Azure
/
sonic-openssh
зеркало из https://github.com/Azure/sonic-openssh.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

upstream: When system calls indicate an error they return -1, not 

some arbitrary value < 0.  errno is only updated in this case.  Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
This commit is contained in:
deraadt@openbsd.org 2019-06-28 13:35:04 +00:00 коммит произвёл Damien Miller
Родитель e8c974043c
Коммит 4d28fa78ab
31 изменённых файлов: 249 добавлений и 249 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

10
auth-rhosts.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: auth-rhosts.c,v 1.49 2018/07/09 21:35:50 markus Exp $ */
/* $OpenBSD: auth-rhosts.c,v 1.50 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -222,8 +222,8 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
* are no system-wide files.
*/
if (!rhosts_files[rhosts_file_index] &&
stat(_PATH_RHOSTS_EQUIV, &st) < 0 &&
stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0) {
stat(_PATH_RHOSTS_EQUIV, &st) == -1 &&
stat(_PATH_SSH_HOSTS_EQUIV, &st) == -1) {
debug3("%s: no hosts access files exist", __func__);
return 0;
}
@ -253,7 +253,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
* Check that the home directory is owned by root or the user, and is
* not group or world writable.
*/
if (stat(pw->pw_dir, &st) < 0) {
if (stat(pw->pw_dir, &st) == -1) {
logit("Rhosts authentication refused for %.100s: "
"no home directory %.200s", pw->pw_name, pw->pw_dir);
auth_debug_add("Rhosts authentication refused for %.100s: "
@ -278,7 +278,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
/* Check users .rhosts or .shosts. */
snprintf(buf, sizeof buf, "%.500s/%.100s",
pw->pw_dir, rhosts_files[rhosts_file_index]);
if (stat(buf, &st) < 0)
if (stat(buf, &st) == -1)
continue;
/*

16
auth.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */
/* $OpenBSD: auth.c,v 1.139 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -167,7 +167,7 @@ allowed_user(struct ssh *ssh, struct passwd * pw)
char *shell = xstrdup((pw->pw_shell[0] == '\0') ?
_PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */
if (stat(shell, &st) != 0) {
if (stat(shell, &st) == -1) {
logit("User %.100s not allowed because shell %.100s "
"does not exist", pw->pw_name, shell);
free(shell);
@ -517,7 +517,7 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes,
return NULL;
}
if (fstat(fd, &st) < 0) {
if (fstat(fd, &st) == -1) {
close(fd);
return NULL;
}
@ -746,7 +746,7 @@ remote_hostname(struct ssh *ssh)
fromlen = sizeof(from);
memset(&from, 0, sizeof(from));
if (getpeername(ssh_packet_get_connection_in(ssh),
(struct sockaddr *)&from, &fromlen) < 0) {
(struct sockaddr *)&from, &fromlen) == -1) {
debug("getpeername failed: %.100s", strerror(errno));
return strdup(ntop);
}
@ -884,7 +884,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
return 0;
}
temporarily_use_uid(pw);
if (stat(av[0], &st) < 0) {
if (stat(av[0], &st) == -1) {
error("Could not stat %s \"%s\": %s", tag,
av[0], strerror(errno));
restore_uid();
@ -896,7 +896,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
return 0;
}
/* Prepare to keep the child's stdout if requested */
if (pipe(p) != 0) {
if (pipe(p) == -1) {
error("%s: pipe: %s", tag, strerror(errno));
restore_uid();
return 0;
@ -946,12 +946,12 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
closefrom(STDERR_FILENO + 1);
/* Don't use permanently_set_uid() here to avoid fatal() */
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) {
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,
strerror(errno));
_exit(1);
}
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) {
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) {
error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid,
strerror(errno));
_exit(1);

6
authfd.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: authfd.c,v 1.114 2019/06/21 04:21:04 djm Exp $ */
/* $OpenBSD: authfd.c,v 1.115 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -101,12 +101,12 @@ ssh_get_authentication_socket(int *fdp)
sunaddr.sun_family = AF_UNIX;
strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1)
return SSH_ERR_SYSTEM_ERROR;
/* close on exec */
if (fcntl(sock, F_SETFD, FD_CLOEXEC) == -1 ||
connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) {
connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) {
oerrno = errno;
close(sock);
errno = oerrno;

12
authfile.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: authfile.c,v 1.131 2018/09/21 12:20:12 djm Exp $ */
/* $OpenBSD: authfile.c,v 1.132 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
*
@ -57,7 +57,7 @@ sshkey_save_private_blob(struct sshbuf *keybuf, const char *filename)
{
int fd, oerrno;
if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0)
if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) == -1)
return SSH_ERR_SYSTEM_ERROR;
if (atomicio(vwrite, fd, sshbuf_mutable_ptr(keybuf),
sshbuf_len(keybuf)) != sshbuf_len(keybuf)) {
@ -101,7 +101,7 @@ sshkey_load_file(int fd, struct sshbuf *blob)
struct stat st;
int r;
if (fstat(fd, &st) < 0)
if (fstat(fd, &st) == -1)
return SSH_ERR_SYSTEM_ERROR;
if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
st.st_size > MAX_KEY_FILE_SIZE)
@ -141,7 +141,7 @@ sshkey_perm_ok(int fd, const char *filename)
{
struct stat st;
if (fstat(fd, &st) < 0)
if (fstat(fd, &st) == -1)
return SSH_ERR_SYSTEM_ERROR;
/*
* if a key owned by the user is accessed, then we check the
@ -176,7 +176,7 @@ sshkey_load_private_type(int type, const char *filename, const char *passphrase,
if (commentp != NULL)
*commentp = NULL;
if ((fd = open(filename, O_RDONLY)) < 0) {
if ((fd = open(filename, O_RDONLY)) == -1) {
if (perm_ok != NULL)
*perm_ok = 0;
return SSH_ERR_SYSTEM_ERROR;
@ -236,7 +236,7 @@ sshkey_load_private(const char *filename, const char *passphrase,
if (commentp != NULL)
*commentp = NULL;
if ((fd = open(filename, O_RDONLY)) < 0)
if ((fd = open(filename, O_RDONLY)) == -1)
return SSH_ERR_SYSTEM_ERROR;
if (sshkey_perm_ok(fd, filename) != 0) {
r = SSH_ERR_KEY_BAD_PERMISSIONS;

6
canohost.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: canohost.c,v 1.73 2016/03/07 19:02:43 djm Exp $ */
/* $OpenBSD: canohost.c,v 1.74 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -164,12 +164,12 @@ get_sock_port(int sock, int local)
fromlen = sizeof(from);
memset(&from, 0, sizeof(from));
if (local) {
if (getsockname(sock, (struct sockaddr *)&from, &fromlen) < 0) {
if (getsockname(sock, (struct sockaddr *)&from, &fromlen) == -1) {
error("getsockname failed: %.100s", strerror(errno));
return 0;
}
} else {
if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) {
if (getpeername(sock, (struct sockaddr *)&from, &fromlen) == -1) {
debug("getpeername failed: %.100s", strerror(errno));
return -1;
}

46
channels.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: channels.c,v 1.392 2019/06/07 14:18:48 dtucker Exp $ */
/* $OpenBSD: channels.c,v 1.393 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1671,7 +1671,7 @@ channel_post_x11_listener(struct ssh *ssh, Channel *c,
chan_mark_dead(ssh, c);
errno = oerrno;
}
if (newsock < 0) {
if (newsock == -1) {
if (errno != EINTR && errno != EWOULDBLOCK &&
errno != ECONNABORTED)
error("accept: %.100s", strerror(errno));
@ -1814,7 +1814,7 @@ channel_post_port_listener(struct ssh *ssh, Channel *c,
addrlen = sizeof(addr);
newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen);
if (newsock < 0) {
if (newsock == -1) {
if (errno != EINTR && errno != EWOULDBLOCK &&
errno != ECONNABORTED)
error("accept: %.100s", strerror(errno));
@ -1853,7 +1853,7 @@ channel_post_auth_listener(struct ssh *ssh, Channel *c,
addrlen = sizeof(addr);
newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen);
if (newsock < 0) {
if (newsock == -1) {
error("accept from auth socket: %.100s", strerror(errno));
if (errno == EMFILE || errno == ENFILE)
c->notbefore = monotime() + 1;
@ -1881,7 +1881,7 @@ channel_post_connecting(struct ssh *ssh, Channel *c,
fatal(":%s: channel %d: no remote id", __func__, c->self);
/* for rdynamic the OPEN_CONFIRMATION has been sent already */
isopen = (c->type == SSH_CHANNEL_RDYNAMIC_FINISH);
if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, &err, &sz) < 0) {
if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, &err, &sz) == -1) {
err = errno;
error("getsockopt SO_ERROR failed");
}
@ -1956,7 +1956,7 @@ channel_handle_rfd(struct ssh *ssh, Channel *c,
errno = 0;
len = read(c->rfd, buf, sizeof(buf));
if (len < 0 && (errno == EINTR ||
if (len == -1 && (errno == EINTR ||
((errno == EAGAIN || errno == EWOULDBLOCK) && !force)))
return 1;
#ifndef PTY_ZEROREAD
@ -2030,7 +2030,7 @@ channel_handle_wfd(struct ssh *ssh, Channel *c,
/* ignore truncated writes, datagrams might get lost */
len = write(c->wfd, buf, dlen);
free(data);
if (len < 0 && (errno == EINTR || errno == EAGAIN ||
if (len == -1 && (errno == EINTR || errno == EAGAIN ||
errno == EWOULDBLOCK))
return 1;
if (len <= 0)
@ -2045,7 +2045,7 @@ channel_handle_wfd(struct ssh *ssh, Channel *c,
#endif
len = write(c->wfd, buf, dlen);
if (len < 0 &&
if (len == -1 &&
(errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK))
return 1;
if (len <= 0) {
@ -2099,7 +2099,7 @@ channel_handle_efd_write(struct ssh *ssh, Channel *c,
len = write(c->efd, sshbuf_ptr(c->extended),
sshbuf_len(c->extended));
debug2("channel %d: written %zd to efd %d", c->self, len, c->efd);
if (len < 0 && (errno == EINTR || errno == EAGAIN ||
if (len == -1 && (errno == EINTR || errno == EAGAIN ||
errno == EWOULDBLOCK))
return 1;
if (len <= 0) {
@ -2130,7 +2130,7 @@ channel_handle_efd_read(struct ssh *ssh, Channel *c,
len = read(c->efd, buf, sizeof(buf));
debug2("channel %d: read %zd from efd %d", c->self, len, c->efd);
if (len < 0 && (errno == EINTR || ((errno == EAGAIN ||
if (len == -1 && (errno == EINTR || ((errno == EAGAIN ||
errno == EWOULDBLOCK) && !force)))
return 1;
if (len <= 0) {
@ -2219,7 +2219,7 @@ read_mux(struct ssh *ssh, Channel *c, u_int need)
if (sshbuf_len(c->input) < need) {
rlen = need - sshbuf_len(c->input);
len = read(c->rfd, buf, MINIMUM(rlen, CHAN_RBUF));
if (len < 0 && (errno == EINTR || errno == EAGAIN))
if (len == -1 && (errno == EINTR || errno == EAGAIN))
return sshbuf_len(c->input);
if (len <= 0) {
debug2("channel %d: ctl read<=0 rfd %d len %zd",
@ -2283,7 +2283,7 @@ channel_post_mux_client_write(struct ssh *ssh, Channel *c,
return;
len = write(c->wfd, sshbuf_ptr(c->output), sshbuf_len(c->output));
if (len < 0 && (errno == EINTR || errno == EAGAIN))
if (len == -1 && (errno == EINTR || errno == EAGAIN))
return;
if (len <= 0) {
chan_mark_dead(ssh, c);
@ -2331,7 +2331,7 @@ channel_post_mux_listener(struct ssh *ssh, Channel *c,
return;
}
if (getpeereid(newsock, &euid, &egid) < 0) {
if (getpeereid(newsock, &euid, &egid) == -1) {
error("%s getpeereid failed: %s", __func__,
strerror(errno));
close(newsock);
@ -3461,7 +3461,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type,
}
/* Create a port to listen for the host. */
sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (sock < 0) {
if (sock == -1) {
/* this is no error since kernel may not support ipv6 */
verbose("socket [%s]:%s: %.100s", ntop, strport,
strerror(errno));
@ -3476,7 +3476,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type,
ntop, strport);
/* Bind the socket to the address. */
if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
/*
* address can be in if use ipv6 address is
* already bound
@ -3492,7 +3492,7 @@ channel_setup_fwd_listener_tcpip(struct ssh *ssh, int type,
continue;
}
/* Start listening for connections on the socket. */
if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
if (listen(sock, SSH_LISTEN_BACKLOG) == -1) {
error("listen: %.100s", strerror(errno));
error("listen [%s]:%s: %.100s", ntop, strport,
strerror(errno));
@ -4512,7 +4512,7 @@ channel_send_window_changes(struct ssh *ssh)
if (sc->channels[i] == NULL || !sc->channels[i]->client_tty ||
sc->channels[i]->type != SSH_CHANNEL_OPEN)
continue;
if (ioctl(sc->channels[i]->rfd, TIOCGWINSZ, &ws) < 0)
if (ioctl(sc->channels[i]->rfd, TIOCGWINSZ, &ws) == -1)
continue;
channel_request_start(ssh, i, "window-change", 0);
if ((r = sshpkt_put_u32(ssh, (u_int)ws.ws_col)) != 0 ||
@ -4615,7 +4615,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset,
continue;
sock = socket(ai->ai_family, ai->ai_socktype,
ai->ai_protocol);
if (sock < 0) {
if (sock == -1) {
if ((errno != EINVAL) && (errno != EAFNOSUPPORT)
#ifdef EPFNOSUPPORT
&& (errno != EPFNOSUPPORT)
@ -4634,7 +4634,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset,
sock_set_v6only(sock);
if (x11_use_localhost)
set_reuseaddr(sock);
if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
debug2("%s: bind port %d: %.100s", __func__,
port, strerror(errno));
close(sock);
@ -4658,7 +4658,7 @@ x11_create_display_inet(struct ssh *ssh, int x11_display_offset,
/* Start listening for connections on the socket. */
for (n = 0; n < num_socks; n++) {
sock = socks[n];
if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
if (listen(sock, SSH_LISTEN_BACKLOG) == -1) {
error("listen: %.100s", strerror(errno));
close(sock);
return -1;
@ -4690,7 +4690,7 @@ connect_local_xsocket_path(const char *pathname)
struct sockaddr_un addr;
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock < 0)
if (sock == -1)
error("socket: %.100s", strerror(errno));
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
@ -4831,12 +4831,12 @@ x11_connect_display(struct ssh *ssh)
for (ai = aitop; ai; ai = ai->ai_next) {
/* Create a socket. */
sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (sock < 0) {
if (sock == -1) {
debug2("socket: %.100s", strerror(errno));
continue;
}
/* Connect it to the display. */
if (connect(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
if (connect(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
debug2("connect %.100s port %u: %.100s", buf,
6000 + display_number, strerror(errno));
close(sock);

12
clientloop.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: clientloop.c,v 1.325 2019/06/26 22:29:43 dtucker Exp $ */
/* $OpenBSD: clientloop.c,v 1.326 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -561,7 +561,7 @@ client_wait_until_can_do_something(struct ssh *ssh,
}
ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp);
if (ret < 0) {
if (ret == -1) {
/*
* We have to clear the select masks, because we return.
* We have to return, because the mainloop checks for the flags
@ -644,11 +644,11 @@ client_process_net_input(struct ssh *ssh, fd_set *readset)
* There is a kernel bug on Solaris that causes select to
* sometimes wake up even though there is no data available.
*/
if (len < 0 &&
if (len == -1 &&
(errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK))
len = 0;
if (len < 0) {
if (len == -1) {
/*
* An error has encountered. Perhaps there is a
* network problem.
@ -1096,7 +1096,7 @@ process_escapes(struct ssh *ssh, Channel *c,
/* Fork into background. */
pid = fork();
if (pid < 0) {
if (pid == -1) {
error("fork: %.100s", strerror(errno));
continue;
}
@ -2248,7 +2248,7 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem,
struct winsize ws;
/* Store window size in the packet. */
if (ioctl(in_fd, TIOCGWINSZ, &ws) < 0)
if (ioctl(in_fd, TIOCGWINSZ, &ws) == -1)
memset(&ws, 0, sizeof(ws));
channel_request_start(ssh, id, "pty-req", 1);

18
misc.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: misc.c,v 1.138 2019/06/27 18:03:37 deraadt Exp $ */
/* $OpenBSD: misc.c,v 1.139 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@ -96,7 +96,7 @@ set_nonblock(int fd)
int val;
val = fcntl(fd, F_GETFL);
if (val < 0) {
if (val == -1) {
error("fcntl(%d, F_GETFL): %s", fd, strerror(errno));
return (-1);
}
@ -120,7 +120,7 @@ unset_nonblock(int fd)
int val;
val = fcntl(fd, F_GETFL);
if (val < 0) {
if (val == -1) {
error("fcntl(%d, F_GETFL): %s", fd, strerror(errno));
return (-1);
}
@ -1136,7 +1136,7 @@ tun_open(int tun, int mode, char **ifname)
return -1;
}
if (fd < 0) {
if (fd == -1) {
debug("%s: %s open: %s", __func__, name, strerror(errno));
return -1;
}
@ -1575,7 +1575,7 @@ unix_listener(const char *path, int backlog, int unlink_first)
}
sock = socket(PF_UNIX, SOCK_STREAM, 0);
if (sock < 0) {
if (sock == -1) {
saved_errno = errno;
error("%s: socket: %.100s", __func__, strerror(errno));
errno = saved_errno;
@ -1585,7 +1585,7 @@ unix_listener(const char *path, int backlog, int unlink_first)
if (unlink(path) != 0 && errno != ENOENT)
error("unlink(%s): %.100s", path, strerror(errno));
}
if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) {
if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) {
saved_errno = errno;
error("%s: cannot bind to path %s: %s",
__func__, path, strerror(errno));
@ -1593,7 +1593,7 @@ unix_listener(const char *path, int backlog, int unlink_first)
errno = saved_errno;
return -1;
}
if (listen(sock, backlog) < 0) {
if (listen(sock, backlog) == -1) {
saved_errno = errno;
error("%s: cannot listen on path %s: %s",
__func__, path, strerror(errno));
@ -1875,7 +1875,7 @@ safe_path(const char *name, struct stat *stp, const char *pw_dir,
}
strlcpy(buf, cp, sizeof(buf));
if (stat(buf, &st) < 0 ||
if (stat(buf, &st) == -1 ||
(!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) ||
(st.st_mode & 022) != 0) {
snprintf(err, errlen,
@ -1910,7 +1910,7 @@ safe_path_fd(int fd, const char *file, struct passwd *pw,
struct stat st;
/* check the open file to avoid races */
if (fstat(fd, &st) < 0) {
if (fstat(fd, &st) == -1) {
snprintf(err, errlen, "cannot stat file %s: %s",
file, strerror(errno));
return -1;

10
monitor.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: monitor.c,v 1.197 2019/01/21 10:38:54 djm Exp $ */
/* $OpenBSD: monitor.c,v 1.198 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -1470,7 +1470,7 @@ mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw)
fromlen = sizeof(from);
if (ssh_packet_connection_is_on_socket(ssh)) {
if (getpeername(ssh_packet_get_connection_in(ssh),
(struct sockaddr *)&from, &fromlen) < 0) {
(struct sockaddr *)&from, &fromlen) == -1) {
debug("getpeername: %.100s", strerror(errno));
cleanup_exit(255);
}
@ -1538,7 +1538,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
fatal("%s: send fds failed", __func__);
/* make sure nothing uses fd 0 */
if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) == -1)
fatal("%s: open(/dev/null): %s", __func__, strerror(errno));
if (fd0 != 0)
error("%s: fd0 %d != 0", __func__, fd0);
@ -1730,9 +1730,9 @@ monitor_openfds(struct monitor *mon, int do_logfds)
if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1)
fatal("%s: socketpair: %s", __func__, strerror(errno));
#ifdef SO_ZEROIZE
if (setsockopt(pair[0], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0)
if (setsockopt(pair[0], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) == -1)
error("setsockopt SO_ZEROIZE(0): %.100s", strerror(errno));
if (setsockopt(pair[1], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0)
if (setsockopt(pair[1], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) == -1)
error("setsockopt SO_ZEROIZE(1): %.100s", strerror(errno));
#endif
FD_CLOSEONEXEC(pair[0]);

4
monitor_wrap.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: monitor_wrap.c,v 1.112 2019/01/21 09:54:11 djm Exp $ */
/* $OpenBSD: monitor_wrap.c,v 1.113 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -612,7 +612,7 @@ mm_session_pty_cleanup2(Session *s)
sshbuf_free(m);
/* closed dup'ed master */
if (s->ptymaster != -1 && close(s->ptymaster) < 0)
if (s->ptymaster != -1 && close(s->ptymaster) == -1)
error("close(s->ptymaster/%d): %s",
s->ptymaster, strerror(errno));

8
mux.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: mux.c,v 1.79 2019/01/19 21:35:25 djm Exp $ */
/* $OpenBSD: mux.c,v 1.80 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
*
@ -1492,7 +1492,7 @@ mux_client_read(int fd, struct sshbuf *b, size_t need)
return -1;
}
len = read(fd, p + have, need - have);
if (len < 0) {
if (len == -1) {
switch (errno) {
#if defined(EWOULDBLOCK) && (EWOULDBLOCK != EAGAIN)
case EWOULDBLOCK:
@ -1541,7 +1541,7 @@ mux_client_write_packet(int fd, struct sshbuf *m)
return -1;
}
len = write(fd, ptr + have, need - have);
if (len < 0) {
if (len == -1) {
switch (errno) {
#if defined(EWOULDBLOCK) && (EWOULDBLOCK != EAGAIN)
case EWOULDBLOCK:
@ -2324,7 +2324,7 @@ muxclient(const char *path)
fatal("ControlPath too long ('%s' >= %u bytes)", path,
(unsigned int)sizeof(addr.sun_path));
if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
fatal("%s socket(): %s", __func__, strerror(errno));
if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == -1) {

6
nchan.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: nchan.c,v 1.69 2018/10/04 07:47:35 djm Exp $ */
/* $OpenBSD: nchan.c,v 1.70 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
*
@ -380,7 +380,7 @@ chan_shutdown_write(struct ssh *ssh, Channel *c)
c->self, __func__, c->istate, c->ostate, c->sock, c->wfd, c->efd,
channel_format_extended_usage(c));
if (c->sock != -1) {
if (shutdown(c->sock, SHUT_WR) < 0) {
if (shutdown(c->sock, SHUT_WR) == -1) {
debug2("channel %d: %s: shutdown() failed for "
"fd %d [i%d o%d]: %.100s", c->self, __func__,
c->sock, c->istate, c->ostate,
@ -410,7 +410,7 @@ chan_shutdown_read(struct ssh *ssh, Channel *c)
* write side has been closed already. (bug on Linux)
* HP-UX may return ENOTCONN also.
*/
if (shutdown(c->sock, SHUT_RD) < 0 && errno != ENOTCONN) {
if (shutdown(c->sock, SHUT_RD) == -1 && errno != ENOTCONN) {
error("channel %d: %s: shutdown() failed for "
"fd %d [i%d o%d]: %.100s",
c->self, __func__, c->sock, c->istate, c->ostate,

14
packet.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: packet.c,v 1.285 2019/06/07 14:18:48 dtucker Exp $ */
/* $OpenBSD: packet.c,v 1.286 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -440,12 +440,12 @@ ssh_packet_connection_is_on_socket(struct ssh *ssh)
fromlen = sizeof(from);
memset(&from, 0, sizeof(from));
if (getpeername(state->connection_in, (struct sockaddr *)&from,
&fromlen) < 0)
&fromlen) == -1)
return 0;
tolen = sizeof(to);
memset(&to, 0, sizeof(to));
if (getpeername(state->connection_out, (struct sockaddr *)&to,
&tolen) < 0)
&tolen) == -1)
return 0;
if (fromlen != tolen || memcmp(&from, &to, fromlen) != 0)
return 0;
@ -471,7 +471,7 @@ ssh_packet_connection_af(struct ssh *ssh)
memset(&to, 0, sizeof(to));
if (getsockname(ssh->state->connection_out, (struct sockaddr *)&to,
&tolen) < 0)
&tolen) == -1)
return 0;
#ifdef IPV4_IN_IPV6
if (to.ss_family == AF_INET6 &&
@ -1359,7 +1359,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
r = SSH_ERR_CONN_CLOSED;
goto out;
}
if (len < 0) {
if (len == -1) {
r = SSH_ERR_SYSTEM_ERROR;
goto out;
}
@ -2036,7 +2036,7 @@ ssh_packet_set_tos(struct ssh *ssh, int tos)
case AF_INET:
debug3("%s: set IP_TOS 0x%02x", __func__, tos);
if (setsockopt(ssh->state->connection_in,
IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) < 0)
IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) == -1)
error("setsockopt IP_TOS %d: %.100s:",
tos, strerror(errno));
break;
@ -2045,7 +2045,7 @@ ssh_packet_set_tos(struct ssh *ssh, int tos)
case AF_INET6:
debug3("%s: set IPV6_TCLASS 0x%02x", __func__, tos);
if (setsockopt(ssh->state->connection_in,
IPPROTO_IPV6, IPV6_TCLASS, &tos, sizeof(tos)) < 0)
IPPROTO_IPV6, IPV6_TCLASS, &tos, sizeof(tos)) == -1)
error("setsockopt IPV6_TCLASS %d: %.100s:",
tos, strerror(errno));
break;

4
readconf.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.c,v 1.306 2019/06/12 11:31:50 jmc Exp $ */
/* $OpenBSD: readconf.c,v 1.307 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -518,7 +518,7 @@ execute_in_shell(const char *cmd)
_exit(1);
}
/* Parent. */
if (pid < 0)
if (pid == -1)
fatal("%s: fork: %.100s", __func__, strerror(errno));
close(devnull);

10
readpass.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: readpass.c,v 1.53 2019/01/19 04:15:56 tb Exp $ */
/* $OpenBSD: readpass.c,v 1.54 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -61,19 +61,19 @@ ssh_askpass(char *askpass, const char *msg)
error("ssh_askpass: fflush: %s", strerror(errno));
if (askpass == NULL)
fatal("internal error: askpass undefined");
if (pipe(p) < 0) {
if (pipe(p) == -1) {
error("ssh_askpass: pipe: %s", strerror(errno));
return NULL;
}
osigchld = signal(SIGCHLD, SIG_DFL);
if ((pid = fork()) < 0) {
if ((pid = fork()) == -1) {
error("ssh_askpass: fork: %s", strerror(errno));
signal(SIGCHLD, osigchld);
return NULL;
}
if (pid == 0) {
close(p[0]);
if (dup2(p[1], STDOUT_FILENO) < 0)
if (dup2(p[1], STDOUT_FILENO) == -1)
fatal("ssh_askpass: dup2: %s", strerror(errno));
execlp(askpass, askpass, msg, (char *)NULL);
fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno));
@ -93,7 +93,7 @@ ssh_askpass(char *askpass, const char *msg)
buf[len] = '\0';
close(p[0]);
while ((ret = waitpid(pid, &status, 0)) < 0)
while ((ret = waitpid(pid, &status, 0)) == -1)
if (errno != EINTR)
break;
signal(SIGCHLD, osigchld);

24
scp.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: scp.c,v 1.204 2019/02/10 11:15:52 djm Exp $ */
/* $OpenBSD: scp.c,v 1.205 2019/06/28 13:35:04 deraadt Exp $ */
/*
* scp - secure remote copy. This is basically patched BSD rcp which
* uses ssh to do the data transfer (instead of using rcmd).
@ -253,13 +253,13 @@ do_cmd(char *host, char *remuser, int port, char *cmd, int *fdin, int *fdout)
* Reserve two descriptors so that the real pipes won't get
* descriptors 0 and 1 because that will screw up dup2 below.
*/
if (pipe(reserved) < 0)
if (pipe(reserved) == -1)
fatal("pipe: %s", strerror(errno));
/* Create a socket pair for communicating with ssh. */
if (pipe(pin) < 0)
if (pipe(pin) == -1)
fatal("pipe: %s", strerror(errno));
if (pipe(pout) < 0)
if (pipe(pout) == -1)
fatal("pipe: %s", strerror(errno));
/* Free the reserved descriptors. */
@ -1075,13 +1075,13 @@ source(int argc, char **argv)
len = strlen(name);
while (len > 1 && name[len-1] == '/')
name[--len] = '\0';
if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) < 0)
if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) == -1)
goto syserr;
if (strchr(name, '\n') != NULL) {
strnvis(encname, name, sizeof(encname), VIS_NL);
name = encname;
}
if (fstat(fd, &stb) < 0) {
if (fstat(fd, &stb) == -1) {
syserr: run_err("%s: %s", name, strerror(errno));
goto next;
}
@ -1155,7 +1155,7 @@ next: if (fd != -1) {
unset_nonblock(remout);
if (fd != -1) {
if (close(fd) < 0 && !haderr)
if (close(fd) == -1 && !haderr)
haderr = errno;
fd = -1;
}
@ -1419,14 +1419,14 @@ sink(int argc, char **argv, const char *src)
/* Handle copying from a read-only
directory */
mod_flag = 1;
if (mkdir(np, mode | S_IRWXU) < 0)
if (mkdir(np, mode | S_IRWXU) == -1)
goto bad;
}
vect[0] = xstrdup(np);
sink(1, vect, src);
if (setimes) {
setimes = 0;
if (utimes(vect[0], tv) < 0)
if (utimes(vect[0], tv) == -1)
run_err("%s: set times: %s",
vect[0], strerror(errno));
}
@ -1437,7 +1437,7 @@ sink(int argc, char **argv, const char *src)
}
omode = mode;
mode |= S_IWUSR;
if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) {
if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) == -1) {
bad: run_err("%s: %s", np, strerror(errno));
continue;
}
@ -1527,7 +1527,7 @@ bad: run_err("%s: %s", np, strerror(errno));
stop_progress_meter();
if (setimes && wrerr == NO) {
setimes = 0;
if (utimes(np, tv) < 0) {
if (utimes(np, tv) == -1) {
run_err("%s: set times: %s",
np, strerror(errno));
wrerr = DISPLAYED;
@ -1681,7 +1681,7 @@ allocbuf(BUF *bp, int fd, int blksize)
#ifdef HAVE_STRUCT_STAT_ST_BLKSIZE
struct stat stb;
if (fstat(fd, &stb) < 0) {
if (fstat(fd, &stb) == -1) {
run_err("fstat: %s", strerror(errno));
return (0);
}

8
serverloop.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: serverloop.c,v 1.215 2019/03/27 09:29:14 djm Exp $ */
/* $OpenBSD: serverloop.c,v 1.216 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -123,7 +123,7 @@ static int notify_pipe[2];
static void
notify_setup(void)
{
if (pipe(notify_pipe) < 0) {
if (pipe(notify_pipe) == -1) {
error("pipe(notify_pipe) failed %s", strerror(errno));
} else if ((fcntl(notify_pipe[0], F_SETFD, FD_CLOEXEC) == -1) ||
(fcntl(notify_pipe[1], F_SETFD, FD_CLOEXEC) == -1)) {
@ -328,7 +328,7 @@ process_input(struct ssh *ssh, fd_set *readset, int connection_in)
verbose("Connection closed by %.100s port %d",
ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
return -1;
} else if (len < 0) {
} else if (len == -1) {
if (errno != EINTR && errno != EAGAIN &&
errno != EWOULDBLOCK) {
verbose("Read error from remote host "
@ -384,7 +384,7 @@ collect_children(struct ssh *ssh)
if (child_terminated) {
debug("Received SIGCHLD.");
while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
(pid < 0 && errno == EINTR))
(pid == -1 && errno == EINTR))
if (pid > 0)
session_close_by_pid(ssh, pid, status);
child_terminated = 0;

48
session.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: session.c,v 1.315 2019/02/22 03:37:11 djm Exp $ */
/* $OpenBSD: session.c,v 1.316 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@ -399,17 +399,17 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command)
fatal("do_exec_no_pty: no session");
/* Allocate pipes for communicating with the program. */
if (pipe(pin) < 0) {
if (pipe(pin) == -1) {
error("%s: pipe in: %.100s", __func__, strerror(errno));
return -1;
}
if (pipe(pout) < 0) {
if (pipe(pout) == -1) {
error("%s: pipe out: %.100s", __func__, strerror(errno));
close(pin[0]);
close(pin[1]);
return -1;
}
if (pipe(perr) < 0) {
if (pipe(perr) == -1) {
error("%s: pipe err: %.100s", __func__,
strerror(errno));
close(pin[0]);
@ -425,11 +425,11 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command)
fatal("do_exec_no_pty: no session");
/* Uses socket pairs to communicate with the program. */
if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0) {
if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) == -1) {
error("%s: socketpair #1: %.100s", __func__, strerror(errno));
return -1;
}
if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) {
if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) == -1) {
error("%s: socketpair #2: %.100s", __func__,
strerror(errno));
close(inout[0]);
@ -465,7 +465,7 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command)
* Create a new session and process group since the 4.4BSD
* setlogin() affects the entire process group.
*/
if (setsid() < 0)
if (setsid() == -1)
error("setsid failed: %.100s", strerror(errno));
#ifdef USE_PIPES
@ -474,19 +474,19 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command)
* pair, and make the child side the standard input.
*/
close(pin[1]);
if (dup2(pin[0], 0) < 0)
if (dup2(pin[0], 0) == -1)
perror("dup2 stdin");
close(pin[0]);
/* Redirect stdout. */
close(pout[0]);
if (dup2(pout[1], 1) < 0)
if (dup2(pout[1], 1) == -1)
perror("dup2 stdout");
close(pout[1]);
/* Redirect stderr. */
close(perr[0]);
if (dup2(perr[1], 2) < 0)
if (dup2(perr[1], 2) == -1)
perror("dup2 stderr");
close(perr[1]);
#else
@ -497,12 +497,12 @@ do_exec_no_pty(struct ssh *ssh, Session *s, const char *command)
*/
close(inout[1]);
close(err[1]);
if (dup2(inout[0], 0) < 0) /* stdin */
if (dup2(inout[0], 0) == -1) /* stdin */
perror("dup2 stdin");
if (dup2(inout[0], 1) < 0) /* stdout (same as stdin) */
if (dup2(inout[0], 1) == -1) /* stdout (same as stdin) */
perror("dup2 stdout");
close(inout[0]);
if (dup2(err[0], 2) < 0) /* stderr */
if (dup2(err[0], 2) == -1) /* stderr */
perror("dup2 stderr");
close(err[0]);
#endif
@ -577,14 +577,14 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command)
* Do this before forking (and cleanup in the child) so as to
* detect and gracefully fail out-of-fd conditions.
*/
if ((fdout = dup(ptyfd)) < 0) {
if ((fdout = dup(ptyfd)) == -1) {
error("%s: dup #1: %s", __func__, strerror(errno));
close(ttyfd);
close(ptyfd);
return -1;
}
/* we keep a reference to the pty master */
if ((ptymaster = dup(ptyfd)) < 0) {
if ((ptymaster = dup(ptyfd)) == -1) {
error("%s: dup #2: %s", __func__, strerror(errno));
close(ttyfd);
close(ptyfd);
@ -614,11 +614,11 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command)
pty_make_controlling_tty(&ttyfd, s->tty);
/* Redirect stdin/stdout/stderr from the pseudo tty. */
if (dup2(ttyfd, 0) < 0)
if (dup2(ttyfd, 0) == -1)
error("dup2 stdin: %s", strerror(errno));
if (dup2(ttyfd, 1) < 0)
if (dup2(ttyfd, 1) == -1)
error("dup2 stdout: %s", strerror(errno));
if (dup2(ttyfd, 2) < 0)
if (dup2(ttyfd, 2) == -1)
error("dup2 stderr: %s", strerror(errno));
/* Close the extra descriptor for the pseudo tty. */
@ -755,7 +755,7 @@ do_login(struct ssh *ssh, Session *s, const char *command)
fromlen = sizeof(from);
if (ssh_packet_connection_is_on_socket(ssh)) {
if (getpeername(ssh_packet_get_connection_in(ssh),
(struct sockaddr *)&from, &fromlen) < 0) {
(struct sockaddr *)&from, &fromlen) == -1) {
debug("getpeername: %.100s", strerror(errno));
cleanup_exit(255);
}
@ -1619,7 +1619,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
#endif
/* Change current directory to the user's home directory. */
if (chdir(pw->pw_dir) < 0) {
if (chdir(pw->pw_dir) == -1) {
/* Suppress missing homedir warning for chroot case */
#ifdef HAVE_LOGIN_CAP
r = login_getcapbool(lc, "requirehome", 0);
@ -1973,7 +1973,7 @@ session_subsystem_req(struct ssh *ssh, Session *s)
s->is_subsystem = SUBSYSTEM_INT_SFTP;
debug("subsystem: %s", prog);
} else {
if (stat(prog, &st) < 0)
if (stat(prog, &st) == -1)
debug("subsystem: cannot stat %s: %s",
prog, strerror(errno));
s->is_subsystem = SUBSYSTEM_EXT;
@ -2062,7 +2062,7 @@ session_break_req(struct ssh *ssh, Session *s)
(r = sshpkt_get_end(ssh)) != 0)
sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
if (s->ptymaster == -1 || tcsendbreak(s->ptymaster, 0) < 0)
if (s->ptymaster == -1 || tcsendbreak(s->ptymaster, 0) == -1)
return 0;
return 1;
}
@ -2286,7 +2286,7 @@ session_pty_cleanup2(Session *s)
* the pty cleanup, so that another process doesn't get this pty
* while we're still cleaning up.
*/
if (s->ptymaster != -1 && close(s->ptymaster) < 0)
if (s->ptymaster != -1 && close(s->ptymaster) == -1)
error("close(s->ptymaster/%d): %s",
s->ptymaster, strerror(errno));
@ -2598,7 +2598,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s)
}
/* Set up a suitable value for the DISPLAY variable. */
if (gethostname(hostname, sizeof(hostname)) < 0)
if (gethostname(hostname, sizeof(hostname)) == -1)
fatal("gethostname: %.100s", strerror(errno));
/*
* auth_display must be used as the displayname when the

24
sftp-server.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: sftp-server.c,v 1.115 2019/06/06 05:13:13 otto Exp $ */
/* $OpenBSD: sftp-server.c,v 1.116 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
*
@ -701,7 +701,7 @@ process_open(u_int32_t id)
status = SSH2_FX_PERMISSION_DENIED;
} else {
fd = open(name, flags, mode);
if (fd < 0) {
if (fd == -1) {
status = errno_to_portable(errno);
} else {
handle = handle_new(HANDLE_FILE, name, fd, flags, NULL);
@ -754,12 +754,12 @@ process_read(u_int32_t id)
}
fd = handle_to_fd(handle);
if (fd >= 0) {
if (lseek(fd, off, SEEK_SET) < 0) {
if (lseek(fd, off, SEEK_SET) == -1) {
error("process_read: seek failed");
status = errno_to_portable(errno);
} else {
ret = read(fd, buf, len);
if (ret < 0) {
if (ret == -1) {
status = errno_to_portable(errno);
} else if (ret == 0) {
status = SSH2_FX_EOF;
@ -795,13 +795,13 @@ process_write(u_int32_t id)
status = SSH2_FX_FAILURE;
else {
if (!(handle_to_flags(handle) & O_APPEND) &&
lseek(fd, off, SEEK_SET) < 0) {
lseek(fd, off, SEEK_SET) == -1) {
status = errno_to_portable(errno);
error("process_write: seek failed");
} else {
/* XXX ATOMICIO ? */
ret = write(fd, data, len);
if (ret < 0) {
if (ret == -1) {
error("process_write: write failed");
status = errno_to_portable(errno);
} else if ((size_t)ret == len) {
@ -831,7 +831,7 @@ process_do_stat(u_int32_t id, int do_lstat)
debug3("request %u: %sstat", id, do_lstat ? "l" : "");
verbose("%sstat name \"%s\"", do_lstat ? "l" : "", name);
r = do_lstat ? lstat(name, &st) : stat(name, &st);
if (r < 0) {
if (r == -1) {
status = errno_to_portable(errno);
} else {
stat_to_attrib(&st, &a);
@ -869,7 +869,7 @@ process_fstat(u_int32_t id)
fd = handle_to_fd(handle);
if (fd >= 0) {
r = fstat(fd, &st);
if (r < 0) {
if (r == -1) {
status = errno_to_portable(errno);
} else {
stat_to_attrib(&st, &a);
@ -1079,7 +1079,7 @@ process_readdir(u_int32_t id)
/* XXX OVERFLOW ? */
snprintf(pathname, sizeof pathname, "%s%s%s", path,
strcmp(path, "/") ? "/" : "", dp->d_name);
if (lstat(pathname, &st) < 0)
if (lstat(pathname, &st) == -1)
continue;
stat_to_attrib(&st, &(stats[count].attrib));
stats[count].name = xstrdup(dp->d_name);
@ -1726,7 +1726,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
if (olen > 0)
FD_SET(out, wset);
if (select(max+1, rset, wset, NULL, NULL) < 0) {
if (select(max+1, rset, wset, NULL, NULL) == -1) {
if (errno == EINTR)
continue;
error("select: %s", strerror(errno));
@ -1739,7 +1739,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
if (len == 0) {
debug("read eof");
sftp_server_cleanup_exit(0);
} else if (len < 0) {
} else if (len == -1) {
error("read: %s", strerror(errno));
sftp_server_cleanup_exit(1);
} else if ((r = sshbuf_put(iqueue, buf, len)) != 0) {
@ -1750,7 +1750,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
/* send oqueue to stdout */
if (FD_ISSET(out, wset)) {
len = write(out, sshbuf_ptr(oqueue), olen);
if (len < 0) {
if (len == -1) {
error("write: %s", strerror(errno));
sftp_server_cleanup_exit(1);
} else if ((r = sshbuf_consume(oqueue, len)) != 0) {

6
ssh-add.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-add.c,v 1.139 2019/06/06 05:13:13 otto Exp $ */
/* $OpenBSD: ssh-add.c,v 1.140 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -203,7 +203,7 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag)
if (strcmp(filename, "-") == 0) {
fd = STDIN_FILENO;
filename = "(stdin)";
} else if ((fd = open(filename, O_RDONLY)) < 0) {
} else if ((fd = open(filename, O_RDONLY)) == -1) {
perror(filename);
return -1;
}
@ -727,7 +727,7 @@ main(int argc, char **argv)
for (i = 0; default_files[i]; i++) {
snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir,
default_files[i]);
if (stat(buf, &st) < 0)
if (stat(buf, &st) == -1)
continue;
if (do_file(agent_fd, deleting, key_only, buf,
qflag) == -1)

10
ssh-agent.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-agent.c,v 1.236 2019/06/21 04:21:04 djm Exp $ */
/* $OpenBSD: ssh-agent.c,v 1.237 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -827,11 +827,11 @@ handle_socket_read(u_int socknum)
slen = sizeof(sunaddr);
fd = accept(sockets[socknum].fd, (struct sockaddr *)&sunaddr, &slen);
if (fd < 0) {
if (fd == -1) {
error("accept from AUTH_SOCKET: %s", strerror(errno));
return -1;
}
if (getpeereid(fd, &euid, &egid) < 0) {
if (getpeereid(fd, &euid, &egid) == -1) {
error("getpeereid %d failed: %s", fd, strerror(errno));
close(fd);
return -1;
@ -1312,7 +1312,7 @@ main(int ac, char **av)
#ifdef HAVE_SETRLIMIT
/* deny core dumps, since memory contains unencrypted private keys */
rlim.rlim_cur = rlim.rlim_max = 0;
if (setrlimit(RLIMIT_CORE, &rlim) < 0) {
if (setrlimit(RLIMIT_CORE, &rlim) == -1) {
error("setrlimit RLIMIT_CORE: %s", strerror(errno));
cleanup_exit(1);
}
@ -1345,7 +1345,7 @@ skip:
if (parent_alive_interval != 0)
check_parent_exists();
(void) reaper(); /* remove expired keys */
if (result < 0) {
if (result == -1) {
if (saved_errno == EINTR)
continue;
fatal("poll: %s", strerror(saved_errno));

24
ssh-keygen.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-keygen.c,v 1.332 2019/06/21 04:21:04 djm Exp $ */
/* $OpenBSD: ssh-keygen.c,v 1.333 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -370,7 +370,7 @@ do_convert_to(struct passwd *pw)
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
if (stat(identity_file, &st) < 0)
if (stat(identity_file, &st) == -1)
fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
if ((r = sshkey_load_public(identity_file, &k, NULL)) != 0)
k = load_identity(identity_file);
@ -696,7 +696,7 @@ do_convert_from(struct passwd *pw)
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
if (stat(identity_file, &st) < 0)
if (stat(identity_file, &st) == -1)
fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
switch (convert_format) {
@ -756,7 +756,7 @@ do_print_public(struct passwd *pw)
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
if (stat(identity_file, &st) < 0)
if (stat(identity_file, &st) == -1)
fatal("%s: %s", identity_file, strerror(errno));
prv = load_identity(identity_file);
if ((r = sshkey_write(prv, stdout)) != 0)
@ -854,7 +854,7 @@ fingerprint_private(const char *path)
struct sshkey *public = NULL;
int r;
if (stat(identity_file, &st) < 0)
if (stat(identity_file, &st) == -1)
fatal("%s: %s", path, strerror(errno));
if ((r = sshkey_load_public(path, &public, &comment)) != 0) {
debug("load public \"%s\": %s", path, ssh_err(r));
@ -1340,7 +1340,7 @@ do_change_passphrase(struct passwd *pw)
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
if (stat(identity_file, &st) < 0)
if (stat(identity_file, &st) == -1)
fatal("%s: %s", identity_file, strerror(errno));
/* Try to load the file with empty passphrase. */
r = sshkey_load_private(identity_file, "", &private, &comment);
@ -1424,7 +1424,7 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname,
if (fname == NULL)
fatal("%s: no filename", __func__);
if (stat(fname, &st) < 0) {
if (stat(fname, &st) == -1) {
if (errno == ENOENT)
return 0;
fatal("%s: %s", fname, strerror(errno));
@ -1453,7 +1453,7 @@ do_change_comment(struct passwd *pw, const char *identity_comment)
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
if (stat(identity_file, &st) < 0)
if (stat(identity_file, &st) == -1)
fatal("%s: %s", identity_file, strerror(errno));
if ((r = sshkey_load_private(identity_file, "",
&private, &comment)) == 0)
@ -2045,7 +2045,7 @@ do_show_cert(struct passwd *pw)
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
if (strcmp(identity_file, "-") != 0 && stat(identity_file, &st) < 0)
if (strcmp(identity_file, "-") != 0 && stat(identity_file, &st) == -1)
fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
path = identity_file;
@ -2472,7 +2472,7 @@ main(int argc, char **argv)
pw = getpwuid(getuid());
if (!pw)
fatal("No user exists for uid %lu", (u_long)getuid());
if (gethostname(hostname, sizeof(hostname)) < 0)
if (gethostname(hostname, sizeof(hostname)) == -1)
fatal("gethostname: %s", strerror(errno));
/* Remaining characters: Ydw */
@ -2852,11 +2852,11 @@ main(int argc, char **argv)
snprintf(dotsshdir, sizeof dotsshdir, "%s/%s",
pw->pw_dir, _PATH_SSH_USER_DIR);
if (strstr(identity_file, dotsshdir) != NULL) {
if (stat(dotsshdir, &st) < 0) {
if (stat(dotsshdir, &st) == -1) {
if (errno != ENOENT) {
error("Could not stat %s: %s", dotsshdir,
strerror(errno));
} else if (mkdir(dotsshdir, 0700) < 0) {
} else if (mkdir(dotsshdir, 0700) == -1) {
error("Could not create directory '%s': %s",
dotsshdir, strerror(errno));
} else if (!quiet)

12
ssh-keyscan.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-keyscan.c,v 1.127 2019/06/06 05:13:13 otto Exp $ */
/* $OpenBSD: ssh-keyscan.c,v 1.128 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
*
@ -122,7 +122,7 @@ fdlim_get(int hard)
#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE)
struct rlimit rlfd;
if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0)
if (getrlimit(RLIMIT_NOFILE, &rlfd) == -1)
return (-1);
if ((hard ? rlfd.rlim_max : rlfd.rlim_cur) == RLIM_INFINITY)
return SSH_SYSFDMAX;
@ -143,10 +143,10 @@ fdlim_set(int lim)
if (lim <= 0)
return (-1);
#if defined(HAVE_SETRLIMIT) && defined(RLIMIT_NOFILE)
if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0)
if (getrlimit(RLIMIT_NOFILE, &rlfd) == -1)
return (-1);
rlfd.rlim_cur = lim;
if (setrlimit(RLIMIT_NOFILE, &rlfd) < 0)
if (setrlimit(RLIMIT_NOFILE, &rlfd) == -1)
return (-1);
#elif defined (HAVE_SETDTABLESIZE)
setdtablesize(lim);
@ -343,13 +343,13 @@ tcpconnect(char *host)
}
for (ai = aitop; ai; ai = ai->ai_next) {
s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (s < 0) {
if (s == -1) {
error("socket: %s", strerror(errno));
continue;
}
if (set_nonblock(s) == -1)
fatal("%s: set_nonblock(%d)", __func__, s);
if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0 &&
if (connect(s, ai->ai_addr, ai->ai_addrlen) == -1 &&
errno != EINPROGRESS)
error("connect (`%s'): %s", host, strerror(errno));
else

18
ssh.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.c,v 1.504 2019/06/14 04:13:58 djm Exp $ */
/* $OpenBSD: ssh.c,v 1.505 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -773,7 +773,7 @@ main(int ac, char **av)
break;
case 'i':
p = tilde_expand_filename(optarg, getuid());
if (stat(p, &st) < 0)
if (stat(p, &st) == -1)
fprintf(stderr, "Warning: Identity file %s "
"not accessible: %s.\n", p,
strerror(errno));
@ -1426,7 +1426,7 @@ main(int ac, char **av)
if (config == NULL) {
r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) == -1) {
#ifdef WITH_SELINUX
ssh_selinux_setfscreatecon(buf);
#endif
@ -1593,7 +1593,7 @@ fork_postauth(void)
control_persist_detach();
debug("forking to background");
fork_after_authentication_flag = 0;
if (daemon(1, 1) < 0)
if (daemon(1, 1) == -1)
fatal("daemon() failed: %.200s", strerror(errno));
}
@ -1689,8 +1689,8 @@ ssh_init_stdio_forwarding(struct ssh *ssh)
debug3("%s: %s:%d", __func__, options.stdio_forward_host,
options.stdio_forward_port);
if ((in = dup(STDIN_FILENO)) < 0 ||
(out = dup(STDOUT_FILENO)) < 0)
if ((in = dup(STDIN_FILENO)) == -1 ||
(out = dup(STDOUT_FILENO)) == -1)
fatal("channel_connect_stdio_fwd: dup() in/out failed");
if ((c = channel_connect_stdio_fwd(ssh, options.stdio_forward_host,
options.stdio_forward_port, in, out)) == NULL)
@ -1843,7 +1843,7 @@ ssh_session2_open(struct ssh *ssh)
out = dup(STDOUT_FILENO);
err = dup(STDERR_FILENO);
if (in < 0 || out < 0 || err < 0)
if (in == -1 || out == -1 || err == -1)
fatal("dup() in/out/err failed");
/* enable nonblocking unless tty */
@ -1974,7 +1974,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1)
error("%s: open %s: %s", __func__,
_PATH_DEVNULL, strerror(errno));
if (dup2(devnull, STDOUT_FILENO) < 0)
if (dup2(devnull, STDOUT_FILENO) == -1)
fatal("%s: dup2() stdout failed", __func__);
if (devnull > STDERR_FILENO)
close(devnull);
@ -2161,7 +2161,7 @@ main_sigchld_handler(int sig)
int status;
while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
(pid < 0 && errno == EINTR))
(pid == -1 && errno == EINTR))
;
errno = save_errno;
}

26
sshconnect.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect.c,v 1.316 2019/06/21 04:21:04 djm Exp $ */
/* $OpenBSD: sshconnect.c,v 1.317 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -133,7 +133,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
if ((shell = getenv("SHELL")) == NULL)
shell = _PATH_BSHELL;
if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) < 0)
if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) == -1)
fatal("Could not create socketpair to communicate with "
"proxy dialer: %.100s", strerror(errno));
@ -148,11 +148,11 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
close(sp[1]);
/* Redirect stdin and stdout. */
if (sp[0] != 0) {
if (dup2(sp[0], 0) < 0)
if (dup2(sp[0], 0) == -1)
perror("dup2 stdin");
}
if (sp[0] != 1) {
if (dup2(sp[0], 1) < 0)
if (dup2(sp[0], 1) == -1)
perror("dup2 stdout");
}
if (sp[0] >= 2)
@ -180,7 +180,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
exit(1);
}
/* Parent. */
if (pid < 0)
if (pid == -1)
fatal("fork failed: %.100s", strerror(errno));
close(sp[0]);
free(command_string);
@ -216,7 +216,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
shell = _PATH_BSHELL;
/* Create pipes for communicating with the proxy. */
if (pipe(pin) < 0 || pipe(pout) < 0)
if (pipe(pin) == -1 || pipe(pout) == -1)
fatal("Could not create pipes to communicate with the proxy: %.100s",
strerror(errno));
@ -231,12 +231,12 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
/* Redirect stdin and stdout. */
close(pin[1]);
if (pin[0] != 0) {
if (dup2(pin[0], 0) < 0)
if (dup2(pin[0], 0) == -1)
perror("dup2 stdin");
close(pin[0]);
}
close(pout[0]);
if (dup2(pout[1], 1) < 0)
if (dup2(pout[1], 1) == -1)
perror("dup2 stdout");
/* Cannot be 1 because pin allocated two descriptors. */
close(pout[1]);
@ -262,7 +262,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
exit(1);
}
/* Parent. */
if (pid < 0)
if (pid == -1)
fatal("fork failed: %.100s", strerror(errno));
else
proxy_command_pid = pid; /* save pid to clean up later */
@ -371,7 +371,7 @@ ssh_create_socket(struct addrinfo *ai)
char ntop[NI_MAXHOST];
sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (sock < 0) {
if (sock == -1) {
error("socket: %s", strerror(errno));
return -1;
}
@ -532,7 +532,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
/* Set SO_KEEPALIVE if requested. */
if (want_keepalive &&
setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on,
sizeof(on)) < 0)
sizeof(on)) == -1)
error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
/* Set the connection. */
@ -553,8 +553,8 @@ ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
return ssh_connect_direct(ssh, host, addrs, hostaddr, port,
family, connection_attempts, timeout_ms, want_keepalive);
} else if (strcmp(options.proxy_command, "-") == 0) {
if ((in = dup(STDIN_FILENO)) < 0 ||
(out = dup(STDOUT_FILENO)) < 0) {
if ((in = dup(STDIN_FILENO)) == -1 ||
(out = dup(STDOUT_FILENO)) == -1) {
if (in >= 0)
close(in);
error("%s: dup() in/out failed", __func__);

20
sshconnect2.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect2.c,v 1.305 2019/05/31 03:20:07 djm Exp $ */
/* $OpenBSD: sshconnect2.c,v 1.306 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@ -1408,7 +1408,7 @@ load_identity_file(Identity *id)
int r, perm_ok = 0, quit = 0, i;
struct stat st;
if (stat(id->filename, &st) < 0) {
if (stat(id->filename, &st) == -1) {
(id->userprovided ? logit : debug3)("no such identity: %s: %s",
id->filename, strerror(errno));
return NULL;
@ -1841,7 +1841,7 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp,
*sigp = NULL;
*lenp = 0;
if (stat(_PATH_SSH_KEY_SIGN, &st) < 0) {
if (stat(_PATH_SSH_KEY_SIGN, &st) == -1) {
error("%s: not installed: %s", __func__, strerror(errno));
return -1;
}
@ -1849,30 +1849,30 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp,
error("%s: fflush: %s", __func__, strerror(errno));
return -1;
}
if (pipe(to) < 0) {
if (pipe(to) == -1) {
error("%s: pipe: %s", __func__, strerror(errno));
return -1;
}
if (pipe(from) < 0) {
if (pipe(from) == -1) {
error("%s: pipe: %s", __func__, strerror(errno));
return -1;
}
if ((pid = fork()) < 0) {
if ((pid = fork()) == -1) {
error("%s: fork: %s", __func__, strerror(errno));
return -1;
}
osigchld = signal(SIGCHLD, SIG_DFL);
if (pid == 0) {
close(from[0]);
if (dup2(from[1], STDOUT_FILENO) < 0)
if (dup2(from[1], STDOUT_FILENO) == -1)
fatal("%s: dup2: %s", __func__, strerror(errno));
close(to[1]);
if (dup2(to[0], STDIN_FILENO) < 0)
if (dup2(to[0], STDIN_FILENO) == -1)
fatal("%s: dup2: %s", __func__, strerror(errno));
close(from[1]);
close(to[0]);
if (dup2(sock, STDERR_FILENO + 1) < 0)
if (dup2(sock, STDERR_FILENO + 1) == -1)
fatal("%s: dup2: %s", __func__, strerror(errno));
sock = STDERR_FILENO + 1;
fcntl(sock, F_SETFD, 0); /* keep the socket on exec */
@ -1906,7 +1906,7 @@ ssh_keysign(struct ssh *ssh, struct sshkey *key, u_char **sigp, size_t *lenp,
}
errno = 0;
while (waitpid(pid, &status, 0) < 0) {
while (waitpid(pid, &status, 0) == -1) {
if (errno != EINTR) {
error("%s: waitpid %ld: %s",
__func__, (long)pid, strerror(errno));

30
sshd.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: sshd.c,v 1.536 2019/06/21 04:21:05 djm Exp $ */
/* $OpenBSD: sshd.c,v 1.537 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -345,7 +345,7 @@ main_sigchld_handler(int sig)
int status;
while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
(pid < 0 && errno == EINTR))
(pid == -1 && errno == EINTR))
;
errno = save_errno;
}
@ -468,7 +468,7 @@ privsep_preauth_child(void)
debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
(u_int)privsep_pw->pw_gid);
gidset[0] = privsep_pw->pw_gid;
if (setgroups(1, gidset) < 0)
if (setgroups(1, gidset) == -1)
fatal("setgroups: %.100s", strerror(errno));
permanently_set_uid(privsep_pw);
}
@ -508,7 +508,7 @@ privsep_preauth(struct ssh *ssh)
monitor_child_preauth(ssh, pmonitor);
/* Wait for the child's exit status */
while (waitpid(pid, &status, 0) < 0) {
while (waitpid(pid, &status, 0) == -1) {
if (errno == EINTR)
continue;
pmonitor->m_pid = -1;
@ -967,7 +967,7 @@ listen_on_addrs(struct listenaddr *la)
/* Create socket for listening. */
listen_sock = socket(ai->ai_family, ai->ai_socktype,
ai->ai_protocol);
if (listen_sock < 0) {
if (listen_sock == -1) {
/* kernel may not support ipv6 */
verbose("socket: %.100s", strerror(errno));
continue;
@ -996,7 +996,7 @@ listen_on_addrs(struct listenaddr *la)
debug("Bind to port %s on %s.", strport, ntop);
/* Bind the socket to the desired port. */
if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) < 0) {
if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) {
error("Bind to port %s on %s failed: %.200s.",
strport, ntop, strerror(errno));
close(listen_sock);
@ -1006,7 +1006,7 @@ listen_on_addrs(struct listenaddr *la)
num_listen_socks++;
/* Start listening on the port. */
if (listen(listen_sock, SSH_LISTEN_BACKLOG) < 0)
if (listen(listen_sock, SSH_LISTEN_BACKLOG) == -1)
fatal("listen on [%s]:%s: %.100s",
ntop, strport, strerror(errno));
logit("Server listening on %s port %s%s%s.",
@ -1091,7 +1091,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
/* Wait in select until there is a connection. */
ret = select(maxfd+1, fdset, NULL, NULL, NULL);
if (ret < 0 && errno != EINTR)
if (ret == -1 && errno != EINTR)
error("select: %.100s", strerror(errno));
if (received_sigterm) {
logit("Received signal %d; terminating.",
@ -1101,7 +1101,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
unlink(options.pid_file);
exit(received_sigterm == SIGTERM ? 0 : 255);
}
if (ret < 0)
if (ret == -1)
continue;
for (i = 0; i < options.max_startups; i++) {
@ -1141,7 +1141,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
fromlen = sizeof(from);
*newsock = accept(listen_socks[i],
(struct sockaddr *)&from, &fromlen);
if (*newsock < 0) {
if (*newsock == -1) {
if (errno != EINTR && errno != EWOULDBLOCK &&
errno != ECONNABORTED && errno != EAGAIN)
error("accept: %.100s",
@ -1261,7 +1261,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
/* Parent. Stay in the loop. */
platform_post_fork_parent(pid);
if (pid < 0)
if (pid == -1)
error("fork: %.100s", strerror(errno));
else
debug("Forked child %ld.", (long)pid);
@ -1314,7 +1314,7 @@ check_ip_options(struct ssh *ssh)
memset(&from, 0, sizeof(from));
if (getpeername(sock_in, (struct sockaddr *)&from,
&fromlen) < 0)
&fromlen) == -1)
return;
if (from.ss_family != AF_INET)
return;
@ -1895,7 +1895,7 @@ main(int ac, char **av)
already_daemon = daemonized();
if (!(debug_flag || inetd_flag || no_daemon_flag || already_daemon)) {
if (daemon(0, 0) < 0)
if (daemon(0, 0) == -1)
fatal("daemon() failed: %.200s", strerror(errno));
disconnect_controlling_tty();
@ -1958,7 +1958,7 @@ main(int ac, char **av)
* controlling terminal which will result in "could not set
* controlling tty" errors.
*/
if (!debug_flag && !inetd_flag && setsid() < 0)
if (!debug_flag && !inetd_flag && setsid() == -1)
error("setsid: %.100s", strerror(errno));
#endif
@ -2036,7 +2036,7 @@ main(int ac, char **av)
/* Set SO_KEEPALIVE if requested. */
if (options.tcp_keep_alive && ssh_packet_connection_is_on_socket(ssh) &&
setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0)
setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) == -1)
error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
if ((remote_port = ssh_remote_port(ssh)) < 0) {

14
sshkey-xmss.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: sshkey-xmss.c,v 1.4 2019/06/27 18:03:37 deraadt Exp $ */
/* $OpenBSD: sshkey-xmss.c,v 1.5 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2017 Markus Friedl. All rights reserved.
*
@ -473,12 +473,12 @@ sshkey_xmss_get_state(const struct sshkey *k, sshkey_printfn *pr)
ret = SSH_ERR_ALLOC_FAIL;
goto done;
}
if ((lockfd = open(lockfile, O_CREAT|O_RDONLY, 0600)) < 0) {
if ((lockfd = open(lockfile, O_CREAT|O_RDONLY, 0600)) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: cannot open/create: %s", __func__, lockfile);
goto done;
}
while (flock(lockfd, LOCK_EX|LOCK_NB) < 0) {
while (flock(lockfd, LOCK_EX|LOCK_NB) == -1) {
if (errno != EWOULDBLOCK) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: cannot lock: %s", __func__, lockfile);
@ -613,7 +613,7 @@ sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr)
PRINT("%s: ENCRYPT FAILED: %d", __func__, ret);
goto done;
}
if ((fd = open(nstatefile, O_CREAT|O_WRONLY|O_EXCL, 0600)) < 0) {
if ((fd = open(nstatefile, O_CREAT|O_WRONLY|O_EXCL, 0600)) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: open new state file: %s", __func__, nstatefile);
goto done;
@ -632,13 +632,13 @@ sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr)
close(fd);
goto done;
}
if (fsync(fd) < 0) {
if (fsync(fd) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: sync new state file: %s", __func__, nstatefile);
close(fd);
goto done;
}
if (close(fd) < 0) {
if (close(fd) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: close new state file: %s", __func__, nstatefile);
goto done;
@ -652,7 +652,7 @@ sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr)
goto done;
}
}
if (rename(nstatefile, statefile) < 0) {
if (rename(nstatefile, statefile) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: rename %s to %s", __func__, nstatefile, statefile);
goto done;

2
sshlogin.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: sshlogin.c,v 1.33 2018/07/09 21:26:02 markus Exp $ */
/* $OpenBSD: sshlogin.c,v 1.34 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland

18
sshpty.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: sshpty.c,v 1.31 2016/11/29 03:54:50 dtucker Exp $ */
/* $OpenBSD: sshpty.c,v 1.32 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -68,7 +68,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)
int i;
i = openpty(ptyfd, ttyfd, NULL, NULL, NULL);
if (i < 0) {
if (i == -1) {
error("openpty: %.100s", strerror(errno));
return 0;
}
@ -86,9 +86,9 @@ void
pty_release(const char *tty)
{
#if !defined(__APPLE_PRIVPTY__) && !defined(HAVE_OPENPTY)
if (chown(tty, (uid_t) 0, (gid_t) 0) < 0)
if (chown(tty, (uid_t) 0, (gid_t) 0) == -1)
error("chown %.100s 0 0 failed: %.100s", tty, strerror(errno));
if (chmod(tty, (mode_t) 0666) < 0)
if (chmod(tty, (mode_t) 0666) == -1)
error("chmod %.100s 0666 failed: %.100s", tty, strerror(errno));
#endif /* !__APPLE_PRIVPTY__ && !HAVE_OPENPTY */
}
@ -108,7 +108,7 @@ pty_make_controlling_tty(int *ttyfd, const char *tty)
close(fd);
}
#endif /* TIOCNOTTY */
if (setsid() < 0)
if (setsid() == -1)
error("setsid: %.100s", strerror(errno));
/*
@ -131,14 +131,14 @@ pty_make_controlling_tty(int *ttyfd, const char *tty)
error("SETPGRP %s",strerror(errno));
#endif /* NEED_SETPGRP */
fd = open(tty, O_RDWR);
if (fd < 0)
if (fd == -1)
error("%.100s: %.100s", tty, strerror(errno));
else
close(fd);
/* Verify that we now have a controlling tty. */
fd = open(_PATH_TTY, O_WRONLY);
if (fd < 0)
if (fd == -1)
error("open /dev/tty failed - could not set controlling tty: %.100s",
strerror(errno));
else
@ -188,7 +188,7 @@ pty_setowner(struct passwd *pw, const char *tty)
#endif
if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
if (chown(tty, pw->pw_uid, gid) < 0) {
if (chown(tty, pw->pw_uid, gid) == -1) {
if (errno == EROFS &&
(st.st_uid == pw->pw_uid || st.st_uid == 0))
debug("chown(%.100s, %u, %u) failed: %.100s",
@ -202,7 +202,7 @@ pty_setowner(struct passwd *pw, const char *tty)
}
if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) {
if (chmod(tty, mode) < 0) {
if (chmod(tty, mode) == -1) {
if (errno == EROFS &&
(st.st_mode & (S_IRGRP | S_IROTH)) == 0)
debug("chmod(%.100s, 0%o) failed: %.100s",

32
uidswap.c
Просмотреть файл

@ -1,4 +1,4 @@
/* $OpenBSD: uidswap.c,v 1.41 2018/07/18 11:34:04 dtucker Exp $ */
/* $OpenBSD: uidswap.c,v 1.42 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -84,12 +84,12 @@ temporarily_use_uid(struct passwd *pw)
temporarily_use_uid_effective = 1;
saved_egroupslen = getgroups(0, NULL);
if (saved_egroupslen < 0)
if (saved_egroupslen == -1)
fatal("getgroups: %.100s", strerror(errno));
if (saved_egroupslen > 0) {
saved_egroups = xreallocarray(saved_egroups,
saved_egroupslen, sizeof(gid_t));
if (getgroups(saved_egroupslen, saved_egroups) < 0)
if (getgroups(saved_egroupslen, saved_egroups) == -1)
fatal("getgroups: %.100s", strerror(errno));
} else { /* saved_egroupslen == 0 */
free(saved_egroups);
@ -98,17 +98,17 @@ temporarily_use_uid(struct passwd *pw)
/* set and save the user's groups */
if (user_groupslen == -1 || user_groups_uid != pw->pw_uid) {
if (initgroups(pw->pw_name, pw->pw_gid) < 0)
if (initgroups(pw->pw_name, pw->pw_gid) == -1)
fatal("initgroups: %s: %.100s", pw->pw_name,
strerror(errno));
user_groupslen = getgroups(0, NULL);
if (user_groupslen < 0)
if (user_groupslen == -1)
fatal("getgroups: %.100s", strerror(errno));
if (user_groupslen > 0) {
user_groups = xreallocarray(user_groups,
user_groupslen, sizeof(gid_t));
if (getgroups(user_groupslen, user_groups) < 0)
if (getgroups(user_groupslen, user_groups) == -1)
fatal("getgroups: %.100s", strerror(errno));
} else { /* user_groupslen == 0 */
free(user_groups);
@ -117,17 +117,17 @@ temporarily_use_uid(struct passwd *pw)
user_groups_uid = pw->pw_uid;
}
/* Set the effective uid to the given (unprivileged) uid. */
if (setgroups(user_groupslen, user_groups) < 0)
if (setgroups(user_groupslen, user_groups) == -1)
fatal("setgroups: %.100s", strerror(errno));
#ifndef SAVED_IDS_WORK_WITH_SETEUID
/* Propagate the privileged gid to all of our gids. */
if (setgid(getegid()) < 0)
if (setgid(getegid()) == -1)
debug("setgid %u: %.100s", (u_int) getegid(), strerror(errno));
/* Propagate the privileged uid to all of our uids. */
if (setuid(geteuid()) < 0)
if (setuid(geteuid()) == -1)
debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno));
#endif /* SAVED_IDS_WORK_WITH_SETEUID */
if (setegid(pw->pw_gid) < 0)
if (setegid(pw->pw_gid) == -1)
fatal("setegid %u: %.100s", (u_int)pw->pw_gid,
strerror(errno));
if (seteuid(pw->pw_uid) == -1)
@ -152,9 +152,9 @@ restore_uid(void)
#ifdef SAVED_IDS_WORK_WITH_SETEUID
debug("restore_uid: %u/%u", (u_int)saved_euid, (u_int)saved_egid);
/* Set the effective uid back to the saved privileged uid. */
if (seteuid(saved_euid) < 0)
if (seteuid(saved_euid) == -1)
fatal("seteuid %u: %.100s", (u_int)saved_euid, strerror(errno));
if (setegid(saved_egid) < 0)
if (setegid(saved_egid) == -1)
fatal("setegid %u: %.100s", (u_int)saved_egid, strerror(errno));
#else /* SAVED_IDS_WORK_WITH_SETEUID */
/*
@ -166,7 +166,7 @@ restore_uid(void)
setgid(getgid());
#endif /* SAVED_IDS_WORK_WITH_SETEUID */
if (setgroups(saved_egroupslen, saved_egroups) < 0)
if (setgroups(saved_egroupslen, saved_egroups) == -1)
fatal("setgroups: %.100s", strerror(errno));
temporarily_use_uid_effective = 0;
}
@ -190,7 +190,7 @@ permanently_set_uid(struct passwd *pw)
debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid,
(u_int)pw->pw_gid);
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0)
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1)
fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
#ifdef __APPLE__
@ -198,12 +198,12 @@ permanently_set_uid(struct passwd *pw)
* OS X requires initgroups after setgid to opt back into
* memberd support for >16 supplemental groups.
*/
if (initgroups(pw->pw_name, pw->pw_gid) < 0)
if (initgroups(pw->pw_name, pw->pw_gid) == -1)
fatal("initgroups %.100s %u: %.100s",
pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
#endif
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0)
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
#ifndef NO_UID_RESTORATION_TEST