diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:31:17 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2013-06-02 07:31:17 +1000 |
| commit | a627d42e51ffa71e014d7b2d2c07118122fd3ec3 (patch) | |
| tree | 7bda769de81f509e28d800916fa20abd37906d79 /auth-options.c | |
| parent | c7aad0058c957afeb26a3f703e8cb0eddeb62365 (diff) | |
- djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
Diffstat (limited to 'auth-options.c')
| -rw-r--r-- | auth-options.c | 60 |
1 files changed, 30 insertions, 30 deletions
diff --git a/auth-options.c b/auth-options.c index 23d0423e1..a8d738ace 100644 --- a/auth-options.c +++ b/auth-options.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth-options.c,v 1.57 2012/12/02 20:46:11 djm Exp $ */ | 1 | /* $OpenBSD: auth-options.c,v 1.58 2013/05/17 00:13:13 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -72,15 +72,15 @@ auth_clear_options(void) | |||
| 72 | while (custom_environment) { | 72 | while (custom_environment) { |
| 73 | struct envstring *ce = custom_environment; | 73 | struct envstring *ce = custom_environment; |
| 74 | custom_environment = ce->next; | 74 | custom_environment = ce->next; |
| 75 | xfree(ce->s); | 75 | free(ce->s); |
| 76 | xfree(ce); | 76 | free(ce); |
| 77 | } | 77 | } |
| 78 | if (forced_command) { | 78 | if (forced_command) { |
| 79 | xfree(forced_command); | 79 | free(forced_command); |
| 80 | forced_command = NULL; | 80 | forced_command = NULL; |
| 81 | } | 81 | } |
| 82 | if (authorized_principals) { | 82 | if (authorized_principals) { |
| 83 | xfree(authorized_principals); | 83 | free(authorized_principals); |
| 84 | authorized_principals = NULL; | 84 | authorized_principals = NULL; |
| 85 | } | 85 | } |
| 86 | forced_tun_device = -1; | 86 | forced_tun_device = -1; |
| @@ -149,7 +149,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 149 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { | 149 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { |
| 150 | opts += strlen(cp); | 150 | opts += strlen(cp); |
| 151 | if (forced_command != NULL) | 151 | if (forced_command != NULL) |
| 152 | xfree(forced_command); | 152 | free(forced_command); |
| 153 | forced_command = xmalloc(strlen(opts) + 1); | 153 | forced_command = xmalloc(strlen(opts) + 1); |
| 154 | i = 0; | 154 | i = 0; |
| 155 | while (*opts) { | 155 | while (*opts) { |
| @@ -167,7 +167,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 167 | file, linenum); | 167 | file, linenum); |
| 168 | auth_debug_add("%.100s, line %lu: missing end quote", | 168 | auth_debug_add("%.100s, line %lu: missing end quote", |
| 169 | file, linenum); | 169 | file, linenum); |
| 170 | xfree(forced_command); | 170 | free(forced_command); |
| 171 | forced_command = NULL; | 171 | forced_command = NULL; |
| 172 | goto bad_option; | 172 | goto bad_option; |
| 173 | } | 173 | } |
| @@ -180,7 +180,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 180 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { | 180 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { |
| 181 | opts += strlen(cp); | 181 | opts += strlen(cp); |
| 182 | if (authorized_principals != NULL) | 182 | if (authorized_principals != NULL) |
| 183 | xfree(authorized_principals); | 183 | free(authorized_principals); |
| 184 | authorized_principals = xmalloc(strlen(opts) + 1); | 184 | authorized_principals = xmalloc(strlen(opts) + 1); |
| 185 | i = 0; | 185 | i = 0; |
| 186 | while (*opts) { | 186 | while (*opts) { |
| @@ -198,7 +198,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 198 | file, linenum); | 198 | file, linenum); |
| 199 | auth_debug_add("%.100s, line %lu: missing end quote", | 199 | auth_debug_add("%.100s, line %lu: missing end quote", |
| 200 | file, linenum); | 200 | file, linenum); |
| 201 | xfree(authorized_principals); | 201 | free(authorized_principals); |
| 202 | authorized_principals = NULL; | 202 | authorized_principals = NULL; |
| 203 | goto bad_option; | 203 | goto bad_option; |
| 204 | } | 204 | } |
| @@ -232,7 +232,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 232 | file, linenum); | 232 | file, linenum); |
| 233 | auth_debug_add("%.100s, line %lu: missing end quote", | 233 | auth_debug_add("%.100s, line %lu: missing end quote", |
| 234 | file, linenum); | 234 | file, linenum); |
| 235 | xfree(s); | 235 | free(s); |
| 236 | goto bad_option; | 236 | goto bad_option; |
| 237 | } | 237 | } |
| 238 | s[i] = '\0'; | 238 | s[i] = '\0'; |
| @@ -269,7 +269,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 269 | file, linenum); | 269 | file, linenum); |
| 270 | auth_debug_add("%.100s, line %lu: missing end quote", | 270 | auth_debug_add("%.100s, line %lu: missing end quote", |
| 271 | file, linenum); | 271 | file, linenum); |
| 272 | xfree(patterns); | 272 | free(patterns); |
| 273 | goto bad_option; | 273 | goto bad_option; |
| 274 | } | 274 | } |
| 275 | patterns[i] = '\0'; | 275 | patterns[i] = '\0'; |
| @@ -277,7 +277,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 277 | switch (match_host_and_ip(remote_host, remote_ip, | 277 | switch (match_host_and_ip(remote_host, remote_ip, |
| 278 | patterns)) { | 278 | patterns)) { |
| 279 | case 1: | 279 | case 1: |
| 280 | xfree(patterns); | 280 | free(patterns); |
| 281 | /* Host name matches. */ | 281 | /* Host name matches. */ |
| 282 | goto next_option; | 282 | goto next_option; |
| 283 | case -1: | 283 | case -1: |
| @@ -287,7 +287,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 287 | "invalid criteria", file, linenum); | 287 | "invalid criteria", file, linenum); |
| 288 | /* FALLTHROUGH */ | 288 | /* FALLTHROUGH */ |
| 289 | case 0: | 289 | case 0: |
| 290 | xfree(patterns); | 290 | free(patterns); |
| 291 | logit("Authentication tried for %.100s with " | 291 | logit("Authentication tried for %.100s with " |
| 292 | "correct key but not from a permitted " | 292 | "correct key but not from a permitted " |
| 293 | "host (host=%.200s, ip=%.200s).", | 293 | "host (host=%.200s, ip=%.200s).", |
| @@ -323,7 +323,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 323 | file, linenum); | 323 | file, linenum); |
| 324 | auth_debug_add("%.100s, line %lu: missing " | 324 | auth_debug_add("%.100s, line %lu: missing " |
| 325 | "end quote", file, linenum); | 325 | "end quote", file, linenum); |
| 326 | xfree(patterns); | 326 | free(patterns); |
| 327 | goto bad_option; | 327 | goto bad_option; |
| 328 | } | 328 | } |
| 329 | patterns[i] = '\0'; | 329 | patterns[i] = '\0'; |
| @@ -337,7 +337,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 337 | auth_debug_add("%.100s, line %lu: " | 337 | auth_debug_add("%.100s, line %lu: " |
| 338 | "Bad permitopen specification", file, | 338 | "Bad permitopen specification", file, |
| 339 | linenum); | 339 | linenum); |
| 340 | xfree(patterns); | 340 | free(patterns); |
| 341 | goto bad_option; | 341 | goto bad_option; |
| 342 | } | 342 | } |
| 343 | host = cleanhostname(host); | 343 | host = cleanhostname(host); |
| @@ -346,12 +346,12 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 346 | "<%.100s>", file, linenum, p ? p : ""); | 346 | "<%.100s>", file, linenum, p ? p : ""); |
| 347 | auth_debug_add("%.100s, line %lu: " | 347 | auth_debug_add("%.100s, line %lu: " |
| 348 | "Bad permitopen port", file, linenum); | 348 | "Bad permitopen port", file, linenum); |
| 349 | xfree(patterns); | 349 | free(patterns); |
| 350 | goto bad_option; | 350 | goto bad_option; |
| 351 | } | 351 | } |
| 352 | if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) | 352 | if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) |
| 353 | channel_add_permitted_opens(host, port); | 353 | channel_add_permitted_opens(host, port); |
| 354 | xfree(patterns); | 354 | free(patterns); |
| 355 | goto next_option; | 355 | goto next_option; |
| 356 | } | 356 | } |
| 357 | cp = "tunnel=\""; | 357 | cp = "tunnel=\""; |
| @@ -370,13 +370,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
| 370 | file, linenum); | 370 | file, linenum); |
| 371 | auth_debug_add("%.100s, line %lu: missing end quote", | 371 | auth_debug_add("%.100s, line %lu: missing end quote", |
| 372 | file, linenum); | 372 | file, linenum); |
| 373 | xfree(tun); | 373 | free(tun); |
| 374 | forced_tun_device = -1; | 374 | forced_tun_device = -1; |
| 375 | goto bad_option; | 375 | goto bad_option; |
| 376 | } | 376 | } |
| 377 | tun[i] = '\0'; | 377 | tun[i] = '\0'; |
| 378 | forced_tun_device = a2tun(tun, NULL); | 378 | forced_tun_device = a2tun(tun, NULL); |
| 379 | xfree(tun); | 379 | free(tun); |
| 380 | if (forced_tun_device == SSH_TUNID_ERR) { | 380 | if (forced_tun_device == SSH_TUNID_ERR) { |
| 381 | debug("%.100s, line %lu: invalid tun device", | 381 | debug("%.100s, line %lu: invalid tun device", |
| 382 | file, linenum); | 382 | file, linenum); |
| @@ -484,7 +484,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 484 | if (*cert_forced_command != NULL) { | 484 | if (*cert_forced_command != NULL) { |
| 485 | error("Certificate has multiple " | 485 | error("Certificate has multiple " |
| 486 | "force-command options"); | 486 | "force-command options"); |
| 487 | xfree(command); | 487 | free(command); |
| 488 | goto out; | 488 | goto out; |
| 489 | } | 489 | } |
| 490 | *cert_forced_command = command; | 490 | *cert_forced_command = command; |
| @@ -500,7 +500,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 500 | if ((*cert_source_address_done)++) { | 500 | if ((*cert_source_address_done)++) { |
| 501 | error("Certificate has multiple " | 501 | error("Certificate has multiple " |
| 502 | "source-address options"); | 502 | "source-address options"); |
| 503 | xfree(allowed); | 503 | free(allowed); |
| 504 | goto out; | 504 | goto out; |
| 505 | } | 505 | } |
| 506 | remote_ip = get_remote_ipaddr(); | 506 | remote_ip = get_remote_ipaddr(); |
| @@ -508,7 +508,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 508 | allowed)) { | 508 | allowed)) { |
| 509 | case 1: | 509 | case 1: |
| 510 | /* accepted */ | 510 | /* accepted */ |
| 511 | xfree(allowed); | 511 | free(allowed); |
| 512 | break; | 512 | break; |
| 513 | case 0: | 513 | case 0: |
| 514 | /* no match */ | 514 | /* no match */ |
| @@ -521,12 +521,12 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 521 | "is not permitted to use this " | 521 | "is not permitted to use this " |
| 522 | "certificate for login.", | 522 | "certificate for login.", |
| 523 | remote_ip); | 523 | remote_ip); |
| 524 | xfree(allowed); | 524 | free(allowed); |
| 525 | goto out; | 525 | goto out; |
| 526 | case -1: | 526 | case -1: |
| 527 | error("Certificate source-address " | 527 | error("Certificate source-address " |
| 528 | "contents invalid"); | 528 | "contents invalid"); |
| 529 | xfree(allowed); | 529 | free(allowed); |
| 530 | goto out; | 530 | goto out; |
| 531 | } | 531 | } |
| 532 | found = 1; | 532 | found = 1; |
| @@ -548,8 +548,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 548 | goto out; | 548 | goto out; |
| 549 | } | 549 | } |
| 550 | buffer_clear(&data); | 550 | buffer_clear(&data); |
| 551 | xfree(name); | 551 | free(name); |
| 552 | xfree(data_blob); | 552 | free(data_blob); |
| 553 | name = data_blob = NULL; | 553 | name = data_blob = NULL; |
| 554 | } | 554 | } |
| 555 | /* successfully parsed all options */ | 555 | /* successfully parsed all options */ |
| @@ -559,13 +559,13 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, | |||
| 559 | if (ret != 0 && | 559 | if (ret != 0 && |
| 560 | cert_forced_command != NULL && | 560 | cert_forced_command != NULL && |
| 561 | *cert_forced_command != NULL) { | 561 | *cert_forced_command != NULL) { |
| 562 | xfree(*cert_forced_command); | 562 | free(*cert_forced_command); |
| 563 | *cert_forced_command = NULL; | 563 | *cert_forced_command = NULL; |
| 564 | } | 564 | } |
| 565 | if (name != NULL) | 565 | if (name != NULL) |
| 566 | xfree(name); | 566 | free(name); |
| 567 | if (data_blob != NULL) | 567 | if (data_blob != NULL) |
| 568 | xfree(data_blob); | 568 | free(data_blob); |
| 569 | buffer_free(&data); | 569 | buffer_free(&data); |
| 570 | buffer_free(&c); | 570 | buffer_free(&c); |
| 571 | return ret; | 571 | return ret; |
| @@ -627,7 +627,7 @@ auth_cert_options(Key *k, struct passwd *pw) | |||
| 627 | /* CA-specified forced command supersedes key option */ | 627 | /* CA-specified forced command supersedes key option */ |
| 628 | if (cert_forced_command != NULL) { | 628 | if (cert_forced_command != NULL) { |
| 629 | if (forced_command != NULL) | 629 | if (forced_command != NULL) |
| 630 | xfree(forced_command); | 630 | free(forced_command); |
| 631 | forced_command = cert_forced_command; | 631 | forced_command = cert_forced_command; |
| 632 | } | 632 | } |
| 633 | return 0; | 633 | return 0; |