+20060326
+ - OpenBSD CVS Sync
+ - jakob@cvs.openbsd.org 2006/03/15 08:46:44
+ [ssh-keygen.c]
+ if no key file are given when printing the DNS host record, use the
+ host key file(s) as default. ok djm@
+ - biorn@cvs.openbsd.org 2006/03/16 10:31:45
+ [scp.c]
+ Try to display errormessage even if remout == -1
+ ok djm@, markus@
+ - djm@cvs.openbsd.org 2006/03/17 22:31:50
+ [authfd.c]
+ another unreachable found by lint
+ - djm@cvs.openbsd.org 2006/03/17 22:31:11
+ [authfd.c]
+ unreachanble statement, found by lint
+ - djm@cvs.openbsd.org 2006/03/19 02:22:32
+ [serverloop.c]
+ memory leaks detected by Coverity via elad AT netbsd.org;
+ ok deraadt@ dtucker@
+ - djm@cvs.openbsd.org 2006/03/19 02:22:56
+ [sftp.c]
+ more memory leaks detected by Coverity via elad AT netbsd.org;
+ deraadt@ ok
+ - djm@cvs.openbsd.org 2006/03/19 02:23:26
+ [hostfile.c]
+ FILE* leak detected by Coverity via elad AT netbsd.org;
+ ok deraadt@
+ - djm@cvs.openbsd.org 2006/03/19 02:24:05
+ [dh.c readconf.c servconf.c]
+ potential NULL pointer dereferences detected by Coverity
+ via elad AT netbsd.org; ok deraadt@
+ - djm@cvs.openbsd.org 2006/03/19 07:41:30
+ [sshconnect2.c]
+ memory leaks detected by Coverity via elad AT netbsd.org;
+ deraadt@ ok
+ - dtucker@cvs.openbsd.org 2006/03/19 11:51:52
+ [servconf.c]
+ Correct strdelim null test; ok djm@
+ - deraadt@cvs.openbsd.org 2006/03/19 18:52:11
+ [auth1.c authfd.c channels.c]
+ spacing
+ - deraadt@cvs.openbsd.org 2006/03/19 18:53:12
+ [kex.c kex.h monitor.c myproposal.h session.c]
+ spacing
+ - deraadt@cvs.openbsd.org 2006/03/19 18:56:41
+ [clientloop.c progressmeter.c serverloop.c sshd.c]
+ ARGSUSED for signal handlers
+ - deraadt@cvs.openbsd.org 2006/03/19 18:59:49
+ [ssh-keyscan.c]
+ please lint
+ - deraadt@cvs.openbsd.org 2006/03/19 18:59:30
+ [ssh.c]
+ spacing
+ - deraadt@cvs.openbsd.org 2006/03/19 18:59:09
+ [authfile.c]
+ whoever thought that break after return was a good idea needs to
+ get their head examimed
+ - djm@cvs.openbsd.org 2006/03/20 04:09:44
+ [monitor.c]
+ memory leaks detected by Coverity via elad AT netbsd.org;
+ deraadt@ ok
+ that should be all of them now
+ - djm@cvs.openbsd.org 2006/03/20 11:38:46
+ [key.c]
+ (really) last of the Coverity diffs: avoid possible NULL deref in
+ key_free. via elad AT netbsd.org; markus@ ok
+ - deraadt@cvs.openbsd.org 2006/03/20 17:10:19
+ [auth.c key.c misc.c packet.c ssh-add.c]
+ in a switch (), break after return or goto is stupid
+ - deraadt@cvs.openbsd.org 2006/03/20 17:13:16
+ [key.c]
+ djm did a typo
+ - deraadt@cvs.openbsd.org 2006/03/20 17:17:23
+ [ssh-rsa.c]
+ in a switch (), break after return or goto is stupid
+ - deraadt@cvs.openbsd.org 2006/03/20 18:14:02
+ [channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c]
+ [ssh.c sshpty.c sshpty.h]
+ sprinkle u_int throughout pty subsystem, ok markus
+ - deraadt@cvs.openbsd.org 2006/03/20 18:17:20
+ [auth1.c auth2.c sshd.c]
+ sprinkle some ARGSUSED for table driven functions (which sometimes
+ must ignore their args)
+ - deraadt@cvs.openbsd.org 2006/03/20 18:26:55
+ [channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
+ [ssh-rsa.c ssh.c sshlogin.c]
+ annoying spacing fixes getting in the way of real diffs
+ - deraadt@cvs.openbsd.org 2006/03/20 18:27:50
+ [monitor.c]
+ spacing
+ - deraadt@cvs.openbsd.org 2006/03/20 18:35:12
+ [channels.c]
+ x11_fake_data is only ever used as u_char *
+ - deraadt@cvs.openbsd.org 2006/03/20 18:41:43
+ [dns.c]
+ cast xstrdup to propert u_char *
+ - deraadt@cvs.openbsd.org 2006/03/20 18:42:27
+ [canohost.c match.c ssh.c sshconnect.c]
+ be strict with tolower() casting
+ - deraadt@cvs.openbsd.org 2006/03/20 18:48:34
+ [channels.c fatal.c kex.c packet.c serverloop.c]
+ spacing
+ - deraadt@cvs.openbsd.org 2006/03/20 21:11:53
+ [ttymodes.c]
+ spacing
+ - djm@cvs.openbsd.org 2006/03/25 00:05:41
+ [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
+ [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
+ [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
+ [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
+ [xmalloc.c xmalloc.h]
+ introduce xcalloc() and xasprintf() failure-checked allocations
+ functions and use them throughout openssh
+
+ xcalloc is particularly important because malloc(nmemb * size) is a
+ dangerous idiom (subject to integer overflow) and it is time for it
+ to die
+
+ feedback and ok deraadt@
+ - djm@cvs.openbsd.org 2006/03/25 01:13:23
+ [buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
+ [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
+ [uidswap.c]
+ change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
+ to xrealloc(p, new_nmemb, new_itemsize).
+
+ realloc is particularly prone to integer overflows because it is
+ almost always allocating "n * size" bytes, so this is a far safer
+ API; ok deraadt@
+ - djm@cvs.openbsd.org 2006/03/25 01:30:23
+ [sftp.c]
+ "abormally" is a perfectly cromulent word, but "abnormally" is better
+ - djm@cvs.openbsd.org 2006/03/25 13:17:03
+ [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
+ [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
+ [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
+ [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
+ [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
+ [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
+ [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
+ [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
+ [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
+ [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
+ [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
+ [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
+ [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
+ [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
+ [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
+ [uidswap.c uuencode.c xmalloc.c]
+ Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
+ Theo nuked - our scripts to sync -portable need them in the files
+ - deraadt@cvs.openbsd.org 2006/03/25 18:29:35
+ [auth-rsa.c authfd.c packet.c]
+ needed casts (always will be needed)
+ - deraadt@cvs.openbsd.org 2006/03/25 18:30:55
+ [clientloop.c serverloop.c]
+ spacing
+ - deraadt@cvs.openbsd.org 2006/03/25 18:36:15
+ [sshlogin.c sshlogin.h]
+ nicer size_t and time_t types
+
20060325
- OpenBSD CVS Sync
- djm@cvs.openbsd.org 2006/03/16 04:24:42
[auth2-gss.c]
GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
reviewed by simon AT sxw.org.uk; deraadt@ ok
+ - djm@cvs.openbsd.org 2006/03/20 04:07:49
+ [gss-genr.c]
+ more GSSAPI related leaks detected by Coverity via elad AT netbsd.org;
+ reviewed by simon AT sxw.org.uk; deraadt@ ok
+ - djm@cvs.openbsd.org 2006/03/20 04:08:18
+ [gss-serv.c]
+ last lot of GSSAPI related leaks detected by Coverity via
+ elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok
+ - deraadt@cvs.openbsd.org 2006/03/20 18:14:02
+ [monitor_wrap.h sshpty.h]
+ sprinkle u_int throughout pty subsystem, ok markus
+ - deraadt@cvs.openbsd.org 2006/03/20 18:26:55
+ [session.h]
+ annoying spacing fixes getting in the way of real diffs
+ - deraadt@cvs.openbsd.org 2006/03/20 18:41:43
+ [dns.c]
+ cast xstrdup to propert u_char *
+ - jakob@cvs.openbsd.org 2006/03/22 21:16:24
+ [ssh.1]
+ simplify SSHFP example; ok jmc@
+ - djm@cvs.openbsd.org 2006/03/22 21:27:15
+ [deattack.c deattack.h]
+ remove IV support from the CRC attack detector, OpenSSH has never used
+ it - it only applied to IDEA-CFB, which we don't support.
+ prompted by NetBSD Coverity report via elad AT netbsd.org;
+ feedback markus@ "nuke it" deraadt@
20060318
- (djm) [auth-pam.c] Fix memleak in error path, from Coverity via