summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2017-05-31 10:54:01 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2017-05-31 10:54:01 +0000
commit0ce04d4b175e9bc45474fdbf2d2e9e8f40727c07 (patch)
tree3ba0bc4823767652131ee1ce580b155b7f19d27c
parent319199278949ae64625cff9a140e876a139a8c02 (diff)
make sure we don't pass a NULL string to vfprintf (triggered by the
principals-command regress test); ok bluhm
-rw-r--r--usr.bin/ssh/auth-options.c5
-rw-r--r--usr.bin/ssh/auth-options.h4
-rw-r--r--usr.bin/ssh/auth2-pubkey.c9
3 files changed, 9 insertions, 9 deletions
diff --git a/usr.bin/ssh/auth-options.c b/usr.bin/ssh/auth-options.c
index 6e33bbd192f..51d30b3ada4 100644
--- a/usr.bin/ssh/auth-options.c
+++ b/usr.bin/ssh/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.72 2016/11/30 02:57:40 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.73 2017/05/31 10:54:00 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -116,7 +116,8 @@ match_flag(const char *opt, int allow_negate, char **optsp, const char *msg)
* side effect: sets key option flags
*/
int
-auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
+auth_parse_options(struct passwd *pw, char *opts, const char *file,
+ u_long linenum)
{
struct ssh *ssh = active_state; /* XXX */
const char *cp;
diff --git a/usr.bin/ssh/auth-options.h b/usr.bin/ssh/auth-options.h
index 52cbb42aaf8..547f016355a 100644
--- a/usr.bin/ssh/auth-options.h
+++ b/usr.bin/ssh/auth-options.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.h,v 1.22 2016/11/30 02:57:40 djm Exp $ */
+/* $OpenBSD: auth-options.h,v 1.23 2017/05/31 10:54:00 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -33,7 +33,7 @@ extern int forced_tun_device;
extern int key_is_cert_authority;
extern char *authorized_principals;
-int auth_parse_options(struct passwd *, char *, char *, u_long);
+int auth_parse_options(struct passwd *, char *, const char *, u_long);
void auth_clear_options(void);
int auth_cert_options(struct sshkey *, struct passwd *, const char **);
diff --git a/usr.bin/ssh/auth2-pubkey.c b/usr.bin/ssh/auth2-pubkey.c
index a0def36b9e4..67837293554 100644
--- a/usr.bin/ssh/auth2-pubkey.c
+++ b/usr.bin/ssh/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.66 2017/05/31 09:15:42 deraadt Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.67 2017/05/31 10:54:00 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -584,7 +584,7 @@ match_principals_option(const char *principal_list, struct sshkey_cert *cert)
}
static int
-process_principals(FILE *f, char *file, struct passwd *pw,
+process_principals(FILE *f, const char *file, struct passwd *pw,
const struct sshkey_cert *cert)
{
char line[SSH_MAX_PUBKEY_BYTES], *cp, *ep, *line_opts;
@@ -622,8 +622,7 @@ process_principals(FILE *f, char *file, struct passwd *pw,
for (i = 0; i < cert->nprincipals; i++) {
if (strcmp(cp, cert->principals[i]) == 0) {
debug3("%s:%lu: matched principal \"%.100s\"",
- file == NULL ? "(command)" : file,
- linenum, cert->principals[i]);
+ file, linenum, cert->principals[i]);
if (auth_parse_options(pw, line_opts,
file, linenum) != 1)
continue;
@@ -754,7 +753,7 @@ match_principals_command(struct passwd *user_pw, const struct sshkey *key)
uid_swapped = 1;
temporarily_use_uid(pw);
- ok = process_principals(f, NULL, pw, cert);
+ ok = process_principals(f, "(command)", pw, cert);
fclose(f);
f = NULL;