bb7413db98
upstream commit
...
revision 1.39
date: 2012/01/20 07:09:42; author: tedu; state: Exp; lines: +4 -4;
the glob stat limit is way too low. bump to 2048.
while here, failed stats should count against the limit too.
ok deraadt sthen stsp
2019-11-15 15:07:30 +11:00
245dcbdca5
Put headers inside ifdef _AIX.
...
Prevents compile errors due to missing definitions (eg va_list) on
non-AIX platforms.
2019-11-13 11:19:26 +11:00
3611bfe89b
Define __BSD_VISIBLE in fnmatch.h.
...
.. since we use symbols defined only when it is when using the compat
fnmatch.
2019-11-02 22:46:22 +11:00
0e3c5bc509
Hook up fnmatch for platforms that don't have it.
2019-11-01 18:27:37 +11:00
b56dbfd9d9
Add missing bracket in realpath macro.
2019-11-01 18:27:37 +11:00
59ccb56f15
Import fnmatch.c from OpenBSD.
2019-11-01 18:27:37 +11:00
79d46de9fb
Use sftp_realpath if no native realpath.
2019-11-01 18:27:37 +11:00
5eb7b9563f
Add prototype for localtime_r if needed.
2019-11-01 14:41:07 +11:00
1bcd1169c5
Add implementation of localtime_r.
2019-10-29 20:48:46 +11:00
5fe81da226
Fix ifdefs to not mask needed bits.
2019-10-28 21:19:47 +11:00
d561b0b2fa
Make sure we have struct statfs before using.
2019-10-28 16:27:53 +11:00
7169e31121
Move utimensat definition into timespec section.
...
Since utimensat uses struct timespec, move it to the section where we
define struct timespec when needed.
2019-10-28 16:27:53 +11:00
9b9e3ca694
Re-add SA_RESTART to mysignal.
...
This makes mysignal implement reliable BSD semantics according to
Stevens' APUE. This was first attempted in 2001 but was reverted
due to problems with HP-UX 10.20 and select() and possibly grantpt().
Modern systems should be fine with it, but if any current platforms have
a problem with it now we can disable it just for those. ok djm@
2019-10-11 14:12:16 +11:00
0bd312a362
Fix ifdef typo for declaration of memmem.
...
Fixes build on IRIX. bz#3081.
2019-10-10 09:42:03 +11:00
86a0323374
Make MAKE_CLONE no-op macro more correct.
...
Similar to the previous change to DEF_WEAK, some compilers don't like
the empty statement, so convert into a no-op function prototype.
2019-10-09 09:36:06 +11:00
13b3369830
avoid "return (value)" in void-declared function
...
spotted by Tim Rice; ok dtucker
2019-10-08 15:32:02 +11:00
fbec7dba01
Include stdio.h for snprintf.
...
Patch from vapier@gentoo.org .
2019-09-30 18:01:12 +10:00
368f1cc2fb
fixed test in OSX closefrom() replacement
...
from likan_999.student AT sina.com
2019-09-02 10:28:42 +10:00
6b7c53498d
retain Solaris PRIV_FILE_LINK_ANY in sftp-server
...
Dropping this privilege removes the ability to create hard links to
files owned by other users. This is required for the legacy sftp rename
operation.
bz#3036; approach ok Alex Wilson (the original author of the Solaris
sandbox/pledge replacement code)
2019-09-02 10:22:02 +10:00
28744182cf
proc_pidinfo()-based closefrom() for OS X
...
Refactor closefrom() to use a single brute-force close() loop fallback.
Based on patch from likan_999.student@sina.com in bz#3049. ok dtucker@
2019-08-30 13:23:04 +10:00
d0e51810f3
Fix pasto in fallback code.
...
There is no parameter called "pathname", it should simply be "path".
bz#3059, patch from samuel at cendio.se.
2019-08-24 15:12:11 +10:00
d46075b923
Fix mem leak in unit test.
...
Patch from jitendra.sharma at intel.com.
2019-08-05 21:36:48 +10:00
4317b2a048
upstream rev 1.28: fix comment typo.
2019-07-23 23:24:47 +10:00
fd0684b319
Remove sys/cdefs.h include.
...
It's not needed on -portable (that's handled by includes.h) and not all
platforms have it.
2019-07-23 22:36:39 +10:00
11cba2a452
Re-apply portability changes to current sha2.{c,h}.
...
Rather than attempt to apply 14 years' worth of changes to OpenBSD's sha2
I imported the current versions directly then re-applied the portability
changes. This also allowed re-syncing digest-libc.c against upstream.
2019-07-23 22:06:24 +10:00
09159594a3
Import current sha2.c and sha2.h from OpenBSD.
...
These are not changed from their original state, the next commit will
re-apply the portable changes.
2019-07-23 22:06:24 +10:00
01dddb231f
fix SIGWINCH delivery of Solaris for mux sessions
...
Remove PRIV_PROC_SESSION which was limiting ability to send SIGWINCH
signals to other sessions. bz#3030; report and fix from Darren Moffat
2019-07-19 13:22:16 +10:00
22b9b3e944
Fix format string integer type in error message.
2019-07-19 07:23:26 +10:00
45478898f9
Hook memmem compat code into build.
...
This fixes builds on platforms that don't have it (at least old DragonFly,
probably others).
2019-07-16 09:21:20 +10:00
c7bd461729
Import memmem.c from OpenBSD.
2019-07-16 09:07:18 +10:00
eb0b51dac4
Move log.h include inside ifdefs.
...
Fixes build on some other platforms that don't have va_list immediately
available (eg NetBSD).
2019-07-08 17:27:26 +10:00
43702f8e6f
Include log.h for debug() and friends.
...
Should fix some compiler warnings on IRIX (bz#3032).
2019-07-08 14:27:37 +10:00
4efe1adf05
remove realpath() compat replacement
...
We shipped a BSD implementation of realpath() because sftp-server
depended on its behaviour.
OpenBSD is now moving to a more strictly POSIX-compliant realpath(2),
so sftp-server now unconditionally requires its own BSD-style realpath
implementation. As such, there is no need to carry another independant
implementation in openbsd-compat.
ok dtucker@
2019-07-08 13:38:39 +10:00
b8e2b79736
Add prototype for strnlen to prevent warnings.
2019-07-06 13:13:57 +10:00
4c3e00b1ed
Cast *ID types to unsigned long when printing.
...
UID and GID types vary by platform so cast to u_long and use %lu when
printing them to prevent warnings.
2019-07-06 13:02:34 +10:00
2753521e89
Add prototype for compat strndup.(bz#3032).
2019-07-06 12:54:43 +10:00
73eb6cef41
Include stdio.h for vsnprintf.
...
Patch from mforney at mforney.org.
2019-06-16 12:55:27 +10:00
adcaf40fd0
upstream rev 1.27: fix integer overflow.
...
Cast bitcount to u_in64_t before bit shifting to prevent integer overflow
on 32bit platforms which cause incorrect results when adding a block
>=512M in size. sha1 patch from ante84 at gmail.com via openssh github,
sha2 with djm@, ok tedu@
2019-06-14 14:22:39 +10:00
7689048e61
upstream rev 1.25: add DEF_WEAK.
...
Wrap blowfish, sha*, md5, and rmd160 so that internal calls go direct
ok deraadt@
2019-06-14 14:22:39 +10:00
55f3153393
upstream rev 1.25: add sys/types.h
2019-06-14 14:22:39 +10:00
10974f986f
upstream: Use explicit_bzero instead of memset
...
in hash Final and End functions. OK deraadt@ djm@
2019-06-14 14:22:39 +10:00
2b3402dc9f
Always clean up before and after utimensat test.
2019-06-08 00:03:07 +10:00
182898192d
Update utimensat test.
...
POSIX specifies that when given a symlink, AT_SYMLINK_NOFOLLOW should
update the symlink and not the destination. The compat code doesn't
have a way to do this, so where possible it fails instead of following a
symlink when explicitly asked not to. Instead of checking for an explicit
failure, check that it does not update the destination, which both the
real and compat implmentations should honour.
Inspired by github pull req #125 from chutzpah at gentoo.org.
2019-06-07 23:47:37 +10:00
b7b8334914
Don't install duplicate STREAMS modules on Solaris
...
Check if STREAMS modules are already installed on pty before installing
since when compiling with XPG>=4 they will likely be installed already.
Prevents hangs and duplicate lines on the terminal. bz#2945 and bz#2998,
patch from djm@
2019-04-26 18:06:34 +10:00
79a87d3278
Remove "struct ssh" from sys_auth_record_login.
...
It's not needed, and is not available from the call site in loginrec.c
Should only affect AIX, spotted by Kevin Brott.
2019-04-03 06:27:45 +11:00
138c0d52cd
Adapt custom_failed_login to new prototype.
...
Spotted by Kevin Brott.
2019-04-02 18:21:35 +11:00
43f47ebbdd
Only use O_NOFOLLOW in fchownat and fchmodat if defined
2019-03-31 19:22:19 -07:00
f5abb05f8c
Only use O_NOFOLLOW in utimensat if defined.
...
Fixes build on systems that don't have it (Solaris <=9) Found by
Tom G. Christensen.
2019-03-28 09:26:14 +11:00
a212107bfd
Replace alloca with xcalloc.
...
The latter checks for memory exhaustion and integer overflow and may be
at a less predictable place. Sanity check by vinschen at redhat.com, ok
djm@
2019-03-13 10:49:16 +11:00
daa7505aad
Use Cygwin-specific matching only for users+groups.
...
Patch from vinschen at redhat.com, updated a little by me.
2019-03-12 09:19:19 +11:00
37638c7520
Cygwin: implement case-insensitive Unicode user and group name matching
...
The previous revert enabled case-insensitive user names again. This
patch implements the case-insensitive user and group name matching.
To allow Unicode chars, implement the matcher using wchar_t chars in
Cygwin-specific code. Keep the generic code changes as small as possible.
Cygwin: implement case-insensitive Unicode user and group name matching
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2019-02-22 15:22:53 +11:00
bed1d43698
Revert unintended parts of previous commit.
2019-02-22 15:21:21 +11:00
f02afa350a
Revert "[auth.c] On Cygwin, refuse usernames that have differences in case"
...
This reverts commit acc9b29486
2019-02-22 15:04:16 +11:00
f236ca2741
Also undef SIMPLEQ_FOREACH_SAFE.
...
Prevents macro redefinition warning on at least NetBSD 6.1.
2019-01-24 10:07:03 +11:00
08f66d9f17
remove vestiges of old packet API from loginrec.c
2019-01-20 09:58:45 +11:00
a6258e5dc3
Add minimal fchownat and fchmodat implementations.
...
Fixes builds on at least OS X Lion, NetBSD 6 and Solaris 10.
2019-01-18 11:09:01 +11:00
091093d258
Add a minimal implementation of utimensat().
...
Some systems (eg older OS X) do not have utimensat, so provide minimal
implementation in compat layer. Fixes build on at least El Capitan.
2019-01-18 10:16:11 +11:00
8a85f5458d
Include stdio.h for FILE if needed.
2018-11-25 21:44:05 +11:00
16fb23f254
Reverse order of OpenSSL init functions.
...
Try the new init function (OPENSSL_init_crypto) before falling back to
the old one (OpenSSL_add_all_algorithms).
2018-11-25 14:05:57 +11:00
42c5ec4b97
refactor libcrypto initialisation
...
Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually
supports it.
Move all libcrypto initialisation to a single function, and call that
from seed_rng() that is called early in each tool's main().
Prompted by patch from Rosen Penev
2018-11-23 10:42:05 +11:00
d0d1dfa55b
Test for OPENSSL_init_crypto before using.
...
Check for the presence of OPENSSL_init_crypto and all the flags we want
before trying to use it (bz#2931).
2018-11-16 14:11:44 +11:00
ce93472134
Fix check for OpenSSL 1.0.1 exactly.
...
Both INSTALL and configure.ac claim OpenSSL >= 1.0.1 is supported; fix
compile-time check for 1.0.1 to match.
2018-11-16 12:44:01 +11:00
624d19ac2d
fix compilation with openssl built without ECC
...
ECDSA code in openssh-compat.h and libressl-api-compat.c needs to be
guarded by OPENSSL_HAS_ECC
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
2018-11-09 14:19:24 +11:00
595605d4ab
Update check for minimum OpenSSL version.
2018-10-28 15:18:13 +11:00
c801b0e38e
Use detected version functions in openssl compat.
...
Use detected functions in compat layer instead of guessing based on
versions. Really fixes builds with LibreSSL, not just configure.
2018-10-28 14:34:12 +11:00
406a24b25d
fix builds on OpenSSL <= 1.0.x
...
I thought OpenSSL 1.0.x offered the new-style OpenSSL_version_num() API
to obtain version number, but they don't.
2018-10-26 13:43:28 +11:00
c0a3526590
fix compile for openssl 1.0.x w/ --with-ssl-engine
...
bz#2921, patch from cotequeiroz
2018-10-23 16:19:56 +11:00
08300c2114
unbreak compilation with --with-ssl-engine
...
Missing last argument to OPENSSL_init_crypto()
2018-10-17 08:12:02 +11:00
4e23deefd7
Avoid deprecated OPENSSL_config when using 1.1.x
...
OpenSSL 1.1.x soft-deprecated OPENSSL_config in favour of
OPENSSL_init_crypto; pointed out by Jakub Jelen
2018-10-16 10:54:37 +11:00
797cdd9c84
Don't avoid our *sprintf replacements.
...
Don't let systems with broken printf(3) avoid our replacements
via asprintf(3)/vasprintf(3) calling libc internally. From djm@
2018-10-12 16:58:47 +11:00
fe8e8f349a
check for NULL return from shadow_pw()
...
probably unreachable on this platform; pointed out by
coolbugcheckers AT gmail.com
2018-10-11 11:03:54 +11:00
d1d301a1dd
in pick_salt() avoid dereference of NULL passwords
...
Apparently some NIS implementations can leave pw->pw_passwd (or the
shadow equivalent) NULL.
bz#2909; based on patch from Todd Eigenschink
2018-10-10 14:57:00 +11:00
c2fa53cd64
Remove unused variable in _ssh_compat_fflush.
2018-09-22 14:41:24 +10:00
48f54b9d12
adapt -portable to OpenSSL 1.1x API
...
Polyfill missing API with replacement functions extracted from LibreSSL
2018-09-13 12:13:50 +10:00
039bf2a817
Initial len for the fmt=NULL case.
...
Patch from jjelen at redhat via bz#2687. (OpenSSH never calls
setproctitle with a null format so len is always initialized).
2018-09-07 14:06:57 +10:00
ea9c06e11d
Include stdlib.h.
...
Patch from jjelen at redhat via bz#2687.
2018-09-07 14:01:39 +10:00
bc44ee088a
modified: openbsd-compat/port-uw.c
...
remove obsolete and un-needed include
2018-08-21 08:57:24 -07:00
b0917945ef
cygwin: add missing stdarg.h include
...
Further header file standarization in Cygwin uncovered a lazy
indirect include in bsd-cygwin_util.c
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2018-08-13 13:01:18 -07:00
e36a5f61b0
Some AIX fixes; report from Michael Felt
2018-08-11 18:08:45 -07:00
4492e2ec4e
correct snprintf truncation check in closefrom()
...
Truncation cannot happen unless the system has set PATH_MAX to some
nonsensically low value.
bz#2862, patch from Daniel Le
2018-07-27 14:20:09 +10:00
61cc0003eb
Undef a few new macros in sys-queue.h.
...
Prevents macro redefinition warnings on OSX.
2018-07-14 16:49:01 +10:00
5467fbcb09
upstream: remove legacy key emulation layer; ok djm@
...
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-12 13:18:25 +10:00
1c688801e9
Include stdlib.h for declaration of free.
...
Fixes build with -Werror on at least Fedora and probably others.
2018-07-11 12:14:09 +10:00
120a1ec74e
Adapt portable to legacy buffer API removal
2018-07-10 19:39:52 +10:00
872517ddbb
Defer setting bufsiz in getdelim.
...
Do not write to bufsiz until we are sure the malloc has succeeded,
in case any callers rely on it (which they shouldn't). ok djm@
2018-07-06 13:32:02 +10:00
6301e6c787
Add implementation of getline.
...
Add getline for the benefit of platforms that don't have it. Sourced
from NetBSD (OpenBSD's implementation is a little too chummy with the
internals of FILE).
2018-07-02 21:36:31 +10:00
32e4e94e15
sync fmt_scaled.c
...
revision 1.17
date: 2018/05/14 04:39:04; author: djm; state: Exp; lines: +5 -2;
commitid: 53zY8GjViUBnWo8Z;
constrain fractional part to [0-9] (less confusing to static analysis); ok ian@
2018-05-14 14:40:08 +10:00
7c15301841
Use includes.h instead of config.h.
...
This ensures it picks up the definition of DEF_WEAK, the lack of which
can cause compile errors in some cases (eg modern AIX). From
michael at felt.demon.nl.
2018-04-29 17:54:12 +10:00
cfb1d9bc76
Fix tunnel forwarding broken in 7.7p1
...
bz2855, ok dtucker@
2018-04-13 13:38:06 +10:00
afa6e79b76
prefer to use getrandom() for PRNG seeding
...
Only applies when built --without-openssl. Thanks Jann Horn for
reminder.
2018-04-13 13:32:23 +10:00
10479cc2a4
Many typo fixes from Karsten Weiss
...
Spotted using https://github.com/lucasdemarchi/codespell
2018-04-10 10:19:02 +10:00
2c71ca1dd1
Disable native strndup and strnlen on AIX.
...
On at least some revisions of AIX, strndup returns unterminated strings
under some conditions, apparently because strnlen returns incorrect
values in those cases. Disable both on AIX and use the replacements
from openbsd-compat. Fixes problem with ECDSA keys there, ok djm.
2018-03-30 18:23:07 +11:00
6b5a17bc14
Include ssh_api.h for struct ssh.
...
struct ssh is needed by implementations of sys_auth_passwd() that were
converted in commit bba02a50
2018-03-26 13:24:41 +11:00
bc3f80e4d1
Remove UNICOS code missed during removal.
...
Fixes compile error on AIX.
2018-03-26 13:24:28 +11:00
bba02a5094
modified: auth-sia.c
...
modified: openbsd-compat/port-aix.c
modified: openbsd-compat/port-uw.c
propogate changes to auth-passwd.c in commit
7c85685760
2018-03-25 09:17:33 -07:00
58fd4c5c01
Check for and work around buggy fflush(NULL).
...
Some really old platforms (eg SunOS4) segfault on fflush(NULL) so check
for and work around. With klausz at haus-gisela.de.
2018-03-05 19:28:08 +11:00
33561e68e0
Add strndup for platforms that need it.
...
Some platforms don't have strndup, which includes Solaris 10, NetBSD 3
and FreeBSD 6.
2018-03-03 14:58:34 +11:00
e8a17feba9
Flatten and alphabetize object file lists.
...
This will make maintenance and changes easier. "no objection" tim@
2018-03-03 14:58:34 +11:00
f0b245b043
Check if HAVE_DECL_BZERO correctly.
2018-02-27 08:51:52 +11:00
5aea4aa522
typo: missing ;
2018-02-26 14:39:14 +11:00
Damien Miller
Darren Tucker
Tim Rice
Corinna Vinschen
Eneas U de Queiroz
markus@openbsd.org