From 2681cdb6e0de7c1af549dac37a9531af202b4434 Mon Sep 17 00:00:00 2001 From: "tim@openbsd.org" Date: Sun, 13 Sep 2015 13:48:19 +0000 Subject: upstream commit When adding keys to the agent, don't ignore the comment of keys for which the user is prompted for a passphrase. Tweak and OK djm@ Upstream-ID: dc737c620a5a8d282cc4f66e3b9b624e9abefbec --- ssh-add.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'ssh-add.c') diff --git a/ssh-add.c b/ssh-add.c index d6271d78e..c2be36d93 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.123 2015/07/03 03:43:18 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.124 2015/09/13 13:48:19 tim Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -93,7 +93,7 @@ static int lifetime = 0; /* User has to confirm key use */ static int confirm = 0; -/* we keep a cache of one passphrases */ +/* we keep a cache of one passphrase */ static char *pass = NULL; static void clear_pass(void) @@ -234,19 +234,17 @@ add_file(int agent_fd, const char *filename, int key_only) goto fail_load; } } - if (comment == NULL) - comment = xstrdup(filename); if (private == NULL) { /* clear passphrase since it did not work */ clear_pass(); - snprintf(msg, sizeof msg, "Enter passphrase for %.200s%s: ", - comment, confirm ? " (will confirm each use)" : ""); + snprintf(msg, sizeof msg, "Enter passphrase for %s%s: ", + filename, confirm ? " (will confirm each use)" : ""); for (;;) { pass = read_passphrase(msg, RP_ALLOW_STDIN); if (strcmp(pass, "") == 0) goto fail_load; if ((r = sshkey_parse_private_fileblob(keyblob, pass, - filename, &private, NULL)) == 0) + filename, &private, &comment)) == 0) break; else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) { fprintf(stderr, @@ -254,16 +252,17 @@ add_file(int agent_fd, const char *filename, int key_only) filename, ssh_err(r)); fail_load: clear_pass(); - free(comment); sshbuf_free(keyblob); return -1; } clear_pass(); snprintf(msg, sizeof msg, - "Bad passphrase, try again for %.200s%s: ", comment, + "Bad passphrase, try again for %s%s: ", filename, confirm ? " (will confirm each use)" : ""); } } + if (comment == NULL || *comment == '\0') + comment = xstrdup(filename); sshbuf_free(keyblob); if ((r = ssh_add_identity_constrained(agent_fd, private, comment, -- cgit v1.2.3 From 3c019a936b43f3e2773f3edbde7c114d73caaa4c Mon Sep 17 00:00:00 2001 From: "tim@openbsd.org" Date: Sun, 13 Sep 2015 14:39:16 +0000 Subject: upstream commit - Fix error message: passphrase needs to be at least 5 characters, not 4. - Remove unused function argument. - Remove two unnecessary variables. OK djm@ Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30 --- authfile.c | 6 +++--- ssh-add.c | 13 ++++++------- ssherr.c | 4 ++-- sshkey.c | 20 +++++++------------- sshkey.h | 5 ++--- 5 files changed, 20 insertions(+), 28 deletions(-) (limited to 'ssh-add.c') diff --git a/authfile.c b/authfile.c index 58f589a47..1907cb1cc 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.116 2015/07/09 09:49:46 markus Exp $ */ +/* $OpenBSD: authfile.c,v 1.117 2015/09/13 14:39:16 tim Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -272,8 +272,8 @@ sshkey_load_private(const char *filename, const char *passphrase, goto out; } if ((r = sshkey_load_file(fd, buffer)) != 0 || - (r = sshkey_parse_private_fileblob(buffer, passphrase, filename, - keyp, commentp)) != 0) + (r = sshkey_parse_private_fileblob(buffer, passphrase, keyp, + commentp)) != 0) goto out; r = 0; out: diff --git a/ssh-add.c b/ssh-add.c index c2be36d93..d8d6481f2 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.124 2015/09/13 13:48:19 tim Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.125 2015/09/13 14:39:16 tim Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -218,17 +218,16 @@ add_file(int agent_fd, const char *filename, int key_only) close(fd); /* At first, try empty passphrase */ - if ((r = sshkey_parse_private_fileblob(keyblob, "", filename, - &private, &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) { + if ((r = sshkey_parse_private_fileblob(keyblob, "", &private, + &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) { fprintf(stderr, "Error loading key \"%s\": %s\n", filename, ssh_err(r)); goto fail_load; } /* try last */ if (private == NULL && pass != NULL) { - if ((r = sshkey_parse_private_fileblob(keyblob, pass, filename, - &private, &comment)) != 0 && - r != SSH_ERR_KEY_WRONG_PASSPHRASE) { + if ((r = sshkey_parse_private_fileblob(keyblob, pass, &private, + &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) { fprintf(stderr, "Error loading key \"%s\": %s\n", filename, ssh_err(r)); goto fail_load; @@ -244,7 +243,7 @@ add_file(int agent_fd, const char *filename, int key_only) if (strcmp(pass, "") == 0) goto fail_load; if ((r = sshkey_parse_private_fileblob(keyblob, pass, - filename, &private, &comment)) == 0) + &private, &comment)) == 0) break; else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) { fprintf(stderr, diff --git a/ssherr.c b/ssherr.c index 4ca793992..680207063 100644 --- a/ssherr.c +++ b/ssherr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssherr.c,v 1.4 2015/02/16 22:13:32 djm Exp $ */ +/* $OpenBSD: ssherr.c,v 1.5 2015/09/13 14:39:16 tim Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -104,7 +104,7 @@ ssh_err(int n) case SSH_ERR_NEED_REKEY: return "rekeying not supported by peer"; case SSH_ERR_PASSPHRASE_TOO_SHORT: - return "passphrase is too short (minimum four characters)"; + return "passphrase is too short (minimum five characters)"; case SSH_ERR_FILE_CHANGED: return "file changed while reading"; case SSH_ERR_KEY_UNKNOWN_CIPHER: diff --git a/sshkey.c b/sshkey.c index 1f714c37f..3dd8907b0 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.22 2015/09/02 07:51:12 jsg Exp $ */ +/* $OpenBSD: sshkey.c,v 1.23 2015/09/13 14:39:16 tim Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -3833,8 +3833,6 @@ int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, const char *passphrase, struct sshkey **keyp, char **commentp) { - int r; - *keyp = NULL; if (commentp != NULL) *commentp = NULL; @@ -3856,8 +3854,8 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, return sshkey_parse_private2(blob, type, passphrase, keyp, commentp); case KEY_UNSPEC: - if ((r = sshkey_parse_private2(blob, type, passphrase, keyp, - commentp)) == 0) + if (sshkey_parse_private2(blob, type, passphrase, keyp, + commentp) == 0) return 0; #ifdef WITH_OPENSSL return sshkey_parse_private_pem_fileblob(blob, type, @@ -3872,10 +3870,8 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, int sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase, - const char *filename, struct sshkey **keyp, char **commentp) + struct sshkey **keyp, char **commentp) { - int r; - if (keyp != NULL) *keyp = NULL; if (commentp != NULL) @@ -3883,13 +3879,11 @@ sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase, #ifdef WITH_SSH1 /* it's a SSH v1 key if the public key part is readable */ - if ((r = sshkey_parse_public_rsa1_fileblob(buffer, NULL, NULL)) == 0) { + if (sshkey_parse_public_rsa1_fileblob(buffer, NULL, NULL) == 0) { return sshkey_parse_private_fileblob_type(buffer, KEY_RSA1, passphrase, keyp, commentp); } #endif /* WITH_SSH1 */ - if ((r = sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, - passphrase, keyp, commentp)) == 0) - return 0; - return r; + return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, + passphrase, keyp, commentp); } diff --git a/sshkey.h b/sshkey.h index c8d3cddca..99f1b25d5 100644 --- a/sshkey.h +++ b/sshkey.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.h,v 1.9 2015/08/04 05:23:06 djm Exp $ */ +/* $OpenBSD: sshkey.h,v 1.10 2015/09/13 14:39:16 tim Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -186,8 +186,7 @@ int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, int sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, struct sshkey **keyp, char **commentp); int sshkey_parse_private_fileblob(struct sshbuf *buffer, - const char *passphrase, const char *filename, struct sshkey **keyp, - char **commentp); + const char *passphrase, struct sshkey **keyp, char **commentp); int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, const char *passphrase, struct sshkey **keyp, char **commentp); -- cgit v1.2.3 From b1d38a3cc6fe349feb8d16a5f520ef12d1de7cb2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Thu, 15 Oct 2015 23:51:40 +0000 Subject: upstream commit fix some signed/unsigned integer type mismatches in format strings; reported by Nicholas Lemonias Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c --- channels.c | 4 ++-- mux.c | 6 +++--- ssh-add.c | 4 ++-- ssh.c | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) (limited to 'ssh-add.c') diff --git a/channels.c b/channels.c index a84b487e5..fdd89a5a0 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.347 2015/07/01 02:26:31 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.348 2015/10/15 23:51:40 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -662,7 +662,7 @@ channel_open_message(void) case SSH_CHANNEL_INPUT_DRAINING: case SSH_CHANNEL_OUTPUT_DRAINING: snprintf(buf, sizeof buf, - " #%d %.300s (t%d r%d i%d/%d o%d/%d fd %d/%d cc %d)\r\n", + " #%d %.300s (t%d r%d i%u/%d o%u/%d fd %d/%d cc %d)\r\n", c->self, c->remote_name, c->type, c->remote_id, c->istate, buffer_len(&c->input), diff --git a/mux.c b/mux.c index e6136fd28..d8e416262 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.54 2015/08/19 23:18:26 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.55 2015/10/15 23:51:40 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -1744,7 +1744,7 @@ mux_client_forward(int fd, int cancel_flag, u_int ftype, struct Forward *fwd) fwd->connect_host ? fwd->connect_host : "", fwd->connect_port); if (muxclient_command == SSHMUX_COMMAND_FORWARD) - fprintf(stdout, "%u\n", fwd->allocated_port); + fprintf(stdout, "%i\n", fwd->allocated_port); break; case MUX_S_PERMISSION_DENIED: e = buffer_get_string(&m, NULL); @@ -2169,7 +2169,7 @@ muxclient(const char *path) case SSHMUX_COMMAND_ALIVE_CHECK: if ((pid = mux_client_request_alive(sock)) == 0) fatal("%s: master alive check failed", __func__); - fprintf(stderr, "Master running (pid=%d)\r\n", pid); + fprintf(stderr, "Master running (pid=%u)\r\n", pid); exit(0); case SSHMUX_COMMAND_TERMINATE: mux_client_request_terminate(sock); diff --git a/ssh-add.c b/ssh-add.c index d8d6481f2..cd13d87e5 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.125 2015/09/13 14:39:16 tim Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.126 2015/10/15 23:51:40 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -384,7 +384,7 @@ list_identities(int agent_fd, int do_fp) if (do_fp) { fp = sshkey_fingerprint(idlist->keys[i], fingerprint_hash, SSH_FP_DEFAULT); - printf("%d %s %s (%s)\n", + printf("%u %s %s (%s)\n", sshkey_size(idlist->keys[i]), fp == NULL ? "(null)" : fp, idlist->comments[i], diff --git a/ssh.c b/ssh.c index a6e4de3ea..43ed45557 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.426 2015/09/24 06:15:11 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.427 2015/10/15 23:51:40 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -250,7 +250,7 @@ resolve_host(const char *name, int port, int logerr, char *cname, size_t clen) if (port <= 0) port = default_ssh_port(); - snprintf(strport, sizeof strport, "%u", port); + snprintf(strport, sizeof strport, "%d", port); memset(&hints, 0, sizeof(hints)); hints.ai_family = options.address_family == -1 ? AF_UNSPEC : options.address_family; -- cgit v1.2.3 From 89540b6de025b80404a0cb8418c06377f3f98848 Mon Sep 17 00:00:00 2001 From: "mmcc@openbsd.org" Date: Fri, 11 Dec 2015 02:31:47 +0000 Subject: upstream commit Remove NULL-checks before sshkey_free(). ok djm@ Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52 --- authfile.c | 14 +++++--------- ssh-add.c | 8 +++----- ssh-keygen.c | 5 ++--- sshconnect2.c | 5 ++--- sshkey.c | 14 +++++--------- 5 files changed, 17 insertions(+), 29 deletions(-) (limited to 'ssh-add.c') diff --git a/authfile.c b/authfile.c index 668df7d9e..9cd490ca3 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.118 2015/12/10 17:08:40 mmcc Exp $ */ +/* $OpenBSD: authfile.c,v 1.119 2015/12/11 02:31:47 mmcc Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -427,8 +427,7 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp) out: free(file); - if (pub != NULL) - sshkey_free(pub); + sshkey_free(pub); return r; } @@ -473,10 +472,8 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase, *keyp = key; key = NULL; out: - if (key != NULL) - sshkey_free(key); - if (cert != NULL) - sshkey_free(cert); + sshkey_free(key); + sshkey_free(cert); return r; } @@ -537,8 +534,7 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type, } r = SSH_ERR_KEY_NOT_FOUND; out: - if (pub != NULL) - sshkey_free(pub); + sshkey_free(pub); fclose(f); return r; } diff --git a/ssh-add.c b/ssh-add.c index cd13d87e5..b95841afa 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.126 2015/10/15 23:51:40 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.127 2015/12/11 02:31:47 mmcc Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -150,10 +150,8 @@ delete_file(int agent_fd, const char *filename, int key_only) certpath, ssh_err(r)); out: - if (cert != NULL) - sshkey_free(cert); - if (public != NULL) - sshkey_free(public); + sshkey_free(cert); + sshkey_free(public); free(certpath); free(comment); diff --git a/ssh-keygen.c b/ssh-keygen.c index 6ac1fa603..ff3f710de 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.285 2015/12/04 16:41:28 markus Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.286 2015/12/11 02:31:47 mmcc Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -2166,8 +2166,7 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv) close(fd); sshbuf_free(kbuf); ssh_krl_free(krl); - if (ca != NULL) - sshkey_free(ca); + sshkey_free(ca); } static void diff --git a/sshconnect2.c b/sshconnect2.c index 250278ffe..6c79a7920 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.234 2015/12/11 02:20:28 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.235 2015/12/11 02:31:47 mmcc Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1418,8 +1418,7 @@ pubkey_cleanup(Authctxt *authctxt) for (id = TAILQ_FIRST(&authctxt->keys); id; id = TAILQ_FIRST(&authctxt->keys)) { TAILQ_REMOVE(&authctxt->keys, id, next); - if (id->key) - sshkey_free(id->key); + sshkey_free(id->key); free(id->filename); free(id); } diff --git a/sshkey.c b/sshkey.c index 87abea1e0..96a4d9090 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.29 2015/12/10 17:08:40 mmcc Exp $ */ +/* $OpenBSD: sshkey.c,v 1.30 2015/12/11 02:31:47 mmcc Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -430,8 +430,7 @@ cert_free(struct sshkey_cert *cert) for (i = 0; i < cert->nprincipals; i++) free(cert->principals[i]); free(cert->principals); - if (cert->signature_key != NULL) - sshkey_free(cert->signature_key); + sshkey_free(cert->signature_key); explicit_bzero(cert, sizeof(*cert)); free(cert); } @@ -3647,8 +3646,7 @@ sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, out: if (copy != NULL) sshbuf_free(copy); - if (pub != NULL) - sshkey_free(pub); + sshkey_free(pub); return r; } @@ -3761,8 +3759,7 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, out: explicit_bzero(&ciphercontext, sizeof(ciphercontext)); free(comment); - if (prv != NULL) - sshkey_free(prv); + sshkey_free(prv); if (copy != NULL) sshbuf_free(copy); if (decrypted != NULL) @@ -3856,8 +3853,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, BIO_free(bio); if (pk != NULL) EVP_PKEY_free(pk); - if (prv != NULL) - sshkey_free(prv); + sshkey_free(prv); return r; } #endif /* WITH_OPENSSL */ -- cgit v1.2.3 From ffb1e7e896139a42ceb78676f637658f44612411 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Mon, 15 Feb 2016 09:47:49 +0000 Subject: upstream commit Add a function to enable security-related malloc_options. With and ok deraadt@, something similar has been in the snaps for a while. Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed --- sftp-server-main.c | 4 +++- sftp-server.c | 3 ++- sftp.c | 3 ++- ssh-add.c | 3 ++- ssh-agent.c | 3 ++- ssh-keygen.c | 3 ++- ssh-keyscan.c | 3 ++- ssh-keysign.c | 3 ++- ssh-pkcs11-helper.c | 3 ++- ssh.c | 3 ++- sshd.c | 4 +++- xmalloc.c | 10 +++++++++- xmalloc.h | 3 ++- 13 files changed, 35 insertions(+), 13 deletions(-) (limited to 'ssh-add.c') diff --git a/sftp-server-main.c b/sftp-server-main.c index 7e644ab89..c6ccd623e 100644 --- a/sftp-server-main.c +++ b/sftp-server-main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server-main.c,v 1.4 2009/02/21 19:32:04 tobias Exp $ */ +/* $OpenBSD: sftp-server-main.c,v 1.5 2016/02/15 09:47:49 dtucker Exp $ */ /* * Copyright (c) 2008 Markus Friedl. All rights reserved. * @@ -26,6 +26,7 @@ #include "log.h" #include "sftp.h" #include "misc.h" +#include "xmalloc.h" void cleanup_exit(int i) @@ -38,6 +39,7 @@ main(int argc, char **argv) { struct passwd *user_pw; + ssh_malloc_init(); /* must be called before any mallocs */ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); diff --git a/sftp-server.c b/sftp-server.c index 79ef45b10..e11a1b89b 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.108 2015/11/16 06:13:04 logan Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.109 2016/02/15 09:47:49 dtucker Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1513,6 +1513,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) extern char *optarg; extern char *__progname; + ssh_malloc_init(); /* must be called before any mallocs */ __progname = ssh_get_progname(argv[0]); log_init(__progname, log_level, log_facility, log_stderr); diff --git a/sftp.c b/sftp.c index 788601a8d..2077219fa 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.171 2015/08/20 22:32:42 deraadt Exp $ */ +/* $OpenBSD: sftp.c,v 1.172 2016/02/15 09:47:49 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -2248,6 +2248,7 @@ main(int argc, char **argv) size_t num_requests = DEFAULT_NUM_REQUESTS; long long limit_kbps = 0; + ssh_malloc_init(); /* must be called before any mallocs */ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); setlocale(LC_CTYPE, ""); diff --git a/ssh-add.c b/ssh-add.c index b95841afa..fb9a53e64 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.127 2015/12/11 02:31:47 mmcc Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.128 2016/02/15 09:47:49 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -481,6 +481,7 @@ main(int argc, char **argv) int r, i, ch, deleting = 0, ret = 0, key_only = 0; int xflag = 0, lflag = 0, Dflag = 0; + ssh_malloc_init(); /* must be called before any mallocs */ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); diff --git a/ssh-agent.c b/ssh-agent.c index 6c50e0f03..c38906d94 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.211 2015/12/11 17:41:37 doug Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.212 2016/02/15 09:47:49 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1200,6 +1200,7 @@ main(int ac, char **av) size_t len; mode_t prev_mask; + ssh_malloc_init(); /* must be called before any mallocs */ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); diff --git a/ssh-keygen.c b/ssh-keygen.c index c3ec4f882..478520123 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.287 2015/12/11 03:19:09 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.288 2016/02/15 09:47:49 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -2261,6 +2261,7 @@ main(int argc, char **argv) extern int optind; extern char *optarg; + ssh_malloc_init(); /* must be called before any mallocs */ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); diff --git a/ssh-keyscan.c b/ssh-keyscan.c index a23276f53..7fe61e4e1 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.104 2015/11/08 23:24:03 jmc Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.105 2016/02/15 09:47:49 dtucker Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -696,6 +696,7 @@ main(int argc, char **argv) extern int optind; extern char *optarg; + ssh_malloc_init(); /* must be called before any mallocs */ __progname = ssh_get_progname(argv[0]); seed_rng(); TAILQ_INIT(&tq); diff --git a/ssh-keysign.c b/ssh-keysign.c index 1d49861ae..ac5034de8 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.51 2015/12/04 16:41:28 markus Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.52 2016/02/15 09:47:49 dtucker Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -182,6 +182,7 @@ main(int argc, char **argv) u_int32_t rnd[256]; #endif + ssh_malloc_init(); /* must be called before any mallocs */ if (pledge("stdio rpath getpw dns id", NULL) != 0) fatal("%s: pledge: %s", __progname, strerror(errno)); diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c index f2d586395..53f41c555 100644 --- a/ssh-pkcs11-helper.c +++ b/ssh-pkcs11-helper.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11-helper.c,v 1.11 2015/08/20 22:32:42 deraadt Exp $ */ +/* $OpenBSD: ssh-pkcs11-helper.c,v 1.12 2016/02/15 09:47:49 dtucker Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -280,6 +280,7 @@ main(int argc, char **argv) extern char *__progname; + ssh_malloc_init(); /* must be called before any mallocs */ TAILQ_INIT(&pkcs11_keylist); pkcs11_init(0); diff --git a/ssh.c b/ssh.c index 993ea1721..f9ff91f04 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.435 2016/01/14 16:17:40 markus Exp $ */ +/* $OpenBSD: ssh.c,v 1.436 2016/02/15 09:47:49 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -527,6 +527,7 @@ main(int ac, char **av) struct ssh_digest_ctx *md; u_char conn_hash[SSH_DIGEST_MAX_LENGTH]; + ssh_malloc_init(); /* must be called before any mallocs */ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); diff --git a/sshd.c b/sshd.c index 253004db4..430569c46 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.464 2016/01/29 02:54:45 dtucker Exp $ */ +/* $OpenBSD: sshd.c,v 1.465 2016/02/15 09:47:49 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1476,6 +1476,8 @@ main(int ac, char **av) Authctxt *authctxt; struct connection_info *connection_info = get_connection_info(0, 0); + ssh_malloc_init(); /* must be called before any mallocs */ + #ifdef HAVE_SECUREWARE (void)set_auth_parameters(ac, av); #endif diff --git a/xmalloc.c b/xmalloc.c index 98cbf8776..dea9dd9fe 100644 --- a/xmalloc.c +++ b/xmalloc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: xmalloc.c,v 1.32 2015/04/24 01:36:01 deraadt Exp $ */ +/* $OpenBSD: xmalloc.c,v 1.33 2016/02/15 09:47:49 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -26,6 +26,14 @@ #include "xmalloc.h" #include "log.h" +void +ssh_malloc_init(void) +{ + extern char *malloc_options; + + malloc_options = "S"; +} + void * xmalloc(size_t size) { diff --git a/xmalloc.h b/xmalloc.h index 2bec77ba8..e49928932 100644 --- a/xmalloc.h +++ b/xmalloc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: xmalloc.h,v 1.15 2015/04/24 01:36:01 deraadt Exp $ */ +/* $OpenBSD: xmalloc.h,v 1.16 2016/02/15 09:47:49 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -16,6 +16,7 @@ * called by a name other than "ssh" or "Secure Shell". */ +void ssh_malloc_init(void); void *xmalloc(size_t); void *xcalloc(size_t, size_t); void *xreallocarray(void *, size_t, size_t); -- cgit v1.2.3