Bugzilla – Attachment 3357 Details for
Bug 3119
life (-t) argument wraps
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Restrict key lifetime to usable values (u32)
ssh-add-wrap.patch (text/plain), 2.06 KB, created by
Darren Tucker
on 2020-02-18 20:02:18 AEDT
(
hide
)
Description:
Restrict key lifetime to usable values (u32)
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2020-02-18 20:02:18 AEDT
Size:
2.06 KB
patch
obsolete
>Index: ssh-add.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh-add.c,v >retrieving revision 1.152 >retrieving revision 1.153 >diff -u -p -r1.152 -r1.153 >--- ssh-add.c 6 Feb 2020 22:30:54 -0000 1.152 >+++ ssh-add.c 18 Feb 2020 08:58:33 -0000 1.153 >@@ -1,4 +1,4 @@ >-/* $OpenBSD: ssh-add.c,v 1.152 2020/02/06 22:30:54 naddy Exp $ */ >+/* $OpenBSD: ssh-add.c,v 1.153 2020/02/18 08:58:33 dtucker Exp $ */ > /* > * Author: Tatu Ylonen <ylo@cs.hut.fi> > * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland >@@ -83,7 +83,7 @@ static char *default_files[] = { > static int fingerprint_hash = SSH_FP_HASH_DEFAULT; > > /* Default lifetime (0 == forever) */ >-static int lifetime = 0; >+static long lifetime = 0; > > /* User has to confirm key use */ > static int confirm = 0; >@@ -321,7 +321,7 @@ add_file(int agent_fd, const char *filen > filename, comment); > if (lifetime != 0) { > fprintf(stderr, >- "Lifetime set to %d seconds\n", lifetime); >+ "Lifetime set to %ld seconds\n", lifetime); > } > if (confirm != 0) { > fprintf(stderr, "The user must confirm " >@@ -377,7 +377,7 @@ add_file(int agent_fd, const char *filen > fprintf(stderr, "Certificate added: %s (%s)\n", certpath, > private->cert->key_id); > if (lifetime != 0) { >- fprintf(stderr, "Lifetime set to %d seconds\n", >+ fprintf(stderr, "Lifetime set to %ld seconds\n", > lifetime); > } > if (confirm != 0) { >@@ -564,7 +564,7 @@ load_resident_keys(int agent_fd, const c > sshkey_type(keys[i]), fp); > if (lifetime != 0) { > fprintf(stderr, >- "Lifetime set to %d seconds\n", lifetime); >+ "Lifetime set to %ld seconds\n", lifetime); > } > if (confirm != 0) { > fprintf(stderr, "The user must confirm " >@@ -713,7 +713,8 @@ main(int argc, char **argv) > pkcs11provider = optarg; > break; > case 't': >- if ((lifetime = convtime(optarg)) == -1) { >+ if ((lifetime = convtime(optarg)) == -1 || >+ lifetime < 0 || lifetime > UINT32_MAX) { > fprintf(stderr, "Invalid lifetime\n"); > ret = 1; > goto done;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3357">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 3119
: 3357