6635417 more memory leaks in SunSSH

6687441 typo in comment for record_login() in sshlogin.c 6686336 ssh source code should use FD_CLOEXEC macro instead of 1 6839514 SSH's debug3() says login while it should mention logout 6820920 Sun SSH daemon crashes if /usr/bin/locale isn't present 6368560 extra backslashes in RB_PROTOTYPE 6496644 deprecate UseLogin and remove code supporting this feature from sshd(1m) 6445661 confusing debug message printed at debug level 3 6531556 ssh "You don't exist, go away" message is not helpful and rude 6670875 remove SECUREWARE code from SunSSH 6663391 confusing message in sshconnect1.c when all authentication methods fail 6822495 unlocalized message "illegal option" is seen with ssh command 6545293 ssh: ~? help and man page do not quite match for definition of ~B 6656381 ssh can crash when using libumem and given a bad local forwarding specification
author: Jan Pechanec <Jan.Pechanec@Sun.COM> 2009-06-11 05:00:01 -0700
committer: Jan Pechanec <Jan.Pechanec@Sun.COM> 2009-06-11 05:00:01 -0700
commit: b9aa66a73c9016cf5c71fe80efe90ce9f2ca5c73 (patch)
tree: 12d329cf0e6c1fd64b95b118ccbd9ba2ef047e9d /usr/src/cmd/ssh/libssh/common
parent: e90983c88d2892da50e700f57b6b2d5613557077 (diff)
download: illumos-joyent-b9aa66a73c9016cf5c71fe80efe90ce9f2ca5c73.tar.gz
5 files changed, 44 insertions, 22 deletions
diff --git a/usr/src/cmd/ssh/libssh/common/authfd.c b/usr/src/cmd/ssh/libssh/common/authfd.c
index 5c5e911f06..43fbfbeb3c 100644
--- a/usr/src/cmd/ssh/libssh/common/authfd.c
+++ b/usr/src/cmd/ssh/libssh/common/authfd.c
@@ -99,7 +99,7 @@ ssh_get_authentication_socket(void)
 		return -1;
 
 	/* close on exec */
-	if (fcntl(sock, F_SETFD, 1) == -1) {
+	if (fcntl(sock, F_SETFD, FD_CLOEXEC) == -1) {
 		close(sock);
 		return -1;
 	}
diff --git a/usr/src/cmd/ssh/libssh/common/g11n.c b/usr/src/cmd/ssh/libssh/common/g11n.c
index ac35a1c8c5..558b410c96 100644
--- a/usr/src/cmd/ssh/libssh/common/g11n.c
+++ b/usr/src/cmd/ssh/libssh/common/g11n.c
@@ -576,6 +576,9 @@ g11n_langtag_set_locale_set_intersect(char *langtag_set, char **locale_set)
 	char *s;
 	uint_t do_append, n_langtags, n_locales, n_results, max_results;
 
+	if (locale_set == NULL)
+		return (NULL);
+
 	/* count lang tags and locales */
 	for (n_locales = 0, p = locale_set; p && *p; p++)
 		n_locales++;
@@ -668,7 +671,7 @@ g11n_srvr_locale_negotiate(char *clnt_langtags, char **srvr_locales)
 	xfree_split_list(results);
 
 err:
-	if (locales != srvr_locales)
+	if (locales != NULL && locales != srvr_locales)
 		g11n_freelist(locales);
 	return (result);
 }
diff --git a/usr/src/cmd/ssh/libssh/common/readconf.c b/usr/src/cmd/ssh/libssh/common/readconf.c
index fe0b7a3ee8..c289e14d6b 100644
--- a/usr/src/cmd/ssh/libssh/common/readconf.c
+++ b/usr/src/cmd/ssh/libssh/common/readconf.c
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 /*
- * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -1210,14 +1210,13 @@ parse_forward(int long_form, Forward *fwd, const char *fwdspec)
 		break;
 	}
 
-	xfree(p);
-
 	if (fwd->listen_port == 0 || (fwd->connect_port == 0 && i > 2))
 		goto fail_free;
 
+	xfree(p);
 	return (i);
 
- fail_free:
+fail_free:
 	if (p != NULL)
 		xfree(p);
 	if (fwd->connect_host != NULL)
diff --git a/usr/src/cmd/ssh/libssh/common/ssh-gss.c b/usr/src/cmd/ssh/libssh/common/ssh-gss.c
index 4de5abb1da..37aeb04873 100644
--- a/usr/src/cmd/ssh/libssh/common/ssh-gss.c
+++ b/usr/src/cmd/ssh/libssh/common/ssh-gss.c
@@ -21,7 +21,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 /*
- * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -741,7 +741,7 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *server_host)
 	    SSH_GSS_HOSTBASED_SERVICE, server_host);
 
 	debug3("%s: snprintf() returned %d, expected %d", __func__, ret,
-	    name_buf.length + 1);
+	    name_buf.length);
 
 	ctx->major = gss_import_name(&ctx->minor, &name_buf,
 	    GSS_C_NT_HOSTBASED_SERVICE, &ctx->desired_name);
diff --git a/usr/src/cmd/ssh/libssh/common/tildexpand.c b/usr/src/cmd/ssh/libssh/common/tildexpand.c
index 6d3850a9ea..5fcd07ebe6 100644
--- a/usr/src/cmd/ssh/libssh/common/tildexpand.c
+++ b/usr/src/cmd/ssh/libssh/common/tildexpand.c
@@ -9,11 +9,15 @@
  * incompatible with the protocol description in the RFC file, it must be
  * called by a name other than "ssh" or "Secure Shell".
  */
+/*
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
 
 #include "includes.h"
 RCSID("$OpenBSD: tildexpand.c,v 1.13 2002/06/23 03:25:50 deraadt Exp $");
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
+#include <libgen.h>
 
 #include "xmalloc.h"
 #include "log.h"
@@ -27,15 +31,16 @@ char *
 tilde_expand_filename(const char *filename, uid_t my_uid)
 {
 	const char *cp;
-	u_int userlen;
+	uint_t userlen;
 	char *expanded;
 	struct passwd *pw;
+	char *pw_dir;
 	char user[100];
 	int len;
 
 	/* Return immediately if no tilde. */
 	if (filename[0] != '~')
-		return xstrdup(filename);
+		return (xstrdup(filename));
 
 	/* Skip the tilde. */
 	filename++;
@@ -46,30 +51,45 @@ tilde_expand_filename(const char *filename, uid_t my_uid)
 		userlen = cp - filename;	/* Something after username. */
 	else
 		userlen = strlen(filename);	/* Nothing after username. */
+
+	/* This is the ~/xyz case with no ~username specification. */
 	if (userlen == 0)
-		pw = getpwuid(my_uid);		/* Own home directory. */
+		pw = getpwuid(my_uid);
 	else {
 		/* Tilde refers to someone elses home directory. */
-		if (userlen > sizeof(user) - 1)
+		if (userlen > sizeof (user) - 1)
 			fatal("User name after tilde too long.");
 		memcpy(user, filename, userlen);
 		user[userlen] = 0;
 		pw = getpwnam(user);
 	}
-	if (!pw)
-		fatal("Unknown user %100s.", user);
+
+	/* Use the HOME variable now. */
+	if (pw == NULL) {
+		debug("User account's password entry not found, trying to use "
+		    "the HOME variable.");
+		if ((pw_dir = getenv("HOME")) == NULL) {
+			fatal("User account's password entry not found and "
+			    "the HOME variable not set.");
+		}
+	} else {
+		pw_dir = pw->pw_dir;
+	}
 
 	/* If referring to someones home directory, return it now. */
-	if (!cp) {
+	if (cp == NULL) {
 		/* Only home directory specified */
-		return xstrdup(pw->pw_dir);
+		return (xstrdup(pw_dir));
 	}
+
 	/* Build a path combining the specified directory and path. */
-	len = strlen(pw->pw_dir) + strlen(cp + 1) + 2;
+	len = strlen(pw_dir) + strlen(cp + 1) + 2;
 	if (len > MAXPATHLEN)
-		fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1);
+		fatal("Home directory too long (%d > %d)", len - 1,
+		    MAXPATHLEN - 1);
+
 	expanded = xmalloc(len);
-	snprintf(expanded, len, "%s%s%s", pw->pw_dir,
-	    strcmp(pw->pw_dir, "/") ? "/" : "", cp + 1);
-	return expanded;
+	snprintf(expanded, len, "%s%s%s", pw_dir,
+	    strcmp(pw_dir, "/") ? "/" : "", cp + 1);
+	return (expanded);
 }
author	Jan Pechanec <Jan.Pechanec@Sun.COM>	2009-06-11 05:00:01 -0700
committer	Jan Pechanec <Jan.Pechanec@Sun.COM>	2009-06-11 05:00:01 -0700
commit	b9aa66a73c9016cf5c71fe80efe90ce9f2ca5c73 (patch)
tree	12d329cf0e6c1fd64b95b118ccbd9ba2ef047e9d /usr/src/cmd/ssh/libssh/common
parent	e90983c88d2892da50e700f57b6b2d5613557077 (diff)
download	illumos-joyent-b9aa66a73c9016cf5c71fe80efe90ce9f2ca5c73.tar.gz