tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-31 01:35:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

- avsm@cvs.openbsd.org 2005/05/23 22:44:01

Browse Source 
[moduli.c ssh-keygen.c]
     - removes signed/unsigned comparisons in moduli generation
     - use strtonum instead of atoi where its easier
     - check some strlcpy overflow and fatal instead of truncate
This commit is contained in:
Damien Miller 2005-05-26 12:16:18 +10:00
parent dfec2941ac
commit b089fb5fe1
3 changed files with 42 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -71,6 +71,11 @@
- jmc@cvs.openbsd.org 2005/05/20 11:23:32 - jmc@cvs.openbsd.org 2005/05/20 11:23:32
[ssh_config.5] [ssh_config.5]
oops - article and spacing; oops - article and spacing;
- avsm@cvs.openbsd.org 2005/05/23 22:44:01
[moduli.c ssh-keygen.c]
- removes signed/unsigned comparisons in moduli generation
- use strtonum instead of atoi where its easier
- check some strlcpy overflow and fatal instead of truncate
20050524 20050524
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
@ -2570,4 +2575,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.3782 2005/05/26 02:14:32 djm Exp $ $Id: ChangeLog,v 1.3783 2005/05/26 02:16:18 djm Exp $

11
moduli.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: moduli.c,v 1.10 2005/01/17 03:25:46 dtucker Exp $ */ /* $OpenBSD: moduli.c,v 1.11 2005/05/23 22:44:01 avsm Exp $ */
/* /*
* Copyright 1994 Phil Karn <karn@qualcomm.com> * Copyright 1994 Phil Karn <karn@qualcomm.com>
* Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@ -144,7 +144,7 @@ static u_int32_t *LargeSieve, largewords, largetries, largenumbers;
static u_int32_t largebits, largememory; /* megabytes */ static u_int32_t largebits, largememory; /* megabytes */
static BIGNUM *largebase; static BIGNUM *largebase;
int gen_candidates(FILE *, int, int, BIGNUM *); int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
/* /*
@ -241,14 +241,15 @@ sieve_large(u_int32_t s)
* The list is checked against small known primes (less than 2**30). * The list is checked against small known primes (less than 2**30).
*/ */
int int
gen_candidates(FILE *out, int memory, int power, BIGNUM *start) gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
{ {
BIGNUM *q; BIGNUM *q;
u_int32_t j, r, s, t; u_int32_t j, r, s, t;
u_int32_t smallwords = TINY_NUMBER >> 6; u_int32_t smallwords = TINY_NUMBER >> 6;
u_int32_t tinywords = TINY_NUMBER >> 6; u_int32_t tinywords = TINY_NUMBER >> 6;
time_t time_start, time_stop; time_t time_start, time_stop;
int i, ret = 0; u_int32_t i;
int ret = 0;
largememory = memory; largememory = memory;
@ -548,7 +549,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted)
* due to earlier inconsistencies in interpretation, check * due to earlier inconsistencies in interpretation, check
* the proposed bit size. * the proposed bit size.
*/ */
if (BN_num_bits(p) != (in_size + 1)) { if ((u_int32_t)BN_num_bits(p) != (in_size + 1)) {
debug2("%10u: bit size %u mismatch", count_in, in_size); debug2("%10u: bit size %u mismatch", count_in, in_size);
continue; continue;
} }

46
ssh-keygen.c
View File

@ -12,7 +12,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: ssh-keygen.c,v 1.123 2005/04/05 13:45:31 otto Exp $"); RCSID("$OpenBSD: ssh-keygen.c,v 1.124 2005/05/23 22:44:01 avsm Exp $");
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/pem.h> #include <openssl/pem.h>
@ -36,7 +36,7 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.123 2005/04/05 13:45:31 otto Exp $");
#include "dns.h" #include "dns.h"
/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */ /* Number of bits in the RSA/DSA key. This value can be changed on the command line. */
int bits = 1024; u_int32_t bits = 1024;
/* /*
* Flag indicating that we just want to change the passphrase. This can be * Flag indicating that we just want to change the passphrase. This can be
@ -90,7 +90,7 @@ extern char *__progname;
char hostname[MAXHOSTNAMELEN]; char hostname[MAXHOSTNAMELEN];
/* moduli.c */ /* moduli.c */
int gen_candidates(FILE *, int, int, BIGNUM *); int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
static void static void
@ -1007,8 +1007,8 @@ main(int ac, char **av)
Key *private, *public; Key *private, *public;
struct passwd *pw; struct passwd *pw;
struct stat st; struct stat st;
int opt, type, fd, download = 0, memory = 0; int opt, type, fd, download = 0;
int generator_wanted = 0, trials = 100; uint32_t memory = 0, generator_wanted = 0, trials = 100;
int do_gen_candidates = 0, do_screen_candidates = 0; int do_gen_candidates = 0, do_screen_candidates = 0;
int log_level = SYSLOG_LEVEL_INFO; int log_level = SYSLOG_LEVEL_INFO;
BIGNUM *start = NULL; BIGNUM *start = NULL;
@ -1016,6 +1016,7 @@ main(int ac, char **av)
extern int optind; extern int optind;
extern char *optarg; extern char *optarg;
const char *errstr;
__progname = ssh_get_progname(av[0]); __progname = ssh_get_progname(av[0]);
@ -1040,9 +1041,9 @@ main(int ac, char **av)
"degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) { "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) {
switch (opt) { switch (opt) {
case 'b': case 'b':
bits = atoi(optarg); bits = strtonum(optarg, 512, 32768, &errstr);
if (bits < 512 || bits > 32768) { if (errstr) {
printf("Bits has bad value.\n"); printf("Bits has bad value %s (%s)\n", optarg, errstr);
exit(1); exit(1);
} }
break; break;
@ -1070,7 +1071,9 @@ main(int ac, char **av)
change_comment = 1; change_comment = 1;
break; break;
case 'f': case 'f':
strlcpy(identity_file, optarg, sizeof(identity_file)); if (strlcpy(identity_file, optarg, sizeof(identity_file)) >=
sizeof(identity_file))
fatal("Identity filename too long");
have_identity = 1; have_identity = 1;
break; break;
case 'g': case 'g':
@ -1125,23 +1128,34 @@ main(int ac, char **av)
rr_hostname = optarg; rr_hostname = optarg;
break; break;
case 'W': case 'W':
generator_wanted = atoi(optarg); generator_wanted = strtonum(optarg, 1, UINT_MAX, &errstr);
if (generator_wanted < 1) if (errstr)
fatal("Desired generator has bad value."); fatal("Desired generator has bad value: %s (%s)",
optarg, errstr);
break; break;
case 'a': case 'a':
trials = atoi(optarg); trials = strtonum(optarg, 1, UINT_MAX, &errstr);
if (errstr)
fatal("Invalid number of trials: %s (%s)",
optarg, errstr);
break; break;
case 'M': case 'M':
memory = atoi(optarg); memory = strtonum(optarg, 1, UINT_MAX, &errstr);
if (errstr) {
fatal("Memory limit is %s: %s", errstr, optarg);
}
break; break;
case 'G': case 'G':
do_gen_candidates = 1; do_gen_candidates = 1;
strlcpy(out_file, optarg, sizeof(out_file)); if (strlcpy(out_file, optarg, sizeof(out_file)) >=
sizeof(out_file))
fatal("Output filename too long");
break; break;
case 'T': case 'T':
do_screen_candidates = 1; do_screen_candidates = 1;
strlcpy(out_file, optarg, sizeof(out_file)); if (strlcpy(out_file, optarg, sizeof(out_file)) >=
sizeof(out_file))
fatal("Output filename too long");
break; break;
case 'S': case 'S':
/* XXX - also compare length against bits */ /* XXX - also compare length against bits */