RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2024-12-26 20:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

upstream commit

Browse Source 
replace statically-sized arrays in ServerOptions with
dynamic ones managed by xrecallocarray, removing some arbitrary (though
large) limits and saving a bit of memory; "much nicer" markus@

Upstream-ID: 1732720b2f478fe929d6687ac7b0a97ff2efe9d2
This commit is contained in:
djm@openbsd.org 2017-10-05 15:52:03 +00:00 committed by Damien Miller
parent 2b4f3ab050
commit dceabc7ad7
4 changed files with 143 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
monitor.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor.c,v 1.174 2017/10/02 19:33:20 djm Exp $ */
/* $OpenBSD: monitor.c,v 1.175 2017/10/05 15:52:03 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -760,12 +760,10 @@ mm_answer_pwnamallow(int sock, Buffer *m)
for (i = 0; i < options.nx; i++) \
buffer_put_cstring(m, options.x[i]); \
} while (0)
#define M_CP_STRARRAYOPT_ALLOC(x, nx) M_CP_STRARRAYOPT(x, nx)
/* See comment in servconf.h */
COPY_MATCH_STRING_OPTS();
#undef M_CP_STROPT
#undef M_CP_STRARRAYOPT
#undef M_CP_STRARRAYOPT_ALLOC
/* Create valid auth method lists */
if (auth2_setup_methods_lists(authctxt) != 0) {

10
monitor_wrap.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor_wrap.c,v 1.94 2017/10/02 19:33:20 djm Exp $ */
/* $OpenBSD: monitor_wrap.c,v 1.95 2017/10/05 15:52:03 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -287,19 +287,15 @@ out:
newopts->x = buffer_get_string(&m, NULL); \
} while (0)
#define M_CP_STRARRAYOPT(x, nx) do { \
for (i = 0; i < newopts->nx; i++) \
newopts->x[i] = buffer_get_string(&m, NULL); \
} while (0)
#define M_CP_STRARRAYOPT_ALLOC(x, nx) do { \
newopts->x = newopts->nx == 0 ? \
NULL : xcalloc(newopts->nx, sizeof(*newopts->x)); \
M_CP_STRARRAYOPT(x, nx); \
for (i = 0; i < newopts->nx; i++) \
newopts->x[i] = buffer_get_string(&m, NULL); \
} while (0)
/* See comment in servconf.h */
COPY_MATCH_STRING_OPTS();
#undef M_CP_STROPT
#undef M_CP_STRARRAYOPT
#undef M_CP_STRARRAYOPT_ALLOC
copy_set_server_options(&options, newopts, 1);
log_change_level(options.log_level);

210
servconf.c
View File

@ -1,5 +1,5 @@
/* $OpenBSD: servconf.c,v 1.313 2017/10/04 18:49:30 djm Exp $ */
/* $OpenBSD: servconf.c,v 1.314 2017/10/05 15:52:03 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@ -188,10 +188,45 @@ assemble_algorithms(ServerOptions *o)
fatal("kex_assemble_names failed");
}
static void
array_append(const char *file, const int line, const char *directive,
char ***array, u_int *lp, const char *s)
{
if (*lp >= INT_MAX)
fatal("%s line %d: Too many %s entries", file, line, directive);
*array = xrecallocarray(*array, *lp, *lp + 1, sizeof(**array));
(*array)[*lp] = xstrdup(s);
(*lp)++;
}
void
servconf_add_hostkey(const char *file, const int line,
ServerOptions *options, const char *path)
{
char *apath = derelativise_path(path);
array_append(file, line, "HostKey",
&options->host_key_files, &options->num_host_key_files, apath);
free(apath);
}
void
servconf_add_hostcert(const char *file, const int line,
ServerOptions *options, const char *path)
{
char *apath = derelativise_path(path);
array_append(file, line, "HostCertificate",
&options->host_cert_files, &options->num_host_cert_files, apath);
free(apath);
}
void
fill_default_server_options(ServerOptions *options)
{
int i;
u_int i;
/* Portable-specific options */
if (options->use_pam == -1)
@ -200,16 +235,16 @@ fill_default_server_options(ServerOptions *options)
/* Standard Options */
if (options->num_host_key_files == 0) {
/* fill default hostkeys for protocols */
options->host_key_files[options->num_host_key_files++] =
_PATH_HOST_RSA_KEY_FILE;
options->host_key_files[options->num_host_key_files++] =
_PATH_HOST_DSA_KEY_FILE;
servconf_add_hostkey("[default]", 0, options,
_PATH_HOST_RSA_KEY_FILE);
servconf_add_hostkey("[default]", 0, options,
_PATH_HOST_DSA_KEY_FILE);
#ifdef OPENSSL_HAS_ECC
options->host_key_files[options->num_host_key_files++] =
_PATH_HOST_ECDSA_KEY_FILE;
servconf_add_hostkey("[default]", 0, options,
_PATH_HOST_ECDSA_KEY_FILE);
#endif
options->host_key_files[options->num_host_key_files++] =
_PATH_HOST_ED25519_KEY_FILE;
servconf_add_hostkey("[default]", 0, options,
_PATH_HOST_ED25519_KEY_FILE);
}
/* No certificates by default */
if (options->num_ports == 0)
@ -313,10 +348,14 @@ fill_default_server_options(ServerOptions *options)
if (options->client_alive_count_max == -1)
options->client_alive_count_max = 3;
if (options->num_authkeys_files == 0) {
options->authorized_keys_files[options->num_authkeys_files++] =
xstrdup(_PATH_SSH_USER_PERMITTED_KEYS);
options->authorized_keys_files[options->num_authkeys_files++] =
xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2);
array_append("[default]", 0, "AuthorizedKeysFiles",
&options->authorized_keys_files,
&options->num_authkeys_files,
_PATH_SSH_USER_PERMITTED_KEYS);
array_append("[default]", 0, "AuthorizedKeysFiles",
&options->authorized_keys_files,
&options->num_authkeys_files,
_PATH_SSH_USER_PERMITTED_KEYS2);
}
if (options->permit_tun == -1)
options->permit_tun = SSH_TUNMODE_NO;
@ -1128,22 +1167,12 @@ process_server_config_line(ServerOptions *options, char *line,
break;
case sHostKeyFile:
intptr = &options->num_host_key_files;
if (*intptr >= MAX_HOSTKEYS)
fatal("%s line %d: too many host keys specified (max %d).",
filename, linenum, MAX_HOSTKEYS);
charptr = &options->host_key_files[*intptr];
parse_filename:
arg = strdelim(&cp);
if (!arg || *arg == '\0')
fatal("%s line %d: missing file name.",
filename, linenum);
if (*activep && *charptr == NULL) {
*charptr = derelativise_path(arg);
/* increase optional counter */
if (intptr != NULL)
*intptr = *intptr + 1;
}
if (*activep)
servconf_add_hostkey(filename, linenum, options, arg);
break;
case sHostKeyAgent:
@ -1158,17 +1187,28 @@ process_server_config_line(ServerOptions *options, char *line,
break;
case sHostCertificate:
intptr = &options->num_host_cert_files;
if (*intptr >= MAX_HOSTKEYS)
fatal("%s line %d: too many host certificates "
"specified (max %d).", filename, linenum,
MAX_HOSTCERTS);
charptr = &options->host_cert_files[*intptr];
goto parse_filename;
arg = strdelim(&cp);
if (!arg || *arg == '\0')
fatal("%s line %d: missing file name.",
filename, linenum);
if (*activep)
servconf_add_hostcert(filename, linenum, options, arg);
break;
case sPidFile:
charptr = &options->pid_file;
goto parse_filename;
parse_filename:
arg = strdelim(&cp);
if (!arg || *arg == '\0')
fatal("%s line %d: missing file name.",
filename, linenum);
if (*activep && *charptr == NULL) {
*charptr = derelativise_path(arg);
/* increase optional counter */
if (intptr != NULL)
*intptr = *intptr + 1;
}
break;
case sPermitRootLogin:
intptr = &options->permit_root_login;
@ -1412,55 +1452,47 @@ process_server_config_line(ServerOptions *options, char *line,
case sAllowUsers:
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_allow_users >= MAX_ALLOW_USERS)
fatal("%s line %d: too many allow users.",
filename, linenum);
if (match_user(NULL, NULL, NULL, arg) == -1)
fatal("%s line %d: invalid AllowUsers pattern: "
"\"%.100s\"", filename, linenum, arg);
if (!*activep)
continue;
options->allow_users[options->num_allow_users++] =
xstrdup(arg);
array_append(filename, linenum, "AllowUsers",
&options->allow_users, &options->num_allow_users,
arg);
}
break;
case sDenyUsers:
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_deny_users >= MAX_DENY_USERS)
fatal("%s line %d: too many deny users.",
filename, linenum);
if (match_user(NULL, NULL, NULL, arg) == -1)
fatal("%s line %d: invalid DenyUsers pattern: "
"\"%.100s\"", filename, linenum, arg);
if (!*activep)
continue;
options->deny_users[options->num_deny_users++] =
xstrdup(arg);
array_append(filename, linenum, "DenyUsers",
&options->deny_users, &options->num_deny_users,
arg);
}
break;
case sAllowGroups:
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
fatal("%s line %d: too many allow groups.",
filename, linenum);
if (!*activep)
continue;
options->allow_groups[options->num_allow_groups++] =
xstrdup(arg);
array_append(filename, linenum, "AllowGroups",
&options->allow_groups, &options->num_allow_groups,
arg);
}
break;
case sDenyGroups:
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_deny_groups >= MAX_DENY_GROUPS)
fatal("%s line %d: too many deny groups.",
filename, linenum);
if (!*activep)
continue;
options->deny_groups[options->num_deny_groups++] =
xstrdup(arg);
array_append(filename, linenum, "DenyGroups",
&options->deny_groups, &options->num_deny_groups,
arg);
}
break;
@ -1579,14 +1611,12 @@ process_server_config_line(ServerOptions *options, char *line,
case sAuthorizedKeysFile:
if (*activep && options->num_authkeys_files == 0) {
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_authkeys_files >=
MAX_AUTHKEYS_FILES)
fatal("%s line %d: "
"too many authorized keys files.",
filename, linenum);
options->authorized_keys_files[
options->num_authkeys_files++] =
tilde_expand_filename(arg, getuid());
arg = tilde_expand_filename(arg, getuid());
array_append(filename, linenum,
"AuthorizedKeysFile",
&options->authorized_keys_files,
&options->num_authkeys_files, arg);
free(arg);
}
}
return 0;
@ -1618,13 +1648,11 @@ process_server_config_line(ServerOptions *options, char *line,
if (strchr(arg, '=') != NULL)
fatal("%s line %d: Invalid environment name.",
filename, linenum);
if (options->num_accept_env >= MAX_ACCEPT_ENV)
fatal("%s line %d: too many allow env.",
filename, linenum);
if (!*activep)
continue;
options->accept_env[options->num_accept_env++] =
xstrdup(arg);
array_append(filename, linenum, "AcceptEnv",
&options->accept_env, &options->num_accept_env,
arg);
}
break;
@ -1684,15 +1712,12 @@ process_server_config_line(ServerOptions *options, char *line,
fatal("%s line %d: bad port number in "
"PermitOpen", filename, linenum);
if (*activep && value == 0) {
options->permitted_opens = xrecallocarray(
options->permitted_opens,
options->num_permitted_opens,
options->num_permitted_opens + 1,
sizeof(*options->permitted_opens));
i = options->num_permitted_opens++;
options->permitted_opens[i] = arg2;
} else
free(arg2);
array_append(filename, linenum,
"PermitOpen",
&options->permitted_opens,
&options->num_permitted_opens, arg2);
}
free(arg2);
}
break;
@ -1815,11 +1840,6 @@ process_server_config_line(ServerOptions *options, char *line,
value = 0; /* seen "any" pseudo-method */
value2 = 0; /* sucessfully parsed any method */
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_auth_methods >=
MAX_AUTH_METHODS)
fatal("%s line %d: "
"too many authentication methods.",
filename, linenum);
if (strcmp(arg, "any") == 0) {
if (options->num_auth_methods > 0) {
fatal("%s line %d: \"any\" "
@ -1840,8 +1860,10 @@ process_server_config_line(ServerOptions *options, char *line,
value2 = 1;
if (!*activep)
continue;
options->auth_methods[
options->num_auth_methods++] = xstrdup(arg);
array_append(filename, linenum,
"AuthenticationMethods",
&options->auth_methods,
&options->num_auth_methods, arg);
}
if (value2 == 0) {
fatal("%s line %d: no AuthenticationMethods "
@ -2057,17 +2079,16 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
dst->n = src->n; \
} \
} while(0)
#define M_CP_STRARRAYOPT(n, num_n) do {\
if (src->num_n != 0) { \
for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \
dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \
} \
} while(0)
#define M_CP_STRARRAYOPT_ALLOC(n, num_n) do { \
if (src->num_n != 0) { \
dst->n = xcalloc(src->num_n, sizeof(*dst->n)); \
M_CP_STRARRAYOPT(n, num_n); \
dst->num_n = src->num_n; \
#define M_CP_STRARRAYOPT(s, num_s) do {\
u_int i; \
if (src->num_s != 0) { \
for (i = 0; i < dst->num_s; i++) \
free(dst->s[i]); \
free(dst->s); \
dst->s = xcalloc(src->num_s, sizeof(*dst->s)); \
for (i = 0; i < src->num_s; i++) \
dst->s[i] = xstrdup(src->s[i]); \
dst->num_s = src->num_s; \
} \
} while(0)
@ -2100,7 +2121,6 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
#undef M_CP_INTOPT
#undef M_CP_STROPT
#undef M_CP_STRARRAYOPT
#undef M_CP_STRARRAYOPT_ALLOC
void
parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,

54
sshd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshd.c,v 1.492 2017/09/12 06:32:07 djm Exp $ */
/* $OpenBSD: sshd.c,v 1.493 2017/10/05 15:52:03 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -467,7 +467,7 @@ sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out)
void
destroy_sensitive_data(void)
{
int i;
u_int i;
for (i = 0; i < options.num_host_key_files; i++) {
if (sensitive_data.host_keys[i]) {
@ -486,7 +486,7 @@ void
demote_sensitive_data(void)
{
struct sshkey *tmp;
int i;
u_int i;
for (i = 0; i < options.num_host_key_files; i++) {
if (sensitive_data.host_keys[i]) {
@ -685,7 +685,7 @@ list_hostkey_types(void)
Buffer b;
const char *p;
char *ret;
int i;
u_int i;
struct sshkey *key;
buffer_init(&b);
@ -745,7 +745,7 @@ list_hostkey_types(void)
static struct sshkey *
get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh)
{
int i;
u_int i;
struct sshkey *key;
for (i = 0; i < options.num_host_key_files; i++) {
@ -785,7 +785,7 @@ get_hostkey_private_by_type(int type, int nid, struct ssh *ssh)
struct sshkey *
get_hostkey_by_index(int ind)
{
if (ind < 0 || ind >= options.num_host_key_files)
if (ind < 0 || (u_int)ind >= options.num_host_key_files)
return (NULL);
return (sensitive_data.host_keys[ind]);
}
@ -793,7 +793,7 @@ get_hostkey_by_index(int ind)
struct sshkey *
get_hostkey_public_by_index(int ind, struct ssh *ssh)
{
if (ind < 0 || ind >= options.num_host_key_files)
if (ind < 0 || (u_int)ind >= options.num_host_key_files)
return (NULL);
return (sensitive_data.host_pubkeys[ind]);
}
@ -801,7 +801,7 @@ get_hostkey_public_by_index(int ind, struct ssh *ssh)
int
get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh)
{
int i;
u_int i;
for (i = 0; i < options.num_host_key_files; i++) {
if (key_is_cert(key)) {
@ -830,7 +830,8 @@ notify_hostkeys(struct ssh *ssh)
{
struct sshbuf *buf;
struct sshkey *key;
int i, nkeys, r;
u_int i, nkeys;
int r;
char *fp;
/* Some clients cannot cope with the hostkeys message, skip those. */
@ -861,7 +862,7 @@ notify_hostkeys(struct ssh *ssh)
packet_put_string(sshbuf_ptr(buf), sshbuf_len(buf));
nkeys++;
}
debug3("%s: sent %d hostkeys", __func__, nkeys);
debug3("%s: sent %u hostkeys", __func__, nkeys);
if (nkeys == 0)
fatal("%s: no hostkeys", __func__);
packet_send();
@ -1357,13 +1358,12 @@ main(int ac, char **av)
struct ssh *ssh = NULL;
extern char *optarg;
extern int optind;
int r, opt, i, j, on = 1, already_daemon;
int r, opt, on = 1, already_daemon, remote_port;
int sock_in = -1, sock_out = -1, newsock = -1;
const char *remote_ip;
int remote_port;
char *fp, *line, *laddr, *logfile = NULL;
int config_s[2] = { -1 , -1 };
u_int n;
u_int i, j;
u_int64_t ibytes, obytes;
mode_t new_umask;
struct sshkey *key;
@ -1416,12 +1416,8 @@ main(int ac, char **av)
config_file_name = optarg;
break;
case 'c':
if (options.num_host_cert_files >= MAX_HOSTCERTS) {
fprintf(stderr, "too many host certificates.\n");
exit(1);
}
options.host_cert_files[options.num_host_cert_files++] =
derelativise_path(optarg);
servconf_add_hostcert("[command-line]", 0,
&options, optarg);
break;
case 'd':
if (debug_flag == 0) {
@ -1480,12 +1476,8 @@ main(int ac, char **av)
/* protocol 1, ignored */
break;
case 'h':
if (options.num_host_key_files >= MAX_HOSTKEYS) {
fprintf(stderr, "too many host keys.\n");
exit(1);
}
options.host_key_files[options.num_host_key_files++] =
derelativise_path(optarg);
servconf_add_hostkey("[command-line]", 0,
&options, optarg);
break;
case 't':
test_flag = 1;
@ -1611,12 +1603,12 @@ main(int ac, char **av)
* and warns for trivial misconfigurations that could break login.
*/
if (options.num_auth_methods != 0) {
for (n = 0; n < options.num_auth_methods; n++) {
if (auth2_methods_valid(options.auth_methods[n],
for (i = 0; i < options.num_auth_methods; i++) {
if (auth2_methods_valid(options.auth_methods[i],
1) == 0)
break;
}
if (n >= options.num_auth_methods)
if (i >= options.num_auth_methods)
fatal("AuthenticationMethods cannot be satisfied by "
"enabled authentication methods");
}
@ -1752,7 +1744,7 @@ main(int ac, char **av)
continue;
}
sensitive_data.host_certificates[j] = key;
debug("host certificate: #%d type %d %s", j, key->type,
debug("host certificate: #%u type %d %s", j, key->type,
key_type(key));
}
@ -1796,8 +1788,10 @@ main(int ac, char **av)
debug("setgroups() failed: %.200s", strerror(errno));
if (rexec_flag) {
if (rexec_argc < 0)
fatal("rexec_argc %d < 0", rexec_argc);
rexec_argv = xcalloc(rexec_argc + 2, sizeof(char *));
for (i = 0; i < rexec_argc; i++) {
for (i = 0; i < (u_int)rexec_argc; i++) {
debug("rexec_argv[%d]='%s'", i, saved_argv[i]);
rexec_argv[i] = saved_argv[i];
}