diff --git a/lib/libcrypto/chacha/chacha-merged.c b/lib/libcrypto/chacha/chacha-merged.c index b405af84e..3e17b9354 100644 --- a/lib/libcrypto/chacha/chacha-merged.c +++ b/lib/libcrypto/chacha/chacha-merged.c @@ -1,4 +1,4 @@ -/* $OpenBSD: chacha-merged.c,v 1.11 2023/07/07 19:37:53 beck Exp $ */ +/* $OpenBSD: chacha-merged.c,v 1.12 2024/06/01 17:56:44 tb Exp $ */ /* chacha-merged.c version 20080118 D. J. Bernstein @@ -7,6 +7,10 @@ Public domain. #include +#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) +#define __bounded__(x, y, z) +#endif + #define CHACHA_MINKEYLEN 16 #define CHACHA_NONCELEN 8 #define CHACHA_CTRLEN 8 diff --git a/lib/libcrypto/hmac/hmac.c b/lib/libcrypto/hmac/hmac.c index 7c882ba15..1315b1a0d 100644 --- a/lib/libcrypto/hmac/hmac.c +++ b/lib/libcrypto/hmac/hmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac.c,v 1.34 2024/03/30 10:10:58 tb Exp $ */ +/* $OpenBSD: hmac.c,v 1.35 2024/06/01 07:36:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -263,11 +263,8 @@ HMAC(const EVP_MD *evp_md, const void *key, int key_len, const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len) { HMAC_CTX c; - static unsigned char m[EVP_MAX_MD_SIZE]; const unsigned char dummy_key[1] = { 0 }; - if (md == NULL) - md = m; if (key == NULL) { key = dummy_key; key_len = 0; diff --git a/lib/libcrypto/hmac/hmac.h b/lib/libcrypto/hmac/hmac.h index 1ce365294..abdd19450 100644 --- a/lib/libcrypto/hmac/hmac.h +++ b/lib/libcrypto/hmac/hmac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac.h,v 1.17 2023/04/25 15:48:48 tb Exp $ */ +/* $OpenBSD: hmac.h,v 1.18 2024/06/01 07:36:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -85,7 +85,8 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len); int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, - const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len); + const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len) + __attribute__((__nonnull__ (6))); int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx); void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags); diff --git a/lib/libcrypto/man/SHA1.3 b/lib/libcrypto/man/SHA1.3 index 722c10b14..4ccb08157 100644 --- a/lib/libcrypto/man/SHA1.3 +++ b/lib/libcrypto/man/SHA1.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: SHA1.3,v 1.8 2024/05/26 09:54:16 tb Exp $ +.\" $OpenBSD: SHA1.3,v 1.9 2024/06/01 12:35:23 tb Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Ulf Moeller and @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: May 26 2024 $ +.Dd $Mdocdate: June 1 2024 $ .Dt SHA1 3 .Os .Sh NAME @@ -237,9 +237,6 @@ bytes. Applications should use the higher level functions .Xr EVP_DigestInit 3 etc. instead of calling the hash functions directly. -.Pp -The predecessor of SHA-1, SHA, is also implemented, but it should be -used only when backward compatibility is required. .Sh RETURN VALUES .Fn SHA1 , .Fn SHA224 , @@ -254,9 +251,13 @@ The other functions return 1 for success or 0 otherwise. .Xr HMAC 3 , .Xr RIPEMD160 3 .Sh STANDARDS -SHA: US Federal Information Processing Standard FIPS PUB 180 (Secure -Hash Standard), SHA-1: US Federal Information Processing Standard FIPS -PUB 180-1 (Secure Hash Standard), ANSI X9.30 +.Rs +.%T Secure Hash Standard (SHS) +.%R NIST FIPS Publication +.%N 180-4 +.%U https://doi.org/10.6028/NIST.FIPS.180-4 +.%D 2015 +.Re .Sh HISTORY .Fn SHA1 , .Fn SHA1_Init , diff --git a/lib/libcrypto/md4/md4.c b/lib/libcrypto/md4/md4.c index 42c5b2142..9cf1ff953 100644 --- a/lib/libcrypto/md4/md4.c +++ b/lib/libcrypto/md4/md4.c @@ -1,4 +1,4 @@ -/* $OpenBSD: md4.c,v 1.17 2024/03/28 08:00:07 jsing Exp $ */ +/* $OpenBSD: md4.c,v 1.18 2024/06/01 07:36:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -336,10 +336,7 @@ unsigned char * MD4(const unsigned char *d, size_t n, unsigned char *md) { MD4_CTX c; - static unsigned char m[MD4_DIGEST_LENGTH]; - if (md == NULL) - md = m; if (!MD4_Init(&c)) return NULL; MD4_Update(&c, d, n); diff --git a/lib/libcrypto/md4/md4.h b/lib/libcrypto/md4/md4.h index cb4f3cb6e..2d0169e71 100644 --- a/lib/libcrypto/md4/md4.h +++ b/lib/libcrypto/md4/md4.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md4.h,v 1.17 2023/07/08 06:47:26 jsing Exp $ */ +/* $OpenBSD: md4.h,v 1.21 2024/06/01 18:42:49 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -61,6 +61,10 @@ #ifndef HEADER_MD4_H #define HEADER_MD4_H +#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) +#define __bounded__(x, y, z) +#endif + #include #ifdef __cplusplus @@ -91,9 +95,12 @@ typedef struct MD4state_st { } MD4_CTX; int MD4_Init(MD4_CTX *c); -int MD4_Update(MD4_CTX *c, const void *data, size_t len); +int MD4_Update(MD4_CTX *c, const void *data, size_t len) + __attribute__ ((__bounded__(__buffer__, 2, 3))); int MD4_Final(unsigned char *md, MD4_CTX *c); -unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md); +unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md) + __attribute__ ((__bounded__(__buffer__, 1, 2))) + __attribute__ ((__nonnull__(3))); void MD4_Transform(MD4_CTX *c, const unsigned char *b); #ifdef __cplusplus } diff --git a/lib/libcrypto/md5/md5.c b/lib/libcrypto/md5/md5.c index 35d1ac914..744c66f00 100644 --- a/lib/libcrypto/md5/md5.c +++ b/lib/libcrypto/md5/md5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: md5.c,v 1.22 2024/03/28 08:00:08 jsing Exp $ */ +/* $OpenBSD: md5.c,v 1.23 2024/06/01 07:36:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -371,10 +371,7 @@ unsigned char * MD5(const unsigned char *d, size_t n, unsigned char *md) { MD5_CTX c; - static unsigned char m[MD5_DIGEST_LENGTH]; - if (md == NULL) - md = m; if (!MD5_Init(&c)) return NULL; MD5_Update(&c, d, n); diff --git a/lib/libcrypto/md5/md5.h b/lib/libcrypto/md5/md5.h index d248c93a8..a3529f486 100644 --- a/lib/libcrypto/md5/md5.h +++ b/lib/libcrypto/md5/md5.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md5.h,v 1.21 2023/07/08 06:50:38 jsing Exp $ */ +/* $OpenBSD: md5.h,v 1.23 2024/06/01 07:44:11 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -98,7 +98,8 @@ int MD5_Update(MD5_CTX *c, const void *data, size_t len) __attribute__ ((__bounded__(__buffer__, 2, 3))); int MD5_Final(unsigned char *md, MD5_CTX *c); unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))); + __attribute__ ((__bounded__(__buffer__, 1, 2))) + __attribute__ ((__nonnull__(3))); void MD5_Transform(MD5_CTX *c, const unsigned char *b); #ifdef __cplusplus } diff --git a/lib/libcrypto/ripemd/ripemd.c b/lib/libcrypto/ripemd/ripemd.c index b2d798c49..08fa208dc 100644 --- a/lib/libcrypto/ripemd/ripemd.c +++ b/lib/libcrypto/ripemd/ripemd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ripemd.c,v 1.18 2024/03/28 23:54:15 joshua Exp $ */ +/* $OpenBSD: ripemd.c,v 1.19 2024/06/01 07:36:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -483,14 +483,10 @@ RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c) LCRYPTO_ALIAS(RIPEMD160_Final); unsigned char * -RIPEMD160(const unsigned char *d, size_t n, - unsigned char *md) +RIPEMD160(const unsigned char *d, size_t n, unsigned char *md) { RIPEMD160_CTX c; - static unsigned char m[RIPEMD160_DIGEST_LENGTH]; - if (md == NULL) - md = m; if (!RIPEMD160_Init(&c)) return NULL; RIPEMD160_Update(&c, d, n); diff --git a/lib/libcrypto/ripemd/ripemd.h b/lib/libcrypto/ripemd/ripemd.h index 03ba781c4..83f7b36bc 100644 --- a/lib/libcrypto/ripemd/ripemd.h +++ b/lib/libcrypto/ripemd/ripemd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ripemd.h,v 1.15 2023/07/08 06:52:56 jsing Exp $ */ +/* $OpenBSD: ripemd.h,v 1.19 2024/06/01 18:42:49 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -61,6 +61,10 @@ #ifndef HEADER_RIPEMD_H #define HEADER_RIPEMD_H +#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) +#define __bounded__(x, y, z) +#endif + #include #ifdef __cplusplus @@ -92,10 +96,13 @@ typedef struct RIPEMD160state_st { } RIPEMD160_CTX; int RIPEMD160_Init(RIPEMD160_CTX *c); -int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); +int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len) + __attribute__ ((__bounded__(__buffer__, 2, 3))); int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); unsigned char *RIPEMD160(const unsigned char *d, size_t n, - unsigned char *md); + unsigned char *md) + __attribute__ ((__bounded__(__buffer__, 1, 2))) + __attribute__ ((__nonnull__(3))); void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b); #ifdef __cplusplus } diff --git a/lib/libcrypto/sha/sha.h b/lib/libcrypto/sha/sha.h index e1de79f4f..cef2d7f49 100644 --- a/lib/libcrypto/sha/sha.h +++ b/lib/libcrypto/sha/sha.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sha.h,v 1.22 2023/07/08 07:08:11 jsing Exp $ */ +/* $OpenBSD: sha.h,v 1.25 2024/06/01 08:11:44 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -102,7 +102,8 @@ int SHA1_Update(SHA_CTX *c, const void *data, size_t len) __attribute__ ((__bounded__(__buffer__, 2, 3))); int SHA1_Final(unsigned char *md, SHA_CTX *c); unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))); + __attribute__ ((__bounded__(__buffer__, 1, 2))) + __attribute__ ((__nonnull__(3))); void SHA1_Transform(SHA_CTX *c, const unsigned char *data); #endif @@ -125,13 +126,15 @@ int SHA224_Update(SHA256_CTX *c, const void *data, size_t len) __attribute__ ((__bounded__(__buffer__, 2, 3))); int SHA224_Final(unsigned char *md, SHA256_CTX *c); unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))); + __attribute__ ((__bounded__(__buffer__, 1, 2))) + __attribute__ ((__nonnull__(3))); int SHA256_Init(SHA256_CTX *c); int SHA256_Update(SHA256_CTX *c, const void *data, size_t len) __attribute__ ((__bounded__(__buffer__, 2, 3))); int SHA256_Final(unsigned char *md, SHA256_CTX *c); unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))); + __attribute__ ((__bounded__(__buffer__, 1, 2))) + __attribute__ ((__nonnull__(3))); void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); #endif @@ -172,13 +175,15 @@ int SHA384_Update(SHA512_CTX *c, const void *data, size_t len) __attribute__ ((__bounded__(__buffer__, 2, 3))); int SHA384_Final(unsigned char *md, SHA512_CTX *c); unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))); + __attribute__ ((__bounded__(__buffer__, 1, 2))) + __attribute__ ((__nonnull__(3))); int SHA512_Init(SHA512_CTX *c); int SHA512_Update(SHA512_CTX *c, const void *data, size_t len) __attribute__ ((__bounded__(__buffer__, 2, 3))); int SHA512_Final(unsigned char *md, SHA512_CTX *c); unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))); + __attribute__ ((__bounded__(__buffer__, 1, 2))) + __attribute__ ((__nonnull__(3))); void SHA512_Transform(SHA512_CTX *c, const unsigned char *data); #endif diff --git a/lib/libcrypto/sha/sha1.c b/lib/libcrypto/sha/sha1.c index 32007d5d5..52338812d 100644 --- a/lib/libcrypto/sha/sha1.c +++ b/lib/libcrypto/sha/sha1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha1.c,v 1.14 2024/03/28 07:06:12 jsing Exp $ */ +/* $OpenBSD: sha1.c,v 1.15 2024/06/01 07:36:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -496,10 +496,6 @@ unsigned char * SHA1(const unsigned char *d, size_t n, unsigned char *md) { SHA_CTX c; - static unsigned char m[SHA_DIGEST_LENGTH]; - - if (md == NULL) - md = m; if (!SHA1_Init(&c)) return NULL; diff --git a/lib/libcrypto/sha/sha256.c b/lib/libcrypto/sha/sha256.c index d18e8d219..ab00c1787 100644 --- a/lib/libcrypto/sha/sha256.c +++ b/lib/libcrypto/sha/sha256.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha256.c,v 1.31 2024/03/28 04:23:02 jsing Exp $ */ +/* $OpenBSD: sha256.c,v 1.32 2024/06/01 07:36:16 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. * @@ -317,10 +317,6 @@ unsigned char * SHA224(const unsigned char *d, size_t n, unsigned char *md) { SHA256_CTX c; - static unsigned char m[SHA224_DIGEST_LENGTH]; - - if (md == NULL) - md = m; SHA224_Init(&c); SHA256_Update(&c, d, n); @@ -479,10 +475,6 @@ unsigned char * SHA256(const unsigned char *d, size_t n, unsigned char *md) { SHA256_CTX c; - static unsigned char m[SHA256_DIGEST_LENGTH]; - - if (md == NULL) - md = m; SHA256_Init(&c); SHA256_Update(&c, d, n); diff --git a/lib/libcrypto/sha/sha512.c b/lib/libcrypto/sha/sha512.c index 360a5c29f..7a2a40d3d 100644 --- a/lib/libcrypto/sha/sha512.c +++ b/lib/libcrypto/sha/sha512.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha512.c,v 1.41 2023/07/08 12:24:10 beck Exp $ */ +/* $OpenBSD: sha512.c,v 1.42 2024/06/01 07:36:16 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. * @@ -345,10 +345,6 @@ unsigned char * SHA384(const unsigned char *d, size_t n, unsigned char *md) { SHA512_CTX c; - static unsigned char m[SHA384_DIGEST_LENGTH]; - - if (md == NULL) - md = m; SHA384_Init(&c); SHA512_Update(&c, d, n); @@ -498,10 +494,6 @@ unsigned char * SHA512(const unsigned char *d, size_t n, unsigned char *md) { SHA512_CTX c; - static unsigned char m[SHA512_DIGEST_LENGTH]; - - if (md == NULL) - md = m; SHA512_Init(&c); SHA512_Update(&c, d, n); diff --git a/lib/libcrypto/whrlpool/whirlpool.c b/lib/libcrypto/whrlpool/whirlpool.c index e1e0f7a89..80e147c3b 100644 --- a/lib/libcrypto/whrlpool/whirlpool.c +++ b/lib/libcrypto/whrlpool/whirlpool.c @@ -1,4 +1,4 @@ -/* $OpenBSD: whirlpool.c,v 1.2 2024/03/30 03:45:47 joshua Exp $ */ +/* $OpenBSD: whirlpool.c,v 1.3 2024/06/01 07:36:17 tb Exp $ */ /** * The Whirlpool hashing function. * @@ -846,10 +846,7 @@ unsigned char * WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md) { WHIRLPOOL_CTX ctx; - static unsigned char m[WHIRLPOOL_DIGEST_LENGTH]; - if (md == NULL) - md = m; WHIRLPOOL_Init(&ctx); WHIRLPOOL_Update(&ctx, inp, bytes); WHIRLPOOL_Final(md, &ctx); diff --git a/lib/libcrypto/whrlpool/whrlpool.h b/lib/libcrypto/whrlpool/whrlpool.h index 875d34f7d..d8e7eef14 100644 --- a/lib/libcrypto/whrlpool/whrlpool.h +++ b/lib/libcrypto/whrlpool/whrlpool.h @@ -1,10 +1,14 @@ -/* $OpenBSD: whrlpool.h,v 1.5 2014/07/10 22:45:58 jsing Exp $ */ +/* $OpenBSD: whrlpool.h,v 1.8 2024/06/01 17:56:44 tb Exp $ */ #include #ifndef HEADER_WHRLPOOL_H #define HEADER_WHRLPOOL_H +#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) +#define __bounded__(x, y, z) +#endif + #include #ifdef __cplusplus @@ -28,10 +32,13 @@ typedef struct { #ifndef OPENSSL_NO_WHIRLPOOL int WHIRLPOOL_Init (WHIRLPOOL_CTX *c); -int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes); +int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes) + __attribute__ ((__bounded__(__buffer__, 2, 3))); void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits); int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c); -unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md); +unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md) + __attribute__ ((__bounded__(__buffer__, 1, 2))) + __attribute__ ((__nonnull__(3))); #endif #ifdef __cplusplus diff --git a/usr.bin/sndiod/dev.c b/usr.bin/sndiod/dev.c index bd2489354..47d13152e 100644 --- a/usr.bin/sndiod/dev.c +++ b/usr.bin/sndiod/dev.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dev.c,v 1.116 2024/05/24 15:21:35 ratchov Exp $ */ +/* $OpenBSD: dev.c,v 1.117 2024/06/01 09:44:10 ratchov Exp $ */ /* * Copyright (c) 2008-2012 Alexandre Ratchov * @@ -1054,8 +1054,6 @@ dev_allocbufs(struct dev *d) int dev_open(struct dev *d) { - struct opt *o; - d->mode = d->reqmode; d->round = d->reqround; d->bufsz = d->reqbufsz; @@ -1078,18 +1076,6 @@ dev_open(struct dev *d) return 0; d->pstate = DEV_INIT; - - /* add server.device if device is opened after opt_ref() call */ - for (o = opt_list; o != NULL; o = o->next) { - if (o->refcnt > 0 && !ctl_find(CTL_OPT_DEV, o, d)) { - ctl_new(CTL_OPT_DEV, o, d, - CTL_SEL, dev_getdisplay(d), - o->name, "server", -1, "device", - d->name, -1, 1, o->dev == d); - d->refcnt++; - } - } - return 1; } @@ -1164,14 +1150,6 @@ dev_freebufs(struct dev *d) void dev_close(struct dev *d) { - struct opt *o; - - /* remove server.device entries */ - for (o = opt_list; o != NULL; o = o->next) { - if (ctl_del(CTL_OPT_DEV, o, d)) - d->refcnt--; - } - d->pstate = DEV_CFG; dev_sio_close(d); dev_freebufs(d); diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index c14f5966e..d310779be 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.604 2024/05/31 09:01:08 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.605 2024/06/01 07:03:37 djm Exp $ */ /* * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 2002 Niels Provos. All rights reserved. @@ -858,7 +858,7 @@ main(int ac, char **av) char *config_file_name = _PATH_SERVER_CONFIG_FILE; int r, opt, do_dump_cfg = 0, keytype, already_daemon, have_agent = 0; int sock_in = -1, sock_out = -1, newsock = -1, rexec_argc = 0; - int config_s[2] = { -1 , -1 }, have_connection_info = 0; + int devnull, config_s[2] = { -1 , -1 }, have_connection_info = 0; char *fp, *line, *logfile = NULL, **rexec_argv = NULL; struct stat sb; u_int i, j; @@ -999,7 +999,16 @@ main(int ac, char **av) } if (!test_flag && !do_dump_cfg && !path_absolute(av[0])) fatal("sshd requires execution with an absolute path"); - closefrom(REEXEC_DEVCRYPTO_RESERVED_FD); + + closefrom(STDERR_FILENO + 1); + + /* Reserve fds we'll need later for reexec things */ + if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) + fatal("open %s: %s", _PATH_DEVNULL, strerror(errno)); + while (devnull < REEXEC_MIN_FREE_FD) { + if ((devnull = dup(devnull)) == -1) + fatal("dup %s: %s", _PATH_DEVNULL, strerror(errno)); + } #ifdef WITH_OPENSSL OpenSSL_add_all_algorithms(); @@ -1368,22 +1377,25 @@ main(int ac, char **av) sock_in, sock_out, newsock, startup_pipe, config_s[0], config_s[1]); if (!inetd_flag) { if (dup2(newsock, STDIN_FILENO) == -1) - debug3("dup2 stdin: %s", strerror(errno)); + fatal("dup2 stdin: %s", strerror(errno)); if (dup2(STDIN_FILENO, STDOUT_FILENO) == -1) - debug3("dup2 stdout: %s", strerror(errno)); + fatal("dup2 stdout: %s", strerror(errno)); + if (newsock > STDOUT_FILENO) + close(newsock); } if (config_s[1] != REEXEC_CONFIG_PASS_FD) { if (dup2(config_s[1], REEXEC_CONFIG_PASS_FD) == -1) - debug3("dup2 config_s: %s", strerror(errno)); + fatal("dup2 config_s: %s", strerror(errno)); close(config_s[1]); } if (startup_pipe == -1) close(REEXEC_STARTUP_PIPE_FD); else if (startup_pipe != REEXEC_STARTUP_PIPE_FD) { if (dup2(startup_pipe, REEXEC_STARTUP_PIPE_FD) == -1) - debug3("dup2 startup_p: %s", strerror(errno)); + fatal("dup2 startup_p: %s", strerror(errno)); close(startup_pipe); } + closefrom(REEXEC_MIN_FREE_FD); ssh_signal(SIGHUP, SIG_IGN); /* avoid reset to SIG_DFL */ execv(rexec_argv[0], rexec_argv);