From be484b5d9889ca636fecdf1f6b73ddfbe4cce3c9 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 15 Jul 2000 14:14:16 +1000 Subject: - (djm) OpenBSD CVS updates - provos@cvs.openbsd.org 2000/07/13 16:53:22 [aux.c readconf.c servconf.c ssh.h] allow multiple whitespace but only one '=' between tokens, bug report from Ralf S. Engelschall but different fix. okay deraadt@ - provos@cvs.openbsd.org 2000/07/13 17:14:09 [clientloop.c] typo; todd@fries.net - provos@cvs.openbsd.org 2000/07/13 17:19:31 [scp.c] close can fail on AFS, report error; from Greg Hudson - markus@cvs.openbsd.org 2000/07/14 16:59:46 [readconf.c servconf.c] allow leading whitespace. ok niels - djm@cvs.openbsd.org 2000/07/14 22:01:38 [ssh-keygen.c ssh.c] Always create ~/.ssh with mode 700; ok Markus --- ChangeLog | 171 +++++++++++++++++++++++++++++++++-------------------------- aux.c | 32 ++++++++++- clientloop.c | 4 +- readconf.c | 54 +++++++++---------- scp.c | 9 ++-- servconf.c | 49 ++++++++--------- ssh-keygen.c | 4 +- ssh.c | 4 +- ssh.h | 5 +- 9 files changed, 193 insertions(+), 139 deletions(-) diff --git a/ChangeLog b/ChangeLog index 54e80b71..2b3cd0b6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,22 @@ +20000713 + - (djm) OpenBSD CVS updates + - provos@cvs.openbsd.org 2000/07/13 16:53:22 + [aux.c readconf.c servconf.c ssh.h] + allow multiple whitespace but only one '=' between tokens, bug report from + Ralf S. Engelschall but different fix. okay deraadt@ + - provos@cvs.openbsd.org 2000/07/13 17:14:09 + [clientloop.c] + typo; todd@fries.net + - provos@cvs.openbsd.org 2000/07/13 17:19:31 + [scp.c] + close can fail on AFS, report error; from Greg Hudson + - markus@cvs.openbsd.org 2000/07/14 16:59:46 + [readconf.c servconf.c] + allow leading whitespace. ok niels + - djm@cvs.openbsd.org 2000/07/14 22:01:38 + [ssh-keygen.c ssh.c] + Always create ~/.ssh with mode 700; ok Markus + 20000712 - (djm) Remove -lresolve for Reliant Unix - (djm) OpenBSD CVS Updates: @@ -247,7 +266,7 @@ - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is def'd - Set AIX to use preformatted manpages - + 20000610 - (djm) Minor doc tweaks - (djm) Fix for configure on bash2 from Jim Knoble @@ -304,7 +323,7 @@ - (andre) New login code - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c - Add loginrec.[ch], logintest.c and autoconf code - + 20000531 - Cleanup of auth.c, login.c and fake-* - Cleanup of auth-pam.c, save and print "account expired" error messages @@ -366,9 +385,9 @@ - Gives useful error message if PRNG initialisation fails - Reduced ssh startup delay - Measures cumulative command time rather than the time between reads - after select() + after select() - 'fixprogs' perl script to eliminate non-working entropy commands, and - optionally run 'ent' to measure command entropy + optionally run 'ent' to measure command entropy - Applied Tom Bertelson's AIX authentication fix - Avoid WCOREDUMP complation errors for systems that lack it - Avoid SIGCHLD warnings from entropy commands @@ -853,64 +872,64 @@ 20000309 - OpenBSD CVS updates to v1.2.3 - [ssh.h atomicio.c] - - int atomicio -> ssize_t (for alpha). ok deraadt@ - [auth-rsa.c] - - delay MD5 computation until client sends response, free() early, cleanup. - [cipher.c] - - void* -> unsigned char*, ok niels@ - [hostfile.c] - - remove unused variable 'len'. fix comments. - - remove unused variable - [log-client.c log-server.c] - - rename a cpp symbol, to avoid param.h collision - [packet.c] - - missing xfree() - - getsockname() requires initialized tolen; andy@guildsoftware.com - - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; - from Holger.Trapp@Informatik.TU-Chemnitz.DE - [pty.c pty.h] - - register cleanup for pty earlier. move code for pty-owner handling to - pty.c ok provos@, dugsong@ - [readconf.c] - - turn off x11-fwd for the client, too. - [rsa.c] - - PKCS#1 padding - [scp.c] - - allow '.' in usernames; from jedgar@fxp.org - [servconf.c] - - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de - - sync with sshd_config - [ssh-keygen.c] - - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@ - [ssh.1] - - Change invalid 'CHAT' loglevel to 'VERBOSE' - [ssh.c] - - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp - - turn off x11-fwd for the client, too. - [sshconnect.c] - - missing xfree() - - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp. - - read error vs. "Connection closed by remote host" - [sshd.8] - - ie. -> i.e., - - do not link to a commercial page.. - - sync with sshd_config - [sshd.c] - - no need for poll.h; from bright@wintelcom.net - - log with level log() not fatal() if peer behaves badly. - - don't panic if client behaves strange. ok deraadt@ - - make no-port-forwarding for RSA keys deny both -L and -R style fwding - - delay close() of pty until the pty has been chowned back to root - - oops, fix comment, too. - - missing xfree() - - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too. - (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907) - - register cleanup for pty earlier. move code for pty-owner handling to + [ssh.h atomicio.c] + - int atomicio -> ssize_t (for alpha). ok deraadt@ + [auth-rsa.c] + - delay MD5 computation until client sends response, free() early, cleanup. + [cipher.c] + - void* -> unsigned char*, ok niels@ + [hostfile.c] + - remove unused variable 'len'. fix comments. + - remove unused variable + [log-client.c log-server.c] + - rename a cpp symbol, to avoid param.h collision + [packet.c] + - missing xfree() + - getsockname() requires initialized tolen; andy@guildsoftware.com + - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; + from Holger.Trapp@Informatik.TU-Chemnitz.DE + [pty.c pty.h] + - register cleanup for pty earlier. move code for pty-owner handling to pty.c ok provos@, dugsong@ - - create x11 cookie file - - fix pr 1113, fclose() -> pclose(), todo: remote popen() - - version 1.2.3 + [readconf.c] + - turn off x11-fwd for the client, too. + [rsa.c] + - PKCS#1 padding + [scp.c] + - allow '.' in usernames; from jedgar@fxp.org + [servconf.c] + - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de + - sync with sshd_config + [ssh-keygen.c] + - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@ + [ssh.1] + - Change invalid 'CHAT' loglevel to 'VERBOSE' + [ssh.c] + - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp + - turn off x11-fwd for the client, too. + [sshconnect.c] + - missing xfree() + - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp. + - read error vs. "Connection closed by remote host" + [sshd.8] + - ie. -> i.e., + - do not link to a commercial page.. + - sync with sshd_config + [sshd.c] + - no need for poll.h; from bright@wintelcom.net + - log with level log() not fatal() if peer behaves badly. + - don't panic if client behaves strange. ok deraadt@ + - make no-port-forwarding for RSA keys deny both -L and -R style fwding + - delay close() of pty until the pty has been chowned back to root + - oops, fix comment, too. + - missing xfree() + - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too. + (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907) + - register cleanup for pty earlier. move code for pty-owner handling to + pty.c ok provos@, dugsong@ + - create x11 cookie file + - fix pr 1113, fclose() -> pclose(), todo: remote popen() + - version 1.2.3 - Cleaned up - Removed warning workaround for Linux and devpts filesystems (no longer required after OpenBSD updates) @@ -1656,21 +1675,21 @@ modular. - Revised autoconf support for enabling/disabling askpass support. - Merged more OpenBSD CVS changes: - [auth-krb4.c] - - disconnect if getpeername() fails - - missing xfree(*client) - [canohost.c] - - disconnect if getpeername() fails - - fix comment: we _do_ disconnect if ip-options are set - [sshd.c] - - disconnect if getpeername() fails - - move checking of remote port to central place - [auth-rhosts.c] move checking of remote port to central place - [log-server.c] avoid extra fd per sshd, from millert@ - [readconf.c] print _all_ bad config-options in ssh(1), too - [readconf.h] print _all_ bad config-options in ssh(1), too - [ssh.c] print _all_ bad config-options in ssh(1), too - [sshconnect.c] disconnect if getpeername() fails + [auth-krb4.c] + - disconnect if getpeername() fails + - missing xfree(*client) + [canohost.c] + - disconnect if getpeername() fails + - fix comment: we _do_ disconnect if ip-options are set + [sshd.c] + - disconnect if getpeername() fails + - move checking of remote port to central place + [auth-rhosts.c] move checking of remote port to central place + [log-server.c] avoid extra fd per sshd, from millert@ + [readconf.c] print _all_ bad config-options in ssh(1), too + [readconf.h] print _all_ bad config-options in ssh(1), too + [ssh.c] print _all_ bad config-options in ssh(1), too + [sshconnect.c] disconnect if getpeername() fails - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it. - Various small cleanups to bring diff (against OpenBSD) size down. - Merged more Solaris compability from Marc G. Fournier diff --git a/aux.c b/aux.c index 63f7dd41..709e2451 100644 --- a/aux.c +++ b/aux.c @@ -1,5 +1,5 @@ #include "includes.h" -RCSID("$OpenBSD: aux.c,v 1.3 2000/06/18 17:13:41 markus Exp $"); +RCSID("$OpenBSD: aux.c,v 1.4 2000/07/13 22:53:21 provos Exp $"); #include "ssh.h" @@ -39,3 +39,33 @@ set_nonblock(int fd) if (fcntl(fd, F_SETFL, val) == -1) error("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd, strerror(errno)); } + +/* Characters considered whitespace in strsep calls. */ +#define WHITESPACE " \t\r\n" + +char * +strdelim(char **s) +{ + char *old; + int wspace = 0; + + if (*s == NULL) + return NULL; + + old = *s; + + *s = strpbrk(*s, WHITESPACE "="); + if (*s == NULL) + return (old); + + /* Allow only one '=' to be skipped */ + if (*s[0] == '=') + wspace = 1; + *s[0] = '\0'; + + *s += strspn(*s + 1, WHITESPACE) + 1; + if (*s[0] == '=' && !wspace) + *s += strspn(*s + 1, WHITESPACE) + 1; + + return (old); +} diff --git a/clientloop.c b/clientloop.c index 5df584ab..f7ac7b3b 100644 --- a/clientloop.c +++ b/clientloop.c @@ -16,7 +16,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.27 2000/06/20 01:39:40 markus Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.28 2000/07/13 23:14:08 provos Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -778,7 +778,7 @@ client_loop(int have_pty, int escape_char_arg) if (have_pty) enter_raw_mode(); - /* Check if we should immediately send of on stdin. */ + /* Check if we should immediately send eof on stdin. */ if (!compat20) client_check_initial_eof_on_stdin(); diff --git a/readconf.c b/readconf.c index c514e9b5..06cfaa1a 100644 --- a/readconf.c +++ b/readconf.c @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.41 2000/07/11 19:17:44 deraadt Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.43 2000/07/14 22:59:46 markus Exp $"); #include "ssh.h" #include "cipher.h" @@ -164,10 +164,6 @@ static struct { { NULL, 0 } }; -/* Characters considered whitespace in strsep calls. */ -#define WHITESPACE " \t\r\n=" - - /* * Adds a local TCP/IP port forward to options. Never returns if there is an * error. @@ -241,13 +237,15 @@ process_config_line(Options *options, const char *host, int opcode, *intptr, value; u_short fwd_port, fwd_host_port; - /* Skip leading whitespace. */ - s = line + strspn(line, WHITESPACE); - if (!*s || *s == '\n' || *s == '#') + s = line; + /* Get the keyword. (Each line is supposed to begin with a keyword). */ + keyword = strdelim(&s); + /* Ignore leading whitespace. */ + if (*keyword == '\0') + keyword = strdelim(&s); + if (!*keyword || *keyword == '\n' || *keyword == '#') return 0; - /* Get the keyword. (Each line is supposed to begin with a keyword). */ - keyword = strsep(&s, WHITESPACE); opcode = parse_token(keyword, filename, linenum); switch (opcode) { @@ -258,7 +256,7 @@ process_config_line(Options *options, const char *host, case oForwardAgent: intptr = &options->forward_agent; parse_flag: - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing yes/no argument.", filename, linenum); value = 0; /* To avoid compiler warning... */ @@ -344,7 +342,7 @@ parse_flag: case oStrictHostKeyChecking: intptr = &options->strict_host_key_checking; - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing yes/no argument.", filename, linenum); @@ -379,7 +377,7 @@ parse_flag: case oIdentityFile: case oIdentityFile2: - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (*activep) { @@ -404,7 +402,7 @@ parse_flag: case oUser: charptr = &options->user; parse_string: - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (*activep && *charptr == NULL) @@ -434,7 +432,7 @@ parse_string: case oProxyCommand: charptr = &options->proxy_command; string = xstrdup(""); - while ((arg = strsep(&s, WHITESPACE)) != NULL && *arg != '\0') { + while ((arg = strdelim(&s)) != NULL && *arg != '\0') { string = xrealloc(string, strlen(string) + strlen(arg) + 2); strcat(string, " "); strcat(string, arg); @@ -448,7 +446,7 @@ parse_string: case oPort: intptr = &options->port; parse_int: - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (arg[0] < '0' || arg[0] > '9') @@ -468,7 +466,7 @@ parse_int: case oCipher: intptr = &options->cipher; - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); value = cipher_number(arg); @@ -480,7 +478,7 @@ parse_int: break; case oCiphers: - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (!ciphers_valid(arg)) @@ -492,7 +490,7 @@ parse_int: case oProtocol: intptr = &options->protocol; - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); value = proto_spec(arg); @@ -505,7 +503,7 @@ parse_int: case oLogLevel: intptr = (int *) &options->log_level; - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); value = log_level_number(arg); if (value == (LogLevel) - 1) fatal("%.200s line %d: unsupported log level '%s'\n", @@ -515,14 +513,14 @@ parse_int: break; case oRemoteForward: - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (arg[0] < '0' || arg[0] > '9') fatal("%.200s line %d: Badly formatted port number.", filename, linenum); fwd_port = atoi(arg); - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing second argument.", filename, linenum); @@ -534,14 +532,14 @@ parse_int: break; case oLocalForward: - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (arg[0] < '0' || arg[0] > '9') fatal("%.200s line %d: Badly formatted port number.", filename, linenum); fwd_port = atoi(arg); - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing second argument.", filename, linenum); @@ -554,18 +552,18 @@ parse_int: case oHost: *activep = 0; - while ((arg = strsep(&s, WHITESPACE)) != NULL && *arg != '\0') + while ((arg = strdelim(&s)) != NULL && *arg != '\0') if (match_pattern(host, arg)) { debug("Applying options for %.100s", arg); *activep = 1; break; } - /* Avoid garbage check below, as strsep is done. */ + /* Avoid garbage check below, as strdelim is done. */ return 0; case oEscapeChar: intptr = &options->escape_char; - arg = strsep(&s, WHITESPACE); + arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (arg[0] == '^' && arg[2] == 0 && @@ -590,7 +588,7 @@ parse_int: } /* Check that there is no garbage at end of line. */ - if ((arg = strsep(&s, WHITESPACE)) != NULL && *arg != '\0') + if ((arg = strdelim(&s)) != NULL && *arg != '\0') { fatal("%.200s line %d: garbage at end of line; \"%.200s\".", filename, linenum, arg); diff --git a/scp.c b/scp.c index 5f849cc1..02feba9c 100644 --- a/scp.c +++ b/scp.c @@ -45,7 +45,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: scp.c,v 1.32 2000/06/20 01:39:44 markus Exp $"); +RCSID("$OpenBSD: scp.c,v 1.33 2000/07/13 23:19:31 provos Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -889,7 +889,10 @@ bad: run_err("%s: %s", np, strerror(errno)); run_err("%s: set mode: %s", np, strerror(errno)); } - (void) close(ofd); + if (close(ofd) == -1) { + wrerr = YES; + wrerrno = errno; + } (void) response(); if (setimes && wrerr == NO) { setimes = 0; @@ -1015,7 +1018,7 @@ run_err(const char *fmt,...) * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $OpenBSD: scp.c,v 1.32 2000/06/20 01:39:44 markus Exp $ + * $OpenBSD: scp.c,v 1.33 2000/07/13 23:19:31 provos Exp $ */ char * diff --git a/servconf.c b/servconf.c index 77ac8452..477204cf 100644 --- a/servconf.c +++ b/servconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.47 2000/07/10 16:30:25 ho Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.49 2000/07/14 22:59:46 markus Exp $"); #include "ssh.h" #include "servconf.h" @@ -164,8 +164,6 @@ fill_default_server_options(ServerOptions *options) options->max_startups = 10; } -#define WHITESPACE " \t\r\n=" - /* Keyword tokens. */ typedef enum { sBadOption, /* == unknown option */ @@ -318,10 +316,13 @@ read_server_config(ServerOptions *options, const char *filename) linenum = 0; while (fgets(line, sizeof(line), f)) { linenum++; - cp = line + strspn(line, WHITESPACE); - if (!*cp || *cp == '#') + cp = line; + arg = strdelim(&cp); + /* Ignore leading whitespace */ + if (*arg == '\0') + arg = strdelim(&cp); + if (!*arg || *arg == '#') continue; - arg = strsep(&cp, WHITESPACE); opcode = parse_token(arg, filename, linenum); switch (opcode) { case sBadOption: @@ -337,7 +338,7 @@ read_server_config(ServerOptions *options, const char *filename) if (options->num_ports >= MAX_PORTS) fatal("%s line %d: too many ports.\n", filename, linenum); - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing port number.\n", filename, linenum); @@ -347,7 +348,7 @@ read_server_config(ServerOptions *options, const char *filename) case sServerKeyBits: intptr = &options->server_key_bits; parse_int: - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') { fprintf(stderr, "%s line %d: missing integer value.\n", filename, linenum); @@ -367,7 +368,7 @@ parse_int: goto parse_int; case sListenAddress: - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing inet addr.\n", filename, linenum); @@ -379,7 +380,7 @@ parse_int: charptr = (opcode == sHostKeyFile ) ? &options->host_key_file : &options->host_dsa_key_file; parse_filename: - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') { fprintf(stderr, "%s line %d: missing file name.\n", filename, linenum); @@ -396,12 +397,12 @@ parse_filename: case sRandomSeedFile: fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n", filename, linenum); - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); break; case sPermitRootLogin: intptr = &options->permit_root_login; - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') { fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n", filename, linenum); @@ -425,7 +426,7 @@ parse_filename: case sIgnoreRhosts: intptr = &options->ignore_rhosts; parse_flag: - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') { fprintf(stderr, "%s line %d: missing yes/no argument.\n", filename, linenum); @@ -540,7 +541,7 @@ parse_flag: case sLogFacility: intptr = (int *) &options->log_facility; - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); value = log_facility_number(arg); if (value == (SyslogFacility) - 1) fatal("%.200s line %d: unsupported log facility '%s'\n", @@ -551,7 +552,7 @@ parse_flag: case sLogLevel: intptr = (int *) &options->log_level; - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); value = log_level_number(arg); if (value == (LogLevel) - 1) fatal("%.200s line %d: unsupported log level '%s'\n", @@ -561,7 +562,7 @@ parse_flag: break; case sAllowUsers: - while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') { + while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_allow_users >= MAX_ALLOW_USERS) fatal("%s line %d: too many allow users.\n", filename, linenum); @@ -570,7 +571,7 @@ parse_flag: break; case sDenyUsers: - while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') { + while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_deny_users >= MAX_DENY_USERS) fatal( "%s line %d: too many deny users.\n", filename, linenum); @@ -579,7 +580,7 @@ parse_flag: break; case sAllowGroups: - while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') { + while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_allow_groups >= MAX_ALLOW_GROUPS) fatal("%s line %d: too many allow groups.\n", filename, linenum); @@ -588,7 +589,7 @@ parse_flag: break; case sDenyGroups: - while ((arg = strsep(&cp, WHITESPACE)) && *arg != '\0') { + while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_deny_groups >= MAX_DENY_GROUPS) fatal("%s line %d: too many deny groups.\n", filename, linenum); @@ -597,7 +598,7 @@ parse_flag: break; case sCiphers: - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing argument.", filename, linenum); if (!ciphers_valid(arg)) @@ -609,7 +610,7 @@ parse_flag: case sProtocol: intptr = &options->protocol; - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing argument.", filename, linenum); value = proto_spec(arg); @@ -625,7 +626,7 @@ parse_flag: fatal("%s line %d: too many subsystems defined.", filename, linenum); } - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing subsystem name.", filename, linenum); @@ -634,7 +635,7 @@ parse_flag: fatal("%s line %d: Subsystem '%s' already defined.", filename, linenum, arg); options->subsystem_name[options->num_subsystems] = xstrdup(arg); - arg = strsep(&cp, WHITESPACE); + arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing subsystem command.", filename, linenum); @@ -651,7 +652,7 @@ parse_flag: filename, linenum, arg, opcode); exit(1); } - if ((arg = strsep(&cp, WHITESPACE)) != NULL && *arg != '\0') { + if ((arg = strdelim(&cp)) != NULL && *arg != '\0') { fprintf(stderr, "%s line %d: garbage at end of line; \"%.200s\".\n", filename, linenum, arg); diff --git a/ssh-keygen.c b/ssh-keygen.c index b38ebfb9..8a03f0d8 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -7,7 +7,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.28 2000/07/07 03:55:04 todd Exp $"); +RCSID("$OpenBSD: ssh-keygen.c,v 1.29 2000/07/15 04:01:37 djm Exp $"); #include #include @@ -660,7 +660,7 @@ main(int ac, char **av) snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", pw->pw_dir, SSH_USER_DIR); if (strstr(identity_file, dotsshdir) != NULL && stat(dotsshdir, &st) < 0) { - if (mkdir(dotsshdir, 0755) < 0) + if (mkdir(dotsshdir, 0700) < 0) error("Could not create directory '%s'.", dotsshdir); else if (!quiet) printf("Created directory '%s'.\n", dotsshdir); diff --git a/ssh.c b/ssh.c index be2ba446..c2faf388 100644 --- a/ssh.c +++ b/ssh.c @@ -11,7 +11,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.56 2000/06/20 01:39:44 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.57 2000/07/15 04:01:37 djm Exp $"); #include #include @@ -622,7 +622,7 @@ main(int ac, char **av) */ snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_DIR); if (stat(buf, &st) < 0) - if (mkdir(buf, 0755) < 0) + if (mkdir(buf, 0700) < 0) error("Could not create directory '%.200s'.", buf); /* Check if the connection failed, and try "rsh" if appropriate. */ diff --git a/ssh.h b/ssh.h index 213f73de..f3f049fc 100644 --- a/ssh.h +++ b/ssh.h @@ -13,7 +13,7 @@ * */ -/* RCSID("$OpenBSD: ssh.h,v 1.47 2000/06/20 01:39:45 markus Exp $"); */ +/* RCSID("$OpenBSD: ssh.h,v 1.48 2000/07/13 22:53:21 provos Exp $"); */ #ifndef SSH_H #define SSH_H @@ -489,6 +489,9 @@ char *tilde_expand_filename(const char *filename, uid_t my_uid); /* remove newline at end of string */ char *chop(char *s); +/* return next token in configuration line */ +char *strdelim(char **s); + /* set filedescriptor to non-blocking */ void set_nonblock(int fd); -- cgit v1.2.3