- (djm) OpenBSD CVS updates

- provos@cvs.openbsd.org 2000/07/13 16:53:22 [aux.c readconf.c servconf.c ssh.h] allow multiple whitespace but only one '=' between tokens, bug report from Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@ - provos@cvs.openbsd.org 2000/07/13 17:14:09 [clientloop.c] typo; todd@fries.net - provos@cvs.openbsd.org 2000/07/13 17:19:31 [scp.c] close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu> - markus@cvs.openbsd.org 2000/07/14 16:59:46 [readconf.c servconf.c] allow leading whitespace. ok niels - djm@cvs.openbsd.org 2000/07/14 22:01:38 [ssh-keygen.c ssh.c] Always create ~/.ssh with mode 700; ok Markus
2025-07-27 07:44:29 +02:00 · 2000-07-15 14:14:16 +10:00 · 2000-07-15 14:14:16 +10:00 · be484b5d98
commit be484b5d98
parent 055dc36983
9 changed files with 193 additions and 139 deletions
--- a/19
+++ b/19
@ -1,3 +1,22 @@
+20000713
+ - (djm) OpenBSD CVS updates
+   - provos@cvs.openbsd.org  2000/07/13 16:53:22
+     [aux.c readconf.c servconf.c ssh.h]
+     allow multiple whitespace but only one '=' between tokens, bug report from
+     Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@
+   - provos@cvs.openbsd.org  2000/07/13 17:14:09
+     [clientloop.c]
+     typo; todd@fries.net
+   - provos@cvs.openbsd.org  2000/07/13 17:19:31
+     [scp.c]
+     close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu>
+   - markus@cvs.openbsd.org  2000/07/14 16:59:46
+     [readconf.c servconf.c]
+     allow leading whitespace. ok niels
+   - djm@cvs.openbsd.org     2000/07/14 22:01:38
+     [ssh-keygen.c ssh.c]
+     Always create ~/.ssh with mode 700; ok Markus
+
 20000712
 - (djm) Remove -lresolve for Reliant Unix
 - (djm) OpenBSD CVS Updates:
--- a/aux.c
+++ b/aux.c
@ -1,5 +1,5 @@
 #include "includes.h"
-RCSID("$OpenBSD: aux.c,v 1.3 2000/06/18 17:13:41 markus Exp $");
+RCSID("$OpenBSD: aux.c,v 1.4 2000/07/13 22:53:21 provos Exp $");

 #include "ssh.h"

@ -39,3 +39,33 @@ set_nonblock(int fd)
 	if (fcntl(fd, F_SETFL, val) == -1)
 		error("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd, strerror(errno));
 }
+
+/* Characters considered whitespace in strsep calls. */
+#define WHITESPACE " \t\r\n"
+
+char *
+strdelim(char **s)
+{
+	char *old;
+	int wspace = 0;
+
+	if (*s == NULL)
+		return NULL;
+
+	old = *s;
+
+	*s = strpbrk(*s, WHITESPACE "=");
+	if (*s == NULL)
+		return (old);
+
+	/* Allow only one '=' to be skipped */
+	if (*s[0] == '=')
+		wspace = 1;
+	*s[0] = '\0';
+
+	*s += strspn(*s + 1, WHITESPACE) + 1;
+	if (*s[0] == '=' && !wspace)
+		*s += strspn(*s + 1, WHITESPACE) + 1;
+
+	return (old);
+}
--- a/clientloop.c
+++ b/clientloop.c
@ -16,7 +16,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.27 2000/06/20 01:39:40 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.28 2000/07/13 23:14:08 provos Exp $");

 #include "xmalloc.h"
 #include "ssh.h"
@ -778,7 +778,7 @@ client_loop(int have_pty, int escape_char_arg)
 	if (have_pty)
 		enter_raw_mode();

-	/* Check if we should immediately send of on stdin. */
+	/* Check if we should immediately send eof on stdin. */
 	if (!compat20)
 		client_check_initial_eof_on_stdin();

--- a/readconf.c
+++ b/readconf.c
@ -14,7 +14,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.41 2000/07/11 19:17:44 deraadt Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.43 2000/07/14 22:59:46 markus Exp $");

 #include "ssh.h"
 #include "cipher.h"
@ -164,10 +164,6 @@ static struct {
 	{ NULL, 0 }
 };

-/* Characters considered whitespace in strsep calls. */
-#define WHITESPACE " \t\r\n="
-
-
 /*
 * Adds a local TCP/IP port forward to options.  Never returns if there is an
 * error.
@ -241,13 +237,15 @@ process_config_line(Options *options, const char *host,
 	int opcode, *intptr, value;
 	u_short fwd_port, fwd_host_port;

-	/* Skip leading whitespace. */
-	s = line + strspn(line, WHITESPACE);
-	if (!*s || *s == '\n' || *s == '#')
+	s = line;
+	/* Get the keyword. (Each line is supposed to begin with a keyword). */
+	keyword = strdelim(&s);
+	/* Ignore leading whitespace. */
+	if (*keyword == '\0')
+		keyword = strdelim(&s);
+	if (!*keyword || *keyword == '\n' || *keyword == '#')
 		return 0;

-	/* Get the keyword. (Each line is supposed to begin with a keyword). */
-	keyword = strsep(&s, WHITESPACE);
 	opcode = parse_token(keyword, filename, linenum);

 	switch (opcode) {
@ -258,7 +256,7 @@ process_config_line(Options *options, const char *host,
 	case oForwardAgent:
 		intptr = &options->forward_agent;
 parse_flag:
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
 		value = 0;	/* To avoid compiler warning... */
@ -344,7 +342,7 @@ parse_flag:

 	case oStrictHostKeyChecking:
 		intptr = &options->strict_host_key_checking;
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing yes/no argument.",
 			      filename, linenum);
@ -379,7 +377,7 @@ parse_flag:

 	case oIdentityFile:
 	case oIdentityFile2:
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		if (*activep) {
@ -404,7 +402,7 @@ parse_flag:
 	case oUser:
 		charptr = &options->user;
 parse_string:
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		if (*activep && *charptr == NULL)
@ -434,7 +432,7 @@ parse_string:
 	case oProxyCommand:
 		charptr = &options->proxy_command;
 		string = xstrdup("");
-		while ((arg = strsep(&s, WHITESPACE)) != NULL && *arg != '\0') {
+		while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
 			string = xrealloc(string, strlen(string) + strlen(arg) + 2);
 			strcat(string, " ");
 			strcat(string, arg);
@ -448,7 +446,7 @@ parse_string:
 	case oPort:
 		intptr = &options->port;
 parse_int:
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		if (arg[0] < '0' || arg[0] > '9')
@ -468,7 +466,7 @@ parse_int:

 	case oCipher:
 		intptr = &options->cipher;
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		value = cipher_number(arg);
@ -480,7 +478,7 @@ parse_int:
 		break;

 	case oCiphers:
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		if (!ciphers_valid(arg))
@ -492,7 +490,7 @@ parse_int:

 	case oProtocol:
 		intptr = &options->protocol;
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		value = proto_spec(arg);
@ -505,7 +503,7 @@ parse_int:

 	case oLogLevel:
 		intptr = (int *) &options->log_level;
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		value = log_level_number(arg);
 		if (value == (LogLevel) - 1)
 			fatal("%.200s line %d: unsupported log level '%s'\n",
@ -515,14 +513,14 @@ parse_int:
 		break;

 	case oRemoteForward:
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		if (arg[0] < '0' || arg[0] > '9')
 			fatal("%.200s line %d: Badly formatted port number.",
 			      filename, linenum);
 		fwd_port = atoi(arg);
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing second argument.",
 			      filename, linenum);
@ -534,14 +532,14 @@ parse_int:
 		break;

 	case oLocalForward:
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		if (arg[0] < '0' || arg[0] > '9')
 			fatal("%.200s line %d: Badly formatted port number.",
 			      filename, linenum);
 		fwd_port = atoi(arg);
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing second argument.",
 			      filename, linenum);
@ -554,18 +552,18 @@ parse_int:

 	case oHost:
 		*activep = 0;
-		while ((arg = strsep(&s, WHITESPACE)) != NULL && *arg != '\0')
+		while ((arg = strdelim(&s)) != NULL && *arg != '\0')
 			if (match_pattern(host, arg)) {
 				debug("Applying options for %.100s", arg);
 				*activep = 1;
 				break;
 			}
-		/* Avoid garbage check below, as strsep is done. */
+		/* Avoid garbage check below, as strdelim is done. */
 		return 0;

 	case oEscapeChar:
 		intptr = &options->escape_char;
-		arg = strsep(&s, WHITESPACE);
+		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
 		if (arg[0] == '^' && arg[2] == 0 &&
@ -590,7 +588,7 @@ parse_int:
 	}

 	/* Check that there is no garbage at end of line. */
-	if ((arg = strsep(&s, WHITESPACE)) != NULL && *arg != '\0')
+	if ((arg = strdelim(&s)) != NULL && *arg != '\0')
 	{
 		fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
 		      filename, linenum, arg);
--- a/scp.c
+++ b/scp.c
@ -45,7 +45,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: scp.c,v 1.32 2000/06/20 01:39:44 markus Exp $");
+RCSID("$OpenBSD: scp.c,v 1.33 2000/07/13 23:19:31 provos Exp $");

 #include "ssh.h"
 #include "xmalloc.h"
@ -889,7 +889,10 @@ bad:			run_err("%s: %s", np, strerror(errno));
 					run_err("%s: set mode: %s",
 						np, strerror(errno));
 		}
-		(void) close(ofd);
+		if (close(ofd) == -1) {
+			wrerr = YES;
+			wrerrno = errno;
+		}
 		(void) response();
 		if (setimes && wrerr == NO) {
 			setimes = 0;
@ -1015,7 +1018,7 @@ run_err(const char *fmt,...)
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- *	$OpenBSD: scp.c,v 1.32 2000/06/20 01:39:44 markus Exp $
+ *	$OpenBSD: scp.c,v 1.33 2000/07/13 23:19:31 provos Exp $
 */

 char *
--- a/servconf.c
+++ b/servconf.c
@ -12,7 +12,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.47 2000/07/10 16:30:25 ho Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.49 2000/07/14 22:59:46 markus Exp $");

 #include "ssh.h"
 #include "servconf.h"
@ -164,8 +164,6 @@ fill_default_server_options(ServerOptions *options)
 		options->max_startups = 10;
 }

-#define WHITESPACE " \t\r\n="
-
 /* Keyword tokens. */
 typedef enum {
 	sBadOption,		/* == unknown option */
@ -318,10 +316,13 @@ read_server_config(ServerOptions *options, const char *filename)
 	linenum = 0;
 	while (fgets(line, sizeof(line), f)) {
 		linenum++;
-		cp = line + strspn(line, WHITESPACE);
-		if (!*cp || *cp == '#')
+		cp = line;
+		arg = strdelim(&cp);
+		/* Ignore leading whitespace */
+		if (*arg == '\0')
+			arg = strdelim(&cp);
+		if (!*arg || *arg == '#')
 			continue;
-		arg = strsep(&cp, WHITESPACE);
 		opcode = parse_token(arg, filename, linenum);
 		switch (opcode) {
 		case sBadOption:
@ -337,7 +338,7 @@ read_server_config(ServerOptions *options, const char *filename)
 			if (options->num_ports >= MAX_PORTS)
 				fatal("%s line %d: too many ports.\n",
 				    filename, linenum);
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0')
 				fatal("%s line %d: missing port number.\n",
 				    filename, linenum);
@ -347,7 +348,7 @@ read_server_config(ServerOptions *options, const char *filename)
 		case sServerKeyBits:
 			intptr = &options->server_key_bits;
 parse_int:
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0') {
 				fprintf(stderr, "%s line %d: missing integer value.\n",
 					filename, linenum);
@ -367,7 +368,7 @@ parse_int:
 			goto parse_int;

 		case sListenAddress:
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0')
 				fatal("%s line %d: missing inet addr.\n",
 				    filename, linenum);
@ -379,7 +380,7 @@ parse_int:
 			charptr = (opcode == sHostKeyFile ) ?
 			    &options->host_key_file : &options->host_dsa_key_file;
 parse_filename:
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0') {
 				fprintf(stderr, "%s line %d: missing file name.\n",
 				    filename, linenum);
@ -396,12 +397,12 @@ parse_filename:
 		case sRandomSeedFile:
 			fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n",
 				filename, linenum);
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			break;

 		case sPermitRootLogin:
 			intptr = &options->permit_root_login;
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0') {
 				fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n",
 					filename, linenum);
@ -425,7 +426,7 @@ parse_filename:
 		case sIgnoreRhosts:
 			intptr = &options->ignore_rhosts;
 parse_flag:
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0') {
 				fprintf(stderr, "%s line %d: missing yes/no argument.\n",
 					filename, linenum);
@ -540,7 +541,7 @@ parse_flag:

 		case sLogFacility:
 			intptr = (int *) &options->log_facility;
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			value = log_facility_number(arg);
 			if (value == (SyslogFacility) - 1)
 				fatal("%.200s line %d: unsupported log facility '%s'\n",
@ -551,7 +552,7 @@ parse_flag:

 		case sLogLevel:
 			intptr = (int *) &options->log_level;
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			value = log_level_number(arg);
 			if (value == (LogLevel) - 1)
 				fatal("%.200s line %d: unsupported log level '%s'\n",
@ -561,7 +562,7 @@ parse_flag:
 			break;

 		case sAllowUsers:
-			while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') {
+			while ((arg = strdelim(&cp)) && *arg != '\0') {
 				if (options->num_allow_users >= MAX_ALLOW_USERS)
 					fatal("%s line %d: too many allow users.\n",
 					    filename, linenum);
@ -570,7 +571,7 @@ parse_flag:
 			break;

 		case sDenyUsers:
-			while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') {
+			while ((arg = strdelim(&cp)) && *arg != '\0') {
 				if (options->num_deny_users >= MAX_DENY_USERS)
 					fatal( "%s line %d: too many deny users.\n",
 					    filename, linenum);
@ -579,7 +580,7 @@ parse_flag:
 			break;

 		case sAllowGroups:
-			while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') {
+			while ((arg = strdelim(&cp)) && *arg != '\0') {
 				if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
 					fatal("%s line %d: too many allow groups.\n",
 					    filename, linenum);
@ -588,7 +589,7 @@ parse_flag:
 			break;

 		case sDenyGroups:
-			while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') {
+			while ((arg = strdelim(&cp)) && *arg != '\0') {
 				if (options->num_deny_groups >= MAX_DENY_GROUPS)
 					fatal("%s line %d: too many deny groups.\n",
 					    filename, linenum);
@ -597,7 +598,7 @@ parse_flag:
 			break;

 		case sCiphers:
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0')
 				fatal("%s line %d: Missing argument.", filename, linenum);
 			if (!ciphers_valid(arg))
@ -609,7 +610,7 @@ parse_flag:

 		case sProtocol:
 			intptr = &options->protocol;
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0')
 				fatal("%s line %d: Missing argument.", filename, linenum);
 			value = proto_spec(arg);
@ -625,7 +626,7 @@ parse_flag:
 				fatal("%s line %d: too many subsystems defined.",
 				      filename, linenum);
 			}
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0')
 				fatal("%s line %d: Missing subsystem name.",
 				      filename, linenum);
@ -634,7 +635,7 @@ parse_flag:
 					fatal("%s line %d: Subsystem '%s' already defined.",
 					      filename, linenum, arg);
 			options->subsystem_name[options->num_subsystems] = xstrdup(arg);
-			arg = strsep(&cp, WHITESPACE);
+			arg = strdelim(&cp);
 			if (!arg || *arg == '\0')
 				fatal("%s line %d: Missing subsystem command.",
 				      filename, linenum);
@ -651,7 +652,7 @@ parse_flag:
 				filename, linenum, arg, opcode);
 			exit(1);
 		}
-		if ((arg = strsep(&cp, WHITESPACE)) != NULL && *arg != '\0') {
+		if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
 			fprintf(stderr, 
 				"%s line %d: garbage at end of line; \"%.200s\".\n",
 				filename, linenum, arg);
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@ -7,7 +7,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.28 2000/07/07 03:55:04 todd Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.29 2000/07/15 04:01:37 djm Exp $");

 #include <openssl/evp.h>
 #include <openssl/pem.h>
@ -660,7 +660,7 @@ main(int ac, char **av)
 	snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", pw->pw_dir, SSH_USER_DIR);
 	if (strstr(identity_file, dotsshdir) != NULL &&
 	    stat(dotsshdir, &st) < 0) {
-		if (mkdir(dotsshdir, 0755) < 0)
+		if (mkdir(dotsshdir, 0700) < 0)
 			error("Could not create directory '%s'.", dotsshdir);
 		else if (!quiet)
 			printf("Created directory '%s'.\n", dotsshdir);
--- a/ssh.c
+++ b/ssh.c
@ -11,7 +11,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.56 2000/06/20 01:39:44 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.57 2000/07/15 04:01:37 djm Exp $");

 #include <openssl/evp.h>
 #include <openssl/dsa.h>
@ -622,7 +622,7 @@ main(int ac, char **av)
 	 */
 	snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_DIR);
 	if (stat(buf, &st) < 0)
-		if (mkdir(buf, 0755) < 0)
+		if (mkdir(buf, 0700) < 0)
 			error("Could not create directory '%.200s'.", buf);

 	/* Check if the connection failed, and try "rsh" if appropriate. */
--- a/ssh.h
+++ b/ssh.h
@ -13,7 +13,7 @@
 *
 */

-/* RCSID("$OpenBSD: ssh.h,v 1.47 2000/06/20 01:39:45 markus Exp $"); */
+/* RCSID("$OpenBSD: ssh.h,v 1.48 2000/07/13 22:53:21 provos Exp $"); */

 #ifndef SSH_H
 #define SSH_H
@ -489,6 +489,9 @@ char   *tilde_expand_filename(const char *filename, uid_t my_uid);
 /* remove newline at end of string */
 char	*chop(char *s);

+/* return next token in configuration line */
+char	*strdelim(char **s);
+
 /* set filedescriptor to non-blocking */
 void	set_nonblock(int fd);