* New upstream release (http://www.openssh.com/txt/release-5.6):

- Added a ControlPersist option to ssh_config(5) that automatically starts a background ssh(1) multiplex master when connecting. This connection can stay alive indefinitely, or can be set to automatically close after a user-specified duration of inactivity (closes: #335697, #350898, #454787, #500573, #550262). - Support AuthorizedKeysFile, AuthorizedPrincipalsFile, HostbasedUsesNameFromPacketOnly, and PermitTunnel in sshd_config(5) Match blocks (closes: #549858). - sftp(1): fix ls in working directories that contain globbing characters in their pathnames (LP: #530714).
author: Colin Watson <cjwatson@debian.org> 2010-08-23 23:52:36 +0100
committer: Colin Watson <cjwatson@debian.org> 2010-08-23 23:52:36 +0100
commit: 78799892cb1858927be02be9737c594052e3f910 (patch)
tree: ac3dc2e848ab9dc62fe4252e01e52c3d456f628f /monitor.c
parent: 3875951bb76a9ec62634ae4026c9cc885d933477 (diff)
parent: 31e30b835fd9695d3b6647cab4867001b092e28f (diff)
1 files changed, 10 insertions, 10 deletions
diff --git a/monitor.c b/monitor.c
index a1f4a2e05..f30f7d591 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.106 2010/03/07 11:57:13 dtucker Exp $ */
+/* $OpenBSD: monitor.c,v 1.108 2010/07/13 23:13:16 djm Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -537,7 +537,7 @@ monitor_allowed_key(u_char *blob, u_int bloblen)
 {
        /* make sure key is allowed */
        if (key_blob == NULL || key_bloblen != bloblen ||
-            memcmp(key_blob, blob, key_bloblen))
+            timingsafe_bcmp(key_blob, blob, key_bloblen))
                return (0);
        return (1);
 }
@@ -965,8 +965,8 @@ mm_answer_pam_init_ctx(int sock, Buffer *m)
 int
 mm_answer_pam_query(int sock, Buffer *m)
 {
-        char *name, *info, **prompts;
+        char *name = NULL, *info = NULL, **prompts = NULL;
-        u_int i, num, *echo_on;
+        u_int i, num = 0, *echo_on = 0;
        int ret;
        debug3("%s", __func__);
@@ -1146,14 +1146,14 @@ monitor_valid_userblob(u_char *data, u_int datalen)
                len = buffer_len(&b);
                if ((session_id2 == NULL) ||
                    (len < session_id2_len) ||
-                    (memcmp(p, session_id2, session_id2_len) != 0))
+                    (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
                        fail++;
                buffer_consume(&b, session_id2_len);
        } else {
                p = buffer_get_string(&b, &len);
                if ((session_id2 == NULL) ||
                    (len != session_id2_len) ||
-                    (memcmp(p, session_id2, session_id2_len) != 0))
+                    (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
                        fail++;
                xfree(p);
        }
@@ -1201,7 +1201,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
        p = buffer_get_string(&b, &len);
        if ((session_id2 == NULL) ||
            (len != session_id2_len) ||
-            (memcmp(p, session_id2, session_id2_len) != 0))
+            (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
                fail++;
        xfree(p);
@@ -1725,9 +1725,9 @@ mm_get_kex(Buffer *m)
        kex = xcalloc(1, sizeof(*kex));
        kex->session_id = buffer_get_string(m, &kex->session_id_len);
-        if ((session_id2 == NULL) ||
+        if (session_id2 == NULL ||
-            (kex->session_id_len != session_id2_len) ||
+            kex->session_id_len != session_id2_len ||
-            (memcmp(kex->session_id, session_id2, session_id2_len) != 0))
+            timingsafe_bcmp(kex->session_id, session_id2, session_id2_len) != 0)
                fatal("mm_get_get: internal error: bad session id");
        kex->we_need = buffer_get_int(m);
        kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
author	Colin Watson <cjwatson@debian.org>	2010-08-23 23:52:36 +0100
committer	Colin Watson <cjwatson@debian.org>	2010-08-23 23:52:36 +0100
commit	78799892cb1858927be02be9737c594052e3f910 (patch)
tree	ac3dc2e848ab9dc62fe4252e01e52c3d456f628f /monitor.c
parent	3875951bb76a9ec62634ae4026c9cc885d933477 (diff)
parent	31e30b835fd9695d3b6647cab4867001b092e28f (diff)

diff --git a/monitor.c b/monitor.c index a1f4a2e05..f30f7d591 100644 --- a/monitor.c +++ b/monitor.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor.c,v 1.106 2010/03/07 11:57:13 dtucker Exp $ */	1	/* $OpenBSD: monitor.c,v 1.108 2010/07/13 23:13:16 djm Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -537,7 +537,7 @@ monitor_allowed_key(u_char *blob, u_int bloblen)
537	{	537	{
538	/* make sure key is allowed */	538	/* make sure key is allowed */
539	if (key_blob == NULL \|\| key_bloblen != bloblen \|\|	539	if (key_blob == NULL \|\| key_bloblen != bloblen \|\|
540	memcmp(key_blob, blob, key_bloblen))	540	timingsafe_bcmp(key_blob, blob, key_bloblen))
541	return (0);	541	return (0);
542	return (1);	542	return (1);
543	}	543	}
@@ -965,8 +965,8 @@ mm_answer_pam_init_ctx(int sock, Buffer *m)
965	int	965	int
966	mm_answer_pam_query(int sock, Buffer *m)	966	mm_answer_pam_query(int sock, Buffer *m)
967	{	967	{
968	char name, info, **prompts;	968	char name = NULL, info = NULL, **prompts = NULL;
969	u_int i, num, *echo_on;	969	u_int i, num = 0, *echo_on = 0;
970	int ret;	970	int ret;
971		971
972	debug3("%s", __func__);	972	debug3("%s", __func__);
@@ -1146,14 +1146,14 @@ monitor_valid_userblob(u_char *data, u_int datalen)
1146	len = buffer_len(&b);	1146	len = buffer_len(&b);
1147	if ((session_id2 == NULL) \|\|	1147	if ((session_id2 == NULL) \|\|
1148	(len < session_id2_len) \|\|	1148	(len < session_id2_len) \|\|
1149	(memcmp(p, session_id2, session_id2_len) != 0))	1149	(timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1150	fail++;	1150	fail++;
1151	buffer_consume(&b, session_id2_len);	1151	buffer_consume(&b, session_id2_len);
1152	} else {	1152	} else {
1153	p = buffer_get_string(&b, &len);	1153	p = buffer_get_string(&b, &len);
1154	if ((session_id2 == NULL) \|\|	1154	if ((session_id2 == NULL) \|\|
1155	(len != session_id2_len) \|\|	1155	(len != session_id2_len) \|\|
1156	(memcmp(p, session_id2, session_id2_len) != 0))	1156	(timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1157	fail++;	1157	fail++;
1158	xfree(p);	1158	xfree(p);
1159	}	1159	}
@@ -1201,7 +1201,7 @@ monitor_valid_hostbasedblob(u_char data, u_int datalen, char cuser,
1201	p = buffer_get_string(&b, &len);	1201	p = buffer_get_string(&b, &len);
1202	if ((session_id2 == NULL) \|\|	1202	if ((session_id2 == NULL) \|\|
1203	(len != session_id2_len) \|\|	1203	(len != session_id2_len) \|\|
1204	(memcmp(p, session_id2, session_id2_len) != 0))	1204	(timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1205	fail++;	1205	fail++;
1206	xfree(p);	1206	xfree(p);
1207		1207
@@ -1725,9 +1725,9 @@ mm_get_kex(Buffer *m)
1725		1725
1726	kex = xcalloc(1, sizeof(*kex));	1726	kex = xcalloc(1, sizeof(*kex));
1727	kex->session_id = buffer_get_string(m, &kex->session_id_len);	1727	kex->session_id = buffer_get_string(m, &kex->session_id_len);
1728	if ((session_id2 == NULL) \|\|	1728	if (session_id2 == NULL \|\|
1729	(kex->session_id_len != session_id2_len) \|\|	1729	kex->session_id_len != session_id2_len \|\|
1730	(memcmp(kex->session_id, session_id2, session_id2_len) != 0))	1730	timingsafe_bcmp(kex->session_id, session_id2, session_id2_len) != 0)
1731	fatal("mm_get_get: internal error: bad session id");	1731	fatal("mm_get_get: internal error: bad session id");
1732	kex->we_need = buffer_get_int(m);	1732	kex->we_need = buffer_get_int(m);
1733	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;	1733	kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;