rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

don't use xfree in pam_ssh_agent_auth sources <geertj@gmail.com> (#1024965)

Browse Source
This commit is contained in:
Petr Lautrbach 2013-11-01 17:04:34 +01:00
parent 3834483295
commit 5795323a53
2 changed files with 433 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
openssh.spec
View File

@ -111,6 +111,8 @@ Patch300: pam_ssh_agent_auth-0.9.3-build.patch
Patch301: pam_ssh_agent_auth-0.9.2-seteuid.patch
# explicitly make pam callbacks visible
Patch302: pam_ssh_agent_auth-0.9.2-visibility.patch
# don't use xfree (#1024965)
Patch303: pam_ssh_agent_auth-0.9.3-no-xfree.patch
#https://bugzilla.mindrot.org/show_bug.cgi?id=1641 (WONTFIX)
Patch400: openssh-6.3p1-role-mls.patch
#https://bugzilla.redhat.com/show_bug.cgi?id=781634
@ -355,6 +357,7 @@ pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
%patch300 -p1 -b .psaa-build
%patch301 -p1 -b .psaa-seteuid
%patch302 -p1 -b .psaa-visibility
%patch303 -p1 -b .psaa-xfree
# Remove duplicate headers
rm -f $(cat %{SOURCE5})
popd

430
pam_ssh_agent_auth-0.9.3-no-xfree.patch Normal file
View File

@ -0,0 +1,430 @@
--- pam_ssh_agent_auth-0.9.3.orig/authfd.c 2013-10-30 17:14:26.013615342 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/authfd.c 2013-10-30 17:15:07.353327799 +0100
@@ -260,7 +260,7 @@
{
buffer_free(&auth->identities);
close(auth->fd);
- xfree(auth);
+ free(auth);
}
/* Lock/unlock agent */
@@ -379,7 +379,7 @@
blob = buffer_get_string(&auth->identities, &blen);
*comment = buffer_get_string(&auth->identities, NULL);
key = key_from_blob(blob, blen);
- xfree(blob);
+ free(blob);
break;
default:
return NULL;
@@ -472,7 +472,7 @@
buffer_put_string(&msg, blob, blen);
buffer_put_string(&msg, data, datalen);
buffer_put_int(&msg, flags);
- xfree(blob);
+ free(blob);
if (ssh_request_reply(auth, &msg, &msg) == 0) {
buffer_free(&msg);
@@ -612,7 +612,7 @@
key_to_blob(key, &blob, &blen);
buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY);
buffer_put_string(&msg, blob, blen);
- xfree(blob);
+ free(blob);
} else {
buffer_free(&msg);
return 0;
--- pam_ssh_agent_auth-0.9.3.orig/bufaux.c 2013-10-30 17:14:26.014615310 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/bufaux.c 2013-10-30 17:15:07.354327768 +0100
@@ -176,7 +176,7 @@
/* Get the string. */
if (buffer_get_ret(buffer, value, len) == -1) {
logerror("buffer_get_string_ret: buffer_get failed");
- xfree(value);
+ free(value);
return (NULL);
}
/* Append a null character to make processing easier. */
--- pam_ssh_agent_auth-0.9.3.orig/bufbn.c 2013-10-30 17:14:26.014615310 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/bufbn.c 2013-10-30 17:15:07.354327768 +0100
@@ -69,7 +69,7 @@
if (oi != bin_size) {
logerror("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d",
oi, bin_size);
- xfree(buf);
+ free(buf);
return (-1);
}
@@ -80,7 +80,7 @@
buffer_append(buffer, buf, oi);
memset(buf, 0, bin_size);
- xfree(buf);
+ free(buf);
return (0);
}
@@ -167,13 +167,13 @@
if (oi < 0 || (u_int)oi != bytes - 1) {
logerror("buffer_put_bignum2_ret: BN_bn2bin() failed: "
"oi %d != bin_size %d", oi, bytes);
- xfree(buf);
+ free(buf);
return (-1);
}
hasnohigh = (buf[1] & 0x80) ? 0 : 1;
buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh);
memset(buf, 0, bytes);
- xfree(buf);
+ free(buf);
return (0);
}
@@ -197,21 +197,21 @@
if (len > 0 && (bin[0] & 0x80)) {
logerror("buffer_get_bignum2_ret: negative numbers not supported");
- xfree(bin);
+ free(bin);
return (-1);
}
if (len > 8 * 1024) {
logerror("buffer_get_bignum2_ret: cannot handle BN of size %d",
len);
- xfree(bin);
+ free(bin);
return (-1);
}
if (BN_bin2bn(bin, len, value) == NULL) {
logerror("buffer_get_bignum2_ret: BN_bin2bn failed");
- xfree(bin);
+ free(bin);
return (-1);
}
- xfree(bin);
+ free(bin);
return (0);
}
--- pam_ssh_agent_auth-0.9.3.orig/buffer.c 2013-10-30 17:14:26.014615310 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/buffer.c 2013-10-30 17:15:07.355327737 +0100
@@ -50,7 +50,7 @@
if (buffer->alloc > 0) {
memset(buffer->buf, 0, buffer->alloc);
buffer->alloc = 0;
- xfree(buffer->buf);
+ free(buffer->buf);
}
}
--- pam_ssh_agent_auth-0.9.3.orig/iterate_ssh_agent_keys.c 2013-10-30 17:14:26.031614782 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/iterate_ssh_agent_keys.c 2013-10-30 17:15:07.357327674 +0100
@@ -197,9 +197,9 @@
if(userauth_pubkey_from_id(id)) {
retval = 1;
}
- xfree(id->filename);
+ free(id->filename);
key_free(id->key);
- xfree(id);
+ free(id);
if(retval == 1)
break;
}
@@ -209,7 +209,7 @@
else {
verbose("No ssh-agent could be contacted");
}
- xfree(session_id2);
+ free(session_id2);
EVP_cleanup();
return retval;
}
--- pam_ssh_agent_auth-0.9.3.orig/key.c 2013-10-30 17:14:26.017615218 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/key.c 2013-10-30 17:15:07.358327643 +0100
@@ -154,7 +154,7 @@
fatal("key_free: bad key type %d", k->type);
break;
}
- xfree(k);
+ free(k);
}
int
@@ -229,7 +229,7 @@
EVP_DigestUpdate(&ctx, blob, len);
EVP_DigestFinal(&ctx, retval, dgst_raw_length);
memset(blob, 0, len);
- xfree(blob);
+ free(blob);
} else {
fatal("key_fingerprint_raw: blob is null");
}
@@ -324,7 +324,7 @@
break;
}
memset(dgst_raw, 0, dgst_raw_len);
- xfree(dgst_raw);
+ free(dgst_raw);
return retval;
}
@@ -447,11 +447,11 @@
n = uudecode(cp, blob, len);
if (n < 0) {
logerror("key_read: uudecode %s failed", cp);
- xfree(blob);
+ free(blob);
return -1;
}
k = key_from_blob(blob, (u_int)n);
- xfree(blob);
+ free(blob);
if (k == NULL) {
logerror("key_read: key_from_blob %s failed", cp);
return -1;
@@ -526,8 +526,8 @@
fprintf(f, "%s %s", key_ssh_name(key), uu);
success = 1;
}
- xfree(blob);
- xfree(uu);
+ free(blob);
+ free(uu);
}
return success;
}
@@ -673,12 +673,12 @@
switch (key_type_from_name(p)) {
case KEY_RSA1:
case KEY_UNSPEC:
- xfree(s);
+ free(s);
return 0;
}
}
verbose("key names ok: [%s]", names);
- xfree(s);
+ free(s);
return 1;
}
@@ -743,7 +743,7 @@
logerror("key_from_blob: remaining bytes in key blob %d", rlen);
out:
if (ktype != NULL)
- xfree(ktype);
+ free(ktype);
buffer_free(&b);
return key;
}
--- pam_ssh_agent_auth-0.9.3.orig/misc.c 2013-10-30 17:14:26.017615218 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/misc.c 2013-10-30 17:15:07.360327581 +0100
@@ -251,13 +251,13 @@
*remote = SSH_TUNID_ANY;
sp = xstrdup(s);
if ((ep = strchr(sp, ':')) == NULL) {
- xfree(sp);
+ free(sp);
return (a2tun(s, NULL));
}
ep[0] = '\0'; ep++;
*remote = a2tun(ep, NULL);
tun = a2tun(sp, NULL);
- xfree(sp);
+ free(sp);
return (*remote == SSH_TUNID_ERR ? *remote : tun);
}
@@ -490,7 +490,7 @@
if (which >= args->num)
fatal("replacearg: tried to replace invalid arg %d >= %d",
which, args->num);
- xfree(args->list[which]);
+ free(args->list[which]);
args->list[which] = cp;
}
@@ -501,8 +501,8 @@
if (args->list != NULL) {
for (i = 0; i < args->num; i++)
- xfree(args->list[i]);
- xfree(args->list);
+ free(args->list[i]);
+ free(args->list);
args->nalloc = args->num = 0;
args->list = NULL;
}
--- pam_ssh_agent_auth-0.9.3.orig/pam_user_authorized_keys.c 2013-10-30 17:14:26.017615218 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/pam_user_authorized_keys.c 2013-10-30 17:15:07.361327550 +0100
@@ -121,7 +121,7 @@
}
authorized_keys_file = tilde_expand_filename(auth_keys_file_buf, authorized_keys_file_allowed_owner_uid);
strncpy(auth_keys_file_buf, authorized_keys_file, sizeof(auth_keys_file_buf) - 1 );
- xfree(authorized_keys_file) /* when we percent_expand later, we'd step on this, so free it immediately */;
+ free(authorized_keys_file) /* when we percent_expand later, we'd step on this, so free it immediately */;
}
if(strstr(auth_keys_file_buf, "%h")) {
--- pam_ssh_agent_auth-0.9.3.orig/pam_user_key_allowed2.c 2013-10-30 17:14:26.018615187 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/pam_user_key_allowed2.c 2013-10-30 17:15:07.361327550 +0100
@@ -121,7 +121,7 @@
fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX);
logit("Found matching %s key: %s",
key_type(found), fp);
- xfree(fp);
+ free(fp);
break;
}
}
--- pam_ssh_agent_auth-0.9.3.orig/ssh-dss.c 2013-10-30 17:14:26.014615310 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/ssh-dss.c 2013-10-30 17:15:07.361327550 +0100
@@ -135,17 +135,17 @@
if (strcmp("ssh-dss", ktype) != 0) {
logerror("ssh_dss_verify: cannot handle type %s", ktype);
buffer_free(&b);
- xfree(ktype);
+ free(ktype);
return -1;
}
- xfree(ktype);
+ free(ktype);
sigblob = buffer_get_string(&b, &len);
rlen = buffer_len(&b);
buffer_free(&b);
if (rlen != 0) {
logerror("ssh_dss_verify: "
"remaining bytes in signature %d", rlen);
- xfree(sigblob);
+ free(sigblob);
return -1;
}
}
@@ -167,7 +167,7 @@
/* clean up */
memset(sigblob, 0, len);
- xfree(sigblob);
+ free(sigblob);
/* sha1 the data */
EVP_DigestInit(&md, evp_md);
--- pam_ssh_agent_auth-0.9.3.orig/ssh-rsa.c 2013-10-30 17:14:26.015615278 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/ssh-rsa.c 2013-10-30 17:15:07.362327518 +0100
@@ -70,7 +70,7 @@
logerror("ssh_rsa_sign: RSA_sign failed: %s",
ERR_error_string(ecode, NULL));
- xfree(sig);
+ free(sig);
return -1;
}
if (len < slen) {
@@ -80,7 +80,7 @@
memset(sig, 0, diff);
} else if (len > slen) {
logerror("ssh_rsa_sign: slen %u slen2 %u", slen, len);
- xfree(sig);
+ free(sig);
return -1;
}
/* encode signature */
@@ -96,7 +96,7 @@
}
buffer_free(&b);
memset(sig, 's', slen);
- xfree(sig);
+ free(sig);
return 0;
}
@@ -128,23 +128,23 @@
if (strcmp("ssh-rsa", ktype) != 0) {
logerror("ssh_rsa_verify: cannot handle type %s", ktype);
buffer_free(&b);
- xfree(ktype);
+ free(ktype);
return -1;
}
- xfree(ktype);
+ free(ktype);
sigblob = buffer_get_string(&b, &len);
rlen = buffer_len(&b);
buffer_free(&b);
if (rlen != 0) {
logerror("ssh_rsa_verify: remaining bytes in signature %d", rlen);
- xfree(sigblob);
+ free(sigblob);
return -1;
}
/* RSA_verify expects a signature of RSA_size */
modlen = RSA_size(key->rsa);
if (len > modlen) {
logerror("ssh_rsa_verify: len %u > modlen %u", len, modlen);
- xfree(sigblob);
+ free(sigblob);
return -1;
} else if (len < modlen) {
u_int diff = modlen - len;
@@ -158,7 +158,7 @@
nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
logerror("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
- xfree(sigblob);
+ free(sigblob);
return -1;
}
EVP_DigestInit(&md, evp_md);
@@ -168,7 +168,7 @@
ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa);
memset(digest, 'd', sizeof(digest));
memset(sigblob, 's', len);
- xfree(sigblob);
+ free(sigblob);
verbose("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
return ret;
}
@@ -258,6 +258,6 @@
ret = 1;
done:
if (decrypted)
- xfree(decrypted);
+ free(decrypted);
return ret;
}
--- pam_ssh_agent_auth-0.9.3.orig/userauth_pubkey_from_id.c 2013-10-30 17:14:26.014615310 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/userauth_pubkey_from_id.c 2013-10-30 17:15:07.362327518 +0100
@@ -92,9 +92,9 @@
if(&b != NULL)
buffer_free(&b);
if(sig != NULL)
- xfree(sig);
+ free(sig);
if(pkblob != NULL)
- xfree(pkblob);
+ free(pkblob);
CRYPTO_cleanup_all_ex_data();
return authenticated;
}
--- pam_ssh_agent_auth-0.9.3.orig/uuencode.c 2013-10-30 17:14:26.015615278 +0100
+++ pam_ssh_agent_auth-0.9.3.orig/uuencode.c 2013-10-30 17:15:07.362327518 +0100
@@ -56,7 +56,7 @@
/* and remove trailing whitespace because __b64_pton needs this */
*p = '\0';
len = __b64_pton(encoded, target, targsize);
- xfree(encoded);
+ free(encoded);
return len;
}
@@ -79,5 +79,5 @@
}
if (i % 70 != 69)
fprintf(fp, "\n");
- xfree(buf);
+ free(buf);
}