summaryrefslogtreecommitdiff
path: root/usr.bin
diff options
context:
space:
mode:
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/ssh/ssh-agent.c73
-rw-r--r--usr.bin/ssh/sshd.c24
2 files changed, 53 insertions, 44 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index 84f75fd8b94..bb46d3caaa0 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -35,7 +35,7 @@
#include "includes.h"
#include <sys/queue.h>
-RCSID("$OpenBSD: ssh-agent.c,v 1.95 2002/06/19 00:27:55 deraadt Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.96 2002/06/23 10:29:52 deraadt Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
@@ -106,6 +106,7 @@ static void
idtab_init(void)
{
int i;
+
for (i = 0; i <=2; i++) {
TAILQ_INIT(&idtable[i].idlist);
idtable[i].nentries = 0;
@@ -148,8 +149,8 @@ static void
process_request_identities(SocketEntry *e, int version)
{
Idtab *tab = idtab_lookup(version);
- Buffer msg;
Identity *id;
+ Buffer msg;
buffer_init(&msg);
buffer_put_char(&msg, (version == 1) ?
@@ -178,14 +179,14 @@ process_request_identities(SocketEntry *e, int version)
static void
process_authentication_challenge1(SocketEntry *e)
{
- Identity *id;
- Key *key;
+ u_char buf[32], mdbuf[16], session_id[16];
+ u_int response_type;
BIGNUM *challenge;
+ Identity *id;
int i, len;
Buffer msg;
MD5_CTX md;
- u_char buf[32], mdbuf[16], session_id[16];
- u_int response_type;
+ Key *key;
buffer_init(&msg);
key = key_new(KEY_RSA1);
@@ -247,13 +248,12 @@ send:
static void
process_sign_request2(SocketEntry *e)
{
- extern int datafellows;
- Key *key;
u_char *blob, *data, *signature = NULL;
u_int blen, dlen, slen = 0;
- int flags;
+ extern int datafellows;
+ int ok = -1, flags;
Buffer msg;
- int ok = -1;
+ Key *key;
datafellows = 0;
@@ -292,11 +292,10 @@ process_sign_request2(SocketEntry *e)
static void
process_remove_identity(SocketEntry *e, int version)
{
+ u_int blen, bits;
+ int success = 0;
Key *key = NULL;
u_char *blob;
- u_int blen;
- u_int bits;
- int success = 0;
switch (version) {
case 1:
@@ -306,7 +305,7 @@ process_remove_identity(SocketEntry *e, int version)
buffer_get_bignum(&e->request, key->rsa->n);
if (bits != key_size(key))
- log("Warning: identity keysize mismatch: actual %d, announced %d",
+ log("Warning: identity keysize mismatch: actual %u, announced %u",
key_size(key), bits);
break;
case 2:
@@ -366,10 +365,10 @@ process_remove_all_identities(SocketEntry *e, int version)
static void
reaper(void)
{
- Idtab *tab;
+ u_int now = time(NULL);
Identity *id, *nxt;
int version;
- u_int now = time(NULL);
+ Idtab *tab;
for (version = 1; version < 3; version++) {
tab = idtab_lookup(version);
@@ -387,11 +386,10 @@ reaper(void)
static void
process_add_identity(SocketEntry *e, int version)
{
- Key *k = NULL;
- char *type_name;
- char *comment;
- int type, success = 0, death = 0;
Idtab *tab = idtab_lookup(version);
+ int type, success = 0, death = 0;
+ char *type_name, *comment;
+ Key *k = NULL;
switch (version) {
case 1:
@@ -477,8 +475,8 @@ send:
static void
process_lock_agent(SocketEntry *e, int lock)
{
- char *passwd;
int success = 0;
+ char *passwd;
passwd = buffer_get_string(&e->request, NULL);
if (locked && !lock && strcmp(passwd, lock_passwd) == 0) {
@@ -519,11 +517,11 @@ no_identities(SocketEntry *e, u_int type)
static void
process_add_smartcard_key (SocketEntry *e)
{
- Identity *id;
- Idtab *tab;
- Key **keys, *k;
char *sc_reader_id = NULL, *pin;
int i, version, success = 0;
+ Key **keys, *k;
+ Identity *id;
+ Idtab *tab;
sc_reader_id = buffer_get_string(&e->request, NULL);
pin = buffer_get_string(&e->request, NULL);
@@ -562,11 +560,11 @@ send:
static void
process_remove_smartcard_key(SocketEntry *e)
{
- Identity *id;
- Idtab *tab;
- Key **keys, *k = NULL;
char *sc_reader_id = NULL, *pin;
int i, version, success = 0;
+ Key **keys, *k = NULL;
+ Identity *id;
+ Idtab *tab;
sc_reader_id = buffer_get_string(&e->request, NULL);
pin = buffer_get_string(&e->request, NULL);
@@ -604,8 +602,7 @@ send:
static void
process_message(SocketEntry *e)
{
- u_int msg_len;
- u_int type;
+ u_int msg_len, type;
u_char *cp;
/* kill dead keys */
@@ -618,6 +615,7 @@ process_message(SocketEntry *e)
if (msg_len > 256 * 1024) {
shutdown(e->fd, SHUT_RDWR);
close(e->fd);
+ e->fd = -1;
e->type = AUTH_UNUSED;
buffer_free(&e->input);
buffer_free(&e->output);
@@ -713,6 +711,7 @@ static void
new_socket(sock_type type, int fd)
{
u_int i, old_alloc;
+
if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0)
error("fcntl O_NONBLOCK: %s", strerror(errno));
@@ -797,11 +796,11 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, int *nallocp)
static void
after_select(fd_set *readset, fd_set *writeset)
{
- u_int i;
- int len, sock;
+ struct sockaddr_un sunaddr;
socklen_t slen;
char buf[1024];
- struct sockaddr_un sunaddr;
+ int len, sock;
+ u_int i;
for (i = 0; i < sockets_alloc; i++)
switch (sockets[i].type) {
@@ -835,6 +834,7 @@ after_select(fd_set *readset, fd_set *writeset)
if (len <= 0) {
shutdown(sockets[i].fd, SHUT_RDWR);
close(sockets[i].fd);
+ sockets[i].fd = -1;
sockets[i].type = AUTH_UNUSED;
buffer_free(&sockets[i].input);
buffer_free(&sockets[i].output);
@@ -854,6 +854,7 @@ after_select(fd_set *readset, fd_set *writeset)
if (len <= 0) {
shutdown(sockets[i].fd, SHUT_RDWR);
close(sockets[i].fd);
+ sockets[i].fd = -1;
sockets[i].type = AUTH_UNUSED;
buffer_free(&sockets[i].input);
buffer_free(&sockets[i].output);
@@ -924,13 +925,13 @@ int
main(int ac, char **av)
{
int sock, c_flag = 0, d_flag = 0, k_flag = 0, s_flag = 0, ch, nalloc;
+ char *shell, *format, *pidstr, *agentsocket = NULL;
+ fd_set *readsetp = NULL, *writesetp = NULL;
struct sockaddr_un sunaddr;
struct rlimit rlim;
- pid_t pid;
- char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
- char *agentsocket = NULL;
extern int optind;
- fd_set *readsetp = NULL, *writesetp = NULL;
+ pid_t pid;
+ char pidstrbuf[1 + 3 * sizeof pid];
SSLeay_add_all_algorithms();
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 505d834cd8e..a458e324dfd 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -42,7 +42,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.249 2002/06/23 03:30:17 deraadt Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.250 2002/06/23 10:29:52 deraadt Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
@@ -206,6 +206,7 @@ static void
close_listen_socks(void)
{
int i;
+
for (i = 0; i < num_listen_socks; i++)
close(listen_socks[i]);
num_listen_socks = -1;
@@ -215,6 +216,7 @@ static void
close_startup_pipes(void)
{
int i;
+
if (startup_pipes)
for (i = 0; i < options.max_startups; i++)
if (startup_pipes[i] != -1)
@@ -247,7 +249,8 @@ sighup_restart(void)
close_listen_socks();
close_startup_pipes();
execv(saved_argv[0], saved_argv);
- log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], strerror(errno));
+ log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0],
+ strerror(errno));
exit(1);
}
@@ -267,8 +270,8 @@ sigterm_handler(int sig)
static void
main_sigchld_handler(int sig)
{
- pid_t pid;
int save_errno = errno;
+ pid_t pid;
int status;
while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
@@ -328,6 +331,7 @@ static void
key_regeneration_alarm(int sig)
{
int save_errno = errno;
+
signal(SIGALRM, SIG_DFL);
errno = save_errno;
key_do_regen = 1;
@@ -513,8 +517,8 @@ static void
privsep_preauth_child(void)
{
u_int32_t rand[256];
- int i;
struct passwd *pw;
+ int i;
/* Enable challenge-response authentication for privilege separation */
privsep_challenge_enable();
@@ -670,6 +674,7 @@ Key *
get_hostkey_by_type(int type)
{
int i;
+
for (i = 0; i < options.num_host_key_files; i++) {
Key *key = sensitive_data.host_keys[i];
if (key != NULL && key->type == type)
@@ -690,6 +695,7 @@ int
get_hostkey_index(Key *key)
{
int i;
+
for (i = 0; i < options.num_host_key_files; i++) {
if (key == sensitive_data.host_keys[i])
return (i);
@@ -962,11 +968,13 @@ main(int ac, char **av)
* hate software patents. I dont know if this can go? Niels
*/
if (options.server_key_bits >
- BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) - SSH_KEY_BITS_RESERVED &&
- options.server_key_bits <
- BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) {
+ BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) -
+ SSH_KEY_BITS_RESERVED && options.server_key_bits <
+ BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) +
+ SSH_KEY_BITS_RESERVED) {
options.server_key_bits =
- BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED;
+ BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) +
+ SSH_KEY_BITS_RESERVED;
debug("Forcing server key to %d bits to make it differ from host key.",
options.server_key_bits);
}