diff options
| author | des <des@FreeBSD.org> | 2005-09-03 07:04:25 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2005-09-03 07:04:25 +0000 |
| commit | 88c7c9558ba88abbcc00dcd9133b4996eff74033 (patch) | |
| tree | 15c858fecc18a67f9dcc639fd5be6afa6ed7037f /crypto | |
| parent | 1ea3628aba1278f27d571a26380b4e91155d3973 (diff) | |
| download | FreeBSD-src-88c7c9558ba88abbcc00dcd9133b4996eff74033.zip FreeBSD-src-88c7c9558ba88abbcc00dcd9133b4996eff74033.tar.gz | |
Resolve conflicts.
Diffstat (limited to 'crypto')
55 files changed, 1397 insertions, 1006 deletions
diff --git a/crypto/openssh/LICENCE b/crypto/openssh/LICENCE index ae03eb3..ac3634f 100644 --- a/crypto/openssh/LICENCE +++ b/crypto/openssh/LICENCE @@ -204,6 +204,7 @@ OpenSSH contains no GPL code. William Jones Darren Tucker Sun Microsystems + The SCO Group * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -255,6 +256,7 @@ OpenSSH contains no GPL code. Damien Miller Eric P. Allman The Regents of the University of California + Constantin S. Svintsoff * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/crypto/openssh/acconfig.h b/crypto/openssh/acconfig.h index 2daf603..338aa7a 100644 --- a/crypto/openssh/acconfig.h +++ b/crypto/openssh/acconfig.h @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.181 2005/02/25 23:07:38 dtucker Exp $ */ +/* $Id: acconfig.h,v 1.183 2005/07/07 10:33:36 dtucker Exp $ */ /* $FreeBSD$ */ /* @@ -120,9 +120,6 @@ /* Define if you are on NeXT */ #undef HAVE_NEXT -/* Define if you are on NEWS-OS */ -#undef HAVE_NEWS4 - /* Define if you want to enable PAM support */ #undef USE_PAM @@ -206,9 +203,6 @@ /* Define if you don't want to use lastlog in session.c */ #undef NO_SSH_LASTLOG -/* Define if have krb5_init_ets */ -#undef KRB5_INIT_ETS - /* Define if you don't want to use utmp */ #undef DISABLE_UTMP diff --git a/crypto/openssh/auth-krb5.c b/crypto/openssh/auth-krb5.c index a8c69fa..7e5a614 100644 --- a/crypto/openssh/auth-krb5.c +++ b/crypto/openssh/auth-krb5.c @@ -55,9 +55,6 @@ krb5_init(void *context) problem = krb5_init_context(&authctxt->krb5_ctx); if (problem) return (problem); -#ifdef KRB5_INIT_ETS - krb5_init_ets(authctxt->krb5_ctx); -#endif } return (0); } @@ -68,9 +65,6 @@ auth_krb5_password(Authctxt *authctxt, const char *password) #ifndef HEIMDAL krb5_creds creds; krb5_principal server; - char ccname[40]; - int tmpfd; - mode_t old_umask; #endif krb5_error_code problem; krb5_ccache ccache = NULL; @@ -147,26 +141,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) goto out; } - snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); - - old_umask = umask(0177); - tmpfd = mkstemp(ccname + strlen("FILE:")); - umask(old_umask); - if (tmpfd == -1) { - logit("mkstemp(): %.100s", strerror(errno)); - problem = errno; - goto out; - } - - if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { - logit("fchmod(): %.100s", strerror(errno)); - close(tmpfd); - problem = errno; - goto out; - } - close(tmpfd); - - problem = krb5_cc_resolve(authctxt->krb5_ctx, ccname, &authctxt->krb5_fwd_ccache); + problem = ssh_krb5_cc_gen(authctxt->krb5_ctx, &authctxt->krb5_fwd_ccache); if (problem) goto out; @@ -235,4 +210,34 @@ krb5_cleanup_proc(Authctxt *authctxt) } } +#ifndef HEIMDAL +krb5_error_code +ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { + int tmpfd, ret; + char ccname[40]; + mode_t old_umask; + + ret = snprintf(ccname, sizeof(ccname), + "FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid()); + if (ret == -1 || ret >= sizeof(ccname)) + return ENOMEM; + + old_umask = umask(0177); + tmpfd = mkstemp(ccname + strlen("FILE:")); + umask(old_umask); + if (tmpfd == -1) { + logit("mkstemp(): %.100s", strerror(errno)); + return errno; + } + + if (fchmod(tmpfd,S_IRUSR | S_IWUSR) == -1) { + logit("fchmod(): %.100s", strerror(errno)); + close(tmpfd); + return errno; + } + close(tmpfd); + + return (krb5_cc_resolve(ctx, ccname, ccache)); +} +#endif /* !HEIMDAL */ #endif /* KRB5 */ diff --git a/crypto/openssh/auth-pam.c b/crypto/openssh/auth-pam.c index cc11445..ef87bfb 100644 --- a/crypto/openssh/auth-pam.c +++ b/crypto/openssh/auth-pam.c @@ -47,7 +47,7 @@ /* Based on $xFreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ #include "includes.h" -RCSID("$Id: auth-pam.c,v 1.122 2005/05/25 06:18:10 dtucker Exp $"); +RCSID("$Id: auth-pam.c,v 1.126 2005/07/17 07:18:50 djm Exp $"); RCSID("$FreeBSD$"); #ifdef USE_PAM @@ -57,6 +57,13 @@ RCSID("$FreeBSD$"); #include <pam/pam_appl.h> #endif +/* OpenGroup RFC86.0 and XSSO specify no "const" on arguments */ +#ifdef PAM_SUN_CODEBASE +# define sshpam_const /* Solaris, HP-UX, AIX */ +#else +# define sshpam_const const /* LinuxPAM, OpenPAM */ +#endif + #include "auth.h" #include "auth-pam.h" #include "buffer.h" @@ -117,14 +124,14 @@ static struct pam_ctxt *cleanup_ctxt; static int sshpam_thread_status = -1; static mysig_t sshpam_oldsig; -static void +static void sshpam_sigchld_handler(int sig) { signal(SIGCHLD, SIG_DFL); if (cleanup_ctxt == NULL) return; /* handler called after PAM cleanup, shouldn't happen */ if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, WNOHANG) - <= 0) { + <= 0) { /* PAM thread has not exitted, privsep slave must have */ kill(cleanup_ctxt->pam_thread, SIGTERM); if (waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, 0) @@ -151,6 +158,7 @@ pthread_create(sp_pthread_t *thread, const void *attr __unused, void *(*thread_start)(void *), void *arg) { pid_t pid; + struct pam_ctxt *ctx = arg; sshpam_thread_status = -1; switch ((pid = fork())) { @@ -158,10 +166,14 @@ pthread_create(sp_pthread_t *thread, const void *attr __unused, error("fork(): %s", strerror(errno)); return (-1); case 0: + close(ctx->pam_psock); + ctx->pam_psock = -1; thread_start(arg); _exit(1); default: *thread = pid; + close(ctx->pam_csock); + ctx->pam_csock = -1; sshpam_oldsig = signal(SIGCHLD, sshpam_sigchld_handler); return (0); } @@ -301,7 +313,7 @@ import_environments(Buffer *b) * Conversation function for authentication thread. */ static int -sshpam_thread_conv(int n, struct pam_message **msg, +sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, struct pam_response **resp, void *data) { Buffer buffer; @@ -400,8 +412,10 @@ sshpam_thread(void *ctxtp) char **env_from_pam; u_int i; const char *pam_user; + const char **ptr_pam_user = &pam_user; - pam_get_item(sshpam_handle, PAM_USER, (void **)&pam_user); + pam_get_item(sshpam_handle, PAM_USER, + (sshpam_const void **)ptr_pam_user); environ[0] = NULL; if (sshpam_authctxt != NULL) { @@ -493,7 +507,7 @@ sshpam_thread_cleanup(void) } static int -sshpam_null_conv(int n, struct pam_message **msg, +sshpam_null_conv(int n, sshpam_const struct pam_message **msg, struct pam_response **resp, void *data) { debug3("PAM: %s entering, %d messages", __func__, n); @@ -503,7 +517,7 @@ sshpam_null_conv(int n, struct pam_message **msg, static struct pam_conv null_conv = { sshpam_null_conv, NULL }; static int -sshpam_store_conv(int n, struct pam_message **msg, +sshpam_store_conv(int n, sshpam_const struct pam_message **msg, struct pam_response **resp, void *data) { struct pam_response *reply; @@ -572,11 +586,12 @@ sshpam_init(Authctxt *authctxt) { extern char *__progname; const char *pam_rhost, *pam_user, *user = authctxt->user; + const char **ptr_pam_user = &pam_user; if (sshpam_handle != NULL) { /* We already have a PAM context; check if the user matches */ sshpam_err = pam_get_item(sshpam_handle, - PAM_USER, (void **)&pam_user); + PAM_USER, (sshpam_const void **)ptr_pam_user); if (sshpam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0) return (0); pam_end(sshpam_handle, sshpam_err); @@ -766,7 +781,7 @@ sshpam_respond(void *ctx, u_int num, char **resp) buffer_init(&buffer); if (sshpam_authctxt->valid && (sshpam_authctxt->pw->pw_uid != 0 || - options.permit_root_login == PERMIT_YES)) + options.permit_root_login == PERMIT_YES)) buffer_put_cstring(&buffer, *resp); else buffer_put_cstring(&buffer, badpw); @@ -839,7 +854,7 @@ do_pam_account(void) sshpam_err = pam_acct_mgmt(sshpam_handle, 0); debug3("PAM: %s pam_acct_mgmt = %d (%s)", __func__, sshpam_err, pam_strerror(sshpam_handle, sshpam_err)); - + if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) { sshpam_account_status = 0; return (sshpam_account_status); @@ -892,7 +907,7 @@ do_pam_setcred(int init) } static int -sshpam_tty_conv(int n, struct pam_message **msg, +sshpam_tty_conv(int n, sshpam_const struct pam_message **msg, struct pam_response **resp, void *data) { char input[PAM_MAX_MSG_SIZE]; @@ -1051,7 +1066,7 @@ free_pam_environment(char **env) * display. */ static int -sshpam_passwd_conv(int n, struct pam_message **msg, +sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg, struct pam_response **resp, void *data) { struct pam_response *reply; @@ -1097,7 +1112,7 @@ sshpam_passwd_conv(int n, struct pam_message **msg, *resp = reply; return (PAM_SUCCESS); - fail: + fail: for(i = 0; i < n; i++) { if (reply[i].resp != NULL) xfree(reply[i].resp); @@ -1130,7 +1145,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password) * information via timing (eg if the PAM config has a delay on fail). */ if (!authctxt->valid || (authctxt->pw->pw_uid == 0 && - options.permit_root_login != PERMIT_YES)) + options.permit_root_login != PERMIT_YES)) sshpam_password = badpw; sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, @@ -1144,7 +1159,7 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password) if (sshpam_err == PAM_SUCCESS && authctxt->valid) { debug("PAM: password authentication accepted for %.100s", authctxt->user); - return 1; + return 1; } else { debug("PAM: password authentication failed for %.100s: %s", authctxt->valid ? authctxt->user : "an illegal user", diff --git a/crypto/openssh/auth-passwd.c b/crypto/openssh/auth-passwd.c index 3ce5ba4..c5d52b2 100644 --- a/crypto/openssh/auth-passwd.c +++ b/crypto/openssh/auth-passwd.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-passwd.c,v 1.33 2005/01/24 11:47:13 dtucker Exp $"); +RCSID("$OpenBSD: auth-passwd.c,v 1.34 2005/07/19 15:32:26 otto Exp $"); RCSID("$FreeBSD$"); #include "packet.h" @@ -164,6 +164,8 @@ sys_auth_passwd(Authctxt *authctxt, const char *password) as = auth_usercheck(pw->pw_name, authctxt->style, "auth-ssh", (char *)password); + if (as == NULL) + return (0); if (auth_getstate(as) & AUTH_PWEXPIRED) { auth_close(as); disable_forwarding(); diff --git a/crypto/openssh/auth-rh-rsa.c b/crypto/openssh/auth-rh-rsa.c index 29eb538..c31f2b9 100644 --- a/crypto/openssh/auth-rh-rsa.c +++ b/crypto/openssh/auth-rh-rsa.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rh-rsa.c,v 1.37 2003/11/04 08:54:09 djm Exp $"); +RCSID("$OpenBSD: auth-rh-rsa.c,v 1.38 2005/07/17 07:17:54 djm Exp $"); #include "packet.h" #include "uidswap.h" @@ -86,7 +86,7 @@ auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key) */ verbose("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.", - pw->pw_name, cuser, chost); + pw->pw_name, cuser, chost); packet_send_debug("Rhosts with RSA host authentication accepted."); return 1; } diff --git a/crypto/openssh/auth-rsa.c b/crypto/openssh/auth-rsa.c index 4378008..d9c9652 100644 --- a/crypto/openssh/auth-rsa.c +++ b/crypto/openssh/auth-rsa.c @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.62 2004/12/11 01:48:56 dtucker Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.63 2005/06/17 02:44:32 djm Exp $"); #include <openssl/rsa.h> #include <openssl/md5.h> @@ -205,6 +205,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { char *cp; char *key_options; + int keybits; /* Skip leading whitespace, empty and comment lines. */ for (cp = line; *cp == ' ' || *cp == '\t'; cp++) @@ -243,7 +244,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) continue; /* check the real bits */ - if (bits != BN_num_bits(key->rsa->n)) + keybits = BN_num_bits(key->rsa->n); + if (keybits < 0 || bits != (u_int)keybits) logit("Warning: %s, line %lu: keysize mismatch: " "actual %d vs. announced %d.", file, linenum, BN_num_bits(key->rsa->n), bits); diff --git a/crypto/openssh/auth-skey.c b/crypto/openssh/auth-skey.c index 331e9a7..c37eba5 100644 --- a/crypto/openssh/auth-skey.c +++ b/crypto/openssh/auth-skey.c @@ -56,7 +56,7 @@ skey_query(void *ctx, char **name, char **infotxt, int len; struct skey skey; - if (_compat_skeychallenge(&skey, authctxt->user, challenge, + if (_compat_skeychallenge(&skey, authctxt->user, challenge, sizeof(challenge)) == -1) return -1; diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c index 9419b66..228fe42 100644 --- a/crypto/openssh/auth.c +++ b/crypto/openssh/auth.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.58 2005/03/14 11:44:42 dtucker Exp $"); +RCSID("$OpenBSD: auth.c,v 1.60 2005/06/17 02:44:32 djm Exp $"); RCSID("$FreeBSD$"); #ifdef HAVE_LOGIN_H @@ -77,7 +77,7 @@ allowed_user(struct passwd * pw) struct stat st; const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL; char *shell; - int i; + u_int i; #ifdef USE_SHADOW struct spwd *spw = NULL; #endif @@ -98,7 +98,11 @@ allowed_user(struct passwd * pw) /* grab passwd field for locked account check */ #ifdef USE_SHADOW if (spw != NULL) +#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF) + passwd = get_iaf_password(pw); +#else passwd = spw->sp_pwdp; +#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */ #else passwd = pw->pw_passwd; #endif @@ -120,6 +124,9 @@ allowed_user(struct passwd * pw) if (strstr(passwd, LOCKED_PASSWD_SUBSTR)) locked = 1; #endif +#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF) + free(passwd); +#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */ if (locked) { logit("User %.100s not allowed because account is locked", pw->pw_name); @@ -327,64 +334,41 @@ auth_root_allowed(char *method) * * This returns a buffer allocated by xmalloc. */ -char * -expand_filename(const char *filename, struct passwd *pw) +static char * +expand_authorized_keys(const char *filename, struct passwd *pw) { - Buffer buffer; - char *file; - const char *cp; + char *file, *ret; - /* - * Build the filename string in the buffer by making the appropriate - * substitutions to the given file name. - */ - buffer_init(&buffer); - for (cp = filename; *cp; cp++) { - if (cp[0] == '%' && cp[1] == '%') { - buffer_append(&buffer, "%", 1); - cp++; - continue; - } - if (cp[0] == '%' && cp[1] == 'h') { - buffer_append(&buffer, pw->pw_dir, strlen(pw->pw_dir)); - cp++; - continue; - } - if (cp[0] == '%' && cp[1] == 'u') { - buffer_append(&buffer, pw->pw_name, - strlen(pw->pw_name)); - cp++; - continue; - } - buffer_append(&buffer, cp, 1); - } - buffer_append(&buffer, "\0", 1); + file = percent_expand(filename, "h", pw->pw_dir, + "u", pw->pw_name, (char *)NULL); /* * Ensure that filename starts anchored. If not, be backward * compatible and prepend the '%h/' */ - file = xmalloc(MAXPATHLEN); - cp = buffer_ptr(&buffer); - if (*cp != '/') - snprintf(file, MAXPATHLEN, "%s/%s", pw->pw_dir, cp); - else - strlcpy(file, cp, MAXPATHLEN); + if (*file == '/') + return (file); + + ret = xmalloc(MAXPATHLEN); + if (strlcpy(ret, pw->pw_dir, MAXPATHLEN) >= MAXPATHLEN || + strlcat(ret, "/", MAXPATHLEN) >= MAXPATHLEN || + strlcat(ret, file, MAXPATHLEN) >= MAXPATHLEN) + fatal("expand_authorized_keys: path too long"); - buffer_free(&buffer); - return file; + xfree(file); + return (ret); } char * authorized_keys_file(struct passwd *pw) { - return expand_filename(options.authorized_keys_file, pw); + return expand_authorized_keys(options.authorized_keys_file, pw); } char * authorized_keys_file2(struct passwd *pw) { - return expand_filename(options.authorized_keys_file2, pw); + return expand_authorized_keys(options.authorized_keys_file2, pw); } /* return ok if key exists in sysfile or userfile */ diff --git a/crypto/openssh/auth.h b/crypto/openssh/auth.h index d06c028..41eb4a3 100644 --- a/crypto/openssh/auth.h +++ b/crypto/openssh/auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.50 2004/05/23 23:59:53 dtucker Exp $ */ +/* $OpenBSD: auth.h,v 1.51 2005/06/06 11:20:36 djm Exp $ */ /* $FreeBSD$ */ /* @@ -164,7 +164,6 @@ char *get_challenge(Authctxt *); int verify_response(Authctxt *, const char *); void abandon_challenge_response(Authctxt *); -char *expand_filename(const char *, struct passwd *); char *authorized_keys_file(struct passwd *); char *authorized_keys_file2(struct passwd *); @@ -197,6 +196,11 @@ int sys_auth_passwd(Authctxt *, const char *); #define SKEY_PROMPT "\nOPIE Password: " #else #define SKEY_PROMPT "\nS/Key Password: " + +#if defined(KRB5) && !defined(HEIMDAL) +#include <krb5.h> +krb5_error_code ssh_krb5_cc_gen(krb5_context, krb5_ccache *); +#endif #endif #endif diff --git a/crypto/openssh/auth1.c b/crypto/openssh/auth1.c index 0c26e114..6440c49 100644 --- a/crypto/openssh/auth1.c +++ b/crypto/openssh/auth1.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth1.c,v 1.59 2004/07/28 09:40:29 markus Exp $"); +RCSID("$OpenBSD: auth1.c,v 1.62 2005/07/16 01:35:24 djm Exp $"); RCSID("$FreeBSD$"); #include "xmalloc.h" @@ -32,28 +32,182 @@ RCSID("$FreeBSD$"); extern ServerOptions options; extern Buffer loginmsg; -/* - * convert ssh auth msg type into description - */ +static int auth1_process_password(Authctxt *, char *, size_t); +static int auth1_process_rsa(Authctxt *, char *, size_t); +static int auth1_process_rhosts_rsa(Authctxt *, char *, size_t); +static int auth1_process_tis_challenge(Authctxt *, char *, size_t); +static int auth1_process_tis_response(Authctxt *, char *, size_t); + +static char *client_user = NULL; /* Used to fill in remote user for PAM */ + +struct AuthMethod1 { + int type; + char *name; + int *enabled; + int (*method)(Authctxt *, char *, size_t); +}; + +const struct AuthMethod1 auth1_methods[] = { + { + SSH_CMSG_AUTH_PASSWORD, "password", + &options.password_authentication, auth1_process_password + }, + { + SSH_CMSG_AUTH_RSA, "rsa", + &options.rsa_authentication, auth1_process_rsa + }, + { + SSH_CMSG_AUTH_RHOSTS_RSA, "rhosts-rsa", + &options.rhosts_rsa_authentication, auth1_process_rhosts_rsa + }, + { + SSH_CMSG_AUTH_TIS, "challenge-response", + &options.challenge_response_authentication, + auth1_process_tis_challenge + }, + { + SSH_CMSG_AUTH_TIS_RESPONSE, "challenge-response", + &options.challenge_response_authentication, + auth1_process_tis_response + }, + { -1, NULL, NULL, NULL} +}; + +static const struct AuthMethod1 +*lookup_authmethod1(int type) +{ + int i; + + for(i = 0; auth1_methods[i].name != NULL; i++) + if (auth1_methods[i].type == type) + return (&(auth1_methods[i])); + + return (NULL); +} + static char * get_authname(int type) { - static char buf[1024]; - switch (type) { - case SSH_CMSG_AUTH_PASSWORD: - return "password"; - case SSH_CMSG_AUTH_RSA: - return "rsa"; - case SSH_CMSG_AUTH_RHOSTS_RSA: - return "rhosts-rsa"; - case SSH_CMSG_AUTH_RHOSTS: - return "rhosts"; - case SSH_CMSG_AUTH_TIS: - case SSH_CMSG_AUTH_TIS_RESPONSE: - return "challenge-response"; + const struct AuthMethod1 *a; + static char buf[64]; + + if ((a = lookup_authmethod1(type)) != NULL) + return (a->name); + snprintf(buf, sizeof(buf), "bad-auth-msg-%d", type); + return (buf); +} + +static int +auth1_process_password(Authctxt *authctxt, char *info, size_t infolen) +{ + int authenticated = 0; + char *password; + u_int dlen; + + /* + * Read user password. It is in plain text, but was + * transmitted over the encrypted channel so it is + * not visible to an outside observer. + */ + password = packet_get_string(&dlen); + packet_check_eom(); + + /* Try authentication with the password. */ + authenticated = PRIVSEP(auth_password(authctxt, password)); + + memset(password, 0, dlen); + xfree(password); + + return (authenticated); +} + +static int +auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen) +{ + int authenticated = 0; + BIGNUM *n; + + /* RSA authentication requested. */ + if ((n = BN_new()) == NULL) + fatal("do_authloop: BN_new failed"); + packet_get_bignum(n); + packet_check_eom(); + authenticated = auth_rsa(authctxt, n); + BN_clear_free(n); + + return (authenticated); +} + +static int +auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen) +{ + int keybits, authenticated = 0; + u_int bits; + Key *client_host_key; + u_int ulen; + + /* + * Get client user name. Note that we just have to + * trust the client; root on the client machine can + * claim to be any user. + */ + client_user = packet_get_string(&ulen); + + /* Get the client host key. */ + client_host_key = key_new(KEY_RSA1); + bits = packet_get_int(); + packet_get_bignum(client_host_key->rsa->e); + packet_get_bignum(client_host_key->rsa->n); + + keybits = BN_num_bits(client_host_key->rsa->n); + if (keybits < 0 || bits != (u_int)keybits) { + verbose("Warning: keysize mismatch for client_host_key: " + "actual %d, announced %d", + BN_num_bits(client_host_key->rsa->n), bits); } - snprintf(buf, sizeof buf, "bad-auth-msg-%d", type); - return buf; + packet_check_eom(); + + authenticated = auth_rhosts_rsa(authctxt, client_user, + client_host_key); + key_free(client_host_key); + + snprintf(info, infolen, " ruser %.100s", client_user); + + return (authenticated); +} + +static int +auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen) +{ + char *challenge; + + if ((challenge = get_challenge(authctxt)) == NULL) + return (0); + + debug("sending challenge '%s'", challenge); + packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); + packet_put_cstring(challenge); + xfree(challenge); + packet_send(); + packet_write_wait(); + + return (-1); +} + +static int +auth1_process_tis_response(Authctxt *authctxt, char *info, size_t infolen) +{ + int authenticated = 0; + char *response; + u_int dlen; + + response = packet_get_string(&dlen); + packet_check_eom(); + authenticated = verify_response(authctxt, response); + memset(response, 'r', dlen); + xfree(response); + + return (authenticated); } /* @@ -64,14 +218,9 @@ static void do_authloop(Authctxt *authctxt) { int authenticated = 0; - u_int bits; - Key *client_host_key; - BIGNUM *n; - char *client_user, *password; char info[1024]; - u_int dlen; - u_int ulen; - int prev, type = 0; + int prev = 0, type = 0; + const struct AuthMethod1 *meth; debug("Attempting authentication for %s%.100s.", authctxt->valid ? "" : "invalid user ", authctxt->user); @@ -96,8 +245,6 @@ do_authloop(Authctxt *authctxt) packet_send(); packet_write_wait(); - client_user = NULL; - for (;;) { /* default to fail */ authenticated = 0; @@ -119,107 +266,21 @@ do_authloop(Authctxt *authctxt) type != SSH_CMSG_AUTH_TIS_RESPONSE) abandon_challenge_response(authctxt); - /* Process the packet. */ - switch (type) { - case SSH_CMSG_AUTH_RHOSTS_RSA: - if (!options.rhosts_rsa_authentication) { - verbose("Rhosts with RSA authentication disabled."); - break; - } - /* - * Get client user name. Note that we just have to - * trust the client; root on the client machine can - * claim to be any user. - */ - client_user = packet_get_string(&ulen); - - /* Get the client host key. */ - client_host_key = key_new(KEY_RSA1); - bits = packet_get_int(); - packet_get_bignum(client_host_key->rsa->e); - packet_get_bignum(client_host_key->rsa->n); - - if (bits != BN_num_bits(client_host_key->rsa->n)) - verbose("Warning: keysize mismatch for client_host_key: " - "actual %d, announced %d", - BN_num_bits(client_host_key->rsa->n), bits); - packet_check_eom(); - - authenticated = auth_rhosts_rsa(authctxt, client_user, - client_host_key); - key_free(client_host_key); - - snprintf(info, sizeof info, " ruser %.100s", client_user); - break; - - case SSH_CMSG_AUTH_RSA: - if (!options.rsa_authentication) { - verbose("RSA authentication disabled."); - break; - } - /* RSA authentication requested. */ - if ((n = BN_new()) == NULL) - fatal("do_authloop: BN_new failed"); - packet_get_bignum(n); - packet_check_eom(); - authenticated = auth_rsa(authctxt, n); - BN_clear_free(n); - break; - - case SSH_CMSG_AUTH_PASSWORD: - if (!options.password_authentication) { - verbose("Password authentication disabled."); - break; - } - /* - * Read user password. It is in plain text, but was - * transmitted over the encrypted channel so it is - * not visible to an outside observer. - */ - password = packet_get_string(&dlen); - packet_check_eom(); - - /* Try authentication with the password. */ - authenticated = PRIVSEP(auth_password(authctxt, password)); - - memset(password, 0, strlen(password)); - xfree(password); - break; - - case SSH_CMSG_AUTH_TIS: - debug("rcvd SSH_CMSG_AUTH_TIS"); - if (options.challenge_response_authentication == 1) { - char *challenge = get_challenge(authctxt); - if (challenge != NULL) { - debug("sending challenge '%s'", challenge); - packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); - packet_put_cstring(challenge); - xfree(challenge); - packet_send(); - packet_write_wait(); - continue; - } - } - break; - case SSH_CMSG_AUTH_TIS_RESPONSE: - debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE"); - if (options.challenge_response_authentication == 1) { - char *response = packet_get_string(&dlen); - packet_check_eom(); - authenticated = verify_response(authctxt, response); - memset(response, 'r', dlen); - xfree(response); - } - break; - - default: - /* - * Any unknown messages will be ignored (and failure - * returned) during authentication. - */ - logit("Unknown message during authentication: type %d", type); - break; + if ((meth = lookup_authmethod1(type)) == NULL) { + logit("Unknown message during authentication: " + "type %d", type); + goto skip; + } + + if (!*(meth->enabled)) { + verbose("%s authentication disabled.", meth->name); + goto skip; } + + authenticated = meth->method(authctxt, info, sizeof(info)); + if (authenticated == -1) + continue; /* "postponed" */ + #ifdef BSD_AUTH if (authctxt->as) { auth_close(authctxt->as); @@ -239,7 +300,7 @@ do_authloop(Authctxt *authctxt) #ifdef HAVE_CYGWIN if (authenticated && - !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, + !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, authctxt->pw)) { packet_disconnect("Authentication rejected for uid %d.", authctxt->pw == NULL ? -1 : authctxt->pw->pw_uid); @@ -248,8 +309,8 @@ do_authloop(Authctxt *authctxt) #else /* Special handling for root */ if (authenticated && authctxt->pw->pw_uid == 0 && - !auth_root_allowed(get_authname(type))) { - authenticated = 0; + !auth_root_allowed(meth->name)) { + authenticated = 0; # ifdef SSH_AUDIT_EVENTS PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); # endif @@ -263,7 +324,7 @@ do_authloop(Authctxt *authctxt) size_t len; error("Access denied for user %s by PAM account " - "configuration", authctxt->user); + "configuration", authctxt->user); len = buffer_len(&loginmsg); buffer_append(&loginmsg, "\0", 1); msg = buffer_ptr(&loginmsg); @@ -277,6 +338,7 @@ do_authloop(Authctxt *authctxt) } #endif + skip: /* Log before sending the reply */ auth_log(authctxt, authenticated, get_authname(type), info); @@ -342,7 +404,7 @@ do_authentication(Authctxt *authctxt) /* * If we are not running as root, the user must have the same uid as - * the server. (Unless you are running Windows) + * the server. */ #ifndef HAVE_CYGWIN if (!use_privsep && getuid() != 0 && authctxt->pw && diff --git a/crypto/openssh/auth2-chall.c b/crypto/openssh/auth2-chall.c index 7b5762f..95709a0 100644 --- a/crypto/openssh/auth2-chall.c +++ b/crypto/openssh/auth2-chall.c @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.24 2005/07/17 07:17:54 djm Exp $"); RCSID("$FreeBSD$"); #include "ssh2.h" @@ -168,7 +168,7 @@ kbdint_next_device(KbdintAuthctxt *kbdintctxt) kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; xfree(t); debug2("kbdint_next_device: devices %s", kbdintctxt->devices ? - kbdintctxt->devices : "<empty>"); + kbdintctxt->devices : "<empty>"); } while (kbdintctxt->devices && !kbdintctxt->device); return kbdintctxt->device ? 1 : 0; @@ -240,8 +240,7 @@ send_userauth_info_request(Authctxt *authctxt) { KbdintAuthctxt *kbdintctxt; char *name, *instr, **prompts; - int i; - u_int *echo_on; + u_int i, *echo_on; kbdintctxt = authctxt->kbdintctxt; if (kbdintctxt->device->query(kbdintctxt->ctxt, @@ -274,8 +273,8 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; KbdintAuthctxt *kbdintctxt; - int i, authenticated = 0, res, len; - u_int nresp; + int authenticated = 0, res, len; + u_int i, nresp; char **response = NULL, *method; if (authctxt == NULL) diff --git a/crypto/openssh/auth2.c b/crypto/openssh/auth2.c index ce7263b..4a578c4 100644 --- a/crypto/openssh/auth2.c +++ b/crypto/openssh/auth2.c @@ -264,7 +264,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) packet_write_wait(); } fatal("Access denied for user %s by PAM account " - "configuration", authctxt->user); + "configuration", authctxt->user); } } #endif diff --git a/crypto/openssh/authfd.c b/crypto/openssh/authfd.c index 662350c..8976616 100644 --- a/crypto/openssh/authfd.c +++ b/crypto/openssh/authfd.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.64 2004/08/11 21:44:31 avsm Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.66 2005/06/17 02:44:32 djm Exp $"); #include <openssl/evp.h> @@ -114,8 +114,7 @@ ssh_get_authentication_socket(void) static int ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply) { - int l; - u_int len; + u_int l, len; char buf[1024]; /* Get the length of the message, and format it in the buffer. */ @@ -149,8 +148,7 @@ ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply l = len; if (l > sizeof(buf)) l = sizeof(buf); - l = atomicio(read, auth->fd, buf, l); - if (l <= 0) { + if (atomicio(read, auth->fd, buf, l) != l) { error("Error reading response from authentication socket."); return 0; } @@ -303,6 +301,7 @@ ssh_get_first_identity(AuthenticationConnection *auth, char **comment, int versi Key * ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version) { + int keybits; u_int bits; u_char *blob; u_int blen; @@ -323,7 +322,8 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio buffer_get_bignum(&auth->identities, key->rsa->e); buffer_get_bignum(&auth->identities, key->rsa->n); *comment = buffer_get_string(&auth->identities, NULL); - if (bits != BN_num_bits(key->rsa->n)) + keybits = BN_num_bits(key->rsa->n); + if (keybits < 0 || bits != (u_int)keybits) logit("Warning: identity keysize mismatch: actual %d, announced %u", BN_num_bits(key->rsa->n), bits); break; diff --git a/crypto/openssh/authfile.c b/crypto/openssh/authfile.c index 6a04cd7..420813f 100644 --- a/crypto/openssh/authfile.c +++ b/crypto/openssh/authfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.60 2004/12/11 01:48:56 dtucker Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.61 2005/06/17 02:44:32 djm Exp $"); #include <openssl/err.h> #include <openssl/evp.h> @@ -52,6 +52,7 @@ RCSID("$OpenBSD: authfile.c,v 1.60 2004/12/11 01:48:56 dtucker Exp $"); #include "authfile.h" #include "rsa.h" #include "misc.h" +#include "atomicio.h" /* Version identification string for SSH v1 identity files. */ static const char authfile_id_string[] = @@ -147,8 +148,8 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, buffer_free(&encrypted); return 0; } - if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != - buffer_len(&encrypted)) { + if (atomicio(vwrite, fd, buffer_ptr(&encrypted), + buffer_len(&encrypted)) != buffer_len(&encrypted)) { error("write to key file %s failed: %s", filename, strerror(errno)); buffer_free(&encrypted); @@ -236,7 +237,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) Key *pub; struct stat st; char *cp; - int i; + u_int i; size_t len; if (fstat(fd, &st) < 0) { @@ -253,7 +254,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) buffer_init(&buffer); cp = buffer_append_space(&buffer, len); - if (read(fd, cp, (size_t) len) != (size_t) len) { + if (atomicio(read, fd, cp, len) != len) { debug("Read from key file %.200s failed: %.100s", filename, strerror(errno)); buffer_free(&buffer); @@ -322,7 +323,8 @@ static Key * key_load_private_rsa1(int fd, const char *filename, const char *passphrase, char **commentp) { - int i, check1, check2, cipher_type; + u_int i; + int check1, check2, cipher_type; size_t len; Buffer buffer, decrypted; u_char *cp; @@ -347,7 +349,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, buffer_init(&buffer); cp = buffer_append_space(&buffer, len); - if (read(fd, cp, (size_t) len) != (size_t) len) { + if (atomicio(read, fd, cp, len) != len) { debug("Read from key file %.200s failed: %.100s", filename, strerror(errno)); buffer_free(&buffer); diff --git a/crypto/openssh/bufaux.c b/crypto/openssh/bufaux.c index 27c42b0..53cfb8c 100644 --- a/crypto/openssh/bufaux.c +++ b/crypto/openssh/bufaux.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: bufaux.c,v 1.35 2005/03/10 22:01:05 deraadt Exp $"); +RCSID("$OpenBSD: bufaux.c,v 1.36 2005/06/17 02:44:32 djm Exp $"); RCSID("$FreeBSD$"); #include <openssl/bn.h> @@ -155,7 +155,7 @@ buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value) buf[0] = 0x00; /* Get the value of in binary */ oi = BN_bn2bin(value, buf+1); - if (oi != bytes-1) { + if (oi < 0 || (u_int)oi != bytes - 1) { error("buffer_put_bignum2_ret: BN_bn2bin() failed: " "oi %d != bin_size %d", oi, bytes); xfree(buf); diff --git a/crypto/openssh/canohost.c b/crypto/openssh/canohost.c index 94d6664..c27086b 100644 --- a/crypto/openssh/canohost.c +++ b/crypto/openssh/canohost.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: canohost.c,v 1.42 2005/02/18 03:05:53 djm Exp $"); +RCSID("$OpenBSD: canohost.c,v 1.44 2005/06/17 02:44:32 djm Exp $"); #include "packet.h" #include "xmalloc.h" @@ -143,7 +143,8 @@ check_ip_options(int sock, char *ipaddr) u_char options[200]; char text[sizeof(options) * 3 + 1]; socklen_t option_size; - int i, ipproto; + u_int i; + int ipproto; struct protoent *ip; if ((ip = getprotobyname("ip")) != NULL) @@ -173,7 +174,7 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) struct in_addr inaddr; u_int16_t port; - if (addr->ss_family != AF_INET6 || + if (addr->ss_family != AF_INET6 || !IN6_IS_ADDR_V4MAPPED(&a6->sin6_addr)) return; @@ -346,7 +347,7 @@ get_sock_port(int sock, int local) } else { if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { debug("getpeername failed: %.100s", strerror(errno)); - cleanup_exit(255); + return -1; } } diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index 3f6db60..8c7b2b3 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.214 2005/03/14 11:46:56 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.223 2005/07/17 07:17:54 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -111,6 +111,9 @@ static int all_opens_permitted = 0; /* Maximum number of fake X11 displays to try. */ #define MAX_DISPLAYS 1000 +/* Saved X11 local (client) display. */ +static char *x11_saved_display = NULL; + /* Saved X11 authentication protocol name. */ static char *x11_saved_proto = NULL; @@ -727,8 +730,8 @@ channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset) FD_SET(c->wfd, writeset); } else if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN) { if (CHANNEL_EFD_OUTPUT_ACTIVE(c)) - debug2("channel %d: obuf_empty delayed efd %d/(%d)", - c->self, c->efd, buffer_len(&c->extended)); + debug2("channel %d: obuf_empty delayed efd %d/(%d)", + c->self, c->efd, buffer_len(&c->extended)); else chan_obuf_empty(c); } @@ -894,7 +897,7 @@ static int channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) { char *p, *host; - int len, have, i, found; + u_int len, have, i, found; char username[256]; struct { u_int8_t version; @@ -979,7 +982,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset) } s5_req, s5_rsp; u_int16_t dest_port; u_char *p, dest_addr[255+1]; - int i, have, found, nmethods, addrlen, af; + u_int have, i, found, nmethods, addrlen, af; debug2("channel %d: decode socks5", c->self); p = buffer_ptr(&c->input); @@ -1075,7 +1078,8 @@ static void channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset) { u_char *p; - int have, ret; + u_int have; + int ret; have = buffer_len(&c->input); c->delayed = 0; @@ -1178,7 +1182,7 @@ port_open_helper(Channel *c, char *rtype) int direct; char buf[1024]; char *remote_ipaddr = get_peer_ipaddr(c->sock); - u_short remote_port = get_peer_port(c->sock); + int remote_port = get_peer_port(c->sock); direct = (strcmp(rtype, "direct-tcpip") == 0); @@ -1208,7 +1212,7 @@ port_open_helper(Channel *c, char *rtype) } /* originator host and port */ packet_put_cstring(remote_ipaddr); - packet_put_int(remote_port); + packet_put_int((u_int)remote_port); packet_send(); } else { packet_start(SSH_MSG_PORT_OPEN); @@ -1809,8 +1813,8 @@ channel_output_poll(void) * hack for extended data: delay EOF if EFD still in use. */ if (CHANNEL_EFD_INPUT_ACTIVE(c)) - debug2("channel %d: ibuf_empty delayed efd %d/(%d)", - c->self, c->efd, buffer_len(&c->extended)); + debug2("channel %d: ibuf_empty delayed efd %d/(%d)", + c->self, c->efd, buffer_len(&c->extended)); else chan_ibuf_empty(c); } @@ -2195,11 +2199,11 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por if (host == NULL) { error("No forward host name."); - return success; + return 0; } if (strlen(host) > SSH_CHANNEL_PATH_LEN - 1) { error("Forward host name too long."); - return success; + return 0; } /* @@ -2250,12 +2254,10 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por packet_disconnect("getaddrinfo: fatal error: %s", gai_strerror(r)); } else { - verbose("channel_setup_fwd_listener: " - "getaddrinfo(%.64s): %s", addr, gai_strerror(r)); - packet_send_debug("channel_setup_fwd_listener: " + error("channel_setup_fwd_listener: " "getaddrinfo(%.64s): %s", addr, gai_strerror(r)); } - aitop = NULL; + return 0; } for (ai = aitop; ai; ai = ai->ai_next) { @@ -2657,7 +2659,7 @@ channel_send_window_changes(void) */ int x11_create_display_inet(int x11_display_offset, int x11_use_localhost, - int single_connection, u_int *display_numberp) + int single_connection, u_int *display_numberp, int **chanids) { Channel *nc = NULL; int display_number, sock; @@ -2747,6 +2749,8 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost, } /* Allocate a channel for each socket. */ + if (chanids != NULL) + *chanids = xmalloc(sizeof(**chanids) * (num_socks + 1)); for (n = 0; n < num_socks; n++) { sock = socks[n]; nc = channel_new("x11 listener", @@ -2754,7 +2758,11 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost, CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, "X11 inet listener", 1); nc->single_connection = single_connection; + if (*chanids != NULL) + (*chanids)[n] = nc->self; } + if (*chanids != NULL) + (*chanids)[n] = -1; /* Return the display number for the DISPLAY environment variable. */ *display_numberp = display_number; @@ -2952,19 +2960,27 @@ deny_input_open(int type, u_int32_t seq, void *ctxt) * This should be called in the client only. */ void -x11_request_forwarding_with_spoofing(int client_session_id, +x11_request_forwarding_with_spoofing(int client_session_id, const char *disp, const char *proto, const char *data) { u_int data_len = (u_int) strlen(data) / 2; - u_int i, value, len; + u_int i, value; char *new_data; int screen_number; const char *cp; u_int32_t rnd = 0; - cp = getenv("DISPLAY"); - if (cp) - cp = strchr(cp, ':'); + if (x11_saved_display == NULL) + x11_saved_display = xstrdup(disp); + else if (strcmp(disp, x11_saved_display) != 0) { + error("x11_request_forwarding_with_spoofing: different " + "$DISPLAY already forwarded"); + return; + } + + cp = disp; + if (disp) + cp = strchr(disp, ':'); if (cp) cp = strchr(cp, '.'); if (cp) @@ -2972,33 +2988,31 @@ x11_request_forwarding_with_spoofing(int client_session_id, else screen_number = 0; - /* Save protocol name. */ - x11_saved_proto = xstrdup(proto); - - /* - * Extract real authentication data and generate fake data of the - * same length. - */ - x11_saved_data = xmalloc(data_len); - x11_fake_data = xmalloc(data_len); - for (i = 0; i < data_len; i++) { - if (sscanf(data + 2 * i, "%2x", &value) != 1) - fatal("x11_request_forwarding: bad authentication data: %.100s", data); - if (i % 4 == 0) - rnd = arc4random(); - x11_saved_data[i] = value; - x11_fake_data[i] = rnd & 0xff; - rnd >>= 8; - } - x11_saved_data_len = data_len; - x11_fake_data_len = data_len; + if (x11_saved_proto == NULL) { + /* Save protocol name. */ + x11_saved_proto = xstrdup(proto); + /* + * Extract real authentication data and generate fake data + * of the same length. + */ + x11_saved_data = xmalloc(data_len); + x11_fake_data = xmalloc(data_len); + for (i = 0; i < data_len; i++) { + if (sscanf(data + 2 * i, "%2x", &value) != 1) + fatal("x11_request_forwarding: bad " + "authentication data: %.100s", data); + if (i % 4 == 0) + rnd = arc4random(); + x11_saved_data[i] = value; + x11_fake_data[i] = rnd & 0xff; + rnd >>= 8; + } + x11_saved_data_len = data_len; + x11_fake_data_len = data_len; + } /* Convert the fake data into hex. */ - len = 2 * data_len + 1; - new_data = xmalloc(len); - for (i = 0; i < data_len; i++) - snprintf(new_data + 2 * i, len - 2 * i, - "%02x", (u_char) x11_fake_data[i]); + new_data = tohex(x11_fake_data, data_len); /* Send the request packet. */ if (compat20) { diff --git a/crypto/openssh/channels.h b/crypto/openssh/channels.h index fc20fb2..1cb2c3a 100644 --- a/crypto/openssh/channels.h +++ b/crypto/openssh/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.76 2005/03/01 10:09:52 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.79 2005/07/17 06:49:04 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -149,7 +149,7 @@ struct Channel { buffer_len(&c->extended) > 0)) #define CHANNEL_EFD_OUTPUT_ACTIVE(c) \ (compat20 && c->extended_usage == CHAN_EXTENDED_WRITE && \ - ((c->efd != -1 && !(c->flags & (CHAN_EOF_RCVD|CHAN_CLOSE_RCVD))) || \ + c->efd != -1 && (!(c->flags & (CHAN_EOF_RCVD|CHAN_CLOSE_RCVD)) || \ buffer_len(&c->extended) > 0)) /* channel management */ @@ -214,9 +214,10 @@ int channel_cancel_rport_listener(const char *, u_short); /* x11 forwarding */ int x11_connect_display(void); -int x11_create_display_inet(int, int, int, u_int *); +int x11_create_display_inet(int, int, int, u_int *, int **); void x11_input_open(int, u_int32_t, void *); -void x11_request_forwarding_with_spoofing(int, const char *, const char *); +void x11_request_forwarding_with_spoofing(int, const char *, const char *, + const char *); void deny_input_open(int, u_int32_t, void *); /* agent forwarding */ diff --git a/crypto/openssh/cipher.c b/crypto/openssh/cipher.c index beba461..0dddf27 100644 --- a/crypto/openssh/cipher.c +++ b/crypto/openssh/cipher.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.73 2005/01/23 10:18:12 djm Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.77 2005/07/16 01:35:24 djm Exp $"); #include "xmalloc.h" #include "log.h" @@ -43,25 +43,8 @@ RCSID("$OpenBSD: cipher.c,v 1.73 2005/01/23 10:18:12 djm Exp $"); #include <openssl/md5.h> -#if OPENSSL_VERSION_NUMBER < 0x00906000L -#define SSH_OLD_EVP -#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) -#endif - -#if OPENSSL_VERSION_NUMBER < 0x00907000L -extern const EVP_CIPHER *evp_rijndael(void); -extern void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int); -#endif - -#if !defined(EVP_CTRL_SET_ACSS_MODE) -# if (OPENSSL_VERSION_NUMBER >= 0x00907000L) -extern const EVP_CIPHER *evp_acss(void); -# define EVP_acss evp_acss -# define EVP_CTRL_SET_ACSS_MODE xxx /* used below */ -# else -# define EVP_acss NULL /* Don't try to support ACSS on older OpenSSL */ -# endif /* (OPENSSL_VERSION_NUMBER >= 0x00906000L) */ -#endif /* !defined(EVP_CTRL_SET_ACSS_MODE) */ +/* compatibility with old or broken OpenSSL versions */ +#include "openbsd-compat/openssl-compat.h" extern const EVP_CIPHER *evp_ssh1_bf(void); extern const EVP_CIPHER *evp_ssh1_3des(void); @@ -74,39 +57,32 @@ struct Cipher { int number; /* for ssh1 only */ u_int block_size; u_int key_len; + u_int discard_len; const EVP_CIPHER *(*evptype)(void); } ciphers[] = { - { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, - { "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, - { "3des", SSH_CIPHER_3DES, 8, 16, evp_ssh1_3des }, - { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, evp_ssh1_bf }, - - { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc }, - { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, - { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, - { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, -#if OPENSSL_VERSION_NUMBER < 0x00907000L - { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, - { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, - { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, + { "none", SSH_CIPHER_NONE, 8, 0, 0, EVP_enc_null }, + { "des", SSH_CIPHER_DES, 8, 8, 0, EVP_des_cbc }, + { "3des", SSH_CIPHER_3DES, 8, 16, 0, evp_ssh1_3des }, + { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, 0, evp_ssh1_bf }, + + { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, EVP_des_ede3_cbc }, + { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, 0, EVP_bf_cbc }, + { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, 0, EVP_cast5_cbc }, + { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 }, + { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 }, + { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 }, + { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, EVP_aes_128_cbc }, + { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, EVP_aes_192_cbc }, + { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, { "rijndael-cbc@lysator.liu.se", - SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, -#else - { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, EVP_aes_128_cbc }, - { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, EVP_aes_192_cbc }, - { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, - { "rijndael-cbc@lysator.liu.se", - SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, -#endif -#if OPENSSL_VERSION_NUMBER >= 0x00905000L - { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr }, - { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr }, - { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr }, + SSH_CIPHER_SSH2, 16, 32, 0, EVP_aes_256_cbc }, + { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, evp_aes_128_ctr }, + { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, evp_aes_128_ctr }, + { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, evp_aes_128_ctr }, +#ifdef USE_CIPHER_ACSS + { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, 0, EVP_acss }, #endif -#if defined(EVP_CTRL_SET_ACSS_MODE) - { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, EVP_acss }, -#endif - { NULL, SSH_CIPHER_INVALID, 0, 0, NULL } + { NULL, SSH_CIPHER_INVALID, 0, 0, 0, NULL } }; /*--*/ @@ -222,8 +198,9 @@ cipher_init(CipherContext *cc, Cipher *cipher, EVP_CIPHER *type; #else const EVP_CIPHER *type; -#endif int klen; +#endif + u_char *junk, *discard; if (cipher->number == SSH_CIPHER_DES) { if (dowarn) { @@ -261,7 +238,7 @@ cipher_init(CipherContext *cc, Cipher *cipher, fatal("cipher_init: EVP_CipherInit failed for %s", cipher->name); klen = EVP_CIPHER_CTX_key_length(&cc->evp); - if (klen > 0 && keylen != klen) { + if (klen > 0 && keylen != (u_int)klen) { debug2("cipher_init: set keylen (%d -> %d)", klen, keylen); if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) fatal("cipher_init: set keylen failed (%d -> %d)", @@ -271,6 +248,17 @@ cipher_init(CipherContext *cc, Cipher *cipher, fatal("cipher_init: EVP_CipherInit: set key failed for %s", cipher->name); #endif + + if (cipher->discard_len > 0) { + junk = xmalloc(cipher->discard_len); + discard = xmalloc(cipher->discard_len); + if (EVP_Cipher(&cc->evp, discard, junk, + cipher->discard_len) == 0) + fatal("evp_crypt: EVP_Cipher failed during discard"); + memset(discard, 0, cipher->discard_len); + xfree(junk); + xfree(discard); + } } void @@ -278,23 +266,15 @@ cipher_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) { if (len % cc->cipher->block_size) fatal("cipher_encrypt: bad plaintext length %d", len); -#ifdef SSH_OLD_EVP - EVP_Cipher(&cc->evp, dest, (u_char *)src, len); -#else if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) fatal("evp_crypt: EVP_Cipher failed"); -#endif } void cipher_cleanup(CipherContext *cc) { -#ifdef SSH_OLD_EVP - EVP_CIPHER_CTX_cleanup(&cc->evp); -#else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); -#endif } /* @@ -349,9 +329,9 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len) case SSH_CIPHER_DES: case SSH_CIPHER_BLOWFISH: evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); - if (evplen == 0) + if (evplen <= 0) return; - if (evplen != len) + if ((u_int)evplen != len) fatal("%s: wrong iv length %d != %d", __func__, evplen, len); #if OPENSSL_VERSION_NUMBER < 0x00907000L diff --git a/crypto/openssh/configure.ac b/crypto/openssh/configure.ac index e0d8aa8..5258d63 100644 --- a/crypto/openssh/configure.ac +++ b/crypto/openssh/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.260 2005/04/24 07:52:23 dtucker Exp $ +# $Id: configure.ac,v 1.292 2005/08/31 16:59:49 tim Exp $ # $FreeBSD$ # # Copyright (c) 1999-2004 Damien Miller @@ -15,7 +15,7 @@ # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -AC_INIT(OpenSSH, Portable) +AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -78,8 +78,94 @@ fi AC_SUBST(LD) AC_C_INLINE + +AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) + if test "$GCC" = "yes" || test "$GCC" = "egcs"; then - CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized" + CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" + GCC_VER=`$CC --version` + case $GCC_VER in + 1.*) ;; + 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;; + 2.*) ;; + *) CFLAGS="$CFLAGS -Wsign-compare" ;; + esac + + if test -z "$have_llong_max"; then + # retry LLONG_MAX with -std=gnu99, needed on some Linuxes + unset ac_cv_have_decl_LLONG_MAX + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -std=gnu99" + AC_CHECK_DECL(LLONG_MAX, + [have_llong_max=1], + [CFLAGS="$saved_CFLAGS"], + [#include <limits.h>] + ) + fi +fi + +if test -z "$have_llong_max"; then + AC_MSG_CHECKING([for max value of long long]) + AC_RUN_IFELSE( + [AC_LANG_SOURCE([[ +#include <stdio.h> +/* Why is this so damn hard? */ +#ifdef __GNUC__ +# undef __GNUC__ +#endif +#define __USE_ISOC99 +#include <limits.h> +#define DATA "conftest.llminmax" +int main(void) { + FILE *f; + long long i, llmin, llmax = 0; + + if((f = fopen(DATA,"w")) == NULL) + exit(1); + +#if defined(LLONG_MIN) && defined(LLONG_MAX) + fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); + llmin = LLONG_MIN; + llmax = LLONG_MAX; +#else + fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); + /* This will work on one's complement and two's complement */ + for (i = 1; i > llmax; i <<= 1, i++) + llmax = i; + llmin = llmax + 1LL; /* wrap */ +#endif + + /* Sanity check */ + if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax + || llmax - 1 > llmax) { + fprintf(f, "unknown unknown\n"); + exit(2); + } + + if (fprintf(f ,"%lld %lld", llmin, llmax) < 0) + exit(3); + + exit(0); +} + ]])], + [ + llong_min=`$AWK '{print $1}' conftest.llminmax` + llong_max=`$AWK '{print $2}' conftest.llminmax` + AC_MSG_RESULT($llong_max) + AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], + [max value of long long calculated by configure]) + AC_MSG_CHECKING([for min value of long long]) + AC_MSG_RESULT($llong_min) + AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], + [min value of long long calculated by configure]) + ], + [ + AC_MSG_RESULT(not found) + ], + [ + AC_MSG_WARN([cross compiling: not checking]) + ] + ) fi AC_ARG_WITH(rpath, @@ -182,51 +268,43 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) AC_DEFINE(BROKEN_SETREGID) AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1) ;; -*-*-hpux10.26) - if test -z "$GCC"; then - CFLAGS="$CFLAGS -Ae" - fi - CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" - IPADDR_IN_DISPLAY=yes - AC_DEFINE(HAVE_SECUREWARE) - AC_DEFINE(USE_PIPES) - AC_DEFINE(LOGIN_NO_ENDOPT) - AC_DEFINE(LOGIN_NEEDS_UTMPX) - AC_DEFINE(LOCKED_PASSWD_STRING, "*") - AC_DEFINE(SPT_TYPE,SPT_PSTAT) - LIBS="$LIBS -lsec -lsecpw" - AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) - disable_ptmx_check=yes - ;; -*-*-hpux10*) - if test -z "$GCC"; then - CFLAGS="$CFLAGS -Ae" - fi - CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" - IPADDR_IN_DISPLAY=yes - AC_DEFINE(USE_PIPES) - AC_DEFINE(LOGIN_NO_ENDOPT) - AC_DEFINE(LOGIN_NEEDS_UTMPX) - AC_DEFINE(LOCKED_PASSWD_STRING, "*") - AC_DEFINE(SPT_TYPE,SPT_PSTAT) - LIBS="$LIBS -lsec" - AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) - ;; -*-*-hpux11*) +*-*-hpux*) + # first we define all of the options common to all HP-UX releases CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" IPADDR_IN_DISPLAY=yes - AC_DEFINE(PAM_SUN_CODEBASE) AC_DEFINE(USE_PIPES) AC_DEFINE(LOGIN_NO_ENDOPT) AC_DEFINE(LOGIN_NEEDS_UTMPX) - AC_DEFINE(DISABLE_UTMP) AC_DEFINE(LOCKED_PASSWD_STRING, "*") AC_DEFINE(SPT_TYPE,SPT_PSTAT) - AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) - check_for_hpux_broken_getaddrinfo=1 - check_for_conflicting_getspnam=1 LIBS="$LIBS -lsec" - AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) + AC_CHECK_LIB(xnet, t_error, , + AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) + + # next, we define all of the options specific to major releases + case "$host" in + *-*-hpux10*) + if test -z "$GCC"; then + CFLAGS="$CFLAGS -Ae" + fi + ;; + *-*-hpux11*) + AC_DEFINE(PAM_SUN_CODEBASE) + AC_DEFINE(DISABLE_UTMP) + AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) + check_for_hpux_broken_getaddrinfo=1 + check_for_conflicting_getspnam=1 + ;; + esac + + # lastly, we define options specific to minor releases + case "$host" in + *-*-hpux10.26) + AC_DEFINE(HAVE_SECUREWARE) + disable_ptmx_check=yes + LIBS="$LIBS -lsecpw" + ;; + esac ;; *-*-irix5*) PATH="$PATH:/usr/etc" @@ -270,7 +348,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) esac ;; mips-sony-bsd|mips-sony-newsos4) - AC_DEFINE(HAVE_NEWS4) + AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty]) SONY=1 ;; *-*-netbsd*) @@ -297,6 +375,9 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(USE_PIPES) AC_DEFINE(BROKEN_SAVED_UIDS) ;; +*-*-openbsd*) + AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) + ;; *-*-solaris*) if test "x$withval" != "xno" ; then need_dash_r=1 @@ -366,11 +447,19 @@ mips-sony-bsd|mips-sony-newsos4) ;; # UnixWare 7.x, OpenUNIX 8 *-*-sysv5*) + check_for_libcrypt_later=1 + AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) AC_DEFINE(USE_PIPES) AC_DEFINE(SETEUID_BREAKS_SETUID) AC_DEFINE(BROKEN_SETREUID) AC_DEFINE(BROKEN_SETREGID) AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) + case "$host" in + *-*-sysv5SCO_SV*) # SCO OpenServer 6.x + TEST_SHELL=/u95/bin/sh + AC_DEFINE(BROKEN_LIBIAF, 1, [ia_uinfo routines not supported by OS yet]) + ;; + esac ;; *-*-sysv*) ;; @@ -469,6 +558,19 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(MISSING_HOWMANY) AC_DEFINE(MISSING_FD_MASK) ;; + +*-*-ultrix*) + AC_DEFINE(BROKEN_GETGROUPS, [], [getgroups(0,NULL) will return -1]) + AC_DEFINE(BROKEN_MMAP, [], [Ultrix mmap can't map files]) + AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty]) + AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) + ;; + +*-*-lynxos) + CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" + AC_DEFINE(MISSING_HOWMANY) + AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) + ;; esac # Allow user to specify flags @@ -508,6 +610,17 @@ AC_ARG_WITH(libs, fi ] ) +AC_ARG_WITH(Werror, + [ --with-Werror Build main code with -Werror], + [ + if test -n "$withval" && test "x$withval" != "xno"; then + werror_flags="-Werror" + if "x${withval}" != "xyes"; then + werror_flags="$withval" + fi + fi + ] +) AC_MSG_CHECKING(compiler and flags for sanity) AC_RUN_IFELSE( @@ -523,17 +636,67 @@ int main(){exit(0);} [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] ) -# Checks for header files. -AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \ - floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \ - login_cap.h maillock.h ndir.h netdb.h netgroup.h \ - netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \ - rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ - strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \ - sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \ - sys/pstat.h sys/select.h sys/stat.h sys/stream.h \ - sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \ - time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h) +dnl Checks for header files. +AC_CHECK_HEADERS( \ + bstring.h \ + crypt.h \ + dirent.h \ + endian.h \ + features.h \ + floatingpoint.h \ + getopt.h \ + glob.h \ + ia.h \ + iaf.h \ + lastlog.h \ + limits.h \ + login.h \ + login_cap.h \ + maillock.h \ + ndir.h \ + netdb.h \ + netgroup.h \ + netinet/in_systm.h \ + pam/pam_appl.h \ + paths.h \ + pty.h \ + readpassphrase.h \ + rpc/types.h \ + security/pam_appl.h \ + shadow.h \ + stddef.h \ + stdint.h \ + string.h \ + strings.h \ + sys/audit.h \ + sys/bitypes.h \ + sys/bsdtty.h \ + sys/cdefs.h \ + sys/dir.h \ + sys/mman.h \ + sys/ndir.h \ + sys/prctl.h \ + sys/pstat.h \ + sys/select.h \ + sys/stat.h \ + sys/stream.h \ + sys/stropts.h \ + sys/strtio.h \ + sys/sysmacros.h \ + sys/time.h \ + sys/timers.h \ + sys/un.h \ + time.h \ + tmpdir.h \ + ttyent.h \ + unistd.h \ + usersec.h \ + util.h \ + utime.h \ + utmp.h \ + utmpx.h \ + vis.h \ +) # sys/ptms.h requires sys/stream.h to be included first on Solaris AC_CHECK_HEADERS(sys/ptms.h, [], [], [ @@ -661,8 +824,8 @@ int main() if (a == 1 && b == 1 && c >= 4) exit(0); - /* 1.2.1.2 and up are OK */ - if (v >= 1020102) + /* 1.2.3 and up are OK */ + if (v >= 1020300) exit(0); exit(2); @@ -676,7 +839,7 @@ Your reported zlib version has known security problems. It's possible your vendor has fixed these problems without changing the version number. If you are sure this is the case, you can disable the check by running "./configure --without-zlib-version-check". -If you are in doubt, upgrade zlib to version 1.2.1.2 or greater. +If you are in doubt, upgrade zlib to version 1.2.3 or greater. See http://www.gzip.org/zlib/ for details.]) else AC_MSG_WARN([zlib version may have security problems]) @@ -912,6 +1075,21 @@ AC_ARG_WITH(libedit, [ AC_MSG_ERROR(libedit not found) ], [ -lcurses ] ) + AC_MSG_CHECKING(if libedit version is compatible) + AC_COMPILE_IFELSE( + [AC_LANG_SOURCE([[ +#include <histedit.h> +int main(void) +{ + int i = H_SETSIZE; + el_init("", NULL, NULL, NULL); + exit(0); +} + ]])], + [ AC_MSG_RESULT(yes) ], + [ AC_MSG_RESULT(no) + AC_MSG_ERROR(libedit version is not compatible) ] + ) fi ] ) @@ -940,6 +1118,9 @@ AC_ARG_WITH(audit, AC_MSG_RESULT(debug) AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module) ;; + no) + AC_MSG_RESULT(no) + ;; *) AC_MSG_ERROR([Unknown audit module $withval]) ;; @@ -947,19 +1128,87 @@ AC_ARG_WITH(audit, ) dnl Checks for library functions. Please keep in alphabetical order -AC_CHECK_FUNCS(\ - arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \ - bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \ - freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \ - getopt getpeereid _getpty getrlimit getttyent glob inet_aton \ - inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ - mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ - pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \ - setdtablesize setegid setenv seteuid setgroups setlogin setpcred \ - setproctitle setregid setreuid setrlimit \ - setsid setvbuf sigaction sigvec snprintf socketpair strerror \ - strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \ - truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \ +AC_CHECK_FUNCS( \ + arc4random \ + b64_ntop \ + __b64_ntop \ + b64_pton \ + __b64_pton \ + bcopy \ + bindresvport_sa \ + clock \ + closefrom \ + dirfd \ + fchmod \ + fchown \ + freeaddrinfo \ + futimes \ + getaddrinfo \ + getcwd \ + getgrouplist \ + getnameinfo \ + getopt \ + getpeereid \ + _getpty \ + getrlimit \ + getttyent \ + glob \ + inet_aton \ + inet_ntoa \ + inet_ntop \ + innetgr \ + login_getcapbool \ + md5_crypt \ + memmove \ + mkdtemp \ + mmap \ + ngetaddrinfo \ + nsleep \ + ogetaddrinfo \ + openlog_r \ + openpty \ + prctl \ + pstat \ + readpassphrase \ + realpath \ + recvmsg \ + rresvport_af \ + sendmsg \ + setdtablesize \ + setegid \ + setenv \ + seteuid \ + setgroups \ + setlogin \ + setpcred \ + setproctitle \ + setregid \ + setreuid \ + setrlimit \ + setsid \ + setvbuf \ + sigaction \ + sigvec \ + snprintf \ + socketpair \ + strdup \ + strerror \ + strlcat \ + strlcpy \ + strmode \ + strnvis \ + strtonum \ + strtoll \ + strtoul \ + sysconf \ + tcgetpgrp \ + truncate \ + unsetenv \ + updwtmpx \ + utimes \ + vhangup \ + vsnprintf \ + waitpid \ ) # IRIX has a const char return value for gai_strerror() @@ -980,8 +1229,15 @@ str = gai_strerror(0);],[ AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP)) dnl Make sure prototypes are defined for these before using them. -AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)]) AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) +AC_CHECK_DECL(strsep, + [AC_CHECK_FUNCS(strsep)], + [], + [ +#ifdef HAVE_STRING_H +# include <string.h> +#endif + ]) dnl tcsendbreak might be a macro AC_CHECK_DECL(tcsendbreak, @@ -1505,6 +1761,7 @@ if test "x$check_for_libcrypt_later" = "x1"; then AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") fi +AC_CHECK_LIB(iaf, ia_openinfo) ### Configure cryptographic random number support @@ -2442,6 +2699,9 @@ int main() AC_MSG_RESULT(no)]) ]) AC_CHECK_FUNCS(_getshort _getlong) + AC_CHECK_DECLS([_getshort, _getlong], , , + [#include <sys/types.h> + #include <arpa/nameser.h>]) AC_CHECK_MEMBER(HEADER.ad, [AC_DEFINE(HAVE_HEADER_AD)],, [#include <arpa/nameser.h>]) @@ -2545,7 +2805,6 @@ AC_ARG_WITH(kerberos5, LIBS="$LIBS $K5LIBS" AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS)) - AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS)) ] ) @@ -3184,6 +3443,10 @@ if test "$ac_cv_lib_pam_pam_set_item" = yes ; then LIBS=`echo $LIBS | sed 's/-ldl //'` fi +dnl Adding -Werror to CFLAGS early prevents configure tests from running. +dnl Add now. +CFLAGS="$CFLAGS $werror_flags" + AC_EXEEXT AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \ scard/Makefile ssh_prng_cmds survey.sh]) diff --git a/crypto/openssh/hostfile.c b/crypto/openssh/hostfile.c index bf2a31c..63550a2 100644 --- a/crypto/openssh/hostfile.c +++ b/crypto/openssh/hostfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: hostfile.c,v 1.34 2005/03/10 22:01:05 deraadt Exp $"); +RCSID("$OpenBSD: hostfile.c,v 1.35 2005/07/27 10:39:03 dtucker Exp $"); #include <resolv.h> #include <openssl/hmac.h> @@ -315,7 +315,7 @@ add_host_to_hostfile(const char *filename, const char *host, const Key *key, { FILE *f; int success = 0; - char *hashed_host; + char *hashed_host = NULL; if (key == NULL) return 1; /* XXX ? */ diff --git a/crypto/openssh/includes.h b/crypto/openssh/includes.h index 3cbc2c2..f4ab0a3 100644 --- a/crypto/openssh/includes.h +++ b/crypto/openssh/includes.h @@ -1,4 +1,4 @@ -/* $OpenBSD: includes.h,v 1.18 2004/06/13 15:03:02 djm Exp $ */ +/* $OpenBSD: includes.h,v 1.19 2005/05/19 02:42:26 djm Exp $ */ /* $FreeBSD$ */ /* @@ -22,6 +22,7 @@ __RCSID(msg) #include "config.h" +#include <stdarg.h> #include <stdio.h> #include <ctype.h> #include <errno.h> @@ -169,6 +170,10 @@ __RCSID(msg) # include <ia.h> #endif +#ifdef HAVE_IAF_H +# include <iaf.h> +#endif + #ifdef HAVE_TMPDIR_H # include <tmpdir.h> #endif @@ -182,6 +187,10 @@ __RCSID(msg) # include <kafs.h> #endif +#if defined(HAVE_SYS_SYSLOG_H) +# include <sys/syslog.h> +#endif + /* * On HP-UX 11.11, shadow.h and prot.h provide conflicting declarations * of getspnam when _INCLUDE__STDC__ is defined, so we unset it here. diff --git a/crypto/openssh/key.c b/crypto/openssh/key.c index e419304..08c158b 100644 --- a/crypto/openssh/key.c +++ b/crypto/openssh/key.c @@ -32,7 +32,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: key.c,v 1.57 2004/10/29 23:57:05 djm Exp $"); +RCSID("$OpenBSD: key.c,v 1.58 2005/06/17 02:44:32 djm Exp $"); #include <openssl/evp.h> @@ -231,7 +231,7 @@ static char * key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len) { char *retval; - int i; + u_int i; retval = xmalloc(dgst_raw_len * 3 + 1); retval[0] = '\0'; diff --git a/crypto/openssh/loginrec.c b/crypto/openssh/loginrec.c index 44dd823..afc8348 100644 --- a/crypto/openssh/loginrec.c +++ b/crypto/openssh/loginrec.c @@ -165,7 +165,7 @@ # include <libutil.h> #endif -RCSID("$Id: loginrec.c,v 1.67 2005/02/15 11:19:28 dtucker Exp $"); +RCSID("$Id: loginrec.c,v 1.70 2005/07/17 07:26:44 djm Exp $"); RCSID("$FreeBSD$"); /** @@ -363,7 +363,7 @@ login_init_entry(struct logininfo *li, int pid, const char *username, strlcpy(li->username, username, sizeof(li->username)); pw = getpwnam(li->username); if (pw == NULL) { - fatal("%s: Cannot find user \"%s\"", __func__, + fatal("%s: Cannot find user \"%s\"", __func__, li->username); } li->uid = pw->pw_uid; @@ -375,7 +375,7 @@ login_init_entry(struct logininfo *li, int pid, const char *username, return (1); } -/* +/* * login_set_current_time(struct logininfo *) - set the current time * * Set the current time in a logininfo structure. This function is @@ -444,8 +444,9 @@ login_write(struct logininfo *li) wtmpx_write_entry(li); #endif #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN - if (li->type == LTYPE_LOGIN && - !sys_auth_record_login(li->username,li->hostname,li->line, &loginmsg)) + if (li->type == LTYPE_LOGIN && + !sys_auth_record_login(li->username,li->hostname,li->line, + &loginmsg)) logit("Writing login record failed for %s", li->username); #endif #ifdef SSH_AUDIT_EVENTS @@ -535,7 +536,7 @@ getlast_entry(struct logininfo *li) * sure dst has enough space, if not just copy src (ugh) */ char * -line_fullname(char *dst, const char *src, int dstsize) +line_fullname(char *dst, const char *src, u_int dstsize) { memset(dst, '\0', dstsize); if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5))) @@ -559,7 +560,7 @@ line_stripname(char *dst, const char *src, int dstsize) return (dst); } -/* +/* * line_abbrevname(): Return the abbreviated (usually four-character) * form of the line (Just use the last <dstsize> characters of the * full name.) @@ -809,7 +810,7 @@ utmp_write_library(struct logininfo *li, struct utmp *ut) } # else /* UTMP_USE_LIBRARY */ -/* +/* * Write a utmp entry direct to the file * This is a slightly modification of code in OpenBSD's login.c */ @@ -853,7 +854,7 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) return (0); } if (ret != pos) { - logit("%s: Couldn't seek to tty %d slot in %s", + logit("%s: Couldn't seek to tty %d slot in %s", __func__, tty, UTMP_FILE); return (0); } @@ -1053,7 +1054,7 @@ utmpx_write_entry(struct logininfo *li) #ifdef USE_WTMP -/* +/* * Write a wtmp entry direct to the end of the file * This is a slight modification of code in OpenBSD's logwtmp.c */ @@ -1114,7 +1115,7 @@ wtmp_write_entry(struct logininfo *li) } -/* +/* * Notes on fetching login data from wtmp/wtmpx * * Logouts are usually recorded with (amongst other things) a blank @@ -1158,12 +1159,12 @@ wtmp_get_entry(struct logininfo *li) li->tv_sec = li->tv_usec = 0; if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) { - logit("%s: problem opening %s: %s", __func__, + logit("%s: problem opening %s: %s", __func__, WTMP_FILE, strerror(errno)); return (0); } if (fstat(fd, &st) != 0) { - logit("%s: couldn't stat %s: %s", __func__, + logit("%s: couldn't stat %s: %s", __func__, WTMP_FILE, strerror(errno)); close(fd); return (0); @@ -1178,7 +1179,7 @@ wtmp_get_entry(struct logininfo *li) while (!found) { if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) { - logit("%s: read of %s failed: %s", __func__, + logit("%s: read of %s failed: %s", __func__, WTMP_FILE, strerror(errno)); close (fd); return (0); @@ -1236,7 +1237,7 @@ wtmpx_write(struct logininfo *li, struct utmpx *utx) int fd, ret = 1; if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) { - logit("%s: problem opening %s: %s", __func__, + logit("%s: problem opening %s: %s", __func__, WTMPX_FILE, strerror(errno)); return (0); } @@ -1323,12 +1324,12 @@ wtmpx_get_entry(struct logininfo *li) li->tv_sec = li->tv_usec = 0; if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) { - logit("%s: problem opening %s: %s", __func__, + logit("%s: problem opening %s: %s", __func__, WTMPX_FILE, strerror(errno)); return (0); } if (fstat(fd, &st) != 0) { - logit("%s: couldn't stat %s: %s", __func__, + logit("%s: couldn't stat %s: %s", __func__, WTMPX_FILE, strerror(errno)); close(fd); return (0); @@ -1343,13 +1344,13 @@ wtmpx_get_entry(struct logininfo *li) while (!found) { if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) { - logit("%s: read of %s failed: %s", __func__, + logit("%s: read of %s failed: %s", __func__, WTMPX_FILE, strerror(errno)); close (fd); return (0); } /* - * Logouts are recorded as a blank username on a particular + * Logouts are recorded as a blank username on a particular * line. So, we just need to find the username in struct utmpx */ if (wtmpx_islogin(li, &utx)) { diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c index ef8fbc4..561f8d8 100644 --- a/crypto/openssh/monitor.c +++ b/crypto/openssh/monitor.c @@ -878,8 +878,8 @@ int mm_answer_pam_query(int sock, Buffer *m) { char *name, *info, **prompts; - u_int num, *echo_on; - int i, ret; + u_int i, num, *echo_on; + int ret; debug3("%s", __func__); sshpam_authok = NULL; @@ -912,8 +912,8 @@ int mm_answer_pam_respond(int sock, Buffer *m) { char **resp; - u_int num; - int i, ret; + u_int i, num; + int ret; debug3("%s", __func__); sshpam_authok = NULL; diff --git a/crypto/openssh/monitor_wrap.c b/crypto/openssh/monitor_wrap.c index 216c454..5457c30 100644 --- a/crypto/openssh/monitor_wrap.c +++ b/crypto/openssh/monitor_wrap.c @@ -25,7 +25,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor_wrap.c,v 1.39 2004/07/17 05:31:41 dtucker Exp $"); +RCSID("$OpenBSD: monitor_wrap.c,v 1.40 2005/05/24 17:32:43 avsm Exp $"); RCSID("$FreeBSD$"); #include <openssl/bn.h> @@ -96,9 +96,9 @@ mm_request_send(int sock, enum monitor_reqtype type, Buffer *m) PUT_32BIT(buf, mlen + 1); buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf)) - fatal("%s: write", __func__); + fatal("%s: write: %s", __func__, strerror(errno)); if (atomicio(vwrite, sock, buffer_ptr(m), mlen) != mlen) - fatal("%s: write", __func__); + fatal("%s: write: %s", __func__, strerror(errno)); } void @@ -106,24 +106,21 @@ mm_request_receive(int sock, Buffer *m) { u_char buf[4]; u_int msg_len; - ssize_t res; debug3("%s entering", __func__); - res = atomicio(read, sock, buf, sizeof(buf)); - if (res != sizeof(buf)) { - if (res == 0) + if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) { + if (errno == EPIPE) cleanup_exit(255); - fatal("%s: read: %ld", __func__, (long)res); + fatal("%s: read: %s", __func__, strerror(errno)); } msg_len = GET_32BIT(buf); if (msg_len > 256 * 1024) fatal("%s: read: bad msg_len %d", __func__, msg_len); buffer_clear(m); buffer_append_space(m, msg_len); - res = atomicio(read, sock, buffer_ptr(m), msg_len); - if (res != msg_len) - fatal("%s: read: %ld != msg_len", __func__, (long)res); + if (atomicio(read, sock, buffer_ptr(m), msg_len) != msg_len) + fatal("%s: read: %s", __func__, strerror(errno)); } void @@ -768,7 +765,8 @@ mm_sshpam_query(void *ctx, char **name, char **info, u_int *num, char ***prompts, u_int **echo_on) { Buffer m; - int i, ret; + u_int i; + int ret; debug3("%s", __func__); buffer_init(&m); @@ -794,7 +792,8 @@ int mm_sshpam_respond(void *ctx, u_int num, char **resp) { Buffer m; - int i, ret; + u_int i; + int ret; debug3("%s", __func__); buffer_init(&m); diff --git a/crypto/openssh/mpaux.c b/crypto/openssh/mpaux.c deleted file mode 100644 index 0c48627..0000000 --- a/crypto/openssh/mpaux.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Author: Tatu Ylonen <ylo@cs.hut.fi> - * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - * All rights reserved - * This file contains various auxiliary functions related to multiple - * precision integers. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ - -#include "includes.h" -RCSID("$OpenBSD: mpaux.c,v 1.16 2001/02/08 19:30:52 itojun Exp $"); - -#include <openssl/bn.h> -#include "getput.h" -#include "xmalloc.h" - -#include <openssl/md5.h> - -#include "mpaux.h" - -void -compute_session_id(u_char session_id[16], - u_char cookie[8], - BIGNUM* host_key_n, - BIGNUM* session_key_n) -{ - u_int host_key_bytes = BN_num_bytes(host_key_n); - u_int session_key_bytes = BN_num_bytes(session_key_n); - u_int bytes = host_key_bytes + session_key_bytes; - u_char *buf = xmalloc(bytes); - MD5_CTX md; - - BN_bn2bin(host_key_n, buf); - BN_bn2bin(session_key_n, buf + host_key_bytes); - MD5_Init(&md); - MD5_Update(&md, buf, bytes); - MD5_Update(&md, cookie, 8); - MD5_Final(session_id, &md); - memset(buf, 0, bytes); - xfree(buf); -} diff --git a/crypto/openssh/mpaux.h b/crypto/openssh/mpaux.h deleted file mode 100644 index 2a312f5..0000000 --- a/crypto/openssh/mpaux.h +++ /dev/null @@ -1,22 +0,0 @@ -/* $OpenBSD: mpaux.h,v 1.12 2002/03/04 17:27:39 stevesk Exp $ */ - -/* - * Author: Tatu Ylonen <ylo@cs.hut.fi> - * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - * All rights reserved - * This file contains various auxiliary functions related to multiple - * precision integers. - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ - -#ifndef MPAUX_H -#define MPAUX_H - -void compute_session_id(u_char[16], u_char[8], BIGNUM *, BIGNUM *); - -#endif /* MPAUX_H */ diff --git a/crypto/openssh/myproposal.h b/crypto/openssh/myproposal.h index 61f612a..8beb4e2 100644 --- a/crypto/openssh/myproposal.h +++ b/crypto/openssh/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.16 2004/06/13 12:53:24 djm Exp $ */ +/* $OpenBSD: myproposal.h,v 1.18 2005/07/25 11:59:39 markus Exp $ */ /* $FreeBSD$ */ /* @@ -29,14 +29,15 @@ "diffie-hellman-group1-sha1" #define KEX_DEFAULT_PK_ALG "ssh-dss,ssh-rsa" #define KEX_DEFAULT_ENCRYPT \ - "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \ + "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ + "arcfour128,arcfour256,arcfour," \ "aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se," \ "aes128-ctr,aes192-ctr,aes256-ctr" #define KEX_DEFAULT_MAC \ "hmac-md5,hmac-sha1,hmac-ripemd160," \ "hmac-ripemd160@openssh.com," \ "hmac-sha1-96,hmac-md5-96" -#define KEX_DEFAULT_COMP "none,zlib" +#define KEX_DEFAULT_COMP "none,zlib@openssh.com,zlib" #define KEX_DEFAULT_LANG "" diff --git a/crypto/openssh/openbsd-compat/fake-rfc2553.h b/crypto/openssh/openbsd-compat/fake-rfc2553.h index 1cfcd26..dd998c5 100644 --- a/crypto/openssh/openbsd-compat/fake-rfc2553.h +++ b/crypto/openssh/openbsd-compat/fake-rfc2553.h @@ -1,4 +1,4 @@ -/* $Id: fake-rfc2553.h,v 1.10 2005/02/11 07:32:13 dtucker Exp $ */ +/* $Id: fake-rfc2553.h,v 1.12 2005/08/03 05:36:21 dtucker Exp $ */ /* $FreeBSD$ */ /* @@ -114,11 +114,17 @@ struct sockaddr_in6 { # define NI_MAXHOST 1025 #endif /* !NI_MAXHOST */ +#ifndef EAI_NODATA +# define EAI_NODATA (INT_MAX - 1) +#endif +#ifndef EAI_MEMORY +# define EAI_MEMORY (INT_MAX - 2) +#endif #ifndef EAI_NONAME -# define EAI_NODATA 1 -# define EAI_MEMORY 2 -# define EAI_NONAME 3 -# define EAI_SYSTEM 4 +# define EAI_NONAME (INT_MAX - 3) +#endif +#ifndef EAI_SYSTEM +# define EAI_SYSTEM (INT_MAX - 4) #endif #ifndef HAVE_STRUCT_ADDRINFO diff --git a/crypto/openssh/packet.h b/crypto/openssh/packet.h index 37f82f2..8c23646 100644 --- a/crypto/openssh/packet.h +++ b/crypto/openssh/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.41 2004/05/11 19:01:43 deraadt Exp $ */ +/* $OpenBSD: packet.h,v 1.43 2005/07/25 11:59:40 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -30,6 +30,8 @@ u_int packet_get_protocol_flags(void); void packet_start_compression(int); void packet_set_interactive(int); int packet_is_interactive(void); +void packet_set_server(void); +void packet_set_authenticated(void); void packet_start(u_char); void packet_put_char(int ch); @@ -52,7 +54,7 @@ u_int packet_get_char(void); u_int packet_get_int(void); void packet_get_bignum(BIGNUM * value); void packet_get_bignum2(BIGNUM * value); -void *packet_get_raw(int *length_ptr); +void *packet_get_raw(u_int *length_ptr); void *packet_get_string(u_int *length_ptr); void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c index 2a1f36f..2a7962b 100644 --- a/crypto/openssh/readconf.c +++ b/crypto/openssh/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.139 2005/03/10 22:01:05 deraadt Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.143 2005/07/30 02:03:47 djm Exp $"); RCSID("$FreeBSD$"); #include "ssh.h" @@ -698,7 +698,7 @@ parse_int: fwd.listen_host = cleanhostname(fwd.listen_host); } else { fwd.listen_port = a2port(fwd.listen_host); - fwd.listen_host = ""; + fwd.listen_host = NULL; } if (fwd.listen_port == 0) fatal("%.200s line %d: Badly formatted port number.", @@ -746,6 +746,9 @@ parse_int: case oAddressFamily: arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%s line %d: missing address family.", + filename, linenum); intptr = &options->address_family; if (strcasecmp(arg, "inet") == 0) value = AF_INET; @@ -796,7 +799,27 @@ parse_int: case oControlMaster: intptr = &options->control_master; - goto parse_yesnoask; + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing ControlMaster argument.", + filename, linenum); + value = 0; /* To avoid compiler warning... */ + if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) + value = SSHCTL_MASTER_YES; + else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) + value = SSHCTL_MASTER_NO; + else if (strcmp(arg, "auto") == 0) + value = SSHCTL_MASTER_AUTO; + else if (strcmp(arg, "ask") == 0) + value = SSHCTL_MASTER_ASK; + else if (strcmp(arg, "autoask") == 0) + value = SSHCTL_MASTER_AUTO_ASK; + else + fatal("%.200s line %d: Bad ControlMaster argument.", + filename, linenum); + if (*activep && *intptr == -1) + *intptr = value; + break; case oHashKnownHosts: intptr = &options->hash_known_hosts; @@ -826,7 +849,7 @@ parse_int: /* Check that there is no garbage at end of line. */ if ((arg = strdelim(&s)) != NULL && *arg != '\0') { fatal("%.200s line %d: garbage at end of line; \"%.200s\".", - filename, linenum, arg); + filename, linenum, arg); } return 0; } diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h index de4b4cb..2b9deb9 100644 --- a/crypto/openssh/readconf.h +++ b/crypto/openssh/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.66 2005/03/01 10:40:27 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.67 2005/06/08 11:25:09 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -116,6 +116,11 @@ typedef struct { int hash_known_hosts; } Options; +#define SSHCTL_MASTER_NO 0 +#define SSHCTL_MASTER_YES 1 +#define SSHCTL_MASTER_AUTO 2 +#define SSHCTL_MASTER_ASK 3 +#define SSHCTL_MASTER_AUTO_ASK 4 void initialize_options(Options *); void fill_default_options(Options *); diff --git a/crypto/openssh/scp.c b/crypto/openssh/scp.c index 1d34cc6..1407aa7 100644 --- a/crypto/openssh/scp.c +++ b/crypto/openssh/scp.c @@ -71,7 +71,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: scp.c,v 1.121 2005/04/02 12:41:16 djm Exp $"); +RCSID("$OpenBSD: scp.c,v 1.125 2005/07/27 10:39:03 dtucker Exp $"); #include "xmalloc.h" #include "atomicio.h" @@ -109,11 +109,13 @@ static void killchild(int signo) { if (do_cmd_pid > 1) { - kill(do_cmd_pid, signo); + kill(do_cmd_pid, signo ? signo : SIGTERM); waitpid(do_cmd_pid, NULL, 0); } - _exit(1); + if (signo) + _exit(1); + exit(1); } /* @@ -184,7 +186,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout, int argc) } typedef struct { - int cnt; + size_t cnt; char *buf; } BUF; @@ -502,8 +504,9 @@ source(int argc, char **argv) struct stat stb; static BUF buffer; BUF *bp; - off_t i, amt, result, statbytes; - int fd, haderr, indx; + off_t i, amt, statbytes; + size_t result; + int fd = -1, haderr, indx; char *last, *name, buf[2048]; int len; @@ -578,14 +581,14 @@ next: (void) close(fd); if (!haderr) { result = atomicio(read, fd, bp->buf, amt); if (result != amt) - haderr = result >= 0 ? EIO : errno; + haderr = errno; } if (haderr) (void) atomicio(vwrite, remout, bp->buf, amt); else { result = atomicio(vwrite, remout, bp->buf, amt); if (result != amt) - haderr = result >= 0 ? EIO : errno; + haderr = errno; statbytes += result; } if (limit_rate) @@ -720,8 +723,9 @@ sink(int argc, char **argv) YES, NO, DISPLAYED } wrerr; BUF *bp; - off_t i, j; - int amt, count, exists, first, mask, mode, ofd, omode; + off_t i; + size_t j, count; + int amt, exists, first, mask, mode, ofd, omode; off_t size, statbytes; int setimes, targisdir, wrerrno = 0; char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; @@ -748,7 +752,7 @@ sink(int argc, char **argv) targisdir = 1; for (first = 1;; first = 0) { cp = buf; - if (atomicio(read, remin, cp, 1) <= 0) + if (atomicio(read, remin, cp, 1) != 1) return; if (*cp++ == '\n') SCREWUP("unexpected <newline>"); @@ -829,7 +833,7 @@ sink(int argc, char **argv) } if (targisdir) { static char *namebuf; - static int cursize; + static size_t cursize; size_t need; need = strlen(targ) + strlen(cp) + 250; @@ -902,7 +906,7 @@ bad: run_err("%s: %s", np, strerror(errno)); count += amt; do { j = atomicio(read, remin, cp, amt); - if (j <= 0) { + if (j == 0) { run_err("%s", j ? strerror(errno) : "dropped connection"); exit(1); @@ -918,10 +922,10 @@ bad: run_err("%s: %s", np, strerror(errno)); if (count == bp->cnt) { /* Keep reading so we stay sync'd up. */ if (wrerr == NO) { - j = atomicio(vwrite, ofd, bp->buf, count); - if (j != count) { + if (atomicio(vwrite, ofd, bp->buf, + count) != count) { wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; + wrerrno = errno; } } count = 0; @@ -931,9 +935,9 @@ bad: run_err("%s: %s", np, strerror(errno)); if (showprogress) stop_progress_meter(); if (count != 0 && wrerr == NO && - (j = atomicio(vwrite, ofd, bp->buf, count)) != count) { + atomicio(vwrite, ofd, bp->buf, count) != count) { wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; + wrerrno = errno; } if (wrerr == NO && ftruncate(ofd, size) != 0) { run_err("%s: truncate: %s", np, strerror(errno)); @@ -1070,7 +1074,7 @@ verifydir(char *cp) errno = ENOTDIR; } run_err("%s: %s", cp, strerror(errno)); - exit(1); + killchild(0); } int diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index deba992..466f897 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.140 2005/03/10 22:01:05 deraadt Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.144 2005/08/06 10:03:12 dtucker Exp $"); RCSID("$FreeBSD$"); #include "ssh.h" @@ -204,7 +204,7 @@ fill_default_server_options(ServerOptions *options) if (options->use_login == -1) options->use_login = 0; if (options->compression == -1) - options->compression = 1; + options->compression = COMP_DELAYED; if (options->allow_tcp_forwarding == -1) options->allow_tcp_forwarding = 1; if (options->gateway_ports == -1) @@ -403,7 +403,7 @@ parse_token(const char *cp, const char *filename, static void add_listen_addr(ServerOptions *options, char *addr, u_short port) { - int i; + u_int i; if (options->num_ports == 0) options->ports[options->num_ports++] = SSH_DEFAULT_PORT; @@ -443,9 +443,10 @@ process_server_config_line(ServerOptions *options, char *line, const char *filename, int linenum) { char *cp, **charptr, *arg, *p; - int *intptr, value, i, n; + int *intptr, value, n; ServerOpCodes opcode; u_short port; + u_int i; cp = line; arg = strdelim(&cp); @@ -521,6 +522,12 @@ parse_time: if (arg == NULL || *arg == '\0') fatal("%s line %d: missing address", filename, linenum); + /* check for bare IPv6 address: no "[]" and 2 or more ":" */ + if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL + && strchr(p+1, ':') != NULL) { + add_listen_addr(options, arg, 0); + break; + } p = hpdelim(&arg); if (p == NULL) fatal("%s line %d: bad address:port usage", @@ -537,6 +544,9 @@ parse_time: case sAddressFamily: arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing address family.", + filename, linenum); intptr = &options->address_family; if (options->listen_addrs != NULL) fatal("%s line %d: address family must be specified before " @@ -726,7 +736,23 @@ parse_flag: case sCompression: intptr = &options->compression; - goto parse_flag; + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing yes/no/delayed " + "argument.", filename, linenum); + value = 0; /* silence compiler */ + if (strcmp(arg, "delayed") == 0) + value = COMP_DELAYED; + else if (strcmp(arg, "yes") == 0) + value = COMP_ZLIB; + else if (strcmp(arg, "no") == 0) + value = COMP_NONE; + else + fatal("%s line %d: Bad yes/no/delayed " + "argument: %s", filename, linenum, arg); + if (*intptr == -1) + *intptr = value; + break; case sGatewayPorts: intptr = &options->gateway_ports; diff --git a/crypto/openssh/serverloop.c b/crypto/openssh/serverloop.c index eee1e79..d2eff17 100644 --- a/crypto/openssh/serverloop.c +++ b/crypto/openssh/serverloop.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.117 2004/08/11 21:43:05 avsm Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.118 2005/07/17 07:17:55 djm Exp $"); #include "xmalloc.h" #include "packet.h" @@ -865,7 +865,7 @@ server_request_direct_tcpip(void) packet_check_eom(); debug("server_request_direct_tcpip: originator %s port %d, target %s port %d", - originator, originator_port, target, target_port); + originator, originator_port, target, target_port); /* XXX check permission */ sock = channel_connect_to(target, target_port); @@ -983,7 +983,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) #ifndef NO_IPPORT_RESERVED_CONCEPT || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0) #endif - ) { + ) { success = 0; packet_send_debug("Server has disabled port forwarding."); } else { diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index 2a8a900..50521ef 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.181 2004/12/23 17:35:48 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.186 2005/07/25 11:59:40 markus Exp $"); RCSID("$FreeBSD$"); #include "ssh.h" @@ -57,6 +57,7 @@ RCSID("$FreeBSD$"); #include "serverloop.h" #include "canohost.h" #include "session.h" +#include "kex.h" #include "monitor_wrap.h" #if defined(KRB5) && defined(USE_AFS) @@ -197,11 +198,11 @@ auth_input_request_forwarding(struct passwd * pw) static void display_loginmsg(void) { - if (buffer_len(&loginmsg) > 0) { - buffer_append(&loginmsg, "\0", 1); - printf("%s", (char *)buffer_ptr(&loginmsg)); - buffer_clear(&loginmsg); - } + if (buffer_len(&loginmsg) > 0) { + buffer_append(&loginmsg, "\0", 1); + printf("%s", (char *)buffer_ptr(&loginmsg)); + buffer_clear(&loginmsg); + } } void @@ -273,7 +274,7 @@ do_authenticated1(Authctxt *authctxt) compression_level); break; } - if (!options.compression) { + if (options.compression == COMP_NONE) { debug2("compression disabled"); break; } @@ -965,7 +966,8 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid) } #endif /* HAVE_ETC_DEFAULT_LOGIN */ -void copy_environment(char **source, char ***env, u_int *envsize) +void +copy_environment(char **source, char ***env, u_int *envsize) { char *var_name, *var_val; int i; @@ -1363,6 +1365,11 @@ do_setusercontext(struct passwd *pw) # ifdef _AIX aix_usrinfo(pw); # endif /* _AIX */ +#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF) + if (set_id(pw->pw_name) != 0) { + exit(1); + } +#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */ /* Permanently switch to the desired uid. */ permanently_set_uid(pw); #endif @@ -1567,7 +1574,7 @@ do_child(Session *s, const char *command) */ if (options.kerberos_get_afs_token && k_hasafs() && - (s->authctxt->krb5_ctx != NULL)) { + (s->authctxt->krb5_ctx != NULL)) { char cell[64]; debug("Getting AFS token"); @@ -1671,6 +1678,7 @@ session_new(void) s->ttyfd = -1; s->used = 1; s->self = i; + s->x11_chanids = NULL; debug("session_new: session %d", i); return s; } @@ -1744,6 +1752,29 @@ session_by_channel(int id) } static Session * +session_by_x11_channel(int id) +{ + int i, j; + + for (i = 0; i < MAX_SESSIONS; i++) { + Session *s = &sessions[i]; + + if (s->x11_chanids == NULL || !s->used) + continue; + for (j = 0; s->x11_chanids[j] != -1; j++) { + if (s->x11_chanids[j] == id) { + debug("session_by_x11_channel: session %d " + "channel %d", s->self, id); + return s; + } + } + } + debug("session_by_x11_channel: unknown channel %d", id); + session_dump(); + return NULL; +} + +static Session * session_by_pid(pid_t pid) { int i; @@ -1838,7 +1869,7 @@ session_subsystem_req(Session *s) u_int len; int success = 0; char *cmd, *subsys = packet_get_string(&len); - int i; + u_int i; packet_check_eom(); logit("subsystem request for %.100s", subsys); @@ -1872,6 +1903,11 @@ session_x11_req(Session *s) { int success; + if (s->auth_proto != NULL || s->auth_data != NULL) { + error("session_x11_req: session %d: " + "x11 fowarding already active", s->self); + return 0; + } s->single_connection = packet_get_char(); s->auth_proto = packet_get_string(NULL); s->auth_data = packet_get_string(NULL); @@ -2097,9 +2133,66 @@ sig2name(int sig) } static void +session_close_x11(int id) +{ + Channel *c; + + if ((c = channel_lookup(id)) == NULL) { + debug("session_close_x11: x11 channel %d missing", id); + } else { + /* Detach X11 listener */ + debug("session_close_x11: detach x11 channel %d", id); + channel_cancel_cleanup(id); + if (c->ostate != CHAN_OUTPUT_CLOSED) + chan_mark_dead(c); + } +} + +static void +session_close_single_x11(int id, void *arg) +{ + Session *s; + u_int i; + + debug3("session_close_single_x11: channel %d", id); + channel_cancel_cleanup(id); + if ((s = session_by_x11_channel(id)) == NULL) + fatal("session_close_single_x11: no x11 channel %d", id); + for (i = 0; s->x11_chanids[i] != -1; i++) { + debug("session_close_single_x11: session %d: " + "closing channel %d", s->self, s->x11_chanids[i]); + /* + * The channel "id" is already closing, but make sure we + * close all of its siblings. + */ + if (s->x11_chanids[i] != id) + session_close_x11(s->x11_chanids[i]); + } + xfree(s->x11_chanids); + s->x11_chanids = NULL; + if (s->display) { + xfree(s->display); + s->display = NULL; + } + if (s->auth_proto) { + xfree(s->auth_proto); + s->auth_proto = NULL; + } + if (s->auth_data) { + xfree(s->auth_data); + s->auth_data = NULL; + } + if (s->auth_display) { + xfree(s->auth_display); + s->auth_display = NULL; + } +} + +static void session_exit_message(Session *s, int status) { Channel *c; + u_int i; if ((c = channel_lookup(s->chanid)) == NULL) fatal("session_exit_message: session %d: no channel %d", @@ -2139,12 +2232,20 @@ session_exit_message(Session *s, int status) if (c->ostate != CHAN_OUTPUT_CLOSED) chan_write_failed(c); s->chanid = -1; + + /* Close any X11 listeners associated with this session */ + if (s->x11_chanids != NULL) { + for (i = 0; s->x11_chanids[i] != -1; i++) { + session_close_x11(s->x11_chanids[i]); + s->x11_chanids[i] = -1; + } + } } void session_close(Session *s) { - int i; + u_int i; debug("session_close: session %d pid %ld", s->self, (long)s->pid); if (s->ttyfd != -1) @@ -2153,6 +2254,8 @@ session_close(Session *s) xfree(s->term); if (s->display) xfree(s->display); + if (s->x11_chanids) + xfree(s->x11_chanids); if (s->auth_display) xfree(s->auth_display); if (s->auth_data) @@ -2191,6 +2294,7 @@ void session_close_by_channel(int id, void *arg) { Session *s = session_by_channel(id); + if (s == NULL) { debug("session_close_by_channel: no session for id %d", id); return; @@ -2271,6 +2375,7 @@ session_setup_x11fwd(Session *s) struct stat st; char display[512], auth_display[512]; char hostname[MAXHOSTNAMELEN]; + u_int i; if (no_x11_forwarding_flag) { packet_send_debug("X11 forwarding disabled in user configuration file."); @@ -2296,10 +2401,14 @@ session_setup_x11fwd(Session *s) } if (x11_create_display_inet(options.x11_display_offset, options.x11_use_localhost, s->single_connection, - &s->display_number) == -1) { + &s->display_number, &s->x11_chanids) == -1) { debug("x11_create_display_inet failed."); return 0; } + for (i = 0; s->x11_chanids[i] != -1; i++) { + channel_register_cleanup(s->x11_chanids[i], + session_close_single_x11); + } /* Set up a suitable value for the DISPLAY variable. */ if (gethostname(hostname, sizeof(hostname)) < 0) diff --git a/crypto/openssh/session.h b/crypto/openssh/session.h index 48be507..a2598a9 100644 --- a/crypto/openssh/session.h +++ b/crypto/openssh/session.h @@ -1,4 +1,4 @@ -/* $OpenBSD: session.h,v 1.23 2004/07/17 05:31:41 dtucker Exp $ */ +/* $OpenBSD: session.h,v 1.25 2005/07/17 06:49:04 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -49,8 +49,9 @@ struct Session { int single_connection; /* proto 2 */ int chanid; + int *x11_chanids; int is_subsystem; - int num_env; + u_int num_env; struct { char *name; char *val; diff --git a/crypto/openssh/ssh-add.c b/crypto/openssh/ssh-add.c index a796647..a342876 100644 --- a/crypto/openssh/ssh-add.c +++ b/crypto/openssh/ssh-add.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-add.c,v 1.71 2005/03/10 22:01:06 deraadt Exp $"); +RCSID("$OpenBSD: ssh-add.c,v 1.72 2005/07/17 07:17:55 djm Exp $"); #include <openssl/evp.h> @@ -145,7 +145,7 @@ add_file(AuthenticationConnection *ac, const char *filename) /* clear passphrase since it did not work */ clear_pass(); snprintf(msg, sizeof msg, "Enter passphrase for %.200s: ", - comment); + comment); for (;;) { pass = read_passphrase(msg, RP_ALLOW_STDIN); if (strcmp(pass, "") == 0) { diff --git a/crypto/openssh/ssh-keyscan.c b/crypto/openssh/ssh-keyscan.c index bc2c3b7..46f0636 100644 --- a/crypto/openssh/ssh-keyscan.c +++ b/crypto/openssh/ssh-keyscan.c @@ -7,7 +7,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keyscan.c,v 1.52 2005/03/01 15:47:14 jmc Exp $"); +RCSID("$OpenBSD: ssh-keyscan.c,v 1.55 2005/06/17 02:44:33 djm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -166,7 +166,7 @@ Linebuf_lineno(Linebuf * lb) static char * Linebuf_getline(Linebuf * lb) { - int n = 0; + size_t n = 0; void *p; lb->lineno++; @@ -493,7 +493,7 @@ conrecycle(int s) static void congreet(int s) { - int remote_major = 0, remote_minor = 0, n = 0; + int n = 0, remote_major = 0, remote_minor = 0; char buf[256], *cp; char remote_version[sizeof buf]; size_t bufsiz; @@ -506,14 +506,17 @@ congreet(int s) *cp = '\n'; cp++; } - if (n < 0) { - if (errno != ECONNREFUSED) - error("read (%s): %s", c->c_name, strerror(errno)); - conrecycle(s); - return; - } if (n == 0) { - error("%s: Connection closed by remote host", c->c_name); + switch (errno) { + case EPIPE: + error("%s: Connection closed by remote host", c->c_name); + break; + case ECONNREFUSED: + break; + default: + error("read (%s): %s", c->c_name, strerror(errno)); + break; + } conrecycle(s); return; } @@ -543,7 +546,12 @@ congreet(int s) n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n", c->c_keytype == KT_RSA1? PROTOCOL_MAJOR_1 : PROTOCOL_MAJOR_2, c->c_keytype == KT_RSA1? PROTOCOL_MINOR_1 : PROTOCOL_MINOR_2); - if (atomicio(vwrite, s, buf, n) != n) { + if (n < 0 || (size_t)n >= sizeof(buf)) { + error("snprintf: buffer too small"); + confree(s); + return; + } + if (atomicio(vwrite, s, buf, n) != (size_t)n) { error("write (%s): %s", c->c_name, strerror(errno)); confree(s); return; @@ -561,14 +569,14 @@ static void conread(int s) { con *c = &fdcon[s]; - int n; + size_t n; if (c->c_status == CS_CON) { congreet(s); return; } n = atomicio(read, s, c->c_data + c->c_off, c->c_len - c->c_off); - if (n < 0) { + if (n == 0) { error("read (%s): %s", c->c_name, strerror(errno)); confree(s); return; diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index 296a326..92c4f59 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.194 2004/08/12 21:41:13 jakob Exp $ +.\" $OpenBSD: ssh.1,v 1.209 2005/07/06 09:33:05 dtucker Exp $ .\" $FreeBSD$ .Dd September 25, 1999 .Dt SSH 1 @@ -126,17 +126,24 @@ The second authentication method is the or .Em hosts.equiv method combined with RSA-based host authentication. -It means that if the login would be permitted by -.Pa $HOME/.rhosts , -.Pa $HOME/.shosts , -.Pa /etc/hosts.equiv , +If the machine the user logs in from is listed in +.Pa /etc/hosts.equiv or -.Pa /etc/ssh/shosts.equiv , -and if additionally the server can verify the client's +.Pa /etc/shosts.equiv +on the remote machine, and the user names are +the same on both sides, or if the files +.Pa ~/.rhosts +or +.Pa ~/.shosts +exist in the user's home directory on the +remote machine and contain a line containing the name of the client +machine and the name of the user on that machine, the user is +considered for log in. +Additionally, if the server can verify the client's host key (see .Pa /etc/ssh/ssh_known_hosts and -.Pa $HOME/.ssh/known_hosts +.Pa ~/.ssh/known_hosts in the .Sx FILES section), only then is login permitted. @@ -144,7 +151,7 @@ This authentication method closes security holes due to IP spoofing, DNS spoofing and routing spoofing. [Note to the administrator: .Pa /etc/hosts.equiv , -.Pa $HOME/.rhosts , +.Pa ~/.rhosts , and the rlogin/rsh protocol in general, are inherently insecure and should be disabled if security is desired.] .Pp @@ -160,7 +167,7 @@ key pair for authentication purposes. The server knows the public key, and only the user knows the private key. .Pp The file -.Pa $HOME/.ssh/authorized_keys +.Pa ~/.ssh/authorized_keys lists the public keys that are permitted for logging in. When the user logs in, the .Nm @@ -181,18 +188,18 @@ implements the RSA authentication protocol automatically. The user creates his/her RSA key pair by running .Xr ssh-keygen 1 . This stores the private key in -.Pa $HOME/.ssh/identity +.Pa ~/.ssh/identity and stores the public key in -.Pa $HOME/.ssh/identity.pub +.Pa ~/.ssh/identity.pub in the user's home directory. The user should then copy the .Pa identity.pub to -.Pa $HOME/.ssh/authorized_keys +.Pa ~/.ssh/authorized_keys in his/her home directory on the remote machine (the .Pa authorized_keys file corresponds to the conventional -.Pa $HOME/.rhosts +.Pa ~/.rhosts file, and has one key per line, though the lines can be very long). After this, the user can log in without giving the password. @@ -225,12 +232,12 @@ password authentication are tried. The public key method is similar to RSA authentication described in the previous section and allows the RSA or DSA algorithm to be used: The client uses his private key, -.Pa $HOME/.ssh/id_dsa +.Pa ~/.ssh/id_dsa or -.Pa $HOME/.ssh/id_rsa , +.Pa ~/.ssh/id_rsa , to sign the session identifier and sends the result to the server. The server checks whether the matching public key is listed in -.Pa $HOME/.ssh/authorized_keys +.Pa ~/.ssh/authorized_keys and grants access if both the key is found and the signature is correct. The session identifier is derived from a shared Diffie-Hellman value and is only known to the client and the server. @@ -384,7 +391,7 @@ electronic purse; another is going through firewalls. automatically maintains and checks a database containing identifications for all hosts it has ever been used with. Host keys are stored in -.Pa $HOME/.ssh/known_hosts +.Pa ~/.ssh/known_hosts in the user's home directory. Additionally, the file .Pa /etc/ssh/ssh_known_hosts @@ -442,8 +449,11 @@ authenticate using the identities loaded into the agent. .It Fl a Disables forwarding of the authentication agent connection. .It Fl b Ar bind_address -Specify the interface to transmit from on machines with multiple -interfaces or aliased addresses. +Use +.Ar bind_address +on the local machine as the source address +of the connection. +Only useful on systems with more than one address. .It Fl C Requests compression of all data (including stdin, stdout, stderr, and data for forwarded X11 and TCP/IP connections). @@ -498,14 +508,17 @@ The supported ciphers are .Dq aes128-ctr , .Dq aes192-ctr , .Dq aes256-ctr , +.Dq arcfour128 , +.Dq arcfour256 , .Dq arcfour , .Dq blowfish-cbc , and .Dq cast128-cbc . The default is .Bd -literal - ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, - aes192-cbc,aes256-cbc'' + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, + arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr, + aes192-ctr,aes256-ctr'' .Ed .It Fl D Ar port Specifies a local @@ -541,7 +554,7 @@ the system-wide configuration file .Pq Pa /etc/ssh/ssh_config will be ignored. The default for the per-user configuration file is -.Pa $HOME/.ssh/config . +.Pa ~/.ssh/config . .It Fl f Requests .Nm @@ -567,11 +580,11 @@ private RSA key. Selects a file from which the identity (private key) for RSA or DSA authentication is read. The default is -.Pa $HOME/.ssh/identity +.Pa ~/.ssh/identity for protocol version 1, and -.Pa $HOME/.ssh/id_rsa +.Pa ~/.ssh/id_rsa and -.Pa $HOME/.ssh/id_dsa +.Pa ~/.ssh/id_dsa for protocol version 2. Identity files may also be specified on a per-host basis in the configuration file. @@ -894,7 +907,7 @@ Set to the name of the user logging in. Additionally, .Nm reads -.Pa $HOME/.ssh/environment , +.Pa ~/.ssh/environment , and adds lines of the format .Dq VARNAME=value to the environment if the file exists and if users are allowed to @@ -905,13 +918,13 @@ option in .Xr sshd_config 5 . .Sh FILES .Bl -tag -width Ds -.It Pa $HOME/.ssh/known_hosts +.It Pa ~/.ssh/known_hosts Records host keys for all hosts the user has logged into that are not in .Pa /etc/ssh/ssh_known_hosts . See .Xr sshd 8 . -.It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa +.It Pa ~/.ssh/identity, ~/.ssh/id_dsa, ~/.ssh/id_rsa Contains the authentication identity of the user. They are for protocol 1 RSA, protocol 2 DSA, and protocol 2 RSA, respectively. These files @@ -923,21 +936,21 @@ ignores a private key file if it is accessible by others. It is possible to specify a passphrase when generating the key; the passphrase will be used to encrypt the sensitive part of this file using 3DES. -.It Pa $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub, $HOME/.ssh/id_rsa.pub +.It Pa ~/.ssh/identity.pub, ~/.ssh/id_dsa.pub, ~/.ssh/id_rsa.pub Contains the public key for authentication (public part of the identity file in human-readable form). The contents of the -.Pa $HOME/.ssh/identity.pub +.Pa ~/.ssh/identity.pub file should be added to the file -.Pa $HOME/.ssh/authorized_keys +.Pa ~/.ssh/authorized_keys on all machines where the user wishes to log in using protocol version 1 RSA authentication. The contents of the -.Pa $HOME/.ssh/id_dsa.pub +.Pa ~/.ssh/id_dsa.pub and -.Pa $HOME/.ssh/id_rsa.pub +.Pa ~/.ssh/id_rsa.pub file should be added to -.Pa $HOME/.ssh/authorized_keys +.Pa ~/.ssh/authorized_keys on all machines where the user wishes to log in using protocol version 2 DSA/RSA authentication. These files are not @@ -945,13 +958,13 @@ sensitive and can (but need not) be readable by anyone. These files are never used automatically and are not necessary; they are only provided for the convenience of the user. -.It Pa $HOME/.ssh/config +.It Pa ~/.ssh/config This is the per-user configuration file. The file format and configuration options are described in .Xr ssh_config 5 . Because of the potential for abuse, this file must have strict permissions: read/write for the user, and not accessible by others. -.It Pa $HOME/.ssh/authorized_keys +.It Pa ~/.ssh/authorized_keys Lists the public keys (RSA/DSA) that can be used for logging in as this user. The format of this file is described in the .Xr sshd 8 @@ -1011,7 +1024,7 @@ be setuid root when that authentication method is used. By default .Nm is not setuid root. -.It Pa $HOME/.rhosts +.It Pa ~/.rhosts This file is used in .Em rhosts authentication to list the @@ -1041,12 +1054,12 @@ authentication. If the server machine does not have the client's host key in .Pa /etc/ssh/ssh_known_hosts , it can be stored in -.Pa $HOME/.ssh/known_hosts . +.Pa ~/.ssh/known_hosts . The easiest way to do this is to connect back to the client from the server machine using ssh; this will automatically add the host key to -.Pa $HOME/.ssh/known_hosts . -.It Pa $HOME/.shosts +.Pa ~/.ssh/known_hosts . +.It Pa ~/.shosts This file is used exactly the same way as .Pa .rhosts . The purpose for @@ -1083,7 +1096,7 @@ when the user logs in just before the user's shell (or command) is started. See the .Xr sshd 8 manual page for more information. -.It Pa $HOME/.ssh/rc +.It Pa ~/.ssh/rc Commands in this file are executed by .Nm when the user logs in just before the user's shell (or command) is @@ -1091,7 +1104,7 @@ started. See the .Xr sshd 8 manual page for more information. -.It Pa $HOME/.ssh/environment +.It Pa ~/.ssh/environment Contains additional definitions for environment variables, see section .Sx ENVIRONMENT above. diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c index 3f9c7f1..57c6274 100644 --- a/crypto/openssh/ssh.c +++ b/crypto/openssh/ssh.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.234 2005/03/10 22:01:06 deraadt Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.249 2005/07/30 01:26:16 djm Exp $"); RCSID("$FreeBSD$"); #include <openssl/evp.h> @@ -146,7 +146,7 @@ pid_t proxy_command_pid = 0; int control_fd = -1; /* Multiplexing control command */ -static u_int mux_command = SSHMUX_COMMAND_OPEN; +static u_int mux_command = 0; /* Only used in control client mode */ volatile sig_atomic_t control_client_terminate = 0; @@ -186,6 +186,7 @@ main(int ac, char **av) int dummy; extern int optind, optreset; extern char *optarg; + struct servent *sp; Forward fwd; __progname = ssh_get_progname(av[0]); @@ -387,8 +388,10 @@ again: } break; case 'M': - options.control_master = - (options.control_master >= 1) ? 2 : 1; + if (options.control_master == SSHCTL_MASTER_YES) + options.control_master = SSHCTL_MASTER_ASK; + else + options.control_master = SSHCTL_MASTER_YES; break; case 'p': options.port = a2port(optarg); @@ -437,7 +440,7 @@ again: fwd.listen_host = cleanhostname(fwd.listen_host); } else { fwd.listen_port = a2port(fwd.listen_host); - fwd.listen_host = ""; + fwd.listen_host = NULL; } if (fwd.listen_port == 0) { @@ -551,7 +554,7 @@ again: if (no_tty_flag) tty_flag = 0; /* Do not allocate a tty if stdin is not a tty. */ - if (!isatty(fileno(stdin)) && !force_tty_flag) { + if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) { if (tty_flag) logit("Pseudo-terminal will not be allocated because stdin is not a terminal."); tty_flag = 0; @@ -622,16 +625,31 @@ again: *p = tolower(*p); } + /* Get default port if port has not been set. */ + if (options.port == 0) { + sp = getservbyname(SSH_SERVICE_NAME, "tcp"); + options.port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT; + } + if (options.proxy_command != NULL && strcmp(options.proxy_command, "none") == 0) options.proxy_command = NULL; + if (options.control_path != NULL && + strcmp(options.control_path, "none") == 0) + options.control_path = NULL; if (options.control_path != NULL) { - options.control_path = tilde_expand_filename( - options.control_path, original_real_uid); + snprintf(buf, sizeof(buf), "%d", options.port); + cp = tilde_expand_filename(options.control_path, + original_real_uid); + options.control_path = percent_expand(cp, "p", buf, "h", host, + "r", options.user, (char *)NULL); + xfree(cp); } - if (options.control_path != NULL && options.control_master == 0) - control_client(options.control_path); /* This doesn't return */ + if (mux_command != 0 && options.control_path == NULL) + fatal("No ControlPath specified for \"-O\" command"); + if (options.control_path != NULL) + control_client(options.control_path); /* Open a connection to the remote host. */ if (ssh_connect(host, &hostaddr, options.port, @@ -760,110 +778,6 @@ again: return exit_status; } -#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" - -static void -x11_get_proto(char **_proto, char **_data) -{ - char cmd[1024]; - char line[512]; - char xdisplay[512]; - static char proto[512], data[512]; - FILE *f; - int got_data = 0, generated = 0, do_unlink = 0, i; - char *display, *xauthdir, *xauthfile; - struct stat st; - - xauthdir = xauthfile = NULL; - *_proto = proto; - *_data = data; - proto[0] = data[0] = '\0'; - - if (!options.xauth_location || - (stat(options.xauth_location, &st) == -1)) { - debug("No xauth program."); - } else { - if ((display = getenv("DISPLAY")) == NULL) { - debug("x11_get_proto: DISPLAY not set"); - return; - } - /* - * Handle FamilyLocal case where $DISPLAY does - * not match an authorization entry. For this we - * just try "xauth list unix:displaynum.screennum". - * XXX: "localhost" match to determine FamilyLocal - * is not perfect. - */ - if (strncmp(display, "localhost:", 10) == 0) { - snprintf(xdisplay, sizeof(xdisplay), "unix:%s", - display + 10); - display = xdisplay; - } - if (options.forward_x11_trusted == 0) { - xauthdir = xmalloc(MAXPATHLEN); - xauthfile = xmalloc(MAXPATHLEN); - strlcpy(xauthdir, "/tmp/ssh-XXXXXXXXXX", MAXPATHLEN); - if (mkdtemp(xauthdir) != NULL) { - do_unlink = 1; - snprintf(xauthfile, MAXPATHLEN, "%s/xauthfile", - xauthdir); - snprintf(cmd, sizeof(cmd), - "%s -f %s generate %s " SSH_X11_PROTO - " untrusted timeout 1200 2>" _PATH_DEVNULL, - options.xauth_location, xauthfile, display); - debug2("x11_get_proto: %s", cmd); - if (system(cmd) == 0) - generated = 1; - } - } - snprintf(cmd, sizeof(cmd), - "%s %s%s list %s . 2>" _PATH_DEVNULL, - options.xauth_location, - generated ? "-f " : "" , - generated ? xauthfile : "", - display); - debug2("x11_get_proto: %s", cmd); - f = popen(cmd, "r"); - if (f && fgets(line, sizeof(line), f) && - sscanf(line, "%*s %511s %511s", proto, data) == 2) - got_data = 1; - if (f) - pclose(f); - } - - if (do_unlink) { - unlink(xauthfile); - rmdir(xauthdir); - } - if (xauthdir) - xfree(xauthdir); - if (xauthfile) - xfree(xauthfile); - - /* - * If we didn't get authentication data, just make up some - * data. The forwarding code will check the validity of the - * response anyway, and substitute this data. The X11 - * server, however, will ignore this fake data and use - * whatever authentication mechanisms it was using otherwise - * for the local connection. - */ - if (!got_data) { - u_int32_t rnd = 0; - - logit("Warning: No xauth data; " - "using fake authentication data for X11 forwarding."); - strlcpy(proto, SSH_X11_PROTO, sizeof proto); - for (i = 0; i < 16; i++) { - if (i % 4 == 0) - rnd = arc4random(); - snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", - rnd & 0xff); - rnd >>= 8; - } - } -} - static void ssh_init_forwarding(void) { @@ -894,8 +808,8 @@ ssh_init_forwarding(void) for (i = 0; i < options.num_remote_forwards; i++) { debug("Remote connections from %.200s:%d forwarded to " "local address %.200s:%d", - (options.remote_forwards[i].listen_host == NULL) ? - (options.gateway_ports ? "*" : "LOCALHOST") : + (options.remote_forwards[i].listen_host == NULL) ? + (options.gateway_ports ? "*" : "LOCALHOST") : options.remote_forwards[i].listen_host, options.remote_forwards[i].listen_port, options.remote_forwards[i].connect_host, @@ -926,6 +840,7 @@ ssh_session(void) int have_tty = 0; struct winsize ws; char *cp; + const char *display; /* Enable compression if requested. */ if (options.compression) { @@ -987,13 +902,15 @@ ssh_session(void) packet_disconnect("Protocol error waiting for pty request response."); } /* Request X11 forwarding if enabled and DISPLAY is set. */ - if (options.forward_x11 && getenv("DISPLAY") != NULL) { + display = getenv("DISPLAY"); + if (options.forward_x11 && display != NULL) { char *proto, *data; /* Get reasonable local authentication information. */ - x11_get_proto(&proto, &data); + client_x11_get_proto(display, options.xauth_location, + options.forward_x11_trusted, &proto, &data); /* Request forwarding with authentication spoofing. */ debug("Requesting X11 forwarding with authentication spoofing."); - x11_request_forwarding_with_spoofing(0, proto, data); + x11_request_forwarding_with_spoofing(0, display, proto, data); /* Read response from the server. */ type = packet_read(); @@ -1095,9 +1012,12 @@ ssh_control_listener(void) mode_t old_umask; int addr_len; - if (options.control_path == NULL || options.control_master <= 0) + if (options.control_path == NULL || + options.control_master == SSHCTL_MASTER_NO) return; + debug("setting up multiplex master socket"); + memset(&addr, '\0', sizeof(addr)); addr.sun_family = AF_UNIX; addr_len = offsetof(struct sockaddr_un, sun_path) + @@ -1132,15 +1052,18 @@ static void ssh_session2_setup(int id, void *arg) { extern char **environ; - + const char *display; int interactive = tty_flag; - if (options.forward_x11 && getenv("DISPLAY") != NULL) { + + display = getenv("DISPLAY"); + if (options.forward_x11 && display != NULL) { char *proto, *data; /* Get reasonable local authentication information. */ - x11_get_proto(&proto, &data); + client_x11_get_proto(display, options.xauth_location, + options.forward_x11_trusted, &proto, &data); /* Request forwarding with authentication spoofing. */ debug("Requesting X11 forwarding with authentication spoofing."); - x11_request_forwarding_with_spoofing(id, proto, data); + x11_request_forwarding_with_spoofing(id, display, proto, data); interactive = 1; /* XXX wait for reply */ } @@ -1308,13 +1231,18 @@ control_client(const char *path) extern char **environ; u_int flags; - if (stdin_null_flag) { - if ((fd = open(_PATH_DEVNULL, O_RDONLY)) == -1) - fatal("open(/dev/null): %s", strerror(errno)); - if (dup2(fd, STDIN_FILENO) == -1) - fatal("dup2: %s", strerror(errno)); - if (fd > STDERR_FILENO) - close(fd); + if (mux_command == 0) + mux_command = SSHMUX_COMMAND_OPEN; + + switch (options.control_master) { + case SSHCTL_MASTER_AUTO: + case SSHCTL_MASTER_AUTO_ASK: + debug("auto-mux: Trying existing master"); + /* FALLTHROUGH */ + case SSHCTL_MASTER_NO: + break; + default: + return; } memset(&addr, '\0', sizeof(addr)); @@ -1329,31 +1257,55 @@ control_client(const char *path) if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) fatal("%s socket(): %s", __func__, strerror(errno)); - if (connect(sock, (struct sockaddr*)&addr, addr_len) == -1) - fatal("Couldn't connect to %s: %s", path, strerror(errno)); + if (connect(sock, (struct sockaddr*)&addr, addr_len) == -1) { + if (mux_command != SSHMUX_COMMAND_OPEN) { + fatal("Control socket connect(%.100s): %s", path, + strerror(errno)); + } + if (errno == ENOENT) + debug("Control socket \"%.100s\" does not exist", path); + else { + error("Control socket connect(%.100s): %s", path, + strerror(errno)); + } + close(sock); + return; + } + + if (stdin_null_flag) { + if ((fd = open(_PATH_DEVNULL, O_RDONLY)) == -1) + fatal("open(/dev/null): %s", strerror(errno)); + if (dup2(fd, STDIN_FILENO) == -1) + fatal("dup2: %s", strerror(errno)); + if (fd > STDERR_FILENO) + close(fd); + } - if ((term = getenv("TERM")) == NULL) - term = ""; + term = getenv("TERM"); flags = 0; if (tty_flag) flags |= SSHMUX_FLAG_TTY; if (subsystem_flag) flags |= SSHMUX_FLAG_SUBSYS; + if (options.forward_x11) + flags |= SSHMUX_FLAG_X11_FWD; + if (options.forward_agent) + flags |= SSHMUX_FLAG_AGENT_FWD; buffer_init(&m); /* Send our command to server */ buffer_put_int(&m, mux_command); buffer_put_int(&m, flags); - if (ssh_msg_send(sock, /* version */1, &m) == -1) + if (ssh_msg_send(sock, SSHMUX_VER, &m) == -1) fatal("%s: msg_send", __func__); buffer_clear(&m); /* Get authorisation status and PID of controlee */ if (ssh_msg_recv(sock, &m) == -1) fatal("%s: msg_recv", __func__); - if (buffer_get_char(&m) != 1) + if (buffer_get_char(&m) != SSHMUX_VER) fatal("%s: wrong version", __func__); if (buffer_get_int(&m) != 1) fatal("Connection to master denied"); @@ -1377,7 +1329,7 @@ control_client(const char *path) } /* SSHMUX_COMMAND_OPEN */ - buffer_put_cstring(&m, term); + buffer_put_cstring(&m, term ? term : ""); buffer_append(&command, "\0", 1); buffer_put_cstring(&m, buffer_ptr(&command)); @@ -1399,7 +1351,7 @@ control_client(const char *path) } } - if (ssh_msg_send(sock, /* version */1, &m) == -1) + if (ssh_msg_send(sock, SSHMUX_VER, &m) == -1) fatal("%s: msg_send", __func__); mm_send_fd(sock, STDIN_FILENO); @@ -1410,7 +1362,7 @@ control_client(const char *path) buffer_clear(&m); if (ssh_msg_recv(sock, &m) == -1) fatal("%s: msg_recv", __func__); - if (buffer_get_char(&m) != 1) + if (buffer_get_char(&m) != SSHMUX_VER) fatal("%s: wrong version", __func__); buffer_free(&m); diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config index c1234d1..b917b64 100644 --- a/crypto/openssh/ssh_config +++ b/crypto/openssh/ssh_config @@ -38,4 +38,4 @@ # Cipher 3des # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc # EscapeChar ~ -# VersionAddendum FreeBSD-20050605 +# VersionAddendum FreeBSD-20050903 diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index 805dd9e..7701421 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.49 2005/03/16 11:10:38 jmc Exp $ +.\" $OpenBSD: ssh_config.5,v 1.61 2005/07/08 12:53:10 jmc Exp $ .\" $FreeBSD$ .Dd September 25, 1999 .Dt SSH_CONFIG 5 @@ -44,7 +44,7 @@ .Nd OpenSSH SSH client configuration files .Sh SYNOPSIS .Bl -tag -width Ds -compact -.It Pa $HOME/.ssh/config +.It Pa ~/.ssh/config .It Pa /etc/ssh/ssh_config .El .Sh DESCRIPTION @@ -56,7 +56,7 @@ the following order: command-line options .It user's configuration file -.Pq Pa $HOME/.ssh/config +.Pq Pa ~/.ssh/config .It system-wide configuration file .Pq Pa /etc/ssh/ssh_config @@ -137,8 +137,9 @@ or The default is .Dq no . .It Cm BindAddress -Specify the interface to transmit from on machines with multiple -interfaces or aliased addresses. +Use the specified address on the local machine as the source address of +the connection. +Only useful on systems with more than one address. Note that this option does not work if .Cm UsePrivilegedPort is set to @@ -194,14 +195,17 @@ The supported ciphers are .Dq aes128-ctr , .Dq aes192-ctr , .Dq aes256-ctr , +.Dq arcfour128 , +.Dq arcfour256 , .Dq arcfour , .Dq blowfish-cbc , and .Dq cast128-cbc . The default is .Bd -literal - ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, - aes192-cbc,aes256-cbc'' + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, + arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr, + aes192-ctr,aes256-ctr'' .Ed .It Cm ClearAllForwardings Specifies that all local, remote and dynamic port forwardings @@ -271,11 +275,47 @@ to listen for control connections, but require confirmation using the program before they are accepted (see .Xr ssh-add 1 for details). +If the +.Cm ControlPath +can not be opened, +.Nm ssh +will continue without connecting to a master instance. +.Pp +X11 and +.Xr ssh-agent 1 +forwarding is supported over these multiplexed connections, however the +display and agent fowarded will be the one belonging to the master +connection i.e. it is not possible to forward multiple displays or agents. +.Pp +Two additional options allow for opportunistic multiplexing: try to use a +master connection but fall back to creating a new one if one does not already +exist. +These options are: +.Dq auto +and +.Dq autoask . +The latter requires confirmation like the +.Dq ask +option. .It Cm ControlPath -Specify the path to the control socket used for connection sharing. -See +Specify the path to the control socket used for connection sharing as described +in the .Cm ControlMaster -above. +section above or the string +.Dq none +to disable connection sharing. +In the path, +.Ql %h +will be substituted by the target host name, +.Ql %p +the port and +.Ql %r +by the remote login username. +It is recommended that any +.Cm ControlPath +used for opportunistic connection sharing include +all three of these escape sequences. +This ensures that shared connections are uniquely identified. .It Cm DynamicForward Specifies that a TCP/IP port on the local machine be forwarded over the secure channel, and the application @@ -412,7 +452,7 @@ Note that this option applies to protocol version 2 only. Indicates that .Nm ssh should hash host names and addresses when they are added to -.Pa $HOME/.ssh/known_hosts . +.Pa ~/.ssh/known_hosts . These hashed names may be used normally by .Nm ssh and @@ -458,11 +498,11 @@ specifications). Specifies a file from which the user's RSA or DSA authentication identity is read. The default is -.Pa $HOME/.ssh/identity +.Pa ~/.ssh/identity for protocol version 1, and -.Pa $HOME/.ssh/id_rsa +.Pa ~/.ssh/id_rsa and -.Pa $HOME/.ssh/id_dsa +.Pa ~/.ssh/id_dsa for protocol version 2. Additionally, any identities represented by the authentication agent will be used for authentication. @@ -617,6 +657,14 @@ Note that .Cm CheckHostIP is not available for connects with a proxy command. .Pp +This directive is useful in conjunction with +.Xr nc 1 +and its proxy support. +For example, the following directive would connect via an HTTP proxy at +192.0.2.0: +.Bd -literal -offset 3n +ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p +.Ed .It Cm PubkeyAuthentication Specifies whether to try public key authentication. The argument to this keyword must be @@ -752,7 +800,7 @@ If this flag is set to .Dq yes , .Nm ssh will never automatically add host keys to the -.Pa $HOME/.ssh/known_hosts +.Pa ~/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed. This provides maximum protection against trojan horse attacks, however, can be annoying when the @@ -824,7 +872,7 @@ having to remember to give the user name on the command line. .It Cm UserKnownHostsFile Specifies a file to use for the user host key database instead of -.Pa $HOME/.ssh/known_hosts . +.Pa ~/.ssh/known_hosts . .It Cm VerifyHostKeyDNS Specifies whether to verify the remote key using DNS and SSHFP resource records. @@ -852,7 +900,7 @@ Note that this option applies to protocol version 2 only. Specifies a string to append to the regular version string to identify OS- or site-specific modifications. The default is -.Dq FreeBSD-20050605 . +.Dq FreeBSD-20050903 . .It Cm XAuthLocation Specifies the full pathname of the .Xr xauth 1 @@ -862,7 +910,7 @@ The default is .El .Sh FILES .Bl -tag -width Ds -.It Pa $HOME/.ssh/config +.It Pa ~/.ssh/config This is the per-user configuration file. The format of this file is described above. This file is used by the diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c index 07703cf..ba7b9b7 100644 --- a/crypto/openssh/sshconnect.c +++ b/crypto/openssh/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.162 2005/03/10 22:01:06 deraadt Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.168 2005/07/17 07:17:55 djm Exp $"); #include <openssl/bn.h> @@ -59,12 +59,11 @@ static void warn_changed_key(Key *); static int ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) { - Buffer command; - const char *cp; - char *command_string; + char *command_string, *tmp; int pin[2], pout[2]; pid_t pid; char strport[NI_MAXSERV]; + size_t len; /* Convert the port number into a string. */ snprintf(strport, sizeof strport, "%hu", port); @@ -76,31 +75,13 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) * Use "exec" to avoid "sh -c" processes on some platforms * (e.g. Solaris) */ - buffer_init(&command); - buffer_append(&command, "exec ", 5); - - for (cp = proxy_command; *cp; cp++) { - if (cp[0] == '%' && cp[1] == '%') { - buffer_append(&command, "%", 1); - cp++; - continue; - } - if (cp[0] == '%' && cp[1] == 'h') { - buffer_append(&command, host, strlen(host)); - cp++; - continue; - } - if (cp[0] == '%' && cp[1] == 'p') { - buffer_append(&command, strport, strlen(strport)); - cp++; - continue; - } - buffer_append(&command, cp, 1); - } - buffer_append(&command, "\0", 1); - - /* Get the final command string. */ - command_string = buffer_ptr(&command); + len = strlen(proxy_command) + 6; + tmp = xmalloc(len); + strlcpy(tmp, "exec ", len); + strlcat(tmp, proxy_command, len); + command_string = percent_expand(tmp, "h", host, + "p", strport, (char *)NULL); + xfree(tmp); /* Create pipes for communicating with the proxy. */ if (pipe(pin) < 0 || pipe(pout) < 0) @@ -154,7 +135,7 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) close(pout[1]); /* Free the command name. */ - buffer_free(&command); + xfree(command_string); /* Set the connection file descriptors. */ packet_set_connection(pout[0], pin[1]); @@ -308,18 +289,9 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, int sock = -1, attempt; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; struct addrinfo hints, *ai, *aitop; - struct servent *sp; debug2("ssh_connect: needpriv %d", needpriv); - /* Get default port if port has not been set. */ - if (port == 0) { - sp = getservbyname(SSH_SERVICE_NAME, "tcp"); - if (sp) - port = ntohs(sp->s_port); - else - port = SSH_DEFAULT_PORT; - } /* If a proxy command is given, connect using it. */ if (proxy_command != NULL) return ssh_proxy_connect(host, port, proxy_command); @@ -421,19 +393,21 @@ static void ssh_exchange_identification(void) { char buf[256], remote_version[256]; /* must be same size! */ - int remote_major, remote_minor, i, mismatch; + int remote_major, remote_minor, mismatch; int connection_in = packet_get_connection_in(); int connection_out = packet_get_connection_out(); int minor1 = PROTOCOL_MINOR_1; + u_int i; - /* Read other side\'s version identification. */ + /* Read other side's version identification. */ for (;;) { for (i = 0; i < sizeof(buf) - 1; i++) { - int len = atomicio(read, connection_in, &buf[i], 1); - if (len < 0) - fatal("ssh_exchange_identification: read: %.100s", strerror(errno)); - if (len != 1) + size_t len = atomicio(read, connection_in, &buf[i], 1); + + if (len != 1 && errno == EPIPE) fatal("ssh_exchange_identification: Connection closed by remote host"); + else if (len != 1) + fatal("ssh_exchange_identification: read: %.100s", strerror(errno)); if (buf[i] == '\r') { buf[i] = '\n'; buf[i + 1] = 0; @@ -573,7 +547,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, switch (hostaddr->sa_family) { case AF_INET: local = (ntohl(((struct sockaddr_in *)hostaddr)-> - sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; + sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; salen = sizeof(struct sockaddr_in); break; case AF_INET6: @@ -706,8 +680,8 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, if (show_other_keys(host, host_key)) snprintf(msg1, sizeof(msg1), - "\nbut keys of different type are already" - " known for this host."); + "\nbut keys of different type are already" + " known for this host."); else snprintf(msg1, sizeof(msg1), "."); /* The default */ diff --git a/crypto/openssh/sshconnect1.c b/crypto/openssh/sshconnect1.c index 6e2e31c..bd05723 100644 --- a/crypto/openssh/sshconnect1.c +++ b/crypto/openssh/sshconnect1.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect1.c,v 1.60 2004/07/28 09:40:29 markus Exp $"); +RCSID("$OpenBSD: sshconnect1.c,v 1.61 2005/06/17 02:44:33 djm Exp $"); #include <openssl/bn.h> #include <openssl/md5.h> @@ -162,7 +162,7 @@ respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) /* Compute the response. */ /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); - if (len <= 0 || len > sizeof(buf)) + if (len <= 0 || (u_int)len > sizeof(buf)) packet_disconnect( "respond_to_rsa_challenge: bad challenge length %d", len); diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c index 68d56d0..ee7932d 100644 --- a/crypto/openssh/sshconnect2.c +++ b/crypto/openssh/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.138 2004/06/13 12:53:24 djm Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.142 2005/08/30 22:08:05 djm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -101,10 +101,10 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]); if (options.compression) { myproposal[PROPOSAL_COMP_ALGS_CTOS] = - myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib,none"; + myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib@openssh.com,zlib,none"; } else { myproposal[PROPOSAL_COMP_ALGS_CTOS] = - myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib"; + myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com,zlib"; } if (options.macs != NULL) { myproposal[PROPOSAL_MAC_ALGS_CTOS] = @@ -352,7 +352,7 @@ void input_userauth_error(int type, u_int32_t seq, void *ctxt) { fatal("input_userauth_error: bad message during authentication: " - "type %d", type); + "type %d", type); } void @@ -482,7 +482,7 @@ userauth_gssapi(Authctxt *authctxt) { Gssctxt *gssctxt = NULL; static gss_OID_set gss_supported = NULL; - static int mech = 0; + static u_int mech = 0; OM_uint32 min; int ok = 0; @@ -509,7 +509,8 @@ userauth_gssapi(Authctxt *authctxt) } } - if (!ok) return 0; + if (!ok) + return 0; authctxt->methoddata=(void *)gssctxt; @@ -544,7 +545,8 @@ process_gssapi_token(void *ctxt, gss_buffer_t recv_tok) Authctxt *authctxt = ctxt; Gssctxt *gssctxt = authctxt->methoddata; gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; - gss_buffer_desc gssbuf, mic; + gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; + gss_buffer_desc gssbuf; OM_uint32 status, ms, flags; Buffer b; @@ -678,7 +680,7 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt) /* Stick it into GSSAPI and see what it says */ status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, - &recv_tok, &send_tok, NULL); + &recv_tok, &send_tok, NULL); xfree(recv_tok.value); gss_release_buffer(&ms, &send_tok); diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8 index 5d6ee3b..bced287 100644 --- a/crypto/openssh/sshd.8 +++ b/crypto/openssh/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.206 2005/03/01 14:59:49 jmc Exp $ +.\" $OpenBSD: sshd.8,v 1.208 2005/06/08 03:50:00 djm Exp $ .\" $FreeBSD$ .Dd September 25, 1999 .Dt SSHD 8 @@ -81,7 +81,7 @@ supports both SSH protocol version 1 and 2 simultaneously. works as follows: .Ss SSH protocol version 1 Each host has a host-specific RSA key -(normally 1024 bits) used to identify the host. +(normally 2048 bits) used to identify the host. Additionally, when the daemon starts, it generates a server RSA key (normally 768 bits). This key is normally regenerated every hour if it has been used, and @@ -349,7 +349,7 @@ If the login is on a tty, and no command has been specified, prints last login time and .Pa /etc/motd (unless prevented in the configuration file or by -.Pa $HOME/.hushlogin ; +.Pa ~/.hushlogin ; see the .Sx FILES section). @@ -367,7 +367,7 @@ Changes to run with normal user privileges. Sets up basic environment. .It Reads the file -.Pa $HOME/.ssh/environment , +.Pa ~/.ssh/environment , if it exists, and users are allowed to change their environment. See the .Cm PermitUserEnvironment @@ -377,7 +377,7 @@ option in Changes to user's home directory. .It If -.Pa $HOME/.ssh/rc +.Pa ~/.ssh/rc exists, runs it; else if .Pa /etc/ssh/sshrc exists, runs @@ -391,7 +391,7 @@ authentication protocol and cookie (if applicable) in standard input. Runs user's shell or command. .El .Sh AUTHORIZED_KEYS FILE FORMAT -.Pa $HOME/.ssh/authorized_keys +.Pa ~/.ssh/authorized_keys is the default file that lists the public keys that are permitted for RSA authentication in protocol version 1 and for public key authentication (PubkeyAuthentication) @@ -529,7 +529,7 @@ permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323 The .Pa /etc/ssh/ssh_known_hosts and -.Pa $HOME/.ssh/known_hosts +.Pa ~/.ssh/known_hosts files contain host public keys for all known hosts. The global file should be prepared by the administrator (optional), and the per-user file is @@ -640,7 +640,7 @@ listening for connections (if there are several daemons running concurrently for different ports, this contains the process ID of the one started last). The content of this file is not sensitive; it can be world-readable. -.It Pa $HOME/.ssh/authorized_keys +.It Pa ~/.ssh/authorized_keys Lists the public keys (RSA or DSA) that can be used to log into the user's account. This file must be readable by root (which may on some machines imply it being world-readable if the user's home directory resides on an NFS @@ -654,7 +654,7 @@ and/or .Pa id_rsa.pub files into this file, as described in .Xr ssh-keygen 1 . -.It Pa "/etc/ssh/ssh_known_hosts", "$HOME/.ssh/known_hosts" +.It Pa "/etc/ssh/ssh_known_hosts", "~/.ssh/known_hosts" These files are consulted when using rhosts with RSA host authentication or protocol version 2 hostbased authentication to check the public key of the host. @@ -664,12 +664,12 @@ to verify that it is connecting to the correct remote host. These files should be writable only by root/the owner. .Pa /etc/ssh/ssh_known_hosts should be world-readable, and -.Pa $HOME/.ssh/known_hosts +.Pa ~/.ssh/known_hosts can, but need not be, world-readable. .It Pa /etc/motd See .Xr motd 5 . -.It Pa $HOME/.hushlogin +.It Pa ~/.hushlogin This file is used to suppress printing the last login time and .Pa /etc/motd , if @@ -692,7 +692,7 @@ The file should be world-readable. Access controls that should be enforced by tcp-wrappers are defined here. Further details are described in .Xr hosts_access 5 . -.It Pa $HOME/.rhosts +.It Pa ~/.rhosts This file is used during .Cm RhostsRSAAuthentication and @@ -710,7 +710,7 @@ It is also possible to use netgroups in the file. Either host or user name may be of the form +@groupname to specify all hosts or all users in the group. -.It Pa $HOME/.shosts +.It Pa ~/.shosts For ssh, this file is exactly the same as for .Pa .rhosts . @@ -759,7 +759,7 @@ This is processed exactly as .Pa /etc/hosts.equiv . However, this file may be useful in environments that want to run both rsh/rlogin and ssh. -.It Pa $HOME/.ssh/environment +.It Pa ~/.ssh/environment This file is read into the environment at login (if it exists). It can only contain empty lines, comment lines (that start with .Ql # ) , @@ -770,7 +770,7 @@ Environment processing is disabled by default and is controlled via the .Cm PermitUserEnvironment option. -.It Pa $HOME/.ssh/rc +.It Pa ~/.ssh/rc If this file exists, it is run with .Pa /bin/sh after reading the @@ -815,7 +815,7 @@ This file should be writable only by the user, and need not be readable by anyone else. .It Pa /etc/ssh/sshrc Like -.Pa $HOME/.ssh/rc . +.Pa ~/.ssh/rc . This can be used to specify machine-specific login-time initializations globally. This file should be writable only by root, and should be world-readable. diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index d1a968a..cf30bd6 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -42,7 +42,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.308 2005/02/08 22:24:57 dtucker Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.312 2005/07/25 11:59:40 markus Exp $"); RCSID("$FreeBSD$"); #include <openssl/dh.h> @@ -363,7 +363,8 @@ key_regeneration_alarm(int sig) static void sshd_exchange_identification(int sock_in, int sock_out) { - int i, mismatch; + u_int i; + int mismatch; int remote_major, remote_minor; int major, minor; char *s; @@ -675,6 +676,12 @@ privsep_postauth(Authctxt *authctxt) /* It is safe now to apply the key state */ monitor_apply_keystate(pmonitor); + + /* + * Tell the packet layer that authentication was successful, since + * this information is not part of the key state. + */ + packet_set_authenticated(); } static char * @@ -1038,7 +1045,7 @@ main(int ac, char **av) /* * Unset KRB5CCNAME, otherwise the user's session may inherit it from * root's environment - */ + */ if (getenv("KRB5CCNAME") != NULL) unsetenv("KRB5CCNAME"); @@ -1620,12 +1627,6 @@ main(int ac, char **av) signal(SIGCHLD, SIG_DFL); signal(SIGINT, SIG_DFL); - /* Set SO_KEEPALIVE if requested. */ - if (options.tcp_keep_alive && - setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, - sizeof(on)) < 0) - error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); - #ifdef __FreeBSD__ /* * Initialize the resolver. This may not happen automatically @@ -1642,8 +1643,17 @@ main(int ac, char **av) * not have a key. */ packet_set_connection(sock_in, sock_out); + packet_set_server(); - remote_port = get_remote_port(); + /* Set SO_KEEPALIVE if requested. */ + if (options.tcp_keep_alive && packet_connection_is_on_socket() && + setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0) + error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); + + if ((remote_port = get_remote_port()) < 0) { + debug("get_remote_port failed"); + cleanup_exit(255); + } remote_ip = get_remote_ipaddr(); #ifdef SSH_AUDIT_EVENTS @@ -1914,7 +1924,7 @@ do_ssh1_kex(void) if (!rsafail) { BN_mask_bits(session_key_int, sizeof(session_key) * 8); len = BN_num_bytes(session_key_int); - if (len < 0 || len > sizeof(session_key)) { + if (len < 0 || (u_int)len > sizeof(session_key)) { error("do_connection: bad session key len from %s: " "session_key_int %d > sizeof(session_key) %lu", get_remote_ipaddr(), len, (u_long)sizeof(session_key)); @@ -2001,10 +2011,14 @@ do_ssh2_kex(void) myproposal[PROPOSAL_MAC_ALGS_CTOS] = myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; } - if (!options.compression) { + if (options.compression == COMP_NONE) { myproposal[PROPOSAL_COMP_ALGS_CTOS] = myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; + } else if (options.compression == COMP_DELAYED) { + myproposal[PROPOSAL_COMP_ALGS_CTOS] = + myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; } + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); /* start key exchange */ diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config index 140576b..8a9386f 100644 --- a/crypto/openssh/sshd_config +++ b/crypto/openssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.70 2004/12/23 23:11:00 djm Exp $ +# $OpenBSD: sshd_config,v 1.72 2005/07/25 11:59:40 markus Exp $ # $FreeBSD$ # This is the sshd server system-wide configuration file. See @@ -14,7 +14,7 @@ # Note that some of FreeBSD's defaults differ from OpenBSD's, and # FreeBSD has a few additional options. -#VersionAddendum FreeBSD-20050605 +#VersionAddendum FreeBSD-20050903 #Port 22 #Protocol 2 @@ -32,7 +32,7 @@ #ServerKeyBits 768 # Logging -#obsoletes QuietMode and FascistLogging +# obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO @@ -95,7 +95,7 @@ #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no -#Compression yes +#Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS yes diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index 59bca46..413a994 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.40 2005/03/18 17:05:00 jmc Exp $ +.\" $OpenBSD: sshd_config.5,v 1.44 2005/07/25 11:59:40 markus Exp $ .\" $FreeBSD$ .Dd September 25, 1999 .Dt SSHD_CONFIG 5 @@ -176,24 +176,18 @@ The supported ciphers are .Dq aes128-ctr , .Dq aes192-ctr , .Dq aes256-ctr , +.Dq arcfour128 , +.Dq arcfour256 , .Dq arcfour , .Dq blowfish-cbc , and .Dq cast128-cbc . The default is .Bd -literal - ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, - aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr'' + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, + arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr, + aes192-ctr,aes256-ctr'' .Ed -.It Cm ClientAliveInterval -Sets a timeout interval in seconds after which if no data has been received -from the client, -.Nm sshd -will send a message through the encrypted -channel to request a response from the client. -The default -is 0, indicating that these messages will not be sent to the client. -This option applies to protocol version 2 only. .It Cm ClientAliveCountMax Sets the number of client alive messages (see above) which may be sent without @@ -221,14 +215,25 @@ If .Cm ClientAliveCountMax is left at the default, unresponsive ssh clients will be disconnected after approximately 45 seconds. +.It Cm ClientAliveInterval +Sets a timeout interval in seconds after which if no data has been received +from the client, +.Nm sshd +will send a message through the encrypted +channel to request a response from the client. +The default +is 0, indicating that these messages will not be sent to the client. +This option applies to protocol version 2 only. .It Cm Compression -Specifies whether compression is allowed. +Specifies whether compression is allowed, or delayed until +the user has authenticated successfully. The argument must be -.Dq yes +.Dq yes , +.Dq delayed , or .Dq no . The default is -.Dq yes . +.Dq delayed . .It Cm DenyGroups This keyword can be followed by a list of group name patterns, separated by spaces. @@ -333,7 +338,7 @@ The default is Specifies whether .Nm sshd should ignore the user's -.Pa $HOME/.ssh/known_hosts +.Pa ~/.ssh/known_hosts during .Cm RhostsRSAAuthentication or @@ -720,7 +725,7 @@ The default is Specifies a string to append to the regular version string to identify OS- or site-specific modifications. The default is -.Dq FreeBSD-20050605 . +.Dq FreeBSD-20050903 . .It Cm X11DisplayOffset Specifies the first display number available for .Nm sshd Ns 's diff --git a/crypto/openssh/sshpty.c b/crypto/openssh/sshpty.c index efd1dfe..36788c4 100644 --- a/crypto/openssh/sshpty.c +++ b/crypto/openssh/sshpty.c @@ -128,10 +128,10 @@ pty_make_controlling_tty(int *ttyfd, const char *tty) if (ioctl(*ttyfd, TIOCSCTTY, NULL) < 0) error("ioctl(TIOCSCTTY): %.100s", strerror(errno)); #endif /* TIOCSCTTY */ -#ifdef HAVE_NEWS4 +#ifdef NEED_SETPGRP if (setpgrp(0,0) < 0) error("SETPGRP %s",strerror(errno)); -#endif /* HAVE_NEWS4 */ +#endif /* NEED_SETPGRP */ #ifdef USE_VHANGUP old = signal(SIGHUP, SIG_IGN); vhangup(); diff --git a/crypto/openssh/tildexpand.c b/crypto/openssh/tildexpand.c deleted file mode 100644 index cedb653..0000000 --- a/crypto/openssh/tildexpand.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Author: Tatu Ylonen <ylo@cs.hut.fi> - * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - * All rights reserved - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ - -#include "includes.h" -RCSID("$OpenBSD: tildexpand.c,v 1.15 2004/05/21 08:43:03 markus Exp $"); - -#include "xmalloc.h" -#include "log.h" -#include "misc.h" - -/* - * Expands tildes in the file name. Returns data allocated by xmalloc. - * Warning: this calls getpw*. - */ -char * -tilde_expand_filename(const char *filename, uid_t my_uid) -{ - const char *cp; - u_int userlen; - char *expanded; - struct passwd *pw; - char user[100]; - int len; - - /* Return immediately if no tilde. */ - if (filename[0] != '~') - return xstrdup(filename); - - /* Skip the tilde. */ - filename++; - - /* Find where the username ends. */ - cp = strchr(filename, '/'); - if (cp) - userlen = cp - filename; /* Something after username. */ - else - userlen = strlen(filename); /* Nothing after username. */ - if (userlen == 0) - pw = getpwuid(my_uid); /* Own home directory. */ - else { - /* Tilde refers to someone elses home directory. */ - if (userlen > sizeof(user) - 1) - fatal("User name after tilde too long."); - memcpy(user, filename, userlen); - user[userlen] = 0; - pw = getpwnam(user); - } - if (!pw) - fatal("Unknown user %100s.", user); - - /* If referring to someones home directory, return it now. */ - if (!cp) { - /* Only home directory specified */ - return xstrdup(pw->pw_dir); - } - /* Build a path combining the specified directory and path. */ - len = strlen(pw->pw_dir) + strlen(cp + 1) + 2; - if (len > MAXPATHLEN) - fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1); - expanded = xmalloc(len); - snprintf(expanded, len, "%s%s%s", pw->pw_dir, - strcmp(pw->pw_dir, "/") ? "/" : "", cp + 1); - return expanded; -} diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index 778aa1c..bcfb720 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -1,12 +1,12 @@ -/* $OpenBSD: version.h,v 1.44 2005/03/16 21:17:39 markus Exp $ */ +/* $OpenBSD: version.h,v 1.45 2005/08/31 09:28:42 markus Exp $ */ /* $FreeBSD$ */ #ifndef SSH_VERSION #define SSH_VERSION (ssh_version_get()) #define SSH_RELEASE (ssh_version_get()) -#define SSH_VERSION_BASE "OpenSSH_4.1p1" -#define SSH_VERSION_ADDENDUM "FreeBSD-20050605" +#define SSH_VERSION_BASE "OpenSSH_4.2p1" +#define SSH_VERSION_ADDENDUM "FreeBSD-20050903" const char *ssh_version_get(void); void ssh_version_set_addendum(const char *add); |
