1 files changed, 19 insertions, 16 deletions
diff --git a/ssh.c b/ssh.c
index 86f143341..7b482dcb0 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.500 2019/01/19 21:43:56 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.507 2019/09/13 04:27:35 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -162,7 +162,7 @@ char *config = NULL;
 /*
 * Name of the host we are connecting to.  This is the name given on the
- * command line, or the HostName specified for the user-supplied name in a
+ * command line, or the Hostname specified for the user-supplied name in a
 * configuration file.
 */
 char *host;
@@ -236,7 +236,8 @@ resolve_host(const char *name, int port, int logerr, char *cname, size_t clen)
 {
        char strport[NI_MAXSERV];
        struct addrinfo hints, *res;
-        int gaierr, loglevel = SYSLOG_LEVEL_DEBUG1;
+        int gaierr;
+        LogLevel loglevel = SYSLOG_LEVEL_DEBUG1;
        if (port <= 0)
                port = default_ssh_port();
@@ -595,7 +596,6 @@ main(int ac, char **av)
        struct ssh_digest_ctx *md;
        u_char conn_hash[SSH_DIGEST_MAX_LENGTH];
-        ssh_malloc_init();      /* must be called before any mallocs */
        /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
        sanitise_stdfd();
@@ -775,7 +775,7 @@ main(int ac, char **av)
                        break;
                case 'i':
                        p = tilde_expand_filename(optarg, getuid());
-                        if (stat(p, &st) < 0)
+                        if (stat(p, &st) == -1)
                                fprintf(stderr, "Warning: Identity file %s "
                                    "not accessible: %s.\n", p,
                                    strerror(errno));
@@ -792,8 +792,11 @@ main(int ac, char **av)
 #endif
                        break;
                case 'J':
-                        if (options.jump_host != NULL)
+                        if (options.jump_host != NULL) {
-                                fatal("Only a single -J option permitted");
+                                fatal("Only a single -J option is permitted "
+                                    "(use commas to separate multiple "
+                                    "jump hops)");
+                        }
                        if (options.proxy_command != NULL)
                                fatal("Cannot specify -J with ProxyCommand");
                        if (parse_jump(optarg, &options, 1) == -1)
@@ -876,7 +879,7 @@ main(int ac, char **av)
                        }
                        break;
                case 'c':
-                        if (!ciphers_valid(*optarg == '+' ?
+                        if (!ciphers_valid(*optarg == '+' || *optarg == '^' ?
                            optarg + 1 : optarg)) {
                                fprintf(stderr, "Unknown cipher type '%s'\n",
                                    optarg);
@@ -1368,7 +1371,7 @@ main(int ac, char **av)
        timeout_ms = options.connection_timeout * 1000;
        /* Open a connection to the remote host. */
-        if (ssh_connect(ssh, host, addrs, &hostaddr, options.port,
+        if (ssh_connect(ssh, host_arg, host, addrs, &hostaddr, options.port,
            options.address_family, options.connection_attempts,
            &timeout_ms, options.tcp_keep_alive) != 0)
                exit(255);
@@ -1425,7 +1428,7 @@ main(int ac, char **av)
        if (config == NULL) {
                r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
                    strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
-                if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
+                if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) == -1) {
 #ifdef WITH_SELINUX
                        ssh_selinux_setfscreatecon(buf);
 #endif
@@ -1592,7 +1595,7 @@ fork_postauth(void)
                control_persist_detach();
        debug("forking to background");
        fork_after_authentication_flag = 0;
-        if (daemon(1, 1) < 0)
+        if (daemon(1, 1) == -1)
                fatal("daemon() failed: %.200s", strerror(errno));
 }
@@ -1688,8 +1691,8 @@ ssh_init_stdio_forwarding(struct ssh *ssh)
        debug3("%s: %s:%d", __func__, options.stdio_forward_host,
            options.stdio_forward_port);
-        if ((in = dup(STDIN_FILENO)) < 0 ||
+        if ((in = dup(STDIN_FILENO)) == -1 ||
-            (out = dup(STDOUT_FILENO)) < 0)
+            (out = dup(STDOUT_FILENO)) == -1)
                fatal("channel_connect_stdio_fwd: dup() in/out failed");
        if ((c = channel_connect_stdio_fwd(ssh, options.stdio_forward_host,
            options.stdio_forward_port, in, out)) == NULL)
@@ -1842,7 +1845,7 @@ ssh_session2_open(struct ssh *ssh)
        out = dup(STDOUT_FILENO);
        err = dup(STDERR_FILENO);
-        if (in < 0 || out < 0 || err < 0)
+        if (in == -1 || out == -1 || err == -1)
                fatal("dup() in/out/err failed");
        /* enable nonblocking unless tty */
@@ -1973,7 +1976,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
                if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1)
                        error("%s: open %s: %s", __func__,
                            _PATH_DEVNULL, strerror(errno));
-                if (dup2(devnull, STDOUT_FILENO) < 0)
+                if (dup2(devnull, STDOUT_FILENO) == -1)
                        fatal("%s: dup2() stdout failed", __func__);
                if (devnull > STDERR_FILENO)
                        close(devnull);
@@ -2160,7 +2163,7 @@ main_sigchld_handler(int sig)
        int status;
        while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
-            (pid < 0 && errno == EINTR))
+            (pid == -1 && errno == EINTR))
                ;
        errno = save_errno;
 }