diff options
| -rw-r--r-- | CHANGES | 19 | ||||
| -rw-r--r-- | cli-kex.c | 2 | ||||
| -rw-r--r-- | cli-session.c | 7 | ||||
| -rw-r--r-- | loginrec.c | 15 | ||||
| -rw-r--r-- | loginrec.h | 4 | ||||
| -rw-r--r-- | signkey.c | 2 | ||||
| -rw-r--r-- | svr-kex.c | 2 | ||||
| -rw-r--r-- | svr-x11fwd.c | 2 |
8 files changed, 27 insertions, 26 deletions
@@ -1,3 +1,22 @@ +- Fix crash when fallback initshells() is used, reported by Michael Nowak and Mike Tzou + +- Support syslog in dbclient, option -o usesyslog=yes. Patch from Konstantin Tokarev + +- Kill a proxycommand when dbclient exits, patch from Konstantin Tokarev + +- Option to exit when a TCP forward fails, patch from Konstantin Tokarev + +- New "-o" option parsing from Konstantin Tokarev. This allows handling some extra options + in the style of OpenSSH, though implementing all OpenSSH options is not planned. + +- Various cleanups for issues found by a lint tool, patch from Francois Perrad + +- Allow specifying commands eg "dropbearmulti dbclient ..." instead of symlinks + +- Fix tab indent consistency, patch from Francois Perrad + +- Fix issues found by cppcheck, reported by Mike Tzou + 2016.72 - 9 March 2016 - Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions, @@ -186,7 +186,7 @@ static void ask_to_confirm(unsigned char* keyblob, unsigned int keybloblen, char* fp = NULL; FILE *tty = NULL; - char response = 'z'; + int response = 'z'; fp = sign_key_fingerprint(keyblob, keybloblen); if (cli_opts.always_accept_key) { diff --git a/cli-session.c b/cli-session.c index 60f5518..15a2188 100644 --- a/cli-session.c +++ b/cli-session.c @@ -361,9 +361,10 @@ static void cli_session_cleanup(void) { /* Set std{in,out,err} back to non-blocking - busybox ash dies nastily if * we don't revert the flags */ - fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags); - fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags); - fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags); + /* Ignore return value since there's nothing we can do */ + (void)fcntl(cli_ses.stdincopy, F_SETFL, cli_ses.stdinflags); + (void)fcntl(cli_ses.stdoutcopy, F_SETFL, cli_ses.stdoutflags); + (void)fcntl(cli_ses.stderrcopy, F_SETFL, cli_ses.stderrflags); cli_tty_cleanup(); @@ -305,21 +305,6 @@ login_set_current_time(struct logininfo *li) li->tv_usec = tv.tv_usec; } -/* copy a sockaddr_* into our logininfo */ -void -login_set_addr(struct logininfo *li, const struct sockaddr *sa, - const unsigned int sa_size) -{ - unsigned int bufsize = sa_size; - - /* make sure we don't overrun our union */ - if (sizeof(li->hostaddr) < sa_size) - bufsize = sizeof(li->hostaddr); - - memcpy((void *)&(li->hostaddr.sa), (const void *)sa, bufsize); -} - - /** ** login_write: Call low-level recording functions based on autoconf ** results @@ -173,10 +173,6 @@ int login_utmp_only(struct logininfo *li); int login_write (struct logininfo *li); int login_log_entry(struct logininfo *li); -/* set the network address based on network address type */ -void login_set_addr(struct logininfo *li, const struct sockaddr *sa, - const unsigned int sa_size); - /* produce various forms of the line filename */ char *line_fullname(char *dst, const char *src, size_t dstsize); char *line_stripname(char *dst, const char *src, size_t dstsize); @@ -93,7 +93,7 @@ enum signkey_type signkey_type_from_name(const char* name, unsigned int namelen) } #endif - return i; + return (enum signkey_type)i; } } @@ -138,7 +138,7 @@ static void svr_ensure_hostkey() { break; #endif default: - (void)0; + dropbear_assert(0); } if (readhostkey(fn, svr_opts.hostkey, &type) == DROPBEAR_SUCCESS) { diff --git a/svr-x11fwd.c b/svr-x11fwd.c index 2af4141..cf213e8 100644 --- a/svr-x11fwd.c +++ b/svr-x11fwd.c @@ -119,7 +119,7 @@ fail: /* cleanup */ m_free(chansess->x11authprot); m_free(chansess->x11authcookie); - close(fd); + m_close(fd); return DROPBEAR_FAILURE; } |