431 lines
11 KiB
Diff
431 lines
11 KiB
Diff
|
--- pam_ssh_agent_auth-0.9.3.orig/authfd.c 2013-10-30 17:14:26.013615342 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/authfd.c 2013-10-30 17:15:07.353327799 +0100
|
||
|
@@ -260,7 +260,7 @@
|
||
|
{
|
||
|
buffer_free(&auth->identities);
|
||
|
close(auth->fd);
|
||
|
- xfree(auth);
|
||
|
+ free(auth);
|
||
|
}
|
||
|
|
||
|
/* Lock/unlock agent */
|
||
|
@@ -379,7 +379,7 @@
|
||
|
blob = buffer_get_string(&auth->identities, &blen);
|
||
|
*comment = buffer_get_string(&auth->identities, NULL);
|
||
|
key = key_from_blob(blob, blen);
|
||
|
- xfree(blob);
|
||
|
+ free(blob);
|
||
|
break;
|
||
|
default:
|
||
|
return NULL;
|
||
|
@@ -472,7 +472,7 @@
|
||
|
buffer_put_string(&msg, blob, blen);
|
||
|
buffer_put_string(&msg, data, datalen);
|
||
|
buffer_put_int(&msg, flags);
|
||
|
- xfree(blob);
|
||
|
+ free(blob);
|
||
|
|
||
|
if (ssh_request_reply(auth, &msg, &msg) == 0) {
|
||
|
buffer_free(&msg);
|
||
|
@@ -612,7 +612,7 @@
|
||
|
key_to_blob(key, &blob, &blen);
|
||
|
buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY);
|
||
|
buffer_put_string(&msg, blob, blen);
|
||
|
- xfree(blob);
|
||
|
+ free(blob);
|
||
|
} else {
|
||
|
buffer_free(&msg);
|
||
|
return 0;
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/bufaux.c 2013-10-30 17:14:26.014615310 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/bufaux.c 2013-10-30 17:15:07.354327768 +0100
|
||
|
@@ -176,7 +176,7 @@
|
||
|
/* Get the string. */
|
||
|
if (buffer_get_ret(buffer, value, len) == -1) {
|
||
|
logerror("buffer_get_string_ret: buffer_get failed");
|
||
|
- xfree(value);
|
||
|
+ free(value);
|
||
|
return (NULL);
|
||
|
}
|
||
|
/* Append a null character to make processing easier. */
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/bufbn.c 2013-10-30 17:14:26.014615310 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/bufbn.c 2013-10-30 17:15:07.354327768 +0100
|
||
|
@@ -69,7 +69,7 @@
|
||
|
if (oi != bin_size) {
|
||
|
logerror("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d",
|
||
|
oi, bin_size);
|
||
|
- xfree(buf);
|
||
|
+ free(buf);
|
||
|
return (-1);
|
||
|
}
|
||
|
|
||
|
@@ -80,7 +80,7 @@
|
||
|
buffer_append(buffer, buf, oi);
|
||
|
|
||
|
memset(buf, 0, bin_size);
|
||
|
- xfree(buf);
|
||
|
+ free(buf);
|
||
|
|
||
|
return (0);
|
||
|
}
|
||
|
@@ -167,13 +167,13 @@
|
||
|
if (oi < 0 || (u_int)oi != bytes - 1) {
|
||
|
logerror("buffer_put_bignum2_ret: BN_bn2bin() failed: "
|
||
|
"oi %d != bin_size %d", oi, bytes);
|
||
|
- xfree(buf);
|
||
|
+ free(buf);
|
||
|
return (-1);
|
||
|
}
|
||
|
hasnohigh = (buf[1] & 0x80) ? 0 : 1;
|
||
|
buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh);
|
||
|
memset(buf, 0, bytes);
|
||
|
- xfree(buf);
|
||
|
+ free(buf);
|
||
|
return (0);
|
||
|
}
|
||
|
|
||
|
@@ -197,21 +197,21 @@
|
||
|
|
||
|
if (len > 0 && (bin[0] & 0x80)) {
|
||
|
logerror("buffer_get_bignum2_ret: negative numbers not supported");
|
||
|
- xfree(bin);
|
||
|
+ free(bin);
|
||
|
return (-1);
|
||
|
}
|
||
|
if (len > 8 * 1024) {
|
||
|
logerror("buffer_get_bignum2_ret: cannot handle BN of size %d",
|
||
|
len);
|
||
|
- xfree(bin);
|
||
|
+ free(bin);
|
||
|
return (-1);
|
||
|
}
|
||
|
if (BN_bin2bn(bin, len, value) == NULL) {
|
||
|
logerror("buffer_get_bignum2_ret: BN_bin2bn failed");
|
||
|
- xfree(bin);
|
||
|
+ free(bin);
|
||
|
return (-1);
|
||
|
}
|
||
|
- xfree(bin);
|
||
|
+ free(bin);
|
||
|
return (0);
|
||
|
}
|
||
|
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/buffer.c 2013-10-30 17:14:26.014615310 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/buffer.c 2013-10-30 17:15:07.355327737 +0100
|
||
|
@@ -50,7 +50,7 @@
|
||
|
if (buffer->alloc > 0) {
|
||
|
memset(buffer->buf, 0, buffer->alloc);
|
||
|
buffer->alloc = 0;
|
||
|
- xfree(buffer->buf);
|
||
|
+ free(buffer->buf);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/iterate_ssh_agent_keys.c 2013-10-30 17:14:26.031614782 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/iterate_ssh_agent_keys.c 2013-10-30 17:15:07.357327674 +0100
|
||
|
@@ -197,9 +197,9 @@
|
||
|
if(userauth_pubkey_from_id(id)) {
|
||
|
retval = 1;
|
||
|
}
|
||
|
- xfree(id->filename);
|
||
|
+ free(id->filename);
|
||
|
key_free(id->key);
|
||
|
- xfree(id);
|
||
|
+ free(id);
|
||
|
if(retval == 1)
|
||
|
break;
|
||
|
}
|
||
|
@@ -209,7 +209,7 @@
|
||
|
else {
|
||
|
verbose("No ssh-agent could be contacted");
|
||
|
}
|
||
|
- xfree(session_id2);
|
||
|
+ free(session_id2);
|
||
|
EVP_cleanup();
|
||
|
return retval;
|
||
|
}
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/key.c 2013-10-30 17:14:26.017615218 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/key.c 2013-10-30 17:15:07.358327643 +0100
|
||
|
@@ -154,7 +154,7 @@
|
||
|
fatal("key_free: bad key type %d", k->type);
|
||
|
break;
|
||
|
}
|
||
|
- xfree(k);
|
||
|
+ free(k);
|
||
|
}
|
||
|
|
||
|
int
|
||
|
@@ -229,7 +229,7 @@
|
||
|
EVP_DigestUpdate(&ctx, blob, len);
|
||
|
EVP_DigestFinal(&ctx, retval, dgst_raw_length);
|
||
|
memset(blob, 0, len);
|
||
|
- xfree(blob);
|
||
|
+ free(blob);
|
||
|
} else {
|
||
|
fatal("key_fingerprint_raw: blob is null");
|
||
|
}
|
||
|
@@ -324,7 +324,7 @@
|
||
|
break;
|
||
|
}
|
||
|
memset(dgst_raw, 0, dgst_raw_len);
|
||
|
- xfree(dgst_raw);
|
||
|
+ free(dgst_raw);
|
||
|
return retval;
|
||
|
}
|
||
|
|
||
|
@@ -447,11 +447,11 @@
|
||
|
n = uudecode(cp, blob, len);
|
||
|
if (n < 0) {
|
||
|
logerror("key_read: uudecode %s failed", cp);
|
||
|
- xfree(blob);
|
||
|
+ free(blob);
|
||
|
return -1;
|
||
|
}
|
||
|
k = key_from_blob(blob, (u_int)n);
|
||
|
- xfree(blob);
|
||
|
+ free(blob);
|
||
|
if (k == NULL) {
|
||
|
logerror("key_read: key_from_blob %s failed", cp);
|
||
|
return -1;
|
||
|
@@ -526,8 +526,8 @@
|
||
|
fprintf(f, "%s %s", key_ssh_name(key), uu);
|
||
|
success = 1;
|
||
|
}
|
||
|
- xfree(blob);
|
||
|
- xfree(uu);
|
||
|
+ free(blob);
|
||
|
+ free(uu);
|
||
|
}
|
||
|
return success;
|
||
|
}
|
||
|
@@ -673,12 +673,12 @@
|
||
|
switch (key_type_from_name(p)) {
|
||
|
case KEY_RSA1:
|
||
|
case KEY_UNSPEC:
|
||
|
- xfree(s);
|
||
|
+ free(s);
|
||
|
return 0;
|
||
|
}
|
||
|
}
|
||
|
verbose("key names ok: [%s]", names);
|
||
|
- xfree(s);
|
||
|
+ free(s);
|
||
|
return 1;
|
||
|
}
|
||
|
|
||
|
@@ -743,7 +743,7 @@
|
||
|
logerror("key_from_blob: remaining bytes in key blob %d", rlen);
|
||
|
out:
|
||
|
if (ktype != NULL)
|
||
|
- xfree(ktype);
|
||
|
+ free(ktype);
|
||
|
buffer_free(&b);
|
||
|
return key;
|
||
|
}
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/misc.c 2013-10-30 17:14:26.017615218 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/misc.c 2013-10-30 17:15:07.360327581 +0100
|
||
|
@@ -251,13 +251,13 @@
|
||
|
*remote = SSH_TUNID_ANY;
|
||
|
sp = xstrdup(s);
|
||
|
if ((ep = strchr(sp, ':')) == NULL) {
|
||
|
- xfree(sp);
|
||
|
+ free(sp);
|
||
|
return (a2tun(s, NULL));
|
||
|
}
|
||
|
ep[0] = '\0'; ep++;
|
||
|
*remote = a2tun(ep, NULL);
|
||
|
tun = a2tun(sp, NULL);
|
||
|
- xfree(sp);
|
||
|
+ free(sp);
|
||
|
return (*remote == SSH_TUNID_ERR ? *remote : tun);
|
||
|
}
|
||
|
|
||
|
@@ -490,7 +490,7 @@
|
||
|
if (which >= args->num)
|
||
|
fatal("replacearg: tried to replace invalid arg %d >= %d",
|
||
|
which, args->num);
|
||
|
- xfree(args->list[which]);
|
||
|
+ free(args->list[which]);
|
||
|
args->list[which] = cp;
|
||
|
}
|
||
|
|
||
|
@@ -501,8 +501,8 @@
|
||
|
|
||
|
if (args->list != NULL) {
|
||
|
for (i = 0; i < args->num; i++)
|
||
|
- xfree(args->list[i]);
|
||
|
- xfree(args->list);
|
||
|
+ free(args->list[i]);
|
||
|
+ free(args->list);
|
||
|
args->nalloc = args->num = 0;
|
||
|
args->list = NULL;
|
||
|
}
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/pam_user_authorized_keys.c 2013-10-30 17:14:26.017615218 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/pam_user_authorized_keys.c 2013-10-30 17:15:07.361327550 +0100
|
||
|
@@ -121,7 +121,7 @@
|
||
|
}
|
||
|
authorized_keys_file = tilde_expand_filename(auth_keys_file_buf, authorized_keys_file_allowed_owner_uid);
|
||
|
strncpy(auth_keys_file_buf, authorized_keys_file, sizeof(auth_keys_file_buf) - 1 );
|
||
|
- xfree(authorized_keys_file) /* when we percent_expand later, we'd step on this, so free it immediately */;
|
||
|
+ free(authorized_keys_file) /* when we percent_expand later, we'd step on this, so free it immediately */;
|
||
|
}
|
||
|
|
||
|
if(strstr(auth_keys_file_buf, "%h")) {
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/pam_user_key_allowed2.c 2013-10-30 17:14:26.018615187 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/pam_user_key_allowed2.c 2013-10-30 17:15:07.361327550 +0100
|
||
|
@@ -121,7 +121,7 @@
|
||
|
fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX);
|
||
|
logit("Found matching %s key: %s",
|
||
|
key_type(found), fp);
|
||
|
- xfree(fp);
|
||
|
+ free(fp);
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/ssh-dss.c 2013-10-30 17:14:26.014615310 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/ssh-dss.c 2013-10-30 17:15:07.361327550 +0100
|
||
|
@@ -135,17 +135,17 @@
|
||
|
if (strcmp("ssh-dss", ktype) != 0) {
|
||
|
logerror("ssh_dss_verify: cannot handle type %s", ktype);
|
||
|
buffer_free(&b);
|
||
|
- xfree(ktype);
|
||
|
+ free(ktype);
|
||
|
return -1;
|
||
|
}
|
||
|
- xfree(ktype);
|
||
|
+ free(ktype);
|
||
|
sigblob = buffer_get_string(&b, &len);
|
||
|
rlen = buffer_len(&b);
|
||
|
buffer_free(&b);
|
||
|
if (rlen != 0) {
|
||
|
logerror("ssh_dss_verify: "
|
||
|
"remaining bytes in signature %d", rlen);
|
||
|
- xfree(sigblob);
|
||
|
+ free(sigblob);
|
||
|
return -1;
|
||
|
}
|
||
|
}
|
||
|
@@ -167,7 +167,7 @@
|
||
|
|
||
|
/* clean up */
|
||
|
memset(sigblob, 0, len);
|
||
|
- xfree(sigblob);
|
||
|
+ free(sigblob);
|
||
|
|
||
|
/* sha1 the data */
|
||
|
EVP_DigestInit(&md, evp_md);
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/ssh-rsa.c 2013-10-30 17:14:26.015615278 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/ssh-rsa.c 2013-10-30 17:15:07.362327518 +0100
|
||
|
@@ -70,7 +70,7 @@
|
||
|
|
||
|
logerror("ssh_rsa_sign: RSA_sign failed: %s",
|
||
|
ERR_error_string(ecode, NULL));
|
||
|
- xfree(sig);
|
||
|
+ free(sig);
|
||
|
return -1;
|
||
|
}
|
||
|
if (len < slen) {
|
||
|
@@ -80,7 +80,7 @@
|
||
|
memset(sig, 0, diff);
|
||
|
} else if (len > slen) {
|
||
|
logerror("ssh_rsa_sign: slen %u slen2 %u", slen, len);
|
||
|
- xfree(sig);
|
||
|
+ free(sig);
|
||
|
return -1;
|
||
|
}
|
||
|
/* encode signature */
|
||
|
@@ -96,7 +96,7 @@
|
||
|
}
|
||
|
buffer_free(&b);
|
||
|
memset(sig, 's', slen);
|
||
|
- xfree(sig);
|
||
|
+ free(sig);
|
||
|
|
||
|
return 0;
|
||
|
}
|
||
|
@@ -128,23 +128,23 @@
|
||
|
if (strcmp("ssh-rsa", ktype) != 0) {
|
||
|
logerror("ssh_rsa_verify: cannot handle type %s", ktype);
|
||
|
buffer_free(&b);
|
||
|
- xfree(ktype);
|
||
|
+ free(ktype);
|
||
|
return -1;
|
||
|
}
|
||
|
- xfree(ktype);
|
||
|
+ free(ktype);
|
||
|
sigblob = buffer_get_string(&b, &len);
|
||
|
rlen = buffer_len(&b);
|
||
|
buffer_free(&b);
|
||
|
if (rlen != 0) {
|
||
|
logerror("ssh_rsa_verify: remaining bytes in signature %d", rlen);
|
||
|
- xfree(sigblob);
|
||
|
+ free(sigblob);
|
||
|
return -1;
|
||
|
}
|
||
|
/* RSA_verify expects a signature of RSA_size */
|
||
|
modlen = RSA_size(key->rsa);
|
||
|
if (len > modlen) {
|
||
|
logerror("ssh_rsa_verify: len %u > modlen %u", len, modlen);
|
||
|
- xfree(sigblob);
|
||
|
+ free(sigblob);
|
||
|
return -1;
|
||
|
} else if (len < modlen) {
|
||
|
u_int diff = modlen - len;
|
||
|
@@ -158,7 +158,7 @@
|
||
|
nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
|
||
|
if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
|
||
|
logerror("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
|
||
|
- xfree(sigblob);
|
||
|
+ free(sigblob);
|
||
|
return -1;
|
||
|
}
|
||
|
EVP_DigestInit(&md, evp_md);
|
||
|
@@ -168,7 +168,7 @@
|
||
|
ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa);
|
||
|
memset(digest, 'd', sizeof(digest));
|
||
|
memset(sigblob, 's', len);
|
||
|
- xfree(sigblob);
|
||
|
+ free(sigblob);
|
||
|
verbose("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
|
||
|
return ret;
|
||
|
}
|
||
|
@@ -258,6 +258,6 @@
|
||
|
ret = 1;
|
||
|
done:
|
||
|
if (decrypted)
|
||
|
- xfree(decrypted);
|
||
|
+ free(decrypted);
|
||
|
return ret;
|
||
|
}
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/userauth_pubkey_from_id.c 2013-10-30 17:14:26.014615310 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/userauth_pubkey_from_id.c 2013-10-30 17:15:07.362327518 +0100
|
||
|
@@ -92,9 +92,9 @@
|
||
|
if(&b != NULL)
|
||
|
buffer_free(&b);
|
||
|
if(sig != NULL)
|
||
|
- xfree(sig);
|
||
|
+ free(sig);
|
||
|
if(pkblob != NULL)
|
||
|
- xfree(pkblob);
|
||
|
+ free(pkblob);
|
||
|
CRYPTO_cleanup_all_ex_data();
|
||
|
return authenticated;
|
||
|
}
|
||
|
--- pam_ssh_agent_auth-0.9.3.orig/uuencode.c 2013-10-30 17:14:26.015615278 +0100
|
||
|
+++ pam_ssh_agent_auth-0.9.3.orig/uuencode.c 2013-10-30 17:15:07.362327518 +0100
|
||
|
@@ -56,7 +56,7 @@
|
||
|
/* and remove trailing whitespace because __b64_pton needs this */
|
||
|
*p = '\0';
|
||
|
len = __b64_pton(encoded, target, targsize);
|
||
|
- xfree(encoded);
|
||
|
+ free(encoded);
|
||
|
return len;
|
||
|
}
|
||
|
|
||
|
@@ -79,5 +79,5 @@
|
||
|
}
|
||
|
if (i % 70 != 69)
|
||
|
fprintf(fp, "\n");
|
||
|
- xfree(buf);
|
||
|
+ free(buf);
|
||
|
}
|