diff --git a/ChangeLog b/ChangeLog index 5d4855d65..aa66e3b0b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -37,6 +37,10 @@ - markus@cvs.openbsd.org 2013/07/02 12:31:43 [dh.c] remove extra whitespace + - djm@cvs.openbsd.org 2013/07/12 00:19:59 + [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c] + [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c] + fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ 20130702 - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config diff --git a/auth-options.c b/auth-options.c index a8d738ace..80d59ee95 100644 --- a/auth-options.c +++ b/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.58 2013/05/17 00:13:13 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.59 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -432,7 +432,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, { char *command, *allowed; const char *remote_ip; - u_char *name = NULL, *data_blob = NULL; + char *name = NULL; + u_char *data_blob = NULL; u_int nlen, dlen, clen; Buffer c, data; int ret = -1, found; @@ -550,7 +551,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, buffer_clear(&data); free(name); free(data_blob); - name = data_blob = NULL; + name = NULL; + data_blob = NULL; } /* successfully parsed all options */ ret = 0; diff --git a/auth-rsa.c b/auth-rsa.c index b7a03fdc4..545aa496a 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.84 2013/06/21 00:34:49 djm Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -165,8 +165,7 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file, const BIGNUM *client_n, Key **rkey) { char *fp, line[SSH_MAX_PUBKEY_BYTES]; - int allowed = 0; - u_int bits; + int allowed = 0, bits; FILE *f; u_long linenum = 0; Key *key; @@ -227,7 +226,7 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file, /* check the real bits */ keybits = BN_num_bits(key->rsa->n); - if (keybits < 0 || bits != (u_int)keybits) + if (keybits < 0 || bits != keybits) logit("Warning: %s, line %lu: keysize mismatch: " "actual %d vs. announced %d.", file, linenum, BN_num_bits(key->rsa->n), bits); diff --git a/bufaux.c b/bufaux.c index ec8853f8b..de5b3ca1a 100644 --- a/bufaux.c +++ b/bufaux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bufaux.c,v 1.51 2013/05/17 00:13:13 djm Exp $ */ +/* $OpenBSD: bufaux.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -285,7 +285,7 @@ buffer_put_cstring(Buffer *buffer, const char *s) * Returns a character from the buffer (0 - 255). */ int -buffer_get_char_ret(char *ret, Buffer *buffer) +buffer_get_char_ret(u_char *ret, Buffer *buffer) { if (buffer_get_ret(buffer, ret, 1) == -1) { error("buffer_get_char_ret: buffer_get_ret failed"); @@ -297,11 +297,11 @@ buffer_get_char_ret(char *ret, Buffer *buffer) int buffer_get_char(Buffer *buffer) { - char ch; + u_char ch; if (buffer_get_char_ret(&ch, buffer) == -1) fatal("buffer_get_char: buffer error"); - return (u_char) ch; + return ch; } /* diff --git a/buffer.h b/buffer.h index e2a9dd100..4fa2ca112 100644 --- a/buffer.h +++ b/buffer.h @@ -1,4 +1,4 @@ -/* $OpenBSD: buffer.h,v 1.21 2010/08/31 11:54:45 djm Exp $ */ +/* $OpenBSD: buffer.h,v 1.22 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen @@ -84,7 +84,7 @@ int buffer_get_int64_ret(u_int64_t *, Buffer *); void *buffer_get_string_ret(Buffer *, u_int *); char *buffer_get_cstring_ret(Buffer *, u_int *); void *buffer_get_string_ptr_ret(Buffer *, u_int *); -int buffer_get_char_ret(char *, Buffer *); +int buffer_get_char_ret(u_char *, Buffer *); #ifdef OPENSSL_HAS_ECC #include diff --git a/channels.c b/channels.c index b48e6aebb..9e87bfb9e 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.323 2013/06/07 15:37:52 dtucker Exp $ */ +/* $OpenBSD: channels.c,v 1.324 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1139,7 +1139,8 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) u_int8_t atyp; } s5_req, s5_rsp; u_int16_t dest_port; - u_char *p, dest_addr[255+1], ntop[INET6_ADDRSTRLEN]; + char dest_addr[255+1], ntop[INET6_ADDRSTRLEN]; + u_char *p; u_int have, need, i, found, nmethods, addrlen, af; debug2("channel %d: decode socks5", c->self); @@ -1209,7 +1210,7 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset) buffer_consume(&c->input, sizeof(s5_req)); if (s5_req.atyp == SSH_SOCKS5_DOMAIN) buffer_consume(&c->input, 1); /* host string length */ - buffer_get(&c->input, (char *)&dest_addr, addrlen); + buffer_get(&c->input, &dest_addr, addrlen); buffer_get(&c->input, (char *)&dest_port, 2); dest_addr[addrlen] = '\0'; free(c->path); diff --git a/hostfile.c b/hostfile.c index 69d0d289e..2ff4c48b4 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.51 2013/05/17 00:13:13 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -64,7 +64,7 @@ struct hostkeys { }; static int -extract_salt(const char *s, u_int l, char *salt, size_t salt_len) +extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len) { char *p, *b64salt; u_int b64len; @@ -115,7 +115,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) { const EVP_MD *md = EVP_sha1(); HMAC_CTX mac_ctx; - char salt[256], result[256], uu_salt[512], uu_result[512]; + u_char salt[256], result[256]; + char uu_salt[512], uu_result[512]; static char encoded[1024]; u_int i, len; @@ -133,7 +134,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) } HMAC_Init(&mac_ctx, salt, len, md); - HMAC_Update(&mac_ctx, host, strlen(host)); + HMAC_Update(&mac_ctx, (u_char *)host, strlen(host)); HMAC_Final(&mac_ctx, result, NULL); HMAC_cleanup(&mac_ctx); @@ -153,7 +154,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) */ int -hostfile_read_key(char **cpp, u_int *bitsp, Key *ret) +hostfile_read_key(char **cpp, int *bitsp, Key *ret) { char *cp; @@ -170,8 +171,10 @@ hostfile_read_key(char **cpp, u_int *bitsp, Key *ret) /* Return results. */ *cpp = cp; - if (bitsp != NULL) - *bitsp = key_size(ret); + if (bitsp != NULL) { + if ((*bitsp = key_size(ret)) <= 0) + return 0; + } return 1; } diff --git a/hostfile.h b/hostfile.h index d84d422ff..679c034f3 100644 --- a/hostfile.h +++ b/hostfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.h,v 1.19 2010/11/29 23:45:51 djm Exp $ */ +/* $OpenBSD: hostfile.h,v 1.20 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen @@ -40,7 +40,7 @@ HostStatus check_key_in_hostkeys(struct hostkeys *, Key *, int lookup_key_in_hostkeys_by_type(struct hostkeys *, int, const struct hostkey_entry **); -int hostfile_read_key(char **, u_int *, Key *); +int hostfile_read_key(char **, int *, Key *); int add_host_to_hostfile(const char *, const char *, const Key *, int); #define HASH_MAGIC "|1|" diff --git a/mux.c b/mux.c index 314ee8cd2..882fa61b5 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.43 2013/06/05 02:07:29 dtucker Exp $ */ +/* $OpenBSD: mux.c,v 1.44 2013/07/12 00:19:58 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -630,19 +630,22 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) Forward fwd; char *fwd_desc = NULL; u_int ftype; + u_int lport, cport; int i, ret = 0, freefwd = 1; fwd.listen_host = fwd.connect_host = NULL; if (buffer_get_int_ret(&ftype, m) != 0 || (fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL || - buffer_get_int_ret(&fwd.listen_port, m) != 0 || + buffer_get_int_ret(&lport, m) != 0 || (fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL || - buffer_get_int_ret(&fwd.connect_port, m) != 0) { + buffer_get_int_ret(&cport, m) != 0 || + lport > 65535 || cport > 65535) { error("%s: malformed message", __func__); ret = -1; goto out; } - + fwd.listen_port = lport; + fwd.connect_port = cport; if (*fwd.listen_host == '\0') { free(fwd.listen_host); fwd.listen_host = NULL; @@ -778,17 +781,21 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) const char *error_reason = NULL; u_int ftype; int i, listen_port, ret = 0; + u_int lport, cport; fwd.listen_host = fwd.connect_host = NULL; if (buffer_get_int_ret(&ftype, m) != 0 || (fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL || - buffer_get_int_ret(&fwd.listen_port, m) != 0 || + buffer_get_int_ret(&lport, m) != 0 || (fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL || - buffer_get_int_ret(&fwd.connect_port, m) != 0) { + buffer_get_int_ret(&cport, m) != 0 || + lport > 65535 || cport > 65535) { error("%s: malformed message", __func__); ret = -1; goto out; } + fwd.listen_port = lport; + fwd.connect_port = cport; if (*fwd.listen_host == '\0') { free(fwd.listen_host); diff --git a/packet.c b/packet.c index b25395d4b..0d27e7592 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.187 2013/06/01 13:15:52 dtucker Exp $ */ +/* $OpenBSD: packet.c,v 1.188 2013/07/12 00:19:58 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1048,7 +1048,7 @@ packet_send(void) int packet_read_seqnr(u_int32_t *seqnr_p) { - int type, len, ret, ms_remain, cont; + int type, len, ret, cont, ms_remain = 0; fd_set *setp; char buf[8192]; struct timeval timeout, start, *timeoutp = NULL; @@ -1487,6 +1487,8 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) } else { type = packet_read_poll1(); switch (type) { + case SSH_MSG_NONE: + return SSH_MSG_NONE; case SSH_MSG_IGNORE: break; case SSH_MSG_DEBUG: @@ -1501,8 +1503,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) cleanup_exit(255); break; default: - if (type) - DBG(debug("received packet type %d", type)); + DBG(debug("received packet type %d", type)); return type; } } @@ -1739,7 +1740,7 @@ void packet_write_wait(void) { fd_set *setp; - int ret, ms_remain; + int ret, ms_remain = 0; struct timeval start, timeout, *timeoutp = NULL; setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1, diff --git a/packet.h b/packet.h index bc548f2b1..f8edf851c 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.58 2013/05/16 02:00:34 dtucker Exp $ */ +/* $OpenBSD: packet.h,v 1.59 2013/07/12 00:19:59 djm Exp $ */ /* * Author: Tatu Ylonen @@ -71,7 +71,7 @@ void *packet_get_raw(u_int *length_ptr); void *packet_get_string(u_int *length_ptr); char *packet_get_cstring(u_int *length_ptr); void *packet_get_string_ptr(u_int *length_ptr); -void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void packet_disconnect(const char *fmt,...) __attribute__((noreturn)) __attribute__((format(printf, 1, 2))); void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); void set_newkeys(int mode); diff --git a/roaming_common.c b/roaming_common.c index 8d0b6054a..50d6177d0 100644 --- a/roaming_common.c +++ b/roaming_common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: roaming_common.c,v 1.9 2011/12/07 05:44:38 djm Exp $ */ +/* $OpenBSD: roaming_common.c,v 1.10 2013/07/12 00:19:59 djm Exp $ */ /* * Copyright (c) 2004-2009 AppGate Network Security AB * @@ -227,7 +227,7 @@ calculate_new_key(u_int64_t *key, u_int64_t cookie, u_int64_t challenge) { const EVP_MD *md = EVP_sha1(); EVP_MD_CTX ctx; - char hash[EVP_MAX_MD_SIZE]; + u_char hash[EVP_MAX_MD_SIZE]; Buffer b; buffer_init(&b); diff --git a/serverloop.c b/serverloop.c index 7c250b22f..ccbad617d 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.167 2013/05/17 00:13:14 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.168 2013/07/12 00:19:59 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -823,7 +823,8 @@ void server_loop2(Authctxt *authctxt) { fd_set *readset = NULL, *writeset = NULL; - int rekeying = 0, max_fd, nalloc = 0; + int rekeying = 0, max_fd; + u_int nalloc = 0; u_int64_t rekey_timeout_ms = 0; debug("Entering interactive session for SSH2.");