OpenCoverage

sshd.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssh/src/sshd.c

Switch to Source code

Preprocessed file

Line Source Count

1 -

2 -

3 -

4 -

5 -

6 -

7 -

8 -

9 -

10 -

11 -

12 -

13 -

14 -

15 -

16 -

17 -

18 -

19 -

20 -

21 -

22 -

23 -

24 -

25 -

26 -

27 -

28 -

29 -

30 -

31 -

32 -

33 -

34 -

35 -

36 -

37 -

38 -

39 -

40 extern char *__progname; -

41 -

42 -

43 ServerOptions options; -

44 -

45 -

46 char *config_file_name = "/var/tmp/openssh-test/etc" "/sshd_config"; -

47 -

48 -

49 -

50 -

51 -

52 -

53 -

54 int debug_flag = 0; -

55 -

56 -

57 -

58 -

59 -

60 -

61 -

62 int test_flag = 0; -

63 -

64 -

65 int inetd_flag = 0; -

66 -

67 -

68 int no_daemon_flag = 0; -

69 -

70 -

71 int log_stderr = 0; -

72 -

73 -

74 char **saved_argv; -

75 int saved_argc; -

76 -

77 -

78 int rexeced_flag = 0; -

79 int rexec_flag = 1; -

80 int rexec_argc = 0; -

81 char **rexec_argv; -

82 -

83 -

84 -

85 -

86 -

87 -

88 int listen_socks[16]; -

89 int num_listen_socks = 0; -

90 -

91 -

92 -

93 -

94 -

95 char *client_version_string = -

96 ((void *)0) -

97 ; -

98 char *server_version_string = -

99 ((void *)0) -

100 ; -

101 -

102 -

103 int auth_sock = -1; -

104 int have_agent = 0; -

105 struct { -

106 struct sshkey **host_keys; -

107 struct sshkey **host_pubkeys; -

108 struct sshkey **host_certificates; -

109 int have_ssh2_key; -

110 } sensitive_data; -

111 -

112 -

113 static volatile sig_atomic_t received_sighup = 0; -

114 static volatile sig_atomic_t received_sigterm = 0; -

115 -

116 -

117 u_char session_id[16]; -

118 -

119 -

120 u_char *session_id2 = -

121 ((void *)0) -

122 ; -

123 u_int session_id2_len = 0; -

124 -

125 -

126 u_int utmp_len = -

127 64 -

128 +1; -

129 -

130 -

131 int *startup_pipes = -

132 ((void *)0) -

133 ; -

134 int startup_pipe; -

135 -

136 -

137 int use_privsep = -1; -

138 struct monitor *pmonitor = -

139 ((void *)0) -

140 ; -

141 int privsep_is_preauth = 1; -

142 static int privsep_chroot = 1; -

143 -

144 -

145 Authctxt *the_authctxt = -

146 ((void *)0) -

147 ; -

148 -

149 -

150 struct sshauthopt *auth_opts = -

151 ((void *)0) -

152 ; -

153 -

154 -

155 struct sshbuf *cfg; -

156 -

157 -

158 struct sshbuf *loginmsg; -

159 -

160 -

161 struct passwd *privsep_pw = -

162 ((void *)0) -

163 ; -

164 -

165 -

166 void destroy_sensitive_data(void); -

167 void demote_sensitive_data(void); -

168 static void do_ssh2_kex(void); -

169 -

170 -

171 -

172 -

173 static void -

174 close_listen_socks(void) -

175 { -

176 int i; -

177 -

178

for (i = 0; i < num_listen_socks

i < num_listen_socks	Description
TRUE	never evaluated
FALSE	never evaluated

; i++)

179

close(listen_socks[i]);

never executed: close(listen_socks[i]);

180 num_listen_socks = -1; -

181

}

never executed: end of block

182 -

183 static void -

184 close_startup_pipes(void) -

185 { -

186 int i; -

187 -

188

if (startup_pipes

startup_pipes	Description
TRUE	never evaluated
FALSE	never evaluated

)

189

for (i = 0; i < options.max_startups

i < options.max_startups	Description
TRUE	never evaluated
FALSE	never evaluated

; i++)

190

if (startup_pipes[i] != -1

startup_pipes[i] != -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

191

close(startup_pipes[i]);

never executed: close(startup_pipes[i]);

192

}

never executed: end of block

193 static void -

194 sighup_handler(int sig) -

195 { -

196 int save_errno = -

197 (*__errno_location ()) -

198 ; -

199 -

200 received_sighup = 1; -

201 -

202 (*__errno_location ()) -

203 = save_errno; -

204

}

never executed: end of block

205 -

206 -

207 -

208 -

209 -

210 static void -

211 sighup_restart(void) -

212 { -

213 logit("Received SIGHUP; restarting."); -

214

if (options.pid_file !=

options.pid_fi...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

215

((void *)0)

options.pid_fi...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

216 ) -

217

unlink(options.pid_file);

never executed: unlink(options.pid_file);

218 platform_pre_restart(); -

219 close_listen_socks(); -

220 close_startup_pipes(); -

221 alarm(0); -

222 mysignal( -

223 1 -

224 , -

225 ((__sighandler_t) 1) -

226 ); -

227 execv(saved_argv[0], saved_argv); -

228 logit("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], -

229 strerror( -

230 (*__errno_location ()) -

231 )); -

232

exit(1);

never executed: exit(1);

233 } -

234 -

235 -

236 -

237 -

238 -

239 static void -

240 sigterm_handler(int sig) -

241 { -

242 received_sigterm = sig; -

243

}

never executed: end of block

244 -

245 -

246 -

247 -

248 -

249 -

250 static void -

251 main_sigchld_handler(int sig) -

252 { -

253 int save_errno = -

254 (*__errno_location ()) -

255 ; -

256 pid_t pid; -

257 int status; -

258 -

259

while ((

(pid = waitpid...atus, 1 )) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

pid = waitpid(-1, &status,

(pid = waitpid...atus, 1 )) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

260

(pid = waitpid...atus, 1 )) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

261

)) > 0

(pid = waitpid...atus, 1 )) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

262

(pid < 0

pid < 0	Description
TRUE	never evaluated
FALSE	never evaluated

263

(*__errno_location ()) == 4	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) == 4	Description
TRUE	never evaluated
FALSE	never evaluated

264

(*__errno_location ()) == 4	Description
TRUE	never evaluated
FALSE	never evaluated

265

(*__errno_location ()) == 4	Description
TRUE	never evaluated
FALSE	never evaluated

266 )) -

267

;

never executed: ;

268 -

269 (*__errno_location ()) -

270 = save_errno; -

271

}

never executed: end of block

272 -

273 -

274 -

275 -

276 -

277 static void -

278 grace_alarm_handler(int sig) -

279 { -

280

if (use_privsep

use_privsep	Description
TRUE	never evaluated
FALSE	never evaluated

&& pmonitor !=

pmonitor != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

281

((void *)0)

pmonitor != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

282

&& pmonitor->m_pid > 0

pmonitor->m_pid > 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

283

kill(pmonitor->m_pid,

never executed: kill(pmonitor->m_pid, 14 );

284

never executed: kill(pmonitor->m_pid, 14 );

285

);

never executed: kill(pmonitor->m_pid, 14 );

286 -

287 -

288 -

289 -

290 -

291

if (getpgid(0) == getpid()

getpgid(0) == getpid()	Description
TRUE	never evaluated
FALSE	never evaluated

) {

292 mysignal( -

293 15 -

294 , -

295 ((__sighandler_t) 1) -

296 ); -

297 kill(0, -

298 15 -

299 ); -

300

}

never executed: end of block

301 -

302 -

303 sigdie("Timeout before authentication for %s port %d", -

304 ssh_remote_ipaddr(active_state), ssh_remote_port(active_state)); -

305

}

never executed: end of block

306 -

307 static void -

308 sshd_exchange_identification(struct ssh *ssh, int sock_in, int sock_out) -

309 { -

310 u_int i; -

311 int remote_major, remote_minor; -

312 char *s; -

313 char buf[256]; -

314 char remote_version[256]; -

315 -

316 xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s\r\n", -

317 2, 0, "OpenSSH_7.8", -

318 *options.version_addendum == '\0' ? "" : " ", -

319 options.version_addendum); -

320 -

321 -

322

if (atomicio((ssize_t (*)(int, void *, size_t))write, sock_out, server_version_string,

atomicio((ssiz...ersion_string)	Description
TRUE	never evaluated
FALSE	never evaluated

323

strlen(server_version_string))

atomicio((ssiz...ersion_string)	Description
TRUE	never evaluated
FALSE	never evaluated

324

!= strlen(server_version_string)

atomicio((ssiz...ersion_string)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

325 logit("Could not write ident string to %s port %d", -

326 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); -

327 cleanup_exit(255); -

328

}

never executed: end of block

329 -

330 -

331 memset(buf, 0, sizeof(buf)); -

332

for (i = 0; i < sizeof(buf) - 1

i < sizeof(buf) - 1	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

333

if (atomicio(read, sock_in, &buf[i], 1) != 1

atomicio(read,...uf[i], 1) != 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

334 logit("Did not receive identification string " -

335 "from %s port %d", -

336 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); -

337 cleanup_exit(255); -

338

}

never executed: end of block

339

if (buf[i] == '\r'

buf[i] == '\r'	Description
TRUE	never evaluated
FALSE	never evaluated

) {

340 buf[i] = 0; -

341 -

342

if (i == 12

i == 12	Description
TRUE	never evaluated
FALSE	never evaluated

343 -

344

(

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__extension__ (__builtin_constant_p (

__builtin_constant_p ( 12 )	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

345

__builtin_constant_p ( 12 )	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

346

)

__builtin_constant_p ( 12 )	Description
TRUE	never evaluated
FALSE	never evaluated

&& ((__builtin_constant_p (

__builtin_constant_p ( buf )	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

347

buf

__builtin_constant_p ( buf )	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

348

)

__builtin_constant_p ( buf )	Description
TRUE	never evaluated
FALSE	never evaluated

&& strlen (

strlen ( buf )...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

349

buf

strlen ( buf )...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

350

) < ((size_t) (

strlen ( buf )...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

351

strlen ( buf )...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

352

))

strlen ( buf )...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

) || (__builtin_constant_p (

__builtin_cons...SH-1.5-W1.0" )	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

353

"SSH-1.5-W1.0"

__builtin_cons...SH-1.5-W1.0" )	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

354

)

__builtin_cons...SH-1.5-W1.0" )	Description
TRUE	never evaluated
FALSE	never evaluated

&& strlen (

strlen ( "SSH-...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

355

"SSH-1.5-W1.0"

strlen ( "SSH-...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

356

) < ((size_t) (

strlen ( "SSH-...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

357

strlen ( "SSH-...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

358

))

strlen ( "SSH-...ize_t) ( 12 ))	Description
TRUE	never evaluated
FALSE	never evaluated

)) ? __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

359

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

360

) && __builtin_constant_p (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

361

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

362

) && (__s1_len = __builtin_strlen (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

363

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

364

), __s2_len = __builtin_strlen (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

365

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

366

), (!((size_t)(const void *)((

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

367

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

368

) + 1) - (size_t)(const void *)(

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

369

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

370

) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

371

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

372

) + 1) - (size_t)(const void *)(

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

373

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

374

) == 1) || __s2_len >= 4)) ? __builtin_strcmp (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

375

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

376

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

377

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

378

) : (__builtin_constant_p (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

379

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

380

) && ((size_t)(const void *)((

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

381

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

382

) + 1) - (size_t)(const void *)(

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

383

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

384

) == 1) && (__s1_len = __builtin_strlen (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

385

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

386

), __s1_len < 4) ? (__builtin_constant_p (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

387

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

388

) && ((size_t)(const void *)((

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

389

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

390

) + 1) - (size_t)(const void *)(

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

391

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

392

) == 1) ? __builtin_strcmp (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

393

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

394

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

395

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

396

) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

397

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

398

); int __result = (((const unsigned char *) (const char *) (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

399

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

400

))[0] - __s2[0]); if (__s1_len > 0

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) { __result = (((const unsigned char *) (const char *) (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

401

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

402

))[1] - __s2[1]); if (__s1_len > 1

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) { __result = (((const unsigned char *) (const char *) (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

403

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

404

))[2] - __s2[2]); if (__s1_len > 2

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) __result = (((const unsigned char *) (const char *) (

never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]);

405

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]);

406

))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

407

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

408

) && ((size_t)(const void *)((

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

409

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

410

) + 1) - (size_t)(const void *)(

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

411

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

412

) == 1) && (__s2_len = __builtin_strlen (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

413

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

414

), __s2_len < 4) ? (__builtin_constant_p (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

415

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

416

) && ((size_t)(const void *)((

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

417

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

418

) + 1) - (size_t)(const void *)(

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

419

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

420

) == 1) ? __builtin_strcmp (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

421

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

422

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

423

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

424

) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

425

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

426

); int __result = (((const unsigned char *) (const char *) (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

427

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

428

))[0] - __s2[0]); if (__s2_len > 0

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) { __result = (((const unsigned char *) (const char *) (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

429

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

430

))[1] - __s2[1]); if (__s2_len > 1

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) { __result = (((const unsigned char *) (const char *) (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

431

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

432

))[2] - __s2[2]); if (__s2_len > 2

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) __result = (((const unsigned char *) (const char *) (

never executed: __result = (((const unsigned char *) (const char *) ( "SSH-1.5-W1.0" ))[3] - __s2[3]);

433

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

never executed: __result = (((const unsigned char *) (const char *) ( "SSH-1.5-W1.0" ))[3] - __s2[3]);

434

))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

435

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

436

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

437

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

438

)))); }) : strncmp (

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

439

buf

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

440

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

441

"SSH-1.5-W1.0"

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

442

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

443

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

444

)))

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

445

== 0

(__extension__... , 12 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

446

break;

never executed: break;

447

continue;

never executed: continue;

448 } -

449

if (buf[i] == '\n'

buf[i] == '\n'	Description
TRUE	never evaluated
FALSE	never evaluated

) {

450 buf[i] = 0; -

451

break;

never executed: break;

452 } -

453

}

never executed: end of block

454 buf[sizeof(buf) - 1] = 0; -

455 client_version_string = xstrdup(buf); -

456 -

457 -

458 -

459 -

460 -

461

if (sscanf(client_version_string, "SSH-%d.%d-%[^\n]\n",

sscanf(client_..._version) != 3	Description
TRUE	never evaluated
FALSE	never evaluated

462

&remote_major, &remote_minor, remote_version) != 3

sscanf(client_..._version) != 3	Description
TRUE	never evaluated
FALSE	never evaluated

) {

463 s = "Protocol mismatch.\n"; -

464 (void) atomicio((ssize_t (*)(int, void *, size_t))write, sock_out, s, strlen(s)); -

465 logit("Bad protocol version identification '%.100s' " -

466 "from %s port %d", client_version_string, -

467 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); -

468 close(sock_in); -

469 close(sock_out); -

470 cleanup_exit(255); -

471

}

never executed: end of block

472 debug("Client protocol version %d.%d; client software version %.100s", -

473 remote_major, remote_minor, remote_version); -

474 -

475 ssh->compat = compat_datafellows(remote_version); -

476 -

477

if ((

(ssh->compat &...00400000) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

ssh->compat & 0x00400000) != 0

(ssh->compat &...00400000) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

478 logit("probed from %s port %d with %s. Don't panic.", -

479 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -

480 client_version_string); -

481 cleanup_exit(255); -

482

}

never executed: end of block

483

if ((

(ssh->compat &...00000800) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

ssh->compat & 0x00000800) != 0

(ssh->compat &...00000800) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

484 logit("scanned from %s port %d with %s. Don't panic.", -

485 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -

486 client_version_string); -

487 cleanup_exit(255); -

488

}

never executed: end of block

489

if ((

(ssh->compat &...00002000) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

ssh->compat & 0x00002000) != 0

(ssh->compat &...00002000) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

490 logit("Client version \"%.100s\" uses unsafe RSA signature " -

491 "scheme; disabling use of RSA keys", remote_version); -

492

}

never executed: end of block

493 -

494 chop(server_version_string); -

495 debug("Local version string %.200s", server_version_string); -

496 -

497

if (remote_major != 2

remote_major != 2	Description
TRUE	never evaluated
FALSE	never evaluated

498

!(remote_major == 1

remote_major == 1	Description
TRUE	never evaluated
FALSE	never evaluated

&& remote_minor == 99

remote_minor == 99	Description
TRUE	never evaluated
FALSE	never evaluated

)) {

499 s = "Protocol major versions differ.\n"; -

500 (void) atomicio((ssize_t (*)(int, void *, size_t))write, sock_out, s, strlen(s)); -

501 close(sock_in); -

502 close(sock_out); -

503 logit("Protocol major versions differ for %s port %d: " -

504 "%.200s vs. %.200s", -

505 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), -

506 server_version_string, client_version_string); -

507 cleanup_exit(255); -

508

}

never executed: end of block

509

}

never executed: end of block

510 -

511 -

512 void -

513 destroy_sensitive_data(void) -

514 { -

515 u_int i; -

516 -

517

for (i = 0; i < options.num_host_key_files

i < options.num_host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

518

if (sensitive_data.host_keys[i]

sensitive_data.host_keys[i]	Description
TRUE	never evaluated
FALSE	never evaluated

) {

519 sshkey_free(sensitive_data.host_keys[i]); -

520 sensitive_data.host_keys[i] = -

521 ((void *)0) -

522 ; -

523

}

never executed: end of block

524

if (sensitive_data.host_certificates[i]

sensitive_data...ertificates[i]	Description
TRUE	never evaluated
FALSE	never evaluated

) {

525 sshkey_free(sensitive_data.host_certificates[i]); -

526 sensitive_data.host_certificates[i] = -

527 ((void *)0) -

528 ; -

529

}

never executed: end of block

530

}

never executed: end of block

531

}

never executed: end of block

532 -

533 -

534 void -

535 demote_sensitive_data(void) -

536 { -

537 struct sshkey *tmp; -

538 u_int i; -

539 int r; -

540 -

541

for (i = 0; i < options.num_host_key_files

i < options.num_host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

542

if (sensitive_data.host_keys[i]

sensitive_data.host_keys[i]	Description
TRUE	never evaluated
FALSE	never evaluated

) {

543

if ((

(r = sshkey_fr...], &tmp)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshkey_from_private(

(r = sshkey_fr...], &tmp)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

544

sensitive_data.host_keys[i], &tmp)) != 0

(r = sshkey_fr...], &tmp)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

545

fatal("could not demote host %s key: %s",

never executed: fatal("could not demote host %s key: %s", sshkey_type(sensitive_data.host_keys[i]), ssh_err(r));

546

sshkey_type(sensitive_data.host_keys[i]),

never executed: fatal("could not demote host %s key: %s", sshkey_type(sensitive_data.host_keys[i]), ssh_err(r));

547

ssh_err(r));

never executed: fatal("could not demote host %s key: %s", sshkey_type(sensitive_data.host_keys[i]), ssh_err(r));

548 sshkey_free(sensitive_data.host_keys[i]); -

549 sensitive_data.host_keys[i] = tmp; -

550

}

never executed: end of block

551 -

552

}

never executed: end of block

553

}

never executed: end of block

554 -

555 static void -

556 reseed_prngs(void) -

557 { -

558 u_int32_t rnd[256]; -

559 -

560 -

561 RAND_poll(); -

562 -

563 arc4random_stir(); -

564 arc4random_buf(rnd, sizeof(rnd)); -

565 -

566 -

567 RAND_seed(rnd, sizeof(rnd)); -

568 -

569

if ((

(RAND_bytes((u...)rnd, 1)) != 1	Description
TRUE	never evaluated
FALSE	never evaluated

RAND_bytes((u_char *)rnd, 1)) != 1

(RAND_bytes((u...)rnd, 1)) != 1	Description
TRUE	never evaluated
FALSE	never evaluated

)

570

fatal("%s: RAND_bytes failed", __func__);

never executed: fatal("%s: RAND_bytes failed", __func__);

571 -

572 -

573 explicit_bzero(rnd, sizeof(rnd)); -

574

}

never executed: end of block

575 -

576 static void -

577 privsep_preauth_child(void) -

578 { -

579 gid_t gidset[1]; -

580 -

581 -

582 privsep_challenge_enable(); -

583 -

584 -

585 -

586 -

587 -

588 -

589 reseed_prngs(); -

590 -

591 -

592 demote_sensitive_data(); -

593 -

594 -

595

if (privsep_chroot

privsep_chroot	Description
TRUE	never evaluated
FALSE	never evaluated

) {

596 -

597

if (chroot("/var/run/openssh-test") == -1

chroot("/var/r...h-test") == -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

598

fatal("chroot(\"%s\"): %s", "/var/run/openssh-test",

never executed: fatal("chroot(\"%s\"): %s", "/var/run/openssh-test", strerror( (*__errno_location ()) ));

599

strerror(

never executed: fatal("chroot(\"%s\"): %s", "/var/run/openssh-test", strerror( (*__errno_location ()) ));

600

(*__errno_location ())

never executed: fatal("chroot(\"%s\"): %s", "/var/run/openssh-test", strerror( (*__errno_location ()) ));

601

));

never executed: fatal("chroot(\"%s\"): %s", "/var/run/openssh-test", strerror( (*__errno_location ()) ));

602

if (chdir("/") == -1

chdir("/") == -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

603

fatal("chdir(\"/\"): %s", strerror(

never executed: fatal("chdir(\"/\"): %s", strerror( (*__errno_location ()) ));

604

(*__errno_location ())

never executed: fatal("chdir(\"/\"): %s", strerror( (*__errno_location ()) ));

605

));

never executed: fatal("chdir(\"/\"): %s", strerror( (*__errno_location ()) ));

606 -

607 -

608 debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid, -

609 (u_int)privsep_pw->pw_gid); -

610 gidset[0] = privsep_pw->pw_gid; -

611

if (setgroups(1, gidset) < 0

setgroups(1, gidset) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

612

fatal("setgroups: %.100s", strerror(

never executed: fatal("setgroups: %.100s", strerror( (*__errno_location ()) ));

613

(*__errno_location ())

never executed: fatal("setgroups: %.100s", strerror( (*__errno_location ()) ));

614

));

never executed: fatal("setgroups: %.100s", strerror( (*__errno_location ()) ));

615 permanently_set_uid(privsep_pw); -

616

}

never executed: end of block

617

}

never executed: end of block

618 -

619 static int -

620 privsep_preauth(Authctxt *authctxt) -

621 { -

622 int status, r; -

623 pid_t pid; -

624 struct ssh_sandbox *box = -

625 ((void *)0) -

626 ; -

627 -

628 -

629 pmonitor = monitor_init(); -

630 -

631 pmonitor->m_pkex = &active_state->kex; -

632 -

633

if (use_privsep == 1

use_privsep == 1	Description
TRUE	never evaluated
FALSE	never evaluated

)

634

box = ssh_sandbox_init(pmonitor);

never executed: box = ssh_sandbox_init(pmonitor);

635 pid = fork(); -

636

if (pid == -1

pid == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

637 fatal("fork of unprivileged child failed"); -

638

}

never executed: end of block

else if (pid != 0

pid != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

639 debug2("Network child is on pid %ld", (long)pid); -

640 -

641 pmonitor->m_pid = pid; -

642

if (have_agent

have_agent	Description
TRUE	never evaluated
FALSE	never evaluated

) {

643 r = ssh_get_authentication_socket(&auth_sock); -

644

if (r != 0

r != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

645 error("Could not get agent socket: %s", -

646 ssh_err(r)); -

647 have_agent = 0; -

648

}

never executed: end of block

649

}

never executed: end of block

650

if (box !=

box != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

651

((void *)0)

box != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

652 ) -

653

ssh_sandbox_parent_preauth(box, pid);

never executed: ssh_sandbox_parent_preauth(box, pid);

654 monitor_child_preauth(authctxt, pmonitor); -

655 -

656 -

657

while (waitpid(pid, &status, 0) < 0

waitpid(pid, &status, 0) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

658 if ( -

659

(*__errno_location ()) == 4	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) == 4	Description
TRUE	never evaluated
FALSE	never evaluated

660

(*__errno_location ()) == 4	Description
TRUE	never evaluated
FALSE	never evaluated

661

(*__errno_location ()) == 4	Description
TRUE	never evaluated
FALSE	never evaluated

662 ) -

663

continue;

never executed: continue;

664 pmonitor->m_pid = -1; -

665 fatal("%s: waitpid: %s", __func__, strerror( -

666 (*__errno_location ()) -

667 )); -

668

}

never executed: end of block

669 privsep_is_preauth = 0; -

670 pmonitor->m_pid = -1; -

671 if ( -

672

(((

((( status ) & 0x7f) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

673

status

((( status ) & 0x7f) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

674

) & 0x7f) == 0)

((( status ) & 0x7f) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

675 ) { -

676 if ( -

677

(((

((( status ) &...00) >> 8) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

678

status

((( status ) &...00) >> 8) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

679

) & 0xff00) >> 8)

((( status ) &...00) >> 8) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

680

!= 0

((( status ) &...00) >> 8) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

681

fatal("%s: preauth child exited with status %d",

never executed: fatal("%s: preauth child exited with status %d", __func__, ((( status ) & 0xff00) >> 8) );

682

__func__,

never executed: fatal("%s: preauth child exited with status %d", __func__, ((( status ) & 0xff00) >> 8) );

683

(((

never executed: fatal("%s: preauth child exited with status %d", __func__, ((( status ) & 0xff00) >> 8) );

684

status

never executed: fatal("%s: preauth child exited with status %d", __func__, ((( status ) & 0xff00) >> 8) );

685

) & 0xff00) >> 8)

never executed: fatal("%s: preauth child exited with status %d", __func__, ((( status ) & 0xff00) >> 8) );

686

);

never executed: fatal("%s: preauth child exited with status %d", __func__, ((( status ) & 0xff00) >> 8) );

687

}

never executed: end of block

else if (

688

(((

(((signed char... 1) >> 1) > 0)	Description
TRUE	never evaluated
FALSE	never evaluated

signed char) (((

(((signed char... 1) >> 1) > 0)	Description
TRUE	never evaluated
FALSE	never evaluated

689

status

(((signed char... 1) >> 1) > 0)	Description
TRUE	never evaluated
FALSE	never evaluated

690

) & 0x7f) + 1) >> 1) > 0)

(((signed char... 1) >> 1) > 0)	Description
TRUE	never evaluated
FALSE	never evaluated

691 ) -

692

fatal("%s: preauth child terminated by signal %d",

never executed: fatal("%s: preauth child terminated by signal %d", __func__, (( status ) & 0x7f) );

693

__func__,

never executed: fatal("%s: preauth child terminated by signal %d", __func__, (( status ) & 0x7f) );

694

((

never executed: fatal("%s: preauth child terminated by signal %d", __func__, (( status ) & 0x7f) );

695

status

never executed: fatal("%s: preauth child terminated by signal %d", __func__, (( status ) & 0x7f) );

696

) & 0x7f)

never executed: fatal("%s: preauth child terminated by signal %d", __func__, (( status ) & 0x7f) );

697

);

never executed: fatal("%s: preauth child terminated by signal %d", __func__, (( status ) & 0x7f) );

698

if (box !=

box != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

699

((void *)0)

box != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

700 ) -

701

ssh_sandbox_parent_finish(box);

never executed: ssh_sandbox_parent_finish(box);

702

return

never executed: return 1;

703 } else { -

704 -

705 close(pmonitor->m_sendfd); -

706 close(pmonitor->m_log_recvfd); -

707 -

708 -

709 set_log_handler(mm_log_handler, pmonitor); -

710 -

711 privsep_preauth_child(); -

712 setproctitle("%s", "[net]"); -

713

if (box !=

box != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

714

((void *)0)

box != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

715 ) -

716

ssh_sandbox_child(box);

never executed: ssh_sandbox_child(box);

717 -

718

return

never executed: return 0;

719 } -

720 } -

721 -

722 static void -

723 privsep_postauth(Authctxt *authctxt) -

724 { -

725 -

726 -

727 -

728

if (authctxt->pw->pw_uid == 0

authctxt->pw->pw_uid == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

729 -

730 -

731 use_privsep = 0; -

732

goto

never executed: goto skip;

skip;

never executed: goto skip;

733 } -

734 -

735 -

736 monitor_reinit(pmonitor); -

737 -

738 pmonitor->m_pid = fork(); -

739

if (pmonitor->m_pid == -1

pmonitor->m_pid == -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

740

fatal("fork of unprivileged child failed");

never executed: fatal("fork of unprivileged child failed");

741

else if (pmonitor->m_pid != 0

pmonitor->m_pid != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

742 verbose("User child is on pid %ld", (long)pmonitor->m_pid); -

743 sshbuf_reset(loginmsg); -

744 monitor_clear_keystate(pmonitor); -

745 monitor_child_postauth(pmonitor); -

746 -

747 -

748

exit(0);

never executed: exit(0);

749 } -

750 -

751 -

752 -

753 close(pmonitor->m_sendfd); -

754 pmonitor->m_sendfd = -1; -

755 -

756 -

757 demote_sensitive_data(); -

758 -

759 reseed_prngs(); -

760 -

761 -

762 do_setusercontext(authctxt->pw); -

763 -

764

skip:

code before this statement never executed: skip:

765 -

766 monitor_apply_keystate(pmonitor); -

767 -

768 -

769 -

770 -

771 -

772 ssh_packet_set_authenticated(active_state); -

773

}

never executed: end of block

774 -

775 static void -

776 append_hostkey_type(struct sshbuf *b, const char *s) -

777 { -

778 int r; -

779 -

780

if (match_pattern_list(s, options.hostkeyalgorithms, 0) != 1

match_pattern_...ithms, 0) != 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

781 debug3("%s: %s key not permitted by HostkeyAlgorithms", -

782 __func__, s); -

783

return;

never executed: return;

784 } -

785

if ((

(r = sshbuf_pu...: "", s)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_putf(b, "%s%s", sshbuf_len(b) > 0 ? "," : "", s)) != 0

(r = sshbuf_pu...: "", s)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

786

fatal("%s: sshbuf_putf: %s", __func__, ssh_err(r));

never executed: fatal("%s: sshbuf_putf: %s", __func__, ssh_err(r));

787

}

never executed: end of block

788 -

789 static char * -

790 list_hostkey_types(void) -

791 { -

792 struct sshbuf *b; -

793 struct sshkey *key; -

794 char *ret; -

795 u_int i; -

796 -

797

if ((

(b = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

b = sshbuf_new()) ==

(b = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

798

((void *)0)

(b = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

799 ) -

800

fatal("%s: sshbuf_new failed", __func__);

never executed: fatal("%s: sshbuf_new failed", __func__);

801

for (i = 0; i < options.num_host_key_files

i < options.num_host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

802 key = sensitive_data.host_keys[i]; -

803

if (key ==

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

804

((void *)0)

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

805 ) -

806

key = sensitive_data.host_pubkeys[i];

never executed: key = sensitive_data.host_pubkeys[i];

807

if (key ==

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

808

((void *)0)

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

809 ) -

810

continue;

never executed: continue;

811 switch (key->type) { -

812

case

never executed: case KEY_RSA:

KEY_RSA:

never executed: case KEY_RSA:

813 -

814 append_hostkey_type(b, "rsa-sha2-512"); -

815 append_hostkey_type(b, "rsa-sha2-256"); -

816 -

817

case

never executed: case KEY_DSA:

KEY_DSA:

never executed: case KEY_DSA:

code before this statement never executed: case KEY_DSA:

818

case

never executed: case KEY_ECDSA:

KEY_ECDSA:

never executed: case KEY_ECDSA:

819

case

never executed: case KEY_ED25519:

KEY_ED25519:

never executed: case KEY_ED25519:

820

case

never executed: case KEY_XMSS:

KEY_XMSS:

never executed: case KEY_XMSS:

821 append_hostkey_type(b, sshkey_ssh_name(key)); -

822

break;

never executed: break;

823 } -

824 -

825 key = sensitive_data.host_certificates[i]; -

826

if (key ==

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

827

((void *)0)

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

828 ) -

829

continue;

never executed: continue;

830 switch (key->type) { -

831

case

never executed: case KEY_RSA_CERT:

KEY_RSA_CERT:

never executed: case KEY_RSA_CERT:

832 -

833 append_hostkey_type(b, -

834 "rsa-sha2-512-cert-v01@openssh.com"); -

835 append_hostkey_type(b, -

836 "rsa-sha2-256-cert-v01@openssh.com"); -

837 -

838

case

never executed: case KEY_DSA_CERT:

KEY_DSA_CERT:

never executed: case KEY_DSA_CERT:

code before this statement never executed: case KEY_DSA_CERT:

839

case

never executed: case KEY_ECDSA_CERT:

KEY_ECDSA_CERT:

never executed: case KEY_ECDSA_CERT:

840

case

never executed: case KEY_ED25519_CERT:

KEY_ED25519_CERT:

never executed: case KEY_ED25519_CERT:

841

case

never executed: case KEY_XMSS_CERT:

KEY_XMSS_CERT:

never executed: case KEY_XMSS_CERT:

842 append_hostkey_type(b, sshkey_ssh_name(key)); -

843

break;

never executed: break;

844 } -

845

}

never executed: end of block

846

if ((

(ret = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

ret = sshbuf_dup_string(b)) ==

(ret = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

847

((void *)0)

(ret = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

848 ) -

849

fatal("%s: sshbuf_dup_string failed", __func__);

never executed: fatal("%s: sshbuf_dup_string failed", __func__);

850 sshbuf_free(b); -

851 debug("%s: %s", __func__, ret); -

852

return

never executed: return ret;

ret;

never executed: return ret;

853 } -

854 -

855 static struct sshkey * -

856 get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh) -

857 { -

858 u_int i; -

859 struct sshkey *key; -

860 -

861

for (i = 0; i < options.num_host_key_files

i < options.num_host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

862 switch (type) { -

863

case

never executed: case KEY_RSA_CERT:

KEY_RSA_CERT:

never executed: case KEY_RSA_CERT:

864

case

never executed: case KEY_DSA_CERT:

KEY_DSA_CERT:

never executed: case KEY_DSA_CERT:

865

case

never executed: case KEY_ECDSA_CERT:

KEY_ECDSA_CERT:

never executed: case KEY_ECDSA_CERT:

866

case

never executed: case KEY_ED25519_CERT:

KEY_ED25519_CERT:

never executed: case KEY_ED25519_CERT:

867

case

never executed: case KEY_XMSS_CERT:

KEY_XMSS_CERT:

never executed: case KEY_XMSS_CERT:

868 key = sensitive_data.host_certificates[i]; -

869

break;

never executed: break;

870

default

never executed: default:

871 key = sensitive_data.host_keys[i]; -

872

if (key ==

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

873

((void *)0)

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

874

&& !need_private

!need_private	Description
TRUE	never evaluated
FALSE	never evaluated

)

875

key = sensitive_data.host_pubkeys[i];

never executed: key = sensitive_data.host_pubkeys[i];

876

break;

never executed: break;

877 } -

878

if (key !=

key != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

879

((void *)0)

key != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

880

&& key->type == type

key->type == type	Description
TRUE	never evaluated
FALSE	never evaluated

881

(key->type != KEY_ECDSA

key->type != KEY_ECDSA	Description
TRUE	never evaluated
FALSE	never evaluated

|| key->ecdsa_nid == nid

key->ecdsa_nid == nid	Description
TRUE	never evaluated
FALSE	never evaluated

))

882

return

never executed: return need_private ? sensitive_data.host_keys[i] : key;

need_private

need_private	Description
TRUE	never evaluated
FALSE	never evaluated

never executed: return need_private ? sensitive_data.host_keys[i] : key;

883

sensitive_data.host_keys[i] : key;

never executed: return need_private ? sensitive_data.host_keys[i] : key;

884

}

never executed: end of block

885

return

never executed: return ((void *)0) ;

886

((void *)0)

never executed: return ((void *)0) ;

887

;

never executed: return ((void *)0) ;

888 } -

889 -

890 struct sshkey * -

891 get_hostkey_public_by_type(int type, int nid, struct ssh *ssh) -

892 { -

893

return

never executed: return get_hostkey_by_type(type, nid, 0, ssh);

get_hostkey_by_type(type, nid, 0, ssh);

never executed: return get_hostkey_by_type(type, nid, 0, ssh);

894 } -

895 -

896 struct sshkey * -

897 get_hostkey_private_by_type(int type, int nid, struct ssh *ssh) -

898 { -

899

return

never executed: return get_hostkey_by_type(type, nid, 1, ssh);

get_hostkey_by_type(type, nid, 1, ssh);

never executed: return get_hostkey_by_type(type, nid, 1, ssh);

900 } -

901 -

902 struct sshkey * -

903 get_hostkey_by_index(int ind) -

904 { -

905

if (ind < 0

ind < 0	Description
TRUE	never evaluated
FALSE	never evaluated

|| (

(u_int)ind >= ...host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

u_int)ind >= options.num_host_key_files

(u_int)ind >= ...host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

)

906

return

never executed: return ( ((void *)0) );

(

never executed: return ( ((void *)0) );

907

((void *)0)

never executed: return ( ((void *)0) );

908

);

never executed: return ( ((void *)0) );

909

return

never executed: return (sensitive_data.host_keys[ind]);

(sensitive_data.host_keys[ind]);

never executed: return (sensitive_data.host_keys[ind]);

910 } -

911 -

912 struct sshkey * -

913 get_hostkey_public_by_index(int ind, struct ssh *ssh) -

914 { -

915

if (ind < 0

ind < 0	Description
TRUE	never evaluated
FALSE	never evaluated

|| (

(u_int)ind >= ...host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

u_int)ind >= options.num_host_key_files

(u_int)ind >= ...host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

)

916

return

never executed: return ( ((void *)0) );

(

never executed: return ( ((void *)0) );

917

((void *)0)

never executed: return ( ((void *)0) );

918

);

never executed: return ( ((void *)0) );

919

return

never executed: return (sensitive_data.host_pubkeys[ind]);

(sensitive_data.host_pubkeys[ind]);

never executed: return (sensitive_data.host_pubkeys[ind]);

920 } -

921 -

922 int -

923 get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh) -

924 { -

925 u_int i; -

926 -

927

for (i = 0; i < options.num_host_key_files

i < options.num_host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

928

if (sshkey_is_cert(key)

sshkey_is_cert(key)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

929

if (key == sensitive_data.host_certificates[i]

key == sensiti...ertificates[i]	Description
TRUE	never evaluated
FALSE	never evaluated

930

(compare

compare	Description
TRUE	never evaluated
FALSE	never evaluated

&& sensitive_data.host_certificates[i]

sensitive_data...ertificates[i]	Description
TRUE	never evaluated
FALSE	never evaluated

931

sshkey_equal(key,

sshkey_equal(k...rtificates[i])	Description
TRUE	never evaluated
FALSE	never evaluated

932

sensitive_data.host_certificates[i])

sshkey_equal(k...rtificates[i])	Description
TRUE	never evaluated
FALSE	never evaluated

))

933

return

never executed: return (i);

(i);

never executed: return (i);

934

}

never executed: end of block

else {

935

if (key == sensitive_data.host_keys[i]

key == sensiti...a.host_keys[i]	Description
TRUE	never evaluated
FALSE	never evaluated

936

(compare

compare	Description
TRUE	never evaluated
FALSE	never evaluated

&& sensitive_data.host_keys[i]

sensitive_data.host_keys[i]	Description
TRUE	never evaluated
FALSE	never evaluated

937

sshkey_equal(key, sensitive_data.host_keys[i])

sshkey_equal(k....host_keys[i])	Description
TRUE	never evaluated
FALSE	never evaluated

))

938

return

never executed: return (i);

(i);

never executed: return (i);

939

if (key == sensitive_data.host_pubkeys[i]

key == sensiti...ost_pubkeys[i]	Description
TRUE	never evaluated
FALSE	never evaluated

940

(compare

compare	Description
TRUE	never evaluated
FALSE	never evaluated

&& sensitive_data.host_pubkeys[i]

sensitive_data.host_pubkeys[i]	Description
TRUE	never evaluated
FALSE	never evaluated

941

sshkey_equal(key, sensitive_data.host_pubkeys[i])

sshkey_equal(k...st_pubkeys[i])	Description
TRUE	never evaluated
FALSE	never evaluated

))

942

return

never executed: return (i);

(i);

never executed: return (i);

943

}

never executed: end of block

944 } -

945

return

never executed: return (-1);

(-1);

never executed: return (-1);

946 } -

947 -

948 -

949 static void -

950 notify_hostkeys(struct ssh *ssh) -

951 { -

952 struct sshbuf *buf; -

953 struct sshkey *key; -

954 u_int i, nkeys; -

955 int r; -

956 char *fp; -

957 -

958 -

959

if (datafellows & 0x20000000

datafellows & 0x20000000	Description
TRUE	never evaluated
FALSE	never evaluated

)

960

return;

never executed: return;

961 -

962

if ((

(buf = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

buf = sshbuf_new()) ==

(buf = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

963

((void *)0)

(buf = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

964 ) -

965

fatal("%s: sshbuf_new", __func__);

never executed: fatal("%s: sshbuf_new", __func__);

966

for (i = nkeys = 0; i < options.num_host_key_files

i < options.num_host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

967 key = get_hostkey_public_by_index(i, ssh); -

968

if (key ==

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

969

((void *)0)

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

970

|| key->type == KEY_UNSPEC

key->type == KEY_UNSPEC	Description
TRUE	never evaluated
FALSE	never evaluated

971

sshkey_is_cert(key)

sshkey_is_cert(key)	Description
TRUE	never evaluated
FALSE	never evaluated

)

972

continue;

never executed: continue;

973 fp = sshkey_fingerprint(key, options.fingerprint_hash, -

974 SSH_FP_DEFAULT); -

975 debug3("%s: key %d: %s %s", __func__, i, -

976 sshkey_ssh_name(key), fp); -

977 free(fp); -

978

if (nkeys == 0

nkeys == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

979 ssh_packet_start(active_state, (80)); -

980 ssh_packet_put_cstring(active_state, ("hostkeys-00@openssh.com")); -

981 ssh_packet_put_char(active_state, (0)); -

982

}

never executed: end of block

983 sshbuf_reset(buf); -

984

if ((

(r = sshkey_pu...ey, buf)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshkey_putb(key, buf)) != 0

(r = sshkey_pu...ey, buf)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

985

fatal("%s: couldn't put hostkey %d: %s",

never executed: fatal("%s: couldn't put hostkey %d: %s", __func__, i, ssh_err(r));

986

__func__, i, ssh_err(r));

never executed: fatal("%s: couldn't put hostkey %d: %s", __func__, i, ssh_err(r));

987 ssh_packet_put_string(active_state, (sshbuf_ptr(buf)), (sshbuf_len(buf))); -

988 nkeys++; -

989

}

never executed: end of block

990 debug3("%s: sent %u hostkeys", __func__, nkeys); -

991

if (nkeys == 0

nkeys == 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

992

fatal("%s: no hostkeys", __func__);

never executed: fatal("%s: no hostkeys", __func__);

993 ssh_packet_send(active_state); -

994 sshbuf_free(buf); -

995

}

never executed: end of block

996 -

997 -

998 -

999 -

1000 -

1001 -

1002 -

1003 static int -

1004 drop_connection(int startups) -

1005 { -

1006 int p, r; -

1007 -

1008

if (startups < options.max_startups_begin

startups < opt...startups_begin	Description
TRUE	never evaluated
FALSE	never evaluated

)

1009

return

never executed: return 0;

1010

if (startups >= options.max_startups

startups >= op...s.max_startups	Description
TRUE	never evaluated
FALSE	never evaluated

)

1011

return

never executed: return 1;

1012

if (options.max_startups_rate == 100

options.max_st...ps_rate == 100	Description
TRUE	never evaluated
FALSE	never evaluated

)

1013

return

never executed: return 1;

1014 -

1015 p = 100 - options.max_startups_rate; -

1016 p *= startups - options.max_startups_begin; -

1017 p /= options.max_startups - options.max_startups_begin; -

1018 p += options.max_startups_rate; -

1019 r = arc4random_uniform(100); -

1020 -

1021 debug("drop_connection: p %d, r %d", p, r); -

1022

return

never executed: return (r < p) ? 1 : 0;

(

(r < p)	Description
TRUE	never evaluated
FALSE	never evaluated

r < p)

(r < p)	Description
TRUE	never evaluated
FALSE	never evaluated

? 1 : 0;

never executed: return (r < p) ? 1 : 0;

1023 } -

1024 -

1025 static void -

1026 usage(void) -

1027 { -

1028 fprintf( -

1029 stderr -

1030 , "%s, %s\n", -

1031 "OpenSSH_7.8" "p1", -

1032 -

1033 SSLeay_version( -

1034 0 -

1035 ) -

1036 -

1037 -

1038 -

1039 ); -

1040 fprintf( -

1041 stderr -

1042 , -

1043 "usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file]\n" -

1044 " [-E log_file] [-f config_file] [-g login_grace_time]\n" -

1045 " [-h host_key_file] [-o option] [-p port] [-u len]\n" -

1046 ); -

1047

exit(1);

never executed: exit(1);

1048 } -

1049 -

1050 static void -

1051 send_rexec_state(int fd, struct sshbuf *conf) -

1052 { -

1053 struct sshbuf *m; -

1054 int r; -

1055 -

1056 debug3("%s: entering fd = %d config len %zu", __func__, fd, -

1057 sshbuf_len(conf)); -

1058 -

1059 -

1060 -

1061 -

1062 -

1063 -

1064

if ((

(m = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

m = sshbuf_new()) ==

(m = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1065

((void *)0)

(m = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1066 ) -

1067

fatal("%s: sshbuf_new failed", __func__);

never executed: fatal("%s: sshbuf_new failed", __func__);

1068

if ((

(r = sshbuf_pu...m, conf)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put_stringb(m, conf)) != 0

(r = sshbuf_pu...m, conf)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1069

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

1070 -

1071 -

1072 -

1073 -

1074 -

1075

if (ssh_msg_send(fd, 0, m) == -1

ssh_msg_send(fd, 0, m) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

1076

fatal("%s: ssh_msg_send failed", __func__);

never executed: fatal("%s: ssh_msg_send failed", __func__);

1077 -

1078 sshbuf_free(m); -

1079 -

1080 debug3("%s: done", __func__); -

1081

}

never executed: end of block

1082 -

1083 static void -

1084 recv_rexec_state(int fd, struct sshbuf *conf) -

1085 { -

1086 struct sshbuf *m; -

1087 u_char *cp, ver; -

1088 size_t len; -

1089 int r; -

1090 -

1091 debug3("%s: entering fd = %d", __func__, fd); -

1092 -

1093

if ((

(m = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

m = sshbuf_new()) ==

(m = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1094

((void *)0)

(m = sshbuf_ne...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1095 ) -

1096

fatal("%s: sshbuf_new failed", __func__);

never executed: fatal("%s: sshbuf_new failed", __func__);

1097

if (ssh_msg_recv(fd, m) == -1

ssh_msg_recv(fd, m) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

1098

fatal("%s: ssh_msg_recv failed", __func__);

never executed: fatal("%s: ssh_msg_recv failed", __func__);

1099

if ((

(r = sshbuf_ge...m, &ver)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_get_u8(m, &ver)) != 0

(r = sshbuf_ge...m, &ver)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1100

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

1101

if (ver != 0

ver != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1102

fatal("%s: rexec version mismatch", __func__);

never executed: fatal("%s: rexec version mismatch", __func__);

1103

if ((

(r = sshbuf_ge...p, &len)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_get_string(m, &cp, &len)) != 0

(r = sshbuf_ge...p, &len)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1104

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

1105

if (conf !=

conf != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1106

((void *)0)

conf != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1107

&& (

(r = sshbuf_pu...onf, cp, len))	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshbuf_put(conf, cp, len))

(r = sshbuf_pu...onf, cp, len))	Description
TRUE	never evaluated
FALSE	never evaluated

)

1108

fatal("%s: buffer error: %s", __func__, ssh_err(r));

never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));

1109 -

1110 -

1111 -

1112 -

1113 free(cp); -

1114 sshbuf_free(m); -

1115 -

1116 debug3("%s: done", __func__); -

1117

}

never executed: end of block

1118 -

1119 -

1120 static void -

1121 server_accept_inetd(int *sock_in, int *sock_out) -

1122 { -

1123 int fd; -

1124 -

1125 startup_pipe = -1; -

1126

if (rexeced_flag

rexeced_flag	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1127 close(( -

1128 2 -

1129 + 3)); -

1130 *sock_in = *sock_out = dup( -

1131 0 -

1132 ); -

1133

if (!debug_flag

!debug_flag	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1134 startup_pipe = dup(( -

1135 2 -

1136 + 2)); -

1137 close(( -

1138 2 -

1139 + 2)); -

1140

}

never executed: end of block

1141

}

never executed: end of block

else {

1142 *sock_in = dup( -

1143 0 -

1144 ); -

1145 *sock_out = dup( -

1146 1 -

1147 ); -

1148

}

never executed: end of block

1149 -

1150 -

1151 -

1152 -

1153 -

1154

if ((

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

fd = open(

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

1155

"/dev/null"

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

1156

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

1157

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

1158

, 0)) != -1

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1159 dup2(fd, -

1160 0 -

1161 ); -

1162 dup2(fd, -

1163 1 -

1164 ); -

1165

if (!log_stderr

!log_stderr	Description
TRUE	never evaluated
FALSE	never evaluated

)

1166

dup2(fd,

never executed: dup2(fd, 2 );

1167

never executed: dup2(fd, 2 );

1168

);

never executed: dup2(fd, 2 );

1169

if (fd > (log_stderr ?

fd > (log_stderr ? 2 : 1 )	Description
TRUE	never evaluated
FALSE	never evaluated

1170

fd > (log_stderr ? 2 : 1 )	Description
TRUE	never evaluated
FALSE	never evaluated

1171

fd > (log_stderr ? 2 : 1 )	Description
TRUE	never evaluated
FALSE	never evaluated

1172

fd > (log_stderr ? 2 : 1 )	Description
TRUE	never evaluated
FALSE	never evaluated

1173

)

fd > (log_stderr ? 2 : 1 )	Description
TRUE	never evaluated
FALSE	never evaluated

)

1174

close(fd);

never executed: close(fd);

1175

}

never executed: end of block

1176 debug("inetd sockets after dupping: %d, %d", *sock_in, *sock_out); -

1177

}

never executed: end of block

1178 -

1179 -

1180 -

1181 -

1182 static void -

1183 listen_on_addrs(struct listenaddr *la) -

1184 { -

1185 int ret, listen_sock; -

1186 struct addrinfo *ai; -

1187 char ntop[ -

1188 1025 -

1189 ], strport[ -

1190 32 -

1191 ]; -

1192 -

1193

for (ai = la->addrs; ai

ai	Description
TRUE	never evaluated
FALSE	never evaluated

; ai = ai->ai_next) {

1194

if (ai->ai_family !=

ai->ai_family != 2	Description
TRUE	never evaluated
FALSE	never evaluated

1195

ai->ai_family != 2	Description
TRUE	never evaluated
FALSE	never evaluated

1196

&& ai->ai_family !=

ai->ai_family != 10	Description
TRUE	never evaluated
FALSE	never evaluated

1197

ai->ai_family != 10	Description
TRUE	never evaluated
FALSE	never evaluated

1198 ) -

1199

continue;

never executed: continue;

1200

if (num_listen_socks >= 16

num_listen_socks >= 16	Description
TRUE	never evaluated
FALSE	never evaluated

)

1201

fatal("Too many listen sockets. "

never executed: fatal("Too many listen sockets. " "Enlarge MAX_LISTEN_SOCKS");

1202

"Enlarge MAX_LISTEN_SOCKS");

never executed: fatal("Too many listen sockets. " "Enlarge MAX_LISTEN_SOCKS");

1203

if ((

(ret = getname... 1 \| 2 )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

ret = getnameinfo(ai->ai_addr, ai->ai_addrlen,

(ret = getname... 1 \| 2 )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1204

ntop, sizeof(ntop), strport, sizeof(strport),

(ret = getname... 1 \| 2 )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1205

(ret = getname... 1 \| 2 )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1206

(ret = getname... 1 \| 2 )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1207

(ret = getname... 1 \| 2 )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1208

(ret = getname... 1 \| 2 )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1209

)) != 0

(ret = getname... 1 \| 2 )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1210 error("getnameinfo failed: %.100s", -

1211 ssh_gai_strerror(ret)); -

1212

continue;

never executed: continue;

1213 } -

1214 -

1215 listen_sock = socket(ai->ai_family, ai->ai_socktype, -

1216 ai->ai_protocol); -

1217

if (listen_sock < 0

listen_sock < 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1218 -

1219 verbose("socket: %.100s", strerror( -

1220 (*__errno_location ()) -

1221 )); -

1222

continue;

never executed: continue;

1223 } -

1224

if (set_nonblock(listen_sock) == -1

set_nonblock(l...en_sock) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1225 close(listen_sock); -

1226

continue;

never executed: continue;

1227 } -

1228

if (fcntl(listen_sock,

fcntl(listen_s... 2 , 1 ) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1229

fcntl(listen_s... 2 , 1 ) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1230

fcntl(listen_s... 2 , 1 ) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1231

fcntl(listen_s... 2 , 1 ) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1232

) == -1

fcntl(listen_s... 2 , 1 ) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1233 verbose("socket: CLOEXEC: %s", strerror( -

1234 (*__errno_location ()) -

1235 )); -

1236 close(listen_sock); -

1237

continue;

never executed: continue;

1238 } -

1239 -

1240 set_reuseaddr(listen_sock); -

1241

if (la->rdomain !=

la->rdomain != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1242

((void *)0)

la->rdomain != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1243 && -

1244

set_rdomain(listen_sock, la->rdomain) == -1

set_rdomain(li...rdomain) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1245 close(listen_sock); -

1246

continue;

never executed: continue;

1247 } -

1248 -

1249 -

1250

if (ai->ai_family ==

ai->ai_family == 10	Description
TRUE	never evaluated
FALSE	never evaluated

1251

ai->ai_family == 10	Description
TRUE	never evaluated
FALSE	never evaluated

1252 ) -

1253

sock_set_v6only(listen_sock);

never executed: sock_set_v6only(listen_sock);

1254 -

1255 debug("Bind to port %s on %s.", strport, ntop); -

1256 -

1257 -

1258

if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) < 0

bind(listen_so...i_addrlen) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1259 error("Bind to port %s on %s failed: %.200s.", -

1260 strport, ntop, strerror( -

1261 (*__errno_location ()) -

1262 )); -

1263 close(listen_sock); -

1264

continue;

never executed: continue;

1265 } -

1266 listen_socks[num_listen_socks] = listen_sock; -

1267 num_listen_socks++; -

1268 -

1269 -

1270

if (listen(listen_sock, 128) < 0

listen(listen_sock, 128) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1271

fatal("listen on [%s]:%s: %.100s",

never executed: fatal("listen on [%s]:%s: %.100s", ntop, strport, strerror( (*__errno_location ()) ));

1272

ntop, strport, strerror(

never executed: fatal("listen on [%s]:%s: %.100s", ntop, strport, strerror( (*__errno_location ()) ));

1273

(*__errno_location ())

never executed: fatal("listen on [%s]:%s: %.100s", ntop, strport, strerror( (*__errno_location ()) ));

1274

));

never executed: fatal("listen on [%s]:%s: %.100s", ntop, strport, strerror( (*__errno_location ()) ));

1275 logit("Server listening on %s port %s%s%s.", -

1276 ntop, strport, -

1277 la->rdomain == -

1278 ((void *)0) -

1279 ? "" : " rdomain ", -

1280 la->rdomain == -

1281 ((void *)0) -

1282 ? "" : la->rdomain); -

1283

}

never executed: end of block

1284

}

never executed: end of block

1285 -

1286 static void -

1287 server_listen(void) -

1288 { -

1289 u_int i; -

1290 -

1291

for (i = 0; i < options.num_listen_addrs

i < options.num_listen_addrs	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1292 listen_on_addrs(&options.listen_addrs[i]); -

1293 freeaddrinfo(options.listen_addrs[i].addrs); -

1294 free(options.listen_addrs[i].rdomain); -

1295 memset(&options.listen_addrs[i], 0, -

1296 sizeof(options.listen_addrs[i])); -

1297

}

never executed: end of block

1298 free(options.listen_addrs); -

1299 options.listen_addrs = -

1300 ((void *)0) -

1301 ; -

1302 options.num_listen_addrs = 0; -

1303 -

1304

if (!num_listen_socks

!num_listen_socks	Description
TRUE	never evaluated
FALSE	never evaluated

)

1305

fatal("Cannot bind any address.");

never executed: fatal("Cannot bind any address.");

1306

}

never executed: end of block

1307 -

1308 -

1309 -

1310 -

1311 -

1312 static void -

1313 server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) -

1314 { -

1315 fd_set *fdset; -

1316 int i, j, ret, maxfd; -

1317 int startups = 0; -

1318 int startup_p[2] = { -1 , -1 }; -

1319 struct sockaddr_storage from; -

1320 socklen_t fromlen; -

1321 pid_t pid; -

1322 u_char rnd[256]; -

1323 -

1324 -

1325 fdset = -

1326 ((void *)0) -

1327 ; -

1328 maxfd = 0; -

1329

for (i = 0; i < num_listen_socks

i < num_listen_socks	Description
TRUE	never evaluated
FALSE	never evaluated

; i++)

1330

if (listen_socks[i] > maxfd

listen_socks[i] > maxfd	Description
TRUE	never evaluated
FALSE	never evaluated

)

1331

maxfd = listen_socks[i];

never executed: maxfd = listen_socks[i];

1332 -

1333 startup_pipes = xcalloc(options.max_startups, sizeof(int)); -

1334

for (i = 0; i < options.max_startups

i < options.max_startups	Description
TRUE	never evaluated
FALSE	never evaluated

; i++)

1335

startup_pipes[i] = -1;

never executed: startup_pipes[i] = -1;

1336 -

1337 -

1338 -

1339 -

1340 -

1341 for (;;) { -

1342

if (received_sighup

received_sighup	Description
TRUE	never evaluated
FALSE	never evaluated

)

1343

sighup_restart();

never executed: sighup_restart();

1344 free(fdset); -

1345 fdset = xcalloc( -

1346 ((( -

1347 maxfd + 1 -

1348 ) + (((8 * (int) sizeof (__fd_mask))) - 1)) / ((8 * (int) sizeof (__fd_mask)))) -

1349 , -

1350 sizeof(fd_mask)); -

1351 -

1352

for (i = 0; i < num_listen_socks

i < num_listen_socks	Description
TRUE	never evaluated
FALSE	never evaluated

; i++)

1353

kludge_FD_SET(listen_socks[i], fdset);

never executed: kludge_FD_SET(listen_socks[i], fdset);

1354

for (i = 0; i < options.max_startups

i < options.max_startups	Description
TRUE	never evaluated
FALSE	never evaluated

; i++)

1355

if (startup_pipes[i] != -1

startup_pipes[i] != -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

1356

kludge_FD_SET(startup_pipes[i], fdset);

never executed: kludge_FD_SET(startup_pipes[i], fdset);

1357 -

1358 -

1359 ret = select(maxfd+1, fdset, -

1360 ((void *)0) -

1361 , -

1362 ((void *)0) -

1363 , -

1364 ((void *)0) -

1365 ); -

1366

if (ret < 0

ret < 0	Description
TRUE	never evaluated
FALSE	never evaluated

1367

(*__errno_location ()) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

1368

(*__errno_location ()) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

1369

(*__errno_location ()) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

1370 ) -

1371

error("select: %.100s", strerror(

never executed: error("select: %.100s", strerror( (*__errno_location ()) ));

1372

(*__errno_location ())

never executed: error("select: %.100s", strerror( (*__errno_location ()) ));

1373

));

never executed: error("select: %.100s", strerror( (*__errno_location ()) ));

1374

if (received_sigterm

received_sigterm	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1375 logit("Received signal %d; terminating.", -

1376 (int) received_sigterm); -

1377 close_listen_socks(); -

1378

if (options.pid_file !=

options.pid_fi...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1379

((void *)0)

options.pid_fi...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1380 ) -

1381

unlink(options.pid_file);

never executed: unlink(options.pid_file);

1382

exit(received_sigterm ==

never executed: exit(received_sigterm == 15 ? 0 : 255);

1383

never executed: exit(received_sigterm == 15 ? 0 : 255);

1384

? 0 : 255);

never executed: exit(received_sigterm == 15 ? 0 : 255);

1385 } -

1386

if (ret < 0

ret < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1387

continue;

never executed: continue;

1388 -

1389

for (i = 0; i < options.max_startups

i < options.max_startups	Description
TRUE	never evaluated
FALSE	never evaluated

; i++)

1390

if (startup_pipes[i] != -1

startup_pipes[i] != -1	Description
TRUE	never evaluated
FALSE	never evaluated

1391

kludge_FD_ISSET(startup_pipes[i], fdset)

kludge_FD_ISSE...pes[i], fdset)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1392 -

1393 -

1394 -

1395 -

1396 -

1397 -

1398 close(startup_pipes[i]); -

1399 startup_pipes[i] = -1; -

1400 startups--; -

1401

}

never executed: end of block

1402

for (i = 0; i < num_listen_socks

i < num_listen_socks	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1403

if (!kludge_FD_ISSET(listen_socks[i], fdset)

!kludge_FD_ISS...cks[i], fdset)	Description
TRUE	never evaluated
FALSE	never evaluated

)

1404

continue;

never executed: continue;

1405 fromlen = sizeof(from); -

1406 *newsock = accept(listen_socks[i], -

1407 (struct sockaddr *)&from, &fromlen); -

1408

if (*

*newsock < 0	Description
TRUE	never evaluated
FALSE	never evaluated

newsock < 0

*newsock < 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1409 if ( -

1410

(*__errno_location ()) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

1411

(*__errno_location ()) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

1412

(*__errno_location ()) != 4	Description
TRUE	never evaluated
FALSE	never evaluated

1413 && -

1414

(*__errno_location ()) != 11	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) != 11	Description
TRUE	never evaluated
FALSE	never evaluated

1415

(*__errno_location ()) != 11	Description
TRUE	never evaluated
FALSE	never evaluated

1416

(*__errno_location ()) != 11	Description
TRUE	never evaluated
FALSE	never evaluated

1417 && -

1418 -

1419

(*__errno_location ()) != 103	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) != 103	Description
TRUE	never evaluated
FALSE	never evaluated

1420

(*__errno_location ()) != 103	Description
TRUE	never evaluated
FALSE	never evaluated

1421

103

(*__errno_location ()) != 103	Description
TRUE	never evaluated
FALSE	never evaluated

1422 && -

1423

(*__errno_location ()) != 11	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) != 11	Description
TRUE	never evaluated
FALSE	never evaluated

1424

(*__errno_location ()) != 11	Description
TRUE	never evaluated
FALSE	never evaluated

1425

(*__errno_location ()) != 11	Description
TRUE	never evaluated
FALSE	never evaluated

1426 ) -

1427

error("accept: %.100s",

never executed: error("accept: %.100s", strerror( (*__errno_location ()) ));

1428

strerror(

never executed: error("accept: %.100s", strerror( (*__errno_location ()) ));

1429

(*__errno_location ())

never executed: error("accept: %.100s", strerror( (*__errno_location ()) ));

1430

));

never executed: error("accept: %.100s", strerror( (*__errno_location ()) ));

1431 if ( -

1432

(*__errno_location ()) == 24	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) == 24	Description
TRUE	never evaluated
FALSE	never evaluated

1433

(*__errno_location ()) == 24	Description
TRUE	never evaluated
FALSE	never evaluated

1434

(*__errno_location ()) == 24	Description
TRUE	never evaluated
FALSE	never evaluated

1435 || -

1436

(*__errno_location ()) == 23	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) == 23	Description
TRUE	never evaluated
FALSE	never evaluated

1437

(*__errno_location ()) == 23	Description
TRUE	never evaluated
FALSE	never evaluated

1438

(*__errno_location ()) == 23	Description
TRUE	never evaluated
FALSE	never evaluated

1439 ) -

1440

usleep(100 * 1000);

never executed: usleep(100 * 1000);

1441

continue;

never executed: continue;

1442 } -

1443

if (unset_nonblock(*newsock) == -1

unset_nonblock(*newsock) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1444 close(*newsock); -

1445

continue;

never executed: continue;

1446 } -

1447

if (drop_connection(startups) == 1

drop_connection(startups) == 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1448 char *laddr = get_local_ipaddr(*newsock); -

1449 char *raddr = get_peer_ipaddr(*newsock); -

1450 -

1451 verbose("drop connection #%d from [%s]:%d " -

1452 "on [%s]:%d past MaxStartups", startups, -

1453 raddr, get_peer_port(*newsock), -

1454 laddr, get_local_port(*newsock)); -

1455 free(laddr); -

1456 free(raddr); -

1457 close(*newsock); -

1458

continue;

never executed: continue;

1459 } -

1460

if (pipe(startup_p) == -1

pipe(startup_p) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1461 close(*newsock); -

1462

continue;

never executed: continue;

1463 } -

1464 -

1465

if (rexec_flag

rexec_flag	Description
TRUE	never evaluated
FALSE	never evaluated

&& socketpair(

socketpair( 1 ...onfig_s) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1466

socketpair( 1 ...onfig_s) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1467

socketpair( 1 ...onfig_s) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1468

socketpair( 1 ...onfig_s) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1469

SOCK_STREAM

socketpair( 1 ...onfig_s) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1470

, 0, config_s) == -1

socketpair( 1 ...onfig_s) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1471 error("reexec socketpair: %s", -

1472 strerror( -

1473 (*__errno_location ()) -

1474 )); -

1475 close(*newsock); -

1476 close(startup_p[0]); -

1477 close(startup_p[1]); -

1478

continue;

never executed: continue;

1479 } -

1480 -

1481

for (j = 0; j < options.max_startups

j < options.max_startups	Description
TRUE	never evaluated
FALSE	never evaluated

; j++)

1482

if (startup_pipes[j] == -1

startup_pipes[j] == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1483 startup_pipes[j] = startup_p[0]; -

1484

if (maxfd < startup_p[0]

maxfd < startup_p[0]	Description
TRUE	never evaluated
FALSE	never evaluated

)

1485

maxfd = startup_p[0];

never executed: maxfd = startup_p[0];

1486 startups++; -

1487

break;

never executed: break;

1488 } -

1489 -

1490 -

1491 -

1492 -

1493 -

1494

if (debug_flag

debug_flag	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1495 -

1496 -

1497 -

1498 -

1499 -

1500 debug("Server will not fork when running in debugging mode."); -

1501 close_listen_socks(); -

1502 *sock_in = *newsock; -

1503 *sock_out = *newsock; -

1504 close(startup_p[0]); -

1505 close(startup_p[1]); -

1506 startup_pipe = -1; -

1507 pid = getpid(); -

1508

if (rexec_flag

rexec_flag	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1509 send_rexec_state(config_s[0], cfg); -

1510 close(config_s[0]); -

1511

}

never executed: end of block

1512

break;

never executed: break;

1513 } -

1514 -

1515 -

1516 -

1517 -

1518 -

1519 -

1520 platform_pre_fork(); -

1521

if ((

(pid = fork()) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

pid = fork()) == 0

(pid = fork()) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1522 platform_post_fork_child(); -

1523 startup_pipe = startup_p[1]; -

1524 close_startup_pipes(); -

1525 close_listen_socks(); -

1526 *sock_in = *newsock; -

1527 *sock_out = *newsock; -

1528 log_init(__progname, -

1529 options.log_level, -

1530 options.log_facility, -

1531 log_stderr); -

1532

if (rexec_flag

rexec_flag	Description
TRUE	never evaluated
FALSE	never evaluated

)

1533

close(config_s[0]);

never executed: close(config_s[0]);

1534

break;

never executed: break;

1535 } -

1536 -

1537 -

1538 platform_post_fork_parent(pid); -

1539

if (pid < 0

pid < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1540

error("fork: %.100s", strerror(

never executed: error("fork: %.100s", strerror( (*__errno_location ()) ));

1541

(*__errno_location ())

never executed: error("fork: %.100s", strerror( (*__errno_location ()) ));

1542

));

never executed: error("fork: %.100s", strerror( (*__errno_location ()) ));

1543 else -

1544

debug("Forked child %ld.", (long)pid);

never executed: debug("Forked child %ld.", (long)pid);

1545 -

1546 close(startup_p[1]); -

1547 -

1548

if (rexec_flag

rexec_flag	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1549 send_rexec_state(config_s[0], cfg); -

1550 close(config_s[0]); -

1551 close(config_s[1]); -

1552

}

never executed: end of block

1553 close(*newsock); -

1554 -

1555 -

1556 -

1557 -

1558 -

1559 arc4random_stir(); -

1560 arc4random_buf(rnd, sizeof(rnd)); -

1561 -

1562 RAND_seed(rnd, sizeof(rnd)); -

1563

if ((

(RAND_bytes((u...)rnd, 1)) != 1	Description
TRUE	never evaluated
FALSE	never evaluated

RAND_bytes((u_char *)rnd, 1)) != 1

(RAND_bytes((u...)rnd, 1)) != 1	Description
TRUE	never evaluated
FALSE	never evaluated

)

1564

fatal("%s: RAND_bytes failed", __func__);

never executed: fatal("%s: RAND_bytes failed", __func__);

1565 -

1566 explicit_bzero(rnd, sizeof(rnd)); -

1567

}

never executed: end of block

1568 -

1569 -

1570

if (num_listen_socks < 0

num_listen_socks < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1571

break;

never executed: break;

1572

}

never executed: end of block

1573

}

never executed: end of block

1574 static void -

1575 check_ip_options(struct ssh *ssh) -

1576 { -

1577 -

1578 int sock_in = ssh_packet_get_connection_in(ssh); -

1579 struct sockaddr_storage from; -

1580 u_char opts[200]; -

1581 socklen_t i, option_size = sizeof(opts), fromlen = sizeof(from); -

1582 char text[sizeof(opts) * 3 + 1]; -

1583 -

1584 memset(&from, 0, sizeof(from)); -

1585

if (getpeername(sock_in, (struct sockaddr *)&from,

getpeername(so... &fromlen) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

1586

&fromlen) < 0

getpeername(so... &fromlen) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1587

return;

never executed: return;

1588

if (from.ss_family !=

from.ss_family != 2	Description
TRUE	never evaluated
FALSE	never evaluated

1589

from.ss_family != 2	Description
TRUE	never evaluated
FALSE	never evaluated

1590 ) -

1591

return;

never executed: return;

1592 -

1593 -

1594

if (getsockopt(sock_in,

getsockopt(soc...ion_size) >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

1595

IPPROTO_IP

getsockopt(soc...ion_size) >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

1596

getsockopt(soc...ion_size) >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

1597

getsockopt(soc...ion_size) >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

1598

, opts,

getsockopt(soc...ion_size) >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

1599

&option_size) >= 0

getsockopt(soc...ion_size) >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

&& option_size != 0

option_size != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1600 text[0] = '\0'; -

1601

for (i = 0; i < option_size

i < option_size	Description
TRUE	never evaluated
FALSE	never evaluated

; i++)

1602

snprintf(text + i*3, sizeof(text) - i*3,

never executed: snprintf(text + i*3, sizeof(text) - i*3, " %2.2x", opts[i]);

1603

" %2.2x", opts[i]);

never executed: snprintf(text + i*3, sizeof(text) - i*3, " %2.2x", opts[i]);

1604 fatal("Connection from %.100s port %d with IP opts: %.800s", -

1605 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), text); -

1606

}

never executed: end of block

1607

return;

never executed: return;

1608 -

1609 } -

1610 -

1611 -

1612 static void -

1613 set_process_rdomain(struct ssh *ssh, const char *name) -

1614 { -

1615 fatal("Unable to set routing domain: not supported in this platform"); -

1616 -

1617

}

never executed: end of block

1618 -

1619 static void -

1620 accumulate_host_timing_secret(struct sshbuf *server_cfg, -

1621 const struct sshkey *key) -

1622 { -

1623 static struct ssh_digest_ctx *ctx; -

1624 u_char *hash; -

1625 size_t len; -

1626 struct sshbuf *buf; -

1627 int r; -

1628 -

1629

if (ctx ==

ctx == ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

2-4

1630

((void *)0)

ctx == ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

2-4

1631

&& (

(ctx = ssh_dig...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

ctx = ssh_digest_start(4)) ==

(ctx = ssh_dig...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1632

((void *)0)

(ctx = ssh_dig...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1633 ) -

1634

fatal("%s: ssh_digest_start", __func__);

never executed: fatal("%s: ssh_digest_start", __func__);

1635

if (key ==

key == ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

2-4

1636

((void *)0)

key == ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

2-4

1637 ) { -

1638 -

1639

if (ssh_digest_update(ctx, sshbuf_ptr(server_cfg),

ssh_digest_upd...ver_cfg)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1640

sshbuf_len(server_cfg)) != 0

ssh_digest_upd...ver_cfg)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

)

0-2

1641

fatal("%s: ssh_digest_update", __func__);

never executed: fatal("%s: ssh_digest_update", __func__);

1642 len = ssh_digest_bytes(4); -

1643 hash = xmalloc(len); -

1644

if (ssh_digest_final(ctx, hash, len) != 0

ssh_digest_fin...ash, len) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

)

0-2

1645

fatal("%s: ssh_digest_final", __func__);

never executed: fatal("%s: ssh_digest_final", __func__);

1646 options.timing_secret = (((u_int64_t)(((const u_char *)(hash))[0]) << 56) | ((u_int64_t)(((const u_char *)(hash))[1]) << 48) | ((u_int64_t)(((const u_char *)(hash))[2]) << 40) | ((u_int64_t)(((const u_char *)(hash))[3]) << 32) | ((u_int64_t)(((const u_char *)(hash))[4]) << 24) | ((u_int64_t)(((const u_char *)(hash))[5]) << 16) | ((u_int64_t)(((const u_char *)(hash))[6]) << 8) | (u_int64_t)(((const u_char *)(hash))[7])); -

1647 freezero(hash, len); -

1648 ssh_digest_free(ctx); -

1649 ctx = -

1650 ((void *)0) -

1651 ; -

1652

return;

executed 2 times by 1 test: return;

Executed by:

sshd

1653 } -

1654

if ((

(buf = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

buf = sshbuf_new()) ==

(buf = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

1655

((void *)0)

(buf = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

1656 ) -

1657

fatal("%s could not allocate buffer", __func__);

never executed: fatal("%s could not allocate buffer", __func__);

1658

if ((

(r = sshkey_pr...ey, buf)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

r = sshkey_private_serialize(key, buf)) != 0

(r = sshkey_pr...ey, buf)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

)

0-4

1659

fatal("sshkey_private_serialize: %s", ssh_err(r));

never executed: fatal("sshkey_private_serialize: %s", ssh_err(r));

1660

if (ssh_digest_update(ctx, sshbuf_ptr(buf), sshbuf_len(buf)) != 0

ssh_digest_upd...len(buf)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

)

0-4

1661

fatal("%s: ssh_digest_update", __func__);

never executed: fatal("%s: ssh_digest_update", __func__);

1662 sshbuf_reset(buf); -

1663 sshbuf_free(buf); -

1664

}

executed 4 times by 1 test: end of block

Executed by:

sshd

1665 -

1666 -

1667 -

1668 -

1669 int -

1670 main(int ac, char **av) -

1671 { -

1672 struct ssh *ssh = -

1673 ((void *)0) -

1674 ; -

1675 extern char *BSDoptarg; -

1676 extern int BSDoptind; -

1677 int r, opt, on = 1, already_daemon, remote_port; -

1678 int sock_in = -1, sock_out = -1, newsock = -1; -

1679 const char *remote_ip, *rdomain; -

1680 char *fp, *line, *laddr, *logfile = -

1681 ((void *)0) -

1682 ; -

1683 int config_s[2] = { -1 , -1 }; -

1684 u_int i, j; -

1685 u_int64_t ibytes, obytes; -

1686 mode_t new_umask; -

1687 struct sshkey *key; -

1688 struct sshkey *pubkey; -

1689 int keytype; -

1690 Authctxt *authctxt; -

1691 struct connection_info *connection_info = -

1692 ((void *)0) -

1693 ; -

1694 -

1695 ssh_malloc_init(); -

1696 -

1697 -

1698 -

1699 -

1700 __progname = ssh_get_progname(av[0]); -

1701 -

1702 -

1703 saved_argc = ac; -

1704 rexec_argc = ac; -

1705 saved_argv = xcalloc(ac + 1, sizeof(*saved_argv)); -

1706

for (i = 0; (

(int)i < ac	Description
TRUE	evaluated 8 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

int)i < ac

(int)i < ac	Description
TRUE	evaluated 8 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

; i++)

2-8

1707

saved_argv[i] = xstrdup(av[i]);

executed 8 times by 1 test: saved_argv[i] = xstrdup(av[i]);

Executed by:

sshd

1708 saved_argv[i] = -

1709 ((void *)0) -

1710 ; -

1711 -

1712 -

1713 -

1714 compat_init_setproctitle(ac, av); -

1715 av = saved_argv; -

1716 -

1717 -

1718

if (geteuid() == 0

geteuid() == 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

&& setgroups(0,

setgroups(0, (...d *)0) ) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

0-2

1719

((void *)0)

setgroups(0, (...d *)0) ) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1720

) == -1

setgroups(0, (...d *)0) ) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

1721

debug("setgroups(): %.200s", strerror(

never executed: debug("setgroups(): %.200s", strerror( (*__errno_location ()) ));

1722

(*__errno_location ())

never executed: debug("setgroups(): %.200s", strerror( (*__errno_location ()) ));

1723

));

never executed: debug("setgroups(): %.200s", strerror( (*__errno_location ()) ));

1724 -

1725 -

1726 sanitise_stdfd(); -

1727 -

1728 -

1729 initialize_server_options(&options); -

1730 -

1731 -

1732

while ((

(opt = BSDgeto...iqrt") ) != -1	Description
TRUE	evaluated 4 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

opt = BSDgetopt(ac, av, "C:E:b:c:f:g:h:k:o:p:u:46DQRTdeiqrt")

(opt = BSDgeto...iqrt") ) != -1	Description
TRUE	evaluated 4 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

2-4

1733

) != -1

(opt = BSDgeto...iqrt") ) != -1	Description
TRUE	evaluated 4 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

) {

2-4

1734 switch (opt) { -

1735

case

never executed: case '4':

'4':

never executed: case '4':

1736 options.address_family = -

1737 2 -

1738 ; -

1739

break;

never executed: break;

1740

case

never executed: case '6':

'6':

never executed: case '6':

1741 options.address_family = -

1742 10 -

1743 ; -

1744

break;

never executed: break;

1745

case

executed 2 times by 1 test: case 'f':

Executed by:

sshd

'f':

executed 2 times by 1 test: case 'f':

Executed by:

sshd

1746 config_file_name = BSDoptarg; -

1747

break;

executed 2 times by 1 test: break;

Executed by:

sshd

1748

case

never executed: case 'c':

'c':

never executed: case 'c':

1749 servconf_add_hostcert("[command-line]", 0, -

1750 &options, BSDoptarg); -

1751

break;

never executed: break;

1752

case

never executed: case 'd':

'd':

never executed: case 'd':

1753

if (debug_flag == 0

debug_flag == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1754 debug_flag = 1; -

1755 options.log_level = SYSLOG_LEVEL_DEBUG1; -

1756

}

never executed: end of block

else if (options.log_level < SYSLOG_LEVEL_DEBUG3

options.log_le...G_LEVEL_DEBUG3	Description
TRUE	never evaluated
FALSE	never evaluated

)

1757

options.log_level++;

never executed: options.log_level++;

1758

break;

never executed: break;

1759

case

never executed: case 'D':

'D':

never executed: case 'D':

1760 no_daemon_flag = 1; -

1761

break;

never executed: break;

1762

case

never executed: case 'E':

'E':

never executed: case 'E':

1763 logfile = BSDoptarg; -

1764 -

1765

case

never executed: case 'e':

'e':

never executed: case 'e':

code before this statement never executed: case 'e':

1766 log_stderr = 1; -

1767

break;

never executed: break;

1768

case

never executed: case 'i':

'i':

never executed: case 'i':

1769 inetd_flag = 1; -

1770

break;

never executed: break;

1771

case

never executed: case 'r':

'r':

never executed: case 'r':

1772 rexec_flag = 0; -

1773

break;

never executed: break;

1774

case

never executed: case 'R':

'R':

never executed: case 'R':

1775 rexeced_flag = 1; -

1776 inetd_flag = 1; -

1777

break;

never executed: break;

1778

case

never executed: case 'Q':

'Q':

never executed: case 'Q':

1779 -

1780

break;

never executed: break;

1781

case

never executed: case 'q':

'q':

never executed: case 'q':

1782 options.log_level = SYSLOG_LEVEL_QUIET; -

1783

break;

never executed: break;

1784

case

never executed: case 'b':

'b':

never executed: case 'b':

1785 -

1786

break;

never executed: break;

1787

case

never executed: case 'p':

'p':

never executed: case 'p':

1788 options.ports_from_cmdline = 1; -

1789

if (options.num_ports >= 256

options.num_ports >= 256	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1790 fprintf( -

1791 stderr -

1792 , "too many ports.\n"); -

1793

exit(1);

never executed: exit(1);

1794 } -

1795 options.ports[options.num_ports++] = a2port(BSDoptarg); -

1796

if (options.ports[options.num_ports-1] <= 0

options.ports[..._ports-1] <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1797 fprintf( -

1798 stderr -

1799 , "Bad port number.\n"); -

1800

exit(1);

never executed: exit(1);

1801 } -

1802

break;

never executed: break;

1803

case

never executed: case 'g':

'g':

never executed: case 'g':

1804

if ((

(options.login...optarg)) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

options.login_grace_time = convtime(BSDoptarg)) == -1

(options.login...optarg)) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1805 fprintf( -

1806 stderr -

1807 , "Invalid login grace time.\n"); -

1808

exit(1);

never executed: exit(1);

1809 } -

1810

break;

never executed: break;

1811

case

never executed: case 'k':

'k':

never executed: case 'k':

1812 -

1813

break;

never executed: break;

1814

case

never executed: case 'h':

'h':

never executed: case 'h':

1815 servconf_add_hostkey("[command-line]", 0, -

1816 &options, BSDoptarg); -

1817

break;

never executed: break;

1818

case

executed 2 times by 1 test: case 't':

Executed by:

sshd

't':

executed 2 times by 1 test: case 't':

Executed by:

sshd

1819 test_flag = 1; -

1820

break;

executed 2 times by 1 test: break;

Executed by:

sshd

1821

case

never executed: case 'T':

'T':

never executed: case 'T':

1822 test_flag = 2; -

1823

break;

never executed: break;

1824

case

never executed: case 'C':

'C':

never executed: case 'C':

1825 connection_info = get_connection_info(0, 0); -

1826

if (parse_server_match_testspec(connection_info,

parse_server_m...Doptarg) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

1827

BSDoptarg) == -1

parse_server_m...Doptarg) == -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

1828

exit(1);

never executed: exit(1);

1829

break;

never executed: break;

1830

case

never executed: case 'u':

'u':

never executed: case 'u':

1831 utmp_len = (u_int)strtonum(BSDoptarg, 0, -

1832 64 -

1833 +1+1, -

1834 ((void *)0) -

1835 ); -

1836

if (utmp_len >

utmp_len > 64 +1	Description
TRUE	never evaluated
FALSE	never evaluated

1837

utmp_len > 64 +1	Description
TRUE	never evaluated
FALSE	never evaluated

1838

utmp_len > 64 +1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

1839 fprintf( -

1840 stderr -

1841 , "Invalid utmp length.\n"); -

1842

exit(1);

never executed: exit(1);

1843 } -

1844

break;

never executed: break;

1845

case

never executed: case 'o':

'o':

never executed: case 'o':

1846 line = xstrdup(BSDoptarg); -

1847

if (process_server_config_line(&options, line,

process_server...id *)0) ) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1848

"command-line", 0,

process_server...id *)0) ) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1849

((void *)0)

process_server...id *)0) ) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1850

process_server...id *)0) ) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1851

((void *)0)

process_server...id *)0) ) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

1852

) != 0

process_server...id *)0) ) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1853

exit(1);

never executed: exit(1);

1854 free(line); -

1855

break;

never executed: break;

1856

case

never executed: case '?':

'?':

never executed: case '?':

1857

default

never executed: default:

1858 usage(); -

1859

break;

never executed: break;

1860 } -

1861 } -

1862

if (rexeced_flag

rexeced_flag	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

|| inetd_flag

inetd_flag	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

)

0-2

1863

rexec_flag = 0;

never executed: rexec_flag = 0;

1864

if (!test_flag

!test_flag	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

&& (rexec_flag

rexec_flag	Description
TRUE	never evaluated
FALSE	never evaluated

&& (av[0] ==

av[0] == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0-2

1865

((void *)0)

av[0] == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1866

|| *

*av[0] != '/'	Description
TRUE	never evaluated
FALSE	never evaluated

av[0] != '/'

*av[0] != '/'	Description
TRUE	never evaluated
FALSE	never evaluated

)))

1867

fatal("sshd re-exec requires execution with an absolute path");

never executed: fatal("sshd re-exec requires execution with an absolute path");

1868

if (rexeced_flag

rexeced_flag	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

)

0-2

1869

closefrom((

never executed: closefrom(( 2 + 4));

1870

never executed: closefrom(( 2 + 4));

1871

+ 4));

never executed: closefrom(( 2 + 4));

1872 else -

1873

closefrom((

executed 2 times by 1 test: closefrom(( 2 + 1));

Executed by:

sshd

1874

executed 2 times by 1 test: closefrom(( 2 + 1));

Executed by:

sshd

1875

+ 1));

executed 2 times by 1 test: closefrom(( 2 + 1));

Executed by:

sshd

1876 -

1877 -

1878 -

1879 OPENSSL_add_all_algorithms_noconf() -

1880 ; -

1881 -

1882 -

1883 -

1884

if (logfile !=

logfile != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1885

((void *)0)

logfile != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1886 ) -

1887

log_redirect_stderr_to(logfile);

never executed: log_redirect_stderr_to(logfile);

1888 -

1889 -

1890 -

1891 -

1892 log_init(__progname, -

1893 options.log_level == SYSLOG_LEVEL_NOT_SET ? -

1894 SYSLOG_LEVEL_INFO : options.log_level, -

1895 options.log_facility == SYSLOG_FACILITY_NOT_SET ? -

1896 SYSLOG_FACILITY_AUTH : options.log_facility, -

1897 log_stderr || !inetd_flag); -

1898 -

1899 -

1900 -

1901 -

1902 -

1903

if (getenv("KRB5CCNAME") !=

getenv("KRB5CC...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1904

((void *)0)

getenv("KRB5CC...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1905 ) -

1906

(

never executed: (void) unsetenv("KRB5CCNAME");

void) unsetenv("KRB5CCNAME");

never executed: (void) unsetenv("KRB5CCNAME");

1907 -

1908 sensitive_data.have_ssh2_key = 0; -

1909 -

1910 -

1911 -

1912 -

1913 -

1914

if (test_flag < 2

test_flag < 2	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

&& connection_info !=

connection_info != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1915

((void *)0)

connection_info != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1916 ) -

1917

fatal("Config test connection parameter (-C) provided without "

never executed: fatal("Config test connection parameter (-C) provided without " "test mode (-T)");

1918

"test mode (-T)");

never executed: fatal("Config test connection parameter (-C) provided without " "test mode (-T)");

1919 -

1920 -

1921

if ((

(cfg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

cfg = sshbuf_new()) ==

(cfg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1922

((void *)0)

(cfg = sshbuf_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1923 ) -

1924

fatal("%s: sshbuf_new failed", __func__);

never executed: fatal("%s: sshbuf_new failed", __func__);

1925

if (rexeced_flag

rexeced_flag	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

)

0-2

1926

recv_rexec_state((

never executed: recv_rexec_state(( 2 + 3), cfg);

1927

never executed: recv_rexec_state(( 2 + 3), cfg);

1928

+ 3), cfg);

never executed: recv_rexec_state(( 2 + 3), cfg);

1929

else if (strcasecmp(config_file_name, "none") != 0

strcasecmp(con..., "none") != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

)

0-2

1930

load_server_config(config_file_name, cfg);

executed 2 times by 1 test: load_server_config(config_file_name, cfg);

Executed by:

sshd

1931 -

1932 parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, -

1933 cfg, -

1934 ((void *)0) -

1935 ); -

1936 -

1937 seed_rng(); -

1938 -

1939 -

1940 fill_default_server_options(&options); -

1941 -

1942 -

1943

if (options.challenge_response_authentication

options.challe...authentication	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

)

0-2

1944

options.kbd_interactive_authentication = 1;

executed 2 times by 1 test: options.kbd_interactive_authentication = 1;

Executed by:

sshd

1945 -

1946 -

1947

if (options.authorized_keys_command_user ==

options.author...== ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-2

1948

((void *)0)

options.author...== ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-2

1949 && -

1950

(options.authorized_keys_command !=

options.author...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1951

((void *)0)

options.author...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1952 && -

1953

strcasecmp(options.authorized_keys_command, "none") != 0

strcasecmp(opt..., "none") != 0	Description
TRUE	never evaluated
FALSE	never evaluated

))

1954

fatal("AuthorizedKeysCommand set without "

never executed: fatal("AuthorizedKeysCommand set without " "AuthorizedKeysCommandUser");

1955

"AuthorizedKeysCommandUser");

never executed: fatal("AuthorizedKeysCommand set without " "AuthorizedKeysCommandUser");

1956

if (options.authorized_principals_command_user ==

options.author...== ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-2

1957

((void *)0)

options.author...== ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-2

1958 && -

1959

(options.authorized_principals_command !=

options.author...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1960

((void *)0)

options.author...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

1961 && -

1962

strcasecmp(options.authorized_principals_command, "none") != 0

strcasecmp(opt..., "none") != 0	Description
TRUE	never evaluated
FALSE	never evaluated

))

1963

fatal("AuthorizedPrincipalsCommand set without "

never executed: fatal("AuthorizedPrincipalsCommand set without " "AuthorizedPrincipalsCommandUser");

1964

"AuthorizedPrincipalsCommandUser");

never executed: fatal("AuthorizedPrincipalsCommand set without " "AuthorizedPrincipalsCommandUser");

1965 -

1966 -

1967 -

1968 -

1969 -

1970 -

1971 -

1972

if (options.num_auth_methods != 0

options.num_auth_methods != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

) {

0-2

1973

for (i = 0; i < options.num_auth_methods

i < options.num_auth_methods	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

1974

if (auth2_methods_valid(options.auth_methods[i],

auth2_methods_...ds[i], 1) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

1975

1) == 0

auth2_methods_...ds[i], 1) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

1976

break;

never executed: break;

1977

}

never executed: end of block

1978

if (i >= options.num_auth_methods

i >= options.num_auth_methods	Description
TRUE	never evaluated
FALSE	never evaluated

)

1979

fatal("AuthenticationMethods cannot be satisfied by "

never executed: fatal("AuthenticationMethods cannot be satisfied by " "enabled authentication methods");

1980

"enabled authentication methods");

never executed: fatal("AuthenticationMethods cannot be satisfied by " "enabled authentication methods");

1981

}

never executed: end of block

1982 -

1983 -

1984

if (BSDoptind < ac

BSDoptind < ac	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

) {

0-2

1985 fprintf( -

1986 stderr -

1987 , "Extra argument %s.\n", av[BSDoptind]); -

1988

exit(1);

never executed: exit(1);

1989 } -

1990 -

1991 debug("sshd version %s, %s", "OpenSSH_7.8", -

1992 -

1993 SSLeay_version( -

1994 0 -

1995 ) -

1996 -

1997 -

1998 -

1999 ); -

2000 -

2001 -

2002

privsep_chroot = use_privsep

use_privsep	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

&& (getuid() == 0

getuid() == 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

|| geteuid() == 0

geteuid() == 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

);

0-2

2003

if ((

(privsep_pw = ...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

privsep_pw = getpwnam("nobody")) ==

(privsep_pw = ...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

2004

((void *)0)

(privsep_pw = ...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

0-2

2005 ) { -

2006

if (privsep_chroot

privsep_chroot	Description
TRUE	never evaluated
FALSE	never evaluated

|| options.kerberos_authentication

options.kerber...authentication	Description
TRUE	never evaluated
FALSE	never evaluated

)

2007

fatal("Privilege separation user %s does not exist",

never executed: fatal("Privilege separation user %s does not exist", "nobody");

2008

"nobody");

never executed: fatal("Privilege separation user %s does not exist", "nobody");

2009

}

never executed: end of block

else {

2010 privsep_pw = pwcopy(privsep_pw); -

2011 freezero(privsep_pw->pw_passwd, strlen(privsep_pw->pw_passwd)); -

2012 privsep_pw->pw_passwd = xstrdup("*"); -

2013

}

executed 2 times by 1 test: end of block

Executed by:

sshd

2014 endpwent(); -

2015 -

2016 -

2017 sensitive_data.host_keys = xcalloc(options.num_host_key_files, -

2018 sizeof(struct sshkey *)); -

2019 sensitive_data.host_pubkeys = xcalloc(options.num_host_key_files, -

2020 sizeof(struct sshkey *)); -

2021 -

2022

if (options.host_key_agent

options.host_key_agent	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

) {

0-2

2023 if ( -

2024

__extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2025

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2026

) && __builtin_constant_p (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2027

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2028

) && (__s1_len = __builtin_strlen (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2029

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2030

), __s2_len = __builtin_strlen (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2031

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2032

), (!((size_t)(const void *)((

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2033

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2034

) + 1) - (size_t)(const void *)(

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2035

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2036

) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2037

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2038

) + 1) - (size_t)(const void *)(

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2039

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2040

) == 1) || __s2_len >= 4)) ? __builtin_strcmp (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2041

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2042

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2043

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2044

) : (__builtin_constant_p (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2045

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2046

) && ((size_t)(const void *)((

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2047

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2048

) + 1) - (size_t)(const void *)(

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2049

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2050

) == 1) && (__s1_len = __builtin_strlen (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2051

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2052

), __s1_len < 4) ? (__builtin_constant_p (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2053

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2054

) && ((size_t)(const void *)((

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2055

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2056

) + 1) - (size_t)(const void *)(

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2057

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2058

) == 1) ? __builtin_strcmp (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2059

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2060

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2061

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2062

) : (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2063

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2064

); int __result = (((const unsigned char *) (const char *) (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2065

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2066

))[0] - __s2[0]); if (__s1_len > 0

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) { __result = (((const unsigned char *) (const char *) (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2067

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2068

))[1] - __s2[1]); if (__s1_len > 1

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) { __result = (((const unsigned char *) (const char *) (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2069

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2070

))[2] - __s2[2]); if (__s1_len > 2

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) __result = (((const unsigned char *) (const char *) (

never executed: __result = (((const unsigned char *) (const char *) ( options.host_key_agent ))[3] - __s2[3]);

2071

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

never executed: __result = (((const unsigned char *) (const char *) ( options.host_key_agent ))[3] - __s2[3]);

2072

))[3] - __s2[3]); } } __result; }))) : (__builtin_constant_p (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2073

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2074

) && ((size_t)(const void *)((

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2075

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2076

) + 1) - (size_t)(const void *)(

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2077

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2078

) == 1) && (__s2_len = __builtin_strlen (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2079

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2080

), __s2_len < 4) ? (__builtin_constant_p (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2081

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2082

) && ((size_t)(const void *)((

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2083

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2084

) + 1) - (size_t)(const void *)(

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2085

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2086

) == 1) ? __builtin_strcmp (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2087

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2088

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2089

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2090

) : -(__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (const char *) (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2091

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2092

); int __result = (((const unsigned char *) (const char *) (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2093

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2094

))[0] - __s2[0]); if (__s2_len > 0

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) { __result = (((const unsigned char *) (const char *) (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2095

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2096

))[1] - __s2[1]); if (__s2_len > 1

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) { __result = (((const unsigned char *) (const char *) (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2097

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2098

))[2] - __s2[2]); if (__s2_len > 2

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

&& __result == 0

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) __result = (((const unsigned char *) (const char *) (

never executed: __result = (((const unsigned char *) (const char *) ( "SSH_AUTH_SOCK" ))[3] - __s2[3]);

2099

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

never executed: __result = (((const unsigned char *) (const char *) ( "SSH_AUTH_SOCK" ))[3] - __s2[3]);

2100

))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp (

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2101

options.host_key_agent

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2102

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2103

"SSH_AUTH_SOCK"

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2104

)))); })

__extension__ ...SOCK" )))); })	Description
TRUE	never evaluated
FALSE	never evaluated

2105 ) -

2106

setenv("SSH_AUTH_SOCK",

never executed: setenv("SSH_AUTH_SOCK", options.host_key_agent, 1);

2107

options.host_key_agent, 1);

never executed: setenv("SSH_AUTH_SOCK", options.host_key_agent, 1);

2108

if ((

(r = ssh_get_a...d *)0) )) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = ssh_get_authentication_socket(

(r = ssh_get_a...d *)0) )) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

2109

((void *)0)

(r = ssh_get_a...d *)0) )) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

2110

)) == 0

(r = ssh_get_a...d *)0) )) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2111

have_agent = 1;

never executed: have_agent = 1;

2112 else -

2113

error("Could not connect to agent \"%s\": %s",

never executed: error("Could not connect to agent \"%s\": %s", options.host_key_agent, ssh_err(r));

2114

options.host_key_agent, ssh_err(r));

never executed: error("Could not connect to agent \"%s\": %s", options.host_key_agent, ssh_err(r));

2115 } -

2116 -

2117

for (i = 0; i < options.num_host_key_files

i < options.num_host_key_files	Description
TRUE	evaluated 4 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

; i++) {

2-4

2118

if (options.host_key_files[i] ==

options.host_k...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2119

((void *)0)

options.host_k...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2120 ) -

2121

continue;

never executed: continue;

2122

if ((

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

r = sshkey_load_private(options.host_key_files[i], "",

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2123

&key,

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2124

((void *)0)

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2125

)) != 0

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

&& r != -24

r != -24	Description
TRUE	never evaluated
FALSE	never evaluated

)

0-4

2126

error("Error loading host key \"%s\": %s",

never executed: error("Error loading host key \"%s\": %s", options.host_key_files[i], ssh_err(r));

2127

options.host_key_files[i], ssh_err(r));

never executed: error("Error loading host key \"%s\": %s", options.host_key_files[i], ssh_err(r));

2128

if ((

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

r = sshkey_load_public(options.host_key_files[i],

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

2129

&pubkey,

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

2130

((void *)0)

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

2131

)) != 0

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

&& r != -24

r != -24	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

)

0-2

2132

error("Error loading host key \"%s\": %s",

never executed: error("Error loading host key \"%s\": %s", options.host_key_files[i], ssh_err(r));

2133

options.host_key_files[i], ssh_err(r));

never executed: error("Error loading host key \"%s\": %s", options.host_key_files[i], ssh_err(r));

2134

if (pubkey ==

pubkey == ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

2135

((void *)0)

pubkey == ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

2136

&& key !=

key != ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-2

2137

((void *)0)

key != ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-2

2138 ) -

2139

if ((

(r = sshkey_fr...&pubkey)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

r = sshkey_from_private(key, &pubkey)) != 0

(r = sshkey_fr...&pubkey)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

)

0-2

2140

fatal("Could not demote key: \"%s\": %s",

never executed: fatal("Could not demote key: \"%s\": %s", options.host_key_files[i], ssh_err(r));

2141

options.host_key_files[i], ssh_err(r));

never executed: fatal("Could not demote key: \"%s\": %s", options.host_key_files[i], ssh_err(r));

2142 sensitive_data.host_keys[i] = key; -

2143 sensitive_data.host_pubkeys[i] = pubkey; -

2144 -

2145

if (key ==

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2146

((void *)0)

key == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2147

&& pubkey !=

pubkey != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2148

((void *)0)

pubkey != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2149

&& have_agent

have_agent	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2150 debug("will rely on agent for hostkey %s", -

2151 options.host_key_files[i]); -

2152 keytype = pubkey->type; -

2153

}

never executed: end of block

else if (key !=

key != ((void *)0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-4

2154

((void *)0)

key != ((void *)0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-4

2155 ) { -

2156 keytype = key->type; -

2157 accumulate_host_timing_secret(cfg, key); -

2158

}

executed 4 times by 1 test: end of block

Executed by:

sshd

else {

2159 error("Could not load host key: %s", -

2160 options.host_key_files[i]); -

2161 sensitive_data.host_keys[i] = -

2162 ((void *)0) -

2163 ; -

2164 sensitive_data.host_pubkeys[i] = -

2165 ((void *)0) -

2166 ; -

2167

continue;

never executed: continue;

2168 } -

2169 -

2170 switch (keytype) { -

2171

case

executed 2 times by 1 test: case KEY_RSA:

Executed by:

sshd

KEY_RSA:

executed 2 times by 1 test: case KEY_RSA:

Executed by:

sshd

2172

case

never executed: case KEY_DSA:

KEY_DSA:

never executed: case KEY_DSA:

2173

case

never executed: case KEY_ECDSA:

KEY_ECDSA:

never executed: case KEY_ECDSA:

2174

case

executed 2 times by 1 test: case KEY_ED25519:

Executed by:

sshd

KEY_ED25519:

executed 2 times by 1 test: case KEY_ED25519:

Executed by:

sshd

2175

case

never executed: case KEY_XMSS:

KEY_XMSS:

never executed: case KEY_XMSS:

2176

if (have_agent

have_agent	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

|| key !=

key != ((void *)0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-4

2177

((void *)0)

key != ((void *)0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: sshd
FALSE	never evaluated

0-4

2178 ) -

2179

sensitive_data.have_ssh2_key = 1;

executed 4 times by 1 test: sensitive_data.have_ssh2_key = 1;

Executed by:

sshd

2180

break;

executed 4 times by 1 test: break;

Executed by:

sshd

2181 } -

2182

if ((

(fp = sshkey_f...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

fp = sshkey_fingerprint(pubkey, options.fingerprint_hash,

(fp = sshkey_f...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2183

SSH_FP_DEFAULT)) ==

(fp = sshkey_f...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2184

((void *)0)

(fp = sshkey_f...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: sshd

0-4

2185 ) -

2186

fatal("sshkey_fingerprint failed");

never executed: fatal("sshkey_fingerprint failed");

2187 debug("%s host key #%d: %s %s", -

2188 key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp); -

2189 free(fp); -

2190

}

executed 4 times by 1 test: end of block

Executed by:

sshd

2191 accumulate_host_timing_secret(cfg, -

2192 ((void *)0) -

2193 ); -

2194

if (!sensitive_data.have_ssh2_key

!sensitive_data.have_ssh2_key	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

) {

0-2

2195 logit("sshd: no hostkeys available -- exiting."); -

2196

exit(1);

never executed: exit(1);

2197 } -

2198 -

2199 -

2200 -

2201 -

2202 -

2203 sensitive_data.host_certificates = xcalloc(options.num_host_key_files, -

2204 sizeof(struct sshkey *)); -

2205

for (i = 0; i < options.num_host_key_files

i < options.num_host_key_files	Description
TRUE	evaluated 4 times by 1 test Evaluated by: sshd
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

; i++)

2-4

2206

sensitive_data.host_certificates[i] =

executed 4 times by 1 test: sensitive_data.host_certificates[i] = ((void *)0) ;

Executed by:

sshd

2207

((void *)0)

executed 4 times by 1 test: sensitive_data.host_certificates[i] = ((void *)0) ;

Executed by:

sshd

2208

;

executed 4 times by 1 test: sensitive_data.host_certificates[i] = ((void *)0) ;

Executed by:

sshd

2209 -

2210

for (i = 0; i < options.num_host_cert_files

i < options.nu...ost_cert_files	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

; i++) {

0-2

2211

if (options.host_cert_files[i] ==

options.host_c...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2212

((void *)0)

options.host_c...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2213 ) -

2214

continue;

never executed: continue;

2215

if ((

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = sshkey_load_public(options.host_cert_files[i],

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2216

&key,

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2217

((void *)0)

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2218

)) != 0

(r = sshkey_lo...d *)0) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2219 error("Could not load host certificate \"%s\": %s", -

2220 options.host_cert_files[i], ssh_err(r)); -

2221

continue;

never executed: continue;

2222 } -

2223

if (!sshkey_is_cert(key)

!sshkey_is_cert(key)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2224 error("Certificate file is not a certificate: %s", -

2225 options.host_cert_files[i]); -

2226 sshkey_free(key); -

2227

continue;

never executed: continue;

2228 } -

2229 -

2230

for (j = 0; j < options.num_host_key_files

j < options.num_host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

; j++) {

2231

if (sshkey_equal_public(key,

sshkey_equal_p....host_keys[j])	Description
TRUE	never evaluated
FALSE	never evaluated

2232

sensitive_data.host_keys[j])

sshkey_equal_p....host_keys[j])	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2233 sensitive_data.host_certificates[j] = key; -

2234

break;

never executed: break;

2235 } -

2236

}

never executed: end of block

2237

if (j >= options.num_host_key_files

j >= options.n...host_key_files	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2238 error("No matching private key for certificate: %s", -

2239 options.host_cert_files[i]); -

2240 sshkey_free(key); -

2241

continue;

never executed: continue;

2242 } -

2243 sensitive_data.host_certificates[j] = key; -

2244 debug("host certificate: #%u type %d %s", j, key->type, -

2245 sshkey_type(key)); -

2246

}

never executed: end of block

2247 -

2248

if (privsep_chroot

privsep_chroot	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

) {

0-2

2249 struct stat st; -

2250 -

2251

if ((

(stat("/var/ru...", &st) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

stat("/var/run/openssh-test", &st) == -1)

(stat("/var/ru...", &st) == -1)	Description
TRUE	never evaluated
FALSE	never evaluated

2252

(

( (((( st.st_m...040000)) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

2253

((((

( (((( st.st_m...040000)) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

2254

st.st_mode

( (((( st.st_m...040000)) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

2255

)) & 0170000) == (0040000))

( (((( st.st_m...040000)) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

2256

== 0)

( (((( st.st_m...040000)) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

)

2257

fatal("Missing privilege separation directory: %s",

never executed: fatal("Missing privilege separation directory: %s", "/var/run/openssh-test");

2258

"/var/run/openssh-test");

never executed: fatal("Missing privilege separation directory: %s", "/var/run/openssh-test");

2259 -

2260 -

2261 -

2262 -

2263 -

2264 -

2265

if (st.st_uid != 0

st.st_uid != 0	Description
TRUE	never evaluated
FALSE	never evaluated

|| (

(st.st_mode & ... >> 3) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

st.st_mode & (

(st.st_mode & ... >> 3) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2266

(0200 >> 3)

(st.st_mode & ... >> 3) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2267

(st.st_mode & ... >> 3) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2268

((0200 >> 3) >> 3)

(st.st_mode & ... >> 3) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2269

)) != 0

(st.st_mode & ... >> 3) )) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2270 -

2271

fatal("%s must be owned by root and not group or "

never executed: fatal("%s must be owned by root and not group or " "world-writable.", "/var/run/openssh-test");

2272

"world-writable.", "/var/run/openssh-test");

never executed: fatal("%s must be owned by root and not group or " "world-writable.", "/var/run/openssh-test");

2273

}

never executed: end of block

2274 -

2275

if (test_flag > 1

test_flag > 1	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: sshd

) {

0-2

2276 -

2277 -

2278 -

2279 -

2280

if (connection_info ==

connection_info == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2281

((void *)0)

connection_info == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2282 ) -

2283

connection_info = get_connection_info(0, 0);

never executed: connection_info = get_connection_info(0, 0);

2284 parse_server_match_config(&options, connection_info); -

2285 dump_config(&options); -

2286

}

never executed: end of block

2287 -

2288 -

2289

if (test_flag

test_flag	Description
TRUE	evaluated 2 times by 1 test Evaluated by: sshd
FALSE	never evaluated

)

0-2

2290

exit(0);

executed 2 times by 1 test: exit(0);

Executed by:

sshd

2291

if (setgroups(0,

setgroups(0, ((void *)0) ) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

2292

((void *)0)

setgroups(0, ((void *)0) ) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

2293

) < 0

setgroups(0, ((void *)0) ) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2294

debug("setgroups() failed: %.200s", strerror(

never executed: debug("setgroups() failed: %.200s", strerror( (*__errno_location ()) ));

2295

(*__errno_location ())

never executed: debug("setgroups() failed: %.200s", strerror( (*__errno_location ()) ));

2296

));

never executed: debug("setgroups() failed: %.200s", strerror( (*__errno_location ()) ));

2297 -

2298

if (rexec_flag

rexec_flag	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2299

if (rexec_argc < 0

rexec_argc < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2300

fatal("rexec_argc %d < 0", rexec_argc);

never executed: fatal("rexec_argc %d < 0", rexec_argc);

2301 rexec_argv = xcalloc(rexec_argc + 2, sizeof(char *)); -

2302

for (i = 0; i < (u_int)rexec_argc

i < (u_int)rexec_argc	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

2303 debug("rexec_argv[%d]='%s'", i, saved_argv[i]); -

2304 rexec_argv[i] = saved_argv[i]; -

2305

}

never executed: end of block

2306 rexec_argv[rexec_argc] = "-R"; -

2307 rexec_argv[rexec_argc + 1] = -

2308 ((void *)0) -

2309 ; -

2310

}

never executed: end of block

2311 -

2312 -

2313 new_umask = umask(0077) | 0022; -

2314 (void) umask(new_umask); -

2315 -

2316 -

2317

if (debug_flag

debug_flag	Description
TRUE	never evaluated
FALSE	never evaluated

&& (!inetd_flag

!inetd_flag	Description
TRUE	never evaluated
FALSE	never evaluated

|| rexeced_flag

rexeced_flag	Description
TRUE	never evaluated
FALSE	never evaluated

))

2318

log_stderr = 1;

never executed: log_stderr = 1;

2319 log_init(__progname, options.log_level, options.log_facility, log_stderr); -

2320 -

2321 -

2322 -

2323 -

2324 -

2325 -

2326 already_daemon = daemonized(); -

2327

if (!(debug_flag

debug_flag	Description
TRUE	never evaluated
FALSE	never evaluated

|| inetd_flag

inetd_flag	Description
TRUE	never evaluated
FALSE	never evaluated

|| no_daemon_flag

no_daemon_flag	Description
TRUE	never evaluated
FALSE	never evaluated

|| already_daemon

already_daemon	Description
TRUE	never evaluated
FALSE	never evaluated

)) {

2328 -

2329

if (daemon(0, 0) < 0

daemon(0, 0) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2330

fatal("daemon() failed: %.200s", strerror(

never executed: fatal("daemon() failed: %.200s", strerror( (*__errno_location ()) ));

2331

(*__errno_location ())

never executed: fatal("daemon() failed: %.200s", strerror( (*__errno_location ()) ));

2332

));

never executed: fatal("daemon() failed: %.200s", strerror( (*__errno_location ()) ));

2333 -

2334 disconnect_controlling_tty(); -

2335

}

never executed: end of block

2336 -

2337 log_init(__progname, options.log_level, options.log_facility, log_stderr); -

2338 -

2339 -

2340 -

2341

if (chdir("/") == -1

chdir("/") == -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

2342

error("chdir(\"/\"): %s", strerror(

never executed: error("chdir(\"/\"): %s", strerror( (*__errno_location ()) ));

2343

(*__errno_location ())

never executed: error("chdir(\"/\"): %s", strerror( (*__errno_location ()) ));

2344

));

never executed: error("chdir(\"/\"): %s", strerror( (*__errno_location ()) ));

2345 -

2346 -

2347 mysignal( -

2348 13 -

2349 , -

2350 ((__sighandler_t) 1) -

2351 ); -

2352 -

2353 -

2354

if (inetd_flag

inetd_flag	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2355 server_accept_inetd(&sock_in, &sock_out); -

2356

}

never executed: end of block

else {

2357 platform_pre_listen(); -

2358 server_listen(); -

2359 -

2360 mysignal( -

2361 1 -

2362 ,sighup_handler); -

2363 mysignal( -

2364 17 -

2365 ,main_sigchld_handler); -

2366 mysignal( -

2367 15 -

2368 ,sigterm_handler); -

2369 mysignal( -

2370 3 -

2371 ,sigterm_handler); -

2372 -

2373 -

2374 -

2375 -

2376 -

2377

if (options.pid_file !=

options.pid_fi...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2378

((void *)0)

options.pid_fi...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2379

&& !debug_flag

!debug_flag	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2380 FILE *f = fopen(options.pid_file, "w"); -

2381 -

2382

if (f ==

f == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2383

((void *)0)

f == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2384 ) { -

2385 error("Couldn't create pid file \"%s\": %s", -

2386 options.pid_file, strerror( -

2387 (*__errno_location ()) -

2388 )); -

2389

}

never executed: end of block

else {

2390 fprintf(f, "%ld\n", (long) getpid()); -

2391 fclose(f); -

2392

}

never executed: end of block

2393 } -

2394 -

2395 -

2396 server_accept_loop(&sock_in, &sock_out, -

2397 &newsock, config_s); -

2398

}

never executed: end of block

2399 -

2400 -

2401 setproctitle("%s", "[accepted]"); -

2402

if (!debug_flag

!debug_flag	Description
TRUE	never evaluated
FALSE	never evaluated

&& !inetd_flag

!inetd_flag	Description
TRUE	never evaluated
FALSE	never evaluated

&& setsid() < 0

setsid() < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2403

error("setsid: %.100s", strerror(

never executed: error("setsid: %.100s", strerror( (*__errno_location ()) ));

2404

(*__errno_location ())

never executed: error("setsid: %.100s", strerror( (*__errno_location ()) ));

2405

));

never executed: error("setsid: %.100s", strerror( (*__errno_location ()) ));

2406 -

2407 -

2408

if (rexec_flag

rexec_flag	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2409 int fd; -

2410 -

2411 debug("rexec start in %d out %d newsock %d pipe %d sock %d", -

2412 sock_in, sock_out, newsock, startup_pipe, config_s[0]); -

2413 dup2(newsock, -

2414 0 -

2415 ); -

2416 dup2( -

2417 0 -

2418 , -

2419 1 -

2420 ); -

2421

if (startup_pipe == -1

startup_pipe == -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

2422

close((

never executed: close(( 2 + 2));

2423

never executed: close(( 2 + 2));

2424

+ 2));

never executed: close(( 2 + 2));

2425

else if (startup_pipe != (

startup_pipe != ( 2 + 2)	Description
TRUE	never evaluated
FALSE	never evaluated

2426

startup_pipe != ( 2 + 2)	Description
TRUE	never evaluated
FALSE	never evaluated

2427

+ 2)

startup_pipe != ( 2 + 2)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2428 dup2(startup_pipe, ( -

2429 2 -

2430 + 2)); -

2431 close(startup_pipe); -

2432 startup_pipe = ( -

2433 2 -

2434 + 2); -

2435

}

never executed: end of block

2436 -

2437 dup2(config_s[1], ( -

2438 2 -

2439 + 3)); -

2440 close(config_s[1]); -

2441 -

2442 execv(rexec_argv[0], rexec_argv); -

2443 -

2444 -

2445 error("rexec of %s failed: %s", rexec_argv[0], strerror( -

2446 (*__errno_location ()) -

2447 )); -

2448 recv_rexec_state(( -

2449 2 -

2450 + 3), -

2451 ((void *)0) -

2452 ); -

2453 log_init(__progname, options.log_level, -

2454 options.log_facility, log_stderr); -

2455 -

2456 -

2457 close(( -

2458 2 -

2459 + 3)); -

2460 newsock = sock_out = sock_in = dup( -

2461 0 -

2462 ); -

2463

if ((

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

fd = open(

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

2464

"/dev/null"

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

2465

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

2466

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

2467

, 0)) != -1

(fd = open( "/...02 , 0)) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2468 dup2(fd, -

2469 0 -

2470 ); -

2471 dup2(fd, -

2472 1 -

2473 ); -

2474

if (fd >

fd > 2	Description
TRUE	never evaluated
FALSE	never evaluated

2475

fd > 2	Description
TRUE	never evaluated
FALSE	never evaluated

2476 ) -

2477

close(fd);

never executed: close(fd);

2478

}

never executed: end of block

2479 debug("rexec cleanup in %d out %d newsock %d pipe %d sock %d", -

2480 sock_in, sock_out, newsock, startup_pipe, config_s[0]); -

2481

}

never executed: end of block

2482 -

2483 -

2484 fcntl(sock_out, -

2485 2 -

2486 , -

2487 1 -

2488 ); -

2489 fcntl(sock_in, -

2490 2 -

2491 , -

2492 1 -

2493 ); -

2494 -

2495 -

2496 -

2497 -

2498 -

2499 -

2500 alarm(0); -

2501 mysignal( -

2502 14 -

2503 , -

2504 ((__sighandler_t) 0) -

2505 ); -

2506 mysignal( -

2507 1 -

2508 , -

2509 ((__sighandler_t) 0) -

2510 ); -

2511 mysignal( -

2512 15 -

2513 , -

2514 ((__sighandler_t) 0) -

2515 ); -

2516 mysignal( -

2517 3 -

2518 , -

2519 ((__sighandler_t) 0) -

2520 ); -

2521 mysignal( -

2522 17 -

2523 , -

2524 ((__sighandler_t) 0) -

2525 ); -

2526 mysignal( -

2527 2 -

2528 , -

2529 ((__sighandler_t) 0) -

2530 ); -

2531 -

2532 -

2533 -

2534 -

2535 -

2536 packet_set_connection(sock_in, sock_out); -

2537 ssh_packet_set_server(active_state); -

2538 ssh = active_state; -

2539 -

2540 check_ip_options(ssh); -

2541 -

2542 -

2543 channel_init_channels(ssh); -

2544 channel_set_af(ssh, options.address_family); -

2545 process_permitopen(ssh, &options); -

2546 -

2547 -

2548

if (options.tcp_keep_alive

options.tcp_keep_alive	Description
TRUE	never evaluated
FALSE	never evaluated

&& ssh_packet_connection_is_on_socket(active_state)

ssh_packet_con...(active_state)	Description
TRUE	never evaluated
FALSE	never evaluated

2549

setsockopt(sock_in,

setsockopt(soc...izeof(on)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

2550

setsockopt(soc...izeof(on)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

2551

setsockopt(soc...izeof(on)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

2552

setsockopt(soc...izeof(on)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

2553

, &on, sizeof(on)) < 0

setsockopt(soc...izeof(on)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2554

error("setsockopt SO_KEEPALIVE: %.100s", strerror(

never executed: error("setsockopt SO_KEEPALIVE: %.100s", strerror( (*__errno_location ()) ));

2555

(*__errno_location ())

never executed: error("setsockopt SO_KEEPALIVE: %.100s", strerror( (*__errno_location ()) ));

2556

));

never executed: error("setsockopt SO_KEEPALIVE: %.100s", strerror( (*__errno_location ()) ));

2557 -

2558

if ((

(remote_port =...port(ssh)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

remote_port = ssh_remote_port(ssh)) < 0

(remote_port =...port(ssh)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2559 debug("ssh_remote_port failed"); -

2560 cleanup_exit(255); -

2561

}

never executed: end of block

2562 -

2563

if (options.routing_domain !=

options.routin...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2564

((void *)0)

options.routin...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2565 ) -

2566

set_process_rdomain(ssh, options.routing_domain);

never executed: set_process_rdomain(ssh, options.routing_domain);

2567 -

2568 -

2569 -

2570 -

2571 -

2572 -

2573 remote_ip = ssh_remote_ipaddr(ssh); -

2574 -

2575 -

2576 -

2577 -

2578 -

2579 rdomain = ssh_packet_rdomain_in(ssh); -

2580 -

2581 -

2582 laddr = get_local_ipaddr(sock_in); -

2583 verbose("Connection from %s port %d on %s port %d%s%s%s", -

2584 remote_ip, remote_port, laddr, ssh_local_port(ssh), -

2585 rdomain == -

2586 ((void *)0) -

2587 ? "" : " rdomain \"", -

2588 rdomain == -

2589 ((void *)0) -

2590 ? "" : rdomain, -

2591 rdomain == -

2592 ((void *)0) -

2593 ? "" : "\""); -

2594 free(laddr); -

2595 mysignal( -

2596 14 -

2597 ,grace_alarm_handler); -

2598

if (!debug_flag

!debug_flag	Description
TRUE	never evaluated
FALSE	never evaluated

)

2599

alarm(options.login_grace_time);

never executed: alarm(options.login_grace_time);

2600 -

2601 sshd_exchange_identification(ssh, sock_in, sock_out); -

2602 ssh_packet_set_nonblocking(active_state); -

2603 -

2604 -

2605 authctxt = xcalloc(1, sizeof(*authctxt)); -

2606 -

2607 authctxt->loginmsg = loginmsg; -

2608 -

2609 -

2610 the_authctxt = authctxt; -

2611 -

2612 -

2613

if ((

(auth_opts = s...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

auth_opts = sshauthopt_new_with_keys_defaults()) ==

(auth_opts = s...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2614

((void *)0)

(auth_opts = s...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2615 ) -

2616

fatal("allocation failed");

never executed: fatal("allocation failed");

2617 -

2618 -

2619

if ((

(loginmsg = ss...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

loginmsg = sshbuf_new()) ==

(loginmsg = ss...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2620

((void *)0)

(loginmsg = ss...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2621 ) -

2622

fatal("%s: sshbuf_new failed", __func__);

never executed: fatal("%s: sshbuf_new failed", __func__);

2623 auth_debug_reset(); -

2624 -

2625

if (use_privsep

use_privsep	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2626

if (privsep_preauth(authctxt) == 1

privsep_preauth(authctxt) == 1	Description
TRUE	never evaluated
FALSE	never evaluated

)

2627

goto

never executed: goto authenticated;

authenticated;

never executed: goto authenticated;

2628

}

never executed: end of block

else if (have_agent

have_agent	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2629

if ((

(r = ssh_get_a...th_sock)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = ssh_get_authentication_socket(&auth_sock)) != 0

(r = ssh_get_a...th_sock)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2630 error("Unable to get agent socket: %s", ssh_err(r)); -

2631 have_agent = 0; -

2632

}

never executed: end of block

2633

}

never executed: end of block

2634 -

2635 -

2636 -

2637 do_ssh2_kex(); -

2638 do_authentication2(authctxt); -

2639 -

2640 -

2641 -

2642 -

2643 -

2644

if (use_privsep

use_privsep	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2645 mm_send_keystate(pmonitor); -

2646 ssh_packet_clear_keys(active_state); -

2647

exit(0);

never executed: exit(0);

2648 } -

2649 -

2650

authenticated:

code before this statement never executed: authenticated:

2651 -

2652 -

2653 -

2654 -

2655 alarm(0); -

2656 mysignal( -

2657 14 -

2658 , -

2659 ((__sighandler_t) 0) -

2660 ); -

2661 authctxt->authenticated = 1; -

2662

if (startup_pipe != -1

startup_pipe != -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2663 close(startup_pipe); -

2664 startup_pipe = -1; -

2665

}

never executed: end of block

2666

if (use_privsep

use_privsep	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2667 privsep_postauth(authctxt); -

2668 -

2669

}

never executed: end of block

2670 -

2671 ssh_packet_set_timeout(active_state, (options.client_alive_interval), (options.client_alive_count_max)) -

2672 ; -

2673 -

2674 -

2675 notify_hostkeys(ssh); -

2676 -

2677 -

2678 do_authenticated(ssh, authctxt); -

2679 -

2680 -

2681 ssh_packet_get_bytes(active_state, &ibytes, &obytes); -

2682 verbose("Transferred: sent %llu, received %llu bytes", -

2683 (unsigned long long)obytes, (unsigned long long)ibytes); -

2684 -

2685 verbose("Closing connection to %.500s port %d", remote_ip, remote_port); -

2686 packet_close(); -

2687 -

2688

if (use_privsep

use_privsep	Description
TRUE	never evaluated
FALSE	never evaluated

)

2689

mm_terminate();

never executed: mm_terminate();

2690 -

2691

exit(0);

never executed: exit(0);

2692 } -

2693 -

2694 int -

2695 sshd_hostkey_sign(struct sshkey *privkey, struct sshkey *pubkey, -

2696 u_char **signature, size_t *slenp, const u_char *data, size_t dlen, -

2697 const char *alg, u_int flag) -

2698 { -

2699 int r; -

2700 -

2701

if (privkey

privkey	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2702

if ((

(use_privsep ?...afellows)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

use_privsep

use_privsep	Description
TRUE	never evaluated
FALSE	never evaluated

? mm_sshkey_sign(privkey, signature, slenp, data, dlen, alg, datafellows) : sshkey_sign(privkey, signature, slenp, data, dlen, alg, datafellows))

(use_privsep ?...afellows)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

2703

< 0

(use_privsep ?...afellows)) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2704

fatal("%s: key_sign failed", __func__);

never executed: fatal("%s: key_sign failed", __func__);

2705

}

never executed: end of block

else if (use_privsep

use_privsep	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2706

if (mm_sshkey_sign(pubkey, signature, slenp, data, dlen,

mm_sshkey_sign...tafellows) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

2707

alg, datafellows) < 0

mm_sshkey_sign...tafellows) < 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2708

fatal("%s: pubkey_sign failed", __func__);

never executed: fatal("%s: pubkey_sign failed", __func__);

2709

}

never executed: end of block

else {

2710

if ((

(r = ssh_agent...fellows)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = ssh_agent_sign(auth_sock, pubkey, signature, slenp,

(r = ssh_agent...fellows)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2711

data, dlen, alg, datafellows)) != 0

(r = ssh_agent...fellows)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2712

fatal("%s: ssh_agent_sign failed: %s",

never executed: fatal("%s: ssh_agent_sign failed: %s", __func__, ssh_err(r));

2713

__func__, ssh_err(r));

never executed: fatal("%s: ssh_agent_sign failed: %s", __func__, ssh_err(r));

2714

}

never executed: end of block

2715

return

never executed: return 0;

2716 } -

2717 -

2718 -

2719 static void -

2720 do_ssh2_kex(void) -

2721 { -

2722 char *myproposal[PROPOSAL_MAX] = { "curve25519-sha256," "curve25519-sha256@libssh.org," "ecdh-sha2-nistp256," "ecdh-sha2-nistp384," "ecdh-sha2-nistp521," "diffie-hellman-group-exchange-sha256," "diffie-hellman-group16-sha512," "diffie-hellman-group18-sha512," "diffie-hellman-group14-sha256," "diffie-hellman-group14-sha1", "ecdsa-sha2-nistp256-cert-v01@openssh.com," "ecdsa-sha2-nistp384-cert-v01@openssh.com," "ecdsa-sha2-nistp521-cert-v01@openssh.com," "ssh-ed25519-cert-v01@openssh.com," "rsa-sha2-512-cert-v01@openssh.com," "rsa-sha2-256-cert-v01@openssh.com," "ssh-rsa-cert-v01@openssh.com," "ecdsa-sha2-nistp256," "ecdsa-sha2-nistp384," "ecdsa-sha2-nistp521," "ssh-ed25519," "rsa-sha2-512," "rsa-sha2-256," "ssh-rsa", "chacha20-poly1305@openssh.com," "aes128-ctr,aes192-ctr,aes256-ctr" ",aes128-gcm@openssh.com,aes256-gcm@openssh.com", "chacha20-poly1305@openssh.com," "aes128-ctr,aes192-ctr,aes256-ctr" ",aes128-gcm@openssh.com,aes256-gcm@openssh.com", "umac-64-etm@openssh.com," "umac-128-etm@openssh.com," "hmac-sha2-256-etm@openssh.com," "hmac-sha2-512-etm@openssh.com," "hmac-sha1-etm@openssh.com," "umac-64@openssh.com," "umac-128@openssh.com," "hmac-sha2-256," "hmac-sha2-512," "hmac-sha1", "umac-64-etm@openssh.com," "umac-128-etm@openssh.com," "hmac-sha2-256-etm@openssh.com," "hmac-sha2-512-etm@openssh.com," "hmac-sha1-etm@openssh.com," "umac-64@openssh.com," "umac-128@openssh.com," "hmac-sha2-256," "hmac-sha2-512," "hmac-sha1", "none,zlib@openssh.com", "none,zlib@openssh.com", "", "" }; -

2723 struct kex *kex; -

2724 int r; -

2725 -

2726 myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( -

2727 options.kex_algorithms); -

2728 myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal( -

2729 options.ciphers); -

2730 myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal( -

2731 options.ciphers); -

2732 myproposal[PROPOSAL_MAC_ALGS_CTOS] = -

2733 myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; -

2734 -

2735

if (options.compression == 0

options.compression == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2736 myproposal[PROPOSAL_COMP_ALGS_CTOS] = -

2737 myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; -

2738

}

never executed: end of block

2739 -

2740

if (options.rekey_limit

options.rekey_limit	Description
TRUE	never evaluated
FALSE	never evaluated

|| options.rekey_interval

options.rekey_interval	Description
TRUE	never evaluated
FALSE	never evaluated

)

2741

ssh_packet_set_rekey_limits(active_state, options.rekey_limit, options.rekey_interval)

never executed: ssh_packet_set_rekey_limits(active_state, options.rekey_limit, options.rekey_interval) ;

2742

;

never executed: ssh_packet_set_rekey_limits(active_state, options.rekey_limit, options.rekey_interval) ;

2743 -

2744 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( -

2745 list_hostkey_types()); -

2746 -

2747 -

2748

if ((

(r = kex_setup...roposal)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

r = kex_setup(active_state, myproposal)) != 0

(r = kex_setup...roposal)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

2749

fatal("kex_setup: %s", ssh_err(r));

never executed: fatal("kex_setup: %s", ssh_err(r));

2750 kex = active_state->kex; -

2751 -

2752 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; -

2753 kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server; -

2754 kex->kex[KEX_DH_GRP14_SHA256] = kexdh_server; -

2755 kex->kex[KEX_DH_GRP16_SHA512] = kexdh_server; -

2756 kex->kex[KEX_DH_GRP18_SHA512] = kexdh_server; -

2757 kex->kex[KEX_DH_GEX_SHA1] = kexgex_server; -

2758 kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; -

2759 -

2760 kex->kex[KEX_ECDH_SHA2] = kexecdh_server; -

2761 -

2762 -

2763 kex->kex[KEX_C25519_SHA256] = kexc25519_server; -

2764 kex->server = 1; -

2765 kex->client_version_string=client_version_string; -

2766 kex->server_version_string=server_version_string; -

2767 kex->load_host_public_key=&get_hostkey_public_by_type; -

2768 kex->load_host_private_key=&get_hostkey_private_by_type; -

2769 kex->host_key_index=&get_hostkey_index; -

2770 kex->sign = sshd_hostkey_sign; -

2771 -

2772 ssh_dispatch_run_fatal(active_state, DISPATCH_BLOCK, &kex->done); -

2773 -

2774 session_id2 = kex->session_id; -

2775 session_id2_len = kex->session_id_len; -

2776 debug("KEX done"); -

2777

}

never executed: end of block

2778 -

2779 -

2780 void -

2781 cleanup_exit(int i) -

2782 { -

2783 struct ssh *ssh = active_state; -

2784 -

2785

if (the_authctxt

the_authctxt	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2786 do_cleanup(ssh, the_authctxt); -

2787

if (use_privsep

use_privsep	Description
TRUE	never evaluated
FALSE	never evaluated

&& privsep_is_preauth

privsep_is_preauth	Description
TRUE	never evaluated
FALSE	never evaluated

2788

pmonitor !=

pmonitor != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2789

((void *)0)

pmonitor != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

2790

&& pmonitor->m_pid > 1

pmonitor->m_pid > 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

2791 debug("Killing privsep child %d", pmonitor->m_pid); -

2792

if (kill(pmonitor->m_pid,

kill(pmonitor->m_pid, 9 ) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2793

kill(pmonitor->m_pid, 9 ) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2794

) != 0

kill(pmonitor->m_pid, 9 ) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

2795 -

2796

(*__errno_location ()) != 3	Description
TRUE	never evaluated
FALSE	never evaluated

__errno_location ())

(*__errno_location ()) != 3	Description
TRUE	never evaluated
FALSE	never evaluated

2797

(*__errno_location ()) != 3	Description
TRUE	never evaluated
FALSE	never evaluated

2798

(*__errno_location ()) != 3	Description
TRUE	never evaluated
FALSE	never evaluated

2799 ) -

2800

error("%s: kill(%d): %s", __func__,

never executed: error("%s: kill(%d): %s", __func__, pmonitor->m_pid, strerror( (*__errno_location ()) ));

2801

pmonitor->m_pid, strerror(

never executed: error("%s: kill(%d): %s", __func__, pmonitor->m_pid, strerror( (*__errno_location ()) ));

2802

(*__errno_location ())

never executed: error("%s: kill(%d): %s", __func__, pmonitor->m_pid, strerror( (*__errno_location ()) ));

2803

));

never executed: error("%s: kill(%d): %s", __func__, pmonitor->m_pid, strerror( (*__errno_location ()) ));

2804

}

never executed: end of block

2805

}

never executed: end of block

2806 -

2807 -

2808 -

2809 -

2810 -

2811 _exit(i); -

2812

}

never executed: end of block

Switch to Source code

Preprocessed file

Generated by Squish Coco 4.2.2