summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatt Johnston <matt@ucc.asn.au>2023-01-03 22:07:07 +0800
committerMatt Johnston <matt@ucc.asn.au>2023-01-03 22:07:07 +0800
commit923a65ea0d2bd51788cf9dd3f74ff53db4bd19be (patch)
tree36603e097dbc91bde14fc79c046b74ff59efa21c
parent39d955c49f31fc155e885447ee2be61c869d8c2d (diff)
parentf7b1ba6aadfc17dd08a26626b1119552b92e8ea1 (diff)
downloaddropbear-923a65ea0d2bd51788cf9dd3f74ff53db4bd19be.tar.gz
Merge remote-tracking branch 'refs/remotes/origin/master'
-rw-r--r--bignum.c2
-rw-r--r--bignum.h2
-rw-r--r--buffer.c2
-rw-r--r--buffer.h2
-rw-r--r--dbrandom.c2
-rw-r--r--dbrandom.h2
-rw-r--r--dbutil.c2
-rw-r--r--dbutil.h2
-rw-r--r--genrsa.c4
-rw-r--r--sshpty.c4
10 files changed, 13 insertions, 11 deletions
diff --git a/bignum.c b/bignum.c
index 97e90a7..c2b39b1 100644
--- a/bignum.c
+++ b/bignum.c
@@ -93,7 +93,7 @@ void bytes_to_mp(mp_int *mp, const unsigned char* bytes, unsigned int len) {
/* hash the ssh representation of the mp_int mp */
void hash_process_mp(const struct ltc_hash_descriptor *hash_desc,
- hash_state *hs, mp_int *mp) {
+ hash_state *hs, const mp_int *mp) {
buffer * buf;
buf = buf_new(512 + 20); /* max buffer is a 4096 bit key,
diff --git a/bignum.h b/bignum.h
index bab65ef..861acb0 100644
--- a/bignum.h
+++ b/bignum.h
@@ -33,6 +33,6 @@ void m_mp_alloc_init_multi(mp_int **mp, ...) ATTRIB_SENTINEL;
void m_mp_free_multi(mp_int **mp, ...) ATTRIB_SENTINEL;
void bytes_to_mp(mp_int *mp, const unsigned char* bytes, unsigned int len);
void hash_process_mp(const struct ltc_hash_descriptor *hash_desc,
- hash_state *hs, mp_int *mp);
+ hash_state *hs, const mp_int *mp);
#endif /* DROPBEAR_BIGNUM_H_ */
diff --git a/buffer.c b/buffer.c
index a3ed426..1377b77 100644
--- a/buffer.c
+++ b/buffer.c
@@ -299,7 +299,7 @@ void buf_putbytes(buffer *buf, const unsigned char *bytes, unsigned int len) {
/* for our purposes we only need positive (or 0) numbers, so will
* fail if we get negative numbers */
-void buf_putmpint(buffer* buf, mp_int * mp) {
+void buf_putmpint(buffer* buf, const mp_int * mp) {
size_t written;
unsigned int len, pad = 0;
TRACE2(("enter buf_putmpint"))
diff --git a/buffer.h b/buffer.h
index 279e9c4..0ba6683 100644
--- a/buffer.h
+++ b/buffer.h
@@ -65,7 +65,7 @@ void buf_putint(buffer* buf, unsigned int val);
void buf_putstring(buffer* buf, const char* str, unsigned int len);
void buf_putbufstring(buffer *buf, const buffer* buf_str);
void buf_putbytes(buffer *buf, const unsigned char *bytes, unsigned int len);
-void buf_putmpint(buffer* buf, mp_int * mp);
+void buf_putmpint(buffer* buf, const mp_int * mp);
int buf_getmpint(buffer* buf, mp_int* mp);
unsigned int buf_getint(buffer* buf);
diff --git a/dbrandom.c b/dbrandom.c
index 755645c..41aaa48 100644
--- a/dbrandom.c
+++ b/dbrandom.c
@@ -347,7 +347,7 @@ void genrandom(unsigned char* buf, unsigned int len) {
* rand must be an initialised *mp_int for the result.
* the result rand satisfies: 0 < rand < max
* */
-void gen_random_mpint(mp_int *max, mp_int *rand) {
+void gen_random_mpint(const mp_int *max, mp_int *rand) {
unsigned char *randbuf = NULL;
unsigned int len = 0;
diff --git a/dbrandom.h b/dbrandom.h
index 7f49b6a..1db2c2f 100644
--- a/dbrandom.h
+++ b/dbrandom.h
@@ -30,6 +30,6 @@
void seedrandom(void);
void genrandom(unsigned char* buf, unsigned int len);
void addrandom(const unsigned char * buf, unsigned int len);
-void gen_random_mpint(mp_int *max, mp_int *rand);
+void gen_random_mpint(const mp_int *max, mp_int *rand);
#endif /* DROPBEAR_RANDOM_H_ */
diff --git a/dbutil.c b/dbutil.c
index 08206f9..e8831c5 100644
--- a/dbutil.c
+++ b/dbutil.c
@@ -442,7 +442,7 @@ void printhex(const char * label, const unsigned char * buf, int len) {
}
}
-void printmpint(const char *label, mp_int *mp) {
+void printmpint(const char *label, const mp_int *mp) {
buffer *buf = buf_new(1000);
buf_putmpint(buf, mp);
fprintf(stderr, "%d bits ", mp_count_bits(mp));
diff --git a/dbutil.h b/dbutil.h
index 64af170..df2f89b 100644
--- a/dbutil.h
+++ b/dbutil.h
@@ -53,7 +53,7 @@ void dropbear_trace3(const char* format, ...) ATTRIB_PRINTF(1,2);
void dropbear_trace4(const char* format, ...) ATTRIB_PRINTF(1,2);
void dropbear_trace5(const char* format, ...) ATTRIB_PRINTF(1,2);
void printhex(const char * label, const unsigned char * buf, int len);
-void printmpint(const char *label, mp_int *mp);
+void printmpint(const char *label, const mp_int *mp);
void debug_start_net(void);
extern int debug_trace;
#endif
diff --git a/genrsa.c b/genrsa.c
index 71a46a6..e249d6e 100644
--- a/genrsa.c
+++ b/genrsa.c
@@ -34,7 +34,7 @@
#if DROPBEAR_RSA
static void getrsaprime(mp_int* prime, mp_int *primeminus,
- mp_int* rsa_e, unsigned int size_bytes);
+ const mp_int* rsa_e, unsigned int size_bytes);
/* mostly taken from libtomcrypt's rsa key generation routine */
dropbear_rsa_key * gen_rsa_priv_key(unsigned int size) {
@@ -89,7 +89,7 @@ dropbear_rsa_key * gen_rsa_priv_key(unsigned int size) {
/* return a prime suitable for p or q */
static void getrsaprime(mp_int* prime, mp_int *primeminus,
- mp_int* rsa_e, unsigned int size_bytes) {
+ const mp_int* rsa_e, unsigned int size_bytes) {
unsigned char *buf;
int trials;
diff --git a/sshpty.c b/sshpty.c
index fceb7fd..9f12d67 100644
--- a/sshpty.c
+++ b/sshpty.c
@@ -380,7 +380,9 @@ pty_setowner(struct passwd *pw, const char *tty_name)
tty_name, strerror(errno));
}
- if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
+ /* Allow either "tty" gid or user's own gid. On Linux with openpty()
+ * this varies depending on the devpts mount options */
+ if (st.st_uid != pw->pw_uid || !(st.st_gid == gid || st.st_gid == pw->pw_gid)) {
if (chown(tty_name, pw->pw_uid, gid) < 0) {
if (errno == EROFS &&
(st.st_uid == pw->pw_uid || st.st_uid == 0)) {