diff options
author | deraadt@openbsd.org <deraadt@openbsd.org> | 2019-06-28 13:35:04 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-07-05 11:10:39 +1000 |
commit | 4d28fa78abce2890e136281950633fae2066cc29 (patch) | |
tree | 33226ec64ced661bb7e40005e30744b68fa59a80 | |
parent | e8c974043c1648eab0ad67a7ba6a3e444fe79d2d (diff) |
upstream: When system calls indicate an error they return -1, not
some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.
OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
-rw-r--r-- | auth-rhosts.c | 10 | ||||
-rw-r--r-- | auth.c | 16 | ||||
-rw-r--r-- | authfd.c | 6 | ||||
-rw-r--r-- | authfile.c | 12 | ||||
-rw-r--r-- | canohost.c | 6 | ||||
-rw-r--r-- | channels.c | 46 | ||||
-rw-r--r-- | clientloop.c | 12 | ||||
-rw-r--r-- | misc.c | 18 | ||||
-rw-r--r-- | monitor.c | 10 | ||||
-rw-r--r-- | monitor_wrap.c | 4 | ||||
-rw-r--r-- | mux.c | 8 | ||||
-rw-r--r-- | nchan.c | 6 | ||||
-rw-r--r-- | packet.c | 14 | ||||
-rw-r--r-- | readconf.c | 4 | ||||
-rw-r--r-- | readpass.c | 10 | ||||
-rw-r--r-- | scp.c | 24 | ||||
-rw-r--r-- | serverloop.c | 8 | ||||
-rw-r--r-- | session.c | 48 | ||||
-rw-r--r-- | sftp-server.c | 24 | ||||
-rw-r--r-- | ssh-add.c | 6 | ||||
-rw-r--r-- | ssh-agent.c | 10 | ||||
-rw-r--r-- | ssh-keygen.c | 24 | ||||
-rw-r--r-- | ssh-keyscan.c | 12 | ||||
-rw-r--r-- | ssh.c | 18 | ||||
-rw-r--r-- | sshconnect.c | 26 | ||||
-rw-r--r-- | sshconnect2.c | 20 | ||||
-rw-r--r-- | sshd.c | 30 | ||||
-rw-r--r-- | sshkey-xmss.c | 14 | ||||
-rw-r--r-- | sshlogin.c | 2 | ||||
-rw-r--r-- | sshpty.c | 18 | ||||
-rw-r--r-- | uidswap.c | 32 |
31 files changed, 249 insertions, 249 deletions
diff --git a/auth-rhosts.c b/auth-rhosts.c index 57296e1f6..63c1c8acb 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-rhosts.c,v 1.49 2018/07/09 21:35:50 markus Exp $ */ | 1 | /* $OpenBSD: auth-rhosts.c,v 1.50 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -222,8 +222,8 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, | |||
222 | * are no system-wide files. | 222 | * are no system-wide files. |
223 | */ | 223 | */ |
224 | if (!rhosts_files[rhosts_file_index] && | 224 | if (!rhosts_files[rhosts_file_index] && |
225 | stat(_PATH_RHOSTS_EQUIV, &st) < 0 && | 225 | stat(_PATH_RHOSTS_EQUIV, &st) == -1 && |
226 | stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0) { | 226 | stat(_PATH_SSH_HOSTS_EQUIV, &st) == -1) { |
227 | debug3("%s: no hosts access files exist", __func__); | 227 | debug3("%s: no hosts access files exist", __func__); |
228 | return 0; | 228 | return 0; |
229 | } | 229 | } |
@@ -253,7 +253,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, | |||
253 | * Check that the home directory is owned by root or the user, and is | 253 | * Check that the home directory is owned by root or the user, and is |
254 | * not group or world writable. | 254 | * not group or world writable. |
255 | */ | 255 | */ |
256 | if (stat(pw->pw_dir, &st) < 0) { | 256 | if (stat(pw->pw_dir, &st) == -1) { |
257 | logit("Rhosts authentication refused for %.100s: " | 257 | logit("Rhosts authentication refused for %.100s: " |
258 | "no home directory %.200s", pw->pw_name, pw->pw_dir); | 258 | "no home directory %.200s", pw->pw_name, pw->pw_dir); |
259 | auth_debug_add("Rhosts authentication refused for %.100s: " | 259 | auth_debug_add("Rhosts authentication refused for %.100s: " |
@@ -278,7 +278,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, | |||
278 | /* Check users .rhosts or .shosts. */ | 278 | /* Check users .rhosts or .shosts. */ |
279 | snprintf(buf, sizeof buf, "%.500s/%.100s", | 279 | snprintf(buf, sizeof buf, "%.500s/%.100s", |
280 | pw->pw_dir, rhosts_files[rhosts_file_index]); | 280 | pw->pw_dir, rhosts_files[rhosts_file_index]); |
281 | if (stat(buf, &st) < 0) | 281 | if (stat(buf, &st) == -1) |
282 | continue; | 282 | continue; |
283 | 283 | ||
284 | /* | 284 | /* |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.139 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -167,7 +167,7 @@ allowed_user(struct ssh *ssh, struct passwd * pw) | |||
167 | char *shell = xstrdup((pw->pw_shell[0] == '\0') ? | 167 | char *shell = xstrdup((pw->pw_shell[0] == '\0') ? |
168 | _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */ | 168 | _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */ |
169 | 169 | ||
170 | if (stat(shell, &st) != 0) { | 170 | if (stat(shell, &st) == -1) { |
171 | logit("User %.100s not allowed because shell %.100s " | 171 | logit("User %.100s not allowed because shell %.100s " |
172 | "does not exist", pw->pw_name, shell); | 172 | "does not exist", pw->pw_name, shell); |
173 | free(shell); | 173 | free(shell); |
@@ -517,7 +517,7 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes, | |||
517 | return NULL; | 517 | return NULL; |
518 | } | 518 | } |
519 | 519 | ||
520 | if (fstat(fd, &st) < 0) { | 520 | if (fstat(fd, &st) == -1) { |
521 | close(fd); | 521 | close(fd); |
522 | return NULL; | 522 | return NULL; |
523 | } | 523 | } |
@@ -746,7 +746,7 @@ remote_hostname(struct ssh *ssh) | |||
746 | fromlen = sizeof(from); | 746 | fromlen = sizeof(from); |
747 | memset(&from, 0, sizeof(from)); | 747 | memset(&from, 0, sizeof(from)); |
748 | if (getpeername(ssh_packet_get_connection_in(ssh), | 748 | if (getpeername(ssh_packet_get_connection_in(ssh), |
749 | (struct sockaddr *)&from, &fromlen) < 0) { | 749 | (struct sockaddr *)&from, &fromlen) == -1) { |
750 | debug("getpeername failed: %.100s", strerror(errno)); | 750 | debug("getpeername failed: %.100s", strerror(errno)); |
751 | return strdup(ntop); | 751 | return strdup(ntop); |
752 | } | 752 | } |
@@ -884,7 +884,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
884 | return 0; | 884 | return 0; |
885 | } | 885 | } |
886 | temporarily_use_uid(pw); | 886 | temporarily_use_uid(pw); |
887 | if (stat(av[0], &st) < 0) { | 887 | if (stat(av[0], &st) == -1) { |
888 | error("Could not stat %s \"%s\": %s", tag, | 888 | error("Could not stat %s \"%s\": %s", tag, |
889 | av[0], strerror(errno)); | 889 | av[0], strerror(errno)); |
890 | restore_uid(); | 890 | restore_uid(); |
@@ -896,7 +896,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
896 | return 0; | 896 | return 0; |
897 | } | 897 | } |
898 | /* Prepare to keep the child's stdout if requested */ | 898 | /* Prepare to keep the child's stdout if requested */ |
899 | if (pipe(p) != 0) { | 899 | if (pipe(p) == -1) { |
900 | error("%s: pipe: %s", tag, strerror(errno)); | 900 | error("%s: pipe: %s", tag, strerror(errno)); |
901 | restore_uid(); | 901 | restore_uid(); |
902 | return 0; | 902 | return 0; |
@@ -946,12 +946,12 @@ subprocess(const char *tag, struct passwd *pw, const char *command, | |||
946 | closefrom(STDERR_FILENO + 1); | 946 | closefrom(STDERR_FILENO + 1); |
947 | 947 | ||
948 | /* Don't use permanently_set_uid() here to avoid fatal() */ | 948 | /* Don't use permanently_set_uid() here to avoid fatal() */ |
949 | if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) { | 949 | if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { |
950 | error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, | 950 | error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, |
951 | strerror(errno)); | 951 | strerror(errno)); |
952 | _exit(1); | 952 | _exit(1); |
953 | } | 953 | } |
954 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) { | 954 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) { |
955 | error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid, | 955 | error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid, |
956 | strerror(errno)); | 956 | strerror(errno)); |
957 | _exit(1); | 957 | _exit(1); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.c,v 1.114 2019/06/21 04:21:04 djm Exp $ */ | 1 | /* $OpenBSD: authfd.c,v 1.115 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -101,12 +101,12 @@ ssh_get_authentication_socket(int *fdp) | |||
101 | sunaddr.sun_family = AF_UNIX; | 101 | sunaddr.sun_family = AF_UNIX; |
102 | strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); | 102 | strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); |
103 | 103 | ||
104 | if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) | 104 | if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) |
105 | return SSH_ERR_SYSTEM_ERROR; | 105 | return SSH_ERR_SYSTEM_ERROR; |
106 | 106 | ||
107 | /* close on exec */ | 107 | /* close on exec */ |
108 | if (fcntl(sock, F_SETFD, FD_CLOEXEC) == -1 || | 108 | if (fcntl(sock, F_SETFD, FD_CLOEXEC) == -1 || |
109 | connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) { | 109 | connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) { |
110 | oerrno = errno; | 110 | oerrno = errno; |
111 | close(sock); | 111 | close(sock); |
112 | errno = oerrno; | 112 | errno = oerrno; |
diff --git a/authfile.c b/authfile.c index b1c92f4ad..2166c1689 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfile.c,v 1.131 2018/09/21 12:20:12 djm Exp $ */ | 1 | /* $OpenBSD: authfile.c,v 1.132 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -57,7 +57,7 @@ sshkey_save_private_blob(struct sshbuf *keybuf, const char *filename) | |||
57 | { | 57 | { |
58 | int fd, oerrno; | 58 | int fd, oerrno; |
59 | 59 | ||
60 | if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0) | 60 | if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) == -1) |
61 | return SSH_ERR_SYSTEM_ERROR; | 61 | return SSH_ERR_SYSTEM_ERROR; |
62 | if (atomicio(vwrite, fd, sshbuf_mutable_ptr(keybuf), | 62 | if (atomicio(vwrite, fd, sshbuf_mutable_ptr(keybuf), |
63 | sshbuf_len(keybuf)) != sshbuf_len(keybuf)) { | 63 | sshbuf_len(keybuf)) != sshbuf_len(keybuf)) { |
@@ -101,7 +101,7 @@ sshkey_load_file(int fd, struct sshbuf *blob) | |||
101 | struct stat st; | 101 | struct stat st; |
102 | int r; | 102 | int r; |
103 | 103 | ||
104 | if (fstat(fd, &st) < 0) | 104 | if (fstat(fd, &st) == -1) |
105 | return SSH_ERR_SYSTEM_ERROR; | 105 | return SSH_ERR_SYSTEM_ERROR; |
106 | if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 && | 106 | if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 && |
107 | st.st_size > MAX_KEY_FILE_SIZE) | 107 | st.st_size > MAX_KEY_FILE_SIZE) |
@@ -141,7 +141,7 @@ sshkey_perm_ok(int fd, const char *filename) | |||
141 | { | 141 | { |
142 | struct stat st; | 142 | struct stat st; |
143 | 143 | ||
144 | if (fstat(fd, &st) < 0) | 144 | if (fstat(fd, &st) == -1) |
145 | return SSH_ERR_SYSTEM_ERROR; | 145 | return SSH_ERR_SYSTEM_ERROR; |
146 | /* | 146 | /* |
147 | * if a key owned by the user is accessed, then we check the | 147 | * if a key owned by the user is accessed, then we check the |
@@ -176,7 +176,7 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase, | |||
176 | if (commentp != NULL) | 176 | if (commentp != NULL) |
177 | *commentp = NULL; | 177 | *commentp = NULL; |
178 | 178 | ||
179 | if ((fd = open(filename, O_RDONLY)) < 0) { | 179 | if ((fd = open(filename, O_RDONLY)) == -1) { |
180 | if (perm_ok != NULL) | 180 | if (perm_ok != NULL) |
181 | *perm_ok = 0; | 181 | *perm_ok = 0; |
182 | return SSH_ERR_SYSTEM_ERROR; | 182 | return SSH_ERR_SYSTEM_ERROR; |
@@ -236,7 +236,7 @@ sshkey_load_private(const char *filename, const char *passphrase, | |||
236 | if (commentp != NULL) | 236 | if (commentp != NULL) |
237 | *commentp = NULL; | 237 | *commentp = NULL; |
238 | 238 | ||
239 | if ((fd = open(filename, O_RDONLY)) < 0) | 239 | if ((fd = open(filename, O_RDONLY)) == -1) |
240 | return SSH_ERR_SYSTEM_ERROR; | 240 | return SSH_ERR_SYSTEM_ERROR; |
241 | if (sshkey_perm_ok(fd, filename) != 0) { | 241 | if (sshkey_perm_ok(fd, filename) != 0) { |
242 | r = SSH_ERR_KEY_BAD_PERMISSIONS; | 242 | r = SSH_ERR_KEY_BAD_PERMISSIONS; |
diff --git a/canohost.c b/canohost.c index f71a08568..abea9c6e6 100644 --- a/canohost.c +++ b/canohost.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: canohost.c,v 1.73 2016/03/07 19:02:43 djm Exp $ */ | 1 | /* $OpenBSD: canohost.c,v 1.74 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -164,12 +164,12 @@ get_sock_port(int sock, int local) | |||
164 | fromlen = sizeof(from); | 164 | fromlen = sizeof(from); |
165 | memset(&from, 0, sizeof(from)); | 165 | memset(&from, 0, sizeof(from)); |
166 | if (local) { | 166 | if (local) { |
167 | if (getsockname(sock, (struct sockaddr *)&from, &fromlen) < 0) { | 167 | if (getsockname(sock, (struct sockaddr *)&from, &fromlen) == -1) { |
168 | error("getsockname failed: %.100s", strerror(errno)); | 168 | error("getsockname failed: %.100s", strerror(errno)); |
169 | return 0; | 169 | return 0; |
170 | } | 170 | } |
171 | } else { | 171 | } else { |
172 | if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { | 172 | if (getpeername(sock, (struct sockaddr *)&from, &fromlen) == -1) { |
173 | debug("getpeername failed: %.100s", strerror(errno)); | 173 | debug("getpeername failed: %.100s", strerror(errno)); |
174 | return -1; | 174 | return -1; |
175 | } | 175 | } |
diff --git a/channels.c b/channels.c index 30691c82f..e1c7be81f 100644 --- a/channels.c +++ b/channels.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: channels.c,v 1.392 2019/06/07 14:18:48 dtucker Exp $ */ | 1 | /* $OpenBSD: channels.c,v 1.393 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1671,7 +1671,7 @@ channel_post_x11_listener(struct ssh *ssh, Channel *c, | |||
1671 | chan_mark_dead(ssh, c); | 1671 | chan_mark_dead(ssh, c); |
1672 | errno = oerrno; | 1672 | errno = oerrno; |
1673 | } | 1673 | } |
1674 | if (newsock < 0) { | 1674 | if (newsock == -1) { |
1675 | if (errno != EINTR && errno != EWOULDBLOCK && | 1675 | if (errno != EINTR && errno != EWOULDBLOCK && |
1676 | errno != ECONNABORTED) | 1676 | errno != ECONNABORTED) |
1677 | error("accept: %.100s", strerror(errno)); | 1677 | error("accept: %.100s", strerror(errno)); |
@@ -1814,7 +1814,7 @@ channel_post_port_listener(struct ssh *ssh, Channel *c, | |||
1814 | 1814 | ||
1815 | addrlen = sizeof(addr); | 1815 | addrlen = sizeof(addr); |
1816 | newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen); | 1816 | newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen); |
1817 | if (newsock < 0) { | 1817 | if (newsock == -1) { |
1818 | if (errno != EINTR && errno != EWOULDBLOCK && | 1818 | if (errno != EINTR && errno != EWOULDBLOCK && |
1819 | errno != ECONNABORTED) | 1819 | errno != ECONNABORTED) |
1820 | error("accept: %.100s", strerror(errno)); | 1820 | error("accept: %.100s", strerror(errno)); |
@@ -1853,7 +1853,7 @@ channel_post_auth_listener(struct ssh *ssh, Channel *c, | |||
1853 | 1853 | ||
1854 | addrlen = sizeof(addr); | 1854 | addrlen = sizeof(addr); |
1855 | newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen); | 1855 | newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen); |
1856 | if (newsock < 0) { | 1856 | if (newsock == -1) { |
1857 | error("accept from auth socket: %.100s", strerror(errno)); | 1857 | error("accept from auth socket: %.100s", strerror(errno)); |
1858 | if (errno == EMFILE || errno == ENFILE) | 1858 | if (errno == EMFILE || errno == ENFILE) |
1859 | c->notbefore = monotime() + 1; | 1859 | c->notbefore = monotime() + 1; |
@@ -1881,7 +1881,7 @@ channel_post_connecting(struct ssh *ssh, Channel *c, | |||
1881 | fatal(":%s: channel %d: no remote id", __func__, c->self); | 1881 | fatal(":%s: channel %d: no remote id", __func__, c->self); |
1882 | /* for rdynamic the OPEN_CONFIRMATION has been sent already */ | 1882 | /* for rdynamic the OPEN_CONFIRMATION has been sent already */ |
1883 | isopen = (c->type == SSH_CHANNEL_RDYNAMIC_FINISH); | 1883 | isopen = (c->type == SSH_CHANNEL_RDYNAMIC_FINISH); |
1884 | if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, &err, &sz) < 0) { | 1884 | if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, &err, &sz) == -1) { |
1885 | err = errno; | 1885 | err = errno; |
1886 | error("getsockopt SO_ERROR failed"); | 1886 | error("getsockopt SO_ERROR failed"); |
1887 | } | 1887 | } |
@@ -1956,7 +1956,7 @@ channel_handle_rfd(struct ssh *ssh, Channel *c, | |||
1956 | 1956 | ||
1957 | errno = 0; | 1957 | errno = 0; |
1958 | len = read(c->rfd, buf, sizeof(buf)); | 1958 | len = read(c->rfd, buf, sizeof(buf)); |
1959 | if (len < 0 && (errno == EINTR || | 1959 | if (len == -1 && (errno == EINTR || |
1960 | ((errno == EAGAIN || errno == EWOULDBLOCK) && !force))) | 1960 | ((errno == EAGAIN || errno == EWOULDBLOCK) && !force))) |
1961 | return 1; | 1961 | return 1; |
1962 | #ifndef PTY_ZEROREAD | 1962 | #ifndef PTY_ZEROREAD |
@@ -2030,7 +2030,7 @@ channel_handle_wfd(struct ssh *ssh, Channel *c, | |||
2030 | /* ignore truncated writes, datagrams might get lost */ | 2030 | /* ignore truncated writes, datagrams might get lost */ |
2031 | len = write(c->wfd, buf, dlen); | 2031 | len = write(c->wfd, buf, dlen); |
2032 | free(data); | 2032 | free(data); |
2033 | if (len < 0 && (errno == EINTR || errno == EAGAIN || | 2033 | if (len == -1 && (errno == EINTR || errno == EAGAIN || |
2034 | errno == EWOULDBLOCK)) | 2034 | errno == EWOULDBLOCK)) |
2035 | return 1; | 2035 | return 1; |
2036 | if (len <= 0) | 2036 | if (len <= 0) |
@@ -2045,7 +2045,7 @@ channel_handle_wfd(struct ssh *ssh, Channel *c, | |||
2045 | #endif | 2045 | #endif |
2046 | 2046 | ||
2047 | len = write(c->wfd, buf, dlen); | 2047 | len = write(c->wfd, buf, dlen); |
2048 | if (len < 0 && | 2048 | if (len == -1 && |
2049 | (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)) | 2049 | (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)) |
2050 | return 1; | 2050 | return 1; |
2051 | if (len <= 0) { | 2051 | if (len <= 0) { |
@@ -2099,7 +2099,7 @@ channel_handle_efd_write(struct ssh *ssh, Channel *c, | |||
2099 | len = write(c->efd, sshbuf_ptr(c->extended), | 2099 | len = write(c->efd, sshbuf_ptr(c->extended), |
2100 | sshbuf_len(c->extended)); | 2100 | sshbuf_len(c->extended)); |
2101 | debug2("channel %d: written %zd to efd %d", c->self, len, c->efd); | 2101 | debug2("channel %d: written %zd to efd %d", c->self, len, c->efd); |
2102 | if (len < 0 && (errno == EINTR || errno == EAGAIN || | 2102 | if (len == -1 && (errno == EINTR || errno == EAGAIN || |
2103 | errno == EWOULDBLOCK)) | 2103 | errno == EWOULDBLOCK)) |
2104 | return 1; | 2104 | return 1; |
2105 | if (len <= 0) { | 2105 | if (len <= 0) { |
@@ -2130,7 +2130,7 @@ channel_handle_efd_read(struct ssh *ssh, Channel *c, | |||
2130 | 2130 | ||
2131 | len = read(c->efd, buf, sizeof(buf)); | 2131 | len = read(c->efd, buf, sizeof(buf)); |
2132 | debug2("channel %d: read %zd from efd %d", c->self, len, c->efd); | 2132 | debug2("channel %d: read %zd from efd %d", c->self, len, c->efd); |
2133 | if (len < 0 && (errno == EINTR || ((errno == EAGAIN || | 2133 | if (len == -1 && (errno == EINTR || ((errno == EAGAIN || |
2134 | errno == EWOULDBLOCK) && !force))) | 2134 | errno == EWOULDBLOCK) && !force))) |
2135 | return 1; | 2135 | return 1; |
2136 | if (len <= 0) { | 2136 | if (len <= 0) { |
@@ -2219,7 +2219,7 @@ read_mux(struct ssh *ssh, Channel *c, u_int need) | |||
2219 | if (sshbuf_len(c->input) < need) { | 2219 | if (sshbuf_len(c->input) < need) { |
2220 | rlen = need - sshbuf_len(c->input); | 2220 | rlen = need - sshbuf_len(c->input); |
2221 | len = read(c->rfd, buf, MINIMUM(rlen, CHAN_RBUF)); | 2221 | len = read(c->rfd, buf, MINIMUM(rlen, CHAN_RBUF)); |
2222 | if (len < 0 && (errno == EINTR || errno == EAGAIN)) | 2222 | if (len == -1 && (errno == EINTR || errno == EAGAIN)) |
2223 | return sshbuf_len(c->input); | 2223 | return sshbuf_len(c->input); |
2224 | if (len <= 0) { | 2224 | if (len <= 0) { |
2225 | debug2("channel %d: ctl read<=0 rfd %d len %zd", | 2225 | debug2("channel %d: ctl read<=0 rfd %d len %zd", |
@@ -2283,7 +2283,7 @@ channel_post_mux_client_write(struct ssh *ssh, Channel *c, | |||
2283 | return; | 2283 | return; |
2284 | 2284 | ||
2285 | len = write(c->wfd, sshbuf_ptr(c->output), sshbuf_len(c->output)); | 2285 | len = write(c->wfd, sshbuf_ptr(c->output), sshbuf_len(c->output)); |
2286 | if (len < 0 && (errno == EINTR || errno == EAGAIN)) | 2286 | if (len == -1 && (errno == EINTR || errno == EAGAIN)) |
2287 | return; | 2287 | return; |
2288 | if (len <= 0) { | 2288 | if (len <= 0) { |
2289 | chan_mark_dead(ssh, c); | 2289 | chan_mark_dead(ssh, c); |
@@ -2331,7 +2331,7 @@ channel_post_mux_listener(struct ssh *ssh, Channel *c, | |||
2331 | return; | 2331 | return; |
2332 | } | 2332 | } |
2333 | 2333 | ||
2334 | if (getpeereid(newsock, &euid, &egid) < 0) { | 2334 | if (getpeereid(newsock, &euid, &egid) == -1) { |
2335 | error("%s getpeereid failed: %s", __func__, | 2335 | error("%s getpeereid failed: %s", __func__, |
2336 | strerror(errno)); | 2336 | strerror(errno)); |
2337 | close(newsock); | 2337 | close(newsock); |
@@ -3461,7 +3461,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, | |||
3461 | } | 3461 | } |
3462 | /* Create a port to listen for the host. */ | 3462 | /* Create a port to listen for the host. */ |
3463 | sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); | 3463 | sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); |
3464 | if (sock < 0) { | 3464 | if (sock == -1) { |
3465 | /* this is no error since kernel may not support ipv6 */ | 3465 | /* this is no error since kernel may not support ipv6 */ |
3466 | verbose("socket [%s]:%s: %.100s", ntop, strport, | 3466 | verbose("socket [%s]:%s: %.100s", ntop, strport, |
3467 | strerror(errno)); | 3467 | strerror(errno)); |
@@ -3476,7 +3476,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, | |||
3476 | ntop, strport); | 3476 | ntop, strport); |
3477 | 3477 | ||
3478 | /* Bind the socket to the address. */ | 3478 | /* Bind the socket to the address. */ |
3479 | if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { | 3479 | if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) { |
3480 | /* | 3480 | /* |
3481 | * address can be in if use ipv6 address is | 3481 | * address can be in if use ipv6 address is |
3482 | * already bound | 3482 | * already bound |
@@ -3492,7 +3492,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type, | |||
3492 | continue; | 3492 | continue; |
3493 | } | 3493 | } |
3494 | /* Start listening for connections on the socket. */ | 3494 | /* Start listening for connections on the socket. */ |
3495 | if (listen(sock, SSH_LISTEN_BACKLOG) < 0) { | 3495 | if (listen(sock, SSH_LISTEN_BACKLOG) == -1) { |
3496 | error("listen: %.100s", strerror(errno)); | 3496 | error("listen: %.100s", strerror(errno)); |
3497 | error("listen [%s]:%s: %.100s", ntop, strport, | 3497 | error("listen [%s]:%s: %.100s", ntop, strport, |
3498 | strerror(errno)); | 3498 | strerror(errno)); |
@@ -4512,7 +4512,7 @@ channel_send_window_changes(struct ssh *ssh) | |||
4512 | if (sc->channels[i] == NULL || !sc->channels[i]->client_tty || | 4512 | if (sc->channels[i] == NULL || !sc->channels[i]->client_tty || |
4513 | sc->channels[i]->type != SSH_CHANNEL_OPEN) | 4513 | sc->channels[i]->type != SSH_CHANNEL_OPEN) |
4514 | continue; | 4514 | continue; |
4515 | if (ioctl(sc->channels[i]->rfd, TIOCGWINSZ, &ws) < 0) | 4515 | if (ioctl(sc->channels[i]->rfd, TIOCGWINSZ, &ws) == -1) |
4516 | continue; | 4516 | continue; |
4517 | channel_request_start(ssh, i, "window-change", 0); | 4517 | channel_request_start(ssh, i, "window-change", 0); |
4518 | if ((r = sshpkt_put_u32(ssh, (u_int)ws.ws_col)) != 0 || | 4518 | if ((r = sshpkt_put_u32(ssh, (u_int)ws.ws_col)) != 0 || |
@@ -4615,7 +4615,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, | |||
4615 | continue; | 4615 | continue; |
4616 | sock = socket(ai->ai_family, ai->ai_socktype, | 4616 | sock = socket(ai->ai_family, ai->ai_socktype, |
4617 | ai->ai_protocol); | 4617 | ai->ai_protocol); |
4618 | if (sock < 0) { | 4618 | if (sock == -1) { |
4619 | if ((errno != EINVAL) && (errno != EAFNOSUPPORT) | 4619 | if ((errno != EINVAL) && (errno != EAFNOSUPPORT) |
4620 | #ifdef EPFNOSUPPORT | 4620 | #ifdef EPFNOSUPPORT |
4621 | && (errno != EPFNOSUPPORT) | 4621 | && (errno != EPFNOSUPPORT) |
@@ -4634,7 +4634,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, | |||
4634 | sock_set_v6only(sock); | 4634 | sock_set_v6only(sock); |
4635 | if (x11_use_localhost) | 4635 | if (x11_use_localhost) |
4636 | set_reuseaddr(sock); | 4636 | set_reuseaddr(sock); |
4637 | if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { | 4637 | if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) { |
4638 | debug2("%s: bind port %d: %.100s", __func__, | 4638 | debug2("%s: bind port %d: %.100s", __func__, |
4639 | port, strerror(errno)); | 4639 | port, strerror(errno)); |
4640 | close(sock); | 4640 | close(sock); |
@@ -4658,7 +4658,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset, | |||
4658 | /* Start listening for connections on the socket. */ | 4658 | /* Start listening for connections on the socket. */ |
4659 | for (n = 0; n < num_socks; n++) { | 4659 | for (n = 0; n < num_socks; n++) { |
4660 | sock = socks[n]; | 4660 | sock = socks[n]; |
4661 | if (listen(sock, SSH_LISTEN_BACKLOG) < 0) { | 4661 | if (listen(sock, SSH_LISTEN_BACKLOG) == -1) { |
4662 | error("listen: %.100s", strerror(errno)); | 4662 | error("listen: %.100s", strerror(errno)); |
4663 | close(sock); | 4663 | close(sock); |
4664 | return -1; | 4664 | return -1; |
@@ -4690,7 +4690,7 @@ connect_local_xsocket_path(const char *pathname) | |||
4690 | struct sockaddr_un addr; | 4690 | struct sockaddr_un addr; |
4691 | 4691 | ||
4692 | sock = socket(AF_UNIX, SOCK_STREAM, 0); | 4692 | sock = socket(AF_UNIX, SOCK_STREAM, 0); |
4693 | if (sock < 0) | 4693 | if (sock == -1) |
4694 | error("socket: %.100s", strerror(errno)); | 4694 | error("socket: %.100s", strerror(errno)); |
4695 | memset(&addr, 0, sizeof(addr)); | 4695 | memset(&addr, 0, sizeof(addr)); |
4696 | addr.sun_family = AF_UNIX; | 4696 | addr.sun_family = AF_UNIX; |
@@ -4831,12 +4831,12 @@ x11_connect_display(struct ssh *ssh) | |||
4831 | for (ai = aitop; ai; ai = ai->ai_next) { | 4831 | for (ai = aitop; ai; ai = ai->ai_next) { |
4832 | /* Create a socket. */ | 4832 | /* Create a socket. */ |
4833 | sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); | 4833 | sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); |
4834 | if (sock < 0) { | 4834 | if (sock == -1) { |
4835 | debug2("socket: %.100s", strerror(errno)); | 4835 | debug2("socket: %.100s", strerror(errno)); |
4836 | continue; | 4836 | continue; |
4837 | } | 4837 | } |
4838 | /* Connect it to the display. */ | 4838 | /* Connect it to the display. */ |
4839 | if (connect(sock, ai->ai_addr, ai->ai_addrlen) < 0) { | 4839 | if (connect(sock, ai->ai_addr, ai->ai_addrlen) == -1) { |
4840 | debug2("connect %.100s port %u: %.100s", buf, | 4840 | debug2("connect %.100s port %u: %.100s", buf, |
4841 | 6000 + display_number, strerror(errno)); | 4841 | 6000 + display_number, strerror(errno)); |
4842 | close(sock); | 4842 | close(sock); |
diff --git a/clientloop.c b/clientloop.c index ccf8f4b8c..7f32871f8 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: clientloop.c,v 1.325 2019/06/26 22:29:43 dtucker Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.326 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -561,7 +561,7 @@ client_wait_until_can_do_something(struct ssh *ssh, | |||
561 | } | 561 | } |
562 | 562 | ||
563 | ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp); | 563 | ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp); |
564 | if (ret < 0) { | 564 | if (ret == -1) { |
565 | /* | 565 | /* |
566 | * We have to clear the select masks, because we return. | 566 | * We have to clear the select masks, because we return. |
567 | * We have to return, because the mainloop checks for the flags | 567 | * We have to return, because the mainloop checks for the flags |
@@ -644,11 +644,11 @@ client_process_net_input(struct ssh *ssh, fd_set *readset) | |||
644 | * There is a kernel bug on Solaris that causes select to | 644 | * There is a kernel bug on Solaris that causes select to |
645 | * sometimes wake up even though there is no data available. | 645 | * sometimes wake up even though there is no data available. |
646 | */ | 646 | */ |
647 | if (len < 0 && | 647 | if (len == -1 && |
648 | (errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK)) | 648 | (errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK)) |
649 | len = 0; | 649 | len = 0; |
650 | 650 | ||
651 | if (len < 0) { | 651 | if (len == -1) { |
652 | /* | 652 | /* |
653 | * An error has encountered. Perhaps there is a | 653 | * An error has encountered. Perhaps there is a |
654 | * network problem. | 654 | * network problem. |
@@ -1096,7 +1096,7 @@ process_escapes(struct ssh *ssh, Channel *c, | |||
1096 | 1096 | ||
1097 | /* Fork into background. */ | 1097 | /* Fork into background. */ |
1098 | pid = fork(); | 1098 | pid = fork(); |
1099 | if (pid < 0) { | 1099 | if (pid == -1) { |
1100 | error("fork: %.100s", strerror(errno)); | 1100 | error("fork: %.100s", strerror(errno)); |
1101 | continue; | 1101 | continue; |
1102 | } | 1102 | } |
@@ -2248,7 +2248,7 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, | |||
2248 | struct winsize ws; | 2248 | struct winsize ws; |
2249 | 2249 | ||
2250 | /* Store window size in the packet. */ | 2250 | /* Store window size in the packet. */ |
2251 | if (ioctl(in_fd, TIOCGWINSZ, &ws) < 0) | 2251 | if (ioctl(in_fd, TIOCGWINSZ, &ws) == -1) |
2252 | memset(&ws, 0, sizeof(ws)); | 2252 | memset(&ws, 0, sizeof(ws)); |
2253 | 2253 | ||
2254 | channel_request_start(ssh, id, "pty-req", 1); | 2254 | channel_request_start(ssh, id, "pty-req", 1); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.c,v 1.138 2019/06/27 18:03:37 deraadt Exp $ */ | 1 | /* $OpenBSD: misc.c,v 1.139 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. |
@@ -96,7 +96,7 @@ set_nonblock(int fd) | |||
96 | int val; | 96 | int val; |
97 | 97 | ||
98 | val = fcntl(fd, F_GETFL); | 98 | val = fcntl(fd, F_GETFL); |
99 | if (val < 0) { | 99 | if (val == -1) { |
100 | error("fcntl(%d, F_GETFL): %s", fd, strerror(errno)); | 100 | error("fcntl(%d, F_GETFL): %s", fd, strerror(errno)); |
101 | return (-1); | 101 | return (-1); |
102 | } | 102 | } |
@@ -120,7 +120,7 @@ unset_nonblock(int fd) | |||
120 | int val; | 120 | int val; |
121 | 121 | ||
122 | val = fcntl(fd, F_GETFL); | 122 | val = fcntl(fd, F_GETFL); |
123 | if (val < 0) { | 123 | if (val == -1) { |
124 | error("fcntl(%d, F_GETFL): %s", fd, strerror(errno)); | 124 | error("fcntl(%d, F_GETFL): %s", fd, strerror(errno)); |
125 | return (-1); | 125 | return (-1); |
126 | } | 126 | } |
@@ -1136,7 +1136,7 @@ tun_open(int tun, int mode, char **ifname) | |||
1136 | return -1; | 1136 | return -1; |
1137 | } | 1137 | } |
1138 | 1138 | ||
1139 | if (fd < 0) { | 1139 | if (fd == -1) { |
1140 | debug("%s: %s open: %s", __func__, name, strerror(errno)); | 1140 | debug("%s: %s open: %s", __func__, name, strerror(errno)); |
1141 | return -1; | 1141 | return -1; |
1142 | } | 1142 | } |
@@ -1575,7 +1575,7 @@ unix_listener(const char *path, int backlog, int unlink_first) | |||
1575 | } | 1575 | } |
1576 | 1576 | ||
1577 | sock = socket(PF_UNIX, SOCK_STREAM, 0); | 1577 | sock = socket(PF_UNIX, SOCK_STREAM, 0); |
1578 | if (sock < 0) { | 1578 | if (sock == -1) { |
1579 | saved_errno = errno; | 1579 | saved_errno = errno; |
1580 | error("%s: socket: %.100s", __func__, strerror(errno)); | 1580 | error("%s: socket: %.100s", __func__, strerror(errno)); |
1581 | errno = saved_errno; | 1581 | errno = saved_errno; |
@@ -1585,7 +1585,7 @@ unix_listener(const char *path, int backlog, int unlink_first) | |||
1585 | if (unlink(path) != 0 && errno != ENOENT) | 1585 | if (unlink(path) != 0 && errno != ENOENT) |
1586 | error("unlink(%s): %.100s", path, strerror(errno)); | 1586 | error("unlink(%s): %.100s", path, strerror(errno)); |
1587 | } | 1587 | } |
1588 | if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) { | 1588 | if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) { |
1589 | saved_errno = errno; | 1589 | saved_errno = errno; |
1590 | error("%s: cannot bind to path %s: %s", | 1590 | error("%s: cannot bind to path %s: %s", |
1591 | __func__, path, strerror(errno)); | 1591 | __func__, path, strerror(errno)); |
@@ -1593,7 +1593,7 @@ unix_listener(const char *path, int backlog, int unlink_first) | |||
1593 | errno = saved_errno; | 1593 | errno = saved_errno; |
1594 | return -1; | 1594 | return -1; |
1595 | } | 1595 | } |
1596 | if (listen(sock, backlog) < 0) { | 1596 | if (listen(sock, backlog) == -1) { |
1597 | saved_errno = errno; | 1597 | saved_errno = errno; |
1598 | error("%s: cannot listen on path %s: %s", | 1598 | error("%s: cannot listen on path %s: %s", |
1599 | __func__, path, strerror(errno)); | 1599 | __func__, path, strerror(errno)); |
@@ -1875,7 +1875,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir, | |||
1875 | } | 1875 | } |
1876 | strlcpy(buf, cp, sizeof(buf)); | 1876 | strlcpy(buf, cp, sizeof(buf)); |
1877 | 1877 | ||
1878 | if (stat(buf, &st) < 0 || | 1878 | if (stat(buf, &st) == -1 || |
1879 | (!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) || | 1879 | (!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) || |
1880 | (st.st_mode & 022) != 0) { | 1880 | (st.st_mode & 022) != 0) { |
1881 | snprintf(err, errlen, | 1881 | snprintf(err, errlen, |
@@ -1910,7 +1910,7 @@ safe_path_fd(int fd, const char *file, struct passwd *pw, | |||
1910 | struct stat st; | 1910 | struct stat st; |
1911 | 1911 | ||
1912 | /* check the open file to avoid races */ | 1912 | /* check the open file to avoid races */ |
1913 | if (fstat(fd, &st) < 0) { | 1913 | if (fstat(fd, &st) == -1) { |
1914 | snprintf(err, errlen, "cannot stat file %s: %s", | 1914 | snprintf(err, errlen, "cannot stat file %s: %s", |
1915 | file, strerror(errno)); | 1915 | file, strerror(errno)); |
1916 | return -1; | 1916 | return -1; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor.c,v 1.197 2019/01/21 10:38:54 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.198 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -1470,7 +1470,7 @@ mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw) | |||
1470 | fromlen = sizeof(from); | 1470 | fromlen = sizeof(from); |
1471 | if (ssh_packet_connection_is_on_socket(ssh)) { | 1471 | if (ssh_packet_connection_is_on_socket(ssh)) { |
1472 | if (getpeername(ssh_packet_get_connection_in(ssh), | 1472 | if (getpeername(ssh_packet_get_connection_in(ssh), |
1473 | (struct sockaddr *)&from, &fromlen) < 0) { | 1473 | (struct sockaddr *)&from, &fromlen) == -1) { |
1474 | debug("getpeername: %.100s", strerror(errno)); | 1474 | debug("getpeername: %.100s", strerror(errno)); |
1475 | cleanup_exit(255); | 1475 | cleanup_exit(255); |
1476 | } | 1476 | } |
@@ -1538,7 +1538,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m) | |||
1538 | fatal("%s: send fds failed", __func__); | 1538 | fatal("%s: send fds failed", __func__); |
1539 | 1539 | ||
1540 | /* make sure nothing uses fd 0 */ | 1540 | /* make sure nothing uses fd 0 */ |
1541 | if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0) | 1541 | if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) == -1) |
1542 | fatal("%s: open(/dev/null): %s", __func__, strerror(errno)); | 1542 | fatal("%s: open(/dev/null): %s", __func__, strerror(errno)); |
1543 | if (fd0 != 0) | 1543 | if (fd0 != 0) |
1544 | error("%s: fd0 %d != 0", __func__, fd0); | 1544 | error("%s: fd0 %d != 0", __func__, fd0); |
@@ -1730,9 +1730,9 @@ monitor_openfds(struct monitor *mon, int do_logfds) | |||
1730 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) | 1730 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1) |
1731 | fatal("%s: socketpair: %s", __func__, strerror(errno)); | 1731 | fatal("%s: socketpair: %s", __func__, strerror(errno)); |
1732 | #ifdef SO_ZEROIZE | 1732 | #ifdef SO_ZEROIZE |
1733 | if (setsockopt(pair[0], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0) | 1733 | if (setsockopt(pair[0], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) == -1) |
1734 | error("setsockopt SO_ZEROIZE(0): %.100s", strerror(errno)); | 1734 | error("setsockopt SO_ZEROIZE(0): %.100s", strerror(errno)); |
1735 | if (setsockopt(pair[1], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0) | 1735 | if (setsockopt(pair[1], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) == -1) |
1736 | error("setsockopt SO_ZEROIZE(1): %.100s", strerror(errno)); | 1736 | error("setsockopt SO_ZEROIZE(1): %.100s", strerror(errno)); |
1737 | #endif | 1737 | #endif |
1738 | FD_CLOSEONEXEC(pair[0]); | 1738 | FD_CLOSEONEXEC(pair[0]); |
diff --git a/monitor_wrap.c b/monitor_wrap.c index 186e8f022..4169b7604 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: monitor_wrap.c,v 1.112 2019/01/21 09:54:11 djm Exp $ */ | 1 | /* $OpenBSD: monitor_wrap.c,v 1.113 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
@@ -612,7 +612,7 @@ mm_session_pty_cleanup2(Session *s) | |||
612 | sshbuf_free(m); | 612 | sshbuf_free(m); |
613 | 613 | ||
614 | /* closed dup'ed master */ | 614 | /* closed dup'ed master */ |
615 | if (s->ptymaster != -1 && close(s->ptymaster) < 0) | 615 | if (s->ptymaster != -1 && close(s->ptymaster) == -1) |
616 | error("close(s->ptymaster/%d): %s", | 616 | error("close(s->ptymaster/%d): %s", |
617 | s->ptymaster, strerror(errno)); | 617 | s->ptymaster, strerror(errno)); |
618 | 618 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mux.c,v 1.79 2019/01/19 21:35:25 djm Exp $ */ | 1 | /* $OpenBSD: mux.c,v 1.80 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -1492,7 +1492,7 @@ mux_client_read(int fd, struct sshbuf *b, size_t need) | |||
1492 | return -1; | 1492 | return -1; |
1493 | } | 1493 | } |
1494 | len = read(fd, p + have, need - have); | 1494 | len = read(fd, p + have, need - have); |
1495 | if (len < 0) { | 1495 | if (len == -1) { |
1496 | switch (errno) { | 1496 | switch (errno) { |
1497 | #if defined(EWOULDBLOCK) && (EWOULDBLOCK != EAGAIN) | 1497 | #if defined(EWOULDBLOCK) && (EWOULDBLOCK != EAGAIN) |
1498 | case EWOULDBLOCK: | 1498 | case EWOULDBLOCK: |
@@ -1541,7 +1541,7 @@ mux_client_write_packet(int fd, struct sshbuf *m) | |||
1541 | return -1; | 1541 | return -1; |
1542 | } | 1542 | } |
1543 | len = write(fd, ptr + have, need - have); | 1543 | len = write(fd, ptr + have, need - have); |
1544 | if (len < 0) { | 1544 | if (len == -1) { |
1545 | switch (errno) { | 1545 | switch (errno) { |
1546 | #if defined(EWOULDBLOCK) && (EWOULDBLOCK != EAGAIN) | 1546 | #if defined(EWOULDBLOCK) && (EWOULDBLOCK != EAGAIN) |
1547 | case EWOULDBLOCK: | 1547 | case EWOULDBLOCK: |
@@ -2324,7 +2324,7 @@ muxclient(const char *path) | |||
2324 | fatal("ControlPath too long ('%s' >= %u bytes)", path, | 2324 | fatal("ControlPath too long ('%s' >= %u bytes)", path, |
2325 | (unsigned int)sizeof(addr.sun_path)); | 2325 | (unsigned int)sizeof(addr.sun_path)); |
2326 | 2326 | ||
2327 | if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) | 2327 | if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) |
2328 | fatal("%s socket(): %s", __func__, strerror(errno)); | 2328 | fatal("%s socket(): %s", __func__, strerror(errno)); |
2329 | 2329 | ||
2330 | if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == -1) { | 2330 | if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == -1) { |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: nchan.c,v 1.69 2018/10/04 07:47:35 djm Exp $ */ | 1 | /* $OpenBSD: nchan.c,v 1.70 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -380,7 +380,7 @@ chan_shutdown_write(struct ssh *ssh, Channel *c) | |||
380 | c->self, __func__, c->istate, c->ostate, c->sock, c->wfd, c->efd, | 380 | c->self, __func__, c->istate, c->ostate, c->sock, c->wfd, c->efd, |
381 | channel_format_extended_usage(c)); | 381 | channel_format_extended_usage(c)); |
382 | if (c->sock != -1) { | 382 | if (c->sock != -1) { |
383 | if (shutdown(c->sock, SHUT_WR) < 0) { | 383 | if (shutdown(c->sock, SHUT_WR) == -1) { |
384 | debug2("channel %d: %s: shutdown() failed for " | 384 | debug2("channel %d: %s: shutdown() failed for " |
385 | "fd %d [i%d o%d]: %.100s", c->self, __func__, | 385 | "fd %d [i%d o%d]: %.100s", c->self, __func__, |
386 | c->sock, c->istate, c->ostate, | 386 | c->sock, c->istate, c->ostate, |
@@ -410,7 +410,7 @@ chan_shutdown_read(struct ssh *ssh, Channel *c) | |||
410 | * write side has been closed already. (bug on Linux) | 410 | * write side has been closed already. (bug on Linux) |
411 | * HP-UX may return ENOTCONN also. | 411 | * HP-UX may return ENOTCONN also. |
412 | */ | 412 | */ |
413 | if (shutdown(c->sock, SHUT_RD) < 0 && errno != ENOTCONN) { | 413 | if (shutdown(c->sock, SHUT_RD) == -1 && errno != ENOTCONN) { |
414 | error("channel %d: %s: shutdown() failed for " | 414 | error("channel %d: %s: shutdown() failed for " |
415 | "fd %d [i%d o%d]: %.100s", | 415 | "fd %d [i%d o%d]: %.100s", |
416 | c->self, __func__, c->sock, c->istate, c->ostate, | 416 | c->self, __func__, c->sock, c->istate, c->ostate, |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.c,v 1.285 2019/06/07 14:18:48 dtucker Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.286 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -440,12 +440,12 @@ ssh_packet_connection_is_on_socket(struct ssh *ssh) | |||
440 | fromlen = sizeof(from); | 440 | fromlen = sizeof(from); |
441 | memset(&from, 0, sizeof(from)); | 441 | memset(&from, 0, sizeof(from)); |
442 | if (getpeername(state->connection_in, (struct sockaddr *)&from, | 442 | if (getpeername(state->connection_in, (struct sockaddr *)&from, |
443 | &fromlen) < 0) | 443 | &fromlen) == -1) |
444 | return 0; | 444 | return 0; |
445 | tolen = sizeof(to); | 445 | tolen = sizeof(to); |
446 | memset(&to, 0, sizeof(to)); | 446 | memset(&to, 0, sizeof(to)); |
447 | if (getpeername(state->connection_out, (struct sockaddr *)&to, | 447 | if (getpeername(state->connection_out, (struct sockaddr *)&to, |
448 | &tolen) < 0) | 448 | &tolen) == -1) |
449 | return 0; | 449 | return 0; |
450 | if (fromlen != tolen || memcmp(&from, &to, fromlen) != 0) | 450 | if (fromlen != tolen || memcmp(&from, &to, fromlen) != 0) |
451 | return 0; | 451 | return 0; |
@@ -471,7 +471,7 @@ ssh_packet_connection_af(struct ssh *ssh) | |||
471 | 471 | ||
472 | memset(&to, 0, sizeof(to)); | 472 | memset(&to, 0, sizeof(to)); |
473 | if (getsockname(ssh->state->connection_out, (struct sockaddr *)&to, | 473 | if (getsockname(ssh->state->connection_out, (struct sockaddr *)&to, |
474 | &tolen) < 0) | 474 | &tolen) == -1) |
475 | return 0; | 475 | return 0; |
476 | #ifdef IPV4_IN_IPV6 | 476 | #ifdef IPV4_IN_IPV6 |
477 | if (to.ss_family == AF_INET6 && | 477 | if (to.ss_family == AF_INET6 && |
@@ -1359,7 +1359,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) | |||
1359 | r = SSH_ERR_CONN_CLOSED; | 1359 | r = SSH_ERR_CONN_CLOSED; |
1360 | goto out; | 1360 | goto out; |
1361 | } | 1361 | } |
1362 | if (len < 0) { | 1362 | if (len == -1) { |
1363 | r = SSH_ERR_SYSTEM_ERROR; | 1363 | r = SSH_ERR_SYSTEM_ERROR; |
1364 | goto out; | 1364 | goto out; |
1365 | } | 1365 | } |
@@ -2036,7 +2036,7 @@ ssh_packet_set_tos(struct ssh *ssh, int tos) | |||
2036 | case AF_INET: | 2036 | case AF_INET: |
2037 | debug3("%s: set IP_TOS 0x%02x", __func__, tos); | 2037 | debug3("%s: set IP_TOS 0x%02x", __func__, tos); |
2038 | if (setsockopt(ssh->state->connection_in, | 2038 | if (setsockopt(ssh->state->connection_in, |
2039 | IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) < 0) | 2039 | IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) == -1) |
2040 | error("setsockopt IP_TOS %d: %.100s:", | 2040 | error("setsockopt IP_TOS %d: %.100s:", |
2041 | tos, strerror(errno)); | 2041 | tos, strerror(errno)); |
2042 | break; | 2042 | break; |
@@ -2045,7 +2045,7 @@ ssh_packet_set_tos(struct ssh *ssh, int tos) | |||
2045 | case AF_INET6: | 2045 | case AF_INET6: |
2046 | debug3("%s: set IPV6_TCLASS 0x%02x", __func__, tos); | 2046 | debug3("%s: set IPV6_TCLASS 0x%02x", __func__, tos); |
2047 | if (setsockopt(ssh->state->connection_in, | 2047 | if (setsockopt(ssh->state->connection_in, |
2048 | IPPROTO_IPV6, IPV6_TCLASS, &tos, sizeof(tos)) < 0) | 2048 | IPPROTO_IPV6, IPV6_TCLASS, &tos, sizeof(tos)) == -1) |
2049 | error("setsockopt IPV6_TCLASS %d: %.100s:", | 2049 | error("setsockopt IPV6_TCLASS %d: %.100s:", |
2050 | tos, strerror(errno)); | 2050 | tos, strerror(errno)); |
2051 | break; | 2051 | break; |
diff --git a/readconf.c b/readconf.c index ec30ab30a..27b535e1f 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.306 2019/06/12 11:31:50 jmc Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.307 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -518,7 +518,7 @@ execute_in_shell(const char *cmd) | |||
518 | _exit(1); | 518 | _exit(1); |
519 | } | 519 | } |
520 | /* Parent. */ | 520 | /* Parent. */ |
521 | if (pid < 0) | 521 | if (pid == -1) |
522 | fatal("%s: fork: %.100s", __func__, strerror(errno)); | 522 | fatal("%s: fork: %.100s", __func__, strerror(errno)); |
523 | 523 | ||
524 | close(devnull); | 524 | close(devnull); |
diff --git a/readpass.c b/readpass.c index 44014ef8a..7e52cae9c 100644 --- a/readpass.c +++ b/readpass.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readpass.c,v 1.53 2019/01/19 04:15:56 tb Exp $ */ | 1 | /* $OpenBSD: readpass.c,v 1.54 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -61,19 +61,19 @@ ssh_askpass(char *askpass, const char *msg) | |||
61 | error("ssh_askpass: fflush: %s", strerror(errno)); | 61 | error("ssh_askpass: fflush: %s", strerror(errno)); |
62 | if (askpass == NULL) | 62 | if (askpass == NULL) |
63 | fatal("internal error: askpass undefined"); | 63 | fatal("internal error: askpass undefined"); |
64 | if (pipe(p) < 0) { | 64 | if (pipe(p) == -1) { |
65 | error("ssh_askpass: pipe: %s", strerror(errno)); | 65 | error("ssh_askpass: pipe: %s", strerror(errno)); |
66 | return NULL; | 66 | return NULL; |
67 | } | 67 | } |
68 | osigchld = signal(SIGCHLD, SIG_DFL); | 68 | osigchld = signal(SIGCHLD, SIG_DFL); |
69 | if ((pid = fork()) < 0) { | 69 | if ((pid = fork()) == -1) { |
70 | error("ssh_askpass: fork: %s", strerror(errno)); | 70 | error("ssh_askpass: fork: %s", strerror(errno)); |
71 | signal(SIGCHLD, osigchld); | 71 | signal(SIGCHLD, osigchld); |
72 | return NULL; | 72 | return NULL; |
73 | } | 73 | } |
74 | if (pid == 0) { | 74 | if (pid == 0) { |
75 | close(p[0]); | 75 | close(p[0]); |
76 | if (dup2(p[1], STDOUT_FILENO) < 0) | 76 | if (dup2(p[1], STDOUT_FILENO) == -1) |
77 | fatal("ssh_askpass: dup2: %s", strerror(errno)); | 77 | fatal("ssh_askpass: dup2: %s", strerror(errno)); |
78 | execlp(askpass, askpass, msg, (char *)NULL); | 78 | execlp(askpass, askpass, msg, (char *)NULL); |
79 | fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); | 79 | fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); |
@@ -93,7 +93,7 @@ ssh_askpass(char *askpass, const char *msg) | |||
93 | buf[len] = '\0'; | 93 | buf[len] = '\0'; |
94 | 94 | ||
95 | close(p[0]); | 95 | close(p[0]); |
96 | while ((ret = waitpid(pid, &status, 0)) < 0) | 96 | while ((ret = waitpid(pid, &status, 0)) == -1) |
97 | if (errno != EINTR) | 97 | if (errno != EINTR) |
98 | break; | 98 | break; |
99 | signal(SIGCHLD, osigchld); | 99 | signal(SIGCHLD, osigchld); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: scp.c,v 1.204 2019/02/10 11:15:52 djm Exp $ */ | 1 | /* $OpenBSD: scp.c,v 1.205 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * scp - secure remote copy. This is basically patched BSD rcp which | 3 | * scp - secure remote copy. This is basically patched BSD rcp which |
4 | * uses ssh to do the data transfer (instead of using rcmd). | 4 | * uses ssh to do the data transfer (instead of using rcmd). |
@@ -253,13 +253,13 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout) | |||
253 | * Reserve two descriptors so that the real pipes won't get | 253 | * Reserve two descriptors so that the real pipes won't get |
254 | * descriptors 0 and 1 because that will screw up dup2 below. | 254 | * descriptors 0 and 1 because that will screw up dup2 below. |
255 | */ | 255 | */ |
256 | if (pipe(reserved) < 0) | 256 | if (pipe(reserved) == -1) |
257 | fatal("pipe: %s", strerror(errno)); | 257 | fatal("pipe: %s", strerror(errno)); |
258 | 258 | ||
259 | /* Create a socket pair for communicating with ssh. */ | 259 | /* Create a socket pair for communicating with ssh. */ |
260 | if (pipe(pin) < 0) | 260 | if (pipe(pin) == -1) |
261 | fatal("pipe: %s", strerror(errno)); | 261 | fatal("pipe: %s", strerror(errno)); |
262 | if (pipe(pout) < 0) | 262 | if (pipe(pout) == -1) |
263 | fatal("pipe: %s", strerror(errno)); | 263 | fatal("pipe: %s", strerror(errno)); |
264 | 264 | ||
265 | /* Free the reserved descriptors. */ | 265 | /* Free the reserved descriptors. */ |
@@ -1075,13 +1075,13 @@ source(int argc, char **argv) | |||
1075 | len = strlen(name); | 1075 | len = strlen(name); |
1076 | while (len > 1 && name[len-1] == '/') | 1076 | while (len > 1 && name[len-1] == '/') |
1077 | name[--len] = '\0'; | 1077 | name[--len] = '\0'; |
1078 | if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) < 0) | 1078 | if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) == -1) |
1079 | goto syserr; | 1079 | goto syserr; |
1080 | if (strchr(name, '\n') != NULL) { | 1080 | if (strchr(name, '\n') != NULL) { |
1081 | strnvis(encname, name, sizeof(encname), VIS_NL); | 1081 | strnvis(encname, name, sizeof(encname), VIS_NL); |
1082 | name = encname; | 1082 | name = encname; |
1083 | } | 1083 | } |
1084 | if (fstat(fd, &stb) < 0) { | 1084 | if (fstat(fd, &stb) == -1) { |
1085 | syserr: run_err("%s: %s", name, strerror(errno)); | 1085 | syserr: run_err("%s: %s", name, strerror(errno)); |
1086 | goto next; | 1086 | goto next; |
1087 | } | 1087 | } |
@@ -1155,7 +1155,7 @@ next: if (fd != -1) { | |||
1155 | unset_nonblock(remout); | 1155 | unset_nonblock(remout); |
1156 | 1156 | ||
1157 | if (fd != -1) { | 1157 | if (fd != -1) { |
1158 | if (close(fd) < 0 && !haderr) | 1158 | if (close(fd) == -1 && !haderr) |
1159 | haderr = errno; | 1159 | haderr = errno; |
1160 | fd = -1; | 1160 | fd = -1; |
1161 | } | 1161 | } |
@@ -1419,14 +1419,14 @@ sink(int argc, char **argv, const char *src) | |||
1419 | /* Handle copying from a read-only | 1419 | /* Handle copying from a read-only |
1420 | directory */ | 1420 | directory */ |
1421 | mod_flag = 1; | 1421 | mod_flag = 1; |
1422 | if (mkdir(np, mode | S_IRWXU) < 0) | 1422 | if (mkdir(np, mode | S_IRWXU) == -1) |
1423 | goto bad; | 1423 | goto bad; |
1424 | } | 1424 | } |
1425 | vect[0] = xstrdup(np); | 1425 | vect[0] = xstrdup(np); |
1426 | sink(1, vect, src); | 1426 | sink(1, vect, src); |
1427 | if (setimes) { | 1427 | if (setimes) { |
1428 | setimes = 0; | 1428 | setimes = 0; |
1429 | if (utimes(vect[0], tv) < 0) | 1429 | if (utimes(vect[0], tv) == -1) |
1430 | run_err("%s: set times: %s", | 1430 | run_err("%s: set times: %s", |
1431 | vect[0], strerror(errno)); | 1431 | vect[0], strerror(errno)); |
1432 | } | 1432 | } |
@@ -1437,7 +1437,7 @@ sink(int argc, char **argv, const char *src) | |||
1437 | } | 1437 | } |
1438 | omode = mode; | 1438 | omode = mode; |
1439 | mode |= S_IWUSR; | 1439 | mode |= S_IWUSR; |
1440 | if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { | 1440 | if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) == -1) { |
1441 | bad: run_err("%s: %s", np, strerror(errno)); | 1441 | bad: run_err("%s: %s", np, strerror(errno)); |
1442 | continue; | 1442 | continue; |
1443 | } | 1443 | } |
@@ -1527,7 +1527,7 @@ bad: run_err("%s: %s", np, strerror(errno)); | |||
1527 | stop_progress_meter(); | 1527 | stop_progress_meter(); |
1528 | if (setimes && wrerr == NO) { | 1528 | if (setimes && wrerr == NO) { |
1529 | setimes = 0; | 1529 | setimes = 0; |
1530 | if (utimes(np, tv) < 0) { | 1530 | if (utimes(np, tv) == -1) { |
1531 | run_err("%s: set times: %s", | 1531 | run_err("%s: set times: %s", |
1532 | np, strerror(errno)); | 1532 | np, strerror(errno)); |
1533 | wrerr = DISPLAYED; | 1533 | wrerr = DISPLAYED; |
@@ -1681,7 +1681,7 @@ allocbuf(BUF *bp, int fd, int blksize) | |||
1681 | #ifdef HAVE_STRUCT_STAT_ST_BLKSIZE | 1681 | #ifdef HAVE_STRUCT_STAT_ST_BLKSIZE |
1682 | struct stat stb; | 1682 | struct stat stb; |
1683 | 1683 | ||
1684 | if (fstat(fd, &stb) < 0) { | 1684 | if (fstat(fd, &stb) == -1) { |
1685 | run_err("fstat: %s", strerror(errno)); | 1685 | run_err("fstat: %s", strerror(errno)); |
1686 | return (0); | 1686 | return (0); |
1687 | } | 1687 | } |
diff --git a/serverloop.c b/serverloop.c index d7b04b37c..ea468c954 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: serverloop.c,v 1.215 2019/03/27 09:29:14 djm Exp $ */ | 1 | /* $OpenBSD: serverloop.c,v 1.216 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -123,7 +123,7 @@ static int notify_pipe[2]; | |||
123 | static void | 123 | static void |
124 | notify_setup(void) | 124 | notify_setup(void) |
125 | { | 125 | { |
126 | if (pipe(notify_pipe) < 0) { | 126 | if (pipe(notify_pipe) == -1) { |
127 | error("pipe(notify_pipe) failed %s", strerror(errno)); | 127 | error("pipe(notify_pipe) failed %s", strerror(errno)); |
128 | } else if ((fcntl(notify_pipe[0], F_SETFD, FD_CLOEXEC) == -1) || | 128 | } else if ((fcntl(notify_pipe[0], F_SETFD, FD_CLOEXEC) == -1) || |
129 | (fcntl(notify_pipe[1], F_SETFD, FD_CLOEXEC) == -1)) { | 129 | (fcntl(notify_pipe[1], F_SETFD, FD_CLOEXEC) == -1)) { |
@@ -328,7 +328,7 @@ process_input(struct ssh *ssh, fd_set *readset, int connection_in) | |||
328 | verbose("Connection closed by %.100s port %d", | 328 | verbose("Connection closed by %.100s port %d", |
329 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | 329 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); |
330 | return -1; | 330 | return -1; |
331 | } else if (len < 0) { | 331 | } else if (len == -1) { |
332 | if (errno != EINTR && errno != EAGAIN && | 332 | if (errno != EINTR && errno != EAGAIN && |
333 | errno != EWOULDBLOCK) { | 333 | errno != EWOULDBLOCK) { |
334 | verbose("Read error from remote host " | 334 | verbose("Read error from remote host " |
@@ -384,7 +384,7 @@ collect_children(struct ssh *ssh) | |||
384 | if (child_terminated) { | 384 | if (child_terminated) { |
385 | debug("Received SIGCHLD."); | 385 | debug("Received SIGCHLD."); |
386 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || | 386 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || |
387 | (pid < 0 && errno == EINTR)) | 387 | (pid == -1 && errno == EINTR)) |
388 | if (pid > 0) | 388 | if (pid > 0) |
389 | session_close_by_pid(ssh, pid, status); | 389 | session_close_by_pid(ssh, pid, status); |
390 | child_terminated = 0; | 390 | child_terminated = 0; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: session.c,v 1.315 2019/02/22 03:37:11 djm Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.316 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | 4 | * All rights reserved |
@@ -399,17 +399,17 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) | |||
399 | fatal("do_exec_no_pty: no session"); | 399 | fatal("do_exec_no_pty: no session"); |
400 | 400 | ||
401 | /* Allocate pipes for communicating with the program. */ | 401 | /* Allocate pipes for communicating with the program. */ |
402 | if (pipe(pin) < 0) { | 402 | if (pipe(pin) == -1) { |
403 | error("%s: pipe in: %.100s", __func__, strerror(errno)); | 403 | error("%s: pipe in: %.100s", __func__, strerror(errno)); |
404 | return -1; | 404 | return -1; |
405 | } | 405 | } |
406 | if (pipe(pout) < 0) { | 406 | if (pipe(pout) == -1) { |
407 | error("%s: pipe out: %.100s", __func__, strerror(errno)); | 407 | error("%s: pipe out: %.100s", __func__, strerror(errno)); |
408 | close(pin[0]); | 408 | close(pin[0]); |
409 | close(pin[1]); | 409 | close(pin[1]); |
410 | return -1; | 410 | return -1; |
411 | } | 411 | } |
412 | if (pipe(perr) < 0) { | 412 | if (pipe(perr) == -1) { |
413 | error("%s: pipe err: %.100s", __func__, | 413 | error("%s: pipe err: %.100s", __func__, |
414 | strerror(errno)); | 414 | strerror(errno)); |
415 | close(pin[0]); | 415 | close(pin[0]); |
@@ -425,11 +425,11 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) | |||
425 | fatal("do_exec_no_pty: no session"); | 425 | fatal("do_exec_no_pty: no session"); |
426 | 426 | ||
427 | /* Uses socket pairs to communicate with the program. */ | 427 | /* Uses socket pairs to communicate with the program. */ |
428 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0) { | 428 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) == -1) { |
429 | error("%s: socketpair #1: %.100s", __func__, strerror(errno)); | 429 | error("%s: socketpair #1: %.100s", __func__, strerror(errno)); |
430 | return -1; | 430 | return -1; |
431 | } | 431 | } |
432 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) { | 432 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) == -1) { |
433 | error("%s: socketpair #2: %.100s", __func__, | 433 | error("%s: socketpair #2: %.100s", __func__, |
434 | strerror(errno)); | 434 | strerror(errno)); |
435 | close(inout[0]); | 435 | close(inout[0]); |
@@ -465,7 +465,7 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) | |||
465 | * Create a new session and process group since the 4.4BSD | 465 | * Create a new session and process group since the 4.4BSD |
466 | * setlogin() affects the entire process group. | 466 | * setlogin() affects the entire process group. |
467 | */ | 467 | */ |
468 | if (setsid() < 0) | 468 | if (setsid() == -1) |
469 | error("setsid failed: %.100s", strerror(errno)); | 469 | error("setsid failed: %.100s", strerror(errno)); |
470 | 470 | ||
471 | #ifdef USE_PIPES | 471 | #ifdef USE_PIPES |
@@ -474,19 +474,19 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) | |||
474 | * pair, and make the child side the standard input. | 474 | * pair, and make the child side the standard input. |
475 | */ | 475 | */ |
476 | close(pin[1]); | 476 | close(pin[1]); |
477 | if (dup2(pin[0], 0) < 0) | 477 | if (dup2(pin[0], 0) == -1) |
478 | perror("dup2 stdin"); | 478 | perror("dup2 stdin"); |
479 | close(pin[0]); | 479 | close(pin[0]); |
480 | 480 | ||
481 | /* Redirect stdout. */ | 481 | /* Redirect stdout. */ |
482 | close(pout[0]); | 482 | close(pout[0]); |
483 | if (dup2(pout[1], 1) < 0) | 483 | if (dup2(pout[1], 1) == -1) |
484 | perror("dup2 stdout"); | 484 | perror("dup2 stdout"); |
485 | close(pout[1]); | 485 | close(pout[1]); |
486 | 486 | ||
487 | /* Redirect stderr. */ | 487 | /* Redirect stderr. */ |
488 | close(perr[0]); | 488 | close(perr[0]); |
489 | if (dup2(perr[1], 2) < 0) | 489 | if (dup2(perr[1], 2) == -1) |
490 | perror("dup2 stderr"); | 490 | perror("dup2 stderr"); |
491 | close(perr[1]); | 491 | close(perr[1]); |
492 | #else | 492 | #else |
@@ -497,12 +497,12 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command) | |||
497 | */ | 497 | */ |
498 | close(inout[1]); | 498 | close(inout[1]); |
499 | close(err[1]); | 499 | close(err[1]); |
500 | if (dup2(inout[0], 0) < 0) /* stdin */ | 500 | if (dup2(inout[0], 0) == -1) /* stdin */ |
501 | perror("dup2 stdin"); | 501 | perror("dup2 stdin"); |
502 | if (dup2(inout[0], 1) < 0) /* stdout (same as stdin) */ | 502 | if (dup2(inout[0], 1) == -1) /* stdout (same as stdin) */ |
503 | perror("dup2 stdout"); | 503 | perror("dup2 stdout"); |
504 | close(inout[0]); | 504 | close(inout[0]); |
505 | if (dup2(err[0], 2) < 0) /* stderr */ | 505 | if (dup2(err[0], 2) == -1) /* stderr */ |
506 | perror("dup2 stderr"); | 506 | perror("dup2 stderr"); |
507 | close(err[0]); | 507 | close(err[0]); |
508 | #endif | 508 | #endif |
@@ -577,14 +577,14 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command) | |||
577 | * Do this before forking (and cleanup in the child) so as to | 577 | * Do this before forking (and cleanup in the child) so as to |
578 | * detect and gracefully fail out-of-fd conditions. | 578 | * detect and gracefully fail out-of-fd conditions. |
579 | */ | 579 | */ |
580 | if ((fdout = dup(ptyfd)) < 0) { | 580 | if ((fdout = dup(ptyfd)) == -1) { |
581 | error("%s: dup #1: %s", __func__, strerror(errno)); | 581 | error("%s: dup #1: %s", __func__, strerror(errno)); |
582 | close(ttyfd); | 582 | close(ttyfd); |
583 | close(ptyfd); | 583 | close(ptyfd); |
584 | return -1; | 584 | return -1; |
585 | } | 585 | } |
586 | /* we keep a reference to the pty master */ | 586 | /* we keep a reference to the pty master */ |
587 | if ((ptymaster = dup(ptyfd)) < 0) { | 587 | if ((ptymaster = dup(ptyfd)) == -1) { |
588 | error("%s: dup #2: %s", __func__, strerror(errno)); | 588 | error("%s: dup #2: %s", __func__, strerror(errno)); |
589 | close(ttyfd); | 589 | close(ttyfd); |
590 | close(ptyfd); | 590 | close(ptyfd); |
@@ -614,11 +614,11 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command) | |||
614 | pty_make_controlling_tty(&ttyfd, s->tty); | 614 | pty_make_controlling_tty(&ttyfd, s->tty); |
615 | 615 | ||
616 | /* Redirect stdin/stdout/stderr from the pseudo tty. */ | 616 | /* Redirect stdin/stdout/stderr from the pseudo tty. */ |
617 | if (dup2(ttyfd, 0) < 0) | 617 | if (dup2(ttyfd, 0) == -1) |
618 | error("dup2 stdin: %s", strerror(errno)); | 618 | error("dup2 stdin: %s", strerror(errno)); |
619 | if (dup2(ttyfd, 1) < 0) | 619 | if (dup2(ttyfd, 1) == -1) |
620 | error("dup2 stdout: %s", strerror(errno)); | 620 | error("dup2 stdout: %s", strerror(errno)); |
621 | if (dup2(ttyfd, 2) < 0) | 621 | if (dup2(ttyfd, 2) == -1) |
622 | error("dup2 stderr: %s", strerror(errno)); | 622 | error("dup2 stderr: %s", strerror(errno)); |
623 | 623 | ||
624 | /* Close the extra descriptor for the pseudo tty. */ | 624 | /* Close the extra descriptor for the pseudo tty. */ |
@@ -755,7 +755,7 @@ do_login(struct ssh *ssh, Session *s, const char *command) | |||
755 | fromlen = sizeof(from); | 755 | fromlen = sizeof(from); |
756 | if (ssh_packet_connection_is_on_socket(ssh)) { | 756 | if (ssh_packet_connection_is_on_socket(ssh)) { |
757 | if (getpeername(ssh_packet_get_connection_in(ssh), | 757 | if (getpeername(ssh_packet_get_connection_in(ssh), |
758 | (struct sockaddr *)&from, &fromlen) < 0) { | 758 | (struct sockaddr *)&from, &fromlen) == -1) { |
759 | debug("getpeername: %.100s", strerror(errno)); | 759 | debug("getpeername: %.100s", strerror(errno)); |
760 | cleanup_exit(255); | 760 | cleanup_exit(255); |
761 | } | 761 | } |
@@ -1619,7 +1619,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
1619 | #endif | 1619 | #endif |
1620 | 1620 | ||
1621 | /* Change current directory to the user's home directory. */ | 1621 | /* Change current directory to the user's home directory. */ |
1622 | if (chdir(pw->pw_dir) < 0) { | 1622 | if (chdir(pw->pw_dir) == -1) { |
1623 | /* Suppress missing homedir warning for chroot case */ | 1623 | /* Suppress missing homedir warning for chroot case */ |
1624 | #ifdef HAVE_LOGIN_CAP | 1624 | #ifdef HAVE_LOGIN_CAP |
1625 | r = login_getcapbool(lc, "requirehome", 0); | 1625 | r = login_getcapbool(lc, "requirehome", 0); |
@@ -1973,7 +1973,7 @@ session_subsystem_req(struct ssh *ssh, Session *s) | |||
1973 | s->is_subsystem = SUBSYSTEM_INT_SFTP; | 1973 | s->is_subsystem = SUBSYSTEM_INT_SFTP; |
1974 | debug("subsystem: %s", prog); | 1974 | debug("subsystem: %s", prog); |
1975 | } else { | 1975 | } else { |
1976 | if (stat(prog, &st) < 0) | 1976 | if (stat(prog, &st) == -1) |
1977 | debug("subsystem: cannot stat %s: %s", | 1977 | debug("subsystem: cannot stat %s: %s", |
1978 | prog, strerror(errno)); | 1978 | prog, strerror(errno)); |
1979 | s->is_subsystem = SUBSYSTEM_EXT; | 1979 | s->is_subsystem = SUBSYSTEM_EXT; |
@@ -2062,7 +2062,7 @@ session_break_req(struct ssh *ssh, Session *s) | |||
2062 | (r = sshpkt_get_end(ssh)) != 0) | 2062 | (r = sshpkt_get_end(ssh)) != 0) |
2063 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | 2063 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); |
2064 | 2064 | ||
2065 | if (s->ptymaster == -1 || tcsendbreak(s->ptymaster, 0) < 0) | 2065 | if (s->ptymaster == -1 || tcsendbreak(s->ptymaster, 0) == -1) |
2066 | return 0; | 2066 | return 0; |
2067 | return 1; | 2067 | return 1; |
2068 | } | 2068 | } |
@@ -2286,7 +2286,7 @@ session_pty_cleanup2(Session *s) | |||
2286 | * the pty cleanup, so that another process doesn't get this pty | 2286 | * the pty cleanup, so that another process doesn't get this pty |
2287 | * while we're still cleaning up. | 2287 | * while we're still cleaning up. |
2288 | */ | 2288 | */ |
2289 | if (s->ptymaster != -1 && close(s->ptymaster) < 0) | 2289 | if (s->ptymaster != -1 && close(s->ptymaster) == -1) |
2290 | error("close(s->ptymaster/%d): %s", | 2290 | error("close(s->ptymaster/%d): %s", |
2291 | s->ptymaster, strerror(errno)); | 2291 | s->ptymaster, strerror(errno)); |
2292 | 2292 | ||
@@ -2598,7 +2598,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s) | |||
2598 | } | 2598 | } |
2599 | 2599 | ||
2600 | /* Set up a suitable value for the DISPLAY variable. */ | 2600 | /* Set up a suitable value for the DISPLAY variable. */ |
2601 | if (gethostname(hostname, sizeof(hostname)) < 0) | 2601 | if (gethostname(hostname, sizeof(hostname)) == -1) |
2602 | fatal("gethostname: %.100s", strerror(errno)); | 2602 | fatal("gethostname: %.100s", strerror(errno)); |
2603 | /* | 2603 | /* |
2604 | * auth_display must be used as the displayname when the | 2604 | * auth_display must be used as the displayname when the |
diff --git a/sftp-server.c b/sftp-server.c index ee6013e3f..e7dd33b2f 100644 --- a/sftp-server.c +++ b/sftp-server.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp-server.c,v 1.115 2019/06/06 05:13:13 otto Exp $ */ | 1 | /* $OpenBSD: sftp-server.c,v 1.116 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -701,7 +701,7 @@ process_open(u_int32_t id) | |||
701 | status = SSH2_FX_PERMISSION_DENIED; | 701 | status = SSH2_FX_PERMISSION_DENIED; |
702 | } else { | 702 | } else { |
703 | fd = open(name, flags, mode); | 703 | fd = open(name, flags, mode); |
704 | if (fd < 0) { | 704 | if (fd == -1) { |
705 | status = errno_to_portable(errno); | 705 | status = errno_to_portable(errno); |
706 | } else { | 706 | } else { |
707 | handle = handle_new(HANDLE_FILE, name, fd, flags, NULL); | 707 | handle = handle_new(HANDLE_FILE, name, fd, flags, NULL); |
@@ -754,12 +754,12 @@ process_read(u_int32_t id) | |||
754 | } | 754 | } |
755 | fd = handle_to_fd(handle); | 755 | fd = handle_to_fd(handle); |
756 | if (fd >= 0) { | 756 | if (fd >= 0) { |
757 | if (lseek(fd, off, SEEK_SET) < 0) { | 757 | if (lseek(fd, off, SEEK_SET) == -1) { |
758 | error("process_read: seek failed"); | 758 | error("process_read: seek failed"); |
759 | status = errno_to_portable(errno); | 759 | status = errno_to_portable(errno); |
760 | } else { | 760 | } else { |
761 | ret = read(fd, buf, len); | 761 | ret = read(fd, buf, len); |
762 | if (ret < 0) { | 762 | if (ret == -1) { |
763 | status = errno_to_portable(errno); | 763 | status = errno_to_portable(errno); |
764 | } else if (ret == 0) { | 764 | } else if (ret == 0) { |
765 | status = SSH2_FX_EOF; | 765 | status = SSH2_FX_EOF; |
@@ -795,13 +795,13 @@ process_write(u_int32_t id) | |||
795 | status = SSH2_FX_FAILURE; | 795 | status = SSH2_FX_FAILURE; |
796 | else { | 796 | else { |
797 | if (!(handle_to_flags(handle) & O_APPEND) && | 797 | if (!(handle_to_flags(handle) & O_APPEND) && |
798 | lseek(fd, off, SEEK_SET) < 0) { | 798 | lseek(fd, off, SEEK_SET) == -1) { |
799 | status = errno_to_portable(errno); | 799 | status = errno_to_portable(errno); |
800 | error("process_write: seek failed"); | 800 | error("process_write: seek failed"); |
801 | } else { | 801 | } else { |
802 | /* XXX ATOMICIO ? */ | 802 | /* XXX ATOMICIO ? */ |
803 | ret = write(fd, data, len); | 803 | ret = write(fd, data, len); |
804 | if (ret < 0) { | 804 | if (ret == -1) { |
805 | error("process_write: write failed"); | 805 | error("process_write: write failed"); |
806 | status = errno_to_portable(errno); | 806 | status = errno_to_portable(errno); |
807 | } else if ((size_t)ret == len) { | 807 | } else if ((size_t)ret == len) { |
@@ -831,7 +831,7 @@ process_do_stat(u_int32_t id, int do_lstat) | |||
831 | debug3("request %u: %sstat", id, do_lstat ? "l" : ""); | 831 | debug3("request %u: %sstat", id, do_lstat ? "l" : ""); |
832 | verbose("%sstat name \"%s\"", do_lstat ? "l" : "", name); | 832 | verbose("%sstat name \"%s\"", do_lstat ? "l" : "", name); |
833 | r = do_lstat ? lstat(name, &st) : stat(name, &st); | 833 | r = do_lstat ? lstat(name, &st) : stat(name, &st); |
834 | if (r < 0) { | 834 | if (r == -1) { |
835 | status = errno_to_portable(errno); | 835 | status = errno_to_portable(errno); |
836 | } else { | 836 | } else { |
837 | stat_to_attrib(&st, &a); | 837 | stat_to_attrib(&st, &a); |
@@ -869,7 +869,7 @@ process_fstat(u_int32_t id) | |||
869 | fd = handle_to_fd(handle); | 869 | fd = handle_to_fd(handle); |
870 | if (fd >= 0) { | 870 | if (fd >= 0) { |
871 | r = fstat(fd, &st); | 871 | r = fstat(fd, &st); |
872 | if (r < 0) { | 872 | if (r == -1) { |
873 | status = errno_to_portable(errno); | 873 | status = errno_to_portable(errno); |
874 | } else { | 874 | } else { |
875 | stat_to_attrib(&st, &a); | 875 | stat_to_attrib(&st, &a); |
@@ -1079,7 +1079,7 @@ process_readdir(u_int32_t id) | |||
1079 | /* XXX OVERFLOW ? */ | 1079 | /* XXX OVERFLOW ? */ |
1080 | snprintf(pathname, sizeof pathname, "%s%s%s", path, | 1080 | snprintf(pathname, sizeof pathname, "%s%s%s", path, |
1081 | strcmp(path, "/") ? "/" : "", dp->d_name); | 1081 | strcmp(path, "/") ? "/" : "", dp->d_name); |
1082 | if (lstat(pathname, &st) < 0) | 1082 | if (lstat(pathname, &st) == -1) |
1083 | continue; | 1083 | continue; |
1084 | stat_to_attrib(&st, &(stats[count].attrib)); | 1084 | stat_to_attrib(&st, &(stats[count].attrib)); |
1085 | stats[count].name = xstrdup(dp->d_name); | 1085 | stats[count].name = xstrdup(dp->d_name); |
@@ -1726,7 +1726,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) | |||
1726 | if (olen > 0) | 1726 | if (olen > 0) |
1727 | FD_SET(out, wset); | 1727 | FD_SET(out, wset); |
1728 | 1728 | ||
1729 | if (select(max+1, rset, wset, NULL, NULL) < 0) { | 1729 | if (select(max+1, rset, wset, NULL, NULL) == -1) { |
1730 | if (errno == EINTR) | 1730 | if (errno == EINTR) |
1731 | continue; | 1731 | continue; |
1732 | error("select: %s", strerror(errno)); | 1732 | error("select: %s", strerror(errno)); |
@@ -1739,7 +1739,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) | |||
1739 | if (len == 0) { | 1739 | if (len == 0) { |
1740 | debug("read eof"); | 1740 | debug("read eof"); |
1741 | sftp_server_cleanup_exit(0); | 1741 | sftp_server_cleanup_exit(0); |
1742 | } else if (len < 0) { | 1742 | } else if (len == -1) { |
1743 | error("read: %s", strerror(errno)); | 1743 | error("read: %s", strerror(errno)); |
1744 | sftp_server_cleanup_exit(1); | 1744 | sftp_server_cleanup_exit(1); |
1745 | } else if ((r = sshbuf_put(iqueue, buf, len)) != 0) { | 1745 | } else if ((r = sshbuf_put(iqueue, buf, len)) != 0) { |
@@ -1750,7 +1750,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) | |||
1750 | /* send oqueue to stdout */ | 1750 | /* send oqueue to stdout */ |
1751 | if (FD_ISSET(out, wset)) { | 1751 | if (FD_ISSET(out, wset)) { |
1752 | len = write(out, sshbuf_ptr(oqueue), olen); | 1752 | len = write(out, sshbuf_ptr(oqueue), olen); |
1753 | if (len < 0) { | 1753 | if (len == -1) { |
1754 | error("write: %s", strerror(errno)); | 1754 | error("write: %s", strerror(errno)); |
1755 | sftp_server_cleanup_exit(1); | 1755 | sftp_server_cleanup_exit(1); |
1756 | } else if ((r = sshbuf_consume(oqueue, len)) != 0) { | 1756 | } else if ((r = sshbuf_consume(oqueue, len)) != 0) { |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-add.c,v 1.139 2019/06/06 05:13:13 otto Exp $ */ | 1 | /* $OpenBSD: ssh-add.c,v 1.140 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -203,7 +203,7 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag) | |||
203 | if (strcmp(filename, "-") == 0) { | 203 | if (strcmp(filename, "-") == 0) { |
204 | fd = STDIN_FILENO; | 204 | fd = STDIN_FILENO; |
205 | filename = "(stdin)"; | 205 | filename = "(stdin)"; |
206 | } else if ((fd = open(filename, O_RDONLY)) < 0) { | 206 | } else if ((fd = open(filename, O_RDONLY)) == -1) { |
207 | perror(filename); | 207 | perror(filename); |
208 | return -1; | 208 | return -1; |
209 | } | 209 | } |
@@ -727,7 +727,7 @@ main(int argc, char **argv) | |||
727 | for (i = 0; default_files[i]; i++) { | 727 | for (i = 0; default_files[i]; i++) { |
728 | snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, | 728 | snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, |
729 | default_files[i]); | 729 | default_files[i]); |
730 | if (stat(buf, &st) < 0) | 730 | if (stat(buf, &st) == -1) |
731 | continue; | 731 | continue; |
732 | if (do_file(agent_fd, deleting, key_only, buf, | 732 | if (do_file(agent_fd, deleting, key_only, buf, |
733 | qflag) == -1) | 733 | qflag) == -1) |
diff --git a/ssh-agent.c b/ssh-agent.c index 4d7ab225f..9c6680a25 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.236 2019/06/21 04:21:04 djm Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.237 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -827,11 +827,11 @@ handle_socket_read(u_int socknum) | |||
827 | 827 | ||
828 | slen = sizeof(sunaddr); | 828 | slen = sizeof(sunaddr); |
829 | fd = accept(sockets[socknum].fd, (struct sockaddr *)&sunaddr, &slen); | 829 | fd = accept(sockets[socknum].fd, (struct sockaddr *)&sunaddr, &slen); |
830 | if (fd < 0) { | 830 | if (fd == -1) { |
831 | error("accept from AUTH_SOCKET: %s", strerror(errno)); | 831 | error("accept from AUTH_SOCKET: %s", strerror(errno)); |
832 | return -1; | 832 | return -1; |
833 | } | 833 | } |
834 | if (getpeereid(fd, &euid, &egid) < 0) { | 834 | if (getpeereid(fd, &euid, &egid) == -1) { |
835 | error("getpeereid %d failed: %s", fd, strerror(errno)); | 835 | error("getpeereid %d failed: %s", fd, strerror(errno)); |
836 | close(fd); | 836 | close(fd); |
837 | return -1; | 837 | return -1; |
@@ -1312,7 +1312,7 @@ main(int ac, char **av) | |||
1312 | #ifdef HAVE_SETRLIMIT | 1312 | #ifdef HAVE_SETRLIMIT |
1313 | /* deny core dumps, since memory contains unencrypted private keys */ | 1313 | /* deny core dumps, since memory contains unencrypted private keys */ |
1314 | rlim.rlim_cur = rlim.rlim_max = 0; | 1314 | rlim.rlim_cur = rlim.rlim_max = 0; |
1315 | if (setrlimit(RLIMIT_CORE, &rlim) < 0) { | 1315 | if (setrlimit(RLIMIT_CORE, &rlim) == -1) { |
1316 | error("setrlimit RLIMIT_CORE: %s", strerror(errno)); | 1316 | error("setrlimit RLIMIT_CORE: %s", strerror(errno)); |
1317 | cleanup_exit(1); | 1317 | cleanup_exit(1); |
1318 | } | 1318 | } |
@@ -1345,7 +1345,7 @@ skip: | |||
1345 | if (parent_alive_interval != 0) | 1345 | if (parent_alive_interval != 0) |
1346 | check_parent_exists(); | 1346 | check_parent_exists(); |
1347 | (void) reaper(); /* remove expired keys */ | 1347 | (void) reaper(); /* remove expired keys */ |
1348 | if (result < 0) { | 1348 | if (result == -1) { |
1349 | if (saved_errno == EINTR) | 1349 | if (saved_errno == EINTR) |
1350 | continue; | 1350 | continue; |
1351 | fatal("poll: %s", strerror(saved_errno)); | 1351 | fatal("poll: %s", strerror(saved_errno)); |
diff --git a/ssh-keygen.c b/ssh-keygen.c index c95bc15cf..3aa4f5125 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.332 2019/06/21 04:21:04 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.333 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -370,7 +370,7 @@ do_convert_to(struct passwd *pw) | |||
370 | 370 | ||
371 | if (!have_identity) | 371 | if (!have_identity) |
372 | ask_filename(pw, "Enter file in which the key is"); | 372 | ask_filename(pw, "Enter file in which the key is"); |
373 | if (stat(identity_file, &st) < 0) | 373 | if (stat(identity_file, &st) == -1) |
374 | fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); | 374 | fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); |
375 | if ((r = sshkey_load_public(identity_file, &k, NULL)) != 0) | 375 | if ((r = sshkey_load_public(identity_file, &k, NULL)) != 0) |
376 | k = load_identity(identity_file); | 376 | k = load_identity(identity_file); |
@@ -696,7 +696,7 @@ do_convert_from(struct passwd *pw) | |||
696 | 696 | ||
697 | if (!have_identity) | 697 | if (!have_identity) |
698 | ask_filename(pw, "Enter file in which the key is"); | 698 | ask_filename(pw, "Enter file in which the key is"); |
699 | if (stat(identity_file, &st) < 0) | 699 | if (stat(identity_file, &st) == -1) |
700 | fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); | 700 | fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); |
701 | 701 | ||
702 | switch (convert_format) { | 702 | switch (convert_format) { |
@@ -756,7 +756,7 @@ do_print_public(struct passwd *pw) | |||
756 | 756 | ||
757 | if (!have_identity) | 757 | if (!have_identity) |
758 | ask_filename(pw, "Enter file in which the key is"); | 758 | ask_filename(pw, "Enter file in which the key is"); |
759 | if (stat(identity_file, &st) < 0) | 759 | if (stat(identity_file, &st) == -1) |
760 | fatal("%s: %s", identity_file, strerror(errno)); | 760 | fatal("%s: %s", identity_file, strerror(errno)); |
761 | prv = load_identity(identity_file); | 761 | prv = load_identity(identity_file); |
762 | if ((r = sshkey_write(prv, stdout)) != 0) | 762 | if ((r = sshkey_write(prv, stdout)) != 0) |
@@ -854,7 +854,7 @@ fingerprint_private(const char *path) | |||
854 | struct sshkey *public = NULL; | 854 | struct sshkey *public = NULL; |
855 | int r; | 855 | int r; |
856 | 856 | ||
857 | if (stat(identity_file, &st) < 0) | 857 | if (stat(identity_file, &st) == -1) |
858 | fatal("%s: %s", path, strerror(errno)); | 858 | fatal("%s: %s", path, strerror(errno)); |
859 | if ((r = sshkey_load_public(path, &public, &comment)) != 0) { | 859 | if ((r = sshkey_load_public(path, &public, &comment)) != 0) { |
860 | debug("load public \"%s\": %s", path, ssh_err(r)); | 860 | debug("load public \"%s\": %s", path, ssh_err(r)); |
@@ -1340,7 +1340,7 @@ do_change_passphrase(struct passwd *pw) | |||
1340 | 1340 | ||
1341 | if (!have_identity) | 1341 | if (!have_identity) |
1342 | ask_filename(pw, "Enter file in which the key is"); | 1342 | ask_filename(pw, "Enter file in which the key is"); |
1343 | if (stat(identity_file, &st) < 0) | 1343 | if (stat(identity_file, &st) == -1) |
1344 | fatal("%s: %s", identity_file, strerror(errno)); | 1344 | fatal("%s: %s", identity_file, strerror(errno)); |
1345 | /* Try to load the file with empty passphrase. */ | 1345 | /* Try to load the file with empty passphrase. */ |
1346 | r = sshkey_load_private(identity_file, "", &private, &comment); | 1346 | r = sshkey_load_private(identity_file, "", &private, &comment); |
@@ -1424,7 +1424,7 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname, | |||
1424 | 1424 | ||
1425 | if (fname == NULL) | 1425 | if (fname == NULL) |
1426 | fatal("%s: no filename", __func__); | 1426 | fatal("%s: no filename", __func__); |
1427 | if (stat(fname, &st) < 0) { | 1427 | if (stat(fname, &st) == -1) { |
1428 | if (errno == ENOENT) | 1428 | if (errno == ENOENT) |
1429 | return 0; | 1429 | return 0; |
1430 | fatal("%s: %s", fname, strerror(errno)); | 1430 | fatal("%s: %s", fname, strerror(errno)); |
@@ -1453,7 +1453,7 @@ do_change_comment(struct passwd *pw, const char *identity_comment) | |||
1453 | 1453 | ||
1454 | if (!have_identity) | 1454 | if (!have_identity) |
1455 | ask_filename(pw, "Enter file in which the key is"); | 1455 | ask_filename(pw, "Enter file in which the key is"); |
1456 | if (stat(identity_file, &st) < 0) | 1456 | if (stat(identity_file, &st) == -1) |
1457 | fatal("%s: %s", identity_file, strerror(errno)); | 1457 | fatal("%s: %s", identity_file, strerror(errno)); |
1458 | if ((r = sshkey_load_private(identity_file, "", | 1458 | if ((r = sshkey_load_private(identity_file, "", |
1459 | &private, &comment)) == 0) | 1459 | &private, &comment)) == 0) |
@@ -2045,7 +2045,7 @@ do_show_cert(struct passwd *pw) | |||
2045 | 2045 | ||
2046 | if (!have_identity) | 2046 | if (!have_identity) |
2047 | ask_filename(pw, "Enter file in which the key is"); | 2047 | ask_filename(pw, "Enter file in which the key is"); |
2048 | if (strcmp(identity_file, "-") != 0 && stat(identity_file, &st) < 0) | 2048 | if (strcmp(identity_file, "-") != 0 && stat(identity_file, &st) == -1) |
2049 | fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); | 2049 | fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); |
2050 | 2050 | ||
2051 | path = identity_file; | 2051 | path = identity_file; |
@@ -2472,7 +2472,7 @@ main(int argc, char **argv) | |||
2472 | pw = getpwuid(getuid()); | 2472 | pw = getpwuid(getuid()); |
2473 | if (!pw) | 2473 | if (!pw) |
2474 | fatal("No user exists for uid %lu", (u_long)getuid()); | 2474 | fatal("No user exists for uid %lu", (u_long)getuid()); |
2475 | if (gethostname(hostname, sizeof(hostname)) < 0) | 2475 | if (gethostname(hostname, sizeof(hostname)) == -1) |
2476 | fatal("gethostname: %s", strerror(errno)); | 2476 | fatal("gethostname: %s", strerror(errno)); |
2477 | 2477 | ||
2478 | /* Remaining characters: Ydw */ | 2478 | /* Remaining characters: Ydw */ |
@@ -2852,11 +2852,11 @@ main(int argc, char **argv) | |||
2852 | snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", | 2852 | snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", |
2853 | pw->pw_dir, _PATH_SSH_USER_DIR); | 2853 | pw->pw_dir, _PATH_SSH_USER_DIR); |
2854 | if (strstr(identity_file, dotsshdir) != NULL) { | 2854 | if (strstr(identity_file, dotsshdir) != NULL) { |
2855 | if (stat(dotsshdir, &st) < 0) { | 2855 | if (stat(dotsshdir, &st) == -1) { |
2856 | if (errno != ENOENT) { | 2856 | if (errno != ENOENT) { |
2857 | error("Could not stat %s: %s", dotsshdir, | 2857 | error("Could not stat %s: %s", dotsshdir, |
2858 | strerror(errno)); | 2858 | strerror(errno)); |
2859 | } else if (mkdir(dotsshdir, 0700) < 0) { | 2859 | } else if (mkdir(dotsshdir, 0700) == -1) { |
2860 | error("Could not create directory '%s': %s", | 2860 | error("Could not create directory '%s': %s", |
2861 | dotsshdir, strerror(errno)); | 2861 | dotsshdir, strerror(errno)); |
2862 | } else if (!quiet) | 2862 | } else if (!quiet) |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 7b7c0f320..d95ba1b37 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keyscan.c,v 1.127 2019/06/06 05:13:13 otto Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.128 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
4 | * | 4 | * |
@@ -122,7 +122,7 @@ fdlim_get(int hard) | |||
122 | #if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) | 122 | #if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) |
123 | struct rlimit rlfd; | 123 | struct rlimit rlfd; |
124 | 124 | ||
125 | if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) | 125 | if (getrlimit(RLIMIT_NOFILE, &rlfd) == -1) |
126 | return (-1); | 126 | return (-1); |
127 | if ((hard ? rlfd.rlim_max : rlfd.rlim_cur) == RLIM_INFINITY) | 127 | if ((hard ? rlfd.rlim_max : rlfd.rlim_cur) == RLIM_INFINITY) |
128 | return SSH_SYSFDMAX; | 128 | return SSH_SYSFDMAX; |
@@ -143,10 +143,10 @@ fdlim_set(int lim) | |||
143 | if (lim <= 0) | 143 | if (lim <= 0) |
144 | return (-1); | 144 | return (-1); |
145 | #if defined(HAVE_SETRLIMIT) && defined(RLIMIT_NOFILE) | 145 | #if defined(HAVE_SETRLIMIT) && defined(RLIMIT_NOFILE) |
146 | if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0) | 146 | if (getrlimit(RLIMIT_NOFILE, &rlfd) == -1) |
147 | return (-1); | 147 | return (-1); |
148 | rlfd.rlim_cur = lim; | 148 | rlfd.rlim_cur = lim; |
149 | if (setrlimit(RLIMIT_NOFILE, &rlfd) < 0) | 149 | if (setrlimit(RLIMIT_NOFILE, &rlfd) == -1) |
150 | return (-1); | 150 | return (-1); |
151 | #elif defined (HAVE_SETDTABLESIZE) | 151 | #elif defined (HAVE_SETDTABLESIZE) |
152 | setdtablesize(lim); | 152 | setdtablesize(lim); |
@@ -343,13 +343,13 @@ tcpconnect(char *host) | |||
343 | } | 343 | } |
344 | for (ai = aitop; ai; ai = ai->ai_next) { | 344 | for (ai = aitop; ai; ai = ai->ai_next) { |
345 | s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); | 345 | s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); |
346 | if (s < 0) { | 346 | if (s == -1) { |
347 | error("socket: %s", strerror(errno)); | 347 | error("socket: %s", strerror(errno)); |
348 | continue; | 348 | continue; |
349 | } | 349 | } |
350 | if (set_nonblock(s) == -1) | 350 | if (set_nonblock(s) == -1) |
351 | fatal("%s: set_nonblock(%d)", __func__, s); | 351 | fatal("%s: set_nonblock(%d)", __func__, s); |
352 | if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0 && | 352 | if (connect(s, ai->ai_addr, ai->ai_addrlen) == -1 && |
353 | errno != EINPROGRESS) | 353 | errno != EINPROGRESS) |
354 | error("connect (`%s'): %s", host, strerror(errno)); | 354 | error("connect (`%s'): %s", host, strerror(errno)); |
355 | else | 355 | else |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.504 2019/06/14 04:13:58 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.505 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -773,7 +773,7 @@ main(int ac, char **av) | |||
773 | break; | 773 | break; |
774 | case 'i': | 774 | case 'i': |
775 | p = tilde_expand_filename(optarg, getuid()); | 775 | p = tilde_expand_filename(optarg, getuid()); |
776 | if (stat(p, &st) < 0) | 776 | if (stat(p, &st) == -1) |
777 | fprintf(stderr, "Warning: Identity file %s " | 777 | fprintf(stderr, "Warning: Identity file %s " |
778 | "not accessible: %s.\n", p, | 778 | "not accessible: %s.\n", p, |
779 | strerror(errno)); | 779 | strerror(errno)); |
@@ -1426,7 +1426,7 @@ main(int ac, char **av) | |||
1426 | if (config == NULL) { | 1426 | if (config == NULL) { |
1427 | r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, | 1427 | r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, |
1428 | strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); | 1428 | strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); |
1429 | if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) { | 1429 | if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) == -1) { |
1430 | #ifdef WITH_SELINUX | 1430 | #ifdef WITH_SELINUX |
1431 | ssh_selinux_setfscreatecon(buf); | 1431 | ssh_selinux_setfscreatecon(buf); |
1432 | #endif | 1432 | #endif |
@@ -1593,7 +1593,7 @@ fork_postauth(void) | |||
1593 | control_persist_detach(); | 1593 | control_persist_detach(); |
1594 | debug("forking to background"); | 1594 | debug("forking to background"); |
1595 | fork_after_authentication_flag = 0; | 1595 | fork_after_authentication_flag = 0; |
1596 | if (daemon(1, 1) < 0) | 1596 | if (daemon(1, 1) == -1) |
1597 | fatal("daemon() failed: %.200s", strerror(errno)); | 1597 | fatal("daemon() failed: %.200s", strerror(errno)); |
1598 | } | 1598 | } |
1599 | 1599 | ||
@@ -1689,8 +1689,8 @@ ssh_init_stdio_forwarding(struct ssh *ssh) | |||
1689 | debug3("%s: %s:%d", __func__, options.stdio_forward_host, | 1689 | debug3("%s: %s:%d", __func__, options.stdio_forward_host, |
1690 | options.stdio_forward_port); | 1690 | options.stdio_forward_port); |
1691 | 1691 | ||
1692 | if ((in = dup(STDIN_FILENO)) < 0 || | 1692 | if ((in = dup(STDIN_FILENO)) == -1 || |
1693 | (out = dup(STDOUT_FILENO)) < 0) | 1693 | (out = dup(STDOUT_FILENO)) == -1) |
1694 | fatal("channel_connect_stdio_fwd: dup() in/out failed"); | 1694 | fatal("channel_connect_stdio_fwd: dup() in/out failed"); |
1695 | if ((c = channel_connect_stdio_fwd(ssh, options.stdio_forward_host, | 1695 | if ((c = channel_connect_stdio_fwd(ssh, options.stdio_forward_host, |
1696 | options.stdio_forward_port, in, out)) == NULL) | 1696 | options.stdio_forward_port, in, out)) == NULL) |
@@ -1843,7 +1843,7 @@ ssh_session2_open(struct ssh *ssh) | |||
1843 | out = dup(STDOUT_FILENO); | 1843 | out = dup(STDOUT_FILENO); |
1844 | err = dup(STDERR_FILENO); | 1844 | err = dup(STDERR_FILENO); |
1845 | 1845 | ||
1846 | if (in < 0 || out < 0 || err < 0) | 1846 | if (in == -1 || out == -1 || err == -1) |
1847 | fatal("dup() in/out/err failed"); | 1847 | fatal("dup() in/out/err failed"); |
1848 | 1848 | ||
1849 | /* enable nonblocking unless tty */ | 1849 | /* enable nonblocking unless tty */ |
@@ -1974,7 +1974,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw) | |||
1974 | if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1) | 1974 | if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1) |
1975 | error("%s: open %s: %s", __func__, | 1975 | error("%s: open %s: %s", __func__, |
1976 | _PATH_DEVNULL, strerror(errno)); | 1976 | _PATH_DEVNULL, strerror(errno)); |
1977 | if (dup2(devnull, STDOUT_FILENO) < 0) | 1977 | if (dup2(devnull, STDOUT_FILENO) == -1) |
1978 | fatal("%s: dup2() stdout failed", __func__); | 1978 | fatal("%s: dup2() stdout failed", __func__); |
1979 | if (devnull > STDERR_FILENO) | 1979 | if (devnull > STDERR_FILENO) |
1980 | close(devnull); | 1980 | close(devnull); |
@@ -2161,7 +2161,7 @@ main_sigchld_handler(int sig) | |||
2161 | int status; | 2161 | int status; |
2162 | 2162 | ||
2163 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || | 2163 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || |
2164 | (pid < 0 && errno == EINTR)) | 2164 | (pid == -1 && errno == EINTR)) |
2165 | ; | 2165 | ; |
2166 | errno = save_errno; | 2166 | errno = save_errno; |
2167 | } | 2167 | } |
diff --git a/sshconnect.c b/sshconnect.c index 2dc500b47..ed44fccb8 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect.c,v 1.316 2019/06/21 04:21:04 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect.c,v 1.317 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -133,7 +133,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port, | |||
133 | if ((shell = getenv("SHELL")) == NULL) | 133 | if ((shell = getenv("SHELL")) == NULL) |
134 | shell = _PATH_BSHELL; | 134 | shell = _PATH_BSHELL; |
135 | 135 | ||
136 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) < 0) | 136 | if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) == -1) |
137 | fatal("Could not create socketpair to communicate with " | 137 | fatal("Could not create socketpair to communicate with " |
138 | "proxy dialer: %.100s", strerror(errno)); | 138 | "proxy dialer: %.100s", strerror(errno)); |
139 | 139 | ||
@@ -148,11 +148,11 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port, | |||
148 | close(sp[1]); | 148 | close(sp[1]); |
149 | /* Redirect stdin and stdout. */ | 149 | /* Redirect stdin and stdout. */ |
150 | if (sp[0] != 0) { | 150 | if (sp[0] != 0) { |
151 | if (dup2(sp[0], 0) < 0) | 151 | if (dup2(sp[0], 0) == -1) |
152 | perror("dup2 stdin"); | 152 | perror("dup2 stdin"); |
153 | } | 153 | } |
154 | if (sp[0] != 1) { | 154 | if (sp[0] != 1) { |
155 | if (dup2(sp[0], 1) < 0) | 155 | if (dup2(sp[0], 1) == -1) |
156 | perror("dup2 stdout"); | 156 | perror("dup2 stdout"); |
157 | } | 157 | } |
158 | if (sp[0] >= 2) | 158 | if (sp[0] >= 2) |
@@ -180,7 +180,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port, | |||
180 | exit(1); | 180 | exit(1); |
181 | } | 181 | } |
182 | /* Parent. */ | 182 | /* Parent. */ |
183 | if (pid < 0) | 183 | if (pid == -1) |
184 | fatal("fork failed: %.100s", strerror(errno)); | 184 | fatal("fork failed: %.100s", strerror(errno)); |
185 | close(sp[0]); | 185 | close(sp[0]); |
186 | free(command_string); | 186 | free(command_string); |
@@ -216,7 +216,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, | |||
216 | shell = _PATH_BSHELL; | 216 | shell = _PATH_BSHELL; |
217 | 217 | ||
218 | /* Create pipes for communicating with the proxy. */ | 218 | /* Create pipes for communicating with the proxy. */ |
219 | if (pipe(pin) < 0 || pipe(pout) < 0) | 219 | if (pipe(pin) == -1 || pipe(pout) == -1) |
220 | fatal("Could not create pipes to communicate with the proxy: %.100s", | 220 | fatal("Could not create pipes to communicate with the proxy: %.100s", |
221 | strerror(errno)); | 221 | strerror(errno)); |
222 | 222 | ||
@@ -231,12 +231,12 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, | |||
231 | /* Redirect stdin and stdout. */ | 231 | /* Redirect stdin and stdout. */ |
232 | close(pin[1]); | 232 | close(pin[1]); |
233 | if (pin[0] != 0) { | 233 | if (pin[0] != 0) { |
234 | if (dup2(pin[0], 0) < 0) | 234 | if (dup2(pin[0], 0) == -1) |
235 | perror("dup2 stdin"); | 235 | perror("dup2 stdin"); |
236 | close(pin[0]); | 236 | close(pin[0]); |
237 | } | 237 | } |
238 | close(pout[0]); | 238 | close(pout[0]); |
239 | if (dup2(pout[1], 1) < 0) | 239 | if (dup2(pout[1], 1) == -1) |
240 | perror("dup2 stdout"); | 240 | perror("dup2 stdout"); |
241 | /* Cannot be 1 because pin allocated two descriptors. */ | 241 | /* Cannot be 1 because pin allocated two descriptors. */ |
242 | close(pout[1]); | 242 | close(pout[1]); |
@@ -262,7 +262,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, | |||
262 | exit(1); | 262 | exit(1); |
263 | } | 263 | } |
264 | /* Parent. */ | 264 | /* Parent. */ |
265 | if (pid < 0) | 265 | if (pid == -1) |
266 | fatal("fork failed: %.100s", strerror(errno)); | 266 | fatal("fork failed: %.100s", strerror(errno)); |
267 | else | 267 | else |
268 | proxy_command_pid = pid; /* save pid to clean up later */ | 268 | proxy_command_pid = pid; /* save pid to clean up later */ |
@@ -371,7 +371,7 @@ ssh_create_socket(struct addrinfo *ai) | |||
371 | char ntop[NI_MAXHOST]; | 371 | char ntop[NI_MAXHOST]; |
372 | 372 | ||
373 | sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); | 373 | sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); |
374 | if (sock < 0) { | 374 | if (sock == -1) { |
375 | error("socket: %s", strerror(errno)); | 375 | error("socket: %s", strerror(errno)); |
376 | return -1; | 376 | return -1; |
377 | } | 377 | } |
@@ -532,7 +532,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, | |||
532 | /* Set SO_KEEPALIVE if requested. */ | 532 | /* Set SO_KEEPALIVE if requested. */ |
533 | if (want_keepalive && | 533 | if (want_keepalive && |
534 | setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on, | 534 | setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on, |
535 | sizeof(on)) < 0) | 535 | sizeof(on)) == -1) |
536 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); | 536 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); |
537 | 537 | ||
538 | /* Set the connection. */ | 538 | /* Set the connection. */ |
@@ -553,8 +553,8 @@ ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs, | |||
553 | return ssh_connect_direct(ssh, host, addrs, hostaddr, port, | 553 | return ssh_connect_direct(ssh, host, addrs, hostaddr, port, |
554 | family, connection_attempts, timeout_ms, want_keepalive); | 554 | family, connection_attempts, timeout_ms, want_keepalive); |
555 | } else if (strcmp(options.proxy_command, "-") == 0) { | 555 | } else if (strcmp(options.proxy_command, "-") == 0) { |
556 | if ((in = dup(STDIN_FILENO)) < 0 || | 556 | if ((in = dup(STDIN_FILENO)) == -1 || |
557 | (out = dup(STDOUT_FILENO)) < 0) { | 557 | (out = dup(STDOUT_FILENO)) == -1) { |
558 | if (in >= 0) | 558 | if (in >= 0) |
559 | close(in); | 559 | close(in); |
560 | error("%s: dup() in/out failed", __func__); | 560 | error("%s: dup() in/out failed", __func__); |
diff --git a/sshconnect2.c b/sshconnect2.c index 0d2523ca1..0ad44ce19 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect2.c,v 1.305 2019/05/31 03:20:07 djm Exp $ */ | 1 | /* $OpenBSD: sshconnect2.c,v 1.306 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2008 Damien Miller. All rights reserved. |
@@ -1408,7 +1408,7 @@ load_identity_file(Identity *id) | |||
1408 | int r, perm_ok = 0, quit = 0, i; | 1408 | int r, perm_ok = 0, quit = 0, i; |
1409 | struct stat st; | 1409 | struct stat st; |
1410 | 1410 | ||
1411 | if (stat(id->filename, &st) < 0) { | 1411 | if (stat(id->filename, &st) == -1) { |
1412 | (id->userprovided ? logit : debug3)("no such identity: %s: %s", | 1412 | (id->userprovided ? logit : debug3)("no such identity: %s: %s", |
1413 | id->filename, strerror(errno)); | 1413 | id->filename, strerror(errno)); |
1414 | return NULL; | 1414 | return NULL; |
@@ -1841,7 +1841,7 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, | |||
1841 | *sigp = NULL; | 1841 | *sigp = NULL; |
1842 | *lenp = 0; | 1842 | *lenp = 0; |
1843 | 1843 | ||
1844 | if (stat(_PATH_SSH_KEY_SIGN, &st) < 0) { | 1844 | if (stat(_PATH_SSH_KEY_SIGN, &st) == -1) { |
1845 | error("%s: not installed: %s", __func__, strerror(errno)); | 1845 | error("%s: not installed: %s", __func__, strerror(errno)); |
1846 | return -1; | 1846 | return -1; |
1847 | } | 1847 | } |
@@ -1849,30 +1849,30 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, | |||
1849 | error("%s: fflush: %s", __func__, strerror(errno)); | 1849 | error("%s: fflush: %s", __func__, strerror(errno)); |
1850 | return -1; | 1850 | return -1; |
1851 | } | 1851 | } |
1852 | if (pipe(to) < 0) { | 1852 | if (pipe(to) == -1) { |
1853 | error("%s: pipe: %s", __func__, strerror(errno)); | 1853 | error("%s: pipe: %s", __func__, strerror(errno)); |
1854 | return -1; | 1854 | return -1; |
1855 | } | 1855 | } |
1856 | if (pipe(from) < 0) { | 1856 | if (pipe(from) == -1) { |
1857 | error("%s: pipe: %s", __func__, strerror(errno)); | 1857 | error("%s: pipe: %s", __func__, strerror(errno)); |
1858 | return -1; | 1858 | return -1; |
1859 | } | 1859 | } |
1860 | if ((pid = fork()) < 0) { | 1860 | if ((pid = fork()) == -1) { |
1861 | error("%s: fork: %s", __func__, strerror(errno)); | 1861 | error("%s: fork: %s", __func__, strerror(errno)); |
1862 | return -1; | 1862 | return -1; |
1863 | } | 1863 | } |
1864 | osigchld = signal(SIGCHLD, SIG_DFL); | 1864 | osigchld = signal(SIGCHLD, SIG_DFL); |
1865 | if (pid == 0) { | 1865 | if (pid == 0) { |
1866 | close(from[0]); | 1866 | close(from[0]); |
1867 | if (dup2(from[1], STDOUT_FILENO) < 0) | 1867 | if (dup2(from[1], STDOUT_FILENO) == -1) |
1868 | fatal("%s: dup2: %s", __func__, strerror(errno)); | 1868 | fatal("%s: dup2: %s", __func__, strerror(errno)); |
1869 | close(to[1]); | 1869 | close(to[1]); |
1870 | if (dup2(to[0], STDIN_FILENO) < 0) | 1870 | if (dup2(to[0], STDIN_FILENO) == -1) |
1871 | fatal("%s: dup2: %s", __func__, strerror(errno)); | 1871 | fatal("%s: dup2: %s", __func__, strerror(errno)); |
1872 | close(from[1]); | 1872 | close(from[1]); |
1873 | close(to[0]); | 1873 | close(to[0]); |
1874 | 1874 | ||
1875 | if (dup2(sock, STDERR_FILENO + 1) < 0) | 1875 | if (dup2(sock, STDERR_FILENO + 1) == -1) |
1876 | fatal("%s: dup2: %s", __func__, strerror(errno)); | 1876 | fatal("%s: dup2: %s", __func__, strerror(errno)); |
1877 | sock = STDERR_FILENO + 1; | 1877 | sock = STDERR_FILENO + 1; |
1878 | fcntl(sock, F_SETFD, 0); /* keep the socket on exec */ | 1878 | fcntl(sock, F_SETFD, 0); /* keep the socket on exec */ |
@@ -1906,7 +1906,7 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp, | |||
1906 | } | 1906 | } |
1907 | 1907 | ||
1908 | errno = 0; | 1908 | errno = 0; |
1909 | while (waitpid(pid, &status, 0) < 0) { | 1909 | while (waitpid(pid, &status, 0) == -1) { |
1910 | if (errno != EINTR) { | 1910 | if (errno != EINTR) { |
1911 | error("%s: waitpid %ld: %s", | 1911 | error("%s: waitpid %ld: %s", |
1912 | __func__, (long)pid, strerror(errno)); | 1912 | __func__, (long)pid, strerror(errno)); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshd.c,v 1.536 2019/06/21 04:21:05 djm Exp $ */ | 1 | /* $OpenBSD: sshd.c,v 1.537 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -345,7 +345,7 @@ main_sigchld_handler(int sig) | |||
345 | int status; | 345 | int status; |
346 | 346 | ||
347 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || | 347 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || |
348 | (pid < 0 && errno == EINTR)) | 348 | (pid == -1 && errno == EINTR)) |
349 | ; | 349 | ; |
350 | errno = save_errno; | 350 | errno = save_errno; |
351 | } | 351 | } |
@@ -468,7 +468,7 @@ privsep_preauth_child(void) | |||
468 | debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid, | 468 | debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid, |
469 | (u_int)privsep_pw->pw_gid); | 469 | (u_int)privsep_pw->pw_gid); |
470 | gidset[0] = privsep_pw->pw_gid; | 470 | gidset[0] = privsep_pw->pw_gid; |
471 | if (setgroups(1, gidset) < 0) | 471 | if (setgroups(1, gidset) == -1) |
472 | fatal("setgroups: %.100s", strerror(errno)); | 472 | fatal("setgroups: %.100s", strerror(errno)); |
473 | permanently_set_uid(privsep_pw); | 473 | permanently_set_uid(privsep_pw); |
474 | } | 474 | } |
@@ -508,7 +508,7 @@ privsep_preauth(struct ssh *ssh) | |||
508 | monitor_child_preauth(ssh, pmonitor); | 508 | monitor_child_preauth(ssh, pmonitor); |
509 | 509 | ||
510 | /* Wait for the child's exit status */ | 510 | /* Wait for the child's exit status */ |
511 | while (waitpid(pid, &status, 0) < 0) { | 511 | while (waitpid(pid, &status, 0) == -1) { |
512 | if (errno == EINTR) | 512 | if (errno == EINTR) |
513 | continue; | 513 | continue; |
514 | pmonitor->m_pid = -1; | 514 | pmonitor->m_pid = -1; |
@@ -967,7 +967,7 @@ listen_on_addrs(struct listenaddr *la) | |||
967 | /* Create socket for listening. */ | 967 | /* Create socket for listening. */ |
968 | listen_sock = socket(ai->ai_family, ai->ai_socktype, | 968 | listen_sock = socket(ai->ai_family, ai->ai_socktype, |
969 | ai->ai_protocol); | 969 | ai->ai_protocol); |
970 | if (listen_sock < 0) { | 970 | if (listen_sock == -1) { |
971 | /* kernel may not support ipv6 */ | 971 | /* kernel may not support ipv6 */ |
972 | verbose("socket: %.100s", strerror(errno)); | 972 | verbose("socket: %.100s", strerror(errno)); |
973 | continue; | 973 | continue; |
@@ -996,7 +996,7 @@ listen_on_addrs(struct listenaddr *la) | |||
996 | debug("Bind to port %s on %s.", strport, ntop); | 996 | debug("Bind to port %s on %s.", strport, ntop); |
997 | 997 | ||
998 | /* Bind the socket to the desired port. */ | 998 | /* Bind the socket to the desired port. */ |
999 | if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) < 0) { | 999 | if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) { |
1000 | error("Bind to port %s on %s failed: %.200s.", | 1000 | error("Bind to port %s on %s failed: %.200s.", |
1001 | strport, ntop, strerror(errno)); | 1001 | strport, ntop, strerror(errno)); |
1002 | close(listen_sock); | 1002 | close(listen_sock); |
@@ -1006,7 +1006,7 @@ listen_on_addrs(struct listenaddr *la) | |||
1006 | num_listen_socks++; | 1006 | num_listen_socks++; |
1007 | 1007 | ||
1008 | /* Start listening on the port. */ | 1008 | /* Start listening on the port. */ |
1009 | if (listen(listen_sock, SSH_LISTEN_BACKLOG) < 0) | 1009 | if (listen(listen_sock, SSH_LISTEN_BACKLOG) == -1) |
1010 | fatal("listen on [%s]:%s: %.100s", | 1010 | fatal("listen on [%s]:%s: %.100s", |
1011 | ntop, strport, strerror(errno)); | 1011 | ntop, strport, strerror(errno)); |
1012 | logit("Server listening on %s port %s%s%s.", | 1012 | logit("Server listening on %s port %s%s%s.", |
@@ -1091,7 +1091,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1091 | 1091 | ||
1092 | /* Wait in select until there is a connection. */ | 1092 | /* Wait in select until there is a connection. */ |
1093 | ret = select(maxfd+1, fdset, NULL, NULL, NULL); | 1093 | ret = select(maxfd+1, fdset, NULL, NULL, NULL); |
1094 | if (ret < 0 && errno != EINTR) | 1094 | if (ret == -1 && errno != EINTR) |
1095 | error("select: %.100s", strerror(errno)); | 1095 | error("select: %.100s", strerror(errno)); |
1096 | if (received_sigterm) { | 1096 | if (received_sigterm) { |
1097 | logit("Received signal %d; terminating.", | 1097 | logit("Received signal %d; terminating.", |
@@ -1101,7 +1101,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1101 | unlink(options.pid_file); | 1101 | unlink(options.pid_file); |
1102 | exit(received_sigterm == SIGTERM ? 0 : 255); | 1102 | exit(received_sigterm == SIGTERM ? 0 : 255); |
1103 | } | 1103 | } |
1104 | if (ret < 0) | 1104 | if (ret == -1) |
1105 | continue; | 1105 | continue; |
1106 | 1106 | ||
1107 | for (i = 0; i < options.max_startups; i++) { | 1107 | for (i = 0; i < options.max_startups; i++) { |
@@ -1141,7 +1141,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1141 | fromlen = sizeof(from); | 1141 | fromlen = sizeof(from); |
1142 | *newsock = accept(listen_socks[i], | 1142 | *newsock = accept(listen_socks[i], |
1143 | (struct sockaddr *)&from, &fromlen); | 1143 | (struct sockaddr *)&from, &fromlen); |
1144 | if (*newsock < 0) { | 1144 | if (*newsock == -1) { |
1145 | if (errno != EINTR && errno != EWOULDBLOCK && | 1145 | if (errno != EINTR && errno != EWOULDBLOCK && |
1146 | errno != ECONNABORTED && errno != EAGAIN) | 1146 | errno != ECONNABORTED && errno != EAGAIN) |
1147 | error("accept: %.100s", | 1147 | error("accept: %.100s", |
@@ -1261,7 +1261,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) | |||
1261 | 1261 | ||
1262 | /* Parent. Stay in the loop. */ | 1262 | /* Parent. Stay in the loop. */ |
1263 | platform_post_fork_parent(pid); | 1263 | platform_post_fork_parent(pid); |
1264 | if (pid < 0) | 1264 | if (pid == -1) |
1265 | error("fork: %.100s", strerror(errno)); | 1265 | error("fork: %.100s", strerror(errno)); |
1266 | else | 1266 | else |
1267 | debug("Forked child %ld.", (long)pid); | 1267 | debug("Forked child %ld.", (long)pid); |
@@ -1314,7 +1314,7 @@ check_ip_options(struct ssh *ssh) | |||
1314 | 1314 | ||
1315 | memset(&from, 0, sizeof(from)); | 1315 | memset(&from, 0, sizeof(from)); |
1316 | if (getpeername(sock_in, (struct sockaddr *)&from, | 1316 | if (getpeername(sock_in, (struct sockaddr *)&from, |
1317 | &fromlen) < 0) | 1317 | &fromlen) == -1) |
1318 | return; | 1318 | return; |
1319 | if (from.ss_family != AF_INET) | 1319 | if (from.ss_family != AF_INET) |
1320 | return; | 1320 | return; |
@@ -1895,7 +1895,7 @@ main(int ac, char **av) | |||
1895 | already_daemon = daemonized(); | 1895 | already_daemon = daemonized(); |
1896 | if (!(debug_flag || inetd_flag || no_daemon_flag || already_daemon)) { | 1896 | if (!(debug_flag || inetd_flag || no_daemon_flag || already_daemon)) { |
1897 | 1897 | ||
1898 | if (daemon(0, 0) < 0) | 1898 | if (daemon(0, 0) == -1) |
1899 | fatal("daemon() failed: %.200s", strerror(errno)); | 1899 | fatal("daemon() failed: %.200s", strerror(errno)); |
1900 | 1900 | ||
1901 | disconnect_controlling_tty(); | 1901 | disconnect_controlling_tty(); |
@@ -1958,7 +1958,7 @@ main(int ac, char **av) | |||
1958 | * controlling terminal which will result in "could not set | 1958 | * controlling terminal which will result in "could not set |
1959 | * controlling tty" errors. | 1959 | * controlling tty" errors. |
1960 | */ | 1960 | */ |
1961 | if (!debug_flag && !inetd_flag && setsid() < 0) | 1961 | if (!debug_flag && !inetd_flag && setsid() == -1) |
1962 | error("setsid: %.100s", strerror(errno)); | 1962 | error("setsid: %.100s", strerror(errno)); |
1963 | #endif | 1963 | #endif |
1964 | 1964 | ||
@@ -2036,7 +2036,7 @@ main(int ac, char **av) | |||
2036 | 2036 | ||
2037 | /* Set SO_KEEPALIVE if requested. */ | 2037 | /* Set SO_KEEPALIVE if requested. */ |
2038 | if (options.tcp_keep_alive && ssh_packet_connection_is_on_socket(ssh) && | 2038 | if (options.tcp_keep_alive && ssh_packet_connection_is_on_socket(ssh) && |
2039 | setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0) | 2039 | setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) == -1) |
2040 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); | 2040 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); |
2041 | 2041 | ||
2042 | if ((remote_port = ssh_remote_port(ssh)) < 0) { | 2042 | if ((remote_port = ssh_remote_port(ssh)) < 0) { |
diff --git a/sshkey-xmss.c b/sshkey-xmss.c index ef39831c6..a29e33f39 100644 --- a/sshkey-xmss.c +++ b/sshkey-xmss.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey-xmss.c,v 1.4 2019/06/27 18:03:37 deraadt Exp $ */ | 1 | /* $OpenBSD: sshkey-xmss.c,v 1.5 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2017 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2017 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -473,12 +473,12 @@ sshkey_xmss_get_state(const struct sshkey *k, sshkey_printfn *pr) | |||
473 | ret = SSH_ERR_ALLOC_FAIL; | 473 | ret = SSH_ERR_ALLOC_FAIL; |
474 | goto done; | 474 | goto done; |
475 | } | 475 | } |
476 | if ((lockfd = open(lockfile, O_CREAT|O_RDONLY, 0600)) < 0) { | 476 | if ((lockfd = open(lockfile, O_CREAT|O_RDONLY, 0600)) == -1) { |
477 | ret = SSH_ERR_SYSTEM_ERROR; | 477 | ret = SSH_ERR_SYSTEM_ERROR; |
478 | PRINT("%s: cannot open/create: %s", __func__, lockfile); | 478 | PRINT("%s: cannot open/create: %s", __func__, lockfile); |
479 | goto done; | 479 | goto done; |
480 | } | 480 | } |
481 | while (flock(lockfd, LOCK_EX|LOCK_NB) < 0) { | 481 | while (flock(lockfd, LOCK_EX|LOCK_NB) == -1) { |
482 | if (errno != EWOULDBLOCK) { | 482 | if (errno != EWOULDBLOCK) { |
483 | ret = SSH_ERR_SYSTEM_ERROR; | 483 | ret = SSH_ERR_SYSTEM_ERROR; |
484 | PRINT("%s: cannot lock: %s", __func__, lockfile); | 484 | PRINT("%s: cannot lock: %s", __func__, lockfile); |
@@ -613,7 +613,7 @@ sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr) | |||
613 | PRINT("%s: ENCRYPT FAILED: %d", __func__, ret); | 613 | PRINT("%s: ENCRYPT FAILED: %d", __func__, ret); |
614 | goto done; | 614 | goto done; |
615 | } | 615 | } |
616 | if ((fd = open(nstatefile, O_CREAT|O_WRONLY|O_EXCL, 0600)) < 0) { | 616 | if ((fd = open(nstatefile, O_CREAT|O_WRONLY|O_EXCL, 0600)) == -1) { |
617 | ret = SSH_ERR_SYSTEM_ERROR; | 617 | ret = SSH_ERR_SYSTEM_ERROR; |
618 | PRINT("%s: open new state file: %s", __func__, nstatefile); | 618 | PRINT("%s: open new state file: %s", __func__, nstatefile); |
619 | goto done; | 619 | goto done; |
@@ -632,13 +632,13 @@ sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr) | |||
632 | close(fd); | 632 | close(fd); |
633 | goto done; | 633 | goto done; |
634 | } | 634 | } |
635 | if (fsync(fd) < 0) { | 635 | if (fsync(fd) == -1) { |
636 | ret = SSH_ERR_SYSTEM_ERROR; | 636 | ret = SSH_ERR_SYSTEM_ERROR; |
637 | PRINT("%s: sync new state file: %s", __func__, nstatefile); | 637 | PRINT("%s: sync new state file: %s", __func__, nstatefile); |
638 | close(fd); | 638 | close(fd); |
639 | goto done; | 639 | goto done; |
640 | } | 640 | } |
641 | if (close(fd) < 0) { | 641 | if (close(fd) == -1) { |
642 | ret = SSH_ERR_SYSTEM_ERROR; | 642 | ret = SSH_ERR_SYSTEM_ERROR; |
643 | PRINT("%s: close new state file: %s", __func__, nstatefile); | 643 | PRINT("%s: close new state file: %s", __func__, nstatefile); |
644 | goto done; | 644 | goto done; |
@@ -652,7 +652,7 @@ sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr) | |||
652 | goto done; | 652 | goto done; |
653 | } | 653 | } |
654 | } | 654 | } |
655 | if (rename(nstatefile, statefile) < 0) { | 655 | if (rename(nstatefile, statefile) == -1) { |
656 | ret = SSH_ERR_SYSTEM_ERROR; | 656 | ret = SSH_ERR_SYSTEM_ERROR; |
657 | PRINT("%s: rename %s to %s", __func__, nstatefile, statefile); | 657 | PRINT("%s: rename %s to %s", __func__, nstatefile, statefile); |
658 | goto done; | 658 | goto done; |
diff --git a/sshlogin.c b/sshlogin.c index 1b2ee5f85..4ed419494 100644 --- a/sshlogin.c +++ b/sshlogin.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshlogin.c,v 1.33 2018/07/09 21:26:02 markus Exp $ */ | 1 | /* $OpenBSD: sshlogin.c,v 1.34 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshpty.c,v 1.31 2016/11/29 03:54:50 dtucker Exp $ */ | 1 | /* $OpenBSD: sshpty.c,v 1.32 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -68,7 +68,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen) | |||
68 | int i; | 68 | int i; |
69 | 69 | ||
70 | i = openpty(ptyfd, ttyfd, NULL, NULL, NULL); | 70 | i = openpty(ptyfd, ttyfd, NULL, NULL, NULL); |
71 | if (i < 0) { | 71 | if (i == -1) { |
72 | error("openpty: %.100s", strerror(errno)); | 72 | error("openpty: %.100s", strerror(errno)); |
73 | return 0; | 73 | return 0; |
74 | } | 74 | } |
@@ -86,9 +86,9 @@ void | |||
86 | pty_release(const char *tty) | 86 | pty_release(const char *tty) |
87 | { | 87 | { |
88 | #if !defined(__APPLE_PRIVPTY__) && !defined(HAVE_OPENPTY) | 88 | #if !defined(__APPLE_PRIVPTY__) && !defined(HAVE_OPENPTY) |
89 | if (chown(tty, (uid_t) 0, (gid_t) 0) < 0) | 89 | if (chown(tty, (uid_t) 0, (gid_t) 0) == -1) |
90 | error("chown %.100s 0 0 failed: %.100s", tty, strerror(errno)); | 90 | error("chown %.100s 0 0 failed: %.100s", tty, strerror(errno)); |
91 | if (chmod(tty, (mode_t) 0666) < 0) | 91 | if (chmod(tty, (mode_t) 0666) == -1) |
92 | error("chmod %.100s 0666 failed: %.100s", tty, strerror(errno)); | 92 | error("chmod %.100s 0666 failed: %.100s", tty, strerror(errno)); |
93 | #endif /* !__APPLE_PRIVPTY__ && !HAVE_OPENPTY */ | 93 | #endif /* !__APPLE_PRIVPTY__ && !HAVE_OPENPTY */ |
94 | } | 94 | } |
@@ -108,7 +108,7 @@ pty_make_controlling_tty(int *ttyfd, const char *tty) | |||
108 | close(fd); | 108 | close(fd); |
109 | } | 109 | } |
110 | #endif /* TIOCNOTTY */ | 110 | #endif /* TIOCNOTTY */ |
111 | if (setsid() < 0) | 111 | if (setsid() == -1) |
112 | error("setsid: %.100s", strerror(errno)); | 112 | error("setsid: %.100s", strerror(errno)); |
113 | 113 | ||
114 | /* | 114 | /* |
@@ -131,14 +131,14 @@ pty_make_controlling_tty(int *ttyfd, const char *tty) | |||
131 | error("SETPGRP %s",strerror(errno)); | 131 | error("SETPGRP %s",strerror(errno)); |
132 | #endif /* NEED_SETPGRP */ | 132 | #endif /* NEED_SETPGRP */ |
133 | fd = open(tty, O_RDWR); | 133 | fd = open(tty, O_RDWR); |
134 | if (fd < 0) | 134 | if (fd == -1) |
135 | error("%.100s: %.100s", tty, strerror(errno)); | 135 | error("%.100s: %.100s", tty, strerror(errno)); |
136 | else | 136 | else |
137 | close(fd); | 137 | close(fd); |
138 | 138 | ||
139 | /* Verify that we now have a controlling tty. */ | 139 | /* Verify that we now have a controlling tty. */ |
140 | fd = open(_PATH_TTY, O_WRONLY); | 140 | fd = open(_PATH_TTY, O_WRONLY); |
141 | if (fd < 0) | 141 | if (fd == -1) |
142 | error("open /dev/tty failed - could not set controlling tty: %.100s", | 142 | error("open /dev/tty failed - could not set controlling tty: %.100s", |
143 | strerror(errno)); | 143 | strerror(errno)); |
144 | else | 144 | else |
@@ -188,7 +188,7 @@ pty_setowner(struct passwd *pw, const char *tty) | |||
188 | #endif | 188 | #endif |
189 | 189 | ||
190 | if (st.st_uid != pw->pw_uid || st.st_gid != gid) { | 190 | if (st.st_uid != pw->pw_uid || st.st_gid != gid) { |
191 | if (chown(tty, pw->pw_uid, gid) < 0) { | 191 | if (chown(tty, pw->pw_uid, gid) == -1) { |
192 | if (errno == EROFS && | 192 | if (errno == EROFS && |
193 | (st.st_uid == pw->pw_uid || st.st_uid == 0)) | 193 | (st.st_uid == pw->pw_uid || st.st_uid == 0)) |
194 | debug("chown(%.100s, %u, %u) failed: %.100s", | 194 | debug("chown(%.100s, %u, %u) failed: %.100s", |
@@ -202,7 +202,7 @@ pty_setowner(struct passwd *pw, const char *tty) | |||
202 | } | 202 | } |
203 | 203 | ||
204 | if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) { | 204 | if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) { |
205 | if (chmod(tty, mode) < 0) { | 205 | if (chmod(tty, mode) == -1) { |
206 | if (errno == EROFS && | 206 | if (errno == EROFS && |
207 | (st.st_mode & (S_IRGRP | S_IROTH)) == 0) | 207 | (st.st_mode & (S_IRGRP | S_IROTH)) == 0) |
208 | debug("chmod(%.100s, 0%o) failed: %.100s", | 208 | debug("chmod(%.100s, 0%o) failed: %.100s", |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: uidswap.c,v 1.41 2018/07/18 11:34:04 dtucker Exp $ */ | 1 | /* $OpenBSD: uidswap.c,v 1.42 2019/06/28 13:35:04 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -84,12 +84,12 @@ temporarily_use_uid(struct passwd *pw) | |||
84 | temporarily_use_uid_effective = 1; | 84 | temporarily_use_uid_effective = 1; |
85 | 85 | ||
86 | saved_egroupslen = getgroups(0, NULL); | 86 | saved_egroupslen = getgroups(0, NULL); |
87 | if (saved_egroupslen < 0) | 87 | if (saved_egroupslen == -1) |
88 | fatal("getgroups: %.100s", strerror(errno)); | 88 | fatal("getgroups: %.100s", strerror(errno)); |
89 | if (saved_egroupslen > 0) { | 89 | if (saved_egroupslen > 0) { |
90 | saved_egroups = xreallocarray(saved_egroups, | 90 | saved_egroups = xreallocarray(saved_egroups, |
91 | saved_egroupslen, sizeof(gid_t)); | 91 | saved_egroupslen, sizeof(gid_t)); |
92 | if (getgroups(saved_egroupslen, saved_egroups) < 0) | 92 | if (getgroups(saved_egroupslen, saved_egroups) == -1) |
93 | fatal("getgroups: %.100s", strerror(errno)); | 93 | fatal("getgroups: %.100s", strerror(errno)); |
94 | } else { /* saved_egroupslen == 0 */ | 94 | } else { /* saved_egroupslen == 0 */ |
95 | free(saved_egroups); | 95 | free(saved_egroups); |
@@ -98,17 +98,17 @@ temporarily_use_uid(struct passwd *pw) | |||
98 | 98 | ||
99 | /* set and save the user's groups */ | 99 | /* set and save the user's groups */ |
100 | if (user_groupslen == -1 || user_groups_uid != pw->pw_uid) { | 100 | if (user_groupslen == -1 || user_groups_uid != pw->pw_uid) { |
101 | if (initgroups(pw->pw_name, pw->pw_gid) < 0) | 101 | if (initgroups(pw->pw_name, pw->pw_gid) == -1) |
102 | fatal("initgroups: %s: %.100s", pw->pw_name, | 102 | fatal("initgroups: %s: %.100s", pw->pw_name, |
103 | strerror(errno)); | 103 | strerror(errno)); |
104 | 104 | ||
105 | user_groupslen = getgroups(0, NULL); | 105 | user_groupslen = getgroups(0, NULL); |
106 | if (user_groupslen < 0) | 106 | if (user_groupslen == -1) |
107 | fatal("getgroups: %.100s", strerror(errno)); | 107 | fatal("getgroups: %.100s", strerror(errno)); |
108 | if (user_groupslen > 0) { | 108 | if (user_groupslen > 0) { |
109 | user_groups = xreallocarray(user_groups, | 109 | user_groups = xreallocarray(user_groups, |
110 | user_groupslen, sizeof(gid_t)); | 110 | user_groupslen, sizeof(gid_t)); |
111 | if (getgroups(user_groupslen, user_groups) < 0) | 111 | if (getgroups(user_groupslen, user_groups) == -1) |
112 | fatal("getgroups: %.100s", strerror(errno)); | 112 | fatal("getgroups: %.100s", strerror(errno)); |
113 | } else { /* user_groupslen == 0 */ | 113 | } else { /* user_groupslen == 0 */ |
114 | free(user_groups); | 114 | free(user_groups); |
@@ -117,17 +117,17 @@ temporarily_use_uid(struct passwd *pw) | |||
117 | user_groups_uid = pw->pw_uid; | 117 | user_groups_uid = pw->pw_uid; |
118 | } | 118 | } |
119 | /* Set the effective uid to the given (unprivileged) uid. */ | 119 | /* Set the effective uid to the given (unprivileged) uid. */ |
120 | if (setgroups(user_groupslen, user_groups) < 0) | 120 | if (setgroups(user_groupslen, user_groups) == -1) |
121 | fatal("setgroups: %.100s", strerror(errno)); | 121 | fatal("setgroups: %.100s", strerror(errno)); |
122 | #ifndef SAVED_IDS_WORK_WITH_SETEUID | 122 | #ifndef SAVED_IDS_WORK_WITH_SETEUID |
123 | /* Propagate the privileged gid to all of our gids. */ | 123 | /* Propagate the privileged gid to all of our gids. */ |
124 | if (setgid(getegid()) < 0) | 124 | if (setgid(getegid()) == -1) |
125 | debug("setgid %u: %.100s", (u_int) getegid(), strerror(errno)); | 125 | debug("setgid %u: %.100s", (u_int) getegid(), strerror(errno)); |
126 | /* Propagate the privileged uid to all of our uids. */ | 126 | /* Propagate the privileged uid to all of our uids. */ |
127 | if (setuid(geteuid()) < 0) | 127 | if (setuid(geteuid()) == -1) |
128 | debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno)); | 128 | debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno)); |
129 | #endif /* SAVED_IDS_WORK_WITH_SETEUID */ | 129 | #endif /* SAVED_IDS_WORK_WITH_SETEUID */ |
130 | if (setegid(pw->pw_gid) < 0) | 130 | if (setegid(pw->pw_gid) == -1) |
131 | fatal("setegid %u: %.100s", (u_int)pw->pw_gid, | 131 | fatal("setegid %u: %.100s", (u_int)pw->pw_gid, |
132 | strerror(errno)); | 132 | strerror(errno)); |
133 | if (seteuid(pw->pw_uid) == -1) | 133 | if (seteuid(pw->pw_uid) == -1) |
@@ -152,9 +152,9 @@ restore_uid(void) | |||
152 | #ifdef SAVED_IDS_WORK_WITH_SETEUID | 152 | #ifdef SAVED_IDS_WORK_WITH_SETEUID |
153 | debug("restore_uid: %u/%u", (u_int)saved_euid, (u_int)saved_egid); | 153 | debug("restore_uid: %u/%u", (u_int)saved_euid, (u_int)saved_egid); |
154 | /* Set the effective uid back to the saved privileged uid. */ | 154 | /* Set the effective uid back to the saved privileged uid. */ |
155 | if (seteuid(saved_euid) < 0) | 155 | if (seteuid(saved_euid) == -1) |
156 | fatal("seteuid %u: %.100s", (u_int)saved_euid, strerror(errno)); | 156 | fatal("seteuid %u: %.100s", (u_int)saved_euid, strerror(errno)); |
157 | if (setegid(saved_egid) < 0) | 157 | if (setegid(saved_egid) == -1) |
158 | fatal("setegid %u: %.100s", (u_int)saved_egid, strerror(errno)); | 158 | fatal("setegid %u: %.100s", (u_int)saved_egid, strerror(errno)); |
159 | #else /* SAVED_IDS_WORK_WITH_SETEUID */ | 159 | #else /* SAVED_IDS_WORK_WITH_SETEUID */ |
160 | /* | 160 | /* |
@@ -166,7 +166,7 @@ restore_uid(void) | |||
166 | setgid(getgid()); | 166 | setgid(getgid()); |
167 | #endif /* SAVED_IDS_WORK_WITH_SETEUID */ | 167 | #endif /* SAVED_IDS_WORK_WITH_SETEUID */ |
168 | 168 | ||
169 | if (setgroups(saved_egroupslen, saved_egroups) < 0) | 169 | if (setgroups(saved_egroupslen, saved_egroups) == -1) |
170 | fatal("setgroups: %.100s", strerror(errno)); | 170 | fatal("setgroups: %.100s", strerror(errno)); |
171 | temporarily_use_uid_effective = 0; | 171 | temporarily_use_uid_effective = 0; |
172 | } | 172 | } |
@@ -190,7 +190,7 @@ permanently_set_uid(struct passwd *pw) | |||
190 | debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, | 190 | debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, |
191 | (u_int)pw->pw_gid); | 191 | (u_int)pw->pw_gid); |
192 | 192 | ||
193 | if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0) | 193 | if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) |
194 | fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); | 194 | fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno)); |
195 | 195 | ||
196 | #ifdef __APPLE__ | 196 | #ifdef __APPLE__ |
@@ -198,12 +198,12 @@ permanently_set_uid(struct passwd *pw) | |||
198 | * OS X requires initgroups after setgid to opt back into | 198 | * OS X requires initgroups after setgid to opt back into |
199 | * memberd support for >16 supplemental groups. | 199 | * memberd support for >16 supplemental groups. |
200 | */ | 200 | */ |
201 | if (initgroups(pw->pw_name, pw->pw_gid) < 0) | 201 | if (initgroups(pw->pw_name, pw->pw_gid) == -1) |
202 | fatal("initgroups %.100s %u: %.100s", | 202 | fatal("initgroups %.100s %u: %.100s", |
203 | pw->pw_name, (u_int)pw->pw_gid, strerror(errno)); | 203 | pw->pw_name, (u_int)pw->pw_gid, strerror(errno)); |
204 | #endif | 204 | #endif |
205 | 205 | ||
206 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0) | 206 | if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) |
207 | fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); | 207 | fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); |
208 | 208 | ||
209 | #ifndef NO_UID_RESTORATION_TEST | 209 | #ifndef NO_UID_RESTORATION_TEST |