diff options
author | Ed Maste <emaste@FreeBSD.org> | 2022-04-13 20:00:56 +0000 |
---|---|---|
committer | Ed Maste <emaste@FreeBSD.org> | 2022-04-13 20:00:56 +0000 |
commit | 1323ec571215a77ddd21294f0871979d5ad6b992 (patch) | |
tree | 19d67138a6330f9ec39a96fece07fb0f410d7ab6 /crypto/openssh/addr.c | |
parent | 595ac4a11893971ba17a51e0477d580e29e1ef7a (diff) | |
parent | 85d1f2d493556f113b3f1f4b1800ace6656627ad (diff) | |
download | src-1323ec571215a77ddd21294f0871979d5ad6b992.tar.gz src-1323ec571215a77ddd21294f0871979d5ad6b992.zip |
ssh: update to OpenSSH v8.9p1
Release notes are available at https://www.openssh.com/txt/release-8.9
Some highlights:
* ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for
restricting forwarding and use of keys added to ssh-agent(1)
* ssh(1), sshd(8): add the sntrup761x25519-sha512@openssh.com hybrid
ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the
default KEXAlgorithms list (after the ECDH methods but before the
prime-group DH ones). The next release of OpenSSH is likely to
make this key exchange the default method.
* sshd(8), portable OpenSSH only: this release removes in-built
support for MD5-hashed passwords. If you require these on your
system then we recommend linking against libxcrypt or similar.
Future deprecation notice
=========================
A near-future release of OpenSSH will switch scp(1) from using the
legacy scp/rcp protocol to using SFTP by default.
Legacy scp/rcp performs wildcard expansion of remote filenames (e.g.
"scp host:* .") through the remote shell. This has the side effect of
requiring double quoting of shell meta-characters in file names
included on scp(1) command-lines, otherwise they could be interpreted
as shell commands on the remote side.
MFC after: 1 month
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Diffstat (limited to 'crypto/openssh/addr.c')
-rw-r--r-- | crypto/openssh/addr.c | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/crypto/openssh/addr.c b/crypto/openssh/addr.c index ba0fad4e9eb0..1ad10ae0fdf7 100644 --- a/crypto/openssh/addr.c +++ b/crypto/openssh/addr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addr.c,v 1.1 2021/01/09 11:58:50 dtucker Exp $ */ +/* $OpenBSD: addr.c,v 1.4 2021/10/22 10:51:57 dtucker Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org> @@ -244,7 +244,7 @@ addr_cmp(const struct xaddr *a, const struct xaddr *b) if (a->v4.s_addr == b->v4.s_addr) return 0; return (ntohl(a->v4.s_addr) > ntohl(b->v4.s_addr) ? 1 : -1); - case AF_INET6:; + case AF_INET6: /* * Do this a byte at a time to avoid the above issue and * any endian problems @@ -268,7 +268,7 @@ addr_is_all0s(const struct xaddr *a) switch (a->af) { case AF_INET: return (a->v4.s_addr == 0 ? 0 : -1); - case AF_INET6:; + case AF_INET6: for (i = 0; i < 4; i++) if (a->addr32[i] != 0) return -1; @@ -281,7 +281,7 @@ addr_is_all0s(const struct xaddr *a) /* * Test whether host portion of address 'a', as determined by 'masklen' * is all zeros. - * Returns 0 on if host portion of address is all-zeros, + * Returns 0 if host portion of address is all-zeros, * -1 if not all zeros or on failure. */ int @@ -298,7 +298,7 @@ addr_host_is_all0s(const struct xaddr *a, u_int masklen) } /* - * Parse string address 'p' into 'n' + * Parse string address 'p' into 'n'. * Returns 0 on success, -1 on failure. */ int @@ -312,8 +312,13 @@ addr_pton(const char *p, struct xaddr *n) if (p == NULL || getaddrinfo(p, NULL, &hints, &ai) != 0) return -1; - if (ai == NULL || ai->ai_addr == NULL) + if (ai == NULL) + return -1; + + if (ai->ai_addr == NULL) { + freeaddrinfo(ai); return -1; + } if (n != NULL && addr_sa_to_xaddr(ai->ai_addr, ai->ai_addrlen, n) == -1) { @@ -336,12 +341,19 @@ addr_sa_pton(const char *h, const char *s, struct sockaddr *sa, socklen_t slen) if (h == NULL || getaddrinfo(h, s, &hints, &ai) != 0) return -1; - if (ai == NULL || ai->ai_addr == NULL) + if (ai == NULL) return -1; + if (ai->ai_addr == NULL) { + freeaddrinfo(ai); + return -1; + } + if (sa != NULL) { - if (slen < ai->ai_addrlen) + if (slen < ai->ai_addrlen) { + freeaddrinfo(ai); return -1; + } memcpy(sa, &ai->ai_addr, ai->ai_addrlen); } @@ -357,7 +369,7 @@ addr_ntop(const struct xaddr *n, char *p, size_t len) if (addr_xaddr_to_sa(n, _SA(&ss), &slen, 0) == -1) return -1; - if (n == NULL || p == NULL || len == 0) + if (p == NULL || len == 0) return -1; if (getnameinfo(_SA(&ss), slen, p, len, NULL, 0, NI_NUMERICHOST) == -1) |