diff options
| author | des <des@FreeBSD.org> | 2006-09-30 13:29:51 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2006-09-30 13:29:51 +0000 |
| commit | abd7c8704bf3508a2f8dde80d8b38367cbaedba5 (patch) | |
| tree | 5f4e76b625899b97f62d7a76130ec7c96f667835 /crypto/openssh | |
| parent | be4f7e296e928bb4ace464e3f32e5dfb8e49c7bd (diff) | |
| parent | 2f35ce4773442329d7798ccfecd8db9dcdce89bf (diff) | |
| download | FreeBSD-src-abd7c8704bf3508a2f8dde80d8b38367cbaedba5.zip FreeBSD-src-abd7c8704bf3508a2f8dde80d8b38367cbaedba5.tar.gz | |
This commit was generated by cvs2svn to compensate for changes in r162852,
which included commits to RCS files with non-trunk default branches.
Diffstat (limited to 'crypto/openssh')
182 files changed, 6505 insertions, 745 deletions
diff --git a/crypto/openssh/CREDITS b/crypto/openssh/CREDITS index 82b9f22..eaf105a 100644 --- a/crypto/openssh/CREDITS +++ b/crypto/openssh/CREDITS @@ -25,6 +25,7 @@ Chris, the Young One <cky@pobox.com> - Password auth fixes Christos Zoulas <christos@zoulas.com> - Autoconf fixes Chun-Chung Chen <cjj@u.washington.edu> - RPM fixes Corinna Vinschen <vinschen@redhat.com> - Cygwin support +Chad Mynhier <mynhier@interstel.net> - Solaris Process Contract support Dan Brosemer <odin@linuxfreak.com> - Autoconf support, build fixes Darren Hall <dhall@virage.org> - AIX patches Darren Tucker <dtucker@zip.com.au> - AIX BFF package scripts @@ -100,5 +101,5 @@ Apologies to anyone I have missed. Damien Miller <djm@mindrot.org> -$Id: CREDITS,v 1.80 2005/08/26 20:15:20 tim Exp $ +$Id: CREDITS,v 1.81 2006/08/30 17:24:41 djm Exp $ diff --git a/crypto/openssh/ChangeLog b/crypto/openssh/ChangeLog index b55b769..9ebc3d6 100644 --- a/crypto/openssh/ChangeLog +++ b/crypto/openssh/ChangeLog @@ -1,3 +1,1672 @@ +20060926 + - (dtucker) [bufaux.h] nuke bufaux.h; it's already gone from OpenBSD and not + referenced any more. ok djm@ + - (dtucker) [sftp-server.8] Resync; spotted by djm@ + +20060924 + - (tim) [configure.ac] Remove CFLAGS hack for UnixWare 1.x/2.x (added + to rev 1.308) to work around broken gcc 2.x header file. + +20060923 + - (dtucker) [configure.ac] Bug #1234: Put opensc libs into $LIBS rather than + $LDFLAGS. Patch from vapier at gentoo org. + +20060922 + - (dtucker) [packet.c canohost.c] Include arpa/inet.h for htonl macros on + some platforms (eg HP-UX 11.00). From santhi.amirta at gmail com. + +20060921 + - (dtucker) OpenBSD CVS Sync + - otto@cvs.openbsd.org 2006/09/19 05:52:23 + [sftp.c] + Use S_IS* macros insted of masking with S_IF* flags. The latter may + have multiple bits set, which lead to surprising results. Spotted by + Paul Stoeber, more to come. ok millert@ pedro@ jaredy@ djm@ + - markus@cvs.openbsd.org 2006/09/19 21:14:08 + [packet.c] + client NULL deref on protocol error; Tavis Ormandy, Google Security Team + - (dtucker) [defines.h] Include unistd.h before defining getpgrp; fixes + build error on Ultrix. From Bernhard Simon. + +20060918 + - (dtucker) [configure.ac] On AIX, check to see if the compiler will allow + macro redefinitions, and if not, remove "-qlanglvl=ansi" from the flags. + Allows build out of the box with older VAC and XLC compilers. Found by + David Bronder and Bernhard Simon. + - (dtucker) [openbsd-compat/port-aix.{c,h}] Reduce scope of includes. + Prevents macro redefinition warnings of "RDONLY". + +20060916 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2006/09/16 19:53:37 + [deattack.c deattack.h packet.c] + limit maximum work performed by the CRC compensation attack detector, + problem reported by Tavis Ormandy, Google Security Team; + ok markus@ deraadt@ + - (djm) Add openssh.xml to .cvsignore and sort it + - (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM auth + process so that any logging it does is with the right timezone. From + Scott Strickler, ok djm@. + - (dtucker) [monitor.c] Correctly handle auditing of single commands when + using Protocol 1. From jhb at freebsd. + - (djm) [sshd.c] Fix warning/API abuse; ok dtucker@ + - (dtucker) [INSTALL] Add info about audit support. + +20060912 + - (djm) [Makefile.in buildpkg.sh.in configure.ac openssh.xml.in] + Support SMF in Solaris Packages if enabled by configure. Patch from + Chad Mynhier, tested by dtucker@ + +20060911 + - (dtucker) [cipher-aes.c] Include string.h for memcpy and friends. Noted + by Pekka Savola. + +20060910 + - (dtucker) [contrib/aix/buildbff.sh] Ensure that perl is available. + - (dtucker) [configure.ac] Add -lcrypt to let DragonFly build OOTB. + +20060909 + - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h. + - (dtucker) [contrib/aix/buildbff.sh] Always create privsep user. + - (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@ + +20060908 + - (dtucker) [auth-sia.c] Add includes required for build on Tru64. Patch + from Chris Adams. + - (dtucker) [configure.ac] The BSM header test needs time.h in some cases. + +20060907 + - (djm) [sshd.c auth.c] Set up fakepw() with privsep uid/gid, so it can + be used to drop privilege to; fixes Solaris GSSAPI crash reported by + Magnus Abrante; suggestion and feedback dtucker@ + NB. this change will require that the privilege separation user must + exist on all the time, not just when UsePrivilegeSeparation=yes + - (tim) [configure.ac] s/BROKEN_UPDWTMP/BROKEN_UPDWTMPX/ on SCO OSR6 + - (dtucker) [loginrec.c] Wrap paths.h in HAVE_PATHS_H. + - (dtucker) [regress/cfgmatch.sh] stop_client is racy, so give us a better + chance of winning. + +20060905 + - (dtucker) [configure.ac] s/AC_DEFINES/AC_DEFINE/ spotted by Roumen Petrov. + - (dtucker) [loginrec.c] Include paths.h for _PATH_BTMP. + +20060904 + - (dtucker) [configure.ac] Define BROKEN_UPDWTMP on SCO OSR6 as the native + updwdtmp seems to generate invalid wtmp entries. From Roger Cornelius, + ok djm@ + +20060903 + - (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check for + declaration of writev(2) and declare it ourselves if necessary. Makes + the atomiciov() calls build on really old systems. ok djm@ + +20060902 + - (dtucker) [openbsd-compat/port-irix.c] Add errno.h, found by Iain Morgan. + - (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.c + openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c + openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h> + for hton* and ntoh* macros. Required on (at least) HP-UX since we define + _XOPEN_SOURCE_EXTENDED. Found by santhi.amirta at gmail com. + +20060901 + - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] + [auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c] + [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c] + [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c] + [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] + [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c] + [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c] + [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c] + [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c] + [sshconnect1.c sshconnect2.c sshd.c] + [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c] + [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c] + [openbsd-compat/port-uw.c] + Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h; + compile problems reported by rac AT tenzing.org + - (djm) [includes.h monitor.c openbsd-compat/bindresvport.c] + [openbsd-compat/rresvport.c] Some more headers: netinet/in.h + sys/socket.h and unistd.h in various places + - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declaration + warnings for binary_open and binary_close. Patch from Corinna Vinschen. + - (dtucker) [configure.ac includes.h openbsd-compat/glob.{c,h}] Explicitly + test for GLOB_NOMATCH and use our glob functions if it's not found. + Stops sftp from segfaulting when attempting to get a nonexistent file on + Cygwin (previous versions of OpenSSH didn't use the native glob). Partly + from and tested by Corinna Vinschen. + - (dtucker) [README contrib/{caldera,redhat,suse}/openssh.spec] Crank + versions. + +20060831 + - (djm) [CREDITS LICENCE Makefile.in auth.c configure.ac includes.h ] + [platform.c platform.h sshd.c openbsd-compat/Makefile.in] + [openbsd-compat/openbsd-compat.h openbsd-compat/port-solaris.c] + [openbsd-compat/port-solaris.h] Add support for Solaris process + contracts, enabled with --use-solaris-contracts. Patch from Chad + Mynhier, tweaked by dtucker@ and myself; ok dtucker@ + - (dtucker) [contrib/cygwin/ssh-host-config] Add SeTcbPrivilege privilege + while setting up the ssh service account. Patch from Corinna Vinschen. + +20060830 + - (djm) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2006/08/21 08:14:01 + [sshd_config.5] + Document HostbasedUsesNameFromPacketOnly. Corrections from jmc@, + ok jmc@ djm@ + - dtucker@cvs.openbsd.org 2006/08/21 08:15:57 + [sshd.8] + Add more detail about what permissions are and aren't accepted for + authorized_keys files. Corrections jmc@, ok djm@, "looks good" jmc@ + - djm@cvs.openbsd.org 2006/08/29 10:40:19 + [channels.c session.c] + normalise some inconsistent (but harmless) NULL pointer checks + spotted by the Stanford SATURN tool, via Isil Dillig; + ok markus@ deraadt@ + - dtucker@cvs.openbsd.org 2006/08/29 12:02:30 + [gss-genr.c] + Work around a problem in Heimdal that occurs when KRB5CCNAME file is + missing, by checking whether or not kerberos allocated us a context + before attempting to free it. Patch from Simon Wilkinson, tested by + biorn@, ok djm@ + - dtucker@cvs.openbsd.org 2006/08/30 00:06:51 + [sshconnect2.c] + Fix regression where SSH2 banner is printed at loglevels ERROR and FATAL + where previously it weren't. bz #1221, found by Dean Kopesky, ok djm@ + - djm@cvs.openbsd.org 2006/08/30 00:14:37 + [version.h] + crank to 4.4 + - (djm) [openbsd-compat/xcrypt.c] needs unistd.h + - (dtucker) [auth.c openbsd-compat/port-aix.c] Bug #1207: always call + loginsuccess on AIX immediately after authentication to clear the failed + login count. Previously this would only happen when an interactive + session starts (ie when a pty is allocated) but this means that accounts + that have primarily non-interactive sessions (eg scp's) may gradually + accumulate enough failures to lock out an account. This change may have + a side effect of creating two audit records, one with a tty of "ssh" + corresponding to the authentication and one with the allocated pty per + interactive session. + +20060824 + - (dtucker) [openbsd-compat/basename.c] Include errno.h. + - (dtucker) [openbsd-compat/bsd-misc.c] Add includes needed for select(2) on + older systems. + - (dtucker) [openbsd-compat/bsd-misc.c] Include <sys/select.h> for select(2) + on POSIX systems. + - (dtucker) [openbsd-compat/bsd-openpty.c] Include for ioctl(2). + - (dtucker) [openbsd-compat/rresvport.c] Include <stdlib.h> for malloc. + - (dtucker) [openbsd-compat/xmmap.c] Move #define HAVE_MMAP to prevent + unused variable warning when we have a broken or missing mmap(2). + +20060822 + - (dtucker) [Makefile.in] Bug #1177: fix incorrect path for sshrc in + Makefile. Patch from santhi.amirta at gmail, ok djm. + +20060820 + - (dtucker) [log.c] Move ifdef to prevent unused variable warning. + - (dtucker) [configure.ac] Save $LIBS during PAM library tests and restore + afterward. Removes the need to mangle $LIBS later to remove -lpam and -ldl. + - (dtucker) [configure.ac] Relocate --with-pam parts in preparation for + fixing bug #1181. No changes yet. + - (dtucker) [configure.ac] Bug #1181: Explicitly test to see if OpenSSL + (0.9.8a and presumably newer) requires -ldl to successfully link. + - (dtucker) [configure.ac] Remove errant "-". + +20060819 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2006/08/18 22:41:29 + [gss-genr.c] + GSSAPI error code should be 0 and not -1; from simon@sxw.org.uk + - (dtucker) [openbsd-compat/regress/Makefile.in] Add $(EXEEXT) and add a + single rule for the test progs. + +20060818 + - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Resync with + closefrom.c from sudo. + - (dtucker) [openbsd-compat/bsd-closefrom.c] Comment out rcsid. + - (dtucker) [openbsd-compat/regress/snprintftest.c] Newline on error. + - (dtucker) [openbsd-compat/regress/Makefile.in] Use implicit rules for the + test progs instead; they work better than what we have. + - (djm) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2006/08/06 01:13:32 + [compress.c monitor.c monitor_wrap.c] + "zlib.h" can be <zlib.h>; ok djm@ markus@ + - miod@cvs.openbsd.org 2006/08/12 20:46:46 + [monitor.c monitor_wrap.c] + Revert previous include file ordering change, for ssh to compile under + gcc2 (or until openssl include files are cleaned of parameter names + in function prototypes) + - dtucker@cvs.openbsd.org 2006/08/14 12:40:25 + [servconf.c servconf.h sshd_config.5] + Add ability to match groups to Match keyword in sshd_config. Feedback + djm@, stevesk@, ok stevesk@. + - djm@cvs.openbsd.org 2006/08/16 11:47:15 + [sshd.c] + factor inetd connection, TCP listen and main TCP accept loop out of + main() into separate functions to improve readability; ok markus@ + - deraadt@cvs.openbsd.org 2006/08/18 09:13:26 + [log.c log.h sshd.c] + make signal handler termination path shorter; risky code pointed out by + mark dowd; ok djm markus + - markus@cvs.openbsd.org 2006/08/18 09:15:20 + [auth.h session.c sshd.c] + delay authentication related cleanups until we're authenticated and + all alarms have been cancelled; ok deraadt + - djm@cvs.openbsd.org 2006/08/18 10:27:16 + [misc.h] + reorder so prototypes are sorted by the files they refer to; no + binary change + - djm@cvs.openbsd.org 2006/08/18 13:54:54 + [gss-genr.c ssh-gss.h sshconnect2.c] + bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.uk + ok markus@ + - djm@cvs.openbsd.org 2006/08/18 14:40:34 + [gss-genr.c ssh-gss.h] + constify host argument to match the rest of the GSSAPI functions and + unbreak compilation with -Werror + - (djm) Disable sigdie() for platforms that cannot safely syslog inside + a signal handler (basically all of them, excepting OpenBSD); + ok dtucker@ + +20060817 + - (dtucker) [openbsd-compat/fake-rfc2553.c openbsd-compat/setproctitle.c] + Include stdlib.h for malloc and friends. + - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Use F_CLOSEM fcntl + for closefrom() on AIX. Pointed out by William Ahern. + - (dtucker) [openbsd-compat/regress/{Makefile.in,closefromtest.c}] Regress + test for closefrom() in compat code. + +20060816 + - (djm) [audit-bsm.c] Sprinkle in some headers + +20060815 + - (dtucker) [LICENCE] Add Reyk to the list for the compat dir. + +20060806 + - (djm) [openbsd-compat/bsd-getpeereid.c] Add some headers to quiet warnings + on Solaris 10 + +20060806 + - (dtucker) [defines.h] With the includes.h changes we no longer get the + name clash on "YES" so we can remove the workaround for it. + - (dtucker) [openbsd-compat/{bsd-asprintf.c,bsd-openpty.c,bsd-snprintf.c, + glob.c}] Include stdlib.h for malloc and friends in compat code. + +20060805 + - (djm) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2006/07/24 13:58:22 + [sshconnect.c] + disable tunnel forwarding when no strict host key checking + and key changed; ok djm@ markus@ dtucker@ + - stevesk@cvs.openbsd.org 2006/07/25 02:01:34 + [scard.c] + need #include <string.h> + - stevesk@cvs.openbsd.org 2006/07/25 02:59:21 + [channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c] + [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c] + move #include <sys/time.h> out of includes.h + - stevesk@cvs.openbsd.org 2006/07/26 02:35:17 + [atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c] + [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c] + [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c] + [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c] + [uidswap.c xmalloc.c] + move #include <sys/param.h> out of includes.h + - stevesk@cvs.openbsd.org 2006/07/26 13:57:17 + [authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c] + [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c] + [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] + [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c] + [sshconnect1.c sshd.c xmalloc.c] + move #include <stdlib.h> out of includes.h + - jmc@cvs.openbsd.org 2006/07/27 08:00:50 + [ssh_config.5] + avoid confusing wording in HashKnownHosts: + originally spotted by alan amesbury; + ok deraadt + - jmc@cvs.openbsd.org 2006/07/27 08:00:50 + [ssh_config.5] + avoid confusing wording in HashKnownHosts: + originally spotted by alan amesbury; + ok deraadt + - dtucker@cvs.openbsd.org 2006/08/01 11:34:36 + [sshconnect.c] + Allow fallback to known_hosts entries without port qualifiers for + non-standard ports too, so that all existing known_hosts entries will be + recognised. Requested by, feedback and ok markus@ + - stevesk@cvs.openbsd.org 2006/08/01 23:22:48 + [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c] + [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c] + [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c] + [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c] + [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c] + [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c] + [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c] + [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c] + [uuencode.h xmalloc.c] + move #include <stdio.h> out of includes.h + - stevesk@cvs.openbsd.org 2006/08/01 23:36:12 + [authfile.c channels.c progressmeter.c scard.c servconf.c ssh.c] + clean extra spaces + - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 + [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c] + [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c] + [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c] + [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ] + [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c] + [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c] + [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] + [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c] + [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] + [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c] + [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c] + [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c] + [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c] + [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h] + [serverloop.c session.c session.h sftp-client.c sftp-common.c] + [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] + [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c] + [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c] + [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c] + [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h] + [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h] + almost entirely get rid of the culture of ".h files that include .h files" + ok djm, sort of ok stevesk + makes the pain stop in one easy step + NB. portable commit contains everything *except* removing includes.h, as + that will take a fair bit more work as we move headers that are required + for portability workarounds to defines.h. (also, this step wasn't "easy") + - stevesk@cvs.openbsd.org 2006/08/04 20:46:05 + [monitor.c session.c ssh-agent.c] + spaces + - (djm) [auth-pam.c defines.h] Move PAM related bits to auth-pam.c + - (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c] + remove last traces of bufaux.h - it was merged into buffer.h in the big + includes.h commit + - (djm) [auth.c loginrec.c] Missing netinet/in.h for loginrec + - (djm) [openbsd-compat/regress/snprintftest.c] + [openbsd-compat/regress/strduptest.c] Add missing includes so they pass + compilation with "-Wall -Werror" + - (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c] + [openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Sprinkle more + includes for Linux in + - (dtucker) [cleanup.c] Need defines.h for __dead. + - (dtucker) [auth2-gss.c] We still need the #ifdef GSSAPI in -portable. + - (dtucker) [openbsd-compat/{bsd-arc4random.c,port-tun.c,xmmap.c}] Lots of + #include stdarg.h, needed for log.h. + - (dtucker) [entropy.c] Needs unistd.h too. + - (dtucker) [ssh-rand-helper.c] Needs stdarg.h for log.h. + - (dtucker) [openbsd-compat/getrrsetbyname.c] Nees stdlib.h for malloc. + - (dtucker) [openbsd-compat/strtonum.c] Include stdlib.h for strtoll, + otherwise it is implicitly declared as returning an int. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2006/08/05 07:52:52 + [auth2-none.c sshd.c monitor_wrap.c] + Add headers required to build with KERBEROS5=no. ok djm@ + - dtucker@cvs.openbsd.org 2006/08/05 08:00:33 + [auth-skey.c] + Add headers required to build with -DSKEY. ok djm@ + - dtucker@cvs.openbsd.org 2006/08/05 08:28:24 + [monitor_wrap.c auth-skey.c auth2-chall.c] + Zap unused variables in -DSKEY code. ok djm@ + - dtucker@cvs.openbsd.org 2006/08/05 08:34:04 + [packet.c] + Typo in comment + - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Add headers required to compile + on Cygwin. + - (dtucker) [openbsd-compat/fake-rfc2553.c] Add headers needed for inet_ntoa. + - (dtucker) [auth-skey.c] monitor_wrap.h needs ssh-gss.h. + - (dtucker) [audit.c audit.h] Repair headers. + - (dtucker) [audit-bsm.c] Add additional headers now required. + +20060804 + - (dtucker) [configure.ac] The "crippled AES" test does not work on recent + versions of Solaris, so use AC_LINK_IFELSE to actually link the test program + rather than just compiling it. Spotted by dlg@. + +20060802 + - (dtucker) [openbsd-compat/daemon.c] Add unistd.h for fork() prototype. + +20060725 + - (dtucker) [openbsd-compat/xmmap.c] Need fcntl.h for O_RDRW. + +20060724 + - (djm) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2006/07/12 13:39:55 + [sshd_config.5] + - new sentence, new line + - s/The the/The/ + - kill a bad comma + - stevesk@cvs.openbsd.org 2006/07/12 22:28:52 + [auth-options.c canohost.c channels.c includes.h readconf.c] + [servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c] + move #include <netdb.h> out of includes.h; ok djm@ + - stevesk@cvs.openbsd.org 2006/07/12 22:42:32 + [includes.h ssh.c ssh-rand-helper.c] + move #include <stddef.h> out of includes.h + - stevesk@cvs.openbsd.org 2006/07/14 01:15:28 + [monitor_wrap.h] + don't need incompletely-typed 'struct passwd' now with + #include <pwd.h>; ok markus@ + - stevesk@cvs.openbsd.org 2006/07/17 01:31:10 + [authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c] + [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c] + [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c] + [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c] + [sshconnect.c sshlogin.c sshpty.c uidswap.c] + move #include <unistd.h> out of includes.h + - dtucker@cvs.openbsd.org 2006/07/17 12:02:24 + [auth-options.c] + Use '\0' rather than 0 to terminates strings; ok djm@ + - dtucker@cvs.openbsd.org 2006/07/17 12:06:00 + [channels.c channels.h servconf.c sshd_config.5] + Add PermitOpen directive to sshd_config which is equivalent to the + "permitopen" key option. Allows server admin to allow TCP port + forwarding only two specific host/port pairs. Useful when combined + with Match. + If permitopen is used in both sshd_config and a key option, both + must allow a given connection before it will be permitted. + Note that users can still use external forwarders such as netcat, + so to be those must be controlled too for the limits to be effective. + Feedback & ok djm@, man page corrections & ok jmc@. + - jmc@cvs.openbsd.org 2006/07/18 07:50:40 + [sshd_config.5] + tweak; ok dtucker + - jmc@cvs.openbsd.org 2006/07/18 07:56:28 + [scp.1] + replace DIAGNOSTICS with .Ex; + - jmc@cvs.openbsd.org 2006/07/18 08:03:09 + [ssh-agent.1 sshd_config.5] + mark up angle brackets; + - dtucker@cvs.openbsd.org 2006/07/18 08:22:23 + [sshd_config.5] + Clarify description of Match, with minor correction from jmc@ + - stevesk@cvs.openbsd.org 2006/07/18 22:27:55 + [dh.c] + remove unneeded includes; ok djm@ + - dtucker@cvs.openbsd.org 2006/07/19 08:56:41 + [servconf.c sshd_config.5] + Add support for X11Forwaring, X11DisplayOffset and X11UseLocalhost to + Match. ok djm@ + - dtucker@cvs.openbsd.org 2006/07/19 13:07:10 + [servconf.c servconf.h session.c sshd.8 sshd_config sshd_config.5] + Add ForceCommand keyword to sshd_config, equivalent to the "command=" + key option, man page entry and example in sshd_config. + Feedback & ok djm@, man page corrections & ok jmc@ + - stevesk@cvs.openbsd.org 2006/07/20 15:26:15 + [auth1.c serverloop.c session.c sshconnect2.c] + missed some needed #include <unistd.h> when KERBEROS5=no; issue from + massimo@cedoc.mo.it + - dtucker@cvs.openbsd.org 2006/07/21 12:43:36 + [channels.c channels.h servconf.c servconf.h sshd_config.5] + Make PermitOpen take a list of permitted ports and act more like most + other keywords (ie the first match is the effective setting). This + also makes it easier to override a previously set PermitOpen. ok djm@ + - stevesk@cvs.openbsd.org 2006/07/21 21:13:30 + [channels.c] + more ARGSUSED (lint) for dispatch table-driven functions; ok djm@ + - stevesk@cvs.openbsd.org 2006/07/21 21:26:55 + [progressmeter.c] + ARGSUSED for signal handler + - stevesk@cvs.openbsd.org 2006/07/22 19:08:54 + [includes.h moduli.c progressmeter.c scp.c sftp-common.c] + [sftp-server.c ssh-agent.c sshlogin.c] + move #include <time.h> out of includes.h + - stevesk@cvs.openbsd.org 2006/07/22 20:48:23 + [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c] + [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c] + [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c] + [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c] + [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c] + [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c] + [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c] + [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c] + [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c] + [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c] + [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] + [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c] + [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c] + move #include <string.h> out of includes.h + - stevesk@cvs.openbsd.org 2006/07/23 01:11:05 + [auth.h dispatch.c kex.h sftp-client.c] + #include <signal.h> for sig_atomic_t; need this prior to <sys/param.h> + move + - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c] + [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c] + [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c] + [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c] + [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c] + [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c] + [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c] + [openbsd-compat/mktemp.c openbsd-compat/port-linux.c] + [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] + [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c] + make the portable tree compile again - sprinkle unistd.h and string.h + back in. Don't redefine __unused, as it turned out to be used in + headers on Linux, and replace its use in auth-pam.c with ARGSUSED + - (djm) [openbsd-compat/glob.c] + Move get_arg_max() into the ifdef HAVE_GLOB block so that it compiles + on OpenBSD (or other platforms with a decent glob implementation) with + -Werror + - (djm) [uuencode.c] + Add resolv.h, is it contains the prototypes for __b64_ntop/__b64_pton on + some platforms + - (djm) [session.c] + fix compile error with -Werror -Wall: 'path' is only used in + do_setup_env() if HAVE_LOGIN_CAP is not defined + - (djm) [openbsd-compat/basename.c openbsd-compat/bsd-closefrom.c] + [openbsd-compat/bsd-cray.c openbsd-compat/bsd-openpty.c] + [openbsd-compat/bsd-snprintf.c openbsd-compat/fake-rfc2553.c] + [openbsd-compat/port-aix.c openbsd-compat/port-irix.c] + [openbsd-compat/rresvport.c] + These look to need string.h and/or unistd.h (based on a grep for function + names) + - (djm) [Makefile.in] + Remove generated openbsd-compat/regress/Makefile in distclean target + - (djm) [regress/Makefile regress/agent-getpeereid.sh regress/cfgmatch.sh] + [regress/cipher-speed.sh regress/forcecommand.sh regress/forwarding.sh] + Sync regress tests to -current; include dtucker@'s new cfgmatch and + forcecommand tests. Add cipher-speed.sh test (not linked in yet) + - (dtucker) [cleanup.c] Since config.h defines _LARGE_FILES on AIX, including + system headers before defines.h will cause conflicting definitions. + - (dtucker) [regress/forcecommand.sh] Portablize. + +20060713 + - (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h + +20060712 + - (dtucker) [configure.ac defines.h] Only define SHUT_RD (and friends) and + O_NONBLOCK if they're really needed. Fixes build errors on HP-UX, old + Linuxes and probably more. + - (dtucker) [configure.ac] OpenBSD needs <sys/types.h> before <sys/socket.h> + for SHUT_RD. + - (dtucker) [openbsd-compat/port-tun.c] OpenBSD needs <netinet/in.h> before + <netinet/ip.h>. + - (dtucker) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2006/07/10 16:01:57 + [sftp-glob.c sftp-common.h sftp.c] + buffer.h only needed in sftp-common.h and remove some unneeded + user includes; ok djm@ + - jmc@cvs.openbsd.org 2006/07/10 16:04:21 + [sshd.8] + s/and and/and/ + - stevesk@cvs.openbsd.org 2006/07/10 16:37:36 + [readpass.c log.h scp.c fatal.c xmalloc.c includes.h ssh-keyscan.c misc.c + auth.c packet.c log.c] + move #include <stdarg.h> out of includes.h; ok markus@ + - dtucker@cvs.openbsd.org 2006/07/11 10:12:07 + [ssh.c] + Only copy the part of environment variable that we actually use. Prevents + ssh bailing when SendEnv is used and an environment variable with a really + long value exists. ok djm@ + - markus@cvs.openbsd.org 2006/07/11 18:50:48 + [clientloop.c ssh.1 ssh.c channels.c ssh_config.5 readconf.h session.c + channels.h readconf.c] + add ExitOnForwardFailure: terminate the connection if ssh(1) + cannot set up all requested dynamic, local, and remote port + forwardings. ok djm, dtucker, stevesk, jmc + - stevesk@cvs.openbsd.org 2006/07/11 20:07:25 + [scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c + sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c + includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c + sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c + ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c] + move #include <errno.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/07/11 20:16:43 + [ssh.c] + cast asterisk field precision argument to int to remove warning; + ok markus@ + - stevesk@cvs.openbsd.org 2006/07/11 20:27:56 + [authfile.c ssh.c] + need <errno.h> here also (it's also included in <openssl/err.h>) + - dtucker@cvs.openbsd.org 2006/07/12 11:34:58 + [sshd.c servconf.h servconf.c sshd_config.5 auth.c] + Add support for conditional directives to sshd_config via a "Match" + keyword, which works similarly to the "Host" directive in ssh_config. + Lines after a Match line override the default set in the main section + if the condition on the Match line is true, eg + AllowTcpForwarding yes + Match User anoncvs + AllowTcpForwarding no + will allow port forwarding by all users except "anoncvs". + Currently only a very small subset of directives are supported. + ok djm@ + - (dtucker) [loginrec.c openbsd-compat/xmmap.c openbsd-compat/bindresvport.c + openbsd-compat/glob.c openbsd-compat/mktemp.c openbsd-compat/port-tun.c + openbsd-compat/readpassphrase.c openbsd-compat/strtonum.c] Include <errno.h>. + - (dtucker) [openbsd-compat/setproctitle.c] Include stdarg.h. + - (dtucker) [ssh-keyscan.c ssh-rand-helper.c] More errno.h here too. + - (dtucker) [openbsd-compat/openbsd-compat.h] v*printf needs stdarg.h. + - (dtucker) [openbsd-compat/bsd-asprintf.c openbsd-compat/port-aix.c + openbsd-compat/rresvport.c] More errno.h. + +20060711 + - (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c + openbsd-compat/daemon.c] Add includes needed by open(2). Conditionally + include paths.h. Fixes build error on Solaris. + - (dtucker) [entropy.c] More fcntl.h, this time on AIX (and probably + others). + +20060710 + - (dtucker) [INSTALL] New autoconf version: 2.60. + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2006/06/14 10:50:42 + [sshconnect.c] + limit the number of pre-banner characters we will accept; ok markus@ + - djm@cvs.openbsd.org 2006/06/26 10:36:15 + [clientloop.c] + mention optional bind_address in runtime port forwarding setup + command-line help. patch from santhi.amirta AT gmail.com + - stevesk@cvs.openbsd.org 2006/07/02 17:12:58 + [ssh.1 ssh.c ssh_config.5 sshd_config.5] + more details and clarity for tun(4) device forwarding; ok and help + jmc@ + - stevesk@cvs.openbsd.org 2006/07/02 18:36:47 + [gss-serv-krb5.c gss-serv.c] + no "servconf.h" needed here + (gss-serv-krb5.c change not applied, portable needs the server options) + - stevesk@cvs.openbsd.org 2006/07/02 22:45:59 + [groupaccess.c groupaccess.h includes.h session.c sftp-common.c sshpty.c] + move #include <grp.h> out of includes.h + (portable needed uidswap.c too) + - stevesk@cvs.openbsd.org 2006/07/02 23:01:55 + [clientloop.c ssh.1] + use -KR[bind_address:]port here; ok djm@ + - stevesk@cvs.openbsd.org 2006/07/03 08:54:20 + [includes.h ssh.c sshconnect.c sshd.c] + move #include "version.h" out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/07/03 17:59:32 + [channels.c includes.h] + move #include <arpa/inet.h> out of includes.h; old ok djm@ + (portable needed session.c too) + - stevesk@cvs.openbsd.org 2006/07/05 02:42:09 + [canohost.c hostfile.c includes.h misc.c packet.c readconf.c] + [serverloop.c sshconnect.c uuencode.c] + move #include <netinet/in.h> out of includes.h; ok deraadt@ + (also ssh-rand-helper.c logintest.c loginrec.c) + - djm@cvs.openbsd.org 2006/07/06 10:47:05 + [servconf.c servconf.h session.c sshd_config.5] + support arguments to Subsystem commands; ok markus@ + - djm@cvs.openbsd.org 2006/07/06 10:47:57 + [sftp-server.8 sftp-server.c] + add commandline options to enable logging of transactions; ok markus@ + - stevesk@cvs.openbsd.org 2006/07/06 16:03:53 + [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c] + [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c] + [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c] + [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c] + [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c] + [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c] + [uidswap.h] + move #include <pwd.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/07/06 16:22:39 + [ssh-keygen.c] + move #include "dns.h" up + - stevesk@cvs.openbsd.org 2006/07/06 17:36:37 + [monitor_wrap.h] + typo in comment + - stevesk@cvs.openbsd.org 2006/07/08 21:47:12 + [authfd.c canohost.c clientloop.c dns.c dns.h includes.h] + [monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c] + [ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h] + move #include <sys/socket.h> out of includes.h + - stevesk@cvs.openbsd.org 2006/07/08 21:48:53 + [monitor.c session.c] + missed these from last commit: + move #include <sys/socket.h> out of includes.h + - stevesk@cvs.openbsd.org 2006/07/08 23:30:06 + [log.c] + move user includes after /usr/include files + - stevesk@cvs.openbsd.org 2006/07/09 15:15:11 + [auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c] + [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c] + [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c] + [sshlogin.c sshpty.c] + move #include <fcntl.h> out of includes.h + - stevesk@cvs.openbsd.org 2006/07/09 15:27:59 + [ssh-add.c] + use O_RDONLY vs. 0 in open(); no binary change + - djm@cvs.openbsd.org 2006/07/10 11:24:54 + [sftp-server.c] + remove optind - it isn't used here + - djm@cvs.openbsd.org 2006/07/10 11:25:53 + [sftp-server.c] + don't log variables that aren't yet set + - (djm) [loginrec.c ssh-rand-helper.c sshd.c openbsd-compat/glob.c] + [openbsd-compat/mktemp.c openbsd-compat/openbsd-compat.h] + [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] + [openbsd-compat/xcrypt.c] Fix includes.h fallout, mainly fcntl.h + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2006/07/10 12:03:20 + [scp.c] + duplicate argv at the start of main() because it gets modified later; + pointed out by deraadt@ ok markus@ + - djm@cvs.openbsd.org 2006/07/10 12:08:08 + [channels.c] + fix misparsing of SOCKS 5 packets that could result in a crash; + reported by mk@ ok markus@ + - dtucker@cvs.openbsd.org 2006/07/10 12:46:51 + [misc.c misc.h sshd.8 sshconnect.c] + Add port identifier to known_hosts for non-default ports, based originally + on a patch from Devin Nate in bz#910. + For any connection using the default port or using a HostKeyAlias the + format is unchanged, otherwise the host name or address is enclosed + within square brackets in the same format as sshd's ListenAddress. + Tested by many, ok markus@. + - (dtucker) [openbsd-compat/openbsd-compat.h] Need to include <sys/socket.h> + for struct sockaddr on platforms that use the fake-rfc stuff. + +20060706 + - (dtucker) [configure.ac] Try AIX blibpath test in different order when + compiling with gcc. gcc 4.1.x will accept (but ignore) -b flags so + configure would not select the correct libpath linker flags. + - (dtucker) [INSTALL] A bit more info on autoconf. + +20060705 + - (dtucker) [ssh-rand-helper.c] Don't exit if mkdir fails because the + target already exists. + +20060630 + - (dtucker) [openbsd-compat/openbsd-compat.h] SNPRINTF_CONST for snprintf + declaration too. Patch from russ at sludge.net. + - (dtucker) [openbsd-compat/getrrsetbyname.c] Undef _res before defining it, + prevents warnings on platforms where _res is in the system headers. + - (dtucker) [INSTALL] Bug #1202: Note when autoconf is required and which + version. + +20060627 + - (dtucker) [configure.ac] Bug #1203: Add missing '[', which causes problems + with autoconf 2.60. Patch from vapier at gentoo.org. + +20060625 + - (dtucker) [channels.c serverloop.c] Apply the bug #1102 workaround to ptys + only, otherwise sshd can hang exiting non-interactive sessions. + +20060624 + - (dtucker) [configure.ac] Bug #1193: Define PASSWD_NEEDS_USERNAME on Solaris. + Works around limitation in Solaris' passwd program for changing passwords + where the username is longer than 8 characters. ok djm@ + - (dtucker) [serverloop.c] Get ifdef/ifndef the right way around for the bug + #1102 workaround. + +20060623 + - (dtucker) [README.platform configure.ac openbsd-compat/port-tun.c] Add + tunnel support for Mac OS X/Darwin via a third-party tun driver. Patch + from reyk@, tested by anil@ + - (dtucker) [channels.c configure.ac serverloop.c] Bug #1102: Around AIX + 4.3.3 ML3 or so, the AIX pty layer starting passing zero-length writes + on the pty slave as zero-length reads on the pty master, which sshd + interprets as the descriptor closing. Since most things don't do zero + length writes this rarely matters, but occasionally it happens, and when + it does the SSH pty session appears to hang, so we add a special case for + this condition. ok djm@ + +20060613 + - (djm) [getput.h] This file has been replaced by functions in misc.c + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2006/05/08 10:49:48 + [sshconnect2.c] + uint32_t -> u_int32_t (which we use everywhere else) + (Id sync only - portable already had this) + - markus@cvs.openbsd.org 2006/05/16 09:00:00 + [clientloop.c] + missing free; from Kylene Hall + - markus@cvs.openbsd.org 2006/05/17 12:43:34 + [scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c] + fix leak; coverity via Kylene Jo Hall + - miod@cvs.openbsd.org 2006/05/18 21:27:25 + [kexdhc.c kexgexc.c] + paramter -> parameter + - dtucker@cvs.openbsd.org 2006/05/29 12:54:08 + [ssh_config.5] + Add gssapi-with-mic to PreferredAuthentications default list; ok jmc + - dtucker@cvs.openbsd.org 2006/05/29 12:56:33 + [ssh_config] + Add GSSAPIAuthentication and GSSAPIDelegateCredentials to examples in + sample ssh_config. ok markus@ + - jmc@cvs.openbsd.org 2006/05/29 16:10:03 + [ssh_config.5] + oops - previous was too long; split the list of auths up + - mk@cvs.openbsd.org 2006/05/30 11:46:38 + [ssh-add.c] + Sync usage() with man page and reality. + ok deraadt dtucker + - jmc@cvs.openbsd.org 2006/05/29 16:13:23 + [ssh.1] + add GSSAPI to the list of authentication methods supported; + - mk@cvs.openbsd.org 2006/05/30 11:46:38 + [ssh-add.c] + Sync usage() with man page and reality. + ok deraadt dtucker + - markus@cvs.openbsd.org 2006/06/01 09:21:48 + [sshd.c] + call get_remote_ipaddr() early; fixes logging after client disconnects; + report mpf@; ok dtucker@ + - markus@cvs.openbsd.org 2006/06/06 10:20:20 + [readpass.c sshconnect.c sshconnect.h sshconnect2.c uidswap.c] + replace remaining setuid() calls with permanently_set_uid() and + check seteuid() return values; report Marcus Meissner; ok dtucker djm + - markus@cvs.openbsd.org 2006/06/08 14:45:49 + [readpass.c sshconnect.c sshconnect2.c uidswap.c uidswap.h] + do not set the gid, noted by solar; ok djm + - djm@cvs.openbsd.org 2006/06/13 01:18:36 + [ssh-agent.c] + always use a format string, even when printing a constant + - djm@cvs.openbsd.org 2006/06/13 02:17:07 + [ssh-agent.c] + revert; i am on drugs. spotted by alexander AT beard.se + +20060521 + - (dtucker) [auth.c monitor.c] Now that we don't log from both the monitor + and slave, we can remove the special-case handling in the audit hook in + auth_log. + +20060517 + - (dtucker) [ssh-rand-helper.c] Check return code of mkdir and fix file + pointer leak. From kjhall at us.ibm.com, found by coverity. + +20060515 + - (dtucker) [openbsd-compat/getrrsetbyname.c] Use _compat_res instead of + _res, prevents problems on some platforms that have _res as a global but + don't have getrrsetbyname(), eg IRIX 5.3. Found and tested by + georg.schwarz at freenet.de, ok djm@. + - (dtucker) [defines.h] Find a value for IOV_MAX or use a conservative + default. Patch originally from tim@, ok djm + - (dtucker) [auth-pam.c] Bug #1188: pass result of do_pam_account back and + do not allow kbdint again after the PAM account check fails. ok djm@ + +20060506 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2006/04/25 08:02:27 + [authfile.c authfile.h sshconnect2.c ssh.c sshconnect1.c] + Prevent ssh from trying to open private keys with bad permissions more than + once or prompting for their passphrases (which it subsequently ignores + anyway), similar to a previous change in ssh-add. bz #1186, ok djm@ + - djm@cvs.openbsd.org 2006/05/04 14:55:23 + [dh.c] + tighter DH exponent checks here too; feedback and ok markus@ + - djm@cvs.openbsd.org 2006/04/01 05:37:46 + [OVERVIEW] + $OpenBSD$ in here too + - dtucker@cvs.openbsd.org 2006/05/06 08:35:40 + [auth-krb5.c] + Add $OpenBSD$ in comment here too + +20060504 + - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c + session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c + openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar) + in Portable-only code; since calloc zeros, remove now-redundant memsets. + Also add a couple of sanity checks. With & ok djm@ + +20060503 + - (dtucker) [packet.c] Remove in_systm.h since it's also in includes.h + and double including it on IRIX 5.3 causes problems. From Georg Schwarz, + "no objections" tim@ + +20060423 + - (djm) OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2006/04/01 05:42:20 + [scp.c] + minimal lint cleanup (unused crud, and some size_t); ok djm + - djm@cvs.openbsd.org 2006/04/01 05:50:29 + [scp.c] + xasprintification; ok deraadt@ + - djm@cvs.openbsd.org 2006/04/01 05:51:34 + [atomicio.c] + ANSIfy; requested deraadt@ + - dtucker@cvs.openbsd.org 2006/04/02 08:34:52 + [ssh-keysign.c] + sessionid can be 32 bytes now too when sha256 kex is used; ok djm@ + - djm@cvs.openbsd.org 2006/04/03 07:10:38 + [gss-genr.c] + GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066 + by dleonard AT vintela.com. use xasprintf() to simplify code while in + there; "looks right" deraadt@ + - djm@cvs.openbsd.org 2006/04/16 00:48:52 + [buffer.c buffer.h channels.c] + Fix condition where we could exit with a fatal error when an input + buffer became too large and the remote end had advertised a big window. + The problem was a mismatch in the backoff math between the channels code + and the buffer code, so make a buffer_check_alloc() function that the + channels code can use to propsectivly check whether an incremental + allocation will succeed. bz #1131, debugged with the assistance of + cove AT wildpackets.com; ok dtucker@ deraadt@ + - djm@cvs.openbsd.org 2006/04/16 00:52:55 + [atomicio.c atomicio.h] + introduce atomiciov() function that wraps readv/writev to retry + interrupted transfers like atomicio() does for read/write; + feedback deraadt@ dtucker@ stevesk@ ok deraadt@ + - djm@cvs.openbsd.org 2006/04/16 00:54:10 + [sftp-client.c] + avoid making a tiny 4-byte write to send the packet length of sftp + commands, which would result in a separate tiny packet on the wire by + using atomiciov(writev, ...) to write the length and the command in one + pass; ok deraadt@ + - djm@cvs.openbsd.org 2006/04/16 07:59:00 + [atomicio.c] + reorder sanity test so that it cannot dereference past the end of the + iov array; well spotted canacar@! + - dtucker@cvs.openbsd.org 2006/04/18 10:44:28 + [bufaux.c bufbn.c Makefile.in] + Move Buffer bignum functions into their own file, bufbn.c. This means + that sftp and sftp-server (which use the Buffer functions in bufaux.c + but not the bignum ones) no longer need to be linked with libcrypto. + ok markus@ + - djm@cvs.openbsd.org 2006/04/20 09:27:09 + [auth.h clientloop.c dispatch.c dispatch.h kex.h] + replace the last non-sig_atomic_t flag used in a signal handler with a + sig_atomic_t, unfortunately with some knock-on effects in other (non- + signal) contexts in which it is used; ok markus@ + - markus@cvs.openbsd.org 2006/04/20 09:47:59 + [sshconnect.c] + simplify; ok djm@ + - djm@cvs.openbsd.org 2006/04/20 21:53:44 + [includes.h session.c sftp.c] + Switch from using pipes to socketpairs for communication between + sftp/scp and ssh, and between sshd and its subprocesses. This saves + a file descriptor per session and apparently makes userland ppp over + ssh work; ok markus@ deraadt@ (ID Sync only - portable makes this + decision on a per-platform basis) + - djm@cvs.openbsd.org 2006/04/22 04:06:51 + [uidswap.c] + use setres[ug]id() to permanently revoke privileges; ok deraadt@ + (ID Sync only - portable already uses setres[ug]id() whenever possible) + - stevesk@cvs.openbsd.org 2006/04/22 18:29:33 + [crc32.c] + remove extra spaces + - (djm) [auth.h dispatch.h kex.h] sprinkle in signal.h to get + sig_atomic_t + +20060421 + - (djm) [Makefile.in configure.ac session.c sshpty.c] + [contrib/redhat/sshd.init openbsd-compat/Makefile.in] + [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c] + [openbsd-compat/port-linux.h] Add support for SELinux, setting + the execution and TTY contexts. based on patch from Daniel Walsh, + bz #880; ok dtucker@ + +20060418 + - (djm) [canohost.c] Reorder IP options check so that it isn't broken + by mapped addresses; bz #1179 reported by markw wtech-llc.com; + ok dtucker@ + +20060331 + - OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2006/03/27 01:21:18 + [xmalloc.c] + we can do the size & nmemb check before the integer overflow check; + evol + - deraadt@cvs.openbsd.org 2006/03/27 13:03:54 + [dh.c] + use strtonum() instead of atoi(), limit dhg size to 64k; ok djm + - djm@cvs.openbsd.org 2006/03/27 23:15:46 + [sftp.c] + always use a format string for addargs; spotted by mouring@ + - deraadt@cvs.openbsd.org 2006/03/28 00:12:31 + [README.tun ssh.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/28 01:52:28 + [channels.c] + do not accept unreasonable X ports numbers; ok djm + - deraadt@cvs.openbsd.org 2006/03/28 01:53:43 + [ssh-agent.c] + use strtonum() to parse the pid from the file, and range check it + better; ok djm + - djm@cvs.openbsd.org 2006/03/30 09:41:25 + [channels.c] + ARGSUSED for dispatch table-driven functions + - djm@cvs.openbsd.org 2006/03/30 09:58:16 + [authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h] + [monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c] + replace {GET,PUT}_XXBIT macros with functionally similar functions, + silencing a heap of lint warnings. also allows them to use + __bounded__ checking which can't be applied to macros; requested + by and feedback from deraadt@ + - djm@cvs.openbsd.org 2006/03/30 10:41:25 + [ssh.c ssh_config.5] + add percent escape chars to the IdentityFile option, bz #1159 based + on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@ + - dtucker@cvs.openbsd.org 2006/03/30 11:05:17 + [ssh-keygen.c] + Correctly handle truncated files while converting keys; ok djm@ + - dtucker@cvs.openbsd.org 2006/03/30 11:40:21 + [auth.c monitor.c] + Prevent duplicate log messages when privsep=yes; ok djm@ + - jmc@cvs.openbsd.org 2006/03/31 09:09:30 + [ssh_config.5] + kill trailing whitespace; + - djm@cvs.openbsd.org 2006/03/31 09:13:56 + [ssh_config.5] + remote user escape is %r not %h; spotted by jmc@ + +20060326 + - OpenBSD CVS Sync + - jakob@cvs.openbsd.org 2006/03/15 08:46:44 + [ssh-keygen.c] + if no key file are given when printing the DNS host record, use the + host key file(s) as default. ok djm@ + - biorn@cvs.openbsd.org 2006/03/16 10:31:45 + [scp.c] + Try to display errormessage even if remout == -1 + ok djm@, markus@ + - djm@cvs.openbsd.org 2006/03/17 22:31:50 + [authfd.c] + another unreachable found by lint + - djm@cvs.openbsd.org 2006/03/17 22:31:11 + [authfd.c] + unreachanble statement, found by lint + - djm@cvs.openbsd.org 2006/03/19 02:22:32 + [serverloop.c] + memory leaks detected by Coverity via elad AT netbsd.org; + ok deraadt@ dtucker@ + - djm@cvs.openbsd.org 2006/03/19 02:22:56 + [sftp.c] + more memory leaks detected by Coverity via elad AT netbsd.org; + deraadt@ ok + - djm@cvs.openbsd.org 2006/03/19 02:23:26 + [hostfile.c] + FILE* leak detected by Coverity via elad AT netbsd.org; + ok deraadt@ + - djm@cvs.openbsd.org 2006/03/19 02:24:05 + [dh.c readconf.c servconf.c] + potential NULL pointer dereferences detected by Coverity + via elad AT netbsd.org; ok deraadt@ + - djm@cvs.openbsd.org 2006/03/19 07:41:30 + [sshconnect2.c] + memory leaks detected by Coverity via elad AT netbsd.org; + deraadt@ ok + - dtucker@cvs.openbsd.org 2006/03/19 11:51:52 + [servconf.c] + Correct strdelim null test; ok djm@ + - deraadt@cvs.openbsd.org 2006/03/19 18:52:11 + [auth1.c authfd.c channels.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/19 18:53:12 + [kex.c kex.h monitor.c myproposal.h session.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/19 18:56:41 + [clientloop.c progressmeter.c serverloop.c sshd.c] + ARGSUSED for signal handlers + - deraadt@cvs.openbsd.org 2006/03/19 18:59:49 + [ssh-keyscan.c] + please lint + - deraadt@cvs.openbsd.org 2006/03/19 18:59:30 + [ssh.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/19 18:59:09 + [authfile.c] + whoever thought that break after return was a good idea needs to + get their head examimed + - djm@cvs.openbsd.org 2006/03/20 04:09:44 + [monitor.c] + memory leaks detected by Coverity via elad AT netbsd.org; + deraadt@ ok + that should be all of them now + - djm@cvs.openbsd.org 2006/03/20 11:38:46 + [key.c] + (really) last of the Coverity diffs: avoid possible NULL deref in + key_free. via elad AT netbsd.org; markus@ ok + - deraadt@cvs.openbsd.org 2006/03/20 17:10:19 + [auth.c key.c misc.c packet.c ssh-add.c] + in a switch (), break after return or goto is stupid + - deraadt@cvs.openbsd.org 2006/03/20 17:13:16 + [key.c] + djm did a typo + - deraadt@cvs.openbsd.org 2006/03/20 17:17:23 + [ssh-rsa.c] + in a switch (), break after return or goto is stupid + - deraadt@cvs.openbsd.org 2006/03/20 18:14:02 + [channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c] + [ssh.c sshpty.c sshpty.h] + sprinkle u_int throughout pty subsystem, ok markus + - deraadt@cvs.openbsd.org 2006/03/20 18:17:20 + [auth1.c auth2.c sshd.c] + sprinkle some ARGSUSED for table driven functions (which sometimes + must ignore their args) + - deraadt@cvs.openbsd.org 2006/03/20 18:26:55 + [channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c] + [ssh-rsa.c ssh.c sshlogin.c] + annoying spacing fixes getting in the way of real diffs + - deraadt@cvs.openbsd.org 2006/03/20 18:27:50 + [monitor.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/20 18:35:12 + [channels.c] + x11_fake_data is only ever used as u_char * + - deraadt@cvs.openbsd.org 2006/03/20 18:41:43 + [dns.c] + cast xstrdup to propert u_char * + - deraadt@cvs.openbsd.org 2006/03/20 18:42:27 + [canohost.c match.c ssh.c sshconnect.c] + be strict with tolower() casting + - deraadt@cvs.openbsd.org 2006/03/20 18:48:34 + [channels.c fatal.c kex.c packet.c serverloop.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/20 21:11:53 + [ttymodes.c] + spacing + - djm@cvs.openbsd.org 2006/03/25 00:05:41 + [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c] + [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c] + [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c] + [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c] + [xmalloc.c xmalloc.h] + introduce xcalloc() and xasprintf() failure-checked allocations + functions and use them throughout openssh + + xcalloc is particularly important because malloc(nmemb * size) is a + dangerous idiom (subject to integer overflow) and it is time for it + to die + + feedback and ok deraadt@ + - djm@cvs.openbsd.org 2006/03/25 01:13:23 + [buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c] + [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c] + [uidswap.c] + change OpenSSH's xrealloc() function from being xrealloc(p, new_size) + to xrealloc(p, new_nmemb, new_itemsize). + + realloc is particularly prone to integer overflows because it is + almost always allocating "n * size" bytes, so this is a far safer + API; ok deraadt@ + - djm@cvs.openbsd.org 2006/03/25 01:30:23 + [sftp.c] + "abormally" is a perfectly cromulent word, but "abnormally" is better + - djm@cvs.openbsd.org 2006/03/25 13:17:03 + [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c] + [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c] + [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] + [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c] + [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c] + [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c] + [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c] + [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c] + [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c] + [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c] + [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c] + [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c] + [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] + [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] + [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] + [uidswap.c uuencode.c xmalloc.c] + Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that + Theo nuked - our scripts to sync -portable need them in the files + - deraadt@cvs.openbsd.org 2006/03/25 18:29:35 + [auth-rsa.c authfd.c packet.c] + needed casts (always will be needed) + - deraadt@cvs.openbsd.org 2006/03/25 18:30:55 + [clientloop.c serverloop.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/25 18:36:15 + [sshlogin.c sshlogin.h] + nicer size_t and time_t types + - deraadt@cvs.openbsd.org 2006/03/25 18:40:14 + [ssh-keygen.c] + cast strtonum() result to right type + - deraadt@cvs.openbsd.org 2006/03/25 18:41:45 + [ssh-agent.c] + mark two more signal handlers ARGSUSED + - deraadt@cvs.openbsd.org 2006/03/25 18:43:30 + [channels.c] + use strtonum() instead of atoi() [limit X screens to 400, sorry] + - deraadt@cvs.openbsd.org 2006/03/25 18:56:55 + [bufaux.c channels.c packet.c] + remove (char *) casts to a function that accepts void * for the arg + - deraadt@cvs.openbsd.org 2006/03/25 18:58:10 + [channels.c] + delete cast not required + - djm@cvs.openbsd.org 2006/03/25 22:22:43 + [atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h] + [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h] + [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h] + [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c] + [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h] + [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h] + [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h] + [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h] + [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h] + [ttymodes.h uidswap.h uuencode.h xmalloc.h] + standardise spacing in $OpenBSD$ tags; requested by deraadt@ + - deraadt@cvs.openbsd.org 2006/03/26 01:31:48 + [uuencode.c] + typo + +20060325 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2006/03/16 04:24:42 + [ssh.1] + Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs + that OpenSSH supports + - deraadt@cvs.openbsd.org 2006/03/19 18:51:18 + [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] + [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] + [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] + [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] + [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] + [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] + [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] + [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] + [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] + [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] + [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] + [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] + [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] + [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] + [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] + [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] + [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] + [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] + [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] + [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] + [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] + [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] + [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] + RCSID() can die + - deraadt@cvs.openbsd.org 2006/03/19 18:53:12 + [kex.h myproposal.h] + spacing + - djm@cvs.openbsd.org 2006/03/20 04:07:22 + [auth2-gss.c] + GSSAPI related leaks detected by Coverity via elad AT netbsd.org; + reviewed by simon AT sxw.org.uk; deraadt@ ok + - djm@cvs.openbsd.org 2006/03/20 04:07:49 + [gss-genr.c] + more GSSAPI related leaks detected by Coverity via elad AT netbsd.org; + reviewed by simon AT sxw.org.uk; deraadt@ ok + - djm@cvs.openbsd.org 2006/03/20 04:08:18 + [gss-serv.c] + last lot of GSSAPI related leaks detected by Coverity via + elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok + - deraadt@cvs.openbsd.org 2006/03/20 18:14:02 + [monitor_wrap.h sshpty.h] + sprinkle u_int throughout pty subsystem, ok markus + - deraadt@cvs.openbsd.org 2006/03/20 18:26:55 + [session.h] + annoying spacing fixes getting in the way of real diffs + - deraadt@cvs.openbsd.org 2006/03/20 18:41:43 + [dns.c] + cast xstrdup to propert u_char * + - jakob@cvs.openbsd.org 2006/03/22 21:16:24 + [ssh.1] + simplify SSHFP example; ok jmc@ + - djm@cvs.openbsd.org 2006/03/22 21:27:15 + [deattack.c deattack.h] + remove IV support from the CRC attack detector, OpenSSH has never used + it - it only applied to IDEA-CFB, which we don't support. + prompted by NetBSD Coverity report via elad AT netbsd.org; + feedback markus@ "nuke it" deraadt@ + +20060318 + - (djm) [auth-pam.c] Fix memleak in error path, from Coverity via + elad AT NetBSD.org + - (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173: make fmtint() take + a LLONG rather than a long. Fixes scp'ing of large files on platforms + with missing/broken snprintfs. Patch from e.borovac at bom.gov.au. + +20060316 + - (dtucker) [entropy.c] Add headers for WIFEXITED and friends. + - (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in + /usr/include/crypto. Hint from djm@. + - (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] + Disable sha256 when openssl < 0.9.7. Patch from djm@. + - (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old + OpenSSL; ok tim + +20060315 + - (djm) OpenBSD CVS Sync: + - msf@cvs.openbsd.org 2006/02/06 15:54:07 + [ssh.1] + - typo fix + ok jmc@ + - jmc@cvs.openbsd.org 2006/02/06 21:44:47 + [ssh.1] + make this a little less ambiguous... + - stevesk@cvs.openbsd.org 2006/02/07 01:08:04 + [auth-rhosts.c includes.h] + move #include <netgroup.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/07 01:18:09 + [includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c] + move #include <sys/queue.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/07 01:42:00 + [channels.c clientloop.c clientloop.h includes.h packet.h] + [serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c] + move #include <termios.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/07 01:52:50 + [sshtty.c] + "log.h" not needed + - stevesk@cvs.openbsd.org 2006/02/07 03:47:05 + [hostfile.c] + "packet.h" not needed + - stevesk@cvs.openbsd.org 2006/02/07 03:59:20 + [deattack.c] + duplicate #include + - stevesk@cvs.openbsd.org 2006/02/08 12:15:27 + [auth.c clientloop.c includes.h misc.c monitor.c readpass.c] + [session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c] + [sshd.c sshpty.c] + move #include <paths.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/08 12:32:49 + [includes.h misc.c] + move #include <netinet/tcp.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/08 13:15:44 + [gss-serv.c monitor.c] + small KNF + - stevesk@cvs.openbsd.org 2006/02/08 14:16:59 + [sshconnect.c] + <openssl/bn.h> not needed + - stevesk@cvs.openbsd.org 2006/02/08 14:31:30 + [includes.h ssh-agent.c ssh-keyscan.c ssh.c] + move #include <sys/resource.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/08 14:38:18 + [includes.h packet.c] + move #include <netinet/in_systm.h> and <netinet/ip.h> out of + includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/08 23:51:24 + [includes.h scp.c sftp-glob.c sftp-server.c] + move #include <dirent.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/09 00:32:07 + [includes.h] + #include <sys/endian.h> not needed; ok djm@ + NB. ID Sync only - we still need this (but it may move later) + - jmc@cvs.openbsd.org 2006/02/09 10:10:47 + [sshd.8] + - move some text into a CAVEATS section + - merge the COMMAND EXECUTION... section into AUTHENTICATION + - stevesk@cvs.openbsd.org 2006/02/10 00:27:13 + [channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c] + [ssh.c sshd.c sshpty.c] + move #include <sys/ioctl.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/10 01:44:27 + [includes.h monitor.c readpass.c scp.c serverloop.c session.c] + [sftp.c sshconnect.c sshconnect2.c sshd.c] + move #include <sys/wait.h> out of includes.h; ok markus@ + - otto@cvs.openbsd.org 2006/02/11 19:31:18 + [atomicio.c] + type correctness; from Ray Lai in PR 5011; ok millert@ + - djm@cvs.openbsd.org 2006/02/12 06:45:34 + [ssh.c ssh_config.5] + add a %l expansion code to the ControlPath, which is filled in with the + local hostname at runtime. Requested by henning@ to avoid some problems + with /home on NFS; ok dtucker@ + - djm@cvs.openbsd.org 2006/02/12 10:44:18 + [readconf.c] + raise error when the user specifies a RekeyLimit that is smaller than 16 + (the smallest of our cipher's blocksize) or big enough to cause integer + wraparound; ok & feedback dtucker@ + - jmc@cvs.openbsd.org 2006/02/12 10:49:44 + [ssh_config.5] + slight rewording; ok djm + - jmc@cvs.openbsd.org 2006/02/12 10:52:41 + [sshd.8] + rework the description of authorized_keys a little; + - jmc@cvs.openbsd.org 2006/02/12 17:57:19 + [sshd.8] + sort the list of options permissable w/ authorized_keys; + ok djm dtucker + - jmc@cvs.openbsd.org 2006/02/13 10:16:39 + [sshd.8] + no need to subsection the authorized_keys examples - instead, convert + this to look like an actual file. also use proto 2 keys, and use IETF + example addresses; + - jmc@cvs.openbsd.org 2006/02/13 10:21:25 + [sshd.8] + small tweaks for the ssh_known_hosts section; + - jmc@cvs.openbsd.org 2006/02/13 11:02:26 + [sshd.8] + turn this into an example ssh_known_hosts file; ok djm + - jmc@cvs.openbsd.org 2006/02/13 11:08:43 + [sshd.8] + - avoid nasty line split + - `*' does not need to be escaped + - jmc@cvs.openbsd.org 2006/02/13 11:27:25 + [sshd.8] + sort FILES and use a -compact list; + - david@cvs.openbsd.org 2006/02/15 05:08:24 + [sftp-client.c] + typo in comment; ok djm@ + - jmc@cvs.openbsd.org 2006/02/15 16:53:20 + [ssh.1] + remove the IETF draft references and replace them with some updated RFCs; + - jmc@cvs.openbsd.org 2006/02/15 16:55:33 + [sshd.8] + remove ietf draft references; RFC list now maintained in ssh.1; + - jmc@cvs.openbsd.org 2006/02/16 09:05:34 + [sshd.8] + sync some of the FILES entries w/ ssh.1; + - jmc@cvs.openbsd.org 2006/02/19 19:52:10 + [sshd.8] + move the sshrc stuff out of FILES, and into its own section: + FILES is not a good place to document how stuff works; + - jmc@cvs.openbsd.org 2006/02/19 20:02:17 + [sshd.8] + sync the (s)hosts.equiv FILES entries w/ those from ssh.1; + - jmc@cvs.openbsd.org 2006/02/19 20:05:00 + [sshd.8] + grammar; + - jmc@cvs.openbsd.org 2006/02/19 20:12:25 + [ssh_config.5] + add some vertical space; + - stevesk@cvs.openbsd.org 2006/02/20 16:36:15 + [authfd.c channels.c includes.h session.c ssh-agent.c ssh.c] + move #include <sys/un.h> out of includes.h; ok djm@ + - stevesk@cvs.openbsd.org 2006/02/20 17:02:44 + [clientloop.c includes.h monitor.c progressmeter.c scp.c] + [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c] + move #include <signal.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/20 17:19:54 + [auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c] + [authfile.c clientloop.c includes.h readconf.c scp.c session.c] + [sftp-client.c sftp-common.c sftp-common.h sftp-glob.c] + [sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c] + [sshconnect2.c sshd.c sshpty.c] + move #include <sys/stat.h> out of includes.h; ok markus@ + - stevesk@cvs.openbsd.org 2006/02/22 00:04:45 + [canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c] + [sshconnect.c] + move #include <ctype.h> out of includes.h; ok djm@ + - jmc@cvs.openbsd.org 2006/02/24 10:25:14 + [ssh_config.5] + add section on patterns; + from dtucker + myself + - jmc@cvs.openbsd.org 2006/02/24 10:33:54 + [sshd_config.5] + signpost to PATTERNS; + - jmc@cvs.openbsd.org 2006/02/24 10:37:07 + [ssh_config.5] + tidy up the refs to PATTERNS; + - jmc@cvs.openbsd.org 2006/02/24 10:39:52 + [sshd.8] + signpost to PATTERNS section; + - jmc@cvs.openbsd.org 2006/02/24 20:22:16 + [ssh-keysign.8 ssh_config.5 sshd_config.5] + some consistency fixes; + - jmc@cvs.openbsd.org 2006/02/24 20:31:31 + [ssh.1 ssh_config.5 sshd.8 sshd_config.5] + more consistency fixes; + - jmc@cvs.openbsd.org 2006/02/24 23:20:07 + [ssh_config.5] + some grammar/wording fixes; + - jmc@cvs.openbsd.org 2006/02/24 23:43:57 + [sshd_config.5] + some grammar/wording fixes; + - jmc@cvs.openbsd.org 2006/02/24 23:51:17 + [sshd_config.5] + oops - bits i missed; + - jmc@cvs.openbsd.org 2006/02/25 12:26:17 + [ssh_config.5] + document the possible values for KbdInteractiveDevices; + help/ok dtucker + - jmc@cvs.openbsd.org 2006/02/25 12:28:34 + [sshd_config.5] + document the order in which allow/deny directives are processed; + help/ok dtucker + - jmc@cvs.openbsd.org 2006/02/26 17:17:18 + [ssh_config.5] + move PATTERNS to the end of the main body; requested by dtucker + - jmc@cvs.openbsd.org 2006/02/26 18:01:13 + [sshd_config.5] + subsection is pointless here; + - jmc@cvs.openbsd.org 2006/02/26 18:03:10 + [ssh_config.5] + comma; + - djm@cvs.openbsd.org 2006/02/28 01:10:21 + [session.c] + fix logout recording when privilege separation is disabled, analysis and + patch from vinschen at redhat.com; tested by dtucker@ ok deraadt@ + NB. ID sync only - patch already in portable + - djm@cvs.openbsd.org 2006/03/04 04:12:58 + [serverloop.c] + move a debug() outside of a signal handler; ok markus@ a little while back + - djm@cvs.openbsd.org 2006/03/12 04:23:07 + [ssh.c] + knf nit + - djm@cvs.openbsd.org 2006/03/13 08:16:00 + [sshd.c] + don't log that we are listening on a socket before the listen() call + actually succeeds, bz #1162 reported by Senthil Kumar; ok dtucker@ + - dtucker@cvs.openbsd.org 2006/03/13 08:33:00 + [packet.c] + Set TCP_NODELAY for all connections not just "interactive" ones. Fixes + poor performance and protocol stalls under some network conditions (mindrot + bugs #556 and #981). Patch originally from markus@, ok djm@ + - dtucker@cvs.openbsd.org 2006/03/13 08:43:16 + [ssh-keygen.c] + Make ssh-keygen handle CR and CRLF line termination when converting IETF + format keys, in adition to vanilla LF. mindrot #1157, tested by Chris + Pepper, ok djm@ + - dtucker@cvs.openbsd.org 2006/03/13 10:14:29 + [misc.c ssh_config.5 sshd_config.5] + Allow config directives to contain whitespace by surrounding them by double + quotes. mindrot #482, man page help from jmc@, ok djm@ + - dtucker@cvs.openbsd.org 2006/03/13 10:26:52 + [authfile.c authfile.h ssh-add.c] + Make ssh-add check file permissions before attempting to load private + key files multiple times; it will fail anyway and this prevents confusing + multiple prompts and warnings. mindrot #1138, ok djm@ + - djm@cvs.openbsd.org 2006/03/14 00:15:39 + [canohost.c] + log the originating address and not just the name when a reverse + mapping check fails, requested by linux AT linuon.com + - markus@cvs.openbsd.org 2006/03/14 16:32:48 + [ssh_config.5 sshd_config.5] + *AliveCountMax applies to protcol v2 only; ok dtucker, djm + - djm@cvs.openbsd.org 2006/03/07 09:07:40 + [kex.c kex.h monitor.c myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] + Implement the diffie-hellman-group-exchange-sha256 key exchange method + using the SHA256 code in libc (and wrapper to make it into an OpenSSL + EVP), interop tested against CVS PuTTY + NB. no portability bits committed yet + - (djm) [configure.ac defines.h kex.c md-sha256.c] + [openbsd-compat/sha2.h openbsd-compat/openbsd-compat.h] + [openbsd-compat/sha2.c] First stab at portability glue for SHA256 + KEX support, should work with libc SHA256 support or OpenSSL + EVP_sha256 if present + - (djm) [includes.h] Restore accidentally dropped netinet/in.h + - (djm) [Makefile.in openbsd-compat/Makefile.in] Add added files + - (djm) [md-sha256.c configure.ac] md-sha256.c needs sha2.h if present + - (djm) [regress/.cvsignore] Ignore Makefile here + - (djm) [loginrec.c] Need stat.h + - (djm) [openbsd-compat/sha2.h] Avoid include macro clash with + system sha2.h + - (djm) [ssh-rand-helper.c] Needs a bunch of headers + - (djm) [ssh-agent.c] Restore dropped stat.h + - (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment out + SHA384, which we don't need and doesn't compile without tweaks + - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c] + [sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c] + [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c] + [openbsd-compat/glob.c openbsd-compat/mktemp.c] + [openbsd-compat/readpassphrase.c] Lots of include fixes for + OpenSolaris + - (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:" + - (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in some + includes removed from includes.h + - (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILE + - (djm) [includes.h] Put back paths.h, it is needed in defines.h + - (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needs + sys/ioctl.h for struct winsize. + - (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD. + +20060313 + - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong) + since not all platforms support it. Instead, use internal equivalent while + computing LLONG_MIN and LLONG_MAX. Remove special case for alpha-dec-osf* + as it's no longer required. Tested by Bernhard Simon, ok djm@ + +20060304 + - (dtucker) [contrib/cygwin/ssh-host-config] Require use of lastlog as a + file rather than directory, required as Cygwin will be importing lastlog(1). + Also tightens up permissions on the file. Patch from vinschen@redhat.com. + - (dtucker) [gss-serv-krb5.c] Bug #1166: Correct #ifdefs for gssapi_krb5.h + includes. Patch from gentoo.riverrat at gmail.com. + +20060226 + - (dtucker) [configure.ac] Bug #1156: QNX apparently needs SSHD_ACQUIRES_CTTY + patch from kraai at ftbfs.org. + +20060223 + - (dtucker) [sshd_config sshd_config.5] Update UsePAM to reflect current + reality. Pointed out by tryponraj at gmail.com. + +20060222 + - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Minor tidy up: only + compile in compat code if required. + +20060221 + - (dtucker) [openbsd-compat/openssl-compat.h] Prevent warning about + redefinition of SSLeay_add_all_algorithms. + +20060220 + - (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}] + Add optional enabling of OpenSSL's (hardware) Engine support, via + configure --with-ssl-engine. Based in part on a diff by michal at + logix.cz. + +20060219 + - (dtucker) [Makefile.in configure.ac, added openbsd-compat/regress/] + Add first attempt at regress tests for compat library. ok djm@ + +20060214 + - (tim) [buildpkg.sh.in] Make the names consistent. + s/pkg_post_make_install_fixes.sh/pkg-post-make-install-fixes.sh/ OK dtucker@ + +20060212 + - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Make loop counter unsigned + to silence compiler warning, from vinschen at redhat.com. + - (tim) [configure.ac] Bug #1149. Disable /etc/default/login check for QNX. + - (dtucker) [README version.h contrib/caldera/openssh.spec + contrib/redhat/openssh.spec contrib/suse/openssh.spec] Bump version + strings to match 4.3p2 release. + +20060208 + - (tim) [session.c] Logout records were not updated on systems with + post auth privsep disabled due to bug 1086 changes. Analysis and patch + by vinschen at redhat.com. OK tim@, dtucker@. + - (dtucker) [configure.ac] Typo in Ultrix and NewsOS sections (NEED_SETPRGP + -> NEED_SETPGRP), reported by Bernhard Simon. ok tim@ + +20060206 + - (tim) [configure.ac] Remove unnecessary tests for net/if.h and + netinet/in_systm.h. OK dtucker@. + +20060205 + - (tim) [configure.ac] Add AC_REVISION. Add sys/time.h to lastlog.h test + for Solaris. OK dtucker@. + - (tim) [configure.ac] Bug #1149. Changes in QNX section only. Patch by + kraai at ftbfs.org. + +20060203 + - (tim) [configure.ac] test for egrep (AC_PROG_EGREP) before first + AC_CHECK_HEADERS test. Without it, if AC_CHECK_HEADERS is first run + by a platform specific check, builtin standard includes tests will be + skipped on the other platforms. + Analysis and suggestion by vinschen at redhat.com, patch by dtucker@. + OK tim@, djm@. + +20060202 + - (dtucker) [configure.ac] Bug #1148: Fix "crippled AES" test so that it + works with picky compilers. Patch from alex.kiernan at thus.net. + 20060201 - (djm) [regress/test-exec.sh] Try 'logname' as well as 'whoami' to determine the user's login name - needed for regress tests on Solaris @@ -3818,4 +5487,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.4117.2.1 2006/02/01 11:33:14 djm Exp $ +$Id: ChangeLog,v 1.4558.2.2 2006/09/26 10:57:05 dtucker Exp $ diff --git a/crypto/openssh/INSTALL b/crypto/openssh/INSTALL index 753d2d0..1c784a5 100644 --- a/crypto/openssh/INSTALL +++ b/crypto/openssh/INSTALL @@ -12,6 +12,8 @@ http://www.openssl.org/ (OpenSSL 0.9.5a is partially supported, but some ciphers (SSH protocol 1 Blowfish) do not work correctly.) +The remaining items are optional. + OpenSSH can utilise Pluggable Authentication Modules (PAM) if your system supports it. PAM is standard on Redhat and Debian Linux, Solaris and HP-UX 11. @@ -57,13 +59,29 @@ installed. No other S/Key library is currently known to be supported. http://www.sparc.spb.su/solaris/skey/ LibEdit: -sftp now supports command-line editing via NetBSD's libedit. If your -platform has it available natively you can use that, alternatively -you might try these multi-platform ports: + +sftp supports command-line editing via NetBSD's libedit. If your platform +has it available natively you can use that, alternatively you might try +these multi-platform ports: http://www.thrysoee.dk/editline/ http://sourceforge.net/projects/libedit/ +Autoconf: + +If you modify configure.ac or configure doesn't exist (eg if you checked +the code out of CVS yourself) then you will need autoconf-2.60 to rebuild +the automatically generated files by running "autoreconf". + +http://www.gnu.org/software/autoconf/ + +Basic Security Module (BSM): + +Native BSM support is know to exist in Solaris from at least 2.5.1, +FreeBSD 6.1 and OS X. Alternatively, you may use the OpenBSM +implementation (http://www.openbsm.org). + + 2. Building / Installation -------------------------- @@ -113,6 +131,10 @@ name). There are a few other options to the configure script: +--with-audit=[module] enable additional auditing via the specified module. +Currently, drivers for "debug" (additional info via syslog) and "bsm" +(Sun's Basic Security Module) are supported. + --with-pam enables PAM support. If PAM support is compiled in, it must also be enabled in sshd_config (refer to the UsePAM directive). @@ -165,6 +187,8 @@ created. --with-ssl-dir=DIR allows you to specify where your OpenSSL libraries are installed. +--with-ssl-engine enables OpenSSL's (hardware) ENGINE support + --with-4in6 Check for IPv4 in IPv6 mapped addresses and convert them to real (AF_INET) IPv4 addresses. Works around some quirks on Linux. @@ -208,7 +232,8 @@ for sshd, ssh and ssh-agent. ------------------------- $ make survey -[check the contents and make sure there's no sensitive information] +[check the contents of the file "survey" to ensure there's no information +that you consider sensitive] $ make send-survey This will send configuration information for the currently configured @@ -225,4 +250,4 @@ Please refer to the "reporting bugs" section of the webpage at http://www.openssh.com/ -$Id: INSTALL,v 1.70 2005/04/24 07:52:23 dtucker Exp $ +$Id: INSTALL,v 1.76 2006/09/17 12:55:52 dtucker Exp $ diff --git a/crypto/openssh/Makefile.in b/crypto/openssh/Makefile.in index af881c5..71f3623 100644 --- a/crypto/openssh/Makefile.in +++ b/crypto/openssh/Makefile.in @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.274 2006/01/01 08:47:05 djm Exp $ +# $Id: Makefile.in,v 1.282 2006/09/12 11:54:10 djm Exp $ # uncomment if you run a non bourne compatable shell. Ie. csh #SHELL = @SH@ @@ -43,6 +43,8 @@ LD=@LD@ CFLAGS=@CFLAGS@ CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ LIBS=@LIBS@ +LIBSELINUX=@LIBSELINUX@ +SSHDLIBS=@SSHDLIBS@ LIBEDIT=@LIBEDIT@ LIBPAM=@LIBPAM@ LIBWRAP=@LIBWRAP@ @@ -62,11 +64,11 @@ INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT) -LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o buffer.o \ +LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \ canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \ cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \ compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \ - log.o match.o moduli.o nchan.o packet.o \ + log.o match.o md-sha256.o moduli.o nchan.o packet.o \ readpass.o rsa.o ttymodes.o xmalloc.o \ atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \ monitor_fdpass.o rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o \ @@ -86,7 +88,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ auth-krb5.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ - audit.o audit-bsm.o + audit.o audit-bsm.o platform.o MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5 @@ -107,7 +109,7 @@ PATHSUBS = \ -e 's|/etc/ssh/ssh_host_rsa_key|$(sysconfdir)/ssh_host_rsa_key|g' \ -e 's|/var/run/sshd.pid|$(piddir)/sshd.pid|g' \ -e 's|/etc/ssh/moduli|$(sysconfdir)/moduli|g' \ - -e 's|/etc/sshrc|$(sysconfdir)/sshrc|g' \ + -e 's|/etc/ssh/sshrc|$(sysconfdir)/sshrc|g' \ -e 's|/usr/X11R6/bin/xauth|$(XAUTH_PATH)|g' \ -e 's|/var/empty|$(PRIVSEP_PATH)|g' \ -e 's|/usr/bin:/bin:/usr/sbin:/sbin|@user_path@|g' @@ -136,7 +138,7 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS) $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) - $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBS) + $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(SSHDLIBS) $(LIBS) scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o $(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) @@ -201,8 +203,9 @@ clean: regressclean distclean: regressclean rm -f *.o *.a $(TARGETS) logintest config.cache config.log - rm -f *.out core opensshd.init - rm -f Makefile buildpkg.sh config.h config.status ssh_prng_cmds survey.sh *~ + rm -f *.out core opensshd.init openssh.xml + rm -f Makefile buildpkg.sh config.h config.status ssh_prng_cmds + rm -f survey.sh openbsd-compat/regress/Makefile *~ rm -rf autom4te.cache (cd openbsd-compat && $(MAKE) distclean) (cd scard && $(MAKE) distclean) @@ -410,6 +413,9 @@ tests: $(TARGETS) EXEEXT="$(EXEEXT)" \ $@ +compat-tests: $(LIBCOMPAT) + (cd openbsd-compat/regress && $(MAKE)) + regressclean: if [ -f regress/Makefile ] && [ -r regress/Makefile ]; then \ (cd regress && $(MAKE) clean) \ diff --git a/crypto/openssh/OVERVIEW b/crypto/openssh/OVERVIEW index d1a768c..2e1cc0b 100644 --- a/crypto/openssh/OVERVIEW +++ b/crypto/openssh/OVERVIEW @@ -162,8 +162,7 @@ these programs. - There are several other files in the distribution that contain various auxiliary routines: ssh.h the main header file for ssh (various definitions) - getput.h byte-order independent storage of integers - includes.h includes most system headers. Lots of #ifdefs. - tildexpand.c expand tilde in file names uidswap.c uid-swapping xmalloc.c "safe" malloc routines + +$OpenBSD: OVERVIEW,v 1.11 2006/08/03 03:34:41 deraadt Exp $ diff --git a/crypto/openssh/README b/crypto/openssh/README index 924293b..d0bacc5 100644 --- a/crypto/openssh/README +++ b/crypto/openssh/README @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-4.3 for the release notes. +See http://www.openssh.com/txt/release-4.4 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.61 2005/12/01 11:21:04 dtucker Exp $ +$Id: README,v 1.63 2006/09/01 11:32:53 dtucker Exp $ diff --git a/crypto/openssh/README.platform b/crypto/openssh/README.platform index 4c18a32..b7dc3f9 100644 --- a/crypto/openssh/README.platform +++ b/crypto/openssh/README.platform @@ -30,6 +30,18 @@ gcc, gcc-mingw-core, mingw-runtime, binutils, make, openssl, openssl-devel, zlib, minres, minires-devel. +Darwin and MacOS X +------------------ +Darwin does not provide a tun(4) driver required for OpenSSH-based +virtual private networks. The BSD manpage still exists, but the driver +has been removed in recent releases of Darwin and MacOS X. + +Nevertheless, tunnel support is known to work with Darwin 8 and +MacOS X 10.4 in Point-to-Point (Layer 3) and Ethernet (Layer 2) mode +using a third party driver. More information is available at: + http://www-user.rhrk.uni-kl.de/~nissler/tuntap/ + + Solaris ------- If you enable BSM auditing on Solaris, you need to update audit_event(4) @@ -55,4 +67,4 @@ account stacks which will prevent authentication entirely, but will still return the output from pam_nologin to the client. -$Id: README.platform,v 1.6 2005/11/05 05:28:35 dtucker Exp $ +$Id: README.platform,v 1.7 2006/06/23 11:05:13 dtucker Exp $ diff --git a/crypto/openssh/README.tun b/crypto/openssh/README.tun index d814f39..5e1cb07 100644 --- a/crypto/openssh/README.tun +++ b/crypto/openssh/README.tun @@ -87,12 +87,12 @@ combination with layer 2 tunneling and Ethernet bridging. | Client |------( Internet )-----| access.somewhere.net | +--------+ ( ) +----------------------+ : 192.168.1.78 | - :............................. +-------+ + :............................. +-------+ Forwarded ssh connection : | dmzgw | Layer 2 tunnel : +-------+ : | : | - : +------------+ + : +------------+ :......| sshgateway | | +------------+ --- real connection Bridge -> | +----------+ @@ -104,7 +104,7 @@ combination with layer 2 tunneling and Ethernet bridging. Finally connect to the OpenSSH server to establish the tunnel by using the following command: - + ssh sshgateway It is also possible to tell the client to fork into the background after @@ -129,4 +129,4 @@ interconnect corporate networks. Reyk Floeter -$OpenBSD: README.tun,v 1.3 2005/12/08 18:34:10 reyk Exp $ +$OpenBSD: README.tun,v 1.4 2006/03/28 00:12:31 deraadt Exp $ diff --git a/crypto/openssh/acss.c b/crypto/openssh/acss.c index 99efde0..86e2c01 100644 --- a/crypto/openssh/acss.c +++ b/crypto/openssh/acss.c @@ -1,4 +1,4 @@ -/* $Id: acss.c,v 1.3 2005/07/17 07:04:47 djm Exp $ */ +/* $Id: acss.c,v 1.4 2006/07/24 04:51:01 djm Exp $ */ /* * Copyright (c) 2004 The OpenBSD project * @@ -16,6 +16,9 @@ */ #include "includes.h" + +#include <string.h> + #include <openssl/evp.h> #if !defined(EVP_CTRL_SET_ACSS_MODE) && (OPENSSL_VERSION_NUMBER >= 0x00906000L) diff --git a/crypto/openssh/atomicio.c b/crypto/openssh/atomicio.c index 12abbda..f651a29 100644 --- a/crypto/openssh/atomicio.c +++ b/crypto/openssh/atomicio.c @@ -1,4 +1,6 @@ +/* $OpenBSD: atomicio.c,v 1.23 2006/08/03 03:34:41 deraadt Exp $ */ /* + * Copyright (c) 2006 Damien Miller. All rights reserved. * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. * All rights reserved. @@ -25,7 +27,12 @@ */ #include "includes.h" -RCSID("$OpenBSD: atomicio.c,v 1.13 2005/05/24 17:32:43 avsm Exp $"); + +#include <sys/param.h> +#include <sys/uio.h> + +#include <errno.h> +#include <string.h> #include "atomicio.h" @@ -33,11 +40,7 @@ RCSID("$OpenBSD: atomicio.c,v 1.13 2005/05/24 17:32:43 avsm Exp $"); * ensure all of data on socket comes through. f==read || f==vwrite */ size_t -atomicio(f, fd, _s, n) - ssize_t (*f) (int, void *, size_t); - int fd; - void *_s; - size_t n; +atomicio(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n) { char *s = _s; size_t pos = 0; @@ -58,8 +61,60 @@ atomicio(f, fd, _s, n) errno = EPIPE; return pos; default: - pos += (u_int)res; + pos += (size_t)res; } } return (pos); } + +/* + * ensure all of data on socket comes through. f==readv || f==writev + */ +size_t +atomiciov(ssize_t (*f) (int, const struct iovec *, int), int fd, + const struct iovec *_iov, int iovcnt) +{ + size_t pos = 0, rem; + ssize_t res; + struct iovec iov_array[IOV_MAX], *iov = iov_array; + + if (iovcnt > IOV_MAX) { + errno = EINVAL; + return 0; + } + /* Make a copy of the iov array because we may modify it below */ + memcpy(iov, _iov, iovcnt * sizeof(*_iov)); + + for (; iovcnt > 0 && iov[0].iov_len > 0;) { + res = (f) (fd, iov, iovcnt); + switch (res) { + case -1: + if (errno == EINTR || errno == EAGAIN) + continue; + return 0; + case 0: + errno = EPIPE; + return pos; + default: + rem = (size_t)res; + pos += rem; + /* skip completed iov entries */ + while (iovcnt > 0 && rem >= iov[0].iov_len) { + rem -= iov[0].iov_len; + iov++; + iovcnt--; + } + /* This shouldn't happen... */ + if (rem > 0 && (iovcnt <= 0 || rem > iov[0].iov_len)) { + errno = EFAULT; + return 0; + } + if (iovcnt == 0) + break; + /* update pointer in partially complete iov */ + iov[0].iov_base = ((char *)iov[0].iov_base) + rem; + iov[0].iov_len -= rem; + } + } + return pos; +} diff --git a/crypto/openssh/atomicio.h b/crypto/openssh/atomicio.h index 7eccf20..2fcd25d 100644 --- a/crypto/openssh/atomicio.h +++ b/crypto/openssh/atomicio.h @@ -1,6 +1,7 @@ -/* $OpenBSD: atomicio.h,v 1.6 2005/05/24 17:32:43 avsm Exp $ */ +/* $OpenBSD: atomicio.h,v 1.10 2006/08/03 03:34:41 deraadt Exp $ */ /* + * Copyright (c) 2006 Damien Miller. All rights reserved. * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. * All rights reserved. * @@ -25,9 +26,20 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#ifndef _ATOMICIO_H +#define _ATOMICIO_H + /* * Ensure all of data on socket comes through. f==read || f==vwrite */ size_t atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); #define vwrite (ssize_t (*)(int, void *, size_t))write + +/* + * ensure all of data on socket comes through. f==readv || f==writev + */ +size_t atomiciov(ssize_t (*)(int, const struct iovec *, int), + int, const struct iovec *, int); + +#endif /* _ATOMICIO_H */ diff --git a/crypto/openssh/audit-bsm.c b/crypto/openssh/audit-bsm.c index c2679d3..d5cf302 100644 --- a/crypto/openssh/audit-bsm.c +++ b/crypto/openssh/audit-bsm.c @@ -1,4 +1,4 @@ -/* $Id: audit-bsm.c,v 1.1 2005/02/20 10:08:00 dtucker Exp $ */ +/* $Id: audit-bsm.c,v 1.4 2006/09/01 05:38:36 djm Exp $ */ /* * TODO @@ -37,8 +37,15 @@ #include "includes.h" #if defined(USE_BSM_AUDIT) +#include <sys/types.h> + +#include <stdarg.h> +#include <unistd.h> + #include "ssh.h" #include "log.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" #include "xmalloc.h" diff --git a/crypto/openssh/audit.c b/crypto/openssh/audit.c index c77d0c0..dbea34c 100644 --- a/crypto/openssh/audit.c +++ b/crypto/openssh/audit.c @@ -1,4 +1,4 @@ -/* $Id: audit.c,v 1.3 2005/07/17 07:26:44 djm Exp $ */ +/* $Id: audit.c,v 1.5 2006/09/01 05:38:36 djm Exp $ */ /* * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved. @@ -26,10 +26,15 @@ #include "includes.h" +#include <stdarg.h> +#include <string.h> + #ifdef SSH_AUDIT_EVENTS #include "audit.h" #include "log.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" /* diff --git a/crypto/openssh/audit.h b/crypto/openssh/audit.h index 78e5896..695f723 100644 --- a/crypto/openssh/audit.h +++ b/crypto/openssh/audit.h @@ -1,4 +1,4 @@ -/* $Id: audit.h,v 1.2 2005/02/08 10:52:48 dtucker Exp $ */ +/* $Id: audit.h,v 1.3 2006/08/05 14:05:10 dtucker Exp $ */ /* * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved. @@ -24,8 +24,6 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "auth.h" - #ifndef _SSH_AUDIT_H # define _SSH_AUDIT_H enum ssh_audit_event_type { diff --git a/crypto/openssh/auth-bsdauth.c b/crypto/openssh/auth-bsdauth.c index 920c977..37d527d 100644 --- a/crypto/openssh/auth-bsdauth.c +++ b/crypto/openssh/auth-bsdauth.c @@ -1,3 +1,4 @@ +/* $OpenBSD: auth-bsdauth.c,v 1.10 2006/08/03 03:34:41 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -21,13 +22,23 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + #include "includes.h" -RCSID("$OpenBSD: auth-bsdauth.c,v 1.6 2005/01/19 13:11:47 dtucker Exp $"); + +#include <sys/types.h> + +#include <stdarg.h> #ifdef BSD_AUTH #include "xmalloc.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" #include "log.h" +#include "buffer.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" static void * @@ -69,9 +80,8 @@ bsdauth_query(void *ctx, char **name, char **infotxt, *name = xstrdup(""); *infotxt = xstrdup(""); *numprompts = 1; - *prompts = xmalloc(*numprompts * sizeof(char *)); - *echo_on = xmalloc(*numprompts * sizeof(u_int)); - (*echo_on)[0] = 0; + *prompts = xcalloc(*numprompts, sizeof(char *)); + *echo_on = xcalloc(*numprompts, sizeof(u_int)); (*prompts)[0] = xstrdup(challenge); return 0; diff --git a/crypto/openssh/auth-options.c b/crypto/openssh/auth-options.c index ad97e61..ca5e1c9 100644 --- a/crypto/openssh/auth-options.c +++ b/crypto/openssh/auth-options.c @@ -1,3 +1,4 @@ +/* $OpenBSD: auth-options.c,v 1.40 2006/08/03 03:34:41 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -10,18 +11,31 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-options.c,v 1.33 2005/12/08 18:34:11 reyk Exp $"); + +#include <sys/types.h> + +#include <netdb.h> +#include <pwd.h> +#include <string.h> +#include <stdio.h> +#include <stdarg.h> #include "xmalloc.h" #include "match.h" #include "log.h" #include "canohost.h" +#include "buffer.h" #include "channels.h" #include "auth-options.h" #include "servconf.h" #include "misc.h" -#include "monitor_wrap.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif +#include "monitor_wrap.h" /* Flags set authorized_keys flags */ int no_port_forwarding_flag = 0; @@ -131,7 +145,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) forced_command = NULL; goto bad_option; } - forced_command[i] = 0; + forced_command[i] = '\0'; auth_debug_add("Forced command: %.900s", forced_command); opts++; goto next_option; @@ -163,7 +177,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) xfree(s); goto bad_option; } - s[i] = 0; + s[i] = '\0'; auth_debug_add("Adding to environment: %.900s", s); debug("Adding to environment: %.900s", s); opts++; @@ -200,7 +214,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) xfree(patterns); goto bad_option; } - patterns[i] = 0; + patterns[i] = '\0'; opts++; if (match_host_and_ip(remote_host, remote_ip, patterns) != 1) { @@ -245,7 +259,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) xfree(patterns); goto bad_option; } - patterns[i] = 0; + patterns[i] = '\0'; opts++; p = patterns; host = hpdelim(&p); @@ -293,7 +307,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) forced_tun_device = -1; goto bad_option; } - tun[i] = 0; + tun[i] = '\0'; forced_tun_device = a2tun(tun, NULL); xfree(tun); if (forced_tun_device == SSH_TUNID_ERR) { diff --git a/crypto/openssh/auth-options.h b/crypto/openssh/auth-options.h index 3cd02a7..853f8b5 100644 --- a/crypto/openssh/auth-options.h +++ b/crypto/openssh/auth-options.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.h,v 1.13 2005/12/06 22:38:27 reyk Exp $ */ +/* $OpenBSD: auth-options.h,v 1.16 2006/08/03 03:34:41 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/auth-rhosts.c b/crypto/openssh/auth-rhosts.c index aaba855..cd0a796 100644 --- a/crypto/openssh/auth-rhosts.c +++ b/crypto/openssh/auth-rhosts.c @@ -1,3 +1,4 @@ +/* $OpenBSD: auth-rhosts.c,v 1.41 2006/08/03 03:34:41 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -14,14 +15,27 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rhosts.c,v 1.33 2005/07/17 07:17:54 djm Exp $"); + +#include <sys/types.h> +#include <sys/stat.h> + +#ifdef HAVE_NETGROUP_H +# include <netgroup.h> +#endif +#include <pwd.h> +#include <stdio.h> +#include <string.h> +#include <stdarg.h> #include "packet.h" +#include "buffer.h" #include "uidswap.h" #include "pathnames.h" #include "log.h" #include "servconf.h" #include "canohost.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" /* import */ diff --git a/crypto/openssh/auth-shadow.c b/crypto/openssh/auth-shadow.c index 59737b9..8b3160a 100644 --- a/crypto/openssh/auth-shadow.c +++ b/crypto/openssh/auth-shadow.c @@ -23,11 +23,14 @@ */ #include "includes.h" -RCSID("$Id: auth-shadow.c,v 1.7 2005/07/17 07:04:47 djm Exp $"); #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) #include <shadow.h> +#include <stdarg.h> +#include <string.h> +#include "key.h" +#include "hostfile.h" #include "auth.h" #include "buffer.h" #include "log.h" diff --git a/crypto/openssh/auth-sia.c b/crypto/openssh/auth-sia.c index af7182b..a9e1c25 100644 --- a/crypto/openssh/auth-sia.c +++ b/crypto/openssh/auth-sia.c @@ -25,14 +25,6 @@ #include "includes.h" #ifdef HAVE_OSF_SIA -#include "ssh.h" -#include "auth.h" -#include "auth-sia.h" -#include "log.h" -#include "servconf.h" -#include "canohost.h" -#include "uidswap.h" - #include <sia.h> #include <siad.h> #include <pwd.h> @@ -40,8 +32,19 @@ #include <setjmp.h> #include <sys/resource.h> #include <unistd.h> +#include <stdarg.h> #include <string.h> +#include "ssh.h" +#include "key.h" +#include "hostfile.h" +#include "auth.h" +#include "auth-sia.h" +#include "log.h" +#include "servconf.h" +#include "canohost.h" +#include "uidswap.h" + extern ServerOptions options; extern int saved_argc; extern char **saved_argv; diff --git a/crypto/openssh/auth2-gss.c b/crypto/openssh/auth2-gss.c index 95844a0..c77c841 100644 --- a/crypto/openssh/auth2-gss.c +++ b/crypto/openssh/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.12 2005/10/13 22:24:31 stevesk Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.15 2006/08/03 03:34:41 deraadt Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -28,16 +28,22 @@ #ifdef GSSAPI +#include <sys/types.h> + +#include <stdarg.h> + +#include "xmalloc.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" #include "ssh2.h" -#include "xmalloc.h" #include "log.h" #include "dispatch.h" +#include "buffer.h" #include "servconf.h" #include "packet.h" -#include "monitor_wrap.h" - #include "ssh-gss.h" +#include "monitor_wrap.h" extern ServerOptions options; @@ -100,6 +106,8 @@ userauth_gssapi(Authctxt *authctxt) } if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) { + if (ctxt != NULL) + ssh_gssapi_delete_ctx(&ctxt); xfree(doid); return (0); } diff --git a/crypto/openssh/auth2-hostbased.c b/crypto/openssh/auth2-hostbased.c index 1111ed6..663dec5 100644 --- a/crypto/openssh/auth2-hostbased.c +++ b/crypto/openssh/auth2-hostbased.c @@ -1,3 +1,4 @@ +/* $OpenBSD: auth2-hostbased.c,v 1.11 2006/08/03 03:34:41 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -23,19 +24,27 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-hostbased.c,v 1.6 2004/01/19 21:25:15 markus Exp $"); -#include "ssh2.h" +#include <sys/types.h> + +#include <pwd.h> +#include <string.h> +#include <stdarg.h> + #include "xmalloc.h" +#include "ssh2.h" #include "packet.h" #include "buffer.h" #include "log.h" #include "servconf.h" #include "compat.h" -#include "bufaux.h" -#include "auth.h" #include "key.h" +#include "hostfile.h" +#include "auth.h" #include "canohost.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" #include "pathnames.h" diff --git a/crypto/openssh/auth2-none.c b/crypto/openssh/auth2-none.c index 1c30a32..952b448 100644 --- a/crypto/openssh/auth2-none.c +++ b/crypto/openssh/auth2-none.c @@ -1,3 +1,4 @@ +/* $OpenBSD: auth2-none.c,v 1.13 2006/08/05 07:52:52 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -23,16 +24,29 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-none.c,v 1.7 2004/05/11 19:01:43 deraadt Exp $"); -#include "auth.h" +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/uio.h> + +#include <fcntl.h> +#include <stdarg.h> +#include <unistd.h> + #include "xmalloc.h" +#include "key.h" +#include "hostfile.h" +#include "auth.h" #include "packet.h" #include "log.h" +#include "buffer.h" #include "servconf.h" #include "atomicio.h" #include "compat.h" #include "ssh2.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" /* import */ diff --git a/crypto/openssh/auth2-passwd.c b/crypto/openssh/auth2-passwd.c index 2321ef4..421c5c2 100644 --- a/crypto/openssh/auth2-passwd.c +++ b/crypto/openssh/auth2-passwd.c @@ -1,3 +1,4 @@ +/* $OpenBSD: auth2-passwd.c,v 1.9 2006/08/03 03:34:41 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -23,12 +24,22 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-passwd.c,v 1.5 2003/12/31 00:24:50 dtucker Exp $"); + +#include <sys/types.h> + +#include <string.h> +#include <stdarg.h> #include "xmalloc.h" #include "packet.h" #include "log.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" +#include "buffer.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" #include "servconf.h" diff --git a/crypto/openssh/auth2-pubkey.c b/crypto/openssh/auth2-pubkey.c index a97d0f4..9863cd9 100644 --- a/crypto/openssh/auth2-pubkey.c +++ b/crypto/openssh/auth2-pubkey.c @@ -1,3 +1,4 @@ +/* $OpenBSD: auth2-pubkey.c,v 1.15 2006/08/03 03:34:41 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -23,23 +24,32 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-pubkey.c,v 1.9 2004/12/11 01:48:56 dtucker Exp $"); +#include <sys/types.h> +#include <sys/stat.h> + +#include <pwd.h> +#include <stdio.h> +#include <stdarg.h> + +#include "xmalloc.h" #include "ssh.h" #include "ssh2.h" -#include "xmalloc.h" #include "packet.h" #include "buffer.h" #include "log.h" #include "servconf.h" #include "compat.h" -#include "bufaux.h" -#include "auth.h" #include "key.h" +#include "hostfile.h" +#include "auth.h" #include "pathnames.h" #include "uidswap.h" #include "auth-options.h" #include "canohost.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" #include "misc.h" diff --git a/crypto/openssh/authfd.h b/crypto/openssh/authfd.h index 0a6a4e3..3da2561 100644 --- a/crypto/openssh/authfd.h +++ b/crypto/openssh/authfd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.34 2003/11/21 11:57:03 djm Exp $ */ +/* $OpenBSD: authfd.h,v 1.36 2006/08/03 03:34:41 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -16,8 +16,6 @@ #ifndef AUTHFD_H #define AUTHFD_H -#include "buffer.h" - /* Messages for the authentication agent connection. */ #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2 diff --git a/crypto/openssh/authfile.h b/crypto/openssh/authfile.h index 7f92701..a6c7493 100644 --- a/crypto/openssh/authfile.h +++ b/crypto/openssh/authfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.h,v 1.10 2002/05/23 19:24:30 markus Exp $ */ +/* $OpenBSD: authfile.h,v 1.13 2006/04/25 08:02:27 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -19,7 +19,8 @@ int key_save_private(Key *, const char *, const char *, const char *); Key *key_load_public(const char *, char **); Key *key_load_public_type(int, const char *, char **); Key *key_load_private(const char *, const char *, char **); -Key *key_load_private_type(int, const char *, const char *, char **); +Key *key_load_private_type(int, const char *, const char *, char **, int *); Key *key_load_private_pem(int, int, const char *, char **); +int key_perm_ok(int, const char *); #endif diff --git a/crypto/openssh/bufaux.h b/crypto/openssh/bufaux.h index f5efaed..8a53598 100644 --- a/crypto/openssh/bufaux.h +++ b/crypto/openssh/bufaux.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bufaux.h,v 1.21 2005/03/10 22:01:05 deraadt Exp $ */ +/* $OpenBSD: bufaux.h,v 1.22 2006/03/25 22:22:42 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/bufbn.c b/crypto/openssh/bufbn.c new file mode 100644 index 0000000..6cf65d3 --- /dev/null +++ b/crypto/openssh/bufbn.c @@ -0,0 +1,215 @@ +/* $OpenBSD: bufbn.c,v 1.3 2006/08/03 03:34:41 deraadt Exp $*/ +/* + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Auxiliary functions for storing and retrieving various data types to/from + * Buffers. + * + * As far as I am concerned, the code I have written for this software + * can be used freely for any purpose. Any derived versions of this + * software must be clearly marked as such, and if the derived work is + * incompatible with the protocol description in the RFC file, it must be + * called by a name other than "ssh" or "Secure Shell". + * + * + * SSH2 packet format added by Markus Friedl + * Copyright (c) 2000 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" + +#include <sys/types.h> + +#include <openssl/bn.h> + +#include <string.h> +#include <stdarg.h> + +#include "xmalloc.h" +#include "buffer.h" +#include "log.h" +#include "misc.h" + +/* + * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed + * by (bits+7)/8 bytes of binary data, msb first. + */ +int +buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value) +{ + int bits = BN_num_bits(value); + int bin_size = (bits + 7) / 8; + u_char *buf = xmalloc(bin_size); + int oi; + char msg[2]; + + /* Get the value of in binary */ + oi = BN_bn2bin(value, buf); + if (oi != bin_size) { + error("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d", + oi, bin_size); + xfree(buf); + return (-1); + } + + /* Store the number of bits in the buffer in two bytes, msb first. */ + put_u16(msg, bits); + buffer_append(buffer, msg, 2); + /* Store the binary data. */ + buffer_append(buffer, buf, oi); + + memset(buf, 0, bin_size); + xfree(buf); + + return (0); +} + +void +buffer_put_bignum(Buffer *buffer, const BIGNUM *value) +{ + if (buffer_put_bignum_ret(buffer, value) == -1) + fatal("buffer_put_bignum: buffer error"); +} + +/* + * Retrieves an BIGNUM from the buffer. + */ +int +buffer_get_bignum_ret(Buffer *buffer, BIGNUM *value) +{ + u_int bits, bytes; + u_char buf[2], *bin; + + /* Get the number for bits. */ + if (buffer_get_ret(buffer, (char *) buf, 2) == -1) { + error("buffer_get_bignum_ret: invalid length"); + return (-1); + } + bits = get_u16(buf); + /* Compute the number of binary bytes that follow. */ + bytes = (bits + 7) / 8; + if (bytes > 8 * 1024) { + error("buffer_get_bignum_ret: cannot handle BN of size %d", bytes); + return (-1); + } + if (buffer_len(buffer) < bytes) { + error("buffer_get_bignum_ret: input buffer too small"); + return (-1); + } + bin = buffer_ptr(buffer); + BN_bin2bn(bin, bytes, value); + if (buffer_consume_ret(buffer, bytes) == -1) { + error("buffer_get_bignum_ret: buffer_consume failed"); + return (-1); + } + return (0); +} + +void +buffer_get_bignum(Buffer *buffer, BIGNUM *value) +{ + if (buffer_get_bignum_ret(buffer, value) == -1) + fatal("buffer_get_bignum: buffer error"); +} + +/* + * Stores an BIGNUM in the buffer in SSH2 format. + */ +int +buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value) +{ + u_int bytes; + u_char *buf; + int oi; + u_int hasnohigh = 0; + + if (BN_is_zero(value)) { + buffer_put_int(buffer, 0); + return 0; + } + if (value->neg) { + error("buffer_put_bignum2_ret: negative numbers not supported"); + return (-1); + } + bytes = BN_num_bytes(value) + 1; /* extra padding byte */ + if (bytes < 2) { + error("buffer_put_bignum2_ret: BN too small"); + return (-1); + } + buf = xmalloc(bytes); + buf[0] = 0x00; + /* Get the value of in binary */ + oi = BN_bn2bin(value, buf+1); + if (oi < 0 || (u_int)oi != bytes - 1) { + error("buffer_put_bignum2_ret: BN_bn2bin() failed: " + "oi %d != bin_size %d", oi, bytes); + xfree(buf); + return (-1); + } + hasnohigh = (buf[1] & 0x80) ? 0 : 1; + buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh); + memset(buf, 0, bytes); + xfree(buf); + return (0); +} + +void +buffer_put_bignum2(Buffer *buffer, const BIGNUM *value) +{ + if (buffer_put_bignum2_ret(buffer, value) == -1) + fatal("buffer_put_bignum2: buffer error"); +} + +int +buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value) +{ + u_int len; + u_char *bin; + + if ((bin = buffer_get_string_ret(buffer, &len)) == NULL) { + error("buffer_get_bignum2_ret: invalid bignum"); + return (-1); + } + + if (len > 0 && (bin[0] & 0x80)) { + error("buffer_get_bignum2_ret: negative numbers not supported"); + xfree(bin); + return (-1); + } + if (len > 8 * 1024) { + error("buffer_get_bignum2_ret: cannot handle BN of size %d", len); + xfree(bin); + return (-1); + } + BN_bin2bn(bin, len, value); + xfree(bin); + return (0); +} + +void +buffer_get_bignum2(Buffer *buffer, BIGNUM *value) +{ + if (buffer_get_bignum2_ret(buffer, value) == -1) + fatal("buffer_get_bignum2: buffer error"); +} diff --git a/crypto/openssh/buffer.c b/crypto/openssh/buffer.c index 487e081..e02e1e3 100644 --- a/crypto/openssh/buffer.c +++ b/crypto/openssh/buffer.c @@ -1,3 +1,4 @@ +/* $OpenBSD: buffer.c,v 1.31 2006/08/03 03:34:41 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -12,12 +13,21 @@ */ #include "includes.h" -RCSID("$OpenBSD: buffer.c,v 1.23 2005/03/14 11:46:56 markus Exp $"); + +#include <sys/param.h> + +#include <stdio.h> +#include <string.h> +#include <stdarg.h> #include "xmalloc.h" #include "buffer.h" #include "log.h" +#define BUFFER_MAX_CHUNK 0x100000 +#define BUFFER_MAX_LEN 0xa00000 +#define BUFFER_ALLOCSZ 0x008000 + /* Initializes the buffer structure. */ void @@ -66,6 +76,23 @@ buffer_append(Buffer *buffer, const void *data, u_int len) memcpy(p, data, len); } +static int +buffer_compact(Buffer *buffer) +{ + /* + * If the buffer is quite empty, but all data is at the end, move the + * data to the beginning. + */ + if (buffer->offset > MIN(buffer->alloc, BUFFER_MAX_CHUNK)) { + memmove(buffer->buf, buffer->buf + buffer->offset, + buffer->end - buffer->offset); + buffer->end -= buffer->offset; + buffer->offset = 0; + return (1); + } + return (0); +} + /* * Appends space to the buffer, expanding the buffer if necessary. This does * not actually copy the data into the buffer, but instead returns a pointer @@ -93,29 +120,43 @@ restart: buffer->end += len; return p; } - /* - * If the buffer is quite empty, but all data is at the end, move the - * data to the beginning and retry. - */ - if (buffer->offset > MIN(buffer->alloc, BUFFER_MAX_CHUNK)) { - memmove(buffer->buf, buffer->buf + buffer->offset, - buffer->end - buffer->offset); - buffer->end -= buffer->offset; - buffer->offset = 0; + + /* Compact data back to the start of the buffer if necessary */ + if (buffer_compact(buffer)) goto restart; - } - /* Increase the size of the buffer and retry. */ - newlen = buffer->alloc + len + 32768; + /* Increase the size of the buffer and retry. */ + newlen = roundup(buffer->alloc + len, BUFFER_ALLOCSZ); if (newlen > BUFFER_MAX_LEN) fatal("buffer_append_space: alloc %u not supported", newlen); - buffer->buf = xrealloc(buffer->buf, newlen); + buffer->buf = xrealloc(buffer->buf, 1, newlen); buffer->alloc = newlen; goto restart; /* NOTREACHED */ } +/* + * Check whether an allocation of 'len' will fit in the buffer + * This must follow the same math as buffer_append_space + */ +int +buffer_check_alloc(Buffer *buffer, u_int len) +{ + if (buffer->offset == buffer->end) { + buffer->offset = 0; + buffer->end = 0; + } + restart: + if (buffer->end + len < buffer->alloc) + return (1); + if (buffer_compact(buffer)) + goto restart; + if (roundup(buffer->alloc + len, BUFFER_ALLOCSZ) <= BUFFER_MAX_LEN) + return (1); + return (0); +} + /* Returns the number of bytes of data in the buffer. */ u_int diff --git a/crypto/openssh/buffer.h b/crypto/openssh/buffer.h index 2b20eed..ecc4aea 100644 --- a/crypto/openssh/buffer.h +++ b/crypto/openssh/buffer.h @@ -1,4 +1,4 @@ -/* $OpenBSD: buffer.h,v 1.13 2005/03/14 11:46:56 markus Exp $ */ +/* $OpenBSD: buffer.h,v 1.16 2006/08/03 03:34:41 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -23,9 +23,6 @@ typedef struct { u_int end; /* Offset of last byte containing data. */ } Buffer; -#define BUFFER_MAX_CHUNK 0x100000 -#define BUFFER_MAX_LEN 0xa00000 - void buffer_init(Buffer *); void buffer_clear(Buffer *); void buffer_free(Buffer *); @@ -36,6 +33,8 @@ void *buffer_ptr(Buffer *); void buffer_append(Buffer *, const void *, u_int); void *buffer_append_space(Buffer *, u_int); +int buffer_check_alloc(Buffer *, u_int); + void buffer_get(Buffer *, void *, u_int); void buffer_consume(Buffer *, u_int); @@ -47,4 +46,40 @@ int buffer_get_ret(Buffer *, void *, u_int); int buffer_consume_ret(Buffer *, u_int); int buffer_consume_end_ret(Buffer *, u_int); +#include <openssl/bn.h> + +void buffer_put_bignum(Buffer *, const BIGNUM *); +void buffer_put_bignum2(Buffer *, const BIGNUM *); +void buffer_get_bignum(Buffer *, BIGNUM *); +void buffer_get_bignum2(Buffer *, BIGNUM *); + +u_short buffer_get_short(Buffer *); +void buffer_put_short(Buffer *, u_short); + +u_int buffer_get_int(Buffer *); +void buffer_put_int(Buffer *, u_int); + +u_int64_t buffer_get_int64(Buffer *); +void buffer_put_int64(Buffer *, u_int64_t); + +int buffer_get_char(Buffer *); +void buffer_put_char(Buffer *, int); + +void *buffer_get_string(Buffer *, u_int *); +void buffer_put_string(Buffer *, const void *, u_int); +void buffer_put_cstring(Buffer *, const char *); + +#define buffer_skip_string(b) \ + do { u_int l = buffer_get_int(b); buffer_consume(b, l); } while (0) + +int buffer_put_bignum_ret(Buffer *, const BIGNUM *); +int buffer_get_bignum_ret(Buffer *, BIGNUM *); +int buffer_put_bignum2_ret(Buffer *, const BIGNUM *); +int buffer_get_bignum2_ret(Buffer *, BIGNUM *); +int buffer_get_short_ret(u_short *, Buffer *); +int buffer_get_int_ret(u_int *, Buffer *); +int buffer_get_int64_ret(u_int64_t *, Buffer *); +void *buffer_get_string_ret(Buffer *, u_int *); +int buffer_get_char_ret(char *, Buffer *); + #endif /* BUFFER_H */ diff --git a/crypto/openssh/buildpkg.sh.in b/crypto/openssh/buildpkg.sh.in index cb9eb30..a3b9014b 100644 --- a/crypto/openssh/buildpkg.sh.in +++ b/crypto/openssh/buildpkg.sh.in @@ -35,7 +35,7 @@ SSHDGID=67 # Default privsep gid SYSVINITSTART=S98 SYSVINITSTOPT=K30 # We will source these if they exist -POST_MAKE_INSTALL_FIXES=./pkg_post_make_install_fixes.sh +POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh # We'll be one level deeper looking for these PKG_PREINSTALL_LOCAL=../pkg-preinstall.local @@ -46,6 +46,8 @@ PKG_REQUEST_LOCAL=../pkg-request.local # end of sourced files # OPENSSHD=opensshd.init +OPENSSH_MANIFEST=openssh.xml +OPENSSH_FMRI=svc:/site/openssh:default PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ PATH_USERADD_PROG=@PATH_USERADD_PROG@ @@ -60,6 +62,10 @@ SYSTEM_DIR="/etc \ /etc/rc1.d \ /etc/rc2.d \ /etc/opt \ +/lib \ +/lib/svc \ +/lib/svc/method \ +/lib/svc/method/site \ /opt \ /opt/bin \ /usr \ @@ -82,6 +88,9 @@ SYSTEM_DIR="/etc \ /var \ /var/opt \ /var/run \ +/var/svc \ +/var/svc/manifest \ +/var/svc/manifest/site \ /var/tmp \ /tmp" @@ -119,6 +128,12 @@ do eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` done +## Are we using Solaris' SMF? +DO_SMF=0 +if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 +then + DO_SMF=1 +fi ## Collect value of privsep user for confvar in SSH_PRIVSEP_USER @@ -168,10 +183,25 @@ then fi ## Setup our run level stuff while we are at it. -mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d +if [ $DO_SMF -eq 1 ] +then + # For Solaris' SMF, /lib/svc/method/site is the preferred place + # for start/stop scripts that aren't supplied with the OS, and + # similarly /var/svc/manifest/site for manifests. + mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site + mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site + + cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} + chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} + + cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site + chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST} +else + mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d -cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} -chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} + cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} + chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} +fi [ "${PERMIT_ROOT_LOGIN}" = no ] && \ perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ @@ -221,15 +251,22 @@ touch depend ## Build space file echo "Building space file..." -cat > space << _EOF -# extra space required by start/stop links added by installf in postinstall +if [ $DO_SMF -eq 1 ] +then + # XXX Is this necessary? If not, remove space line from mk-proto.awk. + touch space +else + cat > space << _EOF +# extra space required by start/stop links added by installf +# in postinstall $TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 $TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 _EOF -[ "$RC1_D" = no ] || \ -echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space -[ "$RCS_D" = yes ] && \ -echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space + [ "$RC1_D" = no ] || \ + echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space + [ "$RCS_D" = yes ] && \ + echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space +fi ## Build preinstall file echo "Building preinstall file..." @@ -243,7 +280,16 @@ _EOF cat >> preinstall << _EOF # -[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop +if [ "\${PRE_INS_STOP}" = "yes" ] +then + if [ $DO_SMF -eq 1 ] + then + svcadm disable $OPENSSH_FMRI + else + ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop + fi +fi + exit 0 _EOF @@ -265,28 +311,41 @@ cat > postinstall << _EOF } # make rc?.d dirs only if we are doing a test install -[ -n "${TEST_DIR}" ] && { +[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d mkdir -p ${TEST_DIR}/etc/rc0.d [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d mkdir -p ${TEST_DIR}/etc/rc2.d } -if [ "\${USE_SYM_LINKS}" = yes ] +if [ $DO_SMF -eq 1 ] then - [ "$RCS_D" = yes ] && \ -installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s - installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s - [ "$RC1_D" = no ] || \ - installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s - installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s + # Delete the existing service, if it exists, then import the + # new one. + if svcs $OPENSSH_FMRI > /dev/null 2>&1 + then + svccfg delete -f $OPENSSH_FMRI + fi + # NOTE, if manifest enables sshd by default, this will actually + # start the daemon, which may not be what the user wants. + svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST else - [ "$RCS_D" = yes ] && \ -installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l - installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l - [ "$RC1_D" = no ] || \ - installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l - installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l + if [ "\${USE_SYM_LINKS}" = yes ] + then + [ "$RCS_D" = yes ] && \ + installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s + installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s + [ "$RC1_D" = no ] || \ + installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s + installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s + else + [ "$RCS_D" = yes ] && \ + installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l + installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l + [ "$RC1_D" = no ] || \ + installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l + installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l + fi fi # If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) @@ -311,14 +370,7 @@ then chroot=echo fi -if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null -then - echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user" - echo "or group." -else - echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." - - # user required? + echo "PrivilegeSeparation user always required." if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null then echo "PrivSep user $SSH_PRIVSEP_USER already exists." @@ -363,9 +415,18 @@ else \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER } -fi -[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start +if [ "\${POST_INS_START}" = "yes" ] +then + if [ $DO_SMF -eq 1 ] + then + # See svccfg import note above. The service may already + # be started. + svcadm enable $OPENSSH_FMRI + else + ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start + fi +fi exit 0 _EOF @@ -374,7 +435,12 @@ echo "Building preremove file..." cat > preremove << _EOF #! ${SCRIPT_SHELL} # -${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop +if [ $DO_SMF -eq 1 ] +then + svcadm disable $OPENSSH_FMRI +else + ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop +fi _EOF # local preremove changes here @@ -389,6 +455,13 @@ echo "Building postremove file..." cat > postremove << _EOF #! ${SCRIPT_SHELL} # +if [ $DO_SMF -eq 1 ] +then + if svcs $OPENSSH_FMRI > /dev/null 2>&1 + then + svccfg delete -f $OPENSSH_FMRI + fi +fi _EOF # local postremove changes here @@ -454,7 +527,45 @@ done _EOF -cat >> request << _EOF +if [ $DO_SMF -eq 1 ] +then + # This could get hairy, as the running sshd may not be under SMF. + # We'll assume an earlier version of OpenSSH started via SMF. + cat >> request << _EOF +PRE_INS_STOP=no +POST_INS_START=no +# determine if should restart the daemon +if [ -s ${piddir}/sshd.pid ] && \ + /usr/bin/svcs $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 +then + ans=\`ckyorn -d n \ +-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? + case \$ans in + [y,Y]*) PRE_INS_STOP=yes + POST_INS_START=yes + ;; + esac + +else + +# determine if we should start sshd + ans=\`ckyorn -d n \ +-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? + case \$ans in + [y,Y]*) POST_INS_START=yes ;; + esac +fi + +# make parameters available to installation service, +# and so to any other packaging scripts +cat >\$1 <<! +PRE_INS_STOP='\$PRE_INS_STOP' +POST_INS_START='\$POST_INS_START' +! + +_EOF +else + cat >> request << _EOF USE_SYM_LINKS=no PRE_INS_STOP=no POST_INS_START=no @@ -495,6 +606,7 @@ POST_INS_START='\$POST_INS_START' ! _EOF +fi # local request changes here [ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} diff --git a/crypto/openssh/canohost.h b/crypto/openssh/canohost.h index df1f125..e33e894 100644 --- a/crypto/openssh/canohost.h +++ b/crypto/openssh/canohost.h @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.h,v 1.8 2001/06/26 17:27:23 markus Exp $ */ +/* $OpenBSD: canohost.h,v 1.9 2006/03/25 22:22:42 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/cipher-3des1.c b/crypto/openssh/cipher-3des1.c index f815e8a..fc16e20 100644 --- a/crypto/openssh/cipher-3des1.c +++ b/crypto/openssh/cipher-3des1.c @@ -1,3 +1,4 @@ +/* $OpenBSD: cipher-3des1.c,v 1.6 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. * @@ -23,9 +24,14 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher-3des1.c,v 1.2 2003/12/22 20:29:55 markus Exp $"); + +#include <sys/types.h> #include <openssl/evp.h> + +#include <stdarg.h> +#include <string.h> + #include "xmalloc.h" #include "log.h" diff --git a/crypto/openssh/cipher-acss.c b/crypto/openssh/cipher-acss.c index a95fa67..cb0bf73 100644 --- a/crypto/openssh/cipher-acss.c +++ b/crypto/openssh/cipher-acss.c @@ -15,9 +15,10 @@ */ #include "includes.h" + #include <openssl/evp.h> -RCSID("$Id: cipher-acss.c,v 1.3 2005/07/17 07:04:47 djm Exp $"); +#include <string.h> #if !defined(EVP_CTRL_SET_ACSS_MODE) && (OPENSSL_VERSION_NUMBER >= 0x00907000L) diff --git a/crypto/openssh/cipher-aes.c b/crypto/openssh/cipher-aes.c index 228ddb1..3ea5949 100644 --- a/crypto/openssh/cipher-aes.c +++ b/crypto/openssh/cipher-aes.c @@ -28,9 +28,13 @@ #include "openbsd-compat/openssl-compat.h" #ifdef USE_BUILTIN_RIJNDAEL -RCSID("$OpenBSD: cipher-aes.c,v 1.2 2003/11/26 21:44:29 djm Exp $"); +#include <sys/types.h> #include <openssl/evp.h> + +#include <stdarg.h> +#include <string.h> + #include "rijndael.h" #include "xmalloc.h" #include "log.h" diff --git a/crypto/openssh/cipher-bf1.c b/crypto/openssh/cipher-bf1.c index 5af695c..292488c 100644 --- a/crypto/openssh/cipher-bf1.c +++ b/crypto/openssh/cipher-bf1.c @@ -1,3 +1,4 @@ +/* $OpenBSD: cipher-bf1.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. * @@ -23,9 +24,14 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher-bf1.c,v 1.1 2003/05/15 03:08:29 markus Exp $"); + +#include <sys/types.h> #include <openssl/evp.h> + +#include <stdarg.h> +#include <string.h> + #include "xmalloc.h" #include "log.h" diff --git a/crypto/openssh/cipher-ctr.c b/crypto/openssh/cipher-ctr.c index 8a98f3c..b24f3a4 100644 --- a/crypto/openssh/cipher-ctr.c +++ b/crypto/openssh/cipher-ctr.c @@ -1,3 +1,4 @@ +/* $OpenBSD: cipher-ctr.c,v 1.10 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2003 Markus Friedl <markus@openbsd.org> * @@ -14,12 +15,16 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "includes.h" -RCSID("$OpenBSD: cipher-ctr.c,v 1.6 2005/07/17 07:17:55 djm Exp $"); + +#include <sys/types.h> + +#include <stdarg.h> +#include <string.h> #include <openssl/evp.h> -#include "log.h" #include "xmalloc.h" +#include "log.h" /* compatibility with old or broken OpenSSL versions */ #include "openbsd-compat/openssl-compat.h" diff --git a/crypto/openssh/cleanup.c b/crypto/openssh/cleanup.c index 11d1d4d..238f965 100644 --- a/crypto/openssh/cleanup.c +++ b/crypto/openssh/cleanup.c @@ -1,3 +1,4 @@ +/* $OpenBSD: cleanup.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2003 Markus Friedl <markus@openbsd.org> * @@ -13,8 +14,13 @@ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + #include "includes.h" -RCSID("$OpenBSD: cleanup.c,v 1.1 2003/09/23 20:17:11 markus Exp $"); + +#include <sys/types.h> + +#include <unistd.h> +#include <stdarg.h> #include "log.h" diff --git a/crypto/openssh/clientloop.c b/crypto/openssh/clientloop.c index b76f7cf..88dfb1f 100644 --- a/crypto/openssh/clientloop.c +++ b/crypto/openssh/clientloop.c @@ -1,3 +1,4 @@ +/* $OpenBSD: clientloop.c,v 1.175 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -59,20 +60,43 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.149 2005/12/30 15:56:37 reyk Exp $"); +#include <sys/types.h> +#include <sys/ioctl.h> +#include <sys/param.h> +#ifdef HAVE_SYS_STAT_H +# include <sys/stat.h> +#endif +#ifdef HAVE_SYS_TIME_H +# include <sys/time.h> +#endif +#include <sys/socket.h> + +#include <ctype.h> +#include <errno.h> +#ifdef HAVE_PATHS_H +#include <paths.h> +#endif +#include <signal.h> +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <termios.h> +#include <pwd.h> +#include <unistd.h> + +#include "xmalloc.h" #include "ssh.h" #include "ssh1.h" #include "ssh2.h" -#include "xmalloc.h" #include "packet.h" #include "buffer.h" #include "compat.h" #include "channels.h" #include "dispatch.h" -#include "buffer.h" -#include "bufaux.h" #include "key.h" +#include "cipher.h" #include "kex.h" #include "log.h" #include "readconf.h" @@ -118,7 +142,7 @@ static volatile sig_atomic_t received_signal = 0; static int in_non_blocking_mode = 0; /* Common data for the client loop code. */ -static int quit_pending; /* Set to non-zero to quit the client loop. */ +static volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */ static int escape_char; /* Escape character. */ static int escape_pending; /* Last character was the escape character */ static int last_was_cr; /* Last character was a newline. */ @@ -178,7 +202,7 @@ enter_non_blocking(void) * Signal handler for the window change signal (SIGWINCH). This just sets a * flag indicating that the window has changed. */ - +/*ARGSUSED */ static void window_change_handler(int sig) { @@ -190,7 +214,7 @@ window_change_handler(int sig) * Signal handler for signals that cause the program to terminate. These * signals must be trapped to restore terminal modes. */ - +/*ARGSUSED */ static void signal_handler(int sig) { @@ -422,10 +446,10 @@ client_check_window_change(void) if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0) return; packet_start(SSH_CMSG_WINDOW_SIZE); - packet_put_int(ws.ws_row); - packet_put_int(ws.ws_col); - packet_put_int(ws.ws_xpixel); - packet_put_int(ws.ws_ypixel); + packet_put_int((u_int)ws.ws_row); + packet_put_int((u_int)ws.ws_col); + packet_put_int((u_int)ws.ws_xpixel); + packet_put_int((u_int)ws.ws_ypixel); packet_send(); } } @@ -569,7 +593,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) } static void -client_process_net_input(fd_set * readset) +client_process_net_input(fd_set *readset) { int len; char buf[8192]; @@ -677,7 +701,7 @@ client_extra_session2_setup(int id, void *arg) } static void -client_process_control(fd_set * readset) +client_process_control(fd_set *readset) { Buffer m; Channel *c; @@ -808,8 +832,7 @@ client_process_control(fd_set * readset) return; } - cctx = xmalloc(sizeof(*cctx)); - memset(cctx, 0, sizeof(*cctx)); + cctx = xcalloc(1, sizeof(*cctx)); cctx->want_tty = (flags & SSHMUX_FLAG_TTY) != 0; cctx->want_subsys = (flags & SSHMUX_FLAG_SUBSYS) != 0; cctx->want_x_fwd = (flags & SSHMUX_FLAG_X11_FWD) != 0; @@ -824,7 +847,7 @@ client_process_control(fd_set * readset) env_len = MIN(env_len, 4096); debug3("%s: receiving %d env vars", __func__, env_len); if (env_len != 0) { - cctx->env = xmalloc(sizeof(*cctx->env) * (env_len + 1)); + cctx->env = xcalloc(env_len + 1, sizeof(*cctx->env)); for (i = 0; i < env_len; i++) cctx->env[i] = buffer_get_string(&m, &len); cctx->env[i] = NULL; @@ -832,6 +855,7 @@ client_process_control(fd_set * readset) debug2("%s: accepted tty %d, subsys %d, cmd %s", __func__, cctx->want_tty, cctx->want_subsys, cmd); + xfree(cmd); /* Gather fds from client */ new_fd[0] = mm_receive_fd(client_fd); @@ -912,12 +936,16 @@ process_cmdline(void) if (*s == 'h' || *s == 'H' || *s == '?') { logit("Commands:"); - logit(" -Lport:host:hostport Request local forward"); - logit(" -Rport:host:hostport Request remote forward"); - logit(" -KRhostport Cancel remote forward"); + logit(" -L[bind_address:]port:host:hostport " + "Request local forward"); + logit(" -R[bind_address:]port:host:hostport " + "Request remote forward"); + logit(" -KR[bind_address:]port " + "Cancel remote forward"); if (!options.permit_local_command) goto out; - logit(" !args Execute local command"); + logit(" !args " + "Execute local command"); goto out; } @@ -978,9 +1006,12 @@ process_cmdline(void) goto out; } } else { - channel_request_remote_forwarding(fwd.listen_host, + if (channel_request_remote_forwarding(fwd.listen_host, fwd.listen_port, fwd.connect_host, - fwd.connect_port); + fwd.connect_port) < 0) { + logit("Port forwarding failed."); + goto out; + } } logit("Forwarding port."); @@ -1172,7 +1203,7 @@ Supported escape sequences:\r\n\ } static void -client_process_input(fd_set * readset) +client_process_input(fd_set *readset) { int len; char buf[8192]; @@ -1225,7 +1256,7 @@ client_process_input(fd_set * readset) } static void -client_process_output(fd_set * writeset) +client_process_output(fd_set *writeset) { int len; char buf[100]; @@ -1869,10 +1900,10 @@ client_session2_setup(int id, int want_tty, int want_subsystem, channel_request_start(id, "pty-req", 0); packet_put_cstring(term != NULL ? term : ""); - packet_put_int(ws.ws_col); - packet_put_int(ws.ws_row); - packet_put_int(ws.ws_xpixel); - packet_put_int(ws.ws_ypixel); + packet_put_int((u_int)ws.ws_col); + packet_put_int((u_int)ws.ws_row); + packet_put_int((u_int)ws.ws_xpixel); + packet_put_int((u_int)ws.ws_ypixel); tio = get_saved_tio(); tty_make_modes(-1, tiop != NULL ? tiop : &tio); packet_send(); diff --git a/crypto/openssh/clientloop.h b/crypto/openssh/clientloop.h index aed2d91..beec62f 100644 --- a/crypto/openssh/clientloop.h +++ b/crypto/openssh/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.14 2005/07/04 00:58:43 djm Exp $ */ +/* $OpenBSD: clientloop.h,v 1.16 2006/03/25 22:22:42 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -35,6 +35,8 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include <termios.h> + /* Client side main loop for the interactive session. */ int client_loop(int, int, int); void client_x11_get_proto(const char *, const char *, u_int, diff --git a/crypto/openssh/compress.c b/crypto/openssh/compress.c index 0d1c7e5..c058d22 100644 --- a/crypto/openssh/compress.c +++ b/crypto/openssh/compress.c @@ -1,3 +1,4 @@ +/* $OpenBSD: compress.c,v 1.25 2006/08/06 01:13:32 stevesk Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -12,11 +13,14 @@ */ #include "includes.h" -RCSID("$OpenBSD: compress.c,v 1.21 2004/01/13 19:45:15 markus Exp $"); + +#include <sys/types.h> + +#include <stdarg.h> +#include <zlib.h> #include "log.h" #include "buffer.h" -#include "zlib.h" #include "compress.h" z_stream incoming_stream; diff --git a/crypto/openssh/compress.h b/crypto/openssh/compress.h index e364f4b..418d6fd 100644 --- a/crypto/openssh/compress.h +++ b/crypto/openssh/compress.h @@ -1,4 +1,4 @@ -/* $OpenBSD: compress.h,v 1.11 2002/03/04 17:27:39 stevesk Exp $ */ +/* $OpenBSD: compress.h,v 1.12 2006/03/25 22:22:43 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/crc32.c b/crypto/openssh/crc32.c index ac627b5..c192eb4 100644 --- a/crypto/openssh/crc32.c +++ b/crypto/openssh/crc32.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crc32.c,v 1.9 2003/02/12 21:39:50 markus Exp $ */ +/* $OpenBSD: crc32.c,v 1.11 2006/04/22 18:29:33 stevesk Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. @@ -99,7 +99,7 @@ ssh_crc32(const u_char *buf, u_int32_t size) u_int32_t i, crc; crc = 0; - for (i = 0; i < size; i++) + for (i = 0; i < size; i++) crc = crc32tab[(crc ^ buf[i]) & 0xff] ^ (crc >> 8); return crc; } diff --git a/crypto/openssh/crc32.h b/crypto/openssh/crc32.h index a2fb584..5d7131a 100644 --- a/crypto/openssh/crc32.h +++ b/crypto/openssh/crc32.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crc32.h,v 1.14 2003/02/12 21:39:50 markus Exp $ */ +/* $OpenBSD: crc32.h,v 1.15 2006/03/25 22:22:43 djm Exp $ */ /* * Copyright (c) 2003 Markus Friedl. All rights reserved. diff --git a/crypto/openssh/deattack.c b/crypto/openssh/deattack.c index 8b55d66..1b37e4d 100644 --- a/crypto/openssh/deattack.c +++ b/crypto/openssh/deattack.c @@ -1,3 +1,4 @@ +/* $OpenBSD: deattack.c,v 1.30 2006/09/16 19:53:37 djm Exp $ */ /* * Cryptographic attack detector for ssh - source code * @@ -18,14 +19,36 @@ */ #include "includes.h" -RCSID("$OpenBSD: deattack.c,v 1.19 2003/09/18 08:49:45 markus Exp $"); +#include <sys/types.h> + +#include <string.h> +#include <stdio.h> +#include <stdarg.h> + +#include "xmalloc.h" #include "deattack.h" #include "log.h" #include "crc32.h" -#include "getput.h" -#include "xmalloc.h" -#include "deattack.h" +#include "misc.h" + +/* + * CRC attack detection has a worst-case behaviour that is O(N^3) over + * the number of identical blocks in a packet. This behaviour can be + * exploited to create a limited denial of service attack. + * + * However, because we are dealing with encrypted data, identical + * blocks should only occur every 2^35 maximally-sized packets or so. + * Consequently, we can detect this DoS by looking for identical blocks + * in a packet. + * + * The parameter below determines how many identical blocks we will + * accept in a single packet, trading off between attack detection and + * likelihood of terminating a legitimate connection. A value of 32 + * corresponds to an average of 2^40 messages before an attack is + * misdetected + */ +#define MAX_IDENTICAL 32 /* SSH Constants */ #define SSH_MAXBLOCKS (32 * 1024) @@ -43,7 +66,7 @@ RCSID("$OpenBSD: deattack.c,v 1.19 2003/09/18 08:49:45 markus Exp $"); /* Hash function (Input keys are cipher results) */ -#define HASH(x) GET_32BIT(x) +#define HASH(x) get_u32(x) #define CMP(a, b) (memcmp(a, b, SSH_BLOCKSIZE)) @@ -51,22 +74,17 @@ static void crc_update(u_int32_t *a, u_int32_t b) { b ^= *a; - *a = ssh_crc32((u_char *) &b, sizeof(b)); + *a = ssh_crc32((u_char *)&b, sizeof(b)); } /* detect if a block is used in a particular pattern */ static int -check_crc(u_char *S, u_char *buf, u_int32_t len, - u_char *IV) +check_crc(u_char *S, u_char *buf, u_int32_t len) { u_int32_t crc; u_char *c; crc = 0; - if (IV && !CMP(S, IV)) { - crc_update(&crc, 1); - crc_update(&crc, 0); - } for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { if (!CMP(S, c)) { crc_update(&crc, 1); @@ -82,12 +100,12 @@ check_crc(u_char *S, u_char *buf, u_int32_t len, /* Detect a crc32 compensation attack on a packet */ int -detect_attack(u_char *buf, u_int32_t len, u_char *IV) +detect_attack(u_char *buf, u_int32_t len) { static u_int16_t *h = (u_int16_t *) NULL; static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; u_int32_t i, j; - u_int32_t l; + u_int32_t l, same; u_char *c; u_char *d; @@ -100,26 +118,20 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) if (h == NULL) { debug("Installing crc compensation attack detector."); - h = (u_int16_t *) xmalloc(l * HASH_ENTRYSIZE); + h = (u_int16_t *) xcalloc(l, HASH_ENTRYSIZE); n = l; } else { if (l > n) { - h = (u_int16_t *) xrealloc(h, l * HASH_ENTRYSIZE); + h = (u_int16_t *)xrealloc(h, l, HASH_ENTRYSIZE); n = l; } } if (len <= HASH_MINBLOCKS) { for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { - if (IV && (!CMP(c, IV))) { - if ((check_crc(c, buf, len, IV))) - return (DEATTACK_DETECTED); - else - break; - } for (d = buf; d < c; d += SSH_BLOCKSIZE) { if (!CMP(c, d)) { - if ((check_crc(c, buf, len, IV))) + if ((check_crc(c, buf, len))) return (DEATTACK_DETECTED); else break; @@ -130,21 +142,13 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) } memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE); - if (IV) - h[HASH(IV) & (n - 1)] = HASH_IV; - - for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { + for (c = buf, same = j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; i = (i + 1) & (n - 1)) { - if (h[i] == HASH_IV) { - if (!CMP(c, IV)) { - if (check_crc(c, buf, len, IV)) - return (DEATTACK_DETECTED); - else - break; - } - } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { - if (check_crc(c, buf, len, IV)) + if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { + if (++same > MAX_IDENTICAL) + return (DEATTACK_DOS_DETECTED); + if (check_crc(c, buf, len)) return (DEATTACK_DETECTED); else break; diff --git a/crypto/openssh/deattack.h b/crypto/openssh/deattack.h index ddccdea..0316fb2 100644 --- a/crypto/openssh/deattack.h +++ b/crypto/openssh/deattack.h @@ -1,4 +1,4 @@ -/* $OpenBSD: deattack.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */ +/* $OpenBSD: deattack.h,v 1.10 2006/09/16 19:53:37 djm Exp $ */ /* * Cryptographic attack detector for ssh - Header file @@ -25,6 +25,7 @@ /* Return codes */ #define DEATTACK_OK 0 #define DEATTACK_DETECTED 1 +#define DEATTACK_DOS_DETECTED 2 -int detect_attack(u_char *, u_int32_t, u_char[8]); +int detect_attack(u_char *, u_int32_t); #endif diff --git a/crypto/openssh/defines.h b/crypto/openssh/defines.h index f259341..8a4e2c7 100644 --- a/crypto/openssh/defines.h +++ b/crypto/openssh/defines.h @@ -25,12 +25,12 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.130 2005/12/17 11:04:09 dtucker Exp $ */ +/* $Id: defines.h,v 1.138 2006/09/21 13:13:30 dtucker Exp $ */ /* Constants */ -#ifndef SHUT_RDWR +#if defined(HAVE_DECL_SHUT_RD) && HAVE_DECL_SHUT_RD == 0 enum { SHUT_RD = 0, /* No more receptions. */ @@ -90,8 +90,8 @@ enum #endif #endif -#ifndef O_NONBLOCK /* Non Blocking Open */ -# define O_NONBLOCK 00004 +#if defined(HAVE_DECL_O_NONBLOCK) && HAVE_DECL_O_NONBLOCK == 0 +# define O_NONBLOCK 00004 /* Non Blocking Open */ #endif #ifndef S_ISDIR @@ -143,16 +143,11 @@ including rpc/rpc.h breaks Solaris 6 #define INADDR_LOOPBACK ((u_long)0x7f000001) #endif -#ifndef __unused -#define __unused -#endif - /* Types */ /* If sys/types.h does not supply intXX_t, supply them ourselves */ /* (or die trying) */ - #ifndef HAVE_U_INT typedef unsigned int u_int; #endif @@ -496,6 +491,22 @@ struct winsize { # define offsetof(type, member) ((size_t) &((type *)0)->member) #endif +/* Set up BSD-style BYTE_ORDER definition if it isn't there already */ +/* XXX: doesn't try to cope with strange byte orders (PDP_ENDIAN) */ +#ifndef BYTE_ORDER +# ifndef LITTLE_ENDIAN +# define LITTLE_ENDIAN 1234 +# endif /* LITTLE_ENDIAN */ +# ifndef BIG_ENDIAN +# define BIG_ENDIAN 4321 +# endif /* BIG_ENDIAN */ +# ifdef WORDS_BIGENDIAN +# define BYTE_ORDER BIG_ENDIAN +# else /* WORDS_BIGENDIAN */ +# define BYTE_ORDER LITTLE_ENDIAN +# endif /* WORDS_BIGENDIAN */ +#endif /* BYTE_ORDER */ + /* Function replacement / compatibility hacks */ #if !defined(HAVE_GETADDRINFO) && (defined(HAVE_OGETADDRINFO) || defined(HAVE_NGETADDRINFO)) @@ -517,19 +528,6 @@ struct winsize { # define optarg BSDoptarg #endif -/* In older versions of libpam, pam_strerror takes a single argument */ -#ifdef HAVE_OLD_PAM -# define PAM_STRERROR(a,b) pam_strerror((b)) -#else -# define PAM_STRERROR(a,b) pam_strerror((a),(b)) -#endif - -#ifdef PAM_SUN_CODEBASE -# define PAM_MSG_MEMBER(msg, n, member) ((*(msg))[(n)].member) -#else -# define PAM_MSG_MEMBER(msg, n, member) ((msg)[(n)]->member) -#endif - #if defined(BROKEN_GETADDRINFO) && defined(HAVE_GETADDRINFO) # undef HAVE_GETADDRINFO #endif @@ -544,6 +542,11 @@ struct winsize { # undef HAVE_UPDWTMPX #endif +#if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) && \ + defined(SYSLOG_R_SAFE_IN_SIGHAND) +# define DO_LOG_SAFE_IN_SIGHAND +#endif + #if !defined(HAVE_MEMMOVE) && defined(HAVE_BCOPY) # define memmove(s1, s2, n) bcopy((s2), (s1), (n)) #endif /* !defined(HAVE_MEMMOVE) && defined(HAVE_BCOPY) */ @@ -553,6 +556,7 @@ struct winsize { #endif /* defined(HAVE_VHANGUP) && !defined(HAVE_DEV_PTMX) */ #ifndef GETPGRP_VOID +# include <unistd.h> # define getpgrp() getpgrp(0) #endif @@ -715,12 +719,14 @@ struct winsize { # undef HAVE_MMAP #endif -/* some system headers on HP-UX define YES/NO */ -#ifdef YES -# undef YES -#endif -#ifdef NO -# undef NO +#ifndef IOV_MAX +# if defined(_XOPEN_IOV_MAX) +# define IOV_MAX _XOPEN_IOV_MAX +# elif defined(DEF_IOV_MAX) +# define IOV_MAX DEF_IOV_MAX +# else +# define IOV_MAX 16 +# endif #endif #endif /* _DEFINES_H */ diff --git a/crypto/openssh/dh.c b/crypto/openssh/dh.c index 044d869..f6ef05c 100644 --- a/crypto/openssh/dh.c +++ b/crypto/openssh/dh.c @@ -1,3 +1,4 @@ +/* $OpenBSD: dh.c,v 1.42 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -23,17 +24,17 @@ */ #include "includes.h" -RCSID("$OpenBSD: dh.c,v 1.31 2004/08/04 10:37:52 djm Exp $"); -#include "xmalloc.h" +#include <sys/param.h> #include <openssl/bn.h> #include <openssl/dh.h> -#include <openssl/evp.h> -#include "buffer.h" -#include "cipher.h" -#include "kex.h" +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + #include "dh.h" #include "pathnames.h" #include "log.h" @@ -44,9 +45,11 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) { char *cp, *arg; char *strsize, *gen, *prime; + const char *errstr = NULL; cp = line; - arg = strdelim(&cp); + if ((arg = strdelim(&cp)) == NULL) + return 0; /* Ignore leading whitespace */ if (*arg == '\0') arg = strdelim(&cp); @@ -67,7 +70,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) goto fail; strsize = strsep(&cp, " "); /* size */ if (cp == NULL || *strsize == '\0' || - (dhg->size = atoi(strsize)) == 0) + (dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 || + errstr) goto fail; /* The whole group is one bit larger */ dhg->size++; @@ -178,19 +182,36 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) int i; int n = BN_num_bits(dh_pub); int bits_set = 0; + BIGNUM *tmp; if (dh_pub->neg) { logit("invalid public DH value: negativ"); return 0; } + if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */ + logit("invalid public DH value: <= 1"); + return 0; + } + + if ((tmp = BN_new()) == NULL) + return (-1); + if (!BN_sub(tmp, dh->p, BN_value_one()) || + BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */ + BN_clear_free(tmp); + logit("invalid public DH value: >= p-1"); + return 0; + } + BN_clear_free(tmp); + for (i = 0; i <= n; i++) if (BN_is_bit_set(dh_pub, i)) bits_set++; debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ - if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1)) + if (bits_set > 1) return 1; + logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); return 0; } diff --git a/crypto/openssh/dh.h b/crypto/openssh/dh.h index 723dd08..8e580ee 100644 --- a/crypto/openssh/dh.h +++ b/crypto/openssh/dh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.h,v 1.8 2004/06/13 12:53:24 djm Exp $ */ +/* $OpenBSD: dh.h,v 1.9 2006/03/25 22:22:43 djm Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. diff --git a/crypto/openssh/dispatch.c b/crypto/openssh/dispatch.c index c5ff650..d6b63be 100644 --- a/crypto/openssh/dispatch.c +++ b/crypto/openssh/dispatch.c @@ -1,3 +1,4 @@ +/* $OpenBSD: dispatch.c,v 1.21 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -21,8 +22,13 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + #include "includes.h" -RCSID("$OpenBSD: dispatch.c,v 1.16 2003/04/08 20:21:28 itojun Exp $"); + +#include <sys/types.h> + +#include <signal.h> +#include <stdarg.h> #include "ssh1.h" #include "ssh2.h" @@ -76,7 +82,7 @@ dispatch_set(int type, dispatch_fn *fn) dispatch[type] = fn; } void -dispatch_run(int mode, int *done, void *ctxt) +dispatch_run(int mode, volatile sig_atomic_t *done, void *ctxt) { for (;;) { int type; diff --git a/crypto/openssh/dispatch.h b/crypto/openssh/dispatch.h index a82e216..3e3d1a1 100644 --- a/crypto/openssh/dispatch.h +++ b/crypto/openssh/dispatch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dispatch.h,v 1.9 2002/01/11 13:39:36 markus Exp $ */ +/* $OpenBSD: dispatch.h,v 1.11 2006/04/20 09:27:09 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -23,6 +23,9 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include <signal.h> + enum { DISPATCH_BLOCK, DISPATCH_NONBLOCK @@ -33,6 +36,6 @@ typedef void dispatch_fn(int, u_int32_t, void *); void dispatch_init(dispatch_fn *); void dispatch_set(int, dispatch_fn *); void dispatch_range(u_int, u_int, dispatch_fn *); -void dispatch_run(int, int *, void *); +void dispatch_run(int, volatile sig_atomic_t *, void *); void dispatch_protocol_error(int, u_int32_t, void *); void dispatch_protocol_ignore(int, u_int32_t, void *); diff --git a/crypto/openssh/dns.c b/crypto/openssh/dns.c index a71dd9b..92623de 100644 --- a/crypto/openssh/dns.c +++ b/crypto/openssh/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.16 2005/10/17 14:13:35 stevesk Exp $ */ +/* $OpenBSD: dns.c,v 1.23 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -26,9 +26,14 @@ */ #include "includes.h" -RCSID("$OpenBSD: dns.c,v 1.16 2005/10/17 14:13:35 stevesk Exp $"); + +#include <sys/types.h> +#include <sys/socket.h> #include <netdb.h> +#include <stdarg.h> +#include <stdio.h> +#include <string.h> #include "xmalloc.h" #include "key.h" @@ -122,7 +127,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, *digest = (u_char *) xmalloc(*digest_len); memcpy(*digest, rdata + 2, *digest_len); } else { - *digest = xstrdup(""); + *digest = (u_char *)xstrdup(""); } success = 1; diff --git a/crypto/openssh/dns.h b/crypto/openssh/dns.h index 0aa1c28..b2633a1 100644 --- a/crypto/openssh/dns.h +++ b/crypto/openssh/dns.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.h,v 1.6 2005/10/17 14:13:35 stevesk Exp $ */ +/* $OpenBSD: dns.h,v 1.10 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -25,8 +25,6 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "includes.h" - #ifndef DNS_H #define DNS_H diff --git a/crypto/openssh/entropy.c b/crypto/openssh/entropy.c index e5b45b0..4f19c87 100644 --- a/crypto/openssh/entropy.c +++ b/crypto/openssh/entropy.c @@ -24,6 +24,19 @@ #include "includes.h" +#include <sys/types.h> +#include <sys/wait.h> + +#ifdef HAVE_SYS_STAT_H +# include <sys/stat.h> +#endif + +#ifdef HAVE_FCNTL_H +# include <fcntl.h> +#endif +#include <stdarg.h> +#include <unistd.h> + #include <openssl/rand.h> #include <openssl/crypto.h> #include <openssl/err.h> @@ -35,7 +48,6 @@ #include "pathnames.h" #include "log.h" #include "buffer.h" -#include "bufaux.h" /* * Portable OpenSSH PRNG seeding: @@ -48,8 +60,6 @@ * XXX: we should tell the child how many bytes we need. */ -RCSID("$Id: entropy.c,v 1.52 2005/09/27 22:26:30 dtucker Exp $"); - #ifndef OPENSSL_PRNG_ONLY #define RANDOM_SEED_SIZE 48 static uid_t original_uid, original_euid; diff --git a/crypto/openssh/fatal.c b/crypto/openssh/fatal.c index ae1aaac..5e5aa3f 100644 --- a/crypto/openssh/fatal.c +++ b/crypto/openssh/fatal.c @@ -1,3 +1,4 @@ +/* $OpenBSD: fatal.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -23,7 +24,10 @@ */ #include "includes.h" -RCSID("$OpenBSD: fatal.c,v 1.2 2003/09/23 20:17:11 markus Exp $"); + +#include <sys/types.h> + +#include <stdarg.h> #include "log.h" @@ -33,6 +37,7 @@ void fatal(const char *fmt,...) { va_list args; + va_start(args, fmt); do_log(SYSLOG_LEVEL_FATAL, fmt, args); va_end(args); diff --git a/crypto/openssh/groupaccess.c b/crypto/openssh/groupaccess.c index f50879f..e73f62b 100644 --- a/crypto/openssh/groupaccess.c +++ b/crypto/openssh/groupaccess.c @@ -1,3 +1,4 @@ +/* $OpenBSD: groupaccess.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. * @@ -23,10 +24,16 @@ */ #include "includes.h" -RCSID("$OpenBSD: groupaccess.c,v 1.6 2003/04/08 20:21:28 itojun Exp $"); -#include "groupaccess.h" +#include <sys/types.h> +#include <sys/param.h> + +#include <grp.h> +#include <unistd.h> +#include <stdarg.h> + #include "xmalloc.h" +#include "groupaccess.h" #include "match.h" #include "log.h" @@ -52,8 +59,8 @@ ga_init(const char *user, gid_t base) ngroups = MAX(NGROUPS_MAX, sysconf(_SC_NGROUPS_MAX)); #endif - groups_bygid = xmalloc(ngroups * sizeof(*groups_bygid)); - groups_byname = xmalloc(ngroups * sizeof(*groups_byname)); + groups_bygid = xcalloc(ngroups, sizeof(*groups_bygid)); + groups_byname = xcalloc(ngroups, sizeof(*groups_byname)); if (getgrouplist(user, base, groups_bygid, &ngroups) == -1) logit("getgrouplist: groups list too small"); diff --git a/crypto/openssh/groupaccess.h b/crypto/openssh/groupaccess.h index ede4805..04b4498 100644 --- a/crypto/openssh/groupaccess.h +++ b/crypto/openssh/groupaccess.h @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.h,v 1.4 2001/06/26 17:27:23 markus Exp $ */ +/* $OpenBSD: groupaccess.h,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. @@ -27,8 +27,6 @@ #ifndef GROUPACCESS_H #define GROUPACCESS_H -#include <grp.h> - int ga_init(const char *, gid_t); int ga_match(char * const *, int); void ga_free(void); diff --git a/crypto/openssh/gss-genr.c b/crypto/openssh/gss-genr.c index c2b4f2d..57f12a2 100644 --- a/crypto/openssh/gss-genr.c +++ b/crypto/openssh/gss-genr.c @@ -1,7 +1,7 @@ -/* $OpenBSD: gss-genr.c,v 1.6 2005/10/13 22:24:31 stevesk Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.17 2006/08/29 12:02:30 dtucker Exp $ */ /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. + * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -28,8 +28,15 @@ #ifdef GSSAPI +#include <sys/types.h> +#include <sys/param.h> + +#include <stdarg.h> +#include <string.h> +#include <unistd.h> + #include "xmalloc.h" -#include "bufaux.h" +#include "buffer.h" #include "log.h" #include "ssh2.h" @@ -72,7 +79,11 @@ ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid) void ssh_gssapi_error(Gssctxt *ctxt) { - debug("%s", ssh_gssapi_last_error(ctxt, NULL, NULL)); + char *s; + + s = ssh_gssapi_last_error(ctxt, NULL, NULL); + debug("%s", s); + xfree(s); } char * @@ -131,9 +142,7 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status, void ssh_gssapi_build_ctx(Gssctxt **ctx) { - *ctx = xmalloc(sizeof (Gssctxt)); - (*ctx)->major = 0; - (*ctx)->minor = 0; + *ctx = xcalloc(1, sizeof (Gssctxt)); (*ctx)->context = GSS_C_NO_CONTEXT; (*ctx)->name = GSS_C_NO_NAME; (*ctx)->oid = GSS_C_NO_OID; @@ -203,10 +212,11 @@ OM_uint32 ssh_gssapi_import_name(Gssctxt *ctx, const char *host) { gss_buffer_desc gssbuf; + char *val; - gssbuf.length = sizeof("host@") + strlen(host); - gssbuf.value = xmalloc(gssbuf.length); - snprintf(gssbuf.value, gssbuf.length, "host@%s", host); + xasprintf(&val, "host@%s", host); + gssbuf.value = val; + gssbuf.length = strlen(gssbuf.value); if ((ctx->major = gss_import_name(&ctx->minor, &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name))) @@ -231,11 +241,15 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx) gss_create_empty_oid_set(&status, &oidset); gss_add_oid_set_member(&status, ctx->oid, &oidset); - if (gethostname(lname, MAXHOSTNAMELEN)) + if (gethostname(lname, MAXHOSTNAMELEN)) { + gss_release_oid_set(&status, &oidset); return (-1); + } - if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) + if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) { + gss_release_oid_set(&status, &oidset); return (ctx->major); + } if ((ctx->major = gss_acquire_cred(&ctx->minor, ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL))) @@ -277,4 +291,34 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) return (ssh_gssapi_acquire_cred(*ctx)); } +int +ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) +{ + gss_buffer_desc token = GSS_C_EMPTY_BUFFER; + OM_uint32 major, minor; + gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"}; + + /* RFC 4462 says we MUST NOT do SPNEGO */ + if (oid->length == spnego_oid.length && + (memcmp(oid->elements, spnego_oid.elements, oid->length) == 0)) + return 0; /* false */ + + ssh_gssapi_build_ctx(ctx); + ssh_gssapi_set_oid(*ctx, oid); + major = ssh_gssapi_import_name(*ctx, host); + if (!GSS_ERROR(major)) { + major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, + NULL); + gss_release_buffer(&minor, &token); + if ((*ctx)->context != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&minor, &(*ctx)->context, + GSS_C_NO_BUFFER); + } + + if (GSS_ERROR(major)) + ssh_gssapi_delete_ctx(ctx); + + return (!GSS_ERROR(major)); +} + #endif /* GSSAPI */ diff --git a/crypto/openssh/gss-serv-krb5.c b/crypto/openssh/gss-serv-krb5.c index 5c5837f..5a625ac 100644 --- a/crypto/openssh/gss-serv-krb5.c +++ b/crypto/openssh/gss-serv-krb5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv-krb5.c,v 1.4 2005/10/13 19:08:08 stevesk Exp $ */ +/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -29,11 +29,19 @@ #ifdef GSSAPI #ifdef KRB5 -#include "auth.h" +#include <sys/types.h> + +#include <stdarg.h> +#include <string.h> + #include "xmalloc.h" +#include "key.h" +#include "hostfile.h" +#include "auth.h" #include "log.h" #include "servconf.h" +#include "buffer.h" #include "ssh-gss.h" extern ServerOptions options; @@ -41,9 +49,9 @@ extern ServerOptions options; #ifdef HEIMDAL # include <krb5.h> #else -# ifdef HAVE_GSSAPI_KRB5 +# ifdef HAVE_GSSAPI_KRB5_H # include <gssapi_krb5.h> -# elif HAVE_GSSAPI_GSSAPI_KRB5 +# elif HAVE_GSSAPI_GSSAPI_KRB5_H # include <gssapi/gssapi_krb5.h> # endif #endif diff --git a/crypto/openssh/gss-serv.c b/crypto/openssh/gss-serv.c index 26eec25..e8191a8 100644 --- a/crypto/openssh/gss-serv.c +++ b/crypto/openssh/gss-serv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv.c,v 1.13 2005/10/13 22:24:31 stevesk Exp $ */ +/* $OpenBSD: gss-serv.c,v 1.20 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -28,14 +28,21 @@ #ifdef GSSAPI -#include "bufaux.h" +#include <sys/types.h> + +#include <stdarg.h> +#include <string.h> +#include <unistd.h> + +#include "xmalloc.h" +#include "buffer.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" #include "log.h" #include "channels.h" #include "session.h" -#include "servconf.h" -#include "xmalloc.h" -#include "getput.h" +#include "misc.h" #include "ssh-gss.h" @@ -78,6 +85,8 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset) &supported_mechs[i]->oid, oidset); i++; } + + gss_release_oid_set(&min_status, &supported); } @@ -151,7 +160,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name) * second without. */ - oidl = GET_16BIT(tok+2); /* length including next two bytes */ + oidl = get_u16(tok+2); /* length including next two bytes */ oidl = oidl-2; /* turn it into the _real_ length of the variable OID */ /* @@ -168,14 +177,14 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name) if (ename->length < offset+4) return GSS_S_FAILURE; - name->length = GET_32BIT(tok+offset); + name->length = get_u32(tok+offset); offset += 4; if (ename->length < offset+name->length) return GSS_S_FAILURE; name->value = xmalloc(name->length+1); - memcpy(name->value, tok+offset,name->length); + memcpy(name->value, tok+offset, name->length); ((char *)name->value)[name->length] = 0; return GSS_S_COMPLETE; @@ -234,7 +243,8 @@ ssh_gssapi_cleanup_creds(void) { if (gssapi_client.store.filename != NULL) { /* Unlink probably isn't sufficient */ - debug("removing gssapi cred file\"%s\"", gssapi_client.store.filename); + debug("removing gssapi cred file\"%s\"", + gssapi_client.store.filename); unlink(gssapi_client.store.filename); } } diff --git a/crypto/openssh/hostfile.h b/crypto/openssh/hostfile.h index d633075..d1983b3 100644 --- a/crypto/openssh/hostfile.h +++ b/crypto/openssh/hostfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.h,v 1.15 2005/03/01 10:40:26 djm Exp $ */ +/* $OpenBSD: hostfile.h,v 1.16 2006/03/25 22:22:43 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c index cd71be9..bfc1c11 100644 --- a/crypto/openssh/kex.c +++ b/crypto/openssh/kex.c @@ -1,3 +1,4 @@ +/* $OpenBSD: kex.c,v 1.76 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -23,19 +24,25 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $"); + +#include <sys/param.h> + +#include <signal.h> +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> #include <openssl/crypto.h> -#include "ssh2.h" #include "xmalloc.h" +#include "ssh2.h" #include "buffer.h" -#include "bufaux.h" #include "packet.h" #include "compat.h" #include "cipher.h" -#include "kex.h" #include "key.h" +#include "kex.h" #include "log.h" #include "mac.h" #include "match.h" @@ -44,6 +51,14 @@ RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $"); #define KEX_COOKIE_LEN 16 +#if OPENSSL_VERSION_NUMBER >= 0x00907000L +# if defined(HAVE_EVP_SHA256) +# define evp_ssh_sha256 EVP_sha256 +# else +extern const EVP_MD *evp_ssh_sha256(void); +# endif +#endif + /* prototype */ static void kex_kexinit_finish(Kex *); static void kex_choose_conf(Kex *); @@ -75,7 +90,7 @@ kex_buf2prop(Buffer *raw, int *first_kex_follows) int i; char **proposal; - proposal = xmalloc(PROPOSAL_MAX * sizeof(char *)); + proposal = xcalloc(PROPOSAL_MAX, sizeof(char *)); buffer_init(&b); buffer_append(&b, buffer_ptr(raw), buffer_len(raw)); @@ -210,8 +225,7 @@ kex_setup(char *proposal[PROPOSAL_MAX]) { Kex *kex; - kex = xmalloc(sizeof(*kex)); - memset(kex, 0, sizeof(*kex)); + kex = xcalloc(1, sizeof(*kex)); buffer_init(&kex->peer); buffer_init(&kex->my); kex_prop2buf(&kex->my, proposal); @@ -254,6 +268,7 @@ choose_enc(Enc *enc, char *client, char *server) enc->key_len = cipher_keylen(enc->cipher); enc->block_size = cipher_blocksize(enc->cipher); } + static void choose_mac(Mac *mac, char *client, char *server) { @@ -269,6 +284,7 @@ choose_mac(Mac *mac, char *client, char *server) mac->key = NULL; mac->enabled = 0; } + static void choose_comp(Comp *comp, char *client, char *server) { @@ -286,6 +302,7 @@ choose_comp(Comp *comp, char *client, char *server) } comp->name = name; } + static void choose_kex(Kex *k, char *client, char *server) { @@ -301,6 +318,11 @@ choose_kex(Kex *k, char *client, char *server) } else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) { k->kex_type = KEX_DH_GEX_SHA1; k->evp_md = EVP_sha1(); +#if OPENSSL_VERSION_NUMBER >= 0x00907000L + } else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) { + k->kex_type = KEX_DH_GEX_SHA256; + k->evp_md = evp_ssh_sha256(); +#endif } else fatal("bad kex alg %s", k->name); } @@ -364,8 +386,7 @@ kex_choose_conf(Kex *kex) /* Algorithm Negotiation */ for (mode = 0; mode < MODE_MAX; mode++) { - newkeys = xmalloc(sizeof(*newkeys)); - memset(newkeys, 0, sizeof(*newkeys)); + newkeys = xcalloc(1, sizeof(*newkeys)); kex->newkeys[mode] = newkeys; ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC; @@ -420,7 +441,7 @@ derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen, if ((mdsz = EVP_MD_size(kex->evp_md)) <= 0) fatal("bad kex md size %d", mdsz); - digest = xmalloc(roundup(need, mdsz)); + digest = xmalloc(roundup(need, mdsz)); buffer_init(&b); buffer_put_bignum2(&b, shared_secret); @@ -473,7 +494,8 @@ kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret) for (mode = 0; mode < MODE_MAX; mode++) { current_keys[mode] = kex->newkeys[mode]; kex->newkeys[mode] = NULL; - ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN); + ctos = (!kex->server && mode == MODE_OUT) || + (kex->server && mode == MODE_IN); current_keys[mode]->enc.iv = keys[ctos ? 0 : 1]; current_keys[mode]->enc.key = keys[ctos ? 2 : 3]; current_keys[mode]->mac.key = keys[ctos ? 4 : 5]; diff --git a/crypto/openssh/kex.h b/crypto/openssh/kex.h index bbd931e..b1b20f5 100644 --- a/crypto/openssh/kex.h +++ b/crypto/openssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.38 2005/11/04 05:15:59 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.44 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -26,14 +26,13 @@ #ifndef KEX_H #define KEX_H +#include <signal.h> #include <openssl/evp.h> -#include "buffer.h" -#include "cipher.h" -#include "key.h" #define KEX_DH1 "diffie-hellman-group1-sha1" #define KEX_DH14 "diffie-hellman-group14-sha1" #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" +#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" #define COMP_NONE 0 #define COMP_ZLIB 1 @@ -63,6 +62,7 @@ enum kex_exchange { KEX_DH_GRP1_SHA1, KEX_DH_GRP14_SHA1, KEX_DH_GEX_SHA1, + KEX_DH_GEX_SHA256, KEX_MAX }; @@ -112,7 +112,7 @@ struct Kex { int kex_type; Buffer my; Buffer peer; - int done; + sig_atomic_t done; int flags; const EVP_MD *evp_md; char *client_version_string; @@ -142,7 +142,7 @@ kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *); void kexgex_hash(const EVP_MD *, char *, char *, char *, int, char *, - int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, + int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *); void diff --git a/crypto/openssh/kexdh.c b/crypto/openssh/kexdh.c index f79d878..56e22f5 100644 --- a/crypto/openssh/kexdh.c +++ b/crypto/openssh/kexdh.c @@ -1,3 +1,4 @@ +/* $OpenBSD: kexdh.c,v 1.23 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -23,13 +24,17 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexdh.c,v 1.20 2005/11/04 05:15:59 djm Exp $"); + +#include <sys/types.h> + +#include <signal.h> #include <openssl/evp.h> #include "buffer.h" -#include "bufaux.h" #include "ssh2.h" +#include "key.h" +#include "cipher.h" #include "kex.h" void diff --git a/crypto/openssh/kexdhc.c b/crypto/openssh/kexdhc.c index d8a2fa3..64de7af 100644 --- a/crypto/openssh/kexdhc.c +++ b/crypto/openssh/kexdhc.c @@ -1,3 +1,4 @@ +/* $OpenBSD: kexdhc.c,v 1.9 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -23,10 +24,18 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexdhc.c,v 1.3 2005/11/04 05:15:59 djm Exp $"); + +#include <sys/types.h> + +#include <stdarg.h> +#include <stdio.h> +#include <string.h> +#include <signal.h> #include "xmalloc.h" +#include "buffer.h" #include "key.h" +#include "cipher.h" #include "kex.h" #include "log.h" #include "packet.h" @@ -82,7 +91,7 @@ kexdh_client(Kex *kex) if (kex->verify_host_key(server_host_key) == -1) fatal("server_host_key verification failed"); - /* DH paramter f, server public DH key */ + /* DH parameter f, server public DH key */ if ((dh_server_pub = BN_new()) == NULL) fatal("dh_server_pub == NULL"); packet_get_bignum2(dh_server_pub); diff --git a/crypto/openssh/kexdhs.c b/crypto/openssh/kexdhs.c index 26c8cdf..93ec97f 100644 --- a/crypto/openssh/kexdhs.c +++ b/crypto/openssh/kexdhs.c @@ -1,3 +1,4 @@ +/* $OpenBSD: kexdhs.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -23,15 +24,25 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexdhs.c,v 1.3 2005/11/04 05:15:59 djm Exp $"); + +#include <sys/types.h> + +#include <stdarg.h> +#include <string.h> +#include <signal.h> #include "xmalloc.h" +#include "buffer.h" #include "key.h" +#include "cipher.h" #include "kex.h" #include "log.h" #include "packet.h" #include "dh.h" #include "ssh2.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" void diff --git a/crypto/openssh/kexgex.c b/crypto/openssh/kexgex.c index 705484a..b60ab5c 100644 --- a/crypto/openssh/kexgex.c +++ b/crypto/openssh/kexgex.c @@ -1,3 +1,4 @@ +/* $OpenBSD: kexgex.c,v 1.27 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -24,12 +25,15 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgex.c,v 1.24 2005/11/04 05:15:59 djm Exp $"); + +#include <sys/types.h> #include <openssl/evp.h> +#include <signal.h> #include "buffer.h" -#include "bufaux.h" +#include "key.h" +#include "cipher.h" #include "kex.h" #include "ssh2.h" diff --git a/crypto/openssh/kexgexc.c b/crypto/openssh/kexgexc.c index a6ff875..2c19713 100644 --- a/crypto/openssh/kexgexc.c +++ b/crypto/openssh/kexgexc.c @@ -1,3 +1,4 @@ +/* $OpenBSD: kexgexc.c,v 1.9 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -24,10 +25,18 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgexc.c,v 1.3 2005/11/04 05:15:59 djm Exp $"); + +#include <sys/types.h> + +#include <stdarg.h> +#include <stdio.h> +#include <string.h> +#include <signal.h> #include "xmalloc.h" +#include "buffer.h" #include "key.h" +#include "cipher.h" #include "kex.h" #include "log.h" #include "packet.h" @@ -120,7 +129,7 @@ kexgex_client(Kex *kex) if (kex->verify_host_key(server_host_key) == -1) fatal("server_host_key verification failed"); - /* DH paramter f, server public DH key */ + /* DH parameter f, server public DH key */ if ((dh_server_pub = BN_new()) == NULL) fatal("dh_server_pub == NULL"); packet_get_bignum2(dh_server_pub); diff --git a/crypto/openssh/kexgexs.c b/crypto/openssh/kexgexs.c index c48b27a..5373a63 100644 --- a/crypto/openssh/kexgexs.c +++ b/crypto/openssh/kexgexs.c @@ -1,3 +1,4 @@ +/* $OpenBSD: kexgexs.c,v 1.8 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -24,16 +25,27 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgexs.c,v 1.2 2005/11/04 05:15:59 djm Exp $"); + +#include <sys/param.h> + +#include <stdarg.h> +#include <stdio.h> +#include <string.h> +#include <signal.h> #include "xmalloc.h" +#include "buffer.h" #include "key.h" +#include "cipher.h" #include "kex.h" #include "log.h" #include "packet.h" #include "dh.h" #include "ssh2.h" #include "compat.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif #include "monitor_wrap.h" void diff --git a/crypto/openssh/key.h b/crypto/openssh/key.h index 50df850..6873dd7 100644 --- a/crypto/openssh/key.h +++ b/crypto/openssh/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.23 2003/11/10 16:23:41 jakob Exp $ */ +/* $OpenBSD: key.h,v 1.26 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c index 96ab24b..7f88674 100644 --- a/crypto/openssh/log.c +++ b/crypto/openssh/log.c @@ -1,3 +1,4 @@ +/* $OpenBSD: log.c,v 1.39 2006/08/18 09:13:25 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -34,16 +35,22 @@ */ #include "includes.h" -RCSID("$OpenBSD: log.c,v 1.29 2003/09/23 20:17:11 markus Exp $"); -#include "log.h" -#include "xmalloc.h" +#include <sys/types.h> +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> #include <syslog.h> +#include <unistd.h> #if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) # include <vis.h> #endif +#include "xmalloc.h" +#include "log.h" + static LogLevel log_level = SYSLOG_LEVEL_INFO; static int log_on_stderr = 1; static int log_facility = LOG_AUTH; @@ -130,6 +137,20 @@ error(const char *fmt,...) va_end(args); } +void +sigdie(const char *fmt,...) +{ +#ifdef DO_LOG_SAFE_IN_SIGHAND + va_list args; + + va_start(args, fmt); + do_log(SYSLOG_LEVEL_FATAL, fmt, args); + va_end(args); +#endif + _exit(1); +} + + /* Log this message (information that usually should go to the log). */ void diff --git a/crypto/openssh/loginrec.h b/crypto/openssh/loginrec.h index 8e33901..859e1a6 100644 --- a/crypto/openssh/loginrec.h +++ b/crypto/openssh/loginrec.h @@ -31,12 +31,6 @@ #include "includes.h" -#include <sys/types.h> -#include <netinet/in.h> -#include <sys/socket.h> - -/* RCSID("$Id: loginrec.h,v 1.10 2005/06/19 00:19:44 djm Exp $"); */ - /** ** you should use the login_* calls to work around platform dependencies **/ diff --git a/crypto/openssh/logintest.c b/crypto/openssh/logintest.c index 95cce5a..7e9fbbf 100644 --- a/crypto/openssh/logintest.c +++ b/crypto/openssh/logintest.c @@ -31,6 +31,10 @@ #include <sys/types.h> #include <sys/wait.h> +#include <sys/socket.h> + +#include <netinet/in.h> + #include <unistd.h> #include <stdlib.h> #include <stdio.h> @@ -43,8 +47,6 @@ #include "loginrec.h" -RCSID("$Id: logintest.c,v 1.11 2004/07/17 04:07:42 dtucker Exp $"); - extern char *__progname; #define PAUSE_BEFORE_LOGOUT 3 diff --git a/crypto/openssh/mac.c b/crypto/openssh/mac.c index 2bda5a1..e5d5bfa 100644 --- a/crypto/openssh/mac.c +++ b/crypto/openssh/mac.c @@ -1,3 +1,4 @@ +/* $OpenBSD: mac.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -23,16 +24,23 @@ */ #include "includes.h" -RCSID("$OpenBSD: mac.c,v 1.7 2005/06/17 02:44:32 djm Exp $"); + +#include <sys/types.h> #include <openssl/hmac.h> +#include <stdarg.h> +#include <string.h> +#include <signal.h> + #include "xmalloc.h" -#include "getput.h" #include "log.h" #include "cipher.h" +#include "buffer.h" +#include "key.h" #include "kex.h" #include "mac.h" +#include "misc.h" struct { char *name; @@ -83,7 +91,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen) if (mac->mac_len > sizeof(m)) fatal("mac_compute: mac too long"); HMAC_Init(&c, mac->key, mac->key_len, mac->md); - PUT_32BIT(b, seqno); + put_u32(b, seqno); HMAC_Update(&c, b, sizeof(b)); HMAC_Update(&c, data, datalen); HMAC_Final(&c, m, NULL); diff --git a/crypto/openssh/mac.h b/crypto/openssh/mac.h index 43b485d..960cc5c 100644 --- a/crypto/openssh/mac.h +++ b/crypto/openssh/mac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mac.h,v 1.3 2001/06/26 17:27:24 markus Exp $ */ +/* $OpenBSD: mac.h,v 1.4 2006/03/25 22:22:43 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * diff --git a/crypto/openssh/match.c b/crypto/openssh/match.c index 29fb7da..e3c9930 100644 --- a/crypto/openssh/match.c +++ b/crypto/openssh/match.c @@ -1,3 +1,4 @@ +/* $OpenBSD: match.c,v 1.26 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -35,10 +36,14 @@ */ #include "includes.h" -RCSID("$OpenBSD: match.c,v 1.20 2005/06/17 02:44:32 djm Exp $"); -#include "match.h" +#include <sys/types.h> + +#include <ctype.h> +#include <string.h> + #include "xmalloc.h" +#include "match.h" /* * Returns true if the given string matches the pattern (which may contain ? @@ -136,7 +141,7 @@ match_pattern_list(const char *string, const char *pattern, u_int len, i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; subi++, i++) sub[subi] = dolower && isupper(pattern[i]) ? - tolower(pattern[i]) : pattern[i]; + (char)tolower(pattern[i]) : pattern[i]; /* If subpattern too long, return failure (no match). */ if (subi >= sizeof(sub) - 1) return 0; diff --git a/crypto/openssh/match.h b/crypto/openssh/match.h index a0764e0..d1d5386 100644 --- a/crypto/openssh/match.h +++ b/crypto/openssh/match.h @@ -1,4 +1,4 @@ -/* $OpenBSD: match.h,v 1.12 2002/03/01 13:12:10 markus Exp $ */ +/* $OpenBSD: match.h,v 1.13 2006/03/25 22:22:43 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/md-sha256.c b/crypto/openssh/md-sha256.c new file mode 100644 index 0000000..8c1b3b9 --- /dev/null +++ b/crypto/openssh/md-sha256.c @@ -0,0 +1,86 @@ +/* $OpenBSD: md-sha256.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */ +/* + * Copyright (c) 2005 Damien Miller <djm@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* EVP wrapper for SHA256 */ + +#include "includes.h" + +#include <sys/types.h> +#include <openssl/opensslv.h> + +#if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L) + +#include <string.h> +#include <openssl/evp.h> +#ifdef HAVE_SHA256_UPDATE +# ifdef HAVE_SHA2_H +# include <sha2.h> +# elif defined(HAVE_CRYPTO_SHA2_H) +# include <crypto/sha2.h> +# endif +#endif + +const EVP_MD *evp_ssh_sha256(void); + +static int +ssh_sha256_init(EVP_MD_CTX *ctxt) +{ + SHA256_Init(ctxt->md_data); + return (1); +} + +static int +ssh_sha256_update(EVP_MD_CTX *ctxt, const void *data, unsigned long len) +{ + SHA256_Update(ctxt->md_data, data, len); + return (1); +} + +static int +ssh_sha256_final(EVP_MD_CTX *ctxt, unsigned char *digest) +{ + SHA256_Final(digest, ctxt->md_data); + return (1); +} + +static int +ssh_sha256_cleanup(EVP_MD_CTX *ctxt) +{ + memset(ctxt->md_data, 0, sizeof(SHA256_CTX)); + return (1); +} + +const EVP_MD * +evp_ssh_sha256(void) +{ + static EVP_MD ssh_sha256; + + memset(&ssh_sha256, 0, sizeof(ssh_sha256)); + ssh_sha256.type = NID_undef; + ssh_sha256.md_size = SHA256_DIGEST_LENGTH; + ssh_sha256.init = ssh_sha256_init; + ssh_sha256.update = ssh_sha256_update; + ssh_sha256.final = ssh_sha256_final; + ssh_sha256.cleanup = ssh_sha256_cleanup; + ssh_sha256.block_size = SHA256_BLOCK_LENGTH; + ssh_sha256.ctx_size = sizeof(SHA256_CTX); + + return (&ssh_sha256); +} + +#endif /* !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L) */ + diff --git a/crypto/openssh/md5crypt.c b/crypto/openssh/md5crypt.c index 8f2523e..22ef989 100644 --- a/crypto/openssh/md5crypt.c +++ b/crypto/openssh/md5crypt.c @@ -11,9 +11,11 @@ #include "includes.h" #if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) -#include <openssl/md5.h> +#include <sys/types.h> + +#include <string.h> -RCSID("$Id: md5crypt.c,v 1.9 2003/11/21 12:56:47 djm Exp $"); +#include <openssl/md5.h> /* 0 ... 63 => ascii - 64 */ static unsigned char itoa64[] = diff --git a/crypto/openssh/misc.c b/crypto/openssh/misc.c index 29e9288..78bca2f 100644 --- a/crypto/openssh/misc.c +++ b/crypto/openssh/misc.c @@ -1,6 +1,7 @@ +/* $OpenBSD: misc.c,v 1.64 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. - * Copyright (c) 2005 Damien Miller. All rights reserved. + * Copyright (c) 2005,2006 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -24,15 +25,35 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.42 2006/01/31 10:19:02 djm Exp $"); +#include <sys/types.h> +#include <sys/ioctl.h> +#include <sys/socket.h> +#include <sys/param.h> + +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + +#include <netinet/in.h> +#include <netinet/tcp.h> + +#include <errno.h> +#include <fcntl.h> +#ifdef HAVE_PATHS_H +# include <paths.h> +#include <pwd.h> +#endif #ifdef SSH_TUN_OPENBSD #include <net/if.h> #endif +#include "xmalloc.h" #include "misc.h" #include "log.h" -#include "xmalloc.h" +#include "ssh.h" /* remove newline at end of string */ char * @@ -123,6 +144,7 @@ set_nodelay(int fd) /* Characters considered whitespace in strsep calls. */ #define WHITESPACE " \t\r\n" +#define QUOTE "\"" /* return next token in configuration line */ char * @@ -136,15 +158,27 @@ strdelim(char **s) old = *s; - *s = strpbrk(*s, WHITESPACE "="); + *s = strpbrk(*s, WHITESPACE QUOTE "="); if (*s == NULL) return (old); + if (*s[0] == '\"') { + memmove(*s, *s + 1, strlen(*s)); /* move nul too */ + /* Find matching quote */ + if ((*s = strpbrk(*s, QUOTE)) == NULL) { + return (NULL); /* no matching quote */ + } else { + *s[0] = '\0'; + return (old); + } + } + /* Allow only one '=' to be skipped */ if (*s[0] == '=') wspace = 1; *s[0] = '\0'; + /* Skip any extra whitespace after first token */ *s += strspn(*s + 1, WHITESPACE) + 1; if (*s[0] == '=' && !wspace) *s += strspn(*s + 1, WHITESPACE) + 1; @@ -155,9 +189,8 @@ strdelim(char **s) struct passwd * pwcopy(struct passwd *pw) { - struct passwd *copy = xmalloc(sizeof(*copy)); + struct passwd *copy = xcalloc(1, sizeof(*copy)); - memset(copy, 0, sizeof(*copy)); copy->pw_name = xstrdup(pw->pw_name); copy->pw_passwd = xstrdup(pw->pw_passwd); copy->pw_gecos = xstrdup(pw->pw_gecos); @@ -280,6 +313,7 @@ convtime(const char *s) switch (*endp++) { case '\0': endp--; + break; case 's': case 'S': break; @@ -312,6 +346,23 @@ convtime(const char *s) } /* + * Returns a standardized host+port identifier string. + * Caller must free returned string. + */ +char * +put_host_port(const char *host, u_short port) +{ + char *hoststr; + + if (port == 0 || port == SSH_DEFAULT_PORT) + return(xstrdup(host)); + if (asprintf(&hoststr, "[%s]:%d", host, (int)port) < 0) + fatal("put_host_port: asprintf: %s", strerror(errno)); + debug3("put_host_port: %s", hoststr); + return hoststr; +} + +/* * Search for next delimiter between hostnames/addresses and ports. * Argument may be modified (for termination). * Returns *cp if parsing succeeds. @@ -408,7 +459,7 @@ addargs(arglist *args, char *fmt, ...) } else if (args->num+2 >= nalloc) nalloc *= 2; - args->list = xrealloc(args->list, nalloc * sizeof(char *)); + args->list = xrealloc(args->list, nalloc, sizeof(char *)); args->nalloc = nalloc; args->list[args->num++] = cp; args->list[args->num] = NULL; @@ -673,18 +724,100 @@ sanitise_stdfd(void) } char * -tohex(const u_char *d, u_int l) +tohex(const void *vp, size_t l) { + const u_char *p = (const u_char *)vp; char b[3], *r; - u_int i, hl; + size_t i, hl; + + if (l > 65536) + return xstrdup("tohex: length > 65536"); hl = l * 2 + 1; - r = xmalloc(hl); - *r = '\0'; + r = xcalloc(1, hl); for (i = 0; i < l; i++) { - snprintf(b, sizeof(b), "%02x", d[i]); + snprintf(b, sizeof(b), "%02x", p[i]); strlcat(r, b, hl); } return (r); } +u_int64_t +get_u64(const void *vp) +{ + const u_char *p = (const u_char *)vp; + u_int64_t v; + + v = (u_int64_t)p[0] << 56; + v |= (u_int64_t)p[1] << 48; + v |= (u_int64_t)p[2] << 40; + v |= (u_int64_t)p[3] << 32; + v |= (u_int64_t)p[4] << 24; + v |= (u_int64_t)p[5] << 16; + v |= (u_int64_t)p[6] << 8; + v |= (u_int64_t)p[7]; + + return (v); +} + +u_int32_t +get_u32(const void *vp) +{ + const u_char *p = (const u_char *)vp; + u_int32_t v; + + v = (u_int32_t)p[0] << 24; + v |= (u_int32_t)p[1] << 16; + v |= (u_int32_t)p[2] << 8; + v |= (u_int32_t)p[3]; + + return (v); +} + +u_int16_t +get_u16(const void *vp) +{ + const u_char *p = (const u_char *)vp; + u_int16_t v; + + v = (u_int16_t)p[0] << 8; + v |= (u_int16_t)p[1]; + + return (v); +} + +void +put_u64(void *vp, u_int64_t v) +{ + u_char *p = (u_char *)vp; + + p[0] = (u_char)(v >> 56) & 0xff; + p[1] = (u_char)(v >> 48) & 0xff; + p[2] = (u_char)(v >> 40) & 0xff; + p[3] = (u_char)(v >> 32) & 0xff; + p[4] = (u_char)(v >> 24) & 0xff; + p[5] = (u_char)(v >> 16) & 0xff; + p[6] = (u_char)(v >> 8) & 0xff; + p[7] = (u_char)v & 0xff; +} + +void +put_u32(void *vp, u_int32_t v) +{ + u_char *p = (u_char *)vp; + + p[0] = (u_char)(v >> 24) & 0xff; + p[1] = (u_char)(v >> 16) & 0xff; + p[2] = (u_char)(v >> 8) & 0xff; + p[3] = (u_char)v & 0xff; +} + + +void +put_u16(void *vp, u_int16_t v) +{ + u_char *p = (u_char *)vp; + + p[0] = (u_char)(v >> 8) & 0xff; + p[1] = (u_char)v & 0xff; +} diff --git a/crypto/openssh/misc.h b/crypto/openssh/misc.h index 0a1a09a..f175b44 100644 --- a/crypto/openssh/misc.h +++ b/crypto/openssh/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.29 2006/01/31 10:19:02 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.36 2006/08/18 10:27:16 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -12,6 +12,9 @@ * called by a name other than "ssh" or "Secure Shell". */ +#ifndef _MISC_H +#define _MISC_H + /* misc.c */ char *chop(char *); @@ -21,13 +24,14 @@ int unset_nonblock(int); void set_nodelay(int); int a2port(const char *); int a2tun(const char *, int *); +char *put_host_port(const char *, u_short); char *hpdelim(char **); char *cleanhostname(char *); char *colon(char *); long convtime(const char *); char *tilde_expand_filename(const char *, uid_t); char *percent_expand(const char *, ...) __attribute__((__sentinel__)); -char *tohex(const u_char *, u_int); +char *tohex(const void *, size_t); void sanitise_stdfd(void); struct passwd *pwcopy(struct passwd *); @@ -44,17 +48,6 @@ void replacearg(arglist *, u_int, char *, ...) __attribute__((format(printf, 3, 4))); void freeargs(arglist *); -/* readpass.c */ - -#define RP_ECHO 0x0001 -#define RP_ALLOW_STDIN 0x0002 -#define RP_ALLOW_EOF 0x0004 -#define RP_USE_ASKPASS 0x0008 - -char *read_passphrase(const char *, int); -int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); -int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); - int tun_open(int, int); /* Common definitions for ssh tunnel device forwarding */ @@ -67,3 +60,31 @@ int tun_open(int, int); #define SSH_TUNID_ANY 0x7fffffff #define SSH_TUNID_ERR (SSH_TUNID_ANY - 1) #define SSH_TUNID_MAX (SSH_TUNID_ANY - 2) + +/* Functions to extract or store big-endian words of various sizes */ +u_int64_t get_u64(const void *) + __attribute__((__bounded__( __minbytes__, 1, 8))); +u_int32_t get_u32(const void *) + __attribute__((__bounded__( __minbytes__, 1, 4))); +u_int16_t get_u16(const void *) + __attribute__((__bounded__( __minbytes__, 1, 2))); +void put_u64(void *, u_int64_t) + __attribute__((__bounded__( __minbytes__, 1, 8))); +void put_u32(void *, u_int32_t) + __attribute__((__bounded__( __minbytes__, 1, 4))); +void put_u16(void *, u_int16_t) + __attribute__((__bounded__( __minbytes__, 1, 2))); + + +/* readpass.c */ + +#define RP_ECHO 0x0001 +#define RP_ALLOW_STDIN 0x0002 +#define RP_ALLOW_EOF 0x0004 +#define RP_USE_ASKPASS 0x0008 + +char *read_passphrase(const char *, int); +int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); +int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); + +#endif /* _MISC_H */ diff --git a/crypto/openssh/moduli.c b/crypto/openssh/moduli.c index d53806e..e18929b 100644 --- a/crypto/openssh/moduli.c +++ b/crypto/openssh/moduli.c @@ -1,4 +1,4 @@ -/* $OpenBSD: moduli.c,v 1.12 2005/07/17 07:17:55 djm Exp $ */ +/* $OpenBSD: moduli.c,v 1.18 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright 1994 Phil Karn <karn@qualcomm.com> * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> @@ -38,11 +38,20 @@ */ #include "includes.h" -#include "xmalloc.h" -#include "log.h" + +#include <sys/types.h> #include <openssl/bn.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> +#include <time.h> + +#include "xmalloc.h" +#include "log.h" + /* * File output defines */ @@ -301,21 +310,10 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start) largewords = (largememory << SHIFT_MEGAWORD); } - TinySieve = calloc(tinywords, sizeof(u_int32_t)); - if (TinySieve == NULL) { - error("Insufficient memory for tiny sieve: need %u bytes", - tinywords << SHIFT_BYTE); - exit(1); - } + TinySieve = xcalloc(tinywords, sizeof(u_int32_t)); tinybits = tinywords << SHIFT_WORD; - SmallSieve = calloc(smallwords, sizeof(u_int32_t)); - if (SmallSieve == NULL) { - error("Insufficient memory for small sieve: need %u bytes", - smallwords << SHIFT_BYTE); - xfree(TinySieve); - exit(1); - } + SmallSieve = xcalloc(smallwords, sizeof(u_int32_t)); smallbits = smallwords << SHIFT_WORD; /* diff --git a/crypto/openssh/monitor_fdpass.c b/crypto/openssh/monitor_fdpass.c index dd1a139..c5fc4c3 100644 --- a/crypto/openssh/monitor_fdpass.c +++ b/crypto/openssh/monitor_fdpass.c @@ -1,3 +1,4 @@ +/* $OpenBSD: monitor_fdpass.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright 2001 Niels Provos <provos@citi.umich.edu> * All rights reserved. @@ -24,10 +25,15 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor_fdpass.c,v 1.6 2004/08/13 02:51:48 djm Exp $"); +#include <sys/types.h> +#include <sys/socket.h> #include <sys/uio.h> +#include <errno.h> +#include <string.h> +#include <stdarg.h> + #include "log.h" #include "monitor_fdpass.h" diff --git a/crypto/openssh/monitor_fdpass.h b/crypto/openssh/monitor_fdpass.h index 31d080e..12c67ec 100644 --- a/crypto/openssh/monitor_fdpass.h +++ b/crypto/openssh/monitor_fdpass.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_fdpass.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */ +/* $OpenBSD: monitor_fdpass.h,v 1.3 2006/03/25 22:22:43 djm Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> diff --git a/crypto/openssh/monitor_mm.c b/crypto/openssh/monitor_mm.c index b0ec37c..dab7475 100644 --- a/crypto/openssh/monitor_mm.c +++ b/crypto/openssh/monitor_mm.c @@ -1,3 +1,4 @@ +/* $OpenBSD: monitor_mm.c,v 1.15 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> * All rights reserved. @@ -24,14 +25,20 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor_mm.c,v 1.9 2004/05/11 19:01:43 deraadt Exp $"); +#include <sys/types.h> #ifdef HAVE_SYS_MMAN_H #include <sys/mman.h> #endif +#include <sys/param.h> +#include "openbsd-compat/sys-tree.h" + +#include <errno.h> +#include <stdarg.h> +#include <string.h> -#include "ssh.h" #include "xmalloc.h" +#include "ssh.h" #include "log.h" #include "monitor_mm.h" diff --git a/crypto/openssh/monitor_mm.h b/crypto/openssh/monitor_mm.h index a1323b9..36a07a0 100644 --- a/crypto/openssh/monitor_mm.h +++ b/crypto/openssh/monitor_mm.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_mm.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */ +/* $OpenBSD: monitor_mm.h,v 1.4 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright 2002 Niels Provos <provos@citi.umich.edu> @@ -27,7 +27,6 @@ #ifndef _MM_H_ #define _MM_H_ -#include "openbsd-compat/sys-tree.h" struct mm_share { RB_ENTRY(mm_share) next; diff --git a/crypto/openssh/msg.c b/crypto/openssh/msg.c index 3e4c288..cd5f98c 100644 --- a/crypto/openssh/msg.c +++ b/crypto/openssh/msg.c @@ -1,3 +1,4 @@ +/* $OpenBSD: msg.c,v 1.15 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -21,14 +22,23 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + #include "includes.h" -RCSID("$OpenBSD: msg.c,v 1.8 2005/05/24 17:32:43 avsm Exp $"); + +#include <sys/types.h> +#include <sys/uio.h> + +#include <errno.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> +#include <stdarg.h> #include "buffer.h" -#include "getput.h" #include "log.h" #include "atomicio.h" #include "msg.h" +#include "misc.h" int ssh_msg_send(int fd, u_char type, Buffer *m) @@ -38,7 +48,7 @@ ssh_msg_send(int fd, u_char type, Buffer *m) debug3("ssh_msg_send: type %u", (unsigned int)type & 0xff); - PUT_32BIT(buf, mlen + 1); + put_u32(buf, mlen + 1); buf[4] = type; /* 1st byte of payload is mesg-type */ if (atomicio(vwrite, fd, buf, sizeof(buf)) != sizeof(buf)) { error("ssh_msg_send: write"); @@ -64,7 +74,7 @@ ssh_msg_recv(int fd, Buffer *m) error("ssh_msg_recv: read: header"); return (-1); } - msg_len = GET_32BIT(buf); + msg_len = get_u32(buf); if (msg_len > 256 * 1024) { error("ssh_msg_recv: read: bad msg_len %u", msg_len); return (-1); diff --git a/crypto/openssh/msg.h b/crypto/openssh/msg.h index 0d3ea06..b0cb9b5 100644 --- a/crypto/openssh/msg.h +++ b/crypto/openssh/msg.h @@ -1,4 +1,4 @@ -/* $OpenBSD: msg.h,v 1.3 2003/11/17 09:45:39 djm Exp $ */ +/* $OpenBSD: msg.h,v 1.4 2006/03/25 22:22:43 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * diff --git a/crypto/openssh/nchan.c b/crypto/openssh/nchan.c index aee3f37..ad461f4 100644 --- a/crypto/openssh/nchan.c +++ b/crypto/openssh/nchan.c @@ -1,3 +1,4 @@ +/* $OpenBSD: nchan.c,v 1.57 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -23,7 +24,13 @@ */ #include "includes.h" -RCSID("$OpenBSD: nchan.c,v 1.51 2004/07/11 17:48:47 deraadt Exp $"); + +#include <sys/types.h> +#include <sys/socket.h> + +#include <errno.h> +#include <string.h> +#include <stdarg.h> #include "ssh1.h" #include "ssh2.h" diff --git a/crypto/openssh/openbsd-compat/Makefile.in b/crypto/openssh/openbsd-compat/Makefile.in index 3a8703b..9f06605 100644 --- a/crypto/openssh/openbsd-compat/Makefile.in +++ b/crypto/openssh/openbsd-compat/Makefile.in @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.37 2005/12/31 05:33:37 djm Exp $ +# $Id: Makefile.in,v 1.40 2006/08/30 17:24:41 djm Exp $ sysconfdir=@sysconfdir@ piddir=@piddir@ @@ -16,11 +16,11 @@ RANLIB=@RANLIB@ INSTALL=@INSTALL@ LDFLAGS=-L. @LDFLAGS@ -OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtonum.o strtoll.o strtoul.o vis.o +OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtonum.o strtoll.o strtoul.o vis.o COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o -PORTS=port-irix.o port-aix.o port-uw.o port-tun.o +PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o .c.o: $(CC) $(CFLAGS) $(CPPFLAGS) -c $< diff --git a/crypto/openssh/openbsd-compat/basename.c b/crypto/openssh/openbsd-compat/basename.c index ad040e1..ffa5c89 100644 --- a/crypto/openssh/openbsd-compat/basename.c +++ b/crypto/openssh/openbsd-compat/basename.c @@ -20,6 +20,8 @@ #include "includes.h" #ifndef HAVE_BASENAME +#include <errno.h> +#include <string.h> char * basename(const char *path) diff --git a/crypto/openssh/openbsd-compat/bindresvport.c b/crypto/openssh/openbsd-compat/bindresvport.c index 7f48fd0..65afed1 100644 --- a/crypto/openssh/openbsd-compat/bindresvport.c +++ b/crypto/openssh/openbsd-compat/bindresvport.c @@ -33,8 +33,14 @@ #include "includes.h" #ifndef HAVE_BINDRESVPORT_SA +#include <sys/types.h> +#include <sys/socket.h> -#include "includes.h" +#include <netinet/in.h> +#include <arpa/inet.h> + +#include <errno.h> +#include <string.h> #define STARTPORT 600 #define ENDPORT (IPPORT_RESERVED - 1) diff --git a/crypto/openssh/openbsd-compat/bsd-arc4random.c b/crypto/openssh/openbsd-compat/bsd-arc4random.c index 1eeb695..d45fb18 100644 --- a/crypto/openssh/openbsd-compat/bsd-arc4random.c +++ b/crypto/openssh/openbsd-compat/bsd-arc4random.c @@ -15,9 +15,13 @@ */ #include "includes.h" -#include "log.h" -RCSID("$Id: bsd-arc4random.c,v 1.10 2005/02/16 02:01:28 djm Exp $"); +#include <sys/types.h> + +#include <string.h> +#include <stdarg.h> + +#include "log.h" #ifndef HAVE_ARC4RANDOM diff --git a/crypto/openssh/openbsd-compat/bsd-asprintf.c b/crypto/openssh/openbsd-compat/bsd-asprintf.c index 5ca01f8..6748013 100644 --- a/crypto/openssh/openbsd-compat/bsd-asprintf.c +++ b/crypto/openssh/openbsd-compat/bsd-asprintf.c @@ -21,6 +21,10 @@ #ifndef HAVE_VASPRINTF +#include <errno.h> +#include <stdarg.h> +#include <stdlib.h> + #ifndef VA_COPY # ifdef HAVE_VA_COPY # define VA_COPY(dest, src) va_copy(dest, src) diff --git a/crypto/openssh/openbsd-compat/bsd-closefrom.c b/crypto/openssh/openbsd-compat/bsd-closefrom.c index 5b7b94a..9380b33 100644 --- a/crypto/openssh/openbsd-compat/bsd-closefrom.c +++ b/crypto/openssh/openbsd-compat/bsd-closefrom.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004 Todd C. Miller <Todd.Miller@courtesan.com> + * Copyright (c) 2004-2005 Todd C. Miller <Todd.Miller@courtesan.com> * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -22,9 +22,14 @@ #include <sys/param.h> #include <unistd.h> #include <stdio.h> +#ifdef HAVE_FCNTL_H +# include <fcntl.h> +#endif #include <limits.h> #include <stdlib.h> #include <stddef.h> +#include <string.h> +#include <unistd.h> #ifdef HAVE_DIRENT_H # include <dirent.h> # define NAMLEN(dirent) strlen((dirent)->d_name) @@ -46,15 +51,20 @@ # define OPEN_MAX 256 #endif -RCSID("$Id: bsd-closefrom.c,v 1.2 2005/11/10 08:29:13 dtucker Exp $"); - -#ifndef lint -static const char sudorcsid[] = "$Sudo: closefrom.c,v 1.6 2004/06/01 20:51:56 millert Exp $"; +#if 0 +__unused static const char rcsid[] = "$Sudo: closefrom.c,v 1.11 2006/08/17 15:26:54 millert Exp $"; #endif /* lint */ /* * Close all file descriptors greater than or equal to lowfd. */ +#ifdef HAVE_FCNTL_CLOSEM +void +closefrom(int lowfd) +{ + (void) fcntl(lowfd, F_CLOSEM, 0); +} +#else void closefrom(int lowfd) { @@ -67,7 +77,7 @@ closefrom(int lowfd) /* Check for a /proc/$$/fd directory. */ len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid()); - if (len >= 0 && (u_int)len <= sizeof(fdpath) && (dirp = opendir(fdpath))) { + if (len > 0 && (size_t)len <= sizeof(fdpath) && (dirp = opendir(fdpath))) { while ((dent = readdir(dirp)) != NULL) { fd = strtol(dent->d_name, &endp, 10); if (dent->d_name != endp && *endp == '\0' && @@ -95,6 +105,5 @@ closefrom(int lowfd) (void) close((int) fd); } } - +#endif /* !HAVE_FCNTL_CLOSEM */ #endif /* HAVE_CLOSEFROM */ - diff --git a/crypto/openssh/openbsd-compat/bsd-cray.c b/crypto/openssh/openbsd-compat/bsd-cray.c index d1f1c05..1532c99 100644 --- a/crypto/openssh/openbsd-compat/bsd-cray.c +++ b/crypto/openssh/openbsd-compat/bsd-cray.c @@ -1,5 +1,5 @@ /* - * $Id: bsd-cray.c,v 1.14 2005/02/02 06:10:11 dtucker Exp $ + * $Id: bsd-cray.c,v 1.16 2006/09/01 05:38:41 djm Exp $ * * bsd-cray.c * @@ -52,7 +52,10 @@ #include <sys/secstat.h> #include <sys/stat.h> #include <sys/session.h> +#include <stdarg.h> #include <stdlib.h> +#include <string.h> +#include <unistd.h> #include <pwd.h> #include <fcntl.h> #include <errno.h> diff --git a/crypto/openssh/openbsd-compat/bsd-cygwin_util.c b/crypto/openssh/openbsd-compat/bsd-cygwin_util.c index b5e3cc5..dbf8176 100644 --- a/crypto/openssh/openbsd-compat/bsd-cygwin_util.c +++ b/crypto/openssh/openbsd-compat/bsd-cygwin_util.c @@ -29,15 +29,25 @@ #include "includes.h" -RCSID("$Id: bsd-cygwin_util.c,v 1.14 2005/05/25 09:42:11 dtucker Exp $"); - #ifdef HAVE_CYGWIN -#include <fcntl.h> -#include <stdlib.h> +#if defined(open) && open == binary_open +# undef open +#endif +#if defined(pipe) && open == binary_pipe +# undef pipe +#endif + +#include <sys/types.h> +#include <sys/stat.h> #include <sys/utsname.h> #include <sys/vfs.h> + +#include <fcntl.h> +#include <stdlib.h> +#include <unistd.h> #include <windows.h> + #include "xmalloc.h" #define is_winnt (GetVersion() < 0x80000000) @@ -45,13 +55,6 @@ RCSID("$Id: bsd-cygwin_util.c,v 1.14 2005/05/25 09:42:11 dtucker Exp $"); #define ntsec_off(c) ((c) && strstr((c),"nontsec")) #define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea")) -#if defined(open) && open == binary_open -# undef open -#endif -#if defined(pipe) && open == binary_pipe -# undef pipe -#endif - int binary_open(const char *filename, int flags, ...) { @@ -268,9 +271,9 @@ char ** fetch_windows_environment(void) { char **e, **p; - int i, idx = 0; + unsigned int i, idx = 0; - p = xmalloc((WENV_SIZ + 1) * sizeof(char *)); + p = xcalloc(WENV_SIZ + 1, sizeof(char *)); for (e = environ; *e != NULL; ++e) { for (i = 0; i < WENV_SIZ; ++i) { if (!strncmp(*e, wenv_arr[i].name, wenv_arr[i].namelen)) diff --git a/crypto/openssh/openbsd-compat/bsd-getpeereid.c b/crypto/openssh/openbsd-compat/bsd-getpeereid.c index fe2edad..bdae8b6 100644 --- a/crypto/openssh/openbsd-compat/bsd-getpeereid.c +++ b/crypto/openssh/openbsd-compat/bsd-getpeereid.c @@ -16,10 +16,13 @@ #include "includes.h" -RCSID("$Id: bsd-getpeereid.c,v 1.3 2004/02/17 05:49:55 djm Exp $"); - #if !defined(HAVE_GETPEEREID) +#include <sys/types.h> +#include <sys/socket.h> + +#include <unistd.h> + #if defined(SO_PEERCRED) int getpeereid(int s, uid_t *euid, gid_t *gid) diff --git a/crypto/openssh/openbsd-compat/bsd-misc.c b/crypto/openssh/openbsd-compat/bsd-misc.c index d32b054..17d731b 100644 --- a/crypto/openssh/openbsd-compat/bsd-misc.c +++ b/crypto/openssh/openbsd-compat/bsd-misc.c @@ -16,9 +16,19 @@ */ #include "includes.h" -#include "xmalloc.h" -RCSID("$Id: bsd-misc.c,v 1.28 2005/11/01 22:07:31 dtucker Exp $"); +#ifdef HAVE_SYS_SELECT_H +# include <sys/select.h> +#endif +#ifdef HAVE_SYS_TIME_H +# include <sys/time.h> +#endif + +#include <string.h> +#include <signal.h> +#include <stdlib.h> + +#include "xmalloc.h" #ifndef HAVE___PROGNAME char *__progname; diff --git a/crypto/openssh/openbsd-compat/bsd-nextstep.c b/crypto/openssh/openbsd-compat/bsd-nextstep.c index bd35a3a..8195af8 100644 --- a/crypto/openssh/openbsd-compat/bsd-nextstep.c +++ b/crypto/openssh/openbsd-compat/bsd-nextstep.c @@ -24,8 +24,6 @@ #include "includes.h" -RCSID("$Id: bsd-nextstep.c,v 1.6 2003/06/01 03:23:57 mouring Exp $"); - #ifdef HAVE_NEXT #include <errno.h> #include <sys/wait.h> diff --git a/crypto/openssh/openbsd-compat/bsd-openpty.c b/crypto/openssh/openbsd-compat/bsd-openpty.c index 8eb62b7..9777eb5 100644 --- a/crypto/openssh/openbsd-compat/bsd-openpty.c +++ b/crypto/openssh/openbsd-compat/bsd-openpty.c @@ -35,6 +35,21 @@ #include "includes.h" #if !defined(HAVE_OPENPTY) +#include <sys/types.h> + +#include <stdlib.h> + +#ifdef HAVE_SYS_STAT_H +# include <sys/stat.h> +#endif +#ifdef HAVE_SYS_IOCTL_H +# include <sys/ioctl.h> +#endif + +#ifdef HAVE_FCNTL_H +# include <fcntl.h> +#endif + #ifdef HAVE_UTIL_H # include <util.h> #endif /* HAVE_UTIL_H */ @@ -46,6 +61,10 @@ # include <sys/stropts.h> #endif +#include <signal.h> +#include <string.h> +#include <unistd.h> + #ifndef O_NOCTTY #define O_NOCTTY 0 #endif diff --git a/crypto/openssh/openbsd-compat/bsd-snprintf.c b/crypto/openssh/openbsd-compat/bsd-snprintf.c index e4ba154..04651e1 100644 --- a/crypto/openssh/openbsd-compat/bsd-snprintf.c +++ b/crypto/openssh/openbsd-compat/bsd-snprintf.c @@ -89,8 +89,6 @@ #include "includes.h" -RCSID("$Id: bsd-snprintf.c,v 1.11 2005/12/17 11:32:04 dtucker Exp $"); - #if defined(BROKEN_SNPRINTF) /* For those with broken snprintf() */ # undef HAVE_SNPRINTF # undef HAVE_VSNPRINTF @@ -110,6 +108,11 @@ RCSID("$Id: bsd-snprintf.c,v 1.11 2005/12/17 11:32:04 dtucker Exp $"); #if !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF) +#include <ctype.h> +#include <stdarg.h> +#include <stdlib.h> +#include <string.h> + #ifdef HAVE_LONG_DOUBLE # define LDOUBLE long double #else @@ -161,7 +164,7 @@ static size_t dopr(char *buffer, size_t maxlen, const char *format, static void fmtstr(char *buffer, size_t *currlen, size_t maxlen, char *value, int flags, int min, int max); static void fmtint(char *buffer, size_t *currlen, size_t maxlen, - long value, int base, int min, int max, int flags); + LLONG value, int base, int min, int max, int flags); static void fmtfp(char *buffer, size_t *currlen, size_t maxlen, LDOUBLE fvalue, int min, int max, int flags); static void dopr_outch(char *buffer, size_t *currlen, size_t maxlen, char c); @@ -468,10 +471,10 @@ static void fmtstr(char *buffer, size_t *currlen, size_t maxlen, /* Have to handle DP_F_NUM (ie 0x and 0 alternates) */ static void fmtint(char *buffer, size_t *currlen, size_t maxlen, - long value, int base, int min, int max, int flags) + LLONG value, int base, int min, int max, int flags) { int signvalue = 0; - unsigned long uvalue; + unsigned LLONG uvalue; char convert[20]; int place = 0; int spadlen = 0; /* amount to space pad */ diff --git a/crypto/openssh/openbsd-compat/bsd-waitpid.c b/crypto/openssh/openbsd-compat/bsd-waitpid.c index 93c9ec3..40e6ffa 100644 --- a/crypto/openssh/openbsd-compat/bsd-waitpid.c +++ b/crypto/openssh/openbsd-compat/bsd-waitpid.c @@ -24,8 +24,6 @@ #include "includes.h" -RCSID("$Id: bsd-waitpid.c,v 1.5 2003/06/01 03:23:57 mouring Exp $"); - #ifndef HAVE_WAITPID #include <errno.h> #include <sys/wait.h> diff --git a/crypto/openssh/openbsd-compat/daemon.c b/crypto/openssh/openbsd-compat/daemon.c index f8a0680..e3a6886 100644 --- a/crypto/openssh/openbsd-compat/daemon.c +++ b/crypto/openssh/openbsd-compat/daemon.c @@ -34,6 +34,20 @@ #ifndef HAVE_DAEMON +#include <sys/types.h> + +#ifdef HAVE_SYS_STAT_H +# include <sys/stat.h> +#endif + +#ifdef HAVE_FCNTL_H +# include <fcntl.h> +#endif + +#ifdef HAVE_UNISTD_H +# include <unistd.h> +#endif + int daemon(int nochdir, int noclose) { diff --git a/crypto/openssh/openbsd-compat/fake-rfc2553.c b/crypto/openssh/openbsd-compat/fake-rfc2553.c index 0186b53..b6ea3d2 100644 --- a/crypto/openssh/openbsd-compat/fake-rfc2553.c +++ b/crypto/openssh/openbsd-compat/fake-rfc2553.c @@ -37,7 +37,11 @@ #include "includes.h" -RCSID("$Id: fake-rfc2553.c,v 1.5 2003/09/22 02:08:23 dtucker Exp $"); +#include <stdlib.h> +#include <string.h> + +#include <netinet/in.h> +#include <arpa/inet.h> #ifndef HAVE_GETNAMEINFO int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, diff --git a/crypto/openssh/openbsd-compat/getrrsetbyname.c b/crypto/openssh/openbsd-compat/getrrsetbyname.c index bea6aea..6c86e02 100644 --- a/crypto/openssh/openbsd-compat/getrrsetbyname.c +++ b/crypto/openssh/openbsd-compat/getrrsetbyname.c @@ -49,6 +49,12 @@ #ifndef HAVE_GETRRSETBYNAME +#include <stdlib.h> +#include <string.h> + +#include <netinet/in.h> +#include <arpa/inet.h> + #include "getrrsetbyname.h" #if defined(HAVE_DECL_H_ERRNO) && !HAVE_DECL_H_ERRNO @@ -60,6 +66,13 @@ extern int h_errno; # undef _THREAD_PRIVATE #endif #define _THREAD_PRIVATE(a,b,c) (c) + +/* to avoid conflicts where a platform already has _res */ +#ifdef _res +# undef _res +#endif +#define _res _compat_res + struct __res_state _res; /* Necessary functions and macros */ diff --git a/crypto/openssh/openbsd-compat/glob.c b/crypto/openssh/openbsd-compat/glob.c index f6a04ea..b3dd2b1 100644 --- a/crypto/openssh/openbsd-compat/glob.c +++ b/crypto/openssh/openbsd-compat/glob.c @@ -34,7 +34,21 @@ /* OPENBSD ORIGINAL: lib/libc/gen/glob.c */ #include "includes.h" + +#include <sys/types.h> +#include <sys/stat.h> + +#include <dirent.h> #include <ctype.h> +#include <errno.h> +#include <pwd.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + +#if !defined(HAVE_GLOB) || !defined(GLOB_HAS_ALTDIRFUNC) || \ + !defined(GLOB_HAS_GL_MATCHC) || \ + !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0 static long get_arg_max(void) @@ -48,9 +62,6 @@ get_arg_max(void) #endif } -#if !defined(HAVE_GLOB) || !defined(GLOB_HAS_ALTDIRFUNC) || \ - !defined(GLOB_HAS_GL_MATCHC) - /* * glob(3) -- a superset of the one defined in POSIX 1003.2. * diff --git a/crypto/openssh/openbsd-compat/glob.h b/crypto/openssh/openbsd-compat/glob.h index 4fdbfc1..9ba07f7 100644 --- a/crypto/openssh/openbsd-compat/glob.h +++ b/crypto/openssh/openbsd-compat/glob.h @@ -38,7 +38,8 @@ /* OPENBSD ORIGINAL: include/glob.h */ #if !defined(HAVE_GLOB_H) || !defined(GLOB_HAS_ALTDIRFUNC) || \ - !defined(GLOB_HAS_GL_MATCHC) + !defined(GLOB_HAS_GL_MATCHC) || \ + !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0 #ifndef _GLOB_H_ #define _GLOB_H_ diff --git a/crypto/openssh/openbsd-compat/mktemp.c b/crypto/openssh/openbsd-compat/mktemp.c index 88e04c5..2285c84 100644 --- a/crypto/openssh/openbsd-compat/mktemp.c +++ b/crypto/openssh/openbsd-compat/mktemp.c @@ -35,6 +35,14 @@ #include "includes.h" +#include <sys/types.h> +#include <sys/stat.h> + +#include <fcntl.h> +#include <ctype.h> +#include <errno.h> +#include <unistd.h> + #if !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP) static int _gettemp(char *, int *, int, int); diff --git a/crypto/openssh/openbsd-compat/openbsd-compat.h b/crypto/openssh/openbsd-compat/openbsd-compat.h index 1a30273..aac2e6c 100644 --- a/crypto/openssh/openbsd-compat/openbsd-compat.h +++ b/crypto/openssh/openbsd-compat/openbsd-compat.h @@ -1,4 +1,4 @@ -/* $Id: openbsd-compat.h,v 1.33 2005/12/31 05:33:37 djm Exp $ */ +/* $Id: openbsd-compat.h,v 1.42 2006/09/03 12:44:50 dtucker Exp $ */ /* * Copyright (c) 1999-2003 Damien Miller. All rights reserved. @@ -31,6 +31,11 @@ #include "includes.h" +#include <sys/types.h> +#include <pwd.h> + +#include <sys/socket.h> + /* OpenBSD function replacements */ #include "base64.h" #include "sigact.h" @@ -38,7 +43,7 @@ #include "readpassphrase.h" #include "vis.h" #include "getrrsetbyname.h" - +#include "sha2.h" #ifndef HAVE_BASENAME char *basename(const char *path); @@ -126,13 +131,16 @@ int getgrouplist(const char *, gid_t, gid_t *, int *); int BSDgetopt(int argc, char * const *argv, const char *opts); #endif +#if defined(HAVE_DECL_WRITEV) && HAVE_DECL_WRITEV == 0 +# include <sys/types.h> +# include <sys/uio.h> +int writev(int, struct iovec *, int); +#endif /* Home grown routines */ #include "bsd-misc.h" #include "bsd-waitpid.h" -/*#include <sys/types.h> XXX Still needed? * For uid_t, gid_t * */ - #ifndef HAVE_GETPEEREID int getpeereid(int , uid_t *, gid_t *); #endif @@ -147,13 +155,14 @@ int asprintf(char **, const char *, ...); #endif #ifndef HAVE_OPENPTY +# include <sys/ioctl.h> /* for struct winsize */ int openpty(int *, int *, char *, struct termios *, struct winsize *); #endif /* HAVE_OPENPTY */ /* #include <sys/types.h> XXX needed? For size_t */ #ifndef HAVE_SNPRINTF -int snprintf(char *, size_t, const char *, ...); +int snprintf(char *, size_t, SNPRINTF_CONST char *, ...); #endif #ifndef HAVE_STRTOLL @@ -164,6 +173,10 @@ long long strtoll(const char *, char **, int); long long strtonum(const char *, long long, long long, const char **); #endif +#if !defined(HAVE_VASPRINTF) || !defined(HAVE_VSNPRINTF) +# include <stdarg.h> +#endif + #ifndef HAVE_VASPRINTF int vasprintf(char **, const char *, va_list); #endif @@ -176,16 +189,18 @@ void *xmmap(size_t size); char *xcrypt(const char *password, const char *salt); char *shadow_pw(struct passwd *pw); - /* rfc2553 socket API replacements */ #include "fake-rfc2553.h" /* Routines for a single OS platform */ #include "bsd-cray.h" #include "bsd-cygwin_util.h" -#include "port-irix.h" + #include "port-aix.h" -#include "port-uw.h" +#include "port-irix.h" +#include "port-linux.h" +#include "port-solaris.h" #include "port-tun.h" +#include "port-uw.h" #endif /* _OPENBSD_COMPAT_H */ diff --git a/crypto/openssh/openbsd-compat/openssl-compat.c b/crypto/openssh/openbsd-compat/openssl-compat.c index b690e8f..45ebd3f 100644 --- a/crypto/openssh/openbsd-compat/openssl-compat.c +++ b/crypto/openssh/openbsd-compat/openssl-compat.c @@ -1,4 +1,4 @@ -/* $Id: openssl-compat.c,v 1.2 2005/06/17 11:15:21 dtucker Exp $ */ +/* $Id: openssl-compat.c,v 1.4 2006/02/22 11:24:47 dtucker Exp $ */ /* * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> @@ -18,7 +18,11 @@ #include "includes.h" -#define SSH_DONT_REDEF_EVP +#ifdef USE_OPENSSL_ENGINE +# include <openssl/engine.h> +#endif + +#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS #include "openssl-compat.h" #ifdef SSH_OLD_EVP @@ -44,3 +48,15 @@ ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp) return 1; } #endif + +#ifdef USE_OPENSSL_ENGINE +void +ssh_SSLeay_add_all_algorithms(void) +{ + SSLeay_add_all_algorithms(); + + /* Enable use of crypto hardware */ + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); +} +#endif diff --git a/crypto/openssh/openbsd-compat/openssl-compat.h b/crypto/openssh/openbsd-compat/openssl-compat.h index 8a015ec..c582cd2 100644 --- a/crypto/openssh/openbsd-compat/openssl-compat.h +++ b/crypto/openssh/openbsd-compat/openssl-compat.h @@ -1,4 +1,4 @@ -/* $Id: openssl-compat.h,v 1.3 2005/12/19 06:40:40 dtucker Exp $ */ +/* $Id: openssl-compat.h,v 1.6 2006/02/22 11:24:47 dtucker Exp $ */ /* * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> @@ -54,21 +54,27 @@ extern const EVP_CIPHER *evp_acss(void); * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and * implement the ssh_* equivalents. */ -#ifdef SSH_OLD_EVP - -# ifndef SSH_DONT_REDEF_EVP +#ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS +# ifdef SSH_OLD_EVP # ifdef EVP_Cipher # undef EVP_Cipher # endif - # define EVP_CipherInit(a,b,c,d,e) ssh_EVP_CipherInit((a),(b),(c),(d),(e)) # define EVP_Cipher(a,b,c,d) ssh_EVP_Cipher((a),(b),(c),(d)) # define EVP_CIPHER_CTX_cleanup(a) ssh_EVP_CIPHER_CTX_cleanup((a)) -# endif +# endif /* SSH_OLD_EVP */ + +# ifdef USE_OPENSSL_ENGINE +# ifdef SSLeay_add_all_algorithms +# undef SSLeay_add_all_algorithms +# endif +# define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms() +#endif int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *, unsigned char *, int); int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int); int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); -#endif +void ssh_SSLeay_add_all_algorithms(void); +#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ diff --git a/crypto/openssh/openbsd-compat/port-aix.c b/crypto/openssh/openbsd-compat/port-aix.c index 81d8124..b9fabf6 100644 --- a/crypto/openssh/openbsd-compat/port-aix.c +++ b/crypto/openssh/openbsd-compat/port-aix.c @@ -25,16 +25,36 @@ * */ #include "includes.h" + +#include "xmalloc.h" +#include "buffer.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" #include "ssh.h" #include "log.h" -#include "xmalloc.h" -#include "buffer.h" #ifdef _AIX +#include <errno.h> +#if defined(HAVE_NETDB_H) +# include <netdb.h> +#endif #include <uinfo.h> +#include <stdarg.h> +#include <string.h> +#include <unistd.h> #include <sys/socket.h> + +#ifdef WITH_AIXAUTHENTICATE +# include <login.h> +# include <userpw.h> +# if defined(HAVE_SYS_AUDIT_H) && defined(AIX_LOGINFAILED_4ARG) +# include <sys/audit.h> +# endif +# include <usersec.h> +#endif + #include "port-aix.h" # ifdef HAVE_SETAUTHDB @@ -256,15 +276,17 @@ sys_auth_record_login(const char *user, const char *host, const char *ttynm, Buffer *loginmsg) { char *msg = NULL; + static int msg_done = 0; int success = 0; aix_setauthdb(user); if (loginsuccess((char *)user, (char *)host, (char *)ttynm, &msg) == 0) { success = 1; - if (msg != NULL) { + if (msg != NULL && loginmsg != NULL && !msg_done) { debug("AIX/loginsuccess: msg %s", msg); buffer_append(loginmsg, msg, strlen(msg)); xfree(msg); + msg_done = 1; } } aix_restoreauthdb(); diff --git a/crypto/openssh/openbsd-compat/port-aix.h b/crypto/openssh/openbsd-compat/port-aix.h index 37b2c12..5a04bed 100644 --- a/crypto/openssh/openbsd-compat/port-aix.h +++ b/crypto/openssh/openbsd-compat/port-aix.h @@ -1,4 +1,4 @@ -/* $Id: port-aix.h,v 1.26 2005/05/28 10:28:40 dtucker Exp $ */ +/* $Id: port-aix.h,v 1.27 2006/09/18 13:54:33 dtucker Exp $ */ /* * @@ -31,18 +31,6 @@ #ifdef HAVE_SYS_SOCKET_H # include <sys/socket.h> #endif -#ifdef HAVE_UNISTD_H -# include <unistd.h> /* for seteuid() */ -#endif - -#ifdef WITH_AIXAUTHENTICATE -# include <login.h> -# include <userpw.h> -# if defined(HAVE_SYS_AUDIT_H) && defined(AIX_LOGINFAILED_4ARG) -# include <sys/audit.h> -# endif -# include <usersec.h> -#endif #include "buffer.h" diff --git a/crypto/openssh/openbsd-compat/port-irix.c b/crypto/openssh/openbsd-compat/port-irix.c index aa6db1c..ba751a5 100644 --- a/crypto/openssh/openbsd-compat/port-irix.c +++ b/crypto/openssh/openbsd-compat/port-irix.c @@ -29,6 +29,10 @@ defined(WITH_IRIX_JOBS) || \ defined(WITH_IRIX_ARRAY) +#include <errno.h> +#include <string.h> +#include <unistd.h> + #ifdef WITH_IRIX_PROJECT # include <proj.h> #endif /* WITH_IRIX_PROJECT */ diff --git a/crypto/openssh/openbsd-compat/port-linux.c b/crypto/openssh/openbsd-compat/port-linux.c new file mode 100644 index 0000000..77f3a1c --- /dev/null +++ b/crypto/openssh/openbsd-compat/port-linux.c @@ -0,0 +1,169 @@ +/* $Id: port-linux.c,v 1.3 2006/09/01 05:38:41 djm Exp $ */ + +/* + * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> + * Copyright (c) 2006 Damien Miller <djm@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Linux-specific portability code - just SELinux support at present + */ + +#include "includes.h" + +#include <errno.h> +#include <stdarg.h> +#include <string.h> + +#ifdef WITH_SELINUX +#include "log.h" +#include "port-linux.h" + +#include <selinux/selinux.h> +#include <selinux/flask.h> +#include <selinux/get_context_list.h> + +/* Wrapper around is_selinux_enabled() to log its return value once only */ +static int +ssh_selinux_enabled(void) +{ + static int enabled = -1; + + if (enabled == -1) { + enabled = is_selinux_enabled(); + debug("SELinux support %s", enabled ? "enabled" : "disabled"); + } + + return (enabled); +} + +/* Return the default security context for the given username */ +static security_context_t +ssh_selinux_getctxbyname(char *pwname) +{ + security_context_t sc; + char *sename = NULL, *lvl = NULL; + int r; + +#ifdef HAVE_GETSEUSERBYNAME + if (getseuserbyname(pwname, &sename, &lvl) != 0) + return NULL; +#else + sename = pwname; + lvl = NULL; +#endif + +#ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL + r = get_default_context_with_level(sename, lvl, NULL, &sc); +#else + r = get_default_context(sename, NULL, &sc); +#endif + + if (r != 0) { + switch (security_getenforce()) { + case -1: + fatal("%s: ssh_selinux_getctxbyname: " + "security_getenforce() failed", __func__); + case 0: + error("%s: Failed to get default SELinux security " + "context for %s", __func__, pwname); + default: + fatal("%s: Failed to get default SELinux security " + "context for %s (in enforcing mode)", + __func__, pwname); + } + } + +#ifdef HAVE_GETSEUSERBYNAME + if (sename != NULL) + xfree(sename); + if (lvl != NULL) + xfree(lvl); +#endif + + return (sc); +} + +/* Set the execution context to the default for the specified user */ +void +ssh_selinux_setup_exec_context(char *pwname) +{ + security_context_t user_ctx = NULL; + + if (!ssh_selinux_enabled()) + return; + + debug3("%s: setting execution context", __func__); + + user_ctx = ssh_selinux_getctxbyname(pwname); + if (setexeccon(user_ctx) != 0) { + switch (security_getenforce()) { + case -1: + fatal("%s: security_getenforce() failed", __func__); + case 0: + error("%s: Failed to set SELinux execution " + "context for %s", __func__, pwname); + default: + fatal("%s: Failed to set SELinux execution context " + "for %s (in enforcing mode)", __func__, pwname); + } + } + if (user_ctx != NULL) + freecon(user_ctx); + + debug3("%s: done", __func__); +} + +/* Set the TTY context for the specified user */ +void +ssh_selinux_setup_pty(char *pwname, const char *tty) +{ + security_context_t new_tty_ctx = NULL; + security_context_t user_ctx = NULL; + security_context_t old_tty_ctx = NULL; + + if (!ssh_selinux_enabled()) + return; + + debug3("%s: setting TTY context on %s", __func__, tty); + + user_ctx = ssh_selinux_getctxbyname(pwname); + + /* XXX: should these calls fatal() upon failure in enforcing mode? */ + + if (getfilecon(tty, &old_tty_ctx) == -1) { + error("%s: getfilecon: %s", __func__, strerror(errno)); + goto out; + } + + if (security_compute_relabel(user_ctx, old_tty_ctx, + SECCLASS_CHR_FILE, &new_tty_ctx) != 0) { + error("%s: security_compute_relabel: %s", + __func__, strerror(errno)); + goto out; + } + + if (setfilecon(tty, new_tty_ctx) != 0) + error("%s: setfilecon: %s", __func__, strerror(errno)); + out: + if (new_tty_ctx != NULL) + freecon(new_tty_ctx); + if (old_tty_ctx != NULL) + freecon(old_tty_ctx); + if (user_ctx != NULL) + freecon(user_ctx); + debug3("%s: done", __func__); +} +#endif /* WITH_SELINUX */ diff --git a/crypto/openssh/openbsd-compat/port-linux.h b/crypto/openssh/openbsd-compat/port-linux.h new file mode 100644 index 0000000..05e520e --- /dev/null +++ b/crypto/openssh/openbsd-compat/port-linux.h @@ -0,0 +1,27 @@ +/* $Id: port-linux.h,v 1.1 2006/04/22 11:26:08 djm Exp $ */ + +/* + * Copyright (c) 2006 Damien Miller <djm@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef _PORT_LINUX_H +#define _PORT_LINUX_H + +#ifdef WITH_SELINUX +void ssh_selinux_setup_pty(char *, const char *); +void ssh_selinux_setup_exec_context(char *); +#endif + +#endif /* ! _PORT_LINUX_H */ diff --git a/crypto/openssh/openbsd-compat/port-solaris.c b/crypto/openssh/openbsd-compat/port-solaris.c new file mode 100644 index 0000000..f57433e --- /dev/null +++ b/crypto/openssh/openbsd-compat/port-solaris.c @@ -0,0 +1,190 @@ +/* $Id: port-solaris.c,v 1.2 2006/09/01 05:38:41 djm Exp $ */ + +/* + * Copyright (c) 2006 Chad Mynhier. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "config.h" +#include "includes.h" + +#ifdef USE_SOLARIS_PROCESS_CONTRACTS + +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/param.h> + +#include <errno.h> +#ifdef HAVE_FCNTL_H +# include <fcntl.h> +#endif +#include <stdarg.h> +#include <string.h> +#include <unistd.h> + +#include <libcontract.h> +#include <sys/contract/process.h> +#include <sys/ctfs.h> + +#include "log.h" + +#define CT_TEMPLATE CTFS_ROOT "/process/template" +#define CT_LATEST CTFS_ROOT "/process/latest" + +static int tmpl_fd = -1; + +/* Lookup the latest process contract */ +static ctid_t +get_active_process_contract_id(void) +{ + int stat_fd; + ctid_t ctid = -1; + ct_stathdl_t stathdl; + + if ((stat_fd = open64(CT_LATEST, O_RDONLY)) == -1) { + error("%s: Error opening 'latest' process " + "contract: %s", __func__, strerror(errno)); + return -1; + } + if (ct_status_read(stat_fd, CTD_COMMON, &stathdl) != 0) { + error("%s: Error reading process contract " + "status: %s", __func__, strerror(errno)); + goto out; + } + if ((ctid = ct_status_get_id(stathdl)) < 0) { + error("%s: Error getting process contract id: %s", + __func__, strerror(errno)); + goto out; + } + + ct_status_free(stathdl); + out: + close(stat_fd); + return ctid; +} + +void +solaris_contract_pre_fork(void) +{ + if ((tmpl_fd = open64(CT_TEMPLATE, O_RDWR)) == -1) { + error("%s: open %s: %s", __func__, + CT_TEMPLATE, strerror(errno)); + return; + } + + debug2("%s: setting up process contract template on fd %d", + __func__, tmpl_fd); + + /* We have to set certain attributes before activating the template */ + if (ct_pr_tmpl_set_fatal(tmpl_fd, + CT_PR_EV_HWERR|CT_PR_EV_SIGNAL|CT_PR_EV_CORE) != 0) { + error("%s: Error setting process contract template " + "fatal events: %s", __func__, strerror(errno)); + goto fail; + } + if (ct_tmpl_set_critical(tmpl_fd, CT_PR_EV_HWERR) != 0) { + error("%s: Error setting process contract template " + "critical events: %s", __func__, strerror(errno)); + goto fail; + } + + /* Now make this the active template for this process. */ + if (ct_tmpl_activate(tmpl_fd) != 0) { + error("%s: Error activating process contract " + "template: %s", __func__, strerror(errno)); + goto fail; + } + return; + + fail: + if (tmpl_fd != -1) { + close(tmpl_fd); + tmpl_fd = -1; + } +} + +void +solaris_contract_post_fork_child() +{ + debug2("%s: clearing process contract template on fd %d", + __func__, tmpl_fd); + + /* Clear the active template. */ + if (ct_tmpl_clear(tmpl_fd) != 0) + error("%s: Error clearing active process contract " + "template: %s", __func__, strerror(errno)); + + close(tmpl_fd); + tmpl_fd = -1; +} + +void +solaris_contract_post_fork_parent(pid_t pid) +{ + ctid_t ctid; + char ctl_path[256]; + int r, ctl_fd = -1, stat_fd = -1; + + debug2("%s: clearing template (fd %d)", __func__, tmpl_fd); + + if (tmpl_fd == -1) + return; + + /* First clear the active template. */ + if ((r = ct_tmpl_clear(tmpl_fd)) != 0) + error("%s: Error clearing active process contract " + "template: %s", __func__, strerror(errno)); + + close(tmpl_fd); + tmpl_fd = -1; + + /* + * If either the fork didn't succeed (pid < 0), or clearing + * th active contract failed (r != 0), then we have nothing + * more do. + */ + if (r != 0 || pid <= 0) + return; + + /* Now lookup and abandon the contract we've created. */ + ctid = get_active_process_contract_id(); + + debug2("%s: abandoning contract id %ld", __func__, ctid); + + snprintf(ctl_path, sizeof(ctl_path), + CTFS_ROOT "/process/%ld/ctl", ctid); + if ((ctl_fd = open64(ctl_path, O_WRONLY)) < 0) { + error("%s: Error opening process contract " + "ctl file: %s", __func__, strerror(errno)); + goto fail; + } + if (ct_ctl_abandon(ctl_fd) < 0) { + error("%s: Error abandoning process contract: %s", + __func__, strerror(errno)); + goto fail; + } + close(ctl_fd); + return; + + fail: + if (tmpl_fd != -1) { + close(tmpl_fd); + tmpl_fd = -1; + } + if (stat_fd != -1) + close(stat_fd); + if (ctl_fd != -1) + close(ctl_fd); +} +#endif diff --git a/crypto/openssh/openbsd-compat/port-solaris.h b/crypto/openssh/openbsd-compat/port-solaris.h new file mode 100644 index 0000000..4c32487 --- /dev/null +++ b/crypto/openssh/openbsd-compat/port-solaris.h @@ -0,0 +1,27 @@ +/* $Id: port-solaris.h,v 1.1 2006/08/30 17:24:42 djm Exp $ */ + +/* + * Copyright (c) 2006 Chad Mynhier. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef _PORT_SOLARIS_H + +#include <sys/types.h> + +void solaris_contract_pre_fork(void); +void solaris_contract_post_fork_child(void); +void solaris_contract_post_fork_parent(pid_t pid); + +#endif diff --git a/crypto/openssh/openbsd-compat/port-tun.c b/crypto/openssh/openbsd-compat/port-tun.c index 3192161..276474d 100644 --- a/crypto/openssh/openbsd-compat/port-tun.c +++ b/crypto/openssh/openbsd-compat/port-tun.c @@ -16,9 +16,23 @@ #include "includes.h" +#include <sys/types.h> +#include <sys/ioctl.h> + +#include <netinet/in.h> +#include <arpa/inet.h> +#include <netinet/ip.h> + +#include <errno.h> +#include <fcntl.h> +#include <stdarg.h> +#include <string.h> +#include <unistd.h> + #include "log.h" #include "misc.h" -#include "bufaux.h" +#include "buffer.h" +#include "channels.h" /* * This is the portable version of the SSH tunnel forwarding, it @@ -26,6 +40,7 @@ * settings. * * SSH_TUN_LINUX Use the (newer) Linux tun/tap device + * SSH_TUN_FREEBSD Use the FreeBSD tun/tap device * SSH_TUN_COMPAT_AF Translate the OpenBSD address family * SSH_TUN_PREPEND_AF Prepend/remove the address family */ @@ -93,7 +108,10 @@ sys_tun_open(int tun, int mode) #ifdef SSH_TUN_FREEBSD #include <sys/socket.h> #include <net/if.h> + +#ifdef HAVE_NET_IF_TUN_H #include <net/if_tun.h> +#endif int sys_tun_open(int tun, int mode) diff --git a/crypto/openssh/openbsd-compat/port-tun.h b/crypto/openssh/openbsd-compat/port-tun.h index 86d9272..c53df01 100644 --- a/crypto/openssh/openbsd-compat/port-tun.h +++ b/crypto/openssh/openbsd-compat/port-tun.h @@ -17,7 +17,7 @@ #ifndef _PORT_TUN_H #define _PORT_TUN_H -#include "channels.h" +struct Channel; #if defined(SSH_TUN_LINUX) || defined(SSH_TUN_FREEBSD) # define CUSTOM_SYS_TUN_OPEN diff --git a/crypto/openssh/openbsd-compat/port-uw.c b/crypto/openssh/openbsd-compat/port-uw.c index c644271..6f35239 100644 --- a/crypto/openssh/openbsd-compat/port-uw.c +++ b/crypto/openssh/openbsd-compat/port-uw.c @@ -26,15 +26,26 @@ #include "includes.h" #ifdef HAVE_LIBIAF +#include <sys/types.h> #ifdef HAVE_CRYPT_H -#include <crypt.h> +# include <crypt.h> #endif +#include <pwd.h> +#include <stdarg.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +#include "xmalloc.h" #include "packet.h" #include "buffer.h" +#include "auth-options.h" #include "log.h" #include "servconf.h" +#include "key.h" +#include "hostfile.h" #include "auth.h" -#include "auth-options.h" +#include "ssh.h" int nischeck(char *); diff --git a/crypto/openssh/openbsd-compat/readpassphrase.c b/crypto/openssh/openbsd-compat/readpassphrase.c index 919c017..11bd8f6 100644 --- a/crypto/openssh/openbsd-compat/readpassphrase.c +++ b/crypto/openssh/openbsd-compat/readpassphrase.c @@ -27,7 +27,13 @@ #ifndef HAVE_READPASSPHRASE #include <termios.h> +#include <signal.h> +#include <ctype.h> +#include <fcntl.h> #include <readpassphrase.h> +#include <errno.h> +#include <string.h> +#include <unistd.h> #ifdef TCSASOFT # define _T_FLUSH (TCSAFLUSH|TCSASOFT) diff --git a/crypto/openssh/openbsd-compat/regress/Makefile.in b/crypto/openssh/openbsd-compat/regress/Makefile.in new file mode 100644 index 0000000..bcf214b --- /dev/null +++ b/crypto/openssh/openbsd-compat/regress/Makefile.in @@ -0,0 +1,38 @@ +# $Id: Makefile.in,v 1.4 2006/08/19 09:12:14 dtucker Exp $ + +sysconfdir=@sysconfdir@ +piddir=@piddir@ +srcdir=@srcdir@ +top_srcdir=@top_srcdir@ + +VPATH=@srcdir@ +CC=@CC@ +LD=@LD@ +CFLAGS=@CFLAGS@ +CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@ +EXEEXT=@EXEEXT@ +LIBCOMPAT=../libopenbsd-compat.a +LIBS=@LIBS@ +LDFLAGS=@LDFLAGS@ $(LIBCOMPAT) + +TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \ + strtonumtest$(EXEEXT) + +all: t-exec ${OTHERTESTS} + +%$(EXEEXT): %.c + $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o $@ $< $(LIBCOMPAT) $(LIBS) + +t-exec: $(TESTPROGS) + @echo running compat regress tests + @for TEST in ""$?; do \ + echo "run test $${TEST}" ... 1>&2; \ + ./$${TEST}$(EXEEXT) || exit $$? ; \ + done + @echo finished compat regress tests + +clean: + rm -f *.o *.a core $(TESTPROGS) valid.out + +distclean: clean + rm -f Makefile *~ diff --git a/crypto/openssh/openbsd-compat/regress/closefromtest.c b/crypto/openssh/openbsd-compat/regress/closefromtest.c new file mode 100644 index 0000000..feb1b56 --- /dev/null +++ b/crypto/openssh/openbsd-compat/regress/closefromtest.c @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2006 Darren Tucker + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <sys/types.h> +#include <sys/stat.h> + +#include <fcntl.h> +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + +#define NUM_OPENS 10 + +void +fail(char *msg) +{ + fprintf(stderr, "closefrom: %s\n", msg); + exit(1); +} + +int +main(void) +{ + int i, max, fds[NUM_OPENS]; + char buf[512]; + + for (i = 0; i < NUM_OPENS; i++) + if ((fds[i] = open("/dev/null", "r")) == -1) + exit(0); /* can't test */ + max = i - 1; + + /* should close last fd only */ + closefrom(fds[max]); + if (close(fds[max]) != -1) + fail("failed to close highest fd"); + + /* make sure we can still use remaining descriptors */ + for (i = 0; i < max; i++) + if (read(fds[i], buf, sizeof(buf)) == -1) + fail("closed descriptors it should not have"); + + /* should close all fds */ + closefrom(fds[0]); + for (i = 0; i < NUM_OPENS; i++) + if (close(fds[i]) != -1) + fail("failed to close from lowest fd"); +} diff --git a/crypto/openssh/openbsd-compat/regress/snprintftest.c b/crypto/openssh/openbsd-compat/regress/snprintftest.c new file mode 100644 index 0000000..4ca63e1 --- /dev/null +++ b/crypto/openssh/openbsd-compat/regress/snprintftest.c @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2005 Darren Tucker + * Copyright (c) 2005 Damien Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#define BUFSZ 2048 + +#include <sys/types.h> +#include <stdlib.h> +#include <stdio.h> +#include <stdarg.h> +#include <string.h> + +static int failed = 0; + +static void +fail(const char *m) +{ + fprintf(stderr, "snprintftest: %s\n", m); + failed = 1; +} + +int x_snprintf(char *str, size_t count, const char *fmt, ...) +{ + size_t ret; + va_list ap; + + va_start(ap, fmt); + ret = vsnprintf(str, count, fmt, ap); + va_end(ap); + return ret; +} + +int +main(void) +{ + char b[5]; + char *src; + + snprintf(b,5,"123456789"); + if (b[4] != '\0') + fail("snprintf does not correctly terminate long strings"); + + /* check for read overrun on unterminated string */ + if ((src = malloc(BUFSZ)) == NULL) { + fail("malloc failed"); + } else { + memset(src, 'a', BUFSZ); + snprintf(b, sizeof(b), "%.*s", 1, src); + if (strcmp(b, "a") != 0) + fail("failed with length limit '%%.s'"); + } + + /* check that snprintf and vsnprintf return sane values */ + if (snprintf(b, 1, "%s %d", "hello", 12345) != 11) + fail("snprintf does not return required length"); + if (x_snprintf(b, 1, "%s %d", "hello", 12345) != 11) + fail("vsnprintf does not return required length"); + + return failed; +} diff --git a/crypto/openssh/openbsd-compat/regress/strduptest.c b/crypto/openssh/openbsd-compat/regress/strduptest.c new file mode 100644 index 0000000..7f6d779 --- /dev/null +++ b/crypto/openssh/openbsd-compat/regress/strduptest.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2005 Darren Tucker + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <stdlib.h> +#include <string.h> + +static int fail = 0; + +void +test(const char *a) +{ + char *b; + + b = strdup(a); + if (b == 0) { + fail = 1; + return; + } + if (strcmp(a, b) != 0) + fail = 1; + free(b); +} + +int +main(void) +{ + test(""); + test("a"); + test("\0"); + test("abcdefghijklmnopqrstuvwxyz"); + return fail; +} diff --git a/crypto/openssh/openbsd-compat/regress/strtonumtest.c b/crypto/openssh/openbsd-compat/regress/strtonumtest.c new file mode 100644 index 0000000..cb85851 --- /dev/null +++ b/crypto/openssh/openbsd-compat/regress/strtonumtest.c @@ -0,0 +1,66 @@ +/* $OpenBSD: strtonumtest.c,v 1.1 2004/08/03 20:38:36 otto Exp $ */ +/* + * Copyright (c) 2004 Otto Moerbeek <otto@drijf.net> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* OPENBSD ORIGINAL: regress/lib/libc/strtonum/strtonumtest.c */ + +#include <limits.h> +#include <stdio.h> +#include <stdlib.h> + +int fail; + +void +test(const char *p, long long lb, long long ub, int ok) +{ + long long val; + const char *q; + + val = strtonum(p, lb, ub, &q); + if (ok && q != NULL) { + fprintf(stderr, "%s [%lld-%lld] ", p, lb, ub); + fprintf(stderr, "NUMBER NOT ACCEPTED %s\n", q); + fail = 1; + } else if (!ok && q == NULL) { + fprintf(stderr, "%s [%lld-%lld] %lld ", p, lb, ub, val); + fprintf(stderr, "NUMBER ACCEPTED\n"); + fail = 1; + } +} + +int main(int argc, char *argv[]) +{ + test("1", 0, 10, 1); + test("0", -2, 5, 1); + test("0", 2, 5, 0); + test("0", 2, LLONG_MAX, 0); + test("-2", 0, LLONG_MAX, 0); + test("0", -5, LLONG_MAX, 1); + test("-3", -3, LLONG_MAX, 1); + test("-9223372036854775808", LLONG_MIN, LLONG_MAX, 1); + test("9223372036854775807", LLONG_MIN, LLONG_MAX, 1); + test("-9223372036854775809", LLONG_MIN, LLONG_MAX, 0); + test("9223372036854775808", LLONG_MIN, LLONG_MAX, 0); + test("1000000000000000000000000", LLONG_MIN, LLONG_MAX, 0); + test("-1000000000000000000000000", LLONG_MIN, LLONG_MAX, 0); + test("-2", 10, -1, 0); + test("-2", -10, -1, 1); + test("-20", -10, -1, 0); + test("20", -10, -1, 0); + + return (fail); +} + diff --git a/crypto/openssh/openbsd-compat/rresvport.c b/crypto/openssh/openbsd-compat/rresvport.c index 71cf6e6..5b0275c 100644 --- a/crypto/openssh/openbsd-compat/rresvport.c +++ b/crypto/openssh/openbsd-compat/rresvport.c @@ -35,6 +35,16 @@ #ifndef HAVE_RRESVPORT_AF +#include <sys/types.h> +#include <sys/socket.h> + +#include <netinet/in.h> +#include <arpa/inet.h> + +#include <errno.h> +#include <stdlib.h> +#include <string.h> + #if 0 int rresvport(int *alport) diff --git a/crypto/openssh/openbsd-compat/setproctitle.c b/crypto/openssh/openbsd-compat/setproctitle.c index 6e2b19b..b511f66 100644 --- a/crypto/openssh/openbsd-compat/setproctitle.c +++ b/crypto/openssh/openbsd-compat/setproctitle.c @@ -35,10 +35,13 @@ #ifndef HAVE_SETPROCTITLE +#include <stdarg.h> +#include <stdlib.h> #include <unistd.h> #ifdef HAVE_SYS_PSTAT_H #include <sys/pstat.h> #endif +#include <string.h> #define SPT_NONE 0 /* don't use it at all */ #define SPT_PSTAT 1 /* use pstat(PSTAT_SETCMD, ...) */ @@ -80,7 +83,7 @@ compat_init_setproctitle(int argc, char *argv[]) /* Fail if we can't allocate room for the new environment */ for (i = 0; envp[i] != NULL; i++) ; - if ((environ = malloc(sizeof(*environ) * (i + 1))) == NULL) { + if ((environ = calloc(i + 1, sizeof(*environ))) == NULL) { environ = envp; /* put it back */ return; } diff --git a/crypto/openssh/openbsd-compat/sha2.c b/crypto/openssh/openbsd-compat/sha2.c new file mode 100755 index 0000000..cf8e0ad6 --- /dev/null +++ b/crypto/openssh/openbsd-compat/sha2.c @@ -0,0 +1,882 @@ +/* $OpenBSD: sha2.c,v 1.11 2005/08/08 08:05:35 espie Exp $ */ + +/* + * FILE: sha2.c + * AUTHOR: Aaron D. Gifford <me@aarongifford.com> + * + * Copyright (c) 2000-2001, Aaron D. Gifford + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the names of contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $From: sha2.c,v 1.1 2001/11/08 00:01:51 adg Exp adg $ + */ + +/* OPENBSD ORIGINAL: lib/libc/hash/sha2.c */ + +#include "includes.h" + +#include <openssl/opensslv.h> + +#if !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \ + (OPENSSL_VERSION_NUMBER >= 0x00907000L) +#include <sys/types.h> +#include <string.h> +#include "sha2.h" + +/* + * UNROLLED TRANSFORM LOOP NOTE: + * You can define SHA2_UNROLL_TRANSFORM to use the unrolled transform + * loop version for the hash transform rounds (defined using macros + * later in this file). Either define on the command line, for example: + * + * cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c + * + * or define below: + * + * #define SHA2_UNROLL_TRANSFORM + * + */ + +/*** SHA-256/384/512 Machine Architecture Definitions *****************/ +/* + * BYTE_ORDER NOTE: + * + * Please make sure that your system defines BYTE_ORDER. If your + * architecture is little-endian, make sure it also defines + * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are + * equivilent. + * + * If your system does not define the above, then you can do so by + * hand like this: + * + * #define LITTLE_ENDIAN 1234 + * #define BIG_ENDIAN 4321 + * + * And for little-endian machines, add: + * + * #define BYTE_ORDER LITTLE_ENDIAN + * + * Or for big-endian machines: + * + * #define BYTE_ORDER BIG_ENDIAN + * + * The FreeBSD machine this was written on defines BYTE_ORDER + * appropriately by including <sys/types.h> (which in turn includes + * <machine/endian.h> where the appropriate definitions are actually + * made). + */ +#if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN) +#error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN +#endif + + +/*** SHA-256/384/512 Various Length Definitions ***********************/ +/* NOTE: Most of these are in sha2.h */ +#define SHA256_SHORT_BLOCK_LENGTH (SHA256_BLOCK_LENGTH - 8) +#define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16) +#define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16) + +/*** ENDIAN SPECIFIC COPY MACROS **************************************/ +#define BE_8_TO_32(dst, cp) do { \ + (dst) = (u_int32_t)(cp)[3] | ((u_int32_t)(cp)[2] << 8) | \ + ((u_int32_t)(cp)[1] << 16) | ((u_int32_t)(cp)[0] << 24); \ +} while(0) + +#define BE_8_TO_64(dst, cp) do { \ + (dst) = (u_int64_t)(cp)[7] | ((u_int64_t)(cp)[6] << 8) | \ + ((u_int64_t)(cp)[5] << 16) | ((u_int64_t)(cp)[4] << 24) | \ + ((u_int64_t)(cp)[3] << 32) | ((u_int64_t)(cp)[2] << 40) | \ + ((u_int64_t)(cp)[1] << 48) | ((u_int64_t)(cp)[0] << 56); \ +} while (0) + +#define BE_64_TO_8(cp, src) do { \ + (cp)[0] = (src) >> 56; \ + (cp)[1] = (src) >> 48; \ + (cp)[2] = (src) >> 40; \ + (cp)[3] = (src) >> 32; \ + (cp)[4] = (src) >> 24; \ + (cp)[5] = (src) >> 16; \ + (cp)[6] = (src) >> 8; \ + (cp)[7] = (src); \ +} while (0) + +#define BE_32_TO_8(cp, src) do { \ + (cp)[0] = (src) >> 24; \ + (cp)[1] = (src) >> 16; \ + (cp)[2] = (src) >> 8; \ + (cp)[3] = (src); \ +} while (0) + +/* + * Macro for incrementally adding the unsigned 64-bit integer n to the + * unsigned 128-bit integer (represented using a two-element array of + * 64-bit words): + */ +#define ADDINC128(w,n) do { \ + (w)[0] += (u_int64_t)(n); \ + if ((w)[0] < (n)) { \ + (w)[1]++; \ + } \ +} while (0) + +/*** THE SIX LOGICAL FUNCTIONS ****************************************/ +/* + * Bit shifting and rotation (used by the six SHA-XYZ logical functions: + * + * NOTE: The naming of R and S appears backwards here (R is a SHIFT and + * S is a ROTATION) because the SHA-256/384/512 description document + * (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this + * same "backwards" definition. + */ +/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */ +#define R(b,x) ((x) >> (b)) +/* 32-bit Rotate-right (used in SHA-256): */ +#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b)))) +/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */ +#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b)))) + +/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */ +#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) + +/* Four of six logical functions used in SHA-256: */ +#define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x))) +#define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x))) +#define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x))) +#define sigma1_256(x) (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x))) + +/* Four of six logical functions used in SHA-384 and SHA-512: */ +#define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x))) +#define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x))) +#define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x))) +#define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x))) + + +/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/ +/* Hash constant words K for SHA-256: */ +const static u_int32_t K256[64] = { + 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, + 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, + 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, + 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, + 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, + 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, + 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, + 0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL, + 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, + 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, + 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, + 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, + 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, + 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, + 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, + 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL +}; + +/* Initial hash value H for SHA-256: */ +const static u_int32_t sha256_initial_hash_value[8] = { + 0x6a09e667UL, + 0xbb67ae85UL, + 0x3c6ef372UL, + 0xa54ff53aUL, + 0x510e527fUL, + 0x9b05688cUL, + 0x1f83d9abUL, + 0x5be0cd19UL +}; + +/* Hash constant words K for SHA-384 and SHA-512: */ +const static u_int64_t K512[80] = { + 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, + 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, + 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, + 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, + 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, + 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, + 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, + 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, + 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, + 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, + 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, + 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, + 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, + 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, + 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, + 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, + 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, + 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, + 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, + 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, + 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, + 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, + 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL, + 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, + 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, + 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, + 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, + 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, + 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, + 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, + 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, + 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, + 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, + 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, + 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, + 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, + 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, + 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, + 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, + 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL +}; + +/* Initial hash value H for SHA-384 */ +const static u_int64_t sha384_initial_hash_value[8] = { + 0xcbbb9d5dc1059ed8ULL, + 0x629a292a367cd507ULL, + 0x9159015a3070dd17ULL, + 0x152fecd8f70e5939ULL, + 0x67332667ffc00b31ULL, + 0x8eb44a8768581511ULL, + 0xdb0c2e0d64f98fa7ULL, + 0x47b5481dbefa4fa4ULL +}; + +/* Initial hash value H for SHA-512 */ +const static u_int64_t sha512_initial_hash_value[8] = { + 0x6a09e667f3bcc908ULL, + 0xbb67ae8584caa73bULL, + 0x3c6ef372fe94f82bULL, + 0xa54ff53a5f1d36f1ULL, + 0x510e527fade682d1ULL, + 0x9b05688c2b3e6c1fULL, + 0x1f83d9abfb41bd6bULL, + 0x5be0cd19137e2179ULL +}; + + +/*** SHA-256: *********************************************************/ +void +SHA256_Init(SHA256_CTX *context) +{ + if (context == NULL) + return; + memcpy(context->state, sha256_initial_hash_value, + sizeof(sha256_initial_hash_value)); + memset(context->buffer, 0, sizeof(context->buffer)); + context->bitcount = 0; +} + +#ifdef SHA2_UNROLL_TRANSFORM + +/* Unrolled SHA-256 round macros: */ + +#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) do { \ + BE_8_TO_32(W256[j], data); \ + data += 4; \ + T1 = (h) + Sigma1_256((e)) + Ch((e), (f), (g)) + K256[j] + W256[j]; \ + (d) += T1; \ + (h) = T1 + Sigma0_256((a)) + Maj((a), (b), (c)); \ + j++; \ +} while(0) + +#define ROUND256(a,b,c,d,e,f,g,h) do { \ + s0 = W256[(j+1)&0x0f]; \ + s0 = sigma0_256(s0); \ + s1 = W256[(j+14)&0x0f]; \ + s1 = sigma1_256(s1); \ + T1 = (h) + Sigma1_256((e)) + Ch((e), (f), (g)) + K256[j] + \ + (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \ + (d) += T1; \ + (h) = T1 + Sigma0_256((a)) + Maj((a), (b), (c)); \ + j++; \ +} while(0) + +void +SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH]) +{ + u_int32_t a, b, c, d, e, f, g, h, s0, s1; + u_int32_t T1, W256[16]; + int j; + + /* Initialize registers with the prev. intermediate value */ + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + f = state[5]; + g = state[6]; + h = state[7]; + + j = 0; + do { + /* Rounds 0 to 15 (unrolled): */ + ROUND256_0_TO_15(a,b,c,d,e,f,g,h); + ROUND256_0_TO_15(h,a,b,c,d,e,f,g); + ROUND256_0_TO_15(g,h,a,b,c,d,e,f); + ROUND256_0_TO_15(f,g,h,a,b,c,d,e); + ROUND256_0_TO_15(e,f,g,h,a,b,c,d); + ROUND256_0_TO_15(d,e,f,g,h,a,b,c); + ROUND256_0_TO_15(c,d,e,f,g,h,a,b); + ROUND256_0_TO_15(b,c,d,e,f,g,h,a); + } while (j < 16); + + /* Now for the remaining rounds up to 63: */ + do { + ROUND256(a,b,c,d,e,f,g,h); + ROUND256(h,a,b,c,d,e,f,g); + ROUND256(g,h,a,b,c,d,e,f); + ROUND256(f,g,h,a,b,c,d,e); + ROUND256(e,f,g,h,a,b,c,d); + ROUND256(d,e,f,g,h,a,b,c); + ROUND256(c,d,e,f,g,h,a,b); + ROUND256(b,c,d,e,f,g,h,a); + } while (j < 64); + + /* Compute the current intermediate hash value */ + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + state[4] += e; + state[5] += f; + state[6] += g; + state[7] += h; + + /* Clean up */ + a = b = c = d = e = f = g = h = T1 = 0; +} + +#else /* SHA2_UNROLL_TRANSFORM */ + +void +SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH]) +{ + u_int32_t a, b, c, d, e, f, g, h, s0, s1; + u_int32_t T1, T2, W256[16]; + int j; + + /* Initialize registers with the prev. intermediate value */ + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + f = state[5]; + g = state[6]; + h = state[7]; + + j = 0; + do { + BE_8_TO_32(W256[j], data); + data += 4; + /* Apply the SHA-256 compression function to update a..h */ + T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j]; + T2 = Sigma0_256(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 16); + + do { + /* Part of the message block expansion: */ + s0 = W256[(j+1)&0x0f]; + s0 = sigma0_256(s0); + s1 = W256[(j+14)&0x0f]; + s1 = sigma1_256(s1); + + /* Apply the SHA-256 compression function to update a..h */ + T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + + (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); + T2 = Sigma0_256(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 64); + + /* Compute the current intermediate hash value */ + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + state[4] += e; + state[5] += f; + state[6] += g; + state[7] += h; + + /* Clean up */ + a = b = c = d = e = f = g = h = T1 = T2 = 0; +} + +#endif /* SHA2_UNROLL_TRANSFORM */ + +void +SHA256_Update(SHA256_CTX *context, const u_int8_t *data, size_t len) +{ + size_t freespace, usedspace; + + /* Calling with no data is valid (we do nothing) */ + if (len == 0) + return; + + usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH; + if (usedspace > 0) { + /* Calculate how much free space is available in the buffer */ + freespace = SHA256_BLOCK_LENGTH - usedspace; + + if (len >= freespace) { + /* Fill the buffer completely and process it */ + memcpy(&context->buffer[usedspace], data, freespace); + context->bitcount += freespace << 3; + len -= freespace; + data += freespace; + SHA256_Transform(context->state, context->buffer); + } else { + /* The buffer is not yet full */ + memcpy(&context->buffer[usedspace], data, len); + context->bitcount += len << 3; + /* Clean up: */ + usedspace = freespace = 0; + return; + } + } + while (len >= SHA256_BLOCK_LENGTH) { + /* Process as many complete blocks as we can */ + SHA256_Transform(context->state, data); + context->bitcount += SHA256_BLOCK_LENGTH << 3; + len -= SHA256_BLOCK_LENGTH; + data += SHA256_BLOCK_LENGTH; + } + if (len > 0) { + /* There's left-overs, so save 'em */ + memcpy(context->buffer, data, len); + context->bitcount += len << 3; + } + /* Clean up: */ + usedspace = freespace = 0; +} + +void +SHA256_Pad(SHA256_CTX *context) +{ + unsigned int usedspace; + + usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH; + if (usedspace > 0) { + /* Begin padding with a 1 bit: */ + context->buffer[usedspace++] = 0x80; + + if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) { + /* Set-up for the last transform: */ + memset(&context->buffer[usedspace], 0, + SHA256_SHORT_BLOCK_LENGTH - usedspace); + } else { + if (usedspace < SHA256_BLOCK_LENGTH) { + memset(&context->buffer[usedspace], 0, + SHA256_BLOCK_LENGTH - usedspace); + } + /* Do second-to-last transform: */ + SHA256_Transform(context->state, context->buffer); + + /* Prepare for last transform: */ + memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH); + } + } else { + /* Set-up for the last transform: */ + memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH); + + /* Begin padding with a 1 bit: */ + *context->buffer = 0x80; + } + /* Store the length of input data (in bits) in big endian format: */ + BE_64_TO_8(&context->buffer[SHA256_SHORT_BLOCK_LENGTH], + context->bitcount); + + /* Final transform: */ + SHA256_Transform(context->state, context->buffer); + + /* Clean up: */ + usedspace = 0; +} + +void +SHA256_Final(u_int8_t digest[SHA256_DIGEST_LENGTH], SHA256_CTX *context) +{ + SHA256_Pad(context); + + /* If no digest buffer is passed, we don't bother doing this: */ + if (digest != NULL) { +#if BYTE_ORDER == LITTLE_ENDIAN + int i; + + /* Convert TO host byte order */ + for (i = 0; i < 8; i++) + BE_32_TO_8(digest + i * 4, context->state[i]); +#else + memcpy(digest, context->state, SHA256_DIGEST_LENGTH); +#endif + memset(context, 0, sizeof(*context)); + } +} + + +/*** SHA-512: *********************************************************/ +void +SHA512_Init(SHA512_CTX *context) +{ + if (context == NULL) + return; + memcpy(context->state, sha512_initial_hash_value, + sizeof(sha512_initial_hash_value)); + memset(context->buffer, 0, sizeof(context->buffer)); + context->bitcount[0] = context->bitcount[1] = 0; +} + +#ifdef SHA2_UNROLL_TRANSFORM + +/* Unrolled SHA-512 round macros: */ + +#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) do { \ + BE_8_TO_64(W512[j], data); \ + data += 8; \ + T1 = (h) + Sigma1_512((e)) + Ch((e), (f), (g)) + K512[j] + W512[j]; \ + (d) += T1; \ + (h) = T1 + Sigma0_512((a)) + Maj((a), (b), (c)); \ + j++; \ +} while(0) + + +#define ROUND512(a,b,c,d,e,f,g,h) do { \ + s0 = W512[(j+1)&0x0f]; \ + s0 = sigma0_512(s0); \ + s1 = W512[(j+14)&0x0f]; \ + s1 = sigma1_512(s1); \ + T1 = (h) + Sigma1_512((e)) + Ch((e), (f), (g)) + K512[j] + \ + (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \ + (d) += T1; \ + (h) = T1 + Sigma0_512((a)) + Maj((a), (b), (c)); \ + j++; \ +} while(0) + +void +SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH]) +{ + u_int64_t a, b, c, d, e, f, g, h, s0, s1; + u_int64_t T1, W512[16]; + int j; + + /* Initialize registers with the prev. intermediate value */ + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + f = state[5]; + g = state[6]; + h = state[7]; + + j = 0; + do { + /* Rounds 0 to 15 (unrolled): */ + ROUND512_0_TO_15(a,b,c,d,e,f,g,h); + ROUND512_0_TO_15(h,a,b,c,d,e,f,g); + ROUND512_0_TO_15(g,h,a,b,c,d,e,f); + ROUND512_0_TO_15(f,g,h,a,b,c,d,e); + ROUND512_0_TO_15(e,f,g,h,a,b,c,d); + ROUND512_0_TO_15(d,e,f,g,h,a,b,c); + ROUND512_0_TO_15(c,d,e,f,g,h,a,b); + ROUND512_0_TO_15(b,c,d,e,f,g,h,a); + } while (j < 16); + + /* Now for the remaining rounds up to 79: */ + do { + ROUND512(a,b,c,d,e,f,g,h); + ROUND512(h,a,b,c,d,e,f,g); + ROUND512(g,h,a,b,c,d,e,f); + ROUND512(f,g,h,a,b,c,d,e); + ROUND512(e,f,g,h,a,b,c,d); + ROUND512(d,e,f,g,h,a,b,c); + ROUND512(c,d,e,f,g,h,a,b); + ROUND512(b,c,d,e,f,g,h,a); + } while (j < 80); + + /* Compute the current intermediate hash value */ + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + state[4] += e; + state[5] += f; + state[6] += g; + state[7] += h; + + /* Clean up */ + a = b = c = d = e = f = g = h = T1 = 0; +} + +#else /* SHA2_UNROLL_TRANSFORM */ + +void +SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH]) +{ + u_int64_t a, b, c, d, e, f, g, h, s0, s1; + u_int64_t T1, T2, W512[16]; + int j; + + /* Initialize registers with the prev. intermediate value */ + a = state[0]; + b = state[1]; + c = state[2]; + d = state[3]; + e = state[4]; + f = state[5]; + g = state[6]; + h = state[7]; + + j = 0; + do { + BE_8_TO_64(W512[j], data); + data += 8; + /* Apply the SHA-512 compression function to update a..h */ + T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j]; + T2 = Sigma0_512(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 16); + + do { + /* Part of the message block expansion: */ + s0 = W512[(j+1)&0x0f]; + s0 = sigma0_512(s0); + s1 = W512[(j+14)&0x0f]; + s1 = sigma1_512(s1); + + /* Apply the SHA-512 compression function to update a..h */ + T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + + (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); + T2 = Sigma0_512(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 80); + + /* Compute the current intermediate hash value */ + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; + state[4] += e; + state[5] += f; + state[6] += g; + state[7] += h; + + /* Clean up */ + a = b = c = d = e = f = g = h = T1 = T2 = 0; +} + +#endif /* SHA2_UNROLL_TRANSFORM */ + +void +SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len) +{ + size_t freespace, usedspace; + + /* Calling with no data is valid (we do nothing) */ + if (len == 0) + return; + + usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH; + if (usedspace > 0) { + /* Calculate how much free space is available in the buffer */ + freespace = SHA512_BLOCK_LENGTH - usedspace; + + if (len >= freespace) { + /* Fill the buffer completely and process it */ + memcpy(&context->buffer[usedspace], data, freespace); + ADDINC128(context->bitcount, freespace << 3); + len -= freespace; + data += freespace; + SHA512_Transform(context->state, context->buffer); + } else { + /* The buffer is not yet full */ + memcpy(&context->buffer[usedspace], data, len); + ADDINC128(context->bitcount, len << 3); + /* Clean up: */ + usedspace = freespace = 0; + return; + } + } + while (len >= SHA512_BLOCK_LENGTH) { + /* Process as many complete blocks as we can */ + SHA512_Transform(context->state, data); + ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3); + len -= SHA512_BLOCK_LENGTH; + data += SHA512_BLOCK_LENGTH; + } + if (len > 0) { + /* There's left-overs, so save 'em */ + memcpy(context->buffer, data, len); + ADDINC128(context->bitcount, len << 3); + } + /* Clean up: */ + usedspace = freespace = 0; +} + +void +SHA512_Pad(SHA512_CTX *context) +{ + unsigned int usedspace; + + usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH; + if (usedspace > 0) { + /* Begin padding with a 1 bit: */ + context->buffer[usedspace++] = 0x80; + + if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) { + /* Set-up for the last transform: */ + memset(&context->buffer[usedspace], 0, SHA512_SHORT_BLOCK_LENGTH - usedspace); + } else { + if (usedspace < SHA512_BLOCK_LENGTH) { + memset(&context->buffer[usedspace], 0, SHA512_BLOCK_LENGTH - usedspace); + } + /* Do second-to-last transform: */ + SHA512_Transform(context->state, context->buffer); + + /* And set-up for the last transform: */ + memset(context->buffer, 0, SHA512_BLOCK_LENGTH - 2); + } + } else { + /* Prepare for final transform: */ + memset(context->buffer, 0, SHA512_SHORT_BLOCK_LENGTH); + + /* Begin padding with a 1 bit: */ + *context->buffer = 0x80; + } + /* Store the length of input data (in bits) in big endian format: */ + BE_64_TO_8(&context->buffer[SHA512_SHORT_BLOCK_LENGTH], + context->bitcount[1]); + BE_64_TO_8(&context->buffer[SHA512_SHORT_BLOCK_LENGTH + 8], + context->bitcount[0]); + + /* Final transform: */ + SHA512_Transform(context->state, context->buffer); + + /* Clean up: */ + usedspace = 0; +} + +void +SHA512_Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA512_CTX *context) +{ + SHA512_Pad(context); + + /* If no digest buffer is passed, we don't bother doing this: */ + if (digest != NULL) { +#if BYTE_ORDER == LITTLE_ENDIAN + int i; + + /* Convert TO host byte order */ + for (i = 0; i < 8; i++) + BE_64_TO_8(digest + i * 8, context->state[i]); +#else + memcpy(digest, context->state, SHA512_DIGEST_LENGTH); +#endif + memset(context, 0, sizeof(*context)); + } +} + + +#if 0 +/*** SHA-384: *********************************************************/ +void +SHA384_Init(SHA384_CTX *context) +{ + if (context == NULL) + return; + memcpy(context->state, sha384_initial_hash_value, + sizeof(sha384_initial_hash_value)); + memset(context->buffer, 0, sizeof(context->buffer)); + context->bitcount[0] = context->bitcount[1] = 0; +} + +__weak_alias(SHA384_Transform, SHA512_Transform); +__weak_alias(SHA384_Update, SHA512_Update); +__weak_alias(SHA384_Pad, SHA512_Pad); + +void +SHA384_Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA384_CTX *context) +{ + SHA384_Pad(context); + + /* If no digest buffer is passed, we don't bother doing this: */ + if (digest != NULL) { +#if BYTE_ORDER == LITTLE_ENDIAN + int i; + + /* Convert TO host byte order */ + for (i = 0; i < 6; i++) + BE_64_TO_8(digest + i * 8, context->state[i]); +#else + memcpy(digest, context->state, SHA384_DIGEST_LENGTH); +#endif + } + + /* Zero out state data */ + memset(context, 0, sizeof(*context)); +} +#endif + +#endif /* !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \ + (OPENSSL_VERSION_NUMBER >= 0x00907000L) */ diff --git a/crypto/openssh/openbsd-compat/sha2.h b/crypto/openssh/openbsd-compat/sha2.h new file mode 100755 index 0000000..821f2dd --- /dev/null +++ b/crypto/openssh/openbsd-compat/sha2.h @@ -0,0 +1,133 @@ +/* $OpenBSD: sha2.h,v 1.6 2004/06/22 01:57:30 jfb Exp $ */ + +/* + * FILE: sha2.h + * AUTHOR: Aaron D. Gifford <me@aarongifford.com> + * + * Copyright (c) 2000-2001, Aaron D. Gifford + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the names of contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $From: sha2.h,v 1.1 2001/11/08 00:02:01 adg Exp adg $ + */ + +/* OPENBSD ORIGINAL: include/sha2.h */ + +#ifndef _SSHSHA2_H +#define _SSHSHA2_H + +#include "includes.h" + +#include <openssl/opensslv.h> + +#if !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \ + (OPENSSL_VERSION_NUMBER >= 0x00907000L) + +/*** SHA-256/384/512 Various Length Definitions ***********************/ +#define SHA256_BLOCK_LENGTH 64 +#define SHA256_DIGEST_LENGTH 32 +#define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1) +#define SHA384_BLOCK_LENGTH 128 +#define SHA384_DIGEST_LENGTH 48 +#define SHA384_DIGEST_STRING_LENGTH (SHA384_DIGEST_LENGTH * 2 + 1) +#define SHA512_BLOCK_LENGTH 128 +#define SHA512_DIGEST_LENGTH 64 +#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1) + + +/*** SHA-256/384/512 Context Structures *******************************/ +typedef struct _SHA256_CTX { + u_int32_t state[8]; + u_int64_t bitcount; + u_int8_t buffer[SHA256_BLOCK_LENGTH]; +} SHA256_CTX; +typedef struct _SHA512_CTX { + u_int64_t state[8]; + u_int64_t bitcount[2]; + u_int8_t buffer[SHA512_BLOCK_LENGTH]; +} SHA512_CTX; + +#if 0 +typedef SHA512_CTX SHA384_CTX; +#endif + +void SHA256_Init(SHA256_CTX *); +void SHA256_Transform(u_int32_t state[8], const u_int8_t [SHA256_BLOCK_LENGTH]); +void SHA256_Update(SHA256_CTX *, const u_int8_t *, size_t) + __attribute__((__bounded__(__string__,2,3))); +void SHA256_Pad(SHA256_CTX *); +void SHA256_Final(u_int8_t [SHA256_DIGEST_LENGTH], SHA256_CTX *) + __attribute__((__bounded__(__minbytes__,1,SHA256_DIGEST_LENGTH))); +char *SHA256_End(SHA256_CTX *, char *) + __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH))); +char *SHA256_File(const char *, char *) + __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH))); +char *SHA256_FileChunk(const char *, char *, off_t, off_t) + __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH))); +char *SHA256_Data(const u_int8_t *, size_t, char *) + __attribute__((__bounded__(__string__,1,2))) + __attribute__((__bounded__(__minbytes__,3,SHA256_DIGEST_STRING_LENGTH))); + +#if 0 +void SHA384_Init(SHA384_CTX *); +void SHA384_Transform(u_int64_t state[8], const u_int8_t [SHA384_BLOCK_LENGTH]); +void SHA384_Update(SHA384_CTX *, const u_int8_t *, size_t) + __attribute__((__bounded__(__string__,2,3))); +void SHA384_Pad(SHA384_CTX *); +void SHA384_Final(u_int8_t [SHA384_DIGEST_LENGTH], SHA384_CTX *) + __attribute__((__bounded__(__minbytes__,1,SHA384_DIGEST_LENGTH))); +char *SHA384_End(SHA384_CTX *, char *) + __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH))); +char *SHA384_File(const char *, char *) + __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH))); +char *SHA384_FileChunk(const char *, char *, off_t, off_t) + __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH))); +char *SHA384_Data(const u_int8_t *, size_t, char *) + __attribute__((__bounded__(__string__,1,2))) + __attribute__((__bounded__(__minbytes__,3,SHA384_DIGEST_STRING_LENGTH))); +#endif /* 0 */ + +void SHA512_Init(SHA512_CTX *); +void SHA512_Transform(u_int64_t state[8], const u_int8_t [SHA512_BLOCK_LENGTH]); +void SHA512_Update(SHA512_CTX *, const u_int8_t *, size_t) + __attribute__((__bounded__(__string__,2,3))); +void SHA512_Pad(SHA512_CTX *); +void SHA512_Final(u_int8_t [SHA512_DIGEST_LENGTH], SHA512_CTX *) + __attribute__((__bounded__(__minbytes__,1,SHA512_DIGEST_LENGTH))); +char *SHA512_End(SHA512_CTX *, char *) + __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH))); +char *SHA512_File(const char *, char *) + __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH))); +char *SHA512_FileChunk(const char *, char *, off_t, off_t) + __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH))); +char *SHA512_Data(const u_int8_t *, size_t, char *) + __attribute__((__bounded__(__string__,1,2))) + __attribute__((__bounded__(__minbytes__,3,SHA512_DIGEST_STRING_LENGTH))); + +#endif /* !defined(HAVE_EVP_SHA256) && !defined(HAVE_SHA256_UPDATE) && \ + (OPENSSL_VERSION_NUMBER >= 0x00907000L) */ + +#endif /* _SSHSHA2_H */ diff --git a/crypto/openssh/openbsd-compat/strtonum.c b/crypto/openssh/openbsd-compat/strtonum.c index 8ad0d005..87f2f24 100644 --- a/crypto/openssh/openbsd-compat/strtonum.c +++ b/crypto/openssh/openbsd-compat/strtonum.c @@ -20,8 +20,11 @@ /* OPENBSD ORIGINAL: lib/libc/stdlib/strtonum.c */ #include "includes.h" + #ifndef HAVE_STRTONUM +#include <stdlib.h> #include <limits.h> +#include <errno.h> #define INVALID 1 #define TOOSMALL 2 diff --git a/crypto/openssh/openbsd-compat/xcrypt.c b/crypto/openssh/openbsd-compat/xcrypt.c index 9afa0b9..1489932 100644 --- a/crypto/openssh/openbsd-compat/xcrypt.c +++ b/crypto/openssh/openbsd-compat/xcrypt.c @@ -24,6 +24,10 @@ #include "includes.h" +#include <sys/types.h> +#include <unistd.h> +#include <pwd.h> + # ifdef HAVE_CRYPT_H # include <crypt.h> # endif diff --git a/crypto/openssh/openbsd-compat/xmmap.c b/crypto/openssh/openbsd-compat/xmmap.c index 74e8a8b..0fb2326 100644 --- a/crypto/openssh/openbsd-compat/xmmap.c +++ b/crypto/openssh/openbsd-compat/xmmap.c @@ -23,21 +23,31 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $Id: xmmap.c,v 1.6 2004/10/06 13:15:44 dtucker Exp $ */ +/* $Id: xmmap.c,v 1.12 2006/08/24 09:58:36 dtucker Exp $ */ #include "includes.h" +#include <sys/types.h> #ifdef HAVE_SYS_MMAN_H #include <sys/mman.h> #endif +#include <sys/stat.h> + +#ifdef HAVE_FCNTL_H +# include <fcntl.h> +#endif +#include <errno.h> +#include <stdarg.h> +#include <string.h> +#include <unistd.h> #include "log.h" void *xmmap(size_t size) { +#ifdef HAVE_MMAP void *address; -#ifdef HAVE_MMAP # ifdef MAP_ANON address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, (off_t)0); diff --git a/crypto/openssh/openssh.xml.in b/crypto/openssh/openssh.xml.in new file mode 100644 index 0000000..655ee5c --- /dev/null +++ b/crypto/openssh/openssh.xml.in @@ -0,0 +1,87 @@ +<?xml version='1.0'?> +<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> +<!-- + Copyright (c) 2006 Chad Mynhier. + + Permission to use, copy, modify, and distribute this software for any + purpose with or without fee is hereby granted, provided that the above + copyright notice and this permission notice appear in all copies. + + THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +--> + +<service_bundle type='manifest' name='OpenSSH server'> + + <service + name='site/openssh' + type='service' + version='1'> + + <create_default_instance enabled='false'/> + + <single_instance/> + + <dependency + name='filesystem-local' + grouping='require_all' + restart_on='none' + type='service'> + <service_fmri value='svc:/system/filesystem/local'/> + </dependency> + + <dependency + name='network' + grouping='require_all' + restart_on='none' + type='service'> + <service_fmri value='svc:/milestone/network'/> + </dependency> + + <dependent + name='multi-user-server' + restart_on='none' + grouping='optional_all'> + <service_fmri value='svc:/milestone/multi-user-server'/> + </dependent> + + <exec_method + name='start' + type='method' + exec='/lib/svc/method/site/opensshd start' + timeout_seconds='60'> + <method_context/> + </exec_method> + + <exec_method + name='stop' + type='method' + exec=':kill' + timeout_seconds='60'> + <method_context/> + </exec_method> + + <property_group + name='startd' + type='framework'> + <propval name='ignore_error' type='astring' value='core,signal'/> + </property_group> + + <template> + <common_name> + <loctext xml:lang='C'>OpenSSH server</loctext> + </common_name> + <documentation> + <manpage + title='sshd' + section='1M' + manpath='@prefix@/man'/> + </documentation> + </template> + </service> +</service_bundle> diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c index db2aa24..ab5a010 100644 --- a/crypto/openssh/packet.c +++ b/crypto/openssh/packet.c @@ -1,3 +1,4 @@ +/* $OpenBSD: packet.c,v 1.145 2006/09/19 21:14:08 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -37,26 +38,40 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.120 2005/10/30 08:52:17 djm Exp $"); - + +#include <sys/types.h> #include "openbsd-compat/sys-queue.h" +#include <sys/param.h> +#include <sys/socket.h> +#ifdef HAVE_SYS_TIME_H +# include <sys/time.h> +#endif + +#include <netinet/in_systm.h> +#include <netinet/in.h> +#include <netinet/ip.h> +#include <arpa/inet.h> + +#include <errno.h> +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <signal.h> #include "xmalloc.h" #include "buffer.h" #include "packet.h" -#include "bufaux.h" #include "crc32.h" -#include "getput.h" - #include "compress.h" #include "deattack.h" #include "channels.h" - #include "compat.h" #include "ssh1.h" #include "ssh2.h" - #include "cipher.h" +#include "key.h" #include "kex.h" #include "mac.h" #include "log.h" @@ -258,6 +273,7 @@ packet_get_keyiv_len(int mode) return (cipher_get_keyiv_len(cc)); } + void packet_set_iv(int mode, u_char *dat) { @@ -270,6 +286,7 @@ packet_set_iv(int mode, u_char *dat) cipher_set_keyiv(cc, dat); } + int packet_get_ssh1_cipher(void) { @@ -471,31 +488,37 @@ packet_put_char(int value) buffer_append(&outgoing_packet, &ch, 1); } + void packet_put_int(u_int value) { buffer_put_int(&outgoing_packet, value); } + void packet_put_string(const void *buf, u_int len) { buffer_put_string(&outgoing_packet, buf, len); } + void packet_put_cstring(const char *str) { buffer_put_cstring(&outgoing_packet, str); } + void packet_put_raw(const void *buf, u_int len) { buffer_append(&outgoing_packet, buf, len); } + void packet_put_bignum(BIGNUM * value) { buffer_put_bignum(&outgoing_packet, value); } + void packet_put_bignum2(BIGNUM * value) { @@ -549,7 +572,7 @@ packet_send1(void) /* Add check bytes. */ checksum = ssh_crc32(buffer_ptr(&outgoing_packet), buffer_len(&outgoing_packet)); - PUT_32BIT(buf, checksum); + put_u32(buf, checksum); buffer_append(&outgoing_packet, buf, 4); #ifdef PACKET_DEBUG @@ -558,7 +581,7 @@ packet_send1(void) #endif /* Append to output. */ - PUT_32BIT(buf, len); + put_u32(buf, len); buffer_append(&output, buf, 4); cp = buffer_append_space(&output, buffer_len(&outgoing_packet)); cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet), @@ -654,7 +677,7 @@ set_newkeys(int mode) /* * Delayed compression for SSH2 is enabled after authentication: - * This happans on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent, + * This happens on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent, * and on the client side after a SSH2_MSG_USERAUTH_SUCCESS is received. */ static void @@ -669,6 +692,9 @@ packet_enable_delayed_compress(void) */ after_authentication = 1; for (mode = 0; mode < MODE_MAX; mode++) { + /* protocol error: USERAUTH_SUCCESS received before NEWKEYS */ + if (newkeys[mode] == NULL) + continue; comp = &newkeys[mode]->comp; if (comp && !comp->enabled && comp->type == COMP_DELAYED) { packet_init_compression(); @@ -761,7 +787,7 @@ packet_send2_wrapped(void) /* packet_length includes payload, padding and padding length field */ packet_length = buffer_len(&outgoing_packet) - 4; cp = buffer_ptr(&outgoing_packet); - PUT_32BIT(cp, packet_length); + put_u32(cp, packet_length); cp[4] = padlen; DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen)); @@ -778,7 +804,7 @@ packet_send2_wrapped(void) buffer_len(&outgoing_packet)); /* append unencrypted MAC */ if (mac && mac->enabled) - buffer_append(&output, (char *)macbuf, mac->mac_len); + buffer_append(&output, macbuf, mac->mac_len); #ifdef PACKET_DEBUG fprintf(stderr, "encrypted: "); buffer_dump(&output); @@ -868,7 +894,7 @@ packet_read_seqnr(u_int32_t *seqnr_p) char buf[8192]; DBG(debug("packet_read()")); - setp = (fd_set *)xmalloc(howmany(connection_in+1, NFDBITS) * + setp = (fd_set *)xcalloc(howmany(connection_in+1, NFDBITS), sizeof(fd_mask)); /* Since we are blocking, ensure that all written packets have been sent. */ @@ -959,7 +985,7 @@ packet_read_poll1(void) return SSH_MSG_NONE; /* Get length of incoming packet. */ cp = buffer_ptr(&input); - len = GET_32BIT(cp); + len = get_u32(cp); if (len < 1 + 2 + 2 || len > 256 * 1024) packet_disconnect("Bad packet length %u.", len); padded_len = (len + 8) & ~7; @@ -978,9 +1004,16 @@ packet_read_poll1(void) * (C)1998 CORE-SDI, Buenos Aires Argentina * Ariel Futoransky(futo@core-sdi.com) */ - if (!receive_context.plaintext && - detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED) - packet_disconnect("crc32 compensation attack: network attack detected"); + if (!receive_context.plaintext) { + switch (detect_attack(buffer_ptr(&input), padded_len)) { + case DEATTACK_DETECTED: + packet_disconnect("crc32 compensation attack: " + "network attack detected"); + case DEATTACK_DOS_DETECTED: + packet_disconnect("deattack denial of " + "service detected"); + } + } /* Decrypt data to incoming_packet. */ buffer_clear(&incoming_packet); @@ -1007,7 +1040,7 @@ packet_read_poll1(void) len, buffer_len(&incoming_packet)); cp = (u_char *)buffer_ptr(&incoming_packet) + len - 4; - stored_checksum = GET_32BIT(cp); + stored_checksum = get_u32(cp); if (checksum != stored_checksum) packet_disconnect("Corrupted check bytes on input."); buffer_consume_end(&incoming_packet, 4); @@ -1056,7 +1089,7 @@ packet_read_poll2(u_int32_t *seqnr_p) cipher_crypt(&receive_context, cp, buffer_ptr(&input), block_size); cp = buffer_ptr(&incoming_packet); - packet_length = GET_32BIT(cp); + packet_length = get_u32(cp); if (packet_length < 1 + 4 || packet_length > 256 * 1024) { #ifdef PACKET_DEBUG buffer_dump(&incoming_packet); @@ -1187,7 +1220,6 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) break; default: return type; - break; } } else { type = packet_read_poll1(); @@ -1210,7 +1242,6 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) if (type) DBG(debug("received packet type %d", type)); return type; - break; } } } @@ -1412,7 +1443,7 @@ packet_write_wait(void) { fd_set *setp; - setp = (fd_set *)xmalloc(howmany(connection_out + 1, NFDBITS) * + setp = (fd_set *)xcalloc(howmany(connection_out + 1, NFDBITS), sizeof(fd_mask)); packet_write_poll(); while (packet_have_data_to_write()) { @@ -1480,8 +1511,7 @@ packet_set_interactive(int interactive) /* Only set socket options if using a socket. */ if (!packet_connection_is_on_socket()) return; - if (interactive) - set_nodelay(connection_in); + set_nodelay(connection_in); packet_set_tos(interactive); } @@ -1542,7 +1572,7 @@ packet_send_ignore(int nbytes) for (i = 0; i < nbytes; i++) { if (i % 4 == 0) rnd = arc4random(); - packet_put_char(rnd & 0xff); + packet_put_char((u_char)rnd & 0xff); rnd >>= 8; } } diff --git a/crypto/openssh/platform.c b/crypto/openssh/platform.c new file mode 100644 index 0000000..aee4b01 --- /dev/null +++ b/crypto/openssh/platform.c @@ -0,0 +1,46 @@ +/* $Id: platform.c,v 1.1 2006/08/30 17:24:41 djm Exp $ */ + +/* + * Copyright (c) 2006 Darren Tucker. All rights reserved. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "config.h" +#include "platform.h" + +#include "openbsd-compat/openbsd-compat.h" + +void +platform_pre_fork(void) +{ +#ifdef USE_SOLARIS_PROCESS_CONTRACTS + solaris_contract_pre_fork(); +#endif +} + +void +platform_post_fork_parent(pid_t child_pid) +{ +#ifdef USE_SOLARIS_PROCESS_CONTRACTS + solaris_contract_post_fork_parent(child_pid); +#endif +} + +void +platform_post_fork_child(void) +{ +#ifdef USE_SOLARIS_PROCESS_CONTRACTS + solaris_contract_post_fork_child(); +#endif +} diff --git a/crypto/openssh/platform.h b/crypto/openssh/platform.h new file mode 100644 index 0000000..cf93bc5 --- /dev/null +++ b/crypto/openssh/platform.h @@ -0,0 +1,23 @@ +/* $Id: platform.h,v 1.1 2006/08/30 17:24:41 djm Exp $ */ + +/* + * Copyright (c) 2006 Darren Tucker. All rights reserved. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <sys/types.h> + +void platform_pre_fork(void); +void platform_post_fork_parent(pid_t child_pid); +void platform_post_fork_child(void); diff --git a/crypto/openssh/progressmeter.c b/crypto/openssh/progressmeter.c index 13c51d8..0f95222 100644 --- a/crypto/openssh/progressmeter.c +++ b/crypto/openssh/progressmeter.c @@ -1,3 +1,4 @@ +/* $OpenBSD: progressmeter.c,v 1.37 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2003 Nils Nordman. All rights reserved. * @@ -23,7 +24,17 @@ */ #include "includes.h" -RCSID("$OpenBSD: progressmeter.c,v 1.24 2005/06/07 13:25:23 jaredy Exp $"); + +#include <sys/types.h> +#include <sys/ioctl.h> +#include <sys/uio.h> + +#include <errno.h> +#include <signal.h> +#include <stdio.h> +#include <string.h> +#include <time.h> +#include <unistd.h> #include "progressmeter.h" #include "atomicio.h" @@ -154,7 +165,7 @@ refresh_progress_meter(void) len = 0; if (len >= file_len + 1) len = file_len; - for (i = len; i < file_len; i++ ) + for (i = len; i < file_len; i++) buf[i] = ' '; buf[file_len] = '\0'; } @@ -215,6 +226,7 @@ refresh_progress_meter(void) last_update = now; } +/*ARGSUSED*/ static void update_progress_meter(int ignore) { @@ -269,6 +281,7 @@ stop_progress_meter(void) atomicio(vwrite, STDOUT_FILENO, "\n", 1); } +/*ARGSUSED*/ static void sig_winch(int sig) { diff --git a/crypto/openssh/progressmeter.h b/crypto/openssh/progressmeter.h index bfb9a0b..10bab99 100644 --- a/crypto/openssh/progressmeter.h +++ b/crypto/openssh/progressmeter.h @@ -1,4 +1,4 @@ -/* $OpenBSD: progressmeter.h,v 1.1 2003/01/10 08:19:07 fgsch Exp $ */ +/* $OpenBSD: progressmeter.h,v 1.2 2006/03/25 22:22:43 djm Exp $ */ /* * Copyright (c) 2002 Nils Nordman. All rights reserved. * diff --git a/crypto/openssh/readpass.c b/crypto/openssh/readpass.c index 7914799..bd144c2 100644 --- a/crypto/openssh/readpass.c +++ b/crypto/openssh/readpass.c @@ -1,3 +1,4 @@ +/* $OpenBSD: readpass.c,v 1.47 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -23,13 +24,27 @@ */ #include "includes.h" -RCSID("$OpenBSD: readpass.c,v 1.33 2005/05/02 21:13:22 markus Exp $"); + +#include <sys/types.h> +#include <sys/wait.h> + +#include <errno.h> +#include <fcntl.h> +#ifdef HAVE_PATHS_H +# include <paths.h> +#endif +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> #include "xmalloc.h" #include "misc.h" #include "pathnames.h" #include "log.h" #include "ssh.h" +#include "uidswap.h" static char * ssh_askpass(char *askpass, const char *msg) @@ -53,8 +68,7 @@ ssh_askpass(char *askpass, const char *msg) return NULL; } if (pid == 0) { - seteuid(getuid()); - setuid(getuid()); + permanently_drop_suid(getuid()); close(p[0]); if (dup2(p[1], STDOUT_FILENO) < 0) fatal("ssh_askpass: dup2: %s", strerror(errno)); diff --git a/crypto/openssh/regress/Makefile b/crypto/openssh/regress/Makefile index 4f47bc3..5399563 100644 --- a/crypto/openssh/regress/Makefile +++ b/crypto/openssh/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.36 2005/03/04 08:48:46 djm Exp $ +# $OpenBSD: Makefile,v 1.42 2006/07/19 13:34:52 dtucker Exp $ REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec tests: $(REGRESS_TARGETS) @@ -40,7 +40,9 @@ LTESTS= connect \ forwarding \ multiplex \ reexec \ - brokenkeys + brokenkeys \ + cfgmatch \ + forcecommand USER!= id -un CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ @@ -49,8 +51,8 @@ CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \ ls.copy banner.in banner.out empty.in \ - scp-ssh-wrapper.scp ssh_proxy_envpass \ - remote_pid + scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \ + sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv #LTESTS += ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp diff --git a/crypto/openssh/regress/agent-getpeereid.sh b/crypto/openssh/regress/agent-getpeereid.sh index 6186a8d..e5fcedd 100644 --- a/crypto/openssh/regress/agent-getpeereid.sh +++ b/crypto/openssh/regress/agent-getpeereid.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-getpeereid.sh,v 1.2 2005/11/14 21:25:56 grunk Exp $ +# $OpenBSD: agent-getpeereid.sh,v 1.3 2006/07/06 12:01:53 grunk Exp $ # Placed in the Public Domain. tid="disallow agent attach from other uid" @@ -12,6 +12,11 @@ then echo "skipped (not supported on this platform)" exit 0 fi +if [ -z "$SUDO" ]; then + echo "skipped: need SUDO to switch to uid $UNPRIV" + exit 0 +fi + trace "start agent" eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null diff --git a/crypto/openssh/regress/cfgmatch.sh b/crypto/openssh/regress/cfgmatch.sh new file mode 100644 index 0000000..d987dcb --- /dev/null +++ b/crypto/openssh/regress/cfgmatch.sh @@ -0,0 +1,106 @@ +# $OpenBSD: cfgmatch.sh,v 1.2 2006/07/22 01:50:00 dtucker Exp $ +# Placed in the Public Domain. + +tid="sshd_config match" + +pidfile=$OBJ/remote_pid +fwdport=3301 +fwd="-L $fwdport:127.0.0.1:$PORT" + +stop_client() +{ + pid=`cat $pidfile` + if [ ! -z "$pid" ]; then + kill $pid + sleep 1 + fi +} + +cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak + +echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_config +echo "Match Address 127.0.0.1" >>$OBJ/sshd_config +echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_config + +echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_proxy +echo "Match Address 127.0.0.1" >>$OBJ/sshd_proxy +echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_proxy + +start_sshd + +#set -x + +# Test Match + PermitOpen in sshd_config. This should be permitted +for p in 1 2; do + rm -f $pidfile + trace "match permitopen localhost proto $p" + ${SSH} -$p $fwd -F $OBJ/ssh_config -f somehost \ + "echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\ + fail "match permitopen proto $p sshd failed" + sleep 1; + ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \ + fail "match permitopen permit proto $p" + stop_client +done + +# Same but from different source. This should not be permitted +for p in 1 2; do + rm -f $pidfile + trace "match permitopen proxy proto $p" + ${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \ + "echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\ + fail "match permitopen proxy proto $p sshd failed" + sleep 1; + ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \ + fail "match permitopen deny proto $p" + stop_client +done + +# Retry previous with key option, should also be denied. +echo -n 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER +cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER +echo -n 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER +cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER +for p in 1 2; do + rm -f $pidfile + trace "match permitopen proxy w/key opts proto $p" + ${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \ + "echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\ + fail "match permitopen w/key opt proto $p sshd failed" + sleep 1; + ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \ + fail "match permitopen deny w/key opt proto $p" + stop_client +done + +# Test both sshd_config and key options permitting the same dst/port pair. +# Should be permitted. +for p in 1 2; do + rm -f $pidfile + trace "match permitopen localhost proto $p" + ${SSH} -$p $fwd -F $OBJ/ssh_config -f somehost \ + "echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\ + fail "match permitopen proto $p sshd failed" + sleep 1; + ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \ + fail "match permitopen permit proto $p" + stop_client +done + +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +echo "PermitOpen 127.0.0.1:1 127.0.0.1:$PORT 127.0.0.2:2" >>$OBJ/sshd_proxy +echo "Match User $USER" >>$OBJ/sshd_proxy +echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy + +# Test that a Match overrides a PermitOpen in the global section +for p in 1 2; do + rm -f $pidfile + trace "match permitopen proxy w/key opts proto $p" + ${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \ + "echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\ + fail "match override permitopen proto $p sshd failed" + sleep 1; + ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \ + fail "match override permitopen proto $p" + stop_client +done diff --git a/crypto/openssh/regress/cipher-speed.sh b/crypto/openssh/regress/cipher-speed.sh new file mode 100644 index 0000000..5925111 --- /dev/null +++ b/crypto/openssh/regress/cipher-speed.sh @@ -0,0 +1,47 @@ +# $OpenBSD: cipher-speed.sh,v 1.2 2005/05/24 04:09:54 djm Exp $ +# Placed in the Public Domain. + +tid="cipher speed" + +getbytes () +{ + sed -n '/transferred/s/.*secs (\(.* bytes.sec\).*/\1/p' +} + +tries="1 2" +DATA=/bin/ls +DATA=/bsd + +macs="hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96" +ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc + arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc aes128-ctr" + +for c in $ciphers; do for m in $macs; do + trace "proto 2 cipher $c mac $m" + for x in $tries; do + echo -n "$c/$m:\t" + ( ${SSH} -o 'compression no' \ + -F $OBJ/ssh_proxy -2 -m $m -c $c somehost \ + exec sh -c \'"dd of=/dev/null obs=32k"\' \ + < ${DATA} ) 2>&1 | getbytes + + if [ $? -ne 0 ]; then + fail "ssh -2 failed with mac $m cipher $c" + fi + done +done; done + +ciphers="3des blowfish" +for c in $ciphers; do + trace "proto 1 cipher $c" + for x in $tries; do + echo -n "$c:\t" + ( ${SSH} -o 'compression no' \ + -F $OBJ/ssh_proxy -1 -c $c somehost \ + exec sh -c \'"dd of=/dev/null obs=32k"\' \ + < ${DATA} ) 2>&1 | getbytes + if [ $? -ne 0 ]; then + fail "ssh -1 failed with cipher $c" + fi + done +done diff --git a/crypto/openssh/regress/forcecommand.sh b/crypto/openssh/regress/forcecommand.sh new file mode 100644 index 0000000..99e51a6 --- /dev/null +++ b/crypto/openssh/regress/forcecommand.sh @@ -0,0 +1,42 @@ +# $OpenBSD: forcecommand.sh,v 1.1 2006/07/19 13:09:28 dtucker Exp $ +# Placed in the Public Domain. + +tid="forced command" + +cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak + +echon 'command="true" ' >$OBJ/authorized_keys_$USER +cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER +echon 'command="true" ' >>$OBJ/authorized_keys_$USER +cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER + +for p in 1 2; do + trace "forced command in key option proto $p" + ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || + fail "forced command in key proto $p" +done + +echon 'command="false" ' >$OBJ/authorized_keys_$USER +cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER +echon 'command="false" ' >>$OBJ/authorized_keys_$USER +cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER + +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +echo "ForceCommand true" >> $OBJ/sshd_proxy + +for p in 1 2; do + trace "forced command in sshd_config overrides key option proto $p" + ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || + fail "forced command in key proto $p" +done + +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +echo "ForceCommand false" >> $OBJ/sshd_proxy +echo "Match User $USER" >> $OBJ/sshd_proxy +echo " ForceCommand true" >> $OBJ/sshd_proxy + +for p in 1 2; do + trace "forced command with match proto $p" + ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || + fail "forced command in key proto $p" +done diff --git a/crypto/openssh/regress/forwarding.sh b/crypto/openssh/regress/forwarding.sh index 3b17114..9ffbb3d 100644 --- a/crypto/openssh/regress/forwarding.sh +++ b/crypto/openssh/regress/forwarding.sh @@ -1,4 +1,4 @@ -# $OpenBSD: forwarding.sh,v 1.5 2005/03/10 10:20:39 dtucker Exp $ +# $OpenBSD: forwarding.sh,v 1.6 2006/07/11 18:51:21 markus Exp $ # Placed in the Public Domain. tid="local and remote forwarding" @@ -34,6 +34,36 @@ for p in 1 2; do done for p in 1 2; do +for d in L R; do + trace "exit on -$d forward failure, proto $p" + + # this one should succeed + ${SSH} -$p -F $OBJ/ssh_config \ + -$d ${base}01:127.0.0.1:$PORT \ + -$d ${base}02:127.0.0.1:$PORT \ + -$d ${base}03:127.0.0.1:$PORT \ + -$d ${base}04:127.0.0.1:$PORT \ + -oExitOnForwardFailure=yes somehost true + if [ $? != 0 ]; then + fail "connection failed, should not" + else + # this one should fail + ${SSH} -q -$p -F $OBJ/ssh_config \ + -$d ${base}01:127.0.0.1:$PORT \ + -$d ${base}02:127.0.0.1:$PORT \ + -$d ${base}03:127.0.0.1:$PORT \ + -$d ${base}01:127.0.0.1:$PORT \ + -$d ${base}04:127.0.0.1:$PORT \ + -oExitOnForwardFailure=yes somehost true + r=$? + if [ $r != 255 ]; then + fail "connection not termintated, but should ($r)" + fi + fi +done +done + +for p in 1 2; do trace "simple clear forwarding proto $p" ${SSH} -$p -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true diff --git a/crypto/openssh/scard-opensc.c b/crypto/openssh/scard-opensc.c index dd2c28d..4751ea2 100644 --- a/crypto/openssh/scard-opensc.c +++ b/crypto/openssh/scard-opensc.c @@ -26,9 +26,13 @@ #include "includes.h" #if defined(SMARTCARD) && defined(USE_OPENSC) +#include <sys/types.h> + #include <openssl/evp.h> #include <openssl/x509.h> +#include <stdarg.h> + #include <opensc/opensc.h> #include <opensc/pkcs15.h> @@ -455,7 +459,9 @@ sc_get_keys(const char *id, const char *pin) } key_count = r; } - keys = xmalloc(sizeof(Key *) * (key_count*2+1)); + if (key_count > 1024) + fatal("Too many keys (%u), expected <= 1024", key_count); + keys = xcalloc(key_count * 2 + 1, sizeof(Key *)); for (i = 0; i < key_count; i++) { sc_pkcs15_object_t *tmp_obj = NULL; cert_id = ((sc_pkcs15_cert_info_t *)(certs[i]->data))->id; diff --git a/crypto/openssh/scard.c b/crypto/openssh/scard.c index b3d2505..328655e 100644 --- a/crypto/openssh/scard.c +++ b/crypto/openssh/scard.c @@ -1,3 +1,4 @@ +/* $OpenBSD: scard.c,v 1.35 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -24,14 +25,18 @@ #include "includes.h" #if defined(SMARTCARD) && defined(USE_SECTOK) -RCSID("$OpenBSD: scard.c,v 1.29 2004/05/08 00:21:31 djm Exp $"); -#include <openssl/evp.h> +#include <sys/types.h> + #include <sectok.h> +#include <stdarg.h> +#include <string.h> + +#include <openssl/evp.h> +#include "xmalloc.h" #include "key.h" #include "log.h" -#include "xmalloc.h" #include "misc.h" #include "scard.h" @@ -125,7 +130,7 @@ sc_init(void) if (status == SCARD_ERROR_NOCARD) { return SCARD_ERROR_NOCARD; } - if (status < 0 ) { + if (status < 0) { error("sc_open failed"); return status; } @@ -215,7 +220,7 @@ sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, olen = len = sw = 0; if (sc_fd < 0) { status = sc_init(); - if (status < 0 ) + if (status < 0) goto err; } if (padding != RSA_PKCS1_PADDING) @@ -255,7 +260,7 @@ sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, len = sw = 0; if (sc_fd < 0) { status = sc_init(); - if (status < 0 ) + if (status < 0) goto err; } if (padding != RSA_PKCS1_PADDING) @@ -378,12 +383,12 @@ sc_get_keys(const char *id, const char *pin) key_free(k); return NULL; } - if (status < 0 ) { + if (status < 0) { error("sc_read_pubkey failed"); key_free(k); return NULL; } - keys = xmalloc((nkeys+1) * sizeof(Key *)); + keys = xcalloc((nkeys+1), sizeof(Key *)); n = key_new(KEY_RSA1); BN_copy(n->rsa->n, k->rsa->n); diff --git a/crypto/openssh/scard.h b/crypto/openssh/scard.h index 9ba20a3..82efe48 100644 --- a/crypto/openssh/scard.h +++ b/crypto/openssh/scard.h @@ -1,4 +1,4 @@ -/* $OpenBSD: scard.h,v 1.12 2003/06/12 19:12:03 markus Exp $ */ +/* $OpenBSD: scard.h,v 1.14 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -27,8 +27,6 @@ #ifndef SCARD_H #define SCARD_H -#include "key.h" - #define SCARD_ERROR_FAIL -1 #define SCARD_ERROR_NOCARD -2 #define SCARD_ERROR_APPLET -3 diff --git a/crypto/openssh/scp.1 b/crypto/openssh/scp.1 index d9b1f8e..43662ab 100644 --- a/crypto/openssh/scp.1 +++ b/crypto/openssh/scp.1 @@ -9,7 +9,7 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.39 2006/01/20 00:14:55 dtucker Exp $ +.\" $OpenBSD: scp.1,v 1.40 2006/07/18 07:56:28 jmc Exp $ .\" .Dd September 25, 1999 .Dt SCP 1 @@ -198,9 +198,8 @@ to print debugging messages about their progress. This is helpful in debugging connection, authentication, and configuration problems. .El -.Sh DIAGNOSTICS -.Nm -exits with 0 on success or >0 if an error occurred. +.Pp +.Ex -std scp .Sh SEE ALSO .Xr rcp 1 , .Xr sftp 1 , diff --git a/crypto/openssh/serverloop.h b/crypto/openssh/serverloop.h index f419198..7311558 100644 --- a/crypto/openssh/serverloop.h +++ b/crypto/openssh/serverloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.h,v 1.5 2001/06/27 02:12:53 markus Exp $ */ +/* $OpenBSD: serverloop.h,v 1.6 2006/03/25 22:22:43 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/sftp-client.c b/crypto/openssh/sftp-client.c index 05bce33..e31b2cf 100644 --- a/crypto/openssh/sftp-client.c +++ b/crypto/openssh/sftp-client.c @@ -1,3 +1,4 @@ +/* $OpenBSD: sftp-client.c,v 1.74 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> * @@ -20,17 +21,32 @@ /* XXX: copy between two remote sites */ #include "includes.h" -RCSID("$OpenBSD: sftp-client.c,v 1.58 2006/01/02 01:20:31 djm Exp $"); +#include <sys/types.h> +#include <sys/param.h> #include "openbsd-compat/sys-queue.h" +#ifdef HAVE_SYS_STAT_H +# include <sys/stat.h> +#endif +#ifdef HAVE_SYS_TIME_H +# include <sys/time.h> +#endif +#include <sys/uio.h> + +#include <errno.h> +#include <fcntl.h> +#include <signal.h> +#include <stdarg.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> -#include "buffer.h" -#include "bufaux.h" -#include "getput.h" #include "xmalloc.h" +#include "buffer.h" #include "log.h" #include "atomicio.h" #include "progressmeter.h" +#include "misc.h" #include "sftp.h" #include "sftp-common.h" @@ -39,7 +55,7 @@ RCSID("$OpenBSD: sftp-client.c,v 1.58 2006/01/02 01:20:31 djm Exp $"); extern volatile sig_atomic_t interrupted; extern int showprogress; -/* Minimum amount of data to read at at time */ +/* Minimum amount of data to read at a time */ #define MIN_READ_SIZE 512 struct sftp_conn { @@ -55,16 +71,19 @@ static void send_msg(int fd, Buffer *m) { u_char mlen[4]; + struct iovec iov[2]; if (buffer_len(m) > SFTP_MAX_MSG_LENGTH) fatal("Outbound message too long %u", buffer_len(m)); /* Send length first */ - PUT_32BIT(mlen, buffer_len(m)); - if (atomicio(vwrite, fd, mlen, sizeof(mlen)) != sizeof(mlen)) - fatal("Couldn't send packet: %s", strerror(errno)); + put_u32(mlen, buffer_len(m)); + iov[0].iov_base = mlen; + iov[0].iov_len = sizeof(mlen); + iov[1].iov_base = buffer_ptr(m); + iov[1].iov_len = buffer_len(m); - if (atomicio(vwrite, fd, buffer_ptr(m), buffer_len(m)) != buffer_len(m)) + if (atomiciov(writev, fd, iov, 2) != buffer_len(m) + sizeof(mlen)) fatal("Couldn't send packet: %s", strerror(errno)); buffer_clear(m); @@ -388,8 +407,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, printf("%s\n", longname); if (dir) { - *dir = xrealloc(*dir, sizeof(**dir) * - (ents + 2)); + *dir = xrealloc(*dir, ents + 2, sizeof(**dir)); (*dir)[ents] = xmalloc(sizeof(***dir)); (*dir)[ents]->filename = xstrdup(filename); (*dir)[ents]->longname = xstrdup(longname); diff --git a/crypto/openssh/sftp-common.c b/crypto/openssh/sftp-common.c index 4cea3c3..7ebadcc 100644 --- a/crypto/openssh/sftp-common.c +++ b/crypto/openssh/sftp-common.c @@ -1,3 +1,4 @@ +/* $OpenBSD: sftp-common.c,v 1.20 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Damien Miller. All rights reserved. @@ -24,12 +25,21 @@ */ #include "includes.h" -RCSID("$OpenBSD: sftp-common.c,v 1.10 2003/11/10 16:23:41 jakob Exp $"); +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/param.h> + +#include <grp.h> +#include <pwd.h> +#include <stdio.h> +#include <string.h> +#include <time.h> +#include <stdarg.h> + +#include "xmalloc.h" #include "buffer.h" -#include "bufaux.h" #include "log.h" -#include "xmalloc.h" #include "sftp.h" #include "sftp-common.h" diff --git a/crypto/openssh/sftp-common.h b/crypto/openssh/sftp-common.h index 2b1995a..9b58484 100644 --- a/crypto/openssh/sftp-common.h +++ b/crypto/openssh/sftp-common.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-common.h,v 1.6 2006/01/02 01:20:31 djm Exp $ */ +/* $OpenBSD: sftp-common.h,v 1.10 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. diff --git a/crypto/openssh/sftp-glob.c b/crypto/openssh/sftp-glob.c index 16c5e20..cdc2708 100644 --- a/crypto/openssh/sftp-glob.c +++ b/crypto/openssh/sftp-glob.c @@ -1,3 +1,4 @@ +/* $OpenBSD: sftp-glob.c,v 1.22 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> * @@ -15,14 +16,18 @@ */ #include "includes.h" -RCSID("$OpenBSD: sftp-glob.c,v 1.15 2004/02/17 07:17:29 djm Exp $"); -#include "buffer.h" -#include "bufaux.h" -#include "xmalloc.h" -#include "log.h" +#include <sys/types.h> +#ifdef HAVE_SYS_STAT_H +# include <sys/stat.h> +#endif +#include <dirent.h> +#include <string.h> + +#include "xmalloc.h" #include "sftp.h" +#include "buffer.h" #include "sftp-common.h" #include "sftp-client.h" diff --git a/crypto/openssh/sftp-server.8 b/crypto/openssh/sftp-server.8 index 42f5d43..199c4f3 100644 --- a/crypto/openssh/sftp-server.8 +++ b/crypto/openssh/sftp-server.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp-server.8,v 1.10 2003/10/08 08:27:36 jmc Exp $ +.\" $OpenBSD: sftp-server.8,v 1.11 2006/07/06 10:47:57 djm Exp $ .\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. .\" @@ -30,6 +30,8 @@ .Nd SFTP server subsystem .Sh SYNOPSIS .Nm sftp-server +.Op Fl f Ar log_facility +.Op Fl l Ar log_level .Sh DESCRIPTION .Nm is a program that speaks the server side of SFTP protocol @@ -40,9 +42,36 @@ is not intended to be called directly, but from using the .Cm Subsystem option. +.Pp +Command-line flags to +.Nm +should be specified in the +.Cm Subsystem +declaration. See .Xr sshd_config 5 for more information. +.Pp +Valid options are: +.Bl -tag -width Ds +.It Fl f Ar log_facility +Specifies the facility code that is used when logging messages from +.Nm . +The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, +LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. +The default is AUTH. +.It Fl l Ar log_level +Specifies which messages will be logged by +.Nm . +The possible values are: +QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. +INFO and VERBOSE log transactions that +.Nm +performs on behalf of the client. +DEBUG and DEBUG1 are equivalent. +DEBUG2 and DEBUG3 each specify higher levels of debugging output. +The default is ERROR. +.El .Sh SEE ALSO .Xr sftp 1 , .Xr ssh 1 , @@ -56,8 +85,9 @@ for more information. .%D January 2001 .%O work in progress material .Re -.Sh AUTHORS -.An Markus Friedl Aq markus@openbsd.org .Sh HISTORY .Nm -first appeared in OpenBSD 2.8 . +first appeared in +.Ox 2.8 . +.Sh AUTHORS +.An Markus Friedl Aq markus@openbsd.org diff --git a/crypto/openssh/sftp-server.c b/crypto/openssh/sftp-server.c index 7060c44..c57958b 100644 --- a/crypto/openssh/sftp-server.c +++ b/crypto/openssh/sftp-server.c @@ -1,3 +1,4 @@ +/* $OpenBSD: sftp-server.c,v 1.70 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -13,15 +14,33 @@ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + #include "includes.h" -RCSID("$OpenBSD: sftp-server.c,v 1.50 2006/01/02 01:20:31 djm Exp $"); +#include <sys/types.h> +#include <sys/param.h> +#include <sys/stat.h> +#ifdef HAVE_SYS_TIME_H +# include <sys/time.h> +#endif + +#include <dirent.h> +#include <errno.h> +#include <fcntl.h> +#include <pwd.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <pwd.h> +#include <time.h> +#include <unistd.h> +#include <stdarg.h> + +#include "xmalloc.h" #include "buffer.h" -#include "bufaux.h" -#include "getput.h" #include "log.h" -#include "xmalloc.h" #include "misc.h" +#include "uidswap.h" #include "sftp.h" #include "sftp-common.h" @@ -30,9 +49,13 @@ RCSID("$OpenBSD: sftp-server.c,v 1.50 2006/01/02 01:20:31 djm Exp $"); #define get_int64() buffer_get_int64(&iqueue); #define get_int() buffer_get_int(&iqueue); #define get_string(lenp) buffer_get_string(&iqueue, lenp); -#define TRACE debug -extern char *__progname; +/* Our verbosity */ +LogLevel log_level = SYSLOG_LEVEL_ERROR; + +/* Our client */ +struct passwd *pw = NULL; +char *client_addr = NULL; /* input and output queue */ Buffer iqueue; @@ -104,6 +127,33 @@ flags_from_portable(int pflags) return flags; } +static const char * +string_from_portable(int pflags) +{ + static char ret[128]; + + *ret = '\0'; + +#define PAPPEND(str) { \ + if (*ret != '\0') \ + strlcat(ret, ",", sizeof(ret)); \ + strlcat(ret, str, sizeof(ret)); \ + } + + if (pflags & SSH2_FXF_READ) + PAPPEND("READ") + if (pflags & SSH2_FXF_WRITE) + PAPPEND("WRITE") + if (pflags & SSH2_FXF_CREAT) + PAPPEND("CREATE") + if (pflags & SSH2_FXF_TRUNC) + PAPPEND("TRUNCATE") + if (pflags & SSH2_FXF_EXCL) + PAPPEND("EXCL") + + return ret; +} + static Attrib * get_attrib(void) { @@ -118,6 +168,7 @@ struct Handle { DIR *dirp; int fd; char *name; + u_int64_t bytes_read, bytes_write; }; enum { @@ -148,6 +199,7 @@ handle_new(int use, const char *name, int fd, DIR *dirp) handles[i].dirp = dirp; handles[i].fd = fd; handles[i].name = xstrdup(name); + handles[i].bytes_read = handles[i].bytes_write = 0; return i; } } @@ -167,7 +219,7 @@ handle_to_string(int handle, char **stringp, int *hlenp) if (stringp == NULL || hlenp == NULL) return -1; *stringp = xmalloc(sizeof(int32_t)); - PUT_32BIT(*stringp, handle); + put_u32(*stringp, handle); *hlenp = sizeof(int32_t); return 0; } @@ -179,7 +231,7 @@ handle_from_string(const char *handle, u_int hlen) if (hlen != sizeof(int32_t)) return -1; - val = GET_32BIT(handle); + val = get_u32(handle); if (handle_is_ok(val, HANDLE_FILE) || handle_is_ok(val, HANDLE_DIR)) return val; @@ -211,6 +263,36 @@ handle_to_fd(int handle) return -1; } +static void +handle_update_read(int handle, ssize_t bytes) +{ + if (handle_is_ok(handle, HANDLE_FILE) && bytes > 0) + handles[handle].bytes_read += bytes; +} + +static void +handle_update_write(int handle, ssize_t bytes) +{ + if (handle_is_ok(handle, HANDLE_FILE) && bytes > 0) + handles[handle].bytes_write += bytes; +} + +static u_int64_t +handle_bytes_read(int handle) +{ + if (handle_is_ok(handle, HANDLE_FILE)) + return (handles[handle].bytes_read); + return 0; +} + +static u_int64_t +handle_bytes_write(int handle) +{ + if (handle_is_ok(handle, HANDLE_FILE)) + return (handles[handle].bytes_write); + return 0; +} + static int handle_close(int handle) { @@ -230,6 +312,31 @@ handle_close(int handle) return ret; } +static void +handle_log_close(int handle, char *emsg) +{ + if (handle_is_ok(handle, HANDLE_FILE)) { + logit("%s%sclose \"%s\" bytes read %llu written %llu", + emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ", + handle_to_name(handle), + handle_bytes_read(handle), handle_bytes_write(handle)); + } else { + logit("%s%sclosedir \"%s\"", + emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ", + handle_to_name(handle)); + } +} + +static void +handle_log_exit(void) +{ + u_int i; + + for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) + if (handles[i].use != HANDLE_UNUSED) + handle_log_close(i, "forced"); +} + static int get_handle(void) { @@ -256,10 +363,9 @@ send_msg(Buffer *m) buffer_consume(m, mlen); } -static void -send_status(u_int32_t id, u_int32_t status) +static const char * +status_to_message(u_int32_t status) { - Buffer msg; const char *status_messages[] = { "Success", /* SSH_FX_OK */ "End of file", /* SSH_FX_EOF */ @@ -272,15 +378,24 @@ send_status(u_int32_t id, u_int32_t status) "Operation unsupported", /* SSH_FX_OP_UNSUPPORTED */ "Unknown error" /* Others */ }; + return (status_messages[MIN(status,SSH2_FX_MAX)]); +} + +static void +send_status(u_int32_t id, u_int32_t status) +{ + Buffer msg; - TRACE("sent status id %u error %u", id, status); + debug3("request %u: sent status %u", id, status); + if (log_level > SYSLOG_LEVEL_VERBOSE || + (status != SSH2_FX_OK && status != SSH2_FX_EOF)) + logit("sent status %s", status_to_message(status)); buffer_init(&msg); buffer_put_char(&msg, SSH2_FXP_STATUS); buffer_put_int(&msg, id); buffer_put_int(&msg, status); if (version >= 3) { - buffer_put_cstring(&msg, - status_messages[MIN(status,SSH2_FX_MAX)]); + buffer_put_cstring(&msg, status_to_message(status)); buffer_put_cstring(&msg, ""); } send_msg(&msg); @@ -302,7 +417,7 @@ send_data_or_handle(char type, u_int32_t id, const char *data, int dlen) static void send_data(u_int32_t id, const char *data, int dlen) { - TRACE("sent data id %u len %d", id, dlen); + debug("request %u: sent data len %d", id, dlen); send_data_or_handle(SSH2_FXP_DATA, id, data, dlen); } @@ -313,7 +428,7 @@ send_handle(u_int32_t id, int handle) int hlen; handle_to_string(handle, &string, &hlen); - TRACE("sent handle id %u handle %d", id, handle); + debug("request %u: sent handle handle %d", id, handle); send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen); xfree(string); } @@ -328,7 +443,7 @@ send_names(u_int32_t id, int count, const Stat *stats) buffer_put_char(&msg, SSH2_FXP_NAME); buffer_put_int(&msg, id); buffer_put_int(&msg, count); - TRACE("sent names id %u count %d", id, count); + debug("request %u: sent names count %d", id, count); for (i = 0; i < count; i++) { buffer_put_cstring(&msg, stats[i].name); buffer_put_cstring(&msg, stats[i].long_name); @@ -343,7 +458,7 @@ send_attrib(u_int32_t id, const Attrib *a) { Buffer msg; - TRACE("sent attrib id %u have 0x%x", id, a->flags); + debug("request %u: sent attrib have 0x%x", id, a->flags); buffer_init(&msg); buffer_put_char(&msg, SSH2_FXP_ATTRS); buffer_put_int(&msg, id); @@ -360,7 +475,7 @@ process_init(void) Buffer msg; version = get_int(); - TRACE("client version %d", version); + verbose("received client version %d", version); buffer_init(&msg); buffer_put_char(&msg, SSH2_FXP_VERSION); buffer_put_int(&msg, SSH2_FILEXFER_VERSION); @@ -379,10 +494,12 @@ process_open(void) id = get_int(); name = get_string(NULL); pflags = get_int(); /* portable flags */ + debug3("request %u: open flags %d", id, pflags); a = get_attrib(); flags = flags_from_portable(pflags); mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666; - TRACE("open id %u name %s flags %d mode 0%o", id, name, pflags, mode); + logit("open \"%s\" flags %s mode 0%o", + name, string_from_portable(pflags), mode); fd = open(name, flags, mode); if (fd < 0) { status = errno_to_portable(errno); @@ -408,7 +525,8 @@ process_close(void) id = get_int(); handle = get_handle(); - TRACE("close id %u handle %d", id, handle); + debug3("request %u: close handle %u", id, handle); + handle_log_close(handle, NULL); ret = handle_close(handle); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; send_status(id, status); @@ -427,11 +545,11 @@ process_read(void) off = get_int64(); len = get_int(); - TRACE("read id %u handle %d off %llu len %d", id, handle, - (unsigned long long)off, len); + debug("request %u: read \"%s\" (handle %d) off %llu len %d", + id, handle_to_name(handle), handle, (unsigned long long)off, len); if (len > sizeof buf) { len = sizeof buf; - logit("read change len %d", len); + debug2("read change len %d", len); } fd = handle_to_fd(handle); if (fd >= 0) { @@ -447,6 +565,7 @@ process_read(void) } else { send_data(id, buf, ret); status = SSH2_FX_OK; + handle_update_read(handle, ret); } } } @@ -468,8 +587,8 @@ process_write(void) off = get_int64(); data = get_string(&len); - TRACE("write id %u handle %d off %llu len %d", id, handle, - (unsigned long long)off, len); + debug("request %u: write \"%s\" (handle %d) off %llu len %d", + id, handle_to_name(handle), handle, (unsigned long long)off, len); fd = handle_to_fd(handle); if (fd >= 0) { if (lseek(fd, off, SEEK_SET) < 0) { @@ -483,8 +602,9 @@ process_write(void) status = errno_to_portable(errno); } else if ((size_t)ret == len) { status = SSH2_FX_OK; + handle_update_write(handle, ret); } else { - logit("nothing at all written"); + debug2("nothing at all written"); } } } @@ -503,7 +623,8 @@ process_do_stat(int do_lstat) id = get_int(); name = get_string(NULL); - TRACE("%sstat id %u name %s", do_lstat ? "l" : "", id, name); + debug3("request %u: %sstat", id, do_lstat ? "l" : ""); + verbose("%sstat name \"%s\"", do_lstat ? "l" : "", name); ret = do_lstat ? lstat(name, &st) : stat(name, &st); if (ret < 0) { status = errno_to_portable(errno); @@ -539,7 +660,8 @@ process_fstat(void) id = get_int(); handle = get_handle(); - TRACE("fstat id %u handle %d", id, handle); + debug("request %u: fstat \"%s\" (handle %u)", + id, handle_to_name(handle), handle); fd = handle_to_fd(handle); if (fd >= 0) { ret = fstat(fd, &st); @@ -578,23 +700,33 @@ process_setstat(void) id = get_int(); name = get_string(NULL); a = get_attrib(); - TRACE("setstat id %u name %s", id, name); + debug("request %u: setstat name \"%s\"", id, name); if (a->flags & SSH2_FILEXFER_ATTR_SIZE) { + logit("set \"%s\" size %llu", name, a->size); ret = truncate(name, a->size); if (ret == -1) status = errno_to_portable(errno); } if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { + logit("set \"%s\" mode %04o", name, a->perm); ret = chmod(name, a->perm & 0777); if (ret == -1) status = errno_to_portable(errno); } if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) { + char buf[64]; + time_t t = a->mtime; + + strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S", + localtime(&t)); + logit("set \"%s\" modtime %s", name, buf); ret = utimes(name, attrib_to_tv(a)); if (ret == -1) status = errno_to_portable(errno); } if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) { + logit("set \"%s\" owner %lu group %lu", name, + (u_long)a->uid, (u_long)a->gid); ret = chown(name, a->uid, a->gid); if (ret == -1) status = errno_to_portable(errno); @@ -610,23 +742,25 @@ process_fsetstat(void) u_int32_t id; int handle, fd, ret; int status = SSH2_FX_OK; - char *name; id = get_int(); handle = get_handle(); a = get_attrib(); - TRACE("fsetstat id %u handle %d", id, handle); + debug("request %u: fsetstat handle %d", id, handle); fd = handle_to_fd(handle); - name = handle_to_name(handle); - if (fd < 0 || name == NULL) { + if (fd < 0) { status = SSH2_FX_FAILURE; } else { + char *name = handle_to_name(handle); + if (a->flags & SSH2_FILEXFER_ATTR_SIZE) { + logit("set \"%s\" size %llu", name, a->size); ret = ftruncate(fd, a->size); if (ret == -1) status = errno_to_portable(errno); } if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { + logit("set \"%s\" mode %04o", name, a->perm); #ifdef HAVE_FCHMOD ret = fchmod(fd, a->perm & 0777); #else @@ -636,6 +770,12 @@ process_fsetstat(void) status = errno_to_portable(errno); } if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) { + char buf[64]; + time_t t = a->mtime; + + strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S", + localtime(&t)); + logit("set \"%s\" modtime %s", name, buf); #ifdef HAVE_FUTIMES ret = futimes(fd, attrib_to_tv(a)); #else @@ -645,6 +785,8 @@ process_fsetstat(void) status = errno_to_portable(errno); } if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) { + logit("set \"%s\" owner %lu group %lu", name, + (u_long)a->uid, (u_long)a->gid); #ifdef HAVE_FCHOWN ret = fchown(fd, a->uid, a->gid); #else @@ -667,7 +809,8 @@ process_opendir(void) id = get_int(); path = get_string(NULL); - TRACE("opendir id %u path %s", id, path); + debug3("request %u: opendir", id); + logit("opendir \"%s\"", path); dirp = opendir(path); if (dirp == NULL) { status = errno_to_portable(errno); @@ -697,22 +840,23 @@ process_readdir(void) id = get_int(); handle = get_handle(); - TRACE("readdir id %u handle %d", id, handle); + debug("request %u: readdir \"%s\" (handle %d)", id, + handle_to_name(handle), handle); dirp = handle_to_dir(handle); path = handle_to_name(handle); if (dirp == NULL || path == NULL) { send_status(id, SSH2_FX_FAILURE); } else { struct stat st; - char pathname[1024]; + char pathname[MAXPATHLEN]; Stat *stats; int nstats = 10, count = 0, i; - stats = xmalloc(nstats * sizeof(Stat)); + stats = xcalloc(nstats, sizeof(Stat)); while ((dp = readdir(dirp)) != NULL) { if (count >= nstats) { nstats *= 2; - stats = xrealloc(stats, nstats * sizeof(Stat)); + stats = xrealloc(stats, nstats, sizeof(Stat)); } /* XXX OVERFLOW ? */ snprintf(pathname, sizeof pathname, "%s%s%s", path, @@ -751,7 +895,8 @@ process_remove(void) id = get_int(); name = get_string(NULL); - TRACE("remove id %u name %s", id, name); + debug3("request %u: remove", id); + logit("remove name \"%s\"", name); ret = unlink(name); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; send_status(id, status); @@ -771,7 +916,8 @@ process_mkdir(void) a = get_attrib(); mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm & 0777 : 0777; - TRACE("mkdir id %u name %s mode 0%o", id, name, mode); + debug3("request %u: mkdir", id); + logit("mkdir name \"%s\" mode 0%o", name, mode); ret = mkdir(name, mode); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; send_status(id, status); @@ -787,7 +933,8 @@ process_rmdir(void) id = get_int(); name = get_string(NULL); - TRACE("rmdir id %u name %s", id, name); + debug3("request %u: rmdir", id); + logit("rmdir name \"%s\"", name); ret = rmdir(name); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; send_status(id, status); @@ -807,7 +954,8 @@ process_realpath(void) xfree(path); path = xstrdup("."); } - TRACE("realpath id %u path %s", id, path); + debug3("request %u: realpath", id); + verbose("realpath \"%s\"", path); if (realpath(path, resolvedname) == NULL) { send_status(id, errno_to_portable(errno)); } else { @@ -830,7 +978,8 @@ process_rename(void) id = get_int(); oldpath = get_string(NULL); newpath = get_string(NULL); - TRACE("rename id %u old %s new %s", id, oldpath, newpath); + debug3("request %u: rename", id); + logit("rename old \"%s\" new \"%s\"", oldpath, newpath); status = SSH2_FX_FAILURE; if (lstat(oldpath, &sb) == -1) status = errno_to_portable(errno); @@ -885,7 +1034,8 @@ process_readlink(void) id = get_int(); path = get_string(NULL); - TRACE("readlink id %u path %s", id, path); + debug3("request %u: readlink", id); + verbose("readlink \"%s\"", path); if ((len = readlink(path, buf, sizeof(buf) - 1)) == -1) send_status(id, errno_to_portable(errno)); else { @@ -909,7 +1059,8 @@ process_symlink(void) id = get_int(); oldpath = get_string(NULL); newpath = get_string(NULL); - TRACE("symlink id %u old %s new %s", id, oldpath, newpath); + debug3("request %u: symlink", id); + logit("symlink old \"%s\" new \"%s\"", oldpath, newpath); /* this will fail if 'newpath' exists */ ret = symlink(oldpath, newpath); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; @@ -945,10 +1096,11 @@ process(void) if (buf_len < 5) return; /* Incomplete message. */ cp = buffer_ptr(&iqueue); - msg_len = GET_32BIT(cp); + msg_len = get_u32(cp); if (msg_len > SFTP_MAX_MSG_LENGTH) { - error("bad message "); - exit(11); + error("bad message from %s local user %s", + client_addr, pw->pw_name); + cleanup_exit(11); } if (buf_len < msg_len + 4) return; @@ -1022,7 +1174,7 @@ process(void) } /* discard the remaining bytes from the current packet */ if (buf_len < buffer_len(&iqueue)) - fatal("iqueue grows"); + fatal("iqueue grew unexpectedly"); consumed = buf_len - buffer_len(&iqueue); if (msg_len < consumed) fatal("msg_len %d < consumed %d", msg_len, consumed); @@ -1030,24 +1182,93 @@ process(void) buffer_consume(&iqueue, msg_len - consumed); } +/* Cleanup handler that logs active handles upon normal exit */ +void +cleanup_exit(int i) +{ + if (pw != NULL && client_addr != NULL) { + handle_log_exit(); + logit("session closed for local user %s from [%s]", + pw->pw_name, client_addr); + } + _exit(i); +} + +static void +usage(void) +{ + extern char *__progname; + + fprintf(stderr, + "usage: %s [-he] [-l log_level] [-f log_facility]\n", __progname); + exit(1); +} + int -main(int ac, char **av) +main(int argc, char **argv) { fd_set *rset, *wset; - int in, out, max; + int in, out, max, ch, skipargs = 0, log_stderr = 0; ssize_t len, olen, set_size; + SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; + char *cp; + + extern char *optarg; + extern char *__progname; /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); - /* XXX should use getopt */ + __progname = ssh_get_progname(argv[0]); + log_init(__progname, log_level, log_facility, log_stderr); + + while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) { + switch (ch) { + case 'c': + /* + * Ignore all arguments if we are invoked as a + * shell using "sftp-server -c command" + */ + skipargs = 1; + break; + case 'e': + log_stderr = 1; + break; + case 'l': + log_level = log_level_number(optarg); + if (log_level == SYSLOG_LEVEL_NOT_SET) + error("Invalid log level \"%s\"", optarg); + break; + case 'f': + log_facility = log_facility_number(optarg); + if (log_level == SYSLOG_FACILITY_NOT_SET) + error("Invalid log facility \"%s\"", optarg); + break; + case 'h': + default: + usage(); + } + } - __progname = ssh_get_progname(av[0]); - handle_init(); + log_init(__progname, log_level, log_facility, log_stderr); -#ifdef DEBUG_SFTP_SERVER - log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); -#endif + if ((cp = getenv("SSH_CONNECTION")) != NULL) { + client_addr = xstrdup(cp); + if ((cp = strchr(client_addr, ' ')) == NULL) + fatal("Malformed SSH_CONNECTION variable: \"%s\"", + getenv("SSH_CONNECTION")); + *cp = '\0'; + } else + client_addr = xstrdup("UNKNOWN"); + + if ((pw = getpwuid(getuid())) == NULL) + fatal("No user found for uid %lu", (u_long)getuid()); + pw = pwcopy(pw); + + logit("session opened for local user %s from [%s]", + pw->pw_name, client_addr); + + handle_init(); in = dup(STDIN_FILENO); out = dup(STDOUT_FILENO); @@ -1082,7 +1303,8 @@ main(int ac, char **av) if (select(max+1, rset, wset, NULL, NULL) < 0) { if (errno == EINTR) continue; - exit(2); + error("select: %s", strerror(errno)); + cleanup_exit(2); } /* copy stdin to iqueue */ @@ -1091,10 +1313,10 @@ main(int ac, char **av) len = read(in, buf, sizeof buf); if (len == 0) { debug("read eof"); - exit(0); + cleanup_exit(0); } else if (len < 0) { - error("read error"); - exit(1); + error("read: %s", strerror(errno)); + cleanup_exit(1); } else { buffer_append(&iqueue, buf, len); } @@ -1103,8 +1325,8 @@ main(int ac, char **av) if (FD_ISSET(out, wset)) { len = write(out, buffer_ptr(&oqueue), olen); if (len < 0) { - error("write error"); - exit(1); + error("write: %s", strerror(errno)); + cleanup_exit(1); } else { buffer_consume(&oqueue, len); } diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.c index a2e3f6a..c018615 100644 --- a/crypto/openssh/sftp.c +++ b/crypto/openssh/sftp.c @@ -1,3 +1,4 @@ +/* $OpenBSD: sftp.c,v 1.92 2006/09/19 05:52:23 otto Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> * @@ -16,21 +17,39 @@ #include "includes.h" -RCSID("$OpenBSD: sftp.c,v 1.70 2006/01/31 10:19:02 djm Exp $"); +#include <sys/types.h> +#include <sys/ioctl.h> +#ifdef HAVE_SYS_STAT_H +# include <sys/stat.h> +#endif +#include <sys/param.h> +#include <sys/socket.h> +#include <sys/wait.h> + +#include <errno.h> +#ifdef HAVE_PATHS_H +# include <paths.h> +#endif #ifdef USE_LIBEDIT #include <histedit.h> #else typedef void EditLine; #endif +#include <signal.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> +#include <stdarg.h> -#include "buffer.h" #include "xmalloc.h" #include "log.h" #include "pathnames.h" #include "misc.h" #include "sftp.h" +#include "buffer.h" #include "sftp-common.h" #include "sftp-client.h" @@ -235,7 +254,7 @@ local_do_shell(const char *args) if (errno != EINTR) fatal("Couldn't wait for child: %s", strerror(errno)); if (!WIFEXITED(status)) - error("Shell exited abormally"); + error("Shell exited abnormally"); else if (WEXITSTATUS(status)) error("Shell exited with status %d", WEXITSTATUS(status)); } @@ -474,7 +493,7 @@ is_dir(char *path) if (stat(path, &sb) == -1) return(0); - return(sb.st_mode & S_IFDIR); + return(S_ISDIR(sb.st_mode)); } static int @@ -498,7 +517,7 @@ remote_is_dir(struct sftp_conn *conn, char *path) return(0); if (!(a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)) return(0); - return(a->perm & S_IFDIR); + return(S_ISDIR(a->perm)); } static int @@ -538,6 +557,7 @@ process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) if (g.gl_matchc == 1 && dst) { /* If directory specified, append filename */ + xfree(tmp); if (is_dir(dst)) { if (infer_path(g.gl_pathv[0], &tmp)) { err = 1; @@ -562,8 +582,6 @@ process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) out: xfree(abs_src); - if (abs_dst) - xfree(abs_dst); globfree(&g); return(err); } @@ -1280,6 +1298,7 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) if (parse_dispatch_command(conn, cmd, &pwd, 1) != 0) { xfree(dir); xfree(pwd); + xfree(conn); return (-1); } } else { @@ -1292,6 +1311,7 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) err = parse_dispatch_command(conn, cmd, &pwd, 1); xfree(dir); xfree(pwd); + xfree(conn); return (err); } xfree(dir); @@ -1356,6 +1376,7 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) break; } xfree(pwd); + xfree(conn); #ifdef USE_LIBEDIT if (el != NULL) @@ -1455,7 +1476,7 @@ main(int argc, char **argv) __progname = ssh_get_progname(argv[0]); memset(&args, '\0', sizeof(args)); args.list = NULL; - addargs(&args, ssh_program); + addargs(&args, "%s", ssh_program); addargs(&args, "-oForwardX11 no"); addargs(&args, "-oForwardAgent no"); addargs(&args, "-oPermitLocalCommand no"); diff --git a/crypto/openssh/sftp.h b/crypto/openssh/sftp.h index 675c608..610c0b7 100644 --- a/crypto/openssh/sftp.h +++ b/crypto/openssh/sftp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.h,v 1.4 2002/02/13 00:59:23 djm Exp $ */ +/* $OpenBSD: sftp.h,v 1.5 2006/03/25 22:22:43 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. diff --git a/crypto/openssh/ssh-agent.1 b/crypto/openssh/ssh-agent.1 index fd6bd3f..f1b8777 100644 --- a/crypto/openssh/ssh-agent.1 +++ b/crypto/openssh/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.43 2005/11/28 06:02:56 dtucker Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.44 2006/07/18 08:03:09 jmc Exp $ .\" .\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -70,7 +70,7 @@ The options are as follows: Bind the agent to the unix-domain socket .Ar bind_address . The default is -.Pa /tmp/ssh-XXXXXXXXXX/agent.<ppid> . +.Pa /tmp/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt . .It Fl c Generate C-shell commands on .Dv stdout . @@ -185,7 +185,7 @@ Contains the protocol version 1 RSA authentication identity of the user. Contains the protocol version 2 DSA authentication identity of the user. .It Pa ~/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of the user. -.It Pa /tmp/ssh-XXXXXXXXXX/agent.<ppid> +.It Pa /tmp/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt Unix-domain sockets used to contain the connection to the authentication agent. These sockets should only be readable by the owner. diff --git a/crypto/openssh/ssh-dss.c b/crypto/openssh/ssh-dss.c index 381b7de..fbc078e 100644 --- a/crypto/openssh/ssh-dss.c +++ b/crypto/openssh/ssh-dss.c @@ -1,3 +1,4 @@ +/* $OpenBSD: ssh-dss.c,v 1.23 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -23,14 +24,17 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-dss.c,v 1.19 2003/11/10 16:23:41 jakob Exp $"); + +#include <sys/types.h> #include <openssl/bn.h> #include <openssl/evp.h> +#include <stdarg.h> +#include <string.h> + #include "xmalloc.h" #include "buffer.h" -#include "bufaux.h" #include "compat.h" #include "log.h" #include "key.h" diff --git a/crypto/openssh/ssh-gss.h b/crypto/openssh/ssh-gss.h index 52fb49a..1ef66e4 100644 --- a/crypto/openssh/ssh-gss.h +++ b/crypto/openssh/ssh-gss.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-gss.h,v 1.5 2004/06/21 17:36:31 avsm Exp $ */ +/* $OpenBSD: ssh-gss.h,v 1.9 2006/08/18 14:40:34 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. * @@ -28,8 +28,6 @@ #ifdef GSSAPI -#include "buffer.h" - #ifdef HAVE_GSSAPI_H #include <gssapi.h> #elif defined(HAVE_GSSAPI_GSSAPI_H) @@ -120,6 +118,7 @@ void ssh_gssapi_delete_ctx(Gssctxt **); OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *); +int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *); /* In the server */ int ssh_gssapi_userok(char *name); diff --git a/crypto/openssh/ssh-keygen.c b/crypto/openssh/ssh-keygen.c index 64fadc7..969bd23 100644 --- a/crypto/openssh/ssh-keygen.c +++ b/crypto/openssh/ssh-keygen.c @@ -1,3 +1,4 @@ +/* $OpenBSD: ssh-keygen.c,v 1.154 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -12,28 +13,44 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.135 2005/11/29 02:04:55 dtucker Exp $"); + +#include <sys/types.h> +#include <sys/socket.h> +#include <sys/stat.h> +#include <sys/param.h> #include <openssl/evp.h> #include <openssl/pem.h> +#include <errno.h> +#include <fcntl.h> +#include <netdb.h> +#ifdef HAVE_PATHS_H +# include <paths.h> +#endif +#include <pwd.h> +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + #include "xmalloc.h" #include "key.h" #include "rsa.h" #include "authfile.h" #include "uuencode.h" #include "buffer.h" -#include "bufaux.h" #include "pathnames.h" #include "log.h" #include "misc.h" #include "match.h" #include "hostfile.h" +#include "dns.h" #ifdef SMARTCARD #include "scard.h" #endif -#include "dns.h" /* Number of bits in the RSA/DSA key. This value can be set on the command line. */ #define DEFAULT_BITS 2048 @@ -103,7 +120,7 @@ ask_filename(struct passwd *pw, const char *prompt) if (key_type_name == NULL) name = _PATH_SSH_CLIENT_ID_RSA; - else + else { switch (key_type_from_name(key_type_name)) { case KEY_RSA1: name = _PATH_SSH_CLIENT_IDENTITY; @@ -119,7 +136,7 @@ ask_filename(struct passwd *pw, const char *prompt) exit(1); break; } - + } snprintf(identity_file, sizeof(identity_file), "%s/%s", pw->pw_dir, name); fprintf(stderr, "%s (%s): ", prompt, identity_file); if (fgets(buf, sizeof(buf), stdin) == NULL) @@ -302,13 +319,44 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) return key; } +static int +get_line(FILE *fp, char *line, size_t len) +{ + int c; + size_t pos = 0; + + line[0] = '\0'; + while ((c = fgetc(fp)) != EOF) { + if (pos >= len - 1) { + fprintf(stderr, "input line too long.\n"); + exit(1); + } + switch (c) { + case '\r': + c = fgetc(fp); + if (c != EOF && c != '\n' && ungetc(c, fp) == EOF) { + fprintf(stderr, "unget: %s\n", strerror(errno)); + exit(1); + } + return pos; + case '\n': + return pos; + } + line[pos++] = c; + line[pos] = '\0'; + } + if (c == EOF) + return -1; + return pos; +} + static void do_convert_from_ssh2(struct passwd *pw) { Key *k; int blen; u_int len; - char line[1024], *p; + char line[1024]; u_char blob[8096]; char encoded[8096]; struct stat st; @@ -327,12 +375,8 @@ do_convert_from_ssh2(struct passwd *pw) exit(1); } encoded[0] = '\0'; - while (fgets(line, sizeof(line), fp)) { - if (!(p = strchr(line, '\n'))) { - fprintf(stderr, "input line too long.\n"); - exit(1); - } - if (p > line && p[-1] == '\\') + while ((blen = get_line(fp, line, sizeof(line))) != -1) { + if (line[blen - 1] == '\\') escaped++; if (strncmp(line, "----", 4) == 0 || strstr(line, ": ") != NULL) { @@ -349,7 +393,6 @@ do_convert_from_ssh2(struct passwd *pw) /* fprintf(stderr, "escaped: %s", line); */ continue; } - *p = '\0'; strlcat(encoded, line, sizeof(encoded)); } len = strlen(encoded); @@ -485,8 +528,10 @@ do_fingerprint(struct passwd *pw) xfree(fp); exit(0); } - if (comment) + if (comment) { xfree(comment); + comment = NULL; + } f = fopen(identity_file, "r"); if (f != NULL) { @@ -832,30 +877,32 @@ do_change_passphrase(struct passwd *pw) /* * Print the SSHFP RR. */ -static void -do_print_resource_record(struct passwd *pw, char *hname) +static int +do_print_resource_record(struct passwd *pw, char *fname, char *hname) { Key *public; char *comment = NULL; struct stat st; - if (!have_identity) + if (fname == NULL) ask_filename(pw, "Enter file in which the key is"); - if (stat(identity_file, &st) < 0) { - perror(identity_file); + if (stat(fname, &st) < 0) { + if (errno == ENOENT) + return 0; + perror(fname); exit(1); } - public = key_load_public(identity_file, &comment); + public = key_load_public(fname, &comment); if (public != NULL) { export_dns_rr(hname, public, stdout, print_generic); key_free(public); xfree(comment); - exit(0); + return 1; } if (comment) xfree(comment); - printf("failed to read v2 public key from %s.\n", identity_file); + printf("failed to read v2 public key from %s.\n", fname); exit(1); } @@ -1046,7 +1093,7 @@ main(int ac, char **av) "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) { switch (opt) { case 'b': - bits = strtonum(optarg, 768, 32768, &errstr); + bits = (u_int32_t)strtonum(optarg, 768, 32768, &errstr); if (errstr) fatal("Bits has bad value %s (%s)", optarg, errstr); @@ -1116,6 +1163,7 @@ main(int ac, char **av) break; case 'D': download = 1; + /*FALLTHROUGH*/ case 'U': reader_id = optarg; break; @@ -1132,19 +1180,20 @@ main(int ac, char **av) rr_hostname = optarg; break; case 'W': - generator_wanted = strtonum(optarg, 1, UINT_MAX, &errstr); + generator_wanted = (u_int32_t)strtonum(optarg, 1, + UINT_MAX, &errstr); if (errstr) fatal("Desired generator has bad value: %s (%s)", optarg, errstr); break; case 'a': - trials = strtonum(optarg, 1, UINT_MAX, &errstr); + trials = (u_int32_t)strtonum(optarg, 1, UINT_MAX, &errstr); if (errstr) fatal("Invalid number of trials: %s (%s)", optarg, errstr); break; case 'M': - memory = strtonum(optarg, 1, UINT_MAX, &errstr); + memory = (u_int32_t)strtonum(optarg, 1, UINT_MAX, &errstr); if (errstr) { fatal("Memory limit is %s: %s", errstr, optarg); } @@ -1198,7 +1247,27 @@ main(int ac, char **av) if (print_public) do_print_public(pw); if (rr_hostname != NULL) { - do_print_resource_record(pw, rr_hostname); + unsigned int n = 0; + + if (have_identity) { + n = do_print_resource_record(pw, + identity_file, rr_hostname); + if (n == 0) { + perror(identity_file); + exit(1); + } + exit(0); + } else { + + n += do_print_resource_record(pw, + _PATH_HOST_RSA_KEY_FILE, rr_hostname); + n += do_print_resource_record(pw, + _PATH_HOST_DSA_KEY_FILE, rr_hostname); + + if (n == 0) + fatal("no keys found."); + exit(0); + } } if (reader_id != NULL) { #ifdef SMARTCARD diff --git a/crypto/openssh/ssh-keysign.8 b/crypto/openssh/ssh-keysign.8 index a17e8d5..4cdcb7a 100644 --- a/crypto/openssh/ssh-keysign.8 +++ b/crypto/openssh/ssh-keysign.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keysign.8,v 1.7 2003/06/10 09:12:11 jmc Exp $ +.\" $OpenBSD: ssh-keysign.8,v 1.8 2006/02/24 20:22:16 jmc Exp $ .\" .\" Copyright (c) 2002 Markus Friedl. All rights reserved. .\" @@ -27,7 +27,7 @@ .Os .Sh NAME .Nm ssh-keysign -.Nd ssh helper program for hostbased authentication +.Nd ssh helper program for host-based authentication .Sh SYNOPSIS .Nm .Sh DESCRIPTION @@ -35,7 +35,7 @@ is used by .Xr ssh 1 to access the local host keys and generate the digital signature -required during hostbased authentication with SSH protocol version 2. +required during host-based authentication with SSH protocol version 2. .Pp .Nm is disabled by default and can only be enabled in the @@ -53,7 +53,7 @@ See .Xr ssh 1 and .Xr sshd 8 -for more information about hostbased authentication. +for more information about host-based authentication. .Sh FILES .Bl -tag -width Ds .It Pa /etc/ssh/ssh_config @@ -67,7 +67,7 @@ They should be owned by root, readable only by root, and not accessible to others. Since they are readable only by root, .Nm -must be set-uid root if hostbased authentication is used. +must be set-uid root if host-based authentication is used. .El .Sh SEE ALSO .Xr ssh 1 , diff --git a/crypto/openssh/ssh-keysign.c b/crypto/openssh/ssh-keysign.c index dae3a2e..c4bc7e5 100644 --- a/crypto/openssh/ssh-keysign.c +++ b/crypto/openssh/ssh-keysign.c @@ -1,3 +1,4 @@ +/* $OpenBSD: ssh-keysign.c,v 1.29 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -21,21 +22,30 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + #include "includes.h" -RCSID("$OpenBSD: ssh-keysign.c,v 1.19 2005/09/13 23:40:07 djm Exp $"); + +#include <fcntl.h> +#ifdef HAVE_PATHS_H +#include <paths.h> +#endif +#include <pwd.h> +#include <stdarg.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> #include <openssl/evp.h> #include <openssl/rand.h> #include <openssl/rsa.h> +#include "xmalloc.h" #include "log.h" #include "key.h" #include "ssh.h" #include "ssh2.h" #include "misc.h" -#include "xmalloc.h" #include "buffer.h" -#include "bufaux.h" #include "authfile.h" #include "msg.h" #include "canohost.h" @@ -64,9 +74,9 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data, buffer_init(&b); buffer_append(&b, data, datalen); - /* session id, currently limited to SHA1 (20 bytes) */ + /* session id, currently limited to SHA1 (20 bytes) or SHA256 (32) */ p = buffer_get_string(&b, &len); - if (len != 20) + if (len != 20 && len != 32) fail++; xfree(p); @@ -140,7 +150,7 @@ main(int argc, char **argv) { Buffer b; Options options; - Key *keys[2], *key; + Key *keys[2], *key = NULL; struct passwd *pw; int key_fd[2], i, found, version = 2, fd; u_char *signature, *data; diff --git a/crypto/openssh/ssh-rand-helper.c b/crypto/openssh/ssh-rand-helper.c index 87e52cf..8520c3a 100644 --- a/crypto/openssh/ssh-rand-helper.c +++ b/crypto/openssh/ssh-rand-helper.c @@ -24,6 +24,29 @@ #include "includes.h" +#include <sys/types.h> +#include <sys/resource.h> +#include <sys/stat.h> +#include <sys/wait.h> +#include <sys/socket.h> + +#include <stdarg.h> +#include <stddef.h> + +#include <netinet/in.h> +#include <arpa/inet.h> + +#ifdef HAVE_SYS_UN_H +# include <sys/un.h> +#endif + +#include <errno.h> +#include <fcntl.h> +#include <pwd.h> +#include <signal.h> +#include <time.h> +#include <unistd.h> + #include <openssl/rand.h> #include <openssl/sha.h> #include <openssl/crypto.h> @@ -39,8 +62,6 @@ #include "pathnames.h" #include "log.h" -RCSID("$Id: ssh-rand-helper.c,v 1.26 2005/07/17 07:26:44 djm Exp $"); - /* Number of bytes we write out */ #define OUTPUT_SEED_SIZE 48 @@ -564,7 +585,8 @@ prng_write_seedfile(void) /* Try to ensure that the parent directory is there */ snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, _PATH_SSH_USER_DIR); - mkdir(filename, 0700); + if (mkdir(filename, 0700) < 0 && errno != EEXIST) + fatal("mkdir %.200s: %s", filename, strerror(errno)); snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, SSH_PRNG_SEED_FILE); @@ -665,8 +687,7 @@ prng_read_commands(char *cmdfilename) } num_cmds = 64; - entcmd = xmalloc(num_cmds * sizeof(entropy_cmd_t)); - memset(entcmd, '\0', num_cmds * sizeof(entropy_cmd_t)); + entcmd = xcalloc(num_cmds, sizeof(entropy_cmd_t)); /* Read in file */ cur_cmd = linenum = 0; @@ -759,7 +780,7 @@ prng_read_commands(char *cmdfilename) */ if (cur_cmd == num_cmds) { num_cmds *= 2; - entcmd = xrealloc(entcmd, num_cmds * + entcmd = xrealloc(entcmd, num_cmds, sizeof(entropy_cmd_t)); } } @@ -768,12 +789,13 @@ prng_read_commands(char *cmdfilename) memset(&entcmd[cur_cmd], '\0', sizeof(entropy_cmd_t)); /* trim to size */ - entropy_cmds = xrealloc(entcmd, (cur_cmd + 1) * + entropy_cmds = xrealloc(entcmd, (cur_cmd + 1), sizeof(entropy_cmd_t)); debug("Loaded %d entropy commands from %.100s", cur_cmd, cmdfilename); + fclose(f); return cur_cmd < MIN_ENTROPY_SOURCES ? -1 : 0; } diff --git a/crypto/openssh/ssh-rsa.c b/crypto/openssh/ssh-rsa.c index eb422d0..0e16ff8 100644 --- a/crypto/openssh/ssh-rsa.c +++ b/crypto/openssh/ssh-rsa.c @@ -1,3 +1,4 @@ +/* $OpenBSD: ssh-rsa.c,v 1.39 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> * @@ -13,16 +14,20 @@ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + #include "includes.h" -RCSID("$OpenBSD: ssh-rsa.c,v 1.32 2005/06/17 02:44:33 djm Exp $"); + +#include <sys/types.h> #include <openssl/evp.h> #include <openssl/err.h> +#include <stdarg.h> +#include <string.h> + #include "xmalloc.h" #include "log.h" #include "buffer.h" -#include "bufaux.h" #include "key.h" #include "compat.h" #include "ssh.h" @@ -62,6 +67,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp, if (ok != 1) { int ecode = ERR_get_error(); + error("ssh_rsa_sign: RSA_sign failed: %s", ERR_error_string(ecode, NULL)); xfree(sig); @@ -144,7 +150,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, u_int diff = modlen - len; debug("ssh_rsa_verify: add padding: modlen %u > len %u", modlen, len); - sigblob = xrealloc(sigblob, modlen); + sigblob = xrealloc(sigblob, 1, modlen); memmove(sigblob + diff, sigblob, len); memset(sigblob, 0, diff); len = modlen; @@ -220,7 +226,6 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen, break; default: goto done; - break; } if (hashlen != hlen) { error("bad hashlen"); diff --git a/crypto/openssh/ssh1.h b/crypto/openssh/ssh1.h index 1741c22..353d930 100644 --- a/crypto/openssh/ssh1.h +++ b/crypto/openssh/ssh1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh1.h,v 1.5 2004/10/20 11:48:53 markus Exp $ */ +/* $OpenBSD: ssh1.h,v 1.6 2006/03/25 22:22:43 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/ssh2.h b/crypto/openssh/ssh2.h index fb491c9..cf56bc4 100644 --- a/crypto/openssh/ssh2.h +++ b/crypto/openssh/ssh2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh2.h,v 1.9 2003/05/14 00:52:59 markus Exp $ */ +/* $OpenBSD: ssh2.h,v 1.10 2006/03/25 22:22:43 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. diff --git a/crypto/openssh/sshpty.h b/crypto/openssh/sshpty.h index c0678de..7fac622 100644 --- a/crypto/openssh/sshpty.h +++ b/crypto/openssh/sshpty.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshpty.h,v 1.5 2004/05/08 00:01:37 deraadt Exp $ */ +/* $OpenBSD: sshpty.h,v 1.10 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -14,17 +14,14 @@ * called by a name other than "ssh" or "Secure Shell". */ -#ifndef SSHPTY_H -#define SSHPTY_H +#include <termios.h> struct termios get_saved_tio(void); void leave_raw_mode(void); void enter_raw_mode(void); -int pty_allocate(int *, int *, char *, int); +int pty_allocate(int *, int *, char *, size_t); void pty_release(const char *); void pty_make_controlling_tty(int *, const char *); -void pty_change_window_size(int, int, int, int, int); +void pty_change_window_size(int, u_int, u_int, u_int, u_int); void pty_setowner(struct passwd *, const char *); - -#endif /* SSHPTY_H */ diff --git a/crypto/openssh/sshtty.c b/crypto/openssh/sshtty.c index 0b17c3e..0456766 100644 --- a/crypto/openssh/sshtty.c +++ b/crypto/openssh/sshtty.c @@ -1,3 +1,4 @@ +/* $OpenBSD: sshtty.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -35,10 +36,13 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshtty.c,v 1.6 2004/05/08 00:01:37 deraadt Exp $"); + +#include <sys/types.h> +#include <stdio.h> +#include <termios.h> +#include <pwd.h> #include "sshpty.h" -#include "log.h" static struct termios _saved_tio; static int _in_raw_mode = 0; diff --git a/crypto/openssh/ttymodes.c b/crypto/openssh/ttymodes.c index cf4c7d5..d8e2c55 100644 --- a/crypto/openssh/ttymodes.c +++ b/crypto/openssh/ttymodes.c @@ -1,3 +1,4 @@ +/* $OpenBSD: ttymodes.c,v 1.26 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -43,14 +44,19 @@ */ #include "includes.h" -RCSID("$OpenBSD: ttymodes.c,v 1.19 2003/04/08 20:21:29 itojun Exp $"); + +#include <sys/types.h> + +#include <errno.h> +#include <string.h> +#include <termios.h> +#include <stdarg.h> #include "packet.h" #include "log.h" #include "ssh1.h" #include "compat.h" #include "buffer.h" -#include "bufaux.h" #define TTY_OP_END 0 /* @@ -384,7 +390,8 @@ tty_parse_modes(int fd, int *n_bytes_ptr) n_bytes += 4; baud = packet_get_int(); debug3("tty_parse_modes: ispeed %d", baud); - if (failure != -1 && cfsetispeed(&tio, baud_to_speed(baud)) == -1) + if (failure != -1 && + cfsetispeed(&tio, baud_to_speed(baud)) == -1) error("cfsetispeed failed for %d", baud); break; @@ -394,7 +401,8 @@ tty_parse_modes(int fd, int *n_bytes_ptr) n_bytes += 4; baud = packet_get_int(); debug3("tty_parse_modes: ospeed %d", baud); - if (failure != -1 && cfsetospeed(&tio, baud_to_speed(baud)) == -1) + if (failure != -1 && + cfsetospeed(&tio, baud_to_speed(baud)) == -1) error("cfsetospeed failed for %d", baud); break; @@ -442,11 +450,12 @@ tty_parse_modes(int fd, int *n_bytes_ptr) /* * It is a truly undefined opcode (160 to 255). * We have no idea about its arguments. So we - * must stop parsing. Note that some data may be - * left in the packet; hopefully there is nothing - * more coming after the mode data. + * must stop parsing. Note that some data + * may be left in the packet; hopefully there + * is nothing more coming after the mode data. */ - logit("parse_tty_modes: unknown opcode %d", opcode); + logit("parse_tty_modes: unknown opcode %d", + opcode); goto set; } } else { @@ -462,7 +471,8 @@ tty_parse_modes(int fd, int *n_bytes_ptr) (void) packet_get_int(); break; } else { - logit("parse_tty_modes: unknown opcode %d", opcode); + logit("parse_tty_modes: unknown opcode %d", + opcode); goto set; } } diff --git a/crypto/openssh/ttymodes.h b/crypto/openssh/ttymodes.h index 481282c..4d848fe 100644 --- a/crypto/openssh/ttymodes.h +++ b/crypto/openssh/ttymodes.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ttymodes.h,v 1.13 2004/07/11 17:48:47 deraadt Exp $ */ +/* $OpenBSD: ttymodes.h,v 1.14 2006/03/25 22:22:43 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> diff --git a/crypto/openssh/uidswap.c b/crypto/openssh/uidswap.c index aab7064eb..91d878c 100644 --- a/crypto/openssh/uidswap.c +++ b/crypto/openssh/uidswap.c @@ -1,3 +1,4 @@ +/* $OpenBSD: uidswap.c,v 1.35 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -12,7 +13,15 @@ */ #include "includes.h" -RCSID("$OpenBSD: uidswap.c,v 1.24 2003/05/29 16:58:45 deraadt Exp $"); + +#include <sys/param.h> +#include <errno.h> +#include <pwd.h> +#include <string.h> +#include <unistd.h> +#include <stdarg.h> + +#include <grp.h> #include "log.h" #include "uidswap.h" @@ -77,7 +86,7 @@ temporarily_use_uid(struct passwd *pw) fatal("getgroups: %.100s", strerror(errno)); if (saved_egroupslen > 0) { saved_egroups = xrealloc(saved_egroups, - saved_egroupslen * sizeof(gid_t)); + saved_egroupslen, sizeof(gid_t)); if (getgroups(saved_egroupslen, saved_egroups) < 0) fatal("getgroups: %.100s", strerror(errno)); } else { /* saved_egroupslen == 0 */ @@ -96,7 +105,7 @@ temporarily_use_uid(struct passwd *pw) fatal("getgroups: %.100s", strerror(errno)); if (user_groupslen > 0) { user_groups = xrealloc(user_groups, - user_groupslen * sizeof(gid_t)); + user_groupslen, sizeof(gid_t)); if (getgroups(user_groupslen, user_groups) < 0) fatal("getgroups: %.100s", strerror(errno)); } else { /* user_groupslen == 0 */ @@ -123,6 +132,41 @@ temporarily_use_uid(struct passwd *pw) strerror(errno)); } +void +permanently_drop_suid(uid_t uid) +{ + uid_t old_uid = getuid(); + + debug("permanently_drop_suid: %u", (u_int)uid); +#if defined(HAVE_SETRESUID) && !defined(BROKEN_SETRESUID) + if (setresuid(uid, uid, uid) < 0) + fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno)); +#elif defined(HAVE_SETREUID) && !defined(BROKEN_SETREUID) + if (setreuid(uid, uid) < 0) + fatal("setreuid %u: %.100s", (u_int)uid, strerror(errno)); +#else +# ifndef SETEUID_BREAKS_SETUID + if (seteuid(uid) < 0) + fatal("seteuid %u: %.100s", (u_int)uid, strerror(errno)); +# endif + if (setuid(uid) < 0) + fatal("setuid %u: %.100s", (u_int)uid, strerror(errno)); +#endif + +#ifndef HAVE_CYGWIN + /* Try restoration of UID if changed (test clearing of saved uid) */ + if (old_uid != uid && + (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) + fatal("%s: was able to restore old [e]uid", __func__); +#endif + + /* Verify UID drop was successful */ + if (getuid() != uid || geteuid() != uid) { + fatal("%s: euid incorrect uid:%u euid:%u (should be %u)", + __func__, (u_int)getuid(), (u_int)geteuid(), (u_int)uid); + } +} + /* * Restores to the original (privileged) uid. */ @@ -169,6 +213,8 @@ permanently_set_uid(struct passwd *pw) uid_t old_uid = getuid(); gid_t old_gid = getgid(); + if (pw == NULL) + fatal("permanently_set_uid: no user given"); if (temporarily_use_uid_effective) fatal("permanently_set_uid: temporarily_use_uid effective"); debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid, diff --git a/crypto/openssh/uidswap.h b/crypto/openssh/uidswap.h index 0726980..1c1163d 100644 --- a/crypto/openssh/uidswap.h +++ b/crypto/openssh/uidswap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: uidswap.h,v 1.9 2001/06/26 17:27:25 markus Exp $ */ +/* $OpenBSD: uidswap.h,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -12,11 +12,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -#ifndef UIDSWAP_H -#define UIDSWAP_H - void temporarily_use_uid(struct passwd *); void restore_uid(void); void permanently_set_uid(struct passwd *); - -#endif /* UIDSWAP_H */ +void permanently_drop_suid(uid_t); diff --git a/crypto/openssh/uuencode.c b/crypto/openssh/uuencode.c index 0a7c8d1..a139495 100644 --- a/crypto/openssh/uuencode.c +++ b/crypto/openssh/uuencode.c @@ -1,3 +1,4 @@ +/* $OpenBSD: uuencode.c,v 1.24 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -23,7 +24,11 @@ */ #include "includes.h" -RCSID("$OpenBSD: uuencode.c,v 1.17 2003/11/10 16:23:41 jakob Exp $"); + +#include <sys/types.h> +#include <netinet/in.h> +#include <resolv.h> +#include <stdio.h> #include "xmalloc.h" #include "uuencode.h" @@ -58,9 +63,14 @@ uudecode(const char *src, u_char *target, size_t targsize) void dump_base64(FILE *fp, u_char *data, u_int len) { - char *buf = xmalloc(2*len); + char *buf; int i, n; + if (len > 65536) { + fprintf(fp, "dump_base64: len > 65536\n"); + return; + } + buf = xmalloc(2*len); n = uuencode(data, len, buf, 2*len); for (i = 0; i < n; i++) { fprintf(fp, "%c", buf[i]); diff --git a/crypto/openssh/uuencode.h b/crypto/openssh/uuencode.h index 08e87c4..fec55b4 100644 --- a/crypto/openssh/uuencode.h +++ b/crypto/openssh/uuencode.h @@ -1,4 +1,4 @@ -/* $OpenBSD: uuencode.h,v 1.10 2003/11/10 16:23:41 jakob Exp $ */ +/* $OpenBSD: uuencode.h,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -24,9 +24,6 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef UUENCODE_H -#define UUENCODE_H int uuencode(const u_char *, u_int, char *, size_t); int uudecode(const char *, u_char *, size_t); void dump_base64(FILE *, u_char *, u_int); -#endif diff --git a/crypto/openssh/xmalloc.c b/crypto/openssh/xmalloc.c index 99c6ac3..9985b4c 100644 --- a/crypto/openssh/xmalloc.c +++ b/crypto/openssh/xmalloc.c @@ -1,3 +1,4 @@ +/* $OpenBSD: xmalloc.c,v 1.27 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -13,7 +14,12 @@ */ #include "includes.h" -RCSID("$OpenBSD: xmalloc.c,v 1.16 2001/07/23 18:21:46 stevesk Exp $"); + +#include <sys/param.h> +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> #include "xmalloc.h" #include "log.h" @@ -32,18 +38,38 @@ xmalloc(size_t size) } void * -xrealloc(void *ptr, size_t new_size) +xcalloc(size_t nmemb, size_t size) +{ + void *ptr; + + if (size == 0 || nmemb == 0) + fatal("xcalloc: zero size"); + if (SIZE_T_MAX / nmemb < size) + fatal("xcalloc: nmemb * size > SIZE_T_MAX"); + ptr = calloc(nmemb, size); + if (ptr == NULL) + fatal("xcalloc: out of memory (allocating %lu bytes)", + (u_long)(size * nmemb)); + return ptr; +} + +void * +xrealloc(void *ptr, size_t nmemb, size_t size) { void *new_ptr; + size_t new_size = nmemb * size; if (new_size == 0) fatal("xrealloc: zero size"); + if (SIZE_T_MAX / nmemb < size) + fatal("xrealloc: nmemb * size > SIZE_T_MAX"); if (ptr == NULL) new_ptr = malloc(new_size); else new_ptr = realloc(ptr, new_size); if (new_ptr == NULL) - fatal("xrealloc: out of memory (new_size %lu bytes)", (u_long) new_size); + fatal("xrealloc: out of memory (new_size %lu bytes)", + (u_long) new_size); return new_ptr; } @@ -66,3 +92,19 @@ xstrdup(const char *str) strlcpy(cp, str, len); return cp; } + +int +xasprintf(char **ret, const char *fmt, ...) +{ + va_list ap; + int i; + + va_start(ap, fmt); + i = vasprintf(ret, fmt, ap); + va_end(ap); + + if (i < 0 || *ret == NULL) + fatal("xasprintf: could not allocate memory"); + + return (i); +} diff --git a/crypto/openssh/xmalloc.h b/crypto/openssh/xmalloc.h index 7ac4b13..fb217a4 100644 --- a/crypto/openssh/xmalloc.h +++ b/crypto/openssh/xmalloc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: xmalloc.h,v 1.9 2002/06/19 00:27:55 deraadt Exp $ */ +/* $OpenBSD: xmalloc.h,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -16,12 +16,11 @@ * called by a name other than "ssh" or "Secure Shell". */ -#ifndef XMALLOC_H -#define XMALLOC_H - void *xmalloc(size_t); -void *xrealloc(void *, size_t); +void *xcalloc(size_t, size_t); +void *xrealloc(void *, size_t, size_t); void xfree(void *); char *xstrdup(const char *); - -#endif /* XMALLOC_H */ +int xasprintf(char **, const char *, ...) + __attribute__((__format__ (printf, 2, 3))) + __attribute__((__nonnull__ (2))); |
