summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.bin/ssh/misc.c19
-rw-r--r--usr.bin/ssh/misc.h9
-rw-r--r--usr.bin/ssh/readconf.c14
-rw-r--r--usr.bin/ssh/servconf.c32
-rw-r--r--usr.bin/ssh/ssh.c14
-rw-r--r--usr.bin/ssh/sshd.c8
6 files changed, 63 insertions, 33 deletions
diff --git a/usr.bin/ssh/misc.c b/usr.bin/ssh/misc.c
index 0399725eaaa..b5c0fd1734c 100644
--- a/usr.bin/ssh/misc.c
+++ b/usr.bin/ssh/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.4 2001/02/28 17:52:54 deraadt Exp $ */
+/* $OpenBSD: misc.c,v 1.5 2001/04/12 20:09:37 stevesk Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: misc.c,v 1.4 2001/02/28 17:52:54 deraadt Exp $");
+RCSID("$OpenBSD: misc.c,v 1.5 2001/04/12 20:09:37 stevesk Exp $");
#include "misc.h"
#include "log.h"
@@ -113,3 +113,18 @@ pwcopy(struct passwd *pw)
copy->pw_shell = xstrdup(pw->pw_shell);
return copy;
}
+
+int a2port(const char *s)
+{
+ long port;
+ char *endp;
+
+ errno = 0;
+ port = strtol(s, &endp, 0);
+ if (s == endp || *endp != '\0' ||
+ (errno == ERANGE && (port == LONG_MIN || port == LONG_MAX)) ||
+ port <= 0 || port > 65535)
+ return 0;
+
+ return port;
+}
diff --git a/usr.bin/ssh/misc.h b/usr.bin/ssh/misc.h
index 2630dd75f15..9cd4ac1b1b6 100644
--- a/usr.bin/ssh/misc.h
+++ b/usr.bin/ssh/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.3 2001/02/22 21:59:44 markus Exp $ */
+/* $OpenBSD: misc.h,v 1.4 2001/04/12 20:09:36 stevesk Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -21,3 +21,10 @@ char *strdelim(char **s);
void set_nonblock(int fd);
struct passwd * pwcopy(struct passwd *pw);
+
+/*
+ * Convert ASCII string to TCP/IP port number.
+ * Port must be >0 and <=65535.
+ * Return 0 if invalid.
+ */
+int a2port(const char *s);
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
index a0e91e6f08b..949c4570456 100644
--- a/usr.bin/ssh/readconf.c
+++ b/usr.bin/ssh/readconf.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.73 2001/04/12 19:39:27 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.74 2001/04/12 20:09:37 stevesk Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -553,10 +553,10 @@ parse_int:
arg = strdelim(&s);
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing argument.", filename, linenum);
- if (arg[0] < '0' || arg[0] > '9')
+ fwd_port = a2port(arg);
+ if (fwd_port == 0)
fatal("%.200s line %d: Badly formatted port number.",
filename, linenum);
- fwd_port = atoi(arg);
arg = strdelim(&s);
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing second argument.",
@@ -572,10 +572,10 @@ parse_int:
arg = strdelim(&s);
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing argument.", filename, linenum);
- if (arg[0] < '0' || arg[0] > '9')
+ fwd_port = a2port(arg);
+ if (fwd_port == 0)
fatal("%.200s line %d: Badly formatted port number.",
filename, linenum);
- fwd_port = atoi(arg);
arg = strdelim(&s);
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing second argument.",
@@ -592,10 +592,10 @@ parse_int:
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing port argument.",
filename, linenum);
- if (arg[0] < '0' || arg[0] > '9')
+ fwd_port = a2port(arg);
+ if (fwd_port == 0)
fatal("%.200s line %d: Badly formatted port number.",
filename, linenum);
- fwd_port = atoi(arg);
add_local_forward(options, fwd_port, "socks4", 0);
break;
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index 8e876d1f12e..f3d5068c012 100644
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -10,7 +10,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.75 2001/04/12 19:15:25 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.76 2001/04/12 20:09:37 stevesk Exp $");
#ifdef KRB4
#include <krb.h>
@@ -31,8 +31,7 @@ RCSID("$OpenBSD: servconf.c,v 1.75 2001/04/12 19:15:25 markus Exp $");
#include "kex.h"
#include "mac.h"
-/* add listen address */
-void add_listen_addr(ServerOptions *options, char *addr, char *port);
+void add_listen_addr(ServerOptions *options, char *addr, u_short port);
void add_one_listen_addr(ServerOptions *options, char *addr, u_short port);
/* AF_UNSPEC or AF_INET or AF_INET6 */
@@ -117,7 +116,7 @@ fill_default_server_options(ServerOptions *options)
if (options->num_ports == 0)
options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
if (options->listen_addrs == NULL)
- add_listen_addr(options, NULL, NULL);
+ add_listen_addr(options, NULL, 0);
if (options->pid_file == NULL)
options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
if (options->server_key_bits == -1)
@@ -312,21 +311,18 @@ parse_token(const char *cp, const char *filename,
return sBadOption;
}
-/*
- * add listen address
- */
void
-add_listen_addr(ServerOptions *options, char *addr, char *port)
+add_listen_addr(ServerOptions *options, char *addr, u_short port)
{
int i;
if (options->num_ports == 0)
options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
- if (port == NULL)
+ if (port == 0)
for (i = 0; i < options->num_ports; i++)
add_one_listen_addr(options, addr, options->ports[i]);
else
- add_one_listen_addr(options, addr, atoi(port));
+ add_one_listen_addr(options, addr, port);
}
void
@@ -400,7 +396,10 @@ read_server_config(ServerOptions *options, const char *filename)
if (!arg || *arg == '\0')
fatal("%s line %d: missing port number.",
filename, linenum);
- options->ports[options->num_ports++] = atoi(arg);
+ options->ports[options->num_ports++] = a2port(arg);
+ if (options->ports[options->num_ports-1] == 0)
+ fatal("%s line %d: Badly formatted port number.",
+ filename, linenum);
break;
case sServerKeyBits:
@@ -438,20 +437,25 @@ parse_int:
memmove(p, p+1, strlen(p+1)+1);
} else if (((p = strchr(arg, ':')) == NULL) ||
(strchr(p+1, ':') != NULL)) {
- add_listen_addr(options, arg, NULL);
+ add_listen_addr(options, arg, 0);
break;
}
if (*p == ':') {
+ u_short port;
+
p++;
if (*p == '\0')
fatal("%s line %d: bad inet addr:port usage.",
filename, linenum);
else {
*(p-1) = '\0';
- add_listen_addr(options, arg, p);
+ if ((port = a2port(p)) == 0)
+ fatal("%s line %d: bad port number.",
+ filename, linenum);
+ add_listen_addr(options, arg, port);
}
} else if (*p == '\0')
- add_listen_addr(options, arg, NULL);
+ add_listen_addr(options, arg, 0);
else
fatal("%s line %d: bad inet addr usage.",
filename, linenum);
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 2282eb5ae76..6fd34f94add 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -39,7 +39,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.112 2001/04/12 19:15:25 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.113 2001/04/12 20:09:37 stevesk Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@@ -239,7 +239,7 @@ main(int ac, char **av)
{
int i, opt, optind, exit_status, ok;
u_short fwd_port, fwd_host_port;
- char *optarg, *cp, *endofnumber, buf[256];
+ char *optarg, *cp, buf[256];
struct stat st;
struct passwd *pw;
int dummy;
@@ -447,8 +447,8 @@ main(int ac, char **av)
}
break;
case 'p':
- options.port = strtol(optarg, &endofnumber, 0);
- if (optarg == endofnumber) {
+ options.port = a2port(optarg);
+ if (options.port == 0) {
fprintf(stderr, "Bad port '%s'\n", optarg);
exit(1);
}
@@ -480,9 +480,9 @@ main(int ac, char **av)
break;
case 'D':
- fwd_port = strtol(optarg, &endofnumber, 0);
- if (optarg == endofnumber) {
- fprintf(stderr, "Bad port '%s'\n", optarg);
+ fwd_port = a2port(optarg);
+ if (fwd_port == 0) {
+ fprintf(stderr, "Bad dynamic port '%s'\n", optarg);
exit(1);
}
add_local_forward(&options, fwd_port, "socks4", 0);
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 15bdffcf377..661678c2837 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.192 2001/04/11 16:25:30 lebel Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.193 2001/04/12 20:09:38 stevesk Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
@@ -598,7 +598,11 @@ main(int ac, char **av)
fprintf(stderr, "too many ports.\n");
exit(1);
}
- options.ports[options.num_ports++] = atoi(optarg);
+ options.ports[options.num_ports++] = a2port(optarg);
+ if (options.ports[options.num_ports-1] == 0) {
+ fprintf(stderr, "Bad port number.\n");
+ exit(1);
+ }
break;
case 'g':
options.login_grace_time = atoi(optarg);