diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-23 21:38:49 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-23 21:38:49 +0000 |
commit | 822b6340999b061c96ccd64093f608d8ab63e836 (patch) | |
tree | a42f4d4f77ec556ac15e942b788070836966599f | |
parent | e135363422c0e48901fa0b4927ef3f1c12614287 (diff) |
- deraadt@cvs.openbsd.org 2002/06/23 10:29:52
[ssh-agent.c sshd.c]
some minor KNF and %u
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | ssh-agent.c | 73 | ||||
-rw-r--r-- | sshd.c | 24 |
3 files changed, 57 insertions, 45 deletions
@@ -20,6 +20,9 @@ | |||
20 | - deraadt@cvs.openbsd.org 2002/06/23 09:46:51 | 20 | - deraadt@cvs.openbsd.org 2002/06/23 09:46:51 |
21 | [bufaux.c servconf.c] | 21 | [bufaux.c servconf.c] |
22 | minor KNF. things the fingers do while you read | 22 | minor KNF. things the fingers do while you read |
23 | - deraadt@cvs.openbsd.org 2002/06/23 10:29:52 | ||
24 | [ssh-agent.c sshd.c] | ||
25 | some minor KNF and %u | ||
23 | 26 | ||
24 | 20020623 | 27 | 20020623 |
25 | - (stevesk) [configure.ac] bug #255 LOGIN_NEEDS_UTMPX for AIX. | 28 | - (stevesk) [configure.ac] bug #255 LOGIN_NEEDS_UTMPX for AIX. |
@@ -1064,4 +1067,4 @@ | |||
1064 | - (stevesk) entropy.c: typo in debug message | 1067 | - (stevesk) entropy.c: typo in debug message |
1065 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 1068 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
1066 | 1069 | ||
1067 | $Id: ChangeLog,v 1.2259 2002/06/23 21:29:23 mouring Exp $ | 1070 | $Id: ChangeLog,v 1.2260 2002/06/23 21:38:49 mouring Exp $ |
diff --git a/ssh-agent.c b/ssh-agent.c index 92ce16a9f..b3558b258 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -35,7 +35,7 @@ | |||
35 | 35 | ||
36 | #include "includes.h" | 36 | #include "includes.h" |
37 | #include "openbsd-compat/fake-queue.h" | 37 | #include "openbsd-compat/fake-queue.h" |
38 | RCSID("$OpenBSD: ssh-agent.c,v 1.95 2002/06/19 00:27:55 deraadt Exp $"); | 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.96 2002/06/23 10:29:52 deraadt Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | #include <openssl/md5.h> | 41 | #include <openssl/md5.h> |
@@ -110,6 +110,7 @@ static void | |||
110 | idtab_init(void) | 110 | idtab_init(void) |
111 | { | 111 | { |
112 | int i; | 112 | int i; |
113 | |||
113 | for (i = 0; i <=2; i++) { | 114 | for (i = 0; i <=2; i++) { |
114 | TAILQ_INIT(&idtable[i].idlist); | 115 | TAILQ_INIT(&idtable[i].idlist); |
115 | idtable[i].nentries = 0; | 116 | idtable[i].nentries = 0; |
@@ -152,8 +153,8 @@ static void | |||
152 | process_request_identities(SocketEntry *e, int version) | 153 | process_request_identities(SocketEntry *e, int version) |
153 | { | 154 | { |
154 | Idtab *tab = idtab_lookup(version); | 155 | Idtab *tab = idtab_lookup(version); |
155 | Buffer msg; | ||
156 | Identity *id; | 156 | Identity *id; |
157 | Buffer msg; | ||
157 | 158 | ||
158 | buffer_init(&msg); | 159 | buffer_init(&msg); |
159 | buffer_put_char(&msg, (version == 1) ? | 160 | buffer_put_char(&msg, (version == 1) ? |
@@ -182,14 +183,14 @@ process_request_identities(SocketEntry *e, int version) | |||
182 | static void | 183 | static void |
183 | process_authentication_challenge1(SocketEntry *e) | 184 | process_authentication_challenge1(SocketEntry *e) |
184 | { | 185 | { |
185 | Identity *id; | 186 | u_char buf[32], mdbuf[16], session_id[16]; |
186 | Key *key; | 187 | u_int response_type; |
187 | BIGNUM *challenge; | 188 | BIGNUM *challenge; |
189 | Identity *id; | ||
188 | int i, len; | 190 | int i, len; |
189 | Buffer msg; | 191 | Buffer msg; |
190 | MD5_CTX md; | 192 | MD5_CTX md; |
191 | u_char buf[32], mdbuf[16], session_id[16]; | 193 | Key *key; |
192 | u_int response_type; | ||
193 | 194 | ||
194 | buffer_init(&msg); | 195 | buffer_init(&msg); |
195 | key = key_new(KEY_RSA1); | 196 | key = key_new(KEY_RSA1); |
@@ -251,13 +252,12 @@ send: | |||
251 | static void | 252 | static void |
252 | process_sign_request2(SocketEntry *e) | 253 | process_sign_request2(SocketEntry *e) |
253 | { | 254 | { |
254 | extern int datafellows; | ||
255 | Key *key; | ||
256 | u_char *blob, *data, *signature = NULL; | 255 | u_char *blob, *data, *signature = NULL; |
257 | u_int blen, dlen, slen = 0; | 256 | u_int blen, dlen, slen = 0; |
258 | int flags; | 257 | extern int datafellows; |
258 | int ok = -1, flags; | ||
259 | Buffer msg; | 259 | Buffer msg; |
260 | int ok = -1; | 260 | Key *key; |
261 | 261 | ||
262 | datafellows = 0; | 262 | datafellows = 0; |
263 | 263 | ||
@@ -296,11 +296,10 @@ process_sign_request2(SocketEntry *e) | |||
296 | static void | 296 | static void |
297 | process_remove_identity(SocketEntry *e, int version) | 297 | process_remove_identity(SocketEntry *e, int version) |
298 | { | 298 | { |
299 | u_int blen, bits; | ||
300 | int success = 0; | ||
299 | Key *key = NULL; | 301 | Key *key = NULL; |
300 | u_char *blob; | 302 | u_char *blob; |
301 | u_int blen; | ||
302 | u_int bits; | ||
303 | int success = 0; | ||
304 | 303 | ||
305 | switch (version) { | 304 | switch (version) { |
306 | case 1: | 305 | case 1: |
@@ -310,7 +309,7 @@ process_remove_identity(SocketEntry *e, int version) | |||
310 | buffer_get_bignum(&e->request, key->rsa->n); | 309 | buffer_get_bignum(&e->request, key->rsa->n); |
311 | 310 | ||
312 | if (bits != key_size(key)) | 311 | if (bits != key_size(key)) |
313 | log("Warning: identity keysize mismatch: actual %d, announced %d", | 312 | log("Warning: identity keysize mismatch: actual %u, announced %u", |
314 | key_size(key), bits); | 313 | key_size(key), bits); |
315 | break; | 314 | break; |
316 | case 2: | 315 | case 2: |
@@ -370,10 +369,10 @@ process_remove_all_identities(SocketEntry *e, int version) | |||
370 | static void | 369 | static void |
371 | reaper(void) | 370 | reaper(void) |
372 | { | 371 | { |
373 | Idtab *tab; | 372 | u_int now = time(NULL); |
374 | Identity *id, *nxt; | 373 | Identity *id, *nxt; |
375 | int version; | 374 | int version; |
376 | u_int now = time(NULL); | 375 | Idtab *tab; |
377 | 376 | ||
378 | for (version = 1; version < 3; version++) { | 377 | for (version = 1; version < 3; version++) { |
379 | tab = idtab_lookup(version); | 378 | tab = idtab_lookup(version); |
@@ -391,11 +390,10 @@ reaper(void) | |||
391 | static void | 390 | static void |
392 | process_add_identity(SocketEntry *e, int version) | 391 | process_add_identity(SocketEntry *e, int version) |
393 | { | 392 | { |
394 | Key *k = NULL; | ||
395 | char *type_name; | ||
396 | char *comment; | ||
397 | int type, success = 0, death = 0; | ||
398 | Idtab *tab = idtab_lookup(version); | 393 | Idtab *tab = idtab_lookup(version); |
394 | int type, success = 0, death = 0; | ||
395 | char *type_name, *comment; | ||
396 | Key *k = NULL; | ||
399 | 397 | ||
400 | switch (version) { | 398 | switch (version) { |
401 | case 1: | 399 | case 1: |
@@ -481,8 +479,8 @@ send: | |||
481 | static void | 479 | static void |
482 | process_lock_agent(SocketEntry *e, int lock) | 480 | process_lock_agent(SocketEntry *e, int lock) |
483 | { | 481 | { |
484 | char *passwd; | ||
485 | int success = 0; | 482 | int success = 0; |
483 | char *passwd; | ||
486 | 484 | ||
487 | passwd = buffer_get_string(&e->request, NULL); | 485 | passwd = buffer_get_string(&e->request, NULL); |
488 | if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { | 486 | if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { |
@@ -523,11 +521,11 @@ no_identities(SocketEntry *e, u_int type) | |||
523 | static void | 521 | static void |
524 | process_add_smartcard_key (SocketEntry *e) | 522 | process_add_smartcard_key (SocketEntry *e) |
525 | { | 523 | { |
526 | Identity *id; | ||
527 | Idtab *tab; | ||
528 | Key **keys, *k; | ||
529 | char *sc_reader_id = NULL, *pin; | 524 | char *sc_reader_id = NULL, *pin; |
530 | int i, version, success = 0; | 525 | int i, version, success = 0; |
526 | Key **keys, *k; | ||
527 | Identity *id; | ||
528 | Idtab *tab; | ||
531 | 529 | ||
532 | sc_reader_id = buffer_get_string(&e->request, NULL); | 530 | sc_reader_id = buffer_get_string(&e->request, NULL); |
533 | pin = buffer_get_string(&e->request, NULL); | 531 | pin = buffer_get_string(&e->request, NULL); |
@@ -566,11 +564,11 @@ send: | |||
566 | static void | 564 | static void |
567 | process_remove_smartcard_key(SocketEntry *e) | 565 | process_remove_smartcard_key(SocketEntry *e) |
568 | { | 566 | { |
569 | Identity *id; | ||
570 | Idtab *tab; | ||
571 | Key **keys, *k = NULL; | ||
572 | char *sc_reader_id = NULL, *pin; | 567 | char *sc_reader_id = NULL, *pin; |
573 | int i, version, success = 0; | 568 | int i, version, success = 0; |
569 | Key **keys, *k = NULL; | ||
570 | Identity *id; | ||
571 | Idtab *tab; | ||
574 | 572 | ||
575 | sc_reader_id = buffer_get_string(&e->request, NULL); | 573 | sc_reader_id = buffer_get_string(&e->request, NULL); |
576 | pin = buffer_get_string(&e->request, NULL); | 574 | pin = buffer_get_string(&e->request, NULL); |
@@ -608,8 +606,7 @@ send: | |||
608 | static void | 606 | static void |
609 | process_message(SocketEntry *e) | 607 | process_message(SocketEntry *e) |
610 | { | 608 | { |
611 | u_int msg_len; | 609 | u_int msg_len, type; |
612 | u_int type; | ||
613 | u_char *cp; | 610 | u_char *cp; |
614 | 611 | ||
615 | /* kill dead keys */ | 612 | /* kill dead keys */ |
@@ -622,6 +619,7 @@ process_message(SocketEntry *e) | |||
622 | if (msg_len > 256 * 1024) { | 619 | if (msg_len > 256 * 1024) { |
623 | shutdown(e->fd, SHUT_RDWR); | 620 | shutdown(e->fd, SHUT_RDWR); |
624 | close(e->fd); | 621 | close(e->fd); |
622 | e->fd = -1; | ||
625 | e->type = AUTH_UNUSED; | 623 | e->type = AUTH_UNUSED; |
626 | buffer_free(&e->input); | 624 | buffer_free(&e->input); |
627 | buffer_free(&e->output); | 625 | buffer_free(&e->output); |
@@ -717,6 +715,7 @@ static void | |||
717 | new_socket(sock_type type, int fd) | 715 | new_socket(sock_type type, int fd) |
718 | { | 716 | { |
719 | u_int i, old_alloc; | 717 | u_int i, old_alloc; |
718 | |||
720 | if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) | 719 | if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) |
721 | error("fcntl O_NONBLOCK: %s", strerror(errno)); | 720 | error("fcntl O_NONBLOCK: %s", strerror(errno)); |
722 | 721 | ||
@@ -801,11 +800,11 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, int *nallocp) | |||
801 | static void | 800 | static void |
802 | after_select(fd_set *readset, fd_set *writeset) | 801 | after_select(fd_set *readset, fd_set *writeset) |
803 | { | 802 | { |
804 | u_int i; | 803 | struct sockaddr_un sunaddr; |
805 | int len, sock; | ||
806 | socklen_t slen; | 804 | socklen_t slen; |
807 | char buf[1024]; | 805 | char buf[1024]; |
808 | struct sockaddr_un sunaddr; | 806 | int len, sock; |
807 | u_int i; | ||
809 | 808 | ||
810 | for (i = 0; i < sockets_alloc; i++) | 809 | for (i = 0; i < sockets_alloc; i++) |
811 | switch (sockets[i].type) { | 810 | switch (sockets[i].type) { |
@@ -839,6 +838,7 @@ after_select(fd_set *readset, fd_set *writeset) | |||
839 | if (len <= 0) { | 838 | if (len <= 0) { |
840 | shutdown(sockets[i].fd, SHUT_RDWR); | 839 | shutdown(sockets[i].fd, SHUT_RDWR); |
841 | close(sockets[i].fd); | 840 | close(sockets[i].fd); |
841 | sockets[i].fd = -1; | ||
842 | sockets[i].type = AUTH_UNUSED; | 842 | sockets[i].type = AUTH_UNUSED; |
843 | buffer_free(&sockets[i].input); | 843 | buffer_free(&sockets[i].input); |
844 | buffer_free(&sockets[i].output); | 844 | buffer_free(&sockets[i].output); |
@@ -858,6 +858,7 @@ after_select(fd_set *readset, fd_set *writeset) | |||
858 | if (len <= 0) { | 858 | if (len <= 0) { |
859 | shutdown(sockets[i].fd, SHUT_RDWR); | 859 | shutdown(sockets[i].fd, SHUT_RDWR); |
860 | close(sockets[i].fd); | 860 | close(sockets[i].fd); |
861 | sockets[i].fd = -1; | ||
861 | sockets[i].type = AUTH_UNUSED; | 862 | sockets[i].type = AUTH_UNUSED; |
862 | buffer_free(&sockets[i].input); | 863 | buffer_free(&sockets[i].input); |
863 | buffer_free(&sockets[i].output); | 864 | buffer_free(&sockets[i].output); |
@@ -928,6 +929,8 @@ int | |||
928 | main(int ac, char **av) | 929 | main(int ac, char **av) |
929 | { | 930 | { |
930 | int sock, c_flag = 0, d_flag = 0, k_flag = 0, s_flag = 0, ch, nalloc; | 931 | int sock, c_flag = 0, d_flag = 0, k_flag = 0, s_flag = 0, ch, nalloc; |
932 | char *shell, *format, *pidstr, *agentsocket = NULL; | ||
933 | fd_set *readsetp = NULL, *writesetp = NULL; | ||
931 | struct sockaddr_un sunaddr; | 934 | struct sockaddr_un sunaddr; |
932 | #ifdef HAVE_SETRLIMIT | 935 | #ifdef HAVE_SETRLIMIT |
933 | struct rlimit rlim; | 936 | struct rlimit rlim; |
@@ -935,12 +938,10 @@ main(int ac, char **av) | |||
935 | #ifdef HAVE_CYGWIN | 938 | #ifdef HAVE_CYGWIN |
936 | int prev_mask; | 939 | int prev_mask; |
937 | #endif | 940 | #endif |
938 | pid_t pid; | ||
939 | char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; | ||
940 | char *agentsocket = NULL; | ||
941 | extern int optind; | 941 | extern int optind; |
942 | extern char *optarg; | 942 | extern char *optarg; |
943 | fd_set *readsetp = NULL, *writesetp = NULL; | 943 | pid_t pid; |
944 | char pidstrbuf[1 + 3 * sizeof pid]; | ||
944 | 945 | ||
945 | SSLeay_add_all_algorithms(); | 946 | SSLeay_add_all_algorithms(); |
946 | 947 | ||
@@ -42,7 +42,7 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #include "includes.h" | 44 | #include "includes.h" |
45 | RCSID("$OpenBSD: sshd.c,v 1.249 2002/06/23 03:30:17 deraadt Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.250 2002/06/23 10:29:52 deraadt Exp $"); |
46 | 46 | ||
47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
@@ -219,6 +219,7 @@ static void | |||
219 | close_listen_socks(void) | 219 | close_listen_socks(void) |
220 | { | 220 | { |
221 | int i; | 221 | int i; |
222 | |||
222 | for (i = 0; i < num_listen_socks; i++) | 223 | for (i = 0; i < num_listen_socks; i++) |
223 | close(listen_socks[i]); | 224 | close(listen_socks[i]); |
224 | num_listen_socks = -1; | 225 | num_listen_socks = -1; |
@@ -228,6 +229,7 @@ static void | |||
228 | close_startup_pipes(void) | 229 | close_startup_pipes(void) |
229 | { | 230 | { |
230 | int i; | 231 | int i; |
232 | |||
231 | if (startup_pipes) | 233 | if (startup_pipes) |
232 | for (i = 0; i < options.max_startups; i++) | 234 | for (i = 0; i < options.max_startups; i++) |
233 | if (startup_pipes[i] != -1) | 235 | if (startup_pipes[i] != -1) |
@@ -260,7 +262,8 @@ sighup_restart(void) | |||
260 | close_listen_socks(); | 262 | close_listen_socks(); |
261 | close_startup_pipes(); | 263 | close_startup_pipes(); |
262 | execv(saved_argv[0], saved_argv); | 264 | execv(saved_argv[0], saved_argv); |
263 | log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], strerror(errno)); | 265 | log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], |
266 | strerror(errno)); | ||
264 | exit(1); | 267 | exit(1); |
265 | } | 268 | } |
266 | 269 | ||
@@ -280,8 +283,8 @@ sigterm_handler(int sig) | |||
280 | static void | 283 | static void |
281 | main_sigchld_handler(int sig) | 284 | main_sigchld_handler(int sig) |
282 | { | 285 | { |
283 | pid_t pid; | ||
284 | int save_errno = errno; | 286 | int save_errno = errno; |
287 | pid_t pid; | ||
285 | int status; | 288 | int status; |
286 | 289 | ||
287 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || | 290 | while ((pid = waitpid(-1, &status, WNOHANG)) > 0 || |
@@ -341,6 +344,7 @@ static void | |||
341 | key_regeneration_alarm(int sig) | 344 | key_regeneration_alarm(int sig) |
342 | { | 345 | { |
343 | int save_errno = errno; | 346 | int save_errno = errno; |
347 | |||
344 | signal(SIGALRM, SIG_DFL); | 348 | signal(SIGALRM, SIG_DFL); |
345 | errno = save_errno; | 349 | errno = save_errno; |
346 | key_do_regen = 1; | 350 | key_do_regen = 1; |
@@ -526,8 +530,8 @@ static void | |||
526 | privsep_preauth_child(void) | 530 | privsep_preauth_child(void) |
527 | { | 531 | { |
528 | u_int32_t rand[256]; | 532 | u_int32_t rand[256]; |
529 | int i; | ||
530 | struct passwd *pw; | 533 | struct passwd *pw; |
534 | int i; | ||
531 | 535 | ||
532 | /* Enable challenge-response authentication for privilege separation */ | 536 | /* Enable challenge-response authentication for privilege separation */ |
533 | privsep_challenge_enable(); | 537 | privsep_challenge_enable(); |
@@ -683,6 +687,7 @@ Key * | |||
683 | get_hostkey_by_type(int type) | 687 | get_hostkey_by_type(int type) |
684 | { | 688 | { |
685 | int i; | 689 | int i; |
690 | |||
686 | for (i = 0; i < options.num_host_key_files; i++) { | 691 | for (i = 0; i < options.num_host_key_files; i++) { |
687 | Key *key = sensitive_data.host_keys[i]; | 692 | Key *key = sensitive_data.host_keys[i]; |
688 | if (key != NULL && key->type == type) | 693 | if (key != NULL && key->type == type) |
@@ -703,6 +708,7 @@ int | |||
703 | get_hostkey_index(Key *key) | 708 | get_hostkey_index(Key *key) |
704 | { | 709 | { |
705 | int i; | 710 | int i; |
711 | |||
706 | for (i = 0; i < options.num_host_key_files; i++) { | 712 | for (i = 0; i < options.num_host_key_files; i++) { |
707 | if (key == sensitive_data.host_keys[i]) | 713 | if (key == sensitive_data.host_keys[i]) |
708 | return (i); | 714 | return (i); |
@@ -991,11 +997,13 @@ main(int ac, char **av) | |||
991 | * hate software patents. I dont know if this can go? Niels | 997 | * hate software patents. I dont know if this can go? Niels |
992 | */ | 998 | */ |
993 | if (options.server_key_bits > | 999 | if (options.server_key_bits > |
994 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) - SSH_KEY_BITS_RESERVED && | 1000 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) - |
995 | options.server_key_bits < | 1001 | SSH_KEY_BITS_RESERVED && options.server_key_bits < |
996 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED) { | 1002 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + |
1003 | SSH_KEY_BITS_RESERVED) { | ||
997 | options.server_key_bits = | 1004 | options.server_key_bits = |
998 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + SSH_KEY_BITS_RESERVED; | 1005 | BN_num_bits(sensitive_data.ssh1_host_key->rsa->n) + |
1006 | SSH_KEY_BITS_RESERVED; | ||
999 | debug("Forcing server key to %d bits to make it differ from host key.", | 1007 | debug("Forcing server key to %d bits to make it differ from host key.", |
1000 | options.server_key_bits); | 1008 | options.server_key_bits); |
1001 | } | 1009 | } |