? lib/umac128.c ? scp/obj ? sftp/obj ? sftp-server/obj ? ssh/obj ? ssh-add/obj ? ssh-agent/obj ? ssh-keygen/obj ? ssh-keyscan/obj ? ssh-keysign/obj ? ssh-pkcs11-helper/obj ? ssh-sk-helper/obj ? sshd/obj ? sshd-auth/obj ? sshd-session/obj Index: atomicio.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/atomicio.c,v diff -u -p -r1.30 atomicio.c --- atomicio.c 24 Jan 2019 02:42:23 -0000 1.30 +++ atomicio.c 19 Feb 2025 00:18:58 -0000 @@ -26,6 +26,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include #include #include Index: cipher-chachapoly.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/cipher-chachapoly.c,v diff -u -p -r1.10 cipher-chachapoly.c --- cipher-chachapoly.c 17 Jul 2023 05:26:38 -0000 1.10 +++ cipher-chachapoly.c 19 Feb 2025 00:18:58 -0000 @@ -23,6 +23,7 @@ #include "log.h" #include "sshbuf.h" #include "ssherr.h" +#include "misc.h" #include "cipher-chachapoly.h" struct chachapoly_ctx { Index: kexc25519.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/kexc25519.c,v diff -u -p -r1.18 kexc25519.c --- kexc25519.c 2 Sep 2024 12:13:56 -0000 1.18 +++ kexc25519.c 19 Feb 2025 00:18:58 -0000 @@ -36,7 +36,11 @@ #include "sshbuf.h" #include "digest.h" #include "ssherr.h" +<<<<<<< kexc25519.c +#include "misc.h" +======= #include "ssh2.h" +>>>>>>> 1.17 extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE], const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE]) Index: kexc25519s.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/Attic/kexc25519s.c,v diff -u -p -r1.10 kexc25519s.c --- kexc25519s.c 4 Dec 2015 16:41:28 -0000 1.10 +++ kexc25519s.c 19 Feb 2025 00:18:58 -0000 @@ -38,6 +38,7 @@ #include "ssh2.h" #include "sshbuf.h" #include "ssherr.h" +#include "misc.h" static int input_kex_c25519_init(int, u_int32_t, void *); Index: kexdhc.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/Attic/kexdhc.c,v diff -u -p -r1.19 kexdhc.c --- kexdhc.c 2 May 2016 10:26:04 -0000 1.19 +++ kexdhc.c 19 Feb 2025 00:18:58 -0000 @@ -43,6 +43,7 @@ #include "compat.h" #include "ssherr.h" #include "sshbuf.h" +#include "misc.h" static int input_kex_dh(int, u_int32_t, void *); Index: kexdhs.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/Attic/kexdhs.c,v diff -u -p -r1.24 kexdhs.c --- kexdhs.c 2 May 2016 10:26:04 -0000 1.24 +++ kexdhs.c 19 Feb 2025 00:18:58 -0000 @@ -43,6 +43,7 @@ #include "compat.h" #include "ssherr.h" #include "sshbuf.h" +#include "misc.h" static int input_kex_dh_init(int, u_int32_t, void *); Index: misc.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/misc.c,v diff -u -p -r1.198 misc.c --- misc.c 24 Oct 2024 03:14:37 -0000 1.198 +++ misc.c 19 Feb 2025 00:18:58 -0000 @@ -27,6 +27,7 @@ #include #include +#include #include #include #include @@ -1892,6 +1893,24 @@ unix_listener(const char *path, int back } return sock; } +<<<<<<< misc.c + +#include + +void __explicit_bzero_hook(void *buf, size_t len); + +__attribute__((weak)) void +__explicit_bzero_hook(void *buf, size_t len) +{ +} + +void +explicit_bzero(void *buf, size_t len) +{ + memset(buf, 0, len); + __explicit_bzero_hook(buf, len); +} +======= /* * Compares two strings that maybe be NULL. Returns non-zero if strings @@ -1960,6 +1979,9 @@ daemonized(void) debug3("already daemonized"); return 1; } +<<<<<<< misc.c +>>>>>>> 1.109 +======= /* * Splits 's' into an argument vector. Handles quoted string and basic @@ -2475,6 +2497,9 @@ path_absolute(const char *path) { return (*path == '/') ? 1 : 0; } +<<<<<<< misc.c +>>>>>>> 1.137 +======= void skip_space(char **cpp) @@ -2613,6 +2638,9 @@ ssh_signal(int signum, sshsig_t handler) } return osa.sa_handler; } +<<<<<<< misc.c +>>>>>>> 1.152 +======= int stdfd_devnull(int do_stdin, int do_stdout, int do_stderr) @@ -2985,3 +3013,4 @@ signal_is_crash(int sig) } return 0; } +>>>>>>> 1.198 Index: misc.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/misc.h,v diff -u -p -r1.110 misc.h --- misc.h 25 Sep 2024 01:24:04 -0000 1.110 +++ misc.h 19 Feb 2025 00:18:58 -0000 @@ -245,15 +245,27 @@ struct notifier_ctx *notify_start(int, c void notify_complete(struct notifier_ctx *, const char *, ...) __attribute__((format(printf, 2, 3))); +<<<<<<< misc.h +void explicit_bzero(void *, size_t len) + __attribute__((__bounded__(__buffer__, 1, 2))); + +======= #define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) #define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) +<<<<<<< misc.h +>>>>>>> 1.61 +======= typedef void (*sshsig_t)(int); sshsig_t ssh_signal(int, sshsig_t); +<<<<<<< misc.h +>>>>>>> 1.87 +======= int signal_is_crash(int); /* On OpenBSD time_t is int64_t which is long long. */ #define SSH_TIME_T_MAX LLONG_MAX +>>>>>>> 1.110 #endif /* _MISC_H */ Index: packet.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/packet.c,v diff -u -p -r1.318 packet.c --- packet.c 18 Feb 2025 08:02:12 -0000 1.318 +++ packet.c 19 Feb 2025 00:18:58 -0000 @@ -42,6 +42,7 @@ #include #include #include +typedef u_int32_t n_time; #include #include @@ -2254,6 +2255,61 @@ ssh_packet_get_maxsize(struct ssh *ssh) return ssh->state->max_packet_size; } +<<<<<<< packet.c +/* + * 9.2. Ignored Data Message + * + * byte SSH_MSG_IGNORE + * string data + * + * All implementations MUST understand (and ignore) this message at any + * time (after receiving the protocol version). No implementation is + * required to send them. This message can be used as an additional + * protection measure against advanced traffic analysis techniques. + */ +void +ssh_packet_send_ignore(struct ssh *ssh, int nbytes) +{ + u_int32_t rnd = 0; + int r, i; + + if ((r = sshpkt_start(ssh, compat20 ? + SSH2_MSG_IGNORE : SSH_MSG_IGNORE)) != 0 || + (r = sshpkt_put_u32(ssh, nbytes)) != 0) + fatal("%s: %s", __func__, ssh_err(r)); + for (i = 0; i < nbytes; i++) { + if (i % 4 == 0) + rnd = arc4random(); + if ((r = sshpkt_put_u8(ssh, (u_char)rnd & 0xff)) != 0) + fatal("%s: %s", __func__, ssh_err(r)); + rnd >>= 8; + } +} + +<<<<<<< packet.c +#define MAX_PACKETS (1U<<31) +int +ssh_packet_need_rekeying(struct ssh *ssh) +{ + struct session_state *state = ssh->state; + + if (ssh->compat & SSH_BUG_NOREKEY) + return 0; + return + (state->p_send.packets > MAX_PACKETS) || + (state->p_read.packets > MAX_PACKETS) || + (state->max_blocks_out && + (state->p_send.blocks > state->max_blocks_out)) || + (state->max_blocks_in && + (state->p_read.blocks > state->max_blocks_in)) || + (state->rekey_interval != 0 && state->rekey_time + + (time_t)state->rekey_interval <= monotime()); +} + +======= +>>>>>>> 1.247 +======= +>>>>>>> 1.284 void ssh_packet_set_rekey_limits(struct ssh *ssh, u_int64_t bytes, u_int32_t seconds) { Index: readconf.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/readconf.c,v diff -u -p -r1.397 readconf.c --- readconf.c 15 Feb 2025 01:52:07 -0000 1.397 +++ readconf.c 19 Feb 2025 00:18:58 -0000 @@ -18,7 +18,11 @@ #include #include +<<<<<<< readconf.c +#include +======= #include +>>>>>>> 1.397 #include #include Index: rsa.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/Attic/rsa.c,v diff -u -p -r1.32 rsa.c --- rsa.c 24 Jun 2014 01:13:21 -0000 1.32 +++ rsa.c 19 Feb 2025 00:18:58 -0000 @@ -67,6 +67,7 @@ #include "rsa.h" #include "log.h" #include "ssherr.h" +#include "misc.h" int rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) Index: ssh-ed25519.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-ed25519.c,v diff -u -p -r1.19 ssh-ed25519.c --- ssh-ed25519.c 28 Oct 2022 00:44:44 -0000 1.19 +++ ssh-ed25519.c 19 Feb 2025 00:18:58 -0000 @@ -28,6 +28,7 @@ #include "sshkey.h" #include "ssherr.h" #include "ssh.h" +#include "misc.h" static void ssh_ed25519_cleanup(struct sshkey *k) Index: umac.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/umac.c,v diff -u -p -r1.23 umac.c --- umac.c 7 Mar 2023 01:30:52 -0000 1.23 +++ umac.c 19 Feb 2025 00:18:58 -0000 @@ -66,7 +66,6 @@ /* ---------------------------------------------------------------------- */ #include -#include #include #include #include Index: xmalloc.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/xmalloc.c,v diff -u -p -r1.37 xmalloc.c --- xmalloc.c 13 Mar 2022 23:27:54 -0000 1.37 +++ xmalloc.c 19 Feb 2025 00:18:58 -0000 @@ -18,12 +18,45 @@ #include #include #include +#include #include "xmalloc.h" #include "log.h" +<<<<<<< xmalloc.c +<<<<<<< xmalloc.c +void *reallocarray(void *optr, size_t nmemb, size_t size); + +/* + * This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX + * if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW + */ +#define MUL_NO_OVERFLOW ((size_t)1 << (sizeof(size_t) * 4)) + +void * +reallocarray(void *optr, size_t nmemb, size_t size) +{ + if ((nmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && + nmemb > 0 && SIZE_MAX / nmemb < size) { + errno = ENOMEM; + return NULL; + } + return realloc(optr, size * nmemb); +} + +======= +void +ssh_malloc_init(void) +{ + extern char *malloc_options; + + malloc_options = "S"; +} +======= char *malloc_options = "S"; +>>>>>>> 1.36 +>>>>>>> 1.33 void * xmalloc(size_t size) {