Commit Graph

4306 Commits

Author SHA1 Message Date
Damien Miller 63e437f053 - djm@cvs.openbsd.org 2006/04/03 07:10:38
[gss-genr.c]
     GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
     by dleonard AT vintela.com. use xasprintf() to simplify code while in
     there; "looks right" deraadt@
2006-04-23 12:05:46 +10:00
Damien Miller 603e68f1a2 - dtucker@cvs.openbsd.org 2006/04/02 08:34:52
[ssh-keysign.c]
     sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
2006-04-23 12:05:32 +10:00
Damien Miller 7a656f7922 - djm@cvs.openbsd.org 2006/04/01 05:50:29
[scp.c]
     xasprintification; ok deraadt@
2006-04-23 12:04:46 +10:00
Damien Miller 07aa132a5e - (djm) OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2006/04/01 05:42:20
     [scp.c]
     minimal lint cleanup (unused crud, and some size_t); ok djm
2006-04-23 12:04:27 +10:00
Damien Miller 73b42d2bb0 - (djm) [Makefile.in configure.ac session.c sshpty.c]
[contrib/redhat/sshd.init openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c]
   [openbsd-compat/port-linux.h] Add support for SELinux, setting
   the execution and TTY contexts. based on patch from Daniel Walsh,
   bz #880; ok dtucker@
2006-04-22 21:26:08 +10:00
Damien Miller 2eaf37d899 - (djm) Reorder IP options check so that it isn't broken by
mapped addresses; bz #1179 reported by markw wtech-llc.com;
   ok dtucker@
2006-04-18 15:13:16 +10:00
Damien Miller dfc6183f13 - djm@cvs.openbsd.org 2006/03/31 09:13:56
[ssh_config.5]
     remote user escape is %r not %h; spotted by jmc@
2006-03-31 23:14:57 +11:00
Damien Miller c6437cf00a - jmc@cvs.openbsd.org 2006/03/31 09:09:30
[ssh_config.5]
     kill trailing whitespace;
2006-03-31 23:14:41 +11:00
Damien Miller 7a8f5b330d - dtucker@cvs.openbsd.org 2006/03/30 11:40:21
[auth.c monitor.c]
     Prevent duplicate log messages when privsep=yes; ok djm@
2006-03-31 23:14:23 +11:00
Damien Miller e23209f434 - dtucker@cvs.openbsd.org 2006/03/30 11:05:17
[ssh-keygen.c]
     Correctly handle truncated files while converting keys; ok djm@
2006-03-31 23:13:35 +11:00
Damien Miller 6b1d53c2b0 - djm@cvs.openbsd.org 2006/03/30 10:41:25
[ssh.c ssh_config.5]
     add percent escape chars to the IdentityFile option, bz #1159 based
     on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@
2006-03-31 23:13:21 +11:00
Damien Miller 3f9418893e - djm@cvs.openbsd.org 2006/03/30 09:58:16
[authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h]
     [monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c]
     replace {GET,PUT}_XXBIT macros with functionally similar functions,
     silencing a heap of lint warnings. also allows them to use
     __bounded__ checking which can't be applied to macros; requested
     by and feedback from deraadt@
2006-03-31 23:13:02 +11:00
Damien Miller d79b424e8a - djm@cvs.openbsd.org 2006/03/30 09:41:25
[channels.c]
     ARGSUSED for dispatch table-driven functions
2006-03-31 23:11:44 +11:00
Damien Miller 89c3fe4a9e - deraadt@cvs.openbsd.org 2006/03/28 01:53:43
[ssh-agent.c]
     use strtonum() to parse the pid from the file, and range check it
     better; ok djm
2006-03-31 23:11:28 +11:00
Damien Miller 57c4e875f8 - deraadt@cvs.openbsd.org 2006/03/28 01:52:28
[channels.c]
     do not accept unreasonable X ports numbers; ok djm
2006-03-31 23:11:07 +11:00
Damien Miller ddd63ab1d0 - deraadt@cvs.openbsd.org 2006/03/28 00:12:31
[README.tun ssh.c]
     spacing
2006-03-31 23:10:51 +11:00
Damien Miller 2b5a0de903 - djm@cvs.openbsd.org 2006/03/27 23:15:46
[sftp.c]
     always use a format string for addargs; spotted by mouring@
2006-03-31 23:10:31 +11:00
Damien Miller 5a73c1a34d - deraadt@cvs.openbsd.org 2006/03/27 13:03:54
[dh.c]
     use strtonum() instead of atoi(), limit dhg size to 64k; ok djm
2006-03-31 23:09:41 +11:00
Damien Miller da380becc6 - OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2006/03/27 01:21:18
     [xmalloc.c]
     we can do the size & nmemb check before the integer overflow check;
     evol
2006-03-31 23:09:17 +11:00
Damien Miller b3cdc220c4 - deraadt@cvs.openbsd.org 2006/03/26 01:31:48
[uuencode.c]
     typo
2006-03-26 14:30:33 +11:00
Damien Miller 51096383e9 - djm@cvs.openbsd.org 2006/03/25 22:22:43
[atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h]
     [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h]
     [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h]
     [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c]
     [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h]
     [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h]
     [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h]
     [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h]
     [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h]
     [ttymodes.h uidswap.h uuencode.h xmalloc.h]
     standardise spacing in $OpenBSD$ tags; requested by deraadt@
2006-03-26 14:30:00 +11:00
Damien Miller e3b21a5f59 - deraadt@cvs.openbsd.org 2006/03/25 18:58:10
[channels.c]
     delete cast not required
2006-03-26 14:29:06 +11:00
Damien Miller a0fdce9a47 - deraadt@cvs.openbsd.org 2006/03/25 18:56:55
[bufaux.c channels.c packet.c]
     remove (char *) casts to a function that accepts void * for the arg
2006-03-26 14:28:50 +11:00
Damien Miller 08d61505d7 - deraadt@cvs.openbsd.org 2006/03/25 18:43:30
[channels.c]
     use strtonum() instead of atoi() [limit X screens to 400, sorry]
2006-03-26 14:28:32 +11:00
Damien Miller 1c13bd8d79 - deraadt@cvs.openbsd.org 2006/03/25 18:41:45
[ssh-agent.c]
     mark two more signal handlers ARGSUSED
2006-03-26 14:28:14 +11:00
Damien Miller 5f340065fc - deraadt@cvs.openbsd.org 2006/03/25 18:40:14
[ssh-keygen.c]
     cast strtonum() result to right type
2006-03-26 14:27:57 +11:00
Damien Miller a1690d08b4 - deraadt@cvs.openbsd.org 2006/03/25 18:36:15
[sshlogin.c sshlogin.h]
     nicer size_t and time_t types
2006-03-26 14:27:35 +11:00
Damien Miller 90fdfaf69c - deraadt@cvs.openbsd.org 2006/03/25 18:30:55
[clientloop.c serverloop.c]
     spacing
2006-03-26 14:25:37 +11:00
Damien Miller 8ba29fe72d - deraadt@cvs.openbsd.org 2006/03/25 18:29:35
[auth-rsa.c authfd.c packet.c]
     needed casts (always will be needed)
2006-03-26 14:25:19 +11:00
Damien Miller 48c4ed2b78 oops, rewrap 2006-03-26 14:25:05 +11:00
Damien Miller 57c30117c1 - djm@cvs.openbsd.org 2006/03/25 13:17:03
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
Damien Miller 55b04f1d77 - djm@cvs.openbsd.org 2006/03/25 01:30:23
[sftp.c]
     "abormally" is a perfectly cromulent word, but "abnormally" is better
2006-03-26 14:23:17 +11:00
Damien Miller 36812092ec - djm@cvs.openbsd.org 2006/03/25 01:13:23
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
     [uidswap.c]
     change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
     to xrealloc(p, new_nmemb, new_itemsize).

     realloc is particularly prone to integer overflows because it is
     almost always allocating "n * size" bytes, so this is a far safer
     API; ok deraadt@
2006-03-26 14:22:47 +11:00
Damien Miller 07d86bec5e - djm@cvs.openbsd.org 2006/03/25 00:05:41
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it
     to die

     feedback and ok deraadt@
2006-03-26 14:19:21 +11:00
Damien Miller a5a2859275 - deraadt@cvs.openbsd.org 2006/03/20 21:11:53
[ttymodes.c]
     spacing
2006-03-26 14:10:34 +11:00
Damien Miller 4f7becb44f - deraadt@cvs.openbsd.org 2006/03/20 18:48:34
[channels.c fatal.c kex.c packet.c serverloop.c]
     spacing
2006-03-26 14:10:14 +11:00
Damien Miller 1d2b6706ba - deraadt@cvs.openbsd.org 2006/03/20 18:42:27
[canohost.c match.c ssh.c sshconnect.c]
     be strict with tolower() casting
2006-03-26 14:09:54 +11:00
Damien Miller 1ff7c642ee - deraadt@cvs.openbsd.org 2006/03/20 18:41:43
[dns.c]
     cast xstrdup to propert u_char *
2006-03-26 14:09:09 +11:00
Damien Miller 4ae97f1885 - deraadt@cvs.openbsd.org 2006/03/20 18:35:12
[channels.c]
     x11_fake_data is only ever used as u_char *
2006-03-26 14:08:10 +11:00
Damien Miller 9f3bd53acd - deraadt@cvs.openbsd.org 2006/03/20 18:27:50
[monitor.c]
     spacing
2006-03-26 14:07:52 +11:00
Damien Miller 9096740f6c - deraadt@cvs.openbsd.org 2006/03/20 18:26:55
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
     [ssh-rsa.c ssh.c sshlogin.c]
     annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
Damien Miller 91d4b12fcb - deraadt@cvs.openbsd.org 2006/03/20 18:17:20
[auth1.c auth2.c sshd.c]
     sprinkle some ARGSUSED for table driven functions (which sometimes
     must ignore their args)
2006-03-26 14:05:20 +11:00
Damien Miller 1b81a49f86 rewrap 2006-03-26 14:05:02 +11:00
Damien Miller 71a7367130 - deraadt@cvs.openbsd.org 2006/03/20 18:14:02
[channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
     [ssh.c sshpty.c sshpty.h]
     sprinkle u_int throughout pty subsystem, ok markus
2006-03-26 14:04:36 +11:00
Damien Miller 6d39bcf898 - deraadt@cvs.openbsd.org 2006/03/20 17:17:23
[ssh-rsa.c]
     in a switch (), break after return or goto is stupid
2006-03-26 14:03:21 +11:00
Damien Miller bbaad7772a - deraadt@cvs.openbsd.org 2006/03/20 17:13:16
[key.c]
     djm did a typo
2006-03-26 14:03:03 +11:00
Damien Miller 69b7203e6f - deraadt@cvs.openbsd.org 2006/03/20 17:10:19
[auth.c key.c misc.c packet.c ssh-add.c]
     in a switch (), break after return or goto is stupid
2006-03-26 14:02:35 +11:00
Damien Miller 429fcc23db - djm@cvs.openbsd.org 2006/03/20 11:38:46
[key.c]
     (really) last of the Coverity diffs: avoid possible NULL deref in
     key_free. via elad AT netbsd.org; markus@ ok
2006-03-26 14:02:16 +11:00
Damien Miller 96937bd914 - djm@cvs.openbsd.org 2006/03/20 04:09:44
[monitor.c]
     memory leaks detected by Coverity via elad AT netbsd.org;
     deraadt@ ok
     that should be all of them now
2006-03-26 14:01:54 +11:00
Damien Miller 3305f5591f - deraadt@cvs.openbsd.org 2006/03/19 18:59:09
[authfile.c]
     whoever thought that break after return was a good idea needs to
     get their head examimed
2006-03-26 14:00:31 +11:00