Vendor import of OpenSSH 6.3p1

author: des <des@FreeBSD.org> 2013-09-18 17:27:38 +0000
committer: des <des@FreeBSD.org> 2013-09-18 17:27:38 +0000
commit: ff2597d3eebc3da3f7cf2a638607274cad9b199e (patch)
tree: a3ace41867a87a4a940a57f82cd20c283e6aa7cb /ssh-agent.c
parent: f054e5cb18d6e2020eb4fe568cc383ac22fa23c4 (diff)
download: FreeBSD-src-ff2597d3eebc3da3f7cf2a638607274cad9b199e.zip
FreeBSD-src-ff2597d3eebc3da3f7cf2a638607274cad9b199e.tar.gz
1 files changed, 45 insertions, 50 deletions
diff --git a/ssh-agent.c b/ssh-agent.c
index b9498e6..c3b1172 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.172 2011/06/03 01:37:40 dtucker Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.177 2013/07/20 01:50:20 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -106,7 +106,7 @@ typedef struct identity {
 	Key *key;
 	char *comment;
 	char *provider;
-	u_int death;
+	time_t death;
 	u_int confirm;
 } Identity;
 
@@ -122,7 +122,7 @@ int max_fd = 0;
 
 /* pid of shell == parent of agent */
 pid_t parent_pid = -1;
-u_int parent_alive_interval = 0;
+time_t parent_alive_interval = 0;
 
 /* pathname and directory for AUTH_SOCKET */
 char socket_name[MAXPATHLEN];
@@ -134,8 +134,8 @@ char *lock_passwd = NULL;
 
 extern char *__progname;
 
-/* Default lifetime (0 == forever) */
-static int lifetime = 0;
+/* Default lifetime in seconds (0 == forever) */
+static long lifetime = 0;
 
 static void
 close_socket(SocketEntry *e)
@@ -172,10 +172,9 @@ static void
 free_identity(Identity *id)
 {
 	key_free(id->key);
-	if (id->provider != NULL)
-		xfree(id->provider);
-	xfree(id->comment);
-	xfree(id);
+	free(id->provider);
+	free(id->comment);
+	free(id);
 }
 
 /* return matching private key for given public key */
@@ -203,7 +202,7 @@ confirm_key(Identity *id)
 	if (ask_permission("Allow use of key %s?\nKey fingerprint %s.",
 	    id->comment, p))
 		ret = 0;
-	xfree(p);
+	free(p);
 
 	return (ret);
 }
@@ -230,7 +229,7 @@ process_request_identities(SocketEntry *e, int version)
 			u_int blen;
 			key_to_blob(id->key, &blob, &blen);
 			buffer_put_string(&msg, blob, blen);
-			xfree(blob);
+			free(blob);
 		}
 		buffer_put_cstring(&msg, id->comment);
 	}
@@ -348,10 +347,9 @@ process_sign_request2(SocketEntry *e)
 	buffer_append(&e->output, buffer_ptr(&msg),
 	    buffer_len(&msg));
 	buffer_free(&msg);
-	xfree(data);
-	xfree(blob);
-	if (signature != NULL)
-		xfree(signature);
+	free(data);
+	free(blob);
+	free(signature);
 	datafellows = odatafellows;
 }
 
@@ -378,7 +376,7 @@ process_remove_identity(SocketEntry *e, int version)
 	case 2:
 		blob = buffer_get_string(&e->request, &blen);
 		key = key_from_blob(blob, blen);
-		xfree(blob);
+		free(blob);
 		break;
 	}
 	if (key != NULL) {
@@ -430,10 +428,10 @@ process_remove_all_identities(SocketEntry *e, int version)
 }
 
 /* removes expired keys and returns number of seconds until the next expiry */
-static u_int
+static time_t
 reaper(void)
 {
-	u_int deadline = 0, now = time(NULL);
+	time_t deadline = 0, now = monotime();
 	Identity *id, *nxt;
 	int version;
 	Idtab *tab;
@@ -465,8 +463,9 @@ process_add_identity(SocketEntry *e, int version)
 {
 	Idtab *tab = idtab_lookup(version);
 	Identity *id;
-	int type, success = 0, death = 0, confirm = 0;
+	int type, success = 0, confirm = 0;
 	char *type_name, *comment;
+	time_t death = 0;
 	Key *k = NULL;
 #ifdef OPENSSL_HAS_ECC
 	BIGNUM *exponent;
@@ -509,7 +508,7 @@ process_add_identity(SocketEntry *e, int version)
 			cert = buffer_get_string(&e->request, &len);
 			if ((k = key_from_blob(cert, len)) == NULL)
 				fatal("Certificate parse failed");
-			xfree(cert);
+			free(cert);
 			key_add_private(k);
 			buffer_get_bignum2(&e->request, k->dsa->priv_key);
 			break;
@@ -520,7 +519,7 @@ process_add_identity(SocketEntry *e, int version)
 			curve = buffer_get_string(&e->request, NULL);
 			if (k->ecdsa_nid != key_curve_name_to_nid(curve))
 				fatal("%s: curve names mismatch", __func__);
-			xfree(curve);
+			free(curve);
 			k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid);
 			if (k->ecdsa == NULL)
 				fatal("%s: EC_KEY_new_by_curve_name failed",
@@ -551,7 +550,7 @@ process_add_identity(SocketEntry *e, int version)
 			cert = buffer_get_string(&e->request, &len);
 			if ((k = key_from_blob(cert, len)) == NULL)
 				fatal("Certificate parse failed");
-			xfree(cert);
+			free(cert);
 			key_add_private(k);
 			if ((exponent = BN_new()) == NULL)
 				fatal("%s: BN_new failed", __func__);
@@ -583,7 +582,7 @@ process_add_identity(SocketEntry *e, int version)
 			cert = buffer_get_string(&e->request, &len);
 			if ((k = key_from_blob(cert, len)) == NULL)
 				fatal("Certificate parse failed");
-			xfree(cert);
+			free(cert);
 			key_add_private(k);
 			buffer_get_bignum2(&e->request, k->rsa->d);
 			buffer_get_bignum2(&e->request, k->rsa->iqmp);
@@ -591,11 +590,11 @@ process_add_identity(SocketEntry *e, int version)
 			buffer_get_bignum2(&e->request, k->rsa->q);
 			break;
 		default:
-			xfree(type_name);
+			free(type_name);
 			buffer_clear(&e->request);
 			goto send;
 		}
-		xfree(type_name);
+		free(type_name);
 		break;
 	}
 	/* enable blinding */
@@ -613,13 +612,13 @@ process_add_identity(SocketEntry *e, int version)
 	}
 	comment = buffer_get_string(&e->request, NULL);
 	if (k == NULL) {
-		xfree(comment);
+		free(comment);
 		goto send;
 	}
 	while (buffer_len(&e->request)) {
 		switch ((type = buffer_get_char(&e->request))) {
 		case SSH_AGENT_CONSTRAIN_LIFETIME:
-			death = time(NULL) + buffer_get_int(&e->request);
+			death = monotime() + buffer_get_int(&e->request);
 			break;
 		case SSH_AGENT_CONSTRAIN_CONFIRM:
 			confirm = 1;
@@ -627,14 +626,14 @@ process_add_identity(SocketEntry *e, int version)
 		default:
 			error("process_add_identity: "
 			    "Unknown constraint type %d", type);
-			xfree(comment);
+			free(comment);
 			key_free(k);
 			goto send;
 		}
 	}
 	success = 1;
 	if (lifetime && !death)
-		death = time(NULL) + lifetime;
+		death = monotime() + lifetime;
 	if ((id = lookup_identity(k, version)) == NULL) {
 		id = xcalloc(1, sizeof(Identity));
 		id->key = k;
@@ -643,7 +642,7 @@ process_add_identity(SocketEntry *e, int version)
 		tab->nentries++;
 	} else {
 		key_free(k);
-		xfree(id->comment);
+		free(id->comment);
 	}
 	id->comment = comment;
 	id->death = death;
@@ -665,7 +664,7 @@ process_lock_agent(SocketEntry *e, int lock)
 	if (locked && !lock && strcmp(passwd, lock_passwd) == 0) {
 		locked = 0;
 		memset(lock_passwd, 0, strlen(lock_passwd));
-		xfree(lock_passwd);
+		free(lock_passwd);
 		lock_passwd = NULL;
 		success = 1;
 	} else if (!locked && lock) {
@@ -674,7 +673,7 @@ process_lock_agent(SocketEntry *e, int lock)
 		success = 1;
 	}
 	memset(passwd, 0, strlen(passwd));
-	xfree(passwd);
+	free(passwd);
 
 	buffer_put_int(&e->output, 1);
 	buffer_put_char(&e->output,
@@ -701,7 +700,8 @@ static void
 process_add_smartcard_key(SocketEntry *e)
 {
 	char *provider = NULL, *pin;
-	int i, type, version, count = 0, success = 0, death = 0, confirm = 0;
+	int i, type, version, count = 0, success = 0, confirm = 0;
+	time_t death = 0;
 	Key **keys = NULL, *k;
 	Identity *id;
 	Idtab *tab;
@@ -712,7 +712,7 @@ process_add_smartcard_key(SocketEntry *e)
 	while (buffer_len(&e->request)) {
 		switch ((type = buffer_get_char(&e->request))) {
 		case SSH_AGENT_CONSTRAIN_LIFETIME:
-			death = time(NULL) + buffer_get_int(&e->request);
+			death = monotime() + buffer_get_int(&e->request);
 			break;
 		case SSH_AGENT_CONSTRAIN_CONFIRM:
 			confirm = 1;
@@ -724,7 +724,7 @@ process_add_smartcard_key(SocketEntry *e)
 		}
 	}
 	if (lifetime && !death)
-		death = time(NULL) + lifetime;
+		death = monotime() + lifetime;
 
 	count = pkcs11_add_provider(provider, pin, &keys);
 	for (i = 0; i < count; i++) {
@@ -747,12 +747,9 @@ process_add_smartcard_key(SocketEntry *e)
 		keys[i] = NULL;
 	}
 send:
-	if (pin)
-		xfree(pin);
-	if (provider)
-		xfree(provider);
-	if (keys)
-		xfree(keys);
+	free(pin);
+	free(provider);
+	free(keys);
 	buffer_put_int(&e->output, 1);
 	buffer_put_char(&e->output,
 	    success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
@@ -768,7 +765,7 @@ process_remove_smartcard_key(SocketEntry *e)
 
 	provider = buffer_get_string(&e->request, NULL);
 	pin = buffer_get_string(&e->request, NULL);
-	xfree(pin);
+	free(pin);
 
 	for (version = 1; version < 3; version++) {
 		tab = idtab_lookup(version);
@@ -786,7 +783,7 @@ process_remove_smartcard_key(SocketEntry *e)
 	else
 		error("process_remove_smartcard_key:"
 		    " pkcs11_del_provider failed");
-	xfree(provider);
+	free(provider);
 	buffer_put_int(&e->output, 1);
 	buffer_put_char(&e->output,
 	    success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
@@ -931,9 +928,10 @@ static int
 prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp,
     struct timeval **tvpp)
 {
-	u_int i, sz, deadline;
+	u_int i, sz;
 	int n = 0;
 	static struct timeval tv;
+	time_t deadline;
 
 	for (i = 0; i < sockets_alloc; i++) {
 		switch (sockets[i].type) {
@@ -951,10 +949,8 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp,
 
 	sz = howmany(n+1, NFDBITS) * sizeof(fd_mask);
 	if (*fdrp == NULL || sz > *nallocp) {
-		if (*fdrp)
-			xfree(*fdrp);
-		if (*fdwp)
-			xfree(*fdwp);
+		free(*fdrp);
+		free(*fdwp);
 		*fdrp = xmalloc(sz);
 		*fdwp = xmalloc(sz);
 		*nallocp = sz;
@@ -1348,9 +1344,8 @@ skip:
 	if (ac > 0)
 		parent_alive_interval = 10;
 	idtab_init();
-	if (!d_flag)
-		signal(SIGINT, SIG_IGN);
 	signal(SIGPIPE, SIG_IGN);
+	signal(SIGINT, d_flag ? cleanup_handler : SIG_IGN);
 	signal(SIGHUP, cleanup_handler);
 	signal(SIGTERM, cleanup_handler);
 	nalloc = 0;
author	des <des@FreeBSD.org>	2013-09-18 17:27:38 +0000
committer	des <des@FreeBSD.org>	2013-09-18 17:27:38 +0000
commit	ff2597d3eebc3da3f7cf2a638607274cad9b199e (patch)
tree	a3ace41867a87a4a940a57f82cd20c283e6aa7cb /ssh-agent.c
parent	f054e5cb18d6e2020eb4fe568cc383ac22fa23c4 (diff)
download	FreeBSD-src-ff2597d3eebc3da3f7cf2a638607274cad9b199e.zip FreeBSD-src-ff2597d3eebc3da3f7cf2a638607274cad9b199e.tar.gz