summaryrefslogtreecommitdiff
path: root/auth-options.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2013-06-02 07:31:17 +1000
committerDarren Tucker <dtucker@zip.com.au>2013-06-02 07:31:17 +1000
commita627d42e51ffa71e014d7b2d2c07118122fd3ec3 (patch)
tree7bda769de81f509e28d800916fa20abd37906d79 /auth-options.c
parentc7aad0058c957afeb26a3f703e8cb0eddeb62365 (diff)
- djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
Diffstat (limited to 'auth-options.c')
-rw-r--r--auth-options.c60
1 files changed, 30 insertions, 30 deletions
diff --git a/auth-options.c b/auth-options.c
index 23d0423e1..a8d738ace 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-options.c,v 1.57 2012/12/02 20:46:11 djm Exp $ */ 1/* $OpenBSD: auth-options.c,v 1.58 2013/05/17 00:13:13 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -72,15 +72,15 @@ auth_clear_options(void)
72 while (custom_environment) { 72 while (custom_environment) {
73 struct envstring *ce = custom_environment; 73 struct envstring *ce = custom_environment;
74 custom_environment = ce->next; 74 custom_environment = ce->next;
75 xfree(ce->s); 75 free(ce->s);
76 xfree(ce); 76 free(ce);
77 } 77 }
78 if (forced_command) { 78 if (forced_command) {
79 xfree(forced_command); 79 free(forced_command);
80 forced_command = NULL; 80 forced_command = NULL;
81 } 81 }
82 if (authorized_principals) { 82 if (authorized_principals) {
83 xfree(authorized_principals); 83 free(authorized_principals);
84 authorized_principals = NULL; 84 authorized_principals = NULL;
85 } 85 }
86 forced_tun_device = -1; 86 forced_tun_device = -1;
@@ -149,7 +149,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
149 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 149 if (strncasecmp(opts, cp, strlen(cp)) == 0) {
150 opts += strlen(cp); 150 opts += strlen(cp);
151 if (forced_command != NULL) 151 if (forced_command != NULL)
152 xfree(forced_command); 152 free(forced_command);
153 forced_command = xmalloc(strlen(opts) + 1); 153 forced_command = xmalloc(strlen(opts) + 1);
154 i = 0; 154 i = 0;
155 while (*opts) { 155 while (*opts) {
@@ -167,7 +167,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
167 file, linenum); 167 file, linenum);
168 auth_debug_add("%.100s, line %lu: missing end quote", 168 auth_debug_add("%.100s, line %lu: missing end quote",
169 file, linenum); 169 file, linenum);
170 xfree(forced_command); 170 free(forced_command);
171 forced_command = NULL; 171 forced_command = NULL;
172 goto bad_option; 172 goto bad_option;
173 } 173 }
@@ -180,7 +180,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
180 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 180 if (strncasecmp(opts, cp, strlen(cp)) == 0) {
181 opts += strlen(cp); 181 opts += strlen(cp);
182 if (authorized_principals != NULL) 182 if (authorized_principals != NULL)
183 xfree(authorized_principals); 183 free(authorized_principals);
184 authorized_principals = xmalloc(strlen(opts) + 1); 184 authorized_principals = xmalloc(strlen(opts) + 1);
185 i = 0; 185 i = 0;
186 while (*opts) { 186 while (*opts) {
@@ -198,7 +198,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
198 file, linenum); 198 file, linenum);
199 auth_debug_add("%.100s, line %lu: missing end quote", 199 auth_debug_add("%.100s, line %lu: missing end quote",
200 file, linenum); 200 file, linenum);
201 xfree(authorized_principals); 201 free(authorized_principals);
202 authorized_principals = NULL; 202 authorized_principals = NULL;
203 goto bad_option; 203 goto bad_option;
204 } 204 }
@@ -232,7 +232,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
232 file, linenum); 232 file, linenum);
233 auth_debug_add("%.100s, line %lu: missing end quote", 233 auth_debug_add("%.100s, line %lu: missing end quote",
234 file, linenum); 234 file, linenum);
235 xfree(s); 235 free(s);
236 goto bad_option; 236 goto bad_option;
237 } 237 }
238 s[i] = '\0'; 238 s[i] = '\0';
@@ -269,7 +269,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
269 file, linenum); 269 file, linenum);
270 auth_debug_add("%.100s, line %lu: missing end quote", 270 auth_debug_add("%.100s, line %lu: missing end quote",
271 file, linenum); 271 file, linenum);
272 xfree(patterns); 272 free(patterns);
273 goto bad_option; 273 goto bad_option;
274 } 274 }
275 patterns[i] = '\0'; 275 patterns[i] = '\0';
@@ -277,7 +277,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
277 switch (match_host_and_ip(remote_host, remote_ip, 277 switch (match_host_and_ip(remote_host, remote_ip,
278 patterns)) { 278 patterns)) {
279 case 1: 279 case 1:
280 xfree(patterns); 280 free(patterns);
281 /* Host name matches. */ 281 /* Host name matches. */
282 goto next_option; 282 goto next_option;
283 case -1: 283 case -1:
@@ -287,7 +287,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
287 "invalid criteria", file, linenum); 287 "invalid criteria", file, linenum);
288 /* FALLTHROUGH */ 288 /* FALLTHROUGH */
289 case 0: 289 case 0:
290 xfree(patterns); 290 free(patterns);
291 logit("Authentication tried for %.100s with " 291 logit("Authentication tried for %.100s with "
292 "correct key but not from a permitted " 292 "correct key but not from a permitted "
293 "host (host=%.200s, ip=%.200s).", 293 "host (host=%.200s, ip=%.200s).",
@@ -323,7 +323,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
323 file, linenum); 323 file, linenum);
324 auth_debug_add("%.100s, line %lu: missing " 324 auth_debug_add("%.100s, line %lu: missing "
325 "end quote", file, linenum); 325 "end quote", file, linenum);
326 xfree(patterns); 326 free(patterns);
327 goto bad_option; 327 goto bad_option;
328 } 328 }
329 patterns[i] = '\0'; 329 patterns[i] = '\0';
@@ -337,7 +337,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
337 auth_debug_add("%.100s, line %lu: " 337 auth_debug_add("%.100s, line %lu: "
338 "Bad permitopen specification", file, 338 "Bad permitopen specification", file,
339 linenum); 339 linenum);
340 xfree(patterns); 340 free(patterns);
341 goto bad_option; 341 goto bad_option;
342 } 342 }
343 host = cleanhostname(host); 343 host = cleanhostname(host);
@@ -346,12 +346,12 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
346 "<%.100s>", file, linenum, p ? p : ""); 346 "<%.100s>", file, linenum, p ? p : "");
347 auth_debug_add("%.100s, line %lu: " 347 auth_debug_add("%.100s, line %lu: "
348 "Bad permitopen port", file, linenum); 348 "Bad permitopen port", file, linenum);
349 xfree(patterns); 349 free(patterns);
350 goto bad_option; 350 goto bad_option;
351 } 351 }
352 if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) 352 if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0)
353 channel_add_permitted_opens(host, port); 353 channel_add_permitted_opens(host, port);
354 xfree(patterns); 354 free(patterns);
355 goto next_option; 355 goto next_option;
356 } 356 }
357 cp = "tunnel=\""; 357 cp = "tunnel=\"";
@@ -370,13 +370,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
370 file, linenum); 370 file, linenum);
371 auth_debug_add("%.100s, line %lu: missing end quote", 371 auth_debug_add("%.100s, line %lu: missing end quote",
372 file, linenum); 372 file, linenum);
373 xfree(tun); 373 free(tun);
374 forced_tun_device = -1; 374 forced_tun_device = -1;
375 goto bad_option; 375 goto bad_option;
376 } 376 }
377 tun[i] = '\0'; 377 tun[i] = '\0';
378 forced_tun_device = a2tun(tun, NULL); 378 forced_tun_device = a2tun(tun, NULL);
379 xfree(tun); 379 free(tun);
380 if (forced_tun_device == SSH_TUNID_ERR) { 380 if (forced_tun_device == SSH_TUNID_ERR) {
381 debug("%.100s, line %lu: invalid tun device", 381 debug("%.100s, line %lu: invalid tun device",
382 file, linenum); 382 file, linenum);
@@ -484,7 +484,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
484 if (*cert_forced_command != NULL) { 484 if (*cert_forced_command != NULL) {
485 error("Certificate has multiple " 485 error("Certificate has multiple "
486 "force-command options"); 486 "force-command options");
487 xfree(command); 487 free(command);
488 goto out; 488 goto out;
489 } 489 }
490 *cert_forced_command = command; 490 *cert_forced_command = command;
@@ -500,7 +500,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
500 if ((*cert_source_address_done)++) { 500 if ((*cert_source_address_done)++) {
501 error("Certificate has multiple " 501 error("Certificate has multiple "
502 "source-address options"); 502 "source-address options");
503 xfree(allowed); 503 free(allowed);
504 goto out; 504 goto out;
505 } 505 }
506 remote_ip = get_remote_ipaddr(); 506 remote_ip = get_remote_ipaddr();
@@ -508,7 +508,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
508 allowed)) { 508 allowed)) {
509 case 1: 509 case 1:
510 /* accepted */ 510 /* accepted */
511 xfree(allowed); 511 free(allowed);
512 break; 512 break;
513 case 0: 513 case 0:
514 /* no match */ 514 /* no match */
@@ -521,12 +521,12 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
521 "is not permitted to use this " 521 "is not permitted to use this "
522 "certificate for login.", 522 "certificate for login.",
523 remote_ip); 523 remote_ip);
524 xfree(allowed); 524 free(allowed);
525 goto out; 525 goto out;
526 case -1: 526 case -1:
527 error("Certificate source-address " 527 error("Certificate source-address "
528 "contents invalid"); 528 "contents invalid");
529 xfree(allowed); 529 free(allowed);
530 goto out; 530 goto out;
531 } 531 }
532 found = 1; 532 found = 1;
@@ -548,8 +548,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
548 goto out; 548 goto out;
549 } 549 }
550 buffer_clear(&data); 550 buffer_clear(&data);
551 xfree(name); 551 free(name);
552 xfree(data_blob); 552 free(data_blob);
553 name = data_blob = NULL; 553 name = data_blob = NULL;
554 } 554 }
555 /* successfully parsed all options */ 555 /* successfully parsed all options */
@@ -559,13 +559,13 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
559 if (ret != 0 && 559 if (ret != 0 &&
560 cert_forced_command != NULL && 560 cert_forced_command != NULL &&
561 *cert_forced_command != NULL) { 561 *cert_forced_command != NULL) {
562 xfree(*cert_forced_command); 562 free(*cert_forced_command);
563 *cert_forced_command = NULL; 563 *cert_forced_command = NULL;
564 } 564 }
565 if (name != NULL) 565 if (name != NULL)
566 xfree(name); 566 free(name);
567 if (data_blob != NULL) 567 if (data_blob != NULL)
568 xfree(data_blob); 568 free(data_blob);
569 buffer_free(&data); 569 buffer_free(&data);
570 buffer_free(&c); 570 buffer_free(&c);
571 return ret; 571 return ret;
@@ -627,7 +627,7 @@ auth_cert_options(Key *k, struct passwd *pw)
627 /* CA-specified forced command supersedes key option */ 627 /* CA-specified forced command supersedes key option */
628 if (cert_forced_command != NULL) { 628 if (cert_forced_command != NULL) {
629 if (forced_command != NULL) 629 if (forced_command != NULL)
630 xfree(forced_command); 630 free(forced_command);
631 forced_command = cert_forced_command; 631 forced_command = cert_forced_command;
632 } 632 }
633 return 0; 633 return 0;