Upgrade to OpenSSH 6.9p1.

author: des <des@FreeBSD.org> 2016-01-19 18:55:44 +0000
committer: des <des@FreeBSD.org> 2016-01-19 18:55:44 +0000
commit: b856a4573162fbc9ddf1c38fd82b6c728c310d1b (patch)
tree: b2a4ad7a06e845ba72a87d2beedfbbcbb7aeb5bb /crypto/openssh/packet.c
parent: 76107b08804f309434efce7480edc2bbd15e1bf7 (diff)
parent: f8195792ec11c7b20879183ea72e1495f0870617 (diff)
download: FreeBSD-src-b856a4573162fbc9ddf1c38fd82b6c728c310d1b.zip
FreeBSD-src-b856a4573162fbc9ddf1c38fd82b6c728c310d1b.tar.gz
1 files changed, 34 insertions, 16 deletions
diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c
index 7884eeb..aca06d7 100644
--- a/crypto/openssh/packet.c
+++ b/crypto/openssh/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -291,6 +291,7 @@ ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out)
 	    (r = cipher_init(&state->receive_context, none,
 	    (const u_char *)"", 0, NULL, 0, CIPHER_DECRYPT)) != 0) {
 		error("%s: cipher_init failed: %s", __func__, ssh_err(r));
+		free(ssh);
 		return NULL;
 	}
 	state->newkeys[MODE_IN] = state->newkeys[MODE_OUT] = NULL;
@@ -792,7 +793,9 @@ ssh_packet_set_compress_hooks(struct ssh *ssh, void *ctx,
 void
 ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number)
 {
-#ifdef WITH_SSH1
+#ifndef WITH_SSH1
+	fatal("no SSH protocol 1 support");
+#else /* WITH_SSH1 */
 	struct session_state *state = ssh->state;
 	const struct sshcipher *cipher = cipher_by_number(number);
 	int r;
@@ -1280,7 +1283,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 	 * been sent.
 	 */
 	if ((r = ssh_packet_write_wait(ssh)) != 0)
-		return r;
+		goto out;
 
 	/* Stay in the loop until we have received a complete packet. */
 	for (;;) {
@@ -1338,15 +1341,20 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 			len = roaming_read(state->connection_in, buf,
 			    sizeof(buf), &cont);
 		} while (len == 0 && cont);
-		if (len == 0)
-			return SSH_ERR_CONN_CLOSED;
-		if (len < 0)
-			return SSH_ERR_SYSTEM_ERROR;
+		if (len == 0) {
+			r = SSH_ERR_CONN_CLOSED;
+			goto out;
+		}
+		if (len < 0) {
+			r = SSH_ERR_SYSTEM_ERROR;
+			goto out;
+		}
 
 		/* Append it to the buffer. */
 		if ((r = ssh_packet_process_incoming(ssh, buf, len)) != 0)
-			return r;
+			goto out;
 	}
+ out:
 	free(setp);
 	return r;
 }
@@ -1913,9 +1921,19 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
 		logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh));
 		cleanup_exit(255);
 	case SSH_ERR_CONN_TIMEOUT:
-		logit("Connection to %.200s timed out while "
-		    "waiting to write", ssh_remote_ipaddr(ssh));
+		logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh));
 		cleanup_exit(255);
+	case SSH_ERR_DISCONNECTED:
+		logit("Disconnected from %.200s",
+		    ssh_remote_ipaddr(ssh));
+		cleanup_exit(255);
+	case SSH_ERR_SYSTEM_ERROR:
+		if (errno == ECONNRESET) {
+			logit("Connection reset by %.200s",
+			    ssh_remote_ipaddr(ssh));
+			cleanup_exit(255);
+		}
+		/* FALLTHROUGH */
 	default:
 		fatal("%s%sConnection to %.200s: %s",
 		    tag != NULL ? tag : "", tag != NULL ? ": " : "",
@@ -2728,13 +2746,14 @@ sshpkt_put_stringb(struct ssh *ssh, const struct sshbuf *v)
 	return sshbuf_put_stringb(ssh->state->outgoing_packet, v);
 }
 
-#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
+#ifdef WITH_OPENSSL
+#ifdef OPENSSL_HAS_ECC
 int
 sshpkt_put_ec(struct ssh *ssh, const EC_POINT *v, const EC_GROUP *g)
 {
 	return sshbuf_put_ec(ssh->state->outgoing_packet, v, g);
 }
-#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
+#endif /* OPENSSL_HAS_ECC */
 
 #ifdef WITH_SSH1
 int
@@ -2744,7 +2763,6 @@ sshpkt_put_bignum1(struct ssh *ssh, const BIGNUM *v)
 }
 #endif /* WITH_SSH1 */
 
-#ifdef WITH_OPENSSL
 int
 sshpkt_put_bignum2(struct ssh *ssh, const BIGNUM *v)
 {
@@ -2796,13 +2814,14 @@ sshpkt_get_cstring(struct ssh *ssh, char **valp, size_t *lenp)
 	return sshbuf_get_cstring(ssh->state->incoming_packet, valp, lenp);
 }
 
-#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
+#ifdef WITH_OPENSSL
+#ifdef OPENSSL_HAS_ECC
 int
 sshpkt_get_ec(struct ssh *ssh, EC_POINT *v, const EC_GROUP *g)
 {
 	return sshbuf_get_ec(ssh->state->incoming_packet, v, g);
 }
-#endif /* WITH_OPENSSL && OPENSSL_HAS_ECC */
+#endif /* OPENSSL_HAS_ECC */
 
 #ifdef WITH_SSH1
 int
@@ -2812,7 +2831,6 @@ sshpkt_get_bignum1(struct ssh *ssh, BIGNUM *v)
 }
 #endif /* WITH_SSH1 */
 
-#ifdef WITH_OPENSSL
 int
 sshpkt_get_bignum2(struct ssh *ssh, BIGNUM *v)
 {
author	des <des@FreeBSD.org>	2016-01-19 18:55:44 +0000
committer	des <des@FreeBSD.org>	2016-01-19 18:55:44 +0000
commit	b856a4573162fbc9ddf1c38fd82b6c728c310d1b (patch)
tree	b2a4ad7a06e845ba72a87d2beedfbbcbb7aeb5bb /crypto/openssh/packet.c
parent	76107b08804f309434efce7480edc2bbd15e1bf7 (diff)
parent	f8195792ec11c7b20879183ea72e1495f0870617 (diff)
download	FreeBSD-src-b856a4573162fbc9ddf1c38fd82b6c728c310d1b.zip FreeBSD-src-b856a4573162fbc9ddf1c38fd82b6c728c310d1b.tar.gz