) + - dtucker@cvs.openbsd.org 2013/05/17 10:33:09 + [regress/agent-getpeereid.sh] + don't redirect stdout from sudo. from portable (id sync only) + - dtucker@cvs.openbsd.org 2013/05/17 10:34:30 + [regress/portnum.sh] + use a more portable negated if structure. from portable (id sync only) + - dtucker@cvs.openbsd.org 2013/05/17 10:35:43 + [regress/scp.sh] + use a file extention that's not special on some platforms. from portable + (id sync only) + - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it + in portable and it's long gone in openbsd. + - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange + methods. When the openssl version doesn't support ECDH then next one on + the list is DH group exchange, but that causes a bit more traffic which can + mean that the tests flip bits in the initial exchange rather than the MACed + traffic and we get different errors to what the tests look for. + - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits. + - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd. + - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd. + - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh] + Move the jot helper function to portable-specific part of test-exec.sh. + - (dtucker) [regress/test-exec.sh] Move the portable-specific functions + together and add a couple of missing lines from openbsd. + - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5 + helper function to the portable part of test-exec.sh. + - (dtucker) [regress/runtests.sh] Remove obsolete test driver script. + - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by + rev 1.6 which calls wait. + +20130516 + - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be + executed if mktemp failed; bz#2105 ok dtucker@ + - (dtucker) OpenBSD CVS Sync + - tedu@cvs.openbsd.org 2013/04/23 17:49:45 + [misc.c] + use xasprintf instead of a series of strlcats and strdup. ok djm + - tedu@cvs.openbsd.org 2013/04/24 16:01:46 + [misc.c] + remove extra parens noticed by nicm + - dtucker@cvs.openbsd.org 2013/05/06 07:35:12 + [sftp-server.8] + Reference the version of the sftp draft we actually implement. ok djm@ + - djm@cvs.openbsd.org 2013/05/10 03:40:07 + [sshconnect2.c] + fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from + Colin Watson + - djm@cvs.openbsd.org 2013/05/10 04:08:01 + [key.c] + memleak in cert_free(), wasn't actually freeing the struct; + bz#2096 from shm AT digitalsun.pl + - dtucker@cvs.openbsd.org 2013/05/10 10:13:50 + [ssh-pkcs11-helper.c] + remove unused extern optarg. ok markus@ + - dtucker@cvs.openbsd.org 2013/05/16 02:00:34 + [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c + ssh_config.5 packet.h] + Add an optional second argument to RekeyLimit in the client to allow + rekeying based on elapsed time in addition to amount of traffic. + with djm@ jmc@, ok djm + - dtucker@cvs.openbsd.org 2013/05/16 04:09:14 + [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config + sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing + rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man + page. + - djm@cvs.openbsd.org 2013/05/16 04:27:50 + [ssh_config.5 readconf.h readconf.c] + add the ability to ignore specific unrecognised ssh_config options; + bz#866; ok markus@ + - jmc@cvs.openbsd.org 2013/05/16 06:28:45 + [ssh_config.5] + put IgnoreUnknown in the right place; + - jmc@cvs.openbsd.org 2013/05/16 06:30:06 + [sshd_config.5] + oops! avoid Xr to self; + - dtucker@cvs.openbsd.org 2013/05/16 09:08:41 + [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c] + Fix some "unused result" warnings found via clang and -portable. + ok markus@ + - dtucker@cvs.openbsd.org 2013/05/16 09:12:31 + [readconf.c servconf.c] + switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@ + - dtucker@cvs.openbsd.org 2013/05/16 10:43:34 + [servconf.c readconf.c] + remove now-unused variables + - dtucker@cvs.openbsd.org 2013/05/16 10:44:06 + [servconf.c] + remove another now-unused variable + - (dtucker) [configure.ac readconf.c servconf.c + openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled. + 20130510 - - (djm) OpenBSD CVS Cherrypick + - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler + supports it. Mentioned by Colin Watson in bz#2100, ok djm. + - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to + getopt.c. Preprocessed source is identical other than line numbers. + - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No + portability changes yet. + - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c + openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add + portability code to getopt_long.c and switch over Makefile and the ugly + hack in modpipe.c. Fixes bz#1448. + - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c + openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb + in to use it when we're using our own getopt. + - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the + underlying libraries support them. + - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so + we don't get a warning on compilers that *don't* support it. Add + -Wno-unknown-warning-option. Move both to the start of the list for + maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9. + +20130423 + - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support + platforms, such as Android, that lack struct passwd.pw_gecos. Report + and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@ + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2013/03/05 20:16:09 + [sshconnect2.c] + reset pubkey order on partial success; ok djm@ + - djm@cvs.openbsd.org 2013/03/06 23:35:23 + [session.c] + fatal() when ChrootDirectory specified by running without root privileges; + ok markus@ + - djm@cvs.openbsd.org 2013/03/06 23:36:53 + [readconf.c] + g/c unused variable (-Wunused) + - djm@cvs.openbsd.org 2013/03/07 00:19:59 + [auth2-pubkey.c monitor.c] + reconstruct the original username that was sent by the client, which may + have included a style (e.g. "root:skey") when checking public key + signatures. Fixes public key and hostbased auth when the client specified + a style; ok markus@ + - markus@cvs.openbsd.org 2013/03/07 19:27:25 + [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] + add submethod support to AuthenticationMethods; ok and freedback djm@ + - djm@cvs.openbsd.org 2013/03/08 06:32:58 + [ssh.c] + allow "ssh -f none ..." ok markus@ + - djm@cvs.openbsd.org 2013/04/05 00:14:00 + [auth2-gss.c krl.c sshconnect2.c] + hush some {unused, printf type} warnings + - djm@cvs.openbsd.org 2013/04/05 00:31:49 + [pathnames.h] + use the existing _PATH_SSH_USER_RC define to construct the other + pathnames; bz#2077, ok dtucker@ (no binary change) + - djm@cvs.openbsd.org 2013/04/05 00:58:51 + [mux.c] + cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too + (in addition to ones already in OPEN); bz#2079, ok dtucker@ + - markus@cvs.openbsd.org 2013/04/06 16:07:00 + [channels.c sshd.c] + handle ECONNABORTED for accept(); ok deraadt some time ago... + - dtucker@cvs.openbsd.org 2013/04/07 02:10:33 + [log.c log.h ssh.1 ssh.c sshd.8 sshd.c] + Add -E option to ssh and sshd to append debugging logs to a specified file + instead of stderr or syslog. ok markus@, man page help jmc@ + - dtucker@cvs.openbsd.org 2013/04/07 09:40:27 + [sshd.8] + clarify -e text. suggested by & ok jmc@ - djm@cvs.openbsd.org 2013/04/11 02:27:50 [packet.c] quiet disconnect notifications on the server from error() back to logit() if it is a normal client closure; bz#2057 ok+feedback dtucker@ - - (djm) [version.h contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Crank version numbers for release. + - dtucker@cvs.openbsd.org 2013/04/17 09:04:09 + [session.c] + revert rev 1.262; it fails because uid is already set here. ok djm@ + - djm@cvs.openbsd.org 2013/04/18 02:16:07 + [sftp.c] + make "sftp -q" do what it says on the sticker: hush everything but errors; + ok dtucker@ + - djm@cvs.openbsd.org 2013/04/19 01:00:10 + [sshd_config.5] + document the requirment that the AuthorizedKeysCommand be owned by root; + ok dtucker@ markus@ + - djm@cvs.openbsd.org 2013/04/19 01:01:00 + [ssh-keygen.c] + fix some memory leaks; bz#2088 ok dtucker@ + - djm@cvs.openbsd.org 2013/04/19 01:03:01 + [session.c] + reintroduce 1.262 without the connection-killing bug: + fatal() when ChrootDirectory specified by running without root privileges; + ok markus@ + - djm@cvs.openbsd.org 2013/04/19 01:06:50 + [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c] + [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c] + add the ability to query supported ciphers, MACs, key type and KEX + algorithms to ssh. Includes some refactoring of KEX and key type handling + to be table-driven; ok markus@ + - djm@cvs.openbsd.org 2013/04/19 11:10:18 + [ssh.c] + add -Q to usage; reminded by jmc@ + - djm@cvs.openbsd.org 2013/04/19 12:07:08 + [kex.c] + remove duplicated list entry pointed out by naddy@ + - dtucker@cvs.openbsd.org 2013/04/22 01:17:18 + [mux.c] + typo in debug output: evitval->exitval + +20130418 + - (djm) [config.guess config.sub] Update to last versions before they switch + to GPL3. ok dtucker@ + - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from + unused argument warnings (in particular, -fno-builtin-memset) from clang. 20130404 - (dtucker) OpenBSD CVS Sync @@ -34,10 +651,16 @@ to avoid conflicting definitions of __int64, adding the required bits. Patch from Corinna Vinschen. +20120323 + - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit. + 20120322 - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil Hands' greatly revised version. - (djm) Release 6.2p1 + - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype. + - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before + defining it again. Prevents warnings if someone, eg, sets it in CFLAGS. 20120318 - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c] diff --git a/crypto/openssh/README b/crypto/openssh/README index 52bb657d6a24..ece2dba19c2e 100644 --- a/crypto/openssh/README +++ b/crypto/openssh/README @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-6.2p2 for the release notes. +See http://www.openssh.com/txt/release-6.3 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.82.2.1 2013/05/10 06:12:54 djm Exp $ +$Id: README,v 1.83 2013/07/25 02:34:00 djm Exp $ diff --git a/crypto/openssh/aclocal.m4 b/crypto/openssh/aclocal.m4 index 9bdea5ec23bb..1b3bed790539 100644 --- a/crypto/openssh/aclocal.m4 +++ b/crypto/openssh/aclocal.m4 @@ -1,4 +1,4 @@ -dnl $Id: aclocal.m4,v 1.8 2011/05/20 01:45:25 djm Exp $ +dnl $Id: aclocal.m4,v 1.9 2013/06/02 21:31:27 tim Exp $ dnl dnl OpenSSH-specific autoconf macros dnl @@ -14,8 +14,15 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{ _define_flag="$2" test "x$_define_flag" = "x" && _define_flag="$1" AC_COMPILE_IFELSE([AC_LANG_SOURCE([[int main(void) { return 0; }]])], - [ AC_MSG_RESULT([yes]) - CFLAGS="$saved_CFLAGS $_define_flag"], + [ +if `grep -i "unrecognized option" conftest.err >/dev/null` +then + AC_MSG_RESULT([no]) + CFLAGS="$saved_CFLAGS" +else + AC_MSG_RESULT([yes]) + CFLAGS="$saved_CFLAGS $_define_flag" +fi], [ AC_MSG_RESULT([no]) CFLAGS="$saved_CFLAGS" ] ) diff --git a/crypto/openssh/addrmatch.c b/crypto/openssh/addrmatch.c index 388603cae6b8..fb6de92e777b 100644 --- a/crypto/openssh/addrmatch.c +++ b/crypto/openssh/addrmatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addrmatch.c,v 1.6 2012/06/21 00:16:07 dtucker Exp $ */ +/* $OpenBSD: addrmatch.c,v 1.7 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller @@ -420,7 +420,7 @@ addr_match_list(const char *addr, const char *_list) goto foundit; } } - xfree(o); + free(o); return ret; } @@ -494,7 +494,7 @@ addr_match_cidr_list(const char *addr, const char *_list) continue; } } - xfree(o); + free(o); return ret; } diff --git a/crypto/openssh/auth-chall.c b/crypto/openssh/auth-chall.c index 919b1eaa43cf..0005aa88bf8a 100644 --- a/crypto/openssh/auth-chall.c +++ b/crypto/openssh/auth-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-chall.c,v 1.12 2006/08/03 03:34:41 deraadt Exp $ */ +/* $OpenBSD: auth-chall.c,v 1.13 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -69,11 +69,11 @@ get_challenge(Authctxt *authctxt) fatal("get_challenge: numprompts < 1"); challenge = xstrdup(prompts[0]); for (i = 0; i < numprompts; i++) - xfree(prompts[i]); - xfree(prompts); - xfree(name); - xfree(echo_on); - xfree(info); + free(prompts[i]); + free(prompts); + free(name); + free(echo_on); + free(info); return (challenge); } @@ -102,11 +102,11 @@ verify_response(Authctxt *authctxt, const char *response) authenticated = 1; for (i = 0; i < numprompts; i++) - xfree(prompts[i]); - xfree(prompts); - xfree(name); - xfree(echo_on); - xfree(info); + free(prompts[i]); + free(prompts); + free(name); + free(echo_on); + free(info); break; } device->free_ctx(authctxt->kbdintctxt); diff --git a/crypto/openssh/auth-krb5.c b/crypto/openssh/auth-krb5.c index 922c66c669c8..7c83f597f049 100644 --- a/crypto/openssh/auth-krb5.c +++ b/crypto/openssh/auth-krb5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-krb5.c,v 1.19 2006/08/03 03:34:41 deraadt Exp $ */ +/* $OpenBSD: auth-krb5.c,v 1.20 2013/07/20 01:55:13 djm Exp $ */ /* * Kerberos v5 authentication and ticket-passing routines. * @@ -79,6 +79,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) krb5_ccache ccache = NULL; int len; char *client, *platform_client; + const char *errmsg; /* get platform-specific kerberos client principal name (if it exists) */ platform_client = platform_krb5_get_principal_name(authctxt->pw->pw_name); @@ -96,7 +97,12 @@ auth_krb5_password(Authctxt *authctxt, const char *password) goto out; #ifdef HEIMDAL +# ifdef HAVE_KRB5_CC_NEW_UNIQUE + problem = krb5_cc_new_unique(authctxt->krb5_ctx, + krb5_mcc_ops.prefix, NULL, &ccache); +# else problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &ccache); +# endif if (problem) goto out; @@ -115,8 +121,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password) if (problem) goto out; +# ifdef HAVE_KRB5_CC_NEW_UNIQUE + problem = krb5_cc_new_unique(authctxt->krb5_ctx, + krb5_fcc_ops.prefix, NULL, &authctxt->krb5_fwd_ccache); +# else problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &authctxt->krb5_fwd_ccache); +# endif if (problem) goto out; @@ -181,17 +192,19 @@ auth_krb5_password(Authctxt *authctxt, const char *password) out: restore_uid(); - if (platform_client != NULL) - xfree(platform_client); + free(platform_client); if (problem) { if (ccache) krb5_cc_destroy(authctxt->krb5_ctx, ccache); - if (authctxt->krb5_ctx != NULL && problem!=-1) - debug("Kerberos password authentication failed: %s", - krb5_get_err_text(authctxt->krb5_ctx, problem)); - else + if (authctxt->krb5_ctx != NULL && problem!=-1) { + errmsg = krb5_get_error_message(authctxt->krb5_ctx, + problem); + debug("Kerberos password authentication failed: %s", + errmsg); + krb5_free_error_message(authctxt->krb5_ctx, errmsg); + } else debug("Kerberos password authentication failed: %d", problem); diff --git a/crypto/openssh/auth-options.c b/crypto/openssh/auth-options.c index 23d0423e122d..80d59ee95c52 100644 --- a/crypto/openssh/auth-options.c +++ b/crypto/openssh/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.57 2012/12/02 20:46:11 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.59 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -72,15 +72,15 @@ auth_clear_options(void) while (custom_environment) { struct envstring *ce = custom_environment; custom_environment = ce->next; - xfree(ce->s); - xfree(ce); + free(ce->s); + free(ce); } if (forced_command) { - xfree(forced_command); + free(forced_command); forced_command = NULL; } if (authorized_principals) { - xfree(authorized_principals); + free(authorized_principals); authorized_principals = NULL; } forced_tun_device = -1; @@ -149,7 +149,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) if (strncasecmp(opts, cp, strlen(cp)) == 0) { opts += strlen(cp); if (forced_command != NULL) - xfree(forced_command); + free(forced_command); forced_command = xmalloc(strlen(opts) + 1); i = 0; while (*opts) { @@ -167,7 +167,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(forced_command); + free(forced_command); forced_command = NULL; goto bad_option; } @@ -180,7 +180,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) if (strncasecmp(opts, cp, strlen(cp)) == 0) { opts += strlen(cp); if (authorized_principals != NULL) - xfree(authorized_principals); + free(authorized_principals); authorized_principals = xmalloc(strlen(opts) + 1); i = 0; while (*opts) { @@ -198,7 +198,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(authorized_principals); + free(authorized_principals); authorized_principals = NULL; goto bad_option; } @@ -232,7 +232,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(s); + free(s); goto bad_option; } s[i] = '\0'; @@ -269,7 +269,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(patterns); + free(patterns); goto bad_option; } patterns[i] = '\0'; @@ -277,7 +277,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) switch (match_host_and_ip(remote_host, remote_ip, patterns)) { case 1: - xfree(patterns); + free(patterns); /* Host name matches. */ goto next_option; case -1: @@ -287,7 +287,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) "invalid criteria", file, linenum); /* FALLTHROUGH */ case 0: - xfree(patterns); + free(patterns); logit("Authentication tried for %.100s with " "correct key but not from a permitted " "host (host=%.200s, ip=%.200s).", @@ -323,7 +323,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing " "end quote", file, linenum); - xfree(patterns); + free(patterns); goto bad_option; } patterns[i] = '\0'; @@ -337,7 +337,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) auth_debug_add("%.100s, line %lu: " "Bad permitopen specification", file, linenum); - xfree(patterns); + free(patterns); goto bad_option; } host = cleanhostname(host); @@ -346,12 +346,12 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) "<%.100s>", file, linenum, p ? p : ""); auth_debug_add("%.100s, line %lu: " "Bad permitopen port", file, linenum); - xfree(patterns); + free(patterns); goto bad_option; } if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) channel_add_permitted_opens(host, port); - xfree(patterns); + free(patterns); goto next_option; } cp = "tunnel=\""; @@ -370,13 +370,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(tun); + free(tun); forced_tun_device = -1; goto bad_option; } tun[i] = '\0'; forced_tun_device = a2tun(tun, NULL); - xfree(tun); + free(tun); if (forced_tun_device == SSH_TUNID_ERR) { debug("%.100s, line %lu: invalid tun device", file, linenum); @@ -432,7 +432,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, { char *command, *allowed; const char *remote_ip; - u_char *name = NULL, *data_blob = NULL; + char *name = NULL; + u_char *data_blob = NULL; u_int nlen, dlen, clen; Buffer c, data; int ret = -1, found; @@ -484,7 +485,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, if (*cert_forced_command != NULL) { error("Certificate has multiple " "force-command options"); - xfree(command); + free(command); goto out; } *cert_forced_command = command; @@ -500,7 +501,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, if ((*cert_source_address_done)++) { error("Certificate has multiple " "source-address options"); - xfree(allowed); + free(allowed); goto out; } remote_ip = get_remote_ipaddr(); @@ -508,7 +509,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, allowed)) { case 1: /* accepted */ - xfree(allowed); + free(allowed); break; case 0: /* no match */ @@ -521,12 +522,12 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, "is not permitted to use this " "certificate for login.", remote_ip); - xfree(allowed); + free(allowed); goto out; case -1: error("Certificate source-address " "contents invalid"); - xfree(allowed); + free(allowed); goto out; } found = 1; @@ -548,9 +549,10 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, goto out; } buffer_clear(&data); - xfree(name); - xfree(data_blob); - name = data_blob = NULL; + free(name); + free(data_blob); + name = NULL; + data_blob = NULL; } /* successfully parsed all options */ ret = 0; @@ -559,13 +561,13 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, if (ret != 0 && cert_forced_command != NULL && *cert_forced_command != NULL) { - xfree(*cert_forced_command); + free(*cert_forced_command); *cert_forced_command = NULL; } if (name != NULL) - xfree(name); + free(name); if (data_blob != NULL) - xfree(data_blob); + free(data_blob); buffer_free(&data); buffer_free(&c); return ret; @@ -627,7 +629,7 @@ auth_cert_options(Key *k, struct passwd *pw) /* CA-specified forced command supersedes key option */ if (cert_forced_command != NULL) { if (forced_command != NULL) - xfree(forced_command); + free(forced_command); forced_command = cert_forced_command; } return 0; diff --git a/crypto/openssh/auth-pam.c b/crypto/openssh/auth-pam.c index 675006e6fb25..d51318b3a216 100644 --- a/crypto/openssh/auth-pam.c +++ b/crypto/openssh/auth-pam.c @@ -412,10 +412,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, fail: for(i = 0; i < n; i++) { - if (reply[i].resp != NULL) - xfree(reply[i].resp); + free(reply[i].resp); } - xfree(reply); + free(reply); buffer_free(&buffer); return (PAM_CONV_ERR); } @@ -586,10 +585,9 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg, fail: for(i = 0; i < n; i++) { - if (reply[i].resp != NULL) - xfree(reply[i].resp); + free(reply[i].resp); } - xfree(reply); + free(reply); return (PAM_CONV_ERR); } @@ -693,7 +691,7 @@ sshpam_init_ctx(Authctxt *authctxt) /* Start the authentication thread */ if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { error("PAM: failed create sockets: %s", strerror(errno)); - xfree(ctxt); + free(ctxt); return (NULL); } ctxt->pam_psock = socks[0]; @@ -703,7 +701,7 @@ sshpam_init_ctx(Authctxt *authctxt) strerror(errno)); close(socks[0]); close(socks[1]); - xfree(ctxt); + free(ctxt); return (NULL); } cleanup_ctxt = ctxt; @@ -742,7 +740,7 @@ sshpam_query(void *ctx, char **name, char **info, strlcpy(**prompts + plen, msg, len - plen); plen += mlen; **echo_on = (type == PAM_PROMPT_ECHO_ON); - xfree(msg); + free(msg); return (0); case PAM_ERROR_MSG: case PAM_TEXT_INFO: @@ -753,7 +751,7 @@ sshpam_query(void *ctx, char **name, char **info, plen += mlen; strlcat(**prompts + plen, "\n", len - plen); plen++; - xfree(msg); + free(msg); break; case PAM_ACCT_EXPIRED: sshpam_account_status = 0; @@ -766,7 +764,7 @@ sshpam_query(void *ctx, char **name, char **info, *num = 0; **echo_on = 0; ctxt->pam_done = -1; - xfree(msg); + free(msg); return 0; } /* FALLTHROUGH */ @@ -776,7 +774,7 @@ sshpam_query(void *ctx, char **name, char **info, debug("PAM: %s", **prompts); buffer_append(&loginmsg, **prompts, strlen(**prompts)); - xfree(**prompts); + free(**prompts); **prompts = NULL; } if (type == PAM_SUCCESS) { @@ -790,7 +788,7 @@ sshpam_query(void *ctx, char **name, char **info, *num = 0; **echo_on = 0; ctxt->pam_done = 1; - xfree(msg); + free(msg); return (0); } error("PAM: %s for %s%.100s from %.100s", msg, @@ -801,7 +799,7 @@ sshpam_query(void *ctx, char **name, char **info, default: *num = 0; **echo_on = 0; - xfree(msg); + free(msg); ctxt->pam_done = -1; return (-1); } @@ -852,7 +850,7 @@ sshpam_free_ctx(void *ctxtp) debug3("PAM: %s entering", __func__); sshpam_thread_cleanup(); - xfree(ctxt); + free(ctxt); /* * We don't call sshpam_cleanup() here because we may need the PAM * handle at a later stage, e.g. when setting up a session. It's @@ -1006,10 +1004,9 @@ sshpam_tty_conv(int n, sshpam_const struct pam_message **msg, fail: for(i = 0; i < n; i++) { - if (reply[i].resp != NULL) - xfree(reply[i].resp); + free(reply[i].resp); } - xfree(reply); + free(reply); return (PAM_CONV_ERR); } @@ -1081,7 +1078,7 @@ do_pam_putenv(char *name, char *value) snprintf(compound, len, "%s=%s", name, value); ret = pam_putenv(sshpam_handle, compound); - xfree(compound); + free(compound); #endif return (ret); @@ -1108,8 +1105,8 @@ free_pam_environment(char **env) return; for (envp = env; *envp; envp++) - xfree(*envp); - xfree(env); + free(*envp); + free(env); } /* @@ -1165,10 +1162,9 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg, fail: for(i = 0; i < n; i++) { - if (reply[i].resp != NULL) - xfree(reply[i].resp); + free(reply[i].resp); } - xfree(reply); + free(reply); return (PAM_CONV_ERR); } diff --git a/crypto/openssh/auth-rsa.c b/crypto/openssh/auth-rsa.c index 2c8a7cb35012..545aa496abd7 100644 --- a/crypto/openssh/auth-rsa.c +++ b/crypto/openssh/auth-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.81 2012/10/30 21:29:54 djm Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -164,9 +164,8 @@ static int rsa_key_allowed_in_file(struct passwd *pw, char *file, const BIGNUM *client_n, Key **rkey) { - char line[SSH_MAX_PUBKEY_BYTES]; - int allowed = 0; - u_int bits; + char *fp, line[SSH_MAX_PUBKEY_BYTES]; + int allowed = 0, bits; FILE *f; u_long linenum = 0; Key *key; @@ -227,11 +226,16 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file, /* check the real bits */ keybits = BN_num_bits(key->rsa->n); - if (keybits < 0 || bits != (u_int)keybits) + if (keybits < 0 || bits != keybits) logit("Warning: %s, line %lu: keysize mismatch: " "actual %d vs. announced %d.", file, linenum, BN_num_bits(key->rsa->n), bits); + fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + debug("matching key found: file %s, line %lu %s %s", + file, linenum, key_type(key), fp); + free(fp); + /* Never accept a revoked key */ if (auth_key_is_revoked(key)) break; @@ -281,7 +285,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) file = expand_authorized_keys( options.authorized_keys_files[i], pw); allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey); - xfree(file); + free(file); } restore_uid(); @@ -298,7 +302,6 @@ int auth_rsa(Authctxt *authctxt, BIGNUM *client_n) { Key *key; - char *fp; struct passwd *pw = authctxt->pw; /* no user given */ @@ -328,11 +331,7 @@ auth_rsa(Authctxt *authctxt, BIGNUM *client_n) * options; this will be reset if the options cause the * authentication to be rejected. */ - fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); - verbose("Found matching %s key: %s", - key_type(key), fp); - xfree(fp); - key_free(key); + pubkey_auth_info(authctxt, key, NULL); packet_send_debug("RSA authentication accepted."); return (1); diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c index 2ebbb9e247e7..a085de455845 100644 --- a/crypto/openssh/auth.c +++ b/crypto/openssh/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.101 2013/02/06 00:22:21 dtucker Exp $ */ +/* $OpenBSD: auth.c,v 1.103 2013/05/19 02:42:42 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -73,6 +73,7 @@ __RCSID("$FreeBSD$"); #include "authfile.h" #include "monitor_wrap.h" #include "krl.h" +#include "compat.h" /* import */ extern ServerOptions options; @@ -166,17 +167,17 @@ allowed_user(struct passwd * pw) if (stat(shell, &st) != 0) { logit("User %.100s not allowed because shell %.100s " "does not exist", pw->pw_name, shell); - xfree(shell); + free(shell); return 0; } if (S_ISREG(st.st_mode) == 0 || (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { logit("User %.100s not allowed because shell %.100s " "is not executable", pw->pw_name, shell); - xfree(shell); + free(shell); return 0; } - xfree(shell); + free(shell); } if (options.num_deny_users > 0 || options.num_allow_users > 0 || @@ -252,9 +253,26 @@ allowed_user(struct passwd * pw) return 1; } +void +auth_info(Authctxt *authctxt, const char *fmt, ...) +{ + va_list ap; + int i; + + free(authctxt->info); + authctxt->info = NULL; + + va_start(ap, fmt); + i = vasprintf(&authctxt->info, fmt, ap); + va_end(ap); + + if (i < 0 || authctxt->info == NULL) + fatal("vasprintf failed"); +} + void auth_log(Authctxt *authctxt, int authenticated, int partial, - const char *method, const char *submethod, const char *info) + const char *method, const char *submethod) { void (*authlog) (const char *fmt,...) = verbose; char *authmsg; @@ -276,7 +294,7 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, else authmsg = authenticated ? "Accepted" : "Failed"; - authlog("%s %s%s%s for %s%.100s from %.200s port %d%s", + authlog("%s %s%s%s for %s%.100s from %.200s port %d %s%s%s", authmsg, method, submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod, @@ -284,7 +302,11 @@ auth_log(Authctxt *authctxt, int authenticated, int partial, authctxt->user, get_remote_ipaddr(), get_remote_port(), - info); + compat20 ? "ssh2" : "ssh1", + authctxt->info != NULL ? ": " : "", + authctxt->info != NULL ? authctxt->info : ""); + free(authctxt->info); + authctxt->info = NULL; #ifdef CUSTOM_FAILED_LOGIN if (authenticated == 0 && !authctxt->postponed && @@ -356,7 +378,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw) i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file); if (i < 0 || (size_t)i >= sizeof(ret)) fatal("expand_authorized_keys: path too long"); - xfree(file); + free(file); return (xstrdup(ret)); } @@ -398,7 +420,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, load_hostkeys(hostkeys, host, user_hostfile); restore_uid(); } - xfree(user_hostfile); + free(user_hostfile); } host_status = check_key_in_hostkeys(hostkeys, key, &found); if (host_status == HOST_REVOKED) @@ -667,7 +689,7 @@ auth_key_is_revoked(Key *key) key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); error("WARNING: authentication attempt with a revoked " "%s key %s ", key_type(key), key_fp); - xfree(key_fp); + free(key_fp); return 1; } fatal("key_in_file returned junk"); @@ -698,7 +720,7 @@ auth_debug_send(void) while (buffer_len(&auth_debug)) { msg = buffer_get_string(&auth_debug, NULL); packet_send_debug("%s", msg); - xfree(msg); + free(msg); } } @@ -722,10 +744,12 @@ fakepw(void) fake.pw_name = "NOUSER"; fake.pw_passwd = "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; +#ifdef HAVE_STRUCT_PASSWD_PW_GECOS fake.pw_gecos = "NOUSER"; +#endif fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid; fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid; -#ifdef HAVE_PW_CLASS_IN_PASSWD +#ifdef HAVE_STRUCT_PASSWD_PW_CLASS fake.pw_class = ""; #endif fake.pw_dir = "/nonexist"; diff --git a/crypto/openssh/auth.h b/crypto/openssh/auth.h index c6fe84722fca..80f08986929e 100644 --- a/crypto/openssh/auth.h +++ b/crypto/openssh/auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.72 2012/12/02 20:34:09 djm Exp $ */ +/* $OpenBSD: auth.h,v 1.76 2013/07/19 07:37:48 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -60,6 +60,7 @@ struct Authctxt { struct passwd *pw; /* set if 'valid' */ char *style; void *kbdintctxt; + char *info; /* Extra info for next auth_log */ void *jpake_ctx; #ifdef BSD_AUTH auth_session_t *as; @@ -121,6 +122,8 @@ int auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **); int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); int user_key_allowed(struct passwd *, Key *); +void pubkey_auth_info(Authctxt *, const Key *, const char *, ...) + __attribute__((__format__ (printf, 3, 4))); struct stat; int auth_secure_path(const char *, struct stat *, const char *, uid_t, @@ -148,8 +151,10 @@ void disable_forwarding(void); void do_authentication(Authctxt *); void do_authentication2(Authctxt *); -void auth_log(Authctxt *, int, int, const char *, const char *, - const char *); +void auth_info(Authctxt *authctxt, const char *, ...) + __attribute__((__format__ (printf, 2, 3))) + __attribute__((__nonnull__ (2))); +void auth_log(Authctxt *, int, int, const char *, const char *); void userauth_finish(Authctxt *, int, const char *, const char *); int auth_root_allowed(const char *); @@ -157,8 +162,9 @@ void userauth_send_banner(const char *); char *auth2_read_banner(void); int auth2_methods_valid(const char *, int); -int auth2_update_methods_lists(Authctxt *, const char *); +int auth2_update_methods_lists(Authctxt *, const char *, const char *); int auth2_setup_methods_lists(Authctxt *); +int auth2_method_allowed(Authctxt *, const char *, const char *); void privsep_challenge_enable(void); @@ -192,10 +198,12 @@ check_key_in_hostfiles(struct passwd *, Key *, const char *, /* hostkey handling */ Key *get_hostkey_by_index(int); +Key *get_hostkey_public_by_index(int); Key *get_hostkey_public_by_type(int); Key *get_hostkey_private_by_type(int); int get_hostkey_index(Key *); int ssh1_session_key(BIGNUM *); +void sshd_hostkey_sign(Key *, Key *, u_char **, u_int *, u_char *, u_int); /* debug messages during authentication */ void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); diff --git a/crypto/openssh/auth1.c b/crypto/openssh/auth1.c index 6eea8d81eaa5..f1ac598147c5 100644 --- a/crypto/openssh/auth1.c +++ b/crypto/openssh/auth1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth1.c,v 1.77 2012/12/02 20:34:09 djm Exp $ */ +/* $OpenBSD: auth1.c,v 1.79 2013/05/19 02:42:42 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -45,11 +45,11 @@ extern ServerOptions options; extern Buffer loginmsg; -static int auth1_process_password(Authctxt *, char *, size_t); -static int auth1_process_rsa(Authctxt *, char *, size_t); -static int auth1_process_rhosts_rsa(Authctxt *, char *, size_t); -static int auth1_process_tis_challenge(Authctxt *, char *, size_t); -static int auth1_process_tis_response(Authctxt *, char *, size_t); +static int auth1_process_password(Authctxt *); +static int auth1_process_rsa(Authctxt *); +static int auth1_process_rhosts_rsa(Authctxt *); +static int auth1_process_tis_challenge(Authctxt *); +static int auth1_process_tis_response(Authctxt *); static char *client_user = NULL; /* Used to fill in remote user for PAM */ @@ -57,7 +57,7 @@ struct AuthMethod1 { int type; char *name; int *enabled; - int (*method)(Authctxt *, char *, size_t); + int (*method)(Authctxt *); }; const struct AuthMethod1 auth1_methods[] = { @@ -112,7 +112,7 @@ get_authname(int type) /*ARGSUSED*/ static int -auth1_process_password(Authctxt *authctxt, char *info, size_t infolen) +auth1_process_password(Authctxt *authctxt) { int authenticated = 0; char *password; @@ -130,14 +130,14 @@ auth1_process_password(Authctxt *authctxt, char *info, size_t infolen) authenticated = PRIVSEP(auth_password(authctxt, password)); memset(password, 0, dlen); - xfree(password); + free(password); return (authenticated); } /*ARGSUSED*/ static int -auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen) +auth1_process_rsa(Authctxt *authctxt) { int authenticated = 0; BIGNUM *n; @@ -155,7 +155,7 @@ auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen) /*ARGSUSED*/ static int -auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen) +auth1_process_rhosts_rsa(Authctxt *authctxt) { int keybits, authenticated = 0; u_int bits; @@ -187,14 +187,14 @@ auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen) client_host_key); key_free(client_host_key); - snprintf(info, infolen, " ruser %.100s", client_user); + auth_info(authctxt, "ruser %.100s", client_user); return (authenticated); } /*ARGSUSED*/ static int -auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen) +auth1_process_tis_challenge(Authctxt *authctxt) { char *challenge; @@ -204,7 +204,7 @@ auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen) debug("sending challenge '%s'", challenge); packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); packet_put_cstring(challenge); - xfree(challenge); + free(challenge); packet_send(); packet_write_wait(); @@ -213,7 +213,7 @@ auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen) /*ARGSUSED*/ static int -auth1_process_tis_response(Authctxt *authctxt, char *info, size_t infolen) +auth1_process_tis_response(Authctxt *authctxt) { int authenticated = 0; char *response; @@ -223,7 +223,7 @@ auth1_process_tis_response(Authctxt *authctxt, char *info, size_t infolen) packet_check_eom(); authenticated = verify_response(authctxt, response); memset(response, 'r', dlen); - xfree(response); + free(response); return (authenticated); } @@ -236,7 +236,6 @@ static void do_authloop(Authctxt *authctxt) { int authenticated = 0; - char info[1024]; int prev = 0, type = 0; const struct AuthMethod1 *meth; @@ -254,7 +253,7 @@ do_authloop(Authctxt *authctxt) #endif { auth_log(authctxt, 1, 0, "without authentication", - NULL, ""); + NULL); return; } } @@ -268,7 +267,6 @@ do_authloop(Authctxt *authctxt) /* default to fail */ authenticated = 0; - info[0] = '\0'; /* Get a packet from the client. */ prev = type; @@ -298,7 +296,7 @@ do_authloop(Authctxt *authctxt) goto skip; } - authenticated = meth->method(authctxt, info, sizeof(info)); + authenticated = meth->method(authctxt); if (authenticated == -1) continue; /* "postponed" */ @@ -353,13 +351,10 @@ do_authloop(Authctxt *authctxt) skip: /* Log before sending the reply */ - auth_log(authctxt, authenticated, 0, get_authname(type), - NULL, info); + auth_log(authctxt, authenticated, 0, get_authname(type), NULL); - if (client_user != NULL) { - xfree(client_user); - client_user = NULL; - } + free(client_user); + client_user = NULL; if (authenticated) return; diff --git a/crypto/openssh/auth2-chall.c b/crypto/openssh/auth2-chall.c index 6505d40097d4..98f3093ce2fd 100644 --- a/crypto/openssh/auth2-chall.c +++ b/crypto/openssh/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.36 2012/12/03 00:14:06 djm Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.38 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -147,15 +147,13 @@ kbdint_free(KbdintAuthctxt *kbdintctxt) { if (kbdintctxt->device) kbdint_reset_device(kbdintctxt); - if (kbdintctxt->devices) { - xfree(kbdintctxt->devices); - kbdintctxt->devices = NULL; - } - xfree(kbdintctxt); + free(kbdintctxt->devices); + bzero(kbdintctxt, sizeof(*kbdintctxt)); + free(kbdintctxt); } /* get next device */ static int -kbdint_next_device(KbdintAuthctxt *kbdintctxt) +kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt) { size_t len; char *t; @@ -169,12 +167,16 @@ kbdint_next_device(KbdintAuthctxt *kbdintctxt) if (len == 0) break; - for (i = 0; devices[i]; i++) + for (i = 0; devices[i]; i++) { + if (!auth2_method_allowed(authctxt, + "keyboard-interactive", devices[i]->name)) + continue; if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) kbdintctxt->device = devices[i]; + } t = kbdintctxt->devices; kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; - xfree(t); + free(t); debug2("kbdint_next_device: devices %s", kbdintctxt->devices ? kbdintctxt->devices : ""); } while (kbdintctxt->devices && !kbdintctxt->device); @@ -221,7 +223,7 @@ auth2_challenge_start(Authctxt *authctxt) debug2("auth2_challenge_start: devices %s", kbdintctxt->devices ? kbdintctxt->devices : ""); - if (kbdint_next_device(kbdintctxt) == 0) { + if (kbdint_next_device(authctxt, kbdintctxt) == 0) { auth2_challenge_stop(authctxt); return 0; } @@ -268,11 +270,11 @@ send_userauth_info_request(Authctxt *authctxt) packet_write_wait(); for (i = 0; i < kbdintctxt->nreq; i++) - xfree(prompts[i]); - xfree(prompts); - xfree(echo_on); - xfree(name); - xfree(instr); + free(prompts[i]); + free(prompts); + free(echo_on); + free(name); + free(instr); return 1; } @@ -311,10 +313,9 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) for (i = 0; i < nresp; i++) { memset(response[i], 'r', strlen(response[i])); - xfree(response[i]); + free(response[i]); } - if (response) - xfree(response); + free(response); switch (res) { case 0: diff --git a/crypto/openssh/auth2-gss.c b/crypto/openssh/auth2-gss.c index 93d576bfb8da..638d8f88e7d9 100644 --- a/crypto/openssh/auth2-gss.c +++ b/crypto/openssh/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.18 2012/12/02 20:34:09 djm Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.20 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -81,8 +81,7 @@ userauth_gssapi(Authctxt *authctxt) do { mechs--; - if (doid) - xfree(doid); + free(doid); present = 0; doid = packet_get_string(&len); @@ -101,7 +100,7 @@ userauth_gssapi(Authctxt *authctxt) gss_release_oid_set(&ms, &supported); if (!present) { - xfree(doid); + free(doid); authctxt->server_caused_failure = 1; return (0); } @@ -109,7 +108,7 @@ userauth_gssapi(Authctxt *authctxt) if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) { if (ctxt != NULL) ssh_gssapi_delete_ctx(&ctxt); - xfree(doid); + free(doid); authctxt->server_caused_failure = 1; return (0); } @@ -122,7 +121,7 @@ userauth_gssapi(Authctxt *authctxt) packet_put_string(doid, len); packet_send(); - xfree(doid); + free(doid); dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token); dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok); @@ -153,7 +152,7 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt) maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, &send_tok, &flags)); - xfree(recv_tok.value); + free(recv_tok.value); if (GSS_ERROR(maj_status)) { if (send_tok.length != 0) { @@ -208,7 +207,7 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok, &send_tok, NULL)); - xfree(recv_tok.value); + free(recv_tok.value); /* We can't return anything to the client, even if we wanted to */ dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); @@ -229,14 +228,11 @@ static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt) { Authctxt *authctxt = ctxt; - Gssctxt *gssctxt; int authenticated; if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) fatal("No authentication or GSSAPI context"); - gssctxt = authctxt->methoddata; - /* * We don't need to check the status, because we're only enabled in * the dispatcher once the exchange is complete @@ -284,7 +280,7 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt) logit("GSSAPI MIC check failed"); buffer_free(&b); - xfree(mic.value); + free(mic.value); authctxt->postponed = 0; dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); diff --git a/crypto/openssh/auth2-hostbased.c b/crypto/openssh/auth2-hostbased.c index cdf442f97c2c..a344dcc1f797 100644 --- a/crypto/openssh/auth2-hostbased.c +++ b/crypto/openssh/auth2-hostbased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-hostbased.c,v 1.14 2010/08/04 05:42:47 djm Exp $ */ +/* $OpenBSD: auth2-hostbased.c,v 1.16 2013/06/21 00:34:49 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -116,6 +116,10 @@ userauth_hostbased(Authctxt *authctxt) #ifdef DEBUG_PK buffer_dump(&b); #endif + + pubkey_auth_info(authctxt, key, + "client user \"%.100s\", client host \"%.100s\"", cuser, chost); + /* test for allowed key and correct signature */ authenticated = 0; if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) && @@ -128,11 +132,11 @@ userauth_hostbased(Authctxt *authctxt) debug2("userauth_hostbased: authenticated %d", authenticated); if (key != NULL) key_free(key); - xfree(pkalg); - xfree(pkblob); - xfree(cuser); - xfree(chost); - xfree(sig); + free(pkalg); + free(pkblob); + free(cuser); + free(chost); + free(sig); return authenticated; } @@ -207,7 +211,7 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, verbose("Accepted %s public key %s from %s@%s", key_type(key), fp, cuser, lookup); } - xfree(fp); + free(fp); } return (host_status == HOST_OK); diff --git a/crypto/openssh/auth2-jpake.c b/crypto/openssh/auth2-jpake.c index ed0eba47b479..78a6b881790b 100644 --- a/crypto/openssh/auth2-jpake.c +++ b/crypto/openssh/auth2-jpake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-jpake.c,v 1.5 2012/12/02 20:34:09 djm Exp $ */ +/* $OpenBSD: auth2-jpake.c,v 1.6 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2008 Damien Miller. All rights reserved. * @@ -179,7 +179,7 @@ derive_rawsalt(const char *username, u_char *rawsalt, u_int len) __func__, len, digest_len); memcpy(rawsalt, digest, len); bzero(digest, digest_len); - xfree(digest); + free(digest); } /* ASCII an integer [0, 64) for inclusion in a password/salt */ @@ -258,7 +258,7 @@ fake_salt_and_scheme(Authctxt *authctxt, char **salt, char **scheme) makesalt(22, authctxt->user)); *scheme = xstrdup("bcrypt"); } - xfree(style); + free(style); debug3("%s: fake %s salt for user %s: %s", __func__, *scheme, authctxt->user, *salt); } @@ -361,7 +361,7 @@ auth2_jpake_get_pwdata(Authctxt *authctxt, BIGNUM **s, JPAKE_DEBUG_BN((*s, "%s: s = ", __func__)); #endif bzero(secret, secret_len); - xfree(secret); + free(secret); } /* @@ -403,12 +403,12 @@ auth2_jpake_start(Authctxt *authctxt) bzero(hash_scheme, strlen(hash_scheme)); bzero(salt, strlen(salt)); - xfree(hash_scheme); - xfree(salt); + free(hash_scheme); + free(salt); bzero(x3_proof, x3_proof_len); bzero(x4_proof, x4_proof_len); - xfree(x3_proof); - xfree(x4_proof); + free(x3_proof); + free(x4_proof); /* Expect step 1 packet from peer */ dispatch_set(SSH2_MSG_USERAUTH_JPAKE_CLIENT_STEP1, @@ -455,8 +455,8 @@ input_userauth_jpake_client_step1(int type, u_int32_t seq, void *ctxt) bzero(x1_proof, x1_proof_len); bzero(x2_proof, x2_proof_len); - xfree(x1_proof); - xfree(x2_proof); + free(x1_proof); + free(x2_proof); if (!use_privsep) JPAKE_DEBUG_CTX((pctx, "step 2 sending in %s", __func__)); @@ -469,7 +469,7 @@ input_userauth_jpake_client_step1(int type, u_int32_t seq, void *ctxt) packet_write_wait(); bzero(x4_s_proof, x4_s_proof_len); - xfree(x4_s_proof); + free(x4_s_proof); /* Expect step 2 packet from peer */ dispatch_set(SSH2_MSG_USERAUTH_JPAKE_CLIENT_STEP2, @@ -510,7 +510,7 @@ input_userauth_jpake_client_step2(int type, u_int32_t seq, void *ctxt) &pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len)); bzero(x2_s_proof, x2_s_proof_len); - xfree(x2_s_proof); + free(x2_s_proof); if (!use_privsep) JPAKE_DEBUG_CTX((pctx, "confirm sending in %s", __func__)); diff --git a/crypto/openssh/auth2-kbdint.c b/crypto/openssh/auth2-kbdint.c index fae67da6e337..c39bdc62da37 100644 --- a/crypto/openssh/auth2-kbdint.c +++ b/crypto/openssh/auth2-kbdint.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-kbdint.c,v 1.5 2006/08/03 03:34:41 deraadt Exp $ */ +/* $OpenBSD: auth2-kbdint.c,v 1.6 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -56,8 +56,8 @@ userauth_kbdint(Authctxt *authctxt) if (options.challenge_response_authentication) authenticated = auth2_challenge(authctxt, devs); - xfree(devs); - xfree(lang); + free(devs); + free(lang); return authenticated; } diff --git a/crypto/openssh/auth2-passwd.c b/crypto/openssh/auth2-passwd.c index 5f1f3635f7a0..21bc5047dbb8 100644 --- a/crypto/openssh/auth2-passwd.c +++ b/crypto/openssh/auth2-passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-passwd.c,v 1.9 2006/08/03 03:34:41 deraadt Exp $ */ +/* $OpenBSD: auth2-passwd.c,v 1.10 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -60,7 +60,7 @@ userauth_passwd(Authctxt *authctxt) /* discard new password from packet */ newpass = packet_get_string(&newlen); memset(newpass, 0, newlen); - xfree(newpass); + free(newpass); } packet_check_eom(); @@ -69,7 +69,7 @@ userauth_passwd(Authctxt *authctxt) else if (PRIVSEP(auth_password(authctxt, password)) == 1) authenticated = 1; memset(password, 0, len); - xfree(password); + free(password); return authenticated; } diff --git a/crypto/openssh/auth2-pubkey.c b/crypto/openssh/auth2-pubkey.c index 3ff6faa8b35b..2b3ecb10405d 100644 --- a/crypto/openssh/auth2-pubkey.c +++ b/crypto/openssh/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.34 2013/02/14 21:35:59 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.38 2013/06/21 00:34:49 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -75,7 +75,7 @@ userauth_pubkey(Authctxt *authctxt) { Buffer b; Key *key = NULL; - char *pkalg; + char *pkalg, *userstyle; u_char *pkblob, *sig; u_int alen, blen, slen; int have_sig, pktype; @@ -127,7 +127,11 @@ userauth_pubkey(Authctxt *authctxt) } /* reconstruct packet */ buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); - buffer_put_cstring(&b, authctxt->user); + xasprintf(&userstyle, "%s%s%s", authctxt->user, + authctxt->style ? ":" : "", + authctxt->style ? authctxt->style : ""); + buffer_put_cstring(&b, userstyle); + free(userstyle); buffer_put_cstring(&b, datafellows & SSH_BUG_PKSERVICE ? "ssh-userauth" : @@ -143,6 +147,8 @@ userauth_pubkey(Authctxt *authctxt) #ifdef DEBUG_PK buffer_dump(&b); #endif + pubkey_auth_info(authctxt, key, NULL); + /* test for correct signature */ authenticated = 0; if (PRIVSEP(user_key_allowed(authctxt->pw, key)) && @@ -150,7 +156,7 @@ userauth_pubkey(Authctxt *authctxt) buffer_len(&b))) == 1) authenticated = 1; buffer_free(&b); - xfree(sig); + free(sig); } else { debug("test whether pkalg/pkblob are acceptable"); packet_check_eom(); @@ -178,11 +184,45 @@ userauth_pubkey(Authctxt *authctxt) debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg); if (key != NULL) key_free(key); - xfree(pkalg); - xfree(pkblob); + free(pkalg); + free(pkblob); return authenticated; } +void +pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...) +{ + char *fp, *extra; + va_list ap; + int i; + + extra = NULL; + if (fmt != NULL) { + va_start(ap, fmt); + i = vasprintf(&extra, fmt, ap); + va_end(ap); + if (i < 0 || extra == NULL) + fatal("%s: vasprintf failed", __func__); + } + + if (key_is_cert(key)) { + fp = key_fingerprint(key->cert->signature_key, + SSH_FP_MD5, SSH_FP_HEX); + auth_info(authctxt, "%s ID %s (serial %llu) CA %s %s%s%s", + key_type(key), key->cert->key_id, + (unsigned long long)key->cert->serial, + key_type(key->cert->signature_key), fp, + extra == NULL ? "" : ", ", extra == NULL ? "" : extra); + free(fp); + } else { + fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + auth_info(authctxt, "%s %s%s%s", key_type(key), fp, + extra == NULL ? "" : ", ", extra == NULL ? "" : extra); + free(fp); + } + free(extra); +} + static int match_principals_option(const char *principal_list, struct KeyCert *cert) { @@ -196,7 +236,7 @@ match_principals_option(const char *principal_list, struct KeyCert *cert) principal_list, NULL)) != NULL) { debug3("matched principal from key options \"%.100s\"", result); - xfree(result); + free(result); return 1; } } @@ -276,11 +316,13 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) char *fp; found_key = 0; - found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type); + found = NULL; while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { char *cp, *key_options = NULL; - + if (found != NULL) + key_free(found); + found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type); auth_clear_options(); /* Skip leading whitespace, empty and comment lines. */ @@ -332,7 +374,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) reason = "Certificate does not contain an " "authorized principal"; fail_reason: - xfree(fp); + free(fp); error("%s", reason); auth_debug_add("%s", reason); continue; @@ -342,13 +384,13 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) &reason) != 0) goto fail_reason; if (auth_cert_options(key, pw) != 0) { - xfree(fp); + free(fp); continue; } verbose("Accepted certificate ID \"%s\" " "signed by %s CA %s via %s", key->cert->key_id, key_type(found), fp, file); - xfree(fp); + free(fp); found_key = 1; break; } else if (key_equal(found, key)) { @@ -358,16 +400,15 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) if (key_is_cert_authority) continue; found_key = 1; - debug("matching key found: file %s, line %lu", - file, linenum); fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); - verbose("Found matching %s key: %s", - key_type(found), fp); - xfree(fp); + debug("matching key found: file %s, line %lu %s %s", + file, linenum, key_type(found), fp); + free(fp); break; } } - key_free(found); + if (found != NULL) + key_free(found); if (!found_key) debug2("key not found"); return found_key; @@ -421,10 +462,8 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) ret = 1; out: - if (principals_file != NULL) - xfree(principals_file); - if (ca_fp != NULL) - xfree(ca_fp); + free(principals_file); + free(ca_fp); return ret; } @@ -629,7 +668,7 @@ user_key_allowed(struct passwd *pw, Key *key) options.authorized_keys_files[i], pw); success = user_key_allowed2(pw, key, file); - xfree(file); + free(file); } return success; diff --git a/crypto/openssh/auth2.c b/crypto/openssh/auth2.c index 7e50bf71b925..5a359c714d6b 100644 --- a/crypto/openssh/auth2.c +++ b/crypto/openssh/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.126 2012/12/02 20:34:09 djm Exp $ */ +/* $OpenBSD: auth2.c,v 1.129 2013/05/19 02:42:42 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -100,8 +100,12 @@ static void input_userauth_request(int, u_int32_t, void *); /* helper */ static Authmethod *authmethod_lookup(Authctxt *, const char *); static char *authmethods_get(Authctxt *authctxt); -static int method_allowed(Authctxt *, const char *); -static int list_starts_with(const char *, const char *); + +#define MATCH_NONE 0 /* method or submethod mismatch */ +#define MATCH_METHOD 1 /* method matches (no submethod specified) */ +#define MATCH_BOTH 2 /* method and submethod match */ +#define MATCH_PARTIAL 3 /* method matches, submethod can't be checked */ +static int list_starts_with(const char *, const char *, const char *); char * auth2_read_banner(void) @@ -128,7 +132,7 @@ auth2_read_banner(void) close(fd); if (n != len) { - xfree(banner); + free(banner); return (NULL); } banner[n] = '\0'; @@ -164,8 +168,7 @@ userauth_banner(void) userauth_send_banner(banner); done: - if (banner) - xfree(banner); + free(banner); } /* @@ -210,7 +213,7 @@ input_service_request(int type, u_int32_t seq, void *ctxt) debug("bad service request %s", service); packet_disconnect("bad service request %s", service); } - xfree(service); + free(service); } /*ARGSUSED*/ @@ -318,9 +321,9 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) } userauth_finish(authctxt, authenticated, method, NULL); - xfree(service); - xfree(user); - xfree(method); + free(service); + free(user); + free(method); } void @@ -346,14 +349,14 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method, } if (authenticated && options.num_auth_methods != 0) { - if (!auth2_update_methods_lists(authctxt, method)) { + if (!auth2_update_methods_lists(authctxt, method, submethod)) { authenticated = 0; partial = 1; } } /* Log before sending the reply */ - auth_log(authctxt, authenticated, partial, method, submethod, " ssh2"); + auth_log(authctxt, authenticated, partial, method, submethod); if (authctxt->postponed) return; @@ -408,7 +411,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method, packet_put_char(partial); packet_send(); packet_write_wait(); - xfree(methods); + free(methods); } } @@ -417,8 +420,9 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method, * methods list. Returns 1 if allowed, or no methods lists configured. * 0 otherwise. */ -static int -method_allowed(Authctxt *authctxt, const char *method) +int +auth2_method_allowed(Authctxt *authctxt, const char *method, + const char *submethod) { u_int i; @@ -429,7 +433,8 @@ method_allowed(Authctxt *authctxt, const char *method) if (options.num_auth_methods == 0) return 1; for (i = 0; i < authctxt->num_auth_methods; i++) { - if (list_starts_with(authctxt->auth_methods[i], method)) + if (list_starts_with(authctxt->auth_methods[i], method, + submethod) != MATCH_NONE) return 1; } return 0; @@ -449,7 +454,8 @@ authmethods_get(Authctxt *authctxt) if (authmethods[i]->enabled == NULL || *(authmethods[i]->enabled) == 0) continue; - if (!method_allowed(authctxt, authmethods[i]->name)) + if (!auth2_method_allowed(authctxt, authmethods[i]->name, + NULL)) continue; if (buffer_len(&b) > 0) buffer_append(&b, ",", 1); @@ -472,7 +478,8 @@ authmethod_lookup(Authctxt *authctxt, const char *name) if (authmethods[i]->enabled != NULL && *(authmethods[i]->enabled) != 0 && strcmp(name, authmethods[i]->name) == 0 && - method_allowed(authctxt, authmethods[i]->name)) + auth2_method_allowed(authctxt, + authmethods[i]->name, NULL)) return authmethods[i]; debug2("Unrecognized authentication method name: %s", name ? name : "NULL"); @@ -487,7 +494,7 @@ authmethod_lookup(Authctxt *authctxt, const char *name) int auth2_methods_valid(const char *_methods, int need_enable) { - char *methods, *omethods, *method; + char *methods, *omethods, *method, *p; u_int i, found; int ret = -1; @@ -498,6 +505,8 @@ auth2_methods_valid(const char *_methods, int need_enable) omethods = methods = xstrdup(_methods); while ((method = strsep(&methods, ",")) != NULL) { for (found = i = 0; !found && authmethods[i] != NULL; i++) { + if ((p = strchr(method, ':')) != NULL) + *p = '\0'; if (strcmp(method, authmethods[i]->name) != 0) continue; if (need_enable) { @@ -563,15 +572,30 @@ auth2_setup_methods_lists(Authctxt *authctxt) } static int -list_starts_with(const char *methods, const char *method) +list_starts_with(const char *methods, const char *method, + const char *submethod) { size_t l = strlen(method); + int match; + const char *p; if (strncmp(methods, method, l) != 0) - return 0; - if (methods[l] != ',' && methods[l] != '\0') - return 0; - return 1; + return MATCH_NONE; + p = methods + l; + match = MATCH_METHOD; + if (*p == ':') { + if (!submethod) + return MATCH_PARTIAL; + l = strlen(submethod); + p += 1; + if (strncmp(submethod, p, l)) + return MATCH_NONE; + p += l; + match = MATCH_BOTH; + } + if (*p != ',' && *p != '\0') + return MATCH_NONE; + return match; } /* @@ -580,14 +604,21 @@ list_starts_with(const char *methods, const char *method) * if it did. */ static int -remove_method(char **methods, const char *method) +remove_method(char **methods, const char *method, const char *submethod) { - char *omethods = *methods; + char *omethods = *methods, *p; size_t l = strlen(method); + int match; - if (!list_starts_with(omethods, method)) + match = list_starts_with(omethods, method, submethod); + if (match != MATCH_METHOD && match != MATCH_BOTH) return 0; - *methods = xstrdup(omethods + l + (omethods[l] == ',' ? 1 : 0)); + p = omethods + l; + if (submethod && match == MATCH_BOTH) + p += 1 + strlen(submethod); /* include colon */ + if (*p == ',') + p++; + *methods = xstrdup(p); free(omethods); return 1; } @@ -599,13 +630,15 @@ remove_method(char **methods, const char *method) * Returns 1 if the method completed any authentication list or 0 otherwise. */ int -auth2_update_methods_lists(Authctxt *authctxt, const char *method) +auth2_update_methods_lists(Authctxt *authctxt, const char *method, + const char *submethod) { u_int i, found = 0; debug3("%s: updating methods list after \"%s\"", __func__, method); for (i = 0; i < authctxt->num_auth_methods; i++) { - if (!remove_method(&(authctxt->auth_methods[i]), method)) + if (!remove_method(&(authctxt->auth_methods[i]), method, + submethod)) continue; found = 1; if (*authctxt->auth_methods[i] == '\0') { diff --git a/crypto/openssh/authfd.c b/crypto/openssh/authfd.c index f037e838b0ee..775786bee13c 100644 --- a/crypto/openssh/authfd.c +++ b/crypto/openssh/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.86 2011/07/06 18:09:21 tedu Exp $ */ +/* $OpenBSD: authfd.c,v 1.87 2013/05/17 00:13:13 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -224,7 +224,7 @@ ssh_close_authentication_connection(AuthenticationConnection *auth) { buffer_free(&auth->identities); close(auth->fd); - xfree(auth); + free(auth); } /* Lock/unlock agent */ @@ -343,7 +343,7 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio blob = buffer_get_string(&auth->identities, &blen); *comment = buffer_get_string(&auth->identities, NULL); key = key_from_blob(blob, blen); - xfree(blob); + free(blob); break; default: return NULL; @@ -436,7 +436,7 @@ ssh_agent_sign(AuthenticationConnection *auth, buffer_put_string(&msg, blob, blen); buffer_put_string(&msg, data, datalen); buffer_put_int(&msg, flags); - xfree(blob); + free(blob); if (ssh_request_reply(auth, &msg, &msg) == 0) { buffer_free(&msg); @@ -612,7 +612,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) key_to_blob(key, &blob, &blen); buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY); buffer_put_string(&msg, blob, blen); - xfree(blob); + free(blob); } else { buffer_free(&msg); return 0; diff --git a/crypto/openssh/authfile.c b/crypto/openssh/authfile.c index 3544d170b550..63ae16bbd99f 100644 --- a/crypto/openssh/authfile.c +++ b/crypto/openssh/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.95 2013/01/08 18:49:04 markus Exp $ */ +/* $OpenBSD: authfile.c,v 1.97 2013/05/17 00:13:13 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -89,7 +89,7 @@ key_private_rsa1_to_blob(Key *key, Buffer *blob, const char *passphrase, u_char buf[100], *cp; int i, cipher_num; CipherContext ciphercontext; - Cipher *cipher; + const Cipher *cipher; u_int32_t rnd; /* @@ -421,7 +421,7 @@ key_parse_private_rsa1(Buffer *blob, const char *passphrase, char **commentp) Buffer decrypted; u_char *cp; CipherContext ciphercontext; - Cipher *cipher; + const Cipher *cipher; Key *prv = NULL; Buffer copy; @@ -509,8 +509,8 @@ key_parse_private_rsa1(Buffer *blob, const char *passphrase, char **commentp) return prv; fail: - if (commentp) - xfree(*commentp); + if (commentp != NULL) + free(*commentp); key_free(prv); return NULL; } @@ -832,10 +832,10 @@ key_load_cert(const char *filename) pub = key_new(KEY_UNSPEC); xasprintf(&file, "%s-cert.pub", filename); if (key_try_load_public(pub, file, NULL) == 1) { - xfree(file); + free(file); return pub; } - xfree(file); + free(file); key_free(pub); return NULL; } diff --git a/crypto/openssh/bufaux.c b/crypto/openssh/bufaux.c index 00208ca279a3..de5b3ca1aa57 100644 --- a/crypto/openssh/bufaux.c +++ b/crypto/openssh/bufaux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bufaux.c,v 1.50 2010/08/31 09:58:37 djm Exp $ */ +/* $OpenBSD: bufaux.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -181,7 +181,7 @@ buffer_get_string_ret(Buffer *buffer, u_int *length_ptr) /* Get the string. */ if (buffer_get_ret(buffer, value, len) == -1) { error("buffer_get_string_ret: buffer_get failed"); - xfree(value); + free(value); return (NULL); } /* Append a null character to make processing easier. */ @@ -216,7 +216,7 @@ buffer_get_cstring_ret(Buffer *buffer, u_int *length_ptr) error("buffer_get_cstring_ret: string contains \\0"); else { bzero(ret, length); - xfree(ret); + free(ret); return NULL; } } @@ -285,7 +285,7 @@ buffer_put_cstring(Buffer *buffer, const char *s) * Returns a character from the buffer (0 - 255). */ int -buffer_get_char_ret(char *ret, Buffer *buffer) +buffer_get_char_ret(u_char *ret, Buffer *buffer) { if (buffer_get_ret(buffer, ret, 1) == -1) { error("buffer_get_char_ret: buffer_get_ret failed"); @@ -297,11 +297,11 @@ buffer_get_char_ret(char *ret, Buffer *buffer) int buffer_get_char(Buffer *buffer) { - char ch; + u_char ch; if (buffer_get_char_ret(&ch, buffer) == -1) fatal("buffer_get_char: buffer error"); - return (u_char) ch; + return ch; } /* diff --git a/crypto/openssh/bufbn.c b/crypto/openssh/bufbn.c index 251cd09518c6..1fbfbbcc985d 100644 --- a/crypto/openssh/bufbn.c +++ b/crypto/openssh/bufbn.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bufbn.c,v 1.6 2007/06/02 09:04:58 djm Exp $*/ +/* $OpenBSD: bufbn.c,v 1.7 2013/05/17 00:13:13 djm Exp $*/ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -69,7 +69,7 @@ buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value) if (oi != bin_size) { error("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d", oi, bin_size); - xfree(buf); + free(buf); return (-1); } @@ -80,7 +80,7 @@ buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value) buffer_append(buffer, buf, oi); memset(buf, 0, bin_size); - xfree(buf); + free(buf); return (0); } @@ -167,13 +167,13 @@ buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value) if (oi < 0 || (u_int)oi != bytes - 1) { error("buffer_put_bignum2_ret: BN_bn2bin() failed: " "oi %d != bin_size %d", oi, bytes); - xfree(buf); + free(buf); return (-1); } hasnohigh = (buf[1] & 0x80) ? 0 : 1; buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh); memset(buf, 0, bytes); - xfree(buf); + free(buf); return (0); } @@ -197,21 +197,21 @@ buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value) if (len > 0 && (bin[0] & 0x80)) { error("buffer_get_bignum2_ret: negative numbers not supported"); - xfree(bin); + free(bin); return (-1); } if (len > 8 * 1024) { error("buffer_get_bignum2_ret: cannot handle BN of size %d", len); - xfree(bin); + free(bin); return (-1); } if (BN_bin2bn(bin, len, value) == NULL) { error("buffer_get_bignum2_ret: BN_bin2bn failed"); - xfree(bin); + free(bin); return (-1); } - xfree(bin); + free(bin); return (0); } diff --git a/crypto/openssh/bufec.c b/crypto/openssh/bufec.c index 3dcb49477d4f..6c0048978031 100644 --- a/crypto/openssh/bufec.c +++ b/crypto/openssh/bufec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bufec.c,v 1.1 2010/08/31 11:54:45 djm Exp $ */ +/* $OpenBSD: bufec.c,v 1.2 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2010 Damien Miller * @@ -78,7 +78,7 @@ buffer_put_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve, out: if (buf != NULL) { bzero(buf, len); - xfree(buf); + free(buf); } BN_CTX_free(bnctx); return ret; @@ -131,7 +131,7 @@ buffer_get_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve, out: BN_CTX_free(bnctx); bzero(buf, len); - xfree(buf); + free(buf); return ret; } diff --git a/crypto/openssh/buffer.c b/crypto/openssh/buffer.c index a3202c601d57..0fbbac89dece 100644 --- a/crypto/openssh/buffer.c +++ b/crypto/openssh/buffer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: buffer.c,v 1.32 2010/02/09 03:56:28 djm Exp $ */ +/* $OpenBSD: buffer.c,v 1.33 2013/05/17 00:13:13 djm Exp $ */ /* $FreeBSD$ */ /* * Author: Tatu Ylonen @@ -51,7 +51,7 @@ buffer_free(Buffer *buffer) if (buffer->alloc > 0) { memset(buffer->buf, 0, buffer->alloc); buffer->alloc = 0; - xfree(buffer->buf); + free(buffer->buf); } } diff --git a/crypto/openssh/buffer.h b/crypto/openssh/buffer.h index c35f53fe428a..f45c94a89035 100644 --- a/crypto/openssh/buffer.h +++ b/crypto/openssh/buffer.h @@ -1,4 +1,4 @@ -/* $OpenBSD: buffer.h,v 1.21 2010/08/31 11:54:45 djm Exp $ */ +/* $OpenBSD: buffer.h,v 1.22 2013/07/12 00:19:58 djm Exp $ */ /* $FreeBSD$ */ /* @@ -87,7 +87,7 @@ int buffer_get_int64_ret(u_int64_t *, Buffer *); void *buffer_get_string_ret(Buffer *, u_int *); char *buffer_get_cstring_ret(Buffer *, u_int *); void *buffer_get_string_ptr_ret(Buffer *, u_int *); -int buffer_get_char_ret(char *, Buffer *); +int buffer_get_char_ret(u_char *, Buffer *); #ifdef OPENSSL_HAS_ECC #include diff --git a/crypto/openssh/canohost.c b/crypto/openssh/canohost.c index dabd8a31ac87..69e8e6f6d9dc 100644 --- a/crypto/openssh/canohost.c +++ b/crypto/openssh/canohost.c @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.c,v 1.66 2010/01/13 01:20:20 dtucker Exp $ */ +/* $OpenBSD: canohost.c,v 1.67 2013/05/17 00:13:13 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -41,7 +41,7 @@ static int cached_port = -1; /* * Return the canonical name of the host at the other end of the socket. The - * caller should free the returned string with xfree. + * caller should free the returned string. */ static char * @@ -323,10 +323,8 @@ get_local_name(int fd) void clear_cached_addr(void) { - if (canonical_host_ip != NULL) { - xfree(canonical_host_ip); - canonical_host_ip = NULL; - } + free(canonical_host_ip); + canonical_host_ip = NULL; cached_port = -1; } diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index 4bdf26579779..4bd8b27c7d36 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.319 2012/12/02 20:46:11 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.324 2013/07/12 00:19:58 djm Exp $ */ /* $FreeBSD$ */ /* * Author: Tatu Ylonen @@ -219,6 +219,7 @@ channel_lookup(int id) case SSH_CHANNEL_OPEN: case SSH_CHANNEL_INPUT_DRAINING: case SSH_CHANNEL_OUTPUT_DRAINING: + case SSH_CHANNEL_ABANDONED: return (c); } logit("Non-public channel %d, type %d.", id, c->type); @@ -253,7 +254,10 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd, if ((c->isatty = is_tty) != 0) debug2("channel %d: rfd %d isatty", c->self, c->rfd); +#ifdef _AIX + /* XXX: Later AIX versions can't push as much data to tty */ c->wfd_isatty = is_tty || isatty(c->wfd); +#endif /* enable nonblocking mode */ if (nonblock) { @@ -408,7 +412,7 @@ channel_free(Channel *c) s = channel_open_message(); debug3("channel %d: status: %s", c->self, s); - xfree(s); + free(s); if (c->sock != -1) shutdown(c->sock, SHUT_RDWR); @@ -416,29 +420,23 @@ channel_free(Channel *c) buffer_free(&c->input); buffer_free(&c->output); buffer_free(&c->extended); - if (c->remote_name) { - xfree(c->remote_name); - c->remote_name = NULL; - } - if (c->path) { - xfree(c->path); - c->path = NULL; - } - if (c->listening_addr) { - xfree(c->listening_addr); - c->listening_addr = NULL; - } + free(c->remote_name); + c->remote_name = NULL; + free(c->path); + c->path = NULL; + free(c->listening_addr); + c->listening_addr = NULL; while ((cc = TAILQ_FIRST(&c->status_confirms)) != NULL) { if (cc->abandon_cb != NULL) cc->abandon_cb(c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); bzero(cc, sizeof(*cc)); - xfree(cc); + free(cc); } if (c->filter_cleanup != NULL && c->filter_ctx != NULL) c->filter_cleanup(c->self, c->filter_ctx); channels[c->self] = NULL; - xfree(c); + free(c); } void @@ -543,6 +541,7 @@ channel_still_open(void) case SSH_CHANNEL_DYNAMIC: case SSH_CHANNEL_CONNECTING: case SSH_CHANNEL_ZOMBIE: + case SSH_CHANNEL_ABANDONED: continue; case SSH_CHANNEL_LARVAL: if (!compat20) @@ -588,6 +587,7 @@ channel_find_open(void) case SSH_CHANNEL_OPENING: case SSH_CHANNEL_CONNECTING: case SSH_CHANNEL_ZOMBIE: + case SSH_CHANNEL_ABANDONED: continue; case SSH_CHANNEL_LARVAL: case SSH_CHANNEL_AUTH_SOCKET: @@ -635,6 +635,7 @@ channel_open_message(void) case SSH_CHANNEL_CLOSED: case SSH_CHANNEL_AUTH_SOCKET: case SSH_CHANNEL_ZOMBIE: + case SSH_CHANNEL_ABANDONED: case SSH_CHANNEL_MUX_CLIENT: case SSH_CHANNEL_MUX_LISTENER: continue; @@ -1122,10 +1123,8 @@ channel_decode_socks4(Channel *c, fd_set *readset, fd_set *writeset) strlcpy(username, p, sizeof(username)); buffer_consume(&c->input, len); - if (c->path != NULL) { - xfree(c->path); - c->path = NULL; - } + free(c->path); + c->path = NULL; if (need == 1) { /* SOCKS4: one string */ host = inet_ntoa(s4_req.dest_addr); c->path = xstrdup(host); @@ -1185,7 +1184,8 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) u_int8_t atyp; } s5_req, s5_rsp; u_int16_t dest_port; - u_char *p, dest_addr[255+1], ntop[INET6_ADDRSTRLEN]; + char dest_addr[255+1], ntop[INET6_ADDRSTRLEN]; + u_char *p; u_int have, need, i, found, nmethods, addrlen, af; debug2("channel %d: decode socks5", c->self); @@ -1255,13 +1255,11 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) buffer_consume(&c->input, sizeof(s5_req)); if (s5_req.atyp == SSH_SOCKS5_DOMAIN) buffer_consume(&c->input, 1); /* host string length */ - buffer_get(&c->input, (char *)&dest_addr, addrlen); + buffer_get(&c->input, &dest_addr, addrlen); buffer_get(&c->input, (char *)&dest_port, 2); dest_addr[addrlen] = '\0'; - if (c->path != NULL) { - xfree(c->path); - c->path = NULL; - } + free(c->path); + c->path = NULL; if (s5_req.atyp == SSH_SOCKS5_DOMAIN) { if (addrlen >= NI_MAXHOST) { error("channel %d: dynamic request: socks5 hostname " @@ -1283,11 +1281,10 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) s5_rsp.command = SSH_SOCKS5_SUCCESS; s5_rsp.reserved = 0; /* ignored */ s5_rsp.atyp = SSH_SOCKS5_IPV4; - ((struct in_addr *)&dest_addr)->s_addr = INADDR_ANY; dest_port = 0; /* ignored */ buffer_append(&c->output, &s5_rsp, sizeof(s5_rsp)); - buffer_append(&c->output, &dest_addr, sizeof(struct in_addr)); + buffer_put_int(&c->output, ntohl(INADDR_ANY)); /* bind address */ buffer_append(&c->output, &dest_port, sizeof(dest_port)); return 1; } @@ -1366,7 +1363,7 @@ channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset) { Channel *nc; struct sockaddr_storage addr; - int newsock; + int newsock, oerrno; socklen_t addrlen; char buf[16384], *remote_ipaddr; int remote_port; @@ -1376,14 +1373,18 @@ channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset) addrlen = sizeof(addr); newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen); if (c->single_connection) { + oerrno = errno; debug2("single_connection: closing X11 listener."); channel_close_fd(&c->sock); chan_mark_dead(c); + errno = oerrno; } if (newsock < 0) { - error("accept: %.100s", strerror(errno)); + if (errno != EINTR && errno != EWOULDBLOCK && + errno != ECONNABORTED) + error("accept: %.100s", strerror(errno)); if (errno == EMFILE || errno == ENFILE) - c->notbefore = time(NULL) + 1; + c->notbefore = monotime() + 1; return; } set_nodelay(newsock); @@ -1417,7 +1418,7 @@ channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset) packet_put_cstring(buf); packet_send(); } - xfree(remote_ipaddr); + free(remote_ipaddr); } } @@ -1431,7 +1432,7 @@ port_open_helper(Channel *c, char *rtype) if (remote_port == -1) { /* Fake addr/port to appease peers that validate it (Tectia) */ - xfree(remote_ipaddr); + free(remote_ipaddr); remote_ipaddr = xstrdup("127.0.0.1"); remote_port = 65535; } @@ -1444,7 +1445,7 @@ port_open_helper(Channel *c, char *rtype) rtype, c->listening_port, c->path, c->host_port, remote_ipaddr, remote_port); - xfree(c->remote_name); + free(c->remote_name); c->remote_name = xstrdup(buf); if (compat20) { @@ -1476,7 +1477,7 @@ port_open_helper(Channel *c, char *rtype) packet_put_cstring(c->remote_name); packet_send(); } - xfree(remote_ipaddr); + free(remote_ipaddr); } static void @@ -1526,9 +1527,11 @@ channel_post_port_listener(Channel *c, fd_set *readset, fd_set *writeset) addrlen = sizeof(addr); newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen); if (newsock < 0) { - error("accept: %.100s", strerror(errno)); + if (errno != EINTR && errno != EWOULDBLOCK && + errno != ECONNABORTED) + error("accept: %.100s", strerror(errno)); if (errno == EMFILE || errno == ENFILE) - c->notbefore = time(NULL) + 1; + c->notbefore = monotime() + 1; return; } set_nodelay(newsock); @@ -1564,7 +1567,7 @@ channel_post_auth_listener(Channel *c, fd_set *readset, fd_set *writeset) error("accept from auth socket: %.100s", strerror(errno)); if (errno == EMFILE || errno == ENFILE) - c->notbefore = time(NULL) + 1; + c->notbefore = monotime() + 1; return; } nc = channel_new("accepted auth socket", @@ -1727,7 +1730,7 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset) if (c->datagram) { /* ignore truncated writes, datagrams might get lost */ len = write(c->wfd, buf, dlen); - xfree(data); + free(data); if (len < 0 && (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)) return 1; @@ -1979,7 +1982,7 @@ channel_post_mux_listener(Channel *c, fd_set *readset, fd_set *writeset) &addrlen)) == -1) { error("%s accept: %s", __func__, strerror(errno)); if (errno == EMFILE || errno == ENFILE) - c->notbefore = time(NULL) + 1; + c->notbefore = monotime() + 1; return; } @@ -2142,7 +2145,7 @@ channel_handler(chan_fn *ftab[], fd_set *readset, fd_set *writeset, channel_handler_init(); did_init = 1; } - now = time(NULL); + now = monotime(); if (unpause_secs != NULL) *unpause_secs = 0; for (i = 0, oalloc = channels_alloc; i < oalloc; i++) { @@ -2272,7 +2275,7 @@ channel_output_poll(void) debug("channel %d: datagram " "too big for channel", c->self); - xfree(data); + free(data); continue; } packet_start(SSH2_MSG_CHANNEL_DATA); @@ -2280,7 +2283,7 @@ channel_output_poll(void) packet_put_string(data, dlen); packet_send(); c->remote_window -= dlen + 4; - xfree(data); + free(data); } continue; } @@ -2452,13 +2455,13 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt) if (data_len > c->local_window) { logit("channel %d: rcvd too much extended_data %d, win %d", c->self, data_len, c->local_window); - xfree(data); + free(data); return; } debug2("channel %d: rcvd ext data %d", c->self, data_len); c->local_window -= data_len; buffer_append(&c->extended, data, data_len); - xfree(data); + free(data); } /* ARGSUSED */ @@ -2548,7 +2551,7 @@ channel_input_close_confirmation(int type, u_int32_t seq, void *ctxt) if (c == NULL) packet_disconnect("Received close confirmation for " "out-of-range channel %d.", id); - if (c->type != SSH_CHANNEL_CLOSED) + if (c->type != SSH_CHANNEL_CLOSED && c->type != SSH_CHANNEL_ABANDONED) packet_disconnect("Received close confirmation for " "non-closed channel %d (type %d).", id, c->type); channel_free(c); @@ -2624,10 +2627,8 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt) } logit("channel %d: open failed: %s%s%s", id, reason2txt(reason), msg ? ": ": "", msg ? msg : ""); - if (msg != NULL) - xfree(msg); - if (lang != NULL) - xfree(lang); + free(msg); + free(lang); if (c->open_confirm) { debug2("callback start"); c->open_confirm(c->self, 0, c->open_confirm_ctx); @@ -2685,8 +2686,8 @@ channel_input_port_open(int type, u_int32_t seq, void *ctxt) packet_check_eom(); c = channel_connect_to(host, host_port, "connected socket", originator_string); - xfree(originator_string); - xfree(host); + free(originator_string); + free(host); if (c == NULL) { packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); packet_put_int(remote_id); @@ -2721,7 +2722,7 @@ channel_input_status_confirm(int type, u_int32_t seq, void *ctxt) cc->cb(type, c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); bzero(cc, sizeof(*cc)); - xfree(cc); + free(cc); } /* -- tcp forwarding */ @@ -3117,7 +3118,7 @@ channel_request_rforward_cancel(const char *host, u_short port) permitted_opens[i].listen_port = 0; permitted_opens[i].port_to_connect = 0; - xfree(permitted_opens[i].host_to_connect); + free(permitted_opens[i].host_to_connect); permitted_opens[i].host_to_connect = NULL; return 0; @@ -3158,7 +3159,7 @@ channel_input_port_forward_request(int is_root, int gateway_ports) host_port, gateway_ports); /* Free the argument string. */ - xfree(hostname); + free(hostname); return (success ? 0 : -1); } @@ -3213,7 +3214,7 @@ channel_update_permitted_opens(int idx, int newport) } else { permitted_opens[idx].listen_port = 0; permitted_opens[idx].port_to_connect = 0; - xfree(permitted_opens[idx].host_to_connect); + free(permitted_opens[idx].host_to_connect); permitted_opens[idx].host_to_connect = NULL; } } @@ -3246,12 +3247,9 @@ channel_clear_permitted_opens(void) int i; for (i = 0; i < num_permitted_opens; i++) - if (permitted_opens[i].host_to_connect != NULL) - xfree(permitted_opens[i].host_to_connect); - if (num_permitted_opens > 0) { - xfree(permitted_opens); - permitted_opens = NULL; - } + free(permitted_opens[i].host_to_connect); + free(permitted_opens); + permitted_opens = NULL; num_permitted_opens = 0; } @@ -3261,12 +3259,9 @@ channel_clear_adm_permitted_opens(void) int i; for (i = 0; i < num_adm_permitted_opens; i++) - if (permitted_adm_opens[i].host_to_connect != NULL) - xfree(permitted_adm_opens[i].host_to_connect); - if (num_adm_permitted_opens > 0) { - xfree(permitted_adm_opens); - permitted_adm_opens = NULL; - } + free(permitted_adm_opens[i].host_to_connect); + free(permitted_adm_opens); + permitted_adm_opens = NULL; num_adm_permitted_opens = 0; } @@ -3360,7 +3355,7 @@ connect_next(struct channel_connect *cctx) static void channel_connect_ctx_free(struct channel_connect *cctx) { - xfree(cctx->host); + free(cctx->host); if (cctx->aitop) freeaddrinfo(cctx->aitop); bzero(cctx, sizeof(*cctx)); @@ -3761,7 +3756,7 @@ x11_input_open(int type, u_int32_t seq, void *ctxt) c->remote_id = remote_id; c->force_drain = 1; } - xfree(remote_host); + free(remote_host); if (c == NULL) { /* Send refusal to the remote host. */ packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); @@ -3869,7 +3864,7 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp, packet_put_int(screen_number); packet_send(); packet_write_wait(); - xfree(new_data); + free(new_data); } diff --git a/crypto/openssh/channels.h b/crypto/openssh/channels.h index cede0a4e1b27..68ebf098b16f 100644 --- a/crypto/openssh/channels.h +++ b/crypto/openssh/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.111 2012/04/11 13:16:19 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.113 2013/06/07 15:37:52 dtucker Exp $ */ /* $FreeBSD$ */ /* @@ -56,7 +56,8 @@ #define SSH_CHANNEL_ZOMBIE 14 /* Almost dead. */ #define SSH_CHANNEL_MUX_LISTENER 15 /* Listener for mux conn. */ #define SSH_CHANNEL_MUX_CLIENT 16 /* Conn. to mux slave */ -#define SSH_CHANNEL_MAX_TYPE 17 +#define SSH_CHANNEL_ABANDONED 17 /* Abandoned session, eg mux */ +#define SSH_CHANNEL_MAX_TYPE 18 #define CHANNEL_CANCEL_PORT_STATIC -1 @@ -103,7 +104,9 @@ struct Channel { int sock; /* sock fd */ int ctl_chan; /* control channel (multiplexed connections) */ int isatty; /* rfd is a tty */ +#ifdef _AIX int wfd_isatty; /* wfd is a tty */ +#endif int client_tty; /* (client) TTY has been requested */ int force_drain; /* force close on iEOF */ time_t notbefore; /* Pause IO until deadline (time_t) */ @@ -111,7 +114,7 @@ struct Channel { * channels are delayed until the first call * to a matching pre-select handler. * this way post-select handlers are not - * accidenly called if a FD gets reused */ + * accidentally called if a FD gets reused */ Buffer input; /* data read from socket, to be sent over * encrypted connection */ Buffer output; /* data received over encrypted connection for diff --git a/crypto/openssh/cipher-3des1.c b/crypto/openssh/cipher-3des1.c index b7aa588cd5b4..c8a70244b099 100644 --- a/crypto/openssh/cipher-3des1.c +++ b/crypto/openssh/cipher-3des1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher-3des1.c,v 1.7 2010/10/01 23:05:32 djm Exp $ */ +/* $OpenBSD: cipher-3des1.c,v 1.8 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. * @@ -94,7 +94,7 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { memset(c, 0, sizeof(*c)); - xfree(c); + free(c); EVP_CIPHER_CTX_set_app_data(ctx, NULL); return (0); } @@ -135,7 +135,7 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) EVP_CIPHER_CTX_cleanup(&c->k2); EVP_CIPHER_CTX_cleanup(&c->k3); memset(c, 0, sizeof(*c)); - xfree(c); + free(c); EVP_CIPHER_CTX_set_app_data(ctx, NULL); } return (1); diff --git a/crypto/openssh/cipher-aes.c b/crypto/openssh/cipher-aes.c index 07ec7aa5dd6a..8b1017272843 100644 --- a/crypto/openssh/cipher-aes.c +++ b/crypto/openssh/cipher-aes.c @@ -120,7 +120,7 @@ ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx) if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { memset(c, 0, sizeof(*c)); - xfree(c); + free(c); EVP_CIPHER_CTX_set_app_data(ctx, NULL); } return (1); diff --git a/crypto/openssh/cipher-ctr.c b/crypto/openssh/cipher-ctr.c index d1fe69f57031..ea0f9b3b7422 100644 --- a/crypto/openssh/cipher-ctr.c +++ b/crypto/openssh/cipher-ctr.c @@ -104,7 +104,7 @@ ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx) if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { memset(c, 0, sizeof(*c)); - xfree(c); + free(c); EVP_CIPHER_CTX_set_app_data(ctx, NULL); } return (1); diff --git a/crypto/openssh/cipher.c b/crypto/openssh/cipher.c index 91bd11ee4a2f..57fe4eb8a50d 100644 --- a/crypto/openssh/cipher.c +++ b/crypto/openssh/cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.87 2013/01/26 06:11:05 djm Exp $ */ +/* $OpenBSD: cipher.c,v 1.89 2013/05/17 00:13:13 djm Exp $ */ /* $FreeBSD$ */ /* * Author: Tatu Ylonen @@ -66,7 +66,9 @@ struct Cipher { u_int discard_len; u_int cbc_mode; const EVP_CIPHER *(*evptype)(void); -} ciphers[] = { +}; + +static const struct Cipher ciphers[] = { { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, { "des", SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc }, { "3des", SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des }, @@ -99,6 +101,27 @@ struct Cipher { /*--*/ +/* Returns a comma-separated list of supported ciphers. */ +char * +cipher_alg_list(void) +{ + char *ret = NULL; + size_t nlen, rlen = 0; + const Cipher *c; + + for (c = ciphers; c->name != NULL; c++) { + if (c->number != SSH_CIPHER_SSH2) + continue; + if (ret != NULL) + ret[rlen++] = '\n'; + nlen = strlen(c->name); + ret = xrealloc(ret, 1, rlen + nlen + 2); + memcpy(ret + rlen, c->name, nlen + 1); + rlen += nlen; + } + return ret; +} + u_int cipher_blocksize(const Cipher *c) { @@ -147,20 +170,20 @@ cipher_mask_ssh1(int client) return mask; } -Cipher * +const Cipher * cipher_by_name(const char *name) { - Cipher *c; + const Cipher *c; for (c = ciphers; c->name != NULL; c++) if (strcmp(c->name, name) == 0) return c; return NULL; } -Cipher * +const Cipher * cipher_by_number(int id) { - Cipher *c; + const Cipher *c; for (c = ciphers; c->name != NULL; c++) if (c->number == id) return c; @@ -171,7 +194,7 @@ cipher_by_number(int id) int ciphers_valid(const char *names) { - Cipher *c; + const Cipher *c; char *cipher_list, *cp; char *p; @@ -188,14 +211,14 @@ ciphers_valid(const char *names) if (c == NULL || (c->number != SSH_CIPHER_SSH2)) { #endif debug("bad cipher %s [%s]", p, names); - xfree(cipher_list); + free(cipher_list); return 0; } else { debug3("cipher ok: %s [%s]", p, names); } } debug3("ciphers ok: [%s]", names); - xfree(cipher_list); + free(cipher_list); return 1; } @@ -207,7 +230,7 @@ ciphers_valid(const char *names) int cipher_number(const char *name) { - Cipher *c; + const Cipher *c; if (name == NULL) return -1; for (c = ciphers; c->name != NULL; c++) @@ -219,12 +242,12 @@ cipher_number(const char *name) char * cipher_name(int id) { - Cipher *c = cipher_by_number(id); + const Cipher *c = cipher_by_number(id); return (c==NULL) ? "" : c->name; } void -cipher_init(CipherContext *cc, Cipher *cipher, +cipher_init(CipherContext *cc, const Cipher *cipher, const u_char *key, u_int keylen, const u_char *iv, u_int ivlen, int do_encrypt) { @@ -297,8 +320,8 @@ cipher_init(CipherContext *cc, Cipher *cipher, cipher->discard_len) == 0) fatal("evp_crypt: EVP_Cipher failed during discard"); memset(discard, 0, cipher->discard_len); - xfree(junk); - xfree(discard); + free(junk); + free(discard); } } @@ -370,7 +393,7 @@ cipher_cleanup(CipherContext *cc) */ void -cipher_set_key_string(CipherContext *cc, Cipher *cipher, +cipher_set_key_string(CipherContext *cc, const Cipher *cipher, const char *passphrase, int do_encrypt) { MD5_CTX md; @@ -395,7 +418,7 @@ cipher_set_key_string(CipherContext *cc, Cipher *cipher, int cipher_get_keyiv_len(const CipherContext *cc) { - Cipher *c = cc->cipher; + const Cipher *c = cc->cipher; int ivlen; if (c->number == SSH_CIPHER_3DES) @@ -408,7 +431,7 @@ cipher_get_keyiv_len(const CipherContext *cc) void cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) { - Cipher *c = cc->cipher; + const Cipher *c = cc->cipher; int evplen; switch (c->number) { @@ -447,7 +470,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) void cipher_set_keyiv(CipherContext *cc, u_char *iv) { - Cipher *c = cc->cipher; + const Cipher *c = cc->cipher; int evplen = 0; switch (c->number) { @@ -483,7 +506,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv) int cipher_get_keycontext(const CipherContext *cc, u_char *dat) { - Cipher *c = cc->cipher; + const Cipher *c = cc->cipher; int plen = 0; if (c->evptype == EVP_rc4) { @@ -498,7 +521,7 @@ cipher_get_keycontext(const CipherContext *cc, u_char *dat) void cipher_set_keycontext(CipherContext *cc, u_char *dat) { - Cipher *c = cc->cipher; + const Cipher *c = cc->cipher; int plen; if (c->evptype == EVP_rc4) { diff --git a/crypto/openssh/cipher.h b/crypto/openssh/cipher.h index 8cb57c3e5944..b878d50f4fc6 100644 --- a/crypto/openssh/cipher.h +++ b/crypto/openssh/cipher.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.h,v 1.39 2013/01/08 18:49:04 markus Exp $ */ +/* $OpenBSD: cipher.h,v 1.40 2013/04/19 01:06:50 djm Exp $ */ /* * Author: Tatu Ylonen @@ -66,21 +66,22 @@ struct CipherContext { int plaintext; int encrypt; EVP_CIPHER_CTX evp; - Cipher *cipher; + const Cipher *cipher; }; u_int cipher_mask_ssh1(int); -Cipher *cipher_by_name(const char *); -Cipher *cipher_by_number(int); +const Cipher *cipher_by_name(const char *); +const Cipher *cipher_by_number(int); int cipher_number(const char *); char *cipher_name(int); int ciphers_valid(const char *); -void cipher_init(CipherContext *, Cipher *, const u_char *, u_int, +char *cipher_alg_list(void); +void cipher_init(CipherContext *, const Cipher *, const u_char *, u_int, const u_char *, u_int, int); void cipher_crypt(CipherContext *, u_char *, const u_char *, u_int, u_int, u_int); void cipher_cleanup(CipherContext *); -void cipher_set_key_string(CipherContext *, Cipher *, const char *, int); +void cipher_set_key_string(CipherContext *, const Cipher *, const char *, int); u_int cipher_blocksize(const Cipher *); u_int cipher_keylen(const Cipher *); u_int cipher_authlen(const Cipher *); diff --git a/crypto/openssh/clientloop.c b/crypto/openssh/clientloop.c index aa6670affaa7..ad390b1433ef 100644 --- a/crypto/openssh/clientloop.c +++ b/crypto/openssh/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.248 2013/01/02 00:32:07 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.253 2013/06/07 15:37:52 dtucker Exp $ */ /* $FreeBSD$ */ /* * Author: Tatu Ylonen @@ -274,7 +274,7 @@ set_control_persist_exit_time(void) control_persist_exit_time = 0; } else if (control_persist_exit_time <= 0) { /* a client connection has recently closed */ - control_persist_exit_time = time(NULL) + + control_persist_exit_time = monotime() + (time_t)options.control_persist_timeout; debug2("%s: schedule exit in %d seconds", __func__, options.control_persist_timeout); @@ -357,7 +357,7 @@ client_x11_get_proto(const char *display, const char *xauth_path, if (system(cmd) == 0) generated = 1; if (x11_refuse_time == 0) { - now = time(NULL) + 1; + now = monotime() + 1; if (UINT_MAX - timeout < now) x11_refuse_time = UINT_MAX; else @@ -394,10 +394,8 @@ client_x11_get_proto(const char *display, const char *xauth_path, unlink(xauthfile); rmdir(xauthdir); } - if (xauthdir) - xfree(xauthdir); - if (xauthfile) - xfree(xauthfile); + free(xauthdir); + free(xauthfile); /* * If we didn't get authentication data, just make up some @@ -553,7 +551,7 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt) if (--gc->ref_count <= 0) { TAILQ_REMOVE(&global_confirms, gc, entry); bzero(gc, sizeof(*gc)); - xfree(gc); + free(gc); } packet_set_alive_timeouts(0); @@ -584,7 +582,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, { struct timeval tv, *tvp; int timeout_secs; - time_t minwait_secs = 0; + time_t minwait_secs = 0, server_alive_time = 0, now = monotime(); int ret; /* Add any selections by the channel mechanism. */ @@ -633,12 +631,16 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, */ timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */ - if (options.server_alive_interval > 0 && compat20) + if (options.server_alive_interval > 0 && compat20) { timeout_secs = options.server_alive_interval; + server_alive_time = now + options.server_alive_interval; + } + if (options.rekey_interval > 0 && compat20 && !rekeying) + timeout_secs = MIN(timeout_secs, packet_get_rekey_timeout()); set_control_persist_exit_time(); if (control_persist_exit_time > 0) { timeout_secs = MIN(timeout_secs, - control_persist_exit_time - time(NULL)); + control_persist_exit_time - now); if (timeout_secs < 0) timeout_secs = 0; } @@ -670,8 +672,15 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); buffer_append(&stderr_buffer, buf, strlen(buf)); quit_pending = 1; - } else if (ret == 0) - server_alive_check(); + } else if (ret == 0) { + /* + * Timeout. Could have been either keepalive or rekeying. + * Keepalive we check here, rekeying is checked in clientloop. + */ + if (server_alive_time != 0 && server_alive_time <= monotime()) + server_alive_check(); + } + } static void @@ -816,13 +825,13 @@ client_status_confirm(int type, Channel *c, void *ctx) chan_write_failed(c); } } - xfree(cr); + free(cr); } static void client_abandon_status_confirm(Channel *c, void *ctx) { - xfree(ctx); + free(ctx); } void @@ -989,12 +998,9 @@ process_cmdline(void) out: signal(SIGINT, handler); enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE); - if (cmd) - xfree(cmd); - if (fwd.listen_host != NULL) - xfree(fwd.listen_host); - if (fwd.connect_host != NULL) - xfree(fwd.connect_host); + free(cmd); + free(fwd.listen_host); + free(fwd.connect_host); } /* reasons to suppress output of an escape command in help output */ @@ -1104,8 +1110,11 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr, if (c && c->ctl_chan != -1) { chan_read_failed(c); chan_write_failed(c); - mux_master_session_cleanup_cb(c->self, - NULL); + if (c->detach_user) + c->detach_user(c->self, NULL); + c->type = SSH_CHANNEL_ABANDONED; + buffer_clear(&c->input); + chan_ibuf_empty(c); return 0; } else quit_pending = 1; @@ -1251,7 +1260,7 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr, buffer_append(berr, string, strlen(string)); s = channel_open_message(); buffer_append(berr, s, strlen(s)); - xfree(s); + free(s); continue; case 'C': @@ -1440,7 +1449,7 @@ client_new_escape_filter_ctx(int escape_char) void client_filter_cleanup(int cid, void *ctx) { - xfree(ctx); + free(ctx); } int @@ -1645,16 +1654,14 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) * connections, then quit. */ if (control_persist_exit_time > 0) { - if (time(NULL) >= control_persist_exit_time) { + if (monotime() >= control_persist_exit_time) { debug("ControlPersist timeout expired"); break; } } } - if (readset) - xfree(readset); - if (writeset) - xfree(writeset); + free(readset); + free(writeset); /* Terminate the session. */ @@ -1756,7 +1763,7 @@ client_input_stdout_data(int type, u_int32_t seq, void *ctxt) packet_check_eom(); buffer_append(&stdout_buffer, data, data_len); memset(data, 0, data_len); - xfree(data); + free(data); } static void client_input_stderr_data(int type, u_int32_t seq, void *ctxt) @@ -1766,7 +1773,7 @@ client_input_stderr_data(int type, u_int32_t seq, void *ctxt) packet_check_eom(); buffer_append(&stderr_buffer, data, data_len); memset(data, 0, data_len); - xfree(data); + free(data); } static void client_input_exit_status(int type, u_int32_t seq, void *ctxt) @@ -1846,8 +1853,8 @@ client_request_forwarded_tcpip(const char *request_type, int rchan) c = channel_connect_by_listen_address(listen_port, "forwarded-tcpip", originator_address); - xfree(originator_address); - xfree(listen_address); + free(originator_address); + free(listen_address); return c; } @@ -1865,7 +1872,7 @@ client_request_x11(const char *request_type, int rchan) "malicious server."); return NULL; } - if (x11_refuse_time != 0 && time(NULL) >= x11_refuse_time) { + if (x11_refuse_time != 0 && monotime() >= x11_refuse_time) { verbose("Rejected X11 connection after ForwardX11Timeout " "expired"); return NULL; @@ -1881,7 +1888,7 @@ client_request_x11(const char *request_type, int rchan) /* XXX check permission */ debug("client_request_x11: request from %s %d", originator, originator_port); - xfree(originator); + free(originator); sock = x11_connect_display(); if (sock < 0) return NULL; @@ -2025,7 +2032,7 @@ client_input_channel_open(int type, u_int32_t seq, void *ctxt) } packet_send(); } - xfree(ctype); + free(ctype); } static void client_input_channel_req(int type, u_int32_t seq, void *ctxt) @@ -2071,7 +2078,7 @@ client_input_channel_req(int type, u_int32_t seq, void *ctxt) packet_put_int(c->remote_id); packet_send(); } - xfree(rtype); + free(rtype); } static void client_input_global_request(int type, u_int32_t seq, void *ctxt) @@ -2090,7 +2097,7 @@ client_input_global_request(int type, u_int32_t seq, void *ctxt) packet_send(); packet_write_wait(); } - xfree(rtype); + free(rtype); } void @@ -2140,7 +2147,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem, /* Split */ name = xstrdup(env[i]); if ((val = strchr(name, '=')) == NULL) { - xfree(name); + free(name); continue; } *val++ = '\0'; @@ -2154,7 +2161,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem, } if (!matched) { debug3("Ignored env %s", name); - xfree(name); + free(name); continue; } @@ -2163,7 +2170,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem, packet_put_cstring(name); packet_put_cstring(val); packet_send(); - xfree(name); + free(name); } } diff --git a/crypto/openssh/clientloop.h b/crypto/openssh/clientloop.h index d2baa0324573..338d45186f8b 100644 --- a/crypto/openssh/clientloop.h +++ b/crypto/openssh/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.30 2012/08/17 00:45:45 dtucker Exp $ */ +/* $OpenBSD: clientloop.h,v 1.31 2013/06/02 23:36:29 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -76,5 +76,4 @@ void muxserver_listen(void); void muxclient(const char *); void mux_exit_message(Channel *, int); void mux_tty_alloc_failed(Channel *); -void mux_master_session_cleanup_cb(int, void *); diff --git a/crypto/openssh/compat.c b/crypto/openssh/compat.c index e357faf98e05..17d2a1819570 100644 --- a/crypto/openssh/compat.c +++ b/crypto/openssh/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.80 2012/08/17 01:30:00 djm Exp $ */ +/* $OpenBSD: compat.c,v 1.81 2013/05/17 00:13:13 djm Exp $ */ /* $FreeBSD$ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. @@ -215,7 +215,7 @@ proto_spec(const char *spec) break; } } - xfree(s); + free(s); return ret; } @@ -241,7 +241,7 @@ compat_cipher_proposal(char *cipher_prop) buffer_append(&b, "\0", 1); fix_ciphers = xstrdup(buffer_ptr(&b)); buffer_free(&b); - xfree(orig_prop); + free(orig_prop); debug2("Original cipher proposal: %s", cipher_prop); debug2("Compat cipher proposal: %s", fix_ciphers); if (!*fix_ciphers) diff --git a/crypto/openssh/config.guess b/crypto/openssh/config.guess index 78553c4ea07e..b94cde8ef2e0 100755 --- a/crypto/openssh/config.guess +++ b/crypto/openssh/config.guess @@ -2,9 +2,9 @@ # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011 Free Software Foundation, Inc. +# 2011, 2012, 2013 Free Software Foundation, Inc. -timestamp='2011-01-23' +timestamp='2012-12-23' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -17,9 +17,7 @@ timestamp='2011-01-23' # General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. +# along with this program; if not, see . # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -57,8 +55,8 @@ GNU config.guess ($timestamp) Originally written by Per Bothner. Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free -Software Foundation, Inc. +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, +2012, 2013 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -145,7 +143,7 @@ UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # switched to ELF, *-*-netbsd* would select the old # object file format. This provides both forward @@ -181,7 +179,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in fi ;; *) - os=netbsd + os=netbsd ;; esac # The OS release @@ -202,6 +200,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit ;; + *:Bitrig:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE} + exit ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} @@ -224,7 +226,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` ;; *5.*) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` ;; esac # According to Compaq, /usr/sbin/psrinfo has been available on @@ -299,12 +301,12 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in echo s390-ibm-zvmoe exit ;; *:OS400:*:*) - echo powerpc-ibm-os400 + echo powerpc-ibm-os400 exit ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) + arm*:riscos:*:*|arm*:RISCOS:*:*) echo arm-unknown-riscos exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) @@ -398,23 +400,23 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} + echo m68k-atari-mint${UNAME_RELEASE} exit ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit ;; + exit ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} + echo m68k-atari-mint${UNAME_RELEASE} exit ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit ;; + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit ;; + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit ;; + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; m68k:machten:*:*) echo m68k-apple-machten${UNAME_RELEASE} exit ;; @@ -484,8 +486,8 @@ EOF echo m88k-motorola-sysv3 exit ;; AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] then if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ @@ -498,7 +500,7 @@ EOF else echo i586-dg-dgux${UNAME_RELEASE} fi - exit ;; + exit ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 exit ;; @@ -598,52 +600,52 @@ EOF 9000/[678][0-9][0-9]) if [ -x /usr/bin/getconf ]; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` - sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 - 532) # CPU_PA_RISC2_0 - case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 - esac ;; - esac + esac ;; + esac fi if [ "${HP_ARCH}" = "" ]; then eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c + sed 's/^ //' << EOF >$dummy.c - #define _HPUX_SOURCE - #include - #include + #define _HPUX_SOURCE + #include + #include - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } EOF (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` test -z "$HP_ARCH" && HP_ARCH=hppa @@ -734,22 +736,22 @@ EOF exit ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd - exit ;; + exit ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi - exit ;; + exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd - exit ;; + exit ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd - exit ;; + exit ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd - exit ;; + exit ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; @@ -773,14 +775,14 @@ EOF exit ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} @@ -792,30 +794,35 @@ EOF echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit ;; *:FreeBSD:*:*) - case ${UNAME_MACHINE} in - pc98) - echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + UNAME_PROCESSOR=`/usr/bin/uname -p` + case ${UNAME_PROCESSOR} in amd64) echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; *) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; esac exit ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; + *:MINGW64*:*) + echo ${UNAME_MACHINE}-pc-mingw64 + exit ;; *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; + i*:MSYS*:*) + echo ${UNAME_MACHINE}-pc-msys + exit ;; i*:windows32*:*) - # uname -m includes "-pc" on this system. - echo ${UNAME_MACHINE}-mingw32 + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 exit ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit ;; *:Interix*:*) - case ${UNAME_MACHINE} in + case ${UNAME_MACHINE} in x86) echo i586-pc-interix${UNAME_RELEASE} exit ;; @@ -861,6 +868,13 @@ EOF i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; + aarch64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + aarch64_be:Linux:*:*) + UNAME_MACHINE=aarch64_be + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in EV5) UNAME_MACHINE=alphaev5 ;; @@ -870,7 +884,7 @@ EOF EV6) UNAME_MACHINE=alphaev6 ;; EV67) UNAME_MACHINE=alphaev67 ;; EV68*) UNAME_MACHINE=alphaev68 ;; - esac + esac objdump --private-headers /bin/sh | grep -q ld.so.1 if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} @@ -882,20 +896,29 @@ EOF then echo ${UNAME_MACHINE}-unknown-linux-gnu else - echo ${UNAME_MACHINE}-unknown-linux-gnueabi + if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_PCS_VFP + then + echo ${UNAME_MACHINE}-unknown-linux-gnueabi + else + echo ${UNAME_MACHINE}-unknown-linux-gnueabihf + fi fi exit ;; avr32*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; cris:Linux:*:*) - echo cris-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-gnu exit ;; crisv32:Linux:*:*) - echo crisv32-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-gnu exit ;; frv:Linux:*:*) - echo frv-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + hexagon:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; i*86:Linux:*:*) LIBC=gnu @@ -937,7 +960,7 @@ EOF test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; or32:Linux:*:*) - echo or32-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; padre:Linux:*:*) echo sparc-unknown-linux-gnu @@ -963,7 +986,7 @@ EOF echo ${UNAME_MACHINE}-ibm-linux exit ;; sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; sh*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu @@ -972,16 +995,16 @@ EOF echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; tile*:Linux:*:*) - echo ${UNAME_MACHINE}-tilera-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; vax:Linux:*:*) echo ${UNAME_MACHINE}-dec-linux-gnu exit ;; x86_64:Linux:*:*) - echo x86_64-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. @@ -990,11 +1013,11 @@ EOF echo i386-sequent-sysv4 exit ;; i*86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. + # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} exit ;; i*86:OS/2:*:*) @@ -1026,7 +1049,7 @@ EOF fi exit ;; i*86:*:5:[678]*) - # UnixWare 7.x, OpenUNIX and OpenServer 6. + # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in *486*) UNAME_MACHINE=i486 ;; *Pentium) UNAME_MACHINE=i586 ;; @@ -1054,13 +1077,13 @@ EOF exit ;; pc:*:*:*) # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i586. + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i586. # Note: whatever this is, it MUST be the same as what config.sub # prints for the "djgpp" host, or else GDB configury will decide that # this is a cross-build. echo i586-pc-msdosdjgpp - exit ;; + exit ;; Intel:Mach:3*:*) echo i386-pc-mach3 exit ;; @@ -1095,8 +1118,8 @@ EOF /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4; exit; } ;; + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; NCR*:*:4.2:* | MPRAS*:*:4.2:*) OS_REL='.3' test -r /etc/.relid \ @@ -1139,10 +1162,10 @@ EOF echo ns32k-sni-sysv fi exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm @@ -1168,11 +1191,11 @@ EOF exit ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} + echo mips-nec-sysv${UNAME_RELEASE} else - echo mips-unknown-sysv${UNAME_RELEASE} + echo mips-unknown-sysv${UNAME_RELEASE} fi - exit ;; + exit ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos exit ;; @@ -1185,6 +1208,9 @@ EOF BePC:Haiku:*:*) # Haiku running on Intel PC compatible. echo i586-pc-haiku exit ;; + x86_64:Haiku:*:*) + echo x86_64-unknown-haiku + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; @@ -1240,7 +1266,7 @@ EOF NEO-?:NONSTOP_KERNEL:*:*) echo neo-tandem-nsk${UNAME_RELEASE} exit ;; - NSE-?:NONSTOP_KERNEL:*:*) + NSE-*:NONSTOP_KERNEL:*:*) echo nse-tandem-nsk${UNAME_RELEASE} exit ;; NSR-?:NONSTOP_KERNEL:*:*) @@ -1285,13 +1311,13 @@ EOF echo pdp10-unknown-its exit ;; SEI:*:*:SEIUX) - echo mips-sei-seiux${UNAME_RELEASE} + echo mips-sei-seiux${UNAME_RELEASE} exit ;; *:DragonFly:*:*) echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit ;; *:*VMS:*:*) - UNAME_MACHINE=`(uname -p) 2>/dev/null` + UNAME_MACHINE=`(uname -p) 2>/dev/null` case "${UNAME_MACHINE}" in A*) echo alpha-dec-vms ; exit ;; I*) echo ia64-dec-vms ; exit ;; @@ -1309,11 +1335,11 @@ EOF i*86:AROS:*:*) echo ${UNAME_MACHINE}-pc-aros exit ;; + x86_64:VMkernel:*:*) + echo ${UNAME_MACHINE}-unknown-esx + exit ;; esac -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - eval $set_cc_for_build cat >$dummy.c < printf ("m68k-sony-newsos%s\n", #ifdef NEWSOS4 - "4" + "4" #else - "" + "" #endif - ); exit (0); + ); exit (0); #endif #endif diff --git a/crypto/openssh/config.h b/crypto/openssh/config.h index 2d653cd03ac9..cc3d1e7fa465 100644 --- a/crypto/openssh/config.h +++ b/crypto/openssh/config.h @@ -157,7 +157,7 @@ /* #undef GLOB_HAS_GL_STATV */ /* Define this if you want GSSAPI support in the version 2 protocol */ -/* #undef GSSAPI */ +#define GSSAPI 1 /* Define if you want to use shadow password expire field */ /* #undef HAS_SHADOW_EXPIRE */ @@ -231,6 +231,9 @@ /* Define to 1 if you have the `clock' function. */ #define HAVE_CLOCK 1 +/* Have clock_gettime */ +#define HAVE_CLOCK_GETTIME 1 + /* define if you have clock_t data type */ #define HAVE_CLOCK_T 1 @@ -243,6 +246,9 @@ /* Define if your system uses ancillary data style file descriptor passing */ #define HAVE_CONTROL_IN_MSGHDR 1 +/* Define to 1 if you have the `crypt' function. */ +#define HAVE_CRYPT 1 + /* Define to 1 if you have the header file. */ /* #undef HAVE_CRYPTO_SHA2_H */ @@ -265,7 +271,11 @@ /* Define to 1 if you have the declaration of `GSS_C_NT_HOSTBASED_SERVICE', and to 0 if you don't. */ -/* #undef HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE */ +#define HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE 1 + +/* Define to 1 if you have the declaration of `howmany', and to 0 if you + don't. */ +#define HAVE_DECL_HOWMANY 1 /* Define to 1 if you have the declaration of `h_errno', and to 0 if you don't. */ @@ -287,6 +297,10 @@ don't. */ #define HAVE_DECL_MAXSYMLINKS 1 +/* Define to 1 if you have the declaration of `NFDBITS', and to 0 if you + don't. */ +#define HAVE_DECL_NFDBITS 1 + /* Define to 1 if you have the declaration of `offsetof', and to 0 if you don't. */ #define HAVE_DECL_OFFSETOF 1 @@ -319,6 +333,9 @@ don't. */ #define HAVE_DECL__GETSHORT 0 +/* Define to 1 if you have the `DES_crypt' function. */ +#define HAVE_DES_CRYPT 1 + /* Define if you have /dev/ptmx */ /* #undef HAVE_DEV_PTMX */ @@ -340,6 +357,9 @@ /* Define to 1 if you have the header file. */ #define HAVE_ELF_H 1 +/* Define to 1 if you have the `endgrent' function. */ +#define HAVE_ENDGRENT 1 + /* Define to 1 if you have the header file. */ /* #undef HAVE_ENDIAN_H */ @@ -373,6 +393,9 @@ /* Define to 1 if you have the header file. */ #define HAVE_FCNTL_H 1 +/* Define to 1 if the system has the type `fd_mask'. */ +#define HAVE_FD_MASK 1 + /* Define to 1 if you have the header file. */ /* #undef HAVE_FEATURES_H */ @@ -512,10 +535,10 @@ /* #undef HAVE_GSSAPI_GSSAPI_GENERIC_H */ /* Define to 1 if you have the header file. */ -/* #undef HAVE_GSSAPI_GSSAPI_H */ +#define HAVE_GSSAPI_GSSAPI_H 1 /* Define to 1 if you have the header file. */ -/* #undef HAVE_GSSAPI_GSSAPI_KRB5_H */ +#define HAVE_GSSAPI_GSSAPI_KRB5_H 1 /* Define to 1 if you have the header file. */ /* #undef HAVE_GSSAPI_H */ @@ -577,6 +600,15 @@ /* Define if you have isblank(3C). */ #define HAVE_ISBLANK 1 +/* Define to 1 if you have the `krb5_cc_new_unique' function. */ +#define HAVE_KRB5_CC_NEW_UNIQUE 1 + +/* Define to 1 if you have the `krb5_free_error_message' function. */ +#define HAVE_KRB5_FREE_ERROR_MESSAGE 1 + +/* Define to 1 if you have the `krb5_get_error_message' function. */ +#define HAVE_KRB5_GET_ERROR_MESSAGE 1 + /* Define to 1 if you have the header file. */ /* #undef HAVE_LASTLOG_H */ @@ -637,6 +669,9 @@ /* Define to 1 if you have the header file. */ /* #undef HAVE_LINUX_SECCOMP_H */ +/* Define to 1 if you have the header file. */ +#define HAVE_LOCALE_H 1 + /* Define to 1 if you have the `login' function. */ /* #undef HAVE_LOGIN */ @@ -664,6 +699,9 @@ /* Define to 1 if you have the header file. */ /* #undef HAVE_MAILLOCK_H */ +/* Define to 1 if you have the `mblen' function. */ +#define HAVE_MBLEN 1 + /* Define to 1 if you have the `md5_crypt' function. */ /* #undef HAVE_MD5_CRYPT */ @@ -770,15 +808,6 @@ /* Define to 1 if you have the `pututxline' function. */ #define HAVE_PUTUTXLINE 1 -/* Define if your password has a pw_change field */ -#define HAVE_PW_CHANGE_IN_PASSWD 1 - -/* Define if your password has a pw_class field */ -#define HAVE_PW_CLASS_IN_PASSWD 1 - -/* Define if your password has a pw_expire field */ -#define HAVE_PW_EXPIRE_IN_PASSWD 1 - /* Define to 1 if you have the `readpassphrase' function. */ #define HAVE_READPASSPHRASE 1 @@ -815,6 +844,9 @@ /* define if you have sa_family_t data type */ #define HAVE_SA_FAMILY_T 1 +/* Define to 1 if you have the `scan_scaled' function. */ +/* #undef HAVE_SCAN_SCALED */ + /* Define if you have SecureWare-based protected password database */ /* #undef HAVE_SECUREWARE */ @@ -1004,6 +1036,18 @@ /* define if you have struct in6_addr data type */ #define HAVE_STRUCT_IN6_ADDR 1 +/* Define to 1 if `pw_change' is a member of `struct passwd'. */ +#define HAVE_STRUCT_PASSWD_PW_CHANGE 1 + +/* Define to 1 if `pw_class' is a member of `struct passwd'. */ +#define HAVE_STRUCT_PASSWD_PW_CLASS 1 + +/* Define to 1 if `pw_expire' is a member of `struct passwd'. */ +#define HAVE_STRUCT_PASSWD_PW_EXPIRE 1 + +/* Define to 1 if `pw_gecos' is a member of `struct passwd'. */ +#define HAVE_STRUCT_PASSWD_PW_GECOS 1 + /* define if you have struct sockaddr_in6 data type */ #define HAVE_STRUCT_SOCKADDR_IN6 1 @@ -1266,7 +1310,7 @@ #define HAVE___func__ 1 /* Define this if you are using the Heimdal version of Kerberos V5 */ -/* #undef HEIMDAL */ +#define HEIMDAL 1 /* Define if you need to use IP address instead of hostname in $DISPLAY */ /* #undef IPADDR_IN_DISPLAY */ @@ -1278,7 +1322,7 @@ /* #undef IP_TOS_IS_BROKEN */ /* Define if you want Kerberos 5 support */ -/* #undef KRB5 */ +#define KRB5 1 /* Define if pututxline updates lastlog too */ /* #undef LASTLOG_WRITE_PUTUTXLINE */ @@ -1324,15 +1368,6 @@ /* Set this to your mail directory if you do not have _PATH_MAILDIR */ /* #undef MAIL_DIRECTORY */ -/* Define on *nto-qnx systems */ -/* #undef MISSING_FD_MASK */ - -/* Define on *nto-qnx systems */ -/* #undef MISSING_HOWMANY */ - -/* Define on *nto-qnx systems */ -/* #undef MISSING_NFDBITS */ - /* Need setpgrp to acquire controlling tty */ /* #undef NEED_SETPGRP */ @@ -1434,7 +1469,7 @@ #define SIZEOF_INT 4 /* The size of `long int', as computed by sizeof. */ -#define SIZEOF_LONG_INT 4 +#define SIZEOF_LONG_INT 8 /* The size of `long long int', as computed by sizeof. */ #define SIZEOF_LONG_LONG_INT 8 @@ -1570,11 +1605,6 @@ /* Define if xauth is found in your path */ /* #undef XAUTH_PATH */ -/* Enable large inode numbers on Mac OS X 10.5. */ -#ifndef _DARWIN_USE_64_BIT_INODE -# define _DARWIN_USE_64_BIT_INODE 1 -#endif - /* Number of bits in a file offset, on hosts where this is settable. */ /* #undef _FILE_OFFSET_BITS */ diff --git a/crypto/openssh/config.h.in b/crypto/openssh/config.h.in index ea3591a0bd4e..b75e501b2042 100644 --- a/crypto/openssh/config.h.in +++ b/crypto/openssh/config.h.in @@ -230,6 +230,9 @@ /* Define to 1 if you have the `clock' function. */ #undef HAVE_CLOCK +/* Have clock_gettime */ +#undef HAVE_CLOCK_GETTIME + /* define if you have clock_t data type */ #undef HAVE_CLOCK_T @@ -242,6 +245,9 @@ /* Define if your system uses ancillary data style file descriptor passing */ #undef HAVE_CONTROL_IN_MSGHDR +/* Define to 1 if you have the `crypt' function. */ +#undef HAVE_CRYPT + /* Define to 1 if you have the header file. */ #undef HAVE_CRYPTO_SHA2_H @@ -266,6 +272,10 @@ and to 0 if you don't. */ #undef HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE +/* Define to 1 if you have the declaration of `howmany', and to 0 if you + don't. */ +#undef HAVE_DECL_HOWMANY + /* Define to 1 if you have the declaration of `h_errno', and to 0 if you don't. */ #undef HAVE_DECL_H_ERRNO @@ -286,6 +296,10 @@ don't. */ #undef HAVE_DECL_MAXSYMLINKS +/* Define to 1 if you have the declaration of `NFDBITS', and to 0 if you + don't. */ +#undef HAVE_DECL_NFDBITS + /* Define to 1 if you have the declaration of `offsetof', and to 0 if you don't. */ #undef HAVE_DECL_OFFSETOF @@ -318,6 +332,9 @@ don't. */ #undef HAVE_DECL__GETSHORT +/* Define to 1 if you have the `DES_crypt' function. */ +#undef HAVE_DES_CRYPT + /* Define if you have /dev/ptmx */ #undef HAVE_DEV_PTMX @@ -339,6 +356,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_ELF_H +/* Define to 1 if you have the `endgrent' function. */ +#undef HAVE_ENDGRENT + /* Define to 1 if you have the header file. */ #undef HAVE_ENDIAN_H @@ -372,6 +392,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_FCNTL_H +/* Define to 1 if the system has the type `fd_mask'. */ +#undef HAVE_FD_MASK + /* Define to 1 if you have the header file. */ #undef HAVE_FEATURES_H @@ -576,6 +599,15 @@ /* Define if you have isblank(3C). */ #undef HAVE_ISBLANK +/* Define to 1 if you have the `krb5_cc_new_unique' function. */ +#undef HAVE_KRB5_CC_NEW_UNIQUE + +/* Define to 1 if you have the `krb5_free_error_message' function. */ +#undef HAVE_KRB5_FREE_ERROR_MESSAGE + +/* Define to 1 if you have the `krb5_get_error_message' function. */ +#undef HAVE_KRB5_GET_ERROR_MESSAGE + /* Define to 1 if you have the header file. */ #undef HAVE_LASTLOG_H @@ -636,6 +668,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_LINUX_SECCOMP_H +/* Define to 1 if you have the header file. */ +#undef HAVE_LOCALE_H + /* Define to 1 if you have the `login' function. */ #undef HAVE_LOGIN @@ -663,6 +698,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_MAILLOCK_H +/* Define to 1 if you have the `mblen' function. */ +#undef HAVE_MBLEN + /* Define to 1 if you have the `md5_crypt' function. */ #undef HAVE_MD5_CRYPT @@ -769,15 +807,6 @@ /* Define to 1 if you have the `pututxline' function. */ #undef HAVE_PUTUTXLINE -/* Define if your password has a pw_change field */ -#undef HAVE_PW_CHANGE_IN_PASSWD - -/* Define if your password has a pw_class field */ -#undef HAVE_PW_CLASS_IN_PASSWD - -/* Define if your password has a pw_expire field */ -#undef HAVE_PW_EXPIRE_IN_PASSWD - /* Define to 1 if you have the `readpassphrase' function. */ #undef HAVE_READPASSPHRASE @@ -814,6 +843,9 @@ /* define if you have sa_family_t data type */ #undef HAVE_SA_FAMILY_T +/* Define to 1 if you have the `scan_scaled' function. */ +#undef HAVE_SCAN_SCALED + /* Define if you have SecureWare-based protected password database */ #undef HAVE_SECUREWARE @@ -1003,6 +1035,18 @@ /* define if you have struct in6_addr data type */ #undef HAVE_STRUCT_IN6_ADDR +/* Define to 1 if `pw_change' is a member of `struct passwd'. */ +#undef HAVE_STRUCT_PASSWD_PW_CHANGE + +/* Define to 1 if `pw_class' is a member of `struct passwd'. */ +#undef HAVE_STRUCT_PASSWD_PW_CLASS + +/* Define to 1 if `pw_expire' is a member of `struct passwd'. */ +#undef HAVE_STRUCT_PASSWD_PW_EXPIRE + +/* Define to 1 if `pw_gecos' is a member of `struct passwd'. */ +#undef HAVE_STRUCT_PASSWD_PW_GECOS + /* define if you have struct sockaddr_in6 data type */ #undef HAVE_STRUCT_SOCKADDR_IN6 @@ -1323,15 +1367,6 @@ /* Set this to your mail directory if you do not have _PATH_MAILDIR */ #undef MAIL_DIRECTORY -/* Define on *nto-qnx systems */ -#undef MISSING_FD_MASK - -/* Define on *nto-qnx systems */ -#undef MISSING_HOWMANY - -/* Define on *nto-qnx systems */ -#undef MISSING_NFDBITS - /* Need setpgrp to acquire controlling tty */ #undef NEED_SETPGRP diff --git a/crypto/openssh/defines.h b/crypto/openssh/defines.h index 64515c2ff55f..d5ce52f32b8b 100644 --- a/crypto/openssh/defines.h +++ b/crypto/openssh/defines.h @@ -25,7 +25,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.171 2013/03/07 09:06:13 dtucker Exp $ */ +/* $Id: defines.h,v 1.172 2013/06/01 21:18:48 dtucker Exp $ */ /* Constants */ @@ -171,11 +171,6 @@ enum # define MAP_FAILED ((void *)-1) #endif -/* *-*-nto-qnx doesn't define this constant in the system headers */ -#ifdef MISSING_NFDBITS -# define NFDBITS (8 * sizeof(unsigned long)) -#endif - /* SCO Open Server 3 has INADDR_LOOPBACK defined in rpc/rpc.h but including rpc/rpc.h breaks Solaris 6 @@ -355,11 +350,19 @@ struct winsize { }; #endif -/* *-*-nto-qnx does not define this type in the system headers */ -#ifdef MISSING_FD_MASK +/* bits needed for select that may not be in the system headers */ +#ifndef HAVE_FD_MASK typedef unsigned long int fd_mask; #endif +#if defined(HAVE_DECL_NFDBITS) && HAVE_DECL_NFDBITS == 0 +# define NFDBITS (8 * sizeof(unsigned long)) +#endif + +#if defined(HAVE_DECL_HOWMANY) && HAVE_DECL_HOWMANY == 0 +# define howmany(x,y) (((x)+((y)-1))/(y)) +#endif + /* Paths */ #ifndef _PATH_BSHELL @@ -484,11 +487,6 @@ struct winsize { # define __nonnull__(x) #endif -/* *-*-nto-qnx doesn't define this macro in the system headers */ -#ifdef MISSING_HOWMANY -# define howmany(x,y) (((x)+((y)-1))/(y)) -#endif - #ifndef OSSH_ALIGNBYTES #define OSSH_ALIGNBYTES (sizeof(int) - 1) #endif diff --git a/crypto/openssh/dh.c b/crypto/openssh/dh.c index d943ca1e1bc2..449dd3858fbf 100644 --- a/crypto/openssh/dh.c +++ b/crypto/openssh/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.49 2011/12/07 05:44:38 djm Exp $ */ +/* $OpenBSD: dh.c,v 1.51 2013/07/02 12:31:43 markus Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -48,6 +48,7 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) const char *errstr = NULL; long long n; + dhg->p = dhg->g = NULL; cp = line; if ((arg = strdelim(&cp)) == NULL) return 0; @@ -59,66 +60,85 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) /* time */ if (cp == NULL || *arg == '\0') - goto fail; + goto truncated; arg = strsep(&cp, " "); /* type */ if (cp == NULL || *arg == '\0') - goto fail; + goto truncated; /* Ensure this is a safe prime */ n = strtonum(arg, 0, 5, &errstr); - if (errstr != NULL || n != MODULI_TYPE_SAFE) + if (errstr != NULL || n != MODULI_TYPE_SAFE) { + error("moduli:%d: type is not %d", linenum, MODULI_TYPE_SAFE); goto fail; + } arg = strsep(&cp, " "); /* tests */ if (cp == NULL || *arg == '\0') - goto fail; + goto truncated; /* Ensure prime has been tested and is not composite */ n = strtonum(arg, 0, 0x1f, &errstr); if (errstr != NULL || - (n & MODULI_TESTS_COMPOSITE) || !(n & ~MODULI_TESTS_COMPOSITE)) + (n & MODULI_TESTS_COMPOSITE) || !(n & ~MODULI_TESTS_COMPOSITE)) { + error("moduli:%d: invalid moduli tests flag", linenum); goto fail; + } arg = strsep(&cp, " "); /* tries */ if (cp == NULL || *arg == '\0') - goto fail; + goto truncated; n = strtonum(arg, 0, 1<<30, &errstr); - if (errstr != NULL || n == 0) + if (errstr != NULL || n == 0) { + error("moduli:%d: invalid primality trial count", linenum); goto fail; + } strsize = strsep(&cp, " "); /* size */ if (cp == NULL || *strsize == '\0' || (dhg->size = (int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 || - errstr) + errstr) { + error("moduli:%d: invalid prime length", linenum); goto fail; + } /* The whole group is one bit larger */ dhg->size++; gen = strsep(&cp, " "); /* gen */ if (cp == NULL || *gen == '\0') - goto fail; + goto truncated; prime = strsep(&cp, " "); /* prime */ - if (cp != NULL || *prime == '\0') + if (cp != NULL || *prime == '\0') { + truncated: + error("moduli:%d: truncated", linenum); goto fail; + } if ((dhg->g = BN_new()) == NULL) fatal("parse_prime: BN_new failed"); if ((dhg->p = BN_new()) == NULL) fatal("parse_prime: BN_new failed"); - if (BN_hex2bn(&dhg->g, gen) == 0) - goto failclean; + if (BN_hex2bn(&dhg->g, gen) == 0) { + error("moduli:%d: could not parse generator value", linenum); + goto fail; + } + if (BN_hex2bn(&dhg->p, prime) == 0) { + error("moduli:%d: could not parse prime value", linenum); + goto fail; + } + if (BN_num_bits(dhg->p) != dhg->size) { + error("moduli:%d: prime has wrong size: actual %d listed %d", + linenum, BN_num_bits(dhg->p), dhg->size - 1); + goto fail; + } + if (BN_cmp(dhg->g, BN_value_one()) <= 0) { + error("moduli:%d: generator is invalid", linenum); + goto fail; + } - if (BN_hex2bn(&dhg->p, prime) == 0) - goto failclean; + return 1; - if (BN_num_bits(dhg->p) != dhg->size) - goto failclean; - - if (BN_is_zero(dhg->g) || BN_is_one(dhg->g)) - goto failclean; - - return (1); - - failclean: - BN_clear_free(dhg->g); - BN_clear_free(dhg->p); fail: + if (dhg->g != NULL) + BN_clear_free(dhg->g); + if (dhg->p != NULL) + BN_clear_free(dhg->p); + dhg->g = dhg->p = NULL; error("Bad prime description in line %d", linenum); - return (0); + return 0; } DH * diff --git a/crypto/openssh/dns.c b/crypto/openssh/dns.c index 9e3084ba5b3b..630b97ae84dc 100644 --- a/crypto/openssh/dns.c +++ b/crypto/openssh/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.28 2012/05/23 03:28:28 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.29 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -261,7 +261,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, if (hostkey_digest_type != dnskey_digest_type) { hostkey_digest_type = dnskey_digest_type; - xfree(hostkey_digest); + free(hostkey_digest); /* Initialize host key parameters */ if (!dns_read_key(&hostkey_algorithm, @@ -281,10 +281,10 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, hostkey_digest_len) == 0) *flags |= DNS_VERIFY_MATCH; } - xfree(dnskey_digest); + free(dnskey_digest); } - xfree(hostkey_digest); /* from key_fingerprint_raw() */ + free(hostkey_digest); /* from key_fingerprint_raw() */ freerrset(fingerprints); if (*flags & DNS_VERIFY_FOUND) @@ -327,7 +327,7 @@ export_dns_rr(const char *hostname, Key *key, FILE *f, int generic) for (i = 0; i < rdata_digest_len; i++) fprintf(f, "%02x", rdata_digest[i]); fprintf(f, "\n"); - xfree(rdata_digest); /* from key_fingerprint_raw() */ + free(rdata_digest); /* from key_fingerprint_raw() */ success = 1; } } diff --git a/crypto/openssh/fixalgorithms b/crypto/openssh/fixalgorithms new file mode 100755 index 000000000000..115dce81c71e --- /dev/null +++ b/crypto/openssh/fixalgorithms @@ -0,0 +1,26 @@ +#!/bin/sh +# +# fixciphers - remove unsupported ciphers from man pages. +# Usage: fixpaths /path/to/sed cipher1 [cipher2] outfile +# +# Author: Darren Tucker (dtucker at zip com.au). Placed in the public domain. + +die() { + echo $* + exit -1 +} + +SED=$1 +shift + +for c in $*; do + subs="$subs -e /.Dq.$c.*$/d" + subs="$subs -e s/$c,//g" +done + +# now remove any entirely empty lines +subs="$subs -e /^$/d" + +${SED} $subs + +exit 0 diff --git a/crypto/openssh/groupaccess.c b/crypto/openssh/groupaccess.c index 2381aeb15b57..1eab10b19641 100644 --- a/crypto/openssh/groupaccess.c +++ b/crypto/openssh/groupaccess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.c,v 1.13 2008/07/04 03:44:59 djm Exp $ */ +/* $OpenBSD: groupaccess.c,v 1.14 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. * @@ -31,6 +31,7 @@ #include #include #include +#include #include #include "xmalloc.h" @@ -68,7 +69,7 @@ ga_init(const char *user, gid_t base) for (i = 0, j = 0; i < ngroups; i++) if ((gr = getgrgid(groups_bygid[i])) != NULL) groups_byname[j++] = xstrdup(gr->gr_name); - xfree(groups_bygid); + free(groups_bygid); return (ngroups = j); } @@ -122,8 +123,8 @@ ga_free(void) if (ngroups > 0) { for (i = 0; i < ngroups; i++) - xfree(groups_byname[i]); + free(groups_byname[i]); ngroups = 0; - xfree(groups_byname); + free(groups_byname); } } diff --git a/crypto/openssh/gss-genr.c b/crypto/openssh/gss-genr.c index 842f38582c0c..bf164a77b60f 100644 --- a/crypto/openssh/gss-genr.c +++ b/crypto/openssh/gss-genr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-genr.c,v 1.20 2009/06/22 05:39:28 dtucker Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.21 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. @@ -59,8 +59,8 @@ void ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len) { if (ctx->oid != GSS_C_NO_OID) { - xfree(ctx->oid->elements); - xfree(ctx->oid); + free(ctx->oid->elements); + free(ctx->oid); } ctx->oid = xmalloc(sizeof(gss_OID_desc)); ctx->oid->length = len; @@ -83,7 +83,7 @@ ssh_gssapi_error(Gssctxt *ctxt) s = ssh_gssapi_last_error(ctxt, NULL, NULL); debug("%s", s); - xfree(s); + free(s); } char * @@ -164,8 +164,8 @@ ssh_gssapi_delete_ctx(Gssctxt **ctx) if ((*ctx)->name != GSS_C_NO_NAME) gss_release_name(&ms, &(*ctx)->name); if ((*ctx)->oid != GSS_C_NO_OID) { - xfree((*ctx)->oid->elements); - xfree((*ctx)->oid); + free((*ctx)->oid->elements); + free((*ctx)->oid); (*ctx)->oid = GSS_C_NO_OID; } if ((*ctx)->creds != GSS_C_NO_CREDENTIAL) @@ -175,7 +175,7 @@ ssh_gssapi_delete_ctx(Gssctxt **ctx) if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL) gss_release_cred(&ms, &(*ctx)->client_creds); - xfree(*ctx); + free(*ctx); *ctx = NULL; } @@ -222,7 +222,7 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name))) ssh_gssapi_error(ctx); - xfree(gssbuf.value); + free(gssbuf.value); return (ctx->major); } diff --git a/crypto/openssh/gss-serv-krb5.c b/crypto/openssh/gss-serv-krb5.c index 5a625acb89a6..87f26831a70d 100644 --- a/crypto/openssh/gss-serv-krb5.c +++ b/crypto/openssh/gss-serv-krb5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: gss-serv-krb5.c,v 1.8 2013/07/20 01:55:13 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -48,12 +48,11 @@ extern ServerOptions options; #ifdef HEIMDAL # include -#else -# ifdef HAVE_GSSAPI_KRB5_H -# include -# elif HAVE_GSSAPI_GSSAPI_KRB5_H -# include -# endif +#endif +#ifdef HAVE_GSSAPI_KRB5_H +# include +#elif HAVE_GSSAPI_GSSAPI_KRB5_H +# include #endif static krb5_context krb_context = NULL; @@ -87,14 +86,16 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name) { krb5_principal princ; int retval; + const char *errmsg; if (ssh_gssapi_krb5_init() == 0) return 0; if ((retval = krb5_parse_name(krb_context, client->exportedname.value, &princ))) { - logit("krb5_parse_name(): %.100s", - krb5_get_err_text(krb_context, retval)); + errmsg = krb5_get_error_message(krb_context, retval); + logit("krb5_parse_name(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); return 0; } if (krb5_kuserok(krb_context, princ, name)) { @@ -120,6 +121,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) krb5_principal princ; OM_uint32 maj_status, min_status; int len; + const char *errmsg; if (client->creds == NULL) { debug("No credentials stored"); @@ -130,30 +132,34 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) return; #ifdef HEIMDAL - if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) { - logit("krb5_cc_gen_new(): %.100s", - krb5_get_err_text(krb_context, problem)); + if ((problem = krb5_cc_new_unique(krb_context, krb5_fcc_ops.prefix, + NULL, &ccache)) != 0) { + errmsg = krb5_get_error_message(krb_context, problem); + logit("krb5_cc_new_unique(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); return; } #else if ((problem = ssh_krb5_cc_gen(krb_context, &ccache))) { - logit("ssh_krb5_cc_gen(): %.100s", - krb5_get_err_text(krb_context, problem)); + errmsg = krb5_get_error_message(krb_context, problem); + logit("ssh_krb5_cc_gen(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); return; } #endif /* #ifdef HEIMDAL */ if ((problem = krb5_parse_name(krb_context, client->exportedname.value, &princ))) { - logit("krb5_parse_name(): %.100s", - krb5_get_err_text(krb_context, problem)); - krb5_cc_destroy(krb_context, ccache); + errmsg = krb5_get_error_message(krb_context, problem); + logit("krb5_parse_name(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); return; } if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) { - logit("krb5_cc_initialize(): %.100s", - krb5_get_err_text(krb_context, problem)); + errmsg = krb5_get_error_message(krb_context, problem); + logit("krb5_cc_initialize(): %.100s", errmsg); + krb5_free_error_message(krb_context, errmsg); krb5_free_principal(krb_context, princ); krb5_cc_destroy(krb_context, ccache); return; diff --git a/crypto/openssh/gss-serv.c b/crypto/openssh/gss-serv.c index c719c1306424..95348e25121d 100644 --- a/crypto/openssh/gss-serv.c +++ b/crypto/openssh/gss-serv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.23 2011/08/01 19:18:15 markus Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.24 2013/07/20 01:55:13 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -50,7 +50,7 @@ static ssh_gssapi_client gssapi_client = { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, - GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL}}; + GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL, NULL}}; ssh_gssapi_mech gssapi_null_mech = { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL}; diff --git a/crypto/openssh/hostfile.c b/crypto/openssh/hostfile.c index b6f924b234cc..2ff4c48b4805 100644 --- a/crypto/openssh/hostfile.c +++ b/crypto/openssh/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.50 2010/12/04 13:31:37 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -64,7 +64,7 @@ struct hostkeys { }; static int -extract_salt(const char *s, u_int l, char *salt, size_t salt_len) +extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len) { char *p, *b64salt; u_int b64len; @@ -96,7 +96,7 @@ extract_salt(const char *s, u_int l, char *salt, size_t salt_len) b64salt[b64len] = '\0'; ret = __b64_pton(b64salt, salt, salt_len); - xfree(b64salt); + free(b64salt); if (ret == -1) { debug2("extract_salt: salt decode error"); return (-1); @@ -115,7 +115,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) { const EVP_MD *md = EVP_sha1(); HMAC_CTX mac_ctx; - char salt[256], result[256], uu_salt[512], uu_result[512]; + u_char salt[256], result[256]; + char uu_salt[512], uu_result[512]; static char encoded[1024]; u_int i, len; @@ -133,7 +134,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) } HMAC_Init(&mac_ctx, salt, len, md); - HMAC_Update(&mac_ctx, host, strlen(host)); + HMAC_Update(&mac_ctx, (u_char *)host, strlen(host)); HMAC_Final(&mac_ctx, result, NULL); HMAC_cleanup(&mac_ctx); @@ -153,7 +154,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) */ int -hostfile_read_key(char **cpp, u_int *bitsp, Key *ret) +hostfile_read_key(char **cpp, int *bitsp, Key *ret) { char *cp; @@ -170,8 +171,10 @@ hostfile_read_key(char **cpp, u_int *bitsp, Key *ret) /* Return results. */ *cpp = cp; - if (bitsp != NULL) - *bitsp = key_size(ret); + if (bitsp != NULL) { + if ((*bitsp = key_size(ret)) <= 0) + return 0; + } return 1; } @@ -327,16 +330,14 @@ free_hostkeys(struct hostkeys *hostkeys) u_int i; for (i = 0; i < hostkeys->num_entries; i++) { - xfree(hostkeys->entries[i].host); - xfree(hostkeys->entries[i].file); + free(hostkeys->entries[i].host); + free(hostkeys->entries[i].file); key_free(hostkeys->entries[i].key); bzero(hostkeys->entries + i, sizeof(*hostkeys->entries)); } - if (hostkeys->entries != NULL) - xfree(hostkeys->entries); - hostkeys->entries = NULL; - hostkeys->num_entries = 0; - xfree(hostkeys); + free(hostkeys->entries); + bzero(hostkeys, sizeof(*hostkeys)); + free(hostkeys); } static int diff --git a/crypto/openssh/hostfile.h b/crypto/openssh/hostfile.h index d84d422ff6ee..679c034f3f6e 100644 --- a/crypto/openssh/hostfile.h +++ b/crypto/openssh/hostfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.h,v 1.19 2010/11/29 23:45:51 djm Exp $ */ +/* $OpenBSD: hostfile.h,v 1.20 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen @@ -40,7 +40,7 @@ HostStatus check_key_in_hostkeys(struct hostkeys *, Key *, int lookup_key_in_hostkeys_by_type(struct hostkeys *, int, const struct hostkey_entry **); -int hostfile_read_key(char **, u_int *, Key *); +int hostfile_read_key(char **, int *, Key *); int add_host_to_hostfile(const char *, const char *, const Key *, int); #define HASH_MAGIC "|1|" diff --git a/crypto/openssh/includes.h b/crypto/openssh/includes.h index 3e206c899a88..07bcd89f2c42 100644 --- a/crypto/openssh/includes.h +++ b/crypto/openssh/includes.h @@ -18,7 +18,9 @@ #include "config.h" +#ifndef _GNU_SOURCE #define _GNU_SOURCE /* activate extra prototypes for glibc */ +#endif #include #include /* For CMSG_* */ diff --git a/crypto/openssh/jpake.c b/crypto/openssh/jpake.c index b010dafaa55f..3dd87916ac60 100644 --- a/crypto/openssh/jpake.c +++ b/crypto/openssh/jpake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: jpake.c,v 1.7 2012/06/18 11:43:53 dtucker Exp $ */ +/* $OpenBSD: jpake.c,v 1.8 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2008 Damien Miller. All rights reserved. * @@ -106,7 +106,7 @@ jpake_free(struct jpake_ctx *pctx) do { \ if ((v) != NULL) { \ bzero((v), (l)); \ - xfree(v); \ + free(v); \ (v) = NULL; \ (l) = 0; \ } \ @@ -134,7 +134,7 @@ jpake_free(struct jpake_ctx *pctx) #undef JPAKE_BUF_CLEAR_FREE bzero(pctx, sizeof(*pctx)); - xfree(pctx); + free(pctx); } /* dump entire jpake_ctx. NB. includes private values! */ @@ -445,7 +445,7 @@ jpake_check_confirm(const BIGNUM *k, expected_confirm_hash_len) == 0) success = 1; bzero(expected_confirm_hash, expected_confirm_hash_len); - xfree(expected_confirm_hash); + free(expected_confirm_hash); debug3("%s: success = %d", __func__, success); return success; } diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c index 28140601166b..ee2563c1ca4a 100644 --- a/crypto/openssh/kex.c +++ b/crypto/openssh/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.88 2013/01/08 18:49:04 markus Exp $ */ +/* $OpenBSD: kex.c,v 1.91 2013/05/17 00:13:13 djm Exp $ */ /* $FreeBSD$ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -63,6 +63,57 @@ extern const EVP_MD *evp_ssh_sha256(void); static void kex_kexinit_finish(Kex *); static void kex_choose_conf(Kex *); +struct kexalg { + char *name; + int type; + int ec_nid; + const EVP_MD *(*mdfunc)(void); +}; +static const struct kexalg kexalgs[] = { + { KEX_DH1, KEX_DH_GRP1_SHA1, 0, EVP_sha1 }, + { KEX_DH14, KEX_DH_GRP14_SHA1, 0, EVP_sha1 }, + { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, EVP_sha1 }, +#ifdef HAVE_EVP_SHA256 + { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, EVP_sha256 }, +#endif +#ifdef OPENSSL_HAS_ECC + { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2, NID_X9_62_prime256v1, EVP_sha256 }, + { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, EVP_sha384 }, + { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, EVP_sha512 }, +#endif + { NULL, -1, -1, NULL}, +}; + +char * +kex_alg_list(void) +{ + char *ret = NULL; + size_t nlen, rlen = 0; + const struct kexalg *k; + + for (k = kexalgs; k->name != NULL; k++) { + if (ret != NULL) + ret[rlen++] = '\n'; + nlen = strlen(k->name); + ret = xrealloc(ret, 1, rlen + nlen + 2); + memcpy(ret + rlen, k->name, nlen + 1); + rlen += nlen; + } + return ret; +} + +static const struct kexalg * +kex_alg_by_name(const char *name) +{ + const struct kexalg *k; + + for (k = kexalgs; k->name != NULL; k++) { + if (strcmp(k->name, name) == 0) + return k; + } + return NULL; +} + /* Validate KEX method name list */ int kex_names_valid(const char *names) @@ -74,20 +125,14 @@ kex_names_valid(const char *names) s = cp = xstrdup(names); for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) { - if (strcmp(p, KEX_DHGEX_SHA256) != 0 && - strcmp(p, KEX_DHGEX_SHA1) != 0 && - strcmp(p, KEX_DH14) != 0 && - strcmp(p, KEX_DH1) != 0 && - (strncmp(p, KEX_ECDH_SHA2_STEM, - sizeof(KEX_ECDH_SHA2_STEM) - 1) != 0 || - kex_ecdh_name_to_nid(p) == -1)) { + if (kex_alg_by_name(p) == NULL) { error("Unsupported KEX algorithm \"%.100s\"", p); - xfree(s); + free(s); return 0; } } debug3("kex names ok: [%s]", names); - xfree(s); + free(s); return 1; } @@ -152,8 +197,8 @@ kex_prop_free(char **proposal) u_int i; for (i = 0; i < PROPOSAL_MAX; i++) - xfree(proposal[i]); - xfree(proposal); + free(proposal[i]); + free(proposal); } /* ARGSUSED */ @@ -190,7 +235,7 @@ kex_finish(Kex *kex) buffer_clear(&kex->peer); /* buffer_clear(&kex->my); */ kex->flags &= ~KEX_INIT_SENT; - xfree(kex->name); + free(kex->name); kex->name = NULL; } @@ -247,7 +292,7 @@ kex_input_kexinit(int type, u_int32_t seq, void *ctxt) for (i = 0; i < KEX_COOKIE_LEN; i++) packet_get_char(); for (i = 0; i < PROPOSAL_MAX; i++) - xfree(packet_get_string(NULL)); + free(packet_get_string(NULL)); /* * XXX RFC4253 sec 7: "each side MAY guess" - currently no supported * KEX method has the server move first, but a server might be using @@ -354,29 +399,16 @@ choose_comp(Comp *comp, char *client, char *server) static void choose_kex(Kex *k, char *client, char *server) { + const struct kexalg *kexalg; + k->name = match_list(client, server, NULL); if (k->name == NULL) fatal("Unable to negotiate a key exchange method"); - if (strcmp(k->name, KEX_DH1) == 0) { - k->kex_type = KEX_DH_GRP1_SHA1; - k->evp_md = EVP_sha1(); - } else if (strcmp(k->name, KEX_DH14) == 0) { - k->kex_type = KEX_DH_GRP14_SHA1; - k->evp_md = EVP_sha1(); - } else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) { - k->kex_type = KEX_DH_GEX_SHA1; - k->evp_md = EVP_sha1(); -#if OPENSSL_VERSION_NUMBER >= 0x00907000L - } else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) { - k->kex_type = KEX_DH_GEX_SHA256; - k->evp_md = evp_ssh_sha256(); - } else if (strncmp(k->name, KEX_ECDH_SHA2_STEM, - sizeof(KEX_ECDH_SHA2_STEM) - 1) == 0) { - k->kex_type = KEX_ECDH_SHA2; - k->evp_md = kex_ecdh_name_to_evpmd(k->name); -#endif - } else - fatal("bad kex alg %s", k->name); + if ((kexalg = kex_alg_by_name(k->name)) == NULL) + fatal("unsupported kex alg %s", k->name); + k->kex_type = kexalg->type; + k->evp_md = kexalg->mdfunc(); + k->ec_nid = kexalg->ec_nid; } static void @@ -388,7 +420,7 @@ choose_hostkeyalg(Kex *k, char *client, char *server) k->hostkey_type = key_type_from_name(hostkeyalg); if (k->hostkey_type == KEY_UNSPEC) fatal("bad hostkey alg '%s'", hostkeyalg); - xfree(hostkeyalg); + free(hostkeyalg); } static int @@ -445,7 +477,7 @@ kex_choose_conf(Kex *kex) roaming = match_list(KEX_RESUME, peer[PROPOSAL_KEX_ALGS], NULL); if (roaming) { kex->roaming = 1; - xfree(roaming); + free(roaming); } } diff --git a/crypto/openssh/kex.h b/crypto/openssh/kex.h index aa57e06d0bf7..26e03c810a22 100644 --- a/crypto/openssh/kex.h +++ b/crypto/openssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.54 2013/01/08 18:49:04 markus Exp $ */ +/* $OpenBSD: kex.h,v 1.56 2013/07/19 07:37:48 markus Exp $ */ /* $FreeBSD$ */ /* @@ -41,8 +41,9 @@ #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" #define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" #define KEX_RESUME "resume@appgate.com" -/* The following represents the family of ECDH methods */ -#define KEX_ECDH_SHA2_STEM "ecdh-sha2-" +#define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" +#define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384" +#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" #define COMP_NONE 0 #define COMP_ZLIB 1 @@ -87,7 +88,7 @@ typedef struct Newkeys Newkeys; struct Enc { char *name; - Cipher *cipher; + const Cipher *cipher; int enabled; u_int key_len; u_int iv_len; @@ -132,16 +133,19 @@ struct Kex { sig_atomic_t done; int flags; const EVP_MD *evp_md; + int ec_nid; char *client_version_string; char *server_version_string; int (*verify_host_key)(Key *); Key *(*load_host_public_key)(int); Key *(*load_host_private_key)(int); int (*host_key_index)(Key *); + void (*sign)(Key *, Key *, u_char **, u_int *, u_char *, u_int); void (*kex[KEX_MAX])(Kex *); }; int kex_names_valid(const char *); +char *kex_alg_list(void); #ifdef NONE_CIPHER_ENABLED void kex_prop2buf(Buffer *, char *[PROPOSAL_MAX]); @@ -175,11 +179,6 @@ void kex_ecdh_hash(const EVP_MD *, const EC_GROUP *, char *, char *, char *, int, char *, int, u_char *, int, const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char **, u_int *); -int kex_ecdh_name_to_nid(const char *); -const EVP_MD *kex_ecdh_name_to_evpmd(const char *); -#else -# define kex_ecdh_name_to_nid(x) (-1) -# define kex_ecdh_name_to_evpmd(x) (NULL) #endif void diff --git a/crypto/openssh/kexdhc.c b/crypto/openssh/kexdhc.c index 76ceb5dd89e0..ccd137cacbf3 100644 --- a/crypto/openssh/kexdhc.c +++ b/crypto/openssh/kexdhc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhc.c,v 1.12 2010/11/10 01:33:07 djm Exp $ */ +/* $OpenBSD: kexdhc.c,v 1.13 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -125,7 +125,7 @@ kexdh_client(Kex *kex) if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) fatal("kexdh_client: BN_bin2bn failed"); memset(kbuf, 0, klen); - xfree(kbuf); + free(kbuf); /* calc and verify H */ kex_dh_hash( @@ -139,14 +139,14 @@ kexdh_client(Kex *kex) shared_secret, &hash, &hashlen ); - xfree(server_host_key_blob); + free(server_host_key_blob); BN_clear_free(dh_server_pub); DH_free(dh); if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1) fatal("key_verify failed for server_host_key"); key_free(server_host_key); - xfree(signature); + free(signature); /* save session id */ if (kex->session_id == NULL) { diff --git a/crypto/openssh/kexdhs.c b/crypto/openssh/kexdhs.c index f56e88764a7c..269d80900c90 100644 --- a/crypto/openssh/kexdhs.c +++ b/crypto/openssh/kexdhs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhs.c,v 1.12 2010/11/10 01:33:07 djm Exp $ */ +/* $OpenBSD: kexdhs.c,v 1.14 2013/07/19 07:37:48 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -80,9 +80,6 @@ kexdh_server(Kex *kex) if (server_host_public == NULL) fatal("Unsupported hostkey type %d", kex->hostkey_type); server_host_private = kex->load_host_private_key(kex->hostkey_type); - if (server_host_private == NULL) - fatal("Missing private key for hostkey type %d", - kex->hostkey_type); /* key, cert */ if ((dh_client_pub = BN_new()) == NULL) @@ -118,7 +115,7 @@ kexdh_server(Kex *kex) if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) fatal("kexdh_server: BN_bin2bn failed"); memset(kbuf, 0, klen); - xfree(kbuf); + free(kbuf); key_to_blob(server_host_public, &server_host_key_blob, &sbloblen); @@ -144,9 +141,8 @@ kexdh_server(Kex *kex) } /* sign H */ - if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash, - hashlen)) < 0) - fatal("kexdh_server: key_sign failed"); + kex->sign(server_host_private, server_host_public, &signature, &slen, + hash, hashlen); /* destroy_sensitive_data(); */ @@ -157,8 +153,8 @@ kexdh_server(Kex *kex) packet_put_string(signature, slen); packet_send(); - xfree(signature); - xfree(server_host_key_blob); + free(signature); + free(server_host_key_blob); /* have keys, free DH */ DH_free(dh); diff --git a/crypto/openssh/kexecdh.c b/crypto/openssh/kexecdh.c index f13f69d3b335..c948fe20a2f8 100644 --- a/crypto/openssh/kexecdh.c +++ b/crypto/openssh/kexecdh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexecdh.c,v 1.3 2010/09/22 05:01:29 djm Exp $ */ +/* $OpenBSD: kexecdh.c,v 1.4 2013/04/19 01:06:50 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -45,24 +45,6 @@ #include "kex.h" #include "log.h" -int -kex_ecdh_name_to_nid(const char *kexname) -{ - if (strlen(kexname) < sizeof(KEX_ECDH_SHA2_STEM) - 1) - fatal("%s: kexname too short \"%s\"", __func__, kexname); - return key_curve_name_to_nid(kexname + sizeof(KEX_ECDH_SHA2_STEM) - 1); -} - -const EVP_MD * -kex_ecdh_name_to_evpmd(const char *kexname) -{ - int nid = kex_ecdh_name_to_nid(kexname); - - if (nid == -1) - fatal("%s: unsupported ECDH curve \"%s\"", __func__, kexname); - return key_ec_nid_to_evpmd(nid); -} - void kex_ecdh_hash( const EVP_MD *evp_md, diff --git a/crypto/openssh/kexecdhc.c b/crypto/openssh/kexecdhc.c index 115d4bf83451..6193836c7d52 100644 --- a/crypto/openssh/kexecdhc.c +++ b/crypto/openssh/kexecdhc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexecdhc.c,v 1.2 2010/09/22 05:01:29 djm Exp $ */ +/* $OpenBSD: kexecdhc.c,v 1.4 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -57,11 +57,8 @@ kexecdh_client(Kex *kex) u_char *server_host_key_blob = NULL, *signature = NULL; u_char *kbuf, *hash; u_int klen, slen, sbloblen, hashlen; - int curve_nid; - if ((curve_nid = kex_ecdh_name_to_nid(kex->name)) == -1) - fatal("%s: unsupported ECDH curve \"%s\"", __func__, kex->name); - if ((client_key = EC_KEY_new_by_curve_name(curve_nid)) == NULL) + if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) fatal("%s: EC_KEY_new_by_curve_name failed", __func__); if (EC_KEY_generate_key(client_key) != 1) fatal("%s: EC_KEY_generate_key failed", __func__); @@ -123,7 +120,7 @@ kexecdh_client(Kex *kex) if (BN_bin2bn(kbuf, klen, shared_secret) == NULL) fatal("%s: BN_bin2bn failed", __func__); memset(kbuf, 0, klen); - xfree(kbuf); + free(kbuf); /* calc and verify H */ kex_ecdh_hash( @@ -139,14 +136,14 @@ kexecdh_client(Kex *kex) shared_secret, &hash, &hashlen ); - xfree(server_host_key_blob); + free(server_host_key_blob); EC_POINT_clear_free(server_public); EC_KEY_free(client_key); if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1) fatal("key_verify failed for server_host_key"); key_free(server_host_key); - xfree(signature); + free(signature); /* save session id */ if (kex->session_id == NULL) { diff --git a/crypto/openssh/kexecdhs.c b/crypto/openssh/kexecdhs.c index 8c515dfa61cf..3a580aacf6c4 100644 --- a/crypto/openssh/kexecdhs.c +++ b/crypto/openssh/kexecdhs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexecdhs.c,v 1.2 2010/09/22 05:01:29 djm Exp $ */ +/* $OpenBSD: kexecdhs.c,v 1.5 2013/07/19 07:37:48 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -59,11 +59,8 @@ kexecdh_server(Kex *kex) u_char *server_host_key_blob = NULL, *signature = NULL; u_char *kbuf, *hash; u_int klen, slen, sbloblen, hashlen; - int curve_nid; - if ((curve_nid = kex_ecdh_name_to_nid(kex->name)) == -1) - fatal("%s: unsupported ECDH curve \"%s\"", __func__, kex->name); - if ((server_key = EC_KEY_new_by_curve_name(curve_nid)) == NULL) + if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL) fatal("%s: EC_KEY_new_by_curve_name failed", __func__); if (EC_KEY_generate_key(server_key) != 1) fatal("%s: EC_KEY_generate_key failed", __func__); @@ -81,9 +78,6 @@ kexecdh_server(Kex *kex) if (server_host_public == NULL) fatal("Unsupported hostkey type %d", kex->hostkey_type); server_host_private = kex->load_host_private_key(kex->hostkey_type); - if (server_host_private == NULL) - fatal("Missing private key for hostkey type %d", - kex->hostkey_type); debug("expecting SSH2_MSG_KEX_ECDH_INIT"); packet_read_expect(SSH2_MSG_KEX_ECDH_INIT); @@ -115,7 +109,7 @@ kexecdh_server(Kex *kex) if (BN_bin2bn(kbuf, klen, shared_secret) == NULL) fatal("%s: BN_bin2bn failed", __func__); memset(kbuf, 0, klen); - xfree(kbuf); + free(kbuf); /* calc H */ key_to_blob(server_host_public, &server_host_key_blob, &sbloblen); @@ -142,9 +136,8 @@ kexecdh_server(Kex *kex) } /* sign H */ - if (PRIVSEP(key_sign(server_host_private, &signature, &slen, - hash, hashlen)) < 0) - fatal("kexdh_server: key_sign failed"); + kex->sign(server_host_private, server_host_public, &signature, &slen, + hash, hashlen); /* destroy_sensitive_data(); */ @@ -155,8 +148,8 @@ kexecdh_server(Kex *kex) packet_put_string(signature, slen); packet_send(); - xfree(signature); - xfree(server_host_key_blob); + free(signature); + free(server_host_key_blob); /* have keys, free server key */ EC_KEY_free(server_key); diff --git a/crypto/openssh/kexgexc.c b/crypto/openssh/kexgexc.c index 79552d70983a..5a3be200523e 100644 --- a/crypto/openssh/kexgexc.c +++ b/crypto/openssh/kexgexc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexc.c,v 1.12 2010/11/10 01:33:07 djm Exp $ */ +/* $OpenBSD: kexgexc.c,v 1.13 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -163,7 +163,7 @@ kexgex_client(Kex *kex) if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) fatal("kexgex_client: BN_bin2bn failed"); memset(kbuf, 0, klen); - xfree(kbuf); + free(kbuf); if (datafellows & SSH_OLD_DHGEX) min = max = -1; @@ -186,13 +186,13 @@ kexgex_client(Kex *kex) /* have keys, free DH */ DH_free(dh); - xfree(server_host_key_blob); + free(server_host_key_blob); BN_clear_free(dh_server_pub); if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1) fatal("key_verify failed for server_host_key"); key_free(server_host_key); - xfree(signature); + free(signature); /* save session id */ if (kex->session_id == NULL) { diff --git a/crypto/openssh/kexgexs.c b/crypto/openssh/kexgexs.c index a5e3df7bcc3b..4e473fc73869 100644 --- a/crypto/openssh/kexgexs.c +++ b/crypto/openssh/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.14 2010/11/10 01:33:07 djm Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.16 2013/07/19 07:37:48 markus Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -68,10 +68,6 @@ kexgex_server(Kex *kex) if (server_host_public == NULL) fatal("Unsupported hostkey type %d", kex->hostkey_type); server_host_private = kex->load_host_private_key(kex->hostkey_type); - if (server_host_private == NULL) - fatal("Missing private key for hostkey type %d", - kex->hostkey_type); - type = packet_read(); switch (type) { @@ -155,7 +151,7 @@ kexgex_server(Kex *kex) if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) fatal("kexgex_server: BN_bin2bn failed"); memset(kbuf, 0, klen); - xfree(kbuf); + free(kbuf); key_to_blob(server_host_public, &server_host_key_blob, &sbloblen); @@ -187,9 +183,8 @@ kexgex_server(Kex *kex) } /* sign H */ - if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash, - hashlen)) < 0) - fatal("kexgex_server: key_sign failed"); + kex->sign(server_host_private, server_host_public, &signature, &slen, + hash, hashlen); /* destroy_sensitive_data(); */ @@ -201,8 +196,8 @@ kexgex_server(Kex *kex) packet_put_string(signature, slen); packet_send(); - xfree(signature); - xfree(server_host_key_blob); + free(signature); + free(server_host_key_blob); /* have keys, free DH */ DH_free(dh); diff --git a/crypto/openssh/key.c b/crypto/openssh/key.c index 4cc5c5d35a83..55ee78998b74 100644 --- a/crypto/openssh/key.c +++ b/crypto/openssh/key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key.c,v 1.100 2013/01/17 23:00:01 djm Exp $ */ +/* $OpenBSD: key.c,v 1.104 2013/05/19 02:42:42 djm Exp $ */ /* * read_bignum(): * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -187,14 +187,13 @@ cert_free(struct KeyCert *cert) buffer_free(&cert->certblob); buffer_free(&cert->critical); buffer_free(&cert->extensions); - if (cert->key_id != NULL) - xfree(cert->key_id); + free(cert->key_id); for (i = 0; i < cert->nprincipals; i++) - xfree(cert->principals[i]); - if (cert->principals != NULL) - xfree(cert->principals); + free(cert->principals[i]); + free(cert->principals); if (cert->signature_key != NULL) key_free(cert->signature_key); + free(cert); } void @@ -238,7 +237,7 @@ key_free(Key *k) k->cert = NULL; } - xfree(k); + free(k); } static int @@ -388,7 +387,7 @@ key_fingerprint_raw(const Key *k, enum fp_type dgst_type, EVP_DigestUpdate(&ctx, blob, len); EVP_DigestFinal(&ctx, retval, dgst_raw_length); memset(blob, 0, len); - xfree(blob); + free(blob); } else { fatal("key_fingerprint_raw: blob is null"); } @@ -570,7 +569,7 @@ key_fingerprint_randomart(u_char *dgst_raw, u_int dgst_raw_len, const Key *k) } char * -key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) +key_fingerprint(const Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) { char *retval = NULL; u_char *dgst_raw; @@ -595,7 +594,7 @@ key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) break; } memset(dgst_raw, 0, dgst_raw_len); - xfree(dgst_raw); + free(dgst_raw); return retval; } @@ -740,11 +739,11 @@ key_read(Key *ret, char **cpp) n = uudecode(cp, blob, len); if (n < 0) { error("key_read: uudecode %s failed", cp); - xfree(blob); + free(blob); return -1; } k = key_from_blob(blob, (u_int)n); - xfree(blob); + free(blob); if (k == NULL) { error("key_read: key_from_blob %s failed", cp); return -1; @@ -885,42 +884,12 @@ key_write(const Key *key, FILE *f) fprintf(f, "%s %s", key_ssh_name(key), uu); success = 1; } - xfree(blob); - xfree(uu); + free(blob); + free(uu); return success; } -const char * -key_type(const Key *k) -{ - switch (k->type) { - case KEY_RSA1: - return "RSA1"; - case KEY_RSA: - return "RSA"; - case KEY_DSA: - return "DSA"; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - return "ECDSA"; -#endif - case KEY_RSA_CERT_V00: - return "RSA-CERT-V00"; - case KEY_DSA_CERT_V00: - return "DSA-CERT-V00"; - case KEY_RSA_CERT: - return "RSA-CERT"; - case KEY_DSA_CERT: - return "DSA-CERT"; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA_CERT: - return "ECDSA-CERT"; -#endif - } - return "unknown"; -} - const char * key_cert_type(const Key *k) { @@ -934,48 +903,59 @@ key_cert_type(const Key *k) } } +struct keytype { + char *name; + char *shortname; + int type; + int nid; + int cert; +}; +static const struct keytype keytypes[] = { + { NULL, "RSA1", KEY_RSA1, 0, 0 }, + { "ssh-rsa", "RSA", KEY_RSA, 0, 0 }, + { "ssh-dss", "DSA", KEY_DSA, 0, 0 }, +#ifdef OPENSSL_HAS_ECC + { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 }, + { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 }, + { "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0 }, +#endif /* OPENSSL_HAS_ECC */ + { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", KEY_RSA_CERT, 0, 1 }, + { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", KEY_DSA_CERT, 0, 1 }, +#ifdef OPENSSL_HAS_ECC + { "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-CERT", + KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1 }, + { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT", + KEY_ECDSA_CERT, NID_secp384r1, 1 }, + { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", + KEY_ECDSA_CERT, NID_secp521r1, 1 }, +#endif /* OPENSSL_HAS_ECC */ + { "ssh-rsa-cert-v00@openssh.com", "RSA-CERT-V00", + KEY_RSA_CERT_V00, 0, 1 }, + { "ssh-dss-cert-v00@openssh.com", "DSA-CERT-V00", + KEY_DSA_CERT_V00, 0, 1 }, + { NULL, NULL, -1, -1, 0 } +}; + +const char * +key_type(const Key *k) +{ + const struct keytype *kt; + + for (kt = keytypes; kt->type != -1; kt++) { + if (kt->type == k->type) + return kt->shortname; + } + return "unknown"; +} + static const char * key_ssh_name_from_type_nid(int type, int nid) { - switch (type) { - case KEY_RSA: - return "ssh-rsa"; - case KEY_DSA: - return "ssh-dss"; - case KEY_RSA_CERT_V00: - return "ssh-rsa-cert-v00@openssh.com"; - case KEY_DSA_CERT_V00: - return "ssh-dss-cert-v00@openssh.com"; - case KEY_RSA_CERT: - return "ssh-rsa-cert-v01@openssh.com"; - case KEY_DSA_CERT: - return "ssh-dss-cert-v01@openssh.com"; -#ifdef OPENSSL_HAS_ECC - case KEY_ECDSA: - switch (nid) { - case NID_X9_62_prime256v1: - return "ecdsa-sha2-nistp256"; - case NID_secp384r1: - return "ecdsa-sha2-nistp384"; - case NID_secp521r1: - return "ecdsa-sha2-nistp521"; - default: - break; - } - break; - case KEY_ECDSA_CERT: - switch (nid) { - case NID_X9_62_prime256v1: - return "ecdsa-sha2-nistp256-cert-v01@openssh.com"; - case NID_secp384r1: - return "ecdsa-sha2-nistp384-cert-v01@openssh.com"; - case NID_secp521r1: - return "ecdsa-sha2-nistp521-cert-v01@openssh.com"; - default: - break; - } - break; -#endif /* OPENSSL_HAS_ECC */ + const struct keytype *kt; + + for (kt = keytypes; kt->type != -1; kt++) { + if (kt->type == type && (kt->nid == 0 || kt->nid == nid)) + return kt->name; } return "ssh-unknown"; } @@ -993,6 +973,56 @@ key_ssh_name_plain(const Key *k) k->ecdsa_nid); } +int +key_type_from_name(char *name) +{ + const struct keytype *kt; + + for (kt = keytypes; kt->type != -1; kt++) { + /* Only allow shortname matches for plain key types */ + if ((kt->name != NULL && strcmp(name, kt->name) == 0) || + (!kt->cert && strcasecmp(kt->shortname, name) == 0)) + return kt->type; + } + debug2("key_type_from_name: unknown key type '%s'", name); + return KEY_UNSPEC; +} + +int +key_ecdsa_nid_from_name(const char *name) +{ + const struct keytype *kt; + + for (kt = keytypes; kt->type != -1; kt++) { + if (kt->type != KEY_ECDSA && kt->type != KEY_ECDSA_CERT) + continue; + if (kt->name != NULL && strcmp(name, kt->name) == 0) + return kt->nid; + } + debug2("%s: unknown/non-ECDSA key type '%s'", __func__, name); + return -1; +} + +char * +key_alg_list(void) +{ + char *ret = NULL; + size_t nlen, rlen = 0; + const struct keytype *kt; + + for (kt = keytypes; kt->type != -1; kt++) { + if (kt->name == NULL) + continue; + if (ret != NULL) + ret[rlen++] = '\n'; + nlen = strlen(kt->name); + ret = xrealloc(ret, 1, rlen + nlen + 2); + memcpy(ret + rlen, kt->name, nlen + 1); + rlen += nlen; + } + return ret; +} + u_int key_size(const Key *k) { @@ -1247,65 +1277,6 @@ key_from_private(const Key *k) return n; } -int -key_type_from_name(char *name) -{ - if (strcmp(name, "rsa1") == 0) { - return KEY_RSA1; - } else if (strcmp(name, "rsa") == 0) { - return KEY_RSA; - } else if (strcmp(name, "dsa") == 0) { - return KEY_DSA; - } else if (strcmp(name, "ssh-rsa") == 0) { - return KEY_RSA; - } else if (strcmp(name, "ssh-dss") == 0) { - return KEY_DSA; -#ifdef OPENSSL_HAS_ECC - } else if (strcmp(name, "ecdsa") == 0 || - strcmp(name, "ecdsa-sha2-nistp256") == 0 || - strcmp(name, "ecdsa-sha2-nistp384") == 0 || - strcmp(name, "ecdsa-sha2-nistp521") == 0) { - return KEY_ECDSA; -#endif - } else if (strcmp(name, "ssh-rsa-cert-v00@openssh.com") == 0) { - return KEY_RSA_CERT_V00; - } else if (strcmp(name, "ssh-dss-cert-v00@openssh.com") == 0) { - return KEY_DSA_CERT_V00; - } else if (strcmp(name, "ssh-rsa-cert-v01@openssh.com") == 0) { - return KEY_RSA_CERT; - } else if (strcmp(name, "ssh-dss-cert-v01@openssh.com") == 0) { - return KEY_DSA_CERT; -#ifdef OPENSSL_HAS_ECC - } else if (strcmp(name, "ecdsa-sha2-nistp256-cert-v01@openssh.com") == 0 || - strcmp(name, "ecdsa-sha2-nistp384-cert-v01@openssh.com") == 0 || - strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0) { - return KEY_ECDSA_CERT; -#endif - } - - debug2("key_type_from_name: unknown key type '%s'", name); - return KEY_UNSPEC; -} - -int -key_ecdsa_nid_from_name(const char *name) -{ -#ifdef OPENSSL_HAS_ECC - if (strcmp(name, "ecdsa-sha2-nistp256") == 0 || - strcmp(name, "ecdsa-sha2-nistp256-cert-v01@openssh.com") == 0) - return NID_X9_62_prime256v1; - if (strcmp(name, "ecdsa-sha2-nistp384") == 0 || - strcmp(name, "ecdsa-sha2-nistp384-cert-v01@openssh.com") == 0) - return NID_secp384r1; - if (strcmp(name, "ecdsa-sha2-nistp521") == 0 || - strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0) - return NID_secp521r1; -#endif /* OPENSSL_HAS_ECC */ - - debug2("%s: unknown/non-ECDSA key type '%s'", __func__, name); - return -1; -} - int key_names_valid2(const char *names) { @@ -1319,12 +1290,12 @@ key_names_valid2(const char *names) switch (key_type_from_name(p)) { case KEY_RSA1: case KEY_UNSPEC: - xfree(s); + free(s); return 0; } } debug3("key names ok: [%s]", names); - xfree(s); + free(s); return 1; } @@ -1446,16 +1417,11 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen) out: buffer_free(&tmp); - if (principals != NULL) - xfree(principals); - if (critical != NULL) - xfree(critical); - if (exts != NULL) - xfree(exts); - if (sig_key != NULL) - xfree(sig_key); - if (sig != NULL) - xfree(sig); + free(principals); + free(critical); + free(exts); + free(sig_key); + free(sig); return ret; } @@ -1575,10 +1541,8 @@ key_from_blob(const u_char *blob, u_int blen) if (key != NULL && rlen != 0) error("key_from_blob: remaining bytes in key blob %d", rlen); out: - if (ktype != NULL) - xfree(ktype); - if (curve != NULL) - xfree(curve); + free(ktype); + free(curve); #ifdef OPENSSL_HAS_ECC if (q != NULL) EC_POINT_free(q); @@ -1928,7 +1892,7 @@ key_certify(Key *k, Key *ca) default: error("%s: key has incorrect type %s", __func__, key_type(k)); buffer_clear(&k->cert->certblob); - xfree(ca_blob); + free(ca_blob); return -1; } @@ -1964,7 +1928,7 @@ key_certify(Key *k, Key *ca) buffer_put_string(&k->cert->certblob, NULL, 0); /* reserved */ buffer_put_string(&k->cert->certblob, ca_blob, ca_len); - xfree(ca_blob); + free(ca_blob); /* Sign the whole mess */ if (key_sign(ca, &sig_blob, &sig_len, buffer_ptr(&k->cert->certblob), @@ -1975,7 +1939,7 @@ key_certify(Key *k, Key *ca) } /* Append signature and we are done */ buffer_put_string(&k->cert->certblob, sig_blob, sig_len); - xfree(sig_blob); + free(sig_blob); return 0; } diff --git a/crypto/openssh/key.h b/crypto/openssh/key.h index ebdf4567767d..17358ae1f082 100644 --- a/crypto/openssh/key.h +++ b/crypto/openssh/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.35 2013/01/17 23:00:01 djm Exp $ */ +/* $OpenBSD: key.h,v 1.37 2013/05/19 02:42:42 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -95,7 +95,7 @@ void key_free(Key *); Key *key_demote(const Key *); int key_equal_public(const Key *, const Key *); int key_equal(const Key *, const Key *); -char *key_fingerprint(Key *, enum fp_type, enum fp_rep); +char *key_fingerprint(const Key *, enum fp_type, enum fp_rep); u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *); const char *key_type(const Key *); const char *key_cert_type(const Key *); @@ -118,15 +118,16 @@ int key_cert_is_legacy(const Key *); int key_ecdsa_nid_from_name(const char *); int key_curve_name_to_nid(const char *); -const char * key_curve_nid_to_name(int); +const char *key_curve_nid_to_name(int); u_int key_curve_nid_to_bits(int); int key_ecdsa_bits_to_nid(int); #ifdef OPENSSL_HAS_ECC int key_ecdsa_key_to_nid(EC_KEY *); -const EVP_MD * key_ec_nid_to_evpmd(int nid); +const EVP_MD *key_ec_nid_to_evpmd(int nid); int key_ec_validate_public(const EC_GROUP *, const EC_POINT *); int key_ec_validate_private(const EC_KEY *); #endif +char *key_alg_list(void); Key *key_from_blob(const u_char *, u_int); int key_to_blob(const Key *, u_char **, u_int *); diff --git a/crypto/openssh/krl.c b/crypto/openssh/krl.c index 4dd245f1deb9..b2d0354f2b4e 100644 --- a/crypto/openssh/krl.c +++ b/crypto/openssh/krl.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.10 2013/02/19 02:12:47 dtucker Exp $ */ +/* $OpenBSD: krl.c,v 1.13 2013/07/20 22:20:42 djm Exp $ */ #include "includes.h" @@ -502,11 +502,11 @@ choose_next_state(int current_state, u_int64_t contig, int final, } debug3("%s: contig %llu last_gap %llu next_gap %llu final %d, costs:" "list %llu range %llu bitmap %llu new bitmap %llu, " - "selected 0x%02x%s", __func__, (unsigned long long)contig, - (unsigned long long)last_gap, (unsigned long long)next_gap, final, - (unsigned long long)cost_list, (unsigned long long)cost_range, - (unsigned long long)cost_bitmap, - (unsigned long long)cost_bitmap_restart, new_state, + "selected 0x%02x%s", __func__, (long long unsigned)contig, + (long long unsigned)last_gap, (long long unsigned)next_gap, final, + (long long unsigned)cost_list, (long long unsigned)cost_range, + (long long unsigned)cost_bitmap, + (long long unsigned)cost_bitmap_restart, new_state, *force_new_section ? " restart" : ""); return new_state; } @@ -542,7 +542,7 @@ revoked_certs_generate(struct revoked_certs *rc, Buffer *buf) rs != NULL; rs = RB_NEXT(revoked_serial_tree, &rc->revoked_serials, rs)) { debug3("%s: serial %llu:%llu state 0x%02x", __func__, - (unsigned long long)rs->lo, (unsigned long long)rs->hi, + (long long unsigned)rs->lo, (long long unsigned)rs->hi, state); /* Check contiguous length and gap to next section (if any) */ @@ -887,9 +887,10 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp, char timestamp[64]; int ret = -1, r, sig_seen; Key *key = NULL, **ca_used = NULL; - u_char type, *blob; - u_int i, j, sig_off, sects_off, blen, format_version, nca_used = 0; + u_char type, *blob, *rdata = NULL; + u_int i, j, sig_off, sects_off, rlen, blen, format_version, nca_used; + nca_used = 0; *krlp = NULL; if (buffer_len(buf) < sizeof(KRL_MAGIC) - 1 || memcmp(buffer_ptr(buf), KRL_MAGIC, sizeof(KRL_MAGIC) - 1) != 0) { @@ -933,7 +934,7 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp, format_timestamp(krl->generated_date, timestamp, sizeof(timestamp)); debug("KRL version %llu generated at %s%s%s", - (unsigned long long)krl->krl_version, timestamp, + (long long unsigned)krl->krl_version, timestamp, *krl->comment ? ": " : "", krl->comment); /* @@ -972,7 +973,7 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp, } /* Check signature over entire KRL up to this point */ if (key_verify(key, blob, blen, - buffer_ptr(buf), buffer_len(buf) - sig_off) == -1) { + buffer_ptr(buf), buffer_len(buf) - sig_off) != 1) { error("bad signaure on KRL"); goto out; } @@ -1015,21 +1016,22 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp, case KRL_SECTION_EXPLICIT_KEY: case KRL_SECTION_FINGERPRINT_SHA1: while (buffer_len(§) > 0) { - if ((blob = buffer_get_string_ret(§, - &blen)) == NULL) { + if ((rdata = buffer_get_string_ret(§, + &rlen)) == NULL) { error("%s: buffer error", __func__); goto out; } if (type == KRL_SECTION_FINGERPRINT_SHA1 && - blen != 20) { + rlen != 20) { error("%s: bad SHA1 length", __func__); goto out; } if (revoke_blob( type == KRL_SECTION_EXPLICIT_KEY ? &krl->revoked_keys : &krl->revoked_sha1s, - blob, blen) != 0) - goto out; /* revoke_blob frees blob */ + rdata, rlen) != 0) + goto out; + rdata = NULL; /* revoke_blob frees blob */ } break; case KRL_SECTION_SIGNATURE: @@ -1095,6 +1097,7 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp, key_free(ca_used[i]); } free(ca_used); + free(rdata); if (key != NULL) key_free(key); buffer_free(©); diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c index d69154a679b1..32e1d2e4512d 100644 --- a/crypto/openssh/log.c +++ b/crypto/openssh/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.43 2012/09/06 04:37:39 dtucker Exp $ */ +/* $OpenBSD: log.c,v 1.45 2013/05/16 09:08:41 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -38,6 +38,7 @@ #include +#include #include #include #include @@ -54,6 +55,7 @@ static LogLevel log_level = SYSLOG_LEVEL_INFO; static int log_on_stderr = 1; +static int log_stderr_fd = STDERR_FILENO; static int log_facility = LOG_AUTH; static char *argv0; static log_handler_fn *log_handler; @@ -344,6 +346,20 @@ log_is_on_stderr(void) return log_on_stderr; } +/* redirect what would usually get written to stderr to specified file */ +void +log_redirect_stderr_to(const char *logfile) +{ + int fd; + + if ((fd = open(logfile, O_WRONLY|O_CREAT|O_APPEND, 0600)) == -1) { + fprintf(stderr, "Couldn't open logfile %s: %s\n", logfile, + strerror(errno)); + exit(1); + } + log_stderr_fd = fd; +} + #define MSGBUFSIZ 1024 void @@ -429,7 +445,7 @@ do_log(LogLevel level, const char *fmt, va_list args) log_handler = tmp_handler; } else if (log_on_stderr) { snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf); - write(STDERR_FILENO, msgbuf, strlen(msgbuf)); + (void)write(log_stderr_fd, msgbuf, strlen(msgbuf)); } else { #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); diff --git a/crypto/openssh/log.h b/crypto/openssh/log.h index e3e328b06be6..ae7df25d344e 100644 --- a/crypto/openssh/log.h +++ b/crypto/openssh/log.h @@ -1,4 +1,4 @@ -/* $OpenBSD: log.h,v 1.19 2012/09/06 04:37:39 dtucker Exp $ */ +/* $OpenBSD: log.h,v 1.20 2013/04/07 02:10:33 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -51,6 +51,7 @@ typedef void (log_handler_fn)(LogLevel, const char *, void *); void log_init(char *, LogLevel, SyslogFacility, int); void log_change_level(LogLevel); int log_is_on_stderr(void); +void log_redirect_stderr_to(const char *); SyslogFacility log_facility_number(char *); const char * log_facility_name(SyslogFacility); diff --git a/crypto/openssh/loginrec.c b/crypto/openssh/loginrec.c index f9662fa5cc96..59e8a44eeeeb 100644 --- a/crypto/openssh/loginrec.c +++ b/crypto/openssh/loginrec.c @@ -347,7 +347,7 @@ logininfo *login_alloc_entry(pid_t pid, const char *username, void login_free_entry(struct logininfo *li) { - xfree(li); + free(li); } diff --git a/crypto/openssh/mac.c b/crypto/openssh/mac.c index 3f2dc6f2a8cc..c4dfb501dd4d 100644 --- a/crypto/openssh/mac.c +++ b/crypto/openssh/mac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mac.c,v 1.21 2012/12/11 22:51:45 sthen Exp $ */ +/* $OpenBSD: mac.c,v 1.24 2013/06/03 00:03:18 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -50,7 +50,7 @@ #define SSH_UMAC 2 /* UMAC (not integrated with OpenSSL) */ #define SSH_UMAC128 3 -struct { +struct macalg { char *name; int type; const EVP_MD * (*mdfunc)(void); @@ -58,7 +58,9 @@ struct { int key_len; /* just for UMAC */ int len; /* just for UMAC */ int etm; /* Encrypt-then-MAC */ -} macs[] = { +}; + +static const struct macalg macs[] = { /* Encrypt-and-MAC (encrypt-and-authenticate) variants */ { "hmac-sha1", SSH_EVP, EVP_sha1, 0, 0, 0, 0 }, { "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, 0, 0, 0 }, @@ -89,38 +91,58 @@ struct { { NULL, 0, NULL, 0, 0, 0, 0 } }; +/* Returns a comma-separated list of supported MACs. */ +char * +mac_alg_list(void) +{ + char *ret = NULL; + size_t nlen, rlen = 0; + const struct macalg *m; + + for (m = macs; m->name != NULL; m++) { + if (ret != NULL) + ret[rlen++] = '\n'; + nlen = strlen(m->name); + ret = xrealloc(ret, 1, rlen + nlen + 2); + memcpy(ret + rlen, m->name, nlen + 1); + rlen += nlen; + } + return ret; +} + static void -mac_setup_by_id(Mac *mac, int which) +mac_setup_by_alg(Mac *mac, const struct macalg *macalg) { int evp_len; - mac->type = macs[which].type; + + mac->type = macalg->type; if (mac->type == SSH_EVP) { - mac->evp_md = (*macs[which].mdfunc)(); + mac->evp_md = macalg->mdfunc(); if ((evp_len = EVP_MD_size(mac->evp_md)) <= 0) fatal("mac %s len %d", mac->name, evp_len); mac->key_len = mac->mac_len = (u_int)evp_len; } else { - mac->mac_len = macs[which].len / 8; - mac->key_len = macs[which].key_len / 8; + mac->mac_len = macalg->len / 8; + mac->key_len = macalg->key_len / 8; mac->umac_ctx = NULL; } - if (macs[which].truncatebits != 0) - mac->mac_len = macs[which].truncatebits / 8; - mac->etm = macs[which].etm; + if (macalg->truncatebits != 0) + mac->mac_len = macalg->truncatebits / 8; + mac->etm = macalg->etm; } int mac_setup(Mac *mac, char *name) { - int i; + const struct macalg *m; - for (i = 0; macs[i].name; i++) { - if (strcmp(name, macs[i].name) == 0) { - if (mac != NULL) - mac_setup_by_id(mac, i); - debug2("mac_setup: found %s", name); - return (0); - } + for (m = macs; m->name != NULL; m++) { + if (strcmp(name, m->name) != 0) + continue; + if (mac != NULL) + mac_setup_by_alg(mac, m); + debug2("mac_setup: found %s", name); + return (0); } debug2("mac_setup: unknown %s", name); return (-1); @@ -152,12 +174,15 @@ mac_init(Mac *mac) u_char * mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) { - static u_char m[EVP_MAX_MD_SIZE]; + static union { + u_char m[EVP_MAX_MD_SIZE]; + u_int64_t for_align; + } u; u_char b[4], nonce[8]; - if (mac->mac_len > sizeof(m)) + if (mac->mac_len > sizeof(u)) fatal("mac_compute: mac too long %u %lu", - mac->mac_len, (u_long)sizeof(m)); + mac->mac_len, (u_long)sizeof(u)); switch (mac->type) { case SSH_EVP: @@ -166,22 +191,22 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) HMAC_Init(&mac->evp_ctx, NULL, 0, NULL); HMAC_Update(&mac->evp_ctx, b, sizeof(b)); HMAC_Update(&mac->evp_ctx, data, datalen); - HMAC_Final(&mac->evp_ctx, m, NULL); + HMAC_Final(&mac->evp_ctx, u.m, NULL); break; case SSH_UMAC: put_u64(nonce, seqno); umac_update(mac->umac_ctx, data, datalen); - umac_final(mac->umac_ctx, m, nonce); + umac_final(mac->umac_ctx, u.m, nonce); break; case SSH_UMAC128: put_u64(nonce, seqno); umac128_update(mac->umac_ctx, data, datalen); - umac128_final(mac->umac_ctx, m, nonce); + umac128_final(mac->umac_ctx, u.m, nonce); break; default: fatal("mac_compute: unknown MAC type"); } - return (m); + return (u.m); } void @@ -213,13 +238,13 @@ mac_valid(const char *names) (p = strsep(&cp, MAC_SEP))) { if (mac_setup(NULL, p) < 0) { debug("bad mac %s [%s]", p, names); - xfree(maclist); + free(maclist); return (0); } else { debug3("mac ok: %s [%s]", p, names); } } debug3("macs ok: [%s]", names); - xfree(maclist); + free(maclist); return (1); } diff --git a/crypto/openssh/mac.h b/crypto/openssh/mac.h index 39f564dd3003..260798ab3b05 100644 --- a/crypto/openssh/mac.h +++ b/crypto/openssh/mac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mac.h,v 1.6 2007/06/07 19:37:34 pvalchev Exp $ */ +/* $OpenBSD: mac.h,v 1.7 2013/04/19 01:06:50 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -24,6 +24,7 @@ */ int mac_valid(const char *); +char *mac_alg_list(void); int mac_setup(Mac *, char *); int mac_init(Mac *); u_char *mac_compute(Mac *, u_int32_t, u_char *, int); diff --git a/crypto/openssh/match.c b/crypto/openssh/match.c index 238947778904..7be7d2c5cd2e 100644 --- a/crypto/openssh/match.c +++ b/crypto/openssh/match.c @@ -1,4 +1,4 @@ -/* $OpenBSD: match.c,v 1.27 2008/06/10 23:06:19 djm Exp $ */ +/* $OpenBSD: match.c,v 1.28 2013/05/17 00:13:13 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -40,6 +40,7 @@ #include #include +#include #include #include "xmalloc.h" @@ -226,14 +227,14 @@ match_user(const char *user, const char *host, const char *ipaddr, if ((ret = match_pattern(user, pat)) == 1) ret = match_host_and_ip(host, ipaddr, p); - xfree(pat); + free(pat); return ret; } /* * Returns first item from client-list that is also supported by server-list, - * caller must xfree() returned string. + * caller must free the returned string. */ #define MAX_PROP 40 #define SEP "," @@ -264,15 +265,15 @@ match_list(const char *client, const char *server, u_int *next) if (next != NULL) *next = (cp == NULL) ? strlen(c) : (u_int)(cp - c); - xfree(c); - xfree(s); + free(c); + free(s); return ret; } } } if (next != NULL) *next = strlen(c); - xfree(c); - xfree(s); + free(c); + free(s); return NULL; } diff --git a/crypto/openssh/misc.c b/crypto/openssh/misc.c index d35472778231..17f0c9fc0883 100644 --- a/crypto/openssh/misc.c +++ b/crypto/openssh/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.86 2011/09/05 05:59:08 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.91 2013/07/12 00:43:50 djm Exp $ */ /* $FreeBSD$ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -128,7 +128,7 @@ unset_nonblock(int fd) const char * ssh_gai_strerror(int gaierr) { - if (gaierr == EAI_SYSTEM) + if (gaierr == EAI_SYSTEM && errno != 0) return strerror(errno); return gai_strerror(gaierr); } @@ -207,16 +207,18 @@ pwcopy(struct passwd *pw) copy->pw_name = xstrdup(pw->pw_name); copy->pw_passwd = xstrdup(pw->pw_passwd); +#ifdef HAVE_STRUCT_PASSWD_PW_GECOS copy->pw_gecos = xstrdup(pw->pw_gecos); +#endif copy->pw_uid = pw->pw_uid; copy->pw_gid = pw->pw_gid; -#ifdef HAVE_PW_EXPIRE_IN_PASSWD +#ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE copy->pw_expire = pw->pw_expire; #endif -#ifdef HAVE_PW_CHANGE_IN_PASSWD +#ifdef HAVE_STRUCT_PASSWD_PW_CHANGE copy->pw_change = pw->pw_change; #endif -#ifdef HAVE_PW_CLASS_IN_PASSWD +#ifdef HAVE_STRUCT_PASSWD_PW_CLASS copy->pw_class = xstrdup(pw->pw_class); #endif copy->pw_dir = xstrdup(pw->pw_dir); @@ -252,13 +254,13 @@ a2tun(const char *s, int *remote) *remote = SSH_TUNID_ANY; sp = xstrdup(s); if ((ep = strchr(sp, ':')) == NULL) { - xfree(sp); + free(sp); return (a2tun(s, NULL)); } ep[0] = '\0'; ep++; *remote = a2tun(ep, NULL); tun = a2tun(sp, NULL); - xfree(sp); + free(sp); return (*remote == SSH_TUNID_ERR ? *remote : tun); } @@ -491,7 +493,7 @@ replacearg(arglist *args, u_int which, char *fmt, ...) if (which >= args->num) fatal("replacearg: tried to replace invalid arg %d >= %d", which, args->num); - xfree(args->list[which]); + free(args->list[which]); args->list[which] = cp; } @@ -502,8 +504,8 @@ freeargs(arglist *args) if (args->list != NULL) { for (i = 0; i < args->num; i++) - xfree(args->list[i]); - xfree(args->list); + free(args->list[i]); + free(args->list); args->nalloc = args->num = 0; args->list = NULL; } @@ -516,8 +518,8 @@ freeargs(arglist *args) char * tilde_expand_filename(const char *filename, uid_t uid) { - const char *path; - char user[128], ret[MAXPATHLEN]; + const char *path, *sep; + char user[128], *ret; struct passwd *pw; u_int len, slash; @@ -537,22 +539,21 @@ tilde_expand_filename(const char *filename, uid_t uid) } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */ fatal("tilde_expand_filename: No such uid %ld", (long)uid); - if (strlcpy(ret, pw->pw_dir, sizeof(ret)) >= sizeof(ret)) - fatal("tilde_expand_filename: Path too long"); - /* Make sure directory has a trailing '/' */ len = strlen(pw->pw_dir); - if ((len == 0 || pw->pw_dir[len - 1] != '/') && - strlcat(ret, "/", sizeof(ret)) >= sizeof(ret)) - fatal("tilde_expand_filename: Path too long"); + if (len == 0 || pw->pw_dir[len - 1] != '/') + sep = "/"; + else + sep = ""; /* Skip leading '/' from specified path */ if (path != NULL) filename = path + 1; - if (strlcat(ret, filename, sizeof(ret)) >= sizeof(ret)) + + if (xasprintf(&ret, "%s%s%s", pw->pw_dir, sep, filename) >= MAXPATHLEN) fatal("tilde_expand_filename: Path too long"); - return (xstrdup(ret)); + return (ret); } /* @@ -854,6 +855,24 @@ ms_to_timeval(struct timeval *tv, int ms) tv->tv_usec = (ms % 1000) * 1000; } +time_t +monotime(void) +{ +#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_MONOTONIC) + struct timespec ts; + static int gettime_failed = 0; + + if (!gettime_failed) { + if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) + return (ts.tv_sec); + debug3("clock_gettime: %s", strerror(errno)); + gettime_failed = 1; + } +#endif + + return time(NULL); +} + void bandwidth_limit_init(struct bwlimit *bw, u_int64_t kbps, size_t buflen) { diff --git a/crypto/openssh/misc.h b/crypto/openssh/misc.h index 5d3d0bd0fb37..710551167a5f 100644 --- a/crypto/openssh/misc.h +++ b/crypto/openssh/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.48 2011/03/29 18:54:17 stevesk Exp $ */ +/* $OpenBSD: misc.h,v 1.49 2013/06/01 13:15:52 dtucker Exp $ */ /* $FreeBSD$ */ /* @@ -36,6 +36,7 @@ char *tohex(const void *, size_t); void sanitise_stdfd(void); void ms_subtract_diff(struct timeval *, int *); void ms_to_timeval(struct timeval *, int); +time_t monotime(void); void sock_set_v6only(int); void sock_get_rcvbuf(int *, int); diff --git a/crypto/openssh/moduli.c b/crypto/openssh/moduli.c index 5267bb9abece..294ff8fde0fa 100644 --- a/crypto/openssh/moduli.c +++ b/crypto/openssh/moduli.c @@ -1,4 +1,4 @@ -/* $OpenBSD: moduli.c,v 1.26 2012/07/06 00:41:59 dtucker Exp $ */ +/* $OpenBSD: moduli.c,v 1.27 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright 1994 Phil Karn * Copyright 1996-1998, 2003 William Allen Simpson @@ -433,9 +433,9 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start) time(&time_stop); - xfree(LargeSieve); - xfree(SmallSieve); - xfree(TinySieve); + free(LargeSieve); + free(SmallSieve); + free(TinySieve); logit("%.24s Found %u candidates", ctime(&time_stop), r); @@ -709,7 +709,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, } time(&time_stop); - xfree(lp); + free(lp); BN_free(p); BN_free(q); BN_CTX_free(ctx); diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c index 8006b833c874..44dff98c93c0 100644 --- a/crypto/openssh/monitor.c +++ b/crypto/openssh/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.120 2012/12/11 22:16:21 markus Exp $ */ +/* $OpenBSD: monitor.c,v 1.127 2013/07/19 07:37:48 markus Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -97,6 +97,7 @@ #include "ssh2.h" #include "jpake.h" #include "roaming.h" +#include "authfd.h" #ifdef GSSAPI static Gssctxt *gsscontext = NULL; @@ -392,7 +393,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) "with SSH protocol 1"); if (authenticated && !auth2_update_methods_lists(authctxt, - auth_method)) { + auth_method, auth_submethod)) { debug3("%s: method %s: partial", __func__, auth_method); authenticated = 0; @@ -422,8 +423,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) } if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) { auth_log(authctxt, authenticated, partial, - auth_method, auth_submethod, - compat20 ? " ssh2" : ""); + auth_method, auth_submethod); if (!authenticated) authctxt->failures++; } @@ -551,7 +551,7 @@ monitor_read_log(struct monitor *pmonitor) do_log2(level, "%s [preauth]", msg); buffer_free(&logmsg); - xfree(msg); + free(msg); return 0; } @@ -642,12 +642,9 @@ static void monitor_reset_key_state(void) { /* reset state */ - if (key_blob != NULL) - xfree(key_blob); - if (hostbased_cuser != NULL) - xfree(hostbased_cuser); - if (hostbased_chost != NULL) - xfree(hostbased_chost); + free(key_blob); + free(hostbased_cuser); + free(hostbased_chost); key_blob = NULL; key_bloblen = 0; key_blobtype = MM_NOKEY; @@ -690,6 +687,8 @@ mm_answer_moduli(int sock, Buffer *m) return (0); } +extern AuthenticationConnection *auth_conn; + int mm_answer_sign(int sock, Buffer *m) { @@ -718,18 +717,24 @@ mm_answer_sign(int sock, Buffer *m) memcpy(session_id2, p, session_id2_len); } - if ((key = get_hostkey_by_index(keyid)) == NULL) + if ((key = get_hostkey_by_index(keyid)) != NULL) { + if (key_sign(key, &signature, &siglen, p, datlen) < 0) + fatal("%s: key_sign failed", __func__); + } else if ((key = get_hostkey_public_by_index(keyid)) != NULL && + auth_conn != NULL) { + if (ssh_agent_sign(auth_conn, key, &signature, &siglen, p, + datlen) < 0) + fatal("%s: ssh_agent_sign failed", __func__); + } else fatal("%s: no hostkey from index %d", __func__, keyid); - if (key_sign(key, &signature, &siglen, p, datlen) < 0) - fatal("%s: key_sign failed", __func__); debug3("%s: signature %p(%u)", __func__, signature, siglen); buffer_clear(m); buffer_put_string(m, signature, siglen); - xfree(p); - xfree(signature); + free(p); + free(signature); mm_request_send(sock, MONITOR_ANS_SIGN, m); @@ -760,7 +765,7 @@ mm_answer_pwnamallow(int sock, Buffer *m) authctxt->user = xstrdup(username); setproctitle("%s [priv]", pwent ? username : "unknown"); - xfree(username); + free(username); buffer_clear(m); @@ -778,8 +783,10 @@ mm_answer_pwnamallow(int sock, Buffer *m) buffer_put_string(m, pwent, sizeof(struct passwd)); buffer_put_cstring(m, pwent->pw_name); buffer_put_cstring(m, "*"); +#ifdef HAVE_STRUCT_PASSWD_PW_GECOS buffer_put_cstring(m, pwent->pw_gecos); -#ifdef HAVE_PW_CLASS_IN_PASSWD +#endif +#ifdef HAVE_STRUCT_PASSWD_PW_CLASS buffer_put_cstring(m, pwent->pw_class); #endif buffer_put_cstring(m, pwent->pw_dir); @@ -838,9 +845,7 @@ int mm_answer_auth2_read_banner(int sock, Buffer *m) banner = auth2_read_banner(); buffer_put_cstring(m, banner != NULL ? banner : ""); mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m); - - if (banner != NULL) - xfree(banner); + free(banner); return (0); } @@ -856,7 +861,7 @@ mm_answer_authserv(int sock, Buffer *m) __func__, authctxt->service, authctxt->style); if (strlen(authctxt->style) == 0) { - xfree(authctxt->style); + free(authctxt->style); authctxt->style = NULL; } @@ -876,7 +881,7 @@ mm_answer_authpassword(int sock, Buffer *m) authenticated = options.password_authentication && auth_password(authctxt, passwd); memset(passwd, 0, strlen(passwd)); - xfree(passwd); + free(passwd); buffer_clear(m); buffer_put_int(m, authenticated); @@ -916,10 +921,10 @@ mm_answer_bsdauthquery(int sock, Buffer *m) mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m); if (success) { - xfree(name); - xfree(infotxt); - xfree(prompts); - xfree(echo_on); + free(name); + free(infotxt); + free(prompts); + free(echo_on); } return (0); @@ -939,7 +944,7 @@ mm_answer_bsdauthrespond(int sock, Buffer *m) auth_userresponse(authctxt->as, response, 0); authctxt->as = NULL; debug3("%s: <%s> = <%d>", __func__, response, authok); - xfree(response); + free(response); buffer_clear(m); buffer_put_int(m, authok); @@ -947,9 +952,10 @@ mm_answer_bsdauthrespond(int sock, Buffer *m) debug3("%s: sending authenticated: %d", __func__, authok); mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m); - if (compat20) - auth_method = "keyboard-interactive"; /* XXX auth_submethod */ - else + if (compat20) { + auth_method = "keyboard-interactive"; + auth_submethod = "bsdauth"; + } else auth_method = "bsdauth"; return (authok != 0); @@ -991,7 +997,7 @@ mm_answer_skeyrespond(int sock, Buffer *m) skey_haskey(authctxt->pw->pw_name) == 0 && skey_passcheck(authctxt->pw->pw_name, response) != -1); - xfree(response); + free(response); buffer_clear(m); buffer_put_int(m, authok); @@ -1076,19 +1082,17 @@ mm_answer_pam_query(int sock, Buffer *m) buffer_clear(m); buffer_put_int(m, ret); buffer_put_cstring(m, name); - xfree(name); + free(name); buffer_put_cstring(m, info); - xfree(info); + free(info); buffer_put_int(m, num); for (i = 0; i < num; ++i) { buffer_put_cstring(m, prompts[i]); - xfree(prompts[i]); + free(prompts[i]); buffer_put_int(m, echo_on[i]); } - if (prompts != NULL) - xfree(prompts); - if (echo_on != NULL) - xfree(echo_on); + free(prompts); + free(echo_on); auth_method = "keyboard-interactive"; auth_submethod = "pam"; mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m); @@ -1111,8 +1115,8 @@ mm_answer_pam_respond(int sock, Buffer *m) resp[i] = buffer_get_string(m, NULL); ret = (sshpam_device.respond)(sshpam_ctxt, num, resp); for (i = 0; i < num; ++i) - xfree(resp[i]); - xfree(resp); + free(resp[i]); + free(resp); } else { ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL); } @@ -1170,6 +1174,7 @@ mm_answer_keyallowed(int sock, Buffer *m) case MM_USERKEY: allowed = options.pubkey_authentication && user_key_allowed(authctxt->pw, key); + pubkey_auth_info(authctxt, key, NULL); auth_method = "publickey"; if (options.pubkey_authentication && allowed != 1) auth_clear_options(); @@ -1178,6 +1183,9 @@ mm_answer_keyallowed(int sock, Buffer *m) allowed = options.hostbased_authentication && hostbased_key_allowed(authctxt->pw, cuser, chost, key); + pubkey_auth_info(authctxt, key, + "client user \"%.100s\", client host \"%.100s\"", + cuser, chost); auth_method = "hostbased"; break; case MM_RSAHOSTKEY: @@ -1209,11 +1217,10 @@ mm_answer_keyallowed(int sock, Buffer *m) hostbased_chost = chost; } else { /* Log failed attempt */ - auth_log(authctxt, 0, 0, auth_method, NULL, - compat20 ? " ssh2" : ""); - xfree(blob); - xfree(cuser); - xfree(chost); + auth_log(authctxt, 0, 0, auth_method, NULL); + free(blob); + free(cuser); + free(chost); } debug3("%s: key %p is %s", @@ -1235,7 +1242,7 @@ static int monitor_valid_userblob(u_char *data, u_int datalen) { Buffer b; - char *p; + char *p, *userstyle; u_int len; int fail = 0; @@ -1256,26 +1263,30 @@ monitor_valid_userblob(u_char *data, u_int datalen) (len != session_id2_len) || (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) fail++; - xfree(p); + free(p); } if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) fail++; - p = buffer_get_string(&b, NULL); - if (strcmp(authctxt->user, p) != 0) { + p = buffer_get_cstring(&b, NULL); + xasprintf(&userstyle, "%s%s%s", authctxt->user, + authctxt->style ? ":" : "", + authctxt->style ? authctxt->style : ""); + if (strcmp(userstyle, p) != 0) { logit("wrong user name passed to monitor: expected %s != %.100s", - authctxt->user, p); + userstyle, p); fail++; } - xfree(p); + free(userstyle); + free(p); buffer_skip_string(&b); if (datafellows & SSH_BUG_PKAUTH) { if (!buffer_get_char(&b)) fail++; } else { - p = buffer_get_string(&b, NULL); + p = buffer_get_cstring(&b, NULL); if (strcmp("publickey", p) != 0) fail++; - xfree(p); + free(p); if (!buffer_get_char(&b)) fail++; buffer_skip_string(&b); @@ -1292,7 +1303,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, char *chost) { Buffer b; - char *p; + char *p, *userstyle; u_int len; int fail = 0; @@ -1304,22 +1315,26 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, (len != session_id2_len) || (timingsafe_bcmp(p, session_id2, session_id2_len) != 0)) fail++; - xfree(p); + free(p); if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) fail++; - p = buffer_get_string(&b, NULL); - if (strcmp(authctxt->user, p) != 0) { + p = buffer_get_cstring(&b, NULL); + xasprintf(&userstyle, "%s%s%s", authctxt->user, + authctxt->style ? ":" : "", + authctxt->style ? authctxt->style : ""); + if (strcmp(userstyle, p) != 0) { logit("wrong user name passed to monitor: expected %s != %.100s", - authctxt->user, p); + userstyle, p); fail++; } - xfree(p); + free(userstyle); + free(p); buffer_skip_string(&b); /* service */ - p = buffer_get_string(&b, NULL); + p = buffer_get_cstring(&b, NULL); if (strcmp(p, "hostbased") != 0) fail++; - xfree(p); + free(p); buffer_skip_string(&b); /* pkalg */ buffer_skip_string(&b); /* pkblob */ @@ -1329,13 +1344,13 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, p[len - 1] = '\0'; if (strcmp(p, chost) != 0) fail++; - xfree(p); + free(p); /* verify client user */ p = buffer_get_string(&b, NULL); if (strcmp(p, cuser) != 0) fail++; - xfree(p); + free(p); if (buffer_len(&b) != 0) fail++; @@ -1384,9 +1399,9 @@ mm_answer_keyverify(int sock, Buffer *m) __func__, key, (verified == 1) ? "verified" : "unverified"); key_free(key); - xfree(blob); - xfree(signature); - xfree(data); + free(blob); + free(signature); + free(data); auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased"; @@ -1514,7 +1529,7 @@ mm_answer_pty_cleanup(int sock, Buffer *m) if ((s = session_by_tty(tty)) != NULL) mm_session_close(s); buffer_clear(m); - xfree(tty); + free(tty); return (0); } @@ -1646,7 +1661,7 @@ mm_answer_rsa_challenge(int sock, Buffer *m) monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1); - xfree(blob); + free(blob); key_free(key); return (0); } @@ -1678,9 +1693,9 @@ mm_answer_rsa_response(int sock, Buffer *m) fatal("%s: received bad response to challenge", __func__); success = auth_rsa_verify_response(key, ssh1_challenge, response); - xfree(blob); + free(blob); key_free(key); - xfree(response); + free(response); auth_method = key_blobtype == MM_RSAUSERKEY ? "rsa" : "rhosts-rsa"; @@ -1759,7 +1774,7 @@ mm_answer_audit_command(int socket, Buffer *m) cmd = buffer_get_string(m, &len); /* sanity check command, if so how? */ audit_run_command(cmd); - xfree(cmd); + free(cmd); return (0); } #endif /* SSH_AUDIT_EVENTS */ @@ -1774,20 +1789,20 @@ monitor_apply_keystate(struct monitor *pmonitor) packet_set_protocol_flags(child_state.ssh1protoflags); packet_set_encryption_key(child_state.ssh1key, child_state.ssh1keylen, child_state.ssh1cipher); - xfree(child_state.ssh1key); + free(child_state.ssh1key); } /* for rc4 and other stateful ciphers */ packet_set_keycontext(MODE_OUT, child_state.keyout); - xfree(child_state.keyout); + free(child_state.keyout); packet_set_keycontext(MODE_IN, child_state.keyin); - xfree(child_state.keyin); + free(child_state.keyin); if (!compat20) { packet_set_iv(MODE_OUT, child_state.ivout); - xfree(child_state.ivout); + free(child_state.ivout); packet_set_iv(MODE_IN, child_state.ivin); - xfree(child_state.ivin); + free(child_state.ivin); } memcpy(&incoming_stream, &child_state.incoming, @@ -1799,18 +1814,22 @@ monitor_apply_keystate(struct monitor *pmonitor) if (options.compression) mm_init_compression(pmonitor->m_zlib); + if (options.rekey_limit || options.rekey_interval) + packet_set_rekey_limits((u_int32_t)options.rekey_limit, + (time_t)options.rekey_interval); + /* Network I/O buffers */ /* XXX inefficient for large buffers, need: buffer_init_from_string */ buffer_clear(packet_get_input()); buffer_append(packet_get_input(), child_state.input, child_state.ilen); memset(child_state.input, 0, child_state.ilen); - xfree(child_state.input); + free(child_state.input); buffer_clear(packet_get_output()); buffer_append(packet_get_output(), child_state.output, child_state.olen); memset(child_state.output, 0, child_state.olen); - xfree(child_state.output); + free(child_state.output); /* Roaming */ if (compat20) @@ -1842,11 +1861,11 @@ mm_get_kex(Buffer *m) blob = buffer_get_string(m, &bloblen); buffer_init(&kex->my); buffer_append(&kex->my, blob, bloblen); - xfree(blob); + free(blob); blob = buffer_get_string(m, &bloblen); buffer_init(&kex->peer); buffer_append(&kex->peer, blob, bloblen); - xfree(blob); + free(blob); kex->done = 1; kex->flags = buffer_get_int(m); kex->client_version_string = buffer_get_string(m, NULL); @@ -1854,6 +1873,7 @@ mm_get_kex(Buffer *m) kex->load_host_public_key=&get_hostkey_public_by_type; kex->load_host_private_key=&get_hostkey_private_by_type; kex->host_key_index=&get_hostkey_index; + kex->sign = sshd_hostkey_sign; return (kex); } @@ -1889,12 +1909,12 @@ mm_get_keystate(struct monitor *pmonitor) blob = buffer_get_string(&m, &bloblen); current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen); - xfree(blob); + free(blob); debug3("%s: Waiting for second key", __func__); blob = buffer_get_string(&m, &bloblen); current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen); - xfree(blob); + free(blob); /* Now get sequence numbers for the packets */ seqnr = buffer_get_int(&m); @@ -1919,13 +1939,13 @@ mm_get_keystate(struct monitor *pmonitor) if (plen != sizeof(child_state.outgoing)) fatal("%s: bad request size", __func__); memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing)); - xfree(p); + free(p); p = buffer_get_string(&m, &plen); if (plen != sizeof(child_state.incoming)) fatal("%s: bad request size", __func__); memcpy(&child_state.incoming, p, sizeof(child_state.incoming)); - xfree(p); + free(p); /* Network I/O buffers */ debug3("%s: Getting Network I/O buffers", __func__); @@ -2047,7 +2067,7 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m) major = ssh_gssapi_server_ctx(&gsscontext, &goid); - xfree(goid.elements); + free(goid.elements); buffer_clear(m); buffer_put_int(m, major); @@ -2072,7 +2092,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) in.value = buffer_get_string(m, &len); in.length = len; major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); - xfree(in.value); + free(in.value); buffer_clear(m); buffer_put_int(m, major); @@ -2104,8 +2124,8 @@ mm_answer_gss_checkmic(int sock, Buffer *m) ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); - xfree(gssbuf.value); - xfree(mic.value); + free(gssbuf.value); + free(mic.value); buffer_clear(m); buffer_put_int(m, ret); @@ -2175,8 +2195,8 @@ mm_answer_jpake_step1(int sock, Buffer *m) bzero(x3_proof, x3_proof_len); bzero(x4_proof, x4_proof_len); - xfree(x3_proof); - xfree(x4_proof); + free(x3_proof); + free(x4_proof); monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_GET_PWDATA, 1); monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 0); @@ -2205,8 +2225,8 @@ mm_answer_jpake_get_pwdata(int sock, Buffer *m) bzero(hash_scheme, strlen(hash_scheme)); bzero(salt, strlen(salt)); - xfree(hash_scheme); - xfree(salt); + free(hash_scheme); + free(salt); monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP2, 1); @@ -2245,8 +2265,8 @@ mm_answer_jpake_step2(int sock, Buffer *m) bzero(x1_proof, x1_proof_len); bzero(x2_proof, x2_proof_len); - xfree(x1_proof); - xfree(x2_proof); + free(x1_proof); + free(x2_proof); buffer_clear(m); @@ -2257,7 +2277,7 @@ mm_answer_jpake_step2(int sock, Buffer *m) mm_request_send(sock, MONITOR_ANS_JPAKE_STEP2, m); bzero(x4_s_proof, x4_s_proof_len); - xfree(x4_s_proof); + free(x4_s_proof); monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_KEY_CONFIRM, 1); @@ -2325,7 +2345,7 @@ mm_answer_jpake_check_confirm(int sock, Buffer *m) JPAKE_DEBUG_CTX((pctx, "check_confirm done in %s", __func__)); bzero(peer_confirm_hash, peer_confirm_hash_len); - xfree(peer_confirm_hash); + free(peer_confirm_hash); buffer_clear(m); buffer_put_int(m, authenticated); diff --git a/crypto/openssh/monitor_mm.c b/crypto/openssh/monitor_mm.c index faf9f3dcb4f6..ee7bad4b454e 100644 --- a/crypto/openssh/monitor_mm.c +++ b/crypto/openssh/monitor_mm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_mm.c,v 1.16 2009/06/22 05:39:28 dtucker Exp $ */ +/* $OpenBSD: monitor_mm.c,v 1.17 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright 2002 Niels Provos * All rights reserved. @@ -35,6 +35,7 @@ #include #include +#include #include #include "xmalloc.h" @@ -124,7 +125,7 @@ mm_freelist(struct mm_master *mmalloc, struct mmtree *head) next = RB_NEXT(mmtree, head, mms); RB_REMOVE(mmtree, head, mms); if (mmalloc == NULL) - xfree(mms); + free(mms); else mm_free(mmalloc, mms); } @@ -147,7 +148,7 @@ mm_destroy(struct mm_master *mm) __func__); #endif if (mm->mmalloc == NULL) - xfree(mm); + free(mm); else mm_free(mm->mmalloc, mm); } @@ -198,7 +199,7 @@ mm_malloc(struct mm_master *mm, size_t size) if (mms->size == 0) { RB_REMOVE(mmtree, &mm->rb_free, mms); if (mm->mmalloc == NULL) - xfree(mms); + free(mms); else mm_free(mm->mmalloc, mms); } @@ -254,7 +255,7 @@ mm_free(struct mm_master *mm, void *address) prev->size += mms->size; RB_REMOVE(mmtree, &mm->rb_free, mms); if (mm->mmalloc == NULL) - xfree(mms); + free(mms); else mm_free(mm->mmalloc, mms); } else @@ -278,7 +279,7 @@ mm_free(struct mm_master *mm, void *address) RB_REMOVE(mmtree, &mm->rb_free, mms); if (mm->mmalloc == NULL) - xfree(mms); + free(mms); else mm_free(mm->mmalloc, mms); } diff --git a/crypto/openssh/monitor_wrap.c b/crypto/openssh/monitor_wrap.c index ea654a73f10a..88ff68330ae9 100644 --- a/crypto/openssh/monitor_wrap.c +++ b/crypto/openssh/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.75 2013/01/08 18:49:04 markus Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.76 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -259,8 +259,10 @@ mm_getpwnamallow(const char *username) fatal("%s: struct passwd size mismatch", __func__); pw->pw_name = buffer_get_string(&m, NULL); pw->pw_passwd = buffer_get_string(&m, NULL); +#ifdef HAVE_STRUCT_PASSWD_PW_GECOS pw->pw_gecos = buffer_get_string(&m, NULL); -#ifdef HAVE_PW_CLASS_IN_PASSWD +#endif +#ifdef HAVE_STRUCT_PASSWD_PW_CLASS pw->pw_class = buffer_get_string(&m, NULL); #endif pw->pw_dir = buffer_get_string(&m, NULL); @@ -286,7 +288,7 @@ mm_getpwnamallow(const char *username) #undef M_CP_STRARRAYOPT copy_set_server_options(&options, newopts, 1); - xfree(newopts); + free(newopts); buffer_free(&m); @@ -312,7 +314,7 @@ mm_auth2_read_banner(void) /* treat empty banner as missing banner */ if (strlen(banner) == 0) { - xfree(banner); + free(banner); banner = NULL; } return (banner); @@ -405,7 +407,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key) buffer_put_cstring(&m, user ? user : ""); buffer_put_cstring(&m, host ? host : ""); buffer_put_string(&m, blob, len); - xfree(blob); + free(blob); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m); @@ -448,7 +450,7 @@ mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen) buffer_put_string(&m, blob, len); buffer_put_string(&m, sig, siglen); buffer_put_string(&m, data, datalen); - xfree(blob); + free(blob); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m); @@ -617,7 +619,7 @@ mm_send_keystate(struct monitor *monitor) keylen = packet_get_encryption_key(key); buffer_put_string(&m, key, keylen); memset(key, 0, keylen); - xfree(key); + free(key); ivlen = packet_get_keyiv_len(MODE_OUT); packet_get_keyiv(MODE_OUT, iv, ivlen); @@ -640,13 +642,13 @@ mm_send_keystate(struct monitor *monitor) fatal("%s: conversion of newkeys failed", __func__); buffer_put_string(&m, blob, bloblen); - xfree(blob); + free(blob); if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen)) fatal("%s: conversion of newkeys failed", __func__); buffer_put_string(&m, blob, bloblen); - xfree(blob); + free(blob); packet_get_state(MODE_OUT, &seqnr, &blocks, &packets, &bytes); buffer_put_int(&m, seqnr); @@ -666,13 +668,13 @@ mm_send_keystate(struct monitor *monitor) p = xmalloc(plen+1); packet_get_keycontext(MODE_OUT, p); buffer_put_string(&m, p, plen); - xfree(p); + free(p); plen = packet_get_keycontext(MODE_IN, NULL); p = xmalloc(plen+1); packet_get_keycontext(MODE_IN, p); buffer_put_string(&m, p, plen); - xfree(p); + free(p); /* Compression state */ debug3("%s: Sending compression state", __func__); @@ -734,10 +736,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen) buffer_free(&m); strlcpy(namebuf, p, namebuflen); /* Possible truncation */ - xfree(p); + free(p); buffer_append(&loginmsg, msg, strlen(msg)); - xfree(msg); + free(msg); if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 || (*ttyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1) @@ -803,7 +805,7 @@ mm_do_pam_account(void) ret = buffer_get_int(&m); msg = buffer_get_string(&m, NULL); buffer_append(&loginmsg, msg, strlen(msg)); - xfree(msg); + free(msg); buffer_free(&m); @@ -1033,7 +1035,7 @@ mm_skey_query(void *ctx, char **name, char **infotxt, mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT); - xfree(challenge); + free(challenge); return (0); } @@ -1107,7 +1109,7 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) if ((key = key_from_blob(blob, blen)) == NULL) fatal("%s: key_from_blob failed", __func__); *rkey = key; - xfree(blob); + free(blob); } buffer_free(&m); @@ -1134,7 +1136,7 @@ mm_auth_rsa_generate_challenge(Key *key) buffer_init(&m); buffer_put_string(&m, blob, blen); - xfree(blob); + free(blob); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSACHALLENGE, &m); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSACHALLENGE, &m); @@ -1163,7 +1165,7 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16]) buffer_init(&m); buffer_put_string(&m, blob, blen); buffer_put_string(&m, response, 16); - xfree(blob); + free(blob); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m); diff --git a/crypto/openssh/mux.c b/crypto/openssh/mux.c index 1ae0e0915df1..f4edf555203d 100644 --- a/crypto/openssh/mux.c +++ b/crypto/openssh/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.38 2013/01/02 00:32:07 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.44 2013/07/12 00:19:58 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -184,7 +184,7 @@ static const struct { /* Cleanup callback fired on closure of mux slave _session_ channel */ /* ARGSUSED */ -void +static void mux_master_session_cleanup_cb(int cid, void *unused) { Channel *cc, *c = channel_by_id(cid); @@ -219,7 +219,8 @@ mux_master_control_cleanup_cb(int cid, void *unused) __func__, c->self, c->remote_id); c->remote_id = -1; sc->ctl_chan = -1; - if (sc->type != SSH_CHANNEL_OPEN) { + if (sc->type != SSH_CHANNEL_OPEN && + sc->type != SSH_CHANNEL_OPENING) { debug2("%s: channel %d: not open", __func__, sc->self); chan_mark_dead(sc); } else { @@ -286,13 +287,13 @@ process_mux_master_hello(u_int rid, Channel *c, Buffer *m, Buffer *r) char *value = buffer_get_string_ret(m, NULL); if (name == NULL || value == NULL) { - if (name != NULL) - xfree(name); + free(name); + free(value); goto malf; } debug2("Unrecognised slave extension \"%s\"", name); - xfree(name); - xfree(value); + free(name); + free(value); } state->hello_rcvd = 1; return 0; @@ -323,21 +324,17 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r) (cctx->term = buffer_get_string_ret(m, &len)) == NULL || (cmd = buffer_get_string_ret(m, &len)) == NULL) { malf: - if (cmd != NULL) - xfree(cmd); - if (reserved != NULL) - xfree(reserved); + free(cmd); + free(reserved); for (j = 0; j < env_len; j++) - xfree(cctx->env[j]); - if (env_len > 0) - xfree(cctx->env); - if (cctx->term != NULL) - xfree(cctx->term); - xfree(cctx); + free(cctx->env[j]); + free(cctx->env); + free(cctx->term); + free(cctx); error("%s: malformed message", __func__); return -1; } - xfree(reserved); + free(reserved); reserved = NULL; while (buffer_len(m) > 0) { @@ -345,7 +342,7 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r) if ((cp = buffer_get_string_ret(m, &len)) == NULL) goto malf; if (!env_permitted(cp)) { - xfree(cp); + free(cp); continue; } cctx->env = xrealloc(cctx->env, env_len + 2, @@ -366,7 +363,7 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r) buffer_init(&cctx->cmd); buffer_append(&cctx->cmd, cmd, strlen(cmd)); - xfree(cmd); + free(cmd); cmd = NULL; /* Gather fds from client */ @@ -377,12 +374,11 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r) for (j = 0; j < i; j++) close(new_fd[j]); for (j = 0; j < env_len; j++) - xfree(cctx->env[j]); - if (env_len > 0) - xfree(cctx->env); - xfree(cctx->term); + free(cctx->env[j]); + free(cctx->env); + free(cctx->term); buffer_free(&cctx->cmd); - xfree(cctx); + free(cctx); /* prepare reply */ buffer_put_int(r, MUX_S_FAILURE); @@ -407,14 +403,14 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r) close(new_fd[0]); close(new_fd[1]); close(new_fd[2]); - xfree(cctx->term); + free(cctx->term); if (env_len != 0) { for (i = 0; i < env_len; i++) - xfree(cctx->env[i]); - xfree(cctx->env); + free(cctx->env[i]); + free(cctx->env); } buffer_free(&cctx->cmd); - xfree(cctx); + free(cctx); return 0; } @@ -619,7 +615,7 @@ mux_confirm_remote_forward(int type, u_int32_t seq, void *ctxt) buffer_put_int(&out, MUX_S_FAILURE); buffer_put_int(&out, fctx->rid); buffer_put_cstring(&out, failmsg); - xfree(failmsg); + free(failmsg); out: buffer_put_string(&c->output, buffer_ptr(&out), buffer_len(&out)); buffer_free(&out); @@ -634,25 +630,28 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) Forward fwd; char *fwd_desc = NULL; u_int ftype; + u_int lport, cport; int i, ret = 0, freefwd = 1; fwd.listen_host = fwd.connect_host = NULL; if (buffer_get_int_ret(&ftype, m) != 0 || (fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL || - buffer_get_int_ret(&fwd.listen_port, m) != 0 || + buffer_get_int_ret(&lport, m) != 0 || (fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL || - buffer_get_int_ret(&fwd.connect_port, m) != 0) { + buffer_get_int_ret(&cport, m) != 0 || + lport > 65535 || cport > 65535) { error("%s: malformed message", __func__); ret = -1; goto out; } - + fwd.listen_port = lport; + fwd.connect_port = cport; if (*fwd.listen_host == '\0') { - xfree(fwd.listen_host); + free(fwd.listen_host); fwd.listen_host = NULL; } if (*fwd.connect_host == '\0') { - xfree(fwd.connect_host); + free(fwd.connect_host); fwd.connect_host = NULL; } @@ -663,10 +662,8 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) ftype != MUX_FWD_DYNAMIC) { logit("%s: invalid forwarding type %u", __func__, ftype); invalid: - if (fwd.listen_host) - xfree(fwd.listen_host); - if (fwd.connect_host) - xfree(fwd.connect_host); + free(fwd.listen_host); + free(fwd.connect_host); buffer_put_int(r, MUX_S_FAILURE); buffer_put_int(r, rid); buffer_put_cstring(r, "Invalid forwarding request"); @@ -768,13 +765,10 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) buffer_put_int(r, MUX_S_OK); buffer_put_int(r, rid); out: - if (fwd_desc != NULL) - xfree(fwd_desc); + free(fwd_desc); if (freefwd) { - if (fwd.listen_host != NULL) - xfree(fwd.listen_host); - if (fwd.connect_host != NULL) - xfree(fwd.connect_host); + free(fwd.listen_host); + free(fwd.connect_host); } return ret; } @@ -787,24 +781,28 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) const char *error_reason = NULL; u_int ftype; int i, listen_port, ret = 0; + u_int lport, cport; fwd.listen_host = fwd.connect_host = NULL; if (buffer_get_int_ret(&ftype, m) != 0 || (fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL || - buffer_get_int_ret(&fwd.listen_port, m) != 0 || + buffer_get_int_ret(&lport, m) != 0 || (fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL || - buffer_get_int_ret(&fwd.connect_port, m) != 0) { + buffer_get_int_ret(&cport, m) != 0 || + lport > 65535 || cport > 65535) { error("%s: malformed message", __func__); ret = -1; goto out; } + fwd.listen_port = lport; + fwd.connect_port = cport; if (*fwd.listen_host == '\0') { - xfree(fwd.listen_host); + free(fwd.listen_host); fwd.listen_host = NULL; } if (*fwd.connect_host == '\0') { - xfree(fwd.connect_host); + free(fwd.connect_host); fwd.connect_host = NULL; } @@ -861,10 +859,8 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) buffer_put_int(r, MUX_S_OK); buffer_put_int(r, rid); - if (found_fwd->listen_host != NULL) - xfree(found_fwd->listen_host); - if (found_fwd->connect_host != NULL) - xfree(found_fwd->connect_host); + free(found_fwd->listen_host); + free(found_fwd->connect_host); found_fwd->listen_host = found_fwd->connect_host = NULL; found_fwd->listen_port = found_fwd->connect_port = 0; } else { @@ -873,12 +869,9 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) buffer_put_cstring(r, error_reason); } out: - if (fwd_desc != NULL) - xfree(fwd_desc); - if (fwd.listen_host != NULL) - xfree(fwd.listen_host); - if (fwd.connect_host != NULL) - xfree(fwd.connect_host); + free(fwd_desc); + free(fwd.listen_host); + free(fwd.connect_host); return ret; } @@ -895,14 +888,12 @@ process_mux_stdio_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) if ((reserved = buffer_get_string_ret(m, NULL)) == NULL || (chost = buffer_get_string_ret(m, NULL)) == NULL || buffer_get_int_ret(&cport, m) != 0) { - if (reserved != NULL) - xfree(reserved); - if (chost != NULL) - xfree(chost); + free(reserved); + free(chost); error("%s: malformed message", __func__); return -1; } - xfree(reserved); + free(reserved); debug2("%s: channel %d: request stdio fwd to %s:%u", __func__, c->self, chost, cport); @@ -914,7 +905,7 @@ process_mux_stdio_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) __func__, i); for (j = 0; j < i; j++) close(new_fd[j]); - xfree(chost); + free(chost); /* prepare reply */ buffer_put_int(r, MUX_S_FAILURE); @@ -938,7 +929,7 @@ process_mux_stdio_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) cleanup: close(new_fd[0]); close(new_fd[1]); - xfree(chost); + free(chost); return 0; } @@ -1000,7 +991,7 @@ process_mux_stop_listening(u_int rid, Channel *c, Buffer *m, Buffer *r) if (mux_listener_channel != NULL) { channel_free(mux_listener_channel); client_stop_mux(); - xfree(options.control_path); + free(options.control_path); options.control_path = NULL; mux_listener_channel = NULL; muxserver_sock = -1; @@ -1100,7 +1091,7 @@ mux_exit_message(Channel *c, int exitval) Buffer m; Channel *mux_chan; - debug3("%s: channel %d: exit message, evitval %d", __func__, c->self, + debug3("%s: channel %d: exit message, exitval %d", __func__, c->self, exitval); if ((mux_chan = channel_by_id(c->ctl_chan)) == NULL) @@ -1197,8 +1188,8 @@ muxserver_listen(void) close(muxserver_sock); muxserver_sock = -1; } - xfree(orig_control_path); - xfree(options.control_path); + free(orig_control_path); + free(options.control_path); options.control_path = NULL; options.control_master = SSHCTL_MASTER_NO; return; @@ -1223,7 +1214,7 @@ muxserver_listen(void) goto disable_mux_master; } unlink(options.control_path); - xfree(options.control_path); + free(options.control_path); options.control_path = orig_control_path; set_nonblock(muxserver_sock); @@ -1308,13 +1299,13 @@ mux_session_confirm(int id, int success, void *arg) cc->mux_pause = 0; /* start processing messages again */ c->open_confirm_ctx = NULL; buffer_free(&cctx->cmd); - xfree(cctx->term); + free(cctx->term); if (cctx->env != NULL) { for (i = 0; cctx->env[i] != NULL; i++) - xfree(cctx->env[i]); - xfree(cctx->env); + free(cctx->env[i]); + free(cctx->env); } - xfree(cctx); + free(cctx); } /* ** Multiplexing client support */ @@ -1444,7 +1435,9 @@ mux_client_read_packet(int fd, Buffer *m) buffer_init(&queue); if (mux_client_read(fd, &queue, 4) != 0) { if ((oerrno = errno) == EPIPE) - debug3("%s: read header failed: %s", __func__, strerror(errno)); + debug3("%s: read header failed: %s", __func__, + strerror(errno)); + buffer_free(&queue); errno = oerrno; return -1; } @@ -1452,6 +1445,7 @@ mux_client_read_packet(int fd, Buffer *m) if (mux_client_read(fd, &queue, need) != 0) { oerrno = errno; debug3("%s: read body failed: %s", __func__, strerror(errno)); + buffer_free(&queue); errno = oerrno; return -1; } @@ -1498,8 +1492,8 @@ mux_client_hello_exchange(int fd) char *value = buffer_get_string(&m, NULL); debug2("Unrecognised master extension \"%s\"", name); - xfree(name); - xfree(value); + free(name); + free(value); } buffer_free(&m); return 0; @@ -1608,7 +1602,7 @@ mux_client_forward(int fd, int cancel_flag, u_int ftype, Forward *fwd) fwd_desc = format_forward(ftype, fwd); debug("Requesting %s %s", cancel_flag ? "cancellation of" : "forwarding of", fwd_desc); - xfree(fwd_desc); + free(fwd_desc); buffer_init(&m); buffer_put_int(&m, cancel_flag ? MUX_C_CLOSE_FWD : MUX_C_OPEN_FWD); @@ -1845,7 +1839,7 @@ mux_client_request_session(int fd) leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); if (muxclient_terminate) { - debug2("Exiting on signal %d", muxclient_terminate); + debug2("Exiting on signal %ld", (long)muxclient_terminate); exitval = 255; } else if (!exitval_seen) { debug2("Control master terminated unexpectedly"); diff --git a/crypto/openssh/myproposal.h b/crypto/openssh/myproposal.h index 26e0029a043c..a2b1a99b6c32 100644 --- a/crypto/openssh/myproposal.h +++ b/crypto/openssh/myproposal.h @@ -27,6 +27,8 @@ #include +/* conditional algorithm support */ + #ifdef OPENSSL_HAS_ECC # define KEX_ECDH_METHODS \ "ecdh-sha2-nistp256," \ @@ -46,12 +48,22 @@ # define HOSTKEY_ECDSA_METHODS #endif -/* Old OpenSSL doesn't support what we need for DHGEX-sha256 */ -#if OPENSSL_VERSION_NUMBER >= 0x00907000L +#ifdef OPENSSL_HAVE_EVPGCM +# define AESGCM_CIPHER_MODES \ + "aes128-gcm@openssh.com,aes256-gcm@openssh.com," +#else +# define AESGCM_CIPHER_MODES +#endif + +#ifdef HAVE_EVP_SHA256 # define KEX_SHA256_METHODS \ "diffie-hellman-group-exchange-sha256," +#define SHA2_HMAC_MODES \ + "hmac-sha2-256," \ + "hmac-sha2-512," #else # define KEX_SHA256_METHODS +# define SHA2_HMAC_MODES #endif # define KEX_DEFAULT_KEX \ @@ -71,23 +83,19 @@ "ssh-rsa," \ "ssh-dss" +/* the actual algorithms */ + #define KEX_DEFAULT_ENCRYPT \ "aes128-ctr,aes192-ctr,aes256-ctr," \ "arcfour256,arcfour128," \ - "aes128-gcm@openssh.com,aes256-gcm@openssh.com," \ + AESGCM_CIPHER_MODES \ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ "aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se" #ifdef NONE_CIPHER_ENABLED #define KEX_ENCRYPT_INCLUDE_NONE KEX_DEFAULT_ENCRYPT \ ",none" #endif -#ifdef HAVE_EVP_SHA256 -#define SHA2_HMAC_MODES \ - "hmac-sha2-256," \ - "hmac-sha2-512," -#else -# define SHA2_HMAC_MODES -#endif + #define KEX_DEFAULT_MAC \ "hmac-md5-etm@openssh.com," \ "hmac-sha1-etm@openssh.com," \ diff --git a/crypto/openssh/openbsd-compat/bsd-cygwin_util.c b/crypto/openssh/openbsd-compat/bsd-cygwin_util.c index d3d2d913a25f..267e77a11b29 100644 --- a/crypto/openssh/openbsd-compat/bsd-cygwin_util.c +++ b/crypto/openssh/openbsd-compat/bsd-cygwin_util.c @@ -97,7 +97,7 @@ fetch_windows_environment(void) void free_windows_environment(char **p) { - xfree(p); + free(p); } #endif /* HAVE_CYGWIN */ diff --git a/crypto/openssh/openbsd-compat/bsd-cygwin_util.h b/crypto/openssh/openbsd-compat/bsd-cygwin_util.h index 6061a6b01916..372e41955ee4 100644 --- a/crypto/openssh/openbsd-compat/bsd-cygwin_util.h +++ b/crypto/openssh/openbsd-compat/bsd-cygwin_util.h @@ -1,4 +1,4 @@ -/* $Id: bsd-cygwin_util.h,v 1.15.4.1 2013/04/04 23:53:31 dtucker Exp $ */ +/* $Id: bsd-cygwin_util.h,v 1.16 2013/04/01 01:40:49 dtucker Exp $ */ /* * Copyright (c) 2000, 2001, 2011, 2013 Corinna Vinschen diff --git a/crypto/openssh/openbsd-compat/bsd-misc.h b/crypto/openssh/openbsd-compat/bsd-misc.h index 430066376a18..e4fa8057c58c 100644 --- a/crypto/openssh/openbsd-compat/bsd-misc.h +++ b/crypto/openssh/openbsd-compat/bsd-misc.h @@ -1,4 +1,4 @@ -/* $Id: bsd-misc.h,v 1.23 2013/03/14 23:34:27 djm Exp $ */ +/* $Id: bsd-misc.h,v 1.25 2013/08/04 11:48:41 dtucker Exp $ */ /* * Copyright (c) 1999-2004 Damien Miller @@ -110,4 +110,16 @@ int isblank(int); pid_t getpgid(pid_t); #endif +#ifndef HAVE_ENDGRENT +# define endgrent() do { } while (0) +#endif + +#ifndef HAVE_KRB5_GET_ERROR_MESSAGE +# define krb5_get_error_message krb5_get_err_text +#endif + +#ifndef HAVE_KRB5_FREE_ERROR_MESSAGE +# define krb5_free_error_message(a,b) do { } while(0) +#endif + #endif /* _BSD_MISC_H */ diff --git a/crypto/openssh/openbsd-compat/getopt.c b/crypto/openssh/openbsd-compat/getopt.c deleted file mode 100644 index 5450e43d957b..000000000000 --- a/crypto/openssh/openbsd-compat/getopt.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (c) 1987, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* OPENBSD ORIGINAL: lib/libc/stdlib/getopt.c */ - -#include "includes.h" -#if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET) - -#if defined(LIBC_SCCS) && !defined(lint) -static char *rcsid = "$OpenBSD: getopt.c,v 1.5 2003/06/02 20:18:37 millert Exp $"; -#endif /* LIBC_SCCS and not lint */ - -#include -#include -#include - -int BSDopterr = 1, /* if error message should be printed */ - BSDoptind = 1, /* index into parent argv vector */ - BSDoptopt, /* character checked for validity */ - BSDoptreset; /* reset getopt */ -char *BSDoptarg; /* argument associated with option */ - -#define BADCH (int)'?' -#define BADARG (int)':' -#define EMSG "" - -/* - * getopt -- - * Parse argc/argv argument vector. - */ -int -BSDgetopt(nargc, nargv, ostr) - int nargc; - char * const *nargv; - const char *ostr; -{ - extern char *__progname; - static char *place = EMSG; /* option letter processing */ - char *oli; /* option letter list index */ - - if (ostr == NULL) - return (-1); - - if (BSDoptreset || !*place) { /* update scanning pointer */ - BSDoptreset = 0; - if (BSDoptind >= nargc || *(place = nargv[BSDoptind]) != '-') { - place = EMSG; - return (-1); - } - if (place[1] && *++place == '-') { /* found "--" */ - ++BSDoptind; - place = EMSG; - return (-1); - } - } /* option letter okay? */ - if ((BSDoptopt = (int)*place++) == (int)':' || - !(oli = strchr(ostr, BSDoptopt))) { - /* - * if the user didn't specify '-' as an option, - * assume it means -1. - */ - if (BSDoptopt == (int)'-') - return (-1); - if (!*place) - ++BSDoptind; - if (BSDopterr && *ostr != ':') - (void)fprintf(stderr, - "%s: illegal option -- %c\n", __progname, BSDoptopt); - return (BADCH); - } - if (*++oli != ':') { /* don't need argument */ - BSDoptarg = NULL; - if (!*place) - ++BSDoptind; - } - else { /* need an argument */ - if (*place) /* no white space */ - BSDoptarg = place; - else if (nargc <= ++BSDoptind) { /* no arg */ - place = EMSG; - if (*ostr == ':') - return (BADARG); - if (BSDopterr) - (void)fprintf(stderr, - "%s: option requires an argument -- %c\n", - __progname, BSDoptopt); - return (BADCH); - } - else /* white space */ - BSDoptarg = nargv[BSDoptind]; - place = EMSG; - ++BSDoptind; - } - return (BSDoptopt); /* dump back option letter */ -} - -#endif /* !defined(HAVE_GETOPT) || !defined(HAVE_OPTRESET) */ diff --git a/crypto/openssh/openbsd-compat/getopt.h b/crypto/openssh/openbsd-compat/getopt.h new file mode 100644 index 000000000000..8eb12447ed64 --- /dev/null +++ b/crypto/openssh/openbsd-compat/getopt.h @@ -0,0 +1,74 @@ +/* $OpenBSD: getopt.h,v 1.2 2008/06/26 05:42:04 ray Exp $ */ +/* $NetBSD: getopt.h,v 1.4 2000/07/07 10:43:54 ad Exp $ */ + +/*- + * Copyright (c) 2000 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Dieter Baron and Thomas Klausner. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _GETOPT_H_ +#define _GETOPT_H_ + +/* + * GNU-like getopt_long() and 4.4BSD getsubopt()/optreset extensions + */ +#define no_argument 0 +#define required_argument 1 +#define optional_argument 2 + +struct option { + /* name of long option */ + const char *name; + /* + * one of no_argument, required_argument, and optional_argument: + * whether option takes an argument + */ + int has_arg; + /* if not NULL, set *flag to val when option found */ + int *flag; + /* if flag not NULL, value to set *flag to; else return value */ + int val; +}; + +int getopt_long(int, char * const *, const char *, + const struct option *, int *); +int getopt_long_only(int, char * const *, const char *, + const struct option *, int *); +#ifndef _GETOPT_DEFINED_ +#define _GETOPT_DEFINED_ +int getopt(int, char * const *, const char *); +int getsubopt(char **, char * const *, char **); + +extern char *optarg; /* getopt(3) external variables */ +extern int opterr; +extern int optind; +extern int optopt; +extern int optreset; +extern char *suboptarg; /* getsubopt(3) external variable */ +#endif + +#endif /* !_GETOPT_H_ */ diff --git a/crypto/openssh/openbsd-compat/getopt_long.c b/crypto/openssh/openbsd-compat/getopt_long.c new file mode 100644 index 000000000000..e28947430578 --- /dev/null +++ b/crypto/openssh/openbsd-compat/getopt_long.c @@ -0,0 +1,532 @@ +/* $OpenBSD: getopt_long.c,v 1.25 2011/03/05 22:10:11 guenther Exp $ */ +/* $NetBSD: getopt_long.c,v 1.15 2002/01/31 22:43:40 tv Exp $ */ + +/* + * Copyright (c) 2002 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + * + * Sponsored in part by the Defense Advanced Research Projects + * Agency (DARPA) and Air Force Research Laboratory, Air Force + * Materiel Command, USAF, under agreement number F39502-99-1-0512. + */ +/*- + * Copyright (c) 2000 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Dieter Baron and Thomas Klausner. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/* OPENBSD ORIGINAL: lib/libc/stdlib/getopt_long.c */ +#include "includes.h" + +#if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET) + +/* + * Some defines to make it easier to keep the code in sync with upstream. + * getopt opterr optind optopt optreset optarg are all in defines.h which is + * pulled in by includes.h. + */ +#define warnx logit + +#if 0 +#include +#include +#endif +#include +#include +#include +#include + +#include "log.h" + +int opterr = 1; /* if error message should be printed */ +int optind = 1; /* index into parent argv vector */ +int optopt = '?'; /* character checked for validity */ +int optreset; /* reset getopt */ +char *optarg; /* argument associated with option */ + +#define PRINT_ERROR ((opterr) && (*options != ':')) + +#define FLAG_PERMUTE 0x01 /* permute non-options to the end of argv */ +#define FLAG_ALLARGS 0x02 /* treat non-options as args to option "-1" */ +#define FLAG_LONGONLY 0x04 /* operate as getopt_long_only */ + +/* return values */ +#define BADCH (int)'?' +#define BADARG ((*options == ':') ? (int)':' : (int)'?') +#define INORDER (int)1 + +#define EMSG "" + +static int getopt_internal(int, char * const *, const char *, + const struct option *, int *, int); +static int parse_long_options(char * const *, const char *, + const struct option *, int *, int); +static int gcd(int, int); +static void permute_args(int, int, int, char * const *); + +static char *place = EMSG; /* option letter processing */ + +/* XXX: set optreset to 1 rather than these two */ +static int nonopt_start = -1; /* first non option argument (for permute) */ +static int nonopt_end = -1; /* first option after non options (for permute) */ + +/* Error messages */ +static const char recargchar[] = "option requires an argument -- %c"; +static const char recargstring[] = "option requires an argument -- %s"; +static const char ambig[] = "ambiguous option -- %.*s"; +static const char noarg[] = "option doesn't take an argument -- %.*s"; +static const char illoptchar[] = "unknown option -- %c"; +static const char illoptstring[] = "unknown option -- %s"; + +/* + * Compute the greatest common divisor of a and b. + */ +static int +gcd(int a, int b) +{ + int c; + + c = a % b; + while (c != 0) { + a = b; + b = c; + c = a % b; + } + + return (b); +} + +/* + * Exchange the block from nonopt_start to nonopt_end with the block + * from nonopt_end to opt_end (keeping the same order of arguments + * in each block). + */ +static void +permute_args(int panonopt_start, int panonopt_end, int opt_end, + char * const *nargv) +{ + int cstart, cyclelen, i, j, ncycle, nnonopts, nopts, pos; + char *swap; + + /* + * compute lengths of blocks and number and size of cycles + */ + nnonopts = panonopt_end - panonopt_start; + nopts = opt_end - panonopt_end; + ncycle = gcd(nnonopts, nopts); + cyclelen = (opt_end - panonopt_start) / ncycle; + + for (i = 0; i < ncycle; i++) { + cstart = panonopt_end+i; + pos = cstart; + for (j = 0; j < cyclelen; j++) { + if (pos >= panonopt_end) + pos -= nnonopts; + else + pos += nopts; + swap = nargv[pos]; + /* LINTED const cast */ + ((char **) nargv)[pos] = nargv[cstart]; + /* LINTED const cast */ + ((char **)nargv)[cstart] = swap; + } + } +} + +/* + * parse_long_options -- + * Parse long options in argc/argv argument vector. + * Returns -1 if short_too is set and the option does not match long_options. + */ +static int +parse_long_options(char * const *nargv, const char *options, + const struct option *long_options, int *idx, int short_too) +{ + char *current_argv, *has_equal; + size_t current_argv_len; + int i, match; + + current_argv = place; + match = -1; + + optind++; + + if ((has_equal = strchr(current_argv, '=')) != NULL) { + /* argument found (--option=arg) */ + current_argv_len = has_equal - current_argv; + has_equal++; + } else + current_argv_len = strlen(current_argv); + + for (i = 0; long_options[i].name; i++) { + /* find matching long option */ + if (strncmp(current_argv, long_options[i].name, + current_argv_len)) + continue; + + if (strlen(long_options[i].name) == current_argv_len) { + /* exact match */ + match = i; + break; + } + /* + * If this is a known short option, don't allow + * a partial match of a single character. + */ + if (short_too && current_argv_len == 1) + continue; + + if (match == -1) /* partial match */ + match = i; + else { + /* ambiguous abbreviation */ + if (PRINT_ERROR) + warnx(ambig, (int)current_argv_len, + current_argv); + optopt = 0; + return (BADCH); + } + } + if (match != -1) { /* option found */ + if (long_options[match].has_arg == no_argument + && has_equal) { + if (PRINT_ERROR) + warnx(noarg, (int)current_argv_len, + current_argv); + /* + * XXX: GNU sets optopt to val regardless of flag + */ + if (long_options[match].flag == NULL) + optopt = long_options[match].val; + else + optopt = 0; + return (BADARG); + } + if (long_options[match].has_arg == required_argument || + long_options[match].has_arg == optional_argument) { + if (has_equal) + optarg = has_equal; + else if (long_options[match].has_arg == + required_argument) { + /* + * optional argument doesn't use next nargv + */ + optarg = nargv[optind++]; + } + } + if ((long_options[match].has_arg == required_argument) + && (optarg == NULL)) { + /* + * Missing argument; leading ':' indicates no error + * should be generated. + */ + if (PRINT_ERROR) + warnx(recargstring, + current_argv); + /* + * XXX: GNU sets optopt to val regardless of flag + */ + if (long_options[match].flag == NULL) + optopt = long_options[match].val; + else + optopt = 0; + --optind; + return (BADARG); + } + } else { /* unknown option */ + if (short_too) { + --optind; + return (-1); + } + if (PRINT_ERROR) + warnx(illoptstring, current_argv); + optopt = 0; + return (BADCH); + } + if (idx) + *idx = match; + if (long_options[match].flag) { + *long_options[match].flag = long_options[match].val; + return (0); + } else + return (long_options[match].val); +} + +/* + * getopt_internal -- + * Parse argc/argv argument vector. Called by user level routines. + */ +static int +getopt_internal(int nargc, char * const *nargv, const char *options, + const struct option *long_options, int *idx, int flags) +{ + char *oli; /* option letter list index */ + int optchar, short_too; + static int posixly_correct = -1; + + if (options == NULL) + return (-1); + + /* + * XXX Some GNU programs (like cvs) set optind to 0 instead of + * XXX using optreset. Work around this braindamage. + */ + if (optind == 0) + optind = optreset = 1; + + /* + * Disable GNU extensions if POSIXLY_CORRECT is set or options + * string begins with a '+'. + */ + if (posixly_correct == -1 || optreset) + posixly_correct = (getenv("POSIXLY_CORRECT") != NULL); + if (*options == '-') + flags |= FLAG_ALLARGS; + else if (posixly_correct || *options == '+') + flags &= ~FLAG_PERMUTE; + if (*options == '+' || *options == '-') + options++; + + optarg = NULL; + if (optreset) + nonopt_start = nonopt_end = -1; +start: + if (optreset || !*place) { /* update scanning pointer */ + optreset = 0; + if (optind >= nargc) { /* end of argument vector */ + place = EMSG; + if (nonopt_end != -1) { + /* do permutation, if we have to */ + permute_args(nonopt_start, nonopt_end, + optind, nargv); + optind -= nonopt_end - nonopt_start; + } + else if (nonopt_start != -1) { + /* + * If we skipped non-options, set optind + * to the first of them. + */ + optind = nonopt_start; + } + nonopt_start = nonopt_end = -1; + return (-1); + } + if (*(place = nargv[optind]) != '-' || + (place[1] == '\0' && strchr(options, '-') == NULL)) { + place = EMSG; /* found non-option */ + if (flags & FLAG_ALLARGS) { + /* + * GNU extension: + * return non-option as argument to option 1 + */ + optarg = nargv[optind++]; + return (INORDER); + } + if (!(flags & FLAG_PERMUTE)) { + /* + * If no permutation wanted, stop parsing + * at first non-option. + */ + return (-1); + } + /* do permutation */ + if (nonopt_start == -1) + nonopt_start = optind; + else if (nonopt_end != -1) { + permute_args(nonopt_start, nonopt_end, + optind, nargv); + nonopt_start = optind - + (nonopt_end - nonopt_start); + nonopt_end = -1; + } + optind++; + /* process next argument */ + goto start; + } + if (nonopt_start != -1 && nonopt_end == -1) + nonopt_end = optind; + + /* + * If we have "-" do nothing, if "--" we are done. + */ + if (place[1] != '\0' && *++place == '-' && place[1] == '\0') { + optind++; + place = EMSG; + /* + * We found an option (--), so if we skipped + * non-options, we have to permute. + */ + if (nonopt_end != -1) { + permute_args(nonopt_start, nonopt_end, + optind, nargv); + optind -= nonopt_end - nonopt_start; + } + nonopt_start = nonopt_end = -1; + return (-1); + } + } + + /* + * Check long options if: + * 1) we were passed some + * 2) the arg is not just "-" + * 3) either the arg starts with -- we are getopt_long_only() + */ + if (long_options != NULL && place != nargv[optind] && + (*place == '-' || (flags & FLAG_LONGONLY))) { + short_too = 0; + if (*place == '-') + place++; /* --foo long option */ + else if (*place != ':' && strchr(options, *place) != NULL) + short_too = 1; /* could be short option too */ + + optchar = parse_long_options(nargv, options, long_options, + idx, short_too); + if (optchar != -1) { + place = EMSG; + return (optchar); + } + } + + if ((optchar = (int)*place++) == (int)':' || + (optchar == (int)'-' && *place != '\0') || + (oli = strchr(options, optchar)) == NULL) { + /* + * If the user specified "-" and '-' isn't listed in + * options, return -1 (non-option) as per POSIX. + * Otherwise, it is an unknown option character (or ':'). + */ + if (optchar == (int)'-' && *place == '\0') + return (-1); + if (!*place) + ++optind; + if (PRINT_ERROR) + warnx(illoptchar, optchar); + optopt = optchar; + return (BADCH); + } + if (long_options != NULL && optchar == 'W' && oli[1] == ';') { + /* -W long-option */ + if (*place) /* no space */ + /* NOTHING */; + else if (++optind >= nargc) { /* no arg */ + place = EMSG; + if (PRINT_ERROR) + warnx(recargchar, optchar); + optopt = optchar; + return (BADARG); + } else /* white space */ + place = nargv[optind]; + optchar = parse_long_options(nargv, options, long_options, + idx, 0); + place = EMSG; + return (optchar); + } + if (*++oli != ':') { /* doesn't take argument */ + if (!*place) + ++optind; + } else { /* takes (optional) argument */ + optarg = NULL; + if (*place) /* no white space */ + optarg = place; + else if (oli[1] != ':') { /* arg not optional */ + if (++optind >= nargc) { /* no arg */ + place = EMSG; + if (PRINT_ERROR) + warnx(recargchar, optchar); + optopt = optchar; + return (BADARG); + } else + optarg = nargv[optind]; + } + place = EMSG; + ++optind; + } + /* dump back option letter */ + return (optchar); +} + +/* + * getopt -- + * Parse argc/argv argument vector. + * + * [eventually this will replace the BSD getopt] + */ +int +getopt(int nargc, char * const *nargv, const char *options) +{ + + /* + * We don't pass FLAG_PERMUTE to getopt_internal() since + * the BSD getopt(3) (unlike GNU) has never done this. + * + * Furthermore, since many privileged programs call getopt() + * before dropping privileges it makes sense to keep things + * as simple (and bug-free) as possible. + */ + return (getopt_internal(nargc, nargv, options, NULL, NULL, 0)); +} + +#if 0 +/* + * getopt_long -- + * Parse argc/argv argument vector. + */ +int +getopt_long(int nargc, char * const *nargv, const char *options, + const struct option *long_options, int *idx) +{ + + return (getopt_internal(nargc, nargv, options, long_options, idx, + FLAG_PERMUTE)); +} + +/* + * getopt_long_only -- + * Parse argc/argv argument vector. + */ +int +getopt_long_only(int nargc, char * const *nargv, const char *options, + const struct option *long_options, int *idx) +{ + + return (getopt_internal(nargc, nargv, options, long_options, idx, + FLAG_PERMUTE|FLAG_LONGONLY)); +} +#endif + +#endif /* !defined(HAVE_GETOPT) || !defined(HAVE_OPTRESET) */ diff --git a/crypto/openssh/openbsd-compat/getrrsetbyname-ldns.c b/crypto/openssh/openbsd-compat/getrrsetbyname-ldns.c index 19666346bdea..343720f1091c 100644 --- a/crypto/openssh/openbsd-compat/getrrsetbyname-ldns.c +++ b/crypto/openssh/openbsd-compat/getrrsetbyname-ldns.c @@ -58,7 +58,6 @@ #define malloc(x) (xmalloc(x)) #define calloc(x, y) (xcalloc((x),(y))) -#define free(x) (xfree(x)) int getrrsetbyname(const char *hostname, unsigned int rdclass, diff --git a/crypto/openssh/openbsd-compat/openbsd-compat.h b/crypto/openssh/openbsd-compat/openbsd-compat.h index a8c579f49663..392fa38dc09b 100644 --- a/crypto/openssh/openbsd-compat/openbsd-compat.h +++ b/crypto/openssh/openbsd-compat/openbsd-compat.h @@ -1,4 +1,4 @@ -/* $Id: openbsd-compat.h,v 1.55 2013/02/15 01:20:42 dtucker Exp $ */ +/* $Id: openbsd-compat.h,v 1.58 2013/06/05 22:30:21 dtucker Exp $ */ /* * Copyright (c) 1999-2003 Damien Miller. All rights reserved. @@ -111,6 +111,10 @@ char *dirname(const char *path); int fmt_scaled(long long number, char *result); #endif +#ifndef HAVE_SCAN_SCALED +int scan_scaled(char *, long long *); +#endif + #if defined(BROKEN_INET_NTOA) || !defined(HAVE_INET_NTOA) char *inet_ntoa(struct in_addr in); #endif @@ -139,6 +143,7 @@ int getgrouplist(const char *, gid_t, gid_t *, int *); #if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET) int BSDgetopt(int argc, char * const *argv, const char *opts); +#include "openbsd-compat/getopt.h" #endif #if defined(HAVE_DECL_WRITEV) && HAVE_DECL_WRITEV == 0 @@ -202,6 +207,11 @@ unsigned long long strtoull(const char *, char **, int); long long strtonum(const char *, long long, long long, const char **); #endif +/* multibyte character support */ +#ifndef HAVE_MBLEN +# define mblen(x, y) 1 +#endif + #if !defined(HAVE_VASPRINTF) || !defined(HAVE_VSNPRINTF) # include #endif diff --git a/crypto/openssh/openbsd-compat/port-aix.c b/crypto/openssh/openbsd-compat/port-aix.c index 0bdefbf6da00..8da367d48891 100644 --- a/crypto/openssh/openbsd-compat/port-aix.c +++ b/crypto/openssh/openbsd-compat/port-aix.c @@ -86,7 +86,7 @@ aix_usrinfo(struct passwd *pw) fatal("Couldn't set usrinfo: %s", strerror(errno)); debug3("AIX/UsrInfo: set len %d", i); - xfree(cp); + free(cp); } # ifdef WITH_AIXAUTHENTICATE @@ -215,16 +215,14 @@ sys_auth_passwd(Authctxt *ctxt, const char *password) default: /* user can't change(2) or other error (-1) */ logit("Password can't be changed for user %s: %.100s", name, msg); - if (msg) - xfree(msg); + free(msg); authsuccess = 0; } aix_restoreauthdb(); } - if (authmsg != NULL) - xfree(authmsg); + free(authmsg); return authsuccess; } @@ -269,7 +267,7 @@ sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg) if (!permitted) logit("Login restricted for %s: %.100s", pw->pw_name, msg); - xfree(msg); + free(msg); return permitted; } diff --git a/crypto/openssh/openbsd-compat/port-linux.c b/crypto/openssh/openbsd-compat/port-linux.c index aba75387c754..4637a7a3e16f 100644 --- a/crypto/openssh/openbsd-compat/port-linux.c +++ b/crypto/openssh/openbsd-compat/port-linux.c @@ -1,4 +1,4 @@ -/* $Id: port-linux.c,v 1.17 2012/03/08 23:25:18 djm Exp $ */ +/* $Id: port-linux.c,v 1.18 2013/06/01 22:07:32 dtucker Exp $ */ /* * Copyright (c) 2005 Daniel Walsh @@ -96,10 +96,8 @@ ssh_selinux_getctxbyname(char *pwname) } #ifdef HAVE_GETSEUSERBYNAME - if (sename != NULL) - xfree(sename); - if (lvl != NULL) - xfree(lvl); + free(sename); + free(lvl); #endif return sc; @@ -217,8 +215,8 @@ ssh_selinux_change_context(const char *newname) if (setcon(newctx) < 0) switchlog("%s: setcon %s from %s failed with %s", __func__, newctx, oldctx, strerror(errno)); - xfree(oldctx); - xfree(newctx); + free(oldctx); + free(newctx); } void diff --git a/crypto/openssh/openbsd-compat/xcrypt.c b/crypto/openssh/openbsd-compat/xcrypt.c index 6291e2884c5c..c8aea461d1ab 100644 --- a/crypto/openssh/openbsd-compat/xcrypt.c +++ b/crypto/openssh/openbsd-compat/xcrypt.c @@ -55,7 +55,12 @@ # if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) # include "md5crypt.h" -# endif +# endif + +# if !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT) +# include +# define crypt DES_crypt +# endif char * xcrypt(const char *password, const char *salt) diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c index 1fb89d36ffc3..3d8256fc23f6 100644 --- a/crypto/openssh/packet.c +++ b/crypto/openssh/packet.c @@ -1,5 +1,4 @@ -/* $OpenBSD: packet.c,v 1.181 2013/02/10 23:35:24 djm Exp $ */ -/* $OpenBSD: packet.c,v 1.182 2013/04/11 02:27:50 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.188 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -59,6 +58,7 @@ #include #include #include +#include #include "xmalloc.h" #include "buffer.h" @@ -166,9 +166,14 @@ struct session_state { Newkeys *newkeys[MODE_MAX]; struct packet_state p_read, p_send; + /* Volume-based rekeying */ u_int64_t max_blocks_in, max_blocks_out; u_int32_t rekey_limit; + /* Time-based rekeying */ + time_t rekey_interval; /* how often in seconds */ + time_t rekey_time; /* time of last rekeying */ + /* Session key for protocol v1 */ u_char ssh1_key[SSH_SESSION_KEY_LENGTH]; u_int ssh1_keylen; @@ -219,7 +224,7 @@ alloc_session_state(void) void packet_set_connection(int fd_in, int fd_out) { - Cipher *none = cipher_by_name("none"); + const Cipher *none = cipher_by_name("none"); if (none == NULL) fatal("packet_set_connection: cannot load cipher 'none'"); @@ -549,7 +554,7 @@ packet_start_compression(int level) void packet_set_encryption_key(const u_char *key, u_int keylen, int number) { - Cipher *cipher = cipher_by_number(number); + const Cipher *cipher = cipher_by_number(number); if (cipher == NULL) fatal("packet_set_encryption_key: unknown cipher number %d", number); @@ -764,13 +769,13 @@ set_newkeys(int mode) memset(enc->iv, 0, enc->iv_len); memset(enc->key, 0, enc->key_len); memset(mac->key, 0, mac->key_len); - xfree(enc->name); - xfree(enc->iv); - xfree(enc->key); - xfree(mac->name); - xfree(mac->key); - xfree(comp->name); - xfree(active_state->newkeys[mode]); + free(enc->name); + free(enc->iv); + free(enc->key); + free(mac->name); + free(mac->key); + free(comp->name); + free(active_state->newkeys[mode]); } active_state->newkeys[mode] = kex_get_newkeys(mode); if (active_state->newkeys[mode] == NULL) @@ -1013,6 +1018,7 @@ packet_send2(void) /* after a NEWKEYS message we can send the complete queue */ if (type == SSH2_MSG_NEWKEYS) { active_state->rekeying = 0; + active_state->rekey_time = monotime(); while ((p = TAILQ_FIRST(&active_state->outgoing))) { type = p->type; debug("dequeue packet: %u", type); @@ -1020,7 +1026,7 @@ packet_send2(void) memcpy(&active_state->outgoing_packet, &p->payload, sizeof(Buffer)); TAILQ_REMOVE(&active_state->outgoing, p, next); - xfree(p); + free(p); packet_send2_wrapped(); } } @@ -1045,7 +1051,7 @@ packet_send(void) int packet_read_seqnr(u_int32_t *seqnr_p) { - int type, len, ret, ms_remain, cont; + int type, len, ret, cont, ms_remain = 0; fd_set *setp; char buf[8192]; struct timeval timeout, start, *timeoutp = NULL; @@ -1070,7 +1076,7 @@ packet_read_seqnr(u_int32_t *seqnr_p) packet_check_eom(); /* If we got a packet, return it. */ if (type != SSH_MSG_NONE) { - xfree(setp); + free(setp); return type; } /* @@ -1458,9 +1464,9 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) packet_get_char(); msg = packet_get_string(NULL); debug("Remote: %.900s", msg); - xfree(msg); + free(msg); msg = packet_get_string(NULL); - xfree(msg); + free(msg); break; case SSH2_MSG_DISCONNECT: reason = packet_get_int(); @@ -1471,7 +1477,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR, "Received disconnect from %s: %u: %.400s", get_remote_ipaddr(), reason, msg); - xfree(msg); + free(msg); cleanup_exit(255); break; case SSH2_MSG_UNIMPLEMENTED: @@ -1485,12 +1491,14 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) } else { type = packet_read_poll1(); switch (type) { + case SSH_MSG_NONE: + return SSH_MSG_NONE; case SSH_MSG_IGNORE: break; case SSH_MSG_DEBUG: msg = packet_get_string(NULL); debug("Remote: %.900s", msg); - xfree(msg); + free(msg); break; case SSH_MSG_DISCONNECT: msg = packet_get_string(NULL); @@ -1499,8 +1507,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) cleanup_exit(255); break; default: - if (type) - DBG(debug("received packet type %d", type)); + DBG(debug("received packet type %d", type)); return type; } } @@ -1737,7 +1744,7 @@ void packet_write_wait(void) { fd_set *setp; - int ret, ms_remain; + int ret, ms_remain = 0; struct timeval start, timeout, *timeoutp = NULL; setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1, @@ -1778,7 +1785,7 @@ packet_write_wait(void) } packet_write_poll(); } - xfree(setp); + free(setp); } /* Returns true if there is buffered data to write to the connection. */ @@ -1952,13 +1959,33 @@ packet_need_rekeying(void) (active_state->max_blocks_out && (active_state->p_send.blocks > active_state->max_blocks_out)) || (active_state->max_blocks_in && - (active_state->p_read.blocks > active_state->max_blocks_in)); + (active_state->p_read.blocks > active_state->max_blocks_in)) || + (active_state->rekey_interval != 0 && active_state->rekey_time + + active_state->rekey_interval <= monotime()); } void -packet_set_rekey_limit(u_int32_t bytes) +packet_set_rekey_limits(u_int32_t bytes, time_t seconds) { + debug3("rekey after %lld bytes, %d seconds", (long long)bytes, + (int)seconds); active_state->rekey_limit = bytes; + active_state->rekey_interval = seconds; + /* + * We set the time here so that in post-auth privsep slave we count + * from the completion of the authentication. + */ + active_state->rekey_time = monotime(); +} + +time_t +packet_get_rekey_timeout(void) +{ + time_t seconds; + + seconds = active_state->rekey_time + active_state->rekey_interval - + monotime(); + return (seconds <= 0 ? 1 : seconds); } void diff --git a/crypto/openssh/packet.h b/crypto/openssh/packet.h index 74fffe7153d6..524b920d52a9 100644 --- a/crypto/openssh/packet.h +++ b/crypto/openssh/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.57 2012/01/25 19:40:09 markus Exp $ */ +/* $OpenBSD: packet.h,v 1.59 2013/07/12 00:19:59 djm Exp $ */ /* $FreeBSD$ */ /* @@ -75,7 +75,7 @@ void *packet_get_raw(u_int *length_ptr); void *packet_get_string(u_int *length_ptr); char *packet_get_cstring(u_int *length_ptr); void *packet_get_string_ptr(u_int *length_ptr); -void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void packet_disconnect(const char *fmt,...) __attribute__((noreturn)) __attribute__((format(printf, 1, 2))); void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); void set_newkeys(int mode); @@ -122,7 +122,8 @@ int packet_need_rekeying(void); #ifdef NONE_CIPHER_ENABLED void packet_request_rekeying(void); #endif -void packet_set_rekey_limit(u_int32_t); +void packet_set_rekey_limits(u_int32_t, time_t); +time_t packet_get_rekey_timeout(void); void packet_backup_state(void); void packet_restore_state(void); diff --git a/crypto/openssh/pathnames.h b/crypto/openssh/pathnames.h index 813af9a49349..c750646c6426 100644 --- a/crypto/openssh/pathnames.h +++ b/crypto/openssh/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.22 2011/05/23 03:30:07 djm Exp $ */ +/* $OpenBSD: pathnames.h,v 1.23 2013/04/05 00:31:49 djm Exp $ */ /* * Author: Tatu Ylonen @@ -65,18 +65,18 @@ * readable by anyone except the user him/herself, though this does not * contain anything particularly secret. */ -#define _PATH_SSH_USER_HOSTFILE "~/.ssh/known_hosts" +#define _PATH_SSH_USER_HOSTFILE "~/" _PATH_SSH_USER_DIR "/known_hosts" /* backward compat for protocol 2 */ -#define _PATH_SSH_USER_HOSTFILE2 "~/.ssh/known_hosts2" +#define _PATH_SSH_USER_HOSTFILE2 "~/" _PATH_SSH_USER_DIR "/known_hosts2" /* * Name of the default file containing client-side authentication key. This * file should only be readable by the user him/herself. */ -#define _PATH_SSH_CLIENT_IDENTITY ".ssh/identity" -#define _PATH_SSH_CLIENT_ID_DSA ".ssh/id_dsa" -#define _PATH_SSH_CLIENT_ID_ECDSA ".ssh/id_ecdsa" -#define _PATH_SSH_CLIENT_ID_RSA ".ssh/id_rsa" +#define _PATH_SSH_CLIENT_IDENTITY _PATH_SSH_USER_DIR "/identity" +#define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa" +#define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa" +#define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa" /* * Configuration file in user's home directory. This file need not be @@ -84,7 +84,7 @@ * particularly secret. If the user's home directory resides on an NFS * volume where root is mapped to nobody, this may need to be world-readable. */ -#define _PATH_SSH_USER_CONFFILE ".ssh/config" +#define _PATH_SSH_USER_CONFFILE _PATH_SSH_USER_DIR "/config" /* * File containing a list of those rsa keys that permit logging in as this @@ -94,10 +94,10 @@ * may need to be world-readable. (This file is read by the daemon which is * running as root.) */ -#define _PATH_SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys" +#define _PATH_SSH_USER_PERMITTED_KEYS _PATH_SSH_USER_DIR "/authorized_keys" /* backward compat for protocol v2 */ -#define _PATH_SSH_USER_PERMITTED_KEYS2 ".ssh/authorized_keys2" +#define _PATH_SSH_USER_PERMITTED_KEYS2 _PATH_SSH_USER_DIR "/authorized_keys2" /* * Per-user and system-wide ssh "rc" files. These files are executed with @@ -105,7 +105,7 @@ * passed "proto cookie" as arguments if X11 forwarding with spoofing is in * use. xauth will be run if neither of these exists. */ -#define _PATH_SSH_USER_RC ".ssh/rc" +#define _PATH_SSH_USER_RC _PATH_SSH_USER_DIR "/rc" #define _PATH_SSH_SYSTEM_RC SSHDIR "/sshrc" /* diff --git a/crypto/openssh/progressmeter.c b/crypto/openssh/progressmeter.c index 0f95222d2487..332bd3c9902f 100644 --- a/crypto/openssh/progressmeter.c +++ b/crypto/openssh/progressmeter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: progressmeter.c,v 1.37 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: progressmeter.c,v 1.39 2013/06/02 13:33:05 dtucker Exp $ */ /* * Copyright (c) 2003 Nils Nordman. All rights reserved. * @@ -131,7 +131,7 @@ refresh_progress_meter(void) transferred = *counter - cur_pos; cur_pos = *counter; - now = time(NULL); + now = monotime(); bytes_left = end_pos - cur_pos; if (bytes_left > 0) @@ -249,7 +249,7 @@ update_progress_meter(int ignore) void start_progress_meter(char *f, off_t filesize, off_t *ctr) { - start = last_update = time(NULL); + start = last_update = monotime(); file = f; end_pos = filesize; cur_pos = 0; diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c index c99ea66a7c43..f946ca78a283 100644 --- a/crypto/openssh/readconf.c +++ b/crypto/openssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.196 2013/02/22 04:45:08 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.204 2013/06/10 19:19:44 dtucker Exp $ */ /* $FreeBSD$ */ /* * Author: Tatu Ylonen @@ -33,6 +33,9 @@ __RCSID("$FreeBSD$"); #include #include #include +#ifdef HAVE_UTIL_H +#include +#endif #include "xmalloc.h" #include "ssh.h" @@ -138,13 +141,13 @@ typedef enum { oHashKnownHosts, oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, - oKexAlgorithms, oIPQoS, oRequestTTY, + oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, + oIgnoredUnknownOption, oHPNDisabled, oHPNBufferSize, oTcpRcvBufPoll, oTcpRcvBuf, #ifdef NONE_CIPHER_ENABLED oNoneEnabled, oNoneSwitch, #endif - oVersionAddendum, - oDeprecated, oUnsupported + oVersionAddendum, oDeprecated, oUnsupported } OpCodes; /* Textual representations of the tokens. */ @@ -255,6 +258,7 @@ static struct { { "kexalgorithms", oKexAlgorithms }, { "ipqos", oIPQoS }, { "requesttty", oRequestTTY }, + { "ignoreunknown", oIgnoreUnknown }, { "hpndisabled", oHPNDisabled }, { "hpnbuffersize", oHPNBufferSize }, { "tcprcvbufpoll", oTcpRcvBufPoll }, @@ -334,22 +338,20 @@ clear_forwardings(Options *options) int i; for (i = 0; i < options->num_local_forwards; i++) { - if (options->local_forwards[i].listen_host != NULL) - xfree(options->local_forwards[i].listen_host); - xfree(options->local_forwards[i].connect_host); + free(options->local_forwards[i].listen_host); + free(options->local_forwards[i].connect_host); } if (options->num_local_forwards > 0) { - xfree(options->local_forwards); + free(options->local_forwards); options->local_forwards = NULL; } options->num_local_forwards = 0; for (i = 0; i < options->num_remote_forwards; i++) { - if (options->remote_forwards[i].listen_host != NULL) - xfree(options->remote_forwards[i].listen_host); - xfree(options->remote_forwards[i].connect_host); + free(options->remote_forwards[i].listen_host); + free(options->remote_forwards[i].connect_host); } if (options->num_remote_forwards > 0) { - xfree(options->remote_forwards); + free(options->remote_forwards); options->remote_forwards = NULL; } options->num_remote_forwards = 0; @@ -381,14 +383,17 @@ add_identity_file(Options *options, const char *dir, const char *filename, */ static OpCodes -parse_token(const char *cp, const char *filename, int linenum) +parse_token(const char *cp, const char *filename, int linenum, + const char *ignored_unknown) { - u_int i; + int i; for (i = 0; keywords[i].name; i++) - if (strcasecmp(cp, keywords[i].name) == 0) + if (strcmp(cp, keywords[i].name) == 0) return keywords[i].opcode; - + if (ignored_unknown != NULL && match_pattern_list(cp, ignored_unknown, + strlen(ignored_unknown), 1) == 1) + return oIgnoredUnknownOption; error("%s: line %d: Bad configuration option: %s", filename, linenum, cp); return oBadOption; @@ -407,10 +412,10 @@ process_config_line(Options *options, const char *host, { char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; char **cpptr, fwdarg[256]; - u_int *uintptr, max_entries = 0; - int negated, opcode, *intptr, value, value2, scale; + u_int i, *uintptr, max_entries = 0; + int negated, opcode, *intptr, value, value2; LogLevel *log_level_ptr; - long long orig, val64; + long long val64; size_t len; Forward fwd; @@ -430,14 +435,22 @@ process_config_line(Options *options, const char *host, keyword = strdelim(&s); if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#') return 0; + /* Match lowercase keyword */ + for (i = 0; i < strlen(keyword); i++) + keyword[i] = tolower(keyword[i]); - opcode = parse_token(keyword, filename, linenum); + opcode = parse_token(keyword, filename, linenum, + options->ignored_unknown); switch (opcode) { case oBadOption: /* don't panic, but count bad options */ return -1; /* NOTREACHED */ + case oIgnoredUnknownOption: + debug("%s line %d: Ignored unknown option \"%s\"", + filename, linenum, keyword); + return 0; case oConnectTimeout: intptr = &options->connection_timeout; parse_time: @@ -592,39 +605,32 @@ process_config_line(Options *options, const char *host, case oRekeyLimit: arg = strdelim(&s); if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (arg[0] < '0' || arg[0] > '9') - fatal("%.200s line %d: Bad number.", filename, linenum); - orig = val64 = strtoll(arg, &endofnumber, 10); - if (arg == endofnumber) - fatal("%.200s line %d: Bad number.", filename, linenum); - switch (toupper(*endofnumber)) { - case '\0': - scale = 1; - break; - case 'K': - scale = 1<<10; - break; - case 'M': - scale = 1<<20; - break; - case 'G': - scale = 1<<30; - break; - default: - fatal("%.200s line %d: Invalid RekeyLimit suffix", - filename, linenum); + fatal("%.200s line %d: Missing argument.", filename, + linenum); + if (strcmp(arg, "default") == 0) { + val64 = 0; + } else { + if (scan_scaled(arg, &val64) == -1) + fatal("%.200s line %d: Bad number '%s': %s", + filename, linenum, arg, strerror(errno)); + /* check for too-large or too-small limits */ + if (val64 > UINT_MAX) + fatal("%.200s line %d: RekeyLimit too large", + filename, linenum); + if (val64 != 0 && val64 < 16) + fatal("%.200s line %d: RekeyLimit too small", + filename, linenum); } - val64 *= scale; - /* detect integer wrap and too-large limits */ - if ((val64 / scale) != orig || val64 > UINT_MAX) - fatal("%.200s line %d: RekeyLimit too large", - filename, linenum); - if (val64 < 16) - fatal("%.200s line %d: RekeyLimit too small", - filename, linenum); if (*activep && options->rekey_limit == -1) options->rekey_limit = (u_int32_t)val64; + if (s != NULL) { /* optional rekey interval present */ + if (strcmp(s, "none") == 0) { + (void)strdelim(&s); /* discard */ + break; + } + intptr = &options->rekey_interval; + goto parse_time; + } break; case oIdentityFile: @@ -1149,6 +1155,10 @@ process_config_line(Options *options, const char *host, } return 0; + case oIgnoreUnknown: + charptr = &options->ignored_unknown; + goto parse_string; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -1289,6 +1299,7 @@ initialize_options(Options * options) options->no_host_authentication_for_localhost = - 1; options->identities_only = - 1; options->rekey_limit = - 1; + options->rekey_interval = -1; options->verify_host_key_dns = -1; options->server_alive_interval = -1; options->server_alive_count_max = -1; @@ -1310,6 +1321,7 @@ initialize_options(Options * options) options->ip_qos_bulk = -1; options->request_tty = -1; options->version_addendum = NULL; + options->ignored_unknown = NULL; options->hpn_disabled = -1; options->hpn_buffer_size = -1; options->tcp_rcv_buf_poll = -1; @@ -1328,8 +1340,6 @@ initialize_options(Options * options) void fill_default_options(Options * options) { - int len; - if (options->forward_agent == -1) options->forward_agent = 0; if (options->forward_x11 == -1) @@ -1435,6 +1445,8 @@ fill_default_options(Options * options) options->enable_ssh_keysign = 0; if (options->rekey_limit == -1) options->rekey_limit = 0; + if (options->rekey_interval == -1) + options->rekey_interval = 0; #if HAVE_LDNS if (options->verify_host_key_dns == -1) /* automatically trust a verified SSHFP record */ @@ -1576,7 +1588,7 @@ parse_forward(Forward *fwd, const char *fwdspec, int dynamicfwd, int remotefwd) i = 0; /* failure */ } - xfree(p); + free(p); if (dynamicfwd) { if (!(i == 1 || i == 2)) @@ -1602,13 +1614,9 @@ parse_forward(Forward *fwd, const char *fwdspec, int dynamicfwd, int remotefwd) return (i); fail_free: - if (fwd->connect_host != NULL) { - xfree(fwd->connect_host); - fwd->connect_host = NULL; - } - if (fwd->listen_host != NULL) { - xfree(fwd->listen_host); - fwd->listen_host = NULL; - } + free(fwd->connect_host); + fwd->connect_host = NULL; + free(fwd->listen_host); + fwd->listen_host = NULL; return (0); } diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h index 45bac51714c5..c24e3e9952b3 100644 --- a/crypto/openssh/readconf.h +++ b/crypto/openssh/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.93 2013/02/22 04:45:09 dtucker Exp $ */ +/* $OpenBSD: readconf.h,v 1.95 2013/05/16 04:27:50 djm Exp $ */ /* $FreeBSD$ */ /* @@ -111,6 +111,7 @@ typedef struct { int enable_ssh_keysign; int64_t rekey_limit; + int rekey_interval; int no_host_authentication_for_localhost; int identities_only; int server_alive_interval; @@ -137,6 +138,9 @@ typedef struct { int use_roaming; int request_tty; + + char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ + char *version_addendum; /* Appended to SSH banner */ int hpn_disabled; /* Switch to disable HPN buffer management. */ diff --git a/crypto/openssh/readpass.c b/crypto/openssh/readpass.c index 599c8ef9a855..e37d31158c63 100644 --- a/crypto/openssh/readpass.c +++ b/crypto/openssh/readpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readpass.c,v 1.48 2010/12/15 00:49:27 djm Exp $ */ +/* $OpenBSD: readpass.c,v 1.49 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -186,7 +186,7 @@ ask_permission(const char *fmt, ...) if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0) allowed = 1; - xfree(p); + free(p); } return (allowed); diff --git a/crypto/openssh/roaming_client.c b/crypto/openssh/roaming_client.c index 48009d781d00..81c496827ecd 100644 --- a/crypto/openssh/roaming_client.c +++ b/crypto/openssh/roaming_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: roaming_client.c,v 1.4 2011/12/07 05:44:38 djm Exp $ */ +/* $OpenBSD: roaming_client.c,v 1.5 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2004-2009 AppGate Network Security AB * @@ -187,10 +187,10 @@ roaming_resume(void) debug("server doesn't allow resume"); goto fail; } - xfree(str); + free(str); for (i = 1; i < PROPOSAL_MAX; i++) { /* kex algorithm taken care of so start with i=1 and not 0 */ - xfree(packet_get_string(&len)); + free(packet_get_string(&len)); } i = packet_get_char(); /* first_kex_packet_follows */ if (i && (c = strchr(kexlist, ','))) @@ -226,8 +226,7 @@ roaming_resume(void) return 0; fail: - if (kexlist) - xfree(kexlist); + free(kexlist); if (packet_get_connection_in() == packet_get_connection_out()) close(packet_get_connection_in()); else { diff --git a/crypto/openssh/roaming_common.c b/crypto/openssh/roaming_common.c index 8d0b6054a0ba..50d6177d0c37 100644 --- a/crypto/openssh/roaming_common.c +++ b/crypto/openssh/roaming_common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: roaming_common.c,v 1.9 2011/12/07 05:44:38 djm Exp $ */ +/* $OpenBSD: roaming_common.c,v 1.10 2013/07/12 00:19:59 djm Exp $ */ /* * Copyright (c) 2004-2009 AppGate Network Security AB * @@ -227,7 +227,7 @@ calculate_new_key(u_int64_t *key, u_int64_t cookie, u_int64_t challenge) { const EVP_MD *md = EVP_sha1(); EVP_MD_CTX ctx; - char hash[EVP_MAX_MD_SIZE]; + u_char hash[EVP_MAX_MD_SIZE]; Buffer b; buffer_init(&b); diff --git a/crypto/openssh/rsa.c b/crypto/openssh/rsa.c index bec1d190bc2c..a9ee6b0edcb0 100644 --- a/crypto/openssh/rsa.c +++ b/crypto/openssh/rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.c,v 1.29 2006/11/06 21:25:28 markus Exp $ */ +/* $OpenBSD: rsa.c,v 1.30 2013/05/17 00:13:14 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -96,8 +96,8 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) memset(outbuf, 0, olen); memset(inbuf, 0, ilen); - xfree(outbuf); - xfree(inbuf); + free(outbuf); + free(inbuf); } int @@ -122,8 +122,8 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) } memset(outbuf, 0, olen); memset(inbuf, 0, ilen); - xfree(outbuf); - xfree(inbuf); + free(outbuf); + free(inbuf); return len; } diff --git a/crypto/openssh/sandbox-seccomp-filter.c b/crypto/openssh/sandbox-seccomp-filter.c index e12418399a12..cc146530599d 100644 --- a/crypto/openssh/sandbox-seccomp-filter.c +++ b/crypto/openssh/sandbox-seccomp-filter.c @@ -91,6 +91,7 @@ static const struct sock_filter preauth_insns[] = { SC_DENY(open, EACCES), SC_ALLOW(getpid), SC_ALLOW(gettimeofday), + SC_ALLOW(clock_gettime), #ifdef __NR_time /* not defined on EABI ARM */ SC_ALLOW(time), #endif diff --git a/crypto/openssh/sandbox-systrace.c b/crypto/openssh/sandbox-systrace.c index 2d16a627fe37..cc0db46c4aad 100644 --- a/crypto/openssh/sandbox-systrace.c +++ b/crypto/openssh/sandbox-systrace.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sandbox-systrace.c,v 1.6 2012/06/30 14:35:09 markus Exp $ */ +/* $OpenBSD: sandbox-systrace.c,v 1.7 2013/06/01 13:15:52 dtucker Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -57,6 +57,7 @@ static const struct sandbox_policy preauth_policy[] = { { SYS_exit, SYSTR_POLICY_PERMIT }, { SYS_getpid, SYSTR_POLICY_PERMIT }, { SYS_gettimeofday, SYSTR_POLICY_PERMIT }, + { SYS_clock_gettime, SYSTR_POLICY_PERMIT }, { SYS_madvise, SYSTR_POLICY_PERMIT }, { SYS_mmap, SYSTR_POLICY_PERMIT }, { SYS_mprotect, SYSTR_POLICY_PERMIT }, diff --git a/crypto/openssh/schnorr.c b/crypto/openssh/schnorr.c index fb6bd5e12351..09e055292fc2 100644 --- a/crypto/openssh/schnorr.c +++ b/crypto/openssh/schnorr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: schnorr.c,v 1.5 2010/12/03 23:49:26 djm Exp $ */ +/* $OpenBSD: schnorr.c,v 1.7 2013/05/17 00:13:14 djm Exp $ */ /* $FreeBSD$ */ /* * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -105,7 +105,7 @@ schnorr_hash(const BIGNUM *p, const BIGNUM *q, const BIGNUM *g, out: buffer_free(&b); bzero(digest, digest_len); - xfree(digest); + free(digest); digest_len = 0; if (success == 0) return h; @@ -491,12 +491,13 @@ debug3_bn(const BIGNUM *n, const char *fmt, ...) { char *out, *h; va_list args; + int ret; out = NULL; va_start(args, fmt); - vasprintf(&out, fmt, args); + ret = vasprintf(&out, fmt, args); va_end(args); - if (out == NULL) + if (ret == -1 || out == NULL) fatal("%s: vasprintf failed", __func__); if (n == NULL) @@ -516,12 +517,13 @@ debug3_buf(const u_char *buf, u_int len, const char *fmt, ...) char *out, h[65]; u_int i, j; va_list args; + int ret; out = NULL; va_start(args, fmt); - vasprintf(&out, fmt, args); + ret = vasprintf(&out, fmt, args); va_end(args); - if (out == NULL) + if (ret == -1 || out == NULL) fatal("%s: vasprintf failed", __func__); debug3("%s length %u%s", out, len, buf == NULL ? " (null)" : ""); @@ -574,7 +576,7 @@ modp_group_free(struct modp_group *grp) if (grp->q != NULL) BN_clear_free(grp->q); bzero(grp, sizeof(*grp)); - xfree(grp); + free(grp); } /* main() function for self-test */ @@ -609,7 +611,7 @@ schnorr_selftest_one(const BIGNUM *grp_p, const BIGNUM *grp_q, if (schnorr_verify_buf(grp_p, grp_q, grp_g, g_x, "junk", 4, sig, siglen) != 0) fatal("%s: verify should have failed (bit error)", __func__); - xfree(sig); + free(sig); BN_free(g_x); BN_CTX_free(bn_ctx); } diff --git a/crypto/openssh/scp.1 b/crypto/openssh/scp.1 index f37a56d099dc..20797a2da5e7 100644 --- a/crypto/openssh/scp.1 +++ b/crypto/openssh/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.58 2011/09/05 07:01:44 jmc Exp $ +.\" $OpenBSD: scp.1,v 1.59 2013/07/16 00:07:52 schwarze Exp $ .\" -.Dd September 5, 2011 +.Dd July 16, 2013 .Dt SCP 1 .Os .Sh NAME @@ -235,5 +235,5 @@ is based on the program in BSD source code from the Regents of the University of California. .Sh AUTHORS -.An Timo Rinne Aq tri@iki.fi -.An Tatu Ylonen Aq ylo@cs.hut.fi +.An Timo Rinne Aq Mt tri@iki.fi +.An Tatu Ylonen Aq Mt ylo@cs.hut.fi diff --git a/crypto/openssh/scp.c b/crypto/openssh/scp.c index 645d7403b93b..28ded5e9a00a 100644 --- a/crypto/openssh/scp.c +++ b/crypto/openssh/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.171 2011/09/09 22:37:01 djm Exp $ */ +/* $OpenBSD: scp.c,v 1.178 2013/06/22 06:31:57 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -550,6 +550,24 @@ scpio(void *_cnt, size_t s) return 0; } +static int +do_times(int fd, int verb, const struct stat *sb) +{ + /* strlen(2^64) == 20; strlen(10^6) == 7 */ + char buf[(20 + 7 + 2) * 2 + 2]; + + (void)snprintf(buf, sizeof(buf), "T%llu 0 %llu 0\n", + (unsigned long long) (sb->st_mtime < 0 ? 0 : sb->st_mtime), + (unsigned long long) (sb->st_atime < 0 ? 0 : sb->st_atime)); + if (verb) { + fprintf(stderr, "File mtime %lld atime %lld\n", + (long long)sb->st_mtime, (long long)sb->st_atime); + fprintf(stderr, "Sending file timestamps: %s", buf); + } + (void) atomicio(vwrite, fd, buf, strlen(buf)); + return (response()); +} + void toremote(char *targ, int argc, char **argv) { @@ -578,7 +596,7 @@ toremote(char *targ, int argc, char **argv) } if (tuser != NULL && !okname(tuser)) { - xfree(arg); + free(arg); return; } @@ -605,13 +623,13 @@ toremote(char *targ, int argc, char **argv) *src == '-' ? "-- " : "", src); if (do_cmd(host, suser, bp, &remin, &remout) < 0) exit(1); - (void) xfree(bp); + free(bp); host = cleanhostname(thost); xasprintf(&bp, "%s -t %s%s", cmd, *targ == '-' ? "-- " : "", targ); if (do_cmd2(host, tuser, bp, remin, remout) < 0) exit(1); - (void) xfree(bp); + free(bp); (void) close(remin); (void) close(remout); remin = remout = -1; @@ -662,12 +680,12 @@ toremote(char *targ, int argc, char **argv) exit(1); if (response() < 0) exit(1); - (void) xfree(bp); + free(bp); } source(1, argv + i); } } - xfree(arg); + free(arg); } void @@ -711,11 +729,11 @@ tolocal(int argc, char **argv) xasprintf(&bp, "%s -f %s%s", cmd, *src == '-' ? "-- " : "", src); if (do_cmd(host, suser, bp, &remin, &remout) < 0) { - (void) xfree(bp); + free(bp); ++errs; continue; } - xfree(bp); + free(bp); sink(1, argv + argc - 1); (void) close(remin); remin = remout = -1; @@ -774,21 +792,7 @@ syserr: run_err("%s: %s", name, strerror(errno)); ++last; curfile = last; if (pflag) { - /* - * Make it compatible with possible future - * versions expecting microseconds. - */ - (void) snprintf(buf, sizeof buf, "T%lu 0 %lu 0\n", - (u_long) (stb.st_mtime < 0 ? 0 : stb.st_mtime), - (u_long) (stb.st_atime < 0 ? 0 : stb.st_atime)); - if (verbose_mode) { - fprintf(stderr, "File mtime %ld atime %ld\n", - (long)stb.st_mtime, (long)stb.st_atime); - fprintf(stderr, "Sending file timestamps: %s", - buf); - } - (void) atomicio(vwrite, remout, buf, strlen(buf)); - if (response() < 0) + if (do_times(remout, verbose_mode, &stb) < 0) goto next; } #define FILEMODEMASK (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO) @@ -850,7 +854,7 @@ rsource(char *name, struct stat *statp) { DIR *dirp; struct dirent *dp; - char *last, *vect[1], path[1100]; + char *last, *vect[1], path[MAXPATHLEN]; if (!(dirp = opendir(name))) { run_err("%s: %s", name, strerror(errno)); @@ -862,11 +866,7 @@ rsource(char *name, struct stat *statp) else last++; if (pflag) { - (void) snprintf(path, sizeof(path), "T%lu 0 %lu 0\n", - (u_long) statp->st_mtime, - (u_long) statp->st_atime); - (void) atomicio(vwrite, remout, path, strlen(path)); - if (response() < 0) { + if (do_times(remout, verbose_mode, statp) < 0) { closedir(dirp); return; } @@ -912,6 +912,7 @@ sink(int argc, char **argv) int amt, exists, first, ofd; mode_t mode, omode, mask; off_t size, statbytes; + unsigned long long ull; int setimes, targisdir, wrerrno = 0; char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; struct timeval tv[2]; @@ -970,17 +971,31 @@ sink(int argc, char **argv) if (*cp == 'T') { setimes++; cp++; - mtime.tv_sec = strtol(cp, &cp, 10); + if (!isdigit((unsigned char)*cp)) + SCREWUP("mtime.sec not present"); + ull = strtoull(cp, &cp, 10); if (!cp || *cp++ != ' ') SCREWUP("mtime.sec not delimited"); + if ((time_t)ull < 0 || + (unsigned long long)(time_t)ull != ull) + setimes = 0; /* out of range */ + mtime.tv_sec = ull; mtime.tv_usec = strtol(cp, &cp, 10); - if (!cp || *cp++ != ' ') + if (!cp || *cp++ != ' ' || mtime.tv_usec < 0 || + mtime.tv_usec > 999999) SCREWUP("mtime.usec not delimited"); - atime.tv_sec = strtol(cp, &cp, 10); + if (!isdigit((unsigned char)*cp)) + SCREWUP("atime.sec not present"); + ull = strtoull(cp, &cp, 10); if (!cp || *cp++ != ' ') SCREWUP("atime.sec not delimited"); + if ((time_t)ull < 0 || + (unsigned long long)(time_t)ull != ull) + setimes = 0; /* out of range */ + atime.tv_sec = ull; atime.tv_usec = strtol(cp, &cp, 10); - if (!cp || *cp++ != '\0') + if (!cp || *cp++ != '\0' || atime.tv_usec < 0 || + atime.tv_usec > 999999) SCREWUP("atime.usec not delimited"); (void) atomicio(vwrite, remout, "", 1); continue; @@ -1023,8 +1038,7 @@ sink(int argc, char **argv) need = strlen(targ) + strlen(cp) + 250; if (need > cursize) { - if (namebuf) - xfree(namebuf); + free(namebuf); namebuf = xmalloc(need); cursize = need; } @@ -1063,12 +1077,11 @@ sink(int argc, char **argv) } if (mod_flag) (void) chmod(vect[0], mode); - if (vect[0]) - xfree(vect[0]); + free(vect[0]); continue; } omode = mode; - mode |= S_IWRITE; + mode |= S_IWUSR; if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { bad: run_err("%s: %s", np, strerror(errno)); continue; @@ -1325,7 +1338,7 @@ void lostconn(int signo) { if (!iamremote) - write(STDERR_FILENO, "lost connection\n", 16); + (void)write(STDERR_FILENO, "lost connection\n", 16); if (signo) _exit(1); else diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index a6aeea301958..47ee62419dd9 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.234 2013/02/06 00:20:42 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.240 2013/07/19 07:37:48 markus Exp $ */ /* $FreeBSD$ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -22,6 +22,7 @@ __RCSID("$FreeBSD$"); #include #include +#include #include #include #include @@ -31,6 +32,9 @@ __RCSID("$FreeBSD$"); #include #include #include +#ifdef HAVE_UTIL_H +#include +#endif #include "openbsd-compat/sys-queue.h" #include "xmalloc.h" @@ -78,6 +82,7 @@ initialize_server_options(ServerOptions *options) options->address_family = -1; options->num_host_key_files = 0; options->num_host_cert_files = 0; + options->host_key_agent = NULL; options->pid_file = NULL; options->server_key_bits = -1; options->login_grace_time = -1; @@ -113,6 +118,8 @@ initialize_server_options(ServerOptions *options) options->permit_user_env = -1; options->use_login = -1; options->compression = -1; + options->rekey_limit = -1; + options->rekey_interval = -1; options->allow_tcp_forwarding = -1; options->allow_agent_forwarding = -1; options->num_allow_users = 0; @@ -258,6 +265,10 @@ fill_default_server_options(ServerOptions *options) options->use_login = 0; if (options->compression == -1) options->compression = COMP_DELAYED; + if (options->rekey_limit == -1) + options->rekey_limit = 0; + if (options->rekey_interval == -1) + options->rekey_interval = 0; if (options->allow_tcp_forwarding == -1) options->allow_tcp_forwarding = FORWARD_ALLOW; if (options->allow_agent_forwarding == -1) @@ -361,7 +372,7 @@ typedef enum { sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, sStrictModes, sEmptyPasswd, sTCPKeepAlive, sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, - sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions, @@ -375,7 +386,7 @@ typedef enum { sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, sKexAlgorithms, sIPQoS, sVersionAddendum, sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, - sAuthenticationMethods, + sAuthenticationMethods, sHostKeyAgent, sHPNDisabled, sHPNBufferSize, sTcpRcvBufPoll, #ifdef NONE_CIPHER_ENABLED sNoneEnabled, @@ -404,6 +415,7 @@ static struct { { "port", sPort, SSHCFG_GLOBAL }, { "hostkey", sHostKeyFile, SSHCFG_GLOBAL }, { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */ + { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL }, { "pidfile", sPidFile, SSHCFG_GLOBAL }, { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, @@ -467,6 +479,7 @@ static struct { { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, { "uselogin", sUseLogin, SSHCFG_GLOBAL }, { "compression", sCompression, SSHCFG_GLOBAL }, + { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */ { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL }, @@ -560,7 +573,7 @@ derelativise_path(const char *path) if (getcwd(cwd, sizeof(cwd)) == NULL) fatal("%s: getcwd: %s", __func__, strerror(errno)); xasprintf(&ret, "%s/%s", cwd, expanded); - xfree(expanded); + free(expanded); return ret; } @@ -852,13 +865,13 @@ process_server_config_line(ServerOptions *options, char *line, struct connection_info *connectinfo) { char *cp, **charptr, *arg, *p; - int cmdline = 0, *intptr, value, value2, n; + int cmdline = 0, *intptr, value, value2, n, port; SyslogFacility *log_facility_ptr; LogLevel *log_level_ptr; ServerOpCodes opcode; - int port; u_int i, flags = 0; size_t len; + long long val64; const struct multistate *multistate_ptr; cp = line; @@ -1018,6 +1031,17 @@ process_server_config_line(ServerOptions *options, char *line, } break; + case sHostKeyAgent: + charptr = &options->host_key_agent; + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing socket name.", + filename, linenum); + if (*activep && *charptr == NULL) + *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? + xstrdup(arg) : derelativise_path(arg); + break; + case sHostCertificate: intptr = &options->num_host_cert_files; if (*intptr >= MAX_HOSTKEYS) @@ -1169,6 +1193,37 @@ process_server_config_line(ServerOptions *options, char *line, multistate_ptr = multistate_compression; goto parse_multistate; + case sRekeyLimit: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", filename, + linenum); + if (strcmp(arg, "default") == 0) { + val64 = 0; + } else { + if (scan_scaled(arg, &val64) == -1) + fatal("%.200s line %d: Bad number '%s': %s", + filename, linenum, arg, strerror(errno)); + /* check for too-large or too-small limits */ + if (val64 > UINT_MAX) + fatal("%.200s line %d: RekeyLimit too large", + filename, linenum); + if (val64 != 0 && val64 < 16) + fatal("%.200s line %d: RekeyLimit too small", + filename, linenum); + } + if (*activep && options->rekey_limit == -1) + options->rekey_limit = (u_int32_t)val64; + if (cp != NULL) { /* optional rekey interval present */ + if (strcmp(cp, "none") == 0) { + (void)strdelim(&cp); /* discard */ + break; + } + intptr = &options->rekey_interval; + goto parse_time; + } + break; + case sGatewayPorts: intptr = &options->gateway_ports; multistate_ptr = multistate_gatewayports; @@ -1740,8 +1795,7 @@ int server_match_spec_complete(struct connection_info *ci) } while (0) #define M_CP_STROPT(n) do {\ if (src->n != NULL) { \ - if (dst->n != NULL) \ - xfree(dst->n); \ + free(dst->n); \ dst->n = src->n; \ } \ } while(0) @@ -1787,6 +1841,8 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) M_CP_INTOPT(max_authtries); M_CP_INTOPT(ip_qos_interactive); M_CP_INTOPT(ip_qos_bulk); + M_CP_INTOPT(rekey_limit); + M_CP_INTOPT(rekey_interval); /* See comment in servconf.h */ COPY_MATCH_STRING_OPTS(); @@ -1823,7 +1879,7 @@ parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, linenum++, &active, connectinfo) != 0) bad_options++; } - xfree(obuf); + free(obuf); if (bad_options > 0) fatal("%s: terminating, %d bad configuration options", filename, bad_options); @@ -2037,6 +2093,7 @@ dump_config(ServerOptions *o) dump_cfg_string(sVersionAddendum, o->version_addendum); dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command); dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user); + dump_cfg_string(sHostKeyAgent, o->host_key_agent); /* string arguments requiring a lookup */ dump_cfg_string(sLogLevel, log_level_name(o->log_level)); @@ -2075,5 +2132,8 @@ dump_config(ServerOptions *o) printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); printf("%s\n", iptos2str(o->ip_qos_bulk)); + printf("rekeylimit %lld %d\n", (long long)o->rekey_limit, + o->rekey_interval); + channel_print_adm_permitted_opens(); } diff --git a/crypto/openssh/servconf.h b/crypto/openssh/servconf.h index 6e5df9e0d323..d0433d77b74d 100644 --- a/crypto/openssh/servconf.h +++ b/crypto/openssh/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.107 2013/01/03 05:49:36 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.109 2013/07/19 07:37:48 markus Exp $ */ /* $FreeBSD$ */ /* @@ -66,6 +66,7 @@ typedef struct { int num_host_key_files; /* Number of files for host keys. */ char *host_cert_files[MAX_HOSTCERTS]; /* Files containing host certs. */ int num_host_cert_files; /* Number of files for host certs. */ + char *host_key_agent; /* ssh-agent socket for host keys. */ char *pid_file; /* Where to put our pid */ int server_key_bits;/* Size of the server key. */ int login_grace_time; /* Disconnect if no auth in this time @@ -177,6 +178,9 @@ typedef struct { char *authorized_keys_command; char *authorized_keys_command_user; + int64_t rekey_limit; + int rekey_interval; + char *version_addendum; /* Appended to SSH banner */ int hpn_disabled; /* Disable HPN functionality. */ diff --git a/crypto/openssh/serverloop.c b/crypto/openssh/serverloop.c index 53a99ca83e1f..92e725ce9687 100644 --- a/crypto/openssh/serverloop.c +++ b/crypto/openssh/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.164 2012/12/07 01:51:35 dtucker Exp $ */ +/* $OpenBSD: serverloop.c,v 1.168 2013/07/12 00:19:59 djm Exp $ */ /* $FreeBSD$ */ /* * Author: Tatu Ylonen @@ -149,7 +149,7 @@ static void notify_parent(void) { if (notify_pipe[1] != -1) - write(notify_pipe[1], "", 1); + (void)write(notify_pipe[1], "", 1); } static void notify_prepare(fd_set *readset) @@ -278,7 +278,7 @@ client_alive_check(void) */ static void wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, - u_int *nallocp, u_int max_time_milliseconds) + u_int *nallocp, u_int64_t max_time_milliseconds) { struct timeval tv, *tvp; int ret; @@ -564,7 +564,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) int wait_status; /* Status returned by wait(). */ pid_t wait_pid; /* pid returned by wait(). */ int waiting_termination = 0; /* Have displayed waiting close message. */ - u_int max_time_milliseconds; + u_int64_t max_time_milliseconds; u_int previous_stdout_buffer_bytes; u_int stdout_buffer_bytes; int type; @@ -695,7 +695,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) /* Display list of open channels. */ cp = channel_open_message(); buffer_append(&stderr_buffer, cp, strlen(cp)); - xfree(cp); + free(cp); } } max_fd = MAX(connection_in, connection_out); @@ -723,10 +723,8 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) /* Process output to the client and to program stdin. */ process_output(writeset); } - if (readset) - xfree(readset); - if (writeset) - xfree(writeset); + free(readset); + free(writeset); /* Cleanup and termination code. */ @@ -826,7 +824,9 @@ void server_loop2(Authctxt *authctxt) { fd_set *readset = NULL, *writeset = NULL; - int rekeying = 0, max_fd, nalloc = 0; + int rekeying = 0, max_fd; + u_int nalloc = 0; + u_int64_t rekey_timeout_ms = 0; debug("Entering interactive session for SSH2."); @@ -855,8 +855,13 @@ server_loop2(Authctxt *authctxt) if (!rekeying && packet_not_very_much_data_to_write()) channel_output_poll(); + if (options.rekey_interval > 0 && compat20 && !rekeying) + rekey_timeout_ms = packet_get_rekey_timeout() * 1000; + else + rekey_timeout_ms = 0; + wait_until_can_do_something(&readset, &writeset, &max_fd, - &nalloc, 0); + &nalloc, rekey_timeout_ms); if (received_sigterm) { logit("Exiting on signal %d", (int)received_sigterm); @@ -880,10 +885,8 @@ server_loop2(Authctxt *authctxt) } collect_children(); - if (readset) - xfree(readset); - if (writeset) - xfree(writeset); + free(readset); + free(writeset); /* free all channels, no more reads and writes */ channel_free_all(); @@ -918,7 +921,7 @@ server_input_stdin_data(int type, u_int32_t seq, void *ctxt) packet_check_eom(); buffer_append(&stdin_buffer, data, data_len); memset(data, 0, data_len); - xfree(data); + free(data); } static void @@ -975,8 +978,8 @@ server_request_direct_tcpip(void) originator, originator_port, target, target_port); } - xfree(originator); - xfree(target); + free(originator); + free(target); return c; } @@ -1113,7 +1116,7 @@ server_input_channel_open(int type, u_int32_t seq, void *ctxt) } packet_send(); } - xfree(ctype); + free(ctype); } static void @@ -1158,7 +1161,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) listen_address, listen_port, &allocated_listen_port, options.gateway_ports); } - xfree(listen_address); + free(listen_address); } else if (strcmp(rtype, "cancel-tcpip-forward") == 0) { char *cancel_address; u_short cancel_port; @@ -1170,7 +1173,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) success = channel_cancel_rport_listener(cancel_address, cancel_port); - xfree(cancel_address); + free(cancel_address); } else if (strcmp(rtype, "no-more-sessions@openssh.com") == 0) { no_more_sessions = 1; success = 1; @@ -1183,7 +1186,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) packet_send(); packet_write_wait(); } - xfree(rtype); + free(rtype); } static void @@ -1215,7 +1218,7 @@ server_input_channel_req(int type, u_int32_t seq, void *ctxt) packet_put_int(c->remote_id); packet_send(); } - xfree(rtype); + free(rtype); } static void diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index 315538e59548..6d25b873a971 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.261 2012/12/02 20:46:11 djm Exp $ */ +/* $OpenBSD: session.c,v 1.266 2013/07/19 07:37:48 markus Exp $ */ /* $FreeBSD$ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -82,6 +82,7 @@ __RCSID("$FreeBSD$"); #include "hostfile.h" #include "auth.h" #include "auth-options.h" +#include "authfd.h" #include "pathnames.h" #include "log.h" #include "servconf.h" @@ -201,7 +202,7 @@ auth_input_request_forwarding(struct passwd * pw) packet_send_debug("Agent forwarding disabled: " "mkdtemp() failed: %.100s", strerror(errno)); restore_uid(); - xfree(auth_sock_dir); + free(auth_sock_dir); auth_sock_dir = NULL; goto authsock_err; } @@ -249,11 +250,10 @@ auth_input_request_forwarding(struct passwd * pw) return 1; authsock_err: - if (auth_sock_name != NULL) - xfree(auth_sock_name); + free(auth_sock_name); if (auth_sock_dir != NULL) { rmdir(auth_sock_dir); - xfree(auth_sock_dir); + free(auth_sock_dir); } if (sock != -1) close(sock); @@ -369,8 +369,8 @@ do_authenticated1(Authctxt *authctxt) packet_check_eom(); success = session_setup_x11fwd(s); if (!success) { - xfree(s->auth_proto); - xfree(s->auth_data); + free(s->auth_proto); + free(s->auth_data); s->auth_proto = NULL; s->auth_data = NULL; } @@ -417,7 +417,7 @@ do_authenticated1(Authctxt *authctxt) if (do_exec(s, command) != 0) packet_disconnect( "command execution failed"); - xfree(command); + free(command); } else { if (do_exec(s, NULL) != 0) packet_disconnect( @@ -982,7 +982,7 @@ child_set_env(char ***envp, u_int *envsizep, const char *name, break; if (env[i]) { /* Reuse the slot. */ - xfree(env[i]); + free(env[i]); } else { /* New variable. Expand if necessary. */ envsize = *envsizep; @@ -1098,8 +1098,8 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid) umask((mode_t)mask); for (i = 0; tmpenv[i] != NULL; i++) - xfree(tmpenv[i]); - xfree(tmpenv); + free(tmpenv[i]); + free(tmpenv); } #endif /* HAVE_ETC_DEFAULT_LOGIN */ @@ -1115,7 +1115,7 @@ copy_environment(char **source, char ***env, u_int *envsize) for(i = 0; source[i] != NULL; i++) { var_name = xstrdup(source[i]); if ((var_val = strstr(var_name, "=")) == NULL) { - xfree(var_name); + free(var_name); continue; } *var_val++ = '\0'; @@ -1123,7 +1123,7 @@ copy_environment(char **source, char ***env, u_int *envsize) debug3("Copy environment: %s=%s", var_name, var_val); child_set_env(env, envsize, var_name, var_val); - xfree(var_name); + free(var_name); } } @@ -1195,8 +1195,8 @@ do_setup_env(Session *s, const char *shell) LOGIN_SETENV|LOGIN_SETPATH); copy_environment(environ, &env, &envsize); for (var = environ; *var != NULL; ++var) - xfree(*var); - xfree(environ); + free(*var); + free(environ); environ = senv; #else /* HAVE_LOGIN_CAP */ # ifndef HAVE_CYGWIN @@ -1235,8 +1235,8 @@ do_setup_env(Session *s, const char *shell) child_set_env(&env, &envsize, str, str + i + 1); } custom_environment = ce->next; - xfree(ce->s); - xfree(ce); + free(ce->s); + free(ce); } } @@ -1248,7 +1248,7 @@ do_setup_env(Session *s, const char *shell) laddr = get_local_ipaddr(packet_get_connection_in()); snprintf(buf, sizeof buf, "%.50s %d %.50s %d", get_remote_ipaddr(), get_remote_port(), laddr, get_local_port()); - xfree(laddr); + free(laddr); child_set_env(&env, &envsize, "SSH_CONNECTION", buf); if (s->ttyfd != -1) @@ -1419,7 +1419,7 @@ do_nologin(struct passwd *pw) #endif if (stat(nl, &sb) == -1) { if (nl != def_nl) - xfree(nl); + free(nl); return; } @@ -1529,6 +1529,9 @@ do_setusercontext(struct passwd *pw) safely_chroot(chroot_path, pw->pw_uid); free(tmp); free(chroot_path); + /* Make sure we don't attempt to chroot again */ + free(options.chroot_directory); + options.chroot_directory = NULL; } #ifdef HAVE_LOGIN_CAP @@ -1545,6 +1548,9 @@ do_setusercontext(struct passwd *pw) /* Permanently switch to the desired uid. */ permanently_set_uid(pw); #endif + } else if (options.chroot_directory != NULL && + strcasecmp(options.chroot_directory, "none") != 0) { + fatal("server lacks privileges to chroot to ChrootDirectory"); } if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) @@ -1600,6 +1606,13 @@ launch_login(struct passwd *pw, const char *hostname) static void child_close_fds(void) { + extern AuthenticationConnection *auth_conn; + + if (auth_conn) { + ssh_close_authentication_connection(auth_conn); + auth_conn = NULL; + } + if (packet_get_connection_in() == packet_get_connection_out()) close(packet_get_connection_in()); else { @@ -2064,7 +2077,7 @@ session_pty_req(Session *s) s->ypixel = packet_get_int(); if (strcmp(s->term, "") == 0) { - xfree(s->term); + free(s->term); s->term = NULL; } @@ -2072,8 +2085,7 @@ session_pty_req(Session *s) debug("Allocating pty."); if (!PRIVSEP(pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)))) { - if (s->term) - xfree(s->term); + free(s->term); s->term = NULL; s->ptyfd = -1; s->ttyfd = -1; @@ -2134,7 +2146,7 @@ session_subsystem_req(Session *s) logit("subsystem request for %.100s failed, subsystem not found", subsys); - xfree(subsys); + free(subsys); return success; } @@ -2156,8 +2168,8 @@ session_x11_req(Session *s) success = session_setup_x11fwd(s); if (!success) { - xfree(s->auth_proto); - xfree(s->auth_data); + free(s->auth_proto); + free(s->auth_data); s->auth_proto = NULL; s->auth_data = NULL; } @@ -2179,7 +2191,7 @@ session_exec_req(Session *s) char *command = packet_get_string(&len); packet_check_eom(); success = do_exec(s, command) == 0; - xfree(command); + free(command); return success; } @@ -2225,8 +2237,8 @@ session_env_req(Session *s) debug2("Ignoring env request %s: disallowed name", name); fail: - xfree(name); - xfree(val); + free(name); + free(val); return (0); } @@ -2412,24 +2424,16 @@ session_close_single_x11(int id, void *arg) if (s->x11_chanids[i] != id) session_close_x11(s->x11_chanids[i]); } - xfree(s->x11_chanids); + free(s->x11_chanids); s->x11_chanids = NULL; - if (s->display) { - xfree(s->display); - s->display = NULL; - } - if (s->auth_proto) { - xfree(s->auth_proto); - s->auth_proto = NULL; - } - if (s->auth_data) { - xfree(s->auth_data); - s->auth_data = NULL; - } - if (s->auth_display) { - xfree(s->auth_display); - s->auth_display = NULL; - } + free(s->display); + s->display = NULL; + free(s->auth_proto); + s->auth_proto = NULL; + free(s->auth_data); + s->auth_data = NULL; + free(s->auth_display); + s->auth_display = NULL; } static void @@ -2491,24 +2495,18 @@ session_close(Session *s) debug("session_close: session %d pid %ld", s->self, (long)s->pid); if (s->ttyfd != -1) session_pty_cleanup(s); - if (s->term) - xfree(s->term); - if (s->display) - xfree(s->display); - if (s->x11_chanids) - xfree(s->x11_chanids); - if (s->auth_display) - xfree(s->auth_display); - if (s->auth_data) - xfree(s->auth_data); - if (s->auth_proto) - xfree(s->auth_proto); + free(s->term); + free(s->display); + free(s->x11_chanids); + free(s->auth_display); + free(s->auth_data); + free(s->auth_proto); if (s->env != NULL) { for (i = 0; i < s->num_env; i++) { - xfree(s->env[i].name); - xfree(s->env[i].val); + free(s->env[i].name); + free(s->env[i].val); } - xfree(s->env); + free(s->env); } session_proctitle(s); session_unused(s->self); diff --git a/crypto/openssh/sftp-client.c b/crypto/openssh/sftp-client.c index 85f2bd444b33..f4f1970b6c98 100644 --- a/crypto/openssh/sftp-client.c +++ b/crypto/openssh/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.97 2012/07/02 12:13:26 dtucker Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.101 2013/07/25 00:56:51 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -112,7 +112,7 @@ send_msg(struct sftp_conn *conn, Buffer *m) iov[1].iov_len = buffer_len(m); if (atomiciov6(writev, conn->fd_out, iov, 2, - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) != + conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) != buffer_len(m) + sizeof(mlen)) fatal("Couldn't send packet: %s", strerror(errno)); @@ -394,8 +394,8 @@ do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests, } else { debug2("Unrecognised server extension \"%s\"", name); } - xfree(name); - xfree(value); + free(name); + free(value); } buffer_free(&msg); @@ -509,7 +509,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, error("Couldn't read directory: %s", fx2txt(status)); do_close(conn, handle, handle_len); - xfree(handle); + free(handle); buffer_free(&msg); return(status); } @@ -552,14 +552,14 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, (*dir)[++ents] = NULL; } next: - xfree(filename); - xfree(longname); + free(filename); + free(longname); } } buffer_free(&msg); do_close(conn, handle, handle_len); - xfree(handle); + free(handle); /* Don't return partial matches on interrupt */ if (interrupted && dir != NULL && *dir != NULL) { @@ -582,11 +582,11 @@ void free_sftp_dirents(SFTP_DIRENT **s) int i; for (i = 0; s[i]; i++) { - xfree(s[i]->filename); - xfree(s[i]->longname); - xfree(s[i]); + free(s[i]->filename); + free(s[i]->longname); + free(s[i]); } - xfree(s); + free(s); } int @@ -760,7 +760,7 @@ do_realpath(struct sftp_conn *conn, char *path) debug3("SSH_FXP_REALPATH %s -> %s size %lu", path, filename, (unsigned long)a->size); - xfree(longname); + free(longname); buffer_free(&msg); @@ -907,7 +907,7 @@ do_readlink(struct sftp_conn *conn, char *path) debug3("SSH_FXP_READLINK %s -> %s", path, filename); - xfree(longname); + free(longname); buffer_free(&msg); @@ -988,16 +988,17 @@ send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset, int do_download(struct sftp_conn *conn, char *remote_path, char *local_path, - Attrib *a, int pflag) + Attrib *a, int pflag, int resume) { Attrib junk; Buffer msg; char *handle; - int local_fd, status = 0, write_error; - int read_error, write_errno; - u_int64_t offset, size; + int local_fd = -1, status = 0, write_error; + int read_error, write_errno, reordered = 0; + u_int64_t offset = 0, size, highwater; u_int handle_len, mode, type, id, buflen, num_req, max_req; off_t progress_counter; + struct stat st; struct request { u_int id; u_int len; @@ -1050,21 +1051,36 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, return(-1); } - local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, - mode | S_IWRITE); + local_fd = open(local_path, O_WRONLY | O_CREAT | (resume ? 0 : O_TRUNC), + mode | S_IWUSR); if (local_fd == -1) { error("Couldn't open local file \"%s\" for writing: %s", local_path, strerror(errno)); - do_close(conn, handle, handle_len); - buffer_free(&msg); - xfree(handle); - return(-1); + goto fail; + } + offset = highwater = 0; + if (resume) { + if (fstat(local_fd, &st) == -1) { + error("Unable to stat local file \"%s\": %s", + local_path, strerror(errno)); + goto fail; + } + if ((size_t)st.st_size > size) { + error("Unable to resume download of \"%s\": " + "local file is larger than remote", local_path); + fail: + do_close(conn, handle, handle_len); + buffer_free(&msg); + free(handle); + return -1; + } + offset = highwater = st.st_size; } /* Read from remote and write to local */ - write_error = read_error = write_errno = num_req = offset = 0; + write_error = read_error = write_errno = num_req = 0; max_req = 1; - progress_counter = 0; + progress_counter = offset; if (showprogress && size != 0) start_progress_meter(remote_path, size, &progress_counter); @@ -1121,7 +1137,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, read_error = 1; max_req = 0; TAILQ_REMOVE(&requests, req, tq); - xfree(req); + free(req); num_req--; break; case SSH2_FXP_DATA: @@ -1139,12 +1155,16 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, write_error = 1; max_req = 0; } + else if (!reordered && req->offset <= highwater) + highwater = req->offset + len; + else if (!reordered && req->offset > highwater) + reordered = 1; progress_counter += len; - xfree(data); + free(data); if (len == req->len) { TAILQ_REMOVE(&requests, req, tq); - xfree(req); + free(req); num_req--; } else { /* Resend the request for the missing data */ @@ -1187,7 +1207,15 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, /* Sanity check */ if (TAILQ_FIRST(&requests) != NULL) fatal("Transfer complete, but requests still in queue"); - + /* Truncate at highest contiguous point to avoid holes on interrupt */ + if (read_error || write_error || interrupted) { + if (reordered && resume) { + error("Unable to resume download of \"%s\": " + "server reordered requests", local_path); + } + debug("truncating at %llu", (unsigned long long)highwater); + ftruncate(local_fd, highwater); + } if (read_error) { error("Couldn't read from remote file \"%s\" : %s", remote_path, fx2txt(status)); @@ -1199,7 +1227,8 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, do_close(conn, handle, handle_len); } else { status = do_close(conn, handle, handle_len); - + if (interrupted) + status = -1; /* Override umask and utimes if asked */ #ifdef HAVE_FCHMOD if (pflag && fchmod(local_fd, mode) == -1) @@ -1220,14 +1249,14 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, } close(local_fd); buffer_free(&msg); - xfree(handle); + free(handle); return(status); } static int download_dir_internal(struct sftp_conn *conn, char *src, char *dst, - Attrib *dirattrib, int pflag, int printflag, int depth) + Attrib *dirattrib, int pflag, int printflag, int depth, int resume) { int i, ret = 0; SFTP_DIRENT **dir_entries; @@ -1280,11 +1309,11 @@ download_dir_internal(struct sftp_conn *conn, char *src, char *dst, continue; if (download_dir_internal(conn, new_src, new_dst, &(dir_entries[i]->a), pflag, printflag, - depth + 1) == -1) + depth + 1, resume) == -1) ret = -1; } else if (S_ISREG(dir_entries[i]->a.perm) ) { if (do_download(conn, new_src, new_dst, - &(dir_entries[i]->a), pflag) == -1) { + &(dir_entries[i]->a), pflag, resume) == -1) { error("Download of file %s to %s failed", new_src, new_dst); ret = -1; @@ -1292,8 +1321,8 @@ download_dir_internal(struct sftp_conn *conn, char *src, char *dst, } else logit("%s: not a regular file\n", new_src); - xfree(new_dst); - xfree(new_src); + free(new_dst); + free(new_src); } if (pflag) { @@ -1317,7 +1346,7 @@ download_dir_internal(struct sftp_conn *conn, char *src, char *dst, int download_dir(struct sftp_conn *conn, char *src, char *dst, - Attrib *dirattrib, int pflag, int printflag) + Attrib *dirattrib, int pflag, int printflag, int resume) { char *src_canon; int ret; @@ -1328,8 +1357,8 @@ download_dir(struct sftp_conn *conn, char *src, char *dst, } ret = download_dir_internal(conn, src_canon, dst, - dirattrib, pflag, printflag, 0); - xfree(src_canon); + dirattrib, pflag, printflag, 0, resume); + free(src_canon); return ret; } @@ -1340,7 +1369,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, int local_fd; int status = SSH2_FX_OK; u_int handle_len, id, type; - off_t offset; + off_t offset, progress_counter; char *handle, *data; Buffer msg; struct stat sb; @@ -1408,9 +1437,10 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, data = xmalloc(conn->transfer_buflen); /* Read from local and write to remote */ - offset = 0; + offset = progress_counter = 0; if (showprogress) - start_progress_meter(local_path, sb.st_size, &offset); + start_progress_meter(local_path, sb.st_size, + &progress_counter); for (;;) { int len; @@ -1481,7 +1511,8 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, debug3("In write loop, ack for %u %u bytes at %lld", ack->id, ack->len, (long long)ack->offset); ++ackid; - xfree(ack); + progress_counter += ack->len; + free(ack); } offset += len; if (offset < 0) @@ -1491,7 +1522,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, if (showprogress) stop_progress_meter(); - xfree(data); + free(data); if (status != SSH2_FX_OK) { error("Couldn't write to remote file \"%s\": %s", @@ -1511,7 +1542,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, if (do_close(conn, handle, handle_len) != SSH2_FX_OK) status = -1; - xfree(handle); + free(handle); return status; } @@ -1551,7 +1582,7 @@ upload_dir_internal(struct sftp_conn *conn, char *src, char *dst, a.perm &= 01777; if (!pflag) a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME; - + status = do_mkdir(conn, dst, &a, 0); /* * we lack a portable status for errno EEXIST, @@ -1561,7 +1592,7 @@ upload_dir_internal(struct sftp_conn *conn, char *src, char *dst, if (status != SSH2_FX_OK) { if (status != SSH2_FX_FAILURE) return -1; - if (do_stat(conn, dst, 0) == NULL) + if (do_stat(conn, dst, 0) == NULL) return -1; } @@ -1569,7 +1600,7 @@ upload_dir_internal(struct sftp_conn *conn, char *src, char *dst, error("Failed to open dir \"%s\": %s", src, strerror(errno)); return -1; } - + while (((dp = readdir(dirp)) != NULL) && !interrupted) { if (dp->d_ino == 0) continue; @@ -1597,8 +1628,8 @@ upload_dir_internal(struct sftp_conn *conn, char *src, char *dst, } } else logit("%s: not a regular file\n", filename); - xfree(new_dst); - xfree(new_src); + free(new_dst); + free(new_src); } do_setstat(conn, dst, &a); @@ -1620,7 +1651,7 @@ upload_dir(struct sftp_conn *conn, char *src, char *dst, int printflag, } ret = upload_dir_internal(conn, src, dst_canon, pflag, printflag, 0); - xfree(dst_canon); + free(dst_canon); return ret; } diff --git a/crypto/openssh/sftp-client.h b/crypto/openssh/sftp-client.h index aef54ef49dd0..111a998c84c6 100644 --- a/crypto/openssh/sftp-client.h +++ b/crypto/openssh/sftp-client.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.h,v 1.20 2010/12/04 00:18:01 djm Exp $ */ +/* $OpenBSD: sftp-client.h,v 1.21 2013/07/25 00:56:51 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller @@ -106,13 +106,13 @@ int do_symlink(struct sftp_conn *, char *, char *); * Download 'remote_path' to 'local_path'. Preserve permissions and times * if 'pflag' is set */ -int do_download(struct sftp_conn *, char *, char *, Attrib *, int); +int do_download(struct sftp_conn *, char *, char *, Attrib *, int, int); /* * Recursively download 'remote_directory' to 'local_directory'. Preserve * times if 'pflag' is set */ -int download_dir(struct sftp_conn *, char *, char *, Attrib *, int, int); +int download_dir(struct sftp_conn *, char *, char *, Attrib *, int, int, int); /* * Upload 'local_path' to 'remote_path'. Preserve permissions and times diff --git a/crypto/openssh/sftp-common.c b/crypto/openssh/sftp-common.c index a042875c69de..fc89fcd19f0d 100644 --- a/crypto/openssh/sftp-common.c +++ b/crypto/openssh/sftp-common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-common.c,v 1.23 2010/01/15 09:24:23 markus Exp $ */ +/* $OpenBSD: sftp-common.c,v 1.24 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Damien Miller. All rights reserved. @@ -128,8 +128,8 @@ decode_attrib(Buffer *b) type = buffer_get_string(b, NULL); data = buffer_get_string(b, NULL); debug3("Got file attribute \"%s\"", type); - xfree(type); - xfree(data); + free(type); + free(data); } } return &a; @@ -191,7 +191,7 @@ ls_file(const char *name, const struct stat *st, int remote, int si_units) { int ulen, glen, sz = 0; struct tm *ltime = localtime(&st->st_mtime); - char *user, *group; + const char *user, *group; char buf[1024], mode[11+1], tbuf[12+1], ubuf[11+1], gbuf[11+1]; char sbuf[FMT_SCALED_STRSIZE]; diff --git a/crypto/openssh/sftp-glob.c b/crypto/openssh/sftp-glob.c index 06bf157ca603..79b7bdb2f4c9 100644 --- a/crypto/openssh/sftp-glob.c +++ b/crypto/openssh/sftp-glob.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-glob.c,v 1.23 2011/10/04 14:17:32 djm Exp $ */ +/* $OpenBSD: sftp-glob.c,v 1.24 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -51,7 +51,7 @@ fudge_opendir(const char *path) r = xmalloc(sizeof(*r)); if (do_readdir(cur.conn, (char *)path, &r->dir)) { - xfree(r); + free(r); return(NULL); } @@ -103,7 +103,7 @@ static void fudge_closedir(struct SFTP_OPENDIR *od) { free_sftp_dirents(od->dir); - xfree(od); + free(od); } static int diff --git a/crypto/openssh/sftp-server.8 b/crypto/openssh/sftp-server.8 index 0db514e5cdcc..61c2aa3650d3 100644 --- a/crypto/openssh/sftp-server.8 +++ b/crypto/openssh/sftp-server.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp-server.8,v 1.21 2013/01/04 19:26:38 jmc Exp $ +.\" $OpenBSD: sftp-server.8,v 1.23 2013/07/16 00:07:52 schwarze Exp $ .\" $FreeBSD$ .\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -23,7 +23,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd January 4, 2013 +.Dd July 16, 2013 .Dt SFTP-SERVER 8 .Os .Sh NAME @@ -125,8 +125,8 @@ establish a logging socket inside the chroot directory. .%A T. Ylonen .%A S. Lehtinen .%T "SSH File Transfer Protocol" -.%N draft-ietf-secsh-filexfer-00.txt -.%D January 2001 +.%N draft-ietf-secsh-filexfer-02.txt +.%D October 2001 .%O work in progress material .Re .Sh HISTORY @@ -134,4 +134,4 @@ establish a logging socket inside the chroot directory. first appeared in .Ox 2.8 . .Sh AUTHORS -.An Markus Friedl Aq markus@openbsd.org +.An Markus Friedl Aq Mt markus@openbsd.org diff --git a/crypto/openssh/sftp-server.c b/crypto/openssh/sftp-server.c index cce074a56da4..285f21aafe70 100644 --- a/crypto/openssh/sftp-server.c +++ b/crypto/openssh/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.96 2013/01/04 19:26:38 jmc Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.97 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -319,11 +319,11 @@ handle_close(int handle) if (handle_is_ok(handle, HANDLE_FILE)) { ret = close(handles[handle].fd); - xfree(handles[handle].name); + free(handles[handle].name); handle_unused(handle); } else if (handle_is_ok(handle, HANDLE_DIR)) { ret = closedir(handles[handle].dirp); - xfree(handles[handle].name); + free(handles[handle].name); handle_unused(handle); } else { errno = ENOENT; @@ -367,7 +367,7 @@ get_handle(void) handle = get_string(&hlen); if (hlen < 256) val = handle_from_string(handle, hlen); - xfree(handle); + free(handle); return val; } @@ -450,7 +450,7 @@ send_handle(u_int32_t id, int handle) handle_to_string(handle, &string, &hlen); debug("request %u: sent handle handle %d", id, handle); send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen); - xfree(string); + free(string); } static void @@ -578,7 +578,7 @@ process_open(void) } if (status != SSH2_FX_OK) send_status(id, status); - xfree(name); + free(name); } static void @@ -679,7 +679,7 @@ process_write(void) } } send_status(id, status); - xfree(data); + free(data); } static void @@ -705,7 +705,7 @@ process_do_stat(int do_lstat) } if (status != SSH2_FX_OK) send_status(id, status); - xfree(name); + free(name); } static void @@ -807,7 +807,7 @@ process_setstat(void) status = errno_to_portable(errno); } send_status(id, status); - xfree(name); + free(name); } static void @@ -904,7 +904,7 @@ process_opendir(void) } if (status != SSH2_FX_OK) send_status(id, status); - xfree(path); + free(path); } static void @@ -953,13 +953,13 @@ process_readdir(void) if (count > 0) { send_names(id, count, stats); for (i = 0; i < count; i++) { - xfree(stats[i].name); - xfree(stats[i].long_name); + free(stats[i].name); + free(stats[i].long_name); } } else { send_status(id, SSH2_FX_EOF); } - xfree(stats); + free(stats); } } @@ -982,7 +982,7 @@ process_remove(void) status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; } send_status(id, status); - xfree(name); + free(name); } static void @@ -1007,7 +1007,7 @@ process_mkdir(void) status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; } send_status(id, status); - xfree(name); + free(name); } static void @@ -1028,7 +1028,7 @@ process_rmdir(void) status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; } send_status(id, status); - xfree(name); + free(name); } static void @@ -1041,7 +1041,7 @@ process_realpath(void) id = get_int(); path = get_string(NULL); if (path[0] == '\0') { - xfree(path); + free(path); path = xstrdup("."); } debug3("request %u: realpath", id); @@ -1054,7 +1054,7 @@ process_realpath(void) s.name = s.long_name = resolvedname; send_names(id, 1, &s); } - xfree(path); + free(path); } static void @@ -1115,8 +1115,8 @@ process_rename(void) status = SSH2_FX_OK; } send_status(id, status); - xfree(oldpath); - xfree(newpath); + free(oldpath); + free(newpath); } static void @@ -1141,7 +1141,7 @@ process_readlink(void) s.name = s.long_name = buf; send_names(id, 1, &s); } - xfree(path); + free(path); } static void @@ -1164,8 +1164,8 @@ process_symlink(void) status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; } send_status(id, status); - xfree(oldpath); - xfree(newpath); + free(oldpath); + free(newpath); } static void @@ -1185,8 +1185,8 @@ process_extended_posix_rename(u_int32_t id) status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; } send_status(id, status); - xfree(oldpath); - xfree(newpath); + free(oldpath); + free(newpath); } static void @@ -1203,7 +1203,7 @@ process_extended_statvfs(u_int32_t id) send_status(id, errno_to_portable(errno)); else send_statvfs(id, &st); - xfree(path); + free(path); } static void @@ -1242,8 +1242,8 @@ process_extended_hardlink(u_int32_t id) status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; } send_status(id, status); - xfree(oldpath); - xfree(newpath); + free(oldpath); + free(newpath); } static void @@ -1264,7 +1264,7 @@ process_extended(void) process_extended_hardlink(id); else send_status(id, SSH2_FX_OP_UNSUPPORTED); /* MUST */ - xfree(request); + free(request); } /* stolen from ssh-agent */ diff --git a/crypto/openssh/sftp.1 b/crypto/openssh/sftp.1 index 539c7c038313..718f3b578e9d 100644 --- a/crypto/openssh/sftp.1 +++ b/crypto/openssh/sftp.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp.1,v 1.91 2011/09/05 05:56:13 djm Exp $ +.\" $OpenBSD: sftp.1,v 1.92 2013/07/25 00:56:51 djm Exp $ .\" $FreeBSD$ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. @@ -23,7 +23,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd September 5, 2011 +.Dd July 25, 2013 .Dt SFTP 1 .Os .Sh NAME @@ -130,7 +130,7 @@ may be used to indicate standard input. .Nm will abort if any of the following commands fail: -.Ic get , put , rename , ln , +.Ic get , put , reget , rename , ln , .Ic rm , mkdir , chdir , ls , .Ic lchdir , chmod , chown , .Ic chgrp , lpwd , df , symlink , @@ -345,7 +345,7 @@ extension. Quit .Nm sftp . .It Xo Ic get -.Op Fl Ppr +.Op Fl aPpr .Ar remote-path .Op Ar local-path .Xc @@ -365,6 +365,14 @@ is specified, then .Ar local-path must specify a directory. .Pp +If the +.Fl a +flag is specified, then attempt to resume partial transfers of existing files. +Note that resumption assumes that any partial copy of the local file matches +the remote copy. +If the remote file differs from the partial local copy then the resultant file +is likely to be corrupt. +.Pp If either the .Fl P or @@ -505,6 +513,18 @@ Display remote working directory. .It Ic quit Quit .Nm sftp . +.It Xo Ic reget +.Op Fl Ppr +.Ar remote-path +.Op Ar local-path +.Xc +Resume download of +.Ar remote-path . +Equivalent to +.Ic get +with the +.Fl a +flag set. .It Ic rename Ar oldpath Ar newpath Rename remote file from .Ar oldpath diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.c index d7cbb034962e..d6ac4cbe41d7 100644 --- a/crypto/openssh/sftp.c +++ b/crypto/openssh/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.142 2013/02/08 00:41:12 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.148 2013/07/25 00:56:52 djm Exp $ */ /* $FreeBSD$ */ /* * Copyright (c) 2001-2004 Damien Miller @@ -39,6 +39,9 @@ #ifdef HAVE_LIBGEN_H #include #endif +#ifdef HAVE_LOCALE_H +# include +#endif #ifdef USE_LIBEDIT #include #else @@ -77,12 +80,18 @@ int batchmode = 0; /* PID of ssh transport process */ static pid_t sshpid = -1; +/* Suppress diagnositic messages */ +int quiet = 0; + /* This is set to 0 if the progressmeter is not desired. */ int showprogress = 1; /* When this option is set, we always recursively download/upload directories */ int global_rflag = 0; +/* When this option is set, we resume download if possible */ +int global_aflag = 0; + /* When this option is set, the file transfers will always preserve times */ int global_pflag = 0; @@ -146,6 +155,7 @@ extern char *__progname; #define I_SYMLINK 21 #define I_VERSION 22 #define I_PROGRESS 23 +#define I_REGET 26 struct CMD { const char *c; @@ -185,6 +195,7 @@ static const struct CMD cmds[] = { { "put", I_PUT, LOCAL }, { "pwd", I_PWD, REMOTE }, { "quit", I_QUIT, NOARGS }, + { "reget", I_REGET, REMOTE }, { "rename", I_RENAME, REMOTE }, { "rm", I_RM, REMOTE }, { "rmdir", I_RMDIR, REMOTE }, @@ -216,7 +227,7 @@ cmd_interrupt(int signo) const char msg[] = "\rInterrupt \n"; int olderrno = errno; - write(STDERR_FILENO, msg, sizeof(msg) - 1); + (void)write(STDERR_FILENO, msg, sizeof(msg) - 1); interrupted = 1; errno = olderrno; } @@ -234,6 +245,7 @@ help(void) " filesystem containing 'path'\n" "exit Quit sftp\n" "get [-Ppr] remote [local] Download file\n" + "reget remote [local] Resume download file\n" "help Display this help text\n" "lcd path Change local directory to 'path'\n" "lls [ls-options [path]] Display local directory listing\n" @@ -307,7 +319,7 @@ local_do_ls(const char *args) /* XXX: quoting - rip quoting code from ftp? */ snprintf(buf, len, _PATH_LS " %s", args); local_do_shell(buf); - xfree(buf); + free(buf); } } @@ -338,15 +350,15 @@ make_absolute(char *p, char *pwd) /* Derelativise */ if (p && p[0] != '/') { abs_str = path_append(pwd, p); - xfree(p); + free(p); return(abs_str); } else return(p); } static int -parse_getput_flags(const char *cmd, char **argv, int argc, int *pflag, - int *rflag) +parse_getput_flags(const char *cmd, char **argv, int argc, + int *aflag, int *pflag, int *rflag) { extern int opterr, optind, optopt, optreset; int ch; @@ -354,9 +366,12 @@ parse_getput_flags(const char *cmd, char **argv, int argc, int *pflag, optind = optreset = 1; opterr = 0; - *rflag = *pflag = 0; - while ((ch = getopt(argc, argv, "PpRr")) != -1) { + *aflag = *rflag = *pflag = 0; + while ((ch = getopt(argc, argv, "aPpRr")) != -1) { switch (ch) { + case 'a': + *aflag = 1; + break; case 'p': case 'P': *pflag = 1; @@ -514,7 +529,7 @@ pathname_is_dir(char *pathname) static int process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, - int pflag, int rflag) + int pflag, int rflag, int resume) { char *abs_src = NULL; char *abs_dst = NULL; @@ -548,7 +563,7 @@ process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, tmp = xstrdup(g.gl_pathv[i]); if ((filename = basename(tmp)) == NULL) { error("basename %s: %s", tmp, strerror(errno)); - xfree(tmp); + free(tmp); err = -1; goto out; } @@ -564,24 +579,28 @@ process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, } else { abs_dst = xstrdup(filename); } - xfree(tmp); + free(tmp); - printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst); + resume |= global_aflag; + if (!quiet && resume) + printf("Resuming %s to %s\n", g.gl_pathv[i], abs_dst); + else if (!quiet && !resume) + printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst); if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { - if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, - pflag || global_pflag, 1) == -1) + if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, + pflag || global_pflag, 1, resume) == -1) err = -1; } else { if (do_download(conn, g.gl_pathv[i], abs_dst, NULL, - pflag || global_pflag) == -1) + pflag || global_pflag, resume) == -1) err = -1; } - xfree(abs_dst); + free(abs_dst); abs_dst = NULL; } out: - xfree(abs_src); + free(abs_src); globfree(&g); return(err); } @@ -633,7 +652,7 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, tmp = xstrdup(g.gl_pathv[i]); if ((filename = basename(tmp)) == NULL) { error("basename %s: %s", tmp, strerror(errno)); - xfree(tmp); + free(tmp); err = -1; goto out; } @@ -649,9 +668,10 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, } else { abs_dst = make_absolute(xstrdup(filename), pwd); } - xfree(tmp); + free(tmp); - printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst); + if (!quiet) + printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst); if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { if (upload_dir(conn, g.gl_pathv[i], abs_dst, pflag || global_pflag, 1) == -1) @@ -664,10 +684,8 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, } out: - if (abs_dst) - xfree(abs_dst); - if (tmp_dst) - xfree(tmp_dst); + free(abs_dst); + free(tmp_dst); globfree(&g); return(err); } @@ -715,7 +733,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) /* Add any subpath that also needs to be counted */ tmp = path_strip(path, strip_path); m += strlen(tmp); - xfree(tmp); + free(tmp); if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1) width = ws.ws_col; @@ -741,7 +759,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) tmp = path_append(path, d[n]->filename); fname = path_strip(tmp, strip_path); - xfree(tmp); + free(tmp); if (lflag & LS_LONG_VIEW) { if (lflag & (LS_NUMERIC_VIEW|LS_SI_UNITS)) { @@ -753,7 +771,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) lname = ls_file(fname, &sb, 1, (lflag & LS_SI_UNITS)); printf("%s\n", lname); - xfree(lname); + free(lname); } else printf("%s\n", d[n]->longname); } else { @@ -765,7 +783,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) c++; } - xfree(fname); + free(fname); } if (!(lflag & LS_LONG_VIEW) && (c != 1)) @@ -835,7 +853,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, lname = ls_file(fname, g.gl_statv[i], 1, (lflag & LS_SI_UNITS)); printf("%s\n", lname); - xfree(lname); + free(lname); } else { printf("%-*s", colspace, fname); if (c >= columns) { @@ -844,7 +862,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, } else c++; } - xfree(fname); + free(fname); } if (!(lflag & LS_LONG_VIEW) && (c != 1)) @@ -1113,8 +1131,9 @@ makeargv(const char *arg, int *argcp, int sloppy, char *lastquote, } static int -parse_args(const char **cpp, int *pflag, int *rflag, int *lflag, int *iflag, - int *hflag, int *sflag, unsigned long *n_arg, char **path1, char **path2) +parse_args(const char **cpp, int *aflag, int *hflag, int *iflag, int *lflag, + int *pflag, int *rflag, int *sflag, unsigned long *n_arg, + char **path1, char **path2) { const char *cmd, *cp = *cpp; char *cp2, **argv; @@ -1158,14 +1177,15 @@ parse_args(const char **cpp, int *pflag, int *rflag, int *lflag, int *iflag, } /* Get arguments and parse flags */ - *lflag = *pflag = *rflag = *hflag = *n_arg = 0; + *aflag = *lflag = *pflag = *rflag = *hflag = *n_arg = 0; *path1 = *path2 = NULL; optidx = 1; switch (cmdnum) { case I_GET: + case I_REGET: case I_PUT: if ((optidx = parse_getput_flags(cmd, argv, argc, - pflag, rflag)) == -1) + aflag, pflag, rflag)) == -1) return -1; /* Get first pathname (mandatory) */ if (argc - optidx < 1) { @@ -1180,6 +1200,11 @@ parse_args(const char **cpp, int *pflag, int *rflag, int *lflag, int *iflag, /* Destination is not globbed */ undo_glob_escape(*path2); } + if (*aflag && cmdnum == I_PUT) { + /* XXX implement resume for uploads */ + error("Resume is not supported for uploads"); + return -1; + } break; case I_LINK: if ((optidx = parse_link_flags(cmd, argv, argc, sflag)) == -1) @@ -1288,7 +1313,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, int err_abort) { char *path1, *path2, *tmp; - int pflag = 0, rflag = 0, lflag = 0, iflag = 0, hflag = 0, sflag = 0; + int aflag = 0, hflag = 0, iflag = 0, lflag = 0, pflag = 0; + int rflag = 0, sflag = 0; int cmdnum, i; unsigned long n_arg = 0; Attrib a, *aa; @@ -1297,9 +1323,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, glob_t g; path1 = path2 = NULL; - cmdnum = parse_args(&cmd, &pflag, &rflag, &lflag, &iflag, &hflag, - &sflag, &n_arg, &path1, &path2); - + cmdnum = parse_args(&cmd, &aflag, &hflag, &iflag, &lflag, &pflag, + &rflag, &sflag, &n_arg, &path1, &path2); if (iflag != 0) err_abort = 0; @@ -1314,8 +1339,12 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, /* Unrecognized command */ err = -1; break; + case I_REGET: + aflag = 1; + /* FALLTHROUGH */ case I_GET: - err = process_get(conn, path1, path2, *pwd, pflag, rflag); + err = process_get(conn, path1, path2, *pwd, pflag, + rflag, aflag); break; case I_PUT: err = process_put(conn, path1, path2, *pwd, pflag, rflag); @@ -1328,8 +1357,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, case I_SYMLINK: sflag = 1; case I_LINK: - if (!sflag) - path1 = make_absolute(path1, *pwd); + path1 = make_absolute(path1, *pwd); path2 = make_absolute(path2, *pwd); err = (sflag ? do_symlink : do_hardlink)(conn, path1, path2); break; @@ -1337,7 +1365,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, path1 = make_absolute(path1, *pwd); remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); for (i = 0; g.gl_pathv[i] && !interrupted; i++) { - printf("Removing %s\n", g.gl_pathv[i]); + if (!quiet) + printf("Removing %s\n", g.gl_pathv[i]); err = do_rm(conn, g.gl_pathv[i]); if (err != 0 && err_abort) break; @@ -1361,24 +1390,24 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, break; } if ((aa = do_stat(conn, tmp, 0)) == NULL) { - xfree(tmp); + free(tmp); err = 1; break; } if (!(aa->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)) { error("Can't change directory: Can't check target"); - xfree(tmp); + free(tmp); err = 1; break; } if (!S_ISDIR(aa->perm)) { error("Can't change directory: \"%s\" is not " "a directory", tmp); - xfree(tmp); + free(tmp); err = 1; break; } - xfree(*pwd); + free(*pwd); *pwd = tmp; break; case I_LS: @@ -1433,7 +1462,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, a.perm = n_arg; remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); for (i = 0; g.gl_pathv[i] && !interrupted; i++) { - printf("Changing mode on %s\n", g.gl_pathv[i]); + if (!quiet) + printf("Changing mode on %s\n", g.gl_pathv[i]); err = do_setstat(conn, g.gl_pathv[i], &a); if (err != 0 && err_abort) break; @@ -1462,10 +1492,14 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, } aa->flags &= SSH2_FILEXFER_ATTR_UIDGID; if (cmdnum == I_CHOWN) { - printf("Changing owner on %s\n", g.gl_pathv[i]); + if (!quiet) + printf("Changing owner on %s\n", + g.gl_pathv[i]); aa->uid = n_arg; } else { - printf("Changing group on %s\n", g.gl_pathv[i]); + if (!quiet) + printf("Changing group on %s\n", + g.gl_pathv[i]); aa->gid = n_arg; } err = do_setstat(conn, g.gl_pathv[i], aa); @@ -1506,10 +1540,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, if (g.gl_pathc) globfree(&g); - if (path1) - xfree(path1); - if (path2) - xfree(path2); + free(path1); + free(path2); /* If an unignored error occurs in batch mode we should abort. */ if (err_abort && err != 0) @@ -1619,8 +1651,8 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote, complete_display(list, 0); for (y = 0; list[y] != NULL; y++) - xfree(list[y]); - xfree(list); + free(list[y]); + free(list); return count; } @@ -1633,7 +1665,7 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote, list[count] = NULL; if (count == 0) { - xfree(list); + free(list); return 0; } @@ -1643,8 +1675,8 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote, complete_display(list, 0); for (y = 0; list[y]; y++) - xfree(list[y]); - xfree(list); + free(list[y]); + free(list); if (tmp != NULL) { tmplen = strlen(tmp); @@ -1665,7 +1697,7 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote, if (y > 0 && el_insertstr(el, argterm) == -1) fatal("el_insertstr failed."); } - xfree(tmp); + free(tmp); } return count; @@ -1696,8 +1728,9 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path, char *file, int remote, int lastarg, char quote, int terminated) { glob_t g; - char *tmp, *tmp2, ins[3]; + char *tmp, *tmp2, ins[8]; u_int i, hadglob, pwdlen, len, tmplen, filelen, cesc, isesc, isabs; + int clen; const LineInfo *lf; /* Glob from "file" location */ @@ -1729,7 +1762,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path, if (tmp[tmplen] == '/') pwdlen = tmplen + 1; /* track last seen '/' */ } - xfree(tmp); + free(tmp); if (g.gl_matchc == 0) goto out; @@ -1744,7 +1777,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path, tmp2 = complete_ambiguous(file, g.gl_pathv, g.gl_matchc); tmp = path_strip(tmp2, isabs ? NULL : remote_path); - xfree(tmp2); + free(tmp2); if (tmp == NULL) goto out; @@ -1766,10 +1799,13 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path, tmp2 = tmp + filelen - cesc; len = strlen(tmp2); /* quote argument on way out */ - for (i = 0; i < len; i++) { + for (i = 0; i < len; i += clen) { + if ((clen = mblen(tmp2 + i, len - i)) < 0 || + (size_t)clen > sizeof(ins) - 2) + fatal("invalid multibyte character"); ins[0] = '\\'; - ins[1] = tmp2[i]; - ins[2] = '\0'; + memcpy(ins + 1, tmp2 + i, clen); + ins[clen + 1] = '\0'; switch (tmp2[i]) { case '\'': case '"': @@ -1806,7 +1842,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path, if (i > 0 && el_insertstr(el, ins) == -1) fatal("el_insertstr failed."); } - xfree(tmp); + free(tmp); out: globfree(&g); @@ -1818,7 +1854,8 @@ static unsigned char complete(EditLine *el, int ch) { char **argv, *line, quote; - u_int argc, carg, cursor, len, terminated, ret = CC_ERROR; + int argc, carg; + u_int cursor, len, terminated, ret = CC_ERROR; const LineInfo *lf; struct complete_ctx *complete_ctx; @@ -1832,7 +1869,7 @@ complete(EditLine *el, int ch) memcpy(line, lf->buffer, cursor); line[cursor] = '\0'; argv = makeargv(line, &carg, 1, "e, &terminated); - xfree(line); + free(line); /* Get all the arguments on the line */ len = lf->lastchar - lf->buffer; @@ -1844,7 +1881,7 @@ complete(EditLine *el, int ch) /* Ensure cursor is at EOL or a argument boundary */ if (line[cursor] != ' ' && line[cursor] != '\0' && line[cursor] != '\n') { - xfree(line); + free(line); return ret; } @@ -1872,7 +1909,7 @@ complete(EditLine *el, int ch) ret = CC_REDISPLAY; } - xfree(line); + free(line); return ret; } #endif /* USE_LIBEDIT */ @@ -1924,31 +1961,30 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) dir = make_absolute(dir, remote_path); if (remote_is_dir(conn, dir) && file2 == NULL) { - printf("Changing to: %s\n", dir); + if (!quiet) + printf("Changing to: %s\n", dir); snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); if (parse_dispatch_command(conn, cmd, &remote_path, 1) != 0) { - xfree(dir); - xfree(remote_path); - xfree(conn); + free(dir); + free(remote_path); + free(conn); return (-1); } } else { /* XXX this is wrong wrt quoting */ - if (file2 == NULL) - snprintf(cmd, sizeof cmd, "get %s", dir); - else - snprintf(cmd, sizeof cmd, "get %s %s", dir, - file2); - + snprintf(cmd, sizeof cmd, "get%s %s%s%s", + global_aflag ? " -a" : "", dir, + file2 == NULL ? "" : " ", + file2 == NULL ? "" : file2); err = parse_dispatch_command(conn, cmd, &remote_path, 1); - xfree(dir); - xfree(remote_path); - xfree(conn); + free(dir); + free(remote_path); + free(conn); return (err); } - xfree(dir); + free(dir); } setlinebuf(stdout); @@ -2006,8 +2042,8 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) if (err != 0) break; } - xfree(remote_path); - xfree(conn); + free(remote_path); + free(conn); #ifdef USE_LIBEDIT if (el != NULL) @@ -2114,6 +2150,7 @@ main(int argc, char **argv) /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); + setlocale(LC_CTYPE, ""); __progname = ssh_get_progname(argv[0]); memset(&args, '\0', sizeof(args)); @@ -2128,7 +2165,7 @@ main(int argc, char **argv) infile = stdin; while ((ch = getopt(argc, argv, - "1246hpqrvCc:D:i:l:o:s:S:b:B:F:P:R:")) != -1) { + "1246ahpqrvCc:D:i:l:o:s:S:b:B:F:P:R:")) != -1) { switch (ch) { /* Passed through to ssh(1) */ case '4': @@ -2145,6 +2182,8 @@ main(int argc, char **argv) addargs(&args, "%s", optarg); break; case 'q': + ll = SYSLOG_LEVEL_ERROR; + quiet = 1; showprogress = 0; addargs(&args, "-%c", ch); break; @@ -2166,6 +2205,9 @@ main(int argc, char **argv) case '2': sshver = 2; break; + case 'a': + global_aflag = 1; + break; case 'B': copy_buffer_len = strtol(optarg, &cp, 10); if (copy_buffer_len == 0 || *cp != '\0') @@ -2180,7 +2222,7 @@ main(int argc, char **argv) (infile = fopen(optarg, "r")) == NULL) fatal("%s (%s).", strerror(errno), optarg); showprogress = 0; - batchmode = 1; + quiet = batchmode = 1; addargs(&args, "-obatchmode yes"); break; case 'p': @@ -2277,7 +2319,7 @@ main(int argc, char **argv) if (conn == NULL) fatal("Couldn't initialise connection to server"); - if (!batchmode) { + if (!quiet) { if (sftp_direct == NULL) fprintf(stderr, "Connected to %s.\n", host); else diff --git a/crypto/openssh/ssh-add.c b/crypto/openssh/ssh-add.c index 008084704415..5e8166f66e13 100644 --- a/crypto/openssh/ssh-add.c +++ b/crypto/openssh/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.105 2012/12/05 15:42:52 markus Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.106 2013/05/17 00:13:14 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -90,7 +90,7 @@ clear_pass(void) { if (pass) { memset(pass, 0, strlen(pass)); - xfree(pass); + free(pass); pass = NULL; } } @@ -215,7 +215,7 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only) pass = read_passphrase(msg, RP_ALLOW_STDIN); if (strcmp(pass, "") == 0) { clear_pass(); - xfree(comment); + free(comment); buffer_free(&keyblob); return -1; } @@ -282,8 +282,8 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only) fprintf(stderr, "The user must confirm each use of the key\n"); out: if (certpath != NULL) - xfree(certpath); - xfree(comment); + free(certpath); + free(comment); key_free(private); return ret; @@ -308,7 +308,7 @@ update_card(AuthenticationConnection *ac, int add, const char *id) add ? "add" : "remove", id); ret = -1; } - xfree(pin); + free(pin); return ret; } @@ -330,14 +330,14 @@ list_identities(AuthenticationConnection *ac, int do_fp) SSH_FP_HEX); printf("%d %s %s (%s)\n", key_size(key), fp, comment, key_type(key)); - xfree(fp); + free(fp); } else { if (!key_write(key, stdout)) fprintf(stderr, "key_write failed"); fprintf(stdout, " %s\n", comment); } key_free(key); - xfree(comment); + free(comment); } } if (!had_identities) { @@ -363,7 +363,7 @@ lock_agent(AuthenticationConnection *ac, int lock) passok = 0; } memset(p2, 0, strlen(p2)); - xfree(p2); + free(p2); } if (passok && ssh_lock_agent(ac, lock, p1)) { fprintf(stderr, "Agent %slocked.\n", lock ? "" : "un"); @@ -371,7 +371,7 @@ lock_agent(AuthenticationConnection *ac, int lock) } else fprintf(stderr, "Failed to %slock agent.\n", lock ? "" : "un"); memset(p1, 0, strlen(p1)); - xfree(p1); + free(p1); return (ret); } diff --git a/crypto/openssh/ssh-agent.c b/crypto/openssh/ssh-agent.c index 9d4e0c9c6c72..4c6b6f90af22 100644 --- a/crypto/openssh/ssh-agent.c +++ b/crypto/openssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.172 2011/06/03 01:37:40 dtucker Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.177 2013/07/20 01:50:20 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -107,7 +107,7 @@ typedef struct identity { Key *key; char *comment; char *provider; - u_int death; + time_t death; u_int confirm; } Identity; @@ -123,7 +123,7 @@ int max_fd = 0; /* pid of shell == parent of agent */ pid_t parent_pid = -1; -u_int parent_alive_interval = 0; +time_t parent_alive_interval = 0; /* pathname and directory for AUTH_SOCKET */ char socket_name[MAXPATHLEN]; @@ -135,8 +135,8 @@ char *lock_passwd = NULL; extern char *__progname; -/* Default lifetime (0 == forever) */ -static int lifetime = 0; +/* Default lifetime in seconds (0 == forever) */ +static long lifetime = 0; /* * Client connection count; incremented in new_socket() and decremented in @@ -192,10 +192,9 @@ static void free_identity(Identity *id) { key_free(id->key); - if (id->provider != NULL) - xfree(id->provider); - xfree(id->comment); - xfree(id); + free(id->provider); + free(id->comment); + free(id); } /* return matching private key for given public key */ @@ -223,7 +222,7 @@ confirm_key(Identity *id) if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", id->comment, p)) ret = 0; - xfree(p); + free(p); return (ret); } @@ -250,7 +249,7 @@ process_request_identities(SocketEntry *e, int version) u_int blen; key_to_blob(id->key, &blob, &blen); buffer_put_string(&msg, blob, blen); - xfree(blob); + free(blob); } buffer_put_cstring(&msg, id->comment); } @@ -368,10 +367,9 @@ process_sign_request2(SocketEntry *e) buffer_append(&e->output, buffer_ptr(&msg), buffer_len(&msg)); buffer_free(&msg); - xfree(data); - xfree(blob); - if (signature != NULL) - xfree(signature); + free(data); + free(blob); + free(signature); datafellows = odatafellows; } @@ -398,7 +396,7 @@ process_remove_identity(SocketEntry *e, int version) case 2: blob = buffer_get_string(&e->request, &blen); key = key_from_blob(blob, blen); - xfree(blob); + free(blob); break; } if (key != NULL) { @@ -450,10 +448,10 @@ process_remove_all_identities(SocketEntry *e, int version) } /* removes expired keys and returns number of seconds until the next expiry */ -static u_int +static time_t reaper(void) { - u_int deadline = 0, now = time(NULL); + time_t deadline = 0, now = monotime(); Identity *id, *nxt; int version; Idtab *tab; @@ -485,8 +483,9 @@ process_add_identity(SocketEntry *e, int version) { Idtab *tab = idtab_lookup(version); Identity *id; - int type, success = 0, death = 0, confirm = 0; + int type, success = 0, confirm = 0; char *type_name, *comment; + time_t death = 0; Key *k = NULL; #ifdef OPENSSL_HAS_ECC BIGNUM *exponent; @@ -529,7 +528,7 @@ process_add_identity(SocketEntry *e, int version) cert = buffer_get_string(&e->request, &len); if ((k = key_from_blob(cert, len)) == NULL) fatal("Certificate parse failed"); - xfree(cert); + free(cert); key_add_private(k); buffer_get_bignum2(&e->request, k->dsa->priv_key); break; @@ -540,7 +539,7 @@ process_add_identity(SocketEntry *e, int version) curve = buffer_get_string(&e->request, NULL); if (k->ecdsa_nid != key_curve_name_to_nid(curve)) fatal("%s: curve names mismatch", __func__); - xfree(curve); + free(curve); k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid); if (k->ecdsa == NULL) fatal("%s: EC_KEY_new_by_curve_name failed", @@ -571,7 +570,7 @@ process_add_identity(SocketEntry *e, int version) cert = buffer_get_string(&e->request, &len); if ((k = key_from_blob(cert, len)) == NULL) fatal("Certificate parse failed"); - xfree(cert); + free(cert); key_add_private(k); if ((exponent = BN_new()) == NULL) fatal("%s: BN_new failed", __func__); @@ -603,7 +602,7 @@ process_add_identity(SocketEntry *e, int version) cert = buffer_get_string(&e->request, &len); if ((k = key_from_blob(cert, len)) == NULL) fatal("Certificate parse failed"); - xfree(cert); + free(cert); key_add_private(k); buffer_get_bignum2(&e->request, k->rsa->d); buffer_get_bignum2(&e->request, k->rsa->iqmp); @@ -611,11 +610,11 @@ process_add_identity(SocketEntry *e, int version) buffer_get_bignum2(&e->request, k->rsa->q); break; default: - xfree(type_name); + free(type_name); buffer_clear(&e->request); goto send; } - xfree(type_name); + free(type_name); break; } /* enable blinding */ @@ -633,13 +632,13 @@ process_add_identity(SocketEntry *e, int version) } comment = buffer_get_string(&e->request, NULL); if (k == NULL) { - xfree(comment); + free(comment); goto send; } while (buffer_len(&e->request)) { switch ((type = buffer_get_char(&e->request))) { case SSH_AGENT_CONSTRAIN_LIFETIME: - death = time(NULL) + buffer_get_int(&e->request); + death = monotime() + buffer_get_int(&e->request); break; case SSH_AGENT_CONSTRAIN_CONFIRM: confirm = 1; @@ -647,14 +646,14 @@ process_add_identity(SocketEntry *e, int version) default: error("process_add_identity: " "Unknown constraint type %d", type); - xfree(comment); + free(comment); key_free(k); goto send; } } success = 1; if (lifetime && !death) - death = time(NULL) + lifetime; + death = monotime() + lifetime; if ((id = lookup_identity(k, version)) == NULL) { id = xcalloc(1, sizeof(Identity)); id->key = k; @@ -663,7 +662,7 @@ process_add_identity(SocketEntry *e, int version) tab->nentries++; } else { key_free(k); - xfree(id->comment); + free(id->comment); } id->comment = comment; id->death = death; @@ -685,7 +684,7 @@ process_lock_agent(SocketEntry *e, int lock) if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { locked = 0; memset(lock_passwd, 0, strlen(lock_passwd)); - xfree(lock_passwd); + free(lock_passwd); lock_passwd = NULL; success = 1; } else if (!locked && lock) { @@ -694,7 +693,7 @@ process_lock_agent(SocketEntry *e, int lock) success = 1; } memset(passwd, 0, strlen(passwd)); - xfree(passwd); + free(passwd); buffer_put_int(&e->output, 1); buffer_put_char(&e->output, @@ -721,7 +720,8 @@ static void process_add_smartcard_key(SocketEntry *e) { char *provider = NULL, *pin; - int i, type, version, count = 0, success = 0, death = 0, confirm = 0; + int i, type, version, count = 0, success = 0, confirm = 0; + time_t death = 0; Key **keys = NULL, *k; Identity *id; Idtab *tab; @@ -732,7 +732,7 @@ process_add_smartcard_key(SocketEntry *e) while (buffer_len(&e->request)) { switch ((type = buffer_get_char(&e->request))) { case SSH_AGENT_CONSTRAIN_LIFETIME: - death = time(NULL) + buffer_get_int(&e->request); + death = monotime() + buffer_get_int(&e->request); break; case SSH_AGENT_CONSTRAIN_CONFIRM: confirm = 1; @@ -744,7 +744,7 @@ process_add_smartcard_key(SocketEntry *e) } } if (lifetime && !death) - death = time(NULL) + lifetime; + death = monotime() + lifetime; count = pkcs11_add_provider(provider, pin, &keys); for (i = 0; i < count; i++) { @@ -767,12 +767,9 @@ process_add_smartcard_key(SocketEntry *e) keys[i] = NULL; } send: - if (pin) - xfree(pin); - if (provider) - xfree(provider); - if (keys) - xfree(keys); + free(pin); + free(provider); + free(keys); buffer_put_int(&e->output, 1); buffer_put_char(&e->output, success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); @@ -788,7 +785,7 @@ process_remove_smartcard_key(SocketEntry *e) provider = buffer_get_string(&e->request, NULL); pin = buffer_get_string(&e->request, NULL); - xfree(pin); + free(pin); for (version = 1; version < 3; version++) { tab = idtab_lookup(version); @@ -806,7 +803,7 @@ process_remove_smartcard_key(SocketEntry *e) else error("process_remove_smartcard_key:" " pkcs11_del_provider failed"); - xfree(provider); + free(provider); buffer_put_int(&e->output, 1); buffer_put_char(&e->output, success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); @@ -955,9 +952,10 @@ static int prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp, struct timeval **tvpp) { - u_int i, sz, deadline; + u_int i, sz; int n = 0; static struct timeval tv; + time_t deadline; for (i = 0; i < sockets_alloc; i++) { switch (sockets[i].type) { @@ -975,10 +973,8 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp, sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); if (*fdrp == NULL || sz > *nallocp) { - if (*fdrp) - xfree(*fdrp); - if (*fdwp) - xfree(*fdwp); + free(*fdrp); + free(*fdwp); *fdrp = xmalloc(sz); *fdwp = xmalloc(sz); *nallocp = sz; @@ -1377,8 +1373,8 @@ main(int ac, char **av) if (ac > 0) parent_alive_interval = 10; idtab_init(); - signal(SIGINT, d_flag ? cleanup_handler : SIG_IGN); signal(SIGPIPE, SIG_IGN); + signal(SIGINT, d_flag ? cleanup_handler : SIG_IGN); signal(SIGHUP, cleanup_handler); signal(SIGTERM, cleanup_handler); nalloc = 0; diff --git a/crypto/openssh/ssh-dss.c b/crypto/openssh/ssh-dss.c index ede5e21e5578..322ec9fd80d8 100644 --- a/crypto/openssh/ssh-dss.c +++ b/crypto/openssh/ssh-dss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-dss.c,v 1.27 2010/08/31 09:58:37 djm Exp $ */ +/* $OpenBSD: ssh-dss.c,v 1.28 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -137,17 +137,17 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen, if (strcmp("ssh-dss", ktype) != 0) { error("ssh_dss_verify: cannot handle type %s", ktype); buffer_free(&b); - xfree(ktype); + free(ktype); return -1; } - xfree(ktype); + free(ktype); sigblob = buffer_get_string(&b, &len); rlen = buffer_len(&b); buffer_free(&b); if (rlen != 0) { error("ssh_dss_verify: " "remaining bytes in signature %d", rlen); - xfree(sigblob); + free(sigblob); return -1; } } @@ -169,7 +169,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen, /* clean up */ memset(sigblob, 0, len); - xfree(sigblob); + free(sigblob); /* sha1 the data */ EVP_DigestInit(&md, evp_md); diff --git a/crypto/openssh/ssh-ecdsa.c b/crypto/openssh/ssh-ecdsa.c index 085468ee7970..766338941744 100644 --- a/crypto/openssh/ssh-ecdsa.c +++ b/crypto/openssh/ssh-ecdsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ecdsa.c,v 1.5 2012/01/08 13:17:11 miod Exp $ */ +/* $OpenBSD: ssh-ecdsa.c,v 1.6 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -119,16 +119,16 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen, if (strcmp(key_ssh_name_plain(key), ktype) != 0) { error("%s: cannot handle type %s", __func__, ktype); buffer_free(&b); - xfree(ktype); + free(ktype); return -1; } - xfree(ktype); + free(ktype); sigblob = buffer_get_string(&b, &len); rlen = buffer_len(&b); buffer_free(&b); if (rlen != 0) { error("%s: remaining bytes in signature %d", __func__, rlen); - xfree(sigblob); + free(sigblob); return -1; } @@ -149,7 +149,7 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen, /* clean up */ memset(sigblob, 0, len); - xfree(sigblob); + free(sigblob); /* hash the data */ EVP_DigestInit(&md, evp_md); diff --git a/crypto/openssh/ssh-keygen.1 b/crypto/openssh/ssh-keygen.1 index 3b7b0ca01710..eda297bf8647 100644 --- a/crypto/openssh/ssh-keygen.1 +++ b/crypto/openssh/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.115 2013/01/19 07:13:25 jmc Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.116 2013/06/27 14:05:37 jmc Exp $ .\" $FreeBSD$ .\" .\" Author: Tatu Ylonen @@ -36,7 +36,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd January 19, 2013 +.Dd June 27, 2013 .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -517,8 +517,7 @@ of two times separated by a colon to indicate an explicit time interval. The start time may be specified as a date in YYYYMMDD format, a time in YYYYMMDDHHMMSS format or a relative time (to the current time) consisting of a minus sign followed by a relative time in the format described in the -.Sx TIME FORMATS -section of +TIME FORMATS section of .Xr sshd_config 5 . The end time may be specified as a YYYYMMDD date, a YYYYMMDDHHMMSS time or a relative time starting with a plus character. diff --git a/crypto/openssh/ssh-keygen.c b/crypto/openssh/ssh-keygen.c index d1a205e187a4..03c444d42dc3 100644 --- a/crypto/openssh/ssh-keygen.c +++ b/crypto/openssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.225 2013/02/10 23:32:10 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.230 2013/07/20 01:44:37 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -252,7 +252,7 @@ load_identity(char *filename) RP_ALLOW_STDIN); prv = key_load_private(filename, pass, NULL); memset(pass, 0, strlen(pass)); - xfree(pass); + free(pass); } return prv; } @@ -288,7 +288,7 @@ do_convert_to_ssh2(struct passwd *pw, Key *k) dump_base64(stdout, blob, len); fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END); key_free(k); - xfree(blob); + free(blob); exit(0); } @@ -415,12 +415,12 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) debug("ignore (%d %d %d %d)", i1, i2, i3, i4); if (strcmp(cipher, "none") != 0) { error("unsupported cipher %s", cipher); - xfree(cipher); + free(cipher); buffer_free(&b); - xfree(type); + free(type); return NULL; } - xfree(cipher); + free(cipher); if (strstr(type, "dsa")) { ktype = KEY_DSA; @@ -428,11 +428,11 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) ktype = KEY_RSA; } else { buffer_free(&b); - xfree(type); + free(type); return NULL; } key = key_new_private(ktype); - xfree(type); + free(type); switch (key->type) { case KEY_DSA: @@ -475,7 +475,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) /* try the key */ key_sign(key, &sig, &slen, data, sizeof(data)); key_verify(key, sig, slen, data, sizeof(data)); - xfree(sig); + free(sig); return key; } @@ -524,7 +524,7 @@ do_convert_from_ssh2(struct passwd *pw, Key **k, int *private) fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); encoded[0] = '\0'; while ((blen = get_line(fp, line, sizeof(line))) != -1) { - if (line[blen - 1] == '\\') + if (blen > 0 && line[blen - 1] == '\\') escaped++; if (strncmp(line, "----", 4) == 0 || strstr(line, ": ") != NULL) { @@ -746,15 +746,15 @@ do_download(struct passwd *pw) fp, key_type(keys[i])); if (log_level >= SYSLOG_LEVEL_VERBOSE) printf("%s\n", ra); - xfree(ra); - xfree(fp); + free(ra); + free(fp); } else { key_write(keys[i], stdout); fprintf(stdout, "\n"); } key_free(keys[i]); } - xfree(keys); + free(keys); pkcs11_terminate(); exit(0); #else @@ -791,13 +791,13 @@ do_fingerprint(struct passwd *pw) if (log_level >= SYSLOG_LEVEL_VERBOSE) printf("%s\n", ra); key_free(public); - xfree(comment); - xfree(ra); - xfree(fp); + free(comment); + free(ra); + free(fp); exit(0); } if (comment) { - xfree(comment); + free(comment); comment = NULL; } @@ -856,8 +856,8 @@ do_fingerprint(struct passwd *pw) comment ? comment : "no comment", key_type(public)); if (log_level >= SYSLOG_LEVEL_VERBOSE) printf("%s\n", ra); - xfree(ra); - xfree(fp); + free(ra); + free(fp); key_free(public); invalid = 0; } @@ -980,8 +980,8 @@ printhost(FILE *f, const char *name, Key *public, int ca, int hash) key_type(public)); if (log_level >= SYSLOG_LEVEL_VERBOSE) printf("%s\n", ra); - xfree(ra); - xfree(fp); + free(ra); + free(fp); } else { if (hash && (name = host_hash(name, NULL, 0)) == NULL) fatal("hash_host failed"); @@ -1007,7 +1007,7 @@ do_known_hosts(struct passwd *pw, const char *name) if (strlcpy(identity_file, cp, sizeof(identity_file)) >= sizeof(identity_file)) fatal("Specified known hosts path too long"); - xfree(cp); + free(cp); have_identity = 1; } if ((in = fopen(identity_file, "r")) == NULL) @@ -1238,7 +1238,7 @@ do_change_passphrase(struct passwd *pw) private = key_load_private(identity_file, old_passphrase, &comment); memset(old_passphrase, 0, strlen(old_passphrase)); - xfree(old_passphrase); + free(old_passphrase); if (private == NULL) { printf("Bad passphrase.\n"); exit(1); @@ -1261,30 +1261,30 @@ do_change_passphrase(struct passwd *pw) if (strcmp(passphrase1, passphrase2) != 0) { memset(passphrase1, 0, strlen(passphrase1)); memset(passphrase2, 0, strlen(passphrase2)); - xfree(passphrase1); - xfree(passphrase2); + free(passphrase1); + free(passphrase2); printf("Pass phrases do not match. Try again.\n"); exit(1); } /* Destroy the other copy. */ memset(passphrase2, 0, strlen(passphrase2)); - xfree(passphrase2); + free(passphrase2); } /* Save the file using the new passphrase. */ if (!key_save_private(private, identity_file, passphrase1, comment)) { printf("Saving the key failed: %s.\n", identity_file); memset(passphrase1, 0, strlen(passphrase1)); - xfree(passphrase1); + free(passphrase1); key_free(private); - xfree(comment); + free(comment); exit(1); } /* Destroy the passphrase and the copy of the key in memory. */ memset(passphrase1, 0, strlen(passphrase1)); - xfree(passphrase1); + free(passphrase1); key_free(private); /* Destroys contents */ - xfree(comment); + free(comment); printf("Your identification has been saved with the new passphrase.\n"); exit(0); @@ -1301,7 +1301,7 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname) struct stat st; if (fname == NULL) - ask_filename(pw, "Enter file in which the key is"); + fatal("%s: no filename", __func__); if (stat(fname, &st) < 0) { if (errno == ENOENT) return 0; @@ -1312,11 +1312,11 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname) if (public != NULL) { export_dns_rr(hname, public, stdout, print_generic); key_free(public); - xfree(comment); + free(comment); return 1; } if (comment) - xfree(comment); + free(comment); printf("failed to read v2 public key from %s.\n", fname); exit(1); @@ -1354,7 +1354,7 @@ do_change_comment(struct passwd *pw) private = key_load_private(identity_file, passphrase, &comment); if (private == NULL) { memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); + free(passphrase); printf("Bad passphrase.\n"); exit(1); } @@ -1385,13 +1385,13 @@ do_change_comment(struct passwd *pw) if (!key_save_private(private, identity_file, passphrase, new_comment)) { printf("Saving the key failed: %s.\n", identity_file); memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); + free(passphrase); key_free(private); - xfree(comment); + free(comment); exit(1); } memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); + free(passphrase); public = key_from_private(private); key_free(private); @@ -1412,7 +1412,7 @@ do_change_comment(struct passwd *pw) fprintf(f, " %s\n", new_comment); fclose(f); - xfree(comment); + free(comment); printf("The comment in your key file has been changed.\n"); exit(0); @@ -1529,7 +1529,7 @@ load_pkcs11_key(char *path) } key_free(keys[i]); } - xfree(keys); + free(keys); key_free(public); return private; #else @@ -1573,7 +1573,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) fatal("No PKCS#11 key matching %s found", ca_key_path); } else if ((ca = load_identity(tmp)) == NULL) fatal("Couldn't load CA key \"%s\"", tmp); - xfree(tmp); + free(tmp); for (i = 0; i < argc; i++) { /* Split list of principals */ @@ -1586,7 +1586,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) if (*(plist[n] = xstrdup(cp)) == '\0') fatal("Empty principal name"); } - xfree(otmp); + free(otmp); } tmp = tilde_expand_filename(argv[i], pw->pw_uid); @@ -1624,7 +1624,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0) *cp = '\0'; xasprintf(&out, "%s-cert.pub", tmp); - xfree(tmp); + free(tmp); if ((fd = open(out, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1) fatal("Could not open \"%s\" for writing: %s", out, @@ -1647,7 +1647,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv) } key_free(public); - xfree(out); + free(out); } pkcs11_terminate(); exit(0); @@ -1744,7 +1744,7 @@ parse_cert_times(char *timespec) if (cert_valid_to <= cert_valid_from) fatal("Empty certificate validity interval"); - xfree(from); + free(from); } static void @@ -1797,7 +1797,8 @@ add_cert_option(char *opt) static void show_options(const Buffer *optbuf, int v00, int in_critical) { - u_char *name, *data; + char *name; + u_char *data; u_int dlen; Buffer options, option; @@ -1822,13 +1823,13 @@ show_options(const Buffer *optbuf, int v00, int in_critical) strcmp(name, "source-address") == 0)) { data = buffer_get_string(&option, NULL); printf(" %s\n", data); - xfree(data); + free(data); } else { printf(" UNKNOWN OPTION (len %u)\n", buffer_len(&option)); buffer_clear(&option); } - xfree(name); + free(name); if (buffer_len(&option) != 0) fatal("Option corrupt: extra data at end"); } @@ -2038,6 +2039,7 @@ update_krl_from_file(struct passwd *pw, const char *file, const Key *ca, } if (strcmp(path, "-") != 0) fclose(krl_spec); + free(path); } static void @@ -2063,7 +2065,7 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv) tmp = tilde_expand_filename(ca_key_path, pw->pw_uid); if ((ca = key_load_public(tmp, NULL)) == NULL) fatal("Cannot load CA public key %s", tmp); - xfree(tmp); + free(tmp); } if (updating) @@ -2090,6 +2092,8 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv) close(fd); buffer_free(&kbuf); ssh_krl_free(krl); + if (ca != NULL) + key_free(ca); } static void @@ -2210,7 +2214,7 @@ main(int argc, char **argv) /* we need this for the home * directory. */ pw = getpwuid(getuid()); if (!pw) { - printf("You don't exist, go away!\n"); + printf("No user exists for uid %lu\n", (u_long)getuid()); exit(1); } if (gethostname(hostname, sizeof(hostname)) < 0) { @@ -2599,14 +2603,14 @@ main(int argc, char **argv) */ memset(passphrase1, 0, strlen(passphrase1)); memset(passphrase2, 0, strlen(passphrase2)); - xfree(passphrase1); - xfree(passphrase2); + free(passphrase1); + free(passphrase2); printf("Passphrases do not match. Try again.\n"); goto passphrase_again; } /* Clear the other copy of the passphrase. */ memset(passphrase2, 0, strlen(passphrase2)); - xfree(passphrase2); + free(passphrase2); } if (identity_comment) { @@ -2620,12 +2624,12 @@ main(int argc, char **argv) if (!key_save_private(private, identity_file, passphrase1, comment)) { printf("Saving the key failed: %s.\n", identity_file); memset(passphrase1, 0, strlen(passphrase1)); - xfree(passphrase1); + free(passphrase1); exit(1); } /* Clear the passphrase. */ memset(passphrase1, 0, strlen(passphrase1)); - xfree(passphrase1); + free(passphrase1); /* Clear the private key and the random number generator. */ key_free(private); @@ -2660,8 +2664,8 @@ main(int argc, char **argv) printf("%s %s\n", fp, comment); printf("The key's randomart image is:\n"); printf("%s\n", ra); - xfree(ra); - xfree(fp); + free(ra); + free(fp); } key_free(public); diff --git a/crypto/openssh/ssh-keyscan.1 b/crypto/openssh/ssh-keyscan.1 index 17d98a1ef357..26b84f150741 100644 --- a/crypto/openssh/ssh-keyscan.1 +++ b/crypto/openssh/ssh-keyscan.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.30 2012/04/11 13:34:17 djm Exp $ +.\" $OpenBSD: ssh-keyscan.1,v 1.31 2013/07/16 00:07:52 schwarze Exp $ .\" $FreeBSD$ .\" .\" Copyright 1995, 1996 by David Mazieres . @@ -7,7 +7,7 @@ .\" permitted provided that due credit is given to the author and the .\" OpenBSD project by leaving this copyright notice intact. .\" -.Dd April 11, 2012 +.Dd July 16, 2013 .Dt SSH-KEYSCAN 1 .Os .Sh NAME @@ -165,9 +165,9 @@ $ ssh-keyscan -t rsa,dsa,ecdsa -f ssh_hosts | \e .Xr sshd 8 .Sh AUTHORS .An -nosplit -.An David Mazieres Aq dm@lcs.mit.edu +.An David Mazieres Aq Mt dm@lcs.mit.edu wrote the initial version, and -.An Wayne Davison Aq wayned@users.sourceforge.net +.An Wayne Davison Aq Mt wayned@users.sourceforge.net added support for protocol version 2. .Sh BUGS It generates "Connection closed by remote host" messages on the consoles diff --git a/crypto/openssh/ssh-keyscan.c b/crypto/openssh/ssh-keyscan.c index c9de130f46e7..8b807c10a0c2 100644 --- a/crypto/openssh/ssh-keyscan.c +++ b/crypto/openssh/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.86 2012/04/11 13:34:17 djm Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.87 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -263,7 +263,7 @@ keygrab_ssh2(con *c) exit(1); } nonfatal_fatal = 0; - xfree(c->c_kex); + free(c->c_kex); c->c_kex = NULL; packet_close(); @@ -329,7 +329,7 @@ conalloc(char *iname, char *oname, int keytype) do { name = xstrsep(&namelist, ","); if (!name) { - xfree(namebase); + free(namebase); return (-1); } } while ((s = tcpconnect(name)) < 0); @@ -363,10 +363,10 @@ confree(int s) if (s >= maxfd || fdcon[s].c_status == CS_UNUSED) fatal("confree: attempt to free bad fdno %d", s); close(s); - xfree(fdcon[s].c_namebase); - xfree(fdcon[s].c_output_name); + free(fdcon[s].c_namebase); + free(fdcon[s].c_output_name); if (fdcon[s].c_status == CS_KEYS) - xfree(fdcon[s].c_data); + free(fdcon[s].c_data); fdcon[s].c_status = CS_UNUSED; fdcon[s].c_keytype = 0; TAILQ_REMOVE(&tq, &fdcon[s], c_link); @@ -553,8 +553,8 @@ conloop(void) } else if (FD_ISSET(i, r)) conread(i); } - xfree(r); - xfree(e); + free(r); + free(e); c = TAILQ_FIRST(&tq); while (c && (c->c_tv.tv_sec < now.tv_sec || diff --git a/crypto/openssh/ssh-keysign.8 b/crypto/openssh/ssh-keysign.8 index a266af9234ca..6fdb40b772ff 100644 --- a/crypto/openssh/ssh-keysign.8 +++ b/crypto/openssh/ssh-keysign.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keysign.8,v 1.12 2010/08/31 11:54:45 djm Exp $ +.\" $OpenBSD: ssh-keysign.8,v 1.13 2013/07/16 00:07:52 schwarze Exp $ .\" .\" Copyright (c) 2002 Markus Friedl. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd August 31, 2010 +.Dd July 16, 2013 .Dt SSH-KEYSIGN 8 .Os .Sh NAME @@ -88,4 +88,4 @@ information corresponding with the private keys above. first appeared in .Ox 3.2 . .Sh AUTHORS -.An Markus Friedl Aq markus@openbsd.org +.An Markus Friedl Aq Mt markus@openbsd.org diff --git a/crypto/openssh/ssh-keysign.c b/crypto/openssh/ssh-keysign.c index 1deb7e14152c..9a6653c7c03a 100644 --- a/crypto/openssh/ssh-keysign.c +++ b/crypto/openssh/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.36 2011/02/16 00:31:14 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.37 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -78,7 +78,7 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, p = buffer_get_string(&b, &len); if (len != 20 && len != 32) fail++; - xfree(p); + free(p); if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) fail++; @@ -90,13 +90,13 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, p = buffer_get_string(&b, NULL); if (strcmp("ssh-connection", p) != 0) fail++; - xfree(p); + free(p); /* method */ p = buffer_get_string(&b, NULL); if (strcmp("hostbased", p) != 0) fail++; - xfree(p); + free(p); /* pubkey */ pkalg = buffer_get_string(&b, NULL); @@ -109,8 +109,8 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, fail++; else if (key->type != pktype) fail++; - xfree(pkalg); - xfree(pkblob); + free(pkalg); + free(pkblob); /* client host name, handle trailing dot */ p = buffer_get_string(&b, &len); @@ -121,14 +121,14 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, fail++; else if (strncasecmp(host, p, len - 1) != 0) fail++; - xfree(p); + free(p); /* local user */ p = buffer_get_string(&b, NULL); if (strcmp(pw->pw_name, p) != 0) fail++; - xfree(p); + free(p); /* end of message */ if (buffer_len(&b) != 0) @@ -233,7 +233,7 @@ main(int argc, char **argv) data = buffer_get_string(&b, &dlen); if (valid_request(pw, host, &key, data, dlen) < 0) fatal("not a valid request"); - xfree(host); + free(host); found = 0; for (i = 0; i < NUM_KEYTYPES; i++) { @@ -248,7 +248,7 @@ main(int argc, char **argv) if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) fatal("key_sign failed"); - xfree(data); + free(data); /* send reply */ buffer_clear(&b); diff --git a/crypto/openssh/ssh-pkcs11-client.c b/crypto/openssh/ssh-pkcs11-client.c index 82b11daf5155..6c9f9d2c1b1d 100644 --- a/crypto/openssh/ssh-pkcs11-client.c +++ b/crypto/openssh/ssh-pkcs11-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-client.c,v 1.3 2012/01/16 20:34:09 miod Exp $ */ +/* $OpenBSD: ssh-pkcs11-client.c,v 1.4 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -121,7 +121,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, buffer_put_string(&msg, blob, blen); buffer_put_string(&msg, from, flen); buffer_put_int(&msg, 0); - xfree(blob); + free(blob); send_msg(&msg); buffer_clear(&msg); @@ -131,7 +131,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, memcpy(to, signature, slen); ret = slen; } - xfree(signature); + free(signature); } buffer_free(&msg); return (ret); @@ -205,11 +205,11 @@ pkcs11_add_provider(char *name, char *pin, Key ***keysp) *keysp = xcalloc(nkeys, sizeof(Key *)); for (i = 0; i < nkeys; i++) { blob = buffer_get_string(&msg, &blen); - xfree(buffer_get_string(&msg, NULL)); + free(buffer_get_string(&msg, NULL)); k = key_from_blob(blob, blen); wrap_key(k->rsa); (*keysp)[i] = k; - xfree(blob); + free(blob); } } else { nkeys = -1; diff --git a/crypto/openssh/ssh-pkcs11-helper.8 b/crypto/openssh/ssh-pkcs11-helper.8 index 76f8d30d7d23..a5380a32e462 100644 --- a/crypto/openssh/ssh-pkcs11-helper.8 +++ b/crypto/openssh/ssh-pkcs11-helper.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.3 2010/02/10 23:20:38 markus Exp $ +.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.4 2013/07/16 00:07:52 schwarze Exp $ .\" .\" Copyright (c) 2010 Markus Friedl. All rights reserved. .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd February 10, 2010 +.Dd July 16, 2013 .Dt SSH-PKCS11-HELPER 8 .Os .Sh NAME @@ -40,4 +40,4 @@ is not intended to be invoked by the user, but from first appeared in .Ox 4.7 . .Sh AUTHORS -.An Markus Friedl Aq markus@openbsd.org +.An Markus Friedl Aq Mt markus@openbsd.org diff --git a/crypto/openssh/ssh-pkcs11-helper.c b/crypto/openssh/ssh-pkcs11-helper.c index fcb5defc08b6..39b2e7c56641 100644 --- a/crypto/openssh/ssh-pkcs11-helper.c +++ b/crypto/openssh/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.4 2012/07/02 12:13:26 dtucker Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.6 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -79,7 +79,7 @@ del_keys_by_name(char *name) nxt = TAILQ_NEXT(ki, next); if (!strcmp(ki->providername, name)) { TAILQ_REMOVE(&pkcs11_keylist, ki, next); - xfree(ki->providername); + free(ki->providername); key_free(ki->key); free(ki); } @@ -130,15 +130,15 @@ process_add(void) key_to_blob(keys[i], &blob, &blen); buffer_put_string(&msg, blob, blen); buffer_put_cstring(&msg, name); - xfree(blob); + free(blob); add_key(keys[i], name); } - xfree(keys); + free(keys); } else { buffer_put_char(&msg, SSH_AGENT_FAILURE); } - xfree(pin); - xfree(name); + free(pin); + free(name); send_msg(&msg); buffer_free(&msg); } @@ -157,8 +157,8 @@ process_del(void) buffer_put_char(&msg, SSH_AGENT_SUCCESS); else buffer_put_char(&msg, SSH_AGENT_FAILURE); - xfree(pin); - xfree(name); + free(pin); + free(name); send_msg(&msg); buffer_free(&msg); } @@ -195,10 +195,9 @@ process_sign(void) } else { buffer_put_char(&msg, SSH_AGENT_FAILURE); } - xfree(data); - xfree(blob); - if (signature != NULL) - xfree(signature); + free(data); + free(blob); + free(signature); send_msg(&msg); buffer_free(&msg); } @@ -274,7 +273,6 @@ main(int argc, char **argv) LogLevel log_level = SYSLOG_LEVEL_ERROR; char buf[4*4096]; - extern char *optarg; extern char *__progname; TAILQ_INIT(&pkcs11_keylist); diff --git a/crypto/openssh/ssh-pkcs11.c b/crypto/openssh/ssh-pkcs11.c index 1f4c1c8e4f4c..618c07526fb9 100644 --- a/crypto/openssh/ssh-pkcs11.c +++ b/crypto/openssh/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.6 2010/06/08 21:32:19 markus Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.8 2013/07/12 00:20:00 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -120,9 +120,9 @@ pkcs11_provider_unref(struct pkcs11_provider *p) if (--p->refcount <= 0) { if (p->valid) error("pkcs11_provider_unref: %p still valid", p); - xfree(p->slotlist); - xfree(p->slotinfo); - xfree(p); + free(p->slotlist); + free(p->slotinfo); + free(p); } } @@ -180,9 +180,8 @@ pkcs11_rsa_finish(RSA *rsa) rv = k11->orig_finish(rsa); if (k11->provider) pkcs11_provider_unref(k11->provider); - if (k11->keyid) - xfree(k11->keyid); - xfree(k11); + free(k11->keyid); + free(k11); } return (rv); } @@ -264,13 +263,13 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, pin = read_passphrase(prompt, RP_ALLOW_EOF); if (pin == NULL) return (-1); /* bail out */ - if ((rv = f->C_Login(si->session, CKU_USER, pin, strlen(pin))) - != CKR_OK) { - xfree(pin); + if ((rv = f->C_Login(si->session, CKU_USER, + (u_char *)pin, strlen(pin))) != CKR_OK) { + free(pin); error("C_Login failed: %lu", rv); return (-1); } - xfree(pin); + free(pin); si->logged_in = 1; } key_filter[1].pValue = k11->keyid; @@ -329,7 +328,7 @@ pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, /* remove trailing spaces */ static void -rmspace(char *buf, size_t len) +rmspace(u_char *buf, size_t len) { size_t i; @@ -367,8 +366,8 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin) return (-1); } if (login_required && pin) { - if ((rv = f->C_Login(session, CKU_USER, pin, strlen(pin))) - != CKR_OK) { + if ((rv = f->C_Login(session, CKU_USER, + (u_char *)pin, strlen(pin))) != CKR_OK) { error("C_Login failed: %lu", rv); if ((rv = f->C_CloseSession(session)) != CKR_OK) error("C_CloseSession failed: %lu", rv); @@ -470,7 +469,7 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, Key ***keysp, } } for (i = 0; i < 3; i++) - xfree(attribs[i].pValue); + free(attribs[i].pValue); } if ((rv = f->C_FindObjectsFinal(session)) != CKR_OK) error("C_FindObjectsFinal failed: %lu", rv); @@ -579,11 +578,9 @@ pkcs11_add_provider(char *provider_id, char *pin, Key ***keyp) if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK) error("C_Finalize failed: %lu", rv); if (p) { - if (p->slotlist) - xfree(p->slotlist); - if (p->slotinfo) - xfree(p->slotinfo); - xfree(p); + free(p->slotlist); + free(p->slotinfo); + free(p); } if (handle) dlclose(handle); diff --git a/crypto/openssh/ssh-rsa.c b/crypto/openssh/ssh-rsa.c index c6355fa0946d..30f96abc2a14 100644 --- a/crypto/openssh/ssh-rsa.c +++ b/crypto/openssh/ssh-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-rsa.c,v 1.45 2010/08/31 09:58:37 djm Exp $ */ +/* $OpenBSD: ssh-rsa.c,v 1.46 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2000, 2003 Markus Friedl * @@ -72,7 +72,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, error("ssh_rsa_sign: RSA_sign failed: %s", ERR_error_string(ecode, NULL)); - xfree(sig); + free(sig); return -1; } if (len < slen) { @@ -82,7 +82,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, memset(sig, 0, diff); } else if (len > slen) { error("ssh_rsa_sign: slen %u slen2 %u", slen, len); - xfree(sig); + free(sig); return -1; } /* encode signature */ @@ -98,7 +98,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, } buffer_free(&b); memset(sig, 's', slen); - xfree(sig); + free(sig); return 0; } @@ -131,23 +131,23 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, if (strcmp("ssh-rsa", ktype) != 0) { error("ssh_rsa_verify: cannot handle type %s", ktype); buffer_free(&b); - xfree(ktype); + free(ktype); return -1; } - xfree(ktype); + free(ktype); sigblob = buffer_get_string(&b, &len); rlen = buffer_len(&b); buffer_free(&b); if (rlen != 0) { error("ssh_rsa_verify: remaining bytes in signature %d", rlen); - xfree(sigblob); + free(sigblob); return -1; } /* RSA_verify expects a signature of RSA_size */ modlen = RSA_size(key->rsa); if (len > modlen) { error("ssh_rsa_verify: len %u > modlen %u", len, modlen); - xfree(sigblob); + free(sigblob); return -1; } else if (len < modlen) { u_int diff = modlen - len; @@ -161,7 +161,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); - xfree(sigblob); + free(sigblob); return -1; } EVP_DigestInit(&md, evp_md); @@ -171,7 +171,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa); memset(digest, 'd', sizeof(digest)); memset(sigblob, 's', len); - xfree(sigblob); + free(sigblob); debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : ""); return ret; } @@ -262,7 +262,6 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen, } ret = 1; done: - if (decrypted) - xfree(decrypted); + free(decrypted); return ret; } diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index a86b587bd576..d2e1d7199a1d 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.330 2012/10/04 13:21:50 markus Exp $ +.\" $OpenBSD: ssh.1,v 1.334 2013/07/18 01:12:26 djm Exp $ .\" $FreeBSD$ -.Dd October 4, 2012 +.Dd July 18, 2013 .Dt SSH 1 .Os .Sh NAME @@ -48,6 +48,7 @@ .Op Fl b Ar bind_address .Op Fl c Ar cipher_spec .Op Fl D Oo Ar bind_address : Oc Ns Ar port +.Op Fl E Ar log_file .Op Fl e Ar escape_char .Op Fl F Ar configfile .Op Fl I Ar pkcs11 @@ -65,6 +66,8 @@ .Oo Ar user Ns @ Oc Ns Ar hostname .Op Ar command .Ek +.Nm +.Fl Q Ar protocol_feature .Sh DESCRIPTION .Nm (SSH client) is a program for logging into a remote machine and for @@ -218,6 +221,10 @@ indicates that the listening port be bound for local use only, while an empty address or .Sq * indicates that the port should be available from all interfaces. +.It Fl E Ar log_file +Append debug logs to +.Ar log_file +instead of standard error. .It Fl e Ar escape_char Sets the escape character for sessions with a pty (default: .Ql ~ ) . @@ -484,6 +491,21 @@ For full details of the options listed below, and their possible values, see Port to connect to on the remote host. This can be specified on a per-host basis in the configuration file. +.It Fl Q Ar protocol_feature +Queries +.Nm +for the algorithms supported for the specified version 2 +.Ar protocol_feature . +The queriable features are: +.Dq cipher +(supported symmetric ciphers), +.Dq MAC +(supported message integrity codes), +.Dq KEX +(key exchange algorithms), +.Dq key +(key types). +Protocol features are treated case-insensitively. .It Fl q Quiet mode. Causes most warning and diagnostic messages to be suppressed. @@ -734,9 +756,7 @@ implements public key authentication protocol automatically, using one of the DSA, ECDSA or RSA algorithms. Protocol 1 is restricted to using only RSA keys, but protocol 2 may use any. -The -.Sx HISTORY -section of +The HISTORY section of .Xr ssl 8 contains a brief discussion of the DSA and RSA algorithms. .Pp @@ -792,9 +812,7 @@ instead of a set of public/private keys, signed certificates are used. This has the advantage that a single trusted certification authority can be used in place of many public/private keys. -See the -.Sx CERTIFICATES -section of +See the CERTIFICATES section of .Xr ssh-keygen 1 for more information. .Pp @@ -1321,7 +1339,7 @@ This is the per-user configuration file. The file format and configuration options are described in .Xr ssh_config 5 . Because of the potential for abuse, this file must have strict permissions: -read/write for the user, and not accessible by others. +read/write for the user, and not writable by others. .Pp .It Pa ~/.ssh/environment Contains additional definitions for environment variables; see diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c index 2e704a9f7155..e2deee809568 100644 --- a/crypto/openssh/ssh.c +++ b/crypto/openssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.373 2013/02/22 22:09:01 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.381 2013/07/25 00:29:10 djm Exp $ */ /* $FreeBSD$ */ /* * Author: Tatu Ylonen @@ -199,9 +199,9 @@ usage(void) { fprintf(stderr, "usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n" -" [-D [bind_address:]port] [-e escape_char] [-F configfile]\n" -" [-I pkcs11] [-i identity_file]\n" -" [-L [bind_address:]port:host:hostport]\n" +" [-D [bind_address:]port] [-E log_file] [-e escape_char]\n" +" [-F configfile] [-I pkcs11] [-i identity_file]\n" +" [-L [bind_address:]port:host:hostport] [-Q protocol_feature]\n" " [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" " [-R [bind_address:]port:host:hostport] [-S ctl_path]\n" " [-W host:port] [-w local_tun[:remote_tun]]\n" @@ -228,7 +228,7 @@ tilde_expand_paths(char **paths, u_int num_paths) for (i = 0; i < num_paths; i++) { cp = tilde_expand_filename(paths[i], original_real_uid); - xfree(paths[i]); + free(paths[i]); paths[i] = cp; } } @@ -240,7 +240,7 @@ int main(int ac, char **av) { int i, r, opt, exit_status, use_syslog; - char *p, *cp, *line, *argv0, buf[MAXPATHLEN], *host_arg; + char *p, *cp, *line, *argv0, buf[MAXPATHLEN], *host_arg, *logfile; char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; struct stat st; struct passwd *pw; @@ -301,7 +301,7 @@ main(int ac, char **av) /* Get user data. */ pw = getpwuid(original_real_uid); if (!pw) { - logit("You don't exist, go away!"); + logit("No user exists for uid %lu", (u_long)original_real_uid); exit(255); } /* Take a copy of the returned structure. */ @@ -324,11 +324,12 @@ main(int ac, char **av) /* Parse command-line arguments. */ host = NULL; use_syslog = 0; + logfile = NULL; argv0 = av[0]; again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" - "ACD:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) { + "ACD:E:F:I:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -358,6 +359,9 @@ main(int ac, char **av) case 'y': use_syslog = 1; break; + case 'E': + logfile = xstrdup(optarg); + break; case 'Y': options.forward_x11 = 1; options.forward_x11_trusted = 1; @@ -387,6 +391,22 @@ main(int ac, char **av) case 'P': /* deprecated */ options.use_privileged_port = 0; break; + case 'Q': /* deprecated */ + cp = NULL; + if (strcasecmp(optarg, "cipher") == 0) + cp = cipher_alg_list(); + else if (strcasecmp(optarg, "mac") == 0) + cp = mac_alg_list(); + else if (strcasecmp(optarg, "kex") == 0) + cp = kex_alg_list(); + else if (strcasecmp(optarg, "key") == 0) + cp = key_alg_list(); + if (cp == NULL) + fatal("Unsupported query \"%s\"", optarg); + printf("%s\n", cp); + free(cp); + exit(0); + break; case 'a': options.forward_agent = 0; break; @@ -429,9 +449,8 @@ main(int ac, char **av) } else { if (options.log_level < SYSLOG_LEVEL_DEBUG3) options.log_level++; - break; } - /* FALLTHROUGH */ + break; case 'V': if (options.version_addendum && *options.version_addendum != '\0') @@ -464,7 +483,7 @@ main(int ac, char **av) if (parse_forward(&fwd, optarg, 1, 0)) { stdio_forward_host = fwd.listen_host; stdio_forward_port = fwd.listen_port; - xfree(fwd.connect_host); + free(fwd.connect_host); } else { fprintf(stderr, "Bad stdio forwarding specification '%s'\n", @@ -601,7 +620,7 @@ main(int ac, char **av) line, "command-line", 0, &dummy, SSHCONF_USERCONF) != 0) exit(255); - xfree(line); + free(line); break; case 's': subsystem_flag = 1; @@ -682,18 +701,28 @@ main(int ac, char **av) /* * Initialize "log" output. Since we are the client all output - * actually goes to stderr. + * goes to stderr unless otherwise specified by -y or -E. */ + if (use_syslog && logfile != NULL) + fatal("Can't specify both -y and -E"); + if (logfile != NULL) { + log_redirect_stderr_to(logfile); + free(logfile); + } log_init(argv0, options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level, SYSLOG_FACILITY_USER, !use_syslog); + if (debug_flag) + logit("%s, %s", SSH_VERSION, SSLeay_version(SSLEAY_VERSION)); + /* * Read per-user configuration file. Ignore the system wide config * file if the user specifies a config file on the command line. */ if (config != NULL) { - if (!read_config_file(config, host, &options, SSHCONF_USERCONF)) + if (strcasecmp(config, "none") != 0 && + !read_config_file(config, host, &options, SSHCONF_USERCONF)) fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); } else { @@ -768,7 +797,7 @@ main(int ac, char **av) "p", portstr, "u", pw->pw_name, "L", shorthost, (char *)NULL); debug3("expanded LocalCommand: %s", options.local_command); - xfree(cp); + free(cp); } /* Find canonic host name. */ @@ -797,24 +826,24 @@ main(int ac, char **av) if (options.proxy_command != NULL && strcmp(options.proxy_command, "none") == 0) { - xfree(options.proxy_command); + free(options.proxy_command); options.proxy_command = NULL; } if (options.control_path != NULL && strcmp(options.control_path, "none") == 0) { - xfree(options.control_path); + free(options.control_path); options.control_path = NULL; } if (options.control_path != NULL) { cp = tilde_expand_filename(options.control_path, original_real_uid); - xfree(options.control_path); + free(options.control_path); options.control_path = percent_expand(cp, "h", host, "l", thishost, "n", host_arg, "r", options.user, "p", portstr, "u", pw->pw_name, "L", shorthost, (char *)NULL); - xfree(cp); + free(cp); } if (muxclient_command != 0 && options.control_path == NULL) fatal("No ControlPath specified for \"-O\" command"); @@ -965,13 +994,11 @@ main(int ac, char **av) sensitive_data.keys[i] = NULL; } } - xfree(sensitive_data.keys); + free(sensitive_data.keys); } for (i = 0; i < options.num_identity_files; i++) { - if (options.identity_files[i]) { - xfree(options.identity_files[i]); - options.identity_files[i] = NULL; - } + free(options.identity_files[i]); + options.identity_files[i] = NULL; if (options.identity_keys[i]) { key_free(options.identity_keys[i]); options.identity_keys[i] = NULL; @@ -1031,6 +1058,7 @@ control_persist_detach(void) if (devnull > STDERR_FILENO) close(devnull); } + daemon(1, 1); setproctitle("%s [mux]", options.control_path); } @@ -1530,6 +1558,11 @@ ssh_session2(void) if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN)) id = ssh_session2_open(); + else { + packet_set_interactive( + options.control_master == SSHCTL_MASTER_NO, + options.ip_qos_interactive, options.ip_qos_bulk); + } /* If we don't expect to open a new session, then disallow it */ if (options.control_master == SSHCTL_MASTER_NO && @@ -1602,7 +1635,7 @@ load_public_identity_files(void) xstrdup(options.pkcs11_provider); /* XXX */ n_ids++; } - xfree(keys); + free(keys); } #endif /* ENABLE_PKCS11 */ if ((pw = getpwuid(original_real_uid)) == NULL) @@ -1615,7 +1648,7 @@ load_public_identity_files(void) for (i = 0; i < options.num_identity_files; i++) { if (n_ids >= SSH_MAX_IDENTITY_FILES || strcasecmp(options.identity_files[i], "none") == 0) { - xfree(options.identity_files[i]); + free(options.identity_files[i]); continue; } cp = tilde_expand_filename(options.identity_files[i], @@ -1623,11 +1656,11 @@ load_public_identity_files(void) filename = percent_expand(cp, "d", pwdir, "u", pwname, "l", thishost, "h", host, "r", options.user, (char *)NULL); - xfree(cp); + free(cp); public = key_load_public(filename, NULL); debug("identity file %s type %d", filename, public ? public->type : -1); - xfree(options.identity_files[i]); + free(options.identity_files[i]); identity_files[n_ids] = filename; identity_keys[n_ids] = public; @@ -1640,14 +1673,14 @@ load_public_identity_files(void) debug("identity file %s type %d", cp, public ? public->type : -1); if (public == NULL) { - xfree(cp); + free(cp); continue; } if (!key_is_cert(public)) { debug("%s: key %s type %s is not a certificate", __func__, cp, key_type(public)); key_free(public); - xfree(cp); + free(cp); continue; } identity_keys[n_ids] = public; @@ -1660,9 +1693,9 @@ load_public_identity_files(void) memcpy(options.identity_keys, identity_keys, sizeof(identity_keys)); bzero(pwname, strlen(pwname)); - xfree(pwname); + free(pwname); bzero(pwdir, strlen(pwdir)); - xfree(pwdir); + free(pwdir); } static void diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config index 67b5d9f2c912..8911749fe4ee 100644 --- a/crypto/openssh/ssh_config +++ b/crypto/openssh/ssh_config @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.26 2010/01/11 01:39:46 dtucker Exp $ +# $OpenBSD: ssh_config,v 1.27 2013/05/16 02:00:34 dtucker Exp $ # $FreeBSD$ # This is the ssh client system-wide configuration file. See @@ -46,5 +46,6 @@ # PermitLocalCommand no # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com +# RekeyLimit 1G 1h # VerifyHostKeyDNS yes -# VersionAddendum FreeBSD-20130515 +# VersionAddendum FreeBSD-20130918 diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index 4521f4079488..930a025664c3 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.161 2013/01/08 18:49:04 markus Exp $ +.\" $OpenBSD: ssh_config.5,v 1.166 2013/06/27 14:05:37 jmc Exp $ .\" $FreeBSD$ -.Dd January 8, 2013 +.Dd June 27, 2013 .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -475,8 +475,7 @@ option is also enabled. .It Cm ForwardX11Timeout Specify a timeout for untrusted X11 forwarding using the format described in the -.Sx TIME FORMATS -section of +TIME FORMATS section of .Xr sshd_config 5 . X11 connections received by .Xr ssh 1 @@ -629,7 +628,9 @@ and .Pa ~/.ssh/id_rsa for protocol version 2. Additionally, any identities represented by the authentication agent -will be used for authentication. +will be used for authentication unless +.Cm IdentitiesOnly +is set. .Xr ssh 1 will try to load certificate information from the filename obtained by appending @@ -658,6 +659,22 @@ Multiple .Cm IdentityFile directives will add to the list of identities tried (this behaviour differs from that of other configuration directives). +.Pp +.Cm IdentityFile +may be used in conjunction with +.Cm IdentitiesOnly +to select which identities in an agent are offered during authentication. +.It Cm IgnoreUnknown +Specifies a pattern-list of unknown options to be ignored if they are +encountered in configuration parsing. +This may be used to suppress errors if +.Nm +contains options that are unrecognised by +.Xr ssh 1 . +It is recommended that +.Cm IgnoreUnknown +be listed early in the configuration file as it will not be applied +to unknown options that appear before it. .It Cm IPQoS Specifies the IPv4 type-of-service or DSCP class for connections. Accepted values are @@ -932,8 +949,9 @@ The default is This option applies to protocol version 2 only. .It Cm RekeyLimit Specifies the maximum amount of data that may be transmitted before the -session key is renegotiated. -The argument is the number of bytes, with an optional suffix of +session key is renegotiated, optionally followed a maximum amount of +time that may pass before the session key is renegotiated. +The first argument is specified in bytes and may have a suffix of .Sq K , .Sq M , or @@ -944,6 +962,16 @@ The default is between and .Sq 4G , depending on the cipher. +The optional second value is specified in seconds and may use any of the +units documented in the +TIME FORMATS section of +.Xr sshd_config 5 . +The default value for +.Cm RekeyLimit +is +.Dq default none , +which means that rekeying is performed after the cipher's default amount +of data has been sent or received and no time based rekeying is done. This option applies to protocol version 2 only. .It Cm RemoteForward Specifies that a TCP port on the remote machine be forwarded over @@ -1225,15 +1253,13 @@ if compiled with LDNS and otherwise. Note that this option applies to protocol version 2 only. .Pp -See also -.Sx VERIFYING HOST KEYS -in +See also VERIFYING HOST KEYS in .Xr ssh 1 . .It Cm VersionAddendum Specifies a string to append to the regular version string to identify OS- or site-specific modifications. The default is -.Dq FreeBSD-20130515 . +.Dq FreeBSD-20130918 . .It Cm VisualHostKey If this flag is set to .Dq yes , diff --git a/crypto/openssh/ssh_namespace.h b/crypto/openssh/ssh_namespace.h index edfff3b31c15..3cb0613c8bbd 100644 --- a/crypto/openssh/ssh_namespace.h +++ b/crypto/openssh/ssh_namespace.h @@ -7,7 +7,7 @@ * * A list of symbols which need munging is obtained as follows: * - * nm libssh.a | awk '/[0-9a-z] [A-Z] / && $3 !~ /^ssh_/ { printf("#define %-39s ssh_%s\n", $3, $3) }' | unexpand -a | sort + * nm libssh.a | awk '/[0-9a-z] [A-Z] / && $3 !~ /^ssh_/ { printf("#define %-39s ssh_%s\n", $3, $3) }' | unexpand -a | sort -u * $FreeBSD$ */ @@ -147,6 +147,7 @@ #define check_key_in_hostkeys ssh_check_key_in_hostkeys #define choose_dh ssh_choose_dh #define chop ssh_chop +#define cipher_alg_list ssh_cipher_alg_list #define cipher_authlen ssh_cipher_authlen #define cipher_blocksize ssh_cipher_blocksize #define cipher_by_name ssh_cipher_by_name @@ -167,7 +168,6 @@ #define cipher_set_key_string ssh_cipher_set_key_string #define cipher_set_keycontext ssh_cipher_set_keycontext #define cipher_set_keyiv ssh_cipher_set_keyiv -#define ciphers ssh_ciphers #define ciphers_valid ssh_ciphers_valid #define cleanhostname ssh_cleanhostname #define cleanup_exit ssh_cleanup_exit @@ -239,11 +239,10 @@ #define init_hostkeys ssh_init_hostkeys #define iptos2str ssh_iptos2str #define ipv64_normalise_mapped ssh_ipv64_normalise_mapped +#define kex_alg_list ssh_kex_alg_list #define kex_derive_keys ssh_kex_derive_keys #define kex_dh_hash ssh_kex_dh_hash #define kex_ecdh_hash ssh_kex_ecdh_hash -#define kex_ecdh_name_to_evpmd ssh_kex_ecdh_name_to_evpmd -#define kex_ecdh_name_to_nid ssh_kex_ecdh_name_to_nid #define kex_finish ssh_kex_finish #define kex_get_newkeys ssh_kex_get_newkeys #define kex_input_kexinit ssh_kex_input_kexinit @@ -255,6 +254,7 @@ #define kexgex_client ssh_kexgex_client #define kexgex_hash ssh_kexgex_hash #define key_add_private ssh_key_add_private +#define key_alg_list ssh_key_alg_list #define key_cert_check_authority ssh_key_cert_check_authority #define key_cert_copy ssh_key_cert_copy #define key_cert_is_legacy ssh_key_cert_is_legacy @@ -315,14 +315,15 @@ #define log_is_on_stderr ssh_log_is_on_stderr #define log_level_name ssh_log_level_name #define log_level_number ssh_log_level_number +#define log_redirect_stderr_to ssh_log_redirect_stderr_to #define logit ssh_logit #define lookup_key_in_hostkeys_by_type ssh_lookup_key_in_hostkeys_by_type +#define mac_alg_list ssh_mac_alg_list #define mac_clear ssh_mac_clear #define mac_compute ssh_mac_compute #define mac_init ssh_mac_init #define mac_setup ssh_mac_setup #define mac_valid ssh_mac_valid -#define macs ssh_macs #define match_host_and_ip ssh_match_host_and_ip #define match_hostname ssh_match_hostname #define match_list ssh_match_list @@ -332,6 +333,7 @@ #define mktemp_proto ssh_mktemp_proto #define mm_receive_fd ssh_mm_receive_fd #define mm_send_fd ssh_mm_send_fd +#define monotime ssh_monotime #define ms_subtract_diff ssh_ms_subtract_diff #define ms_to_timeval ssh_ms_to_timeval #define mysignal ssh_mysignal @@ -360,6 +362,7 @@ #define packet_get_output ssh_packet_get_output #define packet_get_protocol_flags ssh_packet_get_protocol_flags #define packet_get_raw ssh_packet_get_raw +#define packet_get_rekey_timeout ssh_packet_get_rekey_timeout #define packet_get_ssh1_cipher ssh_packet_get_ssh1_cipher #define packet_get_state ssh_packet_get_state #define packet_get_string ssh_packet_get_string @@ -398,7 +401,7 @@ #define packet_set_maxsize ssh_packet_set_maxsize #define packet_set_nonblocking ssh_packet_set_nonblocking #define packet_set_protocol_flags ssh_packet_set_protocol_flags -#define packet_set_rekey_limit ssh_packet_set_rekey_limit +#define packet_set_rekey_limits ssh_packet_set_rekey_limits #define packet_set_server ssh_packet_set_server #define packet_set_state ssh_packet_set_state #define packet_set_timeout ssh_packet_set_timeout @@ -461,10 +464,11 @@ #define tty_make_modes ssh_tty_make_modes #define tty_parse_modes ssh_tty_parse_modes #define tun_open ssh_tun_open +#define umac128_ctx ssh_umac128_ctx +#define umac128_delete ssh_umac128_delete +#define umac128_final ssh_umac128_final #define umac128_new ssh_umac128_new #define umac128_update ssh_umac128_update -#define umac128_final ssh_umac128_final -#define umac128_delete ssh_umac128_delete #define umac_ctx ssh_umac_ctx #define umac_delete ssh_umac_delete #define umac_final ssh_umac_final @@ -483,7 +487,6 @@ #define xasprintf ssh_xasprintf #define xcalloc ssh_xcalloc #define xcrypt ssh_xcrypt -#define xfree ssh_xfree #define xmalloc ssh_xmalloc #define xmmap ssh_xmmap #define xrealloc ssh_xrealloc diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c index 163ba8841a58..4e79cbb86da9 100644 --- a/crypto/openssh/sshconnect.c +++ b/crypto/openssh/sshconnect.c @@ -1,5 +1,5 @@ -/* $OpenBSD: sshconnect.c,v 1.236 2012/09/14 16:51:34 markus Exp $ */ -/* $OpenBSD: sshconnect.c,v 1.237 2013/02/22 19:13:56 markus Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.238 2013/05/17 00:13:14 djm Exp $ */ +/* $FreeBSD$ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -113,7 +113,7 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) xasprintf(&tmp, "exec %s", proxy_command); command_string = percent_expand(tmp, "h", host, "p", strport, "r", options.user, (char *)NULL); - xfree(tmp); + free(tmp); /* Create pipes for communicating with the proxy. */ if (pipe(pin) < 0 || pipe(pout) < 0) @@ -167,7 +167,7 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) close(pout[1]); /* Free the command name. */ - xfree(command_string); + free(command_string); /* Set the connection file descriptors. */ packet_set_connection(pout[0], pin[1]); @@ -344,7 +344,7 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr, fatal("Bogus return (%d) from select()", rc); } - xfree(fdset); + free(fdset); done: if (result == 0 && *timeoutp > 0) { @@ -562,7 +562,7 @@ ssh_exchange_identification(int timeout_ms) debug("ssh_exchange_identification: %s", buf); } server_version_string = xstrdup(buf); - xfree(fdset); + free(fdset); /* * Check that the versions match. In future this might accept @@ -638,8 +638,7 @@ confirm(const char *prompt) ret = 0; if (p && strncasecmp(p, "yes", 3) == 0) ret = 1; - if (p) - xfree(p); + free(p); if (ret != -1) return ret; } @@ -863,8 +862,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, ra = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_RANDOMART); logit("Host key fingerprint is %s\n%s\n", fp, ra); - xfree(ra); - xfree(fp); + free(ra); + free(fp); } break; case HOST_NEW: @@ -924,8 +923,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, options.visual_host_key ? "\n" : "", options.visual_host_key ? ra : "", msg2); - xfree(ra); - xfree(fp); + free(ra); + free(fp); if (!confirm(msg)) goto fail; } @@ -1126,8 +1125,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, } } - xfree(ip); - xfree(host); + free(ip); + free(host); if (host_hostkeys != NULL) free_hostkeys(host_hostkeys); if (ip_hostkeys != NULL) @@ -1149,8 +1148,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, } if (raw_key != NULL) key_free(raw_key); - xfree(ip); - xfree(host); + free(ip); + free(host); if (host_hostkeys != NULL) free_hostkeys(host_hostkeys); if (ip_hostkeys != NULL) @@ -1167,7 +1166,7 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); debug("Server host key: %s %s", key_type(host_key), fp); - xfree(fp); + free(fp); /* XXX certs are not yet supported for DNS */ if (!key_is_cert(host_key) && options.verify_host_key_dns && @@ -1232,7 +1231,7 @@ ssh_login(Sensitive *sensitive, const char *orighost, ssh_kex(host, hostaddr); ssh_userauth1(local_user, server_user, host, sensitive); } - xfree(local_user); + free(local_user); } void @@ -1250,7 +1249,7 @@ ssh_put_password(char *password) strlcpy(padded, password, size); packet_put_string(padded, size); memset(padded, 0, size); - xfree(padded); + free(padded); } /* print all known host keys for a given host, but skip keys of given type */ @@ -1277,8 +1276,8 @@ show_other_keys(struct hostkeys *hostkeys, Key *key) key_type(found->key), fp); if (options.visual_host_key) logit("%s", ra); - xfree(ra); - xfree(fp); + free(ra); + free(fp); ret = 1; } return ret; @@ -1301,7 +1300,7 @@ warn_changed_key(Key *host_key) key_type(host_key), fp); error("Please contact your system administrator."); - xfree(fp); + free(fp); } /* diff --git a/crypto/openssh/sshconnect1.c b/crypto/openssh/sshconnect1.c index fd07bbf7418a..d285e23c0405 100644 --- a/crypto/openssh/sshconnect1.c +++ b/crypto/openssh/sshconnect1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */ +/* $OpenBSD: sshconnect1.c,v 1.71 2013/05/17 00:13:14 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -84,7 +84,7 @@ try_agent_authentication(void) /* Try this identity. */ debug("Trying RSA authentication via agent with '%.100s'", comment); - xfree(comment); + free(comment); /* Tell the server that we are willing to authenticate using this key. */ packet_start(SSH_CMSG_AUTH_RSA); @@ -231,7 +231,7 @@ try_rsa_authentication(int idx) */ if (type == SSH_SMSG_FAILURE) { debug("Server refused our key."); - xfree(comment); + free(comment); return 0; } /* Otherwise, the server should respond with a challenge. */ @@ -270,14 +270,14 @@ try_rsa_authentication(int idx) quit = 1; } memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); + free(passphrase); if (private != NULL || quit) break; debug2("bad passphrase given, try again..."); } } /* We no longer need the comment. */ - xfree(comment); + free(comment); if (private == NULL) { if (!options.batch_mode && perm_ok) @@ -412,7 +412,7 @@ try_challenge_response_authentication(void) packet_check_eom(); snprintf(prompt, sizeof prompt, "%s%s", challenge, strchr(challenge, '\n') ? "" : "\nResponse: "); - xfree(challenge); + free(challenge); if (i != 0) error("Permission denied, please try again."); if (options.cipher == SSH_CIPHER_NONE) @@ -420,13 +420,13 @@ try_challenge_response_authentication(void) "Response will be transmitted in clear text."); response = read_passphrase(prompt, 0); if (strcmp(response, "") == 0) { - xfree(response); + free(response); break; } packet_start(SSH_CMSG_AUTH_TIS_RESPONSE); ssh_put_password(response); memset(response, 0, strlen(response)); - xfree(response); + free(response); packet_send(); packet_write_wait(); type = packet_read(); @@ -459,7 +459,7 @@ try_password_authentication(char *prompt) packet_start(SSH_CMSG_AUTH_PASSWORD); ssh_put_password(password); memset(password, 0, strlen(password)); - xfree(password); + free(password); packet_send(); packet_write_wait(); diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c index ad86df77d09c..a79f6c52d28f 100644 --- a/crypto/openssh/sshconnect2.c +++ b/crypto/openssh/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.192 2013/02/17 23:16:57 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.198 2013/06/05 12:52:38 dtucker Exp $ */ /* $FreeBSD$ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -157,10 +157,10 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port) if (*first != '\0') debug3("%s: prefer hostkeyalgs: %s", __func__, first); - xfree(first); - xfree(last); - xfree(hostname); - xfree(oavail); + free(first); + free(last); + free(hostname); + free(oavail); free_hostkeys(hostkeys); return ret; @@ -208,8 +208,9 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) if (options.kex_algorithms != NULL) myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; - if (options.rekey_limit) - packet_set_rekey_limit((u_int32_t)options.rekey_limit); + if (options.rekey_limit || options.rekey_interval) + packet_set_rekey_limits((u_int32_t)options.rekey_limit, + (time_t)options.rekey_interval); /* start key exchange */ kex = kex_setup(myproposal); @@ -394,7 +395,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, if (packet_remaining() > 0) { char *reply = packet_get_string(NULL); debug2("service_accept: %s", reply); - xfree(reply); + free(reply); } else { debug2("buggy server: service_accept w/o service"); } @@ -464,15 +465,12 @@ userauth(Authctxt *authctxt, char *authlist) if (authctxt->method != NULL && authctxt->method->cleanup != NULL) authctxt->method->cleanup(authctxt); - if (authctxt->methoddata) { - xfree(authctxt->methoddata); - authctxt->methoddata = NULL; - } + free(authctxt->methoddata); + authctxt->methoddata = NULL; if (authlist == NULL) { authlist = authctxt->authlist; } else { - if (authctxt->authlist) - xfree(authctxt->authlist); + free(authctxt->authlist); authctxt->authlist = authlist; } for (;;) { @@ -520,10 +518,10 @@ input_userauth_banner(int type, u_int32_t seq, void *ctxt) msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */ strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH); fprintf(stderr, "%s", msg); - xfree(msg); + free(msg); } - xfree(raw); - xfree(lang); + free(raw); + free(lang); } /* ARGSUSED */ @@ -534,16 +532,12 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt) if (authctxt == NULL) fatal("input_userauth_success: no authentication context"); - if (authctxt->authlist) { - xfree(authctxt->authlist); - authctxt->authlist = NULL; - } + free(authctxt->authlist); + authctxt->authlist = NULL; if (authctxt->method != NULL && authctxt->method->cleanup != NULL) authctxt->method->cleanup(authctxt); - if (authctxt->methoddata) { - xfree(authctxt->methoddata); - authctxt->methoddata = NULL; - } + free(authctxt->methoddata); + authctxt->methoddata = NULL; authctxt->success = 1; /* break out */ } @@ -574,8 +568,12 @@ input_userauth_failure(int type, u_int32_t seq, void *ctxt) partial = packet_get_char(); packet_check_eom(); - if (partial != 0) + if (partial != 0) { logit("Authenticated with partial success."); + /* reset state */ + pubkey_cleanup(authctxt); + pubkey_prepare(authctxt); + } debug("Authentications that can continue: %s", authlist); userauth(authctxt, authlist); @@ -628,7 +626,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) } fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); debug2("input_userauth_pk_ok: fp %s", fp); - xfree(fp); + free(fp); /* * search keys in the reverse order, because last candidate has been @@ -644,8 +642,8 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) done: if (key != NULL) key_free(key); - xfree(pkalg); - xfree(pkblob); + free(pkalg); + free(pkblob); /* try another method if we did not send a packet */ if (sent == 0) @@ -783,7 +781,7 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt) if (oidlen <= 2 || oidv[0] != SSH_GSS_OIDTYPE || oidv[1] != oidlen - 2) { - xfree(oidv); + free(oidv); debug("Badly encoded mechanism OID received"); userauth(authctxt, NULL); return; @@ -794,7 +792,7 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt) packet_check_eom(); - xfree(oidv); + free(oidv); if (GSS_ERROR(process_gssapi_token(ctxt, GSS_C_NO_BUFFER))) { /* Start again with next method on list */ @@ -823,7 +821,7 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt) status = process_gssapi_token(ctxt, &recv_tok); - xfree(recv_tok.value); + free(recv_tok.value); if (GSS_ERROR(status)) { /* Start again with the next method in the list */ @@ -840,7 +838,7 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) Gssctxt *gssctxt; gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; gss_buffer_desc recv_tok; - OM_uint32 status, ms; + OM_uint32 ms; u_int len; if (authctxt == NULL) @@ -853,10 +851,10 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) packet_check_eom(); /* Stick it into GSSAPI and see what it says */ - status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, + (void)ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, &recv_tok, &send_tok, NULL); - xfree(recv_tok.value); + free(recv_tok.value); gss_release_buffer(&ms, &send_tok); /* Server will be returning a failed packet after this one */ @@ -866,20 +864,19 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) void input_gssapi_error(int type, u_int32_t plen, void *ctxt) { - OM_uint32 maj, min; char *msg; char *lang; - maj=packet_get_int(); - min=packet_get_int(); + /* maj */(void)packet_get_int(); + /* min */(void)packet_get_int(); msg=packet_get_string(NULL); lang=packet_get_string(NULL); packet_check_eom(); debug("Server GSSAPI Error:\n%s", msg); - xfree(msg); - xfree(lang); + free(msg); + free(lang); } #endif /* GSSAPI */ @@ -920,7 +917,7 @@ userauth_passwd(Authctxt *authctxt) packet_put_char(0); packet_put_cstring(password); memset(password, 0, strlen(password)); - xfree(password); + free(password); packet_add_padding(64); packet_send(); @@ -953,8 +950,8 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) lang = packet_get_string(NULL); if (strlen(info) > 0) logit("%s", info); - xfree(info); - xfree(lang); + free(info); + free(lang); packet_start(SSH2_MSG_USERAUTH_REQUEST); packet_put_cstring(authctxt->server_user); packet_put_cstring(authctxt->service); @@ -966,7 +963,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) password = read_passphrase(prompt, 0); packet_put_cstring(password); memset(password, 0, strlen(password)); - xfree(password); + free(password); password = NULL; while (password == NULL) { snprintf(prompt, sizeof(prompt), @@ -983,16 +980,16 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt) retype = read_passphrase(prompt, 0); if (strcmp(password, retype) != 0) { memset(password, 0, strlen(password)); - xfree(password); + free(password); logit("Mismatch; try again, EOF to quit."); password = NULL; } memset(retype, 0, strlen(retype)); - xfree(retype); + free(retype); } packet_put_cstring(password); memset(password, 0, strlen(password)); - xfree(password); + free(password); packet_add_padding(64); packet_send(); @@ -1047,13 +1044,13 @@ jpake_password_to_secret(Authctxt *authctxt, const char *crypt_scheme, bzero(password, strlen(password)); bzero(crypted, strlen(crypted)); - xfree(password); - xfree(crypted); + free(password); + free(crypted); if ((ret = BN_bin2bn(secret, secret_len, NULL)) == NULL) fatal("%s: BN_bin2bn (secret)", __func__); bzero(secret, secret_len); - xfree(secret); + free(secret); return ret; } @@ -1091,8 +1088,8 @@ input_userauth_jpake_server_step1(int type, u_int32_t seq, void *ctxt) pctx->s = jpake_password_to_secret(authctxt, crypt_scheme, salt); bzero(crypt_scheme, strlen(crypt_scheme)); bzero(salt, strlen(salt)); - xfree(crypt_scheme); - xfree(salt); + free(crypt_scheme); + free(salt); JPAKE_DEBUG_BN((pctx->s, "%s: s = ", __func__)); /* Calculate step 2 values */ @@ -1107,8 +1104,8 @@ input_userauth_jpake_server_step1(int type, u_int32_t seq, void *ctxt) bzero(x3_proof, x3_proof_len); bzero(x4_proof, x4_proof_len); - xfree(x3_proof); - xfree(x4_proof); + free(x3_proof); + free(x4_proof); JPAKE_DEBUG_CTX((pctx, "step 2 sending in %s", __func__)); @@ -1119,7 +1116,7 @@ input_userauth_jpake_server_step1(int type, u_int32_t seq, void *ctxt) packet_send(); bzero(x2_s_proof, x2_s_proof_len); - xfree(x2_s_proof); + free(x2_s_proof); /* Expect step 2 packet from peer */ dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP2, @@ -1159,7 +1156,7 @@ input_userauth_jpake_server_step2(int type, u_int32_t seq, void *ctxt) &pctx->h_k_cid_sessid, &pctx->h_k_cid_sessid_len); bzero(x4_s_proof, x4_s_proof_len); - xfree(x4_s_proof); + free(x4_s_proof); JPAKE_DEBUG_CTX((pctx, "confirm sending in %s", __func__)); @@ -1241,7 +1238,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) fp = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX); debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp); - xfree(fp); + free(fp); if (key_to_blob(id->key, &blob, &bloblen) == 0) { /* we cannot handle this key */ @@ -1276,7 +1273,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) ret = identity_sign(id, &signature, &slen, buffer_ptr(&b), buffer_len(&b)); if (ret == -1) { - xfree(blob); + free(blob); buffer_free(&b); return 0; } @@ -1296,11 +1293,11 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) buffer_put_cstring(&b, key_ssh_name(id->key)); buffer_put_string(&b, blob, bloblen); } - xfree(blob); + free(blob); /* append signature */ buffer_put_string(&b, signature, slen); - xfree(signature); + free(signature); /* skip session id and packet type */ if (buffer_len(&b) < skip + 1) @@ -1340,7 +1337,7 @@ send_pubkey_test(Authctxt *authctxt, Identity *id) if (!(datafellows & SSH_BUG_PKAUTH)) packet_put_cstring(key_ssh_name(id->key)); packet_put_string(blob, bloblen); - xfree(blob); + free(blob); packet_send(); return 1; } @@ -1359,8 +1356,11 @@ load_identity_file(char *filename, int userprovided) return NULL; } private = key_load_private_type(KEY_UNSPEC, filename, "", NULL, &perm_ok); - if (!perm_ok) + if (!perm_ok) { + if (private != NULL) + key_free(private); return NULL; + } if (private == NULL) { if (options.batch_mode) return NULL; @@ -1377,7 +1377,7 @@ load_identity_file(char *filename, int userprovided) quit = 1; } memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); + free(passphrase); if (private != NULL || quit) break; debug2("bad passphrase given, try again..."); @@ -1440,7 +1440,7 @@ pubkey_prepare(Authctxt *authctxt) /* If IdentitiesOnly set and key not found then don't use it */ if (!found && options.identities_only) { TAILQ_REMOVE(&files, id, next); - bzero(id, sizeof(id)); + bzero(id, sizeof(*id)); free(id); } } @@ -1454,7 +1454,7 @@ pubkey_prepare(Authctxt *authctxt) /* agent keys from the config file are preferred */ if (key_equal(key, id->key)) { key_free(key); - xfree(comment); + free(comment); TAILQ_REMOVE(&files, id, next); TAILQ_INSERT_TAIL(preferred, id, next); id->ac = ac; @@ -1500,9 +1500,8 @@ pubkey_cleanup(Authctxt *authctxt) TAILQ_REMOVE(&authctxt->keys, id, next); if (id->key) key_free(id->key); - if (id->filename) - xfree(id->filename); - xfree(id); + free(id->filename); + free(id); } } @@ -1600,9 +1599,9 @@ input_userauth_info_req(int type, u_int32_t seq, void *ctxt) logit("%s", name); if (strlen(inst) > 0) logit("%s", inst); - xfree(name); - xfree(inst); - xfree(lang); + free(name); + free(inst); + free(lang); num_prompts = packet_get_int(); /* @@ -1623,8 +1622,8 @@ input_userauth_info_req(int type, u_int32_t seq, void *ctxt) packet_put_cstring(response); memset(response, 0, strlen(response)); - xfree(response); - xfree(prompt); + free(response); + free(prompt); } packet_check_eom(); /* done with parsing incoming message. */ @@ -1744,12 +1743,12 @@ userauth_hostbased(Authctxt *authctxt) if (p == NULL) { error("userauth_hostbased: cannot get local ipaddr/name"); key_free(private); - xfree(blob); + free(blob); return 0; } xasprintf(&chost, "%s.", p); debug2("userauth_hostbased: chost %s", chost); - xfree(p); + free(p); service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : authctxt->service; @@ -1778,9 +1777,9 @@ userauth_hostbased(Authctxt *authctxt) buffer_free(&b); if (ok != 0) { error("key_sign failed"); - xfree(chost); - xfree(pkalg); - xfree(blob); + free(chost); + free(pkalg); + free(blob); return 0; } packet_start(SSH2_MSG_USERAUTH_REQUEST); @@ -1793,10 +1792,10 @@ userauth_hostbased(Authctxt *authctxt) packet_put_cstring(authctxt->local_user); packet_put_string(signature, slen); memset(signature, 's', slen); - xfree(signature); - xfree(chost); - xfree(pkalg); - xfree(blob); + free(signature); + free(chost); + free(pkalg); + free(blob); packet_send(); return 1; @@ -1851,8 +1850,8 @@ userauth_jpake(Authctxt *authctxt) bzero(x1_proof, x1_proof_len); bzero(x2_proof, x2_proof_len); - xfree(x1_proof); - xfree(x2_proof); + free(x1_proof); + free(x2_proof); /* Expect step 1 packet from peer */ dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP1, @@ -1929,8 +1928,7 @@ authmethod_get(char *authlist) if (supported == NULL || strcmp(authlist, supported) != 0) { debug3("start over, passed a different list %s", authlist); - if (supported != NULL) - xfree(supported); + free(supported); supported = xstrdup(authlist); preferred = options.preferred_authentications; debug3("preferred %s", preferred); @@ -1951,9 +1949,10 @@ authmethod_get(char *authlist) authmethod_is_enabled(current)) { debug3("authmethod_is_enabled %s", name); debug("Next authentication method: %s", name); - xfree(name); + free(name); return current; } + free(name); } } diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8 index 6ea2a4b6d578..79019c48a0ba 100644 --- a/crypto/openssh/sshd.8 +++ b/crypto/openssh/sshd.8 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.267 2012/10/04 13:21:50 markus Exp $ +.\" $OpenBSD: sshd.8,v 1.270 2013/06/27 14:05:37 jmc Exp $ .\" $FreeBSD$ -.Dd October 4, 2012 +.Dd June 27, 2013 .Dt SSHD 8 .Os .Sh NAME @@ -48,6 +48,7 @@ .Op Fl b Ar bits .Op Fl C Ar connection_spec .Op Fl c Ar host_certificate_file +.Op Fl E Ar log_file .Op Fl f Ar config_file .Op Fl g Ar login_grace_time .Op Fl h Ar host_key_file @@ -147,10 +148,12 @@ Multiple .Fl d options increase the debugging level. Maximum is 3. +.It Fl E Ar log_file +Append debug logs to +.Ar log_file +instead of the system log. .It Fl e -When this option is specified, -.Nm -will send the output to the standard error instead of the system log. +Write debug logs to standard error instead of the system log. .It Fl f Ar config_file Specifies the name of the configuration file. The default is @@ -567,9 +570,7 @@ is enabled. Specifies that in addition to public key authentication, either the canonical name of the remote host or its IP address must be present in the comma-separated list of patterns. -See -.Sx PATTERNS -in +See PATTERNS in .Xr ssh_config 5 for more information on patterns. .Pp diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index d63439729d49..4bc1bd5603db 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.397 2013/02/11 21:21:58 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.404 2013/07/19 07:37:48 markus Exp $ */ /* $FreeBSD$ */ /* * Author: Tatu Ylonen @@ -118,6 +118,7 @@ __RCSID("$FreeBSD$"); #include "canohost.h" #include "hostfile.h" #include "auth.h" +#include "authfd.h" #include "misc.h" #include "msg.h" #include "dispatch.h" @@ -206,6 +207,10 @@ char *server_version_string = NULL; /* for rekeying XXX fixme */ Kex *xxx_kex; +/* Daemon's agent connection */ +AuthenticationConnection *auth_conn = NULL; +int have_agent = 0; + /* * Any really sensitive data in the application is contained in this * structure. The idea is that this structure could be locked into memory so @@ -218,6 +223,7 @@ struct { Key *server_key; /* ephemeral server key */ Key *ssh1_host_key; /* ssh1 host key */ Key **host_keys; /* all private host keys */ + Key **host_pubkeys; /* all public host keys */ Key **host_certificates; /* all public host certificates */ int have_ssh1_key; int have_ssh2_key; @@ -666,6 +672,8 @@ privsep_preauth(Authctxt *authctxt) debug2("Network child is on pid %ld", (long)pid); pmonitor->m_pid = pid; + if (have_agent) + auth_conn = ssh_get_authentication_connection(); if (box != NULL) ssh_sandbox_parent_preauth(box, pid); monitor_child_preauth(authctxt, pmonitor); @@ -779,6 +787,8 @@ list_hostkey_types(void) buffer_init(&b); for (i = 0; i < options.num_host_key_files; i++) { key = sensitive_data.host_keys[i]; + if (key == NULL) + key = sensitive_data.host_pubkeys[i]; if (key == NULL) continue; switch (key->type) { @@ -832,6 +842,8 @@ get_hostkey_by_type(int type, int need_private) break; default: key = sensitive_data.host_keys[i]; + if (key == NULL && !need_private) + key = sensitive_data.host_pubkeys[i]; break; } if (key != NULL && key->type == type) @@ -861,6 +873,14 @@ get_hostkey_by_index(int ind) return (sensitive_data.host_keys[ind]); } +Key * +get_hostkey_public_by_index(int ind) +{ + if (ind < 0 || ind >= options.num_host_key_files) + return (NULL); + return (sensitive_data.host_pubkeys[ind]); +} + int get_hostkey_index(Key *key) { @@ -873,6 +893,8 @@ get_hostkey_index(Key *key) } else { if (key == sensitive_data.host_keys[i]) return (i); + if (key == sensitive_data.host_pubkeys[i]) + return (i); } } return (-1); @@ -919,8 +941,9 @@ usage(void) SSLeay_version(SSLEAY_VERSION)); fprintf(stderr, "usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]\n" -" [-f config_file] [-g login_grace_time] [-h host_key_file]\n" -" [-k key_gen_time] [-o option] [-p port] [-u len]\n" +" [-E log_file] [-f config_file] [-g login_grace_time]\n" +" [-h host_key_file] [-k key_gen_time] [-o option] [-p port]\n" +" [-u len]\n" ); exit(1); } @@ -991,7 +1014,7 @@ recv_rexec_state(int fd, Buffer *conf) cp = buffer_get_string(&m, &len); if (conf != NULL) buffer_append(conf, cp, len + 1); - xfree(cp); + free(cp); if (buffer_get_int(&m)) { if (sensitive_data.server_key != NULL) @@ -1042,7 +1065,9 @@ server_accept_inetd(int *sock_in, int *sock_out) if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { dup2(fd, STDIN_FILENO); dup2(fd, STDOUT_FILENO); - if (fd > STDOUT_FILENO) + if (!log_stderr) + dup2(fd, STDERR_FILENO); + if (fd > (log_stderr ? STDERR_FILENO : STDOUT_FILENO)) close(fd); } debug("inetd sockets after dupping: %d, %d", *sock_in, *sock_out); @@ -1160,7 +1185,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) if (received_sighup) sighup_restart(); if (fdset != NULL) - xfree(fdset); + free(fdset); fdset = (fd_set *)xcalloc(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask)); @@ -1209,8 +1234,8 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) *newsock = accept(listen_socks[i], (struct sockaddr *)&from, &fromlen); if (*newsock < 0) { - if (errno != EINTR && errno != EAGAIN && - errno != EWOULDBLOCK) + if (errno != EINTR && errno != EWOULDBLOCK && + errno != ECONNABORTED && errno != EAGAIN) error("accept: %.100s", strerror(errno)); if (errno == EMFILE || errno == ENFILE) @@ -1361,12 +1386,14 @@ main(int ac, char **av) int sock_in = -1, sock_out = -1, newsock = -1; const char *remote_ip; int remote_port; - char *line; + char *line, *logfile = NULL; int config_s[2] = { -1 , -1 }; u_int n; u_int64_t ibytes, obytes; mode_t new_umask; Key *key; + Key *pubkey; + int keytype; Authctxt *authctxt; struct connection_info *connection_info = get_connection_info(0, 0); @@ -1399,7 +1426,7 @@ main(int ac, char **av) initialize_server_options(&options); /* Parse command-line arguments. */ - while ((opt = getopt(ac, av, "f:p:b:k:h:g:u:o:C:dDeiqrtQRT46")) != -1) { + while ((opt = getopt(ac, av, "f:p:b:k:h:g:u:o:C:dDeE:iqrtQRT46")) != -1) { switch (opt) { case '4': options.address_family = AF_INET; @@ -1428,6 +1455,9 @@ main(int ac, char **av) case 'D': no_daemon_flag = 1; break; + case 'E': + logfile = xstrdup(optarg); + /* FALLTHROUGH */ case 'e': log_stderr = 1; break; @@ -1506,7 +1536,7 @@ main(int ac, char **av) if (process_server_config_line(&options, line, "command-line", 0, NULL, NULL) != 0) exit(1); - xfree(line); + free(line); break; case '?': default: @@ -1525,6 +1555,11 @@ main(int ac, char **av) OpenSSL_add_all_algorithms(); + /* If requested, redirect the logs to the specified logfile. */ + if (logfile != NULL) { + log_redirect_stderr_to(logfile); + free(logfile); + } /* * Force logging to stderr until we have loaded the private host * key (unless started from inetd) @@ -1637,27 +1672,50 @@ main(int ac, char **av) } else { memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd)); privsep_pw = pwcopy(privsep_pw); - xfree(privsep_pw->pw_passwd); + free(privsep_pw->pw_passwd); privsep_pw->pw_passwd = xstrdup("*"); } endpwent(); - /* load private host keys */ + /* load host keys */ sensitive_data.host_keys = xcalloc(options.num_host_key_files, sizeof(Key *)); - for (i = 0; i < options.num_host_key_files; i++) + sensitive_data.host_pubkeys = xcalloc(options.num_host_key_files, + sizeof(Key *)); + for (i = 0; i < options.num_host_key_files; i++) { sensitive_data.host_keys[i] = NULL; + sensitive_data.host_pubkeys[i] = NULL; + } + + if (options.host_key_agent) { + if (strcmp(options.host_key_agent, SSH_AUTHSOCKET_ENV_NAME)) + setenv(SSH_AUTHSOCKET_ENV_NAME, + options.host_key_agent, 1); + have_agent = ssh_agent_present(); + } for (i = 0; i < options.num_host_key_files; i++) { key = key_load_private(options.host_key_files[i], "", NULL); + pubkey = key_load_public(options.host_key_files[i], NULL); sensitive_data.host_keys[i] = key; - if (key == NULL) { + sensitive_data.host_pubkeys[i] = pubkey; + + if (key == NULL && pubkey != NULL && pubkey->type != KEY_RSA1 && + have_agent) { + debug("will rely on agent for hostkey %s", + options.host_key_files[i]); + keytype = pubkey->type; + } else if (key != NULL) { + keytype = key->type; + } else { error("Could not load host key: %s", options.host_key_files[i]); sensitive_data.host_keys[i] = NULL; + sensitive_data.host_pubkeys[i] = NULL; continue; } - switch (key->type) { + + switch (keytype) { case KEY_RSA1: sensitive_data.ssh1_host_key = key; sensitive_data.have_ssh1_key = 1; @@ -1668,8 +1726,8 @@ main(int ac, char **av) sensitive_data.have_ssh2_key = 1; break; } - debug("private host key: #%d type %d %s", i, key->type, - key_type(key)); + debug("private host key: #%d type %d %s", i, keytype, + key_type(key ? key : pubkey)); } if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) { logit("Disabling protocol version 1. Could not load host key"); @@ -1840,7 +1898,8 @@ main(int ac, char **av) /* Chdir to the root directory so that the current disk can be unmounted if desired. */ - chdir("/"); + if (chdir("/") == -1) + error("chdir(\"/\"): %s", strerror(errno)); /* ignore SIGPIPE */ signal(SIGPIPE, SIG_IGN); @@ -2068,9 +2127,11 @@ main(int ac, char **av) buffer_init(&loginmsg); auth_debug_reset(); - if (use_privsep) + if (use_privsep) { if (privsep_preauth(authctxt) == 1) goto authenticated; + } else if (compat20 && have_agent) + auth_conn = ssh_get_authentication_connection(); /* perform the key exchange */ /* authenticate user and start session */ @@ -2357,7 +2418,7 @@ do_ssh1_kex(void) MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH); MD5_Final(session_key + 16, &md); memset(buf, 0, bytes); - xfree(buf); + free(buf); for (i = 0; i < 16; i++) session_id[i] = session_key[i] ^ session_key[i + 16]; } @@ -2384,6 +2445,23 @@ do_ssh1_kex(void) packet_write_wait(); } +void +sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, u_int *slen, + u_char *data, u_int dlen) +{ + if (privkey) { + if (PRIVSEP(key_sign(privkey, signature, slen, data, dlen) < 0)) + fatal("%s: key_sign failed", __func__); + } else if (use_privsep) { + if (mm_key_sign(pubkey, signature, slen, data, dlen) < 0) + fatal("%s: pubkey_sign failed", __func__); + } else { + if (ssh_agent_sign(auth_conn, pubkey, signature, slen, data, + dlen)) + fatal("%s: ssh_agent_sign failed", __func__); + } +} + /* * SSH2 key exchange: diffie-hellman-group1-sha1 */ @@ -2421,6 +2499,10 @@ do_ssh2_kex(void) if (options.kex_algorithms != NULL) myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; + if (options.rekey_limit || options.rekey_interval) + packet_set_rekey_limits((u_int32_t)options.rekey_limit, + (time_t)options.rekey_interval); + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); /* start key exchange */ @@ -2436,6 +2518,7 @@ do_ssh2_kex(void) kex->load_host_public_key=&get_hostkey_public_by_type; kex->load_host_private_key=&get_hostkey_private_by_type; kex->host_key_index=&get_hostkey_index; + kex->sign = sshd_hostkey_sign; xxx_kex = kex; diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config index 6e3063765db2..3e6ab57b6c2b 100644 --- a/crypto/openssh/sshd_config +++ b/crypto/openssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.89 2013/02/06 00:20:42 dtucker Exp $ +# $OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $ # $FreeBSD$ # This is the sshd server system-wide configuration file. See @@ -33,6 +33,9 @@ #KeyRegenerationInterval 1h #ServerKeyBits 1024 +# Ciphers and keying +#RekeyLimit default none + # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH @@ -115,7 +118,7 @@ #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none -#VersionAddendum FreeBSD-20130515 +#VersionAddendum FreeBSD-20130918 # no default banner path #Banner none diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index 5e3e289923c6..efba4088a9d9 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.156 2013/02/06 00:20:42 dtucker Exp $ +.\" $OpenBSD: sshd_config.5,v 1.162 2013/07/19 07:37:48 markus Exp $ .\" $FreeBSD$ -.Dd February 6, 2013 +.Dd July 19, 2013 .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -118,9 +118,7 @@ The allow/deny directives are processed in the following order: and finally .Cm AllowGroups . .Pp -See -.Sx PATTERNS -in +See PATTERNS in .Xr ssh_config 5 for more information on patterns. .It Cm AllowTcpForwarding @@ -160,9 +158,7 @@ The allow/deny directives are processed in the following order: and finally .Cm AllowGroups . .Pp -See -.Sx PATTERNS -in +See PATTERNS in .Xr ssh_config 5 for more information on patterns. .It Cm AuthenticationMethods @@ -181,6 +177,20 @@ Only methods that are next in one or more lists are offered at each stage, so for this example, it would not be possible to attempt password or keyboard-interactive authentication before public key. .Pp +For keyboard interactive authentication it is also possible to +restrict authentication to a specific device by appending a +colon followed by the device identifier +.Dq bsdauth , +.Dq pam , +or +.Dq skey , +depending on the server configuration. +For example, +.Dq keyboard-interactive:bsdauth +would restrict keyboard interactive authentication to the +.Dq bsdauth +device. +.Pp This option is only available for SSH protocol 2 and will yield a fatal error if enabled if protocol 1 is also enabled. Note that each authentication method listed should also be explicitly enabled @@ -189,11 +199,10 @@ The default is not to require multiple authentication; successful completion of a single authentication method is sufficient. .It Cm AuthorizedKeysCommand Specifies a program to be used to look up the user's public keys. -The program will be invoked with a single argument of the username +The program must be owned by root and not writable by group or others. +It will be invoked with a single argument of the username being authenticated, and should produce on standard output zero or -more lines of authorized_keys output (see -.Sx AUTHORIZED_KEYS -in +more lines of authorized_keys output (see AUTHORIZED_KEYS in .Xr sshd 8 ) . If a key supplied by AuthorizedKeysCommand does not successfully authenticate and authorize the user then public key authentication continues using the usual @@ -208,7 +217,7 @@ than running authorized keys commands. Specifies the file that contains the public keys that can be used for user authentication. The format is described in the -.Sx AUTHORIZED_KEYS FILE FORMAT +AUTHORIZED_KEYS FILE FORMAT section of .Xr sshd 8 . .Cm AuthorizedKeysFile @@ -232,9 +241,7 @@ When using certificates signed by a key listed in this file lists names, one of which must appear in the certificate for it to be accepted for authentication. Names are listed one per line preceded by key options (as described -in -.Sx AUTHORIZED_KEYS FILE FORMAT -in +in AUTHORIZED_KEYS FILE FORMAT in .Xr sshd 8 ) . Empty lines and comments starting with .Ql # @@ -412,9 +419,7 @@ The allow/deny directives are processed in the following order: and finally .Cm AllowGroups . .Pp -See -.Sx PATTERNS -in +See PATTERNS in .Xr ssh_config 5 for more information on patterns. .It Cm DenyUsers @@ -433,9 +438,7 @@ The allow/deny directives are processed in the following order: and finally .Cm AllowGroups . .Pp -See -.Sx PATTERNS -in +See PATTERNS in .Xr ssh_config 5 for more information on patterns. .It Cm ForceCommand @@ -544,6 +547,18 @@ keys are used for version 1 and or .Dq rsa are used for version 2 of the SSH protocol. +It is also possible to specify public host key files instead. +In this case operations on the private key will be delegated +to an +.Xr ssh-agent 1 . +.It Cm HostKeyAgent +Identifies the UNIX-domain socket used to communicate +with an agent that has access to the private host keys. +If +.Dq SSH_AUTH_SOCK +is specified, the location of the socket will be read from the +.Ev SSH_AUTH_SOCK +environment variable. .It Cm IgnoreRhosts Specifies that .Pa .rhosts @@ -747,8 +762,7 @@ and .Cm Address . The match patterns may consist of single entries or comma-separated lists and may use the wildcard and negation operators described in the -.Sx PATTERNS -section of +PATTERNS section of .Xr ssh_config 5 . .Pp The patterns in an @@ -800,6 +814,7 @@ Available keywords are .Cm PermitRootLogin , .Cm PermitTunnel , .Cm PubkeyAuthentication , +.Cm RekeyLimit , .Cm RhostsRSAAuthentication , .Cm RSAAuthentication , .Cm X11DisplayOffset , @@ -1003,6 +1018,32 @@ Specifies whether public key authentication is allowed. The default is .Dq yes . Note that this option applies to protocol version 2 only. +.It Cm RekeyLimit +Specifies the maximum amount of data that may be transmitted before the +session key is renegotiated, optionally followed a maximum amount of +time that may pass before the session key is renegotiated. +The first argument is specified in bytes and may have a suffix of +.Sq K , +.Sq M , +or +.Sq G +to indicate Kilobytes, Megabytes, or Gigabytes, respectively. +The default is between +.Sq 1G +and +.Sq 4G , +depending on the cipher. +The optional second value is specified in seconds and may use any of the +units documented in the +.Sx TIME FORMATS +section. +The default value for +.Cm RekeyLimit +is +.Dq default none , +which means that rekeying is performed after the cipher's default amount +of data has been sent or received and no time based rekeying is done. +This option applies to protocol version 2 only. .It Cm RevokedKeys Specifies revoked public keys. Keys listed in this file will be refused for public key authentication. @@ -1011,9 +1052,7 @@ be refused for all users. Keys may be specified as a text file, listing one public key per line, or as an OpenSSH Key Revocation List (KRL) as generated by .Xr ssh-keygen 1 . -For more information on KRLs, see the -.Sx KEY REVOCATION LISTS -section in +For more information on KRLs, see the KEY REVOCATION LISTS section in .Xr ssh-keygen 1 . .It Cm RhostsRSAAuthentication Specifies whether rhosts or @@ -1104,9 +1143,7 @@ listed in the certificate's principals list. Note that certificates that lack a list of principals will not be permitted for authentication using .Cm TrustedUserCAKeys . -For more details on certificates, see the -.Sx CERTIFICATES -section in +For more details on certificates, see the CERTIFICATES section in .Xr ssh-keygen 1 . .It Cm UseDNS Specifies whether @@ -1180,7 +1217,7 @@ restrictions. Optionally specifies additional text to append to the SSH protocol banner sent by the server upon connection. The default is -.Dq FreeBSD-20130515 . +.Dq FreeBSD-20130918 . .It Cm X11DisplayOffset Specifies the first display number available for .Xr sshd 8 Ns 's diff --git a/crypto/openssh/sshlogin.c b/crypto/openssh/sshlogin.c index 54629f747715..2688d8d7b390 100644 --- a/crypto/openssh/sshlogin.c +++ b/crypto/openssh/sshlogin.c @@ -97,7 +97,7 @@ store_lastlog_message(const char *user, uid_t uid) time_string = sys_auth_get_lastlogin_msg(user, uid); if (time_string != NULL) { buffer_append(&loginmsg, time_string, strlen(time_string)); - xfree(time_string); + free(time_string); } # else last_login_time = get_last_login_time(uid, user, hostname, diff --git a/crypto/openssh/sshlogin.h b/crypto/openssh/sshlogin.h index 500d3fefd653..52119a979f3d 100644 --- a/crypto/openssh/sshlogin.h +++ b/crypto/openssh/sshlogin.h @@ -15,7 +15,7 @@ void record_login(pid_t, const char *, const char *, uid_t, const char *, struct sockaddr *, socklen_t); void record_logout(pid_t, const char *, const char *); -time_t get_last_login_time(uid_t, const char *, char *, u_int); +time_t get_last_login_time(uid_t, const char *, char *, size_t); #ifdef LOGIN_NEEDS_UTMPX void record_utmp_only(pid_t, const char *, const char *, const char *, diff --git a/crypto/openssh/uidswap.c b/crypto/openssh/uidswap.c index cdd7309e37f6..26d17f93a659 100644 --- a/crypto/openssh/uidswap.c +++ b/crypto/openssh/uidswap.c @@ -90,8 +90,7 @@ temporarily_use_uid(struct passwd *pw) if (getgroups(saved_egroupslen, saved_egroups) < 0) fatal("getgroups: %.100s", strerror(errno)); } else { /* saved_egroupslen == 0 */ - if (saved_egroups != NULL) - xfree(saved_egroups); + free(saved_egroups); } /* set and save the user's groups */ @@ -109,8 +108,7 @@ temporarily_use_uid(struct passwd *pw) if (getgroups(user_groupslen, user_groups) < 0) fatal("getgroups: %.100s", strerror(errno)); } else { /* user_groupslen == 0 */ - if (user_groups) - xfree(user_groups); + free(user_groups); } } /* Set the effective uid to the given (unprivileged) uid. */ diff --git a/crypto/openssh/umac.c b/crypto/openssh/umac.c index 0567c37f94f9..99416a5103a1 100644 --- a/crypto/openssh/umac.c +++ b/crypto/openssh/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.4 2011/10/19 10:39:48 djm Exp $ */ +/* $OpenBSD: umac.c,v 1.7 2013/07/22 05:00:17 djm Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -132,13 +132,13 @@ typedef unsigned int UWORD; /* Register */ /* ---------------------------------------------------------------------- */ #if HAVE_SWAP32 -#define LOAD_UINT32_REVERSED(p) (swap32(*(UINT32 *)(p))) +#define LOAD_UINT32_REVERSED(p) (swap32(*(const UINT32 *)(p))) #define STORE_UINT32_REVERSED(p,v) (*(UINT32 *)(p) = swap32(v)) #else /* HAVE_SWAP32 */ -static UINT32 LOAD_UINT32_REVERSED(void *ptr) +static UINT32 LOAD_UINT32_REVERSED(const void *ptr) { - UINT32 temp = *(UINT32 *)ptr; + UINT32 temp = *(const UINT32 *)ptr; temp = (temp >> 24) | ((temp & 0x00FF0000) >> 8 ) | ((temp & 0x0000FF00) << 8 ) | (temp << 24); return (UINT32)temp; @@ -159,7 +159,7 @@ static void STORE_UINT32_REVERSED(void *ptr, UINT32 x) */ #if (__LITTLE_ENDIAN__) -#define LOAD_UINT32_LITTLE(ptr) (*(UINT32 *)(ptr)) +#define LOAD_UINT32_LITTLE(ptr) (*(const UINT32 *)(ptr)) #define STORE_UINT32_BIG(ptr,x) STORE_UINT32_REVERSED(ptr,x) #else #define LOAD_UINT32_LITTLE(ptr) LOAD_UINT32_REVERSED(ptr) @@ -184,7 +184,7 @@ typedef AES_KEY aes_int_key[1]; #define aes_encryption(in,out,int_key) \ AES_encrypt((u_char *)(in),(u_char *)(out),(AES_KEY *)int_key) #define aes_key_setup(key,int_key) \ - AES_set_encrypt_key((u_char *)(key),UMAC_KEY_LEN*8,int_key) + AES_set_encrypt_key((const u_char *)(key),UMAC_KEY_LEN*8,int_key) /* The user-supplied UMAC key is stretched using AES in a counter * mode to supply all random bits needed by UMAC. The kdf function takes @@ -240,7 +240,7 @@ static void pdf_init(pdf_ctx *pc, aes_int_key prf_key) aes_encryption(pc->nonce, pc->cache, pc->prf_key); } -static void pdf_gen_xor(pdf_ctx *pc, UINT8 nonce[8], UINT8 buf[8]) +static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8]) { /* 'ndx' indicates that we'll be using the 0th or 1st eight bytes * of the AES output. If last time around we returned the ndx-1st @@ -254,19 +254,21 @@ static void pdf_gen_xor(pdf_ctx *pc, UINT8 nonce[8], UINT8 buf[8]) #elif (UMAC_OUTPUT_LEN > 8) #define LOW_BIT_MASK 0 #endif - - UINT8 tmp_nonce_lo[4]; + union { + UINT8 tmp_nonce_lo[4]; + UINT32 align; + } t; #if LOW_BIT_MASK != 0 int ndx = nonce[7] & LOW_BIT_MASK; #endif - *(UINT32 *)tmp_nonce_lo = ((UINT32 *)nonce)[1]; - tmp_nonce_lo[3] &= ~LOW_BIT_MASK; /* zero last bit */ + *(UINT32 *)t.tmp_nonce_lo = ((const UINT32 *)nonce)[1]; + t.tmp_nonce_lo[3] &= ~LOW_BIT_MASK; /* zero last bit */ - if ( (((UINT32 *)tmp_nonce_lo)[0] != ((UINT32 *)pc->nonce)[1]) || - (((UINT32 *)nonce)[0] != ((UINT32 *)pc->nonce)[0]) ) + if ( (((UINT32 *)t.tmp_nonce_lo)[0] != ((UINT32 *)pc->nonce)[1]) || + (((const UINT32 *)nonce)[0] != ((UINT32 *)pc->nonce)[0]) ) { - ((UINT32 *)pc->nonce)[0] = ((UINT32 *)nonce)[0]; - ((UINT32 *)pc->nonce)[1] = ((UINT32 *)tmp_nonce_lo)[0]; + ((UINT32 *)pc->nonce)[0] = ((const UINT32 *)nonce)[0]; + ((UINT32 *)pc->nonce)[1] = ((UINT32 *)t.tmp_nonce_lo)[0]; aes_encryption(pc->nonce, pc->cache, pc->prf_key); } @@ -333,7 +335,7 @@ typedef struct { #if (UMAC_OUTPUT_LEN == 4) -static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) +static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) /* NH hashing primitive. Previous (partial) hash result is loaded and * then stored via hp pointer. The length of the data pointed at by "dp", * "dlen", is guaranteed to be divisible by L1_PAD_BOUNDARY (32). Key @@ -343,7 +345,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) UINT64 h; UWORD c = dlen / 32; UINT32 *k = (UINT32 *)kp; - UINT32 *d = (UINT32 *)dp; + const UINT32 *d = (const UINT32 *)dp; UINT32 d0,d1,d2,d3,d4,d5,d6,d7; UINT32 k0,k1,k2,k3,k4,k5,k6,k7; @@ -368,7 +370,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) #elif (UMAC_OUTPUT_LEN == 8) -static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) +static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) /* Same as previous nh_aux, but two streams are handled in one pass, * reading and writing 16 bytes of hash-state per call. */ @@ -376,7 +378,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) UINT64 h1,h2; UWORD c = dlen / 32; UINT32 *k = (UINT32 *)kp; - UINT32 *d = (UINT32 *)dp; + const UINT32 *d = (const UINT32 *)dp; UINT32 d0,d1,d2,d3,d4,d5,d6,d7; UINT32 k0,k1,k2,k3,k4,k5,k6,k7, k8,k9,k10,k11; @@ -415,7 +417,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) #elif (UMAC_OUTPUT_LEN == 12) -static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) +static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) /* Same as previous nh_aux, but two streams are handled in one pass, * reading and writing 24 bytes of hash-state per call. */ @@ -423,7 +425,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) UINT64 h1,h2,h3; UWORD c = dlen / 32; UINT32 *k = (UINT32 *)kp; - UINT32 *d = (UINT32 *)dp; + const UINT32 *d = (const UINT32 *)dp; UINT32 d0,d1,d2,d3,d4,d5,d6,d7; UINT32 k0,k1,k2,k3,k4,k5,k6,k7, k8,k9,k10,k11,k12,k13,k14,k15; @@ -470,7 +472,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) #elif (UMAC_OUTPUT_LEN == 16) -static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) +static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen) /* Same as previous nh_aux, but two streams are handled in one pass, * reading and writing 24 bytes of hash-state per call. */ @@ -478,7 +480,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) UINT64 h1,h2,h3,h4; UWORD c = dlen / 32; UINT32 *k = (UINT32 *)kp; - UINT32 *d = (UINT32 *)dp; + const UINT32 *d = (const UINT32 *)dp; UINT32 d0,d1,d2,d3,d4,d5,d6,d7; UINT32 k0,k1,k2,k3,k4,k5,k6,k7, k8,k9,k10,k11,k12,k13,k14,k15, @@ -539,7 +541,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen) /* ---------------------------------------------------------------------- */ -static void nh_transform(nh_ctx *hc, UINT8 *buf, UINT32 nbytes) +static void nh_transform(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes) /* This function is a wrapper for the primitive NH hash functions. It takes * as argument "hc" the current hash context and a buffer which must be a * multiple of L1_PAD_BOUNDARY. The key passed to nh_aux is offset @@ -614,7 +616,7 @@ static void nh_init(nh_ctx *hc, aes_int_key prf_key) /* ---------------------------------------------------------------------- */ -static void nh_update(nh_ctx *hc, UINT8 *buf, UINT32 nbytes) +static void nh_update(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes) /* Incorporate nbytes of data into a nh_ctx, buffer whatever is not an */ /* even multiple of HASH_BUF_BYTES. */ { @@ -709,7 +711,7 @@ static void nh_final(nh_ctx *hc, UINT8 *result) /* ---------------------------------------------------------------------- */ -static void nh(nh_ctx *hc, UINT8 *buf, UINT32 padded_len, +static void nh(nh_ctx *hc, const UINT8 *buf, UINT32 padded_len, UINT32 unpadded_len, UINT8 *result) /* All-in-one nh_update() and nh_final() equivalent. * Assumes that padded_len is divisible by L1_PAD_BOUNDARY and result is @@ -1047,7 +1049,7 @@ static int uhash_free(uhash_ctx_t ctx) #endif /* ---------------------------------------------------------------------- */ -static int uhash_update(uhash_ctx_t ctx, u_char *input, long len) +static int uhash_update(uhash_ctx_t ctx, const u_char *input, long len) /* Given len bytes of data, we parse it into L1_KEY_LEN chunks and * hash each one with NH, calling the polyhash on each NH output. */ @@ -1057,7 +1059,7 @@ static int uhash_update(uhash_ctx_t ctx, u_char *input, long len) UINT8 *nh_result = (UINT8 *)&result_buf; if (ctx->msg_len + len <= L1_KEY_LEN) { - nh_update(&ctx->hash, (UINT8 *)input, len); + nh_update(&ctx->hash, (const UINT8 *)input, len); ctx->msg_len += len; } else { @@ -1072,7 +1074,7 @@ static int uhash_update(uhash_ctx_t ctx, u_char *input, long len) /* bytes to complete the current nh_block. */ if (bytes_hashed) { bytes_remaining = (L1_KEY_LEN - bytes_hashed); - nh_update(&ctx->hash, (UINT8 *)input, bytes_remaining); + nh_update(&ctx->hash, (const UINT8 *)input, bytes_remaining); nh_final(&ctx->hash, nh_result); ctx->msg_len += bytes_remaining; poly_hash(ctx,(UINT32 *)nh_result); @@ -1082,7 +1084,7 @@ static int uhash_update(uhash_ctx_t ctx, u_char *input, long len) /* Hash directly from input stream if enough bytes */ while (len >= L1_KEY_LEN) { - nh(&ctx->hash, (UINT8 *)input, L1_KEY_LEN, + nh(&ctx->hash, (const UINT8 *)input, L1_KEY_LEN, L1_KEY_LEN, nh_result); ctx->msg_len += L1_KEY_LEN; len -= L1_KEY_LEN; @@ -1093,7 +1095,7 @@ static int uhash_update(uhash_ctx_t ctx, u_char *input, long len) /* pass remaining < L1_KEY_LEN bytes of input data to NH */ if (len) { - nh_update(&ctx->hash, (UINT8 *)input, len); + nh_update(&ctx->hash, (const UINT8 *)input, len); ctx->msg_len += len; } } @@ -1209,14 +1211,14 @@ int umac_delete(struct umac_ctx *ctx) if (ctx) { if (ALLOC_BOUNDARY) ctx = (struct umac_ctx *)ctx->free_ptr; - xfree(ctx); + free(ctx); } return (1); } /* ---------------------------------------------------------------------- */ -struct umac_ctx *umac_new(u_char key[]) +struct umac_ctx *umac_new(const u_char key[]) /* Dynamically allocate a umac_ctx struct, initialize variables, * generate subkeys from key. Align to 16-byte boundary. */ @@ -1233,7 +1235,7 @@ struct umac_ctx *umac_new(u_char key[]) ctx = (struct umac_ctx *)((u_char *)ctx + bytes_to_add); } ctx->free_ptr = octx; - aes_key_setup(key,prf_key); + aes_key_setup(key, prf_key); pdf_init(&ctx->pdf, prf_key); uhash_init(&ctx->hash, prf_key); } @@ -1243,18 +1245,18 @@ struct umac_ctx *umac_new(u_char key[]) /* ---------------------------------------------------------------------- */ -int umac_final(struct umac_ctx *ctx, u_char tag[], u_char nonce[8]) +int umac_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]) /* Incorporate any pending data, pad, and generate tag */ { uhash_final(&ctx->hash, (u_char *)tag); - pdf_gen_xor(&ctx->pdf, (UINT8 *)nonce, (UINT8 *)tag); + pdf_gen_xor(&ctx->pdf, (const UINT8 *)nonce, (UINT8 *)tag); return (1); } /* ---------------------------------------------------------------------- */ -int umac_update(struct umac_ctx *ctx, u_char *input, long len) +int umac_update(struct umac_ctx *ctx, const u_char *input, long len) /* Given len bytes of data, we parse it into L1_KEY_LEN chunks and */ /* hash each one, calling the PDF on the hashed output whenever the hash- */ /* output buffer is full. */ diff --git a/crypto/openssh/umac.h b/crypto/openssh/umac.h index 6795112a3907..7fb770f8a52b 100644 --- a/crypto/openssh/umac.h +++ b/crypto/openssh/umac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.h,v 1.2 2012/10/04 13:21:50 markus Exp $ */ +/* $OpenBSD: umac.h,v 1.3 2013/07/22 12:20:02 djm Exp $ */ /* ----------------------------------------------------------------------- * * umac.h -- C Implementation UMAC Message Authentication @@ -52,7 +52,7 @@ extern "C" { #endif -struct umac_ctx *umac_new(u_char key[]); +struct umac_ctx *umac_new(const u_char key[]); /* Dynamically allocate a umac_ctx struct, initialize variables, * generate subkeys from key. */ @@ -62,10 +62,10 @@ int umac_reset(struct umac_ctx *ctx); /* Reset a umac_ctx to begin authenicating a new message */ #endif -int umac_update(struct umac_ctx *ctx, u_char *input, long len); +int umac_update(struct umac_ctx *ctx, const u_char *input, long len); /* Incorporate len bytes pointed to by input into context ctx */ -int umac_final(struct umac_ctx *ctx, u_char tag[], u_char nonce[8]); +int umac_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]); /* Incorporate any pending data and the ctr value, and return tag. * This function returns error code if ctr < 0. */ @@ -117,9 +117,9 @@ int uhash(uhash_ctx_t ctx, #endif /* matching umac-128 API, we reuse umac_ctx, since it's opaque */ -struct umac_ctx *umac128_new(u_char key[]); -int umac128_update(struct umac_ctx *ctx, u_char *input, long len); -int umac128_final(struct umac_ctx *ctx, u_char tag[], u_char nonce[8]); +struct umac_ctx *umac128_new(const u_char key[]); +int umac128_update(struct umac_ctx *ctx, const u_char *input, long len); +int umac128_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]); int umac128_delete(struct umac_ctx *ctx); #ifdef __cplusplus diff --git a/crypto/openssh/umac128.c b/crypto/openssh/umac128.c index b0fc8e9874b9..7a439e4e2986 100644 --- a/crypto/openssh/umac128.c +++ b/crypto/openssh/umac128.c @@ -1,11 +1,13 @@ /* $FreeBSD$ */ #define UMAC_OUTPUT_LEN 16 +#undef umac_ctx +#define umac_ctx umac128_ctx #undef umac_new -#define umac_new ssh_umac128_new +#define umac_new umac128_new #undef umac_update -#define umac_update ssh_umac128_update +#define umac_update umac128_update #undef umac_final -#define umac_final ssh_umac128_final +#define umac_final umac128_final #undef umac_delete -#define umac_delete ssh_umac128_delete +#define umac_delete umac128_delete #include "umac.c" diff --git a/crypto/openssh/uuencode.c b/crypto/openssh/uuencode.c index 09d80d2fcc14..294c743046f3 100644 --- a/crypto/openssh/uuencode.c +++ b/crypto/openssh/uuencode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uuencode.c,v 1.26 2010/08/31 11:54:45 djm Exp $ */ +/* $OpenBSD: uuencode.c,v 1.27 2013/05/17 00:13:14 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -29,6 +29,7 @@ #include #include #include +#include #include "xmalloc.h" #include "uuencode.h" @@ -67,7 +68,7 @@ uudecode(const char *src, u_char *target, size_t targsize) /* and remove trailing whitespace because __b64_pton needs this */ *p = '\0'; len = __b64_pton(encoded, target, targsize); - xfree(encoded); + free(encoded); return len; } @@ -90,5 +91,5 @@ dump_base64(FILE *fp, const u_char *data, u_int len) } if (i % 70 != 69) fprintf(fp, "\n"); - xfree(buf); + free(buf); } diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index 8c6865e5aa3d..4064ed5f23db 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -1,10 +1,10 @@ -/* $OpenBSD: version.h,v 1.66 2013/02/10 21:19:34 markus Exp $ */ +/* $OpenBSD: version.h,v 1.67 2013/07/25 00:57:37 djm Exp $ */ /* $FreeBSD$ */ -#define SSH_VERSION "OpenSSH_6.2" +#define SSH_VERSION "OpenSSH_6.3" -#define SSH_PORTABLE "p2" +#define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE -#define SSH_VERSION_FREEBSD "FreeBSD-20130515" +#define SSH_VERSION_FREEBSD "FreeBSD-20130918" #define SSH_VERSION_HPN "_hpn13v11" diff --git a/crypto/openssh/xmalloc.c b/crypto/openssh/xmalloc.c index 9985b4cc2a34..92f781fd08af 100644 --- a/crypto/openssh/xmalloc.c +++ b/crypto/openssh/xmalloc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: xmalloc.c,v 1.27 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: xmalloc.c,v 1.28 2013/05/17 00:13:14 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -73,14 +73,6 @@ xrealloc(void *ptr, size_t nmemb, size_t size) return new_ptr; } -void -xfree(void *ptr) -{ - if (ptr == NULL) - fatal("xfree: NULL pointer given as argument"); - free(ptr); -} - char * xstrdup(const char *str) { diff --git a/crypto/openssh/xmalloc.h b/crypto/openssh/xmalloc.h index fb217a45c903..261dfd612c8a 100644 --- a/crypto/openssh/xmalloc.h +++ b/crypto/openssh/xmalloc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: xmalloc.h,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: xmalloc.h,v 1.14 2013/05/17 00:13:14 djm Exp $ */ /* * Author: Tatu Ylonen @@ -19,7 +19,6 @@ void *xmalloc(size_t); void *xcalloc(size_t, size_t); void *xrealloc(void *, size_t, size_t); -void xfree(void *); char *xstrdup(const char *); int xasprintf(char **, const char *, ...) __attribute__((__format__ (printf, 2, 3)))