1 files changed, 30 insertions, 28 deletions
diff --git a/sshd.c b/sshd.c
index 4777eb217..81f694aec 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.510 2018/07/09 21:26:02 markus Exp $ */
+/* $OpenBSD: sshd.c,v 1.511 2018/07/09 21:29:36 markus Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -91,7 +91,7 @@
 #include "sshpty.h"
 #include "packet.h"
 #include "log.h"
-#include "buffer.h"
+#include "sshbuf.h"
 #include "misc.h"
 #include "match.h"
 #include "servconf.h"
@@ -237,7 +237,7 @@ Authctxt *the_authctxt = NULL;
 struct sshauthopt *auth_opts = NULL;
 /* sshd_config buffer */
-Buffer cfg;
+struct sshbuf *cfg;
 /* message to be displayed after login */
 struct sshbuf *loginmsg;
@@ -958,31 +958,33 @@ send_rexec_state(int fd, struct sshbuf *conf)
 }
 static void
-recv_rexec_state(int fd, Buffer *conf)
+recv_rexec_state(int fd, struct sshbuf *conf)
 {
-        Buffer m;
+        struct sshbuf *m;
-        char *cp;
+        u_char *cp, ver;
-        u_int len;
+        size_t len;
+        int r;
        debug3("%s: entering fd = %d", __func__, fd);
-        buffer_init(&m);
+        if ((m = sshbuf_new()) == NULL)
+                fatal("%s: sshbuf_new failed", __func__);
-        if (ssh_msg_recv(fd, &m) == -1)
+        if (ssh_msg_recv(fd, m) == -1)
                fatal("%s: ssh_msg_recv failed", __func__);
-        if (buffer_get_char(&m) != 0)
+        if ((r = sshbuf_get_u8(m, &ver)) != 0)
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
+        if (ver != 0)
                fatal("%s: rexec version mismatch", __func__);
+        if ((r = sshbuf_get_string(m, &cp, &len)) != 0)
-        cp = buffer_get_string(&m, &len);
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
-        if (conf != NULL)
+        if (conf != NULL && (r = sshbuf_put(conf, cp, len)))
-                buffer_append(conf, cp, len);
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
-        free(cp);
 #if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY)
-        rexec_recv_rng_seed(&m);
+        rexec_recv_rng_seed(m);
 #endif
-        buffer_free(&m);
+        free(cp);
+        sshbuf_free(m);
        debug3("%s: done", __func__);
 }
@@ -1263,8 +1265,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                                startup_pipe = -1;
                                pid = getpid();
                                if (rexec_flag) {
-                                        send_rexec_state(config_s[0],
+                                        send_rexec_state(config_s[0], cfg);
-                                            &cfg);
                                        close(config_s[0]);
                                }
                                break;
@@ -1310,7 +1311,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                        close(startup_p[1]);
                        if (rexec_flag) {
-                                send_rexec_state(config_s[0], &cfg);
+                                send_rexec_state(config_s[0], cfg);
                                close(config_s[0]);
                                close(config_s[1]);
                        }
@@ -1662,14 +1663,15 @@ main(int ac, char **av)
                   "test mode (-T)");
        /* Fetch our configuration */
-        buffer_init(&cfg);
+        if ((cfg = sshbuf_new()) == NULL)
+                fatal("%s: sshbuf_new failed", __func__);
        if (rexeced_flag)
-                recv_rexec_state(REEXEC_CONFIG_PASS_FD, &cfg);
+                recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg);
        else if (strcasecmp(config_file_name, "none") != 0)
-                load_server_config(config_file_name, &cfg);
+                load_server_config(config_file_name, cfg);
        parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
-            &cfg, NULL);
+            cfg, NULL);
        seed_rng();
@@ -1770,7 +1772,7 @@ main(int ac, char **av)
                        keytype = pubkey->type;
                } else if (key != NULL) {
                        keytype = key->type;
-                        accumulate_host_timing_secret(&cfg, key);
+                        accumulate_host_timing_secret(cfg, key);
                } else {
                        error("Could not load host key: %s",
                            options.host_key_files[i]);
@@ -1796,7 +1798,7 @@ main(int ac, char **av)
                    key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp);
                free(fp);
        }
-        accumulate_host_timing_secret(&cfg, NULL);
+        accumulate_host_timing_secret(cfg, NULL);
        if (!sensitive_data.have_ssh2_key) {
                logit("sshd: no hostkeys available -- exiting.");
                exit(1);

diff --git a/sshd.c b/sshd.c index 4777eb217..81f694aec 100644 --- a/sshd.c +++ b/sshd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshd.c,v 1.510 2018/07/09 21:26:02 markus Exp $ */	1	/* $OpenBSD: sshd.c,v 1.511 2018/07/09 21:29:36 markus Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -91,7 +91,7 @@
91	#include "sshpty.h"	91	#include "sshpty.h"
92	#include "packet.h"	92	#include "packet.h"
93	#include "log.h"	93	#include "log.h"
94	#include "buffer.h"	94	#include "sshbuf.h"
95	#include "misc.h"	95	#include "misc.h"
96	#include "match.h"	96	#include "match.h"
97	#include "servconf.h"	97	#include "servconf.h"
@@ -237,7 +237,7 @@ Authctxt *the_authctxt = NULL;
237	struct sshauthopt *auth_opts = NULL;	237	struct sshauthopt *auth_opts = NULL;
238		238
239	/* sshd_config buffer */	239	/* sshd_config buffer */
240	Buffer cfg;	240	struct sshbuf *cfg;
241		241
242	/* message to be displayed after login */	242	/* message to be displayed after login */
243	struct sshbuf *loginmsg;	243	struct sshbuf *loginmsg;
@@ -958,31 +958,33 @@ send_rexec_state(int fd, struct sshbuf *conf)
958	}	958	}
959		959
960	static void	960	static void
961	recv_rexec_state(int fd, Buffer *conf)	961	recv_rexec_state(int fd, struct sshbuf *conf)
962	{	962	{
963	Buffer m;	963	struct sshbuf *m;
964	char *cp;	964	u_char *cp, ver;
965	u_int len;	965	size_t len;
		966	int r;
966		967
967	debug3("%s: entering fd = %d", __func__, fd);	968	debug3("%s: entering fd = %d", __func__, fd);
968		969
969	buffer_init(&m);	970	if ((m = sshbuf_new()) == NULL)
970		971	fatal("%s: sshbuf_new failed", __func__);
971	if (ssh_msg_recv(fd, &m) == -1)	972	if (ssh_msg_recv(fd, m) == -1)
972	fatal("%s: ssh_msg_recv failed", __func__);	973	fatal("%s: ssh_msg_recv failed", __func__);
973	if (buffer_get_char(&m) != 0)	974	if ((r = sshbuf_get_u8(m, &ver)) != 0)
		975	fatal("%s: buffer error: %s", __func__, ssh_err(r));
		976	if (ver != 0)
974	fatal("%s: rexec version mismatch", __func__);	977	fatal("%s: rexec version mismatch", __func__);
975		978	if ((r = sshbuf_get_string(m, &cp, &len)) != 0)
976	cp = buffer_get_string(&m, &len);	979	fatal("%s: buffer error: %s", __func__, ssh_err(r));
977	if (conf != NULL)	980	if (conf != NULL && (r = sshbuf_put(conf, cp, len)))
978	buffer_append(conf, cp, len);	981	fatal("%s: buffer error: %s", __func__, ssh_err(r));
979	free(cp);
980
981	#if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY)	982	#if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY)
982	rexec_recv_rng_seed(&m);	983	rexec_recv_rng_seed(m);
983	#endif	984	#endif
984		985
985	buffer_free(&m);	986	free(cp);
		987	sshbuf_free(m);
986		988
987	debug3("%s: done", __func__);	989	debug3("%s: done", __func__);
988	}	990	}
@@ -1263,8 +1265,7 @@ server_accept_loop(int sock_in, int sock_out, int newsock, int config_s)
1263	startup_pipe = -1;	1265	startup_pipe = -1;
1264	pid = getpid();	1266	pid = getpid();
1265	if (rexec_flag) {	1267	if (rexec_flag) {
1266	send_rexec_state(config_s[0],	1268	send_rexec_state(config_s[0], cfg);
1267	&cfg);
1268	close(config_s[0]);	1269	close(config_s[0]);
1269	}	1270	}
1270	break;	1271	break;
@@ -1310,7 +1311,7 @@ server_accept_loop(int sock_in, int sock_out, int newsock, int config_s)
1310	close(startup_p[1]);	1311	close(startup_p[1]);
1311		1312
1312	if (rexec_flag) {	1313	if (rexec_flag) {
1313	send_rexec_state(config_s[0], &cfg);	1314	send_rexec_state(config_s[0], cfg);
1314	close(config_s[0]);	1315	close(config_s[0]);
1315	close(config_s[1]);	1316	close(config_s[1]);
1316	}	1317	}
@@ -1662,14 +1663,15 @@ main(int ac, char **av)
1662	"test mode (-T)");	1663	"test mode (-T)");
1663		1664
1664	/* Fetch our configuration */	1665	/* Fetch our configuration */
1665	buffer_init(&cfg);	1666	if ((cfg = sshbuf_new()) == NULL)
		1667	fatal("%s: sshbuf_new failed", __func__);
1666	if (rexeced_flag)	1668	if (rexeced_flag)
1667	recv_rexec_state(REEXEC_CONFIG_PASS_FD, &cfg);	1669	recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg);
1668	else if (strcasecmp(config_file_name, "none") != 0)	1670	else if (strcasecmp(config_file_name, "none") != 0)
1669	load_server_config(config_file_name, &cfg);	1671	load_server_config(config_file_name, cfg);
1670		1672
1671	parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,	1673	parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
1672	&cfg, NULL);	1674	cfg, NULL);
1673		1675
1674	seed_rng();	1676	seed_rng();
1675		1677
@@ -1770,7 +1772,7 @@ main(int ac, char **av)
1770	keytype = pubkey->type;	1772	keytype = pubkey->type;
1771	} else if (key != NULL) {	1773	} else if (key != NULL) {
1772	keytype = key->type;	1774	keytype = key->type;
1773	accumulate_host_timing_secret(&cfg, key);	1775	accumulate_host_timing_secret(cfg, key);
1774	} else {	1776	} else {
1775	error("Could not load host key: %s",	1777	error("Could not load host key: %s",
1776	options.host_key_files[i]);	1778	options.host_key_files[i]);
@@ -1796,7 +1798,7 @@ main(int ac, char **av)
1796	key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp);	1798	key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp);
1797	free(fp);	1799	free(fp);
1798	}	1800	}
1799	accumulate_host_timing_secret(&cfg, NULL);	1801	accumulate_host_timing_secret(cfg, NULL);
1800	if (!sensitive_data.have_ssh2_key) {	1802	if (!sensitive_data.have_ssh2_key) {
1801	logit("sshd: no hostkeys available -- exiting.");	1803	logit("sshd: no hostkeys available -- exiting.");
1802	exit(1);	1804	exit(1);