From ab782acd24a69f017eb3345d9151d965eaa1f7fa Mon Sep 17 00:00:00 2001 From: itojun Date: Wed, 26 Jun 2002 14:02:53 +0000 Subject: [PATCH] OpenSSH 3.4 around 2002/6/26. most significant change: >make sure # of response matches # of queries, fixes int overflow; from ISS as we have already enabled privsep by default, we should have been safe. --- crypto/dist/ssh/auth2-chall.c | 20 +++++++++++++------- crypto/dist/ssh/authfd.c | 6 +++--- crypto/dist/ssh/authfile.c | 8 ++++---- crypto/dist/ssh/bufaux.c | 14 +++++++++----- crypto/dist/ssh/buffer.c | 10 ++++++++-- crypto/dist/ssh/channels.c | 21 +++++++++++++-------- crypto/dist/ssh/channels.h | 18 +++++++++--------- crypto/dist/ssh/clientloop.c | 8 +++----- crypto/dist/ssh/kex.c | 8 ++++---- crypto/dist/ssh/monitor.c | 10 +++++++--- crypto/dist/ssh/msg.c | 8 ++++---- crypto/dist/ssh/serverloop.c | 8 +++----- crypto/dist/ssh/session.c | 13 ++++++++++--- crypto/dist/ssh/sftp-server.c | 8 ++++---- crypto/dist/ssh/ssh-agent.1 | 8 ++++---- crypto/dist/ssh/ssh-agent.c | 8 ++++---- crypto/dist/ssh/sshd.c | 15 +++++++++++++-- crypto/dist/ssh/sshpty.c | 8 ++++---- crypto/dist/ssh/version.h | 6 +++--- 19 files changed, 122 insertions(+), 83 deletions(-) diff --git a/crypto/dist/ssh/auth2-chall.c b/crypto/dist/ssh/auth2-chall.c index db8b33a0bf3e..fdb88c36ec4d 100644 --- a/crypto/dist/ssh/auth2-chall.c +++ b/crypto/dist/ssh/auth2-chall.c @@ -1,4 +1,4 @@ -/* $NetBSD: auth2-chall.c,v 1.1.1.8 2002/06/24 05:25:42 itojun Exp $ */ +/* $NetBSD: auth2-chall.c,v 1.1.1.9 2002/06/26 14:02:53 itojun Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -24,7 +24,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.18 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.19 2002/06/26 13:55:37 markus Exp $"); #include "ssh2.h" #include "auth.h" @@ -64,6 +64,7 @@ struct KbdintAuthctxt char *devices; void *ctxt; KbdintDevice *device; + u_int nreq; }; static KbdintAuthctxt * @@ -91,6 +92,7 @@ kbdint_alloc(const char *devs) debug("kbdint_alloc: devices '%s'", kbdintctxt->devices); kbdintctxt->ctxt = NULL; kbdintctxt->device = NULL; + kbdintctxt->nreq = 0; return kbdintctxt; } @@ -210,26 +212,26 @@ send_userauth_info_request(Authctxt *authctxt) KbdintAuthctxt *kbdintctxt; char *name, *instr, **prompts; int i; - u_int numprompts, *echo_on; + u_int *echo_on; kbdintctxt = authctxt->kbdintctxt; if (kbdintctxt->device->query(kbdintctxt->ctxt, - &name, &instr, &numprompts, &prompts, &echo_on)) + &name, &instr, &kbdintctxt->nreq, &prompts, &echo_on)) return 0; packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST); packet_put_cstring(name); packet_put_cstring(instr); packet_put_cstring(""); /* language not used */ - packet_put_int(numprompts); - for (i = 0; i < numprompts; i++) { + packet_put_int(kbdintctxt->nreq); + for (i = 0; i < kbdintctxt->nreq; i++) { packet_put_cstring(prompts[i]); packet_put_char(echo_on[i]); } packet_send(); packet_write_wait(); - for (i = 0; i < numprompts; i++) + for (i = 0; i < kbdintctxt->nreq; i++) xfree(prompts[i]); xfree(prompts); xfree(echo_on); @@ -257,6 +259,10 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) authctxt->postponed = 0; /* reset */ nresp = packet_get_int(); + if (nresp != kbdintctxt->nreq) + fatal("input_userauth_info_response: wrong number of replies"); + if (nresp > 100) + fatal("input_userauth_info_response: too many replies"); if (nresp > 0) { response = xmalloc(nresp * sizeof(char*)); for (i = 0; i < nresp; i++) diff --git a/crypto/dist/ssh/authfd.c b/crypto/dist/ssh/authfd.c index 6241a4348e56..c43c2677ce51 100644 --- a/crypto/dist/ssh/authfd.c +++ b/crypto/dist/ssh/authfd.c @@ -1,4 +1,4 @@ -/* $NetBSD: authfd.c,v 1.1.1.11 2002/06/24 05:25:43 itojun Exp $ */ +/* $NetBSD: authfd.c,v 1.1.1.12 2002/06/26 14:02:54 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.55 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.56 2002/06/25 16:22:42 markus Exp $"); #include @@ -145,7 +145,7 @@ ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply error("Error reading response from authentication socket."); return 0; } - buffer_append(reply, (char *) buf, l); + buffer_append(reply, buf, l); len -= l; } return 1; diff --git a/crypto/dist/ssh/authfile.c b/crypto/dist/ssh/authfile.c index c32a18fb41e9..3cb5578b7daf 100644 --- a/crypto/dist/ssh/authfile.c +++ b/crypto/dist/ssh/authfile.c @@ -1,4 +1,4 @@ -/* $NetBSD: authfile.c,v 1.1.1.13 2002/06/24 05:25:43 itojun Exp $ */ +/* $NetBSD: authfile.c,v 1.1.1.14 2002/06/26 14:02:54 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.49 2002/05/23 19:24:30 markus Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.50 2002/06/24 14:55:38 markus Exp $"); #include #include @@ -271,7 +271,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) (void) buffer_get_int(&buffer); /* reserved */ /* Read the public key from the buffer. */ - buffer_get_int(&buffer); + (void) buffer_get_int(&buffer); pub = key_new(KEY_RSA1); buffer_get_bignum(&buffer, pub->rsa->n); buffer_get_bignum(&buffer, pub->rsa->e); @@ -358,7 +358,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, (void) buffer_get_int(&buffer); /* Reserved data. */ /* Read the public key from the buffer. */ - buffer_get_int(&buffer); + (void) buffer_get_int(&buffer); prv = key_new_private(KEY_RSA1); buffer_get_bignum(&buffer, prv->rsa->n); diff --git a/crypto/dist/ssh/bufaux.c b/crypto/dist/ssh/bufaux.c index 9c4c7d5a5a3a..09d27b7b19d7 100644 --- a/crypto/dist/ssh/bufaux.c +++ b/crypto/dist/ssh/bufaux.c @@ -1,4 +1,4 @@ -/* $NetBSD: bufaux.c,v 1.1.1.8 2002/06/24 05:25:43 itojun Exp $ */ +/* $NetBSD: bufaux.c,v 1.1.1.9 2002/06/26 14:02:54 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -38,7 +38,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: bufaux.c,v 1.26 2002/06/23 09:46:51 deraadt Exp $"); +RCSID("$OpenBSD: bufaux.c,v 1.27 2002/06/26 08:53:12 markus Exp $"); #include #include "bufaux.h" @@ -89,6 +89,8 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value) bits = GET_16BIT(buf); /* Compute the number of binary bytes that follow. */ bytes = (bits + 7) / 8; + if (bytes > 8 * 1024) + fatal("buffer_get_bignum: cannot handle BN of size %d", bytes); if (buffer_len(buffer) < bytes) fatal("buffer_get_bignum: input buffer too small"); bin = buffer_ptr(buffer); @@ -130,13 +132,15 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value) xfree(buf); } +/* XXX does not handle negative BNs */ void buffer_get_bignum2(Buffer *buffer, BIGNUM *value) { - /**XXX should be two's-complement */ - int len; - u_char *bin = buffer_get_string(buffer, (u_int *)&len); + u_int len; + u_char *bin = buffer_get_string(buffer, &len); + if (len > 8 * 1024) + fatal("buffer_get_bignum2: cannot handle BN of size %d", len); BN_bin2bn(bin, len, value); xfree(bin); } diff --git a/crypto/dist/ssh/buffer.c b/crypto/dist/ssh/buffer.c index e1b378fa6ed8..b47ec238bb61 100644 --- a/crypto/dist/ssh/buffer.c +++ b/crypto/dist/ssh/buffer.c @@ -1,4 +1,4 @@ -/* $NetBSD: buffer.c,v 1.1.1.6 2002/03/08 01:20:34 itojun Exp $ */ +/* $NetBSD: buffer.c,v 1.1.1.7 2002/06/26 14:02:54 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: buffer.c,v 1.15 2002/01/18 18:14:17 stevesk Exp $"); +RCSID("$OpenBSD: buffer.c,v 1.16 2002/06/26 08:54:18 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -72,6 +72,9 @@ buffer_append_space(Buffer *buffer, u_int len) { void *p; + if (len > 0x100000) + fatal("buffer_append_space: len %u not supported", len); + /* If the buffer is empty, start using it from the beginning. */ if (buffer->offset == buffer->end) { buffer->offset = 0; @@ -97,6 +100,9 @@ restart: } /* Increase the size of the buffer and retry. */ buffer->alloc += len + 32768; + if (buffer->alloc > 0xa00000) + fatal("buffer_append_space: alloc %u not supported", + buffer->alloc); buffer->buf = xrealloc(buffer->buf, buffer->alloc); goto restart; /* NOTREACHED */ diff --git a/crypto/dist/ssh/channels.c b/crypto/dist/ssh/channels.c index 49fdd2caf03d..c6b8f9c822e3 100644 --- a/crypto/dist/ssh/channels.c +++ b/crypto/dist/ssh/channels.c @@ -1,4 +1,4 @@ -/* $NetBSD: channels.c,v 1.1.1.16 2002/06/24 05:25:45 itojun Exp $ */ +/* $NetBSD: channels.c,v 1.1.1.17 2002/06/26 14:02:56 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.177 2002/06/23 21:34:07 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.179 2002/06/26 08:55:02 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -206,7 +206,7 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd, Channel * channel_new(char *ctype, int type, int rfd, int wfd, int efd, - int window, int maxpack, int extusage, char *remote_name, int nonblock) + u_int window, u_int maxpack, int extusage, char *remote_name, int nonblock) { int i, found; Channel *c; @@ -230,6 +230,9 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, /* There are no free slots. Take last+1 slot and expand the array. */ found = channels_alloc; channels_alloc += 10; + if (channels_alloc > 10000) + fatal("channel_new: internal error: channels_alloc %d " + "too big.", channels_alloc); debug2("channel: expanding %d", channels_alloc); channels = xrealloc(channels, channels_alloc * sizeof(Channel *)); for (i = found; i < channels_alloc; i++) @@ -1569,8 +1572,9 @@ channel_after_select(fd_set * readset, fd_set * writeset) void channel_output_poll(void) { - int len, i; Channel *c; + int i; + u_int len; for (i = 0; i < channels_alloc; i++) { c = channels[i]; @@ -1648,7 +1652,7 @@ channel_output_poll(void) c->remote_window > 0 && (len = buffer_len(&c->extended)) > 0 && c->extended_usage == CHAN_EXTENDED_READ) { - debug2("channel %d: rwin %d elen %d euse %d", + debug2("channel %d: rwin %u elen %u euse %d", c->self, c->remote_window, buffer_len(&c->extended), c->extended_usage); if (len > c->remote_window) @@ -1874,7 +1878,7 @@ channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt) c->confirm(c->self, NULL); debug2("callback done"); } - debug("channel %d: open confirm rwindow %d rmax %d", c->self, + debug("channel %d: open confirm rwindow %u rmax %u", c->self, c->remote_window, c->remote_maxpacket); } packet_check_eom(); @@ -1931,7 +1935,8 @@ void channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) { Channel *c; - int id, adjust; + int id; + u_int adjust; if (!compat20) return; @@ -1947,7 +1952,7 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) } adjust = packet_get_int(); packet_check_eom(); - debug2("channel %d: rcvd adjust %d", id, adjust); + debug2("channel %d: rcvd adjust %u", id, adjust); c->remote_window += adjust; } diff --git a/crypto/dist/ssh/channels.h b/crypto/dist/ssh/channels.h index 6eaa5c35f695..55d651a4308c 100644 --- a/crypto/dist/ssh/channels.h +++ b/crypto/dist/ssh/channels.h @@ -1,5 +1,5 @@ -/* $NetBSD: channels.h,v 1.1.1.15 2002/06/24 05:25:45 itojun Exp $ */ -/* $OpenBSD: channels.h,v 1.69 2002/06/23 21:06:41 deraadt Exp $ */ +/* $NetBSD: channels.h,v 1.1.1.16 2002/06/26 14:02:56 itojun Exp $ */ +/* $OpenBSD: channels.h,v 1.70 2002/06/24 14:33:27 markus Exp $ */ /* * Author: Tatu Ylonen @@ -91,12 +91,12 @@ struct Channel { int host_port; /* remote port to connect for forwards */ char *remote_name; /* remote hostname */ - int remote_window; - int remote_maxpacket; - int local_window; - int local_window_max; - int local_consumed; - int local_maxpacket; + u_int remote_window; + u_int remote_maxpacket; + u_int local_window; + u_int local_window_max; + u_int local_consumed; + u_int local_maxpacket; int extended_usage; int single_connection; @@ -152,7 +152,7 @@ struct Channel { /* channel management */ Channel *channel_lookup(int); -Channel *channel_new(char *, int, int, int, int, int, int, int, char *, int); +Channel *channel_new(char *, int, int, int, int, u_int, u_int, int, char *, int); void channel_set_fds(int, int, int, int, int, int, u_int); void channel_free(Channel *); void channel_free_all(void); diff --git a/crypto/dist/ssh/clientloop.c b/crypto/dist/ssh/clientloop.c index 8e851652e6a7..1efc37476332 100644 --- a/crypto/dist/ssh/clientloop.c +++ b/crypto/dist/ssh/clientloop.c @@ -1,4 +1,4 @@ -/* $NetBSD: clientloop.c,v 1.1.1.16 2002/06/24 05:25:47 itojun Exp $ */ +/* $NetBSD: clientloop.c,v 1.1.1.17 2002/06/26 14:02:57 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -60,7 +60,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.101 2002/06/09 13:32:01 markus Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.102 2002/06/24 14:33:27 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1209,10 +1209,8 @@ client_input_channel_open(int type, u_int32_t seq, void *ctxt) { Channel *c = NULL; char *ctype; - u_int len; int rchan; - int rmaxpack; - int rwindow; + u_int rmaxpack, rwindow, len; ctype = packet_get_string(&len); rchan = packet_get_int(); diff --git a/crypto/dist/ssh/kex.c b/crypto/dist/ssh/kex.c index 523cba9cb957..7972d51f1b41 100644 --- a/crypto/dist/ssh/kex.c +++ b/crypto/dist/ssh/kex.c @@ -1,4 +1,4 @@ -/* $NetBSD: kex.c,v 1.1.1.13 2002/06/24 05:25:48 itojun Exp $ */ +/* $NetBSD: kex.c,v 1.1.1.14 2002/06/26 14:02:59 itojun Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.50 2002/05/15 15:47:49 mouring Exp $"); +RCSID("$OpenBSD: kex.c,v 1.51 2002/06/24 14:55:38 markus Exp $"); #include @@ -203,8 +203,8 @@ kex_input_kexinit(int type, u_int32_t seq, void *ctxt) packet_get_char(); for (i = 0; i < PROPOSAL_MAX; i++) xfree(packet_get_string(NULL)); - packet_get_char(); - packet_get_int(); + (void) packet_get_char(); + (void) packet_get_int(); packet_check_eom(); kex_kexinit_finish(kex); diff --git a/crypto/dist/ssh/monitor.c b/crypto/dist/ssh/monitor.c index f4ab20a7304e..e56cf7b5b305 100644 --- a/crypto/dist/ssh/monitor.c +++ b/crypto/dist/ssh/monitor.c @@ -1,4 +1,4 @@ -/* $NetBSD: monitor.c,v 1.1.1.3 2002/06/24 05:26:11 itojun Exp $ */ +/* $NetBSD: monitor.c,v 1.1.1.4 2002/06/26 14:03:17 itojun Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -26,7 +26,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor.c,v 1.17 2002/06/22 23:09:51 stevesk Exp $"); +RCSID("$OpenBSD: monitor.c,v 1.18 2002/06/26 13:20:57 deraadt Exp $"); #include @@ -1419,9 +1419,13 @@ mm_get_keystate(struct monitor *pmonitor) void * mm_zalloc(struct mm_master *mm, u_int ncount, u_int size) { + int len = size * ncount; void *address; - address = mm_malloc(mm, size * ncount); + if (len <= 0) + fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size); + + address = mm_malloc(mm, len); return (address); } diff --git a/crypto/dist/ssh/msg.c b/crypto/dist/ssh/msg.c index 5ad09526051d..1fe103fe44ce 100644 --- a/crypto/dist/ssh/msg.c +++ b/crypto/dist/ssh/msg.c @@ -1,4 +1,4 @@ -/* $NetBSD: msg.c,v 1.1.1.1 2002/06/24 05:26:11 itojun Exp $ */ +/* $NetBSD: msg.c,v 1.1.1.2 2002/06/26 14:03:18 itojun Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: msg.c,v 1.2 2002/06/19 00:27:55 deraadt Exp $"); +RCSID("$OpenBSD: msg.c,v 1.3 2002/06/24 15:49:22 itojun Exp $"); #include "buffer.h" #include "getput.h" @@ -37,7 +37,7 @@ msg_send(int fd, u_char type, Buffer *m) u_char buf[5]; u_int mlen = buffer_len(m); - debug3("msg_send: type %d", type); + debug3("msg_send: type %u", (unsigned int)type & 0xff); PUT_32BIT(buf, mlen + 1); buf[4] = type; /* 1st byte of payload is mesg-type */ @@ -60,7 +60,7 @@ msg_recv(int fd, Buffer *m) if (res != sizeof(buf)) { if (res == 0) return -1; - fatal("msg_recv: read: header %d", res); + fatal("msg_recv: read: header %ld", (long)res); } msg_len = GET_32BIT(buf); if (msg_len > 256 * 1024) diff --git a/crypto/dist/ssh/serverloop.c b/crypto/dist/ssh/serverloop.c index 47c6d3db0956..c345519114d7 100644 --- a/crypto/dist/ssh/serverloop.c +++ b/crypto/dist/ssh/serverloop.c @@ -1,4 +1,4 @@ -/* $NetBSD: serverloop.c,v 1.1.1.17 2002/06/24 05:25:56 itojun Exp $ */ +/* $NetBSD: serverloop.c,v 1.1.1.18 2002/06/26 14:03:06 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.102 2002/06/11 05:46:20 mpech Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.103 2002/06/24 14:33:27 markus Exp $"); #include "xmalloc.h" #include "packet.h" @@ -903,10 +903,8 @@ server_input_channel_open(int type, u_int32_t seq, void *ctxt) { Channel *c = NULL; char *ctype; - u_int len; int rchan; - int rmaxpack; - int rwindow; + u_int rmaxpack, rwindow, len; ctype = packet_get_string(&len); rchan = packet_get_int(); diff --git a/crypto/dist/ssh/session.c b/crypto/dist/ssh/session.c index f1914ffc0142..3fa92ea3ebb6 100644 --- a/crypto/dist/ssh/session.c +++ b/crypto/dist/ssh/session.c @@ -1,4 +1,4 @@ -/* $NetBSD: session.c,v 1.1.1.16 2002/06/24 05:25:57 itojun Exp $ */ +/* $NetBSD: session.c,v 1.1.1.17 2002/06/26 14:03:06 itojun Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -34,7 +34,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.140 2002/06/23 21:06:41 deraadt Exp $"); +RCSID("$OpenBSD: session.c,v 1.142 2002/06/26 13:49:26 deraadt Exp $"); #include "ssh.h" #include "ssh1.h" @@ -754,6 +754,9 @@ child_set_env(char ***envp, u_int *envsizep, const char *name, } else { /* New variable. Expand if necessary. */ if (i >= (*envsizep) - 1) { + if (*envsizep >= 1000) + fatal("child_set_env: too many env vars," + " skipping: %.100s", name); (*envsizep) += 50; env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *)); } @@ -779,12 +782,15 @@ read_environment_file(char ***env, u_int *envsize, FILE *f; char buf[4096]; char *cp, *value; + u_int lineno = 0; f = fopen(filename, "r"); if (!f) return; while (fgets(buf, sizeof(buf), f)) { + if (++lineno > 1000) + fatal("Too many lines in environment file %s", filename); for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) ; if (!*cp || *cp == '#' || *cp == '\n') @@ -793,7 +799,8 @@ read_environment_file(char ***env, u_int *envsize, *strchr(cp, '\n') = '\0'; value = strchr(cp, '='); if (value == NULL) { - fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf); + fprintf(stderr, "Bad line %u in %.100s\n", lineno, + filename); continue; } /* diff --git a/crypto/dist/ssh/sftp-server.c b/crypto/dist/ssh/sftp-server.c index 84316d4174a5..a5c52f9e7d34 100644 --- a/crypto/dist/ssh/sftp-server.c +++ b/crypto/dist/ssh/sftp-server.c @@ -1,4 +1,4 @@ -/* $NetBSD: sftp-server.c,v 1.1.1.11 2002/06/24 05:26:00 itojun Exp $ */ +/* $NetBSD: sftp-server.c,v 1.1.1.12 2002/06/26 14:03:08 itojun Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: sftp-server.c,v 1.36 2002/06/23 09:30:14 deraadt Exp $"); +RCSID("$OpenBSD: sftp-server.c,v 1.37 2002/06/24 17:57:20 deraadt Exp $"); #include "buffer.h" #include "bufaux.h" @@ -693,13 +693,13 @@ ls_file(char *name, struct stat *st) if ((pw = getpwuid(st->st_uid)) != NULL) { user = pw->pw_name; } else { - snprintf(ubuf, sizeof ubuf, "%u", st->st_uid); + snprintf(ubuf, sizeof ubuf, "%u", (u_int)st->st_uid); user = ubuf; } if ((gr = getgrgid(st->st_gid)) != NULL) { group = gr->gr_name; } else { - snprintf(gbuf, sizeof gbuf, "%u", st->st_gid); + snprintf(gbuf, sizeof gbuf, "%u", (u_int)st->st_gid); group = gbuf; } if (ltime != NULL) { diff --git a/crypto/dist/ssh/ssh-agent.1 b/crypto/dist/ssh/ssh-agent.1 index a12b70e0031e..915988e0b303 100644 --- a/crypto/dist/ssh/ssh-agent.1 +++ b/crypto/dist/ssh/ssh-agent.1 @@ -1,5 +1,5 @@ -.\" $NetBSD: ssh-agent.1,v 1.1.1.11 2002/06/24 05:26:00 itojun Exp $ -.\" $OpenBSD: ssh-agent.1,v 1.34 2002/06/22 16:45:29 stevesk Exp $ +.\" $NetBSD: ssh-agent.1,v 1.1.1.12 2002/06/26 14:03:09 itojun Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.35 2002/06/24 13:12:23 markus Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -70,7 +70,7 @@ The options are as follows: Bind the agent to the unix-domain socket .Ar bind_address . The default is -.Pa /tmp/ssh-XXXXXXXX/agent. . +.Pa /tmp/ssh-XXXXXXXX/agent. . .It Fl c Generate C-shell commands on .Dv stdout . @@ -164,7 +164,7 @@ Contains the protocol version 1 RSA authentication identity of the user. Contains the protocol version 2 DSA authentication identity of the user. .It Pa $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of the user. -.It Pa /tmp/ssh-XXXXXXXX/agent. +.It Pa /tmp/ssh-XXXXXXXX/agent. Unix-domain sockets used to contain the connection to the authentication agent. These sockets should only be readable by the owner. diff --git a/crypto/dist/ssh/ssh-agent.c b/crypto/dist/ssh/ssh-agent.c index ff92176479c5..3afb2a2a523b 100644 --- a/crypto/dist/ssh/ssh-agent.c +++ b/crypto/dist/ssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $NetBSD: ssh-agent.c,v 1.1.1.13 2002/06/24 05:26:01 itojun Exp $ */ +/* $NetBSD: ssh-agent.c,v 1.1.1.14 2002/06/26 14:03:09 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -36,7 +36,7 @@ #include "includes.h" #include -RCSID("$OpenBSD: ssh-agent.c,v 1.96 2002/06/23 10:29:52 deraadt Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.97 2002/06/24 14:55:38 markus Exp $"); #include #include @@ -194,7 +194,7 @@ process_authentication_challenge1(SocketEntry *e) if ((challenge = BN_new()) == NULL) fatal("process_authentication_challenge1: BN_new failed"); - buffer_get_int(&e->request); /* ignored */ + (void) buffer_get_int(&e->request); /* ignored */ buffer_get_bignum(&e->request, key->rsa->e); buffer_get_bignum(&e->request, key->rsa->n); buffer_get_bignum(&e->request, challenge); @@ -395,7 +395,7 @@ process_add_identity(SocketEntry *e, int version) switch (version) { case 1: k = key_new_private(KEY_RSA1); - buffer_get_int(&e->request); /* ignored */ + (void) buffer_get_int(&e->request); /* ignored */ buffer_get_bignum(&e->request, k->rsa->n); buffer_get_bignum(&e->request, k->rsa->e); buffer_get_bignum(&e->request, k->rsa->d); diff --git a/crypto/dist/ssh/sshd.c b/crypto/dist/ssh/sshd.c index 697aaa594036..8b2e53dc7190 100644 --- a/crypto/dist/ssh/sshd.c +++ b/crypto/dist/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $NetBSD: sshd.c,v 1.1.1.17 2002/06/24 05:26:08 itojun Exp $ */ +/* $NetBSD: sshd.c,v 1.1.1.18 2002/06/26 14:03:15 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -43,7 +43,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.250 2002/06/23 10:29:52 deraadt Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.251 2002/06/25 18:51:04 markus Exp $"); #include #include @@ -518,6 +518,7 @@ static void privsep_preauth_child(void) { u_int32_t rand[256]; + gid_t gidset[2]; struct passwd *pw; int i; @@ -547,7 +548,17 @@ privsep_preauth_child(void) /* Drop our privileges */ debug3("privsep user:group %u:%u", (u_int)pw->pw_uid, (u_int)pw->pw_gid); +#if 0 + /* XXX not ready, to heavy after chroot */ do_setusercontext(pw); +#else + gidset[0] = pw->pw_gid; + if (setgid(pw->pw_gid) < 0) + fatal("setgid failed for %u", pw->pw_gid ); + if (setgroups(1, gidset) < 0) + fatal("setgroups: %.100s", strerror(errno)); + permanently_set_uid(pw); +#endif } static Authctxt* diff --git a/crypto/dist/ssh/sshpty.c b/crypto/dist/ssh/sshpty.c index 87992a4497ad..349256799ac5 100644 --- a/crypto/dist/ssh/sshpty.c +++ b/crypto/dist/ssh/sshpty.c @@ -1,4 +1,4 @@ -/* $NetBSD: sshpty.c,v 1.1.1.5 2002/06/24 05:26:08 itojun Exp $ */ +/* $NetBSD: sshpty.c,v 1.1.1.6 2002/06/26 14:03:16 itojun Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshpty.c,v 1.6 2002/06/23 21:06:13 deraadt Exp $"); +RCSID("$OpenBSD: sshpty.c,v 1.7 2002/06/24 17:57:20 deraadt Exp $"); #include #include "sshpty.h" @@ -277,11 +277,11 @@ pty_setowner(struct passwd *pw, const char *ttyname) if (errno == EROFS && (st.st_uid == pw->pw_uid || st.st_uid == 0)) error("chown(%.100s, %u, %u) failed: %.100s", - ttyname, pw->pw_uid, gid, + ttyname, (u_int)pw->pw_uid, (u_int)gid, strerror(errno)); else fatal("chown(%.100s, %u, %u) failed: %.100s", - ttyname, pw->pw_uid, gid, + ttyname, (u_int)pw->pw_uid, (u_int)gid, strerror(errno)); } } diff --git a/crypto/dist/ssh/version.h b/crypto/dist/ssh/version.h index d555aebc9bb4..5c0c859fd34d 100644 --- a/crypto/dist/ssh/version.h +++ b/crypto/dist/ssh/version.h @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.1.1.17 2002/06/24 05:26:09 itojun Exp $ */ -/* $OpenBSD: version.h,v 1.33 2002/06/21 15:41:20 markus Exp $ */ +/* $NetBSD: version.h,v 1.1.1.18 2002/06/26 14:03:16 itojun Exp $ */ +/* $OpenBSD: version.h,v 1.34 2002/06/26 13:56:27 markus Exp $ */ -#define SSH_VERSION "OpenSSH_3.3" +#define SSH_VERSION "OpenSSH_3.4"