# HG changeset patch # User Matt Johnston # Date 1170595564 0 # Node ID d482e51447ba2948dcacc2523522f98a917e733f # Parent 47bcc3536bd5e30aab1fe536de04aafbeef33064# Parent 173a5f89666c39936bc7b006f881391dec18c652 propagate from branch 'au.asn.ucc.matt.dropbear' (head 3d683afab1940779612505721e67bd9c98df057e) to branch 'au.asn.ucc.matt.dropbear.channel-fix' (head dec459c955c306f9ecddc3b4e04a963f3f264a0f) diff -r 173a5f89666c -r d482e51447ba cli-authpubkey.c --- a/cli-authpubkey.c Sat Feb 03 08:22:58 2007 +0000 +++ b/cli-authpubkey.c Sun Feb 04 13:26:04 2007 +0000 @@ -60,8 +60,8 @@ void recv_msg_userauth_pk_ok() { - struct SignKeyList *keyitem; - buffer* keybuf; + struct SignKeyList *keyitem = NULL; + buffer* keybuf = NULL; char* algotype = NULL; unsigned int algolen; int keytype; @@ -122,6 +122,8 @@ } else { TRACE(("That was whacky. We got told that a key was valid, but it didn't match our list. Sounds like dodgy code on Dropbear's part")) } + + buf_free(keybuf); TRACE(("leave recv_msg_userauth_pk_ok")) } diff -r 173a5f89666c -r d482e51447ba cli-runopts.c --- a/cli-runopts.c Sat Feb 03 08:22:58 2007 +0000 +++ b/cli-runopts.c Sun Feb 04 13:26:04 2007 +0000 @@ -363,7 +363,8 @@ TRACE(("enter addforward")) - /* We probably don't want to be editing argvs */ + /* We need to split the original argument up. This var + is never free()d. */ str = m_strdup(origstr); listenport = str; @@ -373,8 +374,7 @@ TRACE(("connectaddr == NULL")) goto fail; } - - connectaddr[0] = '\0'; + *connectaddr = '\0'; connectaddr++; connectport = strchr(connectaddr, ':'); @@ -382,8 +382,7 @@ TRACE(("connectport == NULL")) goto fail; } - - connectport[0] = '\0'; + *connectport = '\0'; connectport++; newfwd = (struct TCPFwdList*)m_malloc(sizeof(struct TCPFwdList)); diff -r 173a5f89666c -r d482e51447ba common-algo.c --- a/common-algo.c Sat Feb 03 08:22:58 2007 +0000 +++ b/common-algo.c Sun Feb 04 13:26:04 2007 +0000 @@ -31,6 +31,8 @@ /* Mappings for ciphers, parameters are {&cipher_desc, keysize, blocksize} */ +/* NOTE: if keysize > 2*SHA1_HASH_SIZE, code such as hashkeys() + needs revisiting */ #ifdef DROPBEAR_AES256_CBC static const struct dropbear_cipher dropbear_aes256 = diff -r 173a5f89666c -r d482e51447ba common-kex.c --- a/common-kex.c Sat Feb 03 08:22:58 2007 +0000 +++ b/common-kex.c Sun Feb 04 13:26:04 2007 +0000 @@ -217,12 +217,10 @@ * already initialised hash_state hs, which should already have processed * the dh_K and hash, since these are common. X is the letter 'A', 'B' etc. * out must have at least min(SHA1_HASH_SIZE, outlen) bytes allocated. - * The output will only be expanded once, since that is all that is required - * (for 3DES and SHA, with 24 and 20 bytes respectively). + * The output will only be expanded once, as we are assured that + * outlen <= 2*SHA1_HASH_SIZE for all known hashes. * - * See Section 5.2 of the IETF secsh Transport Draft for details */ - -/* Duplicated verbatim from kex.c --mihnea */ + * See Section 7.2 of rfc4253 (ssh transport) for details */ static void hashkeys(unsigned char *out, int outlen, const hash_state * hs, const unsigned char X) { diff -r 173a5f89666c -r d482e51447ba dbutil.c --- a/dbutil.c Sat Feb 03 08:22:58 2007 +0000 +++ b/dbutil.c Sun Feb 04 13:26:04 2007 +0000 @@ -286,9 +286,9 @@ len = 20 + strlen(strerror(err)); *errstring = (char*)m_malloc(len); snprintf(*errstring, len, "Error listening: %s", strerror(err)); - TRACE(("leave dropbear_listen: failure, %s", strerror(err))) - return -1; } + TRACE(("leave dropbear_listen: failure, %s", strerror(err))) + return -1; } TRACE(("leave dropbear_listen: success, %d socks bound", nsock)) diff -r 173a5f89666c -r d482e51447ba random.c --- a/random.c Sat Feb 03 08:22:58 2007 +0000 +++ b/random.c Sun Feb 04 13:26:04 2007 +0000 @@ -234,8 +234,7 @@ /* keep regenerating until we get one satisfying * 0 < rand < max */ - } while ( ( (max != NULL) && (mp_cmp(rand, max) != MP_LT) ) - || (mp_cmp_d(rand, 0) != MP_GT) ); + } while (mp_cmp(rand, max) != MP_LT); m_burn(randbuf, len); m_free(randbuf); } diff -r 173a5f89666c -r d482e51447ba svr-session.c --- a/svr-session.c Sat Feb 03 08:22:58 2007 +0000 +++ b/svr-session.c Sun Feb 04 13:26:04 2007 +0000 @@ -181,10 +181,15 @@ if (!svr_opts.usingsyslog || havetrace) { + struct tm * local_tm = NULL; timesec = time(NULL); - if (strftime(datestr, sizeof(datestr), "%b %d %H:%M:%S", - localtime(×ec)) == 0) { - datestr[0] = '?'; datestr[1] = '\0'; + local_tm = localtime(×ec); + if (local_tm == NULL + || strftime(datestr, sizeof(datestr), "%b %d %H:%M:%S", + localtime(×ec)) == 0) + { + // upon failure, just print the epoch-seconds time. + snprintf(datestr, sizeof(datestr), "%d", timesec); } fprintf(stderr, "[%d] %s %s\n", getpid(), datestr, printbuf); } diff -r 173a5f89666c -r d482e51447ba svr-tcpfwd.c