[openssh-commits] [openssh] 10/19: upstream: sshd: switch config to sshbuf API; ok djm@
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Jul 10 19:46:50 AEST 2018
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit c3cb7790e9efb14ba74b2d9f543ad593b3d55b31
Author: markus at openbsd.org <markus at openbsd.org>
Date: Mon Jul 9 21:29:36 2018 +0000
upstream: sshd: switch config to sshbuf API; ok djm@
OpenBSD-Commit-ID: 72b02017bac7feac48c9dceff8355056bea300bd
---
servconf.c | 30 ++++++++++++++++--------------
serverloop.c | 4 ++--
sshd.c | 60 +++++++++++++++++++++++++++++++-----------------------------
3 files changed, 49 insertions(+), 45 deletions(-)
diff --git a/servconf.c b/servconf.c
index 97c268e3..7ca67ce6 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.337 2018/07/09 13:37:10 sf Exp $ */
+/* $OpenBSD: servconf.c,v 1.338 2018/07/09 21:29:36 markus Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -45,7 +45,7 @@
#include "xmalloc.h"
#include "ssh.h"
#include "log.h"
-#include "buffer.h"
+#include "sshbuf.h"
#include "misc.h"
#include "servconf.h"
#include "compat.h"
@@ -59,6 +59,7 @@
#include "groupaccess.h"
#include "canohost.h"
#include "packet.h"
+#include "ssherr.h"
#include "hostfile.h"
#include "auth.h"
#include "myproposal.h"
@@ -71,7 +72,7 @@ static void add_one_listen_addr(ServerOptions *, const char *,
/* Use of privilege separation or not */
extern int use_privsep;
-extern Buffer cfg;
+extern struct sshbuf *cfg;
/* Initializes the server options to their default values. */
@@ -2163,19 +2164,19 @@ process_server_config_line(ServerOptions *options, char *line,
/* Reads the server configuration file. */
void
-load_server_config(const char *filename, Buffer *conf)
+load_server_config(const char *filename, struct sshbuf *conf)
{
char *line = NULL, *cp;
size_t linesize = 0;
FILE *f;
- int lineno = 0;
+ int r, lineno = 0;
debug2("%s: filename %s", __func__, filename);
if ((f = fopen(filename, "r")) == NULL) {
perror(filename);
exit(1);
}
- buffer_clear(conf);
+ sshbuf_reset(conf);
while (getline(&line, &linesize, f) != -1) {
lineno++;
/*
@@ -2186,13 +2187,14 @@ load_server_config(const char *filename, Buffer *conf)
if ((cp = strchr(line, '#')) != NULL)
memcpy(cp, "\n", 2);
cp = line + strspn(line, " \t\r");
-
- buffer_append(conf, cp, strlen(cp));
+ if ((r = sshbuf_put(conf, cp, strlen(cp))) != 0)
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
}
free(line);
- buffer_append(conf, "\0", 1);
+ if ((r = sshbuf_put_u8(conf, 0)) != 0)
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
fclose(f);
- debug2("%s: done config len = %d", __func__, buffer_len(conf));
+ debug2("%s: done config len = %zu", __func__, sshbuf_len(conf));
}
void
@@ -2202,7 +2204,7 @@ parse_server_match_config(ServerOptions *options,
ServerOptions mo;
initialize_server_options(&mo);
- parse_server_config(&mo, "reprocess config", &cfg, connectinfo);
+ parse_server_config(&mo, "reprocess config", cfg, connectinfo);
copy_set_server_options(options, &mo, 0);
}
@@ -2346,13 +2348,13 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
#undef M_CP_STRARRAYOPT
void
-parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
- struct connection_info *connectinfo)
+parse_server_config(ServerOptions *options, const char *filename,
+ struct sshbuf *conf, struct connection_info *connectinfo)
{
int active, linenum, bad_options = 0;
char *cp, *obuf, *cbuf;
- debug2("%s: config %s len %d", __func__, filename, buffer_len(conf));
+ debug2("%s: config %s len %zu", __func__, filename, sshbuf_len(conf));
if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL)
fatal("%s: sshbuf_dup_string failed", __func__);
diff --git a/serverloop.c b/serverloop.c
index 5ecafded..f1b676f8 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.206 2018/06/08 01:55:40 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.207 2018/07/09 21:29:36 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -58,7 +58,7 @@
#include "openbsd-compat/sys-queue.h"
#include "xmalloc.h"
#include "packet.h"
-#include "buffer.h"
+#include "sshbuf.h"
#include "log.h"
#include "misc.h"
#include "servconf.h"
diff --git a/sshd.c b/sshd.c
index 4777eb21..81f694ae 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.510 2018/07/09 21:26:02 markus Exp $ */
+/* $OpenBSD: sshd.c,v 1.511 2018/07/09 21:29:36 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -91,7 +91,7 @@
#include "sshpty.h"
#include "packet.h"
#include "log.h"
-#include "buffer.h"
+#include "sshbuf.h"
#include "misc.h"
#include "match.h"
#include "servconf.h"
@@ -237,7 +237,7 @@ Authctxt *the_authctxt = NULL;
struct sshauthopt *auth_opts = NULL;
/* sshd_config buffer */
-Buffer cfg;
+struct sshbuf *cfg;
/* message to be displayed after login */
struct sshbuf *loginmsg;
@@ -958,31 +958,33 @@ send_rexec_state(int fd, struct sshbuf *conf)
}
static void
-recv_rexec_state(int fd, Buffer *conf)
+recv_rexec_state(int fd, struct sshbuf *conf)
{
- Buffer m;
- char *cp;
- u_int len;
+ struct sshbuf *m;
+ u_char *cp, ver;
+ size_t len;
+ int r;
debug3("%s: entering fd = %d", __func__, fd);
- buffer_init(&m);
-
- if (ssh_msg_recv(fd, &m) == -1)
+ if ((m = sshbuf_new()) == NULL)
+ fatal("%s: sshbuf_new failed", __func__);
+ if (ssh_msg_recv(fd, m) == -1)
fatal("%s: ssh_msg_recv failed", __func__);
- if (buffer_get_char(&m) != 0)
+ if ((r = sshbuf_get_u8(m, &ver)) != 0)
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ if (ver != 0)
fatal("%s: rexec version mismatch", __func__);
+ if ((r = sshbuf_get_string(m, &cp, &len)) != 0)
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
+ if (conf != NULL && (r = sshbuf_put(conf, cp, len)))
+ fatal("%s: buffer error: %s", __func__, ssh_err(r));
+#if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY)
+ rexec_recv_rng_seed(m);
+#endif
- cp = buffer_get_string(&m, &len);
- if (conf != NULL)
- buffer_append(conf, cp, len);
free(cp);
-
-#if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY)
- rexec_recv_rng_seed(&m);
-#endif
-
- buffer_free(&m);
+ sshbuf_free(m);
debug3("%s: done", __func__);
}
@@ -1263,8 +1265,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
startup_pipe = -1;
pid = getpid();
if (rexec_flag) {
- send_rexec_state(config_s[0],
- &cfg);
+ send_rexec_state(config_s[0], cfg);
close(config_s[0]);
}
break;
@@ -1310,7 +1311,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
close(startup_p[1]);
if (rexec_flag) {
- send_rexec_state(config_s[0], &cfg);
+ send_rexec_state(config_s[0], cfg);
close(config_s[0]);
close(config_s[1]);
}
@@ -1662,14 +1663,15 @@ main(int ac, char **av)
"test mode (-T)");
/* Fetch our configuration */
- buffer_init(&cfg);
+ if ((cfg = sshbuf_new()) == NULL)
+ fatal("%s: sshbuf_new failed", __func__);
if (rexeced_flag)
- recv_rexec_state(REEXEC_CONFIG_PASS_FD, &cfg);
+ recv_rexec_state(REEXEC_CONFIG_PASS_FD, cfg);
else if (strcasecmp(config_file_name, "none") != 0)
- load_server_config(config_file_name, &cfg);
+ load_server_config(config_file_name, cfg);
parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
- &cfg, NULL);
+ cfg, NULL);
seed_rng();
@@ -1770,7 +1772,7 @@ main(int ac, char **av)
keytype = pubkey->type;
} else if (key != NULL) {
keytype = key->type;
- accumulate_host_timing_secret(&cfg, key);
+ accumulate_host_timing_secret(cfg, key);
} else {
error("Could not load host key: %s",
options.host_key_files[i]);
@@ -1796,7 +1798,7 @@ main(int ac, char **av)
key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp);
free(fp);
}
- accumulate_host_timing_secret(&cfg, NULL);
+ accumulate_host_timing_secret(cfg, NULL);
if (!sensitive_data.have_ssh2_key) {
logit("sshd: no hostkeys available -- exiting.");
exit(1);
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list