- djm@cvs.openbsd.org 2013/07/12 00:19:59

[auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c]
     [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c]
     fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@

ChangeLog

@@ -37,6 +37,10 @@
    - markus@cvs.openbsd.org 2013/07/02 12:31:43
      [dh.c]
      remove extra whitespace
+   - djm@cvs.openbsd.org 2013/07/12 00:19:59
+     [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c]
+     [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c]
+     fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
 
 20130702
  - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config

auth-options.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.58 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.59 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -432,7 +432,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
 {
 	char *command, *allowed;
 	const char *remote_ip;
-	u_char *name = NULL, *data_blob = NULL;
+	char *name = NULL;
+	u_char *data_blob = NULL;
 	u_int nlen, dlen, clen;
 	Buffer c, data;
 	int ret = -1, found;
@@ -550,7 +551,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
 		buffer_clear(&data);
 		free(name);
 		free(data_blob);
-		name = data_blob = NULL;
+		name = NULL;
+		data_blob = NULL;
 	}
 	/* successfully parsed all options */
 	ret = 0;

auth-rsa.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rsa.c,v 1.84 2013/06/21 00:34:49 djm Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -165,8 +165,7 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file,
     const BIGNUM *client_n, Key **rkey)
 {
 	char *fp, line[SSH_MAX_PUBKEY_BYTES];
-	int allowed = 0;
-	u_int bits;
+	int allowed = 0, bits;
 	FILE *f;
 	u_long linenum = 0;
 	Key *key;
@@ -227,7 +226,7 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file,
 
 		/* check the real bits  */
 		keybits = BN_num_bits(key->rsa->n);
-		if (keybits < 0 || bits != (u_int)keybits)
+		if (keybits < 0 || bits != keybits)
 			logit("Warning: %s, line %lu: keysize mismatch: "
 			    "actual %d vs. announced %d.",
 			    file, linenum, BN_num_bits(key->rsa->n), bits);

bufaux.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: bufaux.c,v 1.51 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: bufaux.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -285,7 +285,7 @@ buffer_put_cstring(Buffer *buffer, const char *s)
  * Returns a character from the buffer (0 - 255).
  */
 int
-buffer_get_char_ret(char *ret, Buffer *buffer)
+buffer_get_char_ret(u_char *ret, Buffer *buffer)
 {
 	if (buffer_get_ret(buffer, ret, 1) == -1) {
 		error("buffer_get_char_ret: buffer_get_ret failed");
@@ -297,11 +297,11 @@ buffer_get_char_ret(char *ret, Buffer *buffer)
 int
 buffer_get_char(Buffer *buffer)
 {
-	char ch;
+	u_char ch;
 
 	if (buffer_get_char_ret(&ch, buffer) == -1)
 		fatal("buffer_get_char: buffer error");
-	return (u_char) ch;
+	return ch;
 }
 
 /*

buffer.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: buffer.h,v 1.21 2010/08/31 11:54:45 djm Exp $ */
+/* $OpenBSD: buffer.h,v 1.22 2013/07/12 00:19:58 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -84,7 +84,7 @@ int	buffer_get_int64_ret(u_int64_t *, Buffer *);
 void	*buffer_get_string_ret(Buffer *, u_int *);
 char	*buffer_get_cstring_ret(Buffer *, u_int *);
 void	*buffer_get_string_ptr_ret(Buffer *, u_int *);
-int	buffer_get_char_ret(char *, Buffer *);
+int	buffer_get_char_ret(u_char *, Buffer *);
 
 #ifdef OPENSSL_HAS_ECC
 #include <openssl/ec.h>

channels.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.323 2013/06/07 15:37:52 dtucker Exp $ */
+/* $OpenBSD: channels.c,v 1.324 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1139,7 +1139,8 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
 		u_int8_t atyp;
 	} s5_req, s5_rsp;
 	u_int16_t dest_port;
-	u_char *p, dest_addr[255+1], ntop[INET6_ADDRSTRLEN];
+	char dest_addr[255+1], ntop[INET6_ADDRSTRLEN];
+	u_char *p;
 	u_int have, need, i, found, nmethods, addrlen, af;
 
 	debug2("channel %d: decode socks5", c->self);
@@ -1209,7 +1210,7 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
 	buffer_consume(&c->input, sizeof(s5_req));
 	if (s5_req.atyp == SSH_SOCKS5_DOMAIN)
 		buffer_consume(&c->input, 1);    /* host string length */
-	buffer_get(&c->input, (char *)&dest_addr, addrlen);
+	buffer_get(&c->input, &dest_addr, addrlen);
 	buffer_get(&c->input, (char *)&dest_port, 2);
 	dest_addr[addrlen] = '\0';
 	free(c->path);

hostfile.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.51 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: hostfile.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -64,7 +64,7 @@ struct hostkeys {
 };
 
 static int
-extract_salt(const char *s, u_int l, char *salt, size_t salt_len)
+extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len)
 {
 	char *p, *b64salt;
 	u_int b64len;
@@ -115,7 +115,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
 {
 	const EVP_MD *md = EVP_sha1();
 	HMAC_CTX mac_ctx;
-	char salt[256], result[256], uu_salt[512], uu_result[512];
+	u_char salt[256], result[256];
+	char uu_salt[512], uu_result[512];
 	static char encoded[1024];
 	u_int i, len;
 
@@ -133,7 +134,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
 	}
 
 	HMAC_Init(&mac_ctx, salt, len, md);
-	HMAC_Update(&mac_ctx, host, strlen(host));
+	HMAC_Update(&mac_ctx, (u_char *)host, strlen(host));
 	HMAC_Final(&mac_ctx, result, NULL);
 	HMAC_cleanup(&mac_ctx);
 
@@ -153,7 +154,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
  */
 
 int
-hostfile_read_key(char **cpp, u_int *bitsp, Key *ret)
+hostfile_read_key(char **cpp, int *bitsp, Key *ret)
 {
 	char *cp;
 
@@ -170,8 +171,10 @@ hostfile_read_key(char **cpp, u_int *bitsp, Key *ret)
 
 	/* Return results. */
 	*cpp = cp;
-	if (bitsp != NULL)
-		*bitsp = key_size(ret);
+	if (bitsp != NULL) {
+		if ((*bitsp = key_size(ret)) <= 0)
+			return 0;
+	}
 	return 1;
 }
 

hostfile.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.h,v 1.19 2010/11/29 23:45:51 djm Exp $ */
+/* $OpenBSD: hostfile.h,v 1.20 2013/07/12 00:19:58 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -40,7 +40,7 @@ HostStatus check_key_in_hostkeys(struct hostkeys *, Key *,
 int	 lookup_key_in_hostkeys_by_type(struct hostkeys *, int,
     const struct hostkey_entry **);
 
-int	 hostfile_read_key(char **, u_int *, Key *);
+int	 hostfile_read_key(char **, int *, Key *);
 int	 add_host_to_hostfile(const char *, const char *, const Key *, int);
 
 #define HASH_MAGIC	"|1|"

mux.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.43 2013/06/05 02:07:29 dtucker Exp $ */
+/* $OpenBSD: mux.c,v 1.44 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
  *
@@ -630,19 +630,22 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
 	Forward fwd;
 	char *fwd_desc = NULL;
 	u_int ftype;
+	u_int lport, cport;
 	int i, ret = 0, freefwd = 1;
 
 	fwd.listen_host = fwd.connect_host = NULL;
 	if (buffer_get_int_ret(&ftype, m) != 0 ||
 	    (fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL ||
-	    buffer_get_int_ret(&fwd.listen_port, m) != 0 ||
+	    buffer_get_int_ret(&lport, m) != 0 ||
 	    (fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL ||
-	    buffer_get_int_ret(&fwd.connect_port, m) != 0) {
+	    buffer_get_int_ret(&cport, m) != 0 ||
+	    lport > 65535 || cport > 65535) {
 		error("%s: malformed message", __func__);
 		ret = -1;
 		goto out;
 	}
-
+	fwd.listen_port = lport;
+	fwd.connect_port = cport;
 	if (*fwd.listen_host == '\0') {
 		free(fwd.listen_host);
 		fwd.listen_host = NULL;
@@ -778,17 +781,21 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
 	const char *error_reason = NULL;
 	u_int ftype;
 	int i, listen_port, ret = 0;
+	u_int lport, cport;
 
 	fwd.listen_host = fwd.connect_host = NULL;
 	if (buffer_get_int_ret(&ftype, m) != 0 ||
 	    (fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL ||
-	    buffer_get_int_ret(&fwd.listen_port, m) != 0 ||
+	    buffer_get_int_ret(&lport, m) != 0 ||
 	    (fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL ||
-	    buffer_get_int_ret(&fwd.connect_port, m) != 0) {
+	    buffer_get_int_ret(&cport, m) != 0 ||
+	    lport > 65535 || cport > 65535) {
 		error("%s: malformed message", __func__);
 		ret = -1;
 		goto out;
 	}
+	fwd.listen_port = lport;
+	fwd.connect_port = cport;
 
 	if (*fwd.listen_host == '\0') {
 		free(fwd.listen_host);

packet.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.187 2013/06/01 13:15:52 dtucker Exp $ */
+/* $OpenBSD: packet.c,v 1.188 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1048,7 +1048,7 @@ packet_send(void)
 int
 packet_read_seqnr(u_int32_t *seqnr_p)
 {
-	int type, len, ret, ms_remain, cont;
+	int type, len, ret, cont, ms_remain = 0;
 	fd_set *setp;
 	char buf[8192];
 	struct timeval timeout, start, *timeoutp = NULL;
@@ -1487,6 +1487,8 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
 		} else {
 			type = packet_read_poll1();
 			switch (type) {
+			case SSH_MSG_NONE:
+				return SSH_MSG_NONE;
 			case SSH_MSG_IGNORE:
 				break;
 			case SSH_MSG_DEBUG:
@@ -1501,8 +1503,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
 				cleanup_exit(255);
 				break;
 			default:
-				if (type)
-					DBG(debug("received packet type %d", type));
+				DBG(debug("received packet type %d", type));
 				return type;
 			}
 		}
@@ -1739,7 +1740,7 @@ void
 packet_write_wait(void)
 {
 	fd_set *setp;
-	int ret, ms_remain;
+	int ret, ms_remain = 0;
 	struct timeval start, timeout, *timeoutp = NULL;
 
 	setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1,

packet.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.58 2013/05/16 02:00:34 dtucker Exp $ */
+/* $OpenBSD: packet.h,v 1.59 2013/07/12 00:19:59 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -71,7 +71,7 @@ void	*packet_get_raw(u_int *length_ptr);
 void	*packet_get_string(u_int *length_ptr);
 char	*packet_get_cstring(u_int *length_ptr);
 void	*packet_get_string_ptr(u_int *length_ptr);
-void     packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void     packet_disconnect(const char *fmt,...) __attribute__((noreturn)) __attribute__((format(printf, 1, 2)));
 void     packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 
 void	 set_newkeys(int mode);

roaming_common.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: roaming_common.c,v 1.9 2011/12/07 05:44:38 djm Exp $ */
+/* $OpenBSD: roaming_common.c,v 1.10 2013/07/12 00:19:59 djm Exp $ */
 /*
  * Copyright (c) 2004-2009 AppGate Network Security AB
  *
@@ -227,7 +227,7 @@ calculate_new_key(u_int64_t *key, u_int64_t cookie, u_int64_t challenge)
 {
 	const EVP_MD *md = EVP_sha1();
 	EVP_MD_CTX ctx;
-	char hash[EVP_MAX_MD_SIZE];
+	u_char hash[EVP_MAX_MD_SIZE];
 	Buffer b;
 
 	buffer_init(&b);

serverloop.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.167 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.168 2013/07/12 00:19:59 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -823,7 +823,8 @@ void
 server_loop2(Authctxt *authctxt)
 {
 	fd_set *readset = NULL, *writeset = NULL;
-	int rekeying = 0, max_fd, nalloc = 0;
+	int rekeying = 0, max_fd;
+	u_int nalloc = 0;
 	u_int64_t rekey_timeout_ms = 0;
 
 	debug("Entering interactive session for SSH2.");