3571e53040
patches for easier mirroring, to eliminate a special copy, to make www.freebsd.org/security a full copy of security.freebsd.org and be eventually be the same. For now files are just sitting there. The symlinks are missing. Discussed on: www (repository location) Discussed with: simon (so)
155 lines
5.1 KiB
Diff
155 lines
5.1 KiB
Diff
Index: contrib/ntp/ntpd/ntp_crypto.c
|
|
===================================================================
|
|
--- contrib/ntp/ntpd/ntp_crypto.c (revision 192562)
|
|
+++ contrib/ntp/ntpd/ntp_crypto.c (working copy)
|
|
@@ -570,7 +570,7 @@
|
|
peer->issuer = emalloc(vallen + 1);
|
|
strcpy(peer->issuer, peer->subject);
|
|
temp32 = (fstamp >> 16) & 0xffff;
|
|
- sprintf(statstr,
|
|
+ snprintf(statstr, NTP_MAXSTRLEN,
|
|
"flags 0x%x host %s signature %s", fstamp,
|
|
peer->subject, OBJ_nid2ln(temp32));
|
|
record_crypto_stats(&peer->srcadr, statstr);
|
|
@@ -636,7 +636,8 @@
|
|
}
|
|
peer->flash &= ~TEST8;
|
|
temp32 = cinfo->nid;
|
|
- sprintf(statstr, "cert %s 0x%x %s (%u) fs %u",
|
|
+ snprintf(statstr, NTP_MAXSTRLEN,
|
|
+ "cert %s 0x%x %s (%u) fs %u",
|
|
cinfo->subject, cinfo->flags,
|
|
OBJ_nid2ln(temp32), temp32,
|
|
ntohl(ep->fstamp));
|
|
@@ -685,7 +686,7 @@
|
|
peer->crypto |= CRYPTO_FLAG_VRFY |
|
|
CRYPTO_FLAG_PROV;
|
|
peer->flash &= ~TEST8;
|
|
- sprintf(statstr, "iff fs %u",
|
|
+ snprintf(statstr, NTP_MAXSTRLEN, "iff fs %u",
|
|
ntohl(ep->fstamp));
|
|
record_crypto_stats(&peer->srcadr, statstr);
|
|
#ifdef DEBUG
|
|
@@ -733,7 +734,7 @@
|
|
peer->crypto |= CRYPTO_FLAG_VRFY |
|
|
CRYPTO_FLAG_PROV;
|
|
peer->flash &= ~TEST8;
|
|
- sprintf(statstr, "gq fs %u",
|
|
+ snprintf(statstr, NTP_MAXSTRLEN, "gq fs %u",
|
|
ntohl(ep->fstamp));
|
|
record_crypto_stats(&peer->srcadr, statstr);
|
|
#ifdef DEBUG
|
|
@@ -774,7 +775,7 @@
|
|
peer->crypto |= CRYPTO_FLAG_VRFY |
|
|
CRYPTO_FLAG_PROV;
|
|
peer->flash &= ~TEST8;
|
|
- sprintf(statstr, "mv fs %u",
|
|
+ snprintf(statstr, NTP_MAXSTRLEN, "mv fs %u",
|
|
ntohl(ep->fstamp));
|
|
record_crypto_stats(&peer->srcadr, statstr);
|
|
#ifdef DEBUG
|
|
@@ -828,7 +829,7 @@
|
|
peer->crypto &= ~CRYPTO_FLAG_AUTO;
|
|
peer->crypto |= CRYPTO_FLAG_AGREE;
|
|
peer->flash &= ~TEST8;
|
|
- sprintf(statstr, "cook %x ts %u fs %u",
|
|
+ snprintf(statstr, NTP_MAXSTRLEN, "cook %x ts %u fs %u",
|
|
peer->pcookie, ntohl(ep->tstamp),
|
|
ntohl(ep->fstamp));
|
|
record_crypto_stats(&peer->srcadr, statstr);
|
|
@@ -893,7 +894,7 @@
|
|
peer->crypto &= ~CRYPTO_FLAG_AUTO;
|
|
peer->crypto |= CRYPTO_FLAG_AGREE;
|
|
peer->flash &= ~TEST8;
|
|
- sprintf(statstr, "cook %x ts %u fs %u",
|
|
+ snprintf(statstr, NTP_MAXSTRLEN, "cook %x ts %u fs %u",
|
|
peer->pcookie, ntohl(ep->tstamp),
|
|
ntohl(ep->fstamp));
|
|
record_crypto_stats(&peer->srcadr, statstr);
|
|
@@ -944,7 +945,7 @@
|
|
peer->pkeyid = bp->key;
|
|
peer->crypto |= CRYPTO_FLAG_AUTO;
|
|
peer->flash &= ~TEST8;
|
|
- sprintf(statstr,
|
|
+ snprintf(statstr, NTP_MAXSTRLEN,
|
|
"auto seq %d key %x ts %u fs %u", bp->seq,
|
|
bp->key, ntohl(ep->tstamp),
|
|
ntohl(ep->fstamp));
|
|
@@ -987,7 +988,8 @@
|
|
peer->crypto |= CRYPTO_FLAG_SIGN;
|
|
peer->flash &= ~TEST8;
|
|
temp32 = cinfo->nid;
|
|
- sprintf(statstr, "sign %s 0x%x %s (%u) fs %u",
|
|
+ snprintf(statstr, NTP_MAXSTRLEN,
|
|
+ "sign %s 0x%x %s (%u) fs %u",
|
|
cinfo->issuer, cinfo->flags,
|
|
OBJ_nid2ln(temp32), temp32,
|
|
ntohl(ep->fstamp));
|
|
@@ -1071,7 +1073,8 @@
|
|
crypto_flags |= CRYPTO_FLAG_TAI;
|
|
peer->crypto |= CRYPTO_FLAG_LEAP;
|
|
peer->flash &= ~TEST8;
|
|
- sprintf(statstr, "leap %u ts %u fs %u", vallen,
|
|
+ snprintf(statstr, NTP_MAXSTRLEN,
|
|
+ "leap %u ts %u fs %u", vallen,
|
|
ntohl(ep->tstamp), ntohl(ep->fstamp));
|
|
record_crypto_stats(&peer->srcadr, statstr);
|
|
#ifdef DEBUG
|
|
@@ -1127,7 +1130,7 @@
|
|
* cheerfully ignored, as the message is not sent.
|
|
*/
|
|
if (rval > XEVNT_TSP) {
|
|
- sprintf(statstr,
|
|
+ snprintf(statstr, NTP_MAXSTRLEN,
|
|
"error %x opcode %x ts %u fs %u", rval,
|
|
code, tstamp, fstamp);
|
|
record_crypto_stats(&peer->srcadr, statstr);
|
|
@@ -1453,7 +1456,8 @@
|
|
*/
|
|
if (rval != XEVNT_OK) {
|
|
opcode |= CRYPTO_ERROR;
|
|
- sprintf(statstr, "error %x opcode %x", rval, opcode);
|
|
+ snprintf(statstr, NTP_MAXSTRLEN,
|
|
+ "error %x opcode %x", rval, opcode);
|
|
record_crypto_stats(srcadr_sin, statstr);
|
|
report_event(rval, NULL);
|
|
#ifdef DEBUG
|
|
@@ -1952,7 +1956,8 @@
|
|
if (EVP_SignFinal(&ctx, tai_leap.sig, &len, sign_pkey))
|
|
tai_leap.siglen = htonl(len);
|
|
}
|
|
- sprintf(statstr, "update ts %u", ntohl(hostval.tstamp));
|
|
+ snprintf(statstr, NTP_MAXSTRLEN,
|
|
+ "update ts %u", ntohl(hostval.tstamp));
|
|
record_crypto_stats(NULL, statstr);
|
|
#ifdef DEBUG
|
|
if (debug)
|
|
@@ -3606,7 +3611,7 @@
|
|
*/
|
|
if ((ptr = strrchr(linkname, '\n')) != NULL)
|
|
*ptr = '\0';
|
|
- sprintf(statstr, "%s mod %d", &linkname[2],
|
|
+ snprintf(statstr, NTP_MAXSTRLEN, "%s mod %d", &linkname[2],
|
|
EVP_PKEY_size(pkey) * 8);
|
|
record_crypto_stats(NULL, statstr);
|
|
#ifdef DEBUG
|
|
@@ -3715,8 +3720,8 @@
|
|
|
|
if ((ptr = strrchr(linkname, '\n')) != NULL)
|
|
*ptr = '\0';
|
|
- sprintf(statstr, "%s 0x%x len %lu", &linkname[2], ret->flags,
|
|
- len);
|
|
+ snprintf(statstr, NTP_MAXSTRLEN,
|
|
+ "%s 0x%x len %lu", &linkname[2], ret->flags, len);
|
|
record_crypto_stats(NULL, statstr);
|
|
#ifdef DEBUG
|
|
if (debug)
|
|
@@ -3832,7 +3837,7 @@
|
|
for (j = 0; j < i; j++)
|
|
*ptr++ = htonl(leapsec[j]);
|
|
crypto_flags |= CRYPTO_FLAG_TAI;
|
|
- sprintf(statstr, "%s fs %u leap %u len %u", cp, fstamp,
|
|
+ snprintf(statstr, NTP_MAXSTRLEN, "%s fs %u leap %u len %u", cp, fstamp,
|
|
leapsec[--j], len);
|
|
record_crypto_stats(NULL, statstr);
|
|
#ifdef DEBUG
|