ssh: update with post-release V_8_9 branch commits
MFC after: 1 month Sponsored by: The FreeBSD Foundation
This commit is contained in:
commit
58def461e2
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: auth-rhosts.c,v 1.55 2022/02/23 11:15:57 djm Exp $ */
|
/* $OpenBSD: auth-rhosts.c,v 1.56 2022/02/23 21:21:49 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
@ -19,6 +19,7 @@
|
|||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
|
|
||||||
|
#include <fcntl.h>
|
||||||
#ifdef HAVE_NETGROUP_H
|
#ifdef HAVE_NETGROUP_H
|
||||||
# include <netgroup.h>
|
# include <netgroup.h>
|
||||||
#endif
|
#endif
|
||||||
@ -26,7 +27,7 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdarg.h>
|
#include <stdarg.h>
|
||||||
#include <fcntl.h>
|
#include <stdlib.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: fmt_scaled.c,v 1.17 2018/05/14 04:39:04 djm Exp $ */
|
/* $OpenBSD: fmt_scaled.c,v 1.21 2022/03/11 07:29:53 dtucker Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2001, 2002, 2003 Ian F. Darwin. All rights reserved.
|
* Copyright (c) 2001, 2002, 2003 Ian F. Darwin. All rights reserved.
|
||||||
@ -54,9 +54,9 @@ typedef enum {
|
|||||||
} unit_type;
|
} unit_type;
|
||||||
|
|
||||||
/* These three arrays MUST be in sync! XXX make a struct */
|
/* These three arrays MUST be in sync! XXX make a struct */
|
||||||
static unit_type units[] = { NONE, KILO, MEGA, GIGA, TERA, PETA, EXA };
|
static const unit_type units[] = { NONE, KILO, MEGA, GIGA, TERA, PETA, EXA };
|
||||||
static char scale_chars[] = "BKMGTPE";
|
static const char scale_chars[] = "BKMGTPE";
|
||||||
static long long scale_factors[] = {
|
static const long long scale_factors[] = {
|
||||||
1LL,
|
1LL,
|
||||||
1024LL,
|
1024LL,
|
||||||
1024LL*1024,
|
1024LL*1024,
|
||||||
@ -153,10 +153,8 @@ scan_scaled(char *scaled, long long *result)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sign) {
|
if (sign)
|
||||||
whole *= sign;
|
whole *= sign;
|
||||||
fpart *= sign;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* If no scale factor given, we're done. fraction is discarded. */
|
/* If no scale factor given, we're done. fraction is discarded. */
|
||||||
if (!*p) {
|
if (!*p) {
|
||||||
@ -191,7 +189,8 @@ scan_scaled(char *scaled, long long *result)
|
|||||||
/* truncate fpart so it doesn't overflow.
|
/* truncate fpart so it doesn't overflow.
|
||||||
* then scale fractional part.
|
* then scale fractional part.
|
||||||
*/
|
*/
|
||||||
while (fpart >= LLONG_MAX / scale_fact) {
|
while (fpart >= LLONG_MAX / scale_fact ||
|
||||||
|
fpart <= LLONG_MIN / scale_fact) {
|
||||||
fpart /= 10;
|
fpart /= 10;
|
||||||
fract_digits--;
|
fract_digits--;
|
||||||
}
|
}
|
||||||
@ -200,7 +199,10 @@ scan_scaled(char *scaled, long long *result)
|
|||||||
for (i = 0; i < fract_digits -1; i++)
|
for (i = 0; i < fract_digits -1; i++)
|
||||||
fpart /= 10;
|
fpart /= 10;
|
||||||
}
|
}
|
||||||
whole += fpart;
|
if (sign == -1)
|
||||||
|
whole -= fpart;
|
||||||
|
else
|
||||||
|
whole += fpart;
|
||||||
*result = whole;
|
*result = whole;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -222,12 +224,16 @@ fmt_scaled(long long number, char *result)
|
|||||||
unsigned int i;
|
unsigned int i;
|
||||||
unit_type unit = NONE;
|
unit_type unit = NONE;
|
||||||
|
|
||||||
|
/* Not every negative long long has a positive representation. */
|
||||||
|
if (number == LLONG_MIN) {
|
||||||
|
errno = ERANGE;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
abval = llabs(number);
|
abval = llabs(number);
|
||||||
|
|
||||||
/* Not every negative long long has a positive representation.
|
/* Also check for numbers that are just too darned big to format. */
|
||||||
* Also check for numbers that are just too darned big to format
|
if (abval / 1024 >= scale_factors[SCALE_LENGTH-1]) {
|
||||||
*/
|
|
||||||
if (abval < 0 || abval / 1024 >= scale_factors[SCALE_LENGTH-1]) {
|
|
||||||
errno = ERANGE;
|
errno = ERANGE;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
@ -276,6 +276,9 @@ static const struct sock_filter preauth_insns[] = {
|
|||||||
#ifdef __NR_ppoll
|
#ifdef __NR_ppoll
|
||||||
SC_ALLOW(__NR_ppoll),
|
SC_ALLOW(__NR_ppoll),
|
||||||
#endif
|
#endif
|
||||||
|
#ifdef __NR_ppoll_time64
|
||||||
|
SC_ALLOW(__NR_ppoll_time64),
|
||||||
|
#endif
|
||||||
#ifdef __NR_poll
|
#ifdef __NR_poll
|
||||||
SC_ALLOW(__NR_poll),
|
SC_ALLOW(__NR_poll),
|
||||||
#endif
|
#endif
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
/* $OpenBSD: sshd.c,v 1.583 2022/02/01 07:57:32 dtucker Exp $ */
|
/* $OpenBSD: sshd.c,v 1.584 2022/03/01 01:59:19 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
@ -1156,9 +1156,9 @@ static void
|
|||||||
server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
|
server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
|
||||||
{
|
{
|
||||||
struct pollfd *pfd = NULL;
|
struct pollfd *pfd = NULL;
|
||||||
int i, j, ret;
|
int i, j, ret, npfd;
|
||||||
int ostartups = -1, startups = 0, listening = 0, lameduck = 0;
|
int ostartups = -1, startups = 0, listening = 0, lameduck = 0;
|
||||||
int startup_p[2] = { -1 , -1 };
|
int startup_p[2] = { -1 , -1 }, *startup_pollfd;
|
||||||
char c = 0;
|
char c = 0;
|
||||||
struct sockaddr_storage from;
|
struct sockaddr_storage from;
|
||||||
socklen_t fromlen;
|
socklen_t fromlen;
|
||||||
@ -1174,6 +1174,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
|
|||||||
/* pipes connected to unauthenticated child sshd processes */
|
/* pipes connected to unauthenticated child sshd processes */
|
||||||
startup_pipes = xcalloc(options.max_startups, sizeof(int));
|
startup_pipes = xcalloc(options.max_startups, sizeof(int));
|
||||||
startup_flags = xcalloc(options.max_startups, sizeof(int));
|
startup_flags = xcalloc(options.max_startups, sizeof(int));
|
||||||
|
startup_pollfd = xcalloc(options.max_startups, sizeof(int));
|
||||||
for (i = 0; i < options.max_startups; i++)
|
for (i = 0; i < options.max_startups; i++)
|
||||||
startup_pipes[i] = -1;
|
startup_pipes[i] = -1;
|
||||||
|
|
||||||
@ -1189,6 +1190,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
|
|||||||
sigaddset(&nsigset, SIGTERM);
|
sigaddset(&nsigset, SIGTERM);
|
||||||
sigaddset(&nsigset, SIGQUIT);
|
sigaddset(&nsigset, SIGQUIT);
|
||||||
|
|
||||||
|
/* sized for worst-case */
|
||||||
pfd = xcalloc(num_listen_socks + options.max_startups,
|
pfd = xcalloc(num_listen_socks + options.max_startups,
|
||||||
sizeof(struct pollfd));
|
sizeof(struct pollfd));
|
||||||
|
|
||||||
@ -1228,24 +1230,31 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
|
|||||||
pfd[i].fd = listen_socks[i];
|
pfd[i].fd = listen_socks[i];
|
||||||
pfd[i].events = POLLIN;
|
pfd[i].events = POLLIN;
|
||||||
}
|
}
|
||||||
|
npfd = num_listen_socks;
|
||||||
for (i = 0; i < options.max_startups; i++) {
|
for (i = 0; i < options.max_startups; i++) {
|
||||||
pfd[num_listen_socks+i].fd = startup_pipes[i];
|
startup_pollfd[i] = -1;
|
||||||
if (startup_pipes[i] != -1)
|
if (startup_pipes[i] != -1) {
|
||||||
pfd[num_listen_socks+i].events = POLLIN;
|
pfd[npfd].fd = startup_pipes[i];
|
||||||
|
pfd[npfd].events = POLLIN;
|
||||||
|
startup_pollfd[i] = npfd++;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Wait until a connection arrives or a child exits. */
|
/* Wait until a connection arrives or a child exits. */
|
||||||
ret = ppoll(pfd, num_listen_socks + options.max_startups,
|
ret = ppoll(pfd, npfd, NULL, &osigset);
|
||||||
NULL, &osigset);
|
if (ret == -1 && errno != EINTR) {
|
||||||
if (ret == -1 && errno != EINTR)
|
|
||||||
error("ppoll: %.100s", strerror(errno));
|
error("ppoll: %.100s", strerror(errno));
|
||||||
|
if (errno == EINVAL)
|
||||||
|
cleanup_exit(1); /* can't recover */
|
||||||
|
}
|
||||||
sigprocmask(SIG_SETMASK, &osigset, NULL);
|
sigprocmask(SIG_SETMASK, &osigset, NULL);
|
||||||
if (ret == -1)
|
if (ret == -1)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
for (i = 0; i < options.max_startups; i++) {
|
for (i = 0; i < options.max_startups; i++) {
|
||||||
if (startup_pipes[i] == -1 ||
|
if (startup_pipes[i] == -1 ||
|
||||||
!(pfd[num_listen_socks+i].revents & (POLLIN|POLLHUP)))
|
startup_pollfd[i] == -1 ||
|
||||||
|
!(pfd[startup_pollfd[i]].revents & (POLLIN|POLLHUP)))
|
||||||
continue;
|
continue;
|
||||||
switch (read(startup_pipes[i], &c, sizeof(c))) {
|
switch (read(startup_pipes[i], &c, sizeof(c))) {
|
||||||
case -1:
|
case -1:
|
||||||
|
Loading…
Reference in New Issue
Block a user