summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog4
-rw-r--r--auth-options.c8
-rw-r--r--auth-rsa.c7
-rw-r--r--bufaux.c8
-rw-r--r--buffer.h4
-rw-r--r--channels.c7
-rw-r--r--hostfile.c17
-rw-r--r--hostfile.h4
-rw-r--r--mux.c19
-rw-r--r--packet.c11
-rw-r--r--packet.h4
-rw-r--r--roaming_common.c4
-rw-r--r--serverloop.c5
13 files changed, 60 insertions, 42 deletions
diff --git a/ChangeLog b/ChangeLog
index 5d4855d6..aa66e3b0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -37,6 +37,10 @@
- markus@cvs.openbsd.org 2013/07/02 12:31:43
[dh.c]
remove extra whitespace
+ - djm@cvs.openbsd.org 2013/07/12 00:19:59
+ [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c]
+ [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c]
+ fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
20130702
- (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config
diff --git a/auth-options.c b/auth-options.c
index a8d738ac..80d59ee9 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.58 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.59 2013/07/12 00:19:58 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -432,7 +432,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
{
char *command, *allowed;
const char *remote_ip;
- u_char *name = NULL, *data_blob = NULL;
+ char *name = NULL;
+ u_char *data_blob = NULL;
u_int nlen, dlen, clen;
Buffer c, data;
int ret = -1, found;
@@ -550,7 +551,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
buffer_clear(&data);
free(name);
free(data_blob);
- name = data_blob = NULL;
+ name = NULL;
+ data_blob = NULL;
}
/* successfully parsed all options */
ret = 0;
diff --git a/auth-rsa.c b/auth-rsa.c
index b7a03fdc..545aa496 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rsa.c,v 1.84 2013/06/21 00:34:49 djm Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -165,8 +165,7 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file,
const BIGNUM *client_n, Key **rkey)
{
char *fp, line[SSH_MAX_PUBKEY_BYTES];
- int allowed = 0;
- u_int bits;
+ int allowed = 0, bits;
FILE *f;
u_long linenum = 0;
Key *key;
@@ -227,7 +226,7 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file,
/* check the real bits */
keybits = BN_num_bits(key->rsa->n);
- if (keybits < 0 || bits != (u_int)keybits)
+ if (keybits < 0 || bits != keybits)
logit("Warning: %s, line %lu: keysize mismatch: "
"actual %d vs. announced %d.",
file, linenum, BN_num_bits(key->rsa->n), bits);
diff --git a/bufaux.c b/bufaux.c
index ec8853f8..de5b3ca1 100644
--- a/bufaux.c
+++ b/bufaux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bufaux.c,v 1.51 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: bufaux.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -285,7 +285,7 @@ buffer_put_cstring(Buffer *buffer, const char *s)
* Returns a character from the buffer (0 - 255).
*/
int
-buffer_get_char_ret(char *ret, Buffer *buffer)
+buffer_get_char_ret(u_char *ret, Buffer *buffer)
{
if (buffer_get_ret(buffer, ret, 1) == -1) {
error("buffer_get_char_ret: buffer_get_ret failed");
@@ -297,11 +297,11 @@ buffer_get_char_ret(char *ret, Buffer *buffer)
int
buffer_get_char(Buffer *buffer)
{
- char ch;
+ u_char ch;
if (buffer_get_char_ret(&ch, buffer) == -1)
fatal("buffer_get_char: buffer error");
- return (u_char) ch;
+ return ch;
}
/*
diff --git a/buffer.h b/buffer.h
index e2a9dd10..4fa2ca11 100644
--- a/buffer.h
+++ b/buffer.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: buffer.h,v 1.21 2010/08/31 11:54:45 djm Exp $ */
+/* $OpenBSD: buffer.h,v 1.22 2013/07/12 00:19:58 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -84,7 +84,7 @@ int buffer_get_int64_ret(u_int64_t *, Buffer *);
void *buffer_get_string_ret(Buffer *, u_int *);
char *buffer_get_cstring_ret(Buffer *, u_int *);
void *buffer_get_string_ptr_ret(Buffer *, u_int *);
-int buffer_get_char_ret(char *, Buffer *);
+int buffer_get_char_ret(u_char *, Buffer *);
#ifdef OPENSSL_HAS_ECC
#include <openssl/ec.h>
diff --git a/channels.c b/channels.c
index b48e6aeb..9e87bfb9 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.323 2013/06/07 15:37:52 dtucker Exp $ */
+/* $OpenBSD: channels.c,v 1.324 2013/07/12 00:19:58 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1139,7 +1139,8 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
u_int8_t atyp;
} s5_req, s5_rsp;
u_int16_t dest_port;
- u_char *p, dest_addr[255+1], ntop[INET6_ADDRSTRLEN];
+ char dest_addr[255+1], ntop[INET6_ADDRSTRLEN];
+ u_char *p;
u_int have, need, i, found, nmethods, addrlen, af;
debug2("channel %d: decode socks5", c->self);
@@ -1209,7 +1210,7 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
buffer_consume(&c->input, sizeof(s5_req));
if (s5_req.atyp == SSH_SOCKS5_DOMAIN)
buffer_consume(&c->input, 1); /* host string length */
- buffer_get(&c->input, (char *)&dest_addr, addrlen);
+ buffer_get(&c->input, &dest_addr, addrlen);
buffer_get(&c->input, (char *)&dest_port, 2);
dest_addr[addrlen] = '\0';
free(c->path);
diff --git a/hostfile.c b/hostfile.c
index 69d0d289..2ff4c48b 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.51 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: hostfile.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -64,7 +64,7 @@ struct hostkeys {
};
static int
-extract_salt(const char *s, u_int l, char *salt, size_t salt_len)
+extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len)
{
char *p, *b64salt;
u_int b64len;
@@ -115,7 +115,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
{
const EVP_MD *md = EVP_sha1();
HMAC_CTX mac_ctx;
- char salt[256], result[256], uu_salt[512], uu_result[512];
+ u_char salt[256], result[256];
+ char uu_salt[512], uu_result[512];
static char encoded[1024];
u_int i, len;
@@ -133,7 +134,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
}
HMAC_Init(&mac_ctx, salt, len, md);
- HMAC_Update(&mac_ctx, host, strlen(host));
+ HMAC_Update(&mac_ctx, (u_char *)host, strlen(host));
HMAC_Final(&mac_ctx, result, NULL);
HMAC_cleanup(&mac_ctx);
@@ -153,7 +154,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
*/
int
-hostfile_read_key(char **cpp, u_int *bitsp, Key *ret)
+hostfile_read_key(char **cpp, int *bitsp, Key *ret)
{
char *cp;
@@ -170,8 +171,10 @@ hostfile_read_key(char **cpp, u_int *bitsp, Key *ret)
/* Return results. */
*cpp = cp;
- if (bitsp != NULL)
- *bitsp = key_size(ret);
+ if (bitsp != NULL) {
+ if ((*bitsp = key_size(ret)) <= 0)
+ return 0;
+ }
return 1;
}
diff --git a/hostfile.h b/hostfile.h
index d84d422f..679c034f 100644
--- a/hostfile.h
+++ b/hostfile.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.h,v 1.19 2010/11/29 23:45:51 djm Exp $ */
+/* $OpenBSD: hostfile.h,v 1.20 2013/07/12 00:19:58 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -40,7 +40,7 @@ HostStatus check_key_in_hostkeys(struct hostkeys *, Key *,
int lookup_key_in_hostkeys_by_type(struct hostkeys *, int,
const struct hostkey_entry **);
-int hostfile_read_key(char **, u_int *, Key *);
+int hostfile_read_key(char **, int *, Key *);
int add_host_to_hostfile(const char *, const char *, const Key *, int);
#define HASH_MAGIC "|1|"
diff --git a/mux.c b/mux.c
index 314ee8cd..882fa61b 100644
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.43 2013/06/05 02:07:29 dtucker Exp $ */
+/* $OpenBSD: mux.c,v 1.44 2013/07/12 00:19:58 djm Exp $ */
/*
* Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
*
@@ -630,19 +630,22 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
Forward fwd;
char *fwd_desc = NULL;
u_int ftype;
+ u_int lport, cport;
int i, ret = 0, freefwd = 1;
fwd.listen_host = fwd.connect_host = NULL;
if (buffer_get_int_ret(&ftype, m) != 0 ||
(fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL ||
- buffer_get_int_ret(&fwd.listen_port, m) != 0 ||
+ buffer_get_int_ret(&lport, m) != 0 ||
(fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL ||
- buffer_get_int_ret(&fwd.connect_port, m) != 0) {
+ buffer_get_int_ret(&cport, m) != 0 ||
+ lport > 65535 || cport > 65535) {
error("%s: malformed message", __func__);
ret = -1;
goto out;
}
-
+ fwd.listen_port = lport;
+ fwd.connect_port = cport;
if (*fwd.listen_host == '\0') {
free(fwd.listen_host);
fwd.listen_host = NULL;
@@ -778,17 +781,21 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
const char *error_reason = NULL;
u_int ftype;
int i, listen_port, ret = 0;
+ u_int lport, cport;
fwd.listen_host = fwd.connect_host = NULL;
if (buffer_get_int_ret(&ftype, m) != 0 ||
(fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL ||
- buffer_get_int_ret(&fwd.listen_port, m) != 0 ||
+ buffer_get_int_ret(&lport, m) != 0 ||
(fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL ||
- buffer_get_int_ret(&fwd.connect_port, m) != 0) {
+ buffer_get_int_ret(&cport, m) != 0 ||
+ lport > 65535 || cport > 65535) {
error("%s: malformed message", __func__);
ret = -1;
goto out;
}
+ fwd.listen_port = lport;
+ fwd.connect_port = cport;
if (*fwd.listen_host == '\0') {
free(fwd.listen_host);
diff --git a/packet.c b/packet.c
index b25395d4..0d27e759 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.187 2013/06/01 13:15:52 dtucker Exp $ */
+/* $OpenBSD: packet.c,v 1.188 2013/07/12 00:19:58 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1048,7 +1048,7 @@ packet_send(void)
int
packet_read_seqnr(u_int32_t *seqnr_p)
{
- int type, len, ret, ms_remain, cont;
+ int type, len, ret, cont, ms_remain = 0;
fd_set *setp;
char buf[8192];
struct timeval timeout, start, *timeoutp = NULL;
@@ -1487,6 +1487,8 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
} else {
type = packet_read_poll1();
switch (type) {
+ case SSH_MSG_NONE:
+ return SSH_MSG_NONE;
case SSH_MSG_IGNORE:
break;
case SSH_MSG_DEBUG:
@@ -1501,8 +1503,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
cleanup_exit(255);
break;
default:
- if (type)
- DBG(debug("received packet type %d", type));
+ DBG(debug("received packet type %d", type));
return type;
}
}
@@ -1739,7 +1740,7 @@ void
packet_write_wait(void)
{
fd_set *setp;
- int ret, ms_remain;
+ int ret, ms_remain = 0;
struct timeval start, timeout, *timeoutp = NULL;
setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1,
diff --git a/packet.h b/packet.h
index bc548f2b..f8edf851 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.58 2013/05/16 02:00:34 dtucker Exp $ */
+/* $OpenBSD: packet.h,v 1.59 2013/07/12 00:19:59 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -71,7 +71,7 @@ void *packet_get_raw(u_int *length_ptr);
void *packet_get_string(u_int *length_ptr);
char *packet_get_cstring(u_int *length_ptr);
void *packet_get_string_ptr(u_int *length_ptr);
-void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void packet_disconnect(const char *fmt,...) __attribute__((noreturn)) __attribute__((format(printf, 1, 2)));
void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
void set_newkeys(int mode);
diff --git a/roaming_common.c b/roaming_common.c
index 8d0b6054..50d6177d 100644
--- a/roaming_common.c
+++ b/roaming_common.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: roaming_common.c,v 1.9 2011/12/07 05:44:38 djm Exp $ */
+/* $OpenBSD: roaming_common.c,v 1.10 2013/07/12 00:19:59 djm Exp $ */
/*
* Copyright (c) 2004-2009 AppGate Network Security AB
*
@@ -227,7 +227,7 @@ calculate_new_key(u_int64_t *key, u_int64_t cookie, u_int64_t challenge)
{
const EVP_MD *md = EVP_sha1();
EVP_MD_CTX ctx;
- char hash[EVP_MAX_MD_SIZE];
+ u_char hash[EVP_MAX_MD_SIZE];
Buffer b;
buffer_init(&b);
diff --git a/serverloop.c b/serverloop.c
index 7c250b22..ccbad617 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.167 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.168 2013/07/12 00:19:59 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -823,7 +823,8 @@ void
server_loop2(Authctxt *authctxt)
{
fd_set *readset = NULL, *writeset = NULL;
- int rekeying = 0, max_fd, nalloc = 0;
+ int rekeying = 0, max_fd;
+ u_int nalloc = 0;
u_int64_t rekey_timeout_ms = 0;
debug("Entering interactive session for SSH2.");