src - FreeBSD source tree

diff options


context:
space:
mode:

author	Xin LI <delphij@FreeBSD.org>	2013-11-11 09:13:37 +0000
committer	Xin LI <delphij@FreeBSD.org>	2013-11-11 09:13:37 +0000
commit	ff96c0c81d9ee141236b95d52ad0578684d59ab5 (patch)
tree	ca6acb9df2db06e94ca0f79ab534dd3479ed6ac5
parent	0dddc34c88de4b0421dbb5279ad265a3615cc0bf (diff)
download	src-ff96c0c81d9ee141236b95d52ad0578684d59ab5.tar.gz src-ff96c0c81d9ee141236b95d52ad0578684d59ab5.zip

Vendor import of OpenSSH 6.4p1.vendor/openssh/6.4p1

Approved by: des

Notes

Notes: svn path=/vendor-crypto/openssh/dist/; revision=257952 svn path=/vendor-crypto/openssh/6.4p1/; revision=257953; tag=vendor/openssh/6.4p1

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

contrib/caldera/openssh.spec

-rw-r--r--

contrib/redhat/openssh.spec

-rw-r--r--

contrib/suse/openssh.spec

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

22 files changed, 65 insertions, 49 deletions

diff --git a/ChangeLog b/ChangeLog
index 1a0d2545eeeb..6175764f5bfd 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,3 +1,20 @@

+20131108

+ - (djm) OpenBSD CVS Sync

+ - markus@cvs.openbsd.org 2013/11/06 16:52:11

+ [monitor_wrap.c]

+ fix rekeying for AES-GCM modes; ok deraadt

+ - djm@cvs.openbsd.org 2013/11/08 00:39:15

+ [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]

+ [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]

+ [sftp-client.c sftp-glob.c]

+ use calloc for all structure allocations; from markus@

+ - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]

+ [contrib/suse/openssh.spec] update version numbers

+ - djm@cvs.openbsd.org 2013/11/08 01:38:11

+ [version.h]

+ openssh-6.4

+ - (djm) Release 6.4p1

20130913

- (djm) [channels.c] Fix unaligned access on sparc machines in SOCKS5 code;

ok dtucker@

diff --git a/README b/README
index ece2dba19c2e..0c52f1371482 100644
--- a/README
+++ b/README

@@ -1,4 +1,4 @@

-See http://www.openssh.com/txt/release-6.3 for the release notes.

+See http://www.openssh.com/txt/release-6.4 for the release notes.

- A Japanese translation of this document and of the OpenSSH FAQ is

- available at http://www.unixuser.org/~haruyama/security/openssh/index.html

@@ -62,4 +62,4 @@ References -

[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9

[7] http://www.openssh.com/faq.html

-$Id: README,v 1.83 2013/07/25 02:34:00 djm Exp $

+$Id: README,v 1.83.4.1 2013/11/08 01:36:17 djm Exp $

diff --git a/auth-options.c b/auth-options.c
index 80d59ee95c52..12e2e1dcac9e 100644
--- a/auth-options.c
+++ b/auth-options.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: auth-options.c,v 1.59 2013/07/12 00:19:58 djm Exp $ */

+/* $OpenBSD: auth-options.c,v 1.61 2013/11/08 00:39:14 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -239,7 +239,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)

auth_debug_add("Adding to environment: %.900s", s);

debug("Adding to environment: %.900s", s);

opts++;

- new_envstring = xmalloc(sizeof(struct envstring));

+ new_envstring = xcalloc(1, sizeof(struct envstring));

new_envstring->s = s;

new_envstring->next = custom_environment;

custom_environment = new_envstring;

diff --git a/auth2-chall.c b/auth2-chall.c
index 98f3093ce2fd..031c2828c986 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: auth2-chall.c,v 1.38 2013/05/17 00:13:13 djm Exp $ */

+/* $OpenBSD: auth2-chall.c,v 1.39 2013/11/08 00:39:14 djm Exp $ */

@@ -111,7 +111,7 @@ kbdint_alloc(const char *devs)

remove_kbdint_device("pam");

#endif

- kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));

+ kbdintctxt = xcalloc(1, sizeof(KbdintAuthctxt));

if (strcmp(devs, "") == 0) {

buffer_init(&b);

for (i = 0; devices[i]; i++) {

diff --git a/authfd.c b/authfd.c
index 775786bee13c..5cce93b76a57 100644
--- a/authfd.c
+++ b/authfd.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: authfd.c,v 1.87 2013/05/17 00:13:13 djm Exp $ */

+/* $OpenBSD: authfd.c,v 1.88 2013/11/08 00:39:14 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -206,7 +206,7 @@ ssh_get_authentication_connection(void)

if (sock < 0)

return NULL;

- auth = xmalloc(sizeof(*auth));

+ auth = xcalloc(1, sizeof(*auth));

auth->fd = sock;

buffer_init(&auth->identities);

auth->howmany = 0;

diff --git a/channels.c b/channels.c
index ac675c742d11..a1c31d8a004a 100644
--- a/channels.c
+++ b/channels.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: channels.c,v 1.324 2013/07/12 00:19:58 djm Exp $ */

+/* $OpenBSD: channels.c,v 1.327 2013/11/08 00:39:15 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -704,7 +704,7 @@ channel_register_status_confirm(int id, channel_confirm_cb *cb,

if ((c = channel_lookup(id)) == NULL)

fatal("channel_register_expect: %d: bad id", id);

- cc = xmalloc(sizeof(*cc));

+ cc = xcalloc(1, sizeof(*cc));

cc->cb = cb;

cc->abandon_cb = abandon_cb;

cc->ctx = ctx;

diff --git a/cipher-3des1.c b/cipher-3des1.c
index c8a70244b099..56fc777862d6 100644
--- a/cipher-3des1.c
+++ b/cipher-3des1.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: cipher-3des1.c,v 1.8 2013/05/17 00:13:13 djm Exp $ */

+/* $OpenBSD: cipher-3des1.c,v 1.9 2013/11/08 00:39:15 djm Exp $ */

@@ -67,7 +67,7 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,

u_char *k1, *k2, *k3;

if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {

- c = xmalloc(sizeof(*c));

+ c = xcalloc(1, sizeof(*c));

EVP_CIPHER_CTX_set_app_data(ctx, c);

}

if (key == NULL)

diff --git a/clientloop.c b/clientloop.c
index 7c1f8abba43d..23c2f2396f5b 100644
--- a/clientloop.c
+++ b/clientloop.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: clientloop.c,v 1.253 2013/06/07 15:37:52 dtucker Exp $ */

+/* $OpenBSD: clientloop.c,v 1.255 2013/11/08 00:39:15 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -837,7 +837,7 @@ void

client_expect_confirm(int id, const char *request,

enum confirm_action action)

{

- struct channel_reply_ctx *cr = xmalloc(sizeof(*cr));

+ struct channel_reply_ctx *cr = xcalloc(1, sizeof(*cr));

cr->request_type = request;

cr->action = action;

@@ -860,7 +860,7 @@ client_register_global_confirm(global_confirm_cb *cb, void *ctx)

return;

}

- gc = xmalloc(sizeof(*gc));

+ gc = xcalloc(1, sizeof(*gc));

gc->cb = cb;

gc->ctx = ctx;

gc->ref_count = 1;

@@ -1438,7 +1438,7 @@ client_new_escape_filter_ctx(int escape_char)

{

struct escape_filter_ctx *ret;

- ret = xmalloc(sizeof(*ret));

+ ret = xcalloc(1, sizeof(*ret));

ret->escape_pending = 0;

ret->escape_char = escape_char;

return (void *)ret;

diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec
index b460bfff00f1..d026b72d8e66 100644
--- a/contrib/caldera/openssh.spec
+++ b/contrib/caldera/openssh.spec

@@ -16,7 +16,7 @@

#old cvs stuff. please update before use. may be deprecated.

%define use_stable 1

-%define version 6.3p1

+%define version 6.4p1

%if %{use_stable}

%define cvs %{nil}

%define release 1

@@ -363,4 +363,4 @@ fi

* Mon Jan 01 1998 ...

Template Version: 1.31

-$Id: openssh.spec,v 1.80 2013/07/25 02:34:00 djm Exp $

+$Id: openssh.spec,v 1.80.4.1 2013/11/08 01:36:19 djm Exp $

diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index d1191f4e1a60..29a38dedc1f3 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec

@@ -1,4 +1,4 @@

-%define ver 6.3p1

+%define ver 6.4p1

%define rel 1

# OpenSSH privilege separation requires a user & group ID

diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index 2866039d1fc1..3a612bd23827 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec

@@ -13,7 +13,7 @@

Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation

Name: openssh

-Version: 6.3p1

+Version: 6.4p1

URL: http://www.openssh.com/

Release: 1

Source0: openssh-%{version}.tar.gz

diff --git a/gss-genr.c b/gss-genr.c
index bf164a77b60f..b39281bc1e6c 100644
--- a/gss-genr.c
+++ b/gss-genr.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: gss-genr.c,v 1.21 2013/05/17 00:13:13 djm Exp $ */

+/* $OpenBSD: gss-genr.c,v 1.22 2013/11/08 00:39:15 djm Exp $ */

@@ -62,7 +62,7 @@ ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len)

free(ctx->oid->elements);

free(ctx->oid);

}

- ctx->oid = xmalloc(sizeof(gss_OID_desc));

+ ctx->oid = xcalloc(1, sizeof(gss_OID_desc));

ctx->oid->length = len;

ctx->oid->elements = xmalloc(len);

memcpy(ctx->oid->elements, data, len);

diff --git a/monitor_mm.c b/monitor_mm.c
index ee7bad4b454e..d3e6aeee539b 100644
--- a/monitor_mm.c
+++ b/monitor_mm.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: monitor_mm.c,v 1.17 2013/05/17 00:13:13 djm Exp $ */

+/* $OpenBSD: monitor_mm.c,v 1.18 2013/11/08 00:39:15 djm Exp $ */

@@ -65,7 +65,7 @@ mm_make_entry(struct mm_master *mm, struct mmtree *head,

struct mm_share *tmp, *tmp2;

if (mm->mmalloc == NULL)

- tmp = xmalloc(sizeof(struct mm_share));

+ tmp = xcalloc(1, sizeof(struct mm_share));

else

tmp = mm_xmalloc(mm->mmalloc, sizeof(struct mm_share));

tmp->address = address;

@@ -88,7 +88,7 @@ mm_create(struct mm_master *mmalloc, size_t size)

struct mm_master *mm;

if (mmalloc == NULL)

- mm = xmalloc(sizeof(struct mm_master));

+ mm = xcalloc(1, sizeof(struct mm_master));

else

mm = mm_xmalloc(mmalloc, sizeof(struct mm_master));

@@ -161,6 +161,7 @@ mm_xmalloc(struct mm_master *mm, size_t size)

address = mm_malloc(mm, size);

if (address == NULL)

fatal("%s: mm_malloc(%lu)", __func__, (u_long)size);

+ memset(address, 0, size);

return (address);

}

diff --git a/monitor_wrap.c b/monitor_wrap.c
index 88ff68330ae9..4ce46960568a 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: monitor_wrap.c,v 1.76 2013/05/17 00:13:13 djm Exp $ */

+/* $OpenBSD: monitor_wrap.c,v 1.77 2013/11/06 16:52:11 markus Exp $ */

@@ -482,7 +482,7 @@ mm_newkeys_from_blob(u_char *blob, int blen)

buffer_init(&b);

buffer_append(&b, blob, blen);

- newkey = xmalloc(sizeof(*newkey));

+ newkey = xcalloc(1, sizeof(*newkey));

enc = &newkey->enc;

mac = &newkey->mac;

comp = &newkey->comp;

diff --git a/packet.c b/packet.c
index 0d27e759237d..90db33bddb28 100644
--- a/packet.c
+++ b/packet.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: packet.c,v 1.188 2013/07/12 00:19:58 djm Exp $ */

+/* $OpenBSD: packet.c,v 1.189 2013/11/08 00:39:15 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -996,7 +996,7 @@ packet_send2(void)

(type == SSH2_MSG_SERVICE_REQUEST) ||

(type == SSH2_MSG_SERVICE_ACCEPT)) {

debug("enqueue packet: %u", type);

- p = xmalloc(sizeof(*p));

+ p = xcalloc(1, sizeof(*p));

p->type = type;

memcpy(&p->payload, &active_state->outgoing_packet,

sizeof(Buffer));

diff --git a/schnorr.c b/schnorr.c
index 9549dcf0e55d..93822fed4bbd 100644
--- a/schnorr.c
+++ b/schnorr.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: schnorr.c,v 1.7 2013/05/17 00:13:14 djm Exp $ */

+/* $OpenBSD: schnorr.c,v 1.8 2013/11/08 00:39:15 djm Exp $ */

@@ -549,7 +549,7 @@ modp_group_from_g_and_safe_p(const char *grp_g, const char *grp_p)

{

struct modp_group *ret;

- ret = xmalloc(sizeof(*ret));

+ ret = xcalloc(1, sizeof(*ret));

ret->p = ret->q = ret->g = NULL;

if (BN_hex2bn(&ret->p, grp_p) == 0 ||

BN_hex2bn(&ret->g, grp_g) == 0)

diff --git a/sftp-client.c b/sftp-client.c
index f4f1970b6c98..2f9793778f97 100644
--- a/sftp-client.c
+++ b/sftp-client.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: sftp-client.c,v 1.101 2013/07/25 00:56:51 djm Exp $ */

+/* $OpenBSD: sftp-client.c,v 1.108 2013/11/08 00:39:15 djm Exp $ */

@@ -471,7 +471,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,

if (dir) {

ents = 0;

- *dir = xmalloc(sizeof(**dir));

+ *dir = xcalloc(1, sizeof(**dir));

(*dir)[0] = NULL;

}

@@ -545,7 +545,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,

if (dir) {

*dir = xrealloc(*dir, ents + 2, sizeof(**dir));

- (*dir)[ents] = xmalloc(sizeof(***dir));

+ (*dir)[ents] = xcalloc(1, sizeof(***dir));

(*dir)[ents]->filename = xstrdup(filename);

(*dir)[ents]->longname = xstrdup(longname);

memcpy(&(*dir)[ents]->a, a, sizeof(*a));

@@ -564,7 +564,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,

/* Don't return partial matches on interrupt */

if (interrupted && dir != NULL && *dir != NULL) {

free_sftp_dirents(*dir);

- *dir = xmalloc(sizeof(**dir));

+ *dir = xcalloc(1, sizeof(**dir));

**dir = NULL;

}

@@ -1105,7 +1105,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,

(unsigned long long)offset,

(unsigned long long)offset + buflen - 1,

num_req, max_req);

- req = xmalloc(sizeof(*req));

+ req = xcalloc(1, sizeof(*req));

req->id = conn->msg_id++;

req->len = buflen;

req->offset = offset;

@@ -1463,7 +1463,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,

strerror(errno));

if (len != 0) {

- ack = xmalloc(sizeof(*ack));

+ ack = xcalloc(1, sizeof(*ack));

ack->id = ++id;

ack->offset = offset;

ack->len = len;

diff --git a/sftp-glob.c b/sftp-glob.c
index 79b7bdb2f4c9..e1f5a6109d6f 100644
--- a/sftp-glob.c
+++ b/sftp-glob.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: sftp-glob.c,v 1.24 2013/05/17 00:13:14 djm Exp $ */

+/* $OpenBSD: sftp-glob.c,v 1.25 2013/11/08 00:39:15 djm Exp $ */

@@ -48,7 +48,7 @@ fudge_opendir(const char *path)

{

struct SFTP_OPENDIR *r;

- r = xmalloc(sizeof(*r));

+ r = xcalloc(1, sizeof(*r));

if (do_readdir(cur.conn, (char *)path, &r->dir)) {

free(r);

diff --git a/sftp-server.0 b/sftp-server.0
index bca318b386d9..391f42736f69 100644
--- a/sftp-server.0
+++ b/sftp-server.0

@@ -61,9 +61,8 @@ DESCRIPTION