View | Details | Raw Unified | Return to bug 2687 | Differences between
and this patch

Collapse All | Expand All

(-)a/compat.c (-9 / +24 lines)
Lines 186-196 proto_spec(const char *spec) Link Here
186
char *
186
char *
187
compat_cipher_proposal(char *cipher_prop)
187
compat_cipher_proposal(char *cipher_prop)
188
{
188
{
189
	char *np = NULL;
190
189
	if (!(datafellows & SSH_BUG_BIGENDIANAES))
191
	if (!(datafellows & SSH_BUG_BIGENDIANAES))
190
		return cipher_prop;
192
		return cipher_prop;
191
	debug2("%s: original cipher proposal: %s", __func__, cipher_prop);
193
	debug2("%s: original cipher proposal: %s", __func__, cipher_prop);
192
	if ((cipher_prop = match_filter_blacklist(cipher_prop, "aes*")) == NULL)
194
	np = match_filter_blacklist(cipher_prop, "aes*");
195
	if (np == NULL)
193
		fatal("match_filter_blacklist failed");
196
		fatal("match_filter_blacklist failed");
197
	free(cipher_prop);
198
	cipher_prop = np;
194
	debug2("%s: compat cipher proposal: %s", __func__, cipher_prop);
199
	debug2("%s: compat cipher proposal: %s", __func__, cipher_prop);
195
	if (*cipher_prop == '\0')
200
	if (*cipher_prop == '\0')
196
		fatal("No supported ciphers found");
201
		fatal("No supported ciphers found");
Lines 200-210 compat_cipher_proposal(char *cipher_prop) Link Here
200
char *
205
char *
201
compat_pkalg_proposal(char *pkalg_prop)
206
compat_pkalg_proposal(char *pkalg_prop)
202
{
207
{
208
	char *np = NULL;
209
203
	if (!(datafellows & SSH_BUG_RSASIGMD5))
210
	if (!(datafellows & SSH_BUG_RSASIGMD5))
204
		return pkalg_prop;
211
		return pkalg_prop;
205
	debug2("%s: original public key proposal: %s", __func__, pkalg_prop);
212
	debug2("%s: original public key proposal: %s", __func__, pkalg_prop);
206
	if ((pkalg_prop = match_filter_blacklist(pkalg_prop, "ssh-rsa")) == NULL)
213
	np = match_filter_blacklist(pkalg_prop, "ssh-rsa");
214
	if (np == NULL)
207
		fatal("match_filter_blacklist failed");
215
		fatal("match_filter_blacklist failed");
216
	free(pkalg_prop);
217
	pkalg_prop = np;
208
	debug2("%s: compat public key proposal: %s", __func__, pkalg_prop);
218
	debug2("%s: compat public key proposal: %s", __func__, pkalg_prop);
209
	if (*pkalg_prop == '\0')
219
	if (*pkalg_prop == '\0')
210
		fatal("No supported PK algorithms found");
220
		fatal("No supported PK algorithms found");
Lines 217-231 compat_kex_proposal(char *p) Link Here
217
	if ((datafellows & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0)
227
	if ((datafellows & (SSH_BUG_CURVE25519PAD|SSH_OLD_DHGEX)) == 0)
218
		return p;
228
		return p;
219
	debug2("%s: original KEX proposal: %s", __func__, p);
229
	debug2("%s: original KEX proposal: %s", __func__, p);
220
	if ((datafellows & SSH_BUG_CURVE25519PAD) != 0)
230
	if ((datafellows & SSH_BUG_CURVE25519PAD) != 0) {
221
		if ((p = match_filter_blacklist(p,
231
		char *np = match_filter_blacklist(p,
222
		    "curve25519-sha256@libssh.org")) == NULL)
232
		    "curve25519-sha256@libssh.org");
233
		if (np == NULL)
223
			fatal("match_filter_blacklist failed");
234
			fatal("match_filter_blacklist failed");
235
		free(p);
236
		p = np;
237
	}
224
	if ((datafellows & SSH_OLD_DHGEX) != 0) {
238
	if ((datafellows & SSH_OLD_DHGEX) != 0) {
225
		if ((p = match_filter_blacklist(p,
239
		char *np = match_filter_blacklist(p,
226
		    "diffie-hellman-group-exchange-sha256,"
240
		    "diffie-hellman-group-exchange-sha256,"
227
		    "diffie-hellman-group-exchange-sha1")) == NULL)
241
		    "diffie-hellman-group-exchange-sha1");
242
		if (np == NULL)
228
			fatal("match_filter_blacklist failed");
243
			fatal("match_filter_blacklist failed");
244
		free(p);
245
		p = np;
229
	}
246
	}
230
	debug2("%s: compat KEX proposal: %s", __func__, p);
247
	debug2("%s: compat KEX proposal: %s", __func__, p);
231
	if (*p == '\0')
248
	if (*p == '\0')
232
- 
233
--
234
auth-options.c | 1 +
249
auth-options.c | 1 +
235
1 file changed, 1 insertion(+)
250
1 file changed, 1 insertion(+)
(-)a/auth-options.c (-2 / +1 lines)
Lines 779-784 deserialise_array(struct sshbuf *m, char ***ap, size_t *np) Link Here
779
	n = tmp;
779
	n = tmp;
780
	if (n > 0 && (a = calloc(n, sizeof(*a))) == NULL) {
780
	if (n > 0 && (a = calloc(n, sizeof(*a))) == NULL) {
781
		r = SSH_ERR_ALLOC_FAIL;
781
		r = SSH_ERR_ALLOC_FAIL;
782
		n = 0;
782
		goto out;
783
		goto out;
783
	}
784
	}
784
	for (i = 0; i < n; i++) {
785
	for (i = 0; i < n; i++) {
785
- 
786
--
787
openbsd-compat/port-linux.c | 1 +
786
openbsd-compat/port-linux.c | 1 +
788
1 file changed, 1 insertion(+)
787
1 file changed, 1 insertion(+)
(-)a/openbsd-compat/port-linux.c (-2 / +1 lines)
Lines 26-31 Link Here
26
#include <stdarg.h>
26
#include <stdarg.h>
27
#include <string.h>
27
#include <string.h>
28
#include <stdio.h>
28
#include <stdio.h>
29
#include <stdlib.h>
29
30
30
#include "log.h"
31
#include "log.h"
31
#include "xmalloc.h"
32
#include "xmalloc.h"
32
- 
33
--
34
openbsd-compat/setproctitle.c | 2 +-
33
openbsd-compat/setproctitle.c | 2 +-
35
1 file changed, 1 insertion(+), 1 deletion(-)
34
1 file changed, 1 insertion(+), 1 deletion(-)
(-)a/openbsd-compat/setproctitle.c (-3 / +1 lines)
Lines 125-131 setproctitle(const char *fmt, ...) Link Here
125
#if SPT_TYPE != SPT_NONE
125
#if SPT_TYPE != SPT_NONE
126
	va_list ap;
126
	va_list ap;
127
	char buf[1024], ptitle[1024];
127
	char buf[1024], ptitle[1024];
128
	size_t len;
128
	size_t len = 0;
129
	int r;
129
	int r;
130
	extern char *__progname;
130
	extern char *__progname;
131
#if SPT_TYPE == SPT_PSTAT
131
#if SPT_TYPE == SPT_PSTAT
132
- 
133
calls
132
calls
134
--
135
packet.c | 2 +-
133
packet.c | 2 +-
136
1 file changed, 1 insertion(+), 1 deletion(-)
134
1 file changed, 1 insertion(+), 1 deletion(-)
(-)a/packet.c (-3 / +1 lines)
Lines 1282-1288 int Link Here
1282
ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1282
ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1283
{
1283
{
1284
	struct session_state *state = ssh->state;
1284
	struct session_state *state = ssh->state;
1285
	int len, r, ms_remain;
1285
	int len, r, ms_remain = 0;
1286
	fd_set *setp;
1286
	fd_set *setp;
1287
	char buf[8192];
1287
	char buf[8192];
1288
	struct timeval timeout, start, *timeoutp = NULL;
1288
	struct timeval timeout, start, *timeoutp = NULL;
1289
- 
1290
--
1291
session.c | 1 +
1289
session.c | 1 +
1292
1 file changed, 1 insertion(+)
1290
1 file changed, 1 insertion(+)
(-)a/session.c (-2 / +1 lines)
Lines 1183-1188 do_setup_env(struct ssh *ssh, Session *s, const char *shell) Link Here
1183
		}
1183
		}
1184
		*value++ = '\0';
1184
		*value++ = '\0';
1185
		child_set_env(&env, &envsize, cp, value);
1185
		child_set_env(&env, &envsize, cp, value);
1186
		free(cp);
1186
	}
1187
	}
1187
1188
1188
	/* SSH_CLIENT deprecated */
1189
	/* SSH_CLIENT deprecated */
1189
- 
1190
--
1191
sftp.c | 2 ++
1190
sftp.c | 2 ++
1192
1 file changed, 2 insertions(+)
1191
1 file changed, 2 insertions(+)
(-)a/sftp.c (-2 / +2 lines)
Lines 1443-1448 parse_args(const char **cpp, int *ignore_errors, int *aflag, Link Here
1443
	case I_LUMASK:
1443
	case I_LUMASK:
1444
	case I_CHMOD:
1444
	case I_CHMOD:
1445
		base = 8;
1445
		base = 8;
1446
		/* FALLTHROUGH */
1446
	case I_CHOWN:
1447
	case I_CHOWN:
1447
	case I_CHGRP:
1448
	case I_CHGRP:
1448
		if ((optidx = parse_no_flags(cmd, argv, argc)) == -1)
1449
		if ((optidx = parse_no_flags(cmd, argv, argc)) == -1)
Lines 1541-1546 parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, Link Here
1541
		break;
1542
		break;
1542
	case I_SYMLINK:
1543
	case I_SYMLINK:
1543
		sflag = 1;
1544
		sflag = 1;
1545
		/* FALLTHROUGH */
1544
	case I_LINK:
1546
	case I_LINK:
1545
		if (!sflag)
1547
		if (!sflag)
1546
			path1 = make_absolute(path1, *pwd);
1548
			path1 = make_absolute(path1, *pwd);
1547
- 
1548
--
1549
sshd.c | 6 ++++--
1549
sshd.c | 6 ++++--
1550
1 file changed, 4 insertions(+), 2 deletions(-)
1550
1 file changed, 4 insertions(+), 2 deletions(-)
(-)a/sshd.c (-4 / +4 lines)
Lines 2275-2280 static void Link Here
2275
do_ssh2_kex(void)
2275
do_ssh2_kex(void)
2276
{
2276
{
2277
	char *myproposal[PROPOSAL_MAX] = { KEX_SERVER };
2277
	char *myproposal[PROPOSAL_MAX] = { KEX_SERVER };
2278
	char *algs = NULL;
2278
	struct kex *kex;
2279
	struct kex *kex;
2279
	int r;
2280
	int r;
2280
2281
Lines 2296-2303 do_ssh2_kex(void) Link Here
2296
		packet_set_rekey_limits(options.rekey_limit,
2297
		packet_set_rekey_limits(options.rekey_limit,
2297
		    options.rekey_interval);
2298
		    options.rekey_interval);
2298
2299
2299
	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
2300
	algs = list_hostkey_types();
2300
	    list_hostkey_types());
2301
	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(algs);
2302
	free(algs);
2301
2303
2302
#ifdef GSSAPI
2304
#ifdef GSSAPI
2303
	{
2305
	{
2304
- 
2305
already strdups the arguments
2306
already strdups the arguments
2306
--
2307
channels.c | 8 ++++----
2307
channels.c | 8 ++++----
2308
1 file changed, 4 insertions(+), 4 deletions(-)
2308
1 file changed, 4 insertions(+), 4 deletions(-)
(-)a/channels.c (-6 / +4 lines)
Lines 3830-3847 channel_request_remote_forwarding(struct ssh *ssh, struct Forward *fwd) Link Here
3830
		host_to_connect = listen_host = listen_path = NULL;
3830
		host_to_connect = listen_host = listen_path = NULL;
3831
		port_to_connect = listen_port = 0;
3831
		port_to_connect = listen_port = 0;
3832
		if (fwd->connect_path != NULL) {
3832
		if (fwd->connect_path != NULL) {
3833
			host_to_connect = xstrdup(fwd->connect_path);
3833
			host_to_connect = fwd->connect_path;
3834
			port_to_connect = PORT_STREAMLOCAL;
3834
			port_to_connect = PORT_STREAMLOCAL;
3835
		} else {
3835
		} else {
3836
			host_to_connect = xstrdup(fwd->connect_host);
3836
			host_to_connect = fwd->connect_host;
3837
			port_to_connect = fwd->connect_port;
3837
			port_to_connect = fwd->connect_port;
3838
		}
3838
		}
3839
		if (fwd->listen_path != NULL) {
3839
		if (fwd->listen_path != NULL) {
3840
			listen_path = xstrdup(fwd->listen_path);
3840
			listen_path = fwd->listen_path;
3841
			listen_port = PORT_STREAMLOCAL;
3841
			listen_port = PORT_STREAMLOCAL;
3842
		} else {
3842
		} else {
3843
			if (fwd->listen_host != NULL)
3843
			if (fwd->listen_host != NULL)
3844
				listen_host = xstrdup(fwd->listen_host);
3844
				listen_host = fwd->listen_host;
3845
			listen_port = fwd->listen_port;
3845
			listen_port = fwd->listen_port;
3846
		}
3846
		}
3847
		idx = permission_set_add(ssh, FORWARD_USER, FORWARD_LOCAL,
3847
		idx = permission_set_add(ssh, FORWARD_USER, FORWARD_LOCAL,
3848
- 
3849
--
3850
auth-pam.c | 22 +++++++++++++---------
3848
auth-pam.c | 22 +++++++++++++---------
3851
1 file changed, 13 insertions(+), 9 deletions(-)
3849
1 file changed, 13 insertions(+), 9 deletions(-)
(-)a/auth-pam.c (-11 / +13 lines)
Lines 788-800 sshpam_query(void *ctx, char **name, char **info, Link Here
788
    u_int *num, char ***prompts, u_int **echo_on)
788
    u_int *num, char ***prompts, u_int **echo_on)
789
{
789
{
790
	struct ssh *ssh = active_state; /* XXX */
790
	struct ssh *ssh = active_state; /* XXX */
791
	struct sshbuf *buffer;
791
	struct sshbuf *buffer = NULL;
792
	struct pam_ctxt *ctxt = ctx;
792
	struct pam_ctxt *ctxt = ctx;
793
	size_t plen;
793
	size_t plen;
794
	u_char type;
794
	u_char type;
795
	char *msg;
795
	char *msg = NULL;
796
	size_t len, mlen;
796
	size_t len, mlen;
797
	int r;
797
	int r, rv = -1;
798
798
799
	debug3("PAM: %s entering", __func__);
799
	debug3("PAM: %s entering", __func__);
800
	if ((buffer = sshbuf_new()) == NULL)
800
	if ((buffer = sshbuf_new()) == NULL)
Lines 819-825 sshpam_query(void *ctx, char **name, char **info, Link Here
819
			plen += mlen;
819
			plen += mlen;
820
			**echo_on = (type == PAM_PROMPT_ECHO_ON);
820
			**echo_on = (type == PAM_PROMPT_ECHO_ON);
821
			free(msg);
821
			free(msg);
822
			return (0);
822
			rv = 0;
823
			goto out;
823
		case PAM_ERROR_MSG:
824
		case PAM_ERROR_MSG:
824
		case PAM_TEXT_INFO:
825
		case PAM_TEXT_INFO:
825
			/* accumulate messages */
826
			/* accumulate messages */
Lines 846-853 sshpam_query(void *ctx, char **name, char **info, Link Here
846
				*num = 0;
847
				*num = 0;
847
				**echo_on = 0;
848
				**echo_on = 0;
848
				ctxt->pam_done = -1;
849
				ctxt->pam_done = -1;
849
				free(msg);
850
				rv = 0;
850
				return 0;
851
				goto out;
851
			}
852
			}
852
			/* FALLTHROUGH */
853
			/* FALLTHROUGH */
853
		case PAM_SUCCESS:
854
		case PAM_SUCCESS:
Lines 873-879 sshpam_query(void *ctx, char **name, char **info, Link Here
873
				**echo_on = 0;
874
				**echo_on = 0;
874
				ctxt->pam_done = 1;
875
				ctxt->pam_done = 1;
875
				free(msg);
876
				free(msg);
876
				return (0);
877
				rv = 0;
878
				goto out;
877
			}
879
			}
878
			error("PAM: %s for %s%.100s from %.100s", msg,
880
			error("PAM: %s for %s%.100s from %.100s", msg,
879
			    sshpam_authctxt->valid ? "" : "illegal user ",
881
			    sshpam_authctxt->valid ? "" : "illegal user ",
Lines 885-894 sshpam_query(void *ctx, char **name, char **info, Link Here
885
			**echo_on = 0;
887
			**echo_on = 0;
886
			free(msg);
888
			free(msg);
887
			ctxt->pam_done = -1;
889
			ctxt->pam_done = -1;
888
			return (-1);
890
			goto out;
889
		}
891
		}
890
	}
892
	}
891
	return (-1);
893
out:
894
	sshbuf_free(buffer);
895
	return (rv);
892
}
896
}
893
897
894
/*
898
/*
895
- 
896
--
897
auth-options.c | 1 +
899
auth-options.c | 1 +
898
1 file changed, 1 insertion(+)
900
1 file changed, 1 insertion(+)
(-)a/auth-options.c (-1 / +1 lines)
Lines 333-338 handle_permit(const char **optsp, int allow_bare_port, Link Here
333
		 * listen_host wildcard.
333
		 * listen_host wildcard.
334
		 */
334
		 */
335
		if (asprintf(&tmp, "*:%s", opt) < 0) {
335
		if (asprintf(&tmp, "*:%s", opt) < 0) {
336
			free(opt);
336
			*errstrp = "memory allocation failed";
337
			*errstrp = "memory allocation failed";
337
			return -1;
338
			return -1;
338
		}
339
		}
339
- 

Return to bug 2687