dist

Michael van Elst Mon, 29 Apr 2013 11:00:04 -0700

Module Name:    src
Committed By:   mlelstv
Date:           Mon Apr 29 17:59:51 UTC 2013


Modified Files:
        src/crypto/external/bsd/openssh/dist: readconf.c readconf.h ssh.c
            sshconnect2.c

Log Message:
Identityfile warnings fixes.
https://bugzilla.mindrot.org/show_bug.cgi?id=2084


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/readconf.c \
    src/crypto/external/bsd/openssh/dist/readconf.h
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/ssh.c
cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/sshconnect2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/readconf.c
diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.8 src/crypto/external/bsd/openssh/dist/readconf.c:1.9
--- src/crypto/external/bsd/openssh/dist/readconf.c:1.8	Wed May  2 02:41:08 2012
+++ src/crypto/external/bsd/openssh/dist/readconf.c	Mon Apr 29 17:59:50 2013
@@ -1,5 +1,5 @@
-/*	$NetBSD: readconf.c,v 1.8 2012/05/02 02:41:08 christos Exp $	*/
-/* $OpenBSD: readconf.c,v 1.194 2011/09/23 07:45:05 markus Exp $ */
+/*	$NetBSD: readconf.c,v 1.9 2013/04/29 17:59:50 mlelstv Exp $	*/
+/* $OpenBSD: readconf.c,v 1.196 2013/02/22 04:45:08 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <y...@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <y...@cs.hut.fi>, Espoo, Finland
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: readconf.c,v 1.8 2012/05/02 02:41:08 christos Exp $");
+__RCSID("$NetBSD: readconf.c,v 1.9 2013/04/29 17:59:50 mlelstv Exp $");
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/socket.h>
@@ -353,6 +353,26 @@ clear_forwardings(Options *options)
 	options->tun_open = SSH_TUNMODE_NO;
 }
 
+void
+add_identity_file(Options *options, const char *dir, const char *filename,
+    int userprovided)
+{
+	char *path;
+
+	if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES)
+		fatal("Too many identity files specified (max %d)",
+		    SSH_MAX_IDENTITY_FILES);
+
+	if (dir == NULL) /* no dir, filename is absolute */
+		path = xstrdup(filename);
+	else
+		(void)xasprintf(&path, "%.100s%.100s", dir, filename);
+
+	options->identity_file_userprovided[options->num_identity_files] =
+	    userprovided;
+	options->identity_files[options->num_identity_files++] = path;
+}
+
 /*
  * Returns the number of the token pointed to by cp or oBadOption.
  */
@@ -380,7 +400,7 @@ parse_token(const char *cp, const char *
 int
 process_config_line(Options *options, const char *host,
 		    char *line, const char *filename, int linenum,
-		    int *activep)
+		    int *activep, int userconfig)
 {
 	char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
 	char **cpptr, fwdarg[256];
@@ -662,9 +682,7 @@ parse_yesnoask:
 			if (*intptr >= SSH_MAX_IDENTITY_FILES)
 				fatal("%.200s line %d: Too many identity files specified (max %d).",
 				    filename, linenum, SSH_MAX_IDENTITY_FILES);
-			charptr = &options->identity_files[*intptr];
-			*charptr = xstrdup(arg);
-			*intptr = *intptr + 1;
+			add_identity_file(options, NULL, arg, userconfig);
 		}
 		break;
 
@@ -1161,7 +1179,7 @@ parse_int:
 
 int
 read_config_file(const char *filename, const char *host, Options *options,
-    int checkperm)
+    int flags)
 {
 	FILE *f;
 	char line[1024];
@@ -1171,7 +1189,7 @@ read_config_file(const char *filename, c
 	if ((f = fopen(filename, "r")) == NULL)
 		return 0;
 
-	if (checkperm) {
+	if (flags & SSHCONF_CHECKPERM) {
 		struct stat sb;
 
 		if (fstat(fileno(f), &sb) == -1)
@@ -1192,7 +1210,8 @@ read_config_file(const char *filename, c
 	while (fgets(line, sizeof(line), f)) {
 		/* Update line number counter. */
 		linenum++;
-		if (process_config_line(options, host, line, filename, linenum, &active) != 0)
+		if (process_config_line(options, host, line, filename, linenum,
+		    &active, flags & SSHCONF_USERCONF) != 0)
 			bad_options++;
 	}
 	fclose(f);
Index: src/crypto/external/bsd/openssh/dist/readconf.h
diff -u src/crypto/external/bsd/openssh/dist/readconf.h:1.8 src/crypto/external/bsd/openssh/dist/readconf.h:1.9
--- src/crypto/external/bsd/openssh/dist/readconf.h:1.8	Wed May  2 02:41:08 2012
+++ src/crypto/external/bsd/openssh/dist/readconf.h	Mon Apr 29 17:59:50 2013
@@ -1,5 +1,5 @@
-/*	$NetBSD: readconf.h,v 1.8 2012/05/02 02:41:08 christos Exp $	*/
-/* $OpenBSD: readconf.h,v 1.91 2011/09/23 07:45:05 markus Exp $ */
+/*	$NetBSD: readconf.h,v 1.9 2013/04/29 17:59:50 mlelstv Exp $	*/
+/* $OpenBSD: readconf.h,v 1.93 2013/02/22 04:45:09 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <y...@cs.hut.fi>
@@ -111,6 +111,7 @@ typedef struct {
 
 	int     num_identity_files;	/* Number of files for RSA/DSA identities. */
 	char   *identity_files[SSH_MAX_IDENTITY_FILES];
+	int    identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
 	Key    *identity_keys[SSH_MAX_IDENTITY_FILES];
 
 	/* Local TCP/IP forward requests. */
@@ -166,15 +167,20 @@ typedef struct {
 #define REQUEST_TTY_YES		2
 #define REQUEST_TTY_FORCE	3
 
+#define SSHCONF_CHECKPERM	1  /* check permissions on config file */
+#define SSHCONF_USERCONF	2  /* user provided config file not system */
+
 void     initialize_options(Options *);
 void     fill_default_options(Options *);
 int	 read_config_file(const char *, const char *, Options *, int);
 int	 parse_forward(Forward *, const char *, int, int);
 
 int
-process_config_line(Options *, const char *, char *, const char *, int, int *);
+process_config_line(Options *, const char *, char *, const char *, int, int *,
+    int);
 
 void	 add_local_forward(Options *, const Forward *);
 void	 add_remote_forward(Options *, const Forward *);
+void	 add_identity_file(Options *, const char *, const char *, int);
 
 #endif				/* READCONF_H */

Index: src/crypto/external/bsd/openssh/dist/ssh.c
diff -u src/crypto/external/bsd/openssh/dist/ssh.c:1.11 src/crypto/external/bsd/openssh/dist/ssh.c:1.12
--- src/crypto/external/bsd/openssh/dist/ssh.c:1.11	Wed Dec 12 17:42:40 2012
+++ src/crypto/external/bsd/openssh/dist/ssh.c	Mon Apr 29 17:59:50 2013
@@ -1,5 +1,5 @@
-/*	$NetBSD: ssh.c,v 1.11 2012/12/12 17:42:40 christos Exp $	*/
-/* $OpenBSD: ssh.c,v 1.370 2012/07/06 01:47:38 djm Exp $ */
+/*	$NetBSD: ssh.c,v 1.12 2013/04/29 17:59:50 mlelstv Exp $	*/
+/* $OpenBSD: ssh.c,v 1.372 2013/02/22 04:45:09 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <y...@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <y...@cs.hut.fi>, Espoo, Finland
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh.c,v 1.11 2012/12/12 17:42:40 christos Exp $");
+__RCSID("$NetBSD: ssh.c,v 1.12 2013/04/29 17:59:50 mlelstv Exp $");
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/ioctl.h>
@@ -379,12 +379,7 @@ main(int ac, char **av)
 				    strerror(errno));
 				break;
 			}
-			if (options.num_identity_files >=
-			    SSH_MAX_IDENTITY_FILES)
-				fatal("Too many identity files specified "
-				    "(max %d)", SSH_MAX_IDENTITY_FILES);
-			options.identity_files[options.num_identity_files++] =
-			    xstrdup(optarg);
+			add_identity_file(&options, NULL, optarg, 1);
 			break;
 		case 'I':
 #ifdef ENABLE_PKCS11
@@ -563,7 +558,8 @@ main(int ac, char **av)
 			dummy = 1;
 			line = xstrdup(optarg);
 			if (process_config_line(&options, host ? host : "",
-			    line, "command-line", 0, &dummy) != 0)
+			    line, "command-line", 0, &dummy, SSHCONF_USERCONF)
+			    != 0)
 				exit(255);
 			xfree(line);
 			break;
@@ -657,14 +653,15 @@ main(int ac, char **av)
 	 * file if the user specifies a config file on the command line.
 	 */
 	if (config != NULL) {
-		if (!read_config_file(config, host, &options, 0))
+		if (!read_config_file(config, host, &options, SSHCONF_USERCONF))
 			fatal("Can't open user config file %.100s: "
 			    "%.100s", config, strerror(errno));
 	} else {
 		r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir,
 		    _PATH_SSH_USER_CONFFILE);
 		if (r > 0 && (size_t)r < sizeof(buf))
-			(void)read_config_file(buf, host, &options, 1);
+			(void)read_config_file(buf, host, &options,
+			     SSHCONF_CHECKPERM|SSHCONF_USERCONF);
 
 		/* Read systemwide configuration file after user config. */
 		(void)read_config_file(_PATH_HOST_CONFIG_FILE, host,

Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.12 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.13
--- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.12	Fri Mar 29 16:19:45 2013
+++ src/crypto/external/bsd/openssh/dist/sshconnect2.c	Mon Apr 29 17:59:50 2013
@@ -1,5 +1,5 @@
-/*	$NetBSD: sshconnect2.c,v 1.12 2013/03/29 16:19:45 christos Exp $	*/
-/* $OpenBSD: sshconnect2.c,v 1.191 2013/02/15 00:21:01 dtucker Exp $ */
+/*	$NetBSD: sshconnect2.c,v 1.13 2013/04/29 17:59:50 mlelstv Exp $	*/
+/* $OpenBSD: sshconnect2.c,v 1.192 2013/02/17 23:16:57 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -26,7 +26,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.12 2013/03/29 16:19:45 christos Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.13 2013/04/29 17:59:50 mlelstv Exp $");
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/wait.h>
@@ -1423,7 +1423,7 @@ pubkey_prepare(Authctxt *authctxt)
 		id = xcalloc(1, sizeof(*id));
 		id->key = key;
 		id->filename = xstrdup(options.identity_files[i]);
-		id->userprovided = 1;
+		id->userprovided = options.identity_file_userprovided[i];
 		TAILQ_INSERT_TAIL(&files, id, next);
 	}
 	/* Prefer PKCS11 keys that are explicitly listed */

CVS commit: src/crypto/external/bsd/openssh/dist

Reply via email to