diff options
-rw-r--r-- | ChangeLog | 17 | ||||
-rw-r--r-- | addrmatch.c | 6 | ||||
-rw-r--r-- | auth-chall.c | 12 | ||||
-rw-r--r-- | auth-options.c | 60 | ||||
-rw-r--r-- | auth-rsa.c | 6 | ||||
-rw-r--r-- | auth.c | 16 | ||||
-rw-r--r-- | auth1.c | 14 | ||||
-rw-r--r-- | auth2-chall.c | 27 | ||||
-rw-r--r-- | auth2-gss.c | 17 | ||||
-rw-r--r-- | auth2-hostbased.c | 14 | ||||
-rw-r--r-- | auth2-jpake.c | 24 | ||||
-rw-r--r-- | auth2-kbdint.c | 6 | ||||
-rw-r--r-- | auth2-passwd.c | 6 | ||||
-rw-r--r-- | auth2-pubkey.c | 26 | ||||
-rw-r--r-- | auth2.c | 17 | ||||
-rw-r--r-- | authfd.c | 10 | ||||
-rw-r--r-- | authfile.c | 10 | ||||
-rw-r--r-- | bufaux.c | 6 | ||||
-rw-r--r-- | bufbn.c | 18 | ||||
-rw-r--r-- | bufec.c | 6 | ||||
-rw-r--r-- | buffer.c | 4 | ||||
-rw-r--r-- | canohost.c | 10 | ||||
-rw-r--r-- | channels.c | 98 | ||||
-rw-r--r-- | cipher-3des1.c | 6 | ||||
-rw-r--r-- | cipher.c | 10 | ||||
-rw-r--r-- | clientloop.c | 55 | ||||
-rw-r--r-- | compat.c | 6 | ||||
-rw-r--r-- | dns.c | 10 | ||||
-rw-r--r-- | groupaccess.c | 5 | ||||
-rw-r--r-- | gss-genr.c | 16 | ||||
-rw-r--r-- | hostfile.c | 16 | ||||
-rw-r--r-- | jpake.c | 8 | ||||
-rw-r--r-- | kex.c | 18 | ||||
-rw-r--r-- | kexdhc.c | 8 | ||||
-rw-r--r-- | kexdhs.c | 8 | ||||
-rw-r--r-- | kexecdhc.c | 8 | ||||
-rw-r--r-- | kexecdhs.c | 8 | ||||
-rw-r--r-- | kexgexc.c | 8 | ||||
-rw-r--r-- | kexgexs.c | 8 | ||||
-rw-r--r-- | key.c | 57 | ||||
-rw-r--r-- | mac.c | 6 | ||||
-rw-r--r-- | match.c | 15 | ||||
-rw-r--r-- | misc.c | 12 | ||||
-rw-r--r-- | moduli.c | 10 | ||||
-rw-r--r-- | monitor.c | 125 | ||||
-rw-r--r-- | monitor_mm.c | 13 | ||||
-rw-r--r-- | monitor_wrap.c | 30 | ||||
-rw-r--r-- | mux.c | 122 | ||||
-rw-r--r-- | packet.c | 30 | ||||
-rw-r--r-- | readconf.c | 30 | ||||
-rw-r--r-- | readpass.c | 4 | ||||
-rw-r--r-- | roaming_client.c | 9 | ||||
-rw-r--r-- | rsa.c | 10 | ||||
-rw-r--r-- | schnorr.c | 8 | ||||
-rw-r--r-- | scp.c | 22 | ||||
-rw-r--r-- | servconf.c | 9 | ||||
-rw-r--r-- | serverloop.c | 32 | ||||
-rw-r--r-- | session.c | 92 | ||||
-rw-r--r-- | sftp-client.c | 54 | ||||
-rw-r--r-- | sftp-common.c | 6 | ||||
-rw-r--r-- | sftp-glob.c | 6 | ||||
-rw-r--r-- | sftp-server.c | 58 | ||||
-rw-r--r-- | sftp.c | 92 | ||||
-rw-r--r-- | ssh-add.c | 20 | ||||
-rw-r--r-- | ssh-agent.c | 63 | ||||
-rw-r--r-- | ssh-dss.c | 10 | ||||
-rw-r--r-- | ssh-ecdsa.c | 10 | ||||
-rw-r--r-- | ssh-keygen.c | 104 | ||||
-rw-r--r-- | ssh-keyscan.c | 16 | ||||
-rw-r--r-- | ssh-keysign.c | 20 | ||||
-rw-r--r-- | ssh-pkcs11-client.c | 10 | ||||
-rw-r--r-- | ssh-pkcs11-helper.c | 23 | ||||
-rw-r--r-- | ssh-pkcs11.c | 27 | ||||
-rw-r--r-- | ssh-rsa.c | 23 | ||||
-rw-r--r-- | ssh.c | 44 | ||||
-rw-r--r-- | sshconnect.c | 41 | ||||
-rw-r--r-- | sshconnect1.c | 18 | ||||
-rw-r--r-- | sshconnect2.c | 145 | ||||
-rw-r--r-- | sshd.c | 12 | ||||
-rw-r--r-- | umac.c | 4 | ||||
-rw-r--r-- | uuencode.c | 7 | ||||
-rw-r--r-- | xmalloc.c | 10 | ||||
-rw-r--r-- | xmalloc.h | 3 |
83 files changed, 987 insertions, 1103 deletions
@@ -5,6 +5,23 @@ - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS rather than trying to enumerate the plaforms that don't have them. Based on a patch from Nathan Osman, with help from tim@. + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/05/17 00:13:13 + [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c + ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c + gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c + auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c + servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c + auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c + sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c + kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c + kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c + monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c + ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c + sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c + ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c + dns.c packet.c readpass.c authfd.c moduli.c] + bye, bye xfree(); ok markus@ 20130529 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null diff --git a/addrmatch.c b/addrmatch.c index 388603ca..fb6de92e 100644 --- a/addrmatch.c +++ b/addrmatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addrmatch.c,v 1.6 2012/06/21 00:16:07 dtucker Exp $ */ +/* $OpenBSD: addrmatch.c,v 1.7 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org> @@ -420,7 +420,7 @@ addr_match_list(const char *addr, const char *_list) goto foundit; } } - xfree(o); + free(o); return ret; } @@ -494,7 +494,7 @@ addr_match_cidr_list(const char *addr, const char *_list) continue; } } - xfree(o); + free(o); return ret; } diff --git a/auth-chall.c b/auth-chall.c index 919b1eaa..bfc51eae 100644 --- a/auth-chall.c +++ b/auth-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-chall.c,v 1.12 2006/08/03 03:34:41 deraadt Exp $ */ +/* $OpenBSD: auth-chall.c,v 1.13 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -69,11 +69,11 @@ get_challenge(Authctxt *authctxt) fatal("get_challenge: numprompts < 1"); challenge = xstrdup(prompts[0]); for (i = 0; i < numprompts; i++) - xfree(prompts[i]); - xfree(prompts); - xfree(name); - xfree(echo_on); - xfree(info); + free(prompts[i]); + free(prompts); + free(name); + free(echo_on); + free(info); return (challenge); } diff --git a/auth-options.c b/auth-options.c index 23d0423e..a8d738ac 100644 --- a/auth-options.c +++ b/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.57 2012/12/02 20:46:11 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.58 2013/05/17 00:13:13 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -72,15 +72,15 @@ auth_clear_options(void) while (custom_environment) { struct envstring *ce = custom_environment; custom_environment = ce->next; - xfree(ce->s); - xfree(ce); + free(ce->s); + free(ce); } if (forced_command) { - xfree(forced_command); + free(forced_command); forced_command = NULL; } if (authorized_principals) { - xfree(authorized_principals); + free(authorized_principals); authorized_principals = NULL; } forced_tun_device = -1; @@ -149,7 +149,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) if (strncasecmp(opts, cp, strlen(cp)) == 0) { opts += strlen(cp); if (forced_command != NULL) - xfree(forced_command); + free(forced_command); forced_command = xmalloc(strlen(opts) + 1); i = 0; while (*opts) { @@ -167,7 +167,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(forced_command); + free(forced_command); forced_command = NULL; goto bad_option; } @@ -180,7 +180,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) if (strncasecmp(opts, cp, strlen(cp)) == 0) { opts += strlen(cp); if (authorized_principals != NULL) - xfree(authorized_principals); + free(authorized_principals); authorized_principals = xmalloc(strlen(opts) + 1); i = 0; while (*opts) { @@ -198,7 +198,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(authorized_principals); + free(authorized_principals); authorized_principals = NULL; goto bad_option; } @@ -232,7 +232,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(s); + free(s); goto bad_option; } s[i] = '\0'; @@ -269,7 +269,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(patterns); + free(patterns); goto bad_option; } patterns[i] = '\0'; @@ -277,7 +277,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) switch (match_host_and_ip(remote_host, remote_ip, patterns)) { case 1: - xfree(patterns); + free(patterns); /* Host name matches. */ goto next_option; case -1: @@ -287,7 +287,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) "invalid criteria", file, linenum); /* FALLTHROUGH */ case 0: - xfree(patterns); + free(patterns); logit("Authentication tried for %.100s with " "correct key but not from a permitted " "host (host=%.200s, ip=%.200s).", @@ -323,7 +323,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing " "end quote", file, linenum); - xfree(patterns); + free(patterns); goto bad_option; } patterns[i] = '\0'; @@ -337,7 +337,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) auth_debug_add("%.100s, line %lu: " "Bad permitopen specification", file, linenum); - xfree(patterns); + free(patterns); goto bad_option; } host = cleanhostname(host); @@ -346,12 +346,12 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) "<%.100s>", file, linenum, p ? p : ""); auth_debug_add("%.100s, line %lu: " "Bad permitopen port", file, linenum); - xfree(patterns); + free(patterns); goto bad_option; } if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) channel_add_permitted_opens(host, port); - xfree(patterns); + free(patterns); goto next_option; } cp = "tunnel=\""; @@ -370,13 +370,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) file, linenum); auth_debug_add("%.100s, line %lu: missing end quote", file, linenum); - xfree(tun); + free(tun); forced_tun_device = -1; goto bad_option; } tun[i] = '\0'; forced_tun_device = a2tun(tun, NULL); - xfree(tun); + free(tun); if (forced_tun_device == SSH_TUNID_ERR) { debug("%.100s, line %lu: invalid tun device", file, linenum); @@ -484,7 +484,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, if (*cert_forced_command != NULL) { error("Certificate has multiple " "force-command options"); - xfree(command); + free(command); goto out; } *cert_forced_command = command; @@ -500,7 +500,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, if ((*cert_source_address_done)++) { error("Certificate has multiple " "source-address options"); - xfree(allowed); + free(allowed); goto out; } remote_ip = get_remote_ipaddr(); @@ -508,7 +508,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, allowed)) { case 1: /* accepted */ - xfree(allowed); + free(allowed); break; case 0: /* no match */ @@ -521,12 +521,12 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, "is not permitted to use this " "certificate for login.", remote_ip); - xfree(allowed); + free(allowed); goto out; case -1: error("Certificate source-address " "contents invalid"); - xfree(allowed); + free(allowed); goto out; } found = 1; @@ -548,8 +548,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, goto out; } buffer_clear(&data); - xfree(name); - xfree(data_blob); + free(name); + free(data_blob); name = data_blob = NULL; } /* successfully parsed all options */ @@ -559,13 +559,13 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, if (ret != 0 && cert_forced_command != NULL && *cert_forced_command != NULL) { - xfree(*cert_forced_command); + free(*cert_forced_command); *cert_forced_command = NULL; } if (name != NULL) - xfree(name); + free(name); if (data_blob != NULL) - xfree(data_blob); + free(data_blob); buffer_free(&data); buffer_free(&c); return ret; @@ -627,7 +627,7 @@ auth_cert_options(Key *k, struct passwd *pw) /* CA-specified forced command supersedes key option */ if (cert_forced_command != NULL) { if (forced_command != NULL) - xfree(forced_command); + free(forced_command); forced_command = cert_forced_command; } return 0; @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-rsa.c,v 1.81 2012/10/30 21:29:54 djm Exp $ */ +/* $OpenBSD: auth-rsa.c,v 1.82 2013/05/17 00:13:13 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -281,7 +281,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) file = expand_authorized_keys( options.authorized_keys_files[i], pw); allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey); - xfree(file); + free(file); } restore_uid(); @@ -331,7 +331,7 @@ auth_rsa(Authctxt *authctxt, BIGNUM *client_n) fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); verbose("Found matching %s key: %s", key_type(key), fp); - xfree(fp); + free(fp); key_free(key); packet_send_debug("RSA authentication accepted."); @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.101 2013/02/06 00:22:21 dtucker Exp $ */ +/* $OpenBSD: auth.c,v 1.102 2013/05/17 00:13:13 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -165,17 +165,17 @@ allowed_user(struct passwd * pw) if (stat(shell, &st) != 0) { logit("User %.100s not allowed because shell %.100s " "does not exist", pw->pw_name, shell); - xfree(shell); + free(shell); return 0; } if (S_ISREG(st.st_mode) == 0 || (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { logit("User %.100s not allowed because shell %.100s " "is not executable", pw->pw_name, shell); - xfree(shell); + free(shell); return 0; } - xfree(shell); + free(shell); } if (options.num_deny_users > 0 || options.num_allow_users > 0 || @@ -355,7 +355,7 @@ expand_authorized_keys(const char *fi |