diff options
-rw-r--r-- | ChangeLog | 11 | ||||
-rw-r--r-- | auth-rsa.c | 6 | ||||
-rw-r--r-- | auth.c | 4 | ||||
-rw-r--r-- | auth2-chall.c | 9 | ||||
-rw-r--r-- | auth2-gss.c | 4 | ||||
-rw-r--r-- | authfd.c | 9 | ||||
-rw-r--r-- | authfile.c | 16 | ||||
-rw-r--r-- | bufaux.c | 4 | ||||
-rw-r--r-- | canohost.c | 5 | ||||
-rw-r--r-- | channels.c | 9 | ||||
-rw-r--r-- | cipher.c | 8 | ||||
-rw-r--r-- | clientloop.c | 11 | ||||
-rw-r--r-- | dns.c | 8 | ||||
-rw-r--r-- | gss-serv.c | 4 | ||||
-rw-r--r-- | kex.c | 33 | ||||
-rw-r--r-- | kex.h | 8 | ||||
-rw-r--r-- | key.c | 4 | ||||
-rw-r--r-- | mac.c | 11 | ||||
-rw-r--r-- | match.c | 4 | ||||
-rw-r--r-- | misc.c | 13 | ||||
-rw-r--r-- | packet.c | 8 | ||||
-rw-r--r-- | packet.h | 4 | ||||
-rw-r--r-- | scp.c | 10 | ||||
-rw-r--r-- | servconf.c | 7 | ||||
-rw-r--r-- | session.c | 6 | ||||
-rw-r--r-- | session.h | 4 | ||||
-rw-r--r-- | sftp-client.c | 10 | ||||
-rw-r--r-- | sftp-server.c | 12 | ||||
-rw-r--r-- | sftp.c | 13 | ||||
-rw-r--r-- | ssh-keyscan.c | 12 | ||||
-rw-r--r-- | ssh-rsa.c | 4 | ||||
-rw-r--r-- | sshconnect.c | 5 | ||||
-rw-r--r-- | sshconnect1.c | 4 | ||||
-rw-r--r-- | sshconnect2.c | 7 | ||||
-rw-r--r-- | sshd.c | 7 |
35 files changed, 160 insertions, 134 deletions
@@ -8,6 +8,15 @@ [canohost.c channels.c sshd.c] don't exit if getpeername fails for forwarded ports; bugzilla #1054; ok djm + - djm@cvs.openbsd.org 2005/06/17 02:44:33 + [auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c] + [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c] + [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c] + [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c] + [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c] + make this -Wsign-compare clean; ok avsm@ markus@ + NB. auth1.c changes not committed yet (conflicts with uncommitted sync) + NB2. more work may be needed to make portable Wsign-compare clean 20050616 - (djm) OpenBSD CVS Sync @@ -2725,4 +2734,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3822 2005/06/17 02:55:03 djm Exp $ +$Id: ChangeLog,v 1.3823 2005/06/17 02:59:34 djm Exp $ @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.62 2004/12/11 01:48:56 dtucker Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.63 2005/06/17 02:44:32 djm Exp $"); #include <openssl/rsa.h> #include <openssl/md5.h> @@ -205,6 +205,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { char *cp; char *key_options; + int keybits; /* Skip leading whitespace, empty and comment lines. */ for (cp = line; *cp == ' ' || *cp == '\t'; cp++) @@ -243,7 +244,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) continue; /* check the real bits */ - if (bits != BN_num_bits(key->rsa->n)) + keybits = BN_num_bits(key->rsa->n); + if (keybits < 0 || bits != (u_int)keybits) logit("Warning: %s, line %lu: keysize mismatch: " "actual %d vs. announced %d.", file, linenum, BN_num_bits(key->rsa->n), bits); @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.59 2005/06/06 11:20:36 djm Exp $"); +RCSID("$OpenBSD: auth.c,v 1.60 2005/06/17 02:44:32 djm Exp $"); #ifdef HAVE_LOGIN_H #include <login.h> @@ -76,7 +76,7 @@ allowed_user(struct passwd * pw) struct stat st; const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; char *shell; - int i; + u_int i; #ifdef USE_SHADOW struct spwd *spw = NULL; #endif diff --git a/auth2-chall.c b/auth2-chall.c index 384a543e..1cea1537 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.23 2005/06/17 02:44:32 djm Exp $"); #include "ssh2.h" #include "auth.h" @@ -239,8 +239,7 @@ send_userauth_info_request(Authctxt *authctxt) { KbdintAuthctxt *kbdintctxt; char *name, *instr, **prompts; - int i; - u_int *echo_on; + u_int i, *echo_on; kbdintctxt = authctxt->kbdintctxt; if (kbdintctxt->device->query(kbdintctxt->ctxt, @@ -273,8 +272,8 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; KbdintAuthctxt *kbdintctxt; - int i, authenticated = 0, res, len; - u_int nresp; + int authenticated = 0, res, len; + u_int i, nresp; char **response = NULL, *method; if (authctxt == NULL) diff --git a/auth2-gss.c b/auth2-gss.c index 3289ba18..855b61b4 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.8 2004/06/21 17:36:31 avsm Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.9 2005/06/17 02:44:32 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -61,7 +61,7 @@ userauth_gssapi(Authctxt *authctxt) int present; OM_uint32 ms; u_int len; - char *doid = NULL; + u_char *doid = NULL; if (!authctxt->valid || authctxt->user == NULL) return (0); @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.65 2005/05/24 17:32:43 avsm Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.66 2005/06/17 02:44:32 djm Exp $"); #include <openssl/evp.h> @@ -114,8 +114,7 @@ ssh_get_authentication_socket(void) static int ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply) { - int l; - u_int len; + u_int l, len; char buf[1024]; /* Get the length of the message, and format it in the buffer. */ @@ -302,6 +301,7 @@ ssh_get_first_identity(AuthenticationConnection *auth, char **comment, int versi Key * ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version) { + int keybits; u_int bits; u_char *blob; u_int blen; @@ -322,7 +322,8 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio buffer_get_bignum(&auth->identities, key->rsa->e); buffer_get_bignum(&auth->identities, key->rsa->n); *comment = buffer_get_string(&auth->identities, NULL); - if (bits != BN_num_bits(key->rsa->n)) + keybits = BN_num_bits(key->rsa->n); + if (keybits < 0 || bits != (u_int)keybits) logit("Warning: identity keysize mismatch: actual %d, announced %u", BN_num_bits(key->rsa->n), bits); break; @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.60 2004/12/11 01:48:56 dtucker Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.61 2005/06/17 02:44:32 djm Exp $"); #include <openssl/err.h> #include <openssl/evp.h> @@ -52,6 +52,7 @@ RCSID("$OpenBSD: authfile.c,v 1.60 2004/12/11 01:48:56 dtucker Exp $"); #include "authfile.h" #include "rsa.h" #include "misc.h" +#include "atomicio.h" /* Version identification string for SSH v1 identity files. */ static const char authfile_id_string[] = @@ -147,8 +148,8 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, buffer_free(&encrypted); return 0; } - if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != - buffer_len(&encrypted)) { + if (atomicio(vwrite, fd, buffer_ptr(&encrypted), + buffer_len(&encrypted)) != buffer_len(&encrypted)) { error("write to key file %s failed: %s", filename, strerror(errno)); buffer_free(&encrypted); @@ -236,7 +237,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) Key *pub; struct stat st; char *cp; - int i; + u_int i; size_t len; if (fstat(fd, &st) < 0) { @@ -253,7 +254,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) buffer_init(&buffer); cp = buffer_append_space(&buffer, len); - if (read(fd, cp, (size_t) len) != (size_t) len) { + if (atomicio(read, fd, cp, len) != len) { debug("Read from key file %.200s failed: %.100s", filename, strerror(errno)); buffer_free(&buffer); @@ -322,7 +323,8 @@ static Key * key_load_private_rsa1(int fd, const char *filename, const char *passphrase, char **commentp) { - int i, check1, check2, cipher_type; + u_int i; + int check1, check2, cipher_type; size_t len; Buffer buffer, decrypted; u_char *cp; @@ -347,7 +349,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, buffer_init(&buffer); cp = buffer_append_space(&buffer, len); - if (read(fd, cp, (size_t) len) != (size_t) len) { + if (atomicio(read, fd, cp, len) != len) { debug("Read from key file %.200s failed: %.100s", filename, strerror(errno)); buffer_free(&buffer); @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: bufaux.c,v 1.35 2005/03/10 22:01:05 deraadt Exp $"); +RCSID("$OpenBSD: bufaux.c,v 1.36 2005/06/17 02:44:32 djm Exp $"); #include <openssl/bn.h> #include "bufaux.h" @@ -154,7 +154,7 @@ buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value) buf[0] = 0x00; /* Get the value of in binary */ oi = BN_bn2bin(value, buf+1); - if (oi != bytes-1) { + if (oi < 0 || (u_int)oi != bytes - 1) { error("buffer_put_bignum2_ret: BN_bn2bin() failed: " "oi %d != bin_size %d", oi, bytes); xfree(buf); @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: canohost.c,v 1.43 2005/06/16 08:00:00 markus Exp $"); +RCSID("$OpenBSD: canohost.c,v 1.44 2005/06/17 02:44:32 djm Exp $"); #include "packet.h" #include "xmalloc.h" @@ -143,7 +143,8 @@ check_ip_options(int sock, char *ipaddr) u_char options[200]; char text[sizeof(options) * 3 + 1]; socklen_t option_size; - int i, ipproto; + u_int i; + int ipproto; struct protoent *ip; if ((ip = getprotobyname("ip")) != NULL) @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.216 2005/06/16 08:00:00 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.217 2005/06/17 02:44:32 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -894,7 +894,7 @@ static int channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) { char *p, *host; - int len, have, i, found; + u_int len, have, i, found; char username[256]; struct { u_int8_t version; @@ -979,7 +979,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset) } s5_req, s5_rsp; u_int16_t dest_port; u_char *p, dest_addr[255+1]; - int i, have, found, nmethods, addrlen, af; + u_int have, i, found, nmethods, addrlen, af; debug2("channel %d: decode socks5", c->self); p = buffer_ptr(&c->input); @@ -1075,7 +1075,8 @@ static void channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset) { u_char *p; - int have, ret; + u_int have; + int ret; have = buffer_len(&c->input); c->delayed = 0; @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.75 2005/06/09 13:43:49 dtucker Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.76 2005/06/17 02:44:32 djm Exp $"); #include "xmalloc.h" #include "log.h" @@ -235,7 +235,7 @@ cipher_init(CipherContext *cc, Cipher *cipher, fatal("cipher_init: EVP_CipherInit failed for %s", cipher->name); klen = EVP_CIPHER_CTX_key_length(&cc->evp); - if (klen > 0 && keylen != klen) { + if (klen > 0 && keylen != (u_int)klen) { debug2("cipher_init: set keylen (%d -> %d)", klen, keylen); if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) fatal("cipher_init: set keylen failed (%d -> %d)", @@ -326,9 +326,9 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); - if (evplen == 0) + if (evplen <= 0) return; - if (evplen != len) + if ((u_int)evplen != len) fatal("%s: wrong iv length %d != %d", __func__, evplen, len); #if OPENSSL_VERSION_NUMBER < 0x00907000L diff --git a/clientloop.c b/clientloop.c index ee36cc9e..a030cf6e 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.138 2005/06/16 03:38:36 djm Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.139 2005/06/17 02:44:32 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -659,12 +659,12 @@ client_process_control(fd_set * readset) { Buffer m; Channel *c; - int client_fd, new_fd[3], ver, i, allowed; + int client_fd, new_fd[3], ver, allowed; socklen_t addrlen; struct sockaddr_storage addr; struct confirm_ctx *cctx; char *cmd; - u_int len, env_len, command, flags; + u_int i, len, env_len, command, flags; uid_t euid; gid_t egid; @@ -971,7 +971,10 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len) u_char ch; char *s; - for (i = 0; i < len; i++) { + if (len <= 0) + return (0); + + for (i = 0; i < (u_int)len; i++) { /* Get one character at a time. */ ch = buf[i]; @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $ */ +/* $OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -43,7 +43,7 @@ #include "uuencode.h" extern char *__progname; -RCSID("$OpenBSD: dns.c,v 1.11 2005/04/20 10:05:45 jakob Exp $"); +RCSID("$OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $"); #ifndef LWRES static const char *errset_text[] = { @@ -171,7 +171,7 @@ int verify_host_key_dns(const char *hostname, struct sockaddr *address, const Key *hostkey, int *flags) { - int counter; + u_int counter; int result; struct rrsetinfo *fingerprints = NULL; @@ -274,7 +274,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic) u_char *rdata_digest; u_int rdata_digest_len; - int i; + u_int i; int success = 0; if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.5 2003/11/17 11:06:07 markus Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.6 2005/06/17 02:44:32 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -134,7 +134,7 @@ ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *recv_tok, static OM_uint32 ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name) { - char *tok; + u_char *tok; OM_uint32 offset; OM_uint32 oidl; @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.60 2004/06/21 17:36:31 avsm Exp $"); +RCSID("$OpenBSD: kex.c,v 1.61 2005/06/17 02:44:32 djm Exp $"); #include <openssl/crypto.h> @@ -52,7 +52,7 @@ static void kex_choose_conf(Kex *); static void kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) { - int i; + u_int i; buffer_clear(b); /* @@ -101,7 +101,7 @@ kex_buf2prop(Buffer *raw, int *first_kex_follows) static void kex_prop_free(char **proposal) { - int i; + u_int i; for (i = 0; i < PROPOSAL_MAX; i++) xfree(proposal[i]); @@ -150,7 +150,7 @@ kex_send_kexinit(Kex *kex) { u_int32_t rnd = 0; u_char *cookie; - int i; + u_int i; if (kex == NULL) { error("kex_send_kexinit: no kex, cannot rekey"); @@ -183,8 +183,7 @@ void kex_input_kexinit(int type, u_int32_t seq, void *ctxt) { char *ptr; - int dlen; - int i; + u_int i, dlen; Kex *kex = (Kex *)ctxt; debug("SSH2_MSG_KEXINIT received"); @@ -343,9 +342,7 @@ kex_choose_conf(Kex *kex) char **my, **peer; char **cprop, **sprop; int nenc, nmac, ncomp; - int mode; - int ctos; /* direction: if true client-to-server */ - int need; + u_int mode, ctos, need; int first_kex_follows, type; my = kex_buf2prop(&kex->my, NULL); @@ -405,15 +402,19 @@ kex_choose_conf(Kex *kex) } static u_char * -derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) +derive_key(Kex *kex, int id, u_int need, u_char *hash, BIGNUM *shared_secret) { Buffer b; const EVP_MD *evp_md = EVP_sha1(); EVP_MD_CTX md; char c = id; - int have; + u_int have; int mdsz = EVP_MD_size(evp_md); - u_char *digest = xmalloc(roundup(need, mdsz)); + u_char *digest; + + if (mdsz < 0) + fatal("derive_key: mdsz < 0"); + digest = xmalloc(roundup(need, mdsz)); buffer_init(&b); buffer_put_bignum2(&b, shared_secret); @@ -455,7 +456,7 @@ void kex_derive_keys(Kex *kex, u_char *hash, BIGNUM *shared_secret) { u_char *keys[NKEYS]; - int i, mode, ctos; + u_int i, mode, ctos; for (i = 0; i < NKEYS; i++) keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, shared_secret); @@ -493,13 +494,13 @@ derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus, EVP_DigestInit(&md, evp_md); len = BN_num_bytes(host_modulus); - if (len < (512 / 8) || len > sizeof(nbuf)) + if (len < (512 / 8) || (u_int)len > sizeof(nbuf)) fatal("%s: bad host modulus (len %d)", __func__, len); BN_bn2bin(host_modulus, nbuf); EVP_DigestUpdate(&md, nbuf, len); len = BN_num_bytes(server_modulus); - if (len < (512 / 8) || len > sizeof(nbuf)) + if (len < (512 / 8) || (u_int)len > sizeof(nbuf)) fatal("%s: bad server modulus (len %d)", __func__, len); BN_bn2bin(server_modulus, nbuf); EVP_DigestUpdate(&md, nbuf, len); @@ -518,7 +519,7 @@ derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus, void dump_digest(char *msg, u_char *digest, int len) { - int i; + u_int i; fprintf(stderr, "%s\n", msg); for (i = 0; i< len; i++) { @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.35 2004/06/13 12:53:24 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.36 2005/06/17 02:44:32 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -83,9 +83,9 @@ struct Mac { char *name; int enabled; const EVP_MD *md; - int mac_len; + u_int mac_len; u_char *key; - int key_len; + u_int key_len; }; struct Comp { int type; @@ -101,7 +101,7 @@ struct Kex { u_char *session_id; u_int session_id_len; Newkeys *newkeys[MODE_MAX]; - int we_need; + u_int we_need; int server; char *name; int hostkey_type; @@ -32,7 +32,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: key.c,v 1.57 2004/10/29 23:57:05 djm Exp $"); +RCSID("$OpenBSD: key.c,v 1.58 2005/06/17 02:44:32 djm Exp $"); #include <openssl/evp.h> @@ -231,7 +231,7 @@ static char * key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len) { char *retval; - int i; + u_int i; retval = xmalloc(dgst_raw_len * 3 + 1); retval[0] = '\0'; @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: mac.c,v 1.6 2003/09/18 13:02:21 miod Exp $"); +RCSID("$OpenBSD: mac.c,v 1.7 2005/06/17 02:44:32 djm Exp $"); #include <openssl/hmac.h> @@ -51,12 +51,15 @@ struct { int mac_init(Mac *mac, char *name) { - int i; + int i, evp_len; + for (i = 0; macs[i].name; i++) { if (strcmp(name, macs[i].name) == 0) { if (mac != NULL) { mac->md = (*macs[i].mdfunc)(); - mac->key_len = mac->mac_len = EVP_MD_size(mac->md); + if ((evp_len = EVP_MD_size(mac->md)) <= 0) + fatal("mac %s len %d", name, evp_len); + mac->key_len = mac->mac_len = (u_int)evp_len; if (macs[i].truncatebits != 0) mac->mac_len = macs[i].truncatebits/8; } @@ -77,7 +80,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) if (mac->key == NULL) fatal("mac_compute: no key"); - if ((u_int)mac->mac_len > sizeof(m)) + if (mac->mac_len > sizeof(m)) fatal("mac_compute: mac too long"); HMAC_Init(&c, mac->key, mac->key_len, mac->md); PUT_32BIT(b, seqno); @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: match.c,v 1.19 2002/03/01 13:12:10 markus Exp $"); +RCSID("$OpenBSD: match.c,v 1.20 2005/06/17 02:44:32 djm Exp $"); #include "match.h" #include "xmalloc.h" @@ -254,7 +254,7 @@ match_list(const char *client, const char *server, u_int *next) ret = xstrdup(p); if (next != NULL) *next = (cp == NULL) ? - strlen(c) : cp - c; + strlen(c) : (u_int)(cp - c); xfree(c); xfree(s); return ret; @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.31 2005/06/06 11:20:36 djm Exp $"); +RCSID("$OpenBSD: misc.c,v 1.32 2005/06/17 02:44:32 djm Exp $"); #include "misc.h" #include "log.h" @@ -386,7 +386,7 @@ tilde_expand_filename(const char *filename, uid_t uid) const char *path; char user[128], ret[MAXPATHLEN]; struct passwd *pw; - int len; + u_int len, slash; if (*filename != '~') return (xstrdup(filename)); @@ -394,10 +394,11 @@ tilde_expand_filename(const char *filename, uid_t uid) path = strchr(filename, '/'); if (path != NULL && path > filename) { /* ~user/path */ - if (path - filename > sizeof(user) - 1) + slash = path - filename; + if (slash > sizeof(user) - 1) fatal("tilde_expand_filename: ~username too long"); - memcpy(user, filename, path - filename); - user[path - filename] = '\0'; + memcpy(user, filename, slash); + user[slash] = '\0'; if ((pw = getpwnam(user)) == NULL) fatal("tilde_expand_filename: No such user %s", user); } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */ @@ -435,7 +436,7 @@ percent_expand(const char *string, ...) const char *key; const char *repl; } keys[EXPAND_MAX_KEYS]; - int num_keys, i, j; + u_int num_keys, i, j; char buf[4096]; va_list ap; @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.116 2004/10/20 11:48:53 markus Exp $"); +RCSID("$OpenBSD: packet.c,v 1.117 2005/06/17 02:44:32 djm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -992,7 +992,7 @@ packet_read_poll2(u_int32_t *seqnr_p) static u_int packet_length = 0; u_int padlen, need; u_char *macbuf, *cp, type; - int maclen, block_size; + u_int maclen, block_size; Enc *enc = NULL; Mac *mac = NULL; Comp *comp = NULL; @@ -1229,9 +1229,9 @@ packet_get_bignum2(BIGNUM * value) } void * -packet_get_raw(int *length_ptr) +packet_get_raw(u_int *length_ptr) { - int bytes = buffer_len(&incoming_packet); + u_int bytes = buffer_len(&incoming_packet); if (length_ptr != NULL) *length_ptr = bytes; @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.41 2004/05/11 19:01:43 deraadt Exp $ */ +/* $OpenBSD: packet.h,v 1.42 2005/06/17 02:44:33 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -52,7 +52,7 @@ u_int packet_get_char(void); u_int packet_get_int(void); void packet_get_bignum(BIGNUM * value); void packet_get_bignum2(BIGNUM * value); -void *packet_get_raw(int *length_ptr); +void *packet_get_raw(u_int *length_ptr); void *packet_get_string(u_int *length_ptr); void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); @@ -71,7 +71,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: scp.c,v 1.123 2005/05/26 02:08:05 avsm Exp $"); +RCSID("$OpenBSD: scp.c,v 1.124 2005/06/17 02:44:33 djm Exp $"); #include "xmalloc.h" #include "atomicio.h" @@ -186,7 +186,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout, int argc) } typedef struct { |