-/* $OpenBSD: auth-rhosts.c,v 1.49 2018/07/09 21:35:50 markus Exp $ */
+/* $OpenBSD: auth-rhosts.c,v 1.50 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* are no system-wide files.
*/
if (!rhosts_files[rhosts_file_index] &&
- stat(_PATH_RHOSTS_EQUIV, &st) < 0 &&
- stat(_PATH_SSH_HOSTS_EQUIV, &st) < 0) {
+ stat(_PATH_RHOSTS_EQUIV, &st) == -1 &&
+ stat(_PATH_SSH_HOSTS_EQUIV, &st) == -1) {
debug3("%s: no hosts access files exist", __func__);
return 0;
}
* Check that the home directory is owned by root or the user, and is
* not group or world writable.
*/
- if (stat(pw->pw_dir, &st) < 0) {
+ if (stat(pw->pw_dir, &st) == -1) {
logit("Rhosts authentication refused for %.100s: "
"no home directory %.200s", pw->pw_name, pw->pw_dir);
auth_debug_add("Rhosts authentication refused for %.100s: "
/* Check users .rhosts or .shosts. */
snprintf(buf, sizeof buf, "%.500s/%.100s",
pw->pw_dir, rhosts_files[rhosts_file_index]);
- if (stat(buf, &st) < 0)
+ if (stat(buf, &st) == -1)
continue;
/*
-/* $OpenBSD: auth.c,v 1.138 2019/01/19 21:41:18 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.139 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
char *shell = xstrdup((pw->pw_shell[0] == '\0') ?
_PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */
- if (stat(shell, &st) != 0) {
+ if (stat(shell, &st) == -1) {
logit("User %.100s not allowed because shell %.100s "
"does not exist", pw->pw_name, shell);
free(shell);
return NULL;
}
- if (fstat(fd, &st) < 0) {
+ if (fstat(fd, &st) == -1) {
close(fd);
return NULL;
}
fromlen = sizeof(from);
memset(&from, 0, sizeof(from));
if (getpeername(ssh_packet_get_connection_in(ssh),
- (struct sockaddr *)&from, &fromlen) < 0) {
+ (struct sockaddr *)&from, &fromlen) == -1) {
debug("getpeername failed: %.100s", strerror(errno));
return strdup(ntop);
}
return 0;
}
temporarily_use_uid(pw);
- if (stat(av[0], &st) < 0) {
+ if (stat(av[0], &st) == -1) {
error("Could not stat %s \"%s\": %s", tag,
av[0], strerror(errno));
restore_uid();
return 0;
}
/* Prepare to keep the child's stdout if requested */
- if (pipe(p) != 0) {
+ if (pipe(p) == -1) {
error("%s: pipe: %s", tag, strerror(errno));
restore_uid();
return 0;
closefrom(STDERR_FILENO + 1);
/* Don't use permanently_set_uid() here to avoid fatal() */
- if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) {
+ if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) {
error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid,
strerror(errno));
_exit(1);
}
- if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) {
+ if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) {
error("%s: setresuid %u: %s", tag, (u_int)pw->pw_uid,
strerror(errno));
_exit(1);
-/* $OpenBSD: authfd.c,v 1.114 2019/06/21 04:21:04 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.115 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
sunaddr.sun_family = AF_UNIX;
strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
- if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
+ if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1)
return SSH_ERR_SYSTEM_ERROR;
/* close on exec */
if (fcntl(sock, F_SETFD, FD_CLOEXEC) == -1 ||
- connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) {
+ connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) {
oerrno = errno;
close(sock);
errno = oerrno;
-/* $OpenBSD: authfile.c,v 1.131 2018/09/21 12:20:12 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.132 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
*
{
int fd, oerrno;
- if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0)
+ if ((fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600)) == -1)
return SSH_ERR_SYSTEM_ERROR;
if (atomicio(vwrite, fd, sshbuf_mutable_ptr(keybuf),
sshbuf_len(keybuf)) != sshbuf_len(keybuf)) {
struct stat st;
int r;
- if (fstat(fd, &st) < 0)
+ if (fstat(fd, &st) == -1)
return SSH_ERR_SYSTEM_ERROR;
if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
st.st_size > MAX_KEY_FILE_SIZE)
{
struct stat st;
- if (fstat(fd, &st) < 0)
+ if (fstat(fd, &st) == -1)
return SSH_ERR_SYSTEM_ERROR;
/*
* if a key owned by the user is accessed, then we check the
if (commentp != NULL)
*commentp = NULL;
- if ((fd = open(filename, O_RDONLY)) < 0) {
+ if ((fd = open(filename, O_RDONLY)) == -1) {
if (perm_ok != NULL)
*perm_ok = 0;
return SSH_ERR_SYSTEM_ERROR;
if (commentp != NULL)
*commentp = NULL;
- if ((fd = open(filename, O_RDONLY)) < 0)
+ if ((fd = open(filename, O_RDONLY)) == -1)
return SSH_ERR_SYSTEM_ERROR;
if (sshkey_perm_ok(fd, filename) != 0) {
r = SSH_ERR_KEY_BAD_PERMISSIONS;
-/* $OpenBSD: canohost.c,v 1.73 2016/03/07 19:02:43 djm Exp $ */
+/* $OpenBSD: canohost.c,v 1.74 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
fromlen = sizeof(from);
memset(&from, 0, sizeof(from));
if (local) {
- if (getsockname(sock, (struct sockaddr *)&from, &fromlen) < 0) {
+ if (getsockname(sock, (struct sockaddr *)&from, &fromlen) == -1) {
error("getsockname failed: %.100s", strerror(errno));
return 0;
}
} else {
- if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) {
+ if (getpeername(sock, (struct sockaddr *)&from, &fromlen) == -1) {
debug("getpeername failed: %.100s", strerror(errno));
return -1;
}
-/* $OpenBSD: channels.c,v 1.392 2019/06/07 14:18:48 dtucker Exp $ */
+/* $OpenBSD: channels.c,v 1.393 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
chan_mark_dead(ssh, c);
errno = oerrno;
}
- if (newsock < 0) {
+ if (newsock == -1) {
if (errno != EINTR && errno != EWOULDBLOCK &&
errno != ECONNABORTED)
error("accept: %.100s", strerror(errno));
addrlen = sizeof(addr);
newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen);
- if (newsock < 0) {
+ if (newsock == -1) {
if (errno != EINTR && errno != EWOULDBLOCK &&
errno != ECONNABORTED)
error("accept: %.100s", strerror(errno));
addrlen = sizeof(addr);
newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen);
- if (newsock < 0) {
+ if (newsock == -1) {
error("accept from auth socket: %.100s", strerror(errno));
if (errno == EMFILE || errno == ENFILE)
c->notbefore = monotime() + 1;
fatal(":%s: channel %d: no remote id", __func__, c->self);
/* for rdynamic the OPEN_CONFIRMATION has been sent already */
isopen = (c->type == SSH_CHANNEL_RDYNAMIC_FINISH);
- if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, &err, &sz) < 0) {
+ if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, &err, &sz) == -1) {
err = errno;
error("getsockopt SO_ERROR failed");
}
errno = 0;
len = read(c->rfd, buf, sizeof(buf));
- if (len < 0 && (errno == EINTR ||
+ if (len == -1 && (errno == EINTR ||
((errno == EAGAIN || errno == EWOULDBLOCK) && !force)))
return 1;
#ifndef PTY_ZEROREAD
/* ignore truncated writes, datagrams might get lost */
len = write(c->wfd, buf, dlen);
free(data);
- if (len < 0 && (errno == EINTR || errno == EAGAIN ||
+ if (len == -1 && (errno == EINTR || errno == EAGAIN ||
errno == EWOULDBLOCK))
return 1;
if (len <= 0)
#endif
len = write(c->wfd, buf, dlen);
- if (len < 0 &&
+ if (len == -1 &&
(errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK))
return 1;
if (len <= 0) {
len = write(c->efd, sshbuf_ptr(c->extended),
sshbuf_len(c->extended));
debug2("channel %d: written %zd to efd %d", c->self, len, c->efd);
- if (len < 0 && (errno == EINTR || errno == EAGAIN ||
+ if (len == -1 && (errno == EINTR || errno == EAGAIN ||
errno == EWOULDBLOCK))
return 1;
if (len <= 0) {
len = read(c->efd, buf, sizeof(buf));
debug2("channel %d: read %zd from efd %d", c->self, len, c->efd);
- if (len < 0 && (errno == EINTR || ((errno == EAGAIN ||
+ if (len == -1 && (errno == EINTR || ((errno == EAGAIN ||
errno == EWOULDBLOCK) && !force)))
return 1;
if (len <= 0) {
if (sshbuf_len(c->input) < need) {
rlen = need - sshbuf_len(c->input);
len = read(c->rfd, buf, MINIMUM(rlen, CHAN_RBUF));
- if (len < 0 && (errno == EINTR || errno == EAGAIN))
+ if (len == -1 && (errno == EINTR || errno == EAGAIN))
return sshbuf_len(c->input);
if (len <= 0) {
debug2("channel %d: ctl read<=0 rfd %d len %zd",
return;
len = write(c->wfd, sshbuf_ptr(c->output), sshbuf_len(c->output));
- if (len < 0 && (errno == EINTR || errno == EAGAIN))
+ if (len == -1 && (errno == EINTR || errno == EAGAIN))
return;
if (len <= 0) {
chan_mark_dead(ssh, c);
return;
}
- if (getpeereid(newsock, &euid, &egid) < 0) {
+ if (getpeereid(newsock, &euid, &egid) == -1) {
error("%s getpeereid failed: %s", __func__,
strerror(errno));
close(newsock);
}
/* Create a port to listen for the host. */
sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (sock < 0) {
+ if (sock == -1) {
/* this is no error since kernel may not support ipv6 */
verbose("socket [%s]:%s: %.100s", ntop, strport,
strerror(errno));
ntop, strport);
/* Bind the socket to the address. */
- if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
+ if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
/*
* address can be in if use ipv6 address is
* already bound
continue;
}
/* Start listening for connections on the socket. */
- if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
+ if (listen(sock, SSH_LISTEN_BACKLOG) == -1) {
error("listen: %.100s", strerror(errno));
error("listen [%s]:%s: %.100s", ntop, strport,
strerror(errno));
if (sc->channels[i] == NULL || !sc->channels[i]->client_tty ||
sc->channels[i]->type != SSH_CHANNEL_OPEN)
continue;
- if (ioctl(sc->channels[i]->rfd, TIOCGWINSZ, &ws) < 0)
+ if (ioctl(sc->channels[i]->rfd, TIOCGWINSZ, &ws) == -1)
continue;
channel_request_start(ssh, i, "window-change", 0);
if ((r = sshpkt_put_u32(ssh, (u_int)ws.ws_col)) != 0 ||
continue;
sock = socket(ai->ai_family, ai->ai_socktype,
ai->ai_protocol);
- if (sock < 0) {
+ if (sock == -1) {
if ((errno != EINVAL) && (errno != EAFNOSUPPORT)
#ifdef EPFNOSUPPORT
&& (errno != EPFNOSUPPORT)
sock_set_v6only(sock);
if (x11_use_localhost)
set_reuseaddr(sock);
- if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
+ if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
debug2("%s: bind port %d: %.100s", __func__,
port, strerror(errno));
close(sock);
/* Start listening for connections on the socket. */
for (n = 0; n < num_socks; n++) {
sock = socks[n];
- if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
+ if (listen(sock, SSH_LISTEN_BACKLOG) == -1) {
error("listen: %.100s", strerror(errno));
close(sock);
return -1;
struct sockaddr_un addr;
sock = socket(AF_UNIX, SOCK_STREAM, 0);
- if (sock < 0)
+ if (sock == -1)
error("socket: %.100s", strerror(errno));
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
for (ai = aitop; ai; ai = ai->ai_next) {
/* Create a socket. */
sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (sock < 0) {
+ if (sock == -1) {
debug2("socket: %.100s", strerror(errno));
continue;
}
/* Connect it to the display. */
- if (connect(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
+ if (connect(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
debug2("connect %.100s port %u: %.100s", buf,
6000 + display_number, strerror(errno));
close(sock);
-/* $OpenBSD: clientloop.c,v 1.325 2019/06/26 22:29:43 dtucker Exp $ */
+/* $OpenBSD: clientloop.c,v 1.326 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
}
ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp);
- if (ret < 0) {
+ if (ret == -1) {
/*
* We have to clear the select masks, because we return.
* We have to return, because the mainloop checks for the flags
* There is a kernel bug on Solaris that causes select to
* sometimes wake up even though there is no data available.
*/
- if (len < 0 &&
+ if (len == -1 &&
(errno == EAGAIN || errno == EINTR || errno == EWOULDBLOCK))
len = 0;
- if (len < 0) {
+ if (len == -1) {
/*
* An error has encountered. Perhaps there is a
* network problem.
/* Fork into background. */
pid = fork();
- if (pid < 0) {
+ if (pid == -1) {
error("fork: %.100s", strerror(errno));
continue;
}
struct winsize ws;
/* Store window size in the packet. */
- if (ioctl(in_fd, TIOCGWINSZ, &ws) < 0)
+ if (ioctl(in_fd, TIOCGWINSZ, &ws) == -1)
memset(&ws, 0, sizeof(ws));
channel_request_start(ssh, id, "pty-req", 1);
-/* $OpenBSD: misc.c,v 1.138 2019/06/27 18:03:37 deraadt Exp $ */
+/* $OpenBSD: misc.c,v 1.139 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
int val;
val = fcntl(fd, F_GETFL);
- if (val < 0) {
+ if (val == -1) {
error("fcntl(%d, F_GETFL): %s", fd, strerror(errno));
return (-1);
}
int val;
val = fcntl(fd, F_GETFL);
- if (val < 0) {
+ if (val == -1) {
error("fcntl(%d, F_GETFL): %s", fd, strerror(errno));
return (-1);
}
return -1;
}
- if (fd < 0) {
+ if (fd == -1) {
debug("%s: %s open: %s", __func__, name, strerror(errno));
return -1;
}
}
sock = socket(PF_UNIX, SOCK_STREAM, 0);
- if (sock < 0) {
+ if (sock == -1) {
saved_errno = errno;
error("%s: socket: %.100s", __func__, strerror(errno));
errno = saved_errno;
if (unlink(path) != 0 && errno != ENOENT)
error("unlink(%s): %.100s", path, strerror(errno));
}
- if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) {
+ if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) == -1) {
saved_errno = errno;
error("%s: cannot bind to path %s: %s",
__func__, path, strerror(errno));
errno = saved_errno;
return -1;
}
- if (listen(sock, backlog) < 0) {
+ if (listen(sock, backlog) == -1) {
saved_errno = errno;
error("%s: cannot listen on path %s: %s",
__func__, path, strerror(errno));
}
strlcpy(buf, cp, sizeof(buf));
- if (stat(buf, &st) < 0 ||
+ if (stat(buf, &st) == -1 ||
(!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) ||
(st.st_mode & 022) != 0) {
snprintf(err, errlen,
struct stat st;
/* check the open file to avoid races */
- if (fstat(fd, &st) < 0) {
+ if (fstat(fd, &st) == -1) {
snprintf(err, errlen, "cannot stat file %s: %s",
file, strerror(errno));
return -1;
-/* $OpenBSD: monitor.c,v 1.197 2019/01/21 10:38:54 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.198 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
fromlen = sizeof(from);
if (ssh_packet_connection_is_on_socket(ssh)) {
if (getpeername(ssh_packet_get_connection_in(ssh),
- (struct sockaddr *)&from, &fromlen) < 0) {
+ (struct sockaddr *)&from, &fromlen) == -1) {
debug("getpeername: %.100s", strerror(errno));
cleanup_exit(255);
}
fatal("%s: send fds failed", __func__);
/* make sure nothing uses fd 0 */
- if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
+ if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) == -1)
fatal("%s: open(/dev/null): %s", __func__, strerror(errno));
if (fd0 != 0)
error("%s: fd0 %d != 0", __func__, fd0);
if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1)
fatal("%s: socketpair: %s", __func__, strerror(errno));
#ifdef SO_ZEROIZE
- if (setsockopt(pair[0], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0)
+ if (setsockopt(pair[0], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) == -1)
error("setsockopt SO_ZEROIZE(0): %.100s", strerror(errno));
- if (setsockopt(pair[1], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) < 0)
+ if (setsockopt(pair[1], SOL_SOCKET, SO_ZEROIZE, &on, sizeof(on)) == -1)
error("setsockopt SO_ZEROIZE(1): %.100s", strerror(errno));
#endif
FD_CLOSEONEXEC(pair[0]);
-/* $OpenBSD: monitor_wrap.c,v 1.112 2019/01/21 09:54:11 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.113 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
sshbuf_free(m);
/* closed dup'ed master */
- if (s->ptymaster != -1 && close(s->ptymaster) < 0)
+ if (s->ptymaster != -1 && close(s->ptymaster) == -1)
error("close(s->ptymaster/%d): %s",
s->ptymaster, strerror(errno));
-/* $OpenBSD: mux.c,v 1.79 2019/01/19 21:35:25 djm Exp $ */
+/* $OpenBSD: mux.c,v 1.80 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
*
return -1;
}
len = read(fd, p + have, need - have);
- if (len < 0) {
+ if (len == -1) {
switch (errno) {
#if defined(EWOULDBLOCK) && (EWOULDBLOCK != EAGAIN)
case EWOULDBLOCK:
return -1;
}
len = write(fd, ptr + have, need - have);
- if (len < 0) {
+ if (len == -1) {
switch (errno) {
#if defined(EWOULDBLOCK) && (EWOULDBLOCK != EAGAIN)
case EWOULDBLOCK:
fatal("ControlPath too long ('%s' >= %u bytes)", path,
(unsigned int)sizeof(addr.sun_path));
- if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
+ if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
fatal("%s socket(): %s", __func__, strerror(errno));
if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
-/* $OpenBSD: nchan.c,v 1.69 2018/10/04 07:47:35 djm Exp $ */
+/* $OpenBSD: nchan.c,v 1.70 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
*
c->self, __func__, c->istate, c->ostate, c->sock, c->wfd, c->efd,
channel_format_extended_usage(c));
if (c->sock != -1) {
- if (shutdown(c->sock, SHUT_WR) < 0) {
+ if (shutdown(c->sock, SHUT_WR) == -1) {
debug2("channel %d: %s: shutdown() failed for "
"fd %d [i%d o%d]: %.100s", c->self, __func__,
c->sock, c->istate, c->ostate,
* write side has been closed already. (bug on Linux)
* HP-UX may return ENOTCONN also.
*/
- if (shutdown(c->sock, SHUT_RD) < 0 && errno != ENOTCONN) {
+ if (shutdown(c->sock, SHUT_RD) == -1 && errno != ENOTCONN) {
error("channel %d: %s: shutdown() failed for "
"fd %d [i%d o%d]: %.100s",
c->self, __func__, c->sock, c->istate, c->ostate,
-/* $OpenBSD: packet.c,v 1.285 2019/06/07 14:18:48 dtucker Exp $ */
+/* $OpenBSD: packet.c,v 1.286 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
fromlen = sizeof(from);
memset(&from, 0, sizeof(from));
if (getpeername(state->connection_in, (struct sockaddr *)&from,
- &fromlen) < 0)
+ &fromlen) == -1)
return 0;
tolen = sizeof(to);
memset(&to, 0, sizeof(to));
if (getpeername(state->connection_out, (struct sockaddr *)&to,
- &tolen) < 0)
+ &tolen) == -1)
return 0;
if (fromlen != tolen || memcmp(&from, &to, fromlen) != 0)
return 0;
memset(&to, 0, sizeof(to));
if (getsockname(ssh->state->connection_out, (struct sockaddr *)&to,
- &tolen) < 0)
+ &tolen) == -1)
return 0;
#ifdef IPV4_IN_IPV6
if (to.ss_family == AF_INET6 &&
r = SSH_ERR_CONN_CLOSED;
goto out;
}
- if (len < 0) {
+ if (len == -1) {
r = SSH_ERR_SYSTEM_ERROR;
goto out;
}
case AF_INET:
debug3("%s: set IP_TOS 0x%02x", __func__, tos);
if (setsockopt(ssh->state->connection_in,
- IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) < 0)
+ IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) == -1)
error("setsockopt IP_TOS %d: %.100s:",
tos, strerror(errno));
break;
case AF_INET6:
debug3("%s: set IPV6_TCLASS 0x%02x", __func__, tos);
if (setsockopt(ssh->state->connection_in,
- IPPROTO_IPV6, IPV6_TCLASS, &tos, sizeof(tos)) < 0)
+ IPPROTO_IPV6, IPV6_TCLASS, &tos, sizeof(tos)) == -1)
error("setsockopt IPV6_TCLASS %d: %.100s:",
tos, strerror(errno));
break;
-/* $OpenBSD: readconf.c,v 1.306 2019/06/12 11:31:50 jmc Exp $ */
+/* $OpenBSD: readconf.c,v 1.307 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
_exit(1);
}
/* Parent. */
- if (pid < 0)
+ if (pid == -1)
fatal("%s: fork: %.100s", __func__, strerror(errno));
close(devnull);
-/* $OpenBSD: readpass.c,v 1.53 2019/01/19 04:15:56 tb Exp $ */
+/* $OpenBSD: readpass.c,v 1.54 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
error("ssh_askpass: fflush: %s", strerror(errno));
if (askpass == NULL)
fatal("internal error: askpass undefined");
- if (pipe(p) < 0) {
+ if (pipe(p) == -1) {
error("ssh_askpass: pipe: %s", strerror(errno));
return NULL;
}
osigchld = signal(SIGCHLD, SIG_DFL);
- if ((pid = fork()) < 0) {
+ if ((pid = fork()) == -1) {
error("ssh_askpass: fork: %s", strerror(errno));
signal(SIGCHLD, osigchld);
return NULL;
}
if (pid == 0) {
close(p[0]);
- if (dup2(p[1], STDOUT_FILENO) < 0)
+ if (dup2(p[1], STDOUT_FILENO) == -1)
fatal("ssh_askpass: dup2: %s", strerror(errno));
execlp(askpass, askpass, msg, (char *)NULL);
fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno));
buf[len] = '\0';
close(p[0]);
- while ((ret = waitpid(pid, &status, 0)) < 0)
+ while ((ret = waitpid(pid, &status, 0)) == -1)
if (errno != EINTR)
break;
signal(SIGCHLD, osigchld);
-/* $OpenBSD: scp.c,v 1.204 2019/02/10 11:15:52 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.205 2019/06/28 13:35:04 deraadt Exp $ */
/*
* scp - secure remote copy. This is basically patched BSD rcp which
* uses ssh to do the data transfer (instead of using rcmd).
* Reserve two descriptors so that the real pipes won't get
* descriptors 0 and 1 because that will screw up dup2 below.
*/
- if (pipe(reserved) < 0)
+ if (pipe(reserved) == -1)
fatal("pipe: %s", strerror(errno));
/* Create a socket pair for communicating with ssh. */
- if (pipe(pin) < 0)
+ if (pipe(pin) == -1)
fatal("pipe: %s", strerror(errno));
- if (pipe(pout) < 0)
+ if (pipe(pout) == -1)
fatal("pipe: %s", strerror(errno));
/* Free the reserved descriptors. */
len = strlen(name);
while (len > 1 && name[len-1] == '/')
name[--len] = '\0';
- if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) < 0)
+ if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) == -1)
goto syserr;
if (strchr(name, '\n') != NULL) {
strnvis(encname, name, sizeof(encname), VIS_NL);
name = encname;
}
- if (fstat(fd, &stb) < 0) {
+ if (fstat(fd, &stb) == -1) {
syserr: run_err("%s: %s", name, strerror(errno));
goto next;
}
unset_nonblock(remout);
if (fd != -1) {
- if (close(fd) < 0 && !haderr)
+ if (close(fd) == -1 && !haderr)
haderr = errno;
fd = -1;
}
/* Handle copying from a read-only
directory */
mod_flag = 1;
- if (mkdir(np, mode | S_IRWXU) < 0)
+ if (mkdir(np, mode | S_IRWXU) == -1)
goto bad;
}
vect[0] = xstrdup(np);
sink(1, vect, src);
if (setimes) {
setimes = 0;
- if (utimes(vect[0], tv) < 0)
+ if (utimes(vect[0], tv) == -1)
run_err("%s: set times: %s",
vect[0], strerror(errno));
}
}
omode = mode;
mode |= S_IWUSR;
- if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) {
+ if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) == -1) {
bad: run_err("%s: %s", np, strerror(errno));
continue;
}
stop_progress_meter();
if (setimes && wrerr == NO) {
setimes = 0;
- if (utimes(np, tv) < 0) {
+ if (utimes(np, tv) == -1) {
run_err("%s: set times: %s",
np, strerror(errno));
wrerr = DISPLAYED;
#ifdef HAVE_STRUCT_STAT_ST_BLKSIZE
struct stat stb;
- if (fstat(fd, &stb) < 0) {
+ if (fstat(fd, &stb) == -1) {
run_err("fstat: %s", strerror(errno));
return (0);
}
-/* $OpenBSD: serverloop.c,v 1.215 2019/03/27 09:29:14 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.216 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
static void
notify_setup(void)
{
- if (pipe(notify_pipe) < 0) {
+ if (pipe(notify_pipe) == -1) {
error("pipe(notify_pipe) failed %s", strerror(errno));
} else if ((fcntl(notify_pipe[0], F_SETFD, FD_CLOEXEC) == -1) ||
(fcntl(notify_pipe[1], F_SETFD, FD_CLOEXEC) == -1)) {
verbose("Connection closed by %.100s port %d",
ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
return -1;
- } else if (len < 0) {
+ } else if (len == -1) {
if (errno != EINTR && errno != EAGAIN &&
errno != EWOULDBLOCK) {
verbose("Read error from remote host "
if (child_terminated) {
debug("Received SIGCHLD.");
while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
- (pid < 0 && errno == EINTR))
+ (pid == -1 && errno == EINTR))
if (pid > 0)
session_close_by_pid(ssh, pid, status);
child_terminated = 0;
-/* $OpenBSD: session.c,v 1.315 2019/02/22 03:37:11 djm Exp $ */
+/* $OpenBSD: session.c,v 1.316 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
fatal("do_exec_no_pty: no session");
/* Allocate pipes for communicating with the program. */
- if (pipe(pin) < 0) {
+ if (pipe(pin) == -1) {
error("%s: pipe in: %.100s", __func__, strerror(errno));
return -1;
}
- if (pipe(pout) < 0) {
+ if (pipe(pout) == -1) {
error("%s: pipe out: %.100s", __func__, strerror(errno));
close(pin[0]);
close(pin[1]);
return -1;
}
- if (pipe(perr) < 0) {
+ if (pipe(perr) == -1) {
error("%s: pipe err: %.100s", __func__,
strerror(errno));
close(pin[0]);
fatal("do_exec_no_pty: no session");
/* Uses socket pairs to communicate with the program. */
- if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0) {
+ if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) == -1) {
error("%s: socketpair #1: %.100s", __func__, strerror(errno));
return -1;
}
- if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) {
+ if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) == -1) {
error("%s: socketpair #2: %.100s", __func__,
strerror(errno));
close(inout[0]);
* Create a new session and process group since the 4.4BSD
* setlogin() affects the entire process group.
*/
- if (setsid() < 0)
+ if (setsid() == -1)
error("setsid failed: %.100s", strerror(errno));
#ifdef USE_PIPES
* pair, and make the child side the standard input.
*/
close(pin[1]);
- if (dup2(pin[0], 0) < 0)
+ if (dup2(pin[0], 0) == -1)
perror("dup2 stdin");
close(pin[0]);
/* Redirect stdout. */
close(pout[0]);
- if (dup2(pout[1], 1) < 0)
+ if (dup2(pout[1], 1) == -1)
perror("dup2 stdout");
close(pout[1]);
/* Redirect stderr. */
close(perr[0]);
- if (dup2(perr[1], 2) < 0)
+ if (dup2(perr[1], 2) == -1)
perror("dup2 stderr");
close(perr[1]);
#else
*/
close(inout[1]);
close(err[1]);
- if (dup2(inout[0], 0) < 0) /* stdin */
+ if (dup2(inout[0], 0) == -1) /* stdin */
perror("dup2 stdin");
- if (dup2(inout[0], 1) < 0) /* stdout (same as stdin) */
+ if (dup2(inout[0], 1) == -1) /* stdout (same as stdin) */
perror("dup2 stdout");
close(inout[0]);
- if (dup2(err[0], 2) < 0) /* stderr */
+ if (dup2(err[0], 2) == -1) /* stderr */
perror("dup2 stderr");
close(err[0]);
#endif
* Do this before forking (and cleanup in the child) so as to
* detect and gracefully fail out-of-fd conditions.
*/
- if ((fdout = dup(ptyfd)) < 0) {
+ if ((fdout = dup(ptyfd)) == -1) {
error("%s: dup #1: %s", __func__, strerror(errno));
close(ttyfd);
close(ptyfd);
return -1;
}
/* we keep a reference to the pty master */
- if ((ptymaster = dup(ptyfd)) < 0) {
+ if ((ptymaster = dup(ptyfd)) == -1) {
error("%s: dup #2: %s", __func__, strerror(errno));
close(ttyfd);
close(ptyfd);
pty_make_controlling_tty(&ttyfd, s->tty);
/* Redirect stdin/stdout/stderr from the pseudo tty. */
- if (dup2(ttyfd, 0) < 0)
+ if (dup2(ttyfd, 0) == -1)
error("dup2 stdin: %s", strerror(errno));
- if (dup2(ttyfd, 1) < 0)
+ if (dup2(ttyfd, 1) == -1)
error("dup2 stdout: %s", strerror(errno));
- if (dup2(ttyfd, 2) < 0)
+ if (dup2(ttyfd, 2) == -1)
error("dup2 stderr: %s", strerror(errno));
/* Close the extra descriptor for the pseudo tty. */
fromlen = sizeof(from);
if (ssh_packet_connection_is_on_socket(ssh)) {
if (getpeername(ssh_packet_get_connection_in(ssh),
- (struct sockaddr *)&from, &fromlen) < 0) {
+ (struct sockaddr *)&from, &fromlen) == -1) {
debug("getpeername: %.100s", strerror(errno));
cleanup_exit(255);
}
#endif
/* Change current directory to the user's home directory. */
- if (chdir(pw->pw_dir) < 0) {
+ if (chdir(pw->pw_dir) == -1) {
/* Suppress missing homedir warning for chroot case */
#ifdef HAVE_LOGIN_CAP
r = login_getcapbool(lc, "requirehome", 0);
s->is_subsystem = SUBSYSTEM_INT_SFTP;
debug("subsystem: %s", prog);
} else {
- if (stat(prog, &st) < 0)
+ if (stat(prog, &st) == -1)
debug("subsystem: cannot stat %s: %s",
prog, strerror(errno));
s->is_subsystem = SUBSYSTEM_EXT;
(r = sshpkt_get_end(ssh)) != 0)
sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
- if (s->ptymaster == -1 || tcsendbreak(s->ptymaster, 0) < 0)
+ if (s->ptymaster == -1 || tcsendbreak(s->ptymaster, 0) == -1)
return 0;
return 1;
}
* the pty cleanup, so that another process doesn't get this pty
* while we're still cleaning up.
*/
- if (s->ptymaster != -1 && close(s->ptymaster) < 0)
+ if (s->ptymaster != -1 && close(s->ptymaster) == -1)
error("close(s->ptymaster/%d): %s",
s->ptymaster, strerror(errno));
}
/* Set up a suitable value for the DISPLAY variable. */
- if (gethostname(hostname, sizeof(hostname)) < 0)
+ if (gethostname(hostname, sizeof(hostname)) == -1)
fatal("gethostname: %.100s", strerror(errno));
/*
* auth_display must be used as the displayname when the
-/* $OpenBSD: sftp-server.c,v 1.115 2019/06/06 05:13:13 otto Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.116 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
*
status = SSH2_FX_PERMISSION_DENIED;
} else {
fd = open(name, flags, mode);
- if (fd < 0) {
+ if (fd == -1) {
status = errno_to_portable(errno);
} else {
handle = handle_new(HANDLE_FILE, name, fd, flags, NULL);
}
fd = handle_to_fd(handle);
if (fd >= 0) {
- if (lseek(fd, off, SEEK_SET) < 0) {
+ if (lseek(fd, off, SEEK_SET) == -1) {
error("process_read: seek failed");
status = errno_to_portable(errno);
} else {
ret = read(fd, buf, len);
- if (ret < 0) {
+ if (ret == -1) {
status = errno_to_portable(errno);
} else if (ret == 0) {
status = SSH2_FX_EOF;
status = SSH2_FX_FAILURE;
else {
if (!(handle_to_flags(handle) & O_APPEND) &&
- lseek(fd, off, SEEK_SET) < 0) {
+ lseek(fd, off, SEEK_SET) == -1) {
status = errno_to_portable(errno);
error("process_write: seek failed");
} else {
/* XXX ATOMICIO ? */
ret = write(fd, data, len);
- if (ret < 0) {
+ if (ret == -1) {
error("process_write: write failed");
status = errno_to_portable(errno);
} else if ((size_t)ret == len) {
debug3("request %u: %sstat", id, do_lstat ? "l" : "");
verbose("%sstat name \"%s\"", do_lstat ? "l" : "", name);
r = do_lstat ? lstat(name, &st) : stat(name, &st);
- if (r < 0) {
+ if (r == -1) {
status = errno_to_portable(errno);
} else {
stat_to_attrib(&st, &a);
fd = handle_to_fd(handle);
if (fd >= 0) {
r = fstat(fd, &st);
- if (r < 0) {
+ if (r == -1) {
status = errno_to_portable(errno);
} else {
stat_to_attrib(&st, &a);
/* XXX OVERFLOW ? */
snprintf(pathname, sizeof pathname, "%s%s%s", path,
strcmp(path, "/") ? "/" : "", dp->d_name);
- if (lstat(pathname, &st) < 0)
+ if (lstat(pathname, &st) == -1)
continue;
stat_to_attrib(&st, &(stats[count].attrib));
stats[count].name = xstrdup(dp->d_name);
if (olen > 0)
FD_SET(out, wset);
- if (select(max+1, rset, wset, NULL, NULL) < 0) {
+ if (select(max+1, rset, wset, NULL, NULL) == -1) {
if (errno == EINTR)
continue;
error("select: %s", strerror(errno));
if (len == 0) {
debug("read eof");
sftp_server_cleanup_exit(0);
- } else if (len < 0) {
+ } else if (len == -1) {
error("read: %s", strerror(errno));
sftp_server_cleanup_exit(1);
} else if ((r = sshbuf_put(iqueue, buf, len)) != 0) {
/* send oqueue to stdout */
if (FD_ISSET(out, wset)) {
len = write(out, sshbuf_ptr(oqueue), olen);
- if (len < 0) {
+ if (len == -1) {
error("write: %s", strerror(errno));
sftp_server_cleanup_exit(1);
} else if ((r = sshbuf_consume(oqueue, len)) != 0) {
-/* $OpenBSD: ssh-add.c,v 1.139 2019/06/06 05:13:13 otto Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.140 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
if (strcmp(filename, "-") == 0) {
fd = STDIN_FILENO;
filename = "(stdin)";
- } else if ((fd = open(filename, O_RDONLY)) < 0) {
+ } else if ((fd = open(filename, O_RDONLY)) == -1) {
perror(filename);
return -1;
}
for (i = 0; default_files[i]; i++) {
snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir,
default_files[i]);
- if (stat(buf, &st) < 0)
+ if (stat(buf, &st) == -1)
continue;
if (do_file(agent_fd, deleting, key_only, buf,
qflag) == -1)
-/* $OpenBSD: ssh-agent.c,v 1.236 2019/06/21 04:21:04 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.237 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
slen = sizeof(sunaddr);
fd = accept(sockets[socknum].fd, (struct sockaddr *)&sunaddr, &slen);
- if (fd < 0) {
+ if (fd == -1) {
error("accept from AUTH_SOCKET: %s", strerror(errno));
return -1;
}
- if (getpeereid(fd, &euid, &egid) < 0) {
+ if (getpeereid(fd, &euid, &egid) == -1) {
error("getpeereid %d failed: %s", fd, strerror(errno));
close(fd);
return -1;
#ifdef HAVE_SETRLIMIT
/* deny core dumps, since memory contains unencrypted private keys */
rlim.rlim_cur = rlim.rlim_max = 0;
- if (setrlimit(RLIMIT_CORE, &rlim) < 0) {
+ if (setrlimit(RLIMIT_CORE, &rlim) == -1) {
error("setrlimit RLIMIT_CORE: %s", strerror(errno));
cleanup_exit(1);
}
if (parent_alive_interval != 0)
check_parent_exists();
(void) reaper(); /* remove expired keys */
- if (result < 0) {
+ if (result == -1) {
if (saved_errno == EINTR)
continue;
fatal("poll: %s", strerror(saved_errno));
-/* $OpenBSD: ssh-keygen.c,v 1.332 2019/06/21 04:21:04 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.333 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
- if (stat(identity_file, &st) < 0)
+ if (stat(identity_file, &st) == -1)
fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
if ((r = sshkey_load_public(identity_file, &k, NULL)) != 0)
k = load_identity(identity_file);
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
- if (stat(identity_file, &st) < 0)
+ if (stat(identity_file, &st) == -1)
fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
switch (convert_format) {
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
- if (stat(identity_file, &st) < 0)
+ if (stat(identity_file, &st) == -1)
fatal("%s: %s", identity_file, strerror(errno));
prv = load_identity(identity_file);
if ((r = sshkey_write(prv, stdout)) != 0)
struct sshkey *public = NULL;
int r;
- if (stat(identity_file, &st) < 0)
+ if (stat(identity_file, &st) == -1)
fatal("%s: %s", path, strerror(errno));
if ((r = sshkey_load_public(path, &public, &comment)) != 0) {
debug("load public \"%s\": %s", path, ssh_err(r));
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
- if (stat(identity_file, &st) < 0)
+ if (stat(identity_file, &st) == -1)
fatal("%s: %s", identity_file, strerror(errno));
/* Try to load the file with empty passphrase. */
r = sshkey_load_private(identity_file, "", &private, &comment);
if (fname == NULL)
fatal("%s: no filename", __func__);
- if (stat(fname, &st) < 0) {
+ if (stat(fname, &st) == -1) {
if (errno == ENOENT)
return 0;
fatal("%s: %s", fname, strerror(errno));
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
- if (stat(identity_file, &st) < 0)
+ if (stat(identity_file, &st) == -1)
fatal("%s: %s", identity_file, strerror(errno));
if ((r = sshkey_load_private(identity_file, "",
&private, &comment)) == 0)
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
- if (strcmp(identity_file, "-") != 0 && stat(identity_file, &st) < 0)
+ if (strcmp(identity_file, "-") != 0 && stat(identity_file, &st) == -1)
fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
path = identity_file;
pw = getpwuid(getuid());
if (!pw)
fatal("No user exists for uid %lu", (u_long)getuid());
- if (gethostname(hostname, sizeof(hostname)) < 0)
+ if (gethostname(hostname, sizeof(hostname)) == -1)
fatal("gethostname: %s", strerror(errno));
/* Remaining characters: Ydw */
snprintf(dotsshdir, sizeof dotsshdir, "%s/%s",
pw->pw_dir, _PATH_SSH_USER_DIR);
if (strstr(identity_file, dotsshdir) != NULL) {
- if (stat(dotsshdir, &st) < 0) {
+ if (stat(dotsshdir, &st) == -1) {
if (errno != ENOENT) {
error("Could not stat %s: %s", dotsshdir,
strerror(errno));
- } else if (mkdir(dotsshdir, 0700) < 0) {
+ } else if (mkdir(dotsshdir, 0700) == -1) {
error("Could not create directory '%s': %s",
dotsshdir, strerror(errno));
} else if (!quiet)
-/* $OpenBSD: ssh-keyscan.c,v 1.127 2019/06/06 05:13:13 otto Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.128 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
*
#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE)
struct rlimit rlfd;
- if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0)
+ if (getrlimit(RLIMIT_NOFILE, &rlfd) == -1)
return (-1);
if ((hard ? rlfd.rlim_max : rlfd.rlim_cur) == RLIM_INFINITY)
return SSH_SYSFDMAX;
if (lim <= 0)
return (-1);
#if defined(HAVE_SETRLIMIT) && defined(RLIMIT_NOFILE)
- if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0)
+ if (getrlimit(RLIMIT_NOFILE, &rlfd) == -1)
return (-1);
rlfd.rlim_cur = lim;
- if (setrlimit(RLIMIT_NOFILE, &rlfd) < 0)
+ if (setrlimit(RLIMIT_NOFILE, &rlfd) == -1)
return (-1);
#elif defined (HAVE_SETDTABLESIZE)
setdtablesize(lim);
}
for (ai = aitop; ai; ai = ai->ai_next) {
s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (s < 0) {
+ if (s == -1) {
error("socket: %s", strerror(errno));
continue;
}
if (set_nonblock(s) == -1)
fatal("%s: set_nonblock(%d)", __func__, s);
- if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0 &&
+ if (connect(s, ai->ai_addr, ai->ai_addrlen) == -1 &&
errno != EINPROGRESS)
error("connect (`%s'): %s", host, strerror(errno));
else
-/* $OpenBSD: ssh.c,v 1.504 2019/06/14 04:13:58 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.505 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
break;
case 'i':
p = tilde_expand_filename(optarg, getuid());
- if (stat(p, &st) < 0)
+ if (stat(p, &st) == -1)
fprintf(stderr, "Warning: Identity file %s "
"not accessible: %s.\n", p,
strerror(errno));
if (config == NULL) {
r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
- if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
+ if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) == -1) {
#ifdef WITH_SELINUX
ssh_selinux_setfscreatecon(buf);
#endif
control_persist_detach();
debug("forking to background");
fork_after_authentication_flag = 0;
- if (daemon(1, 1) < 0)
+ if (daemon(1, 1) == -1)
fatal("daemon() failed: %.200s", strerror(errno));
}
debug3("%s: %s:%d", __func__, options.stdio_forward_host,
options.stdio_forward_port);
- if ((in = dup(STDIN_FILENO)) < 0 ||
- (out = dup(STDOUT_FILENO)) < 0)
+ if ((in = dup(STDIN_FILENO)) == -1 ||
+ (out = dup(STDOUT_FILENO)) == -1)
fatal("channel_connect_stdio_fwd: dup() in/out failed");
if ((c = channel_connect_stdio_fwd(ssh, options.stdio_forward_host,
options.stdio_forward_port, in, out)) == NULL)
out = dup(STDOUT_FILENO);
err = dup(STDERR_FILENO);
- if (in < 0 || out < 0 || err < 0)
+ if (in == -1 || out == -1 || err == -1)
fatal("dup() in/out/err failed");
/* enable nonblocking unless tty */
if ((devnull = open(_PATH_DEVNULL, O_WRONLY)) == -1)
error("%s: open %s: %s", __func__,
_PATH_DEVNULL, strerror(errno));
- if (dup2(devnull, STDOUT_FILENO) < 0)
+ if (dup2(devnull, STDOUT_FILENO) == -1)
fatal("%s: dup2() stdout failed", __func__);
if (devnull > STDERR_FILENO)
close(devnull);
int status;
while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
- (pid < 0 && errno == EINTR))
+ (pid == -1 && errno == EINTR))
;
errno = save_errno;
}
-/* $OpenBSD: sshconnect.c,v 1.316 2019/06/21 04:21:04 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.317 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
if ((shell = getenv("SHELL")) == NULL)
shell = _PATH_BSHELL;
- if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) < 0)
+ if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) == -1)
fatal("Could not create socketpair to communicate with "
"proxy dialer: %.100s", strerror(errno));
close(sp[1]);
/* Redirect stdin and stdout. */
if (sp[0] != 0) {
- if (dup2(sp[0], 0) < 0)
+ if (dup2(sp[0], 0) == -1)
perror("dup2 stdin");
}
if (sp[0] != 1) {
- if (dup2(sp[0], 1) < 0)
+ if (dup2(sp[0], 1) == -1)
perror("dup2 stdout");
}
if (sp[0] >= 2)
exit(1);
}
/* Parent. */
- if (pid < 0)
+ if (pid == -1)
fatal("fork failed: %.100s", strerror(errno));
close(sp[0]);
free(command_string);
shell = _PATH_BSHELL;
/* Create pipes for communicating with the proxy. */
- if (pipe(pin) < 0 || pipe(pout) < 0)
+ if (pipe(pin) == -1 || pipe(pout) == -1)
fatal("Could not create pipes to communicate with the proxy: %.100s",
strerror(errno));
/* Redirect stdin and stdout. */
close(pin[1]);
if (pin[0] != 0) {
- if (dup2(pin[0], 0) < 0)
+ if (dup2(pin[0], 0) == -1)
perror("dup2 stdin");
close(pin[0]);
}
close(pout[0]);
- if (dup2(pout[1], 1) < 0)
+ if (dup2(pout[1], 1) == -1)
perror("dup2 stdout");
/* Cannot be 1 because pin allocated two descriptors. */
close(pout[1]);
exit(1);
}
/* Parent. */
- if (pid < 0)
+ if (pid == -1)
fatal("fork failed: %.100s", strerror(errno));
else
proxy_command_pid = pid; /* save pid to clean up later */
char ntop[NI_MAXHOST];
sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (sock < 0) {
+ if (sock == -1) {
error("socket: %s", strerror(errno));
return -1;
}
/* Set SO_KEEPALIVE if requested. */
if (want_keepalive &&
setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on,
- sizeof(on)) < 0)
+ sizeof(on)) == -1)
error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
/* Set the connection. */
return ssh_connect_direct(ssh, host, addrs, hostaddr, port,
family, connection_attempts, timeout_ms, want_keepalive);
} else if (strcmp(options.proxy_command, "-") == 0) {
- if ((in = dup(STDIN_FILENO)) < 0 ||
- (out = dup(STDOUT_FILENO)) < 0) {
+ if ((in = dup(STDIN_FILENO)) == -1 ||
+ (out = dup(STDOUT_FILENO)) == -1) {
if (in >= 0)
close(in);
error("%s: dup() in/out failed", __func__);
-/* $OpenBSD: sshconnect2.c,v 1.305 2019/05/31 03:20:07 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.306 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
int r, perm_ok = 0, quit = 0, i;
struct stat st;
- if (stat(id->filename, &st) < 0) {
+ if (stat(id->filename, &st) == -1) {
(id->userprovided ? logit : debug3)("no such identity: %s: %s",
id->filename, strerror(errno));
return NULL;
*sigp = NULL;
*lenp = 0;
- if (stat(_PATH_SSH_KEY_SIGN, &st) < 0) {
+ if (stat(_PATH_SSH_KEY_SIGN, &st) == -1) {
error("%s: not installed: %s", __func__, strerror(errno));
return -1;
}
error("%s: fflush: %s", __func__, strerror(errno));
return -1;
}
- if (pipe(to) < 0) {
+ if (pipe(to) == -1) {
error("%s: pipe: %s", __func__, strerror(errno));
return -1;
}
- if (pipe(from) < 0) {
+ if (pipe(from) == -1) {
error("%s: pipe: %s", __func__, strerror(errno));
return -1;
}
- if ((pid = fork()) < 0) {
+ if ((pid = fork()) == -1) {
error("%s: fork: %s", __func__, strerror(errno));
return -1;
}
osigchld = signal(SIGCHLD, SIG_DFL);
if (pid == 0) {
close(from[0]);
- if (dup2(from[1], STDOUT_FILENO) < 0)
+ if (dup2(from[1], STDOUT_FILENO) == -1)
fatal("%s: dup2: %s", __func__, strerror(errno));
close(to[1]);
- if (dup2(to[0], STDIN_FILENO) < 0)
+ if (dup2(to[0], STDIN_FILENO) == -1)
fatal("%s: dup2: %s", __func__, strerror(errno));
close(from[1]);
close(to[0]);
- if (dup2(sock, STDERR_FILENO + 1) < 0)
+ if (dup2(sock, STDERR_FILENO + 1) == -1)
fatal("%s: dup2: %s", __func__, strerror(errno));
sock = STDERR_FILENO + 1;
fcntl(sock, F_SETFD, 0); /* keep the socket on exec */
}
errno = 0;
- while (waitpid(pid, &status, 0) < 0) {
+ while (waitpid(pid, &status, 0) == -1) {
if (errno != EINTR) {
error("%s: waitpid %ld: %s",
__func__, (long)pid, strerror(errno));
-/* $OpenBSD: sshd.c,v 1.536 2019/06/21 04:21:05 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.537 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
int status;
while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
- (pid < 0 && errno == EINTR))
+ (pid == -1 && errno == EINTR))
;
errno = save_errno;
}
debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
(u_int)privsep_pw->pw_gid);
gidset[0] = privsep_pw->pw_gid;
- if (setgroups(1, gidset) < 0)
+ if (setgroups(1, gidset) == -1)
fatal("setgroups: %.100s", strerror(errno));
permanently_set_uid(privsep_pw);
}
monitor_child_preauth(ssh, pmonitor);
/* Wait for the child's exit status */
- while (waitpid(pid, &status, 0) < 0) {
+ while (waitpid(pid, &status, 0) == -1) {
if (errno == EINTR)
continue;
pmonitor->m_pid = -1;
/* Create socket for listening. */
listen_sock = socket(ai->ai_family, ai->ai_socktype,
ai->ai_protocol);
- if (listen_sock < 0) {
+ if (listen_sock == -1) {
/* kernel may not support ipv6 */
verbose("socket: %.100s", strerror(errno));
continue;
debug("Bind to port %s on %s.", strport, ntop);
/* Bind the socket to the desired port. */
- if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) < 0) {
+ if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) == -1) {
error("Bind to port %s on %s failed: %.200s.",
strport, ntop, strerror(errno));
close(listen_sock);
num_listen_socks++;
/* Start listening on the port. */
- if (listen(listen_sock, SSH_LISTEN_BACKLOG) < 0)
+ if (listen(listen_sock, SSH_LISTEN_BACKLOG) == -1)
fatal("listen on [%s]:%s: %.100s",
ntop, strport, strerror(errno));
logit("Server listening on %s port %s%s%s.",
/* Wait in select until there is a connection. */
ret = select(maxfd+1, fdset, NULL, NULL, NULL);
- if (ret < 0 && errno != EINTR)
+ if (ret == -1 && errno != EINTR)
error("select: %.100s", strerror(errno));
if (received_sigterm) {
logit("Received signal %d; terminating.",
unlink(options.pid_file);
exit(received_sigterm == SIGTERM ? 0 : 255);
}
- if (ret < 0)
+ if (ret == -1)
continue;
for (i = 0; i < options.max_startups; i++) {
fromlen = sizeof(from);
*newsock = accept(listen_socks[i],
(struct sockaddr *)&from, &fromlen);
- if (*newsock < 0) {
+ if (*newsock == -1) {
if (errno != EINTR && errno != EWOULDBLOCK &&
errno != ECONNABORTED && errno != EAGAIN)
error("accept: %.100s",
/* Parent. Stay in the loop. */
platform_post_fork_parent(pid);
- if (pid < 0)
+ if (pid == -1)
error("fork: %.100s", strerror(errno));
else
debug("Forked child %ld.", (long)pid);
memset(&from, 0, sizeof(from));
if (getpeername(sock_in, (struct sockaddr *)&from,
- &fromlen) < 0)
+ &fromlen) == -1)
return;
if (from.ss_family != AF_INET)
return;
already_daemon = daemonized();
if (!(debug_flag || inetd_flag || no_daemon_flag || already_daemon)) {
- if (daemon(0, 0) < 0)
+ if (daemon(0, 0) == -1)
fatal("daemon() failed: %.200s", strerror(errno));
disconnect_controlling_tty();
* controlling terminal which will result in "could not set
* controlling tty" errors.
*/
- if (!debug_flag && !inetd_flag && setsid() < 0)
+ if (!debug_flag && !inetd_flag && setsid() == -1)
error("setsid: %.100s", strerror(errno));
#endif
/* Set SO_KEEPALIVE if requested. */
if (options.tcp_keep_alive && ssh_packet_connection_is_on_socket(ssh) &&
- setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0)
+ setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) == -1)
error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
if ((remote_port = ssh_remote_port(ssh)) < 0) {
-/* $OpenBSD: sshkey-xmss.c,v 1.4 2019/06/27 18:03:37 deraadt Exp $ */
+/* $OpenBSD: sshkey-xmss.c,v 1.5 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Copyright (c) 2017 Markus Friedl. All rights reserved.
*
ret = SSH_ERR_ALLOC_FAIL;
goto done;
}
- if ((lockfd = open(lockfile, O_CREAT|O_RDONLY, 0600)) < 0) {
+ if ((lockfd = open(lockfile, O_CREAT|O_RDONLY, 0600)) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: cannot open/create: %s", __func__, lockfile);
goto done;
}
- while (flock(lockfd, LOCK_EX|LOCK_NB) < 0) {
+ while (flock(lockfd, LOCK_EX|LOCK_NB) == -1) {
if (errno != EWOULDBLOCK) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: cannot lock: %s", __func__, lockfile);
PRINT("%s: ENCRYPT FAILED: %d", __func__, ret);
goto done;
}
- if ((fd = open(nstatefile, O_CREAT|O_WRONLY|O_EXCL, 0600)) < 0) {
+ if ((fd = open(nstatefile, O_CREAT|O_WRONLY|O_EXCL, 0600)) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: open new state file: %s", __func__, nstatefile);
goto done;
close(fd);
goto done;
}
- if (fsync(fd) < 0) {
+ if (fsync(fd) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: sync new state file: %s", __func__, nstatefile);
close(fd);
goto done;
}
- if (close(fd) < 0) {
+ if (close(fd) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: close new state file: %s", __func__, nstatefile);
goto done;
goto done;
}
}
- if (rename(nstatefile, statefile) < 0) {
+ if (rename(nstatefile, statefile) == -1) {
ret = SSH_ERR_SYSTEM_ERROR;
PRINT("%s: rename %s to %s", __func__, nstatefile, statefile);
goto done;
-/* $OpenBSD: sshlogin.c,v 1.33 2018/07/09 21:26:02 markus Exp $ */
+/* $OpenBSD: sshlogin.c,v 1.34 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
-/* $OpenBSD: sshpty.c,v 1.31 2016/11/29 03:54:50 dtucker Exp $ */
+/* $OpenBSD: sshpty.c,v 1.32 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
int i;
i = openpty(ptyfd, ttyfd, NULL, NULL, NULL);
- if (i < 0) {
+ if (i == -1) {
error("openpty: %.100s", strerror(errno));
return 0;
}
pty_release(const char *tty)
{
#if !defined(__APPLE_PRIVPTY__) && !defined(HAVE_OPENPTY)
- if (chown(tty, (uid_t) 0, (gid_t) 0) < 0)
+ if (chown(tty, (uid_t) 0, (gid_t) 0) == -1)
error("chown %.100s 0 0 failed: %.100s", tty, strerror(errno));
- if (chmod(tty, (mode_t) 0666) < 0)
+ if (chmod(tty, (mode_t) 0666) == -1)
error("chmod %.100s 0666 failed: %.100s", tty, strerror(errno));
#endif /* !__APPLE_PRIVPTY__ && !HAVE_OPENPTY */
}
close(fd);
}
#endif /* TIOCNOTTY */
- if (setsid() < 0)
+ if (setsid() == -1)
error("setsid: %.100s", strerror(errno));
/*
error("SETPGRP %s",strerror(errno));
#endif /* NEED_SETPGRP */
fd = open(tty, O_RDWR);
- if (fd < 0)
+ if (fd == -1)
error("%.100s: %.100s", tty, strerror(errno));
else
close(fd);
/* Verify that we now have a controlling tty. */
fd = open(_PATH_TTY, O_WRONLY);
- if (fd < 0)
+ if (fd == -1)
error("open /dev/tty failed - could not set controlling tty: %.100s",
strerror(errno));
else
#endif
if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
- if (chown(tty, pw->pw_uid, gid) < 0) {
+ if (chown(tty, pw->pw_uid, gid) == -1) {
if (errno == EROFS &&
(st.st_uid == pw->pw_uid || st.st_uid == 0))
debug("chown(%.100s, %u, %u) failed: %.100s",
}
if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) {
- if (chmod(tty, mode) < 0) {
+ if (chmod(tty, mode) == -1) {
if (errno == EROFS &&
(st.st_mode & (S_IRGRP | S_IROTH)) == 0)
debug("chmod(%.100s, 0%o) failed: %.100s",
-/* $OpenBSD: uidswap.c,v 1.41 2018/07/18 11:34:04 dtucker Exp $ */
+/* $OpenBSD: uidswap.c,v 1.42 2019/06/28 13:35:04 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
temporarily_use_uid_effective = 1;
saved_egroupslen = getgroups(0, NULL);
- if (saved_egroupslen < 0)
+ if (saved_egroupslen == -1)
fatal("getgroups: %.100s", strerror(errno));
if (saved_egroupslen > 0) {
saved_egroups = xreallocarray(saved_egroups,
saved_egroupslen, sizeof(gid_t));
- if (getgroups(saved_egroupslen, saved_egroups) < 0)
+ if (getgroups(saved_egroupslen, saved_egroups) == -1)
fatal("getgroups: %.100s", strerror(errno));
} else { /* saved_egroupslen == 0 */
free(saved_egroups);
/* set and save the user's groups */
if (user_groupslen == -1 || user_groups_uid != pw->pw_uid) {
- if (initgroups(pw->pw_name, pw->pw_gid) < 0)
+ if (initgroups(pw->pw_name, pw->pw_gid) == -1)
fatal("initgroups: %s: %.100s", pw->pw_name,
strerror(errno));
user_groupslen = getgroups(0, NULL);
- if (user_groupslen < 0)
+ if (user_groupslen == -1)
fatal("getgroups: %.100s", strerror(errno));
if (user_groupslen > 0) {
user_groups = xreallocarray(user_groups,
user_groupslen, sizeof(gid_t));
- if (getgroups(user_groupslen, user_groups) < 0)
+ if (getgroups(user_groupslen, user_groups) == -1)
fatal("getgroups: %.100s", strerror(errno));
} else { /* user_groupslen == 0 */
free(user_groups);
user_groups_uid = pw->pw_uid;
}
/* Set the effective uid to the given (unprivileged) uid. */
- if (setgroups(user_groupslen, user_groups) < 0)
+ if (setgroups(user_groupslen, user_groups) == -1)
fatal("setgroups: %.100s", strerror(errno));
#ifndef SAVED_IDS_WORK_WITH_SETEUID
/* Propagate the privileged gid to all of our gids. */
- if (setgid(getegid()) < 0)
+ if (setgid(getegid()) == -1)
debug("setgid %u: %.100s", (u_int) getegid(), strerror(errno));
/* Propagate the privileged uid to all of our uids. */
- if (setuid(geteuid()) < 0)
+ if (setuid(geteuid()) == -1)
debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno));
#endif /* SAVED_IDS_WORK_WITH_SETEUID */
- if (setegid(pw->pw_gid) < 0)
+ if (setegid(pw->pw_gid) == -1)
fatal("setegid %u: %.100s", (u_int)pw->pw_gid,
strerror(errno));
if (seteuid(pw->pw_uid) == -1)
#ifdef SAVED_IDS_WORK_WITH_SETEUID
debug("restore_uid: %u/%u", (u_int)saved_euid, (u_int)saved_egid);
/* Set the effective uid back to the saved privileged uid. */
- if (seteuid(saved_euid) < 0)
+ if (seteuid(saved_euid) == -1)
fatal("seteuid %u: %.100s", (u_int)saved_euid, strerror(errno));
- if (setegid(saved_egid) < 0)
+ if (setegid(saved_egid) == -1)
fatal("setegid %u: %.100s", (u_int)saved_egid, strerror(errno));
#else /* SAVED_IDS_WORK_WITH_SETEUID */
/*
setgid(getgid());
#endif /* SAVED_IDS_WORK_WITH_SETEUID */
- if (setgroups(saved_egroupslen, saved_egroups) < 0)
+ if (setgroups(saved_egroupslen, saved_egroups) == -1)
fatal("setgroups: %.100s", strerror(errno));
temporarily_use_uid_effective = 0;
}
debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid,
(u_int)pw->pw_gid);
- if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0)
+ if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1)
fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
#ifdef __APPLE__
* OS X requires initgroups after setgid to opt back into
* memberd support for >16 supplemental groups.
*/
- if (initgroups(pw->pw_name, pw->pw_gid) < 0)
+ if (initgroups(pw->pw_name, pw->pw_gid) == -1)
fatal("initgroups %.100s %u: %.100s",
pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
#endif
- if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0)
+ if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
#ifndef NO_UID_RESTORATION_TEST
projects / thirdparty / openssh-portable.git / commitdiff
