diff options
| -rw-r--r-- | usr.bin/ssh/servconf.c | 30 | ||||
| -rw-r--r-- | usr.bin/ssh/serverloop.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd.c | 53 |
3 files changed, 46 insertions, 41 deletions
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index 6fecd8cb548..6d71c9825f7 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.337 2018/07/09 13:37:10 sf Exp $ */ +/* $OpenBSD: servconf.c,v 1.338 2018/07/09 21:29:36 markus Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -36,7 +36,7 @@ #include "xmalloc.h" #include "ssh.h" #include "log.h" -#include "buffer.h" +#include "sshbuf.h" #include "misc.h" #include "servconf.h" #include "compat.h" @@ -50,6 +50,7 @@ #include "groupaccess.h" #include "canohost.h" #include "packet.h" +#include "ssherr.h" #include "hostfile.h" #include "auth.h" #include "myproposal.h" @@ -62,7 +63,7 @@ static void add_one_listen_addr(ServerOptions *, const char *, /* Use of privilege separation or not */ extern int use_privsep; -extern Buffer cfg; +extern struct sshbuf *cfg; /* Initializes the server options to their default values. */ @@ -2100,19 +2101,19 @@ process_server_config_line(ServerOptions *options, char *line, /* Reads the server configuration file. */ void -load_server_config(const char *filename, Buffer *conf) +load_server_config(const char *filename, struct sshbuf *conf) { char *line = NULL, *cp; size_t linesize = 0; FILE *f; - int lineno = 0; + int r, lineno = 0; debug2("%s: filename %s", __func__, filename); if ((f = fopen(filename, "r")) == NULL) { perror(filename); exit(1); } - buffer_clear(conf); + sshbuf_reset(conf); while (getline(&line, &linesize, f) != -1) { lineno++; /* @@ -2123,13 +2124,14 @@ load_server_config(const char *filename, Buffer *conf) if ((cp = strchr(line, '#')) != NULL) memcpy(cp, "\n", 2); cp = line + strspn(line, " \t\r"); - - buffer_append(conf, cp, strlen(cp)); + if ((r = sshbuf_put(conf, cp, strlen(cp))) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); } free(line); - buffer_append(conf, "\0", 1); + if ((r = sshbuf_put_u8(conf, 0)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); fclose(f); - debug2("%s: done config len = %d", __func__, buffer_len(conf)); + debug2("%s: done config len = %zu", __func__, sshbuf_len(conf)); } void @@ -2139,7 +2141,7 @@ parse_server_match_config(ServerOptions *options, ServerOptions mo; initialize_server_options(&mo); - parse_server_config(&mo, "reprocess config", &cfg, connectinfo); + parse_server_config(&mo, "reprocess config", cfg, connectinfo); copy_set_server_options(options, &mo, 0); } @@ -2283,13 +2285,13 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) #undef M_CP_STRARRAYOPT void -parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, - struct connection_info *connectinfo) +parse_server_config(ServerOptions *options, const char *filename, + struct sshbuf *conf, struct connection_info *connectinfo) { int active, linenum, bad_options = 0; char *cp, *obuf, *cbuf; - debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); + debug2("%s: config %s len %zu", __func__, filename, sshbuf_len(conf)); if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL) fatal("%s: sshbuf_dup_string failed", __func__); diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c index 330bd8d1215..e458c5178af 100644 --- a/usr.bin/ssh/serverloop.c +++ b/usr.bin/ssh/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.206 2018/06/08 01:55:40 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.207 2018/07/09 21:29:36 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -54,7 +54,7 @@ #include "xmalloc.h" #include "packet.h" -#include "buffer.h" +#include "sshbuf.h" #include "log.h" #include "misc.h" #include "servconf.h" diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 2e76587fa21..d9f038c1794 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.510 2018/07/09 21:26:02 markus Exp $ */ +/* $OpenBSD: sshd.c,v 1.511 2018/07/09 21:29:36 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -73,7 +73,7 @@ #include "sshpty.h" #include "packet.h" #include "log.h" -#include "buffer.h" +#include "sshbuf.h" #include "misc.h" #include "match.h" #include "servconf.h" @@ -217,7 +217,7 @@ Authctxt *the_authctxt = NULL; struct sshauthopt *auth_opts = NULL; /* sshd_config buffer */ -Buffer cfg; +struct sshbuf *cfg; /* message to be displayed after login */ struct sshbuf *loginmsg; @@ -910,27 +910,30 @@ send_rexec_state(int fd, struct sshbuf *conf) } static void -recv_rexec_state(int fd, Buffer *conf) +recv_rexec_state(int fd, struct sshbuf *conf) { - Buffer m; - char *cp; - u_int len; + struct sshbuf *m; + u_char *cp, ver; + size_t len; + int r; debug3("%s: entering fd = %d", __func__, fd); - buffer_init(&m); - - if (ssh_msg_recv(fd, &m) == -1) + if ((m = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + if (ssh_msg_recv(fd, m) == -1) fatal("%s: ssh_msg_recv failed", __func__); - if (buffer_get_char(&m) != 0) + if ((r = sshbuf_get_u8(m, &ver)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + if (ver != 0) fatal("%s: rexec version mismatch", __func__); + if ((r = sshbuf_get_string(m, &cp, &len)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); + if (conf != NULL && (r = sshbuf_put(conf, cp, len))) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); - cp = buffer_get_string(&m, &len); - if (conf != NULL) - buffer_append(conf, cp, len); free(cp); - - buffer_free(&m); + sshbuf_free(m); debug3("%s: done", __func__); } @@ -1206,8 +1209,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) startup_pipe = -1; pid = getpid(); if (rexec_flag) { - send_rexec_state(config_s[0], - &cfg); + send_rexec_state(config_s[0], cfg); close(config_s[0]); } break; @@ -1250,7 +1252,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) close(startup_p[1]); if (rexec_flag) { - send_rexec_state(config_s[0], &cfg); + send_rexec_state(config_s[0], cfg); close(config_s[0]); close(config_s[1]); } @@ -1546,14 +1548,15 @@ main(int ac, char **av) "test mode (-T)"); /* Fetch our configuration */ - buffer_init(&cfg); + if ((cfg = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); if (rexeced_flag) - recv_rexec_state(REEXEC_CONFIG_PASS_FD, &cfg); + recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg); else if (strcasecmp(config_file_name, "none") != 0) - load_server_config(config_file_name, &cfg); + load_server_config(config_file_name, cfg); parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, - &cfg, NULL); + cfg, NULL); /* Fill in default values for those options not explicitly set. */ fill_default_server_options(&options); @@ -1639,7 +1642,7 @@ main(int ac, char **av) keytype = pubkey->type; } else if (key != NULL) { keytype = key->type; - accumulate_host_timing_secret(&cfg, key); + accumulate_host_timing_secret(cfg, key); } else { error("Could not load host key: %s", options.host_key_files[i]); @@ -1665,7 +1668,7 @@ main(int ac, char **av) key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp); free(fp); } - accumulate_host_timing_secret(&cfg, NULL); + accumulate_host_timing_secret(cfg, NULL); if (!sensitive_data.have_ssh2_key) { logit("sshd: no hostkeys available -- exiting."); exit(1); |