This commit was generated by cvs2svn to compensate for changes in r137015,

which included commits to RCS files with non-trunk default branches.

11 files changed, 226 insertions, 33 deletions

diff --git a/crypto/openssh/openbsd-compat/Makefile.in b/crypto/openssh/openbsd-compat/Makefile.in
index 5de20ab..0f34f22 100644
--- a/crypto/openssh/openbsd-compat/Makefile.in
+++ b/crypto/openssh/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.30 2004/01/21 06:07:23 djm Exp $
+# $Id: Makefile.in,v 1.31 2004/08/15 08:41:00 djm Exp $
 
 sysconfdir=@sysconfdir@
 piddir=@piddir@
@@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@
 
 OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtoul.o vis.o
 
-COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o xmmap.o xcrypt.o
+COMPAT=bsd-arc4random.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o xmmap.o xcrypt.o
 
 PORTS=port-irix.o port-aix.o
 
diff --git a/crypto/openssh/openbsd-compat/bsd-arc4random.c b/crypto/openssh/openbsd-compat/bsd-arc4random.c
index 22003ff..5284e1a 100644
--- a/crypto/openssh/openbsd-compat/bsd-arc4random.c
+++ b/crypto/openssh/openbsd-compat/bsd-arc4random.c
@@ -17,7 +17,7 @@
 #include "includes.h"
 #include "log.h"
 
-RCSID("$Id: bsd-arc4random.c,v 1.8 2004/02/17 05:49:55 djm Exp $");
+RCSID("$Id: bsd-arc4random.c,v 1.9 2004/07/18 23:30:40 djm Exp $");
 
 #ifndef HAVE_ARC4RANDOM
 
@@ -56,13 +56,21 @@ unsigned int arc4random(void)
 void arc4random_stir(void)
 {
 	unsigned char rand_buf[SEED_SIZE];
+	int i;
 
 	memset(&rc4, 0, sizeof(rc4));
 	if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0)
 		fatal("Couldn't obtain random bytes (error %ld)",
 		    ERR_get_error());
 	RC4_set_key(&rc4, sizeof(rand_buf), rand_buf);
-	RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf);
+
+	/*
+	 * Discard early keystream, as per recommendations in:
+	 * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
+	 */
+	for(i = 0; i <= 256; i += sizeof(rand_buf))
+		RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf);
+
 	memset(rand_buf, 0, sizeof(rand_buf));
 
 	rc4_ready = REKEY_BYTES;
diff --git a/crypto/openssh/openbsd-compat/bsd-closefrom.c b/crypto/openssh/openbsd-compat/bsd-closefrom.c
new file mode 100644
index 0000000..61a9fa3
--- /dev/null
+++ b/crypto/openssh/openbsd-compat/bsd-closefrom.c
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 2004 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "includes.h"
+
+#ifndef HAVE_CLOSEFROM
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <limits.h>
+#include <stdlib.h>
+#include <stddef.h>
+#ifdef HAVE_DIRENT_H
+# include <dirent.h>
+# define NAMLEN(dirent) strlen((dirent)->d_name)
+#else
+# define dirent direct
+# define NAMLEN(dirent) (dirent)->d_namlen
+# ifdef HAVE_SYS_NDIR_H
+#  include <sys/ndir.h>
+# endif
+# ifdef HAVE_SYS_DIR_H
+#  include <sys/dir.h>
+# endif
+# ifdef HAVE_NDIR_H
+#  include <ndir.h>
+# endif
+#endif
+
+#ifndef OPEN_MAX
+# define OPEN_MAX	256
+#endif
+
+RCSID("$Id: bsd-closefrom.c,v 1.1 2004/08/15 08:41:00 djm Exp $");
+
+#ifndef lint
+static const char sudorcsid[] = "$Sudo: closefrom.c,v 1.6 2004/06/01 20:51:56 millert Exp $";
+#endif /* lint */
+
+/*
+ * Close all file descriptors greater than or equal to lowfd.
+ */
+void
+closefrom(int lowfd)
+{
+    long fd, maxfd;
+#if defined(HAVE_DIRFD) && defined(HAVE_PROC_PID)
+    char fdpath[PATH_MAX], *endp;
+    struct dirent *dent;
+    DIR *dirp;
+    int len;
+
+    /* Check for a /proc/$$/fd directory. */
+    len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid());
+    if (len != -1 && len <= sizeof(fdpath) && (dirp = opendir(fdpath))) {
+	while ((dent = readdir(dirp)) != NULL) {
+	    fd = strtol(dent->d_name, &endp, 10);
+	    if (dent->d_name != endp && *endp == '\0' &&
+		fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp))
+		(void) close((int) fd);
+	}
+	(void) closedir(dirp);
+    } else
+#endif
+    {
+	/*
+	 * Fall back on sysconf() or getdtablesize().  We avoid checking
+	 * resource limits since it is possible to open a file descriptor
+	 * and then drop the rlimit such that it is below the open fd.
+	 */
+#ifdef HAVE_SYSCONF
+	maxfd = sysconf(_SC_OPEN_MAX);
+#else
+	maxfd = getdtablesize();
+#endif /* HAVE_SYSCONF */
+	if (maxfd < 0)
+	    maxfd = OPEN_MAX;
+
+	for (fd = lowfd; fd < maxfd; fd++)
+	    (void) close((int) fd);
+    }
+}
+
+#endif /* HAVE_CLOSEFROM */
+
diff --git a/crypto/openssh/openbsd-compat/bsd-misc.c b/crypto/openssh/openbsd-compat/bsd-misc.c
index 7b06786..1b276b4 100644
--- a/crypto/openssh/openbsd-compat/bsd-misc.c
+++ b/crypto/openssh/openbsd-compat/bsd-misc.c
@@ -1,3 +1,4 @@
+
 /*
  * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
  *
@@ -17,7 +18,11 @@
 #include "includes.h"
 #include "xmalloc.h"
 
-RCSID("$Id: bsd-misc.c,v 1.21 2004/02/17 05:49:55 djm Exp $");
+RCSID("$Id: bsd-misc.c,v 1.25 2004/08/15 08:41:00 djm Exp $");
+
+#ifndef HAVE___PROGNAME
+char *__progname;
+#endif
 
 /*
  * NB. duplicate __progname in case it is an alias for argv[0]
diff --git a/crypto/openssh/openbsd-compat/bsd-misc.h b/crypto/openssh/openbsd-compat/bsd-misc.h
index 009739b..33a1d70 100644
--- a/crypto/openssh/openbsd-compat/bsd-misc.h
+++ b/crypto/openssh/openbsd-compat/bsd-misc.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-misc.h,v 1.15 2004/03/08 11:59:03 dtucker Exp $ */
+/* $Id: bsd-misc.h,v 1.17 2004/08/15 08:41:00 djm Exp $ */
 
 /*
  * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
diff --git a/crypto/openssh/openbsd-compat/getrrsetbyname.c b/crypto/openssh/openbsd-compat/getrrsetbyname.c
index 66d1814..660427c 100644
--- a/crypto/openssh/openbsd-compat/getrrsetbyname.c
+++ b/crypto/openssh/openbsd-compat/getrrsetbyname.c
@@ -53,6 +53,10 @@
 
 #define ANSWER_BUFFER_SIZE 1024*64
 
+#if defined(HAVE_DECL_H_ERRNO) && !HAVE_DECL_H_ERRNO
+extern int h_errno;
+#endif
+
 struct dns_query {
 	char			*name;
 	u_int16_t		type;
diff --git a/crypto/openssh/openbsd-compat/openbsd-compat.h b/crypto/openssh/openbsd-compat/openbsd-compat.h
index 6be1bcd..89d1454 100644
--- a/crypto/openssh/openbsd-compat/openbsd-compat.h
+++ b/crypto/openssh/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openbsd-compat.h,v 1.25 2004/01/21 06:07:23 djm Exp $ */
+/* $Id: openbsd-compat.h,v 1.26 2004/08/15 08:41:00 djm Exp $ */
 
 /*
  * Copyright (c) 1999-2003 Damien Miller.  All rights reserved.
@@ -48,6 +48,10 @@ char *basename(const char *path);
 int bindresvport_sa(int sd, struct sockaddr *sa);
 #endif
 
+#ifndef HAVE_CLOSEFROM
+void closefrom(int);
+#endif
+
 #ifndef HAVE_GETCWD
 char *getcwd(char *pt, size_t size);
 #endif 
diff --git a/crypto/openssh/openbsd-compat/port-aix.c b/crypto/openssh/openbsd-compat/port-aix.c
index 2895f0d..78f4fae 100644
--- a/crypto/openssh/openbsd-compat/port-aix.c
+++ b/crypto/openssh/openbsd-compat/port-aix.c
@@ -101,7 +101,7 @@ aix_remove_embedded_newlines(char *p)
 int
 sys_auth_passwd(Authctxt *ctxt, const char *password)
 {
-	char *authmsg = NULL, *host, *msg, *name = ctxt->pw->pw_name;
+	char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name;
 	int authsuccess = 0, expired, reenter, result;
 
 	do {
@@ -115,30 +115,21 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
 	if (result == 0) {
 		authsuccess = 1;
 
-		host = (char *)get_canonical_hostname(options.use_dns);
-
 	       	/*
 		 * Record successful login.  We don't have a pty yet, so just
 		 * label the line as "ssh"
 		 */
 		aix_setauthdb(name);
-	       	if (loginsuccess((char *)name, (char *)host, "ssh", &msg) == 0) {
-			if (msg != NULL) {
-				debug("%s: msg %s", __func__, msg);
-				buffer_append(&loginmsg, msg, strlen(msg));
-				xfree(msg);
-			}
-		}
 
 		/*
 		 * Check if the user's password is expired.
 		 */
-                expired = passwdexpired(name, &msg);
-                if (msg && *msg) {
-                        buffer_append(&loginmsg, msg, strlen(msg));
-                        aix_remove_embedded_newlines(msg);
-                }
-                debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg);
+		expired = passwdexpired(name, &msg);
+		if (msg && *msg) {
+			buffer_append(&loginmsg, msg, strlen(msg));
+			aix_remove_embedded_newlines(msg);
+		}
+		debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg);
 
 		switch (expired) {
 		case 0: /* password not expired */
@@ -163,7 +154,70 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
 
 	return authsuccess;
 }
-  
+
+/*
+ * Check if specified account is permitted to log in.
+ * Returns 1 if login is allowed, 0 if not allowed.
+ */
+int
+sys_auth_allowed_user(struct passwd *pw)
+{
+	char *msg = NULL;
+	int result, permitted = 0;
+	struct stat st;
+
+	/*
+	 * Don't perform checks for root account (PermitRootLogin controls
+	 * logins via * ssh) or if running as non-root user (since
+	 * loginrestrictions will always fail due to insufficient privilege).
+	 */
+	if (pw->pw_uid == 0 || geteuid() != 0) {
+		debug3("%s: not checking", __func__);
+		return 1;
+	}
+
+	result = loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg);
+	if (result == 0)
+		permitted = 1;
+	/*
+	 * If restricted because /etc/nologin exists, the login will be denied
+	 * in session.c after the nologin message is sent, so allow for now
+	 * and do not append the returned message.
+	 */
+	if (result == -1 && errno == EPERM && stat(_PATH_NOLOGIN, &st) == 0)
+		permitted = 1;
+	else if (msg != NULL)
+		buffer_append(&loginmsg, msg, strlen(msg));
+	if (msg == NULL)
+		msg = xstrdup("(none)");
+	aix_remove_embedded_newlines(msg);
+	debug3("AIX/loginrestrictions returned %d msg %.100s", result, msg);
+
+	if (!permitted)
+		logit("Login restricted for %s: %.100s", pw->pw_name, msg);
+	xfree(msg);
+	return permitted;
+}
+
+int
+sys_auth_record_login(const char *user, const char *host, const char *ttynm)
+{
+	char *msg;
+	int success = 0;
+
+	aix_setauthdb(user);
+	if (loginsuccess((char *)user, host, ttynm, &msg) == 0) {
+		success = 1;
+		if (msg != NULL) {
+			debug("AIX/loginsuccess: msg %s", __func__, msg);
+			buffer_append(&loginmsg, msg, strlen(msg));
+			xfree(msg);
+		}
+	}
+	aix_restoreauthdb();
+	return (success);
+}
+
 #  ifdef CUSTOM_FAILED_LOGIN
 /*
  * record_failed_login: generic "login failed" interface function
diff --git a/crypto/openssh/openbsd-compat/port-aix.h b/crypto/openssh/openbsd-compat/port-aix.h
index 3118af9..29e9751 100644
--- a/crypto/openssh/openbsd-compat/port-aix.h
+++ b/crypto/openssh/openbsd-compat/port-aix.h
@@ -1,4 +1,4 @@
-/* $Id: port-aix.h,v 1.19 2004/02/10 04:27:35 dtucker Exp $ */
+/* $Id: port-aix.h,v 1.21 2004/08/14 14:09:12 dtucker Exp $ */
 
 /*
  *
@@ -63,6 +63,10 @@ void aix_usrinfo(struct passwd *);
 
 #ifdef WITH_AIXAUTHENTICATE
 # define CUSTOM_SYS_AUTH_PASSWD 1
+# define CUSTOM_SYS_AUTH_ALLOWED_USER 1
+int sys_auth_allowed_user(struct passwd *);
+# define CUSTOM_SYS_AUTH_RECORD_LOGIN 1
+int sys_auth_record_login(const char *, const char *, const char *);
 # define CUSTOM_FAILED_LOGIN 1
 void record_failed_login(const char *, const char *);
 #endif
diff --git a/crypto/openssh/openbsd-compat/sys-queue.h b/crypto/openssh/openbsd-compat/sys-queue.h
index 8ff19e4..c49a946 100644
--- a/crypto/openssh/openbsd-compat/sys-queue.h
+++ b/crypto/openssh/openbsd-compat/sys-queue.h
@@ -1,6 +1,6 @@
 /* OPENBSD ORIGINAL: sys/sys/queue.h */
 
-/*	$OpenBSD: queue.h,v 1.23 2003/06/02 23:28:21 millert Exp $	*/
+/*	$OpenBSD: queue.h,v 1.25 2004/04/08 16:08:21 henning Exp $	*/
 /*	$NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $	*/
 
 /*
@@ -38,12 +38,13 @@
 #define	_FAKE_QUEUE_H_
 
 /*
- * Ignore all <sys/queue.h> since older platforms have broken/incomplete
- * <sys/queue.h> that are too hard to work around.
+ * Require for OS/X and other platforms that have old/broken/incomplete
+ * <sys/queue.h>.
  */
 #undef SLIST_HEAD
 #undef SLIST_HEAD_INITIALIZER
 #undef SLIST_ENTRY
+#undef SLIST_FOREACH_PREVPTR
 #undef SLIST_FIRST
 #undef SLIST_END
 #undef SLIST_EMPTY
@@ -54,6 +55,7 @@
 #undef SLIST_INSERT_HEAD
 #undef SLIST_REMOVE_HEAD
 #undef SLIST_REMOVE
+#undef SLIST_REMOVE_NEXT
 #undef LIST_HEAD
 #undef LIST_HEAD_INITIALIZER
 #undef LIST_ENTRY
@@ -194,6 +196,11 @@ struct {								\
 	    (var) != SLIST_END(head);					\
 	    (var) = SLIST_NEXT(var, field))
 
+#define	SLIST_FOREACH_PREVPTR(var, varp, head, field)			\
+	for ((varp) = &SLIST_FIRST((head));				\
+	    ((var) = *(varp)) != SLIST_END(head);			\
+	    (varp) = &SLIST_NEXT((var), field))
+
 /*
  * Singly-linked List functions.
  */
@@ -211,6 +218,10 @@ struct {								\
 	(head)->slh_first = (elm);					\
 } while (0)
 
+#define	SLIST_REMOVE_NEXT(head, elm, field) do {			\
+	(elm)->field.sle_next = (elm)->field.sle_next->field.sle_next;	\
+} while (0)
+
 #define	SLIST_REMOVE_HEAD(head, field) do {				\
 	(head)->slh_first = (head)->slh_first->field.sle_next;		\
 } while (0)
@@ -400,7 +411,7 @@ struct {								\
 	    (var) != TAILQ_END(head);					\
 	    (var) = TAILQ_NEXT(var, field))
 
-#define TAILQ_FOREACH_REVERSE(var, head, field, headname)		\
+#define TAILQ_FOREACH_REVERSE(var, head, headname, field)		\
 	for((var) = TAILQ_LAST(head, headname);				\
 	    (var) != TAILQ_END(head);					\
 	    (var) = TAILQ_PREV(var, headname, field))
diff --git a/crypto/openssh/openbsd-compat/xmmap.c b/crypto/openssh/openbsd-compat/xmmap.c
index 9dc4340..c8d59de 100644
--- a/crypto/openssh/openbsd-compat/xmmap.c
+++ b/crypto/openssh/openbsd-compat/xmmap.c
@@ -23,7 +23,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-/* $Id: xmmap.c,v 1.3 2003/06/02 02:25:27 tim Exp $ */
+/* $Id: xmmap.c,v 1.5 2004/08/14 13:55:38 dtucker Exp $ */
 
 #include "includes.h"
 
@@ -40,25 +40,28 @@ void *xmmap(size_t size)
 #ifdef HAVE_MMAP
 # ifdef MAP_ANON
 	address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
-	    -1, 0);
+	    -1, (off_t)0);
 # else
 	address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED,
-	    open("/dev/zero", O_RDWR), 0);
+	    open("/dev/zero", O_RDWR), (off_t)0);
 # endif
 
 #define MM_SWAP_TEMPLATE "/var/run/sshd.mm.XXXXXXXX"
 	if (address == MAP_FAILED) {
 		char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE;
 		int tmpfd;
+		mode_t old_umask;
 
+		old_umask = umask(0177);
 		tmpfd = mkstemp(tmpname);
+		umask(old_umask);
 		if (tmpfd == -1)
 			fatal("mkstemp(\"%s\"): %s",
 			    MM_SWAP_TEMPLATE, strerror(errno));
 		unlink(tmpname);
 		ftruncate(tmpfd, size);
 		address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED,
-		    tmpfd, 0);
+		    tmpfd, (off_t)0);
 		close(tmpfd);
 	}