diff options
author | Damien Miller <djm@mindrot.org> | 2005-06-17 12:59:34 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2005-06-17 12:59:34 +1000 |
commit | eccb9de72aa29da5a3fad87a4287b32438689c1f (patch) | |
tree | 9b8ef20a7e454b984e0ad67b54b2bdc5577aa2fa | |
parent | 677257fe07dd2b9a58817e1d42fc2c25bb618a4d (diff) |
- djm@cvs.openbsd.org 2005/06/17 02:44:33
[auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
[bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
[kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
[servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
[ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
make this -Wsign-compare clean; ok avsm@ markus@
NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
NB2. more work may be needed to make portable Wsign-compare clean
-rw-r--r-- | ChangeLog | 11 | ||||
-rw-r--r-- | auth-rsa.c | 6 | ||||
-rw-r--r-- | auth.c | 4 | ||||
-rw-r--r-- | auth2-chall.c | 9 | ||||
-rw-r--r-- | auth2-gss.c | 4 | ||||
-rw-r--r-- | authfd.c | 9 | ||||
-rw-r--r-- | authfile.c | 16 | ||||
-rw-r--r-- | bufaux.c | 4 | ||||
-rw-r--r-- | canohost.c | 5 | ||||
-rw-r--r-- | channels.c | 9 | ||||
-rw-r--r-- | cipher.c | 8 | ||||
-rw-r--r-- | clientloop.c | 11 | ||||
-rw-r--r-- | dns.c | 8 | ||||
-rw-r--r-- | gss-serv.c | 4 | ||||
-rw-r--r-- | kex.c | 33 | ||||
-rw-r--r-- | kex.h | 8 | ||||
-rw-r--r-- | key.c | 4 | ||||
-rw-r--r-- | mac.c | 11 | ||||
-rw-r--r-- | match.c | 4 | ||||
-rw-r--r-- | misc.c | 13 | ||||
-rw-r--r-- | packet.c | 8 | ||||
-rw-r--r-- | packet.h | 4 | ||||
-rw-r--r-- | scp.c | 10 | ||||
-rw-r--r-- | servconf.c | 7 | ||||
-rw-r--r-- | session.c | 6 | ||||
-rw-r--r-- | session.h | 4 | ||||
-rw-r--r-- | sftp-client.c | 10 | ||||
-rw-r--r-- | sftp-server.c | 12 | ||||
-rw-r--r-- | sftp.c | 13 | ||||
-rw-r--r-- | ssh-keyscan.c | 12 | ||||
-rw-r--r-- | ssh-rsa.c | 4 | ||||
-rw-r--r-- | sshconnect.c | 5 | ||||
-rw-r--r-- | sshconnect1.c | 4 | ||||
-rw-r--r-- | sshconnect2.c | 7 | ||||
-rw-r--r-- | sshd.c | 7 |
35 files changed, 160 insertions, 134 deletions
@@ -8,6 +8,15 @@ | |||
8 | [canohost.c channels.c sshd.c] | 8 | [canohost.c channels.c sshd.c] |
9 | don't exit if getpeername fails for forwarded ports; bugzilla #1054; | 9 | don't exit if getpeername fails for forwarded ports; bugzilla #1054; |
10 | ok djm | 10 | ok djm |
11 | - djm@cvs.openbsd.org 2005/06/17 02:44:33 | ||
12 | [auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c] | ||
13 | [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c] | ||
14 | [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c] | ||
15 | [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c] | ||
16 | [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c] | ||
17 | make this -Wsign-compare clean; ok avsm@ markus@ | ||
18 | NB. auth1.c changes not committed yet (conflicts with uncommitted sync) | ||
19 | NB2. more work may be needed to make portable Wsign-compare clean | ||
11 | 20 | ||
12 | 20050616 | 21 | 20050616 |
13 | - (djm) OpenBSD CVS Sync | 22 | - (djm) OpenBSD CVS Sync |
@@ -2725,4 +2734,4 @@ | |||
2725 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 2734 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
2726 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 2735 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
2727 | 2736 | ||
2728 | $Id: ChangeLog,v 1.3822 2005/06/17 02:55:03 djm Exp $ | 2737 | $Id: ChangeLog,v 1.3823 2005/06/17 02:59:34 djm Exp $ |
diff --git a/auth-rsa.c b/auth-rsa.c index 4378008d3..d9c9652dc 100644 --- a/auth-rsa.c +++ b/auth-rsa.c | |||
@@ -14,7 +14,7 @@ | |||
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$OpenBSD: auth-rsa.c,v 1.62 2004/12/11 01:48:56 dtucker Exp $"); | 17 | RCSID("$OpenBSD: auth-rsa.c,v 1.63 2005/06/17 02:44:32 djm Exp $"); |
18 | 18 | ||
19 | #include <openssl/rsa.h> | 19 | #include <openssl/rsa.h> |
20 | #include <openssl/md5.h> | 20 | #include <openssl/md5.h> |
@@ -205,6 +205,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | |||
205 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { | 205 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
206 | char *cp; | 206 | char *cp; |
207 | char *key_options; | 207 | char *key_options; |
208 | int keybits; | ||
208 | 209 | ||
209 | /* Skip leading whitespace, empty and comment lines. */ | 210 | /* Skip leading whitespace, empty and comment lines. */ |
210 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) | 211 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) |
@@ -243,7 +244,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | |||
243 | continue; | 244 | continue; |
244 | 245 | ||
245 | /* check the real bits */ | 246 | /* check the real bits */ |
246 | if (bits != BN_num_bits(key->rsa->n)) | 247 | keybits = BN_num_bits(key->rsa->n); |
248 | if (keybits < 0 || bits != (u_int)keybits) | ||
247 | logit("Warning: %s, line %lu: keysize mismatch: " | 249 | logit("Warning: %s, line %lu: keysize mismatch: " |
248 | "actual %d vs. announced %d.", | 250 | "actual %d vs. announced %d.", |
249 | file, linenum, BN_num_bits(key->rsa->n), bits); | 251 | file, linenum, BN_num_bits(key->rsa->n), bits); |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth.c,v 1.59 2005/06/06 11:20:36 djm Exp $"); | 26 | RCSID("$OpenBSD: auth.c,v 1.60 2005/06/17 02:44:32 djm Exp $"); |
27 | 27 | ||
28 | #ifdef HAVE_LOGIN_H | 28 | #ifdef HAVE_LOGIN_H |
29 | #include <login.h> | 29 | #include <login.h> |
@@ -76,7 +76,7 @@ allowed_user(struct passwd * pw) | |||
76 | struct stat st; | 76 | struct stat st; |
77 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; | 77 | const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; |
78 | char *shell; | 78 | char *shell; |
79 | int i; | 79 | u_int i; |
80 | #ifdef USE_SHADOW | 80 | #ifdef USE_SHADOW |
81 | struct spwd *spw = NULL; | 81 | struct spwd *spw = NULL; |
82 | #endif | 82 | #endif |
diff --git a/auth2-chall.c b/auth2-chall.c index 384a543ee..1cea15378 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
@@ -23,7 +23,7 @@ | |||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | */ | 24 | */ |
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $"); | 26 | RCSID("$OpenBSD: auth2-chall.c,v 1.23 2005/06/17 02:44:32 djm Exp $"); |
27 | 27 | ||
28 | #include "ssh2.h" | 28 | #include "ssh2.h" |
29 | #include "auth.h" | 29 | #include "auth.h" |
@@ -239,8 +239,7 @@ send_userauth_info_request(Authctxt *authctxt) | |||
239 | { | 239 | { |
240 | KbdintAuthctxt *kbdintctxt; | 240 | KbdintAuthctxt *kbdintctxt; |
241 | char *name, *instr, **prompts; | 241 | char *name, *instr, **prompts; |
242 | int i; | 242 | u_int i, *echo_on; |
243 | u_int *echo_on; | ||
244 | 243 | ||
245 | kbdintctxt = authctxt->kbdintctxt; | 244 | kbdintctxt = authctxt->kbdintctxt; |
246 | if (kbdintctxt->device->query(kbdintctxt->ctxt, | 245 | if (kbdintctxt->device->query(kbdintctxt->ctxt, |
@@ -273,8 +272,8 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) | |||
273 | { | 272 | { |
274 | Authctxt *authctxt = ctxt; | 273 | Authctxt *authctxt = ctxt; |
275 | KbdintAuthctxt *kbdintctxt; | 274 | KbdintAuthctxt *kbdintctxt; |
276 | int i, authenticated = 0, res, len; | 275 | int authenticated = 0, res, len; |
277 | u_int nresp; | 276 | u_int i, nresp; |
278 | char **response = NULL, *method; | 277 | char **response = NULL, *method; |
279 | 278 | ||
280 | if (authctxt == NULL) | 279 | if (authctxt == NULL) |
diff --git a/auth2-gss.c b/auth2-gss.c index 3289ba18e..855b61b4e 100644 --- a/auth2-gss.c +++ b/auth2-gss.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-gss.c,v 1.8 2004/06/21 17:36:31 avsm Exp $ */ | 1 | /* $OpenBSD: auth2-gss.c,v 1.9 2005/06/17 02:44:32 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -61,7 +61,7 @@ userauth_gssapi(Authctxt *authctxt) | |||
61 | int present; | 61 | int present; |
62 | OM_uint32 ms; | 62 | OM_uint32 ms; |
63 | u_int len; | 63 | u_int len; |
64 | char *doid = NULL; | 64 | u_char *doid = NULL; |
65 | 65 | ||
66 | if (!authctxt->valid || authctxt->user == NULL) | 66 | if (!authctxt->valid || authctxt->user == NULL) |
67 | return (0); | 67 | return (0); |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: authfd.c,v 1.65 2005/05/24 17:32:43 avsm Exp $"); | 38 | RCSID("$OpenBSD: authfd.c,v 1.66 2005/06/17 02:44:32 djm Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | 41 | ||
@@ -114,8 +114,7 @@ ssh_get_authentication_socket(void) | |||
114 | static int | 114 | static int |
115 | ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply) | 115 | ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply) |
116 | { | 116 | { |
117 | int l; | 117 | u_int l, len; |
118 | u_int len; | ||
119 | char buf[1024]; | 118 | char buf[1024]; |
120 | 119 | ||
121 | /* Get the length of the message, and format it in the buffer. */ | 120 | /* Get the length of the message, and format it in the buffer. */ |
@@ -302,6 +301,7 @@ ssh_get_first_identity(AuthenticationConnection *auth, char **comment, int versi | |||
302 | Key * | 301 | Key * |
303 | ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version) | 302 | ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version) |
304 | { | 303 | { |
304 | int keybits; | ||
305 | u_int bits; | 305 | u_int bits; |
306 | u_char *blob; | 306 | u_char *blob; |
307 | u_int blen; | 307 | u_int blen; |
@@ -322,7 +322,8 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio | |||
322 | buffer_get_bignum(&auth->identities, key->rsa->e); | 322 | buffer_get_bignum(&auth->identities, key->rsa->e); |
323 | buffer_get_bignum(&auth->identities, key->rsa->n); | 323 | buffer_get_bignum(&auth->identities, key->rsa->n); |
324 | *comment = buffer_get_string(&auth->identities, NULL); | 324 | *comment = buffer_get_string(&auth->identities, NULL); |
325 | if (bits != BN_num_bits(key->rsa->n)) | 325 | keybits = BN_num_bits(key->rsa->n); |
326 | if (keybits < 0 || bits != (u_int)keybits) | ||
326 | logit("Warning: identity keysize mismatch: actual %d, announced %u", | 327 | logit("Warning: identity keysize mismatch: actual %d, announced %u", |
327 | BN_num_bits(key->rsa->n), bits); | 328 | BN_num_bits(key->rsa->n), bits); |
328 | break; | 329 | break; |
diff --git a/authfile.c b/authfile.c index 6a04cd7a9..420813f37 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -36,7 +36,7 @@ | |||
36 | */ | 36 | */ |
37 | 37 | ||
38 | #include "includes.h" | 38 | #include "includes.h" |
39 | RCSID("$OpenBSD: authfile.c,v 1.60 2004/12/11 01:48:56 dtucker Exp $"); | 39 | RCSID("$OpenBSD: authfile.c,v 1.61 2005/06/17 02:44:32 djm Exp $"); |
40 | 40 | ||
41 | #include <openssl/err.h> | 41 | #include <openssl/err.h> |
42 | #include <openssl/evp.h> | 42 | #include <openssl/evp.h> |
@@ -52,6 +52,7 @@ RCSID("$OpenBSD: authfile.c,v 1.60 2004/12/11 01:48:56 dtucker Exp $"); | |||
52 | #include "authfile.h" | 52 | #include "authfile.h" |
53 | #include "rsa.h" | 53 | #include "rsa.h" |
54 | #include "misc.h" | 54 | #include "misc.h" |
55 | #include "atomicio.h" | ||
55 | 56 | ||
56 | /* Version identification string for SSH v1 identity files. */ | 57 | /* Version identification string for SSH v1 identity files. */ |
57 | static const char authfile_id_string[] = | 58 | static const char authfile_id_string[] = |
@@ -147,8 +148,8 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, | |||
147 | buffer_free(&encrypted); | 148 | buffer_free(&encrypted); |
148 | return 0; | 149 | return 0; |
149 | } | 150 | } |
150 | if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != | 151 | if (atomicio(vwrite, fd, buffer_ptr(&encrypted), |
151 | buffer_len(&encrypted)) { | 152 | buffer_len(&encrypted)) != buffer_len(&encrypted)) { |
152 | error("write to key file %s failed: %s", filename, | 153 | error("write to key file %s failed: %s", filename, |
153 | strerror(errno)); | 154 | strerror(errno)); |
154 | buffer_free(&encrypted); | 155 | buffer_free(&encrypted); |
@@ -236,7 +237,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) | |||
236 | Key *pub; | 237 | Key *pub; |
237 | struct stat st; | 238 | struct stat st; |
238 | char *cp; | 239 | char *cp; |
239 | int i; | 240 | u_int i; |
240 | size_t len; | 241 | size_t len; |
241 | 242 | ||
242 | if (fstat(fd, &st) < 0) { | 243 | if (fstat(fd, &st) < 0) { |
@@ -253,7 +254,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) | |||
253 | buffer_init(&buffer); | 254 | buffer_init(&buffer); |
254 | cp = buffer_append_space(&buffer, len); | 255 | cp = buffer_append_space(&buffer, len); |
255 | 256 | ||
256 | if (read(fd, cp, (size_t) len) != (size_t) len) { | 257 | if (atomicio(read, fd, cp, len) != len) { |
257 | debug("Read from key file %.200s failed: %.100s", filename, | 258 | debug("Read from key file %.200s failed: %.100s", filename, |
258 | strerror(errno)); | 259 | strerror(errno)); |
259 | buffer_free(&buffer); | 260 | buffer_free(&buffer); |
@@ -322,7 +323,8 @@ static Key * | |||
322 | key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | 323 | key_load_private_rsa1(int fd, const char *filename, const char *passphrase, |
323 | char **commentp) | 324 | char **commentp) |
324 | { | 325 | { |
325 | int i, check1, check2, cipher_type; | 326 | u_int i; |
327 | int check1, check2, cipher_type; | ||
326 | size_t len; | 328 | size_t len; |
327 | Buffer buffer, decrypted; | 329 | Buffer buffer, decrypted; |
328 | u_char *cp; | 330 | u_char *cp; |
@@ -347,7 +349,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | |||
347 | buffer_init(&buffer); | 349 | buffer_init(&buffer); |
348 | cp = buffer_append_space(&buffer, len); | 350 | cp = buffer_append_space(&buffer, len); |
349 | 351 | ||
350 | if (read(fd, cp, (size_t) len) != (size_t) len) { | 352 | if (atomicio(read, fd, cp, len) != len) { |
351 | debug("Read from key file %.200s failed: %.100s", filename, | 353 | debug("Read from key file %.200s failed: %.100s", filename, |
352 | strerror(errno)); | 354 | strerror(errno)); |
353 | buffer_free(&buffer); | 355 | buffer_free(&buffer); |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: bufaux.c,v 1.35 2005/03/10 22:01:05 deraadt Exp $"); | 40 | RCSID("$OpenBSD: bufaux.c,v 1.36 2005/06/17 02:44:32 djm Exp $"); |
41 | 41 | ||
42 | #include <openssl/bn.h> | 42 | #include <openssl/bn.h> |
43 | #include "bufaux.h" | 43 | #include "bufaux.h" |
@@ -154,7 +154,7 @@ buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value) | |||
154 | buf[0] = 0x00; | 154 | buf[0] = 0x00; |
155 | /* Get the value of in binary */ | 155 | /* Get the value of in binary */ |
156 | oi = BN_bn2bin(value, buf+1); | 156 | oi = BN_bn2bin(value, buf+1); |
157 | if (oi != bytes-1) { | 157 | if (oi < 0 || (u_int)oi != bytes - 1) { |
158 | error("buffer_put_bignum2_ret: BN_bn2bin() failed: " | 158 | error("buffer_put_bignum2_ret: BN_bn2bin() failed: " |
159 | "oi %d != bin_size %d", oi, bytes); | 159 | "oi %d != bin_size %d", oi, bytes); |
160 | xfree(buf); | 160 | xfree(buf); |
diff --git a/canohost.c b/canohost.c index c3ab45556..04dc3d182 100644 --- a/canohost.c +++ b/canohost.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: canohost.c,v 1.43 2005/06/16 08:00:00 markus Exp $"); | 15 | RCSID("$OpenBSD: canohost.c,v 1.44 2005/06/17 02:44:32 djm Exp $"); |
16 | 16 | ||
17 | #include "packet.h" | 17 | #include "packet.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -143,7 +143,8 @@ check_ip_options(int sock, char *ipaddr) | |||
143 | u_char options[200]; | 143 | u_char options[200]; |
144 | char text[sizeof(options) * 3 + 1]; | 144 | char text[sizeof(options) * 3 + 1]; |
145 | socklen_t option_size; | 145 | socklen_t option_size; |
146 | int i, ipproto; | 146 | u_int i; |
147 | int ipproto; | ||
147 | struct protoent *ip; | 148 | struct protoent *ip; |
148 | 149 | ||
149 | if ((ip = getprotobyname("ip")) != NULL) | 150 | if ((ip = getprotobyname("ip")) != NULL) |
diff --git a/channels.c b/channels.c index 66b15f5b5..7ca1c53ba 100644 --- a/channels.c +++ b/channels.c | |||
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: channels.c,v 1.216 2005/06/16 08:00:00 markus Exp $"); | 42 | RCSID("$OpenBSD: channels.c,v 1.217 2005/06/17 02:44:32 djm Exp $"); |
43 | 43 | ||
44 | #include "ssh.h" | 44 | #include "ssh.h" |
45 | #include "ssh1.h" | 45 | #include "ssh1.h" |
@@ -894,7 +894,7 @@ static int | |||
894 | channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) | 894 | channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) |
895 | { | 895 | { |
896 | char *p, *host; | 896 | char *p, *host; |
897 | int len, have, i, found; | 897 | u_int len, have, i, found; |
898 | char username[256]; | 898 | char username[256]; |
899 | struct { | 899 | struct { |
900 | u_int8_t version; | 900 | u_int8_t version; |
@@ -979,7 +979,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset) | |||
979 | } s5_req, s5_rsp; | 979 | } s5_req, s5_rsp; |
980 | u_int16_t dest_port; | 980 | u_int16_t dest_port; |
981 | u_char *p, dest_addr[255+1]; | 981 | u_char *p, dest_addr[255+1]; |
982 | int i, have, found, nmethods, addrlen, af; | 982 | u_int have, i, found, nmethods, addrlen, af; |
983 | 983 | ||
984 | debug2("channel %d: decode socks5", c->self); | 984 | debug2("channel %d: decode socks5", c->self); |
985 | p = buffer_ptr(&c->input); | 985 | p = buffer_ptr(&c->input); |
@@ -1075,7 +1075,8 @@ static void | |||
1075 | channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset) | 1075 | channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset) |
1076 | { | 1076 | { |
1077 | u_char *p; | 1077 | u_char *p; |
1078 | int have, ret; | 1078 | u_int have; |
1079 | int ret; | ||
1079 | 1080 | ||
1080 | have = buffer_len(&c->input); | 1081 | have = buffer_len(&c->input); |
1081 | c->delayed = 0; | 1082 | c->delayed = 0; |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: cipher.c,v 1.75 2005/06/09 13:43:49 dtucker Exp $"); | 38 | RCSID("$OpenBSD: cipher.c,v 1.76 2005/06/17 02:44:32 djm Exp $"); |
39 | 39 | ||
40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
41 | #include "log.h" | 41 | #include "log.h" |
@@ -235,7 +235,7 @@ cipher_init(CipherContext *cc, Cipher *cipher, | |||
235 | fatal("cipher_init: EVP_CipherInit failed for %s", | 235 | fatal("cipher_init: EVP_CipherInit failed for %s", |
236 | cipher->name); | 236 | cipher->name); |
237 | klen = EVP_CIPHER_CTX_key_length(&cc->evp); | 237 | klen = EVP_CIPHER_CTX_key_length(&cc->evp); |
238 | if (klen > 0 && keylen != klen) { | 238 | if (klen > 0 && keylen != (u_int)klen) { |
239 | debug2("cipher_init: set keylen (%d -> %d)", klen, keylen); | 239 | debug2("cipher_init: set keylen (%d -> %d)", klen, keylen); |
240 | if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) | 240 | if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) |
241 | fatal("cipher_init: set keylen failed (%d -> %d)", | 241 | fatal("cipher_init: set keylen failed (%d -> %d)", |
@@ -326,9 +326,9 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) | |||
326 | case SSH_CIPHER_DES: | 326 | case SSH_CIPHER_DES: |
327 | case SSH_CIPHER_BLOWFISH: | 327 | case SSH_CIPHER_BLOWFISH: |
328 | evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); | 328 | evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); |
329 | if (evplen == 0) | 329 | if (evplen <= 0) |
330 | return; | 330 | return; |
331 | if (evplen != len) | 331 | if ((u_int)evplen != len) |
332 | fatal("%s: wrong iv length %d != %d", __func__, | 332 | fatal("%s: wrong iv length %d != %d", __func__, |
333 | evplen, len); | 333 | evplen, len); |
334 | #if OPENSSL_VERSION_NUMBER < 0x00907000L | 334 | #if OPENSSL_VERSION_NUMBER < 0x00907000L |
diff --git a/clientloop.c b/clientloop.c index ee36cc9e5..a030cf6e4 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -59,7 +59,7 @@ | |||
59 | */ | 59 | */ |
60 | 60 | ||
61 | #include "includes.h" | 61 | #include "includes.h" |
62 | RCSID("$OpenBSD: clientloop.c,v 1.138 2005/06/16 03:38:36 djm Exp $"); | 62 | RCSID("$OpenBSD: clientloop.c,v 1.139 2005/06/17 02:44:32 djm Exp $"); |
63 | 63 | ||
64 | #include "ssh.h" | 64 | #include "ssh.h" |
65 | #include "ssh1.h" | 65 | #include "ssh1.h" |
@@ -659,12 +659,12 @@ client_process_control(fd_set * readset) | |||
659 | { | 659 | { |
660 | Buffer m; | 660 | Buffer m; |
661 | Channel *c; | 661 | Channel *c; |
662 | int client_fd, new_fd[3], ver, i, allowed; | 662 | int client_fd, new_fd[3], ver, allowed; |
663 | socklen_t addrlen; | 663 | socklen_t addrlen; |
664 | struct sockaddr_storage addr; | 664 | struct sockaddr_storage addr; |
665 | struct confirm_ctx *cctx; | 665 | struct confirm_ctx *cctx; |
666 | char *cmd; | 666 | char *cmd; |
667 | u_int len, env_len, command, flags; | 667 | u_int i, len, env_len, command, flags; |
668 | uid_t euid; | 668 | uid_t euid; |
669 | gid_t egid; | 669 | gid_t egid; |
670 | 670 | ||
@@ -971,7 +971,10 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len) | |||
971 | u_char ch; | 971 | u_char ch; |
972 | char *s; | 972 | char *s; |
973 | 973 | ||
974 | for (i = 0; i < len; i++) { | 974 | if (len <= 0) |
975 | return (0); | ||
976 | |||
977 | for (i = 0; i < (u_int)len; i++) { | ||
975 | /* Get one character at a time. */ | 978 | /* Get one character at a time. */ |
976 | ch = buf[i]; | 979 | ch = buf[i]; |
977 | 980 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $ */ | 1 | /* $OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. | 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. |
@@ -43,7 +43,7 @@ | |||
43 | #include "uuencode.h" | 43 | #include "uuencode.h" |
44 | 44 | ||
45 | extern char *__progname; | 45 | extern char *__progname; |
46 | RCSID("$OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $"); | 46 | RCSID("$OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $"); |
47 | 47 | ||
48 | #ifndef LWRES | 48 | #ifndef LWRES |
49 | static const char *errset_text[] = { | 49 | static const char *errset_text[] = { |
@@ -171,7 +171,7 @@ int | |||
171 | verify_host_key_dns(const char *hostname, struct sockaddr *address, | 171 | verify_host_key_dns(const char *hostname, struct sockaddr *address, |
172 | const Key *hostkey, int *flags) | 172 | const Key *hostkey, int *flags) |
173 | { | 173 | { |
174 | int counter; | 174 | u_int counter; |
175 | int result; | 175 | int result; |
176 | struct rrsetinfo *fingerprints = NULL; | 176 | struct rrsetinfo *fingerprints = NULL; |
177 | 177 | ||
@@ -274,7 +274,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic) | |||
274 | u_char *rdata_digest; | 274 | u_char *rdata_digest; |
275 | u_int rdata_digest_len; | 275 | u_int rdata_digest_len; |
276 | 276 | ||
277 | int i; | 277 | u_int i; |
278 | int success = 0; | 278 | int success = 0; |
279 | 279 | ||
280 | if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, | 280 | if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, |
diff --git a/gss-serv.c b/gss-serv.c index de32a3f2e..e1b843f01 100644 --- a/gss-serv.c +++ b/gss-serv.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: gss-serv.c,v 1.5 2003/11/17 11:06:07 markus Exp $ */ | 1 | /* $OpenBSD: gss-serv.c,v 1.6 2005/06/17 02:44:32 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -134,7 +134,7 @@ ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *recv_tok, | |||
134 | static OM_uint32 | 134 | static OM_uint32 |
135 | ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name) | 135 | ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name) |
136 | { | 136 | { |
137 | char *tok; | 137 | u_char *tok; |
138 | OM_uint32 offset; | 138 | OM_uint32 offset; |
139 | OM_uint32 oidl; | 139 | OM_uint32 oidl; |
140 | 140 | ||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: kex.c,v 1.60 2004/06/21 17:36:31 avsm Exp $"); | 26 | RCSID("$OpenBSD: kex.c,v 1.61 2005/06/17 02:44:32 djm Exp $"); |
27 | 27 | ||
28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
29 | 29 | ||
@@ -52,7 +52,7 @@ static void kex_choose_conf(Kex *); | |||
52 | static void | 52 | static void |
53 | kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) | 53 | kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) |
54 | { | 54 | { |
55 | int i; | 55 | u_int i; |
56 | 56 | ||
57 | buffer_clear(b); | 57 | buffer_clear(b); |
58 | /* | 58 | /* |
@@ -101,7 +101,7 @@ kex_buf2prop(Buffer *raw, int *first_kex_follows) | |||
101 | static void | 101 | static void |
102 | kex_prop_free(char **proposal) | 102 | kex_prop_free(char **proposal) |
103 | { | 103 | { |
104 | int i; | 104 | u_int i; |
105 | 105 | ||
106 | for (i = 0; i < PROPOSAL_MAX; i++) | 106 | for (i = 0; i < PROPOSAL_MAX; i++) |
107 | xfree(proposal[i]); | 107 | xfree(proposal[i]); |
@@ -150,7 +150,7 @@ kex_send_kexinit(Kex *kex) | |||
150 | { | 150 | { |
151 | u_int32_t rnd = 0; | 151 | u_int32_t rnd = 0; |
152 | u_char *cookie; | 152 | u_char *cookie; |
153 | int i; | 153 | u_int i; |
154 | 154 | ||
155 | if (kex == NULL) { | 155 | if (kex == NULL) { |
156 | error("kex_send_kexinit: no kex, cannot rekey"); | 156 | error("kex_send_kexinit: no kex, cannot rekey"); |
@@ -183,8 +183,7 @@ void | |||
183 | kex_input_kexinit(int type, u_int32_t seq, void *ctxt) | 183 | kex_input_kexinit(int type, u_int32_t seq, void *ctxt) |
184 | { | 184 | { |
185 | char *ptr; | 185 | char *ptr; |
186 | int dlen; | 186 | u_int i, dlen; |
187 | int i; | ||
188 | Kex *kex = (Kex *)ctxt; | 187 | Kex *kex = (Kex *)ctxt; |
189 | 188 | ||
190 | debug("SSH2_MSG_KEXINIT received"); | 189 | debug("SSH2_MSG_KEXINIT received"); |
@@ -343,9 +342,7 @@ kex_choose_conf(Kex *kex) | |||
343 | char **my, **peer; | 342 | char **my, **peer; |
344 | char **cprop, **sprop; | 343 | char **cprop, **sprop; |
345 | int nenc, nmac, ncomp; | 344 | int nenc, nmac, ncomp; |
346 | int mode; | 345 | u_int mode, ctos, need; |
347 | int ctos; /* direction: if true client-to-server */ | ||
348 | int need; | ||
349 | int first_kex_follows, type; | 346 | int first_kex_follows, type; |
350 | 347 | ||
351 | my = kex_buf2prop(&kex->my, NULL); | 348 | my = kex_buf2prop(&kex->my, NULL); |
@@ -405,15 +402,19 @@ kex_choose_conf(Kex *kex) | |||
405 | } | 402 | } |
406 | 403 | ||
407 | static u_char * | 404 | static u_char * |
408 | derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) | 405 | derive_key(Kex *kex, int id, u_int need, u_char *hash, BIGNUM *shared_secret) |
409 | { | 406 | { |
410 | Buffer b; | 407 | Buffer b; |
411 | const EVP_MD *evp_md = EVP_sha1(); | 408 | const EVP_MD *evp_md = EVP_sha1(); |
412 | EVP_MD_CTX md; | 409 | EVP_MD_CTX md; |
413 | char c = id; | 410 | char c = id; |
414 | int have; | 411 | u_int have; |
415 | int mdsz = EVP_MD_size(evp_md); | 412 | int mdsz = EVP_MD_size(evp_md); |
416 | u_char *digest = xmalloc(roundup(need, mdsz)); | 413 | u_char *digest; |
414 | |||
415 | if (mdsz < 0) | ||
416 | fatal("derive_key: mdsz < 0"); | ||
417 | digest = xmalloc(roundup(need, mdsz)); | ||
417 | 418 | ||
418 | buffer_init(&b); | 419 | buffer_init(&b); |
419 | buffer_put_bignum2(&b, shared_secret); | 420 | buffer_put_bignum2(&b, shared_secret); |
@@ -455,7 +456,7 @@ void | |||
455 | kex_derive_keys(Kex *kex, u_char *hash, BIGNUM *shared_secret) | 456 | kex_derive_keys(Kex *kex, u_char *hash, BIGNUM *shared_secret) |
456 | { | 457 | { |
457 | u_char *keys[NKEYS]; | 458 | u_char *keys[NKEYS]; |
458 | int i, mode, ctos; | 459 | u_int i, mode, ctos; |
459 | 460 | ||
460 | for (i = 0; i < NKEYS; i++) | 461 | for (i = 0; i < NKEYS; i++) |
461 | keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, shared_secret); | 462 | keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, shared_secret); |
@@ -493,13 +494,13 @@ derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus, | |||
493 | EVP_DigestInit(&md, evp_md); | 494 | EVP_DigestInit(&md, evp_md); |
494 | 495 | ||
495 | len = BN_num_bytes(host_modulus); | 496 | len = BN_num_bytes(host_modulus); |
496 | if (len < (512 / 8) || len > sizeof(nbuf)) | 497 | if (len < (512 / 8) || (u_int)len > sizeof(nbuf)) |
497 | fatal("%s: bad host modulus (len %d)", __func__, len); | 498 | fatal("%s: bad host modulus (len %d)", __func__, len); |
498 | BN_bn2bin(host_modulus, nbuf); | 499 | BN_bn2bin(host_modulus, nbuf); |
499 | EVP_DigestUpdate(&md, nbuf, len); | 500 | EVP_DigestUpdate(&md, nbuf, len); |
500 | 501 | ||
501 | len = BN_num_bytes(server_modulus); | 502 | len = BN_num_bytes(server_modulus); |
502 | if (len < (512 / 8) || len > sizeof(nbuf)) | 503 | if (len < (512 / 8) || (u_int)len > sizeof(nbuf)) |
503 | fatal("%s: bad server modulus (len %d)", __func__, len); | 504 | fatal("%s: bad server modulus (len %d)", __func__, len); |
504 | BN_bn2bin(server_modulus, nbuf); | 505 | BN_bn2bin(server_modulus, nbuf); |
505 | EVP_DigestUpdate(&md, nbuf, len); | 506 | EVP_DigestUpdate(&md, nbuf, len); |
@@ -518,7 +519,7 @@ derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus, | |||
518 | void | 519 | void |
519 | dump_digest(char *msg, u_char *digest, int len) | 520 | dump_digest(char *msg, u_char *digest, int len) |
520 | { | 521 | { |
521 | int i; | 522 | u_int i; |
522 | 523 | ||
523 | fprintf(stderr, "%s\n", msg); | 524 | fprintf(stderr, "%s\n", msg); |
524 | for (i = 0; i< len; i++) { | 525 | for (i = 0; i< len; i++) { |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.35 2004/06/13 12:53:24 djm Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.36 2005/06/17 02:44:32 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -83,9 +83,9 @@ struct Mac { | |||
83 | char *name; | 83 | char *name; |
84 | int enabled; | 84 | int enabled; |
85 | const EVP_MD *md; | 85 | const EVP_MD *md; |
86 | int mac_len; | 86 | u_int mac_len; |
87 | u_char *key; | 87 | u_char *key; |
88 | int key_len; | 88 | u_int key_len; |
89 | }; | 89 | }; |
90 | struct Comp { | 90 | struct Comp { |
91 | int type; | 91 | int type; |
@@ -101,7 +101,7 @@ struct Kex { | |||
101 | u_char *session_id; | 101 | u_char *session_id; |
102 | u_int session_id_len; | 102 | u_int session_id_len; |
103 | Newkeys *newkeys[MODE_MAX]; | 103 | Newkeys *newkeys[MODE_MAX]; |
104 | int we_need; | 104 | u_int we_need; |
105 | int server; | 105 | int server; |
106 | char *name; | 106 | char *name; |
107 | int hostkey_type; | 107 | int hostkey_type; |
@@ -32,7 +32,7 @@ | |||
32 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 32 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
33 | */ | 33 | */ |
34 | #include "includes.h" | 34 | #include "includes.h" |
35 | RCSID("$OpenBSD: key.c,v 1.57 2004/10/29 23:57:05 djm Exp $"); | 35 | RCSID("$OpenBSD: key.c,v 1.58 2005/06/17 02:44:32 djm Exp $"); |
36 | 36 | ||
37 | #include <openssl/evp.h> | 37 | #include <openssl/evp.h> |
38 | 38 | ||
@@ -231,7 +231,7 @@ static char * | |||
231 | key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len) | 231 | key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len) |
232 | { | 232 | { |
233 | char *retval; | 233 | char *retval; |
234 | int i; | 234 | u_int i; |
235 | 235 | ||
236 | retval = xmalloc(dgst_raw_len * 3 + 1); | 236 | retval = xmalloc(dgst_raw_len * 3 + 1); |
237 | retval[0] = '\0'; | 237 | retval[0] = '\0'; |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: mac.c,v 1.6 2003/09/18 13:02:21 miod Exp $"); | 26 | RCSID("$OpenBSD: mac.c,v 1.7 2005/06/17 02:44:32 djm Exp $"); |
27 | 27 | ||
28 | #include <openssl/hmac.h> | 28 | #include <openssl/hmac.h> |
29 | 29 | ||
@@ -51,12 +51,15 @@ struct { | |||
51 | int | 51 | int |
52 | mac_init(Mac *mac, char *name) | 52 | mac_init(Mac *mac, char *name) |
53 | { | 53 | { |
54 | int i; | 54 | int i, evp_len; |
55 | |||
55 | for (i = 0; macs[i].name; i++) { | 56 | for (i = 0; macs[i].name; i++) { |
56 | if (strcmp(name, macs[i].name) == 0) { | 57 | if (strcmp(name, macs[i].name) == 0) { |
57 | if (mac != NULL) { | 58 | if (mac != NULL) { |
58 | mac->md = (*macs[i].mdfunc)(); | 59 | mac->md = (*macs[i].mdfunc)(); |
59 | mac->key_len = mac->mac_len = EVP_MD_size(mac->md); | 60 | if ((evp_len = EVP_MD_size(mac->md)) <= 0) |
61 | fatal("mac %s len %d", name, evp_len); | ||
62 | mac->key_len = mac->mac_len = (u_int)evp_len; | ||
60 | if (macs[i].truncatebits != 0) | 63 | if (macs[i].truncatebits != 0) |
61 | mac->mac_len = macs[i].truncatebits/8; | 64 | mac->mac_len = macs[i].truncatebits/8; |
62 | } | 65 | } |
@@ -77,7 +80,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) | |||
77 | 80 | ||
78 | if (mac->key == NULL) | 81 | if (mac->key == NULL) |
79 | fatal("mac_compute: no key"); | 82 | fatal("mac_compute: no key"); |
80 | if ((u_int)mac->mac_len > sizeof(m)) | 83 | if (mac->mac_len > sizeof(m)) |
81 | fatal("mac_compute: mac too long"); | 84 | fatal("mac_compute: mac too long"); |
82 | HMAC_Init(&c, mac->key, mac->key_len, mac->md); | 85 | HMAC_Init(&c, mac->key, mac->key_len, mac->md); |
83 | PUT_32BIT(b, seqno); | 86 | PUT_32BIT(b, seqno); |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: match.c,v 1.19 2002/03/01 13:12:10 markus Exp $"); | 38 | RCSID("$OpenBSD: match.c,v 1.20 2005/06/17 02:44:32 djm Exp $"); |
39 | 39 | ||
40 | #include "match.h" | 40 | #include "match.h" |
41 | #include "xmalloc.h" | 41 | #include "xmalloc.h" |
@@ -254,7 +254,7 @@ match_list(const char *client, const char *server, u_int *next) | |||
254 | ret = xstrdup(p); | 254 | ret = xstrdup(p); |
255 | if (next != NULL) | 255 | if (next != NULL) |
256 | *next = (cp == NULL) ? | 256 | *next = (cp == NULL) ? |
257 | strlen(c) : cp - c; | 257 | strlen(c) : (u_int)(cp - c); |
258 | xfree(c); | 258 | xfree(c); |
259 | xfree(s); | 259 | xfree(s); |
260 | return ret; | 260 | return ret; |
@@ -24,7 +24,7 @@ | |||
24 | */ | 24 | */ |
25 | 25 | ||
26 | #include "includes.h" | 26 | #include "includes.h" |
27 | RCSID("$OpenBSD: misc.c,v 1.31 2005/06/06 11:20:36 djm Exp $"); | 27 | RCSID("$OpenBSD: misc.c,v 1.32 2005/06/17 02:44:32 djm Exp $"); |
28 | 28 | ||
29 | #include "misc.h" | 29 | #include "misc.h" |
30 | #include "log.h" | 30 | #include "log.h" |
@@ -386,7 +386,7 @@ tilde_expand_filename(const char *filename, uid_t uid) | |||
386 | const char *path; | 386 | const char *path; |
387 | char user[128], ret[MAXPATHLEN]; | 387 | char user[128], ret[MAXPATHLEN]; |
388 | struct passwd *pw; | 388 | struct passwd *pw; |
389 | int len; | 389 | u_int len, slash; |
390 | 390 | ||
391 | if (*filename != '~') | 391 | if (*filename != '~') |
392 | return (xstrdup(filename)); | 392 | return (xstrdup(filename)); |
@@ -394,10 +394,11 @@ tilde_expand_filename(const char *filename, uid_t uid) | |||
394 | 394 | ||
395 | path = strchr(filename, '/'); | 395 | path = strchr(filename, '/'); |
396 | if (path != NULL && path > filename) { /* ~user/path */ | 396 | if (path != NULL && path > filename) { /* ~user/path */ |
397 | if (path - filename > sizeof(user) - 1) | 397 | slash = path - filename; |
398 | if (slash > sizeof(user) - 1) | ||
398 | fatal("tilde_expand_filename: ~username too long"); | 399 | fatal("tilde_expand_filename: ~username too long"); |
399 | memcpy(user, filename, path - filename); | 400 | memcpy(user, filename, slash); |
400 | user[path - filename] = '\0'; | 401 | user[slash] = '\0'; |
401 | if ((pw = getpwnam(user)) == NULL) | 402 | if ((pw = getpwnam(user)) == NULL) |
402 | fatal("tilde_expand_filename: No such user %s", user); | 403 | fatal("tilde_expand_filename: No such user %s", user); |
403 | } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */ | 404 | } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */ |
@@ -435,7 +436,7 @@ percent_expand(const char *string, ...) | |||
435 | const char *key; | 436 | const char *key; |
436 | const char *repl; | 437 | const char *repl; |
437 | } keys[EXPAND_MAX_KEYS]; | 438 | } keys[EXPAND_MAX_KEYS]; |
438 | int num_keys, i, j; | 439 | u_int num_keys, i, j; |
439 | char buf[4096]; | 440 | char buf[4096]; |
440 | va_list ap; | 441 | va_list ap; |
441 | 442 | ||
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: packet.c,v 1.116 2004/10/20 11:48:53 markus Exp $"); | 40 | RCSID("$OpenBSD: packet.c,v 1.117 2005/06/17 02:44:32 djm Exp $"); |
41 | 41 | ||
42 | #include "openbsd-compat/sys-queue.h" | 42 | #include "openbsd-compat/sys-queue.h" |
43 | 43 | ||
@@ -992,7 +992,7 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
992 | static u_int packet_length = 0; | 992 | static u_int packet_length = 0; |
993 | u_int padlen, need; | 993 | u_int padlen, need; |
994 | u_char *macbuf, *cp, type; | 994 | u_char *macbuf, *cp, type; |
995 | int maclen, block_size; | 995 | u_int maclen, block_size; |
996 | Enc *enc = NULL; | 996 | Enc *enc = NULL; |
997 | Mac *mac = NULL; | 997 | Mac *mac = NULL; |
998 | Comp *comp = NULL; | 998 | Comp *comp = NULL; |
@@ -1229,9 +1229,9 @@ packet_get_bignum2(BIGNUM * value) | |||
1229 | } | 1229 | } |
1230 | 1230 | ||
1231 | void * | 1231 | void * |
1232 | packet_get_raw(int *length_ptr) | 1232 | packet_get_raw(u_int *length_ptr) |
1233 | { | 1233 | { |
1234 | int bytes = buffer_len(&incoming_packet); | 1234 | u_int bytes = buffer_len(&incoming_packet); |
1235 | 1235 | ||
1236 | if (length_ptr != NULL) | 1236 | if (length_ptr != NULL) |
1237 | *length_ptr = bytes; | 1237 | *length_ptr = bytes; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.h,v 1.41 2004/05/11 19:01:43 deraadt Exp $ */ | 1 | /* $OpenBSD: packet.h,v 1.42 2005/06/17 02:44:33 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -52,7 +52,7 @@ u_int packet_get_char(void); | |||
52 | u_int packet_get_int(void); | 52 | u_int packet_get_int(void); |
53 | void packet_get_bignum(BIGNUM * value); | 53 | void packet_get_bignum(BIGNUM * value); |
54 | void packet_get_bignum2(BIGNUM * value); | 54 | void packet_get_bignum2(BIGNUM * value); |
55 | void *packet_get_raw(int *length_ptr); | 55 | void *packet_get_raw(u_int *length_ptr); |
56 | void *packet_get_string(u_int *length_ptr); | 56 | void *packet_get_string(u_int *length_ptr); |
57 | void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); | 57 | void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); |
58 | void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); | 58 | void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); |
@@ -71,7 +71,7 @@ | |||
71 | */ | 71 | */ |
72 | 72 | ||
73 | #include "includes.h" | 73 | #include "includes.h" |
74 | RCSID("$OpenBSD: scp.c,v 1.123 2005/05/26 02:08:05 avsm Exp $"); | 74 | RCSID("$OpenBSD: scp.c,v 1.124 2005/06/17 02:44:33 djm Exp $"); |
75 | 75 | ||
76 | #include "xmalloc.h" | 76 | #include "xmalloc.h" |
77 | #include "atomicio.h" | 77 | #include "atomicio.h" |
@@ -186,7 +186,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout, int argc) | |||
186 | } | 186 | } |
187 | 187 | ||
188 | typedef struct { | 188 | typedef struct { |
189 | int cnt; | 189 | size_t cnt; |
190 | char *buf; | 190 | char *buf; |
191 | } BUF; | 191 | } BUF; |
192 | 192 | ||
@@ -724,8 +724,8 @@ sink(int argc, char **argv) | |||
724 | } wrerr; | 724 | } wrerr; |
725 | BUF *bp; | 725 | BUF *bp; |
726 | off_t i; | 726 | off_t i; |
727 | size_t j; | 727 | size_t j, count; |
728 | int amt, count, exists, first, mask, mode, ofd, omode; | 728 | int amt, exists, first, mask, mode, ofd, omode; |
729 | off_t size, statbytes; | 729 | off_t size, statbytes; |
730 | int setimes, targisdir, wrerrno = 0; | 730 | int setimes, targisdir, wrerrno = 0; |
731 | char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; | 731 | char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; |
@@ -833,7 +833,7 @@ sink(int argc, char **argv) | |||
833 | } | 833 | } |
834 | if (targisdir) { | 834 | if (targisdir) { |
835 | static char *namebuf; | 835 | static char *namebuf; |
836 | static int cursize; | 836 | static size_t cursize; |
837 | size_t need; | 837 | size_t need; |
838 | 838 | ||
839 | need = strlen(targ) + strlen(cp) + 250; | 839 | need = strlen(targ) + strlen(cp) + 250; |
diff --git a/servconf.c b/servconf.c index ddb34f9b9..deec167be 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: servconf.c,v 1.141 2005/05/16 15:30:51 markus Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.142 2005/06/17 02:44:33 djm Exp $"); |
14 | 14 | ||
15 | #include "ssh.h" | 15 | #include "ssh.h" |
16 | #include "log.h" | 16 | #include "log.h" |
@@ -398,7 +398,7 @@ parse_token(const char *cp, const char *filename, | |||
398 | static void | 398 | static void |
399 | add_listen_addr(ServerOptions *options, char *addr, u_short port) | 399 | add_listen_addr(ServerOptions *options, char *addr, u_short port) |
400 | { | 400 | { |
401 | int i; | 401 | u_int i; |
402 | 402 | ||
403 | if (options->num_ports == 0) | 403 | if (options->num_ports == 0) |
404 | options->ports[options->num_ports++] = SSH_DEFAULT_PORT; | 404 | options->ports[options->num_ports++] = SSH_DEFAULT_PORT; |
@@ -438,9 +438,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
438 | const char *filename, int linenum) | 438 | const char *filename, int linenum) |
439 | { | 439 | { |
440 | char *cp, **charptr, *arg, *p; | 440 | char *cp, **charptr, *arg, *p; |
441 | int *intptr, value, i, n; | 441 | int *intptr, value, n; |
442 | ServerOpCodes opcode; | 442 | ServerOpCodes opcode; |
443 | u_short port; | 443 | u_short port; |
444 | u_int i; | ||
444 | 445 | ||
445 | cp = line; | 446 | cp = line; |
446 | arg = strdelim(&cp); | 447 | arg = strdelim(&cp); |
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.181 2004/12/23 17:35:48 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.182 2005/06/17 02:44:33 djm Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -1801,7 +1801,7 @@ session_subsystem_req(Session *s) | |||
1801 | u_int len; | 1801 | u_int len; |
1802 | int success = 0; | 1802 | int success = 0; |
1803 | char *cmd, *subsys = packet_get_string(&len); | 1803 | char *cmd, *subsys = packet_get_string(&len); |
1804 | int i; | 1804 | u_int i; |
1805 | 1805 | ||
1806 | packet_check_eom(); | 1806 | packet_check_eom(); |
1807 | logit("subsystem request for %.100s", subsys); | 1807 | logit("subsystem request for %.100s", subsys); |
@@ -2107,7 +2107,7 @@ session_exit_message(Session *s, int status) | |||
2107 | void | 2107 | void |
2108 | session_close(Session *s) | 2108 | session_close(Session *s) |
2109 | { | 2109 | { |
2110 | int i; | 2110 | u_int i; |
2111 | 2111 | ||
2112 | debug("session_close: session %d pid %ld", s->self, (long)s->pid); | 2112 | debug("session_close: session %d pid %ld", s->self, (long)s->pid); |
2113 | if (s->ttyfd != -1) | 2113 | if (s->ttyfd != -1) |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.h,v 1.23 2004/07/17 05:31:41 dtucker Exp $ */ | 1 | /* $OpenBSD: session.h,v 1.24 2005/06/17 02:44:33 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -50,7 +50,7 @@ struct Session { | |||
50 | /* proto 2 */ | 50 | /* proto 2 */ |
51 | int chanid; | 51 | int chanid; |
52 | int is_subsystem; | 52 | int is_subsystem; |
53 | int num_env; | 53 | u_int num_env; |
54 | struct { | 54 | struct { |
55 | char *name; | 55 | char *name; |
56 | char *val; | 56 | char *val; |
diff --git a/sftp-client.c b/sftp-client.c index 47297898a..ce15fc0a3 100644 --- a/sftp-client.c +++ b/sftp-client.c | |||
@@ -20,7 +20,7 @@ | |||
20 | /* XXX: copy between two remote sites */ | 20 | /* XXX: copy between two remote sites */ |
21 | 21 | ||
22 | #include "includes.h" | 22 | #include "includes.h" |
23 | RCSID("$OpenBSD: sftp-client.c,v 1.54 2005/05/24 17:32:44 avsm Exp $"); | 23 | RCSID("$OpenBSD: sftp-client.c,v 1.55 2005/06/17 02:44:33 djm Exp $"); |
24 | 24 | ||
25 | #include "openbsd-compat/sys-queue.h" | 25 | #include "openbsd-compat/sys-queue.h" |
26 | 26 | ||
@@ -311,7 +311,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, | |||
311 | SFTP_DIRENT ***dir) | 311 | SFTP_DIRENT ***dir) |
312 | { | 312 | { |
313 | Buffer msg; | 313 | Buffer msg; |
314 | u_int type, id, handle_len, i, expected_id, ents = 0; | 314 | u_int count, type, id, handle_len, i, expected_id, ents = 0; |
315 | char *handle; | 315 | char *handle; |
316 | 316 | ||
317 | id = conn->msg_id++; | 317 | id = conn->msg_id++; |
@@ -335,8 +335,6 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, | |||
335 | } | 335 | } |
336 | 336 | ||
337 | for (; !interrupted;) { | 337 | for (; !interrupted;) { |
338 | int count; | ||
339 | |||
340 | id = expected_id = conn->msg_id++; | 338 | id = expected_id = conn->msg_id++; |
341 | 339 | ||
342 | debug3("Sending SSH2_FXP_READDIR I:%u", id); | 340 | debug3("Sending SSH2_FXP_READDIR I:%u", id); |
@@ -744,10 +742,10 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, | |||
744 | Attrib junk, *a; | 742 | Attrib junk, *a; |
745 | Buffer msg; | 743 | Buffer msg; |
746 | char *handle; | 744 | char *handle; |
747 | int local_fd, status, num_req, max_req, write_error; | 745 | int local_fd, status, write_error; |
748 | int read_error, write_errno; | 746 | int read_error, write_errno; |
749 | u_int64_t offset, size; | 747 | u_int64_t offset, size; |
750 | u_int handle_len, mode, type, id, buflen; | 748 | u_int handle_len, mode, type, id, buflen, num_req, max_req; |
751 | off_t progress_counter; | 749 | off_t progress_counter; |
752 | struct request { | 750 | struct request { |
753 | u_int id; | 751 | u_int id; |
diff --git a/sftp-server.c b/sftp-server.c index e82280057..6870e7732 100644 --- a/sftp-server.c +++ b/sftp-server.c | |||
@@ -14,7 +14,7 @@ | |||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
15 | */ | 15 | */ |
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$OpenBSD: sftp-server.c,v 1.47 2004/06/25 05:38:48 dtucker Exp $"); | 17 | RCSID("$OpenBSD: sftp-server.c,v 1.48 2005/06/17 02:44:33 djm Exp $"); |
18 | 18 | ||
19 | #include "buffer.h" | 19 | #include "buffer.h" |
20 | #include "bufaux.h" | 20 | #include "bufaux.h" |
@@ -130,7 +130,7 @@ Handle handles[100]; | |||
130 | static void | 130 | static void |
131 | handle_init(void) | 131 | handle_init(void) |
132 | { | 132 | { |
133 | int i; | 133 | u_int i; |
134 | 134 | ||
135 | for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) | 135 | for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) |
136 | handles[i].use = HANDLE_UNUSED; | 136 | handles[i].use = HANDLE_UNUSED; |
@@ -139,7 +139,7 @@ handle_init(void) | |||
139 | static int | 139 | static int |
140 | handle_new(int use, const char *name, int fd, DIR *dirp) | 140 | handle_new(int use, const char *name, int fd, DIR *dirp) |
141 | { | 141 | { |
142 | int i; | 142 | u_int i; |
143 | 143 | ||
144 | for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) { | 144 | for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) { |
145 | if (handles[i].use == HANDLE_UNUSED) { | 145 | if (handles[i].use == HANDLE_UNUSED) { |
@@ -156,7 +156,7 @@ handle_new(int use, const char *name, int fd, DIR *dirp) | |||
156 | static int | 156 | static int |
157 | handle_is_ok(int i, int type) | 157 | handle_is_ok(int i, int type) |
158 | { | 158 | { |
159 | return i >= 0 && i < sizeof(handles)/sizeof(Handle) && | 159 | return i >= 0 && (u_int)i < sizeof(handles)/sizeof(Handle) && |
160 | handles[i].use == type; | 160 | handles[i].use == type; |
161 | } | 161 | } |
162 | 162 | ||
@@ -477,10 +477,10 @@ process_write(void) | |||
477 | } else { | 477 | } else { |
478 | /* XXX ATOMICIO ? */ | 478 | /* XXX ATOMICIO ? */ |
479 | ret = write(fd, data, len); | 479 | ret = write(fd, data, len); |
480 | if (ret == -1) { | 480 | if (ret < 0) { |
481 | error("process_write: write failed"); | 481 | error("process_write: write failed"); |
482 | status = errno_to_portable(errno); | 482 | status = errno_to_portable(errno); |
483 | } else if (ret == len) { | 483 | } else if ((size_t)ret == len) { |
484 | status = SSH2_FX_OK; | 484 | status = SSH2_FX_OK; |
485 | } else { | 485 | } else { |
486 | logit("nothing at all written"); | 486 | logit("nothing at all written"); |
@@ -16,7 +16,7 @@ | |||
16 | 16 | ||
17 | #include "includes.h" | 17 | #include "includes.h" |
18 | 18 | ||
19 | RCSID("$OpenBSD: sftp.c,v 1.63 2005/03/10 22:01:05 deraadt Exp $"); | 19 | RCSID("$OpenBSD: sftp.c,v 1.64 2005/06/17 02:44:33 djm Exp $"); |
20 | 20 | ||
21 | #ifdef USE_LIBEDIT | 21 | #ifdef USE_LIBEDIT |
22 | #include <histedit.h> | 22 | #include <histedit.h> |
@@ -404,7 +404,7 @@ get_pathname(const char **cpp, char **path) | |||
404 | { | 404 | { |
405 | const char *cp = *cpp, *end; | 405 | const char *cp = *cpp, *end; |
406 | char quot; | 406 | char quot; |
407 | int i, j; | 407 | u_int i, j; |
408 | 408 | ||
409 | cp += strspn(cp, WHITESPACE); | 409 | cp += strspn(cp, WHITESPACE); |
410 | if (!*cp) { | 410 | if (!*cp) { |
@@ -664,14 +664,15 @@ sdirent_comp(const void *aa, const void *bb) | |||
664 | static int | 664 | static int |
665 | do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) | 665 | do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) |
666 | { | 666 | { |
667 | int n, c = 1, colspace = 0, columns = 1; | 667 | int n; |
668 | u_int c = 1, colspace = 0, columns = 1; | ||
668 | SFTP_DIRENT **d; | 669 | SFTP_DIRENT **d; |
669 | 670 | ||
670 | if ((n = do_readdir(conn, path, &d)) != 0) | 671 | if ((n = do_readdir(conn, path, &d)) != 0) |
671 | return (n); | 672 | return (n); |
672 | 673 | ||
673 | if (!(lflag & LS_SHORT_VIEW)) { | 674 | if (!(lflag & LS_SHORT_VIEW)) { |
674 | int m = 0, width = 80; | 675 | u_int m = 0, width = 80; |
675 | struct winsize ws; | 676 | struct winsize ws; |
676 | char *tmp; | 677 | char *tmp; |
677 | 678 | ||
@@ -747,7 +748,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
747 | int lflag) | 748 | int lflag) |
748 | { | 749 | { |
749 | glob_t g; | 750 | glob_t g; |
750 | int i, c = 1, colspace = 0, columns = 1; | 751 | u_int i, c = 1, colspace = 0, columns = 1; |
751 | Attrib *a = NULL; | 752 | Attrib *a = NULL; |
752 | 753 | ||
753 | memset(&g, 0, sizeof(g)); | 754 | memset(&g, 0, sizeof(g)); |
@@ -783,7 +784,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
783 | } | 784 | } |
784 | 785 | ||
785 | if (!(lflag & LS_SHORT_VIEW)) { | 786 | if (!(lflag & LS_SHORT_VIEW)) { |
786 | int m = 0, width = 80; | 787 | u_int m = 0, width = 80; |
787 | struct winsize ws; | 788 | struct winsize ws; |
788 | 789 | ||
789 | /* Count entries for sort and find longest filename */ | 790 | /* Count entries for sort and find longest filename */ |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 7dffb8517..46f063687 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -7,7 +7,7 @@ | |||
7 | */ | 7 | */ |
8 | 8 | ||
9 | #include "includes.h" | 9 | #include "includes.h" |
10 | RCSID("$OpenBSD: ssh-keyscan.c,v 1.54 2005/05/24 17:32:44 avsm Exp $"); | 10 | RCSID("$OpenBSD: ssh-keyscan.c,v 1.55 2005/06/17 02:44:33 djm Exp $"); |
11 | 11 | ||
12 | #include "openbsd-compat/sys-queue.h" | 12 | #include "openbsd-compat/sys-queue.h" |
13 | 13 | ||
@@ -166,7 +166,7 @@ Linebuf_lineno(Linebuf * lb) | |||
166 | static char * | 166 | static char * |
167 | Linebuf_getline(Linebuf * lb) | 167 | Linebuf_getline(Linebuf * lb) |
168 | { | 168 | { |
169 | int n = 0; | 169 | size_t n = 0; |
170 | void *p; | 170 | void *p; |
171 | 171 | ||
172 | lb->lineno++; | 172 | lb->lineno++; |
@@ -493,10 +493,10 @@ conrecycle(int s) | |||
493 | static void | 493 | static void |
494 | congreet(int s) | 494 | congreet(int s) |
495 | { | 495 | { |
496 | int remote_major = 0, remote_minor = 0; | 496 | int n = 0, remote_major = 0, remote_minor = 0; |
497 | char buf[256], *cp; | 497 | char buf[256], *cp; |
498 | char remote_version[sizeof buf]; | 498 | char remote_version[sizeof buf]; |
499 | size_t bufsiz, n = 0; | 499 | size_t bufsiz; |
500 | con *c = &fdcon[s]; | 500 | con *c = &fdcon[s]; |
501 | 501 | ||
502 | bufsiz = sizeof(buf); | 502 | bufsiz = sizeof(buf); |
@@ -546,12 +546,12 @@ congreet(int s) | |||
546 | n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n", | 546 | n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n", |
547 | c->c_keytype == KT_RSA1? PROTOCOL_MAJOR_1 : PROTOCOL_MAJOR_2, | 547 | c->c_keytype == KT_RSA1? PROTOCOL_MAJOR_1 : PROTOCOL_MAJOR_2, |
548 | c->c_keytype == KT_RSA1? PROTOCOL_MINOR_1 : PROTOCOL_MINOR_2); | 548 | c->c_keytype == KT_RSA1? PROTOCOL_MINOR_1 : PROTOCOL_MINOR_2); |
549 | if (n == -1 || n >= sizeof buf) { | 549 | if (n < 0 || (size_t)n >= sizeof(buf)) { |
550 | error("snprintf: buffer too small"); | 550 | error("snprintf: buffer too small"); |
551 | confree(s); | 551 | confree(s); |
552 | return; | 552 | return; |
553 | } | 553 | } |
554 | if (atomicio(vwrite, s, buf, n) != n) { | 554 | if (atomicio(vwrite, s, buf, n) != (size_t)n) { |
555 | error("write (%s): %s", c->c_name, strerror(errno)); | 555 | error("write (%s): %s", c->c_name, strerror(errno)); |
556 | confree(s); | 556 | confree(s); |
557 | return; | 557 | return; |
@@ -14,7 +14,7 @@ | |||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
15 | */ | 15 | */ |
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$OpenBSD: ssh-rsa.c,v 1.31 2003/11/10 16:23:41 jakob Exp $"); | 17 | RCSID("$OpenBSD: ssh-rsa.c,v 1.32 2005/06/17 02:44:33 djm Exp $"); |
18 | 18 | ||
19 | #include <openssl/evp.h> | 19 | #include <openssl/evp.h> |
20 | #include <openssl/err.h> | 20 | #include <openssl/err.h> |
@@ -238,7 +238,7 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen, | |||
238 | ERR_error_string(ERR_get_error(), NULL)); | 238 | ERR_error_string(ERR_get_error(), NULL)); |
239 | goto done; | 239 | goto done; |
240 | } | 240 | } |
241 | if (len != hlen + oidlen) { | 241 | if (len < 0 || (u_int)len != hlen + oidlen) { |
242 | error("bad decrypted len: %d != %d + %d", len, hlen, oidlen); | 242 | error("bad decrypted len: %d != %d + %d", len, hlen, oidlen); |
243 | goto done; | 243 | goto done; |
244 | } | 244 | } |
diff --git a/sshconnect.c b/sshconnect.c index 0bd351f6b..cbbe54821 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect.c,v 1.164 2005/06/06 11:20:36 djm Exp $"); | 16 | RCSID("$OpenBSD: sshconnect.c,v 1.165 2005/06/17 02:44:33 djm Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | 19 | ||
@@ -402,10 +402,11 @@ static void | |||
402 | ssh_exchange_identification(void) | 402 | ssh_exchange_identification(void) |
403 | { | 403 | { |
404 | char buf[256], remote_version[256]; /* must be same size! */ | 404 | char buf[256], remote_version[256]; /* must be same size! */ |
405 | int remote_major, remote_minor, i, mismatch; | 405 | int remote_major, remote_minor, mismatch; |
406 | int connection_in = packet_get_connection_in(); | 406 | int connection_in = packet_get_connection_in(); |
407 | int connection_out = packet_get_connection_out(); | 407 | int connection_out = packet_get_connection_out(); |
408 | int minor1 = PROTOCOL_MINOR_1; | 408 | int minor1 = PROTOCOL_MINOR_1; |
409 | u_int i; | ||
409 | 410 | ||
410 | /* Read other side's version identification. */ | 411 | /* Read other side's version identification. */ |
411 | for (;;) { | 412 | for (;;) { |
diff --git a/sshconnect1.c b/sshconnect1.c index 6e2e31c02..bd05723c7 100644 --- a/sshconnect1.c +++ b/sshconnect1.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect1.c,v 1.60 2004/07/28 09:40:29 markus Exp $"); | 16 | RCSID("$OpenBSD: sshconnect1.c,v 1.61 2005/06/17 02:44:33 djm Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | #include <openssl/md5.h> | 19 | #include <openssl/md5.h> |
@@ -162,7 +162,7 @@ respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) | |||
162 | /* Compute the response. */ | 162 | /* Compute the response. */ |
163 | /* The response is MD5 of decrypted challenge plus session id. */ | 163 | /* The response is MD5 of decrypted challenge plus session id. */ |
164 | len = BN_num_bytes(challenge); | 164 | len = BN_num_bytes(challenge); |
165 | if (len <= 0 || len > sizeof(buf)) | 165 | if (len <= 0 || (u_int)len > sizeof(buf)) |
166 | packet_disconnect( | 166 | packet_disconnect( |
167 | "respond_to_rsa_challenge: bad challenge length %d", len); | 167 | "respond_to_rsa_challenge: bad challenge length %d", len); |
168 | 168 | ||
diff --git a/sshconnect2.c b/sshconnect2.c index 68d56d020..60afd6d3d 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.138 2004/06/13 12:53:24 djm Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.139 2005/06/17 02:44:33 djm Exp $"); |
27 | 27 | ||
28 | #include "openbsd-compat/sys-queue.h" | 28 | #include "openbsd-compat/sys-queue.h" |
29 | 29 | ||
@@ -482,7 +482,7 @@ userauth_gssapi(Authctxt *authctxt) | |||
482 | { | 482 | { |
483 | Gssctxt *gssctxt = NULL; | 483 | Gssctxt *gssctxt = NULL; |
484 | static gss_OID_set gss_supported = NULL; | 484 | static gss_OID_set gss_supported = NULL; |
485 | static int mech = 0; | 485 | static u_int mech = 0; |
486 | OM_uint32 min; | 486 | OM_uint32 min; |
487 | int ok = 0; | 487 | int ok = 0; |
488 | 488 | ||
@@ -509,7 +509,8 @@ userauth_gssapi(Authctxt *authctxt) | |||
509 | } | 509 | } |
510 | } | 510 | } |
511 | 511 | ||
512 | if (!ok) return 0; | 512 | if (!ok) |
513 | return 0; | ||
513 | 514 | ||
514 | authctxt->methoddata=(void *)gssctxt; | 515 | authctxt->methoddata=(void *)gssctxt; |
515 | 516 | ||
@@ -42,7 +42,7 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #include "includes.h" | 44 | #include "includes.h" |
45 | RCSID("$OpenBSD: sshd.c,v 1.310 2005/06/16 08:00:00 markus Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.311 2005/06/17 02:44:33 djm Exp $"); |
46 | 46 | ||
47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
@@ -358,7 +358,8 @@ key_regeneration_alarm(int sig) | |||
358 | static void | 358 | static void |
359 | sshd_exchange_identification(int sock_in, int sock_out) | 359 | sshd_exchange_identification(int sock_in, int sock_out) |
360 | { | 360 | { |
361 | int i, mismatch; | 361 | u_int i; |
362 | int mismatch; | ||
362 | int remote_major, remote_minor; | 363 | int remote_major, remote_minor; |
363 | int major, minor; | 364 | int major, minor; |
364 | char *s; | 365 | char *s; |
@@ -1900,7 +1901,7 @@ do_ssh1_kex(void) | |||
1900 | if (!rsafail) { | 1901 | if (!rsafail) { |
1901 | BN_mask_bits(session_key_int, sizeof(session_key) * 8); | 1902 | BN_mask_bits(session_key_int, sizeof(session_key) * 8); |
1902 | len = BN_num_bytes(session_key_int); | 1903 | len = BN_num_bytes(session_key_int); |
1903 | if (len < 0 || len > sizeof(session_key)) { | 1904 | if (len < 0 || (u_int)len > sizeof(session_key)) { |
1904 | error("do_connection: bad session key len from %s: " | 1905 | error("do_connection: bad session key len from %s: " |
1905 | "session_key_int %d > sizeof(session_key) %lu", | 1906 | "session_key_int %d > sizeof(session_key) %lu", |
1906 | get_remote_ipaddr(), len, (u_long)sizeof(session_key)); | 1907 | get_remote_ipaddr(), len, (u_long)sizeof(session_key)); |