7 files changed, 56 insertions, 43 deletions
diff --git a/auth-passwd.c b/auth-passwd.c
index 6097fdd24..65f525184 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-passwd.c,v 1.46 2018/03/03 03:15:51 djm Exp $ */
+/* $OpenBSD: auth-passwd.c,v 1.47 2018/07/09 21:26:02 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -46,16 +46,17 @@
 #include <stdarg.h>
 #include "packet.h"
-#include "buffer.h"
+#include "sshbuf.h"
+#include "ssherr.h"
 #include "log.h"
 #include "misc.h"
 #include "servconf.h"
-#include "key.h"
+#include "sshkey.h"
 #include "hostfile.h"
 #include "auth.h"
 #include "auth-options.h"
-extern Buffer loginmsg;
+extern struct sshbuf *loginmsg;
 extern ServerOptions options;
 #ifdef HAVE_LOGIN_CAP
@@ -131,7 +132,7 @@ auth_password(struct ssh *ssh, const char *password)
 static void
 warn_expiry(Authctxt *authctxt, auth_session_t *as)
 {
-        char buf[256];
+        int r;
        quad_t pwtimeleft, actimeleft, daysleft, pwwarntime, acwarntime;
        pwwarntime = acwarntime = TWO_WEEKS;
@@ -148,17 +149,17 @@ warn_expiry(Authctxt *authctxt, auth_session_t *as)
 #endif
        if (pwtimeleft != 0 && pwtimeleft < pwwarntime) {
                daysleft = pwtimeleft / DAY + 1;
-                snprintf(buf, sizeof(buf),
+                if ((r = sshbuf_putf(loginmsg,
                    "Your password will expire in %lld day%s.\n",
-                    daysleft, daysleft == 1 ? "" : "s");
+                    daysleft, daysleft == 1 ? "" : "s")) != 0)
-                buffer_append(&loginmsg, buf, strlen(buf));
+                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
        }
        if (actimeleft != 0 && actimeleft < acwarntime) {
                daysleft = actimeleft / DAY + 1;
-                snprintf(buf, sizeof(buf),
+                if ((r = sshbuf_putf(loginmsg,
                    "Your account will expire in %lld day%s.\n",
-                    daysleft, daysleft == 1 ? "" : "s");
+                    daysleft, daysleft == 1 ? "" : "s")) != 0)
-                buffer_append(&loginmsg, buf, strlen(buf));
+                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
        }
 }
diff --git a/monitor.c b/monitor.c
index c68e1b0d9..44af5f489 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.180 2018/03/03 03:15:51 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.181 2018/07/09 21:26:02 markus Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -115,7 +115,7 @@ extern u_int utmp_len;
 extern u_char session_id[];
 extern Buffer auth_debug;
 extern int auth_debug_init;
-extern Buffer loginmsg;
+extern struct sshbuf *loginmsg;
 extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */
 /* State exported from the child */
@@ -1495,8 +1495,8 @@ mm_answer_pty(int sock, Buffer *m)
        close(0);
        /* send messages generated by record_login */
-        buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg));
+        buffer_put_string(m, buffer_ptr(loginmsg), buffer_len(loginmsg));
-        buffer_clear(&loginmsg);
+        buffer_clear(loginmsg);
        mm_request_send(sock, MONITOR_ANS_PTY, m);
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 012ab01a9..6bf041093 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.101 2018/07/09 13:37:10 sf Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.102 2018/07/09 21:26:02 markus Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -87,7 +87,7 @@
 extern z_stream incoming_stream;
 extern z_stream outgoing_stream;
 extern struct monitor *pmonitor;
-extern Buffer loginmsg;
+extern struct sshbuf *loginmsg;
 extern ServerOptions options;
 void
@@ -506,7 +506,7 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)
 {
        Buffer m;
        char *p, *msg;
-        int success = 0, tmp1 = -1, tmp2 = -1;
+        int success = 0, tmp1 = -1, tmp2 = -1, r;
        /* Kludge: ensure there are fds free to receive the pty/tty */
        if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 ||
@@ -540,7 +540,8 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)
        strlcpy(namebuf, p, namebuflen); /* Possible truncation */
        free(p);
-        buffer_append(&loginmsg, msg, strlen(msg));
+        if ((r = sshbuf_put(loginmsg, msg, strlen(msg))) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
        free(msg);
        if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 ||
diff --git a/servconf.h b/servconf.h
index 73327135b..557521d73 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.135 2018/07/03 10:59:35 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.136 2018/07/09 21:26:02 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -261,8 +261,8 @@ void	 fill_default_server_options(ServerOptions *);
 int      process_server_config_line(ServerOptions *, char *, const char *, int,
             int *, struct connection_info *);
 void     process_permitopen(struct ssh *ssh, ServerOptions *options);
-void     load_server_config(const char *, Buffer *);
+void     load_server_config(const char *, struct sshbuf *);
-void     parse_server_config(ServerOptions *, const char *, Buffer *,
+void     parse_server_config(ServerOptions *, const char *, struct sshbuf *,
             struct connection_info *);
 void     parse_server_match_config(ServerOptions *, struct connection_info *);
 int      parse_server_match_testspec(struct connection_info *, char *);
diff --git a/session.c b/session.c
index 882359025..2b46837dc 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.302 2018/07/09 21:20:26 markus Exp $ */
+/* $OpenBSD: session.c,v 1.303 2018/07/09 21:26:02 markus Exp $ */
 /*
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
@@ -69,7 +69,8 @@
 #include "ssh2.h"
 #include "sshpty.h"
 #include "packet.h"
-#include "buffer.h"
+#include "sshbuf.h"
+#include "ssherr.h"
 #include "match.h"
 #include "uidswap.h"
 #include "compat.h"
@@ -139,7 +140,7 @@ extern int debug_flag;
 extern u_int utmp_len;
 extern int startup_pipe;
 extern void destroy_sensitive_data(void);
-extern Buffer loginmsg;
+extern struct sshbuf *loginmsg;
 extern struct sshauthopt *auth_opts;
 char *tun_fwd_ifnames; /* serverloop.c */
@@ -248,11 +249,14 @@ auth_input_request_forwarding(struct ssh *ssh, struct passwd * pw)
 static void
 display_loginmsg(void)
 {
-        if (buffer_len(&loginmsg) > 0) {
+        int r;
-                buffer_append(&loginmsg, "\0", 1);
-                printf("%s", (char *)buffer_ptr(&loginmsg));
+        if (sshbuf_len(loginmsg) == 0)
-                buffer_clear(&loginmsg);
+                return;
-        }
+        if ((r = sshbuf_put_u8(loginmsg, 0)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
+        printf("%s", (char *)sshbuf_ptr(loginmsg));
+        sshbuf_reset(loginmsg);
 }
 static void
@@ -757,7 +761,7 @@ do_exec(struct ssh *ssh, Session *s, const char *command)
         * it to the user, otherwise multiple sessions may accumulate
         * multiple copies of the login messages.
         */
-        buffer_clear(&loginmsg);
+        sshbuf_reset(loginmsg);
        return ret;
 }
diff --git a/sshd.c b/sshd.c
index 4cfb72dd3..4777eb217 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.509 2018/07/03 11:39:54 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.510 2018/07/09 21:26:02 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -240,7 +240,7 @@ struct sshauthopt *auth_opts = NULL;
 Buffer cfg;
 /* message to be displayed after login */
-Buffer loginmsg;
+struct sshbuf *loginmsg;
 /* Unprivileged user */
 struct passwd *privsep_pw = NULL;
@@ -649,7 +649,7 @@ privsep_postauth(Authctxt *authctxt)
                fatal("fork of unprivileged child failed");
        else if (pmonitor->m_pid != 0) {
                verbose("User child is on pid %ld", (long)pmonitor->m_pid);
-                buffer_clear(&loginmsg);
+                sshbuf_reset(loginmsg);
                monitor_clear_keystate(pmonitor);
                monitor_child_postauth(pmonitor);
@@ -2119,7 +2119,8 @@ main(int ac, char **av)
                fatal("allocation failed");
        /* prepare buffer to collect messages to display to user after login */
-        buffer_init(&loginmsg);
+        if ((loginmsg = sshbuf_new()) == NULL)
+                fatal("%s: sshbuf_new failed", __func__);
        auth_debug_reset();
        if (use_privsep) {
diff --git a/sshlogin.c b/sshlogin.c
index cea3e7697..1b2ee5f85 100644
--- a/sshlogin.c
+++ b/sshlogin.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshlogin.c,v 1.32 2015/12/26 20:51:35 guenther Exp $ */
+/* $OpenBSD: sshlogin.c,v 1.33 2018/07/09 21:26:02 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -55,13 +55,15 @@
 #include <unistd.h>
 #include <limits.h>
+#include "sshlogin.h"
+#include "ssherr.h"
 #include "loginrec.h"
 #include "log.h"
-#include "buffer.h"
+#include "sshbuf.h"
 #include "misc.h"
 #include "servconf.h"
-extern Buffer loginmsg;
+extern struct sshbuf *loginmsg;
 extern ServerOptions options;
 /*
@@ -88,8 +90,9 @@ static void
 store_lastlog_message(const char *user, uid_t uid)
 {
 #ifndef NO_SSH_LASTLOG
-        char *time_string, hostname[HOST_NAME_MAX+1] = "", buf[512];
+        char *time_string, hostname[HOST_NAME_MAX+1] = "";
        time_t last_login_time;
+        int r;
        if (!options.print_lastlog)
                return;
@@ -97,7 +100,9 @@ store_lastlog_message(const char *user, uid_t uid)
 # ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
        time_string = sys_auth_get_lastlogin_msg(user, uid);
        if (time_string != NULL) {
-                buffer_append(&loginmsg, time_string, strlen(time_string));
+                if ((r = sshbuf_put(loginmsg,
+                    time_string, strlen(time_string))) != 0)
+                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
                free(time_string);
        }
 # else
@@ -108,12 +113,13 @@ store_lastlog_message(const char *user, uid_t uid)
                time_string = ctime(&last_login_time);
                time_string[strcspn(time_string, "\n")] = '\0';
                if (strcmp(hostname, "") == 0)
-                        snprintf(buf, sizeof(buf), "Last login: %s\r\n",
+                        r = sshbuf_putf(loginmsg, "Last login: %s\r\n",
                            time_string);
                else
-                        snprintf(buf, sizeof(buf), "Last login: %s from %s\r\n",
+                        r = sshbuf_putf(loginmsg, "Last login: %s from %s\r\n",
                            time_string, hostname);
-                buffer_append(&loginmsg, buf, strlen(buf));
+                if (r != 0)
+                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
        }
 # endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */
 #endif /* NO_SSH_LASTLOG */

diff --git a/auth-passwd.c b/auth-passwd.c index 6097fdd24..65f525184 100644 --- a/auth-passwd.c +++ b/auth-passwd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: auth-passwd.c,v 1.46 2018/03/03 03:15:51 djm Exp $ */	1	/* $OpenBSD: auth-passwd.c,v 1.47 2018/07/09 21:26:02 markus Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -46,16 +46,17 @@
46	#include <stdarg.h>	46	#include <stdarg.h>
47		47
48	#include "packet.h"	48	#include "packet.h"
49	#include "buffer.h"	49	#include "sshbuf.h"
		50	#include "ssherr.h"
50	#include "log.h"	51	#include "log.h"
51	#include "misc.h"	52	#include "misc.h"
52	#include "servconf.h"	53	#include "servconf.h"
53	#include "key.h"	54	#include "sshkey.h"
54	#include "hostfile.h"	55	#include "hostfile.h"
55	#include "auth.h"	56	#include "auth.h"
56	#include "auth-options.h"	57	#include "auth-options.h"
57		58
58	extern Buffer loginmsg;	59	extern struct sshbuf *loginmsg;
59	extern ServerOptions options;	60	extern ServerOptions options;
60		61
61	#ifdef HAVE_LOGIN_CAP	62	#ifdef HAVE_LOGIN_CAP
@@ -131,7 +132,7 @@ auth_password(struct ssh ssh, const char password)
131	static void	132	static void
132	warn_expiry(Authctxt authctxt, auth_session_t as)	133	warn_expiry(Authctxt authctxt, auth_session_t as)
133	{	134	{
134	char buf[256];	135	int r;
135	quad_t pwtimeleft, actimeleft, daysleft, pwwarntime, acwarntime;	136	quad_t pwtimeleft, actimeleft, daysleft, pwwarntime, acwarntime;
136		137
137	pwwarntime = acwarntime = TWO_WEEKS;	138	pwwarntime = acwarntime = TWO_WEEKS;
@@ -148,17 +149,17 @@ warn_expiry(Authctxt authctxt, auth_session_t as)
148	#endif	149	#endif
149	if (pwtimeleft != 0 && pwtimeleft < pwwarntime) {	150	if (pwtimeleft != 0 && pwtimeleft < pwwarntime) {
150	daysleft = pwtimeleft / DAY + 1;	151	daysleft = pwtimeleft / DAY + 1;
151	snprintf(buf, sizeof(buf),	152	if ((r = sshbuf_putf(loginmsg,
152	"Your password will expire in %lld day%s.\n",	153	"Your password will expire in %lld day%s.\n",
153	daysleft, daysleft == 1 ? "" : "s");	154	daysleft, daysleft == 1 ? "" : "s")) != 0)
154	buffer_append(&loginmsg, buf, strlen(buf));	155	fatal("%s: buffer error: %s", __func__, ssh_err(r));
155	}	156	}
156	if (actimeleft != 0 && actimeleft < acwarntime) {	157	if (actimeleft != 0 && actimeleft < acwarntime) {
157	daysleft = actimeleft / DAY + 1;	158	daysleft = actimeleft / DAY + 1;
158	snprintf(buf, sizeof(buf),	159	if ((r = sshbuf_putf(loginmsg,
159	"Your account will expire in %lld day%s.\n",	160	"Your account will expire in %lld day%s.\n",
160	daysleft, daysleft == 1 ? "" : "s");	161	daysleft, daysleft == 1 ? "" : "s")) != 0)
161	buffer_append(&loginmsg, buf, strlen(buf));	162	fatal("%s: buffer error: %s", __func__, ssh_err(r));
162	}	163	}
163	}	164	}
164		165


diff --git a/monitor.c b/monitor.c index c68e1b0d9..44af5f489 100644 --- a/monitor.c +++ b/monitor.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor.c,v 1.180 2018/03/03 03:15:51 djm Exp $ */	1	/* $OpenBSD: monitor.c,v 1.181 2018/07/09 21:26:02 markus Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -115,7 +115,7 @@ extern u_int utmp_len;
115	extern u_char session_id[];	115	extern u_char session_id[];
116	extern Buffer auth_debug;	116	extern Buffer auth_debug;
117	extern int auth_debug_init;	117	extern int auth_debug_init;
118	extern Buffer loginmsg;	118	extern struct sshbuf *loginmsg;
119	extern struct sshauthopt auth_opts; / XXX move to permanent ssh->authctxt? */	119	extern struct sshauthopt auth_opts; / XXX move to permanent ssh->authctxt? */
120		120
121	/* State exported from the child */	121	/* State exported from the child */
@@ -1495,8 +1495,8 @@ mm_answer_pty(int sock, Buffer *m)
1495	close(0);	1495	close(0);
1496		1496
1497	/* send messages generated by record_login */	1497	/* send messages generated by record_login */
1498	buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg));	1498	buffer_put_string(m, buffer_ptr(loginmsg), buffer_len(loginmsg));
1499	buffer_clear(&loginmsg);	1499	buffer_clear(loginmsg);
1500		1500
1501	mm_request_send(sock, MONITOR_ANS_PTY, m);	1501	mm_request_send(sock, MONITOR_ANS_PTY, m);
1502		1502


diff --git a/monitor_wrap.c b/monitor_wrap.c index 012ab01a9..6bf041093 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor_wrap.c,v 1.101 2018/07/09 13:37:10 sf Exp $ */	1	/* $OpenBSD: monitor_wrap.c,v 1.102 2018/07/09 21:26:02 markus Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -87,7 +87,7 @@
87	extern z_stream incoming_stream;	87	extern z_stream incoming_stream;
88	extern z_stream outgoing_stream;	88	extern z_stream outgoing_stream;
89	extern struct monitor *pmonitor;	89	extern struct monitor *pmonitor;
90	extern Buffer loginmsg;	90	extern struct sshbuf *loginmsg;
91	extern ServerOptions options;	91	extern ServerOptions options;
92		92
93	void	93	void
@@ -506,7 +506,7 @@ mm_pty_allocate(int ptyfd, int ttyfd, char *namebuf, size_t namebuflen)
506	{	506	{
507	Buffer m;	507	Buffer m;
508	char p, msg;	508	char p, msg;
509	int success = 0, tmp1 = -1, tmp2 = -1;	509	int success = 0, tmp1 = -1, tmp2 = -1, r;
510		510
511	/* Kludge: ensure there are fds free to receive the pty/tty */	511	/* Kludge: ensure there are fds free to receive the pty/tty */
512	if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 \|\|	512	if ((tmp1 = dup(pmonitor->m_recvfd)) == -1 \|\|
@@ -540,7 +540,8 @@ mm_pty_allocate(int ptyfd, int ttyfd, char *namebuf, size_t namebuflen)
540	strlcpy(namebuf, p, namebuflen); /* Possible truncation */	540	strlcpy(namebuf, p, namebuflen); /* Possible truncation */
541	free(p);	541	free(p);
542		542
543	buffer_append(&loginmsg, msg, strlen(msg));	543	if ((r = sshbuf_put(loginmsg, msg, strlen(msg))) != 0)
		544	fatal("%s: buffer error: %s", __func__, ssh_err(r));
544	free(msg);	545	free(msg);
545		546
546	if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 \|\|	547	if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 \|\|


diff --git a/servconf.h b/servconf.h index 73327135b..557521d73 100644 --- a/servconf.h +++ b/servconf.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: servconf.h,v 1.135 2018/07/03 10:59:35 djm Exp $ */	1	/* $OpenBSD: servconf.h,v 1.136 2018/07/09 21:26:02 markus Exp $ */
2		2
3	/*	3	/*
4	* Author: Tatu Ylonen <ylo@cs.hut.fi>	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -261,8 +261,8 @@ void fill_default_server_options(ServerOptions *);
261	int process_server_config_line(ServerOptions , char , const char *, int,	261	int process_server_config_line(ServerOptions , char , const char *, int,
262	int , struct connection_info );	262	int , struct connection_info );
263	void process_permitopen(struct ssh ssh, ServerOptions options);	263	void process_permitopen(struct ssh ssh, ServerOptions options);
264	void load_server_config(const char , Buffer );	264	void load_server_config(const char , struct sshbuf );
265	void parse_server_config(ServerOptions , const char , Buffer *,	265	void parse_server_config(ServerOptions , const char , struct sshbuf *,
266	struct connection_info *);	266	struct connection_info *);
267	void parse_server_match_config(ServerOptions , struct connection_info );	267	void parse_server_match_config(ServerOptions , struct connection_info );
268	int parse_server_match_testspec(struct connection_info , char );	268	int parse_server_match_testspec(struct connection_info , char );


diff --git a/session.c b/session.c index 882359025..2b46837dc 100644 --- a/session.c +++ b/session.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: session.c,v 1.302 2018/07/09 21:20:26 markus Exp $ */	1	/* $OpenBSD: session.c,v 1.303 2018/07/09 21:26:02 markus Exp $ */
2	/*	2	/*
3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4	* All rights reserved	4	* All rights reserved
@@ -69,7 +69,8 @@
69	#include "ssh2.h"	69	#include "ssh2.h"
70	#include "sshpty.h"	70	#include "sshpty.h"
71	#include "packet.h"	71	#include "packet.h"
72	#include "buffer.h"	72	#include "sshbuf.h"
		73	#include "ssherr.h"
73	#include "match.h"	74	#include "match.h"
74	#include "uidswap.h"	75	#include "uidswap.h"
75	#include "compat.h"	76	#include "compat.h"
@@ -139,7 +140,7 @@ extern int debug_flag;
139	extern u_int utmp_len;	140	extern u_int utmp_len;
140	extern int startup_pipe;	141	extern int startup_pipe;
141	extern void destroy_sensitive_data(void);	142	extern void destroy_sensitive_data(void);
142	extern Buffer loginmsg;	143	extern struct sshbuf *loginmsg;
143	extern struct sshauthopt *auth_opts;	144	extern struct sshauthopt *auth_opts;
144	char tun_fwd_ifnames; / serverloop.c */	145	char tun_fwd_ifnames; / serverloop.c */
145		146
@@ -248,11 +249,14 @@ auth_input_request_forwarding(struct ssh ssh, struct passwd pw)
248	static void	249	static void
249	display_loginmsg(void)	250	display_loginmsg(void)
250	{	251	{
251	if (buffer_len(&loginmsg) > 0) {	252	int r;
252	buffer_append(&loginmsg, "\0", 1);	253
253	printf("%s", (char *)buffer_ptr(&loginmsg));	254	if (sshbuf_len(loginmsg) == 0)
254	buffer_clear(&loginmsg);	255	return;
255	}	256	if ((r = sshbuf_put_u8(loginmsg, 0)) != 0)
		257	fatal("%s: buffer error: %s", __func__, ssh_err(r));
		258	printf("%s", (char *)sshbuf_ptr(loginmsg));
		259	sshbuf_reset(loginmsg);
256	}	260	}
257		261
258	static void	262	static void
@@ -757,7 +761,7 @@ do_exec(struct ssh ssh, Session s, const char *command)
757	* it to the user, otherwise multiple sessions may accumulate	761	* it to the user, otherwise multiple sessions may accumulate
758	* multiple copies of the login messages.	762	* multiple copies of the login messages.
759	*/	763	*/
760	buffer_clear(&loginmsg);	764	sshbuf_reset(loginmsg);
761		765
762	return ret;	766	return ret;
763	}	767	}


diff --git a/sshd.c b/sshd.c index 4cfb72dd3..4777eb217 100644 --- a/sshd.c +++ b/sshd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshd.c,v 1.509 2018/07/03 11:39:54 djm Exp $ */	1	/* $OpenBSD: sshd.c,v 1.510 2018/07/09 21:26:02 markus Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -240,7 +240,7 @@ struct sshauthopt *auth_opts = NULL;
240	Buffer cfg;	240	Buffer cfg;
241		241
242	/* message to be displayed after login */	242	/* message to be displayed after login */
243	Buffer loginmsg;	243	struct sshbuf *loginmsg;
244		244
245	/* Unprivileged user */	245	/* Unprivileged user */
246	struct passwd *privsep_pw = NULL;	246	struct passwd *privsep_pw = NULL;
@@ -649,7 +649,7 @@ privsep_postauth(Authctxt *authctxt)
649	fatal("fork of unprivileged child failed");	649	fatal("fork of unprivileged child failed");
650	else if (pmonitor->m_pid != 0) {	650	else if (pmonitor->m_pid != 0) {
651	verbose("User child is on pid %ld", (long)pmonitor->m_pid);	651	verbose("User child is on pid %ld", (long)pmonitor->m_pid);
652	buffer_clear(&loginmsg);	652	sshbuf_reset(loginmsg);
653	monitor_clear_keystate(pmonitor);	653	monitor_clear_keystate(pmonitor);
654	monitor_child_postauth(pmonitor);	654	monitor_child_postauth(pmonitor);
655		655
@@ -2119,7 +2119,8 @@ main(int ac, char **av)
2119	fatal("allocation failed");	2119	fatal("allocation failed");
2120		2120
2121	/* prepare buffer to collect messages to display to user after login */	2121	/* prepare buffer to collect messages to display to user after login */
2122	buffer_init(&loginmsg);	2122	if ((loginmsg = sshbuf_new()) == NULL)
		2123	fatal("%s: sshbuf_new failed", __func__);
2123	auth_debug_reset();	2124	auth_debug_reset();
2124		2125
2125	if (use_privsep) {	2126	if (use_privsep) {


diff --git a/sshlogin.c b/sshlogin.c index cea3e7697..1b2ee5f85 100644 --- a/sshlogin.c +++ b/sshlogin.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshlogin.c,v 1.32 2015/12/26 20:51:35 guenther Exp $ */	1	/* $OpenBSD: sshlogin.c,v 1.33 2018/07/09 21:26:02 markus Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -55,13 +55,15 @@
55	#include <unistd.h>	55	#include <unistd.h>
56	#include <limits.h>	56	#include <limits.h>
57		57
		58	#include "sshlogin.h"
		59	#include "ssherr.h"
58	#include "loginrec.h"	60	#include "loginrec.h"
59	#include "log.h"	61	#include "log.h"
60	#include "buffer.h"	62	#include "sshbuf.h"
61	#include "misc.h"	63	#include "misc.h"
62	#include "servconf.h"	64	#include "servconf.h"
63		65
64	extern Buffer loginmsg;	66	extern struct sshbuf *loginmsg;
65	extern ServerOptions options;	67	extern ServerOptions options;
66		68
67	/*	69	/*
@@ -88,8 +90,9 @@ static void
88	store_lastlog_message(const char *user, uid_t uid)	90	store_lastlog_message(const char *user, uid_t uid)
89	{	91	{
90	#ifndef NO_SSH_LASTLOG	92	#ifndef NO_SSH_LASTLOG
91	char *time_string, hostname[HOST_NAME_MAX+1] = "", buf[512];	93	char *time_string, hostname[HOST_NAME_MAX+1] = "";
92	time_t last_login_time;	94	time_t last_login_time;
		95	int r;
93		96
94	if (!options.print_lastlog)	97	if (!options.print_lastlog)
95	return;	98	return;
@@ -97,7 +100,9 @@ store_lastlog_message(const char *user, uid_t uid)
97	# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG	100	# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
98	time_string = sys_auth_get_lastlogin_msg(user, uid);	101	time_string = sys_auth_get_lastlogin_msg(user, uid);
99	if (time_string != NULL) {	102	if (time_string != NULL) {
100	buffer_append(&loginmsg, time_string, strlen(time_string));	103	if ((r = sshbuf_put(loginmsg,
		104	time_string, strlen(time_string))) != 0)
		105	fatal("%s: buffer error: %s", __func__, ssh_err(r));
101	free(time_string);	106	free(time_string);
102	}	107	}
103	# else	108	# else
@@ -108,12 +113,13 @@ store_lastlog_message(const char *user, uid_t uid)
108	time_string = ctime(&last_login_time);	113	time_string = ctime(&last_login_time);
109	time_string[strcspn(time_string, "\n")] = '\0';	114	time_string[strcspn(time_string, "\n")] = '\0';
110	if (strcmp(hostname, "") == 0)	115	if (strcmp(hostname, "") == 0)
111	snprintf(buf, sizeof(buf), "Last login: %s\r\n",	116	r = sshbuf_putf(loginmsg, "Last login: %s\r\n",
112	time_string);	117	time_string);
113	else	118	else
114	snprintf(buf, sizeof(buf), "Last login: %s from %s\r\n",	119	r = sshbuf_putf(loginmsg, "Last login: %s from %s\r\n",
115	time_string, hostname);	120	time_string, hostname);
116	buffer_append(&loginmsg, buf, strlen(buf));	121	if (r != 0)
		122	fatal("%s: buffer error: %s", __func__, ssh_err(r));
117	}	123	}
118	# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */	124	# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */
119	#endif /* NO_SSH_LASTLOG */	125	#endif /* NO_SSH_LASTLOG */