This is version 4 of the ssh jumbo patch. Apply by doing: cd /usr/src mkdir usr.bin/ssh/lib patch -p0 < 005_sshjumbo.patch cd usr.bin/ssh make obj make make install update your /etc/sshd_config and /etc/ssh_config files, as needed. Index: usr.bin/ssh/ChangeLog =================================================================== RCS file: ChangeLog diff -N ChangeLog --- /tmp/cvsyHrqq31367 Wed Dec 8 12:42:01 1999 +++ /dev/null Wed Dec 8 12:40:35 1999 @@ -1,578 +0,0 @@ -Fri Nov 17 16:19:20 1995 Tatu Ylonen - - * Released 1.2.12. - - * channels.c: Commented out debugging messages about output draining. - - * Added file OVERVIEW to give some idea about the structure of the - ssh software. - -Thu Nov 16 16:40:17 1995 Tatu Ylonen - - * canohost.c (get_remote_hostname): Don't ever return NULL (causes - segmentation violation). - - * sshconnect.c: Host ip address printed incorrectly with -v. - - * Implemented SSH_TTY environment variable. - -Wed Nov 15 01:47:40 1995 Tatu Ylonen - - * Implemented server and client option KeepAlive to specify - whether to set SO_KEEPALIVE. Both default to "yes"; to disable - keepalives, set the value to "no" in both the server and the - client configuration files. Updated manual pages. - - * sshd.c: Fixed Solaris utmp problem: wrong pid stored in utmp - (patch from Petri Virkkula ). - - * login.c (record_logout): Fixed removing user from utmp on BSD - (with HAVE_LIBUTIL_LOGIN). - - * Added cleanup functions to be called from fatal(). Arranged for - utmp to be cleaned if sshd terminates by calling fatal (e.g., - after dropping connection). Eliminated separate client-side - fatal() functions and moved fatal() to log-client.c. Made all - cleanups, including channel_stop_listening() and packet_close() - be called using this mechanism. - -Thu Nov 9 09:58:05 1995 Tatu Ylonen - - * sshd.c: Permit immediate login with empty password only if - password authentication is allowed. - -Wed Nov 8 00:43:55 1995 Tatu Ylonen - - * Eliminated unix-domain X11 forwarding. Inet-domain forwarding is - now the only supported form. Renamed server option - X11InetForwarding to X11Forwarding, and eliminated - X11UnixForwarding. Updated documentation. Updated RFC (marked - the SSH_CMSG_X11_REQUEST_FORWARDING message (code 26) as - obsolete, and removed all references to it). Increased protocol - version number to 1.3. - - * scp.c (main): Added -B (BatchMode). Updated manual page. - - * Cleaned up and updated all manual pages. - - * clientloop.c: Added new escape sequences ~# (lists forwarded - connections), ~& (background ssh when waiting for forwarded - connections to terminate), ~? (list available escapes). - Polished the output of the connection listing. Updated - documentation. - - * uidswap.c: If _POSIX_SAVED_IDS is defined, don't change the real - uid. Assume that _POSIX_SAVED_IDS also applies to seteuid. - This may solve problems with tcp_wrappers (libwrap) showing - connections as coming from root. - -Tue Nov 7 20:28:57 1995 Tatu Ylonen - - * Added RandomSeed server configuration option. The argument - specifies the location of the random seed file. Updated - documentation. - - * Locate perl5 in configure. Generate make-ssh-known-hosts (with - the correct path for perl5) in Makefile.in, and install it with - the other programs. Updated manual page. - - * sshd.c (main): Added a call to umask to set the umask to a - reasonable value. - - * compress.c (buffer_compress): Fixed to follow the zlib - documentation (which is slightly confusing). - - * INSTALL: Added information about Linux libc.so.4 problem. - -Mon Nov 6 15:42:36 1995 Tatu Ylonen - - * (Actually autoconf fix) Installed patch to AC_ARG_PROGRAM. - - * sshd.c, sshd.8.in: Renamed $HOME/.environment -> - $HOME/.ssh/environment. - - * configure.in: Disable shadow password checking on convex. - Convex has /etc/shadow, but sets pw_passwd automatically if - running as root. - - * Eliminated HAVE_ETC_MASTER_PASSWD (NetBSD, FreeBSD); the - pw_passwd field is automatically filled if running as root. - Put explicit code in configure.in to prevent shadow password - checking on FreeBSD and NetBSD. - - * serverloop.c (signchld_handler): Don't print error if wait - returns -1. - - * Makefile.in (install): Fixed modes of data files. - - * Makefile.in (install): Make links for slogin.1. - - * make-ssh-known-hosts: Merged a patch from melo@ci.uminho.pt to - fix the ping command. - -Fri Nov 3 16:25:28 1995 Tatu Ylonen - - * ssh.1.in: Added more information about X11 forwarding. - -Thu Nov 2 18:42:13 1995 Tatu Ylonen - - * Changes to use O_NONBLOCK_BROKEN consistently. - - * pty.c (pty_make_controlling_tty): Use setpgid instead of - setsid() on Ultrix. - - * includes.h: Removed redundant #undefs for Ultrix and Sony News; - these are already handled in configure.in. - -Tue Oct 31 13:31:28 1995 Tatu Ylonen - - * configure.in: Define SSH_WTMP to /var/adm/wtmp is wtmp not found. - - * configure.in: Disable vhangup on Ultrix. I am told this fixes - the server problems. - -Sat Oct 28 14:22:05 1995 Tatu Ylonen - - * sshconnect.c: Fixed a bug in connecting to a multi-homed host. - Restructured the connecting code to never try to use the same - socket a second time after a failed connection. - - * Makefile.in: Added explicit -m option to install, and umask 022 - when creating directories and the host key. - -Fri Oct 27 01:05:10 1995 Tatu Ylonen - - * Makefile.in: Added cleaning of $(ZLIBDIR) to clean and distclean. - - * login.c (get_last_login_time): Fixed a typo (define -> defined). - -Thu Oct 26 01:28:07 1995 Tatu Ylonen - - * configure.in: Moved testing for ANSI C compiler after the host - specific code (problems on HPUX). - - * Minor fixes to /etc/default/login stuff from Bryan O'Sullivan. - - * Fixed .SH NAME sections in manual pages. - - * compress.c: Trying to fix a mysterious bug in the compression - glue. - - * ssh-1.2.11. - - * scp.c: disable agent forwarding when running ssh from scp. - - * Added compression of plaintext packets using the gzip library - (zlib). Client configuration options Compression and - CompressionLevel (1-9 as in gzip). New ssh and scp option -C - (to enable compression). Updated RFC. - -Wed Oct 25 05:11:55 1995 Tatu Ylonen - - * Implemented ProxyCommand stuff based on patches from Bryan - O'Sullivan . - - * Merged BSD login/logout/lastlog patches from Mark Treacy - . - - * sshd.c: Added chdir("/"). - -Tue Oct 24 00:29:01 1995 Tatu Ylonen - - * Merged RSA environment= patches from Felix Leitner - with some changes. - - * sshd.c: Made the packet code use two separate descriptors for - the connection (one for input, the other for output). This will - make future extensions easier (e.g., non-socket transports, etc.). - sshd -i now uses both stdin and stdout separately. - -Mon Oct 23 21:29:28 1995 Tatu Ylonen - - * sshd.c: Merged execle -> execve patches from Mark Martinec - . This may help with execle bugs on - Convex (environment not getting passed properly). This might - also solve similar problems on Sonys; please test! - - * Removed all compatibility code for protocol version 1.0. - THIS MEANS THAT WE ARE NO LONGER COMPATIBLE WITH SSH VERSIONS - PRIOR TO 1.1.0. - - * randoms.c (random_acquire_light_environmental_noise): If - /dev/random is available, read up to 32 bytes (256 bits) from - there in non-blocking mode, and mix the new random bytes into - the pool. - - * Added client configuration option StrictHostKeyChecking - (disabled by default). If this is enabled, the client will not - automatically add new host keys to $HOME/.ssh/known_hosts; - instead the connection will be refused if the host key is not - known. Similarly, if the host key has changed, the connection - will be refused instead if just issuing a warning. This - provides additional security against man-in-the-middle/trojan - horse attacks (especially in scripts where there is no-one to - see the warnings), but may be quite inconvenient in everyday - interactive use unless /etc/ssh_known_hosts is very complete, - because new host keys must now be added manually. - - * sshconnect.c (ssh_connect): Use the user's uid when creating the - socket and connecting it. I am hoping that this might help with - tcp_wrappers showing the remote user as root. - - * ssh.c: Try inet-domain X11 forwarding regardless of whether we - can get local authorization information. If we don't, we just - come up with fake information; the forwarding code will anyway - generate its own fake information and validate that the client - knows that information. It will then substitute our fake - information for that, but that info should get ignored by the - server if it doesn't support it. - - * Added option BatchMode to disable password/passphrase querying - in scripts. - - * auth-rh-rsa.c: Changed to use uid-swapping when reading - .ssh/known_hosts. - - * sshd.8.in (command): Improved documentation of file permissions - on the manual pages. - -Thu Oct 19 21:05:51 1995 Tatu Ylonen - - * ssh-add.c (add_file): Fixed a bug causing ssh to sometimes refer - to freed memory (comment -> saved_comment). - - * log-server.c: Added a prefix to debug/warning/error/fatal - messages describing message types. Syslog does not include that - information automatically. - -Sun Oct 8 01:56:01 1995 Tatu Ylonen - - * Merged /etc/default/login and MAIL environment variable changes - from Bryan O'Sullivan . - - mail spool file location - - process /etc/default/login - - add HAVE_ETC_DEFAULT_LOGIN - - new function child_get_env and read_etc_default_login (sshd.c) - - * ssh-add.c (add_file): Fixed asking for passphrase. - - * Makefile.in: Fixed installing configure-generated man pages when - compiling in a separate object directory. - - * sshd.c (main): Moved RSA key generation until after allocating - the port number. (Actually, the code got duplicated because we - never listen when run from inetd.) - - * ssh.c: Fixed a problem that caused scp to hang when called with - stdin closed. - -Sat Oct 7 03:08:06 1995 Tatu Ylonen - - * Added server config option StrictModes. It specifies whether to - check ownership and modes of home directory and .rhosts files. - - * ssh.c: If ssh is renamed/linked to a host name, connect to that - host. - - * serverloop.c, clientloop.c: Ignore EAGAIN reported on read from - connection. Solaris has a kernel bug which causes select() to - sometimes wake up even though there is no data available. - - * Display all open connections when printing the "Waiting for - forwarded connections to terminate" message. - - * sshd.c, readconf.c: Added X11InetForwarding and - X11UnixForwarding server config options. - -Thu Oct 5 17:41:16 1995 Tatu Ylonen - - * Some more SCO fixes. - -Tue Oct 3 01:04:34 1995 Tatu Ylonen - - * Fixes and cleanups in README, INSTALL, COPYING. - -Mon Oct 2 03:36:08 1995 Tatu Ylonen - - * ssh-add.c (add_file): Fixed a bug in ssh-add (xfree: NULL ...). - - * Removed .BR from ".SH NAME" in man pages. - -Sun Oct 1 04:16:07 1995 Tatu Ylonen - - * ssh-1.2.10. - - * configure.in: When checking that the compiler works, check that - it understands ANSI C prototypes. - - * Made uidswap error message a debug() to avoid confusing errors - on AIX (AIX geteuid is brain-damaged and fails even for root). - - * Fixed an error in sshd.8 (FacistLogging -> FascistLogging). - - * Fixed distribution in Makefile.in (missing manual page .in files). - -Sat Sep 30 17:38:46 1995 Tatu Ylonen - - * auth-rhosts.c: Fixed serious security problem in - /etc/hosts.equiv authentication. - -Fri Sep 29 00:41:02 1995 Tatu Ylonen - - * Include machine/endian.h on Paragon. - - * ssh-add.c (add_file): Made ssh-add keep asking for the - passphrase until the user just types return or cancels. - Make the dialog display the comment of the key. - - * Read use shosts.equiv in addition to /etc/hosts.equiv. - - * sshd.8 is now sshd.8.in and is processed by configure to - substitute the proper paths for various files. Ditto for ssh.1. - Ditto for make-ssh-known-hosts.1. - - * configure.in: Moved /etc/sshd_pid to PIDDIR/sshd.pid. PIDDIR - will be /var/run if it exists, and ETCDIR otherwise. - -Thu Sep 28 21:52:42 1995 Tatu Ylonen - - * On Ultrix, check if sys/syslog.h needs to be included in - addition to syslog.h. - - * make-ssh-known-hosts.pl: Merged Kivinen's fixes for HPUX. - - * configure.in: Put -lwrap, -lsocks, etc. at the head of LIBS. - - * Fixed case-insensitivity in auth-rhosts.c. - - * Added missing socketpair.c to EXTRA_SRCS (needed on SCO), plus - other SCO fixes. - - * Makefile.in: Fixed missing install_prefixes. - -Wed Sep 27 03:57:00 1995 Tatu Ylonen - - * ssh-1.2.9. - - * Added SOCKS support. - - * Fixed default setting of IgnoreRhosts option. - - * Pass the magic cookie to xauth in stdin instead of command line; - the command line is visible in ps. - - * Added processing $HOME/.ssh/rc and /etc/sshrc. - - * Added a section to sshd.8 on what happens at login time. - -Tue Sep 26 01:27:40 1995 Tatu Ylonen - - * Don't define speed_t on SunOS 4.1.1; it conflicts with system - headers. - - * Added support for .hushlogin. - - * Added --with-etcdir. - - * Read $HOME/.environment after /etc/environment. - -Mon Sep 25 03:26:06 1995 Tatu Ylonen - - * Merged patches for SCO Unix (from Michael Henits). - -Sun Sep 24 22:28:02 1995 Tatu Ylonen - - * Added ssh option ConnectionAttempts. - -Sat Sep 23 12:30:15 1995 Tatu Ylonen - - * sshd.c: Don't print last login time and /etc/motd if a command - has been specified (with ssh -t host command). - - * Added support for passing the screen number in X11 forwarding. - It is implemented as a compatible protocol extension, signalled - by SSH_PROTOFLAG_SCREEN_NUMBER by the child. - - * clientloop.c: Fixed bugs in the order in which things were - processed. This may solve problems with some data not getting - sent to the server as soon as possible (probably solves the TCP - forwarding delayed close problem). Also, it looked like window - changes might not get transmitted as early as possible in some - cases. - - * clientloop.c: Changed to detect window size change that - happened while ssh was suspended. - - * ssh.c: Moved the do_session function (client main loop) to - clientloop.c. Divided it into smaller functions. General cleanup. - - * ssh-1.2.8 - -Fri Sep 22 22:07:46 1995 Tatu Ylonen - - * sshconnect.c (ssh_login): Made ssh_login take the options - structure as argument, instead of the individual arguments. - - * auth-rhosts.c (check_rhosts_file): Added support for netgroups. - - * auth-rhosts.c (check_rhosts_file): Added support for negated - entries. - -Thu Sep 21 00:07:56 1995 Tatu Ylonen - - * auth-rhosts.c: Restructured rhosts authentication code. - Hosts.equiv now has same format as .rhosts: user names are allowed. - - * Added support for the Intel Paragon. - - * sshd.c: Don't use X11 forwarding with spoofing if no xauth - program. Changed configure.in to not define XAUTH_PATH if - there is no xauth program. - - * ssh-1.2.7 - - * sshd.c: Rewrote the code to build the environment. Now also reads - /etc/environment. - - * sshd.c: Fixed problems in libwrap code. --with-libwrap now - takes optional library name/path. - - * ssh-1.2.6 - - * Define USE_PIPES by default. - - * Added support for Univel Unixware and MachTen. - - * Added IgnoreRhosts server option. - - * Added USE_STRLEN_FOR_AF_UNIX; it is needed at least on MachTen. - -Wed Sep 20 02:41:02 1995 Tatu Ylonen - - * sshd.c (do_child): don't call packet_close when /etc/nologin, - because packet_close does shutdown, and the message does not get - sent. - - * pty.c (pty_allocate): Push ttcompat streams module. - - * randoms.c (random_acquire_light_environmental_noise): Don't use - the second argument to gettimeofday as it is not supported on - all systems. - - * login.c (record_login): Added NULL second argument to gettimeofday. - -Tue Sep 19 13:25:48 1995 Tatu Ylonen - - * fixed pclose wait() in sshd key regeneration (now only collects - easily available noise). - - * configure.in: test for bsdi before bsd*. - - * ssh.c: Don't print "Connection closed" if -q. - -Wed Sep 13 04:19:52 1995 Tatu Ylonen - - * Released ssh-1.2.5. - - * Hopefully fixed "Waiting for forwarded connections to terminate" - message. - - * randoms.c, md5.c: Large modifications to make these work on Cray - (which has no 32 bit integer type). - - * Fixed a problem with forwarded connection closes not being - reported immediately. - - * ssh.c: fixed rhosts authentication (broken by uid-swapping). - - * scp.c: Don't use -l if server user not specified (it made - setting User in the configuration file not work). - - * configure.in: don't use -pipe on BSDI. - - * randoms.c: Major modifications to make it work without 32 bit - integers (e.g. Cray). - - * md5.c: Major modifications to make it work without 32 bit - integers (e.g. Cray). - - * Eliminated HPSUX_BROKEN_PTYS. The code is now enabled by - default on all systems. - -Mon Sep 11 00:53:12 1995 Tatu Ylonen - - * sshd.c: don't include sshd pathname in log messages. - - * Added libwrap stuff (includes support for identd). - - * Added OSF/1 C2 extended security stuff. - - * Fixed interactions between getuid() and uid-swap stuff. - -Sun Sep 10 00:29:27 1995 Tatu Ylonen - - * serverloop.c: Don't send stdout data to client until after a few - milliseconds if there is very little data. This is because some - systems give data from pty one character at a time, which would - multiply data size by about 16. - - * serverloop.c: Moved server do_session to a separate file and - renamed it server_loop. Split it into several functions and - partially rewrote it. Fixed "cat /etc/termcap | ssh foo cat" hangup. - - * Screwed up something while checking stuff in under cvs. No harm, - but bogus log entries... - -Sat Sep 9 02:24:51 1995 Tatu Ylonen - - * minfd.c (_get_permanent_fd): Use SHELL environment variable. - - * channels.c (x11_create_display_inet): Created - HPSUX_NONSTANDARD_X11_KLUDGE; it causes DISPLAY to contain the - IP address of the host instead of the name, because HPSUX uses - some magic shared memory communication for local connections. - - * Changed SIGHUP processing in server; it should now work multiple - times. - - * Added length limits in many debug/log/error/fatal calls just in - case. - - * login.c (get_last_login_time): Fixed location of lastlog. - - * Rewrote all uid-swapping code. New files uidswap.h, uidswap.c. - - * Fixed several security problems involving chmod and chgrp (race - conditions). Added warnings about dubious modes for /tmp/.X11-unix. - -Fri Sep 8 20:03:36 1995 Tatu Ylonen - - * Changed readconf.c to never display anything from the config - file. This should now be prevented otherwise, but let's play safe. - - * log-server.c: Use %.500s in syslog() just to be sure (they - should already be shorter than 1024 though). - - * sshd.c: Moved setuid in child a little earlier (just to be - conservative, there was no security problem that I could detect). - - * README, INSTALL: Added info about mailing list and WWW page. - - * sshd.c: Added code to use SIGCHLD and wait zombies immediately. - - * Merged patch to set ut_addr in utmp. - - * Created ChangeLog and added it to Makefile.in. - - * Use read_passphrase instead of getpass(). - - * Added SSH_FALLBACK_CIPHER. Fixed a bug in default cipher - selection (IDEA used to be selected even if not supported by the - server). - - * Use no encryption for key files if empty passphrase. - - * Added section about --without-idea in INSTALL. - - * Version 1.2.0 was released a couple of days ago. - Index: usr.bin/ssh/INSTALL =================================================================== RCS file: INSTALL diff -N INSTALL --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsbLdgr31367 Wed Dec 8 12:42:01 1999 @@ -0,0 +1,409 @@ +This is a hacked-up version of ssh-1.2.12. + +The GMP and DES sources are now external to the distribution. To build +this software it is necessary to first have GMP and a DES +implementation installed somewhere. Some systems comes with GMP and +DES preinstalled. If your system doesn't; pick up the GMP sources from +your favorite GNU ftp site (ftp://prep.ai.mit.edu/pub/gnu/). There is +a free DES implementation made by Eric Young that can be found under +the name libdes-x.x.x.tar.gz, for example at +ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/. + +The distribution optionally supports Kerberos version 4 authentication +and AFS. If you want to build with Kerberos support and your system +comes with Kerberos preinstalled add the switch --with-krb4=/usr to +configure. Otherwise, first build and install Kerberos and then use +--with-krb4=/usr/whatever-directory. If you don't want Kerberos +support use --without-krb4 (the default). Kerberos can be found at +ftp://ftp.pdc.kth.se/pub/krb/src/. + +Compression support is now optional. If you don't have zlib installed +configure using --without-zlib or first install zlib. We have +succesfully used zlib-1.0.4.tar.gz + +For more detailed installation instructions read the rest of this file +and README.AFS-KERBEROS. + +---------------------------------------------------------------------------- +This file describes how to install the Secure Shell (ssh). Secure Shell is +a replacement for rlogin and rsh. It seamlessly encrypts all communications, +provides improved security, and has useful new features. + + +INSTALLATION + +For most machines and configurations, the following is all you need. + + ./configure + make + make install + +Then check (and edit if needed) the following files: + /etc/sshd_config (server configuration file) + /etc/ssh_config (client configuration file - defaults for users) + +You may also want to create the /etc/ssh_known_hosts for your site and update +it periodically. See the manual page for make-ssh-known-hosts on how to +do this easily. The file format is documented on the sshd manual page. + +The source is written in ANSI C, and requires an ANSI C compiler or GCC. +A copy of GCC is available on all major FTP sites (e.g., in +ftp:/prep.ai.mit.edu/pub/gnu). + + +CONFIGURATION OPTIONS + +The package comes with an Autoconf-generated configure script. The +script accepts several options + All standard options, including: + --prefix=PREFIX where to install files (default: subdirs of /usr/local) + --exec_prefix=PREFIX where to install executables (default: same as prefix) + --srcdir=DIR find sources in DIR (default: where configure is) + Specific options: + --with-rsh=PATH Use rsh specified by PATH when needed + --with-etcdir=PATH Store system files in the given dir (default: /etc) + --with-path=PATH Default path to pass to user shell. + --with-rsaref Use rsaref2 from rsaref2 subdirectory (see below). + --with-libwrap[=PATH] Use libwrap (tcp_wrappers) and identd (see below). + --with-socks[=PATH] Include SOCKS (firewall traversal) support. + --without-idea Don't include IDEA (see below). + --with-securid[=PATH] Support for the SecurID card (see README.SECURID). + --enable-warnings Adds -Wall to CFLAGS if using gcc. + +You may also want to configure the following variables: + CC=compiler specify name of the C compiler (default: gcc or cc) + CFLAGS=flags specify flags to C compiler (default: -O -g or just -O) + LDFLAGS=flags specify flags to linker (default: none) + +Alternate values can be given to configure in the environment, e.g.: + CC=xcc CFLAGS="-O2" LDFLAGS="-L/lib/zzz" ./configure +(Note that if you have already configured, and later decide to give +some values on the command line, you may need to say "make distclean" +before reconfiguring.) + + +CONFIGURATION FILES + +The server has a configuration file /etc/sshd_config, which specifies the +permitted authentication methods, hosts, port number, etc. The defaults are +acceptable for most sites, but you may want to check this file. Its format +is documented on the sshd manual page. + +The client reads a configuration file /etc/ssh_config, which gives +site-wide defaults for various options. Options in this file can be +overridden by per-user configuration files. The file is documented on +the ssh manual page. + + +MAKEFILE + +The Makefile is generated from Makefile.in by running configure. It supports +the following targets: + all: compile everything + install: install in $exec_prefix/bin and $prefix/man/man1. + uninstall: remove installed files + clean: remove object files and executables + distclean: remove anything not in the distribution + + +PORTABILITY + +This software has been used at least in the following environments. + + 386BSD 0.1; i386 + AIX 3.2.5, 4.1; RS6000, PowerPC + BSD 4.4; several platforms + BSD/OS 1.1, 2.0.1; i486 + BSD/386 1.1; i386 + ConvexOS 10.1; Convex + DGUX 5.4R2.10; DGUX + FreeBSD 1.x, 2.x; Pentium + HPUX 9.0x, 10.0; HPPA + IRIX 5.2, 5.3; SGI Indy + IRIX 6.0.1; Mips-R8000 + Linux 1.2.8 Slackware 2.1.0; i486 + Mach3; Mips + Mach3/Lites; i386 + Machten 2.2 + NetBSD 1.0A; Pentium, Sparc + OSF/1 3.0, 3.2, 3.2a; Alpha + Sequent Dynix/ptx 3.2.0 V2.1.0; i386 + SCO Unix; i386 (client only) + SINIX 5.42; Mips R4000 + Solaris 2.3, 2.4; Sparc + Sony NEWS-OS 3.3 (BSD 4.3); m68k + SunOS 4.1.2, 4.1.3, 4.1.4; Sparc + SysV 4.x; several platforms + Ultrix x.x; Mips + Unicos 8.0.3; Cray C90 + +Please report back any other environments where you have used ssh, +and send back any patches you had to do so that they can be integrated +to the distribution. The proper address is ossh-bugs@sics.se. +Always remember to mention the ssh version number and machine type in +your bug reports. Please include also the output of the -v option +from the client side, and the output of the -d option from the server, +if applicable. + +Not all compilers work in all environments. If you have problems, try +compiling with gcc-2.7. *** SPARC NOTE: gcc-2.7.0 appears to generate +bad code on Sparc (Solaris 2.3) when compiling without -O. Try +gcc-2.6.3 or compile with -O. *** + +Solaris 2.4 note: you need to install "kernel jumbo patch number +101945-32" (dated August 31, 1995) for ssh to work. The symptom is +that ssh dies with a "Resource temporarily unavailable" error. + +Linux note: Some linux systems have a bug which causes an error about +libc.so.4 when compiling ssh. This can be solved by any of the +following ways: + - Do "ln -s libc.sa /usr/lib/libg.sa" as root. + - Install gcc-2.7.0. + - Configure ssh with "CFLAGS=-O ./configure" (i.e., without debug info). +More information on this problem is available in +ftp://ftp.netcom.com/pub/ze/zenon/linux. + +BSDI BSD/OS note: Apparently the gcc that comes with BSD/OS is +broken. Use "CC=cc ./configure" or "setenv CC cc; ./configure" when +configuring to force it to use cc instead of gcc. + +ConvexOS note: Convex "make" is broken. Install GNU make first if you +have trouble compiling ssh. + + +COMPILING WITH RSAREF2 + +If you are using ssh in the United States, you may want to use the +RSAREF2 library from RSADSI. This may make it legal to use ssh +without a separate license for non-commercial purposes. RSAREF2 is +not included in the distribution; however, it is available on any +major ftp site around the world (e.g., +ftp://ftp.funet.fi/pub/crypt/cryptography/asymmetric/rsa/rsaref2.tar.gz). +The RSAREF2 distribution should be unpacked into "rsaref2" +subdirectory in the ssh distribution directory (a symbolic link to +rsaref2 is not sufficient). Configure should be given the +--with-rsaref option. (Note that there is no need to *compile* +rsaref2 manually; the ssh Makefile will compile those files it needs.) + +Using RSAREF outside the United States is not recommended and only +causes legal complications. + +RSAREF2 does not work for large key sizes (> 1024). This may be the +problem if you get "RSAPrivateDecrypt failed". + +On alpha, one should edit rsaref2/source/global.h, and make UINT4 +"unsigned int" instead of "unsigned long int". + + +LIBWRAP AND IDENTD + +Ssh does not normally use identd or tcp-wrappers. However, it can be +compiled to use these by adding --with-libwrap on the command line. +This requires that the tcp_wrappers libwrap.a library and the +associated tcpd.h have been installed somewhere where the compiler can +find them. With libwrap support, ssh will process the +/etc/hosts.allow and /etc/hosts.deny files, and use identd if required +by them. The name of the user on the client side (as returned by +identd) will be logged if requested by the configuration files. See +tcp_wrappers documentation for more information. + + +COMPILING WITHOUT IDEA + +The IDEA cipher can be freely used for non-commercial use. However, +commercial use may require a license in a number of countries. + +Ssh can be compiled without IDEA by using the --without-idea configure +option. This disables IDEA, and causes 3DES to be used for encrypting +key/identity files and as the default session cipher. (The default +session cipher can be changed by editing SSH_FALLBACK_CIPHER in +ssh.h.) + +If one disables IDEA after having used it for some time, it is +possible that there are key files around that were encrypted with IDEA. + +Key files can be converted to use 3DES by creating a special version +of ssh-keygen that includes IDEA (was compiled without +--without-idea), but that generates key files encrypted with 3DES +(edit SSH_AUTHFILE_CIPHER to be SSH_CIPHER_3DES even when WITHOUT_IDEA +is not defined). Any operation with re-encrypts the key file can be +used, such as changing the comment or changing the passphrase. + + +STARTING THE SERVER + +The server should be started at boot from /etc/rc or equivalent. It +need not be given any arguments; however, an optional "-b bits" flag +may be used to specify RSA key size (default is 768). Key sizes less +than 512 can be broken; larger key sizes generally mean more security +but require more time to generate and use. 1024 bits is secure for +any practical time with current technology. + +The server is not started using inetd, because it needs to generate +the RSA key before serving the connection, and this can take about a +minute on slower machines. On a fast machine, and small (breakable) +key size (< 512 bits) it may be feasible to start the server from +inetd on every connection. The server must be given "-i" flag if +started from inetd. + + +REPLACING RLOGIN AND RSH + +This software has been designed so that it can be installed with the +names rlogin, rsh, and rcp, and it will use the Secure Shell +protocol whenever the remote machine supports it, and will +automatically execute rlogin/rsh (after displaying a warning that +there is no encryption) if the remote host does not support Secure +Shell. + +Rlogin/rsh replacement is done as follows: + ./configure --with-rsh=RSH-PATH --program-transform-name='s/^s/r/' + make install + +where RSH-PATH is the complete pathname of the real rsh program. (You +may want to copy the old rsh program to a suitable location). + +This will create links for rlogin, rsh, and rcp. If you are +installing them in the same directory where rlogin etc. normally are +(e.g., /usr/bin), you must first move the original programs to some +other directory (e.g., /usr/lib/rsh). + +When doing this, you should also build a file containing the host keys of all +machines in your organization, and copy this file to /etc/ssh_known_hosts +on every machine. This will make .rhosts and /etc/hosts.equiv authentication +work for users without any changes to the user configuration, but will be +much more secure than conventional .rhosts and /etc/hosts.equiv authentication. +This will also protect the users against router attacks where someone (perhaps +remotely) reconfigures the routers to direct connections to a certain host +to a different machine, which can then grab any passwords which the user +types thinking he/she is connected to the real machine. + + +CLIENT SUID ROOT, SERVER RUN AS ROOT + +This package installs two programs that need special privileges. Ssh +is the client program, and it is by default installed as suid root, +because it needs to create a privileged port in order to use .rhosts +files for authentication. If it is not installed as suid root, it will +still be usable, but .rhosts authentication will not be available. Also, the +private host key file is readable by root only. + +Sshd is the daemon that listens for connections. It should preferably +be run as root, because it is by normally listening on a privileged +port, and it needs to be able to do setuid(), update utmp, chown ptys +etc. when a user logs in. If it is not run as root, explicit "-p +port" option must be given to specify an alternate port (same port +must also be specified for clients), "-h host_key_file_path" must be +given to specify an alternate host key file, and it cannot be used to +log in as any other user than the user running it (because it cannot +call setuid()). Also, if your system uses shadow passwords, password +authentication will not work when running as someone else than root. + +Both the server and the client have been carefully screened for +possible security problems, and are believed to be secure. However, +there can be no guarantee. If you find any problems, please report +them immediately. + + +COMMON PROBLEMS + +This section lists some common installation problems. + +Shadow passwords + + There are many different shadow password schemes. Ssh currently recognizes + and supports many of them; however, there are probably still many that + it does not understand. This may not be visible at compile time. + If your system uses shadow passwords, and password authentication does not + work even if sshd is running as root, this is probably your problem. + Please contact the author if this happens. Code to recognize (configure.in) + and use (auth-passwd.c) the shadow password mechanism on new systems + is highly welcome. + +login.c does not compile, or logging of logins does not work properly + + Mechanisms for updating wtmp, utmp, lastlog, and similar mechanisms + are not standardized. Ssh substitutes many of the functions of the + conventional login program. These functions are implemented in login.c. + You may need to modify this file to make it work on exotic systems. + Please send any modifications and bug fixes back to the author for inclusion + in the distribution. If you just want to try ssh, and cannot get this file + to compile, if is safe to define all of the functions as empty; however, + in that case logins will not be logged. + +Sshd does not start or dies immediately + + The easiest thing to do is to give the -d option to sshd. It will + then send debugging output to stderr (and syslog). The -d option + also has other side effects, e.g. the daemon will not fork and will + only serve a single connection before exiting. However, it is very + useful for debugging problems. + + Sshd sends debugging output to the system log. Check your system + log (and syslogd configuration) to see why it dies. One possible + reason is that your system does not have a proper host key in + /etc/ssh_host_key. You can either generate a key with ssh-keygen + (it is automatically generated by "make install"), or specify an + alternative key with the -h option to the server. Another reason + could be that the port which the server tries to listen is already + reserved by some other program. + +Rhosts authentication does not work + + By default, the server does not accept normal .rhosts or /etc/hosts.equiv + authentication, because they are fundamentally insecure and can be spoofed + by anyone with access to the local network. Rhosts authentication can be + enabled at compile time by giving the --with-rhosts option to configure. + + The preferred alternative is to collect the public host keys of the entire + site to a file, and copy this to /etc/ssh_known_hosts on every machine in + the organization running sshd. This will prevent all IP spoofing attacks + and provides improved security (provided rshd, rlogind, and rexecd are + disabled). + +Opening connections is too slow + + On very slow machines, encrypting and decrypting the session key may + be too slow. For example, on a heavily loaded sun3 it took + several minutes to log in with the default key sizes. When we changed it + to use shorter host key (512 bits) and server key (384 bits), + login time dropped to about a second. A symptom of this problem is + that "ssh -v hostname" waits for a long time after printing "Sent + encrypted session key". + + Shorter host keys can be generated with "ssh-keygen -b 512", giving + /etc/ssh_host_key as the file in which to save the key (with empty + passphrase). The server key size can be specified with the -b + option on sshd command line (typically, in /etc/rc.local). The + server must be restarted for changes to take effect. + +The program complains "Could not set controlling tty" or something similar + + There are many different styles of pseudo ttys. Ssh currently + supports about five different styles (plus variations of them). It + is quite possible that there are more variations, some of which are + not supported by existing code. Fixing the problem may require + adding new code in pty.c and configure.in. You are encouraged to + write the needed code and send a patch to the author, or at least + report the problem. + +General problem solving + + The client has -v option, which sends verbose output to stdout. It + is very helpful in solving problems. + + The server has -d option, which causes it to send verbose debugging + output to system log and stderr. This option also causes the server + to only serve a single connection and not fork, which helps debugging. + + +REPORTING PROBLEMS AND OTHER CONTACTS + +Please report any bugs, problems, and enhancements to +ossh-bugs@sics.se. + +There is a mailing list for ossh. It is ossh@sics.se. If you would +like to join, send a message to majordomo@sics.se with "subscribe +ossh" in body. + +Copyright (c) 1995 Tatu Ylonen , Espoo, Finland. Index: usr.bin/ssh/Makefile =================================================================== RCS file: /cvs/src/usr.bin/ssh/Makefile,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- usr.bin/ssh/Makefile 1999/09/27 23:47:43 1.4 +++ usr.bin/ssh/Makefile 1999/10/25 20:27:26 1.5 @@ -1,8 +1,8 @@ -# $OpenBSD: Makefile,v 1.4 1999/09/27 23:47:43 deraadt Exp $ +# $OpenBSD: Makefile,v 1.5 1999/10/25 20:27:26 markus Exp $ .include -SUBDIR= ssh sshd ssh-add ssh-keygen ssh-agent scp +SUBDIR= lib ssh sshd ssh-add ssh-keygen ssh-agent scp distribution: install -C -o root -g wheel -m 0644 ${.CURDIR}/ssh_config \ Index: usr.bin/ssh/Makefile.in =================================================================== RCS file: Makefile.in diff -N Makefile.in --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsLSrVi31367 Wed Dec 8 12:42:01 1999 @@ -0,0 +1,344 @@ +# +# Makefile.in +# +# Author: Tatu Ylonen +# +# Copyright (c) 1995 Tatu Ylonen , Espoo, Finland +# All rights reserved +# +# Created: Wed Mar 22 17:37:49 1995 ylo +# +# $Id: Makefile.in,v 1.2 1999/09/26 21:47:52 deraadt dead $ +# + +srcdir = @srcdir@ + +VPATH = $(srcdir) + +install_prefix = +prefix = @prefix@ +exec_prefix = @exec_prefix@ +bindir = $(exec_prefix)/bin +sbindir = $(exec_prefix)/sbin +mandir = $(prefix)/man +man1dir = $(mandir)/man1 +man8dir = $(mandir)/man8 +etcdir = @ETCDIR@ +piddir = @PIDDIR@ + +CC = @CC@ +CFLAGS = @CFLAGS@ +LDFLAGS = @LDFLAGS@ +DEFS = @DEFS@ +LIBS = @LIBS@ +LIBOBJS = @LIBOBJS@ +CONFOBJS = @CONFOBJS@ + +MAKEDEP = @MAKEDEP@ +LN_S = @LN_S@ +RANLIB = @RANLIB@ +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_DATA = @INSTALL_DATA@ +WISH = @WISH@ + +GMPLIBS = @GMPLIBS@ +GMPINCS = @GMPINCS@ + +KRB4_AUTH = @KRB4_AUTH@ +KRB4_ROOT = @KRB4_ROOT@ +KRB4_INCS = @KRB4_INCS@ +KRB4_LIBS = @KRB4_LIBS@ +RADIX = @RADIX@ + +RSAREFDEP = @RSAREFDEP@ + +transform = @program_transform_name@ + +HOST_KEY_FILE = $(etcdir)/ssh_host_key +HOST_CONFIG_FILE = $(etcdir)/ssh_config +SERVER_CONFIG_FILE = $(etcdir)/sshd_config + +SHELL = /bin/sh + +#ZLIBLIBS = -L$(ZLIBDIR) -lz +#ZINCS = + +RSAREFDIR = rsaref2 +RSAREFSRCDIR = $(RSAREFDIR)/source + +CIPHER_OBJS = cipher.o $(CONFOBJS) +COMMON_OBJS = $(LIBOBJS) \ + rsa.o randoms.o ssh_md5.o buffer.o packet.o \ + xmalloc.o ttymodes.o channels.o bufaux.o authfd.o authfile.o crc32.o \ + rsaglue.o match.o mpaux.o minfd.o $(CIPHER_OBJS) +SSHD_OBJS = sshd.o $(KRB4_AUTH) auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o pty.o \ + log-server.o login.o hostfile.o canohost.o servconf.o tildexpand.o \ + uidswap.o serverloop.o $(RADIX) $(COMMON_OBJS) +SSH_OBJS = ssh.o sshconnect.o log-client.o readconf.o hostfile.o readpass.o \ + tildexpand.o uidswap.o clientloop.o canohost.o $(RADIX) $(COMMON_OBJS) +KEYGEN_OBJS = ssh-keygen.o log-client.o readpass.o rsa.o randoms.o ssh_md5.o \ + buffer.o xmalloc.o authfile.o $(CIPHER_OBJS) mpaux.o \ + bufaux.o $(LIBOBJS) +AGENT_OBJS = ssh-agent.o log-client.o rsa.o randoms.o ssh_md5.o buffer.o \ + xmalloc.o bufaux.o authfd.o authfile.o rsaglue.o $(CIPHER_OBJS) \ + mpaux.o minfd.o $(LIBOBJS) +ADD_OBJS = ssh-add.o log-client.o readpass.o rsa.o randoms.o ssh_md5.o buffer.o \ + xmalloc.o bufaux.o authfd.o authfile.o $(CIPHER_OBJS) \ + mpaux.o minfd.o $(LIBOBJS) +SCP_OBJS = scp.o xmalloc.o +GEN_MINFD_OBJS = gen_minfd.o $(LIBOBJS) + +USER_SHELLS = sh jsh ksh csh tcsh bash zsh ash + +SRCS = $(SSHD_OBJS:.o=.c) $(SSH_OBJS:.o=.c) $(KEYGEN_OBJS:.o=.c) \ + $(AGENT_OBJS:.o=.c) $(ADD_OBJS:.o=.c) \ + $(SCP_OBJS:.o=.c) \ + $(GEN_MINFD_OBJS:.o=.c) +EXTRA_SRCS = memmove.c strerror.c remove.c random.c putenv.c osfc2.c \ + socketpair.c +MAN1PAGES = ssh-keygen.1 ssh-agent.1 ssh-add.1 scp.1 +MAN1GENERATED = ssh.1 +MAN1SOURCES = ssh.1.in ssh-keygen.1 ssh-agent.1 ssh-add.1 scp.1 +MAN8GENERATED = sshd.8 +MAN8SOURCES = sshd.8.in + +DISTFILES = COPYING.Ylonen README.AFS-KERBEROS README README.SECURID \ + INSTALL TODO OVERVIEW \ + configure configure.in config.guess config.sub Makefile.in \ + ssh-askpass.wish host_config.sample config.sample \ + acconfig.h config.h.in server_config.sample \ + $(MAN1SOURCES) $(MAN8SOURCES) *.c *.h install-sh \ + RFC.nroff RFC \ + ChangeLog + +DISTNAME = `sed 's/.*"\(.*\)".*/\1/' version.h` + +NORMAL_PROGRAMS = ssh-keygen ssh-askpass ssh-agent ssh-add scp + +SBIN_PROGRAMS = sshd +PROGRAMS = ssh $(SBIN_PROGRAMS) $(NORMAL_PROGRAMS) +SSH_PROGRAM = $(bindir)/ssh + +all: $(PROGRAMS) + +RFC: RFC.nroff rfc-pg + tbl RFC.nroff | nroff -ms | sed 's/FORMFEED\[Page/ [Page/' | ./rfc-pg -n5 >RFC + +rfc-pg: rfc-pg.c + $(CC) -o rfc-pg rfc-pg.c + +.c.o: + $(CC) -c -I. $(KRB4_INCS) $(GMPINCS) $(ZINCS) $(DEFS) -DHOST_KEY_FILE=\"$(HOST_KEY_FILE)\" -DHOST_CONFIG_FILE=\"$(HOST_CONFIG_FILE)\" -DSERVER_CONFIG_FILE=\"$(SERVER_CONFIG_FILE)\" -DSSH_PROGRAM=\"$(SSH_PROGRAM)\" -DETCDIR=\"$(etcdir)\" -DPIDDIR=\"$(piddir)\" $(CFLAGS) $< + +sshd: $(SSHD_OBJS) $(RSAREFDEP) + -rm -f sshd + $(CC) $(LDFLAGS) -o sshd $(SSHD_OBJS) $(GMPLIBS) $(ZLIBLIBS) $(KRB4_LIBS) $(LIBS) + +ssh: $(SSH_OBJS) $(RSAREFDEP) + -rm -f ssh + $(CC) $(LDFLAGS) -o ssh $(SSH_OBJS) $(GMPLIBS) $(ZLIBLIBS) $(KRB4_LIBS) $(LIBS) + +ssh-keygen: $(KEYGEN_OBJS) $(RSAREFDEP) + -rm -f ssh-keygen + $(CC) $(LDFLAGS) -o ssh-keygen $(KEYGEN_OBJS) $(GMPLIBS) $(KRB4_LIBS) $(LIBS) + +ssh-agent: $(AGENT_OBJS) $(RSAREFDEP) + -rm -f ssh-agent + $(CC) $(LDFLAGS) -o ssh-agent $(AGENT_OBJS) $(GMPLIBS) $(KRB4_LIBS) $(LIBS) + +ssh-add: $(ADD_OBJS) $(RSAREFDEP) + -rm -f ssh-add + $(CC) $(LDFLAGS) -o ssh-add $(ADD_OBJS) $(GMPLIBS) $(KRB4_LIBS) $(LIBS) + +scp: $(SCP_OBJS) $(LIBOBJS) + -rm -f scp + $(CC) $(LDFLAGS) -o scp $(SCP_OBJS) $(LIBOBJS) $(KRB4_LIBS) $(LIBS) + +ssh-askpass: ssh-askpass.wish + -rm -f ssh-askpass + echo "#! $(WISH) -f" >ssh-askpass + cat $(srcdir)/ssh-askpass.wish >>ssh-askpass + chmod +x ssh-askpass + +gen_minfd: $(GEN_MINFD_OBJS) + $(CC) $(LDFLAGS) -o gen_minfd $(GEN_MINFD_OBJS) $(LIBS) + +minfd.o: minfd.h +minfd.h: gen_minfd + rm -f minfd.h minfd.h~ + ./gen_minfd $(USER_SHELLS) > minfd.h~ + mv -f minfd.h~ minfd.h + +$(RSAREFSRCDIR)/librsaref.a: + -if test '!' -d $(RSAREFDIR); then \ + (cd $(srcdir); tar cf - $(RSAREFSRCDIR)) | tar xf -; fi + cd $(RSAREFSRCDIR); $(MAKE) -f ../../Makefile librsaref.a + +RSAREFSRCS = desc.c digit.c md2c.c md5c.c nn.c prime.c r_dh.c r_encode.c \ + r_enhanc.c r_keygen.c r_random.c r_stdlib.c rsa.c + +# Note: this target is used in a recursive make, with VPATH pointing to source +librsaref.a: + for i in $(RSAREFSRCS); do $(CC) $(CFLAGS) -c $$i; done + $(AR) rc librsaref.a $(RSAREFSRCS:.c=.o) + $(RANLIB) librsaref.a + +# Creates /etc/ssh_host_key +generate-host-key: + -@if test -f $(install_prefix)$(HOST_KEY_FILE); \ + then echo "You already have a host key in $(install_prefix)$(HOST_KEY_FILE)."; \ + else \ + umask 022; echo "Generating 1024 bit host key."; \ + ./ssh-keygen -b 1024 -f $(install_prefix)$(HOST_KEY_FILE) -N ''; \ + fi + +# Creates install directories +make-dirs: + -umask 022; if test '!' -d $(install_prefix)$(prefix); then \ + mkdir $(install_prefix)$(prefix); fi; \ + if test '!' -d $(install_prefix)$(exec_prefix); then \ + mkdir $(install_prefix)$(exec_prefix); fi; \ + if test '!' -d $(install_prefix)$(etcdir); then \ + mkdir $(install_prefix)$(etcdir); fi; \ + if test '!' -d $(install_prefix)$(bindir); then \ + mkdir $(install_prefix)$(bindir); fi; \ + if test '!' -d $(install_prefix)$(sbindir); then \ + mkdir $(install_prefix)$(sbindir); fi; \ + if test '!' -d $(install_prefix)$(mandir); then \ + mkdir $(install_prefix)$(mandir); fi; \ + if test '!' -d $(install_prefix)$(man1dir); then \ + mkdir $(install_prefix)$(man1dir); fi; \ + if test '!' -d $(install_prefix)$(man8dir); then \ + mkdir $(install_prefix)$(man8dir); fi + +# Ssh is much to large and hairy to be installed suid root by +# default. Disabled for now/bg. If you really need rhosts +# authentication do a manual chmod u+s $(install_prefix)$(bindir)/ssh. +# +# Ssh is preferably installed suid root. It can also be used non-root, +# but then it cannot connect from a privileged socket, and rhosts +# authentication will be disabled. +# +# Sshd is not suid root, but should preferably be run as root +# (otherwise it can only log in as the user it runs as, and must be +# bound to a non-privileged port). Also, password authentication may +# not be available if non-root and using shadow passwords. +install: $(PROGRAMS) make-dirs generate-host-key + $(INSTALL_PROGRAM) -o root -m 0755 ssh $(install_prefix)$(bindir)/ssh + -if test "`echo ssh | sed '$(transform)'`" '!=' ssh; then \ + rm -f $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; \ + $(LN_S) ssh \ + $(install_prefix)$(bindir)/`echo ssh | sed '$(transform)'`; fi + rm -f $(install_prefix)$(bindir)/slogin + $(LN_S) ssh $(install_prefix)$(bindir)/slogin + -if test "`echo slogin | sed '$(transform)'`" '!=' slogin; then \ + rm -f $(install_prefix)$(bindir)/`echo slogin | sed '$(transform)'`;\ + $(LN_S) ssh \ + $(install_prefix)$(bindir)/`echo slogin | sed '$(transform)'`; fi + -for p in $(NORMAL_PROGRAMS); do \ + $(INSTALL_PROGRAM) -m 0755 $$p $(install_prefix)$(bindir)/$$p; \ + if test "`echo $$p | sed '$(transform)'`" '!=' $$p; then \ + rm -f $(install_prefix)$(bindir)/`echo $$p | sed '$(transform)'`; \ + $(LN_S) $$p \ + $(install_prefix)$(bindir)/`echo $$p | sed '$(transform)'`; fi; \ + done +# Remove $(etcdir)/sshd_pid as it is now $(bindir)/sshd.pid + -rm -f $(install_prefix)$(etcdir)/sshd_pid +# Remove $(bindir)/sshd to avoid confusion since it is now in $(sbindir) + -rm -f $(install_prefix)$(bindir)/sshd + -rm -f $(install_prefix)$(bindir)/`echo sshd | sed '$(transform)'` + -for p in $(SBIN_PROGRAMS); do \ + $(INSTALL_PROGRAM) -m 0755 $$p $(install_prefix)$(sbindir)/$$p; \ + if test "`echo $$p | sed '$(transform)'`" '!=' $$p; then \ + rm -f $(install_prefix)$(sbindir)/`echo $$p | sed '$(transform)'`;\ + $(LN_S) $$p \ + $(install_prefix)$(sbindir)/`echo $$p | sed '$(transform)'`; fi;\ + done + -for p in $(MAN1PAGES); do \ + $(INSTALL_DATA) -m 0644 $(srcdir)/$$p $(install_prefix)$(man1dir)/$$p ; \ + if test "`echo $$p | sed '$(transform)'`" '!=' $$p; then \ + rm -f $(install_prefix)$(man1dir)/`echo $$p | sed '$(transform)'`;\ + $(LN_S) $$p \ + $(install_prefix)$(man1dir)/`echo $$p | sed '$(transform)'`; \ + fi; \ + done + rm -f $(install_prefix)$(man1dir)/slogin.1 + $(LN_S) ssh.1 $(install_prefix)$(man1dir)/slogin.1 + if test "`echo slogin.1 | sed '$(transform)'`" '!=' slogin.1; then \ + rm -f $(install_prefix)$(man1dir)/`echo slogin.1 | sed '$(transform)'`;\ + $(LN_S) ssh.1 \ + $(install_prefix)$(man1dir)/`echo slogin.1 | sed '$(transform)'`; \ + fi + -for p in $(MAN1GENERATED); do \ + $(INSTALL_DATA) -m 0644 $$p $(install_prefix)$(man1dir)/$$p ; \ + if test "`echo $$p | sed '$(transform)'`" '!=' $$p; then \ + rm -f $(install_prefix)$(man1dir)/`echo $$p | sed '$(transform)'`;\ + $(LN_S) $$p \ + $(install_prefix)$(man1dir)/`echo $$p | sed '$(transform)'`; \ + fi; \ + done + -for p in $(MAN8GENERATED); do \ + $(INSTALL_DATA) -m 0644 $$p $(install_prefix)$(man8dir)/$$p; \ + if test "`echo $$p | sed '$(transform)'`" '!=' $$p; then \ + rm -f $(install_prefix)$(man8dir)/`echo $$p | sed '$(transform)'`;\ + $(LN_S) $$p \ + $(install_prefix)$(man8dir)/`echo $$p | sed '$(transform)'`; fi;\ + done + -if test '!' -f $(install_prefix)$(HOST_CONFIG_FILE); then \ + $(INSTALL_DATA) -m 0644 $(srcdir)/host_config.sample \ + $(install_prefix)$(HOST_CONFIG_FILE); fi + -if test '!' -f $(install_prefix)$(SERVER_CONFIG_FILE); then \ + cat $(srcdir)/server_config.sample | \ + sed "s#_ETCDIR_#$(etcdir)#g" >/tmp/ssh_inst.$$; \ + $(INSTALL_DATA) -m 0644 /tmp/ssh_inst.$$ \ + $(install_prefix)$(SERVER_CONFIG_FILE); \ + rm -f /tmp/ssh_inst.$$; fi + +uninstall: + for p in ssh $(NORMAL_PROGRAMS); do \ + rm -f $(install_prefix)$(bindir)/$$p; \ + rm -f $(install_prefix)$(bindir)/`echo $$p | sed '$(transform)'`; \ + done + for p in $(SBIN_PROGRAMS); do \ + rm -f $(install_prefix)$(sbindir)/$$p; \ + rm -f $(install_prefix)$(sbindir)/`echo $$p | sed '$(transform)'`; \ + done + rm -f $(install_prefix)$(bindir)/slogin + rm -f $(install_prefix)$(bindir)/`echo slogin | sed '$(transform)'` + for p in $(MAN1PAGES) $(MAN1GENERATED); do \ + rm -f $(install_prefix)$(man1dir)/$$p; \ + rm -f $(install_prefix)$(man1dir)/`echo $$p | sed '$(transform)'`; \ + done + for p in $(MAN8GENERATED); do \ + rm -f $(install_prefix)$(man8dir)/$$p; \ + rm -f $(install_prefix)$(man8dir)/`echo $$p | sed '$(transform)'`; \ + done + +clean: + -rm -f *.o minfd.h gmon.out core $(PROGRAMS) gen_minfd rfc-pg +# cd $(RSAREFSRCDIR); rm -f *.o *.a + +distclean: clean + -rm -f Makefile config.status config.cache config.log config.h + -rm -f ssh.1 sshd.8 + +dist: + -rm -rf $(DISTNAME) + -mkdir $(DISTNAME) + cp $(DISTFILES) $(DISTNAME) + -rm -f $(DISTNAME)/config.h +# tar cf - $(RSAREFDIR) | (cd $(DISTNAME); tar xf -) +# cd $(DISTNAME)/$(RSAREFSRCDIR); rm -f *.o *.a + tar cf $(DISTNAME).tar $(DISTNAME) + -rm -f $(DISTNAME).tar.gz + gzip $(DISTNAME).tar + rm -rf $(DISTNAME) + @echo Distribution left in $(DISTNAME).tar.gz +# @echo Incrementing version number... +# @old_version=`sed 's/.*\.\([0-9][0-9]*\)"$$/\1/' version.h`; \ +# new_version=`expr $$old_version + 1`; \ +# (echo "s/\.$$old_version\"/.$$new_version\"/g"; echo w; echo q) | ed version.h >/dev/null + +depend: + $(MAKEDEP) -I$(srcdir) -I. $(GMPINCS) $(ZINCS) $(DEFS) $(SRCS) Index: usr.bin/ssh/Makefile.inc =================================================================== RCS file: /cvs/src/usr.bin/ssh/Makefile.inc,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- usr.bin/ssh/Makefile.inc 1999/10/07 21:45:02 1.10 +++ usr.bin/ssh/Makefile.inc 1999/10/25 20:27:26 1.11 @@ -1 +1,11 @@ CFLAGS+= -I${.CURDIR}/.. + +.include + +.if exists(${.CURDIR}/../lib/${__objdir}) +LDADD+= -L${.CURDIR}/../lib/${__objdir} -lssh +DPADD+= ${.CURDIR}/../lib/${__objdir}/libssh.a +.else +LDADD+= -L${.CURDIR}/../lib -lssh +DPADD+= ${.CURDIR}/../lib/libssh.a +.endif Index: usr.bin/ssh/OVERVIEW =================================================================== RCS file: /cvs/src/usr.bin/ssh/OVERVIEW,v retrieving revision 1.2 retrieving revision 1.5 diff -u -r1.2 -r1.5 --- usr.bin/ssh/OVERVIEW 1999/09/27 21:15:53 1.2 +++ usr.bin/ssh/OVERVIEW 1999/11/20 10:42:35 1.5 @@ -1,8 +1,9 @@ -This document is inteded for those who wish to read the ssh source +This document is intended for those who wish to read the ssh source code. This tries to give an overview of the structure of the code. Copyright (c) 1995 Tatu Ylonen Updated 17 Nov 1995. +Updated 19 Oct 1999 for OpenSSH-1.2 The software consists of ssh (client), sshd (server), scp, sdist, and the auxiliary programs ssh-keygen, ssh-agent, ssh-add, and @@ -22,14 +23,13 @@ Compression Library - - Ssh uses the GNU GZIP compression library (ZLIB). It resides in - the zlib095 subdirectory. + - Ssh uses the GNU GZIP compression library (ZLIB). Encryption/Decryption - Ssh contains several encryption algorithms. These are all accessed through the cipher.h interface. The interface code is - in cipher.c, and the implementations in des.c, ssh_md5.c, rc4.c. + in cipher.c, and the implementations are in libc. Multiple Precision Integer Library @@ -70,11 +70,11 @@ channels inside the secure channel, and uses this framework to implement X11 forwarding, TCP/IP forwarding, and authentication agent forwarding. + The new, Protocol 1.5, channel close implementation is in nchan.c Authentication agent - - Code to communicate with the authentication agent is in - authfd.c. The files gen-minfd.c, minfd.h, minfd.c + - Code to communicate with the authentication agent is in authfd.c. Authentication methods @@ -83,8 +83,7 @@ code is linked into the server. The routines also manipulate known hosts files using code in hostfile.c. Code in canohost.c is used to retrieve the canonical host name of the remote host. - Code in match.c is used to match host names. Code for osf C2 - extended security is in osfc2.c. + Code in match.c is used to match host names. - In the client end, authentication code is in sshconnect.c. It reads Passwords/passphrases using code in readpass.c. It reads Index: usr.bin/ssh/README =================================================================== RCS file: /cvs/src/usr.bin/ssh/README,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- usr.bin/ssh/README 1999/09/26 20:53:32 1.1 +++ usr.bin/ssh/README 1999/11/20 10:42:35 1.2 @@ -1,7 +1,7 @@ Ssh (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and -secure communications over insecure channels. It is inteded as a +secure communications over insecure channels. It is intended as a replacement for rlogin, rsh, rcp, and rdist. See the file INSTALL for installation instructions. See COPYING for Index: usr.bin/ssh/README.AFS-KERBEROS =================================================================== RCS file: README.AFS-KERBEROS diff -N README.AFS-KERBEROS --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsIYFSU31367 Wed Dec 8 12:42:01 1999 @@ -0,0 +1,44 @@ + +ssh-1.2.26-afs-kerberos.patch-1 +AFS, Kerberos v4 support for SSH + +Here are the extra flags to configure, and what they do: + +--with-krb4[=PATH] Compile in Kerberos v4 support: + Kerberos v4 authentication + Kerberos v4 password authentication + Kerberos v4 ~/.klogin authorization + +These are all enabled by the 'KerberosAuthentication' config option. +Kerberos v4 and Kerberos v5 support are mutually exclusive for now. +PATH default is /usr/kerberos. + +--with-hesiod[=PATH] Compile in support for Hesiod: + getpwnam(), getpwuid() replacements + +--with-afs Compile in AFS support (requires KTH krb4): + ticket/token passing + process authentication groups + local Xauthority files (for AFS home dirs) + /ticket TKT_ROOT directory (if it exists) + +Binaries built with AFS support will work just fine on non-AFS machines! +You will need to use the KTH krb4 libs (ftp://ftp.pdc.kth.se/pub/krb/src), +or just their libkafs, also available separately from CMU as libkrbafs +(http://andrew2.andrew.cmu.edu/dist/krbafs.html). + +Additional Kerberos client and server config options (and their defaults): + + KerberosAuthentication yes + KerberosOrLocalPasswd no + KerberosTgtPassing yes + AFSTokenPassing yes + KerberosTicketCleanup yes + +See sshd(8) and ssh(1) for details. + +The latest version of this patch can be found at + + http://www.monkey.org/~dugsong/ssh-afs-kerberos.html + +dugsong@monkey.org Index: usr.bin/ssh/README.DEATTACK =================================================================== RCS file: README.DEATTACK diff -N README.DEATTACK --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsviUUX31367 Wed Dec 8 12:42:01 1999 @@ -0,0 +1,109 @@ +============================================================================ + + CORE SDI S.A. + Buenos Aires, Argentina + + + + SSH insertion attack detection +============================================================================ + + +Crc32 Compensation attack detector +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +This document describes the scope and characteristics of SSH crc32 +compensation attack detector engine. It will inspect an encrypted SSH protocol +1.5 stream for suspicious patterns. If either the server or client is under +attack, the detector closes the conection and logs the attack. + + +Attack characteristics +~~~~~~~~~~~~~~~~~~~~~~ +An attacker, with sniffing and spoofing capabilities on the SSH network stream, may perform an active network attack by constructing a packet using a +known cipher/plaintext pair and computing addditional data to fill the packet +in a way that will produce a valid CRC-32 field and pass as a valid packet when +decryped and integrity checked on the server side. + If the attack succeeds, arbitrary commands will get executed on the server. + + This attack doesnt affect the confidential security characteristics of the +products using this protocols. However, integrity and authentication +of packets can no longer be trusted. + +Solution +~~~~~~~~ + This is not an implementation bug, but a protocol design vulnerability. The +protocol must be updated to use cryptographic strong message authentication +codes. SSH Protocol version 2 as published in [1] includes the use of a real +strong MAC. + However, this will require to update all clients and servers simultaneusly +while disabling compatibility with protocol version 1.5. On many installations +this is not practical. + + A mid-term solution exists, that will help protecting the server from the +auth/integrity vulnerabilities. On most scenarios it will be enough to upgrade +only the servers. + + This approach is based on the fact that an attacker will need to exploit some +of the linear characteristics of the integrity function in order to implement +the attack. In that context, the constructed packets will follow certain +patterns that could be detected on the encrypted stream. + + This is not a general solution, but a countermeasure against a model of all +of the possible attacks that exploits this vulnerabilities. + + The provided patch looks for patterns of repeated ciphered blocks in +each SSH packet received, the performance loss in speed is less 2% in an +uncompressed stream compared to an unpatched server. Memory usage increases +in about 8k per conection. + The chances of reporting a false attack in a 32GB file transfer is around +1 in 2**51. + +Contact information +~~~~~~~~~~~~~~~~~~~ + + These vulnerabilities were discovered by Ariel Futoransky + and Emiliano Kargieman. + + Comments and questions regarding this vulnerability and the fix + should be sent to: + + Ariel Futoransky + Emiliano Kargieman + + For more information about CORE SDI S.A. contact + or visit + + For more information about this problem and related ones visit: + + + + You can contact CORE SDI S.A. at using the + the following PGP key: + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: 2.6.3ia +Comment: Requires PGP version 2.6 or later. + +mQCNAzVgfMgAAAEEAJSfJNdvCwIAc4AK0ckeimubLIwzsRVDRhjPQIOYt/7kxxio +DZybr53fwMEjyT8cHXRL08i0R9rcuFeCNAez6XcalbhqUKXDcLL/cZK80CCDSCs5 +tRCZGGOEBnXQIoyvbvi4gNYhBS5wUvmh3b/mvRFTvhmRrUy9m/nO/LnPTgz1AAUR +tCBDT1JFTEFCUyA8Y29yZWxhYnNAY29yZS1zZGkuY29tPokAlQMFEDVgfMn5zvy5 +z04M9QEBC6ED/0Szt3f54JTvkZG3ezQ8G60HvAw4/A5Ti6i3oze6jsXxzGp6pA1x +i0jaZpKaUSpo0MLc7BcijMKneuUHnN3XtN5YxtFt0aEoot1MIvv4BsdeUb3x257G +3+vr8SxGk44Vm4tfuN8F/2dNo/00yYP9rd3zQ8Tl+gmr5VxnLViZIDuh +=ulRg +-----END PGP PUBLIC KEY BLOCK----- + +Copyright +~~~~~~~~~ + +This file, deattack.c and deattack.h are copyright (c) 1998 +CORE SDI S.A., Buenos Aires, Argentina. All rights reserved. +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that this copyright notice is retained. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES +ARE DISCLAIMED. IN NO EVENT SHALL CORE SDI S.A. BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES RESULTING +FROM THE USE OR MISUSE OF THIS SOFTWARE. + Index: usr.bin/ssh/RFC =================================================================== RCS file: RFC diff -N RFC --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsoUndI31367 Wed Dec 8 12:42:01 1999 @@ -0,0 +1,2187 @@ + + + + + + +Network Working Group T. Ylonen +Internet-Draft Helsinki University of Technology +draft-ylonen-ssh-protocol-00.txt 15 November 1995 +Expires: 15 May 1996 + + + The SSH (Secure Shell) Remote Login Protocol + +Status of This Memo + + This document is an Internet-Draft. Internet-Drafts are working + documents of the Internet Engineering Task Force (IETF), its areas, + and its working groups. Note that other groups may also distribute + working documents as Internet-Drafts. + + Internet-Drafts are draft documents valid for a maximum of six + months and may be updated, replaced, or obsoleted by other docu- + ments at any time. It is inappropriate to use Internet-Drafts as + reference material or to cite them other than as ``work in pro- + gress.'' + + To learn the current status of any Internet-Draft, please check the + ``1id-abstracts.txt'' listing contained in the Internet- Drafts + Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), + munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or + ftp.isi.edu (US West Coast). + + The distribution of this memo is unlimited. + +Introduction + + SSH (Secure Shell) is a program to log into another computer over a + network, to execute commands in a remote machine, and to move files + from one machine to another. It provides strong authentication and + secure communications over insecure networks. Its features include + the following: + + o Closes several security holes (e.g., IP, routing, and DNS spoof- + ing). New authentication methods: .rhosts together with RSA + [RSA] based host authentication, and pure RSA authentication. + + o All communications are automatically and transparently + encrypted. Encryption is also used to protect integrity. + + o X11 connection forwarding provides secure X11 sessions. + + o Arbitrary TCP/IP ports can be redirected over the encrypted + channel in both directions. + + + +Ylonen [Page 1] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + o Client RSA-authenticates the server machine in the beginning of + every connection to prevent trojan horses (by routing or DNS + spoofing) and man-in-the-middle attacks, and the server RSA- + authenticates the client machine before accepting .rhosts or + /etc/hosts.equiv authentication (to prevent DNS, routing, or IP + spoofing). + + o An authentication agent, running in the user's local workstation + or laptop, can be used to hold the user's RSA authentication + keys. + + The goal has been to make the software as easy to use as possible for + ordinary users. The protocol has been designed to be as secure as + possible while making it possible to create implementations that are + easy to use and install. The sample implementation has a number of + convenient features that are not described in this document as they + are not relevant for the protocol. + + +Overview of the Protocol + + The software consists of a server program running on a server + machine, and a client program running on a client machine (plus a few + auxiliary programs). The machines are connected by an insecure IP + [RFC0791] network (that can be monitored, tampered with, and spoofed + by hostile parties). + + A connection is always initiated by the client side. The server + listens on a specific port waiting for connections. Many clients may + connect to the same server machine. + + The client and the server are connected via a TCP/IP [RFC0793] socket + that is used for bidirectional communication. Other types of tran- + sport can be used but are currently not defined. + + When the client connects the server, the server accepts the connec- + tion and responds by sending back its version identification string. + The client parses the server's identification, and sends its own + identification. The purpose of the identification strings is to + validate that the connection was to the correct port, declare the + protocol version number used, and to declare the software version + used on each side (for debugging purposes). The identification + strings are human-readable. If either side fails to understand or + support the other side's version, it closes the connection. + + After the protocol identification phase, both sides switch to a + packet based binary protocol. The server starts by sending its host + key (every host has an RSA key used to authenticate the host), server + + + +Ylonen [Page 2] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + key (an RSA key regenerated every hour), and other information to the + client. The client then generates a 256 bit session key, encrypts it + using both RSA keys (see below for details), and sends the encrypted + session key and selected cipher type to the server. Both sides then + turn on encryption using the selected algorithm and key. The server + sends an encrypted confirmation message to the client. + + The client then authenticates itself using any of a number of authen- + tication methods. The currently supported authentication methods are + .rhosts or /etc/hosts.equiv authentication (disabled by default), the + same with RSA-based host authentication, RSA authentication, and + password authentication. + + After successful authentication, the client makes a number of + requests to prepare for the session. Typical requests include allo- + cating a pseudo tty, starting X11 [X11] or TCP/IP port forwarding, + starting authentication agent forwarding, and executing the shell or + a command. + + When a shell or command is executed, the connection enters interac- + tive session mode. In this mode, data is passed in both directions, + new forwarded connections may be opened, etc. The interactive ses- + sion normally terminates when the server sends the exit status of the + program to the client. + + + The protocol makes several reservations for future extensibility. + First of all, the initial protocol identification messages include + the protocol version number. Second, the first packet by both sides + includes a protocol flags field, which can be used to agree on exten- + sions in a compatible manner. Third, the authentication and session + preparation phases work so that the client sends requests to the + server, and the server responds with success or failure. If the + client sends a request that the server does not support, the server + simply returns failure for it. This permits compatible addition of + new authentication methods and preparation operations. The interac- + tive session phase, on the other hand, works asynchronously and does + not permit the use of any extensions (because there is no easy and + reliable way to signal rejection to the other side and problems would + be hard to debug). Any compatible extensions to this phase must be + agreed upon during any of the earlier phases. + +The Binary Packet Protocol + + After the protocol identification strings, both sides only send spe- + cially formatted packets. The packet layout is as follows: + + o Packet length: 32 bit unsigned integer, coded as four 8-bit + + + +Ylonen [Page 3] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + bytes, msb first. Gives the length of the packet, not including + the length field and padding. The maximum length of a packet + (not including the length field and padding) is 262144 bytes. + + o Padding: 1-8 bytes of random data (or zeroes if not encrypting). + The amount of padding is (8 - (length % 8)) bytes (where % + stands for the modulo operator). The rationale for always hav- + ing some random padding at the beginning of each packet is to + make known plaintext attacks more difficult. + + o Packet type: 8-bit unsigned byte. The value 255 is reserved for + future extension. + + o Data: binary data bytes, depending on the packet type. The + number of data bytes is the "length" field minus 5. + + o Check bytes: 32-bit crc, four 8-bit bytes, msb first. The crc + is the Cyclic Redundancy Check, with the polynomial 0xedb88320, + of the Padding, Packet type, and Data fields. The crc is com- + puted before any encryption. + + The packet, except for the length field, may be encrypted using any + of a number of algorithms. The length of the encrypted part (Padding + + Type + Data + Check) is always a multiple of 8 bytes. Typically + the cipher is used in a chained mode, with all packets chained + together as if it was a single data stream (the length field is never + included in the encryption process). Details of encryption are + described below. + + When the session starts, encryption is turned off. Encryption is + enabled after the client has sent the session key. The encryption + algorithm to use is selected by the client. + + +Packet Compression + + If compression is supported (it is an optional feature, see + SSH_CMSG_REQUEST_COMPRESSION below), the packet type and data fields + of the packet are compressed using the gzip deflate algorithm [GZIP]. + If compression is in effect, the packet length field indicates the + length of the compressed data, plus 4 for the crc. The amount of + padding is computed from the compressed data, so that the amount of + data to be encrypted becomes a multiple of 8 bytes. + + When compressing, the packets (type + data portions) in each direc- + tion are compressed as if they formed a continuous data stream, with + only the current compression block flushed between packets. This + corresponds to the GNU ZLIB library Z_PARTIAL_FLUSH option. The + + + +Ylonen [Page 4] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + compression dictionary is not flushed between packets. The two + directions are compressed independently of each other. + + +Packet Encryption + + The protocol supports several encryption methods. During session + initialization, the server sends a bitmask of all encryption methods + that it supports, and the client selects one of these methods. The + client also generates a 256-bit random session key (32 8-bit bytes) + and sends it to the server. + + The encryption methods supported by the current implementation, and + their codes are: + + SSH_CIPHER_NONE 0 No encryption + SSH_CIPHER_IDEA 1 IDEA in CFB mode + SSH_CIPHER_DES 2 DES in CBC mode + SSH_CIPHER_3DES 3 Triple-DES in CBC mode + SSH_CIPHER_TSS 4 An experimental stream cipher + SSH_CIPHER_RC4 5 RC4 + + + All implementations are required to support SSH_CIPHER_DES and + SSH_CIPHER_3DES. Supporting SSH_CIPHER_IDEA, SSH_CIPHER_RC4, and + SSH_CIPHER_NONE is recommended. Support for SSH_CIPHER_TSS is + optional (and it is not described in this document). Other ciphers + may be added at a later time; support for them is optional. + + For encryption, the encrypted portion of the packet is considered a + linear byte stream. The length of the stream is always a multiple of + 8. The encrypted portions of consecutive packets (in the same direc- + tion) are encrypted as if they were a continuous buffer (that is, any + initialization vectors are passed from the previous packet to the + next packet). Data in each direction is encrypted independently. + + SSH_CIPHER_DES + The key is taken from the first 8 bytes of the session key. The + least significant bit of each byte is ignored. This results in + 56 bits of key data. DES [DES] is used in CBC mode. The iv + (initialization vector) is initialized to all zeroes. + + SSH_CIPHER_3DES + The variant of triple-DES used here works as follows: there are + three independent DES-CBC ciphers, with independent initializa- + tion vectors. The data (the whole encrypted data stream) is + first encrypted with the first cipher, then decrypted with the + second cipher, and finally encrypted with the third cipher. All + + + +Ylonen [Page 5] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + these operations are performed in CBC mode. + + The key for the first cipher is taken from the first 8 bytes of + the session key; the key for the next cipher from the next 8 + bytes, and the key for the third cipher from the following 8 + bytes. All three initialization vectors are initialized to + zero. + + (Note: the variant of 3DES used here differs from some other + descriptions.) + + SSH_CIPHER_IDEA + The key is taken from the first 16 bytes of the session key. + IDEA [IDEA] is used in CFB mode. The initialization vector is + initialized to all zeroes. + + SSH_CIPHER_TSS + All 32 bytes of the session key are used as the key. + + There is no reference available for the TSS algorithm; it is + currently only documented in the sample implementation source + code. The security of this cipher is unknown (but it is quite + fast). The cipher is basically a stream cipher that uses MD5 as + a random number generator and takes feedback from the data. + + SSH_CIPHER_RC4 + The first 16 bytes of the session key are used as the key for + the server to client direction. The remaining 16 bytes are used + as the key for the client to server direction. This gives + independent 128-bit keys for each direction. + + This algorithm is the alleged RC4 cipher posted to the Usenet in + 1995. It is widely believed to be equivalent with the original + RSADSI RC4 cipher. This is a very fast algorithm. + + +Data Type Encodings + + The Data field of each packet contains data encoded as described in + this section. There may be several data items; each item is coded as + described here, and their representations are concatenated together + (without any alignment or padding). + + Each data type is stored as follows: + + 8-bit byte + The byte is stored directly as a single byte. + + + + +Ylonen [Page 6] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + 32-bit unsigned integer + Stored in 4 bytes, msb first. + + Arbitrary length binary string + First 4 bytes are the length of the string, msb first (not + including the length itself). The following "length" bytes are + the string value. There are no terminating null characters. + + Multiple-precision integer + First 2 bytes are the number of bits in the integer, msb first + (for example, the value 0x00012345 would have 17 bits). The + value zero has zero bits. It is permissible that the number of + bits be larger than the real number of bits. + + The number of bits is followed by (bits + 7) / 8 bytes of binary + data, msb first, giving the value of the integer. + + +TCP/IP Port Number and Other Options + + The server listens for connections on TCP/IP port 22. + + The client may connect the server from any port. However, if the + client wishes to use any form of .rhosts or /etc/hosts.equiv authen- + tication, it must connect from a privileged port (less than 1024). + + For the IP Type of Service field [RFC0791], it is recommended that + interactive sessions (those having a user terminal or forwarding X11 + connections) use the IPTOS_LOWDELAY, and non-interactive connections + use IPTOS_THROUGHPUT. + + It is recommended that keepalives are used, because otherwise pro- + grams on the server may never notice if the other end of the connec- + tion is rebooted. + + +Protocol Version Identification + + After the socket is opened, the server sends an identification + string, which is of the form "SSH-.- + \n", where and are integers + and specify the protocol version number (not software distribution + version). is server side software version string (max 40 + characters); it is not interpreted by the remote side but may be use- + ful for debugging. + + The client parses the server's string, and sends a corresponding + string with its own information in response. If the server has lower + + + +Ylonen [Page 7] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + version number, and the client contains special code to emulate it, + the client responds with the lower number; otherwise it responds with + its own number. The server then compares the version number the + client sent with its own, and determines whether they can work + together. The server either disconnects, or sends the first packet + using the binary packet protocol and both sides start working accord- + ing to the lower of the protocol versions. + + By convention, changes which keep the protocol compatible with previ- + ous versions keep the same major protocol version; changes that are + not compatible increment the major version (which will hopefully + never happen). The version described in this document is 1.3. + + The client will + +Key Exchange and Server Host Authentication + + The first message sent by the server using the packet protocol is + SSH_SMSG_PUBLIC_KEY. It declares the server's host key, server pub- + lic key, supported ciphers, supported authentication methods, and + flags for protocol extensions. It also contains a 64-bit random + number (cookie) that must be returned in the client's reply (to make + IP spoofing more difficult). No encryption is used for this message. + + Both sides compute a session id as follows. The modulus of the + server key is interpreted as a byte string (without explicit length + field, with minimum length able to hold the whole value), most signi- + ficant byte first. This string is concatenated with the server host + key interpreted the same way. Additionally, the cookie is con- + catenated with this. Both sides compute MD5 of the resulting string. + The resulting 16 bytes (128 bits) are stored by both parties and are + called the session id. + + The client responds with a SSH_CMSG_SESSION_KEY message, which con- + tains the selected cipher type, a copy of the 64-bit cookie sent by + the server, client's protocol flags, and a session key encrypted with + both the server's host key and server key. No encryption is used for + this message. + + The session key is 32 8-bit bytes (a total of 256 random bits gen- + erated by the client). The client first xors the 16 bytes of the + session id with the first 16 bytes of the session key. The resulting + string is then encrypted using the smaller key (one with smaller + modulus), and the result is then encrypted using the other key. The + number of bits in the public modulus of the two keys must differ by + at least 128 bits. + + At each encryption step, a multiple-precision integer is constructed + + + +Ylonen [Page 8] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + from the data to be encrypted as follows (the integer is here inter- + preted as a sequence of bytes, msb first; the number of bytes is the + number of bytes needed to represent the modulus). + + The most significant byte (which is only partial as the value must be + less than the public modulus, which is never a power of two) is zero. + + The next byte contains the value 2 (which stands for public-key + encrypted data in the PKCS standard [PKCS#1]). Then, there are non- + zero random bytes to fill any unused space, a zero byte, and the data + to be encrypted in the least significant bytes, the last byte of the + data in the least significant byte. + + This algorithm is used twice. First, it is used to encrypt the 32 + random bytes generated by the client to be used as the session key + (xored by the session id). This value is converted to an integer as + described above, and encrypted with RSA using the key with the + smaller modulus. The resulting integer is converted to a byte + stream, msb first. This byte stream is padded and encrypted identi- + cally using the key with the larger modulus. + + After the client has sent the session key, it starts to use the + selected algorithm and key for decrypting any received packets, and + for encrypting any sent packets. Separate ciphers are used for dif- + ferent directions (that is, both directions have separate initializa- + tion vectors or other state for the ciphers). + + When the server has received the session key message, and has turned + on encryption, it sends a SSH_SMSG_SUCCESS message to the client. + + The recommended size of the host key is 1024 bits, and 768 bits for + the server key. The minimum size is 512 bits for the smaller key. + + +Declaring the User Name + + The client then sends a SSH_CMSG_USER message to the server. This + message specifies the user name to log in as. + + The server validates that such a user exists, checks whether authen- + tication is needed, and responds with either SSH_SMSG_SUCCESS or + SSH_SMSG_FAILURE. SSH_SMSG_SUCCESS indicates that no authentication + is needed for this user (no password), and authentication phase has + now been completed. SSH_SMSG_FAILURE indicates that authentication + is needed (or the user does not exist). + + If the user does not exist, it is recommended that this returns + failure, but the server keeps reading messages from the client, and + + + +Ylonen [Page 9] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + responds to any messages (except SSH_MSG_DISCONNECT, SSH_MSG_IGNORE, + and SSH_MSG_DEBUG) with SSH_SMSG_FAILURE. This way the client cannot + be certain whether the user exists. + + +Authentication Phase + + Provided the server didn't immediately accept the login, an authenti- + cation exchange begins. The client sends messages to the server + requesting different types of authentication in arbitrary order as + many times as desired (however, the server may close the connection + after a timeout). The server always responds with SSH_SMSG_SUCCESS + if it has accepted the authentication, and with SSH_SMSG_FAILURE if + it has denied authentication with the requested method or it does not + recognize the message. Some authentication methods cause an exchange + of further messages before the final result is sent. The authentica- + tion phase ends when the server responds with success. + + The recommended value for the authentication timeout (timeout before + disconnecting if no successful authentication has been made) is 5 + minutes. + + The following authentication methods are currently supported: + + SSH_AUTH_RHOSTS 1 .rhosts or /etc/hosts.equiv + SSH_AUTH_RSA 2 pure RSA authentication + SSH_AUTH_PASSWORD 3 password authentication + SSH_AUTH_RHOSTS_RSA 4 .rhosts with RSA host authentication + + + SSH_AUTH_RHOSTS + + This is the authentication method used by rlogin and rsh + [RFC1282]. + + The client sends SSH_CMSG_AUTH_RHOSTS with the client-side user + name as an argument. + + The server checks whether to permit authentication. On UNIX + systems, this is usually done by checking /etc/hosts.equiv, and + .rhosts in the user's home directory. The connection must come + from a privileged port. + + It is recommended that the server checks that there are no IP + options (such as source routing) specified for the socket before + accepting this type of authentication. The client host name + should be reverse-mapped and then forward mapped to ensure that + it has the proper IP-address. + + + +Ylonen [Page 10] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + This authentication method trusts the remote host (root on the + remote host can pretend to be any other user on that host), the + name services, and partially the network: anyone who can see + packets coming out from the server machine can do IP-spoofing + and pretend to be any machine; however, the protocol prevents + blind IP-spoofing (which used to be possible with rlogin). + + Many sites probably want to disable this authentication method + because of the fundamental insecurity of conventional .rhosts or + /etc/hosts.equiv authentication when faced with spoofing. It is + recommended that this method not be supported by the server by + default. + + SSH_AUTH_RHOSTS_RSA + + In addition to conventional .rhosts and hosts.equiv authentica- + tion, this method additionally requires that the client host be + authenticated using RSA. + + The client sends SSH_CMSG_AUTH_RHOSTS_RSA specifying the + client-side user name, and the public host key of the client + host. + + The server first checks if normal .rhosts or /etc/hosts.equiv + authentication would be accepted, and if not, responds with + SSH_SMSG_FAILURE. Otherwise, it checks whether it knows the + host key for the client machine (using the same name for the + host that was used for checking the .rhosts and /etc/hosts.equiv + files). If it does not know the RSA key for the client, access + is denied and SSH_SMSG_FAILURE is sent. + + If the server knows the host key of the client machine, it veri- + fies that the given host key matches that known for the client. + If not, access is denied and SSH_SMSG_FAILURE is sent. + + The server then sends a SSH_SMSG_AUTH_RSA_CHALLENGE message con- + taining an encrypted challenge for the client. The challenge is + 32 8-bit random bytes (256 bits). When encrypted, the highest + (partial) byte is left as zero, the next byte contains the value + 2, the following are non-zero random bytes, followed by a zero + byte, and the challenge put in the remaining bytes. This is + then encrypted using RSA with the client host's public key. + (The padding and encryption algorithm is the same as that used + for the session key.) + + The client decrypts the challenge using its private host key, + concatenates this with the session id, and computes an MD5 + checksum of the resulting 48 bytes. The MD5 output is returned + + + +Ylonen [Page 11] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + as 16 bytes in a SSH_CMSG_AUTH_RSA_RESPONSE message. (MD5 is + used to deter chosen plaintext attacks against RSA; the session + id binds it to a specific session). + + The server verifies that the MD5 of the decrypted challenge + returned by the client matches that of the original value, and + sends SSH_SMSG_SUCCESS if so. Otherwise it sends + SSH_SMSG_FAILURE and refuses the authentication attempt. + + This authentication method trusts the client side machine in + that root on that machine can pretend to be any user on that + machine. Additionally, it trusts the client host key. The name + and/or IP address of the client host is only used to select the + public host key. The same host name is used when scanning + .rhosts or /etc/hosts.equiv and when selecting the host key. It + would in principle be possible to eliminate the host name + entirely and substitute it directly by the host key. IP and/or + DNS [RFC1034] spoofing can only be used to pretend to be a host + for which the attacker has the private host key. + + SSH_AUTH_RSA + + The idea behind RSA authentication is that the server recognizes + the public key offered by the client, generates a random chal- + lenge, and encrypts the challenge with the public key. The + client must then prove that it has the corresponding private key + by decrypting the challenge. + + The client sends SSH_CMSG_AUTH_RSA with public key modulus (n) + as an argument. + + The server may respond immediately with SSH_SMSG_FAILURE if it + does not permit authentication with this key. Otherwise it gen- + erates a challenge, encrypts it using the user's public key + (stored on the server and identified using the modulus), and + sends SSH_SMSG_AUTH_RSA_CHALLENGE with the challenge (mp-int) as + an argument. + + The challenge is 32 8-bit random bytes (256 bits). When + encrypted, the highest (partial) byte is left as zero, the next + byte contains the value 2, the following are non-zero random + bytes, followed by a zero byte, and the challenge put in the + remaining bytes. This is then encrypted with the public key. + (The padding and encryption algorithm is the same as that used + for the session key.) + + The client decrypts the challenge using its private key, con- + catenates it with the session id, and computes an MD5 checksum + + + +Ylonen [Page 12] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + of the resulting 48 bytes. The MD5 output is returned as 16 + bytes in a SSH_CMSG_AUTH_RSA_RESPONSE message. (Note that the + MD5 is necessary to avoid chosen plaintext attacks against RSA; + the session id binds it to a specific session.) + + The server verifies that the MD5 of the decrypted challenge + returned by the client matches that of the original value, and + sends SSH_SMSG_SUCCESS if so. Otherwise it sends + SSH_SMSG_FAILURE and refuses the authentication attempt. + + This authentication method does not trust the remote host, the + network, name services, or anything else. Authentication is + based solely on the possession of the private identification + keys. Anyone in possession of the private keys can log in, but + nobody else. + + The server may have additional requirements for a successful + authentiation. For example, to limit damage due to a comprom- + ised RSA key, a server might restrict access to a limited set of + hosts. + + SSH_AUTH_PASSWORD + + The client sends a SSH_CMSG_AUTH_PASSWORD message with the plain + text password. (Note that even though the password is plain + text inside the message, it is normally encrypted by the packet + mechanism.) + + The server verifies the password, and sends SSH_SMSG_SUCCESS if + authentication was accepted and SSH_SMSG_FAILURE otherwise. + + Note that the password is read from the user by the client; the + user never interacts with a login program. + + This authentication method does not trust the remote host, the + network, name services or anything else. Authentication is + based solely on the possession of the password. Anyone in pos- + session of the password can log in, but nobody else. + +Preparatory Operations + + After successful authentication, the server waits for a request from + the client, processes the request, and responds with SSH_SMSG_SUCCESS + whenever a request has been successfully processed. If it receives a + message that it does not recognize or it fails to honor a request, it + returns SSH_SMSG_FAILURE. It is expected that new message types + might be added to this phase in future. + + + + +Ylonen [Page 13] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + The following messages are currently defined for this phase. + + SSH_CMSG_REQUEST_COMPRESSION + Requests that compression be enabled for this session. A gzip- + compatible compression level (1-9) is passed as an argument. + + SSH_CMSG_REQUEST_PTY + Requests that a pseudo terminal device be allocated for this + session. The user terminal type and terminal modes are supplied + as arguments. + + SSH_CMSG_X11_REQUEST_FORWARDING + Requests forwarding of X11 connections from the remote machine + to the local machine over the secure channel. Causes an + internet-domain socket to be allocated and the DISPLAY variable + to be set on the server. X11 authentication data is automati- + cally passed to the server, and the client may implement spoof- + ing of authentication data for added security. The authentica- + tion data is passed as arguments. + + SSH_CMSG_PORT_FORWARD_REQUEST + Requests forwarding of a TCP/IP port on the server host over the + secure channel. What happens is that whenever a connection is + made to the port on the server, a connection will be made from + the client end to the specified host/port. Any user can forward + unprivileged ports; only the root can forward privileged ports + (as determined by authentication done earlier). + + SSH_CMSG_AGENT_REQUEST_FORWARDING + Requests forwarding of the connection to the authentication + agent. + + SSH_CMSG_EXEC_SHELL + Starts a shell (command interpreter) for the user, and moves + into interactive session mode. + + SSH_CMSG_EXEC_CMD + Executes the given command (actually " -c " or + equivalent) for the user, and moves into interactive session + mode. + + +Interactive Session and Exchange of Data + + During the interactive session, any data written by the shell or com- + mand running on the server machine is forwarded to stdin or stderr on + the client machine, and any input available from stdin on the client + machine is forwarded to the program on the server machine. + + + +Ylonen [Page 14] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + All exchange is asynchronous; either side can send at any time, and + there are no acknowledgements (TCP/IP already provides reliable tran- + sport, and the packet protocol protects against tampering or IP + spoofing). + + When the client receives EOF from its standard input, it will send + SSH_CMSG_EOF; however, this in no way terminates the exchange. The + exchange terminates and interactive mode is left when the server + sends SSH_SMSG_EXITSTATUS to indicate that the client program has + terminated. Alternatively, either side may disconnect at any time by + sending SSH_MSG_DISCONNECT or closing the connection. + + The server may send any of the following messages: + + SSH_SMSG_STDOUT_DATA + Data written to stdout by the program running on the server. + The data is passed as a string argument. The client writes this + data to stdout. + + SSH_SMSG_STDERR_DATA + Data written to stderr by the program running on the server. + The data is passed as a string argument. The client writes this + data to stderr. (Note that if the program is running on a tty, + it is not possible to separate stdout and stderr data, and all + data will be sent as stdout data.) + + SSH_SMSG_EXITSTATUS + Indicates that the shell or command has exited. Exit status is + passed as an integer argument. This message causes termination + of the interactive session. + + SSH_SMSG_AGENT_OPEN + Indicates that someone on the server side is requesting a con- + nection to the authentication agent. The server-side channel + number is passed as an argument. The client must respond with + either SSH_CHANNEL_OPEN_CONFIRMATION or + SSH_CHANNEL_OPEN_FAILURE. + + SSH_SMSG_X11_OPEN + Indicates that a connection has been made to the X11 socket on + the server side and should be forwarded to the real X server. + An integer argument indicates the channel number allocated for + this connection on the server side. The client should send back + either SSH_MSG_CHANNEL_OPEN_CONFIRMATION or + SSH_MSG_CHANNEL_OPEN_FAILURE with the same server side channel + number. + + SSH_MSG_PORT_OPEN + + + +Ylonen [Page 15] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + Indicates that a connection has been made to a port on the + server side for which forwarding has been requested. Arguments + are server side channel number, host name to connect to, and + port to connect to. The client should send back either + SSH_MSG_CHANNEL_OPEN_CONFIRMATION or + SSH_MSG_CHANNEL_OPEN_FAILURE with the same server side channel + number. + + SSH_MSG_CHANNEL_OPEN_CONFIRMATION + This is sent by the server to indicate that it has opened a con- + nection as requested in a previous message. The first argument + indicates the client side channel number, and the second argu- + ment is the channel number that the server has allocated for + this connection. + + SSH_MSG_CHANNEL_OPEN_FAILURE + This is sent by the server to indicate that it failed to open a + connection as requested in a previous message. The client-side + channel number is passed as an argument. The client will close + the descriptor associated with the channel and free the channel. + + SSH_MSG_CHANNEL_DATA + This packet contains data for a channel from the server. The + first argument is the client-side channel number, and the second + argument (a string) is the data. + + SSH_MSG_CHANNEL_CLOSE + This is sent by the server to indicate that whoever was in the + other end of the channel has closed it. The argument is the + client side channel number. The client will let all buffered + data in the channel to drain, and when ready, will close the + socket, free the channel, and send the server a + SSH_MSG_CHANNEL_CLOSE_CONFIRMATION message for the channel. + + SSH_MSG_CHANNEL_CLOSE_CONFIRMATION + This is send by the server to indicate that a channel previously + closed by the client has now been closed on the server side as + well. The argument indicates the client channel number. The + client frees the channel. + + The client may send any of the following messages: + + SSH_CMSG_STDIN_DATA + This is data to be sent as input to the program running on the + server. The data is passed as a string. + + SSH_CMSG_EOF + Indicates that the client has encountered EOF while reading + + + +Ylonen [Page 16] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + standard input. The server will allow any buffered input data + to drain, and will then close the input to the program. + + SSH_CMSG_WINDOW_SIZE + Indicates that window size on the client has been changed. The + server updates the window size of the tty and causes SIGWINCH to + be sent to the program. The new window size is passed as four + integer arguments: row, col, xpixel, ypixel. + + SSH_MSG_PORT_OPEN + Indicates that a connection has been made to a port on the + client side for which forwarding has been requested. Arguments + are client side channel number, host name to connect to, and + port to connect to. The server should send back either + SSH_MSG_CHANNEL_OPEN_CONFIRMATION or + SSH_MSG_CHANNEL_OPEN_FAILURE with the same client side channel + number. + + SSH_MSG_CHANNEL_OPEN_CONFIRMATION + This is sent by the client to indicate that it has opened a con- + nection as requested in a previous message. The first argument + indicates the server side channel number, and the second argu- + ment is the channel number that the client has allocated for + this connection. + + SSH_MSG_CHANNEL_OPEN_FAILURE + This is sent by the client to indicate that it failed to open a + connection as requested in a previous message. The server side + channel number is passed as an argument. The server will close + the descriptor associated with the channel and free the channel. + + SSH_MSG_CHANNEL_DATA + This packet contains data for a channel from the client. The + first argument is the server side channel number, and the second + argument (a string) is the data. + + SSH_MSG_CHANNEL_CLOSE + This is sent by the client to indicate that whoever was in the + other end of the channel has closed it. The argument is the + server channel number. The server will allow buffered data to + drain, and when ready, will close the socket, free the channel, + and send the client a SSH_MSG_CHANNEL_CLOSE_CONFIRMATION message + for the channel. + + SSH_MSG_CHANNEL_CLOSE_CONFIRMATION + This is send by the client to indicate that a channel previously + closed by the server has now been closed on the client side as + well. The argument indicates the server channel number. The + + + +Ylonen [Page 17] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + server frees the channel. + + Any unsupported messages during interactive mode cause the connection + to be terminated with SSH_MSG_DISCONNECT and an error message. Com- + patible protocol upgrades should agree about any extensions during + the preparation phase or earlier. + + +Termination of the Connection + + Normal termination of the connection is always initiated by the + server by sending SSH_SMSG_EXITSTATUS after the program has exited. + The client responds to this message by sending + SSH_CMSG_EXIT_CONFIRMATION and closes the socket; the server then + closes the socket. There are two purposes for the confirmation: some + systems may lose previously sent data when the socket is closed, and + closing the client side first causes any TCP/IP TIME_WAIT [RFC0793] + waits to occur on the client side, not consuming server resources. + + If the program terminates due to a signal, the server will send + SSH_MSG_DISCONNECT with an appropriate message. If the connection is + closed, all file descriptors to the program will be closed and the + server will exit. If the program runs on a tty, the kernel sends it + the SIGHUP signal when the pty master side is closed. + +Protocol Flags + + Both the server and the client pass 32 bits of protocol flags to the + other side. The flags are intended for compatible protocol exten- + sion; the server first announces which added capabilities it sup- + ports, and the client then sends the capabilities that it supports. + + The following flags are currently defined (the values are bit masks): + + 1 SSH_PROTOFLAG_SCREEN_NUMBER + This flag can only be sent by the client. It indicates that the + X11 forwarding requests it sends will include the screen number. + + 2 SSH_PROTOFLAG_HOST_IN_FWD_OPEN + If both sides specify this flag, SSH_SMSG_X11_OPEN and + SSH_MSG_PORT_OPEN messages will contain an additional field con- + taining a description of the host at the other end of the con- + nection. + +Detailed Description of Packet Types and Formats + + The supported packet types and the corresponding message numbers are + given in the following table. Messages with _MSG_ in their name may + + + +Ylonen [Page 18] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + be sent by either side. Messages with _CMSG_ are only sent by the + client, and messages with _SMSG_ only by the server. + + A packet may contain additional data after the arguments specified + below. Any such data should be ignored by the receiver. However, it + is recommended that no such data be stored without good reason. + (This helps build compatible extensions.) + + 0 SSH_MSG_NONE + This code is reserved. This message type is never sent. + + 1 SSH_MSG_DISCONNECT + + string Cause of disconnection + + This message may be sent by either party at any time. It causes + the immediate disconnection of the connection. The message is + intended to be displayed to a human, and describes the reason + for disconnection. + + 2 SSH_SMSG_PUBLIC_KEY + + 8 bytes anti_spoofing_cookie + 32-bit int server_key_bits + mp-int server_key_public_exponent + mp-int server_key_public_modulus + 32-bit int host_key_bits + mp-int host_key_public_exponent + mp-int host_key_public_modulus + 32-bit int protocol_flags + 32-bit int supported_ciphers_mask + 32-bit int supported_authentications_mask + + Sent as the first message by the server. This message gives the + server's host key, server key, protocol flags (intended for com- + patible protocol extension), supported_ciphers_mask (which is + the bitwise or of (1 << cipher_number), where << is the left + shift operator, for all supported ciphers), and + supported_authentications_mask (which is the bitwise or of (1 << + authentication_type) for all supported authentication types). + The anti_spoofing_cookie is 64 random bytes, and must be sent + back verbatim by the client in its reply. It is used to make + IP-spoofing more difficult (encryption and host keys are the + real defense against spoofing). + + 3 SSH_CMSG_SESSION_KEY + + 1 byte cipher_type (must be one of the supported values) + + + +Ylonen [Page 19] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + 8 bytes anti_spoofing_cookie (must match data sent by the server) + mp-int double-encrypted session key + 32-bit int protocol_flags + + Sent by the client as the first message in the session. Selects + the cipher to use, and sends the encrypted session key to the + server. The anti_spoofing_cookie must be the same bytes that + were sent by the server. Protocol_flags is intended for nego- + tiating compatible protocol extensions. + + 4 SSH_CMSG_USER + + string user login name on server + + Sent by the client to begin authentication. Specifies the user + name on the server to log in as. The server responds with + SSH_SMSG_SUCCESS if no authentication is needed for this user, + or SSH_SMSG_FAILURE if authentication is needed (or the user + does not exist). [Note to the implementator: the user name is + of arbitrary size. The implementation must be careful not to + overflow internal buffers.] + + 5 SSH_CMSG_AUTH_RHOSTS + + string client-side user name + + Requests authentication using /etc/hosts.equiv and .rhosts (or + equivalent mechanisms). This authentication method is normally + disabled in the server because it is not secure (but this is the + method used by rsh and rlogin). The server responds with + SSH_SMSG_SUCCESS if authentication was successful, and + SSH_SMSG_FAILURE if access was not granted. The server should + check that the client side port number is less than 1024 (a + privileged port), and immediately reject authentication if it is + not. Supporting this authentication method is optional. This + method should normally not be enabled in the server because it + is not safe. (However, not enabling this only helps if rlogind + and rshd are disabled.) + + 6 SSH_CMSG_AUTH_RSA + + mp-int identity_public_modulus + + Requests authentication using pure RSA authentication. The + server checks if the given key is permitted to log in, and if + so, responds with SSH_SMSG_AUTH_RSA_CHALLENGE. Otherwise, it + responds with SSH_SMSG_FAILURE. The client often tries several + different keys in sequence until one supported by the server is + + + +Ylonen [Page 20] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + found. Authentication is accepted if the client gives the + correct response to the challenge. The server is free to add + other criteria for authentication, such as a requirement that + the connection must come from a certain host. Such additions + are not visible at the protocol level. Supporting this authen- + tication method is optional but recommended. + + 7 SSH_SMSG_AUTH_RSA_CHALLENGE + + mp-int encrypted challenge + + Presents an RSA authentication challenge to the client. The + challenge is a 256-bit random value encrypted as described else- + where in this document. The client must decrypt the challenge + using the RSA private key, compute MD5 of the challenge plus + session id, and send back the resulting 16 bytes using + SSH_CMSG_AUTH_RSA_RESPONSE. + + 8 SSH_CMSG_AUTH_RSA_RESPONSE + + 16 bytes MD5 of decrypted challenge + + This message is sent by the client in response to an RSA chal- + lenge. The MD5 checksum is returned instead of the decrypted + challenge to deter known-plaintext attacks against the RSA key. + The server responds to this message with either SSH_SMSG_SUCCESS + or SSH_SMSG_FAILURE. + + 9 SSH_CMSG_AUTH_PASSWORD + + string plain text password + + Requests password authentication using the given password. Note + that even though the password is plain text inside the packet, + the whole packet is normally encrypted by the packet layer. It + would not be possible for the client to perform password + encryption/hashing, because it cannot know which kind of + encryption/hashing, if any, the server uses. The server + responds to this message with SSH_SMSG_SUCCESS or + SSH_SMSG_FAILURE. + + 10 SSH_CMSG_REQUEST_PTY + + string TERM environment variable value (e.g. vt100) + 32-bit int terminal height, rows (e.g., 24) + 32-bit int terminal width, columns (e.g., 80) + 32-bit int terminal width, pixels (0 if no graphics) (e.g., 480) + 32-bit int terminal height, pixels (0 if no graphics) (e.g., 640) + + + +Ylonen [Page 21] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + n bytes tty modes encoded in binary + + Requests a pseudo-terminal to be allocated for this command. + This message can be used regardless of whether the session will + later execute the shell or a command. If a pty has been + requested with this message, the shell or command will run on a + pty. Otherwise it will communicate with the server using pipes, + sockets or some other similar mechanism. + + The terminal type gives the type of the user's terminal. In the + UNIX environment it is passed to the shell or command in the + TERM environment variable. + + The width and height values give the initial size of the user's + terminal or window. All values can be zero if not supported by + the operating system. The server will pass these values to the + kernel if supported. + + Terminal modes are encoded into a byte stream in a portable for- + mat. The exact format is described later in this document. + + The server responds to the request with either SSH_SMSG_SUCCESS + or SSH_SMSG_FAILURE. If the server does not have the concept of + pseudo terminals, it should return success if it is possible to + execute a shell or a command so that it looks to the client as + if it was running on a pseudo terminal. + + 11 SSH_CMSG_WINDOW_SIZE + + 32-bit int terminal height, rows + 32-bit int terminal width, columns + 32-bit int terminal width, pixels + 32-bit int terminal height, pixels + + This message can only be sent by the client during the interac- + tive session. This indicates that the size of the user's window + has changed, and provides the new size. The server will update + the kernel's notion of the window size, and a SIGWINCH signal or + equivalent will be sent to the shell or command (if supported by + the operating system). + + 12 SSH_CMSG_EXEC_SHELL + + (no arguments) + + Starts a shell (command interpreter), and enters interactive + session mode. + + + + +Ylonen [Page 22] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + 13 SSH_CMSG_EXEC_CMD + + string command to execute + + Starts executing the given command, and enters interactive ses- + sion mode. On UNIX, the command is run as " -c ", where is the user's login shell. + + 14 SSH_SMSG_SUCCESS + + (no arguments) + + This message is sent by the server in response to the session + key, a successful authentication request, and a successfully + completed preparatory operation. + + 15 SSH_SMSG_FAILURE + + (no arguments) + + This message is sent by the server in response to a failed + authentication operation to indicate that the user has not yet + been successfully authenticated, and in response to a failed + preparatory operation. This is also sent in response to an + authentication or preparatory operation request that is not + recognized or supported. + + 16 SSH_CMSG_STDIN_DATA + + string data + + Delivers data from the client to be supplied as input to the + shell or program running on the server side. This message can + only be used in the interactive session mode. No acknowledge- + ment is sent for this message. + + 17 SSH_SMSG_STDOUT_DATA + + string data + + Delivers data from the server that was read from the standard + output of the shell or program running on the server side. This + message can only be used in the interactive session mode. No + acknowledgement is sent for this message. + + 18 SSH_SMSG_STDERR_DATA + + string data + + + +Ylonen [Page 23] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + Delivers data from the server that was read from the standard + error of the shell or program running on the server side. This + message can only be used in the interactive session mode. No + acknowledgement is sent for this message. + + 19 SSH_CMSG_EOF + + (no arguments) + + This message is sent by the client to indicate that EOF has been + reached on the input. Upon receiving this message, and after + all buffered input data has been sent to the shell or program, + the server will close the input file descriptor to the program. + This message can only be used in the interactive session mode. + No acknowledgement is sent for this message. + + 20 SSH_SMSG_EXITSTATUS + + 32-bit int exit status of the command + + Returns the exit status of the shell or program after it has + exited. The client should respond with + SSH_CMSG_EXIT_CONFIRMATION when it has received this message. + This will be the last message sent by the server. If the pro- + gram being executed dies with a signal instead of exiting nor- + mally, the server should terminate the session with + SSH_MSG_DISCONNECT (which can be used to pass a human-readable + string indicating that the program died due to a signal) instead + of using this message. + + 21 SSH_MSG_CHANNEL_OPEN_CONFIRMATION + + 32-bit int remote_channel + 32-bit int local_channel + + This is sent in response to any channel open request if the + channel has been successfully opened. Remote_channel is the + channel number received in the initial open request; + local_channel is the channel number the side sending this mes- + sage has allocated for the channel. Data can be transmitted on + the channel after this message. + + 22 SSH_MSG_CHANNEL_OPEN_FAILURE + + 32-bit int remote_channel + + This message indicates that an earlier channel open request by + the other side has failed or has been denied. Remote_channel is + + + +Ylonen [Page 24] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + the channel number given in the original request. + + 23 SSH_MSG_CHANNEL_DATA + + 32-bit int remote_channel + string data + + Data is transmitted in a channel in these messages. A channel + is bidirectional, and both sides can send these messages. There + is no acknowledgement for these messages. It is possible that + either side receives these messages after it has sent + SSH_MSG_CHANNEL_CLOSE for the channel. These messages cannot be + received after the party has sent or received + SSH_MSG_CHANNEL_CLOSE_CONFIRMATION. + + 24 SSH_MSG_CHANNEL_CLOSE + + 32-bit int remote_channel + + When a channel is closed at one end of the connection, that side + sends this message. Upon receiving this message, the channel + should be closed. When this message is received, if the channel + is already closed (the receiving side has sent this message for + the same channel earlier), the channel is freed and no further + action is taken; otherwise the channel is freed and + SSH_MSG_CHANNEL_CLOSE_CONFIRMATION is sent in response. (It is + possible that the channel is closed simultaneously at both + ends.) + + 25 SSH_MSG_CHANNEL_CLOSE_CONFIRMATION + + 32-bit int remote_channel + + This message is sent in response to SSH_MSG_CHANNEL_CLOSE unless + the channel was already closed. When this message is sent or + received, the channel is freed. + + 26 (OBSOLETED; was unix-domain X11 forwarding) + + 27 SSH_SMSG_X11_OPEN + + 32-bit int local_channel + string originator_string (see below) + + This message can be sent by the server during the interactive + session mode to indicate that a client has connected the fake X + server. Local_channel is the channel number that the server has + allocated for the connection. The client should try to open a + + + +Ylonen [Page 25] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + connection to the real X server, and respond with + SSH_MSG_CHANNEL_OPEN_CONFIRMATION or + SSH_MSG_CHANNEL_OPEN_FAILURE. + + The field originator_string is present if both sides specified + SSH_PROTOFLAG_HOST_IN_FWD_OPEN in the protocol flags. It con- + tains a description of the host originating the connection. + + 28 SSH_CMSG_PORT_FORWARD_REQUEST + + 32-bit int server_port + string host_to_connect + 32-bit int port_to_connect + + Sent by the client in the preparatory phase, this message + requests that server_port on the server machine be forwarded + over the secure channel to the client machine, and from there to + the specified host and port. The server should start listening + on the port, and send SSH_MSG_PORT_OPEN whenever a connection is + made to it. Supporting this message is optional, and the server + is free to reject any forward request. For example, it is + highly recommended that unless the user has been authenticated + as root, forwarding any privileged port numbers (below 1024) is + denied. + + 29 SSH_MSG_PORT_OPEN + + 32-bit int local_channel + string host_name + 32-bit int port + string originator_string (see below) + + Sent by either party in interactive session mode, this message + indicates that a connection has been opened to a forwarded + TCP/IP port. Local_channel is the channel number that the send- + ing party has allocated for the connection. Host_name is the + host the connection should be be forwarded to, and the port is + the port on that host to connect. The receiving party should + open the connection, and respond with + SSH_MSG_CHANNEL_OPEN_CONFIRMATION or + SSH_MSG_CHANNEL_OPEN_FAILURE. It is recommended that the + receiving side check the host_name and port for validity to + avoid compromising local security by compromised remote side + software. Particularly, it is recommended that the client per- + mit connections only to those ports for which it has requested + forwarding with SSH_CMSG_PORT_FORWARD_REQUEST. + + The field originator_string is present if both sides specified + + + +Ylonen [Page 26] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + SSH_PROTOFLAG_HOST_IN_FWD_OPEN in the protocol flags. It con- + tains a description of the host originating the connection. + + 30 SSH_CMSG_AGENT_REQUEST_FORWARDING + + (no arguments) + + Requests that the connection to the authentication agent be for- + warded over the secure channel. The method used by clients to + contact the authentication agent within each machine is imple- + mentation and machine dependent. If the server accepts this + request, it should arrange that any clients run from this ses- + sion will actually contact the server program when they try to + contact the authentication agent. The server should then send a + SSH_SMSG_AGENT_OPEN to open a channel to the agent, and the + client should forward the connection to the real authentication + agent. Supporting this message is optional. + + 31 SSH_SMSG_AGENT_OPEN + + 32-bit int local_channel + + Sent by the server in interactive session mode, this message + requests opening a channel to the authentication agent. The + client should open a channel, and respond with either + SSH_MSG_CHANNEL_OPEN_CONFIRMATION or + SSH_MSG_CHANNEL_OPEN_FAILURE. + + 32 SSH_MSG_IGNORE + + string data + + Either party may send this message at any time. This message, + and the argument string, is silently ignored. This message + might be used in some implementations to make traffic analysis + more difficult. This message is not currently sent by the + implementation, but all implementations are required to recog- + nize and ignore it. + + 33 SSH_CMSG_EXIT_CONFIRMATION + + (no arguments) + + Sent by the client in response to SSH_SMSG_EXITSTATUS. This is + the last message sent by the client. + + 34 SSH_CMSG_X11_REQUEST_FORWARDING + + + + +Ylonen [Page 27] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + string x11_authentication_protocol + string x11_authentication_data + 32-bit int screen number (if SSH_PROTOFLAG_SCREEN_NUMBER) + + Sent by the client during the preparatory phase, this message + requests that the server create a fake X11 display and set the + DISPLAY environment variable accordingly. An internet-domain + display is preferable. The given authentication protocol and + the associated data should be recorded by the server so that it + is used as authentication on connections (e.g., in .Xauthority). + The authentication protocol must be one of the supported X11 + authentication protocols, e.g., "MIT-MAGIC-COOKIE-1". Authenti- + cation data must be a lowercase hex string of even length. Its + interpretation is protocol dependent. The data is in a format + that can be used with e.g. the xauth program. Supporting this + message is optional. + + The client is permitted (and recommended) to generate fake + authentication information and send fake information to the + server. This way, a corrupt server will not have access to the + user's terminal after the connection has terminated. The + correct authorization codes will also not be left hanging around + in files on the server (many users keep the same X session for + months, thus protecting the authorization data becomes impor- + tant). + + X11 authentication spoofing works by initially sending fake + (random) authentication data to the server, and interpreting the + first packet sent by the X11 client after the connection has + been opened. The first packet contains the client's authentica- + tion. If the packet contains the correct fake data, it is + replaced by the client by the correct authentication data, and + then sent to the X server. + + 35 SSH_CMSG_AUTH_RHOSTS_RSA + + string clint-side user name + 32-bit int client_host_key_bits + mp-int client_host_key_public_exponent + mp-int client_host_key_public_modulus + + Requests authentication using /etc/hosts.equiv and .rhosts (or + equivalent) together with RSA host authentication. The server + should check that the client side port number is less than 1024 + (a privileged port), and immediately reject authentication if it + is not. The server responds with SSH_SMSG_FAILURE or + SSH_SMSG_AUTH_RSA_CHALLENGE. The client must respond to the + challenge with the proper SSH_CMSG_AUTH_RSA_RESPONSE. The + + + +Ylonen [Page 28] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + server then responds with success if access was granted, or + failure if the client gave a wrong response. Supporting this + authentication method is optional but recommended in most + environments. + + 36 SSH_MSG_DEBUG + + string debugging message sent to the other side + + This message may be sent by either party at any time. It is + used to send debugging messages that may be informative to the + user in solving various problems. For example, if authentica- + tion fails because of some configuration error (e.g., incorrect + permissions for some file), it can be very helpful for the user + to make the cause of failure available. On the other hand, one + should not make too much information available for security rea- + sons. It is recommended that the client provides an option to + display the debugging information sent by the sender (the user + probably does not want to see it by default). The server can + log debugging data sent by the client (if any). Either party is + free to ignore any received debugging data. Every implementa- + tion must be able to receive this message, but no implementation + is required to send these. + + 37 SSH_CMSG_REQUEST_COMPRESSION + + 32-bit int gzip compression level (1-9) + + This message can be sent by the client in the preparatory opera- + tions phase. The server responds with SSH_SMSG_FAILURE if it + does not support compression or does not want to compress; it + responds with SSH_SMSG_SUCCESS if it accepted the compression + request. In the latter case the response to this packet will + still be uncompressed, but all further packets in either direc- + tion will be compressed by gzip. + + +Encoding of Terminal Modes + + Terminal modes (as passed in SSH_CMSG_REQUEST_PTY) are encoded into a + byte stream. It is intended that the coding be portable across dif- + ferent environments. + + The tty mode description is a stream of bytes. The stream consists + of opcode-argument pairs. It is terminated by opcode TTY_OP_END (0). + Opcodes 1-127 have one-byte arguments. Opcodes 128-159 have 32-bit + integer arguments (stored msb first). Opcodes 160-255 are not yet + defined, and cause parsing to stop (they should only be used after + + + +Ylonen [Page 29] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + any other data). + + The client puts in the stream any modes it knows about, and the + server ignores any modes it does not know about. This allows some + degree of machine-independence, at least between systems that use a + POSIX-like [POSIX] tty interface. The protocol can support other + systems as well, but the client may need to fill reasonable values + for a number of parameters so the server pty gets set to a reasonable + mode (the server leaves all unspecified mode bits in their default + values, and only some combinations make sense). + + The following opcodes have been defined. The naming of opcodes + mostly follows the POSIX terminal mode flags. + + 0 TTY_OP_END + Indicates end of options. + + 1 VINTR + Interrupt character; 255 if none. Similarly for the other char- + acters. Not all of these characters are supported on all sys- + tems. + + 2 VQUIT + The quit character (sends SIGQUIT signal on UNIX systems). + + 3 VERASE + Erase the character to left of the cursor. + + 4 VKILL + Kill the current input line. + + 5 VEOF + End-of-file character (sends EOF from the terminal). + + 6 VEOL + End-of-line character in addition to carriage return and/or + linefeed. + + 7 VEOL2 + Additional end-of-line character. + + 8 VSTART + Continues paused output (normally ^Q). + + 9 VSTOP + Pauses output (^S). + + 10 VSUSP + + + +Ylonen [Page 30] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + Suspends the current program. + + 11 VDSUSP + Another suspend character. + + 12 VREPRINT + Reprints the current input line. + + 13 VWERASE + Erases a word left of cursor. + + 14 VLNEXT + More special input characters; these are probably not supported + on most systems. + + 15 VFLUSH + + 16 VSWTCH + + 17 VSTATUS + + 18 VDISCARD + + + 30 IGNPAR + The ignore parity flag. The next byte should be 0 if this flag + is not set, and 1 if it is set. + + 31 PARMRK + More flags. The exact definitions can be found in the POSIX + standard. + + 32 INPCK + + 33 ISTRIP + + 34 INLCR + + 35 IGNCR + + 36 ICRNL + + 37 IUCLC + + 38 IXON + + 39 IXANY + + + + +Ylonen [Page 31] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + 40 IXOFF + + 41 IMAXBEL + + + 50 ISIG + + 51 ICANON + + 52 XCASE + + 53 ECHO + + 54 ECHOE + + 55 ECHOK + + 56 ECHONL + + 57 NOFLSH + + 58 TOSTOP + + 59 IEXTEN + + 60 ECHOCTL + + 61 ECHOKE + + 62 PENDIN + + + 70 OPOST + + 71 OLCUC + + 72 ONLCR + + 73 OCRNL + + 74 ONOCR + + 75 ONLRET + + + 90 CS7 + + 91 CS8 + + + +Ylonen [Page 32] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + 92 PARENB + + 93 PARODD + + + 192 TTY_OP_ISPEED + Specifies the input baud rate in bits per second. + + 193 TTY_OP_OSPEED + Specifies the output baud rate in bits per second. + + +The Authentication Agent Protocol + + The authentication agent is a program that can be used to hold RSA + authentication keys for the user (in future, it might hold data for + other authentication types as well). An authorized program can send + requests to the agent to generate a proper response to an RSA chal- + lenge. How the connection is made to the agent (or its representa- + tive) inside a host and how access control is done inside a host is + implementation-dependent; however, how it is forwarded and how one + interacts with it is specified in this protocol. The connection to + the agent is normally automatically forwarded over the secure chan- + nel. + + A program that wishes to use the agent first opens a connection to + its local representative (typically, the agent itself or an SSH + server). It then writes a request to the connection, and waits for + response. It is recommended that at least five minutes of timeout + are provided waiting for the agent to respond to an authentication + challenge (this gives sufficient time for the user to cut-and-paste + the challenge to a separate machine, perform the computation there, + and cut-and-paste the result back if so desired). + + Messages sent to and by the agent are in the following format: + + 4 bytes Length, msb first. Does not include length itself. + 1 byte Packet type. The value 255 is reserved for future extensions. + data Any data, depending on packet type. Encoding as in the ssh packet + protocol. + + + The following message types are currently defined: + + 1 SSH_AGENTC_REQUEST_RSA_IDENTITIES + + (no arguments) + + + + +Ylonen [Page 33] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + Requests the agent to send a list of all RSA keys for which it + can answer a challenge. + + 2 SSH_AGENT_RSA_IDENTITIES_ANSWER + + 32-bit int howmany + howmany times: + 32-bit int bits + mp-int public exponent + mp-int public modulus + string comment + + The agent sends this message in response to the to + SSH_AGENTC_REQUEST_RSA_IDENTITIES. The answer lists all RSA + keys for which the agent can answer a challenge. The comment + field is intended to help identify each key; it may be printed + by an application to indicate which key is being used. If the + agent is not holding any keys, howmany will be zero. + + 3 SSH_AGENTC_RSA_CHALLENGE + + 32-bit int bits + mp-int public exponent + mp-int public modulus + mp-int challenge + 16 bytes session_id + 32-bit int response_type + + Requests RSA decryption of random challenge to authenticate the + other side. The challenge will be decrypted with the RSA + private key corresponding to the given public key. + + The decrypted challenge must contain a zero in the highest (par- + tial) byte, 2 in the next byte, followed by non-zero random + bytes, a zero byte, and then the real challenge value in the + lowermost bytes. The real challenge must be 32 8-bit bytes (256 + bits). + + Response_type indicates the format of the response to be + returned. Currently the only supported value is 1, which means + to compute MD5 of the real challenge plus session id, and return + the resulting 16 bytes in a SSH_AGENT_RSA_RESPONSE message. + + 4 SSH_AGENT_RSA_RESPONSE + + 16 bytes MD5 of decrypted challenge + + Answers an RSA authentication challenge. The response is 16 + + + +Ylonen [Page 34] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + bytes: the MD5 checksum of the 32-byte challenge. + + 5 SSH_AGENT_FAILURE + + (no arguments) + + This message is sent whenever the agent fails to answer a + request properly. For example, if the agent cannot answer a + challenge (e.g., no longer has the proper key), it can respond + with this. The agent also responds with this message if it + receives a message it does not recognize. + + 6 SSH_AGENT_SUCCESS + + (no arguments) + + This message is sent by the agent as a response to certain + requests that do not otherwise cause a message be sent. + Currently, this is only sent in response to + SSH_AGENTC_ADD_RSA_IDENTITY and SSH_AGENTC_REMOVE_RSA_IDENTITY. + + 7 SSH_AGENTC_ADD_RSA_IDENTITY + + 32-bit int bits + mp-int public modulus + mp-int public exponent + mp-int private exponent + mp-int multiplicative inverse of p mod q + mp-int p + mp-int q + string comment + + Registers an RSA key with the agent. After this request, the + agent can use this RSA key to answer requests. The agent + responds with SSH_AGENT_SUCCESS or SSH_AGENT_FAILURE. + + 8 SSH_AGENT_REMOVE_RSA_IDENTITY + + 32-bit int bits + mp-int public exponent + mp-int public modulus + + Removes an RSA key from the agent. The agent will no longer + accept challenges for this key and will not list it as a sup- + ported identity. The agent responds with SSH_AGENT_SUCCESS or + SSH_AGENT_FAILURE. + + If the agent receives a message that it does not understand, it + + + +Ylonen [Page 35] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + responds with SSH_AGENT_FAILURE. This permits compatible future + extensions. + + It is possible that several clients have a connection open to the + authentication agent simultaneously. Each client will use a separate + connection (thus, any SSH connection can have multiple agent connec- + tions active simultaneously). + + +References + + + [DES] FIPS PUB 46-1: Data Encryption Standard. National Bureau of + Standards, January 1988. FIPS PUB 81: DES Modes of Operation. + National Bureau of Standards, December 1980. Bruce Schneier: + Applied Cryptography. John Wiley & Sons, 1994. J. Seberry and + J. Pieprzyk: Cryptography: An Introduction to Computer Secu- + rity. Prentice-Hall, 1989. + + [GZIP] + The GNU GZIP program; available for anonymous ftp at + prep.ai.mit.edu. Please let me know if you know a paper + describing the algorithm. + + [IDEA] + Xuejia Lai: On the Design and Security of Block Ciphers, ETH + Series in Information Processing, vol. 1, Hartung-Gorre Verlag, + Konstanz, Switzerland, 1992. Bruce Schneier: Applied Cryptogra- + phy, John Wiley & Sons, 1994. See also the following patents: + PCT/CH91/00117, EP 0 482 154 B1, US Pat. 5,214,703. + + [PKCS#1] + PKCS #1: RSA Encryption Standard. Version 1.5, RSA Labora- + tories, November 1993. Available for anonymous ftp at + ftp.rsa.com. + + [POSIX] + Portable Operating System Interface (POSIX) - Part 1: Applica- + tion Program Interface (API) [C language], ISO/IEC 9945-1, IEEE + Std 1003.1, 1990. + + [RFC0791] + J. Postel: Internet Protocol, RFC 791, USC/ISI, September 1981. + + [RFC0793] + J. Postel: Transmission Control Protocol, RFC 793, USC/ISI, Sep- + tember 1981. + + + + +Ylonen [Page 36] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + [RFC1034] + P. Mockapetris: Domain Names - Concepts and Facilities, RFC + 1034, USC/ISI, November 1987. + + [RFC1282] + B. Kantor: BSD Rlogin, RFC 1258, UCSD, December 1991. + + [RSA] Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994. + See also R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic + Communications System and Method. US Patent 4,405,829, 1983. + + [X11] R. Scheifler: X Window System Protocol, X Consortium Standard, + Version 11, Release 6. Massachusetts Institute of Technology, + Laboratory of Computer Science, 1994. + + +Security Considerations + + This protocol deals with the very issue of user authentication and + security. + + First of all, as an implementation issue, the server program will + have to run as root (or equivalent) on the server machine. This is + because the server program will need be able to change to an arbi- + trary user id. The server must also be able to create a privileged + TCP/IP port. + + The client program will need to run as root if any variant of .rhosts + authentication is to be used. This is because the client program + will need to create a privileged port. The client host key is also + usually stored in a file which is readable by root only. The client + needs the host key in .rhosts authentication only. Root privileges + can be dropped as soon as the privileged port has been created and + the host key has been read. + + The SSH protocol offers major security advantages over existing tel- + net and rlogin protocols. + + o IP spoofing is restricted to closing a connection (by encryp- + tion, host keys, and the special random cookie). If encryption + is not used, IP spoofing is possible for those who can hear + packets going out from the server. + + o DNS spoofing is made ineffective (by host keys). + + o Routing spoofing is made ineffective (by host keys). + + o All data is encrypted with strong algorithms to make + + + +Ylonen [Page 37] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + eavesdropping as difficult as possible. This includes encrypt- + ing any authentication information such as passwords. The + information for decrypting session keys is destroyed every hour. + + o Strong authentication methods: .rhosts combined with RSA host + authentication, and pure RSA authentication. + + o X11 connections and arbitrary TCP/IP ports can be forwarded + securely. + + o Man-in-the-middle attacks are deterred by using the server host + key to encrypt the session key. + + o Trojan horses to catch a password by routing manipulation are + deterred by checking that the host key of the server machine + matches that stored on the client host. + + The security of SSH against man-in-the-middle attacks and the secu- + rity of the new form of .rhosts authentication, as well as server + host validation, depends on the integrity of the host key and the + files containing known host keys. + + The host key is normally stored in a root-readable file. If the host + key is compromised, it permits attackers to use IP, DNS and routing + spoofing as with current rlogin and rsh. It should never be any + worse than the current situation. + + The files containing known host keys are not sensitive. However, if + an attacker gets to modify the known host key files, it has the same + consequences as a compromised host key, because the attacker can then + change the recorded host key. + + The security improvements obtained by this protocol for X11 are of + particular significance. Previously, there has been no way to pro- + tect data communicated between an X server and a client running on a + remote machine. By creating a fake display on the server, and for- + warding all X11 requests over the secure channel, SSH can be used to + run any X11 applications securely without any cooperation with the + vendors of the X server or the application. + + Finally, the security of this program relies on the strength of the + underlying cryptographic algorithms. The RSA algorithm is used for + authentication key exchange. It is widely believed to be secure. Of + the algorithms used to encrypt the session, DES has a rather small + key these days, probably permitting governments and organized crimi- + nals to break it in very short time with specialized hardware. 3DES + is probably safe (but slower). IDEA is widely believed to be secure. + People have varying degrees of confidence in the other algorithms. + + + +Ylonen [Page 38] + +Internet-Draft SSH (Secure Shell) Remote Login Protocol 15 Nov 1995 + + + This program is not secure if used with no encryption at all. + + +Additional Information + + Additional information (especially on the implementation and mailing + lists) is available via WWW at http://www.cs.hut.fi/ssh. + + Comments should be sent to Tatu Ylonen or the SSH + Mailing List . + +Author's Address + + + Tatu Ylonen + Helsinki University of Technology + Otakaari 1 + FIN-02150 Espoo, Finland + + Phone: +358-0-451-3374 + Fax: +358-0-451-3293 + EMail: ylo@cs.hut.fi + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Ylonen [Page 39] + Index: usr.bin/ssh/acconfig.h =================================================================== RCS file: acconfig.h diff -N acconfig.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvszXIqK31367 Wed Dec 8 12:42:01 1999 @@ -0,0 +1,186 @@ +/* + +acconfig.h - template used by autoheader to create config.h.in +config.h.in - used by autoconf to create config.h +config.h - created by autoconf; contains defines generated by autoconf + +Copyright (c) 1995 Tatu Ylonen + +*/ + +#define RCSID(msg) \ +static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } + +@TOP@ + +/* Define if you have SYSV-style /dev/ptmx and /dev/pts/. */ +#undef HAVE_DEV_PTMX + +/* Define if you have /dev/pts and /dev/ptc devices (as in AIX). */ +#undef HAVE_DEV_PTS_AND_PTC + +/* Define if you have shadow passwords in /etc/security/passwd (AIX style). */ +#undef HAVE_ETC_SECURITY_PASSWD + +/* Define if you have shadow passwords in /etc/security/passwd.adjunct + (SunOS style). */ +#undef HAVE_ETC_SECURITY_PASSWD_ADJUNCT + +/* Define if you have OSF1 C2 security installed on the system */ +#undef HAVE_OSF1_C2_SECURITY + +/* Define if you have shadow passwords in /etc/shadow (Solaris style). */ +#undef HAVE_ETC_SHADOW + +/* Define if you have system login defaults in /etc/default/login. */ +#undef HAVE_ETC_DEFAULT_LOGIN + +/* Define if utmp structure has host field. */ +#undef HAVE_HOST_IN_UTMP + +/* Define if utmp structure has addr field. */ +#undef HAVE_ADDR_IN_UTMP + +/* Define if utmp structure has id field. */ +#undef HAVE_ID_IN_UTMP + +/* Define if utmp structure has name field. */ +#undef HAVE_NAME_IN_UTMP + +/* Define if utmp structure has pid field. */ +#undef HAVE_PID_IN_UTMP + +/* Define if utmpx structure has ut_session. */ +#undef HAVE_UT_SESSION + +/* Define if utmpx structure has ut_syslen. */ +#undef HAVE_UT_SYSLEN + +/* Define if /var/adm/lastlog or whatever it is called is a directory + (e.g. SGI IRIX). */ +#undef LASTLOG_IS_DIR + +/* Define to use RSAREF. */ +#undef RSAREF + +/* Define this to be the path of the rsh program to support executing rsh. */ +#undef RSH_PATH + +/* Define this to be the path of the xauth program. */ +#undef XAUTH_PATH + +/* Default path for utmp. Determined by configure. */ +#undef SSH_UTMP + +/* Default path for wtmp. Determined by configure. */ +#undef SSH_WTMP + +/* Default path for lastlog. Determined by configure. */ +#undef SSH_LASTLOG + +/* This is defined if we found a lastlog file. The presence of lastlog.h + alone is not a sufficient indicator (at least newer BSD systems have + lastlog but no lastlog.h. */ +#undef HAVE_LASTLOG + +/* Define this if libutil.a contains BSD 4.4 compatible login(), logout(), + and logwtmp() calls. */ +#undef HAVE_LIBUTIL_LOGIN + +/* Location of system mail spool directory. */ +#undef MAIL_SPOOL_DIRECTORY + +/* Defined if mail goes to $HOME/newmail instead of a global mail spool. */ +#undef HAVE_TILDE_NEWMAIL + +/* Define this to be the default user path if you don't like the default. + See the --with-path= configure option. */ +#undef DEFAULT_PATH + +/* Define this if O_NONBLOCK does not work on your system (e.g., Ultrix). */ +#undef O_NONBLOCK_BROKEN + +/* Define this if sys/syslog.h needs to be included in addition to syslog.h. + This is the case on some Ultrix versions. */ +#undef NEED_SYS_SYSLOG_H + +/* Define this to include IDEA encryption. */ +#undef WITH_IDEA + +/* Define this to include RC4 encryption. */ +#undef WITH_RC4 + +/* Define this to include Blowfish encryption. */ +#undef WITH_BLOWFISH + +/* Define this to include libwrap (tcp_wrappers) support. */ +#undef LIBWRAP + +/* This is defined to pw_encrypt on Linux when using John Faugh's shadow + password implementation. */ +#undef crypt + +/* This is defined on 386BSD to preted we are on FreeBSD. */ +#undef __FreeBSD__ + +/* If defines, this overrides "tty" as the terminal group. */ +#undef TTY_GROUP + +/* Define this if you want to support Security Dynammics SecurID + cards. */ +#undef HAVE_SECURID + +/* Define this if you are using HPSUX. HPUX uses non-standard shared + memory communication for X, which seems to be enabled by the display name + matching that of the local host. This circumvents it by using the IP + address instead of the host name in DISPLAY. */ +#undef HPSUX_NONSTANDARD_X11_KLUDGE + +/* Define this if inet_network should be used instead of inet_addr. This is + the case on DGUX 5.4. */ +#undef BROKEN_INET_ADDR + +/* Define this if your system does not like sizeof(struct sockaddr_un) as the + size argument in bind and connect calls for unix domain sockets. */ +#undef USE_STRLEN_FOR_AF_UNIX + +/* Define this to use pipes instead of socketpairs for communicating with the + client program. Socketpairs do not seem to work on all systems. */ +#undef USE_PIPES + +/* Directory containing ssh_config, ssh_known_hosts, sshd_pid, etc. Normally + /etc. */ +#undef ETCDIR + +/* Define this if speed_t is defined in stdtypes.h or otherwise gets included + into ttymodes.c from system headers. */ +#undef SPEED_T_IN_STDTYPES_H + +/* Define this if compiling with SOCKS (the firewall traversal library). + Also, you must define connect, getsockname, bind, accept, listen, and + select to their R-versions. */ +#undef SOCKS +#undef connect +#undef getsockname +#undef bind +#undef accept +#undef listen +#undef select + +/* Define these if on SCO Unix. */ +#undef HAVE_SCO_ETC_SHADOW +#undef SCO + +/* Define this if you want to compile in Kerberos V4 support. + This can be done at configure time with the --with-krb4 argument. */ +#undef KRB4 + +/* Define this if you want to compile in AFS support. + This can be done at configure time with the --with-afs argument. */ +#undef AFS + +/* Define this if you want to enable nonstandard krb4 TGT forwarding. */ +#undef KERBEROS_TGT_PASSING + +/* Define this if you want to add optional compression support. */ +#undef WITH_ZLIB Index: usr.bin/ssh/atomicio.c =================================================================== RCS file: atomicio.c diff -N atomicio.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsVeOkq31367 Wed Dec 8 12:42:02 1999 @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1999 Theo de Raadt + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +RCSID("$Id: atomicio.c,v 1.1 1999/12/06 20:15:25 deraadt Exp $"); + +#include "xmalloc.h" +#include "ssh.h" + +/* + * ensure all of data on socket comes through. f==read || f==write + */ +int +atomicio(f, fd, s, n) + int (*f) (); + int fd; + void *s; + size_t n; +{ + int res, pos = 0; + + while (n > pos) { + res = (f) (fd, s + pos, n - pos); + switch (res) { + case -1: + if (errno == EINTR || errno == EAGAIN) + continue; + case 0: + return (res); + default: + pos += res; + } + } + return (pos); +} Index: usr.bin/ssh/auth-krb4.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth-krb4.c,v retrieving revision 1.4 retrieving revision 1.11 diff -u -r1.4 -r1.11 --- usr.bin/ssh/auth-krb4.c 1999/10/01 18:18:40 1.4 +++ usr.bin/ssh/auth-krb4.c 1999/12/01 16:54:34 1.11 @@ -1,209 +1,348 @@ /* + * Dug Song + * Kerberos v4 authentication and ticket-passing routines. + */ - auth-kerberos.c - - Dug Song - - Kerberos v4 authentication and ticket-passing routines. - - $Id: auth-krb4.c,v 1.4 1999/10/01 18:18:40 deraadt Exp $ -*/ - #include "includes.h" #include "packet.h" #include "xmalloc.h" #include "ssh.h" +#include "servconf.h" #ifdef KRB4 -int ssh_tf_init(uid_t uid) +char *ticket = NULL; + +extern ServerOptions options; + +/* + * try krb4 authentication, + * return 1 on success, 0 on failure, -1 if krb4 is not available + */ + +int +auth_krb4_password(struct passwd * pw, const char *password) { - extern char *ticket; - char *tkt_root = TKT_ROOT; - struct stat st; - int fd; - - /* Set unique ticket string manually since we're still root. */ - ticket = xmalloc(MAXPATHLEN); + AUTH_DAT adata; + KTEXT_ST tkt; + struct hostent *hp; + unsigned long faddr; + char localhost[MAXHOSTNAMELEN]; + char phost[INST_SZ]; + char realm[REALM_SZ]; + int r; + + /* + * Try Kerberos password authentication only for non-root + * users and only if Kerberos is installed. + */ + if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { + + /* Set up our ticket file. */ + if (!krb4_init(pw->pw_uid)) { + log("Couldn't initialize Kerberos ticket file for %s!", + pw->pw_name); + goto kerberos_auth_failure; + } + /* Try to get TGT using our password. */ + r = krb_get_pw_in_tkt((char *) pw->pw_name, "", + realm, "krbtgt", realm, + DEFAULT_TKT_LIFE, (char *) password); + if (r != INTK_OK) { + packet_send_debug("Kerberos V4 password " + "authentication for %s failed: %s", + pw->pw_name, krb_err_txt[r]); + goto kerberos_auth_failure; + } + /* Successful authentication. */ + chown(tkt_string(), pw->pw_uid, pw->pw_gid); + + /* + * Now that we have a TGT, try to get a local + * "rcmd" ticket to ensure that we are not talking + * to a bogus Kerberos server. + */ + (void) gethostname(localhost, sizeof(localhost)); + (void) strlcpy(phost, (char *) krb_get_phost(localhost), + INST_SZ); + r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33); + + if (r == KSUCCESS) { + if (!(hp = gethostbyname(localhost))) { + log("Couldn't get local host address!"); + goto kerberos_auth_failure; + } + memmove((void *) &faddr, (void *) hp->h_addr, + sizeof(faddr)); + + /* Verify our "rcmd" ticket. */ + r = krb_rd_req(&tkt, KRB4_SERVICE_NAME, phost, + faddr, &adata, ""); + if (r == RD_AP_UNDEC) { + /* + * Probably didn't have a srvtab on + * localhost. Allow login. + */ + log("Kerberos V4 TGT for %s unverifiable, " + "no srvtab installed? krb_rd_req: %s", + pw->pw_name, krb_err_txt[r]); + } else if (r != KSUCCESS) { + log("Kerberos V4 %s ticket unverifiable: %s", + KRB4_SERVICE_NAME, krb_err_txt[r]); + goto kerberos_auth_failure; + } + } else if (r == KDC_PR_UNKNOWN) { + /* + * Allow login if no rcmd service exists, but + * log the error. + */ + log("Kerberos V4 TGT for %s unverifiable: %s; %s.%s " + "not registered, or srvtab is wrong?", pw->pw_name, + krb_err_txt[r], KRB4_SERVICE_NAME, phost); + } else { + /* + * TGT is bad, forget it. Possibly spoofed! + */ + packet_send_debug("WARNING: Kerberos V4 TGT " + "possibly spoofed for %s: %s", + pw->pw_name, krb_err_txt[r]); + goto kerberos_auth_failure; + } + + /* Authentication succeeded. */ + return 1; + +kerberos_auth_failure: + krb4_cleanup_proc(NULL); + + if (!options.kerberos_or_local_passwd) + return 0; + } else { + /* Logging in as root or no local Kerberos realm. */ + packet_send_debug("Unable to authenticate to Kerberos."); + } + /* Fall back to ordinary passwd authentication. */ + return -1; +} + +void +krb4_cleanup_proc(void *ignore) +{ + debug("krb4_cleanup_proc called"); + if (ticket) { + (void) dest_tkt(); + xfree(ticket); + ticket = NULL; + } +} + +int +krb4_init(uid_t uid) +{ + static int cleanup_registered = 0; + char *tkt_root = TKT_ROOT; + struct stat st; + int fd; + + if (!ticket) { + /* Set unique ticket string manually since we're still root. */ + ticket = xmalloc(MAXPATHLEN); #ifdef AFS - if (lstat("/ticket", &st) != -1) - tkt_root = "/ticket/"; + if (lstat("/ticket", &st) != -1) + tkt_root = "/ticket/"; #endif /* AFS */ - snprintf(ticket, MAXPATHLEN, "%s%d_%d", tkt_root, uid, getpid()); - (void) krb_set_tkt_string(ticket); + snprintf(ticket, MAXPATHLEN, "%s%d_%d", tkt_root, uid, getpid()); + (void) krb_set_tkt_string(ticket); + } + /* Register ticket cleanup in case of fatal error. */ + if (!cleanup_registered) { + fatal_add_cleanup(krb4_cleanup_proc, NULL); + cleanup_registered = 1; + } + /* Try to create our ticket file. */ + if ((fd = mkstemp(ticket)) != -1) { + close(fd); + return 1; + } + /* Ticket file exists - make sure user owns it (just passed ticket). */ + if (lstat(ticket, &st) != -1) { + if (st.st_mode == (S_IFREG | S_IRUSR | S_IWUSR) && + st.st_uid == uid) + return 1; + } + /* Failure - cancel cleanup function, leaving bad ticket for inspection. */ + log("WARNING: bad ticket file %s", ticket); + fatal_remove_cleanup(krb4_cleanup_proc, NULL); + cleanup_registered = 0; + xfree(ticket); + ticket = NULL; - /* Make sure we own this ticket file, and we created it. */ - if (lstat(ticket, &st) == -1 && errno == ENOENT) { - /* good, no ticket file exists. create it. */ - if ((fd = open(ticket, O_RDWR|O_CREAT|O_EXCL, 0600)) != -1) { - close(fd); - return 1; - } - } - else { - /* file exists. make sure server_user owns it (e.g. just passed ticket), - and that it isn't a symlink, and that it is mode 600. */ - if (st.st_mode == (S_IFREG|S_IRUSR|S_IWUSR) && st.st_uid == uid) - return 1; - } - /* Failure. */ - log("WARNING: bad ticket file %s", ticket); - return 0; + return 0; } -int auth_krb4(const char *server_user, KTEXT auth, char **client) +int +auth_krb4(const char *server_user, KTEXT auth, char **client) { - AUTH_DAT adat = { 0 }; - KTEXT_ST reply; - char instance[INST_SZ]; - int r, s; - u_int cksum; - Key_schedule schedule; - struct sockaddr_in local, foreign; - - s = packet_get_connection_in(); - - r = sizeof(local); - memset(&local, 0, sizeof(local)); - if (getsockname(s, (struct sockaddr *) &local, &r) < 0) - debug("getsockname failed: %.100s", strerror(errno)); - r = sizeof(foreign); - memset(&foreign, 0, sizeof(foreign)); - if (getpeername(s, (struct sockaddr *)&foreign, &r) < 0) - debug("getpeername failed: %.100s", strerror(errno)); - - instance[0] = '*'; instance[1] = 0; - - /* Get the encrypted request, challenge, and session key. */ - if ((r = krb_rd_req(auth, KRB4_SERVICE_NAME, instance, 0, &adat, ""))) { - packet_send_debug("Kerberos V4 krb_rd_req: %.100s", krb_err_txt[r]); - return 0; - } - des_key_sched((des_cblock *)adat.session, schedule); - - *client = xmalloc(MAX_K_NAME_SZ); - (void) snprintf(*client, MAX_K_NAME_SZ, "%s%s%s@%s", adat.pname, - *adat.pinst ? "." : "", adat.pinst, adat.prealm); - - /* Check ~/.klogin authorization now. */ - if (kuserok(&adat, (char *)server_user) != KSUCCESS) { - packet_send_debug("Kerberos V4 .klogin authorization failed!"); - log("Kerberos V4 .klogin authorization failed for %s to account %s", - *client, server_user); - return 0; - } - /* Increment the checksum, and return it encrypted with the session key. */ - cksum = adat.checksum + 1; - cksum = htonl(cksum); - - /* If we can't successfully encrypt the checksum, we send back an empty - message, admitting our failure. */ - if ((r = krb_mk_priv((u_char *)&cksum, reply.dat, sizeof(cksum)+1, - schedule, &adat.session, &local, &foreign)) < 0) { - packet_send_debug("Kerberos V4 mk_priv: (%d) %s", r, krb_err_txt[r]); - reply.dat[0] = 0; - reply.length = 0; - } - else - reply.length = r; - - /* Clear session key. */ - memset(&adat.session, 0, sizeof(&adat.session)); - - packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE); - packet_put_string((char *) reply.dat, reply.length); - packet_send(); - packet_write_wait(); - return 1; + AUTH_DAT adat = {0}; + KTEXT_ST reply; + char instance[INST_SZ]; + int r, s; + u_int cksum; + Key_schedule schedule; + struct sockaddr_in local, foreign; + + s = packet_get_connection_in(); + + r = sizeof(local); + memset(&local, 0, sizeof(local)); + if (getsockname(s, (struct sockaddr *) & local, &r) < 0) + debug("getsockname failed: %.100s", strerror(errno)); + r = sizeof(foreign); + memset(&foreign, 0, sizeof(foreign)); + if (getpeername(s, (struct sockaddr *) & foreign, &r) < 0) { + debug("getpeername failed: %.100s", strerror(errno)); + fatal_cleanup(); + } + instance[0] = '*'; + instance[1] = 0; + + /* Get the encrypted request, challenge, and session key. */ + if ((r = krb_rd_req(auth, KRB4_SERVICE_NAME, instance, 0, &adat, ""))) { + packet_send_debug("Kerberos V4 krb_rd_req: %.100s", krb_err_txt[r]); + return 0; + } + des_key_sched((des_cblock *) adat.session, schedule); + + *client = xmalloc(MAX_K_NAME_SZ); + (void) snprintf(*client, MAX_K_NAME_SZ, "%s%s%s@%s", adat.pname, + *adat.pinst ? "." : "", adat.pinst, adat.prealm); + + /* Check ~/.klogin authorization now. */ + if (kuserok(&adat, (char *) server_user) != KSUCCESS) { + packet_send_debug("Kerberos V4 .klogin authorization failed!"); + log("Kerberos V4 .klogin authorization failed for %s to account %s", + *client, server_user); + xfree(*client); + return 0; + } + /* Increment the checksum, and return it encrypted with the + session key. */ + cksum = adat.checksum + 1; + cksum = htonl(cksum); + + /* If we can't successfully encrypt the checksum, we send back an + empty message, admitting our failure. */ + if ((r = krb_mk_priv((u_char *) & cksum, reply.dat, sizeof(cksum) + 1, + schedule, &adat.session, &local, &foreign)) < 0) { + packet_send_debug("Kerberos V4 mk_priv: (%d) %s", r, krb_err_txt[r]); + reply.dat[0] = 0; + reply.length = 0; + } else + reply.length = r; + + /* Clear session key. */ + memset(&adat.session, 0, sizeof(&adat.session)); + + packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE); + packet_put_string((char *) reply.dat, reply.length); + packet_send(); + packet_write_wait(); + return 1; } #endif /* KRB4 */ #ifdef AFS -int auth_kerberos_tgt(struct passwd *pw, const char *string) +int +auth_kerberos_tgt(struct passwd *pw, const char *string) { - CREDENTIALS creds; - extern char *ticket; - int r; - - if (!radix_to_creds(string, &creds)) { - log("Protocol error decoding Kerberos V4 tgt"); - packet_send_debug("Protocol error decoding Kerberos V4 tgt"); - goto auth_kerberos_tgt_failure; - } - if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ - strlcpy(creds.service, "krbtgt", sizeof creds.service); - - if (strcmp(creds.service, "krbtgt")) { - log("Kerberos V4 tgt (%s%s%s@%s) rejected for uid %d", - creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm, - pw->pw_uid); - packet_send_debug("Kerberos V4 tgt (%s%s%s@%s) rejected for uid %d", - creds.pname, creds.pinst[0] ? "." : "", creds.pinst, - creds.realm, pw->pw_uid); - goto auth_kerberos_tgt_failure; - } - if (!ssh_tf_init(pw->pw_uid) || - (r = in_tkt(creds.pname, creds.pinst)) || - (r = save_credentials(creds.service, creds.instance, creds.realm, - creds.session, creds.lifetime, creds.kvno, - &creds.ticket_st, creds.issue_date))) { - xfree(ticket); - ticket = NULL; - packet_send_debug("Kerberos V4 tgt refused: couldn't save credentials"); - goto auth_kerberos_tgt_failure; - } - /* Successful authentication, passed all checks. */ - chown(ticket, pw->pw_uid, pw->pw_gid); - packet_send_debug("Kerberos V4 tgt accepted (%s.%s@%s, %s%s%s@%s)", - creds.service, creds.instance, creds.realm, - creds.pname, creds.pinst[0] ? "." : "", - creds.pinst, creds.realm); - - packet_start(SSH_SMSG_SUCCESS); - packet_send(); - packet_write_wait(); - return 1; + CREDENTIALS creds; + + if (!radix_to_creds(string, &creds)) { + log("Protocol error decoding Kerberos V4 tgt"); + packet_send_debug("Protocol error decoding Kerberos V4 tgt"); + goto auth_kerberos_tgt_failure; + } + if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ + strlcpy(creds.service, "krbtgt", sizeof creds.service); + + if (strcmp(creds.service, "krbtgt")) { + log("Kerberos V4 tgt (%s%s%s@%s) rejected for %s", creds.pname, + creds.pinst[0] ? "." : "", creds.pinst, creds.realm, + pw->pw_name); + packet_send_debug("Kerberos V4 tgt (%s%s%s@%s) rejected for %s", + creds.pname, creds.pinst[0] ? "." : "", creds.pinst, + creds.realm, pw->pw_name); + goto auth_kerberos_tgt_failure; + } + if (!krb4_init(pw->pw_uid)) + goto auth_kerberos_tgt_failure; + + if (in_tkt(creds.pname, creds.pinst) != KSUCCESS) + goto auth_kerberos_tgt_failure; + + if (save_credentials(creds.service, creds.instance, creds.realm, + creds.session, creds.lifetime, creds.kvno, + &creds.ticket_st, creds.issue_date) != KSUCCESS) { + packet_send_debug("Kerberos V4 tgt refused: couldn't save credentials"); + goto auth_kerberos_tgt_failure; + } + /* Successful authentication, passed all checks. */ + chown(tkt_string(), pw->pw_uid, pw->pw_gid); + + packet_send_debug("Kerberos V4 tgt accepted (%s.%s@%s, %s%s%s@%s)", + creds.service, creds.instance, creds.realm, creds.pname, + creds.pinst[0] ? "." : "", creds.pinst, creds.realm); + memset(&creds, 0, sizeof(creds)); + packet_start(SSH_SMSG_SUCCESS); + packet_send(); + packet_write_wait(); + return 1; auth_kerberos_tgt_failure: - memset(&creds, 0, sizeof(creds)); - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - return 0; + krb4_cleanup_proc(NULL); + memset(&creds, 0, sizeof(creds)); + packet_start(SSH_SMSG_FAILURE); + packet_send(); + packet_write_wait(); + return 0; } -int auth_afs_token(char *server_user, uid_t uid, const char *string) +int +auth_afs_token(struct passwd *pw, const char *token_string) { - CREDENTIALS creds; + CREDENTIALS creds; + uid_t uid = pw->pw_uid; - if (!radix_to_creds(string, &creds)) { - log("Protocol error decoding AFS token"); - packet_send_debug("Protocol error decoding AFS token"); - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - return 0; - } - if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ - strlcpy(creds.service, "afs", sizeof creds.service); - - if (strncmp(creds.pname, "AFS ID ", 7) == 0) - uid = atoi(creds.pname + 7); - - if (kafs_settoken(creds.realm, uid, &creds)) { - log("AFS token (%s@%s) rejected for uid %d", creds.pname, - creds.realm, uid); - packet_send_debug("AFS token (%s@%s) rejected for uid %d", creds.pname, - creds.realm, uid); - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - return 0; - } - packet_send_debug("AFS token accepted (%s@%s, %s@%s)", creds.service, - creds.realm, creds.pname, creds.realm); - packet_start(SSH_SMSG_SUCCESS); - packet_send(); - packet_write_wait(); - return 1; + if (!radix_to_creds(token_string, &creds)) { + log("Protocol error decoding AFS token"); + packet_send_debug("Protocol error decoding AFS token"); + packet_start(SSH_SMSG_FAILURE); + packet_send(); + packet_write_wait(); + return 0; + } + if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ + strlcpy(creds.service, "afs", sizeof creds.service); + + if (strncmp(creds.pname, "AFS ID ", 7) == 0) + uid = atoi(creds.pname + 7); + + if (kafs_settoken(creds.realm, uid, &creds)) { + log("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm, + pw->pw_name); + packet_send_debug("AFS token (%s@%s) rejected for %s", creds.pname, + creds.realm, pw->pw_name); + memset(&creds, 0, sizeof(creds)); + packet_start(SSH_SMSG_FAILURE); + packet_send(); + packet_write_wait(); + return 0; + } + packet_send_debug("AFS token accepted (%s@%s, %s@%s)", creds.service, + creds.realm, creds.pname, creds.realm); + memset(&creds, 0, sizeof(creds)); + packet_start(SSH_SMSG_SUCCESS); + packet_send(); + packet_write_wait(); + return 1; } #endif /* AFS */ Index: usr.bin/ssh/auth-passwd.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth-passwd.c,v retrieving revision 1.8 retrieving revision 1.13 diff -u -r1.8 -r1.13 --- usr.bin/ssh/auth-passwd.c 1999/10/19 15:56:41 1.8 +++ usr.bin/ssh/auth-passwd.c 1999/12/01 16:54:35 1.13 @@ -1,180 +1,62 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Sat Mar 18 05:11:38 1995 ylo + * Password authentication. This file contains the functions to check whether + * the password is valid for the user. + */ -auth-passwd.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Mar 18 05:11:38 1995 ylo - -Password authentication. This file contains the functions to check whether -the password is valid for the user. - -*/ - #include "includes.h" -RCSID("$Id: auth-passwd.c,v 1.8 1999/10/19 15:56:41 deraadt Exp $"); +RCSID("$Id: auth-passwd.c,v 1.13 1999/12/01 16:54:35 markus Exp $"); #include "packet.h" #include "ssh.h" #include "servconf.h" #include "xmalloc.h" - -#ifdef KRB4 -extern char *ticket; -#endif /* KRB4 */ - -/* Tries to authenticate the user using password. Returns true if - authentication succeeds. */ -int auth_password(struct passwd *pw, const char *password) +/* + * Tries to authenticate the user using password. Returns true if + * authentication succeeds. + */ +int +auth_password(struct passwd * pw, const char *password) { - extern ServerOptions options; - char *encrypted_password; + extern ServerOptions options; + char *encrypted_password; - if (pw->pw_uid == 0 && options.permit_root_login == 2) - { - /*packet_send_debug("Server does not permit root login with password.");*/ - return 0; - } - - if (*password == '\0' && options.permit_empty_passwd == 0) - { - /*packet_send_debug("Server does not permit empty password login.");*/ - return 0; - } - - /* deny if no user. */ - if (pw == NULL) - return 0; + if (pw->pw_uid == 0 && options.permit_root_login == 2) + return 0; + if (*password == '\0' && options.permit_empty_passwd == 0) + return 0; + /* deny if no user. */ + if (pw == NULL) + return 0; #ifdef SKEY - if (options.skey_authentication == 1) { - if (strncasecmp(password, "s/key", 5) == 0) { - char *skeyinfo = skey_keyinfo(pw->pw_name); - if(skeyinfo == NULL){ - debug("generating fake skeyinfo for %.100s.", pw->pw_name); - skeyinfo = skey_fake_keyinfo(pw->pw_name); - } - if(skeyinfo != NULL) - packet_send_debug(skeyinfo); - /* Try again. */ - return 0; - } - else if (skey_haskey(pw->pw_name) == 0 && - skey_passcheck(pw->pw_name, (char *)password) != -1) { - /* Authentication succeeded. */ - return 1; - } - /* Fall back to ordinary passwd authentication. */ - } -#endif - -#if defined(KRB4) - /* Support for Kerberos v4 authentication - Dug Song */ - if (options.kerberos_authentication) - { - AUTH_DAT adata; - KTEXT_ST tkt; - struct hostent *hp; - unsigned long faddr; - char localhost[MAXHOSTNAMELEN]; /* local host name */ - char phost[INST_SZ]; /* host instance */ - char realm[REALM_SZ]; /* local Kerberos realm */ - int r; - - /* Try Kerberos password authentication only for non-root - users and only if Kerberos is installed. */ - if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { - - /* Set up our ticket file. */ - if (!ssh_tf_init(pw->pw_uid)) { - log("Couldn't initialize Kerberos ticket file for %s!", - pw->pw_name); - goto kerberos_auth_failure; - } - /* Try to get TGT using our password. */ - r = krb_get_pw_in_tkt((char *)pw->pw_name, "", realm, "krbtgt", realm, - DEFAULT_TKT_LIFE, (char *)password); - if (r != INTK_OK) { - packet_send_debug("Kerberos V4 password authentication for %s " - "failed: %s", pw->pw_name, krb_err_txt[r]); - goto kerberos_auth_failure; - } - /* Successful authentication. */ - chown(ticket, pw->pw_uid, pw->pw_gid); - - (void) gethostname(localhost, sizeof(localhost)); - (void) strlcpy(phost, (char *)krb_get_phost(localhost), INST_SZ); - - /* Now that we have a TGT, try to get a local "rcmd" ticket to - ensure that we are not talking to a bogus Kerberos server. */ - r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33); - - if (r == KSUCCESS) { - if (!(hp = gethostbyname(localhost))) { - log("Couldn't get local host address!"); - goto kerberos_auth_failure; - } - memmove((void *)&faddr, (void *)hp->h_addr, sizeof(faddr)); - - /* Verify our "rcmd" ticket. */ - r = krb_rd_req(&tkt, KRB4_SERVICE_NAME, phost, faddr, &adata, ""); - if (r == RD_AP_UNDEC) { - /* Probably didn't have a srvtab on localhost. Allow login. */ - log("Kerberos V4 TGT for %s unverifiable, no srvtab installed? " - "krb_rd_req: %s", pw->pw_name, krb_err_txt[r]); - } - else if (r != KSUCCESS) { - log("Kerberos V4 %s ticket unverifiable: %s", - KRB4_SERVICE_NAME, krb_err_txt[r]); - goto kerberos_auth_failure; - } - } - else if (r == KDC_PR_UNKNOWN) { - /* Allow login if no rcmd service exists, but log the error. */ - log("Kerberos V4 TGT for %s unverifiable: %s; %s.%s " - "not registered, or srvtab is wrong?", pw->pw_name, - krb_err_txt[r], KRB4_SERVICE_NAME, phost); + if (options.skey_authentication == 1) { + int ret = auth_skey_password(pw, password); + if (ret == 1 || ret == 0) + return ret; + /* Fall back to ordinary passwd authentication. */ } - else { - /* TGT is bad, forget it. Possibly spoofed! */ - packet_send_debug("WARNING: Kerberos V4 TGT possibly spoofed for" - "%s: %s", pw->pw_name, krb_err_txt[r]); - goto kerberos_auth_failure; +#endif +#ifdef KRB4 + if (options.kerberos_authentication == 1) { + int ret = auth_krb4_password(pw, password); + if (ret == 1 || ret == 0) + return ret; + /* Fall back to ordinary passwd authentication. */ } - - /* Authentication succeeded. */ - return 1; - - kerberos_auth_failure: - (void) dest_tkt(); - xfree(ticket); - ticket = NULL; - if (!options.kerberos_or_local_passwd ) return 0; - } - else { - /* Logging in as root or no local Kerberos realm. */ - packet_send_debug("Unable to authenticate to Kerberos."); - } - /* Fall back to ordinary passwd authentication. */ - } -#endif /* KRB4 */ - - /* Check for users with no password. */ - if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) - { - packet_send_debug("Login permitted without a password because the account has no password."); - return 1; /* The user has no password and an empty password was tried. */ - } - - /* Encrypt the candidate password using the proper salt. */ - encrypted_password = crypt(password, - (pw->pw_passwd[0] && pw->pw_passwd[1]) ? - pw->pw_passwd : "xx"); +#endif + + /* Check for users with no password. */ + if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) + return 1; + /* Encrypt the candidate password using the proper salt. */ + encrypted_password = crypt(password, + (pw->pw_passwd[0] && pw->pw_passwd[1]) ? pw->pw_passwd : "xx"); - /* Authentication is accepted if the encrypted passwords are identical. */ - return (strcmp(encrypted_password, pw->pw_passwd) == 0); + /* Authentication is accepted if the encrypted passwords are identical. */ + return (strcmp(encrypted_password, pw->pw_passwd) == 0); } Index: usr.bin/ssh/auth-rh-rsa.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth-rh-rsa.c,v retrieving revision 1.2 retrieving revision 1.10 diff -u -r1.2 -r1.10 --- usr.bin/ssh/auth-rh-rsa.c 1999/10/03 21:50:03 1.2 +++ usr.bin/ssh/auth-rh-rsa.c 1999/11/24 19:53:43 1.10 @@ -1,83 +1,107 @@ /* + * + * auth-rh-rsa.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sun May 7 03:08:06 1995 ylo + * + * Rhosts or /etc/hosts.equiv authentication combined with RSA host + * authentication. + * + */ -auth-rh-rsa.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sun May 7 03:08:06 1995 ylo - -Rhosts or /etc/hosts.equiv authentication combined with RSA host -authentication. - -*/ - #include "includes.h" -RCSID("$Id: auth-rh-rsa.c,v 1.2 1999/10/03 21:50:03 provos Exp $"); +RCSID("$Id: auth-rh-rsa.c,v 1.10 1999/11/24 19:53:43 markus Exp $"); #include "packet.h" #include "ssh.h" #include "xmalloc.h" #include "uidswap.h" +#include "servconf.h" -/* Tries to authenticate the user using the .rhosts file and the host using - its host key. Returns true if authentication succeeds. - .rhosts and .shosts will be ignored if ignore_rhosts is non-zero. */ - -int auth_rhosts_rsa(struct passwd *pw, const char *client_user, - unsigned int client_host_key_bits, - BIGNUM *client_host_key_e, BIGNUM *client_host_key_n, - int ignore_rhosts, int strict_modes) +/* + * Tries to authenticate the user using the .rhosts file and the host using + * its host key. Returns true if authentication succeeds. + */ + +int +auth_rhosts_rsa(struct passwd *pw, const char *client_user, + BIGNUM *client_host_key_e, BIGNUM *client_host_key_n) { - const char *canonical_hostname; - HostStatus host_status; - BIGNUM *ke, *kn; - - debug("Trying rhosts with RSA host authentication for %.100s", client_user); - - /* Check if we would accept it using rhosts authentication. */ - if (!auth_rhosts(pw, client_user, ignore_rhosts, strict_modes)) - return 0; - - canonical_hostname = get_canonical_hostname(); - - debug("Rhosts RSA authentication: canonical host %.900s", - canonical_hostname); - - /* Check if we know the host and its host key. */ - /* Check system-wide host file. */ - ke = BN_new(); - kn = BN_new(); - host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname, - client_host_key_bits, client_host_key_e, - client_host_key_n, ke, kn); - BN_free(ke); - BN_free(kn); - if (host_status != HOST_OK) { - /* The host key was not found. */ - debug("Rhosts with RSA host authentication denied: unknown or invalid host key"); - packet_send_debug("Your host key cannot be verified: unknown or invalid host key."); - return 0; - } - - /* A matching host key was found and is known. */ - - /* Perform the challenge-response dialog with the client for the host key. */ - if (!auth_rsa_challenge_dialog(client_host_key_bits, - client_host_key_e, client_host_key_n)) - { - log("Client on %.800s failed to respond correctly to host authentication.", - canonical_hostname); - return 0; - } - - /* We have authenticated the user using .rhosts or /etc/hosts.equiv, and - the host using RSA. We accept the authentication. */ - - log("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.", - pw->pw_name, client_user, canonical_hostname); - packet_send_debug("Rhosts with RSA host authentication accepted."); - return 1; + extern ServerOptions options; + const char *canonical_hostname; + HostStatus host_status; + BIGNUM *ke, *kn; + + debug("Trying rhosts with RSA host authentication for %.100s", client_user); + + /* Check if we would accept it using rhosts authentication. */ + if (!auth_rhosts(pw, client_user)) + return 0; + + canonical_hostname = get_canonical_hostname(); + + debug("Rhosts RSA authentication: canonical host %.900s", + canonical_hostname); + + /* Check if we know the host and its host key. */ + ke = BN_new(); + kn = BN_new(); + host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname, + client_host_key_e, client_host_key_n, + ke, kn); + + /* Check user host file unless ignored. */ + if (host_status != HOST_OK && !options.ignore_user_known_hosts) { + struct stat st; + char *user_hostfile = tilde_expand_filename(SSH_USER_HOSTFILE, pw->pw_uid); + /* + * Check file permissions of SSH_USER_HOSTFILE, auth_rsa() + * did already check pw->pw_dir, but there is a race XXX + */ + if (options.strict_modes && + (stat(user_hostfile, &st) == 0) && + ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || + (st.st_mode & 022) != 0)) { + log("Rhosts RSA authentication refused for %.100s: bad owner or modes for %.200s", + pw->pw_name, user_hostfile); + } else { + /* XXX race between stat and the following open() */ + temporarily_use_uid(pw->pw_uid); + host_status = check_host_in_hostfile(user_hostfile, canonical_hostname, + client_host_key_e, client_host_key_n, + ke, kn); + restore_uid(); + } + xfree(user_hostfile); + } + BN_free(ke); + BN_free(kn); + + if (host_status != HOST_OK) { + debug("Rhosts with RSA host authentication denied: unknown or invalid host key"); + packet_send_debug("Your host key cannot be verified: unknown or invalid host key."); + return 0; + } + /* A matching host key was found and is known. */ + + /* Perform the challenge-response dialog with the client for the host key. */ + if (!auth_rsa_challenge_dialog(client_host_key_e, client_host_key_n)) { + log("Client on %.800s failed to respond correctly to host authentication.", + canonical_hostname); + return 0; + } + /* + * We have authenticated the user using .rhosts or /etc/hosts.equiv, + * and the host using RSA. We accept the authentication. + */ + + verbose("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.", + pw->pw_name, client_user, canonical_hostname); + packet_send_debug("Rhosts with RSA host authentication accepted."); + return 1; } Index: usr.bin/ssh/auth-rhosts.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth-rhosts.c,v retrieving revision 1.5 retrieving revision 1.11 diff -u -r1.5 -r1.11 --- usr.bin/ssh/auth-rhosts.c 1999/10/03 20:09:18 1.5 +++ usr.bin/ssh/auth-rhosts.c 1999/11/24 19:53:43 1.11 @@ -1,298 +1,266 @@ /* + * + * auth-rhosts.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 17 05:12:18 1995 ylo + * + * Rhosts authentication. This file contains code to check whether to admit + * the login based on rhosts authentication. This file also processes + * /etc/hosts.equiv. + * + */ -auth-rhosts.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Fri Mar 17 05:12:18 1995 ylo - -Rhosts authentication. This file contains code to check whether to admit -the login based on rhosts authentication. This file also processes -/etc/hosts.equiv. - -*/ - #include "includes.h" -RCSID("$Id: auth-rhosts.c,v 1.5 1999/10/03 20:09:18 deraadt Exp $"); +RCSID("$Id: auth-rhosts.c,v 1.11 1999/11/24 19:53:43 markus Exp $"); #include "packet.h" #include "ssh.h" #include "xmalloc.h" #include "uidswap.h" +#include "servconf.h" -/* This function processes an rhosts-style file (.rhosts, .shosts, or - /etc/hosts.equiv). This returns true if authentication can be granted - based on the file, and returns zero otherwise. */ - -int check_rhosts_file(const char *filename, const char *hostname, - const char *ipaddr, const char *client_user, - const char *server_user) +/* + * This function processes an rhosts-style file (.rhosts, .shosts, or + * /etc/hosts.equiv). This returns true if authentication can be granted + * based on the file, and returns zero otherwise. + */ + +int +check_rhosts_file(const char *filename, const char *hostname, + const char *ipaddr, const char *client_user, + const char *server_user) { - FILE *f; - char buf[1024]; /* Must not be larger than host, user, dummy below. */ - - /* Open the .rhosts file. */ - f = fopen(filename, "r"); - if (!f) - return 0; /* Cannot read the .rhosts - deny access. */ - - /* Go through the file, checking every entry. */ - while (fgets(buf, sizeof(buf), f)) - { - /* All three must be at least as big as buf to avoid overflows. */ - char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp; - int negated; - - for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) - ; - if (*cp == '#' || *cp == '\n' || !*cp) - continue; - - /* NO_PLUS is supported at least on OSF/1. We skip it (we don't ever - support the plus syntax). */ - if (strncmp(cp, "NO_PLUS", 7) == 0) - continue; - - /* This should be safe because each buffer is as big as the whole - string, and thus cannot be overwritten. */ - switch (sscanf(buf, "%s %s %s", hostbuf, userbuf, dummy)) - { - case 0: - packet_send_debug("Found empty line in %.100s.", filename); - continue; /* Empty line? */ - case 1: - /* Host name only. */ - strlcpy(userbuf, server_user, sizeof(userbuf)); - break; - case 2: - /* Got both host and user name. */ - break; - case 3: - packet_send_debug("Found garbage in %.100s.", filename); - continue; /* Extra garbage */ - default: - continue; /* Weird... */ - } + FILE *f; + char buf[1024]; /* Must not be larger than host, user, dummy below. */ - host = hostbuf; - user = userbuf; - negated = 0; - - /* Process negated host names, or positive netgroups. */ - if (host[0] == '-') - { - negated = 1; - host++; - } - else - if (host[0] == '+') - host++; - - if (user[0] == '-') - { - negated = 1; - user++; - } - else - if (user[0] == '+') - user++; - - /* Check for empty host/user names (particularly '+'). */ - if (!host[0] || !user[0]) - { - /* We come here if either was '+' or '-'. */ - packet_send_debug("Ignoring wild host/user names in %.100s.", - filename); - continue; - } - - /* Verify that host name matches. */ - if (host[0] == '@') - { - if (!innetgr(host + 1, hostname, NULL, NULL) && - !innetgr(host + 1, ipaddr, NULL, NULL)) - continue; - } - else - if (strcasecmp(host, hostname) && strcmp(host, ipaddr) != 0) - continue; /* Different hostname. */ - - /* Verify that user name matches. */ - if (user[0] == '@') - { - if (!innetgr(user + 1, NULL, client_user, NULL)) - continue; - } - else - if (strcmp(user, client_user) != 0) - continue; /* Different username. */ - - /* Found the user and host. */ - fclose(f); - - /* If the entry was negated, deny access. */ - if (negated) - { - packet_send_debug("Matched negative entry in %.100s.", - filename); - return 0; - } - - /* Accept authentication. */ - return 1; - } - - /* Authentication using this file denied. */ - fclose(f); - return 0; + /* Open the .rhosts file, deny if unreadable */ + f = fopen(filename, "r"); + if (!f) + return 0; + + while (fgets(buf, sizeof(buf), f)) { + /* All three must be at least as big as buf to avoid overflows. */ + char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp; + int negated; + + for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) + ; + if (*cp == '#' || *cp == '\n' || !*cp) + continue; + + /* + * NO_PLUS is supported at least on OSF/1. We skip it (we + * don't ever support the plus syntax). + */ + if (strncmp(cp, "NO_PLUS", 7) == 0) + continue; + + /* + * This should be safe because each buffer is as big as the + * whole string, and thus cannot be overwritten. + */ + switch (sscanf(buf, "%s %s %s", hostbuf, userbuf, dummy)) { + case 0: + packet_send_debug("Found empty line in %.100s.", filename); + continue; + case 1: + /* Host name only. */ + strlcpy(userbuf, server_user, sizeof(userbuf)); + break; + case 2: + /* Got both host and user name. */ + break; + case 3: + packet_send_debug("Found garbage in %.100s.", filename); + continue; + default: + /* Weird... */ + continue; + } + + host = hostbuf; + user = userbuf; + negated = 0; + + /* Process negated host names, or positive netgroups. */ + if (host[0] == '-') { + negated = 1; + host++; + } else if (host[0] == '+') + host++; + + if (user[0] == '-') { + negated = 1; + user++; + } else if (user[0] == '+') + user++; + + /* Check for empty host/user names (particularly '+'). */ + if (!host[0] || !user[0]) { + /* We come here if either was '+' or '-'. */ + packet_send_debug("Ignoring wild host/user names in %.100s.", + filename); + continue; + } + /* Verify that host name matches. */ + if (host[0] == '@') { + if (!innetgr(host + 1, hostname, NULL, NULL) && + !innetgr(host + 1, ipaddr, NULL, NULL)) + continue; + } else if (strcasecmp(host, hostname) && strcmp(host, ipaddr) != 0) + continue; /* Different hostname. */ + + /* Verify that user name matches. */ + if (user[0] == '@') { + if (!innetgr(user + 1, NULL, client_user, NULL)) + continue; + } else if (strcmp(user, client_user) != 0) + continue; /* Different username. */ + + /* Found the user and host. */ + fclose(f); + + /* If the entry was negated, deny access. */ + if (negated) { + packet_send_debug("Matched negative entry in %.100s.", + filename); + return 0; + } + /* Accept authentication. */ + return 1; + } + + /* Authentication using this file denied. */ + fclose(f); + return 0; } -/* Tries to authenticate the user using the .shosts or .rhosts file. - Returns true if authentication succeeds. If ignore_rhosts is - true, only /etc/hosts.equiv will be considered (.rhosts and .shosts - are ignored). */ +/* + * Tries to authenticate the user using the .shosts or .rhosts file. Returns + * true if authentication succeeds. If ignore_rhosts is true, only + * /etc/hosts.equiv will be considered (.rhosts and .shosts are ignored). + */ -int auth_rhosts(struct passwd *pw, const char *client_user, - int ignore_rhosts, int strict_modes) +int +auth_rhosts(struct passwd *pw, const char *client_user) { - char buf[1024]; - const char *hostname, *ipaddr; - int port; - struct stat st; - static const char *rhosts_files[] = { ".shosts", ".rhosts", NULL }; - unsigned int rhosts_file_index; - - /* Quick check: if the user has no .shosts or .rhosts files, return failure - immediately without doing costly lookups from name servers. */ - /* Switch to the user's uid. */ - temporarily_use_uid(pw->pw_uid); - for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; - rhosts_file_index++) - { - /* Check users .rhosts or .shosts. */ - snprintf(buf, sizeof buf, "%.500s/%.100s", - pw->pw_dir, rhosts_files[rhosts_file_index]); - if (stat(buf, &st) >= 0) - break; - } - /* Switch back to privileged uid. */ - restore_uid(); - - if (!rhosts_files[rhosts_file_index] && stat("/etc/hosts.equiv", &st) < 0 && - stat(SSH_HOSTS_EQUIV, &st) < 0) - return 0; /* The user has no .shosts or .rhosts file and there are no - system-wide files. */ - - /* Get the name, address, and port of the remote host. */ - hostname = get_canonical_hostname(); - ipaddr = get_remote_ipaddr(); - port = get_remote_port(); - - /* Check that the connection comes from a privileged port. - Rhosts authentication only makes sense for priviledged programs. - Of course, if the intruder has root access on his local machine, - he can connect from any port. So do not use .rhosts - authentication from machines that you do not trust. */ - if (port >= IPPORT_RESERVED || - port < IPPORT_RESERVED / 2) - { - log("Connection from %.100s from nonpriviledged port %d", - hostname, port); - packet_send_debug("Your ssh client is not running as root."); - return 0; - } - - /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ - if (pw->pw_uid != 0) - { - if (check_rhosts_file("/etc/hosts.equiv", hostname, ipaddr, client_user, - pw->pw_name)) - { - packet_send_debug("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", - hostname, ipaddr); - return 1; - } - if (check_rhosts_file(SSH_HOSTS_EQUIV, hostname, ipaddr, client_user, - pw->pw_name)) - { - packet_send_debug("Accepted for %.100s [%.100s] by %.100s.", - hostname, ipaddr, SSH_HOSTS_EQUIV); - return 1; - } - } - - /* Check that the home directory is owned by root or the user, and is not - group or world writable. */ - if (stat(pw->pw_dir, &st) < 0) - { - log("Rhosts authentication refused for %.100: no home directory %.200s", - pw->pw_name, pw->pw_dir); - packet_send_debug("Rhosts authentication refused for %.100: no home directory %.200s", - pw->pw_name, pw->pw_dir); - return 0; - } - if (strict_modes && - ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) - { - log("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", - pw->pw_name); - packet_send_debug("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", - pw->pw_name); - return 0; - } - - /* Check all .rhosts files (currently .shosts and .rhosts). */ - /* Temporarily use the user's uid. */ - temporarily_use_uid(pw->pw_uid); - for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; - rhosts_file_index++) - { - /* Check users .rhosts or .shosts. */ - snprintf(buf, sizeof buf, "%.500s/%.100s", - pw->pw_dir, rhosts_files[rhosts_file_index]); - if (stat(buf, &st) < 0) - continue; /* No such file. */ - - /* Make sure that the file is either owned by the user or by root, - and make sure it is not writable by anyone but the owner. This is - to help avoid novices accidentally allowing access to their account - by anyone. */ - if (strict_modes && - ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) - { - log("Rhosts authentication refused for %.100s: bad modes for %.200s", - pw->pw_name, buf); - packet_send_debug("Bad file modes for %.200s", buf); - continue; - } - - /* Check if we have been configured to ignore .rhosts and .shosts - files. */ - if (ignore_rhosts) - { - packet_send_debug("Server has been configured to ignore %.100s.", - rhosts_files[rhosts_file_index]); - continue; - } - - /* Check if authentication is permitted by the file. */ - if (check_rhosts_file(buf, hostname, ipaddr, client_user, pw->pw_name)) - { - packet_send_debug("Accepted by %.100s.", - rhosts_files[rhosts_file_index]); - /* Restore the privileged uid. */ - restore_uid(); - return 1; - } - } - - /* Rhosts authentication denied. */ - /* Restore the privileged uid. */ - restore_uid(); - return 0; + extern ServerOptions options; + char buf[1024]; + const char *hostname, *ipaddr; + struct stat st; + static const char *rhosts_files[] = {".shosts", ".rhosts", NULL}; + unsigned int rhosts_file_index; + + /* Switch to the user's uid. */ + temporarily_use_uid(pw->pw_uid); + /* + * Quick check: if the user has no .shosts or .rhosts files, return + * failure immediately without doing costly lookups from name + * servers. + */ + for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; + rhosts_file_index++) { + /* Check users .rhosts or .shosts. */ + snprintf(buf, sizeof buf, "%.500s/%.100s", + pw->pw_dir, rhosts_files[rhosts_file_index]); + if (stat(buf, &st) >= 0) + break; + } + /* Switch back to privileged uid. */ + restore_uid(); + + /* Deny if The user has no .shosts or .rhosts file and there are no system-wide files. */ + if (!rhosts_files[rhosts_file_index] && + stat("/etc/hosts.equiv", &st) < 0 && + stat(SSH_HOSTS_EQUIV, &st) < 0) + return 0; + + hostname = get_canonical_hostname(); + ipaddr = get_remote_ipaddr(); + + /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ + if (pw->pw_uid != 0) { + if (check_rhosts_file("/etc/hosts.equiv", hostname, ipaddr, client_user, + pw->pw_name)) { + packet_send_debug("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", + hostname, ipaddr); + return 1; + } + if (check_rhosts_file(SSH_HOSTS_EQUIV, hostname, ipaddr, client_user, + pw->pw_name)) { + packet_send_debug("Accepted for %.100s [%.100s] by %.100s.", + hostname, ipaddr, SSH_HOSTS_EQUIV); + return 1; + } + } + /* + * Check that the home directory is owned by root or the user, and is + * not group or world writable. + */ + if (stat(pw->pw_dir, &st) < 0) { + log("Rhosts authentication refused for %.100s: no home directory %.200s", + pw->pw_name, pw->pw_dir); + packet_send_debug("Rhosts authentication refused for %.100: no home directory %.200s", + pw->pw_name, pw->pw_dir); + return 0; + } + if (options.strict_modes && + ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || + (st.st_mode & 022) != 0)) { + log("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", + pw->pw_name); + packet_send_debug("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", + pw->pw_name); + return 0; + } + /* Temporarily use the user's uid. */ + temporarily_use_uid(pw->pw_uid); + + /* Check all .rhosts files (currently .shosts and .rhosts). */ + for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; + rhosts_file_index++) { + /* Check users .rhosts or .shosts. */ + snprintf(buf, sizeof buf, "%.500s/%.100s", + pw->pw_dir, rhosts_files[rhosts_file_index]); + if (stat(buf, &st) < 0) + continue; + + /* + * Make sure that the file is either owned by the user or by + * root, and make sure it is not writable by anyone but the + * owner. This is to help avoid novices accidentally + * allowing access to their account by anyone. + */ + if (options.strict_modes && + ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || + (st.st_mode & 022) != 0)) { + log("Rhosts authentication refused for %.100s: bad modes for %.200s", + pw->pw_name, buf); + packet_send_debug("Bad file modes for %.200s", buf); + continue; + } + /* Check if we have been configured to ignore .rhosts and .shosts files. */ + if (options.ignore_rhosts) { + packet_send_debug("Server has been configured to ignore %.100s.", + rhosts_files[rhosts_file_index]); + continue; + } + /* Check if authentication is permitted by the file. */ + if (check_rhosts_file(buf, hostname, ipaddr, client_user, pw->pw_name)) { + packet_send_debug("Accepted by %.100s.", + rhosts_files[rhosts_file_index]); + /* Restore the privileged uid. */ + restore_uid(); + return 1; + } + } + + /* Restore the privileged uid. */ + restore_uid(); + return 0; } Index: usr.bin/ssh/auth-rsa.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth-rsa.c,v retrieving revision 1.5 retrieving revision 1.16 diff -u -r1.5 -r1.16 --- usr.bin/ssh/auth-rsa.c 1999/10/18 01:54:18 1.5 +++ usr.bin/ssh/auth-rsa.c 1999/12/02 23:05:08 1.16 @@ -1,22 +1,22 @@ /* + * + * auth-rsa.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 27 01:46:52 1995 ylo + * + * RSA-based authentication. This code determines whether to admit a login + * based on RSA authentication. This file also contains functions to check + * validity of the host key. + * + */ -auth-rsa.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Mar 27 01:46:52 1995 ylo - -RSA-based authentication. This code determines whether to admit a login -based on RSA authentication. This file also contains functions to check -validity of the host key. - -*/ - #include "includes.h" -RCSID("$Id: auth-rsa.c,v 1.5 1999/10/18 01:54:18 provos Exp $"); +RCSID("$Id: auth-rsa.c,v 1.16 1999/12/02 23:05:08 markus Exp $"); #include "rsa.h" #include "packet.h" @@ -24,9 +24,10 @@ #include "ssh.h" #include "mpaux.h" #include "uidswap.h" +#include "servconf.h" #include -#include +#include /* Flags that may be set in authorized_keys options. */ extern int no_port_forwarding_flag; @@ -36,443 +37,429 @@ extern char *forced_command; extern struct envstring *custom_environment; -/* Session identifier that is used to bind key exchange and authentication - responses to a particular session. */ +/* + * Session identifier that is used to bind key exchange and authentication + * responses to a particular session. + */ extern unsigned char session_id[16]; -/* The .ssh/authorized_keys file contains public keys, one per line, in the - following format: - options bits e n comment - where bits, e and n are decimal numbers, - and comment is any string of characters up to newline. The maximum - length of a line is 8000 characters. See the documentation for a - description of the options. -*/ - -/* Performs the RSA authentication challenge-response dialog with the client, - and returns true (non-zero) if the client gave the correct answer to - our challenge; returns zero if the client gives a wrong answer. */ +/* + * The .ssh/authorized_keys file contains public keys, one per line, in the + * following format: + * options bits e n comment + * where bits, e and n are decimal numbers, + * and comment is any string of characters up to newline. The maximum + * length of a line is 8000 characters. See the documentation for a + * description of the options. + */ + +/* + * Performs the RSA authentication challenge-response dialog with the client, + * and returns true (non-zero) if the client gave the correct answer to + * our challenge; returns zero if the client gives a wrong answer. + */ int -auth_rsa_challenge_dialog(unsigned int bits, BIGNUM *e, BIGNUM *n) +auth_rsa_challenge_dialog(BIGNUM *e, BIGNUM *n) { - BIGNUM *challenge, *encrypted_challenge, *aux; - RSA *pk; - BN_CTX *ctx = BN_CTX_new(); - unsigned char buf[32], mdbuf[16], response[16]; - MD5_CTX md; - unsigned int i; - int plen, len; - - encrypted_challenge = BN_new(); - challenge = BN_new(); - aux = BN_new(); - - /* Generate a random challenge. */ - BN_rand(challenge, 256, 0, 0); - BN_mod(challenge, challenge, n, ctx); - - /* Create the public key data structure. */ - pk = RSA_new(); - pk->e = BN_new(); - BN_copy(pk->e, e); - pk->n = BN_new(); - BN_copy(pk->n, n); - - /* Encrypt the challenge with the public key. */ - rsa_public_encrypt(encrypted_challenge, challenge, pk); - RSA_free(pk); - - /* Send the encrypted challenge to the client. */ - packet_start(SSH_SMSG_AUTH_RSA_CHALLENGE); - packet_put_bignum(encrypted_challenge); - packet_send(); - packet_write_wait(); - - /* The response is MD5 of decrypted challenge plus session id. */ - len = BN_num_bytes(challenge); - assert(len <= 32 && len); - memset(buf, 0, 32); - BN_bn2bin(challenge, buf + 32 - len); - MD5Init(&md); - MD5Update(&md, buf, 32); - MD5Update(&md, session_id, 16); - MD5Final(mdbuf, &md); - - /* We will no longer need these. */ - BN_clear_free(encrypted_challenge); - BN_clear_free(challenge); - BN_clear_free(aux); - BN_CTX_free(ctx); - - /* Wait for a response. */ - packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE); - packet_integrity_check(plen, 16, SSH_CMSG_AUTH_RSA_RESPONSE); - for (i = 0; i < 16; i++) - response[i] = packet_get_char(); - - /* Verify that the response is the original challenge. */ - if (memcmp(response, mdbuf, 16) != 0) - { - /* Wrong answer. */ - return 0; - } - - /* Correct answer. */ - return 1; + BIGNUM *challenge, *encrypted_challenge, *aux; + RSA *pk; + BN_CTX *ctx = BN_CTX_new(); + unsigned char buf[32], mdbuf[16], response[16]; + MD5_CTX md; + unsigned int i; + int plen, len; + + encrypted_challenge = BN_new(); + challenge = BN_new(); + aux = BN_new(); + + /* Generate a random challenge. */ + BN_rand(challenge, 256, 0, 0); + BN_mod(challenge, challenge, n, ctx); + + /* Create the public key data structure. */ + pk = RSA_new(); + pk->e = BN_new(); + BN_copy(pk->e, e); + pk->n = BN_new(); + BN_copy(pk->n, n); + + /* Encrypt the challenge with the public key. */ + rsa_public_encrypt(encrypted_challenge, challenge, pk); + RSA_free(pk); + + /* Send the encrypted challenge to the client. */ + packet_start(SSH_SMSG_AUTH_RSA_CHALLENGE); + packet_put_bignum(encrypted_challenge); + packet_send(); + packet_write_wait(); + + /* The response is MD5 of decrypted challenge plus session id. */ + len = BN_num_bytes(challenge); + if (len <= 0 || len > 32) + fatal("auth_rsa_challenge_dialog: bad challenge length %d", len); + memset(buf, 0, 32); + BN_bn2bin(challenge, buf + 32 - len); + MD5_Init(&md); + MD5_Update(&md, buf, 32); + MD5_Update(&md, session_id, 16); + MD5_Final(mdbuf, &md); + + /* We will no longer need these. */ + BN_clear_free(encrypted_challenge); + BN_clear_free(challenge); + BN_clear_free(aux); + BN_CTX_free(ctx); + + /* Wait for a response. */ + packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE); + packet_integrity_check(plen, 16, SSH_CMSG_AUTH_RSA_RESPONSE); + for (i = 0; i < 16; i++) + response[i] = packet_get_char(); + + /* Verify that the response is the original challenge. */ + if (memcmp(response, mdbuf, 16) != 0) { + /* Wrong answer. */ + return 0; + } + /* Correct answer. */ + return 1; } -/* Performs the RSA authentication dialog with the client. This returns - 0 if the client could not be authenticated, and 1 if authentication was - successful. This may exit if there is a serious protocol violation. */ +/* + * Performs the RSA authentication dialog with the client. This returns + * 0 if the client could not be authenticated, and 1 if authentication was + * successful. This may exit if there is a serious protocol violation. + */ int -auth_rsa(struct passwd *pw, BIGNUM *client_n, int strict_modes) +auth_rsa(struct passwd *pw, BIGNUM *client_n) { - char line[8192]; - int authenticated; - unsigned int bits; - FILE *f; - unsigned long linenum = 0; - struct stat st; - BIGNUM *e, *n; - - /* Temporarily use the user's uid. */ - temporarily_use_uid(pw->pw_uid); - - /* The authorized keys. */ - snprintf(line, sizeof line, "%.500s/%.100s", pw->pw_dir, - SSH_USER_PERMITTED_KEYS); - - /* Fail quietly if file does not exist */ - if (stat(line, &st) < 0) - { - /* Restore the privileged uid. */ - restore_uid(); - return 0; - } - - /* Open the file containing the authorized keys. */ - f = fopen(line, "r"); - if (!f) - { - /* Restore the privileged uid. */ - restore_uid(); - packet_send_debug("Could not open %.900s for reading.", line); - packet_send_debug("If your home is on an NFS volume, it may need to be world-readable."); - return 0; - } - - if (strict_modes) { - int fail=0; - char buf[1024]; - /* Check open file in order to avoid open/stat races */ - if (fstat(fileno(f), &st) < 0 || - (st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0) { - snprintf(buf, sizeof buf, "RSA authentication refused for %.100s: " - "bad ownership or modes for '%s'.", pw->pw_name, line); - fail=1; - }else{ - /* Check path to SSH_USER_PERMITTED_KEYS */ - int i; - static const char *check[] = { - "", SSH_USER_DIR, NULL - }; - for (i=0; check[i]; i++) { - snprintf(line, sizeof line, "%.500s/%.100s", pw->pw_dir, check[i]); - if (stat(line, &st) < 0 || - (st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0) { - snprintf(buf, sizeof buf, "RSA authentication refused for %.100s: " - "bad ownership or modes for '%s'.", pw->pw_name, line); - fail=1; - break; - } - } - } - if (fail) { - log(buf); - packet_send_debug(buf); - restore_uid(); - return 0; - } - } - - /* Flag indicating whether authentication has succeeded. */ - authenticated = 0; - - /* Initialize mp-int variables. */ - e = BN_new(); - n = BN_new(); - - /* Go though the accepted keys, looking for the current key. If found, - perform a challenge-response dialog to verify that the user really has - the corresponding private key. */ - while (fgets(line, sizeof(line), f)) - { - char *cp; - char *options; - - linenum++; - - /* Skip leading whitespace. */ - for (cp = line; *cp == ' ' || *cp == '\t'; cp++) - ; - - /* Skip empty and comment lines. */ - if (!*cp || *cp == '\n' || *cp == '#') - continue; - - /* Check if there are options for this key, and if so, save their - starting address and skip the option part for now. If there are no - options, set the starting address to NULL. */ - if (*cp < '0' || *cp > '9') - { - int quoted = 0; - options = cp; - for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) - { - if (*cp == '\\' && cp[1] == '"') - cp++; /* Skip both */ - else - if (*cp == '"') - quoted = !quoted; - } - } - else - options = NULL; - - /* Parse the key from the line. */ - if (!auth_rsa_read_key(&cp, &bits, e, n)) - { - debug("%.100s, line %lu: bad key syntax", - SSH_USER_PERMITTED_KEYS, linenum); - packet_send_debug("%.100s, line %lu: bad key syntax", - SSH_USER_PERMITTED_KEYS, linenum); - continue; + extern ServerOptions options; + char line[8192], file[1024]; + int authenticated; + unsigned int bits; + FILE *f; + unsigned long linenum = 0; + struct stat st; + BIGNUM *e, *n; + + /* Temporarily use the user's uid. */ + temporarily_use_uid(pw->pw_uid); + + /* The authorized keys. */ + snprintf(file, sizeof file, "%.500s/%.100s", pw->pw_dir, + SSH_USER_PERMITTED_KEYS); + + /* Fail quietly if file does not exist */ + if (stat(file, &st) < 0) { + /* Restore the privileged uid. */ + restore_uid(); + return 0; } - /* cp now points to the comment part. */ - - /* Check if the we have found the desired key (identified by its - modulus). */ - if (BN_cmp(n, client_n) != 0) - continue; /* Wrong key. */ - - /* We have found the desired key. */ - - /* Perform the challenge-response dialog for this key. */ - if (!auth_rsa_challenge_dialog(bits, e, n)) - { - /* Wrong response. */ - log("Wrong response to RSA authentication challenge."); - packet_send_debug("Wrong response to RSA authentication challenge."); - continue; + /* Open the file containing the authorized keys. */ + f = fopen(file, "r"); + if (!f) { + /* Restore the privileged uid. */ + restore_uid(); + packet_send_debug("Could not open %.900s for reading.", file); + packet_send_debug("If your home is on an NFS volume, it may need to be world-readable."); + return 0; } - - /* Correct response. The client has been successfully authenticated. - Note that we have not yet processed the options; this will be reset - if the options cause the authentication to be rejected. */ - authenticated = 1; - - /* RSA part of authentication was accepted. Now process the options. */ - if (options) - { - while (*options && *options != ' ' && *options != '\t') - { - cp = "no-port-forwarding"; - if (strncmp(options, cp, strlen(cp)) == 0) - { - packet_send_debug("Port forwarding disabled."); - no_port_forwarding_flag = 1; - options += strlen(cp); - goto next_option; - } - cp = "no-agent-forwarding"; - if (strncmp(options, cp, strlen(cp)) == 0) - { - packet_send_debug("Agent forwarding disabled."); - no_agent_forwarding_flag = 1; - options += strlen(cp); - goto next_option; - } - cp = "no-X11-forwarding"; - if (strncmp(options, cp, strlen(cp)) == 0) - { - packet_send_debug("X11 forwarding disabled."); - no_x11_forwarding_flag = 1; - options += strlen(cp); - goto next_option; + if (options.strict_modes) { + int fail = 0; + char buf[1024]; + /* Check open file in order to avoid open/stat races */ + if (fstat(fileno(f), &st) < 0 || + (st.st_uid != 0 && st.st_uid != pw->pw_uid) || + (st.st_mode & 022) != 0) { + snprintf(buf, sizeof buf, "RSA authentication refused for %.100s: " + "bad ownership or modes for '%s'.", pw->pw_name, file); + fail = 1; + } else { + /* Check path to SSH_USER_PERMITTED_KEYS */ + int i; + static const char *check[] = { + "", SSH_USER_DIR, NULL + }; + for (i = 0; check[i]; i++) { + snprintf(line, sizeof line, "%.500s/%.100s", pw->pw_dir, check[i]); + if (stat(line, &st) < 0 || + (st.st_uid != 0 && st.st_uid != pw->pw_uid) || + (st.st_mode & 022) != 0) { + snprintf(buf, sizeof buf, "RSA authentication refused for %.100s: " + "bad ownership or modes for '%s'.", pw->pw_name, line); + fail = 1; + break; + } + } } - cp = "no-pty"; - if (strncmp(options, cp, strlen(cp)) == 0) - { - packet_send_debug("Pty allocation disabled."); - no_pty_flag = 1; - options += strlen(cp); - goto next_option; + if (fail) { + log(buf); + packet_send_debug(buf); + restore_uid(); + return 0; } - cp = "command=\""; - if (strncmp(options, cp, strlen(cp)) == 0) - { - int i; - options += strlen(cp); - forced_command = xmalloc(strlen(options) + 1); - i = 0; - while (*options) - { - if (*options == '"') - break; - if (*options == '\\' && options[1] == '"') - { - options += 2; - forced_command[i++] = '"'; - continue; + } + /* Flag indicating whether authentication has succeeded. */ + authenticated = 0; + + e = BN_new(); + n = BN_new(); + + /* + * Go though the accepted keys, looking for the current key. If + * found, perform a challenge-response dialog to verify that the + * user really has the corresponding private key. + */ + while (fgets(line, sizeof(line), f)) { + char *cp; + char *options; + + linenum++; + + /* Skip leading whitespace, empty and comment lines. */ + for (cp = line; *cp == ' ' || *cp == '\t'; cp++) + ; + if (!*cp || *cp == '\n' || *cp == '#') + continue; + + /* + * Check if there are options for this key, and if so, + * save their starting address and skip the option part + * for now. If there are no options, set the starting + * address to NULL. + */ + if (*cp < '0' || *cp > '9') { + int quoted = 0; + options = cp; + for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { + if (*cp == '\\' && cp[1] == '"') + cp++; /* Skip both */ + else if (*cp == '"') + quoted = !quoted; } - forced_command[i++] = *options++; - } - if (!*options) - { - debug("%.100s, line %lu: missing end quote", - SSH_USER_PERMITTED_KEYS, linenum); - packet_send_debug("%.100s, line %lu: missing end quote", - SSH_USER_PERMITTED_KEYS, linenum); - continue; - } - forced_command[i] = 0; - packet_send_debug("Forced command: %.900s", forced_command); - options++; - goto next_option; + } else + options = NULL; + + /* Parse the key from the line. */ + if (!auth_rsa_read_key(&cp, &bits, e, n)) { + debug("%.100s, line %lu: bad key syntax", + SSH_USER_PERMITTED_KEYS, linenum); + packet_send_debug("%.100s, line %lu: bad key syntax", + SSH_USER_PERMITTED_KEYS, linenum); + continue; } - cp = "environment=\""; - if (strncmp(options, cp, strlen(cp)) == 0) - { - int i; - char *s; - struct envstring *new_envstring; - options += strlen(cp); - s = xmalloc(strlen(options) + 1); - i = 0; - while (*options) - { - if (*options == '"') - break; - if (*options == '\\' && options[1] == '"') - { - options += 2; - s[i++] = '"'; - continue; - } - s[i++] = *options++; - } - if (!*options) - { - debug("%.100s, line %lu: missing end quote", - SSH_USER_PERMITTED_KEYS, linenum); - packet_send_debug("%.100s, line %lu: missing end quote", - SSH_USER_PERMITTED_KEYS, linenum); - continue; - } - s[i] = 0; - packet_send_debug("Adding to environment: %.900s", s); - debug("Adding to environment: %.900s", s); - options++; - new_envstring = xmalloc(sizeof(struct envstring)); - new_envstring->s = s; - new_envstring->next = custom_environment; - custom_environment = new_envstring; - goto next_option; + /* cp now points to the comment part. */ + + /* Check if the we have found the desired key (identified by its modulus). */ + if (BN_cmp(n, client_n) != 0) + continue; + + /* check the real bits */ + if (bits != BN_num_bits(n)) + log("Warning: %s, line %ld: keysize mismatch: " + "actual %d vs. announced %d.", + file, linenum, BN_num_bits(n), bits); + + /* We have found the desired key. */ + + /* Perform the challenge-response dialog for this key. */ + if (!auth_rsa_challenge_dialog(e, n)) { + /* Wrong response. */ + verbose("Wrong response to RSA authentication challenge."); + packet_send_debug("Wrong response to RSA authentication challenge."); + continue; } - cp = "from=\""; - if (strncmp(options, cp, strlen(cp)) == 0) - { - char *patterns = xmalloc(strlen(options) + 1); - int i; - options += strlen(cp); - i = 0; - while (*options) - { - if (*options == '"') - break; - if (*options == '\\' && options[1] == '"') - { - options += 2; - patterns[i++] = '"'; - continue; + /* + * Correct response. The client has been successfully + * authenticated. Note that we have not yet processed the + * options; this will be reset if the options cause the + * authentication to be rejected. + */ + authenticated = 1; + + /* RSA part of authentication was accepted. Now process the options. */ + if (options) { + while (*options && *options != ' ' && *options != '\t') { + cp = "no-port-forwarding"; + if (strncmp(options, cp, strlen(cp)) == 0) { + packet_send_debug("Port forwarding disabled."); + no_port_forwarding_flag = 1; + options += strlen(cp); + goto next_option; + } + cp = "no-agent-forwarding"; + if (strncmp(options, cp, strlen(cp)) == 0) { + packet_send_debug("Agent forwarding disabled."); + no_agent_forwarding_flag = 1; + options += strlen(cp); + goto next_option; + } + cp = "no-X11-forwarding"; + if (strncmp(options, cp, strlen(cp)) == 0) { + packet_send_debug("X11 forwarding disabled."); + no_x11_forwarding_flag = 1; + options += strlen(cp); + goto next_option; + } + cp = "no-pty"; + if (strncmp(options, cp, strlen(cp)) == 0) { + packet_send_debug("Pty allocation disabled."); + no_pty_flag = 1; + options += strlen(cp); + goto next_option; + } + cp = "command=\""; + if (strncmp(options, cp, strlen(cp)) == 0) { + int i; + options += strlen(cp); + forced_command = xmalloc(strlen(options) + 1); + i = 0; + while (*options) { + if (*options == '"') + break; + if (*options == '\\' && options[1] == '"') { + options += 2; + forced_command[i++] = '"'; + continue; + } + forced_command[i++] = *options++; + } + if (!*options) { + debug("%.100s, line %lu: missing end quote", + SSH_USER_PERMITTED_KEYS, linenum); + packet_send_debug("%.100s, line %lu: missing end quote", + SSH_USER_PERMITTED_KEYS, linenum); + continue; + } + forced_command[i] = 0; + packet_send_debug("Forced command: %.900s", forced_command); + options++; + goto next_option; + } + cp = "environment=\""; + if (strncmp(options, cp, strlen(cp)) == 0) { + int i; + char *s; + struct envstring *new_envstring; + options += strlen(cp); + s = xmalloc(strlen(options) + 1); + i = 0; + while (*options) { + if (*options == '"') + break; + if (*options == '\\' && options[1] == '"') { + options += 2; + s[i++] = '"'; + continue; + } + s[i++] = *options++; + } + if (!*options) { + debug("%.100s, line %lu: missing end quote", + SSH_USER_PERMITTED_KEYS, linenum); + packet_send_debug("%.100s, line %lu: missing end quote", + SSH_USER_PERMITTED_KEYS, linenum); + continue; + } + s[i] = 0; + packet_send_debug("Adding to environment: %.900s", s); + debug("Adding to environment: %.900s", s); + options++; + new_envstring = xmalloc(sizeof(struct envstring)); + new_envstring->s = s; + new_envstring->next = custom_environment; + custom_environment = new_envstring; + goto next_option; + } + cp = "from=\""; + if (strncmp(options, cp, strlen(cp)) == 0) { + char *patterns = xmalloc(strlen(options) + 1); + int i; + options += strlen(cp); + i = 0; + while (*options) { + if (*options == '"') + break; + if (*options == '\\' && options[1] == '"') { + options += 2; + patterns[i++] = '"'; + continue; + } + patterns[i++] = *options++; + } + if (!*options) { + debug("%.100s, line %lu: missing end quote", + SSH_USER_PERMITTED_KEYS, linenum); + packet_send_debug("%.100s, line %lu: missing end quote", + SSH_USER_PERMITTED_KEYS, linenum); + continue; + } + patterns[i] = 0; + options++; + if (!match_hostname(get_canonical_hostname(), patterns, + strlen(patterns)) && + !match_hostname(get_remote_ipaddr(), patterns, + strlen(patterns))) { + log("RSA authentication tried for %.100s with correct key but not from a permitted host (host=%.200s, ip=%.200s).", + pw->pw_name, get_canonical_hostname(), + get_remote_ipaddr()); + packet_send_debug("Your host '%.200s' is not permitted to use this key for login.", + get_canonical_hostname()); + xfree(patterns); + authenticated = 0; + break; + } + xfree(patterns); + /* Host name matches. */ + goto next_option; + } + bad_option: + log("Bad options in %.100s file, line %lu: %.50s", + SSH_USER_PERMITTED_KEYS, linenum, options); + packet_send_debug("Bad options in %.100s file, line %lu: %.50s", + SSH_USER_PERMITTED_KEYS, linenum, options); + authenticated = 0; + break; + + next_option: + /* + * Skip the comma, and move to the next option + * (or break out if there are no more). + */ + if (!*options) + fatal("Bugs in auth-rsa.c option processing."); + if (*options == ' ' || *options == '\t') + break; /* End of options. */ + if (*options != ',') + goto bad_option; + options++; + /* Process the next option. */ + continue; } - patterns[i++] = *options++; - } - if (!*options) - { - debug("%.100s, line %lu: missing end quote", - SSH_USER_PERMITTED_KEYS, linenum); - packet_send_debug("%.100s, line %lu: missing end quote", - SSH_USER_PERMITTED_KEYS, linenum); - continue; - } - patterns[i] = 0; - options++; - if (!match_hostname(get_canonical_hostname(), patterns, - strlen(patterns)) && - !match_hostname(get_remote_ipaddr(), patterns, - strlen(patterns))) - { - log("RSA authentication tried for %.100s with correct key but not from a permitted host (host=%.200s, ip=%.200s).", - pw->pw_name, get_canonical_hostname(), - get_remote_ipaddr()); - packet_send_debug("Your host '%.200s' is not permitted to use this key for login.", - get_canonical_hostname()); - xfree(patterns); - authenticated = 0; - break; - } - xfree(patterns); - /* Host name matches. */ - goto next_option; } - bad_option: - /* Unknown option. */ - log("Bad options in %.100s file, line %lu: %.50s", - SSH_USER_PERMITTED_KEYS, linenum, options); - packet_send_debug("Bad options in %.100s file, line %lu: %.50s", - SSH_USER_PERMITTED_KEYS, linenum, options); - authenticated = 0; - break; - - next_option: - /* Skip the comma, and move to the next option (or break out - if there are no more). */ - if (!*options) - fatal("Bugs in auth-rsa.c option processing."); - if (*options == ' ' || *options == '\t') - break; /* End of options. */ - if (*options != ',') - goto bad_option; - options++; - /* Process the next option. */ - continue; - } + /* + * Break out of the loop if authentication was successful; + * otherwise continue searching. + */ + if (authenticated) + break; } + + /* Restore the privileged uid. */ + restore_uid(); + + /* Close the file. */ + fclose(f); - /* Break out of the loop if authentication was successful; otherwise - continue searching. */ - if (authenticated) - break; - } - - /* Restore the privileged uid. */ - restore_uid(); - - /* Close the file. */ - fclose(f); - - /* Clear any mp-int variables. */ - BN_clear_free(n); - BN_clear_free(e); + BN_clear_free(n); + BN_clear_free(e); - if (authenticated) - packet_send_debug("RSA authentication accepted."); + if (authenticated) + packet_send_debug("RSA authentication accepted."); - /* Return authentication result. */ - return authenticated; + /* Return authentication result. */ + return authenticated; } Index: usr.bin/ssh/auth-skey.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/auth-skey.c,v retrieving revision 1.2 retrieving revision 1.5 diff -u -r1.2 -r1.5 --- usr.bin/ssh/auth-skey.c 1999/10/16 20:57:52 1.2 +++ usr.bin/ssh/auth-skey.c 1999/12/06 19:04:57 1.5 @@ -1,12 +1,40 @@ #include "includes.h" -RCSID("$Id: auth-skey.c,v 1.2 1999/10/16 20:57:52 deraadt Exp $"); +RCSID("$Id: auth-skey.c,v 1.5 1999/12/06 19:04:57 deraadt Exp $"); #include "ssh.h" +#include "packet.h" #include -/* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */ +/* + * try skey authentication, + * return 1 on success, 0 on failure, -1 if skey is not available + */ +int +auth_skey_password(struct passwd * pw, const char *password) +{ + if (strncasecmp(password, "s/key", 5) == 0) { + char *skeyinfo = skey_keyinfo(pw->pw_name); + if (skeyinfo == NULL) { + debug("generating fake skeyinfo for %.100s.", + pw->pw_name); + skeyinfo = skey_fake_keyinfo(pw->pw_name); + } + if (skeyinfo != NULL) + packet_send_debug(skeyinfo); + /* Try again. */ + return 0; + } else if (skey_haskey(pw->pw_name) == 0 && + skey_passcheck(pw->pw_name, (char *) password) != -1) { + /* Authentication succeeded. */ + return 1; + } + /* Fall back to ordinary passwd authentication. */ + return -1; +} +/* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */ + #define ROUND(x) (((x)[0] << 24) + (((x)[1]) << 16) + (((x)[2]) << 8) + \ ((x)[3])) @@ -30,6 +58,7 @@ return i; } + char * skey_fake_keyinfo(char *username) { @@ -75,6 +104,7 @@ SEEK_SET) != -1 && read(fd, hseed, SKEY_MAX_SEED_LEN) == SKEY_MAX_SEED_LEN) { close(fd); + fd = -1; secret = hseed; secretlen = SKEY_MAX_SEED_LEN; flg = 0; @@ -84,6 +114,8 @@ secretlen = strlen(secret); flg = 0; } + if (fd != -1) + close(fd); } /* Put that in your pipe and smoke it */ Index: usr.bin/ssh/authfd.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/authfd.c,v retrieving revision 1.8 retrieving revision 1.15 diff -u -r1.8 -r1.15 --- usr.bin/ssh/authfd.c 1999/10/14 18:17:41 1.8 +++ usr.bin/ssh/authfd.c 1999/12/06 20:15:26 1.15 @@ -1,20 +1,20 @@ /* + * + * authfd.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Wed Mar 29 01:30:28 1995 ylo + * + * Functions for connecting the local authentication agent. + * + */ -authfd.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Mar 29 01:30:28 1995 ylo - -Functions for connecting the local authentication agent. - -*/ - #include "includes.h" -RCSID("$Id: authfd.c,v 1.8 1999/10/14 18:17:41 markus Exp $"); +RCSID("$Id: authfd.c,v 1.15 1999/12/06 20:15:26 deraadt Exp $"); #include "ssh.h" #include "rsa.h" @@ -31,535 +31,548 @@ int ssh_get_authentication_socket() { - const char *authsocket; - int sock; - struct sockaddr_un sunaddr; - - authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); - if (!authsocket) - return -1; - - sunaddr.sun_family = AF_UNIX; - strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); - - sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock < 0) - return -1; - - if (connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) - { - close(sock); - return -1; - } - - return sock; + const char *authsocket; + int sock; + struct sockaddr_un sunaddr; + + authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); + if (!authsocket) + return -1; + + sunaddr.sun_family = AF_UNIX; + strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); + + sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (sock < 0) + return -1; + + /* close on exec */ + if (fcntl(sock, F_SETFD, 1) == -1) { + close(sock); + return -1; + } + if (connect(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) { + close(sock); + return -1; + } + return sock; } -/* Closes the agent socket if it should be closed (depends on how it was - obtained). The argument must have been returned by - ssh_get_authentication_socket(). */ +/* + * Closes the agent socket if it should be closed (depends on how it was + * obtained). The argument must have been returned by + * ssh_get_authentication_socket(). + */ -void ssh_close_authentication_socket(int sock) +void +ssh_close_authentication_socket(int sock) { - if (getenv(SSH_AUTHSOCKET_ENV_NAME)) - close(sock); + if (getenv(SSH_AUTHSOCKET_ENV_NAME)) + close(sock); } -/* Opens and connects a private socket for communication with the - authentication agent. Returns the file descriptor (which must be - shut down and closed by the caller when no longer needed). - Returns NULL if an error occurred and the connection could not be - opened. */ +/* + * Opens and connects a private socket for communication with the + * authentication agent. Returns the file descriptor (which must be + * shut down and closed by the caller when no longer needed). + * Returns NULL if an error occurred and the connection could not be + * opened. + */ -AuthenticationConnection *ssh_get_authentication_connection() +AuthenticationConnection * +ssh_get_authentication_connection() { - AuthenticationConnection *auth; - int sock; - - sock = ssh_get_authentication_socket(); - - /* Fail if we couldn't obtain a connection. This happens if we exited - due to a timeout. */ - if (sock < 0) - return NULL; - - /* Applocate the connection structure and initialize it. */ - auth = xmalloc(sizeof(*auth)); - auth->fd = sock; - buffer_init(&auth->packet); - buffer_init(&auth->identities); - auth->howmany = 0; + AuthenticationConnection *auth; + int sock; - return auth; + sock = ssh_get_authentication_socket(); + + /* + * Fail if we couldn't obtain a connection. This happens if we + * exited due to a timeout. + */ + if (sock < 0) + return NULL; + + auth = xmalloc(sizeof(*auth)); + auth->fd = sock; + buffer_init(&auth->packet); + buffer_init(&auth->identities); + auth->howmany = 0; + + return auth; } -/* Closes the connection to the authentication agent and frees any associated - memory. */ +/* + * Closes the connection to the authentication agent and frees any associated + * memory. + */ -void ssh_close_authentication_connection(AuthenticationConnection *ac) +void +ssh_close_authentication_connection(AuthenticationConnection *ac) { - buffer_free(&ac->packet); - buffer_free(&ac->identities); - close(ac->fd); - /* Free the connection data structure. */ - xfree(ac); + buffer_free(&ac->packet); + buffer_free(&ac->identities); + close(ac->fd); + xfree(ac); } -/* Returns the first authentication identity held by the agent. - Returns true if an identity is available, 0 otherwise. - The caller must initialize the integers before the call, and free the - comment after a successful call (before calling ssh_get_next_identity). */ +/* + * Returns the first authentication identity held by the agent. + * Returns true if an identity is available, 0 otherwise. + * The caller must initialize the integers before the call, and free the + * comment after a successful call (before calling ssh_get_next_identity). + */ int ssh_get_first_identity(AuthenticationConnection *auth, - int *bitsp, BIGNUM *e, BIGNUM *n, char **comment) + BIGNUM *e, BIGNUM *n, char **comment) { - unsigned char msg[8192]; - int len, l; + unsigned char msg[8192]; + int len, l; + + /* + * Send a message to the agent requesting for a list of the + * identities it can represent. + */ + msg[0] = 0; + msg[1] = 0; + msg[2] = 0; + msg[3] = 1; + msg[4] = SSH_AGENTC_REQUEST_RSA_IDENTITIES; + if (atomicio(write, auth->fd, msg, 5) != 5) { + error("write auth->fd: %.100s", strerror(errno)); + return 0; + } + /* Read the length of the response. XXX implement timeouts here. */ + len = 4; + while (len > 0) { + l = read(auth->fd, msg + 4 - len, len); + if (l <= 0) { + error("read auth->fd: %.100s", strerror(errno)); + return 0; + } + len -= l; + } + + /* + * Extract the length, and check it for sanity. (We cannot trust + * authentication agents). + */ + len = GET_32BIT(msg); + if (len < 1 || len > 256 * 1024) + fatal("Authentication reply message too long: %d\n", len); + + /* Read the packet itself. */ + buffer_clear(&auth->identities); + while (len > 0) { + l = len; + if (l > sizeof(msg)) + l = sizeof(msg); + l = read(auth->fd, msg, l); + if (l <= 0) + fatal("Incomplete authentication reply."); + buffer_append(&auth->identities, (char *) msg, l); + len -= l; + } - /* Send a message to the agent requesting for a list of the identities - it can represent. */ - msg[0] = 0; - msg[1] = 0; - msg[2] = 0; - msg[3] = 1; - msg[4] = SSH_AGENTC_REQUEST_RSA_IDENTITIES; - if (write(auth->fd, msg, 5) != 5) - { - error("write auth->fd: %.100s", strerror(errno)); - return 0; - } - - /* Read the length of the response. XXX implement timeouts here. */ - len = 4; - while (len > 0) - { - l = read(auth->fd, msg + 4 - len, len); - if (l <= 0) - { - error("read auth->fd: %.100s", strerror(errno)); - return 0; - } - len -= l; - } - - /* Extract the length, and check it for sanity. (We cannot trust - authentication agents). */ - len = GET_32BIT(msg); - if (len < 1 || len > 256*1024) - fatal("Authentication reply message too long: %d\n", len); - - /* Read the packet itself. */ - buffer_clear(&auth->identities); - while (len > 0) - { - l = len; - if (l > sizeof(msg)) - l = sizeof(msg); - l = read(auth->fd, msg, l); - if (l <= 0) - fatal("Incomplete authentication reply."); - buffer_append(&auth->identities, (char *)msg, l); - len -= l; - } - - /* Get message type, and verify that we got a proper answer. */ - buffer_get(&auth->identities, (char *)msg, 1); - if (msg[0] != SSH_AGENT_RSA_IDENTITIES_ANSWER) - fatal("Bad authentication reply message type: %d", msg[0]); - - /* Get the number of entries in the response and check it for sanity. */ - auth->howmany = buffer_get_int(&auth->identities); - if (auth->howmany > 1024) - fatal("Too many identities in authentication reply: %d\n", auth->howmany); + /* Get message type, and verify that we got a proper answer. */ + buffer_get(&auth->identities, (char *) msg, 1); + if (msg[0] != SSH_AGENT_RSA_IDENTITIES_ANSWER) + fatal("Bad authentication reply message type: %d", msg[0]); + + /* Get the number of entries in the response and check it for sanity. */ + auth->howmany = buffer_get_int(&auth->identities); + if (auth->howmany > 1024) + fatal("Too many identities in authentication reply: %d\n", auth->howmany); - /* Return the first entry (if any). */ - return ssh_get_next_identity(auth, bitsp, e, n, comment); + /* Return the first entry (if any). */ + return ssh_get_next_identity(auth, e, n, comment); } -/* Returns the next authentication identity for the agent. Other functions - can be called between this and ssh_get_first_identity or two calls of this - function. This returns 0 if there are no more identities. The caller - must free comment after a successful return. */ +/* + * Returns the next authentication identity for the agent. Other functions + * can be called between this and ssh_get_first_identity or two calls of this + * function. This returns 0 if there are no more identities. The caller + * must free comment after a successful return. + */ int ssh_get_next_identity(AuthenticationConnection *auth, - int *bitsp, BIGNUM *e, BIGNUM *n, char **comment) + BIGNUM *e, BIGNUM *n, char **comment) { - /* Return failure if no more entries. */ - if (auth->howmany <= 0) - return 0; - - /* Get the next entry from the packet. These will abort with a fatal - error if the packet is too short or contains corrupt data. */ - *bitsp = buffer_get_int(&auth->identities); - buffer_get_bignum(&auth->identities, e); - buffer_get_bignum(&auth->identities, n); - *comment = buffer_get_string(&auth->identities, NULL); + unsigned int bits; + + /* Return failure if no more entries. */ + if (auth->howmany <= 0) + return 0; + + /* + * Get the next entry from the packet. These will abort with a fatal + * error if the packet is too short or contains corrupt data. + */ + bits = buffer_get_int(&auth->identities); + buffer_get_bignum(&auth->identities, e); + buffer_get_bignum(&auth->identities, n); + *comment = buffer_get_string(&auth->identities, NULL); + + if (bits != BN_num_bits(n)) + error("Warning: keysize mismatch: actual %d, announced %u", + BN_num_bits(n), bits); - /* Decrement the number of remaining entries. */ - auth->howmany--; + /* Decrement the number of remaining entries. */ + auth->howmany--; - return 1; + return 1; } -/* Generates a random challenge, sends it to the agent, and waits for response - from the agent. Returns true (non-zero) if the agent gave the correct - answer, zero otherwise. Response type selects the style of response - desired, with 0 corresponding to protocol version 1.0 (no longer supported) - and 1 corresponding to protocol version 1.1. */ +/* + * Generates a random challenge, sends it to the agent, and waits for + * response from the agent. Returns true (non-zero) if the agent gave the + * correct answer, zero otherwise. Response type selects the style of + * response desired, with 0 corresponding to protocol version 1.0 (no longer + * supported) and 1 corresponding to protocol version 1.1. + */ int ssh_decrypt_challenge(AuthenticationConnection *auth, - int bits, BIGNUM *e, BIGNUM *n, BIGNUM *challenge, + BIGNUM* e, BIGNUM *n, BIGNUM *challenge, unsigned char session_id[16], unsigned int response_type, unsigned char response[16]) { - Buffer buffer; - unsigned char buf[8192]; - int len, l, i; - - /* Response type 0 is no longer supported. */ - if (response_type == 0) - fatal("Compatibility with ssh protocol version 1.0 no longer supported."); - - /* Format a message to the agent. */ - buf[0] = SSH_AGENTC_RSA_CHALLENGE; - buffer_init(&buffer); - buffer_append(&buffer, (char *)buf, 1); - buffer_put_int(&buffer, bits); - buffer_put_bignum(&buffer, e); - buffer_put_bignum(&buffer, n); - buffer_put_bignum(&buffer, challenge); - buffer_append(&buffer, (char *)session_id, 16); - buffer_put_int(&buffer, response_type); - - /* Get the length of the message, and format it in the buffer. */ - len = buffer_len(&buffer); - PUT_32BIT(buf, len); - - /* Send the length and then the packet to the agent. */ - if (write(auth->fd, buf, 4) != 4 || - write(auth->fd, buffer_ptr(&buffer), buffer_len(&buffer)) != - buffer_len(&buffer)) - { - error("Error writing to authentication socket."); - error_cleanup: - buffer_free(&buffer); - return 0; - } - - /* Wait for response from the agent. First read the length of the - response packet. */ - len = 4; - while (len > 0) - { - l = read(auth->fd, buf + 4 - len, len); - if (l <= 0) - { - error("Error reading response length from authentication socket."); - goto error_cleanup; - } - len -= l; - } - - /* Extract the length, and check it for sanity. */ - len = GET_32BIT(buf); - if (len > 256*1024) - fatal("Authentication response too long: %d", len); - - /* Read the rest of the response in tothe buffer. */ - buffer_clear(&buffer); - while (len > 0) - { - l = len; - if (l > sizeof(buf)) - l = sizeof(buf); - l = read(auth->fd, buf, l); - if (l <= 0) - { - error("Error reading response from authentication socket."); - goto error_cleanup; - } - buffer_append(&buffer, (char *)buf, l); - len -= l; - } - - /* Get the type of the packet. */ - buffer_get(&buffer, (char *)buf, 1); - - /* Check for agent failure message. */ - if (buf[0] == SSH_AGENT_FAILURE) - { - log("Agent admitted failure to authenticate using the key."); - goto error_cleanup; - } - - /* Now it must be an authentication response packet. */ - if (buf[0] != SSH_AGENT_RSA_RESPONSE) - fatal("Bad authentication response: %d", buf[0]); - - /* Get the response from the packet. This will abort with a fatal error - if the packet is corrupt. */ - for (i = 0; i < 16; i++) - response[i] = buffer_get_char(&buffer); - - /* The buffer containing the packet is no longer needed. */ - buffer_free(&buffer); - - /* Correct answer. */ - return 1; -} + Buffer buffer; + unsigned char buf[8192]; + int len, l, i; + + /* Response type 0 is no longer supported. */ + if (response_type == 0) + fatal("Compatibility with ssh protocol version 1.0 no longer supported."); + + /* Format a message to the agent. */ + buf[0] = SSH_AGENTC_RSA_CHALLENGE; + buffer_init(&buffer); + buffer_append(&buffer, (char *) buf, 1); + buffer_put_int(&buffer, BN_num_bits(n)); + buffer_put_bignum(&buffer, e); + buffer_put_bignum(&buffer, n); + buffer_put_bignum(&buffer, challenge); + buffer_append(&buffer, (char *) session_id, 16); + buffer_put_int(&buffer, response_type); + + /* Get the length of the message, and format it in the buffer. */ + len = buffer_len(&buffer); + PUT_32BIT(buf, len); + + /* Send the length and then the packet to the agent. */ + if (atomicio(write, auth->fd, buf, 4) != 4 || + atomicio(write, auth->fd, buffer_ptr(&buffer), + buffer_len(&buffer)) != buffer_len(&buffer)) { + error("Error writing to authentication socket."); +error_cleanup: + buffer_free(&buffer); + return 0; + } + /* + * Wait for response from the agent. First read the length of the + * response packet. + */ + len = 4; + while (len > 0) { + l = read(auth->fd, buf + 4 - len, len); + if (l <= 0) { + error("Error reading response length from authentication socket."); + goto error_cleanup; + } + len -= l; + } + + /* Extract the length, and check it for sanity. */ + len = GET_32BIT(buf); + if (len > 256 * 1024) + fatal("Authentication response too long: %d", len); + + /* Read the rest of the response in tothe buffer. */ + buffer_clear(&buffer); + while (len > 0) { + l = len; + if (l > sizeof(buf)) + l = sizeof(buf); + l = read(auth->fd, buf, l); + if (l <= 0) { + error("Error reading response from authentication socket."); + goto error_cleanup; + } + buffer_append(&buffer, (char *) buf, l); + len -= l; + } + + /* Get the type of the packet. */ + buffer_get(&buffer, (char *) buf, 1); + + /* Check for agent failure message. */ + if (buf[0] == SSH_AGENT_FAILURE) { + log("Agent admitted failure to authenticate using the key."); + goto error_cleanup; + } + /* Now it must be an authentication response packet. */ + if (buf[0] != SSH_AGENT_RSA_RESPONSE) + fatal("Bad authentication response: %d", buf[0]); + + /* + * Get the response from the packet. This will abort with a fatal + * error if the packet is corrupt. + */ + for (i = 0; i < 16; i++) + response[i] = buffer_get_char(&buffer); -/* Adds an identity to the authentication server. This call is not meant to - be used by normal applications. */ + /* The buffer containing the packet is no longer needed. */ + buffer_free(&buffer); -int ssh_add_identity(AuthenticationConnection *auth, - RSA *key, const char *comment) + /* Correct answer. */ + return 1; +} + +/* + * Adds an identity to the authentication server. This call is not meant to + * be used by normal applications. + */ + +int +ssh_add_identity(AuthenticationConnection *auth, + RSA * key, const char *comment) { - Buffer buffer; - unsigned char buf[8192]; - int len, l, type; - - /* Format a message to the agent. */ - buffer_init(&buffer); - buffer_put_char(&buffer, SSH_AGENTC_ADD_RSA_IDENTITY); - buffer_put_int(&buffer, BN_num_bits(key->n)); - buffer_put_bignum(&buffer, key->n); - buffer_put_bignum(&buffer, key->e); - buffer_put_bignum(&buffer, key->d); - /* To keep within the protocol: p < q for ssh. in SSL p > q */ - buffer_put_bignum(&buffer, key->iqmp); /* ssh key->u */ - buffer_put_bignum(&buffer, key->q); /* ssh key->p, SSL key->q */ - buffer_put_bignum(&buffer, key->p); /* ssh key->q, SSL key->p */ - buffer_put_string(&buffer, comment, strlen(comment)); - - /* Get the length of the message, and format it in the buffer. */ - len = buffer_len(&buffer); - PUT_32BIT(buf, len); - - /* Send the length and then the packet to the agent. */ - if (write(auth->fd, buf, 4) != 4 || - write(auth->fd, buffer_ptr(&buffer), buffer_len(&buffer)) != - buffer_len(&buffer)) - { - error("Error writing to authentication socket."); - error_cleanup: - buffer_free(&buffer); - return 0; - } - - /* Wait for response from the agent. First read the length of the - response packet. */ - len = 4; - while (len > 0) - { - l = read(auth->fd, buf + 4 - len, len); - if (l <= 0) - { - error("Error reading response length from authentication socket."); - goto error_cleanup; - } - len -= l; - } - - /* Extract the length, and check it for sanity. */ - len = GET_32BIT(buf); - if (len > 256*1024) - fatal("Add identity response too long: %d", len); - - /* Read the rest of the response in tothe buffer. */ - buffer_clear(&buffer); - while (len > 0) - { - l = len; - if (l > sizeof(buf)) - l = sizeof(buf); - l = read(auth->fd, buf, l); - if (l <= 0) - { - error("Error reading response from authentication socket."); - goto error_cleanup; - } - buffer_append(&buffer, (char *)buf, l); - len -= l; - } - - /* Get the type of the packet. */ - type = buffer_get_char(&buffer); - switch (type) - { - case SSH_AGENT_FAILURE: - buffer_free(&buffer); - return 0; - case SSH_AGENT_SUCCESS: - buffer_free(&buffer); - return 1; - default: - fatal("Bad response to add identity from authentication agent: %d", - type); - } - /*NOTREACHED*/ - return 0; -} + Buffer buffer; + unsigned char buf[8192]; + int len, l, type; + + /* Format a message to the agent. */ + buffer_init(&buffer); + buffer_put_char(&buffer, SSH_AGENTC_ADD_RSA_IDENTITY); + buffer_put_int(&buffer, BN_num_bits(key->n)); + buffer_put_bignum(&buffer, key->n); + buffer_put_bignum(&buffer, key->e); + buffer_put_bignum(&buffer, key->d); + /* To keep within the protocol: p < q for ssh. in SSL p > q */ + buffer_put_bignum(&buffer, key->iqmp); /* ssh key->u */ + buffer_put_bignum(&buffer, key->q); /* ssh key->p, SSL key->q */ + buffer_put_bignum(&buffer, key->p); /* ssh key->q, SSL key->p */ + buffer_put_string(&buffer, comment, strlen(comment)); + + /* Get the length of the message, and format it in the buffer. */ + len = buffer_len(&buffer); + PUT_32BIT(buf, len); + + /* Send the length and then the packet to the agent. */ + if (atomicio(write, auth->fd, buf, 4) != 4 || + atomicio(write, auth->fd, buffer_ptr(&buffer), + buffer_len(&buffer)) != buffer_len(&buffer)) { + error("Error writing to authentication socket."); +error_cleanup: + buffer_free(&buffer); + return 0; + } + /* Wait for response from the agent. First read the length of the + response packet. */ + len = 4; + while (len > 0) { + l = read(auth->fd, buf + 4 - len, len); + if (l <= 0) { + error("Error reading response length from authentication socket."); + goto error_cleanup; + } + len -= l; + } + + /* Extract the length, and check it for sanity. */ + len = GET_32BIT(buf); + if (len > 256 * 1024) + fatal("Add identity response too long: %d", len); + + /* Read the rest of the response in tothe buffer. */ + buffer_clear(&buffer); + while (len > 0) { + l = len; + if (l > sizeof(buf)) + l = sizeof(buf); + l = read(auth->fd, buf, l); + if (l <= 0) { + error("Error reading response from authentication socket."); + goto error_cleanup; + } + buffer_append(&buffer, (char *) buf, l); + len -= l; + } -/* Removes an identity from the authentication server. This call is not meant - to be used by normal applications. */ + /* Get the type of the packet. */ + type = buffer_get_char(&buffer); + switch (type) { + case SSH_AGENT_FAILURE: + buffer_free(&buffer); + return 0; + case SSH_AGENT_SUCCESS: + buffer_free(&buffer); + return 1; + default: + fatal("Bad response to add identity from authentication agent: %d", + type); + } + /* NOTREACHED */ + return 0; +} + +/* + * Removes an identity from the authentication server. This call is not + * meant to be used by normal applications. + */ -int ssh_remove_identity(AuthenticationConnection *auth, RSA *key) +int +ssh_remove_identity(AuthenticationConnection *auth, RSA *key) { - Buffer buffer; - unsigned char buf[8192]; - int len, l, type; - - /* Format a message to the agent. */ - buffer_init(&buffer); - buffer_put_char(&buffer, SSH_AGENTC_REMOVE_RSA_IDENTITY); - buffer_put_int(&buffer, BN_num_bits(key->n)); - buffer_put_bignum(&buffer, key->e); - buffer_put_bignum(&buffer, key->n); - - /* Get the length of the message, and format it in the buffer. */ - len = buffer_len(&buffer); - PUT_32BIT(buf, len); - - /* Send the length and then the packet to the agent. */ - if (write(auth->fd, buf, 4) != 4 || - write(auth->fd, buffer_ptr(&buffer), buffer_len(&buffer)) != - buffer_len(&buffer)) - { - error("Error writing to authentication socket."); - error_cleanup: - buffer_free(&buffer); - return 0; - } - - /* Wait for response from the agent. First read the length of the - response packet. */ - len = 4; - while (len > 0) - { - l = read(auth->fd, buf + 4 - len, len); - if (l <= 0) - { - error("Error reading response length from authentication socket."); - goto error_cleanup; - } - len -= l; - } - - /* Extract the length, and check it for sanity. */ - len = GET_32BIT(buf); - if (len > 256*1024) - fatal("Remove identity response too long: %d", len); - - /* Read the rest of the response in tothe buffer. */ - buffer_clear(&buffer); - while (len > 0) - { - l = len; - if (l > sizeof(buf)) - l = sizeof(buf); - l = read(auth->fd, buf, l); - if (l <= 0) - { - error("Error reading response from authentication socket."); - goto error_cleanup; - } - buffer_append(&buffer, (char *)buf, l); - len -= l; - } - - /* Get the type of the packet. */ - type = buffer_get_char(&buffer); - switch (type) - { - case SSH_AGENT_FAILURE: - buffer_free(&buffer); - return 0; - case SSH_AGENT_SUCCESS: - buffer_free(&buffer); - return 1; - default: - fatal("Bad response to remove identity from authentication agent: %d", - type); - } - /*NOTREACHED*/ - return 0; -} + Buffer buffer; + unsigned char buf[8192]; + int len, l, type; + + /* Format a message to the agent. */ + buffer_init(&buffer); + buffer_put_char(&buffer, SSH_AGENTC_REMOVE_RSA_IDENTITY); + buffer_put_int(&buffer, BN_num_bits(key->n)); + buffer_put_bignum(&buffer, key->e); + buffer_put_bignum(&buffer, key->n); + + /* Get the length of the message, and format it in the buffer. */ + len = buffer_len(&buffer); + PUT_32BIT(buf, len); + + /* Send the length and then the packet to the agent. */ + if (atomicio(write, auth->fd, buf, 4) != 4 || + atomicio(write, auth->fd, buffer_ptr(&buffer), + buffer_len(&buffer)) != buffer_len(&buffer)) { + error("Error writing to authentication socket."); +error_cleanup: + buffer_free(&buffer); + return 0; + } + /* + * Wait for response from the agent. First read the length of the + * response packet. + */ + len = 4; + while (len > 0) { + l = read(auth->fd, buf + 4 - len, len); + if (l <= 0) { + error("Error reading response length from authentication socket."); + goto error_cleanup; + } + len -= l; + } -/* Removes all identities from the agent. This call is not meant - to be used by normal applications. */ + /* Extract the length, and check it for sanity. */ + len = GET_32BIT(buf); + if (len > 256 * 1024) + fatal("Remove identity response too long: %d", len); + + /* Read the rest of the response in tothe buffer. */ + buffer_clear(&buffer); + while (len > 0) { + l = len; + if (l > sizeof(buf)) + l = sizeof(buf); + l = read(auth->fd, buf, l); + if (l <= 0) { + error("Error reading response from authentication socket."); + goto error_cleanup; + } + buffer_append(&buffer, (char *) buf, l); + len -= l; + } -int ssh_remove_all_identities(AuthenticationConnection *auth) + /* Get the type of the packet. */ + type = buffer_get_char(&buffer); + switch (type) { + case SSH_AGENT_FAILURE: + buffer_free(&buffer); + return 0; + case SSH_AGENT_SUCCESS: + buffer_free(&buffer); + return 1; + default: + fatal("Bad response to remove identity from authentication agent: %d", + type); + } + /* NOTREACHED */ + return 0; +} + +/* + * Removes all identities from the agent. This call is not meant to be used + * by normal applications. + */ + +int +ssh_remove_all_identities(AuthenticationConnection *auth) { - Buffer buffer; - unsigned char buf[8192]; - int len, l, type; - - /* Get the length of the message, and format it in the buffer. */ - PUT_32BIT(buf, 1); - buf[4] = SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES; - - /* Send the length and then the packet to the agent. */ - if (write(auth->fd, buf, 5) != 5) - { - error("Error writing to authentication socket."); - return 0; - } - - /* Wait for response from the agent. First read the length of the - response packet. */ - len = 4; - while (len > 0) - { - l = read(auth->fd, buf + 4 - len, len); - if (l <= 0) - { - error("Error reading response length from authentication socket."); - return 0; - } - len -= l; - } - - /* Extract the length, and check it for sanity. */ - len = GET_32BIT(buf); - if (len > 256*1024) - fatal("Remove identity response too long: %d", len); - - /* Read the rest of the response into the buffer. */ - buffer_init(&buffer); - while (len > 0) - { - l = len; - if (l > sizeof(buf)) - l = sizeof(buf); - l = read(auth->fd, buf, l); - if (l <= 0) - { - error("Error reading response from authentication socket."); - buffer_free(&buffer); - return 0; - } - buffer_append(&buffer, (char *)buf, l); - len -= l; - } - - /* Get the type of the packet. */ - type = buffer_get_char(&buffer); - switch (type) - { - case SSH_AGENT_FAILURE: - buffer_free(&buffer); - return 0; - case SSH_AGENT_SUCCESS: - buffer_free(&buffer); - return 1; - default: - fatal("Bad response to remove identity from authentication agent: %d", - type); - } - /*NOTREACHED*/ - return 0; -} + Buffer buffer; + unsigned char buf[8192]; + int len, l, type; + + /* Get the length of the message, and format it in the buffer. */ + PUT_32BIT(buf, 1); + buf[4] = SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES; + + /* Send the length and then the packet to the agent. */ + if (atomicio(write, auth->fd, buf, 5) != 5) { + error("Error writing to authentication socket."); + return 0; + } + /* + * Wait for response from the agent. First read the length of the + * response packet. + */ + len = 4; + while (len > 0) { + l = read(auth->fd, buf + 4 - len, len); + if (l <= 0) { + error("Error reading response length from authentication socket."); + return 0; + } + len -= l; + } + + /* Extract the length, and check it for sanity. */ + len = GET_32BIT(buf); + if (len > 256 * 1024) + fatal("Remove identity response too long: %d", len); + + /* Read the rest of the response into the buffer. */ + buffer_init(&buffer); + while (len > 0) { + l = len; + if (l > sizeof(buf)) + l = sizeof(buf); + l = read(auth->fd, buf, l); + if (l <= 0) { + error("Error reading response from authentication socket."); + buffer_free(&buffer); + return 0; + } + buffer_append(&buffer, (char *) buf, l); + len -= l; + } + + /* Get the type of the packet. */ + type = buffer_get_char(&buffer); + switch (type) { + case SSH_AGENT_FAILURE: + buffer_free(&buffer); + return 0; + case SSH_AGENT_SUCCESS: + buffer_free(&buffer); + return 1; + default: + fatal("Bad response to remove identity from authentication agent: %d", + type); + } + /* NOTREACHED */ + return 0; +} Index: usr.bin/ssh/authfd.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/authfd.h,v retrieving revision 1.3 retrieving revision 1.6 diff -u -r1.3 -r1.6 --- usr.bin/ssh/authfd.h 1999/10/14 18:17:42 1.3 +++ usr.bin/ssh/authfd.h 1999/11/24 19:53:44 1.6 @@ -1,20 +1,20 @@ /* + * + * authfd.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Wed Mar 29 01:17:41 1995 ylo + * + * Functions to interface with the SSH_AUTHENTICATION_FD socket. + * + */ -authfd.h +/* RCSID("$Id: authfd.h,v 1.6 1999/11/24 19:53:44 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Mar 29 01:17:41 1995 ylo - -Functions to interface with the SSH_AUTHENTICATION_FD socket. - -*/ - -/* RCSID("$Id: authfd.h,v 1.3 1999/10/14 18:17:42 markus Exp $"); */ - #ifndef AUTHFD_H #define AUTHFD_H @@ -30,73 +30,90 @@ #define SSH_AGENTC_ADD_RSA_IDENTITY 7 #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 - -typedef struct -{ - int fd; - Buffer packet; - Buffer identities; - int howmany; -} AuthenticationConnection; +typedef struct { + int fd; + Buffer packet; + Buffer identities; + int howmany; +} AuthenticationConnection; /* Returns the number of the authentication fd, or -1 if there is none. */ -int ssh_get_authentication_socket(); +int ssh_get_authentication_socket(); -/* This should be called for any descriptor returned by - ssh_get_authentication_socket(). Depending on the way the descriptor was - obtained, this may close the descriptor. */ -void ssh_close_authentication_socket(int authfd); - -/* Opens and connects a private socket for communication with the - authentication agent. Returns NULL if an error occurred and the - connection could not be opened. The connection should be closed by - the caller by calling ssh_close_authentication_connection(). */ +/* + * This should be called for any descriptor returned by + * ssh_get_authentication_socket(). Depending on the way the descriptor was + * obtained, this may close the descriptor. + */ +void ssh_close_authentication_socket(int authfd); + +/* + * Opens and connects a private socket for communication with the + * authentication agent. Returns NULL if an error occurred and the + * connection could not be opened. The connection should be closed by the + * caller by calling ssh_close_authentication_connection(). + */ AuthenticationConnection *ssh_get_authentication_connection(); -/* Closes the connection to the authentication agent and frees any associated - memory. */ -void ssh_close_authentication_connection(AuthenticationConnection *ac); - -/* Returns the first authentication identity held by the agent. - Returns true if an identity is available, 0 otherwise. - The caller must initialize the integers before the call, and free the - comment after a successful call (before calling ssh_get_next_identity). */ -int ssh_get_first_identity(AuthenticationConnection *connection, - int *bitsp, BIGNUM *e, BIGNUM *n, char **comment); - -/* Returns the next authentication identity for the agent. Other functions - can be called between this and ssh_get_first_identity or two calls of this - function. This returns 0 if there are no more identities. The caller - must free comment after a successful return. */ -int ssh_get_next_identity(AuthenticationConnection *connection, - int *bitsp, BIGNUM *e, BIGNUM *n, char **comment); +/* + * Closes the connection to the authentication agent and frees any associated + * memory. + */ +void ssh_close_authentication_connection(AuthenticationConnection * ac); + +/* + * Returns the first authentication identity held by the agent. Returns true + * if an identity is available, 0 otherwise. The caller must initialize the + * integers before the call, and free the comment after a successful call + * (before calling ssh_get_next_identity). + */ +int +ssh_get_first_identity(AuthenticationConnection * connection, + BIGNUM * e, BIGNUM * n, char **comment); + +/* + * Returns the next authentication identity for the agent. Other functions + * can be called between this and ssh_get_first_identity or two calls of this + * function. This returns 0 if there are no more identities. The caller + * must free comment after a successful return. + */ +int +ssh_get_next_identity(AuthenticationConnection * connection, + BIGNUM * e, BIGNUM * n, char **comment); /* Requests the agent to decrypt the given challenge. Returns true if the agent claims it was able to decrypt it. */ -int ssh_decrypt_challenge(AuthenticationConnection *auth, - int bits, BIGNUM *e, BIGNUM *n, BIGNUM *challenge, - unsigned char session_id[16], - unsigned int response_type, - unsigned char response[16]); - -/* Adds an identity to the authentication server. This call is not meant to - be used by normal applications. This returns true if the identity - was successfully added. */ -int ssh_add_identity(AuthenticationConnection *connection, - RSA *key, const char *comment); - -/* Removes the identity from the authentication server. This call is - not meant to be used by normal applications. This returns true if the - identity was successfully added. */ -int ssh_remove_identity(AuthenticationConnection *connection, - RSA *key); - -/* Removes all identities from the authentication agent. This call is not - meant to be used by normal applications. This returns true if the - operation was successful. */ -int ssh_remove_all_identities(AuthenticationConnection *connection); +int +ssh_decrypt_challenge(AuthenticationConnection * auth, + BIGNUM * e, BIGNUM * n, BIGNUM * challenge, + unsigned char session_id[16], + unsigned int response_type, + unsigned char response[16]); + +/* + * Adds an identity to the authentication server. This call is not meant to + * be used by normal applications. This returns true if the identity was + * successfully added. + */ +int +ssh_add_identity(AuthenticationConnection * connection, RSA * key, + const char *comment); + +/* + * Removes the identity from the authentication server. This call is not + * meant to be used by normal applications. This returns true if the + * identity was successfully added. + */ +int ssh_remove_identity(AuthenticationConnection * connection, RSA * key); + +/* + * Removes all identities from the authentication agent. This call is not + * meant to be used by normal applications. This returns true if the + * operation was successful. + */ +int ssh_remove_all_identities(AuthenticationConnection * connection); /* Closes the connection to the authentication agent. */ -void ssh_close_authentication(AuthenticationConnection *connection); +void ssh_close_authentication(AuthenticationConnection * connection); -#endif /* AUTHFD_H */ +#endif /* AUTHFD_H */ Index: usr.bin/ssh/authfile.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/authfile.c,v retrieving revision 1.7 retrieving revision 1.11 diff -u -r1.7 -r1.11 --- usr.bin/ssh/authfile.c 1999/10/11 20:00:35 1.7 +++ usr.bin/ssh/authfile.c 1999/12/06 19:11:15 1.11 @@ -1,21 +1,21 @@ /* + * + * authfile.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 27 03:52:05 1995 ylo + * + * This file contains functions for reading and writing identity files, and + * for reading the passphrase from the user. + * + */ -authfile.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Mar 27 03:52:05 1995 ylo - -This file contains functions for reading and writing identity files, and -for reading the passphrase from the user. - -*/ - #include "includes.h" -RCSID("$Id: authfile.c,v 1.7 1999/10/11 20:00:35 markus Exp $"); +RCSID("$Id: authfile.c,v 1.11 1999/12/06 19:11:15 deraadt Exp $"); #include #include "xmalloc.h" @@ -27,324 +27,319 @@ /* Version identification string for identity files. */ #define AUTHFILE_ID_STRING "SSH PRIVATE KEY FILE FORMAT 1.1\n" -/* Saves the authentication (private) key in a file, encrypting it with - passphrase. The identification of the file (lowest 64 bits of n) - will precede the key to provide identification of the key without - needing a passphrase. */ +/* + * Saves the authentication (private) key in a file, encrypting it with + * passphrase. The identification of the file (lowest 64 bits of n) will + * precede the key to provide identification of the key without needing a + * passphrase. + */ int save_private_key(const char *filename, const char *passphrase, RSA *key, const char *comment) { - Buffer buffer, encrypted; - char buf[100], *cp; - int f, i; - CipherContext cipher; - int cipher_type; - u_int32_t rand; - - /* If the passphrase is empty, use SSH_CIPHER_NONE to ease converting to - another cipher; otherwise use SSH_AUTHFILE_CIPHER. */ - if (strcmp(passphrase, "") == 0) - cipher_type = SSH_CIPHER_NONE; - else - cipher_type = SSH_AUTHFILE_CIPHER; - - /* This buffer is used to built the secret part of the private key. */ - buffer_init(&buffer); - - /* Put checkbytes for checking passphrase validity. */ - rand = arc4random(); - buf[0] = rand & 0xff; - buf[1] = (rand >> 8) & 0xff; - buf[2] = buf[0]; - buf[3] = buf[1]; - buffer_append(&buffer, buf, 4); - - /* Store the private key (n and e will not be stored because they will - be stored in plain text, and storing them also in encrypted format - would just give known plaintext). */ - buffer_put_bignum(&buffer, key->d); - buffer_put_bignum(&buffer, key->iqmp); - buffer_put_bignum(&buffer, key->q); /* reverse from SSL p */ - buffer_put_bignum(&buffer, key->p); /* reverse from SSL q */ - - /* Pad the part to be encrypted until its size is a multiple of 8. */ - while (buffer_len(&buffer) % 8 != 0) - buffer_put_char(&buffer, 0); - - /* This buffer will be used to contain the data in the file. */ - buffer_init(&encrypted); - - /* First store keyfile id string. */ - cp = AUTHFILE_ID_STRING; - for (i = 0; cp[i]; i++) - buffer_put_char(&encrypted, cp[i]); - buffer_put_char(&encrypted, 0); - - /* Store cipher type. */ - buffer_put_char(&encrypted, cipher_type); - buffer_put_int(&encrypted, 0); /* For future extension */ - - /* Store public key. This will be in plain text. */ - buffer_put_int(&encrypted, BN_num_bits(key->n)); - buffer_put_bignum(&encrypted, key->n); - buffer_put_bignum(&encrypted, key->e); - buffer_put_string(&encrypted, comment, strlen(comment)); - - /* Allocate space for the private part of the key in the buffer. */ - buffer_append_space(&encrypted, &cp, buffer_len(&buffer)); - - cipher_set_key_string(&cipher, cipher_type, passphrase, 1); - cipher_encrypt(&cipher, (unsigned char *)cp, - (unsigned char *)buffer_ptr(&buffer), - buffer_len(&buffer)); - memset(&cipher, 0, sizeof(cipher)); - - /* Destroy temporary data. */ - memset(buf, 0, sizeof(buf)); - buffer_free(&buffer); - - /* Write to a file. */ - f = open(filename, O_WRONLY|O_CREAT|O_TRUNC, 0600); - if (f < 0) - return 0; - - if (write(f, buffer_ptr(&encrypted), buffer_len(&encrypted)) != - buffer_len(&encrypted)) - { - debug("Write to key file %.200s failed: %.100s", filename, - strerror(errno)); - buffer_free(&encrypted); - close(f); - remove(filename); - return 0; - } - close(f); - buffer_free(&encrypted); - return 1; + Buffer buffer, encrypted; + char buf[100], *cp; + int fd, i; + CipherContext cipher; + int cipher_type; + u_int32_t rand; + + /* + * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting + * to another cipher; otherwise use SSH_AUTHFILE_CIPHER. + */ + if (strcmp(passphrase, "") == 0) + cipher_type = SSH_CIPHER_NONE; + else + cipher_type = SSH_AUTHFILE_CIPHER; + + /* This buffer is used to built the secret part of the private key. */ + buffer_init(&buffer); + + /* Put checkbytes for checking passphrase validity. */ + rand = arc4random(); + buf[0] = rand & 0xff; + buf[1] = (rand >> 8) & 0xff; + buf[2] = buf[0]; + buf[3] = buf[1]; + buffer_append(&buffer, buf, 4); + + /* + * Store the private key (n and e will not be stored because they + * will be stored in plain text, and storing them also in encrypted + * format would just give known plaintext). + */ + buffer_put_bignum(&buffer, key->d); + buffer_put_bignum(&buffer, key->iqmp); + buffer_put_bignum(&buffer, key->q); /* reverse from SSL p */ + buffer_put_bignum(&buffer, key->p); /* reverse from SSL q */ + + /* Pad the part to be encrypted until its size is a multiple of 8. */ + while (buffer_len(&buffer) % 8 != 0) + buffer_put_char(&buffer, 0); + + /* This buffer will be used to contain the data in the file. */ + buffer_init(&encrypted); + + /* First store keyfile id string. */ + cp = AUTHFILE_ID_STRING; + for (i = 0; cp[i]; i++) + buffer_put_char(&encrypted, cp[i]); + buffer_put_char(&encrypted, 0); + + /* Store cipher type. */ + buffer_put_char(&encrypted, cipher_type); + buffer_put_int(&encrypted, 0); /* For future extension */ + + /* Store public key. This will be in plain text. */ + buffer_put_int(&encrypted, BN_num_bits(key->n)); + buffer_put_bignum(&encrypted, key->n); + buffer_put_bignum(&encrypted, key->e); + buffer_put_string(&encrypted, comment, strlen(comment)); + + /* Allocate space for the private part of the key in the buffer. */ + buffer_append_space(&encrypted, &cp, buffer_len(&buffer)); + + cipher_set_key_string(&cipher, cipher_type, passphrase, 1); + cipher_encrypt(&cipher, (unsigned char *) cp, + (unsigned char *) buffer_ptr(&buffer), + buffer_len(&buffer)); + memset(&cipher, 0, sizeof(cipher)); + + /* Destroy temporary data. */ + memset(buf, 0, sizeof(buf)); + buffer_free(&buffer); + + fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); + if (fd < 0) + return 0; + if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != + buffer_len(&encrypted)) { + debug("Write to key file %.200s failed: %.100s", filename, + strerror(errno)); + buffer_free(&encrypted); + close(fd); + remove(filename); + return 0; + } + close(fd); + buffer_free(&encrypted); + return 1; } -/* Loads the public part of the key file. Returns 0 if an error - was encountered (the file does not exist or is not readable), and - non-zero otherwise. */ +/* + * Loads the public part of the key file. Returns 0 if an error was + * encountered (the file does not exist or is not readable), and non-zero + * otherwise. + */ int -load_public_key(const char *filename, RSA *pub, +load_public_key(const char *filename, RSA * pub, char **comment_return) { - int f, i; - off_t len; - Buffer buffer; - char *cp; - - /* Read data from the file into the buffer. */ - f = open(filename, O_RDONLY); - if (f < 0) - return 0; - - len = lseek(f, (off_t)0, SEEK_END); - lseek(f, (off_t)0, SEEK_SET); - - buffer_init(&buffer); - buffer_append_space(&buffer, &cp, len); - - if (read(f, cp, (size_t)len) != (size_t)len) - { - debug("Read from key file %.200s failed: %.100s", filename, - strerror(errno)); - buffer_free(&buffer); - close(f); - return 0; - } - close(f); - - /* Check that it is at least big enought to contain the ID string. */ - if (len < strlen(AUTHFILE_ID_STRING) + 1) - { - debug("Bad key file %.200s.", filename); - buffer_free(&buffer); - return 0; - } - - /* Make sure it begins with the id string. Consume the id string from - the buffer. */ - for (i = 0; i < (unsigned int)strlen(AUTHFILE_ID_STRING) + 1; i++) - if (buffer_get_char(&buffer) != (unsigned char)AUTHFILE_ID_STRING[i]) - { - debug("Bad key file %.200s.", filename); + int fd, i; + off_t len; + Buffer buffer; + char *cp; + + fd = open(filename, O_RDONLY); + if (fd < 0) + return 0; + len = lseek(fd, (off_t) 0, SEEK_END); + lseek(fd, (off_t) 0, SEEK_SET); + + buffer_init(&buffer); + buffer_append_space(&buffer, &cp, len); + + if (read(fd, cp, (size_t) len) != (size_t) len) { + debug("Read from key file %.200s failed: %.100s", filename, + strerror(errno)); + buffer_free(&buffer); + close(fd); + return 0; + } + close(fd); + + /* Check that it is at least big enought to contain the ID string. */ + if (len < strlen(AUTHFILE_ID_STRING) + 1) { + debug("Bad key file %.200s.", filename); + buffer_free(&buffer); + return 0; + } + /* + * Make sure it begins with the id string. Consume the id string + * from the buffer. + */ + for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++) + if (buffer_get_char(&buffer) != (u_char) AUTHFILE_ID_STRING[i]) { + debug("Bad key file %.200s.", filename); + buffer_free(&buffer); + return 0; + } + /* Skip cipher type and reserved data. */ + (void) buffer_get_char(&buffer); /* cipher type */ + (void) buffer_get_int(&buffer); /* reserved */ + + /* Read the public key from the buffer. */ + buffer_get_int(&buffer); + pub->n = BN_new(); + buffer_get_bignum(&buffer, pub->n); + pub->e = BN_new(); + buffer_get_bignum(&buffer, pub->e); + if (comment_return) + *comment_return = buffer_get_string(&buffer, NULL); + /* The encrypted private part is not parsed by this function. */ + buffer_free(&buffer); - return 0; - } - /* Skip cipher type and reserved data. */ - (void)buffer_get_char(&buffer); /* cipher type */ - (void)buffer_get_int(&buffer); /* reserved */ - - /* Read the public key from the buffer. */ - buffer_get_int(&buffer); - pub->n = BN_new(); - buffer_get_bignum(&buffer, pub->n); - pub->e = BN_new(); - buffer_get_bignum(&buffer, pub->e); - if (comment_return) - *comment_return = buffer_get_string(&buffer, NULL); - /* The encrypted private part is not parsed by this function. */ - - buffer_free(&buffer); - - return 1; + return 1; } -/* Loads the private key from the file. Returns 0 if an error is encountered - (file does not exist or is not readable, or passphrase is bad). - This initializes the private key. */ +/* + * Loads the private key from the file. Returns 0 if an error is encountered + * (file does not exist or is not readable, or passphrase is bad). This + * initializes the private key. + * Assumes we are called under uid of the owner of the file. + */ int load_private_key(const char *filename, const char *passphrase, - RSA *prv, char **comment_return) + RSA * prv, char **comment_return) { - int f, i, check1, check2, cipher_type; - off_t len; - Buffer buffer, decrypted; - char *cp; - CipherContext cipher; - BN_CTX *ctx; - BIGNUM *aux; - struct stat st; - - /* Read the file into the buffer. */ - f = open(filename, O_RDONLY); - if (f < 0) - return 0; - - /* We assume we are called under uid of the owner of the file */ - if (fstat(f, &st) < 0 || - (st.st_uid != 0 && st.st_uid != getuid()) || - (st.st_mode & 077) != 0) { - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("Bad ownership or mode(0%3.3o) for '%s'.", - st.st_mode & 0777, filename); - error("It is recommended that your private key files are NOT accessible by others."); - return 0; - } - - len = lseek(f, (off_t)0, SEEK_END); - lseek(f, (off_t)0, SEEK_SET); - - buffer_init(&buffer); - buffer_append_space(&buffer, &cp, len); - - if (read(f, cp, (size_t)len) != (size_t)len) - { - debug("Read from key file %.200s failed: %.100s", filename, - strerror(errno)); - buffer_free(&buffer); - close(f); - return 0; - } - close(f); - - /* Check that it is at least big enought to contain the ID string. */ - if (len < strlen(AUTHFILE_ID_STRING) + 1) - { - debug("Bad key file %.200s.", filename); - buffer_free(&buffer); - return 0; - } - - /* Make sure it begins with the id string. Consume the id string from - the buffer. */ - for (i = 0; i < (unsigned int)strlen(AUTHFILE_ID_STRING) + 1; i++) - if (buffer_get_char(&buffer) != (unsigned char)AUTHFILE_ID_STRING[i]) - { - debug("Bad key file %.200s.", filename); + int fd, i, check1, check2, cipher_type; + off_t len; + Buffer buffer, decrypted; + char *cp; + CipherContext cipher; + BN_CTX *ctx; + BIGNUM *aux; + struct stat st; + + fd = open(filename, O_RDONLY); + if (fd < 0) + return 0; + + /* check owner and modes */ + if (fstat(fd, &st) < 0 || + (st.st_uid != 0 && st.st_uid != getuid()) || + (st.st_mode & 077) != 0) { + close(fd); + error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); + error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); + error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); + error("Bad ownership or mode(0%3.3o) for '%s'.", + st.st_mode & 0777, filename); + error("It is recommended that your private key files are NOT accessible by others."); + return 0; + } + len = lseek(fd, (off_t) 0, SEEK_END); + lseek(fd, (off_t) 0, SEEK_SET); + + buffer_init(&buffer); + buffer_append_space(&buffer, &cp, len); + + if (read(fd, cp, (size_t) len) != (size_t) len) { + debug("Read from key file %.200s failed: %.100s", filename, + strerror(errno)); + buffer_free(&buffer); + close(fd); + return 0; + } + close(fd); + + /* Check that it is at least big enought to contain the ID string. */ + if (len < strlen(AUTHFILE_ID_STRING) + 1) { + debug("Bad key file %.200s.", filename); + buffer_free(&buffer); + return 0; + } + /* + * Make sure it begins with the id string. Consume the id string + * from the buffer. + */ + for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++) + if (buffer_get_char(&buffer) != (unsigned char) AUTHFILE_ID_STRING[i]) { + debug("Bad key file %.200s.", filename); + buffer_free(&buffer); + return 0; + } + /* Read cipher type. */ + cipher_type = buffer_get_char(&buffer); + (void) buffer_get_int(&buffer); /* Reserved data. */ + + /* Read the public key from the buffer. */ + buffer_get_int(&buffer); + prv->n = BN_new(); + buffer_get_bignum(&buffer, prv->n); + prv->e = BN_new(); + buffer_get_bignum(&buffer, prv->e); + if (comment_return) + *comment_return = buffer_get_string(&buffer, NULL); + else + xfree(buffer_get_string(&buffer, NULL)); + + /* Check that it is a supported cipher. */ + if (((cipher_mask() | SSH_CIPHER_NONE | SSH_AUTHFILE_CIPHER) & + (1 << cipher_type)) == 0) { + debug("Unsupported cipher %.100s used in key file %.200s.", + cipher_name(cipher_type), filename); + buffer_free(&buffer); + goto fail; + } + /* Initialize space for decrypted data. */ + buffer_init(&decrypted); + buffer_append_space(&decrypted, &cp, buffer_len(&buffer)); + + /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ + cipher_set_key_string(&cipher, cipher_type, passphrase, 0); + cipher_decrypt(&cipher, (unsigned char *) cp, + (unsigned char *) buffer_ptr(&buffer), + buffer_len(&buffer)); + buffer_free(&buffer); - return 0; - } + + check1 = buffer_get_char(&decrypted); + check2 = buffer_get_char(&decrypted); + if (check1 != buffer_get_char(&decrypted) || + check2 != buffer_get_char(&decrypted)) { + if (strcmp(passphrase, "") != 0) + debug("Bad passphrase supplied for key file %.200s.", filename); + /* Bad passphrase. */ + buffer_free(&decrypted); +fail: + BN_clear_free(prv->n); + BN_clear_free(prv->e); + if (comment_return) + xfree(*comment_return); + return 0; + } + /* Read the rest of the private key. */ + prv->d = BN_new(); + buffer_get_bignum(&decrypted, prv->d); + prv->iqmp = BN_new(); + buffer_get_bignum(&decrypted, prv->iqmp); /* u */ + /* in SSL and SSH p and q are exchanged */ + prv->q = BN_new(); + buffer_get_bignum(&decrypted, prv->q); /* p */ + prv->p = BN_new(); + buffer_get_bignum(&decrypted, prv->p); /* q */ + + ctx = BN_CTX_new(); + aux = BN_new(); + + BN_sub(aux, prv->q, BN_value_one()); + prv->dmq1 = BN_new(); + BN_mod(prv->dmq1, prv->d, aux, ctx); + + BN_sub(aux, prv->p, BN_value_one()); + prv->dmp1 = BN_new(); + BN_mod(prv->dmp1, prv->d, aux, ctx); + + BN_clear_free(aux); + BN_CTX_free(ctx); - /* Read cipher type. */ - cipher_type = buffer_get_char(&buffer); - (void)buffer_get_int(&buffer); /* Reserved data. */ - - /* Read the public key from the buffer. */ - buffer_get_int(&buffer); - prv->n = BN_new(); - buffer_get_bignum(&buffer, prv->n); - prv->e = BN_new(); - buffer_get_bignum(&buffer, prv->e); - if (comment_return) - *comment_return = buffer_get_string(&buffer, NULL); - else - xfree(buffer_get_string(&buffer, NULL)); - - /* Check that it is a supported cipher. */ - if (((cipher_mask() | SSH_CIPHER_NONE | SSH_AUTHFILE_CIPHER) & - (1 << cipher_type)) == 0) - { - debug("Unsupported cipher %.100s used in key file %.200s.", - cipher_name(cipher_type), filename); - buffer_free(&buffer); - goto fail; - } - - /* Initialize space for decrypted data. */ - buffer_init(&decrypted); - buffer_append_space(&decrypted, &cp, buffer_len(&buffer)); - - /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ - cipher_set_key_string(&cipher, cipher_type, passphrase, 0); - cipher_decrypt(&cipher, (unsigned char *)cp, - (unsigned char *)buffer_ptr(&buffer), - buffer_len(&buffer)); - - buffer_free(&buffer); - - check1 = buffer_get_char(&decrypted); - check2 = buffer_get_char(&decrypted); - if (check1 != buffer_get_char(&decrypted) || - check2 != buffer_get_char(&decrypted)) - { - if (strcmp(passphrase, "") != 0) - debug("Bad passphrase supplied for key file %.200s.", filename); - /* Bad passphrase. */ - buffer_free(&decrypted); - fail: - BN_clear_free(prv->n); - BN_clear_free(prv->e); - if (comment_return) - xfree(*comment_return); - return 0; - } - - /* Read the rest of the private key. */ - prv->d = BN_new(); - buffer_get_bignum(&decrypted, prv->d); - prv->iqmp = BN_new(); - buffer_get_bignum(&decrypted, prv->iqmp); /* u */ - /* in SSL and SSH p and q are exchanged */ - prv->q = BN_new(); - buffer_get_bignum(&decrypted, prv->q); /* p */ - prv->p = BN_new(); - buffer_get_bignum(&decrypted, prv->p); /* q */ - - ctx = BN_CTX_new(); - aux = BN_new(); - - BN_sub(aux, prv->q, BN_value_one()); - prv->dmq1 = BN_new(); - BN_mod(prv->dmq1, prv->d, aux, ctx); - - BN_sub(aux, prv->p, BN_value_one()); - prv->dmp1 = BN_new(); - BN_mod(prv->dmp1, prv->d, aux, ctx); - - BN_clear_free(aux); - BN_CTX_free(ctx); - - buffer_free(&decrypted); + buffer_free(&decrypted); - return 1; + return 1; } Index: usr.bin/ssh/bf_enc.c =================================================================== RCS file: bf_enc.c diff -N bf_enc.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsnRBiD31367 Wed Dec 8 12:42:02 1999 @@ -0,0 +1,241 @@ +/* crypto/bf/bf_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "blowfish.h" +#include "bf_locl.h" + +/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' + * (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, + * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) + */ + +#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) +If you set BF_ROUNDS to some value other than 16 or 20, you will have +to modify the code. +#endif + +void BF_encrypt(data,key) +BF_LONG *data; +BF_KEY *key; + { + register BF_LONG l,r,*p,*s; + + p=key->P; + s= &(key->S[0]); + l=data[0]; + r=data[1]; + + l^=p[0]; + BF_ENC(r,l,s,p[ 1]); + BF_ENC(l,r,s,p[ 2]); + BF_ENC(r,l,s,p[ 3]); + BF_ENC(l,r,s,p[ 4]); + BF_ENC(r,l,s,p[ 5]); + BF_ENC(l,r,s,p[ 6]); + BF_ENC(r,l,s,p[ 7]); + BF_ENC(l,r,s,p[ 8]); + BF_ENC(r,l,s,p[ 9]); + BF_ENC(l,r,s,p[10]); + BF_ENC(r,l,s,p[11]); + BF_ENC(l,r,s,p[12]); + BF_ENC(r,l,s,p[13]); + BF_ENC(l,r,s,p[14]); + BF_ENC(r,l,s,p[15]); + BF_ENC(l,r,s,p[16]); +#if BF_ROUNDS == 20 + BF_ENC(r,l,s,p[17]); + BF_ENC(l,r,s,p[18]); + BF_ENC(r,l,s,p[19]); + BF_ENC(l,r,s,p[20]); +#endif + r^=p[BF_ROUNDS+1]; + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; + } + +#ifndef BF_DEFAULT_OPTIONS + +void BF_decrypt(data,key) +BF_LONG *data; +BF_KEY *key; + { + register BF_LONG l,r,*p,*s; + + p=key->P; + s= &(key->S[0]); + l=data[0]; + r=data[1]; + + l^=p[BF_ROUNDS+1]; +#if BF_ROUNDS == 20 + BF_ENC(r,l,s,p[20]); + BF_ENC(l,r,s,p[19]); + BF_ENC(r,l,s,p[18]); + BF_ENC(l,r,s,p[17]); +#endif + BF_ENC(r,l,s,p[16]); + BF_ENC(l,r,s,p[15]); + BF_ENC(r,l,s,p[14]); + BF_ENC(l,r,s,p[13]); + BF_ENC(r,l,s,p[12]); + BF_ENC(l,r,s,p[11]); + BF_ENC(r,l,s,p[10]); + BF_ENC(l,r,s,p[ 9]); + BF_ENC(r,l,s,p[ 8]); + BF_ENC(l,r,s,p[ 7]); + BF_ENC(r,l,s,p[ 6]); + BF_ENC(l,r,s,p[ 5]); + BF_ENC(r,l,s,p[ 4]); + BF_ENC(l,r,s,p[ 3]); + BF_ENC(r,l,s,p[ 2]); + BF_ENC(l,r,s,p[ 1]); + r^=p[0]; + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; + } + +void BF_cbc_encrypt(in, out, length, ks, iv, encrypt) +unsigned char *in; +unsigned char *out; +long length; +BF_KEY *ks; +unsigned char *iv; +int encrypt; + { + register BF_LONG tin0,tin1; + register BF_LONG tout0,tout1,xor0,xor1; + register long l=length; + BF_LONG tin[2]; + + if (encrypt) + { + n2l(iv,tout0); + n2l(iv,tout1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + BF_encrypt(tin,ks); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + if (l != -8) + { + n2ln(in,tin0,tin1,l+8); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + BF_encrypt(tin,ks); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + l2n(tout0,iv); + l2n(tout1,iv); + } + else + { + n2l(iv,xor0); + n2l(iv,xor1); + iv-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + BF_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2n(tout0,out); + l2n(tout1,out); + xor0=tin0; + xor1=tin1; + } + if (l != -8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + BF_decrypt(tin,ks); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2nn(tout0,tout1,out,l+8); + xor0=tin0; + xor1=tin1; + } + l2n(xor0,iv); + l2n(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + +#endif Index: usr.bin/ssh/bf_locl.h =================================================================== RCS file: bf_locl.h diff -N bf_locl.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsvQmjj31367 Wed Dec 8 12:42:04 1999 @@ -0,0 +1,242 @@ +/* crypto/bf/bf_locl.org */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING + * + * Always modify bf_locl.org since bf_locl.h is automatically generated from + * it during SSLeay configuration. + * + * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING + */ + +/* Special defines which change the way the code is built depending on the + CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find + even newer MIPS CPU's, but at the moment one size fits all for + optimization options. Older Sparc's work better with only UNROLL, but + there's no way to tell at compile time what it is you're running on */ + +#if defined( sun ) /* Newer Sparc's */ +# define BF_PTR +#elif defined( __ultrix ) /* Older MIPS */ +# define BF_PTR +#elif defined( __osf1__ ) /* Alpha */ + /* None */ +#elif defined ( _AIX ) /* RS6000 */ + /* Unknown */ +#elif defined( __hpux ) /* HP-PA */ + /* None */ +#elif defined( __aux ) /* 68K */ + /* Unknown */ +#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ + /* Unknown */ +#elif defined( __sgi ) /* Newer MIPS */ +# define BF_PTR +#elif defined( i386 ) /* x86 boxes, should be gcc */ +#elif defined( _MSC_VER ) /* x86 boxes, Visual C */ +#endif /* Systems-specific speed defines */ + +#undef c2l +#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<<24L) + +/* NOTE - c is not incremented as per c2l */ +#undef c2ln +#define c2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ + case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ + case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ + case 5: l2|=((unsigned long)(*(--(c)))); \ + case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ + case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ + case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ + case 1: l1|=((unsigned long)(*(--(c)))); \ + } \ + } + +#undef l2c +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24L)&0xff)) + +/* NOTE - c is not incremented as per l2c */ +#undef l2cn +#define l2cn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ + } \ + } + +/* NOTE - c is not incremented as per n2l */ +#define n2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c)))) ; \ + case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ + case 6: l2|=((unsigned long)(*(--(c))))<<16; \ + case 5: l2|=((unsigned long)(*(--(c))))<<24; \ + case 4: l1 =((unsigned long)(*(--(c)))) ; \ + case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ + case 2: l1|=((unsigned long)(*(--(c))))<<16; \ + case 1: l1|=((unsigned long)(*(--(c))))<<24; \ + } \ + } + +/* NOTE - c is not incremented as per l2n */ +#define l2nn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ + } \ + } + +#undef n2l +#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))) + +#undef l2n +#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +/* This is actually a big endian algorithm, the most significate byte + * is used to lookup array 0 */ + +/* use BF_PTR2 for intel boxes, + * BF_PTR for sparc and MIPS/SGI + * use nothing for Alpha and HP. + */ +#if !defined(BF_PTR) && !defined(BF_PTR2) +#undef BF_PTR +#endif + +#define BF_M 0x3fc +#define BF_0 22L +#define BF_1 14L +#define BF_2 6L +#define BF_3 2L /* left shift */ + +#if defined(BF_PTR2) + +/* This is basically a special pentium verson */ +#define BF_ENC(LL,R,S,P) \ + { \ + BF_LONG t,u,v; \ + u=R>>BF_0; \ + v=R>>BF_1; \ + u&=BF_M; \ + v&=BF_M; \ + t= *(BF_LONG *)((unsigned char *)&(S[ 0])+u); \ + u=R>>BF_2; \ + t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \ + v=R<>BF_0)&BF_M))+ \ + *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \ + *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \ + *(BF_LONG *)((unsigned char *)&(S[768])+((R<>24L) ] + \ + S[0x0100+((int)(R>>16L)&0xff)])^ \ + S[0x0200+((int)(R>> 8L)&0xff)])+ \ + S[0x0300+((int)(R )&0xff)])&0xffffffffL; +#endif Index: usr.bin/ssh/bf_pi.h =================================================================== RCS file: bf_pi.h diff -N bf_pi.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsgpEFI31367 Wed Dec 8 12:42:04 1999 @@ -0,0 +1,325 @@ +/* crypto/bf/bf_pi.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +static BF_KEY bf_init= { + { + 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, + 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L, + 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL, + 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L, + 0x9216d5d9L, 0x8979fb1b + },{ + 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, + 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, + 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, + 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, + 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, + 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, + 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, + 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, + 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, + 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, + 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, + 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, + 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, + 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, + 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, + 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, + 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, + 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, + 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, + 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, + 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, + 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, + 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, + 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, + 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, + 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, + 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, + 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, + 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, + 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, + 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, + 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, + 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, + 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, + 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, + 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, + 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, + 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, + 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, + 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, + 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, + 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, + 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, + 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, + 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, + 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, + 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, + 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, + 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, + 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, + 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, + 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, + 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, + 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, + 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, + 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, + 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, + 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, + 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, + 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, + 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, + 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, + 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, + 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, + 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, + 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, + 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, + 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, + 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, + 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, + 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, + 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, + 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, + 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, + 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, + 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, + 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, + 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, + 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, + 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, + 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, + 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, + 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, + 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, + 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, + 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, + 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, + 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, + 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, + 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, + 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, + 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, + 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, + 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, + 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, + 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, + 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, + 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, + 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, + 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, + 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, + 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, + 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, + 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, + 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, + 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, + 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, + 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, + 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, + 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, + 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, + 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, + 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, + 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, + 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, + 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, + 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, + 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, + 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, + 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, + 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, + 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, + 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, + 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, + 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, + 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, + 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, + 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, + 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, + 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, + 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, + 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, + 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, + 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, + 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, + 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, + 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, + 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, + 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, + 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, + 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, + 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, + 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, + 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, + 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, + 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, + 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, + 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, + 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, + 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, + 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, + 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, + 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, + 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, + 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, + 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, + 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, + 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, + 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, + 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, + 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, + 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, + 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, + 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, + 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, + 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, + 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, + 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, + 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, + 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, + 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, + 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, + 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, + 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, + 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, + 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, + 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, + 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, + 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, + 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, + 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, + 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, + 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, + 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, + 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, + 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, + 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, + 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, + 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, + 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, + 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, + 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, + 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, + 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, + 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, + 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, + 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, + 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, + 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, + 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, + 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, + 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, + 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, + 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, + 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, + 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, + 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, + 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, + 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, + 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, + 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, + 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, + 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, + 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, + 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, + 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, + 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, + 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, + 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, + 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, + 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, + 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, + 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, + 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, + 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, + 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, + 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, + 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, + 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, + 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, + 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, + 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, + 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, + 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, + 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, + 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, + 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, + 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, + 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, + 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, + 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, + 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, + 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, + 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, + 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, + 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, + 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, + 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, + 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, + 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, + 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, + 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, + 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, + 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, + 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, + 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, + } + }; + Index: usr.bin/ssh/bf_skey.c =================================================================== RCS file: bf_skey.c diff -N bf_skey.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsKvpna31367 Wed Dec 8 12:42:04 1999 @@ -0,0 +1,119 @@ +/* crypto/bf/bf_skey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include +#include +#include "blowfish.h" +#include "bf_locl.h" +#include "bf_pi.h" + +void BF_set_key(key,len,data) +BF_KEY *key; +int len; +unsigned char *data; + { + int i; + BF_LONG *p,ri,in[2]; + unsigned char *d,*end; + + + memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY)); + p=key->P; + + if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4; + + d=data; + end= &(data[len]); + for (i=0; i<(BF_ROUNDS+2); i++) + { + ri= *(d++); + if (d >= end) d=data; + + ri<<=8; + ri|= *(d++); + if (d >= end) d=data; + + ri<<=8; + ri|= *(d++); + if (d >= end) d=data; + + ri<<=8; + ri|= *(d++); + if (d >= end) d=data; + + p[i]^=ri; + } + + in[0]=0L; + in[1]=0L; + for (i=0; i<(BF_ROUNDS+2); i+=2) + { + BF_encrypt(in,key); + p[i ]=in[0]; + p[i+1]=in[1]; + } + + p=key->S; + for (i=0; i<4*256; i+=2) + { + BF_encrypt(in,key); + p[i ]=in[0]; + p[i+1]=in[1]; + } + } + Index: usr.bin/ssh/blowfish.h =================================================================== RCS file: blowfish.h diff -N blowfish.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsHlbEx31367 Wed Dec 8 12:42:04 1999 @@ -0,0 +1,116 @@ +/* crypto/bf/blowfish.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_BLOWFISH_H +#define HEADER_BLOWFISH_H + +#ifdef __cplusplus +extern "C" { +#endif + +#define BF_ENCRYPT 1 +#define BF_DECRYPT 0 + +/* If you make this 'unsigned int' the pointer variants will work on + * the Alpha, otherwise they will not. Strangly using the '8 byte' + * BF_LONG and the default 'non-pointer' inner loop is the best configuration + * for the Alpha */ +#define BF_LONG unsigned long + +#define BF_ROUNDS 16 +#define BF_BLOCK 8 + +typedef struct bf_key_st + { + BF_LONG P[BF_ROUNDS+2]; + BF_LONG S[4*256]; + } BF_KEY; + +#ifndef NOPROTO + +void BF_set_key(BF_KEY *key, int len, unsigned char *data); +void BF_ecb_encrypt(unsigned char *in,unsigned char *out,BF_KEY *key, + int enc); +void BF_encrypt(BF_LONG *data,BF_KEY *key); +void BF_decrypt(BF_LONG *data,BF_KEY *key); +void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length, + BF_KEY *ks, unsigned char *iv, int enc); +void BF_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, + BF_KEY *schedule, unsigned char *ivec, int *num, int enc); +void BF_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, + BF_KEY *schedule, unsigned char *ivec, int *num); +char *BF_options(void); + +#else + +void BF_set_key(); +void BF_ecb_encrypt(); +void BF_encrypt(); +void BF_decrypt(); +void BF_cbc_encrypt(); +void BF_cfb64_encrypt(); +void BF_ofb64_encrypt(); +char *BF_options(); + +#endif + +#ifdef __cplusplus +} +#endif + +#endif Index: usr.bin/ssh/bufaux.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/bufaux.c,v retrieving revision 1.2 retrieving revision 1.7 diff -u -r1.2 -r1.7 --- usr.bin/ssh/bufaux.c 1999/09/28 04:45:36 1.2 +++ usr.bin/ssh/bufaux.c 1999/11/24 19:53:44 1.7 @@ -1,141 +1,158 @@ /* + * + * bufaux.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Wed Mar 29 02:24:47 1995 ylo + * + * Auxiliary functions for storing and retrieving various data types to/from + * Buffers. + * + */ -bufaux.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Mar 29 02:24:47 1995 ylo - -Auxiliary functions for storing and retrieving various data types to/from -Buffers. - -*/ - #include "includes.h" -RCSID("$Id: bufaux.c,v 1.2 1999/09/28 04:45:36 provos Exp $"); +RCSID("$Id: bufaux.c,v 1.7 1999/11/24 19:53:44 markus Exp $"); #include "ssh.h" #include #include "bufaux.h" #include "xmalloc.h" #include "getput.h" - -/* Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed - by (bits+7)/8 bytes of binary data, msb first. */ +/* + * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed + * by (bits+7)/8 bytes of binary data, msb first. + */ void buffer_put_bignum(Buffer *buffer, BIGNUM *value) { - int bits = BN_num_bits(value); - int bin_size = (bits + 7) / 8; - char *buf = xmalloc(bin_size); - int oi; - char msg[2]; - - /* Get the value of in binary */ - oi = BN_bn2bin(value, buf); - assert(oi == bin_size); - - /* Store the number of bits in the buffer in two bytes, msb first. */ - PUT_16BIT(msg, bits); - buffer_append(buffer, msg, 2); - /* Store the binary data. */ - buffer_append(buffer, buf, oi); - /* Clear the temporary data. */ - memset(buf, 0, bin_size); - xfree(buf); -} - -/* Retrieves an BIGNUM from the buffer. */ - + int bits = BN_num_bits(value); + int bin_size = (bits + 7) / 8; + char *buf = xmalloc(bin_size); + int oi; + char msg[2]; + + /* Get the value of in binary */ + oi = BN_bn2bin(value, buf); + if (oi != bin_size) + fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", + oi, bin_size); + + /* Store the number of bits in the buffer in two bytes, msb first. */ + PUT_16BIT(msg, bits); + buffer_append(buffer, msg, 2); + /* Store the binary data. */ + buffer_append(buffer, buf, oi); + + memset(buf, 0, bin_size); + xfree(buf); +} + +/* + * Retrieves an BIGNUM from the buffer. + */ int buffer_get_bignum(Buffer *buffer, BIGNUM *value) -{ - int bits, bytes; - unsigned char buf[2], *bin; - - /* Get the number for bits. */ - buffer_get(buffer, (char *)buf, 2); - bits = GET_16BIT(buf); - /* Compute the number of binary bytes that follow. */ - bytes = (bits + 7) / 8; - bin = xmalloc(bytes); - buffer_get(buffer, bin, bytes); - BN_bin2bn(bin, bytes, value); - xfree(bin); - - return 2 + bytes; -} - -/* Returns an integer from the buffer (4 bytes, msb first). */ - -unsigned int buffer_get_int(Buffer *buffer) -{ - unsigned char buf[4]; - buffer_get(buffer, (char *)buf, 4); - return GET_32BIT(buf); -} - -/* Stores an integer in the buffer in 4 bytes, msb first. */ - -void buffer_put_int(Buffer *buffer, unsigned int value) { - char buf[4]; - PUT_32BIT(buf, value); - buffer_append(buffer, buf, 4); -} - -/* Returns an arbitrary binary string from the buffer. The string cannot - be longer than 256k. The returned value points to memory allocated - with xmalloc; it is the responsibility of the calling function to free - the data. If length_ptr is non-NULL, the length of the returned data - will be stored there. A null character will be automatically appended - to the returned string, and is not counted in length. */ - -char *buffer_get_string(Buffer *buffer, unsigned int *length_ptr) -{ - unsigned int len; - char *value; - /* Get the length. */ - len = buffer_get_int(buffer); - if (len > 256*1024) - fatal("Received packet with bad string length %d", len); - /* Allocate space for the string. Add one byte for a null character. */ - value = xmalloc(len + 1); - /* Get the string. */ - buffer_get(buffer, value, len); - /* Append a null character to make processing easier. */ - value[len] = 0; - /* Optionally return the length of the string. */ - if (length_ptr) - *length_ptr = len; - return value; -} - -/* Stores and arbitrary binary string in the buffer. */ - -void buffer_put_string(Buffer *buffer, const void *buf, unsigned int len) -{ - buffer_put_int(buffer, len); - buffer_append(buffer, buf, len); -} - -/* Returns a character from the buffer (0 - 255). */ - -int buffer_get_char(Buffer *buffer) -{ - char ch; - buffer_get(buffer, &ch, 1); - return (unsigned char)ch; -} - -/* Stores a character in the buffer. */ + int bits, bytes; + unsigned char buf[2], *bin; -void buffer_put_char(Buffer *buffer, int value) + /* Get the number for bits. */ + buffer_get(buffer, (char *) buf, 2); + bits = GET_16BIT(buf); + /* Compute the number of binary bytes that follow. */ + bytes = (bits + 7) / 8; + if (buffer_len(buffer) < bytes) + fatal("buffer_get_bignum: input buffer too small"); + bin = buffer_ptr(buffer); + BN_bin2bn(bin, bytes, value); + buffer_consume(buffer, bytes); + + return 2 + bytes; +} + +/* + * Returns an integer from the buffer (4 bytes, msb first). + */ +unsigned int +buffer_get_int(Buffer *buffer) +{ + unsigned char buf[4]; + buffer_get(buffer, (char *) buf, 4); + return GET_32BIT(buf); +} + +/* + * Stores an integer in the buffer in 4 bytes, msb first. + */ +void +buffer_put_int(Buffer *buffer, unsigned int value) +{ + char buf[4]; + PUT_32BIT(buf, value); + buffer_append(buffer, buf, 4); +} + +/* + * Returns an arbitrary binary string from the buffer. The string cannot + * be longer than 256k. The returned value points to memory allocated + * with xmalloc; it is the responsibility of the calling function to free + * the data. If length_ptr is non-NULL, the length of the returned data + * will be stored there. A null character will be automatically appended + * to the returned string, and is not counted in length. + */ +char * +buffer_get_string(Buffer *buffer, unsigned int *length_ptr) +{ + unsigned int len; + char *value; + /* Get the length. */ + len = buffer_get_int(buffer); + if (len > 256 * 1024) + fatal("Received packet with bad string length %d", len); + /* Allocate space for the string. Add one byte for a null character. */ + value = xmalloc(len + 1); + /* Get the string. */ + buffer_get(buffer, value, len); + /* Append a null character to make processing easier. */ + value[len] = 0; + /* Optionally return the length of the string. */ + if (length_ptr) + *length_ptr = len; + return value; +} + +/* + * Stores and arbitrary binary string in the buffer. + */ +void +buffer_put_string(Buffer *buffer, const void *buf, unsigned int len) +{ + buffer_put_int(buffer, len); + buffer_append(buffer, buf, len); +} + +/* + * Returns a character from the buffer (0 - 255). + */ +int +buffer_get_char(Buffer *buffer) +{ + char ch; + buffer_get(buffer, &ch, 1); + return (unsigned char) ch; +} + +/* + * Stores a character in the buffer. + */ +void +buffer_put_char(Buffer *buffer, int value) { - char ch = value; - buffer_append(buffer, &ch, 1); + char ch = value; + buffer_append(buffer, &ch, 1); } Index: usr.bin/ssh/bufaux.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/bufaux.h,v retrieving revision 1.2 retrieving revision 1.4 diff -u -r1.2 -r1.4 --- usr.bin/ssh/bufaux.h 1999/09/28 04:45:36 1.2 +++ usr.bin/ssh/bufaux.h 1999/11/24 19:53:44 1.4 @@ -1,51 +1,55 @@ /* + * + * bufaux.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Wed Mar 29 02:18:23 1995 ylo + * + */ -bufaux.h +/* RCSID("$Id: bufaux.h,v 1.4 1999/11/24 19:53:44 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Mar 29 02:18:23 1995 ylo - -*/ - -/* RCSID("$Id: bufaux.h,v 1.2 1999/09/28 04:45:36 provos Exp $"); */ - #ifndef BUFAUX_H #define BUFAUX_H #include "buffer.h" -/* Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed - by (bits+7)/8 bytes of binary data, msb first. */ -void buffer_put_bignum(Buffer *buffer, BIGNUM *value); +/* + * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed + * by (bits+7)/8 bytes of binary data, msb first. + */ +void buffer_put_bignum(Buffer * buffer, BIGNUM * value); /* Retrieves an BIGNUM from the buffer. */ -int buffer_get_bignum(Buffer *buffer, BIGNUM *value); +int buffer_get_bignum(Buffer * buffer, BIGNUM * value); /* Returns an integer from the buffer (4 bytes, msb first). */ -unsigned int buffer_get_int(Buffer *buffer); +unsigned int buffer_get_int(Buffer * buffer); /* Stores an integer in the buffer in 4 bytes, msb first. */ -void buffer_put_int(Buffer *buffer, unsigned int value); +void buffer_put_int(Buffer * buffer, unsigned int value); /* Returns a character from the buffer (0 - 255). */ -int buffer_get_char(Buffer *buffer); +int buffer_get_char(Buffer * buffer); /* Stores a character in the buffer. */ -void buffer_put_char(Buffer *buffer, int value); +void buffer_put_char(Buffer * buffer, int value); -/* Returns an arbitrary binary string from the buffer. The string cannot - be longer than 256k. The returned value points to memory allocated - with xmalloc; it is the responsibility of the calling function to free - the data. If length_ptr is non-NULL, the length of the returned data - will be stored there. A null character will be automatically appended - to the returned string, and is not counted in length. */ -char *buffer_get_string(Buffer *buffer, unsigned int *length_ptr); +/* + * Returns an arbitrary binary string from the buffer. The string cannot be + * longer than 256k. The returned value points to memory allocated with + * xmalloc; it is the responsibility of the calling function to free the + * data. If length_ptr is non-NULL, the length of the returned data will be + * stored there. A null character will be automatically appended to the + * returned string, and is not counted in length. + */ +char *buffer_get_string(Buffer * buffer, unsigned int *length_ptr); /* Stores and arbitrary binary string in the buffer. */ -void buffer_put_string(Buffer *buffer, const void *buf, unsigned int len); +void buffer_put_string(Buffer * buffer, const void *buf, unsigned int len); -#endif /* BUFAUX_H */ +#endif /* BUFAUX_H */ Index: usr.bin/ssh/buffer.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/buffer.c,v retrieving revision 1.1 retrieving revision 1.4 diff -u -r1.1 -r1.4 --- usr.bin/ssh/buffer.c 1999/09/26 20:53:34 1.1 +++ usr.bin/ssh/buffer.c 1999/11/24 19:53:44 1.4 @@ -1,20 +1,20 @@ /* + * + * buffer.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sat Mar 18 04:15:33 1995 ylo + * + * Functions for manipulating fifo buffers (that can grow if needed). + * + */ -buffer.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Mar 18 04:15:33 1995 ylo - -Functions for manipulating fifo buffers (that can grow if needed). - -*/ - #include "includes.h" -RCSID("$Id: buffer.c,v 1.1 1999/09/26 20:53:34 deraadt Exp $"); +RCSID("$Id: buffer.c,v 1.4 1999/11/24 19:53:44 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -22,129 +22,140 @@ /* Initializes the buffer structure. */ -void buffer_init(Buffer *buffer) +void +buffer_init(Buffer *buffer) { - buffer->alloc = 4096; - buffer->buf = xmalloc(buffer->alloc); - buffer->offset = 0; - buffer->end = 0; + buffer->alloc = 4096; + buffer->buf = xmalloc(buffer->alloc); + buffer->offset = 0; + buffer->end = 0; } /* Frees any memory used for the buffer. */ -void buffer_free(Buffer *buffer) +void +buffer_free(Buffer *buffer) { - memset(buffer->buf, 0, buffer->alloc); - xfree(buffer->buf); + memset(buffer->buf, 0, buffer->alloc); + xfree(buffer->buf); } -/* Clears any data from the buffer, making it empty. This does not actually - zero the memory. */ +/* + * Clears any data from the buffer, making it empty. This does not actually + * zero the memory. + */ -void buffer_clear(Buffer *buffer) +void +buffer_clear(Buffer *buffer) { - buffer->offset = 0; - buffer->end = 0; + buffer->offset = 0; + buffer->end = 0; } /* Appends data to the buffer, expanding it if necessary. */ -void buffer_append(Buffer *buffer, const char *data, unsigned int len) +void +buffer_append(Buffer *buffer, const char *data, unsigned int len) { - char *cp; - buffer_append_space(buffer, &cp, len); - memcpy(cp, data, len); -} - -/* Appends space to the buffer, expanding the buffer if necessary. - This does not actually copy the data into the buffer, but instead - returns a pointer to the allocated region. */ - -void buffer_append_space(Buffer *buffer, char **datap, unsigned int len) -{ - /* If the buffer is empty, start using it from the beginning. */ - if (buffer->offset == buffer->end) - { - buffer->offset = 0; - buffer->end = 0; - } - - restart: - /* If there is enough space to store all data, store it now. */ - if (buffer->end + len < buffer->alloc) - { - *datap = buffer->buf + buffer->end; - buffer->end += len; - return; - } - - /* If the buffer is quite empty, but all data is at the end, move the - data to the beginning and retry. */ - if (buffer->offset > buffer->alloc / 2) - { - memmove(buffer->buf, buffer->buf + buffer->offset, - buffer->end - buffer->offset); - buffer->end -= buffer->offset; - buffer->offset = 0; - goto restart; - } - - /* Increase the size of the buffer and retry. */ - buffer->alloc += len + 32768; - buffer->buf = xrealloc(buffer->buf, buffer->alloc); - goto restart; + char *cp; + buffer_append_space(buffer, &cp, len); + memcpy(cp, data, len); +} + +/* + * Appends space to the buffer, expanding the buffer if necessary. This does + * not actually copy the data into the buffer, but instead returns a pointer + * to the allocated region. + */ + +void +buffer_append_space(Buffer *buffer, char **datap, unsigned int len) +{ + /* If the buffer is empty, start using it from the beginning. */ + if (buffer->offset == buffer->end) { + buffer->offset = 0; + buffer->end = 0; + } +restart: + /* If there is enough space to store all data, store it now. */ + if (buffer->end + len < buffer->alloc) { + *datap = buffer->buf + buffer->end; + buffer->end += len; + return; + } + /* + * If the buffer is quite empty, but all data is at the end, move the + * data to the beginning and retry. + */ + if (buffer->offset > buffer->alloc / 2) { + memmove(buffer->buf, buffer->buf + buffer->offset, + buffer->end - buffer->offset); + buffer->end -= buffer->offset; + buffer->offset = 0; + goto restart; + } + /* Increase the size of the buffer and retry. */ + buffer->alloc += len + 32768; + buffer->buf = xrealloc(buffer->buf, buffer->alloc); + goto restart; } /* Returns the number of bytes of data in the buffer. */ -unsigned int buffer_len(Buffer *buffer) +unsigned int +buffer_len(Buffer *buffer) { - return buffer->end - buffer->offset; + return buffer->end - buffer->offset; } /* Gets data from the beginning of the buffer. */ -void buffer_get(Buffer *buffer, char *buf, unsigned int len) +void +buffer_get(Buffer *buffer, char *buf, unsigned int len) { - if (len > buffer->end - buffer->offset) - fatal("buffer_get trying to get more bytes than in buffer"); - memcpy(buf, buffer->buf + buffer->offset, len); - buffer->offset += len; + if (len > buffer->end - buffer->offset) + fatal("buffer_get trying to get more bytes than in buffer"); + memcpy(buf, buffer->buf + buffer->offset, len); + buffer->offset += len; } /* Consumes the given number of bytes from the beginning of the buffer. */ -void buffer_consume(Buffer *buffer, unsigned int bytes) +void +buffer_consume(Buffer *buffer, unsigned int bytes) { - if (bytes > buffer->end - buffer->offset) - fatal("buffer_get trying to get more bytes than in buffer"); - buffer->offset += bytes; -} + if (bytes > buffer->end - buffer->offset) + fatal("buffer_get trying to get more bytes than in buffer"); + buffer->offset += bytes; +} /* Consumes the given number of bytes from the end of the buffer. */ -void buffer_consume_end(Buffer *buffer, unsigned int bytes) +void +buffer_consume_end(Buffer *buffer, unsigned int bytes) { - if (bytes > buffer->end - buffer->offset) - fatal("buffer_get trying to get more bytes than in buffer"); - buffer->end -= bytes; -} + if (bytes > buffer->end - buffer->offset) + fatal("buffer_get trying to get more bytes than in buffer"); + buffer->end -= bytes; +} /* Returns a pointer to the first used byte in the buffer. */ -char *buffer_ptr(Buffer *buffer) +char * +buffer_ptr(Buffer *buffer) { - return buffer->buf + buffer->offset; + return buffer->buf + buffer->offset; } /* Dumps the contents of the buffer to stderr. */ -void buffer_dump(Buffer *buffer) +void +buffer_dump(Buffer *buffer) { - int i; - unsigned char *ucp = (unsigned char *)buffer->buf; - - for (i = buffer->offset; i < buffer->end; i++) - fprintf(stderr, " %02x", ucp[i]); - fprintf(stderr, "\n"); + int i; + unsigned char *ucp = (unsigned char *) buffer->buf; + + for (i = buffer->offset; i < buffer->end; i++) + fprintf(stderr, " %02x", ucp[i]); + fprintf(stderr, "\n"); } Index: usr.bin/ssh/buffer.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/buffer.h,v retrieving revision 1.1 retrieving revision 1.3 diff -u -r1.1 -r1.3 --- usr.bin/ssh/buffer.h 1999/09/26 20:53:34 1.1 +++ usr.bin/ssh/buffer.h 1999/11/24 19:53:44 1.3 @@ -1,66 +1,68 @@ /* + * + * buffer.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sat Mar 18 04:12:25 1995 ylo + * + * Code for manipulating FIFO buffers. + * + */ -buffer.h +/* RCSID("$Id: buffer.h,v 1.3 1999/11/24 19:53:44 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Mar 18 04:12:25 1995 ylo - -Code for manipulating FIFO buffers. - -*/ - -/* RCSID("$Id: buffer.h,v 1.1 1999/09/26 20:53:34 deraadt Exp $"); */ - #ifndef BUFFER_H #define BUFFER_H - -typedef struct -{ - char *buf; /* Buffer for data. */ - unsigned int alloc; /* Number of bytes allocated for data. */ - unsigned int offset; /* Offset of first byte containing data. */ - unsigned int end; /* Offset of last byte containing data. */ -} Buffer; +typedef struct { + char *buf; /* Buffer for data. */ + unsigned int alloc; /* Number of bytes allocated for data. */ + unsigned int offset; /* Offset of first byte containing data. */ + unsigned int end; /* Offset of last byte containing data. */ +} Buffer; /* Initializes the buffer structure. */ -void buffer_init(Buffer *buffer); +void buffer_init(Buffer * buffer); /* Frees any memory used for the buffer. */ -void buffer_free(Buffer *buffer); +void buffer_free(Buffer * buffer); /* Clears any data from the buffer, making it empty. This does not actually zero the memory. */ -void buffer_clear(Buffer *buffer); +void buffer_clear(Buffer * buffer); /* Appends data to the buffer, expanding it if necessary. */ -void buffer_append(Buffer *buffer, const char *data, unsigned int len); +void buffer_append(Buffer * buffer, const char *data, unsigned int len); -/* Appends space to the buffer, expanding the buffer if necessary. - This does not actually copy the data into the buffer, but instead - returns a pointer to the allocated region. */ -void buffer_append_space(Buffer *buffer, char **datap, unsigned int len); +/* + * Appends space to the buffer, expanding the buffer if necessary. This does + * not actually copy the data into the buffer, but instead returns a pointer + * to the allocated region. + */ +void buffer_append_space(Buffer * buffer, char **datap, unsigned int len); /* Returns the number of bytes of data in the buffer. */ -unsigned int buffer_len(Buffer *buffer); +unsigned int buffer_len(Buffer * buffer); /* Gets data from the beginning of the buffer. */ -void buffer_get(Buffer *buffer, char *buf, unsigned int len); +void buffer_get(Buffer * buffer, char *buf, unsigned int len); /* Consumes the given number of bytes from the beginning of the buffer. */ -void buffer_consume(Buffer *buffer, unsigned int bytes); +void buffer_consume(Buffer * buffer, unsigned int bytes); /* Consumes the given number of bytes from the end of the buffer. */ -void buffer_consume_end(Buffer *buffer, unsigned int bytes); +void buffer_consume_end(Buffer * buffer, unsigned int bytes); /* Returns a pointer to the first used byte in the buffer. */ -char *buffer_ptr(Buffer *buffer); +char *buffer_ptr(Buffer * buffer); -/* Dumps the contents of the buffer to stderr in hex. This intended for - debugging purposes only. */ -void buffer_dump(Buffer *buffer); +/* + * Dumps the contents of the buffer to stderr in hex. This intended for + * debugging purposes only. + */ +void buffer_dump(Buffer * buffer); -#endif /* BUFFER_H */ +#endif /* BUFFER_H */ Index: usr.bin/ssh/canohost.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/canohost.c,v retrieving revision 1.3 retrieving revision 1.8 diff -u -r1.3 -r1.8 --- usr.bin/ssh/canohost.c 1999/09/30 05:53:04 1.3 +++ usr.bin/ssh/canohost.c 1999/11/24 19:53:44 1.8 @@ -1,234 +1,243 @@ /* + * + * canohost.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sun Jul 2 17:52:22 1995 ylo + * + * Functions for returning the canonical host name of the remote site. + * + */ -canohost.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sun Jul 2 17:52:22 1995 ylo - -Functions for returning the canonical host name of the remote site. - -*/ - #include "includes.h" -RCSID("$Id: canohost.c,v 1.3 1999/09/30 05:53:04 deraadt Exp $"); +RCSID("$Id: canohost.c,v 1.8 1999/11/24 19:53:44 markus Exp $"); #include "packet.h" #include "xmalloc.h" #include "ssh.h" -/* Return the canonical name of the host at the other end of the socket. - The caller should free the returned string with xfree. */ +/* + * Return the canonical name of the host at the other end of the socket. The + * caller should free the returned string with xfree. + */ -char *get_remote_hostname(int socket) +char * +get_remote_hostname(int socket) { - struct sockaddr_in from; - int fromlen, i; - struct hostent *hp; - char name[MAXHOSTNAMELEN]; - - /* Get IP address of client. */ - fromlen = sizeof(from); - memset(&from, 0, sizeof(from)); - if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) - { - error("getpeername failed: %.100s", strerror(errno)); - strlcpy(name, "UNKNOWN", sizeof name); - goto check_ip_options; - } - - /* Map the IP address to a host name. */ - hp = gethostbyaddr((char *)&from.sin_addr, sizeof(struct in_addr), - from.sin_family); - if (hp) - { - /* Got host name, find canonic host name. */ - if (strchr(hp->h_name, '.') != 0) - strlcpy(name, hp->h_name, sizeof(name)); - else if (hp->h_aliases != 0 - && hp->h_aliases[0] != 0 - && strchr(hp->h_aliases[0], '.') != 0) - strlcpy(name, hp->h_aliases[0], sizeof(name)); - else - strlcpy(name, hp->h_name, sizeof(name)); - - /* Convert it to all lowercase (which is expected by the rest of this - software). */ - for (i = 0; name[i]; i++) - if (isupper(name[i])) - name[i] = tolower(name[i]); - - /* Map it back to an IP address and check that the given address actually - is an address of this host. This is necessary because anyone with - access to a name server can define arbitrary names for an IP address. - Mapping from name to IP address can be trusted better (but can still - be fooled if the intruder has access to the name server of the - domain). */ - hp = gethostbyname(name); - if (!hp) - { - log("reverse mapping checking gethostbyname for %.700s failed - POSSIBLE BREAKIN ATTEMPT!", name); - strlcpy(name, inet_ntoa(from.sin_addr), sizeof name); - goto check_ip_options; - } - /* Look for the address from the list of addresses. */ - for (i = 0; hp->h_addr_list[i]; i++) - if (memcmp(hp->h_addr_list[i], &from.sin_addr, sizeof(from.sin_addr)) - == 0) - break; - /* If we reached the end of the list, the address was not there. */ - if (!hp->h_addr_list[i]) + struct sockaddr_in from; + int fromlen, i; + struct hostent *hp; + char name[MAXHOSTNAMELEN]; + + /* Get IP address of client. */ + fromlen = sizeof(from); + memset(&from, 0, sizeof(from)); + if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) { + debug("getpeername failed: %.100s", strerror(errno)); + fatal_cleanup(); + } + /* Map the IP address to a host name. */ + hp = gethostbyaddr((char *) &from.sin_addr, sizeof(struct in_addr), + from.sin_family); + if (hp) { + /* Got host name, find canonic host name. */ + if (strchr(hp->h_name, '.') != 0) + strlcpy(name, hp->h_name, sizeof(name)); + else if (hp->h_aliases != 0 + && hp->h_aliases[0] != 0 + && strchr(hp->h_aliases[0], '.') != 0) + strlcpy(name, hp->h_aliases[0], sizeof(name)); + else + strlcpy(name, hp->h_name, sizeof(name)); + + /* + * Convert it to all lowercase (which is expected by the rest + * of this software). + */ + for (i = 0; name[i]; i++) + if (isupper(name[i])) + name[i] = tolower(name[i]); + + /* + * Map it back to an IP address and check that the given + * address actually is an address of this host. This is + * necessary because anyone with access to a name server can + * define arbitrary names for an IP address. Mapping from + * name to IP address can be trusted better (but can still be + * fooled if the intruder has access to the name server of + * the domain). + */ + hp = gethostbyname(name); + if (!hp) { + log("reverse mapping checking gethostbyname for %.700s failed - POSSIBLE BREAKIN ATTEMPT!", name); + strlcpy(name, inet_ntoa(from.sin_addr), sizeof name); + goto check_ip_options; + } + /* Look for the address from the list of addresses. */ + for (i = 0; hp->h_addr_list[i]; i++) + if (memcmp(hp->h_addr_list[i], &from.sin_addr, sizeof(from.sin_addr)) + == 0) + break; + /* + * If we reached the end of the list, the address was not + * there. + */ + if (!hp->h_addr_list[i]) { + /* Address not found for the host name. */ + log("Address %.100s maps to %.600s, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!", + inet_ntoa(from.sin_addr), name); + strlcpy(name, inet_ntoa(from.sin_addr), sizeof name); + goto check_ip_options; + } + /* Address was found for the host name. We accept the host name. */ + } else { + /* Host name not found. Use ascii representation of the address. */ + strlcpy(name, inet_ntoa(from.sin_addr), sizeof name); + log("Could not reverse map address %.100s.", name); + } + +check_ip_options: + + /* + * If IP options are supported, make sure there are none (log and + * disconnect them if any are found). Basically we are worried about + * source routing; it can be used to pretend you are somebody + * (ip-address) you are not. That itself may be "almost acceptable" + * under certain circumstances, but rhosts autentication is useless + * if source routing is accepted. Notice also that if we just dropped + * source routing here, the other side could use IP spoofing to do + * rest of the interaction and could still bypass security. So we + * exit here if we detect any IP options. + */ { - /* Address not found for the host name. */ - log("Address %.100s maps to %.600s, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!", - inet_ntoa(from.sin_addr), name); - strlcpy(name, inet_ntoa(from.sin_addr), sizeof name); - goto check_ip_options; - } - /* Address was found for the host name. We accept the host name. */ - } - else - { - /* Host name not found. Use ascii representation of the address. */ - strlcpy(name, inet_ntoa(from.sin_addr), sizeof name); - log("Could not reverse map address %.100s.", name); - } - - check_ip_options: - - /* If IP options are supported, make sure there are none (log and clear - them if any are found). Basically we are worried about source routing; - it can be used to pretend you are somebody (ip-address) you are not. - That itself may be "almost acceptable" under certain circumstances, - but rhosts autentication is useless if source routing is accepted. - Notice also that if we just dropped source routing here, the other - side could use IP spoofing to do rest of the interaction and could still - bypass security. So we exit here if we detect any IP options. */ - { - unsigned char options[200], *ucp; - char text[1024], *cp; - int option_size, ipproto; - struct protoent *ip; - - if ((ip = getprotobyname("ip")) != NULL) - ipproto = ip->p_proto; - else - ipproto = IPPROTO_IP; - option_size = sizeof(options); - if (getsockopt(0, ipproto, IP_OPTIONS, (char *)options, - &option_size) >= 0 && option_size != 0) - { - cp = text; - /* Note: "text" buffer must be at least 3x as big as options. */ - for (ucp = options; option_size > 0; ucp++, option_size--, cp += 3) - sprintf(cp, " %2.2x", *ucp); - log("Connection from %.100s with IP options:%.800s", - inet_ntoa(from.sin_addr), text); - packet_disconnect("Connection from %.100s with IP options:%.800s", - inet_ntoa(from.sin_addr), text); - } - } + unsigned char options[200], *ucp; + char text[1024], *cp; + int option_size, ipproto; + struct protoent *ip; + + if ((ip = getprotobyname("ip")) != NULL) + ipproto = ip->p_proto; + else + ipproto = IPPROTO_IP; + option_size = sizeof(options); + if (getsockopt(0, ipproto, IP_OPTIONS, (char *) options, + &option_size) >= 0 && option_size != 0) { + cp = text; + /* Note: "text" buffer must be at least 3x as big as options. */ + for (ucp = options; option_size > 0; ucp++, option_size--, cp += 3) + sprintf(cp, " %2.2x", *ucp); + log("Connection from %.100s with IP options:%.800s", + inet_ntoa(from.sin_addr), text); + packet_disconnect("Connection from %.100s with IP options:%.800s", + inet_ntoa(from.sin_addr), text); + } + } - return xstrdup(name); + return xstrdup(name); } static char *canonical_host_name = NULL; static char *canonical_host_ip = NULL; -/* Return the canonical name of the host in the other side of the current - connection. The host name is cached, so it is efficient to call this - several times. */ +/* + * Return the canonical name of the host in the other side of the current + * connection. The host name is cached, so it is efficient to call this + * several times. + */ -const char *get_canonical_hostname() +const char * +get_canonical_hostname() { - /* Check if we have previously retrieved this same name. */ - if (canonical_host_name != NULL) - return canonical_host_name; - - /* Get the real hostname if socket; otherwise return UNKNOWN. */ - if (packet_get_connection_in() == packet_get_connection_out()) - canonical_host_name = get_remote_hostname(packet_get_connection_in()); - else - canonical_host_name = xstrdup("UNKNOWN"); + /* Check if we have previously retrieved this same name. */ + if (canonical_host_name != NULL) + return canonical_host_name; + + /* Get the real hostname if socket; otherwise return UNKNOWN. */ + if (packet_get_connection_in() == packet_get_connection_out()) + canonical_host_name = get_remote_hostname(packet_get_connection_in()); + else + canonical_host_name = xstrdup("UNKNOWN"); - return canonical_host_name; + return canonical_host_name; } -/* Returns the IP-address of the remote host as a string. The returned - string need not be freed. */ +/* + * Returns the IP-address of the remote host as a string. The returned + * string need not be freed. + */ -const char *get_remote_ipaddr() +const char * +get_remote_ipaddr() { - struct sockaddr_in from; - int fromlen, socket; + struct sockaddr_in from; + int fromlen, socket; - /* Check if we have previously retrieved this same name. */ - if (canonical_host_ip != NULL) - return canonical_host_ip; - - /* If not a socket, return UNKNOWN. */ - if (packet_get_connection_in() != packet_get_connection_out()) - { - canonical_host_ip = xstrdup("UNKNOWN"); - return canonical_host_ip; - } - - /* Get client socket. */ - socket = packet_get_connection_in(); - - /* Get IP address of client. */ - fromlen = sizeof(from); - memset(&from, 0, sizeof(from)); - if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) - { - error("getpeername failed: %.100s", strerror(errno)); - return NULL; - } + /* Check whether we have chached the name. */ + if (canonical_host_ip != NULL) + return canonical_host_ip; + + /* If not a socket, return UNKNOWN. */ + if (packet_get_connection_in() != packet_get_connection_out()) { + canonical_host_ip = xstrdup("UNKNOWN"); + return canonical_host_ip; + } + /* Get client socket. */ + socket = packet_get_connection_in(); - /* Get the IP address in ascii. */ - canonical_host_ip = xstrdup(inet_ntoa(from.sin_addr)); + /* Get IP address of client. */ + fromlen = sizeof(from); + memset(&from, 0, sizeof(from)); + if (getpeername(socket, (struct sockaddr *) & from, &fromlen) < 0) { + debug("getpeername failed: %.100s", strerror(errno)); + fatal_cleanup(); + } + /* Get the IP address in ascii. */ + canonical_host_ip = xstrdup(inet_ntoa(from.sin_addr)); - /* Return ip address string. */ - return canonical_host_ip; + /* Return ip address string. */ + return canonical_host_ip; } /* Returns the port of the peer of the socket. */ -int get_peer_port(int sock) +int +get_peer_port(int sock) { - struct sockaddr_in from; - int fromlen; + struct sockaddr_in from; + int fromlen; - /* Get IP address of client. */ - fromlen = sizeof(from); - memset(&from, 0, sizeof(from)); - if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) - { - error("getpeername failed: %.100s", strerror(errno)); - return 0; - } - - /* Return port number. */ - return ntohs(from.sin_port); + /* Get IP address of client. */ + fromlen = sizeof(from); + memset(&from, 0, sizeof(from)); + if (getpeername(sock, (struct sockaddr *) & from, &fromlen) < 0) { + debug("getpeername failed: %.100s", strerror(errno)); + fatal_cleanup(); + } + /* Return port number. */ + return ntohs(from.sin_port); } /* Returns the port number of the remote host. */ -int get_remote_port() +int +get_remote_port() { - int socket; + int socket; - /* If the connection is not a socket, return 65535. This is intentionally - chosen to be an unprivileged port number. */ - if (packet_get_connection_in() != packet_get_connection_out()) - return 65535; + /* + * If the connection is not a socket, return 65535. This is + * intentionally chosen to be an unprivileged port number. + */ + if (packet_get_connection_in() != packet_get_connection_out()) + return 65535; - /* Get client socket. */ - socket = packet_get_connection_in(); + /* Get client socket. */ + socket = packet_get_connection_in(); - /* Get and return the peer port number. */ - return get_peer_port(socket); + /* Get and return the peer port number. */ + return get_peer_port(socket); } Index: usr.bin/ssh/channels.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/channels.c,v retrieving revision 1.16 retrieving revision 1.32 diff -u -r1.16 -r1.32 --- usr.bin/ssh/channels.c 1999/10/17 16:56:08 1.16 +++ usr.bin/ssh/channels.c 1999/12/06 12:07:21 1.32 @@ -1,22 +1,22 @@ /* + * + * channels.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 24 16:35:24 1995 ylo + * + * This file contains functions for generic socket connection forwarding. + * There is also code for initiating connection forwarding for X11 connections, + * arbitrary tcp/ip connections, and the authentication agent connection. + * + */ -channels.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Fri Mar 24 16:35:24 1995 ylo - -This file contains functions for generic socket connection forwarding. -There is also code for initiating connection forwarding for X11 connections, -arbitrary tcp/ip connections, and the authentication agent connection. - -*/ - #include "includes.h" -RCSID("$Id: channels.c,v 1.16 1999/10/17 16:56:08 markus Exp $"); +RCSID("$Id: channels.c,v 1.32 1999/12/06 12:07:21 deraadt Exp $"); #include "ssh.h" #include "packet.h" @@ -24,6 +24,7 @@ #include "buffer.h" #include "authfd.h" #include "uidswap.h" +#include "readconf.h" #include "servconf.h" #include "channels.h" @@ -36,22 +37,28 @@ /* Max len of agent socket */ #define MAX_SOCKET_NAME 100 -/* Pointer to an array containing all allocated channels. The array is - dynamically extended as needed. */ +/* + * Pointer to an array containing all allocated channels. The array is + * dynamically extended as needed. + */ static Channel *channels = NULL; -/* Size of the channel array. All slots of the array must always be - initialized (at least the type field); unused slots are marked with - type SSH_CHANNEL_FREE. */ +/* + * Size of the channel array. All slots of the array must always be + * initialized (at least the type field); unused slots are marked with type + * SSH_CHANNEL_FREE. + */ static int channels_alloc = 0; -/* Maximum file descriptor value used in any of the channels. This is updated - in channel_allocate. */ +/* + * Maximum file descriptor value used in any of the channels. This is + * updated in channel_allocate. + */ static int channel_max_fd_value = 0; /* Name and directory of socket for authentication agent forwarding. */ static char *channel_forwarded_auth_socket_name = NULL; -static char *channel_forwarded_auth_socket_dir = NULL; +static char *channel_forwarded_auth_socket_dir = NULL; /* Saved X11 authentication protocol name. */ char *x11_saved_proto = NULL; @@ -60,28 +67,33 @@ char *x11_saved_data = NULL; unsigned int x11_saved_data_len = 0; -/* Fake X11 authentication data. This is what the server will be sending - us; we should replace any occurrences of this by the real data. */ +/* + * Fake X11 authentication data. This is what the server will be sending us; + * we should replace any occurrences of this by the real data. + */ char *x11_fake_data = NULL; unsigned int x11_fake_data_len; -/* Data structure for storing which hosts are permitted for forward requests. - The local sides of any remote forwards are stored in this array to prevent - a corrupt remote server from accessing arbitrary TCP/IP ports on our - local network (which might be behind a firewall). */ -typedef struct -{ - char *host; /* Host name. */ - int port; /* Port number. */ +/* + * Data structure for storing which hosts are permitted for forward requests. + * The local sides of any remote forwards are stored in this array to prevent + * a corrupt remote server from accessing arbitrary TCP/IP ports on our local + * network (which might be behind a firewall). + */ +typedef struct { + char *host; /* Host name. */ + u_short port; /* Port number. */ } ForwardPermission; /* List of all permitted host/port pairs to connect. */ static ForwardPermission permitted_opens[SSH_MAX_FORWARDS_PER_DIRECTION]; /* Number of permitted host/port pairs in the array. */ static int num_permitted_opens = 0; -/* If this is true, all opens are permitted. This is the case on the - server on which we have to trust the client anyway, and the user could - do anything after logging in anyway. */ +/* + * If this is true, all opens are permitted. This is the case on the server + * on which we have to trust the client anyway, and the user could do + * anything after logging in anyway. + */ static int all_opens_permitted = 0; /* This is set to true if both sides support SSH_PROTOFLAG_HOST_IN_FWD_OPEN. */ @@ -89,1050 +101,1075 @@ /* Sets specific protocol options. */ -void channel_set_options(int hostname_in_open) +void +channel_set_options(int hostname_in_open) { - have_hostname_in_open = hostname_in_open; + have_hostname_in_open = hostname_in_open; } -/* Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually - called by the server, because the user could connect to any port anyway, - and the server has no way to know but to trust the client anyway. */ - -void channel_permit_all_opens() -{ - all_opens_permitted = 1; -} - -/* Allocate a new channel object and set its type and socket. - This will cause remote_name to be freed. */ - -int channel_allocate(int type, int sock, char *remote_name) -{ - int i, old_channels; - - /* Update the maximum file descriptor value. */ - if (sock > channel_max_fd_value) - channel_max_fd_value = sock; - - /* Do initial allocation if this is the first call. */ - if (channels_alloc == 0) - { - channels_alloc = 10; - channels = xmalloc(channels_alloc * sizeof(Channel)); - for (i = 0; i < channels_alloc; i++) - channels[i].type = SSH_CHANNEL_FREE; - - /* Kludge: arrange a call to channel_stop_listening if we terminate - with fatal(). */ - fatal_add_cleanup((void (*)(void *))channel_stop_listening, NULL); - } - - /* Try to find a free slot where to put the new channel. */ - for (i = 0; i < channels_alloc; i++) - if (channels[i].type == SSH_CHANNEL_FREE) - { - /* Found a free slot. Initialize the fields and return its number. */ - buffer_init(&channels[i].input); - buffer_init(&channels[i].output); - channels[i].self = i; - channels[i].type = type; - channels[i].x11 = 0; - channels[i].sock = sock; - channels[i].remote_id = -1; - channels[i].remote_name = remote_name; - chan_init_iostates(&channels[i]); - return i; - } - - /* There are no free slots. Must expand the array. */ - old_channels = channels_alloc; - channels_alloc += 10; - channels = xrealloc(channels, channels_alloc * sizeof(Channel)); - for (i = old_channels; i < channels_alloc; i++) - channels[i].type = SSH_CHANNEL_FREE; - - /* We know that the next one after the old maximum channel number is now - available. Initialize and return its number. */ - buffer_init(&channels[old_channels].input); - buffer_init(&channels[old_channels].output); - channels[old_channels].self = old_channels; - channels[old_channels].type = type; - channels[old_channels].x11 = 0; - channels[old_channels].sock = sock; - channels[old_channels].remote_id = -1; - channels[old_channels].remote_name = remote_name; - chan_init_iostates(&channels[old_channels]); - return old_channels; +/* + * Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually + * called by the server, because the user could connect to any port anyway, + * and the server has no way to know but to trust the client anyway. + */ + +void +channel_permit_all_opens() +{ + all_opens_permitted = 1; +} + +/* + * Allocate a new channel object and set its type and socket. This will cause + * remote_name to be freed. + */ + +int +channel_allocate(int type, int sock, char *remote_name) +{ + int i, found; + Channel *c; + + /* Update the maximum file descriptor value. */ + if (sock > channel_max_fd_value) + channel_max_fd_value = sock; + /* XXX set close-on-exec -markus */ + + /* Do initial allocation if this is the first call. */ + if (channels_alloc == 0) { + channels_alloc = 10; + channels = xmalloc(channels_alloc * sizeof(Channel)); + for (i = 0; i < channels_alloc; i++) + channels[i].type = SSH_CHANNEL_FREE; + /* + * Kludge: arrange a call to channel_stop_listening if we + * terminate with fatal(). + */ + fatal_add_cleanup((void (*) (void *)) channel_stop_listening, NULL); + } + /* Try to find a free slot where to put the new channel. */ + for (found = -1, i = 0; i < channels_alloc; i++) + if (channels[i].type == SSH_CHANNEL_FREE) { + /* Found a free slot. */ + found = i; + break; + } + if (found == -1) { + /* There are no free slots. Take last+1 slot and expand the array. */ + found = channels_alloc; + channels_alloc += 10; + debug("channel: expanding %d", channels_alloc); + channels = xrealloc(channels, channels_alloc * sizeof(Channel)); + for (i = found; i < channels_alloc; i++) + channels[i].type = SSH_CHANNEL_FREE; + } + /* Initialize and return new channel number. */ + c = &channels[found]; + buffer_init(&c->input); + buffer_init(&c->output); + chan_init_iostates(c); + c->self = found; + c->type = type; + c->sock = sock; + c->remote_id = -1; + c->remote_name = remote_name; + debug("channel %d: new [%s]", found, remote_name); + return found; } /* Free the channel and close its socket. */ -void channel_free(int channel) +void +channel_free(int channel) { - assert(channel >= 0 && channel < channels_alloc && - channels[channel].type != SSH_CHANNEL_FREE); - if(compat13) - shutdown(channels[channel].sock, SHUT_RDWR); - close(channels[channel].sock); - buffer_free(&channels[channel].input); - buffer_free(&channels[channel].output); - channels[channel].type = SSH_CHANNEL_FREE; - if (channels[channel].remote_name) - { - xfree(channels[channel].remote_name); - channels[channel].remote_name = NULL; - } -} - -/* This is called just before select() to add any bits relevant to - channels in the select bitmasks. */ - -void channel_prepare_select(fd_set *readset, fd_set *writeset) -{ - int i; - Channel *ch; - unsigned char *ucp; - unsigned int proto_len, data_len; - - for (i = 0; i < channels_alloc; i++) - { - ch = &channels[i]; - redo: - switch (ch->type) - { - case SSH_CHANNEL_X11_LISTENER: - case SSH_CHANNEL_PORT_LISTENER: - case SSH_CHANNEL_AUTH_SOCKET: - FD_SET(ch->sock, readset); - break; - - case SSH_CHANNEL_OPEN: - if(compat13){ - if (buffer_len(&ch->input) < 32768) - FD_SET(ch->sock, readset); - if (buffer_len(&ch->output) > 0) - FD_SET(ch->sock, writeset); - break; - } - /* test whether sockets are 'alive' for read/write */ - if (ch->istate == CHAN_INPUT_OPEN) - if (buffer_len(&ch->input) < 32768) - FD_SET(ch->sock, readset); - if (ch->ostate == CHAN_OUTPUT_OPEN || ch->ostate == CHAN_OUTPUT_WAIT_DRAIN){ - if (buffer_len(&ch->output) > 0){ - FD_SET(ch->sock, writeset); - }else if(ch->ostate == CHAN_OUTPUT_WAIT_DRAIN) { - chan_obuf_empty(ch); - } - } - break; - - case SSH_CHANNEL_INPUT_DRAINING: - if (!compat13) - fatal("cannot happen: IN_DRAIN"); - if (buffer_len(&ch->input) == 0) - { - packet_start(SSH_MSG_CHANNEL_CLOSE); - packet_put_int(ch->remote_id); - packet_send(); - ch->type = SSH_CHANNEL_CLOSED; - debug("Closing channel %d after input drain.", i); - break; - } - break; - - case SSH_CHANNEL_OUTPUT_DRAINING: - if (!compat13) - fatal("cannot happen: OUT_DRAIN"); - if (buffer_len(&ch->output) == 0) - { - /* debug("Freeing channel %d after output drain.", i); */ - channel_free(i); - break; - } - FD_SET(ch->sock, writeset); - break; - - case SSH_CHANNEL_X11_OPEN: - /* This is a special state for X11 authentication spoofing. An - opened X11 connection (when authentication spoofing is being - done) remains in this state until the first packet has been - completely read. The authentication data in that packet is - then substituted by the real data if it matches the fake data, - and the channel is put into normal mode. */ - - /* Check if the fixed size part of the packet is in buffer. */ - if (buffer_len(&ch->output) < 12) - break; - - /* Parse the lengths of variable-length fields. */ - ucp = (unsigned char *)buffer_ptr(&ch->output); - if (ucp[0] == 0x42) - { /* Byte order MSB first. */ - proto_len = 256 * ucp[6] + ucp[7]; - data_len = 256 * ucp[8] + ucp[9]; - } - else - if (ucp[0] == 0x6c) - { /* Byte order LSB first. */ - proto_len = ucp[6] + 256 * ucp[7]; - data_len = ucp[8] + 256 * ucp[9]; - } - else - { - debug("Initial X11 packet contains bad byte order byte: 0x%x", - ucp[0]); - ch->type = SSH_CHANNEL_OPEN; - goto reject; - } - - /* Check if the whole packet is in buffer. */ - if (buffer_len(&ch->output) < - 12 + ((proto_len + 3) & ~3) + ((data_len + 3) & ~3)) - break; - - /* Check if authentication protocol matches. */ - if (proto_len != strlen(x11_saved_proto) || - memcmp(ucp + 12, x11_saved_proto, proto_len) != 0) - { - debug("X11 connection uses different authentication protocol."); - ch->type = SSH_CHANNEL_OPEN; - goto reject; - } - - /* Check if authentication data matches our fake data. */ - if (data_len != x11_fake_data_len || - memcmp(ucp + 12 + ((proto_len + 3) & ~3), - x11_fake_data, x11_fake_data_len) != 0) - { - debug("X11 auth data does not match fake data."); - ch->type = SSH_CHANNEL_OPEN; - goto reject; - } - - /* Received authentication protocol and data match our fake data. - Substitute the fake data with real data. */ - assert(x11_fake_data_len == x11_saved_data_len); - memcpy(ucp + 12 + ((proto_len + 3) & ~3), - x11_saved_data, x11_saved_data_len); - - /* Start normal processing for the channel. */ - ch->type = SSH_CHANNEL_OPEN; - /* Enable X11 Problem FIX */ - ch->x11 = 1; - goto redo; - + if (channel < 0 || channel >= channels_alloc || + channels[channel].type == SSH_CHANNEL_FREE) + packet_disconnect("channel free: bad local channel %d", channel); + + if (compat13) + shutdown(channels[channel].sock, SHUT_RDWR); + close(channels[channel].sock); + buffer_free(&channels[channel].input); + buffer_free(&channels[channel].output); + channels[channel].type = SSH_CHANNEL_FREE; + if (channels[channel].remote_name) { + xfree(channels[channel].remote_name); + channels[channel].remote_name = NULL; + } +} + +/* + * This is called just before select() to add any bits relevant to channels + * in the select bitmasks. + */ + +void +channel_prepare_select(fd_set * readset, fd_set * writeset) +{ + int i; + Channel *ch; + unsigned char *ucp; + unsigned int proto_len, data_len; + + for (i = 0; i < channels_alloc; i++) { + ch = &channels[i]; +redo: + switch (ch->type) { + case SSH_CHANNEL_X11_LISTENER: + case SSH_CHANNEL_PORT_LISTENER: + case SSH_CHANNEL_AUTH_SOCKET: + FD_SET(ch->sock, readset); + break; + + case SSH_CHANNEL_OPEN: + if (compat13) { + if (buffer_len(&ch->input) < packet_get_maxsize()) + FD_SET(ch->sock, readset); + if (buffer_len(&ch->output) > 0) + FD_SET(ch->sock, writeset); + break; + } + /* test whether sockets are 'alive' for read/write */ + if (ch->istate == CHAN_INPUT_OPEN) + if (buffer_len(&ch->input) < packet_get_maxsize()) + FD_SET(ch->sock, readset); + if (ch->ostate == CHAN_OUTPUT_OPEN || + ch->ostate == CHAN_OUTPUT_WAIT_DRAIN) { + if (buffer_len(&ch->output) > 0) { + FD_SET(ch->sock, writeset); + } else if (ch->ostate == CHAN_OUTPUT_WAIT_DRAIN) { + chan_obuf_empty(ch); + } + } + break; + + case SSH_CHANNEL_INPUT_DRAINING: + if (!compat13) + fatal("cannot happen: IN_DRAIN"); + if (buffer_len(&ch->input) == 0) { + packet_start(SSH_MSG_CHANNEL_CLOSE); + packet_put_int(ch->remote_id); + packet_send(); + ch->type = SSH_CHANNEL_CLOSED; + debug("Closing channel %d after input drain.", i); + break; + } + break; + + case SSH_CHANNEL_OUTPUT_DRAINING: + if (!compat13) + fatal("cannot happen: OUT_DRAIN"); + if (buffer_len(&ch->output) == 0) { + channel_free(i); + break; + } + FD_SET(ch->sock, writeset); + break; + + case SSH_CHANNEL_X11_OPEN: + /* + * This is a special state for X11 authentication + * spoofing. An opened X11 connection (when + * authentication spoofing is being done) remains in + * this state until the first packet has been + * completely read. The authentication data in that + * packet is then substituted by the real data if it + * matches the fake data, and the channel is put into + * normal mode. + */ + /* Check if the fixed size part of the packet is in buffer. */ + if (buffer_len(&ch->output) < 12) + break; + + /* Parse the lengths of variable-length fields. */ + ucp = (unsigned char *) buffer_ptr(&ch->output); + if (ucp[0] == 0x42) { /* Byte order MSB first. */ + proto_len = 256 * ucp[6] + ucp[7]; + data_len = 256 * ucp[8] + ucp[9]; + } else if (ucp[0] == 0x6c) { /* Byte order LSB first. */ + proto_len = ucp[6] + 256 * ucp[7]; + data_len = ucp[8] + 256 * ucp[9]; + } else { + debug("Initial X11 packet contains bad byte order byte: 0x%x", + ucp[0]); + ch->type = SSH_CHANNEL_OPEN; + goto reject; + } + + /* Check if the whole packet is in buffer. */ + if (buffer_len(&ch->output) < + 12 + ((proto_len + 3) & ~3) + ((data_len + 3) & ~3)) + break; + + /* Check if authentication protocol matches. */ + if (proto_len != strlen(x11_saved_proto) || + memcmp(ucp + 12, x11_saved_proto, proto_len) != 0) { + debug("X11 connection uses different authentication protocol."); + ch->type = SSH_CHANNEL_OPEN; + goto reject; + } + /* Check if authentication data matches our fake data. */ + if (data_len != x11_fake_data_len || + memcmp(ucp + 12 + ((proto_len + 3) & ~3), + x11_fake_data, x11_fake_data_len) != 0) { + debug("X11 auth data does not match fake data."); + ch->type = SSH_CHANNEL_OPEN; + goto reject; + } + /* Check fake data length */ + if (x11_fake_data_len != x11_saved_data_len) { + error("X11 fake_data_len %d != saved_data_len %d", + x11_fake_data_len, x11_saved_data_len); + ch->type = SSH_CHANNEL_OPEN; + goto reject; + } + /* + * Received authentication protocol and data match + * our fake data. Substitute the fake data with real + * data. + */ + memcpy(ucp + 12 + ((proto_len + 3) & ~3), + x11_saved_data, x11_saved_data_len); + + /* Start normal processing for the channel. */ + ch->type = SSH_CHANNEL_OPEN; + goto redo; + reject: - /* We have received an X11 connection that has bad authentication - information. */ - log("X11 connection rejected because of wrong authentication.\r\n"); - buffer_clear(&ch->input); - buffer_clear(&ch->output); - if (compat13) { - close(ch->sock); - ch->sock = -1; - ch->type = SSH_CHANNEL_CLOSED; - packet_start(SSH_MSG_CHANNEL_CLOSE); - packet_put_int(ch->remote_id); - packet_send(); - }else{ - debug("X11 rejected %d 0x%x 0x%x", ch->self, ch->istate, ch->ostate); - chan_read_failed(ch); - chan_write_failed(ch); - debug("X11 rejected %d 0x%x 0x%x", ch->self, ch->istate, ch->ostate); - } - break; - - case SSH_CHANNEL_FREE: - default: - continue; - } - } -} - -/* After select, perform any appropriate operations for channels which - have events pending. */ - -void channel_after_select(fd_set *readset, fd_set *writeset) -{ - struct sockaddr addr; - int addrlen, newsock, i, newch, len; - Channel *ch; - char buf[16384], *remote_hostname; - - /* Loop over all channels... */ - for (i = 0; i < channels_alloc; i++) - { - ch = &channels[i]; - switch (ch->type) - { - case SSH_CHANNEL_X11_LISTENER: - /* This is our fake X11 server socket. */ - if (FD_ISSET(ch->sock, readset)) - { - debug("X11 connection requested."); - addrlen = sizeof(addr); - newsock = accept(ch->sock, &addr, &addrlen); - if (newsock < 0) - { - error("accept: %.100s", strerror(errno)); - break; - } - remote_hostname = get_remote_hostname(newsock); - snprintf(buf, sizeof buf, "X11 connection from %.200s port %d", - remote_hostname, get_peer_port(newsock)); - xfree(remote_hostname); - newch = channel_allocate(SSH_CHANNEL_OPENING, newsock, - xstrdup(buf)); - packet_start(SSH_SMSG_X11_OPEN); - packet_put_int(newch); - if (have_hostname_in_open) - packet_put_string(buf, strlen(buf)); - packet_send(); - } - break; - - case SSH_CHANNEL_PORT_LISTENER: - /* This socket is listening for connections to a forwarded TCP/IP - port. */ - if (FD_ISSET(ch->sock, readset)) - { - debug("Connection to port %d forwarding to %.100s:%d requested.", - ch->listening_port, ch->path, ch->host_port); - addrlen = sizeof(addr); - newsock = accept(ch->sock, &addr, &addrlen); - if (newsock < 0) - { - error("accept: %.100s", strerror(errno)); - break; + /* + * We have received an X11 connection that has bad + * authentication information. + */ + log("X11 connection rejected because of wrong authentication.\r\n"); + buffer_clear(&ch->input); + buffer_clear(&ch->output); + if (compat13) { + close(ch->sock); + ch->sock = -1; + ch->type = SSH_CHANNEL_CLOSED; + packet_start(SSH_MSG_CHANNEL_CLOSE); + packet_put_int(ch->remote_id); + packet_send(); + } else { + debug("X11 rejected %d i%d/o%d", ch->self, ch->istate, ch->ostate); + chan_read_failed(ch); + chan_write_failed(ch); + debug("X11 rejected %d i%d/o%d", ch->self, ch->istate, ch->ostate); + } + break; + + case SSH_CHANNEL_FREE: + default: + continue; } - remote_hostname = get_remote_hostname(newsock); - snprintf(buf, sizeof buf, "port %d, connection from %.200s port %d", - ch->listening_port, remote_hostname, - get_peer_port(newsock)); - xfree(remote_hostname); - newch = channel_allocate(SSH_CHANNEL_OPENING, newsock, - xstrdup(buf)); - packet_start(SSH_MSG_PORT_OPEN); - packet_put_int(newch); - packet_put_string(ch->path, strlen(ch->path)); - packet_put_int(ch->host_port); - if (have_hostname_in_open) - packet_put_string(buf, strlen(buf)); - packet_send(); - } - break; - - case SSH_CHANNEL_AUTH_SOCKET: - /* This is the authentication agent socket listening for connections - from clients. */ - if (FD_ISSET(ch->sock, readset)) - { - int nchan; - len = sizeof(addr); - newsock = accept(ch->sock, &addr, &len); - if (newsock < 0) - { - error("accept from auth socket: %.100s", strerror(errno)); - break; - } + } +} - nchan = channel_allocate(SSH_CHANNEL_OPENING, newsock, - xstrdup("accepted auth socket")); - packet_start(SSH_SMSG_AGENT_OPEN); - packet_put_int(nchan); - packet_send(); - } - break; - - case SSH_CHANNEL_OPEN: - /* This is an open two-way communication channel. It is not of - interest to us at this point what kind of data is being - transmitted. */ - - /* Read available incoming data and append it to buffer; - shutdown socket, if read or write failes */ - if (FD_ISSET(ch->sock, readset)) - { - len = read(ch->sock, buf, sizeof(buf)); - if (len <= 0) - { - if (compat13) { - buffer_consume(&ch->output, buffer_len(&ch->output)); - ch->type = SSH_CHANNEL_INPUT_DRAINING; - debug("Channel %d status set to input draining.", i); - }else{ - chan_read_failed(ch); - } - break; +/* + * After select, perform any appropriate operations for channels which have + * events pending. + */ + +void +channel_after_select(fd_set * readset, fd_set * writeset) +{ + struct sockaddr addr; + int addrlen, newsock, i, newch, len; + Channel *ch; + char buf[16384], *remote_hostname; + + /* Loop over all channels... */ + for (i = 0; i < channels_alloc; i++) { + ch = &channels[i]; + switch (ch->type) { + case SSH_CHANNEL_X11_LISTENER: + /* This is our fake X11 server socket. */ + if (FD_ISSET(ch->sock, readset)) { + debug("X11 connection requested."); + addrlen = sizeof(addr); + newsock = accept(ch->sock, &addr, &addrlen); + if (newsock < 0) { + error("accept: %.100s", strerror(errno)); + break; + } + remote_hostname = get_remote_hostname(newsock); + snprintf(buf, sizeof buf, "X11 connection from %.200s port %d", + remote_hostname, get_peer_port(newsock)); + xfree(remote_hostname); + newch = channel_allocate(SSH_CHANNEL_OPENING, newsock, + xstrdup(buf)); + packet_start(SSH_SMSG_X11_OPEN); + packet_put_int(newch); + if (have_hostname_in_open) + packet_put_string(buf, strlen(buf)); + packet_send(); + } + break; + + case SSH_CHANNEL_PORT_LISTENER: + /* + * This socket is listening for connections to a + * forwarded TCP/IP port. + */ + if (FD_ISSET(ch->sock, readset)) { + debug("Connection to port %d forwarding to %.100s:%d requested.", + ch->listening_port, ch->path, ch->host_port); + addrlen = sizeof(addr); + newsock = accept(ch->sock, &addr, &addrlen); + if (newsock < 0) { + error("accept: %.100s", strerror(errno)); + break; + } + remote_hostname = get_remote_hostname(newsock); + snprintf(buf, sizeof buf, "listen port %d:%.100s:%d, connect from %.200s:%d", + ch->listening_port, ch->path, ch->host_port, + remote_hostname, get_peer_port(newsock)); + xfree(remote_hostname); + newch = channel_allocate(SSH_CHANNEL_OPENING, newsock, + xstrdup(buf)); + packet_start(SSH_MSG_PORT_OPEN); + packet_put_int(newch); + packet_put_string(ch->path, strlen(ch->path)); + packet_put_int(ch->host_port); + if (have_hostname_in_open) + packet_put_string(buf, strlen(buf)); + packet_send(); + } + break; + + case SSH_CHANNEL_AUTH_SOCKET: + /* + * This is the authentication agent socket listening + * for connections from clients. + */ + if (FD_ISSET(ch->sock, readset)) { + int nchan; + len = sizeof(addr); + newsock = accept(ch->sock, &addr, &len); + if (newsock < 0) { + error("accept from auth socket: %.100s", strerror(errno)); + break; + } + nchan = channel_allocate(SSH_CHANNEL_OPENING, newsock, + xstrdup("accepted auth socket")); + packet_start(SSH_SMSG_AGENT_OPEN); + packet_put_int(nchan); + packet_send(); + } + break; + + case SSH_CHANNEL_OPEN: + /* + * This is an open two-way communication channel. It + * is not of interest to us at this point what kind + * of data is being transmitted. + */ + + /* + * Read available incoming data and append it to + * buffer; shutdown socket, if read or write failes + */ + if (FD_ISSET(ch->sock, readset)) { + len = read(ch->sock, buf, sizeof(buf)); + if (len <= 0) { + if (compat13) { + buffer_consume(&ch->output, buffer_len(&ch->output)); + ch->type = SSH_CHANNEL_INPUT_DRAINING; + debug("Channel %d status set to input draining.", i); + } else { + chan_read_failed(ch); + } + break; + } + buffer_append(&ch->input, buf, len); + } + /* Send buffered output data to the socket. */ + if (FD_ISSET(ch->sock, writeset) && buffer_len(&ch->output) > 0) { + len = write(ch->sock, buffer_ptr(&ch->output), + buffer_len(&ch->output)); + if (len <= 0) { + if (compat13) { + buffer_consume(&ch->output, buffer_len(&ch->output)); + debug("Channel %d status set to input draining.", i); + ch->type = SSH_CHANNEL_INPUT_DRAINING; + } else { + chan_write_failed(ch); + } + break; + } + buffer_consume(&ch->output, len); + } + break; + + case SSH_CHANNEL_OUTPUT_DRAINING: + if (!compat13) + fatal("cannot happen: OUT_DRAIN"); + /* Send buffered output data to the socket. */ + if (FD_ISSET(ch->sock, writeset) && buffer_len(&ch->output) > 0) { + len = write(ch->sock, buffer_ptr(&ch->output), + buffer_len(&ch->output)); + if (len <= 0) + buffer_consume(&ch->output, buffer_len(&ch->output)); + else + buffer_consume(&ch->output, len); + } + break; + + case SSH_CHANNEL_X11_OPEN: + case SSH_CHANNEL_FREE: + default: + continue; } - buffer_append(&ch->input, buf, len); - } - /* Send buffered output data to the socket. */ - if (FD_ISSET(ch->sock, writeset) && buffer_len(&ch->output) > 0) - { - len = write(ch->sock, buffer_ptr(&ch->output), - buffer_len(&ch->output)); - if (len <= 0) - { - if (compat13) { - buffer_consume(&ch->output, buffer_len(&ch->output)); - debug("Channel %d status set to input draining.", i); - ch->type = SSH_CHANNEL_INPUT_DRAINING; - }else{ - chan_write_failed(ch); - } - break; - } - buffer_consume(&ch->output, len); - } - break; - - case SSH_CHANNEL_OUTPUT_DRAINING: - if (!compat13) - fatal("cannot happen: OUT_DRAIN"); - /* Send buffered output data to the socket. */ - if (FD_ISSET(ch->sock, writeset) && buffer_len(&ch->output) > 0) - { - len = write(ch->sock, buffer_ptr(&ch->output), - buffer_len(&ch->output)); - if (len <= 0) - buffer_consume(&ch->output, buffer_len(&ch->output)); - else - buffer_consume(&ch->output, len); - } - break; - - case SSH_CHANNEL_X11_OPEN: - case SSH_CHANNEL_FREE: - default: - continue; } - } } /* If there is data to send to the connection, send some of it now. */ -void channel_output_poll() +void +channel_output_poll() { - int len, i; - Channel *ch; + int len, i; + Channel *ch; + + for (i = 0; i < channels_alloc; i++) { + ch = &channels[i]; + /* We are only interested in channels that can have buffered incoming data. */ + if (ch->type != SSH_CHANNEL_OPEN && + ch->type != SSH_CHANNEL_INPUT_DRAINING) + continue; + + /* Get the amount of buffered data for this channel. */ + len = buffer_len(&ch->input); + if (len > 0) { + /* Send some data for the other side over the secure connection. */ + if (packet_is_interactive()) { + if (len > 1024) + len = 512; + } else { + /* Keep the packets at reasonable size. */ + if (len > 16384) + len = 16384; + } + packet_start(SSH_MSG_CHANNEL_DATA); + packet_put_int(ch->remote_id); + packet_put_string(buffer_ptr(&ch->input), len); + packet_send(); + buffer_consume(&ch->input, len); + } else if (ch->istate == CHAN_INPUT_WAIT_DRAIN) { + if (compat13) + fatal("cannot happen: istate == INPUT_WAIT_DRAIN for proto 1.3"); + /* + * input-buffer is empty and read-socket shutdown: + * tell peer, that we will not send more data: send IEOF + */ + chan_ibuf_empty(ch); + } + } +} - for (i = 0; i < channels_alloc; i++) - { - ch = &channels[i]; - /* We are only interested in channels that can have buffered incoming - data. */ - if (ch->type != SSH_CHANNEL_OPEN && - ch->type != SSH_CHANNEL_INPUT_DRAINING) - continue; - - /* Get the amount of buffered data for this channel. */ - len = buffer_len(&ch->input); - if (len > 0) - { - /* Send some data for the other side over the secure connection. */ - if (packet_is_interactive()) - { - if (len > 1024) - len = 512; - } - else - { - if (len > 16384) - len = 16384; /* Keep the packets at reasonable size. */ - } - packet_start(SSH_MSG_CHANNEL_DATA); - packet_put_int(ch->remote_id); - packet_put_string(buffer_ptr(&ch->input), len); - packet_send(); - buffer_consume(&ch->input, len); - } - else if(ch->istate == CHAN_INPUT_WAIT_DRAIN) - { - if (compat13) - fatal("cannot happen: istate == INPUT_WAIT_DRAIN for proto 1.3"); - /* input-buffer is empty and read-socket shutdown: - tell peer, that we will not send more data: send IEOF */ - chan_ibuf_empty(ch); - } - } -} - -/* This is called when a packet of type CHANNEL_DATA has just been received. - The message type has already been consumed, but channel number and data - is still there. */ - -void channel_input_data(int payload_len) -{ - int channel; - char *data; - unsigned int data_len; - - /* Get the channel number and verify it. */ - channel = packet_get_int(); - if (channel < 0 || channel >= channels_alloc || - channels[channel].type == SSH_CHANNEL_FREE) - packet_disconnect("Received data for nonexistent channel %d.", channel); - - /* Ignore any data for non-open channels (might happen on close) */ - if (channels[channel].type != SSH_CHANNEL_OPEN && - channels[channel].type != SSH_CHANNEL_X11_OPEN) - return; - - /* Get the data. */ - data = packet_get_string(&data_len); - packet_integrity_check(payload_len, 4 + 4+data_len, SSH_MSG_CHANNEL_DATA); - buffer_append(&channels[channel].output, data, data_len); - xfree(data); -} - -/* Returns true if no channel has too much buffered data, and false if - one or more channel is overfull. */ - -int channel_not_very_much_buffered_data() -{ - unsigned int i; - Channel *ch; - - for (i = 0; i < channels_alloc; i++) - { - ch = &channels[i]; - switch (ch->type) - { - case SSH_CHANNEL_X11_LISTENER: - case SSH_CHANNEL_PORT_LISTENER: - case SSH_CHANNEL_AUTH_SOCKET: - continue; - case SSH_CHANNEL_OPEN: - if (buffer_len(&ch->input) > 32768) - return 0; - if (buffer_len(&ch->output) > 32768) - return 0; - continue; - case SSH_CHANNEL_INPUT_DRAINING: - case SSH_CHANNEL_OUTPUT_DRAINING: - case SSH_CHANNEL_X11_OPEN: - case SSH_CHANNEL_FREE: - default: - continue; +/* + * This is called when a packet of type CHANNEL_DATA has just been received. + * The message type has already been consumed, but channel number and data is + * still there. + */ + +void +channel_input_data(int payload_len) +{ + int channel; + char *data; + unsigned int data_len; + + /* Get the channel number and verify it. */ + channel = packet_get_int(); + if (channel < 0 || channel >= channels_alloc || + channels[channel].type == SSH_CHANNEL_FREE) + packet_disconnect("Received data for nonexistent channel %d.", channel); + + /* Ignore any data for non-open channels (might happen on close) */ + if (channels[channel].type != SSH_CHANNEL_OPEN && + channels[channel].type != SSH_CHANNEL_X11_OPEN) + return; + + /* Get the data. */ + data = packet_get_string(&data_len); + packet_integrity_check(payload_len, 4 + 4 + data_len, SSH_MSG_CHANNEL_DATA); + buffer_append(&channels[channel].output, data, data_len); + xfree(data); +} + +/* + * Returns true if no channel has too much buffered data, and false if one or + * more channel is overfull. + */ + +int +channel_not_very_much_buffered_data() +{ + unsigned int i; + Channel *ch; + + for (i = 0; i < channels_alloc; i++) { + ch = &channels[i]; + switch (ch->type) { + case SSH_CHANNEL_X11_LISTENER: + case SSH_CHANNEL_PORT_LISTENER: + case SSH_CHANNEL_AUTH_SOCKET: + continue; + case SSH_CHANNEL_OPEN: + if (buffer_len(&ch->input) > packet_get_maxsize()) + return 0; + if (buffer_len(&ch->output) > packet_get_maxsize()) + return 0; + continue; + case SSH_CHANNEL_INPUT_DRAINING: + case SSH_CHANNEL_OUTPUT_DRAINING: + case SSH_CHANNEL_X11_OPEN: + case SSH_CHANNEL_FREE: + default: + continue; + } } - } - return 1; + return 1; } /* This is called after receiving CHANNEL_CLOSE/IEOF. */ -void channel_input_close() +void +channel_input_close() { - int channel; + int channel; + + /* Get the channel number and verify it. */ + channel = packet_get_int(); + if (channel < 0 || channel >= channels_alloc || + channels[channel].type == SSH_CHANNEL_FREE) + packet_disconnect("Received data for nonexistent channel %d.", channel); + + if (!compat13) { + /* proto version 1.5 overloads CLOSE with IEOF */ + chan_rcvd_ieof(&channels[channel]); + return; + } - /* Get the channel number and verify it. */ - channel = packet_get_int(); - if (channel < 0 || channel >= channels_alloc || - channels[channel].type == SSH_CHANNEL_FREE) - packet_disconnect("Received data for nonexistent channel %d.", channel); - - if(!compat13){ - /* proto version 1.5 overloads CLOSE with IEOF */ - chan_rcvd_ieof(&channels[channel]); - return; - } - - /* Send a confirmation that we have closed the channel and no more data is - coming for it. */ - packet_start(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION); - packet_put_int(channels[channel].remote_id); - packet_send(); - - /* If the channel is in closed state, we have sent a close request, and - the other side will eventually respond with a confirmation. Thus, - we cannot free the channel here, because then there would be no-one to - receive the confirmation. The channel gets freed when the confirmation - arrives. */ - if (channels[channel].type != SSH_CHANNEL_CLOSED) - { - /* Not a closed channel - mark it as draining, which will cause it to - be freed later. */ - buffer_consume(&channels[channel].input, - buffer_len(&channels[channel].input)); - channels[channel].type = SSH_CHANNEL_OUTPUT_DRAINING; - /* debug("Setting status to output draining; output len = %d", - buffer_len(&channels[channel].output)); */ - } + /* + * Send a confirmation that we have closed the channel and no more + * data is coming for it. + */ + packet_start(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION); + packet_put_int(channels[channel].remote_id); + packet_send(); + + /* + * If the channel is in closed state, we have sent a close request, + * and the other side will eventually respond with a confirmation. + * Thus, we cannot free the channel here, because then there would be + * no-one to receive the confirmation. The channel gets freed when + * the confirmation arrives. + */ + if (channels[channel].type != SSH_CHANNEL_CLOSED) { + /* + * Not a closed channel - mark it as draining, which will + * cause it to be freed later. + */ + buffer_consume(&channels[channel].input, + buffer_len(&channels[channel].input)); + channels[channel].type = SSH_CHANNEL_OUTPUT_DRAINING; + } } /* This is called after receiving CHANNEL_CLOSE_CONFIRMATION/OCLOSE. */ -void channel_input_close_confirmation() +void +channel_input_close_confirmation() { - int channel; + int channel; - /* Get the channel number and verify it. */ - channel = packet_get_int(); - if (channel < 0 || channel >= channels_alloc) - packet_disconnect("Received close confirmation for out-of-range channel %d.", - channel); - - if(!compat13){ - /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */ - chan_rcvd_oclose(&channels[channel]); - return; - } - - if (channels[channel].type != SSH_CHANNEL_CLOSED) - packet_disconnect("Received close confirmation for non-closed channel %d (type %d).", - channel, channels[channel].type); + /* Get the channel number and verify it. */ + channel = packet_get_int(); + if (channel < 0 || channel >= channels_alloc) + packet_disconnect("Received close confirmation for out-of-range channel %d.", + channel); + + if (!compat13) { + /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */ + chan_rcvd_oclose(&channels[channel]); + return; + } + if (channels[channel].type != SSH_CHANNEL_CLOSED) + packet_disconnect("Received close confirmation for non-closed channel %d (type %d).", + channel, channels[channel].type); - /* Free the channel. */ - channel_free(channel); + /* Free the channel. */ + channel_free(channel); } /* This is called after receiving CHANNEL_OPEN_CONFIRMATION. */ -void channel_input_open_confirmation() +void +channel_input_open_confirmation() { - int channel, remote_channel; + int channel, remote_channel; - /* Get the channel number and verify it. */ - channel = packet_get_int(); - if (channel < 0 || channel >= channels_alloc || - channels[channel].type != SSH_CHANNEL_OPENING) - packet_disconnect("Received open confirmation for non-opening channel %d.", - channel); - - /* Get remote side's id for this channel. */ - remote_channel = packet_get_int(); - - /* Record the remote channel number and mark that the channel is now open. */ - channels[channel].remote_id = remote_channel; - channels[channel].type = SSH_CHANNEL_OPEN; + /* Get the channel number and verify it. */ + channel = packet_get_int(); + if (channel < 0 || channel >= channels_alloc || + channels[channel].type != SSH_CHANNEL_OPENING) + packet_disconnect("Received open confirmation for non-opening channel %d.", + channel); + + /* Get remote side's id for this channel. */ + remote_channel = packet_get_int(); + + /* Record the remote channel number and mark that the channel is now open. */ + channels[channel].remote_id = remote_channel; + channels[channel].type = SSH_CHANNEL_OPEN; } /* This is called after receiving CHANNEL_OPEN_FAILURE from the other side. */ -void channel_input_open_failure() +void +channel_input_open_failure() { - int channel; + int channel; + + /* Get the channel number and verify it. */ + channel = packet_get_int(); + if (channel < 0 || channel >= channels_alloc || + channels[channel].type != SSH_CHANNEL_OPENING) + packet_disconnect("Received open failure for non-opening channel %d.", + channel); + + /* Free the channel. This will also close the socket. */ + channel_free(channel); +} + +/* + * Stops listening for channels, and removes any unix domain sockets that we + * might have. + */ + +void +channel_stop_listening() +{ + int i; + for (i = 0; i < channels_alloc; i++) { + switch (channels[i].type) { + case SSH_CHANNEL_AUTH_SOCKET: + close(channels[i].sock); + remove(channels[i].path); + channel_free(i); + break; + case SSH_CHANNEL_PORT_LISTENER: + case SSH_CHANNEL_X11_LISTENER: + close(channels[i].sock); + channel_free(i); + break; + default: + break; + } + } +} - /* Get the channel number and verify it. */ - channel = packet_get_int(); - if (channel < 0 || channel >= channels_alloc || - channels[channel].type != SSH_CHANNEL_OPENING) - packet_disconnect("Received open failure for non-opening channel %d.", - channel); - - /* Free the channel. This will also close the socket. */ - channel_free(channel); -} - -/* Stops listening for channels, and removes any unix domain sockets that - we might have. */ - -void channel_stop_listening() -{ - int i; - for (i = 0; i < channels_alloc; i++) - { - switch (channels[i].type) - { - case SSH_CHANNEL_AUTH_SOCKET: - close(channels[i].sock); - remove(channels[i].path); - channel_free(i); - break; - case SSH_CHANNEL_PORT_LISTENER: - case SSH_CHANNEL_X11_LISTENER: - close(channels[i].sock); - channel_free(i); - break; - default: - break; - } - } -} - -/* Closes the sockets of all channels. This is used to close extra file - descriptors after a fork. */ - -void channel_close_all() -{ - int i; - for (i = 0; i < channels_alloc; i++) - { - if (channels[i].type != SSH_CHANNEL_FREE) - close(channels[i].sock); - } +/* + * Closes the sockets of all channels. This is used to close extra file + * descriptors after a fork. + */ + +void +channel_close_all() +{ + int i; + for (i = 0; i < channels_alloc; i++) { + if (channels[i].type != SSH_CHANNEL_FREE) + close(channels[i].sock); + } } /* Returns the maximum file descriptor number used by the channels. */ -int channel_max_fd() +int +channel_max_fd() { - return channel_max_fd_value; + return channel_max_fd_value; } /* Returns true if any channel is still open. */ -int channel_still_open() +int +channel_still_open() { - unsigned int i; - for (i = 0; i < channels_alloc; i++) - switch (channels[i].type) - { - case SSH_CHANNEL_FREE: - case SSH_CHANNEL_X11_LISTENER: - case SSH_CHANNEL_PORT_LISTENER: - case SSH_CHANNEL_CLOSED: - case SSH_CHANNEL_AUTH_SOCKET: - continue; - case SSH_CHANNEL_OPENING: - case SSH_CHANNEL_OPEN: - case SSH_CHANNEL_X11_OPEN: - return 1; - case SSH_CHANNEL_INPUT_DRAINING: - case SSH_CHANNEL_OUTPUT_DRAINING: - if (!compat13) - fatal("cannot happen: OUT_DRAIN"); - return 1; - default: - fatal("channel_still_open: bad channel type %d", channels[i].type); - /*NOTREACHED*/ - } - return 0; -} - -/* Returns a message describing the currently open forwarded - connections, suitable for sending to the client. The message - contains crlf pairs for newlines. */ - -char *channel_open_message() -{ - Buffer buffer; - int i; - char buf[512], *cp; - - buffer_init(&buffer); - snprintf(buf, sizeof buf, "The following connections are open:\r\n"); - buffer_append(&buffer, buf, strlen(buf)); - for (i = 0; i < channels_alloc; i++){ - Channel *c=&channels[i]; - switch (c->type) - { - case SSH_CHANNEL_FREE: - case SSH_CHANNEL_X11_LISTENER: - case SSH_CHANNEL_PORT_LISTENER: - case SSH_CHANNEL_CLOSED: - case SSH_CHANNEL_AUTH_SOCKET: - continue; - case SSH_CHANNEL_OPENING: - case SSH_CHANNEL_OPEN: - case SSH_CHANNEL_X11_OPEN: - case SSH_CHANNEL_INPUT_DRAINING: - case SSH_CHANNEL_OUTPUT_DRAINING: - snprintf(buf, sizeof buf, " #%d/%d %.300s\r\n", - c->self,c->type,c->remote_name); + unsigned int i; + for (i = 0; i < channels_alloc; i++) + switch (channels[i].type) { + case SSH_CHANNEL_FREE: + case SSH_CHANNEL_X11_LISTENER: + case SSH_CHANNEL_PORT_LISTENER: + case SSH_CHANNEL_CLOSED: + case SSH_CHANNEL_AUTH_SOCKET: + continue; + case SSH_CHANNEL_OPENING: + case SSH_CHANNEL_OPEN: + case SSH_CHANNEL_X11_OPEN: + return 1; + case SSH_CHANNEL_INPUT_DRAINING: + case SSH_CHANNEL_OUTPUT_DRAINING: + if (!compat13) + fatal("cannot happen: OUT_DRAIN"); + return 1; + default: + fatal("channel_still_open: bad channel type %d", channels[i].type); + /* NOTREACHED */ + } + return 0; +} + +/* + * Returns a message describing the currently open forwarded connections, + * suitable for sending to the client. The message contains crlf pairs for + * newlines. + */ + +char * +channel_open_message() +{ + Buffer buffer; + int i; + char buf[512], *cp; + + buffer_init(&buffer); + snprintf(buf, sizeof buf, "The following connections are open:\r\n"); buffer_append(&buffer, buf, strlen(buf)); - continue; - default: - fatal("channel_still_open: bad channel type %d", c->type); - /*NOTREACHED*/ - } - } - buffer_append(&buffer, "\0", 1); - cp = xstrdup(buffer_ptr(&buffer)); - buffer_free(&buffer); - return cp; -} - -/* Initiate forwarding of connections to local port "port" through the secure - channel to host:port from remote side. */ - -void channel_request_local_forwarding(int port, const char *host, - int host_port) -{ - int ch, sock; - struct sockaddr_in sin; - extern Options options; - - if (strlen(host) > sizeof(channels[0].path) - 1) - packet_disconnect("Forward host name too long."); - - /* Create a port to listen for the host. */ - sock = socket(AF_INET, SOCK_STREAM, 0); - if (sock < 0) - packet_disconnect("socket: %.100s", strerror(errno)); - - /* Initialize socket address. */ - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - if (options.gateway_ports == 1) - sin.sin_addr.s_addr = htonl(INADDR_ANY); - else - sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); - sin.sin_port = htons(port); - - /* Bind the socket to the address. */ - if (bind(sock, (struct sockaddr *)&sin, sizeof(sin)) < 0) - packet_disconnect("bind: %.100s", strerror(errno)); - - /* Start listening for connections on the socket. */ - if (listen(sock, 5) < 0) - packet_disconnect("listen: %.100s", strerror(errno)); - - /* Allocate a channel number for the socket. */ - ch = channel_allocate(SSH_CHANNEL_PORT_LISTENER, sock, - xstrdup("port listener")); - strcpy(channels[ch].path, host); /* note: host name stored here */ - channels[ch].host_port = host_port; /* port on host to connect to */ - channels[ch].listening_port = port; /* port being listened */ -} - -/* Initiate forwarding of connections to port "port" on remote host through - the secure channel to host:port from local side. */ - -void channel_request_remote_forwarding(int port, const char *host, - int remote_port) -{ - int payload_len; - /* Record locally that connection to this host/port is permitted. */ - if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION) - fatal("channel_request_remote_forwarding: too many forwards"); - permitted_opens[num_permitted_opens].host = xstrdup(host); - permitted_opens[num_permitted_opens].port = remote_port; - num_permitted_opens++; - - /* Send the forward request to the remote side. */ - packet_start(SSH_CMSG_PORT_FORWARD_REQUEST); - packet_put_int(port); - packet_put_string(host, strlen(host)); - packet_put_int(remote_port); - packet_send(); - packet_write_wait(); - - /* Wait for response from the remote side. It will send a disconnect - message on failure, and we will never see it here. */ - packet_read_expect(&payload_len, SSH_SMSG_SUCCESS); -} - -/* This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates - listening for the port, and sends back a success reply (or disconnect - message if there was an error). This never returns if there was an - error. */ - -void channel_input_port_forward_request(int is_root) -{ - int port, host_port; - char *hostname; - - /* Get arguments from the packet. */ - port = packet_get_int(); - hostname = packet_get_string(NULL); - host_port = packet_get_int(); - - /* Port numbers are 16 bit quantities. */ - if ((port & 0xffff) != port) - packet_disconnect("Requested forwarding of nonexistent port %d.", port); - - /* Check that an unprivileged user is not trying to forward a privileged - port. */ - if (port < IPPORT_RESERVED && !is_root) - packet_disconnect("Requested forwarding of port %d but user is not root.", - port); - - /* Initiate forwarding. */ - channel_request_local_forwarding(port, hostname, host_port); - - /* Free the argument string. */ - xfree(hostname); -} - -/* This is called after receiving PORT_OPEN message. This attempts to connect - to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION or - CHANNEL_OPEN_FAILURE. */ - -void channel_input_port_open(int payload_len) -{ - int remote_channel, sock, newch, host_port, i; - struct sockaddr_in sin; - char *host, *originator_string; - struct hostent *hp; - int host_len, originator_len; - - /* Get remote channel number. */ - remote_channel = packet_get_int(); - - /* Get host name to connect to. */ - host = packet_get_string(&host_len); - - /* Get port to connect to. */ - host_port = packet_get_int(); - - /* Get remote originator name. */ - if (have_hostname_in_open) - originator_string = packet_get_string(&originator_len); - else - originator_string = xstrdup("unknown (remote did not supply name)"); - - packet_integrity_check(payload_len, - 4 + 4 + host_len + 4 + 4 + originator_len, - SSH_MSG_PORT_OPEN); - - /* Check if opening that port is permitted. */ - if (!all_opens_permitted) - { - /* Go trough all permitted ports. */ - for (i = 0; i < num_permitted_opens; i++) - if (permitted_opens[i].port == host_port && - strcmp(permitted_opens[i].host, host) == 0) - break; - - /* Check if we found the requested port among those permitted. */ - if (i >= num_permitted_opens) - { - /* The port is not permitted. */ - log("Received request to connect to %.100s:%d, but the request was denied.", - host, host_port); - packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(remote_channel); - packet_send(); - } - } - - memset(&sin, 0, sizeof(sin)); - sin.sin_addr.s_addr = inet_addr(host); - if ((sin.sin_addr.s_addr & 0xffffffff) != 0xffffffff) - { - /* It was a valid numeric host address. */ - sin.sin_family = AF_INET; - } - else - { - /* Look up the host address from the name servers. */ - hp = gethostbyname(host); - if (!hp) - { - error("%.100s: unknown host.", host); - goto fail; - } - if (!hp->h_addr_list[0]) - { - error("%.100s: host has no IP address.", host); - goto fail; - } - sin.sin_family = hp->h_addrtype; - memcpy(&sin.sin_addr, hp->h_addr_list[0], - sizeof(sin.sin_addr)); - } - sin.sin_port = htons(host_port); - - /* Create the socket. */ - sock = socket(sin.sin_family, SOCK_STREAM, 0); - if (sock < 0) - { - error("socket: %.100s", strerror(errno)); - goto fail; - } - - /* Connect to the host/port. */ - if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) < 0) - { - error("connect %.100s:%d: %.100s", host, host_port, - strerror(errno)); - close(sock); - goto fail; - } - - /* Successful connection. */ - - /* Allocate a channel for this connection. */ - newch = channel_allocate(SSH_CHANNEL_OPEN, sock, originator_string); - channels[newch].remote_id = remote_channel; - - /* Send a confirmation to the remote host. */ - packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); - packet_put_int(remote_channel); - packet_put_int(newch); - packet_send(); - - /* Free the argument string. */ - xfree(host); - - return; - - fail: - /* Free the argument string. */ - xfree(host); - - /* Send refusal to the remote host. */ - packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(remote_channel); - packet_send(); -} - -/* Creates an internet domain socket for listening for X11 connections. - Returns a suitable value for the DISPLAY variable, or NULL if an error - occurs. */ - -char *x11_create_display_inet(int screen_number) -{ - extern ServerOptions options; - int display_number, port, sock; - struct sockaddr_in sin; - char buf[512]; - char hostname[MAXHOSTNAMELEN]; - - for (display_number = options.x11_display_offset; display_number < MAX_DISPLAYS; display_number++) - { - port = 6000 + display_number; - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - sin.sin_addr.s_addr = htonl(INADDR_ANY); - sin.sin_port = htons(port); - - sock = socket(AF_INET, SOCK_STREAM, 0); - if (sock < 0) - { - error("socket: %.100s", strerror(errno)); - return NULL; - } - - if (bind(sock, (struct sockaddr *)&sin, sizeof(sin)) < 0) - { - debug("bind port %d: %.100s", port, strerror(errno)); - shutdown(sock, SHUT_RDWR); - close(sock); - continue; - } - break; - } - if (display_number >= MAX_DISPLAYS) - { - error("Failed to allocate internet-domain X11 display socket."); - return NULL; - } - - /* Start listening for connections on the socket. */ - if (listen(sock, 5) < 0) - { - error("listen: %.100s", strerror(errno)); - shutdown(sock, SHUT_RDWR); - close(sock); - return NULL; - } - - /* Set up a suitable value for the DISPLAY variable. */ - if (gethostname(hostname, sizeof(hostname)) < 0) - fatal("gethostname: %.100s", strerror(errno)); - snprintf(buf, sizeof buf, "%.400s:%d.%d", hostname, - display_number, screen_number); - - /* Allocate a channel for the socket. */ - (void)channel_allocate(SSH_CHANNEL_X11_LISTENER, sock, - xstrdup("X11 inet listener")); + for (i = 0; i < channels_alloc; i++) { + Channel *c = &channels[i]; + switch (c->type) { + case SSH_CHANNEL_FREE: + case SSH_CHANNEL_X11_LISTENER: + case SSH_CHANNEL_PORT_LISTENER: + case SSH_CHANNEL_CLOSED: + case SSH_CHANNEL_AUTH_SOCKET: + continue; + case SSH_CHANNEL_OPENING: + case SSH_CHANNEL_OPEN: + case SSH_CHANNEL_X11_OPEN: + case SSH_CHANNEL_INPUT_DRAINING: + case SSH_CHANNEL_OUTPUT_DRAINING: + snprintf(buf, sizeof buf, " #%d %.300s (t%d r%d i%d o%d)\r\n", + c->self, c->remote_name, + c->type, c->remote_id, c->istate, c->ostate); + buffer_append(&buffer, buf, strlen(buf)); + continue; + default: + fatal("channel_still_open: bad channel type %d", c->type); + /* NOTREACHED */ + } + } + buffer_append(&buffer, "\0", 1); + cp = xstrdup(buffer_ptr(&buffer)); + buffer_free(&buffer); + return cp; +} + +/* + * Initiate forwarding of connections to local port "port" through the secure + * channel to host:port from remote side. + */ + +void +channel_request_local_forwarding(u_short port, const char *host, + u_short host_port) +{ + int ch, sock, on = 1; + struct sockaddr_in sin; + extern Options options; + struct linger linger; + + if (strlen(host) > sizeof(channels[0].path) - 1) + packet_disconnect("Forward host name too long."); + + /* Create a port to listen for the host. */ + sock = socket(AF_INET, SOCK_STREAM, 0); + if (sock < 0) + packet_disconnect("socket: %.100s", strerror(errno)); + + /* Initialize socket address. */ + memset(&sin, 0, sizeof(sin)); + sin.sin_family = AF_INET; + if (options.gateway_ports == 1) + sin.sin_addr.s_addr = htonl(INADDR_ANY); + else + sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + sin.sin_port = htons(port); + + /* + * Set socket options. We would like the socket to disappear as soon + * as it has been closed for whatever reason. + */ + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); + linger.l_onoff = 1; + linger.l_linger = 5; + setsockopt(sock, SOL_SOCKET, SO_LINGER, (void *) &linger, sizeof(linger)); + + /* Bind the socket to the address. */ + if (bind(sock, (struct sockaddr *) & sin, sizeof(sin)) < 0) + packet_disconnect("bind: %.100s", strerror(errno)); + + /* Start listening for connections on the socket. */ + if (listen(sock, 5) < 0) + packet_disconnect("listen: %.100s", strerror(errno)); + + /* Allocate a channel number for the socket. */ + ch = channel_allocate(SSH_CHANNEL_PORT_LISTENER, sock, + xstrdup("port listener")); + strlcpy(channels[ch].path, host, sizeof(channels[ch].path)); + channels[ch].host_port = host_port; + channels[ch].listening_port = port; +} + +/* + * Initiate forwarding of connections to port "port" on remote host through + * the secure channel to host:port from local side. + */ + +void +channel_request_remote_forwarding(u_short port, const char *host, + u_short remote_port) +{ + int payload_len; + /* Record locally that connection to this host/port is permitted. */ + if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION) + fatal("channel_request_remote_forwarding: too many forwards"); + + permitted_opens[num_permitted_opens].host = xstrdup(host); + permitted_opens[num_permitted_opens].port = remote_port; + num_permitted_opens++; + + /* Send the forward request to the remote side. */ + packet_start(SSH_CMSG_PORT_FORWARD_REQUEST); + packet_put_int(port); + packet_put_string(host, strlen(host)); + packet_put_int(remote_port); + packet_send(); + packet_write_wait(); + + /* + * Wait for response from the remote side. It will send a disconnect + * message on failure, and we will never see it here. + */ + packet_read_expect(&payload_len, SSH_SMSG_SUCCESS); +} + +/* + * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates + * listening for the port, and sends back a success reply (or disconnect + * message if there was an error). This never returns if there was an error. + */ + +void +channel_input_port_forward_request(int is_root) +{ + u_short port, host_port; + char *hostname; + + /* Get arguments from the packet. */ + port = packet_get_int(); + hostname = packet_get_string(NULL); + host_port = packet_get_int(); + + /* + * Check that an unprivileged user is not trying to forward a + * privileged port. + */ + if (port < IPPORT_RESERVED && !is_root) + packet_disconnect("Requested forwarding of port %d but user is not root.", + port); + + /* Initiate forwarding. */ + channel_request_local_forwarding(port, hostname, host_port); + + /* Free the argument string. */ + xfree(hostname); +} + +/* + * This is called after receiving PORT_OPEN message. This attempts to + * connect to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION + * or CHANNEL_OPEN_FAILURE. + */ + +void +channel_input_port_open(int payload_len) +{ + int remote_channel, sock, newch, i; + u_short host_port; + struct sockaddr_in sin; + char *host, *originator_string; + struct hostent *hp; + int host_len, originator_len; + + /* Get remote channel number. */ + remote_channel = packet_get_int(); + + /* Get host name to connect to. */ + host = packet_get_string(&host_len); + + /* Get port to connect to. */ + host_port = packet_get_int(); + + /* Get remote originator name. */ + if (have_hostname_in_open) { + originator_string = packet_get_string(&originator_len); + originator_len += 4; /* size of packet_int */ + } else { + originator_string = xstrdup("unknown (remote did not supply name)"); + originator_len = 0; /* no originator supplied */ + } + + packet_integrity_check(payload_len, + 4 + 4 + host_len + 4 + originator_len, + SSH_MSG_PORT_OPEN); + + /* Check if opening that port is permitted. */ + if (!all_opens_permitted) { + /* Go trough all permitted ports. */ + for (i = 0; i < num_permitted_opens; i++) + if (permitted_opens[i].port == host_port && + strcmp(permitted_opens[i].host, host) == 0) + break; + + /* Check if we found the requested port among those permitted. */ + if (i >= num_permitted_opens) { + /* The port is not permitted. */ + log("Received request to connect to %.100s:%d, but the request was denied.", + host, host_port); + packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); + packet_put_int(remote_channel); + packet_send(); + } + } + memset(&sin, 0, sizeof(sin)); + sin.sin_addr.s_addr = inet_addr(host); + if ((sin.sin_addr.s_addr & 0xffffffff) != 0xffffffff) { + /* It was a valid numeric host address. */ + sin.sin_family = AF_INET; + } else { + /* Look up the host address from the name servers. */ + hp = gethostbyname(host); + if (!hp) { + error("%.100s: unknown host.", host); + goto fail; + } + if (!hp->h_addr_list[0]) { + error("%.100s: host has no IP address.", host); + goto fail; + } + sin.sin_family = hp->h_addrtype; + memcpy(&sin.sin_addr, hp->h_addr_list[0], + sizeof(sin.sin_addr)); + } + sin.sin_port = htons(host_port); + + /* Create the socket. */ + sock = socket(sin.sin_family, SOCK_STREAM, 0); + if (sock < 0) { + error("socket: %.100s", strerror(errno)); + goto fail; + } + /* Connect to the host/port. */ + if (connect(sock, (struct sockaddr *) & sin, sizeof(sin)) < 0) { + error("connect %.100s:%d: %.100s", host, host_port, + strerror(errno)); + close(sock); + goto fail; + } + /* Successful connection. */ + + /* Allocate a channel for this connection. */ + newch = channel_allocate(SSH_CHANNEL_OPEN, sock, originator_string); + channels[newch].remote_id = remote_channel; + + /* Send a confirmation to the remote host. */ + packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); + packet_put_int(remote_channel); + packet_put_int(newch); + packet_send(); + + /* Free the argument string. */ + xfree(host); + + return; + +fail: + /* Free the argument string. */ + xfree(host); + + /* Send refusal to the remote host. */ + packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); + packet_put_int(remote_channel); + packet_send(); +} + +/* + * Creates an internet domain socket for listening for X11 connections. + * Returns a suitable value for the DISPLAY variable, or NULL if an error + * occurs. + */ + +char * +x11_create_display_inet(int screen_number) +{ + extern ServerOptions options; + int display_number, sock; + u_short port; + struct sockaddr_in sin; + char buf[512]; + char hostname[MAXHOSTNAMELEN]; + + for (display_number = options.x11_display_offset; + display_number < MAX_DISPLAYS; + display_number++) { + port = 6000 + display_number; + memset(&sin, 0, sizeof(sin)); + sin.sin_family = AF_INET; + sin.sin_addr.s_addr = htonl(INADDR_ANY); + sin.sin_port = htons(port); + + sock = socket(AF_INET, SOCK_STREAM, 0); + if (sock < 0) { + error("socket: %.100s", strerror(errno)); + return NULL; + } + if (bind(sock, (struct sockaddr *) & sin, sizeof(sin)) < 0) { + debug("bind port %d: %.100s", port, strerror(errno)); + shutdown(sock, SHUT_RDWR); + close(sock); + continue; + } + break; + } + if (display_number >= MAX_DISPLAYS) { + error("Failed to allocate internet-domain X11 display socket."); + return NULL; + } + /* Start listening for connections on the socket. */ + if (listen(sock, 5) < 0) { + error("listen: %.100s", strerror(errno)); + shutdown(sock, SHUT_RDWR); + close(sock); + return NULL; + } + /* Set up a suitable value for the DISPLAY variable. */ + if (gethostname(hostname, sizeof(hostname)) < 0) + fatal("gethostname: %.100s", strerror(errno)); + snprintf(buf, sizeof buf, "%.400s:%d.%d", hostname, + display_number, screen_number); + + /* Allocate a channel for the socket. */ + (void) channel_allocate(SSH_CHANNEL_X11_LISTENER, sock, + xstrdup("X11 inet listener")); - /* Return a suitable value for the DISPLAY environment variable. */ - return xstrdup(buf); + /* Return a suitable value for the DISPLAY environment variable. */ + return xstrdup(buf); } #ifndef X_UNIX_PATH @@ -1141,360 +1178,374 @@ static int -connect_local_xsocket(unsigned dnr) +connect_local_xsocket(unsigned int dnr) { - static const char *const x_sockets[] = { - X_UNIX_PATH "%u", - "/var/X/.X11-unix/X" "%u", - "/usr/spool/sockets/X11/" "%u", - NULL - }; - int sock; - struct sockaddr_un addr; - const char *const *path; - - for (path = x_sockets; *path; ++path) - { - sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock < 0) - error("socket: %.100s", strerror(errno)); - memset(&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - snprintf(addr.sun_path, sizeof addr.sun_path, *path, dnr); - if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == 0) - return sock; - close(sock); - } - error("connect %.100s: %.100s", addr.sun_path, strerror(errno)); - return -1; -} - - -/* This is called when SSH_SMSG_X11_OPEN is received. The packet contains - the remote channel number. We should do whatever we want, and respond - with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. */ - -void x11_input_open(int payload_len) -{ - int remote_channel, display_number, sock, newch; - const char *display; - struct sockaddr_in sin; - char buf[1024], *cp, *remote_host; - struct hostent *hp; - int remote_len; - - /* Get remote channel number. */ - remote_channel = packet_get_int(); - - /* Get remote originator name. */ - if (have_hostname_in_open) - remote_host = packet_get_string(&remote_len); - else - remote_host = xstrdup("unknown (remote did not supply name)"); - - debug("Received X11 open request."); - packet_integrity_check(payload_len, 4 + 4+remote_len, SSH_SMSG_X11_OPEN); - - /* Try to open a socket for the local X server. */ - display = getenv("DISPLAY"); - if (!display) - { - error("DISPLAY not set."); - goto fail; - } - - /* Now we decode the value of the DISPLAY variable and make a connection - to the real X server. */ - - /* Check if it is a unix domain socket. Unix domain displays are in one - of the following formats: unix:d[.s], :d[.s], ::d[.s] */ - if (strncmp(display, "unix:", 5) == 0 || - display[0] == ':') - { - /* Connect to the unix domain socket. */ - if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) - { - error("Could not parse display number from DISPLAY: %.100s", - display); - goto fail; - } - /* Create a socket. */ - sock = connect_local_xsocket(display_number); - if (sock < 0) - goto fail; - - /* OK, we now have a connection to the display. */ - goto success; - } - - /* Connect to an inet socket. The DISPLAY value is supposedly - hostname:d[.s], where hostname may also be numeric IP address. */ - strncpy(buf, display, sizeof(buf)); - buf[sizeof(buf) - 1] = 0; - cp = strchr(buf, ':'); - if (!cp) - { - error("Could not find ':' in DISPLAY: %.100s", display); - goto fail; - } - *cp = 0; - /* buf now contains the host name. But first we parse the display number. */ - if (sscanf(cp + 1, "%d", &display_number) != 1) - { - error("Could not parse display number from DISPLAY: %.100s", - display); - goto fail; - } - - /* Try to parse the host name as a numeric IP address. */ - memset(&sin, 0, sizeof(sin)); - sin.sin_addr.s_addr = inet_addr(buf); - if ((sin.sin_addr.s_addr & 0xffffffff) != 0xffffffff) - { - /* It was a valid numeric host address. */ - sin.sin_family = AF_INET; - } - else - { - /* Not a numeric IP address. */ - /* Look up the host address from the name servers. */ - hp = gethostbyname(buf); - if (!hp) - { - error("%.100s: unknown host.", buf); - goto fail; - } - if (!hp->h_addr_list[0]) - { - error("%.100s: host has no IP address.", buf); - goto fail; - } - sin.sin_family = hp->h_addrtype; - memcpy(&sin.sin_addr, hp->h_addr_list[0], - sizeof(sin.sin_addr)); - } - /* Set port number. */ - sin.sin_port = htons(6000 + display_number); - - /* Create a socket. */ - sock = socket(sin.sin_family, SOCK_STREAM, 0); - if (sock < 0) - { - error("socket: %.100s", strerror(errno)); - goto fail; - } - /* Connect it to the display. */ - if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) < 0) - { - error("connect %.100s:%d: %.100s", buf, 6000 + display_number, - strerror(errno)); - close(sock); - goto fail; - } - - success: - /* We have successfully obtained a connection to the real X display. */ - - /* Allocate a channel for this connection. */ - if (x11_saved_proto == NULL) - newch = channel_allocate(SSH_CHANNEL_OPEN, sock, remote_host); - else - newch = channel_allocate(SSH_CHANNEL_X11_OPEN, sock, remote_host); - channels[newch].remote_id = remote_channel; - - /* Send a confirmation to the remote host. */ - packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); - packet_put_int(remote_channel); - packet_put_int(newch); - packet_send(); - - return; - - fail: - /* Send refusal to the remote host. */ - packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(remote_channel); - packet_send(); -} - -/* Requests forwarding of X11 connections, generates fake authentication - data, and enables authentication spoofing. */ - -void x11_request_forwarding_with_spoofing(const char *proto, const char *data) -{ - unsigned int data_len = (unsigned int)strlen(data) / 2; - unsigned int i, value; - char *new_data; - int screen_number; - const char *cp; - u_int32_t rand = 0; - - cp = getenv("DISPLAY"); - if (cp) - cp = strchr(cp, ':'); - if (cp) - cp = strchr(cp, '.'); - if (cp) - screen_number = atoi(cp + 1); - else - screen_number = 0; - - /* Save protocol name. */ - x11_saved_proto = xstrdup(proto); - - /* Extract real authentication data and generate fake data of the same - length. */ - x11_saved_data = xmalloc(data_len); - x11_fake_data = xmalloc(data_len); - for (i = 0; i < data_len; i++) - { - if (sscanf(data + 2 * i, "%2x", &value) != 1) - fatal("x11_request_forwarding: bad authentication data: %.100s", data); - if (i % 4 == 0) - rand = arc4random(); - x11_saved_data[i] = value; - x11_fake_data[i] = rand & 0xff; - rand >>= 8; - } - x11_saved_data_len = data_len; - x11_fake_data_len = data_len; - - /* Convert the fake data into hex. */ - new_data = xmalloc(2 * data_len + 1); - for (i = 0; i < data_len; i++) - sprintf(new_data + 2 * i, "%02x", (unsigned char)x11_fake_data[i]); - - /* Send the request packet. */ - packet_start(SSH_CMSG_X11_REQUEST_FORWARDING); - packet_put_string(proto, strlen(proto)); - packet_put_string(new_data, strlen(new_data)); - packet_put_int(screen_number); - packet_send(); - packet_write_wait(); - xfree(new_data); + static const char *const x_sockets[] = { + X_UNIX_PATH "%u", + "/var/X/.X11-unix/X" "%u", + "/usr/spool/sockets/X11/" "%u", + NULL + }; + int sock; + struct sockaddr_un addr; + const char *const * path; + + for (path = x_sockets; *path; ++path) { + sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (sock < 0) + error("socket: %.100s", strerror(errno)); + memset(&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + snprintf(addr.sun_path, sizeof addr.sun_path, *path, dnr); + if (connect(sock, (struct sockaddr *) & addr, sizeof(addr)) == 0) + return sock; + close(sock); + } + error("connect %.100s: %.100s", addr.sun_path, strerror(errno)); + return -1; +} + + +/* + * This is called when SSH_SMSG_X11_OPEN is received. The packet contains + * the remote channel number. We should do whatever we want, and respond + * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. + */ + +void +x11_input_open(int payload_len) +{ + int remote_channel, display_number, sock, newch; + const char *display; + struct sockaddr_in sin; + char buf[1024], *cp, *remote_host; + struct hostent *hp; + int remote_len; + + /* Get remote channel number. */ + remote_channel = packet_get_int(); + + /* Get remote originator name. */ + if (have_hostname_in_open) { + remote_host = packet_get_string(&remote_len); + remote_len += 4; + } else { + remote_host = xstrdup("unknown (remote did not supply name)"); + remote_len = 0; + } + + debug("Received X11 open request."); + packet_integrity_check(payload_len, 4 + remote_len, SSH_SMSG_X11_OPEN); + + /* Try to open a socket for the local X server. */ + display = getenv("DISPLAY"); + if (!display) { + error("DISPLAY not set."); + goto fail; + } + /* + * Now we decode the value of the DISPLAY variable and make a + * connection to the real X server. + */ + + /* + * Check if it is a unix domain socket. Unix domain displays are in + * one of the following formats: unix:d[.s], :d[.s], ::d[.s] + */ + if (strncmp(display, "unix:", 5) == 0 || + display[0] == ':') { + /* Connect to the unix domain socket. */ + if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) { + error("Could not parse display number from DISPLAY: %.100s", + display); + goto fail; + } + /* Create a socket. */ + sock = connect_local_xsocket(display_number); + if (sock < 0) + goto fail; + + /* OK, we now have a connection to the display. */ + goto success; + } + /* + * Connect to an inet socket. The DISPLAY value is supposedly + * hostname:d[.s], where hostname may also be numeric IP address. + */ + strncpy(buf, display, sizeof(buf)); + buf[sizeof(buf) - 1] = 0; + cp = strchr(buf, ':'); + if (!cp) { + error("Could not find ':' in DISPLAY: %.100s", display); + goto fail; + } + *cp = 0; + /* buf now contains the host name. But first we parse the display number. */ + if (sscanf(cp + 1, "%d", &display_number) != 1) { + error("Could not parse display number from DISPLAY: %.100s", + display); + goto fail; + } + /* Try to parse the host name as a numeric IP address. */ + memset(&sin, 0, sizeof(sin)); + sin.sin_addr.s_addr = inet_addr(buf); + if ((sin.sin_addr.s_addr & 0xffffffff) != 0xffffffff) { + /* It was a valid numeric host address. */ + sin.sin_family = AF_INET; + } else { + /* Not a numeric IP address. */ + /* Look up the host address from the name servers. */ + hp = gethostbyname(buf); + if (!hp) { + error("%.100s: unknown host.", buf); + goto fail; + } + if (!hp->h_addr_list[0]) { + error("%.100s: host has no IP address.", buf); + goto fail; + } + sin.sin_family = hp->h_addrtype; + memcpy(&sin.sin_addr, hp->h_addr_list[0], + sizeof(sin.sin_addr)); + } + /* Set port number. */ + sin.sin_port = htons(6000 + display_number); + + /* Create a socket. */ + sock = socket(sin.sin_family, SOCK_STREAM, 0); + if (sock < 0) { + error("socket: %.100s", strerror(errno)); + goto fail; + } + /* Connect it to the display. */ + if (connect(sock, (struct sockaddr *) & sin, sizeof(sin)) < 0) { + error("connect %.100s:%d: %.100s", buf, 6000 + display_number, + strerror(errno)); + close(sock); + goto fail; + } +success: + /* We have successfully obtained a connection to the real X display. */ + + /* Allocate a channel for this connection. */ + if (x11_saved_proto == NULL) + newch = channel_allocate(SSH_CHANNEL_OPEN, sock, remote_host); + else + newch = channel_allocate(SSH_CHANNEL_X11_OPEN, sock, remote_host); + channels[newch].remote_id = remote_channel; + + /* Send a confirmation to the remote host. */ + packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); + packet_put_int(remote_channel); + packet_put_int(newch); + packet_send(); + + return; + +fail: + /* Send refusal to the remote host. */ + packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); + packet_put_int(remote_channel); + packet_send(); +} + +/* + * Requests forwarding of X11 connections, generates fake authentication + * data, and enables authentication spoofing. + */ + +void +x11_request_forwarding_with_spoofing(const char *proto, const char *data) +{ + unsigned int data_len = (unsigned int) strlen(data) / 2; + unsigned int i, value; + char *new_data; + int screen_number; + const char *cp; + u_int32_t rand = 0; + + cp = getenv("DISPLAY"); + if (cp) + cp = strchr(cp, ':'); + if (cp) + cp = strchr(cp, '.'); + if (cp) + screen_number = atoi(cp + 1); + else + screen_number = 0; + + /* Save protocol name. */ + x11_saved_proto = xstrdup(proto); + + /* + * Extract real authentication data and generate fake data of the + * same length. + */ + x11_saved_data = xmalloc(data_len); + x11_fake_data = xmalloc(data_len); + for (i = 0; i < data_len; i++) { + if (sscanf(data + 2 * i, "%2x", &value) != 1) + fatal("x11_request_forwarding: bad authentication data: %.100s", data); + if (i % 4 == 0) + rand = arc4random(); + x11_saved_data[i] = value; + x11_fake_data[i] = rand & 0xff; + rand >>= 8; + } + x11_saved_data_len = data_len; + x11_fake_data_len = data_len; + + /* Convert the fake data into hex. */ + new_data = xmalloc(2 * data_len + 1); + for (i = 0; i < data_len; i++) + sprintf(new_data + 2 * i, "%02x", (unsigned char) x11_fake_data[i]); + + /* Send the request packet. */ + packet_start(SSH_CMSG_X11_REQUEST_FORWARDING); + packet_put_string(proto, strlen(proto)); + packet_put_string(new_data, strlen(new_data)); + packet_put_int(screen_number); + packet_send(); + packet_write_wait(); + xfree(new_data); } /* Sends a message to the server to request authentication fd forwarding. */ -void auth_request_forwarding() +void +auth_request_forwarding() { - packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING); - packet_send(); - packet_write_wait(); + packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING); + packet_send(); + packet_write_wait(); } -/* Returns the name of the forwarded authentication socket. Returns NULL - if there is no forwarded authentication socket. The returned value - points to a static buffer. */ +/* + * Returns the name of the forwarded authentication socket. Returns NULL if + * there is no forwarded authentication socket. The returned value points to + * a static buffer. + */ -char *auth_get_socket_name() +char * +auth_get_socket_name() { - return channel_forwarded_auth_socket_name; + return channel_forwarded_auth_socket_name; } /* removes the agent forwarding socket */ + +void +cleanup_socket(void) +{ + remove(channel_forwarded_auth_socket_name); + rmdir(channel_forwarded_auth_socket_dir); +} + +/* + * This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. + * This starts forwarding authentication requests. + */ + +void +auth_input_request_forwarding(struct passwd * pw) +{ + int sock, newch; + struct sockaddr_un sunaddr; + + if (auth_get_socket_name() != NULL) + fatal("Protocol error: authentication forwarding requested twice."); + + /* Temporarily drop privileged uid for mkdir/bind. */ + temporarily_use_uid(pw->pw_uid); -void cleanup_socket(void) { - remove(channel_forwarded_auth_socket_name); - rmdir(channel_forwarded_auth_socket_dir); -} - -/* This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. - This starts forwarding authentication requests. */ - -void auth_input_request_forwarding(struct passwd *pw) -{ - int sock, newch; - struct sockaddr_un sunaddr; - - if (auth_get_socket_name() != NULL) - fatal("Protocol error: authentication forwarding requested twice."); - - /* Temporarily drop privileged uid for mkdir/bind. */ - temporarily_use_uid(pw->pw_uid); - - /* Allocate a buffer for the socket name, and format the name. */ - channel_forwarded_auth_socket_name = xmalloc(MAX_SOCKET_NAME); - channel_forwarded_auth_socket_dir = xmalloc(MAX_SOCKET_NAME); - strlcpy(channel_forwarded_auth_socket_dir, "/tmp/ssh-XXXXXXXX", MAX_SOCKET_NAME); - - /* Create private directory for socket */ - if (mkdtemp(channel_forwarded_auth_socket_dir) == NULL) - packet_disconnect("mkdtemp: %.100s", strerror(errno)); - snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, - "%s/agent.%d", channel_forwarded_auth_socket_dir, (int)getpid()); - - if (atexit(cleanup_socket) < 0) { - int saved=errno; - cleanup_socket(); - packet_disconnect("socket: %.100s", strerror(saved)); - } - - /* Create the socket. */ - sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock < 0) - packet_disconnect("socket: %.100s", strerror(errno)); - - /* Bind it to the name. */ - memset(&sunaddr, 0, sizeof(sunaddr)); - sunaddr.sun_family = AF_UNIX; - strncpy(sunaddr.sun_path, channel_forwarded_auth_socket_name, - sizeof(sunaddr.sun_path)); - - if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) - packet_disconnect("bind: %.100s", strerror(errno)); - - /* Restore the privileged uid. */ - restore_uid(); - - /* Start listening on the socket. */ - if (listen(sock, 5) < 0) - packet_disconnect("listen: %.100s", strerror(errno)); - - /* Allocate a channel for the authentication agent socket. */ - newch = channel_allocate(SSH_CHANNEL_AUTH_SOCKET, sock, - xstrdup("auth socket")); - strcpy(channels[newch].path, channel_forwarded_auth_socket_name); + /* Allocate a buffer for the socket name, and format the name. */ + channel_forwarded_auth_socket_name = xmalloc(MAX_SOCKET_NAME); + channel_forwarded_auth_socket_dir = xmalloc(MAX_SOCKET_NAME); + strlcpy(channel_forwarded_auth_socket_dir, "/tmp/ssh-XXXXXXXX", MAX_SOCKET_NAME); + + /* Create private directory for socket */ + if (mkdtemp(channel_forwarded_auth_socket_dir) == NULL) + packet_disconnect("mkdtemp: %.100s", strerror(errno)); + snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d", + channel_forwarded_auth_socket_dir, (int) getpid()); + + if (atexit(cleanup_socket) < 0) { + int saved = errno; + cleanup_socket(); + packet_disconnect("socket: %.100s", strerror(saved)); + } + /* Create the socket. */ + sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (sock < 0) + packet_disconnect("socket: %.100s", strerror(errno)); + + /* Bind it to the name. */ + memset(&sunaddr, 0, sizeof(sunaddr)); + sunaddr.sun_family = AF_UNIX; + strncpy(sunaddr.sun_path, channel_forwarded_auth_socket_name, + sizeof(sunaddr.sun_path)); + + if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) + packet_disconnect("bind: %.100s", strerror(errno)); + + /* Restore the privileged uid. */ + restore_uid(); + + /* Start listening on the socket. */ + if (listen(sock, 5) < 0) + packet_disconnect("listen: %.100s", strerror(errno)); + + /* Allocate a channel for the authentication agent socket. */ + newch = channel_allocate(SSH_CHANNEL_AUTH_SOCKET, sock, + xstrdup("auth socket")); + strlcpy(channels[newch].path, channel_forwarded_auth_socket_name, + sizeof(channels[newch].path)); } /* This is called to process an SSH_SMSG_AGENT_OPEN message. */ -void auth_input_open_request() +void +auth_input_open_request() { - int remch, sock, newch; - char *dummyname; + int remch, sock, newch; + char *dummyname; + + /* Read the remote channel number from the message. */ + remch = packet_get_int(); + + /* + * Get a connection to the local authentication agent (this may again + * get forwarded). + */ + sock = ssh_get_authentication_socket(); + + /* + * If we could not connect the agent, send an error message back to + * the server. This should never happen unless the agent dies, + * because authentication forwarding is only enabled if we have an + * agent. + */ + if (sock < 0) { + packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); + packet_put_int(remch); + packet_send(); + return; + } + debug("Forwarding authentication connection."); - /* Read the remote channel number from the message. */ - remch = packet_get_int(); - - /* Get a connection to the local authentication agent (this may again get - forwarded). */ - sock = ssh_get_authentication_socket(); - - /* If we could not connect the agent, send an error message back to - the server. This should never happen unless the agent - dies, because authentication forwarding is only enabled if we have an - agent. */ - if (sock < 0){ - packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(remch); - packet_send(); - return; - } - - debug("Forwarding authentication connection."); - - /* Dummy host name. This will be freed when the channel is freed; it will - still be valid in the packet_put_string below since the channel cannot - yet be freed at that point. */ - dummyname = xstrdup("authentication agent connection"); - - newch = channel_allocate(SSH_CHANNEL_OPEN, sock, dummyname); - channels[newch].remote_id = remch; - - /* Send a confirmation to the remote host. */ - packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); - packet_put_int(remch); - packet_put_int(newch); - packet_send(); + /* + * Dummy host name. This will be freed when the channel is freed; it + * will still be valid in the packet_put_string below since the + * channel cannot yet be freed at that point. + */ + dummyname = xstrdup("authentication agent connection"); + + newch = channel_allocate(SSH_CHANNEL_OPEN, sock, dummyname); + channels[newch].remote_id = remch; + + /* Send a confirmation to the remote host. */ + packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); + packet_put_int(remch); + packet_put_int(newch); + packet_send(); } Index: usr.bin/ssh/channels.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/channels.h,v retrieving revision 1.3 retrieving revision 1.6 diff -u -r1.3 -r1.6 --- usr.bin/ssh/channels.h 1999/10/17 16:56:09 1.3 +++ usr.bin/ssh/channels.h 1999/11/24 19:53:45 1.6 @@ -1,41 +1,43 @@ -/* RCSID("$Id: channels.h,v 1.3 1999/10/17 16:56:09 markus Exp $"); */ +/* RCSID("$Id: channels.h,v 1.6 1999/11/24 19:53:45 markus Exp $"); */ #ifndef CHANNELS_H #define CHANNELS_H /* Definitions for channel types. */ -#define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */ -#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */ -#define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */ -#define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */ -#define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */ -#define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */ -/* SSH_CHANNEL_AUTH_FD 6 authentication fd */ -#define SSH_CHANNEL_AUTH_SOCKET 7 /* authentication socket */ -/* SSH_CHANNEL_AUTH_SOCKET_FD 8 connection to auth socket */ -#define SSH_CHANNEL_X11_OPEN 9 /* reading first X11 packet */ -#define SSH_CHANNEL_INPUT_DRAINING 10 /* sending remaining data to conn */ -#define SSH_CHANNEL_OUTPUT_DRAINING 11 /* sending remaining data to app */ +#define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */ +#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */ +#define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */ +#define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */ +#define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */ +#define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */ +/* SSH_CHANNEL_AUTH_FD 6 authentication fd */ +#define SSH_CHANNEL_AUTH_SOCKET 7 /* authentication socket */ +/* SSH_CHANNEL_AUTH_SOCKET_FD 8 connection to auth socket */ +#define SSH_CHANNEL_X11_OPEN 9 /* reading first X11 packet */ +#define SSH_CHANNEL_INPUT_DRAINING 10 /* sending remaining data to conn */ +#define SSH_CHANNEL_OUTPUT_DRAINING 11 /* sending remaining data to app */ -/* Data structure for channel data. This is iniailized in channel_allocate - and cleared in channel_free. */ +/* + * Data structure for channel data. This is iniailized in channel_allocate + * and cleared in channel_free. + */ -typedef struct Channel -{ - int type; /* channel type/state */ - int self; /* my own channel identifier */ - int remote_id; /* channel identifier for remote peer */ - /* peer can be reached over encrypted connection, via packet-sent */ - int istate; - int ostate; - int x11; - int sock; /* data socket, linked to this channel */ - Buffer input; /* data read from socket, to be sent over encrypted connection */ - Buffer output; /* data received over encrypted connection for send on socket */ - char path[200]; /* path for unix domain sockets, or host name for forwards */ - int listening_port; /* port being listened for forwards */ - int host_port; /* remote port to connect for forwards */ - char *remote_name; /* remote hostname */ -} Channel; - +typedef struct Channel { + int type; /* channel type/state */ + int self; /* my own channel identifier */ + int remote_id; /* channel identifier for remote peer */ + /* peer can be reached over encrypted connection, via packet-sent */ + int istate; /* input from channel (state of receive half) */ + int ostate; /* output to channel (state of transmit half) */ + int sock; /* data socket, linked to this channel */ + Buffer input; /* data read from socket, to be sent over + * encrypted connection */ + Buffer output; /* data received over encrypted connection for + * send on socket */ + char path[200]; /* path for unix domain sockets, or host name + * for forwards */ + int listening_port; /* port being listened for forwards */ + int host_port; /* remote port to connect for forwards */ + char *remote_name; /* remote hostname */ +} Channel; #endif Index: usr.bin/ssh/check-fds.c =================================================================== RCS file: check-fds.c diff -N check-fds.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsmpvYQ31367 Wed Dec 8 12:42:05 1999 @@ -0,0 +1,43 @@ +/* + +check-fds.c + +Author: Tatu Ylonen + +Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + All rights reserved + +Created: Sat Apr 8 00:25:04 1995 ylo + +*/ + +#include +RCSID("$Id: check-fds.c,v 1.2 1999/09/26 23:17:24 deraadt dead $"); + +#include +#include +#include + +int main(int ac, char **av) +{ + int i, dummy; + struct stat st; + + for (i = 0; i < 1024; i++) + if (fcntl(i, F_GETFL, &dummy) >= 0) + { + printf("Descriptor %d is open.\n", i); + if (fstat(i, &st) < 0) + perror("fstat"); + else + { + printf("st_mode 0x%x, st_dev 0x%x, st_rdev 0x%x, st_ino 0x%x, st_size 0x%lx\n", + st.st_mode, st.st_dev, st.st_rdev, st.st_ino, + (long)st.st_size); + if (ttyname(i)) + printf("ttyname: %.100s\n", ttyname(i)); + } + } + exit(0); +} + Index: usr.bin/ssh/cipher.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/cipher.c,v retrieving revision 1.11 retrieving revision 1.18 diff -u -r1.11 -r1.18 --- usr.bin/ssh/cipher.c 1999/09/30 22:12:16 1.11 +++ usr.bin/ssh/cipher.c 1999/11/24 19:53:45 1.18 @@ -1,23 +1,23 @@ /* - -cipher.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Apr 19 17:41:39 1995 ylo - -*/ + * + * cipher.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Wed Apr 19 17:41:39 1995 ylo + * + */ #include "includes.h" -RCSID("$Id: cipher.c,v 1.11 1999/09/30 22:12:16 provos Exp $"); +RCSID("$Id: cipher.c,v 1.18 1999/11/24 19:53:45 markus Exp $"); #include "ssh.h" #include "cipher.h" -#include +#include /* * What kind of tripple DES are these 2 routines? @@ -33,272 +33,288 @@ */ void SSH_3CBC_ENCRYPT(des_key_schedule ks1, - des_key_schedule ks2, des_cblock *iv2, - des_key_schedule ks3, des_cblock *iv3, + des_key_schedule ks2, des_cblock * iv2, + des_key_schedule ks3, des_cblock * iv3, void *dest, void *src, unsigned int len) { - des_cblock iv1; + des_cblock iv1; - memcpy(&iv1, iv2, 8); + memcpy(&iv1, iv2, 8); - des_cbc_encrypt(src, dest, len, ks1, &iv1, DES_ENCRYPT); - memcpy(&iv1, dest + len - 8, 8); + des_cbc_encrypt(src, dest, len, ks1, &iv1, DES_ENCRYPT); + memcpy(&iv1, dest + len - 8, 8); - des_cbc_encrypt(dest, dest, len, ks2, iv2, DES_DECRYPT); - memcpy(iv2, &iv1, 8); /* Note how iv1 == iv2 on entry and exit. */ + des_cbc_encrypt(dest, dest, len, ks2, iv2, DES_DECRYPT); + memcpy(iv2, &iv1, 8); /* Note how iv1 == iv2 on entry and exit. */ - des_cbc_encrypt(dest, dest, len, ks3, iv3, DES_ENCRYPT); - memcpy(iv3, dest + len - 8, 8); + des_cbc_encrypt(dest, dest, len, ks3, iv3, DES_ENCRYPT); + memcpy(iv3, dest + len - 8, 8); } void SSH_3CBC_DECRYPT(des_key_schedule ks1, - des_key_schedule ks2, des_cblock *iv2, - des_key_schedule ks3, des_cblock *iv3, + des_key_schedule ks2, des_cblock * iv2, + des_key_schedule ks3, des_cblock * iv3, void *dest, void *src, unsigned int len) { - des_cblock iv1; + des_cblock iv1; - memcpy(&iv1, iv2, 8); + memcpy(&iv1, iv2, 8); - des_cbc_encrypt(src, dest, len, ks3, iv3, DES_DECRYPT); - memcpy(iv3, src + len - 8, 8); + des_cbc_encrypt(src, dest, len, ks3, iv3, DES_DECRYPT); + memcpy(iv3, src + len - 8, 8); - des_cbc_encrypt(dest, dest, len, ks2, iv2, DES_ENCRYPT); - memcpy(iv2, dest + len - 8, 8); + des_cbc_encrypt(dest, dest, len, ks2, iv2, DES_ENCRYPT); + memcpy(iv2, dest + len - 8, 8); - des_cbc_encrypt(dest, dest, len, ks1, &iv1, DES_DECRYPT); - /* memcpy(&iv1, iv2, 8); */ /* Note how iv1 == iv2 on entry and exit. */ + des_cbc_encrypt(dest, dest, len, ks1, &iv1, DES_DECRYPT); + /* memcpy(&iv1, iv2, 8); */ + /* Note how iv1 == iv2 on entry and exit. */ } /* * SSH uses a variation on Blowfish, all bytes must be swapped before * and after encryption/decryption. Thus the swap_bytes stuff (yuk). */ -static -void +static void swap_bytes(const unsigned char *src, unsigned char *dst_, int n) { - u_int32_t *dst = (u_int32_t *)dst_; /* dst must be properly aligned. */ - union { - u_int32_t i; - char c[4]; - } t; - - /* assert((n & 7) == 0); */ - - /* Process 8 bytes every lap. */ - for (n = n / 8; n > 0; n--) - { - t.c[3] = *src++; - t.c[2] = *src++; - t.c[1] = *src++; - t.c[0] = *src++; - *dst++ = t.i; - - t.c[3] = *src++; - t.c[2] = *src++; - t.c[1] = *src++; - t.c[0] = *src++; - *dst++ = t.i; - } + /* dst must be properly aligned. */ + u_int32_t *dst = (u_int32_t *) dst_; + union { + u_int32_t i; + char c[4]; + } t; + + /* Process 8 bytes every lap. */ + for (n = n / 8; n > 0; n--) { + t.c[3] = *src++; + t.c[2] = *src++; + t.c[1] = *src++; + t.c[0] = *src++; + *dst++ = t.i; + + t.c[3] = *src++; + t.c[2] = *src++; + t.c[1] = *src++; + t.c[0] = *src++; + *dst++ = t.i; + } } -void (*cipher_attack_detected)(const char *fmt, ...) = fatal; +void (*cipher_attack_detected) (const char *fmt,...) = fatal; -static inline -void +static inline void detect_cbc_attack(const unsigned char *src, unsigned int len) { - return; - - log("CRC-32 CBC insertion attack detected"); - cipher_attack_detected("CRC-32 CBC insertion attack detected"); + return; + + log("CRC-32 CBC insertion attack detected"); + cipher_attack_detected("CRC-32 CBC insertion attack detected"); } -/* Names of all encryption algorithms. These must match the numbers defined - int cipher.h. */ +/* + * Names of all encryption algorithms. + * These must match the numbers defined in cipher.h. + */ static char *cipher_names[] = { - "none", - "idea", - "des", - "3des", - "tss", - "rc4", - "blowfish" + "none", + "idea", + "des", + "3des", + "tss", + "rc4", + "blowfish" }; -/* Returns a bit mask indicating which ciphers are supported by this - implementation. The bit mask has the corresponding bit set of each - supported cipher. */ - -unsigned int cipher_mask() -{ - unsigned int mask = 0; - mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ - mask |= 1 << SSH_CIPHER_BLOWFISH; - return mask; +/* + * Returns a bit mask indicating which ciphers are supported by this + * implementation. The bit mask has the corresponding bit set of each + * supported cipher. + */ + +unsigned int +cipher_mask() +{ + unsigned int mask = 0; + mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ + mask |= 1 << SSH_CIPHER_BLOWFISH; + return mask; } /* Returns the name of the cipher. */ -const -char *cipher_name(int cipher) +const char * +cipher_name(int cipher) { - if (cipher < 0 || cipher >= sizeof(cipher_names) / sizeof(cipher_names[0]) || - cipher_names[cipher] == NULL) - fatal("cipher_name: bad cipher number: %d", cipher); - return cipher_names[cipher]; + if (cipher < 0 || cipher >= sizeof(cipher_names) / sizeof(cipher_names[0]) || + cipher_names[cipher] == NULL) + fatal("cipher_name: bad cipher number: %d", cipher); + return cipher_names[cipher]; } -/* Parses the name of the cipher. Returns the number of the corresponding - cipher, or -1 on error. */ +/* + * Parses the name of the cipher. Returns the number of the corresponding + * cipher, or -1 on error. + */ int cipher_number(const char *name) { - int i; - for (i = 0; i < sizeof(cipher_names) / sizeof(cipher_names[0]); i++) - if (strcmp(cipher_names[i], name) == 0 && - (cipher_mask() & (1 << i))) - return i; - return -1; + int i; + for (i = 0; i < sizeof(cipher_names) / sizeof(cipher_names[0]); i++) + if (strcmp(cipher_names[i], name) == 0 && + (cipher_mask() & (1 << i))) + return i; + return -1; } -/* Selects the cipher, and keys if by computing the MD5 checksum of the - passphrase and using the resulting 16 bytes as the key. */ +/* + * Selects the cipher, and keys if by computing the MD5 checksum of the + * passphrase and using the resulting 16 bytes as the key. + */ -void cipher_set_key_string(CipherContext *context, int cipher, - const char *passphrase, int for_encryption) +void +cipher_set_key_string(CipherContext *context, int cipher, + const char *passphrase, int for_encryption) { - MD5_CTX md; - unsigned char digest[16]; - - MD5Init(&md); - MD5Update(&md, (const unsigned char *)passphrase, strlen(passphrase)); - MD5Final(digest, &md); - - cipher_set_key(context, cipher, digest, 16, for_encryption); - - memset(digest, 0, sizeof(digest)); - memset(&md, 0, sizeof(md)); -} + MD5_CTX md; + unsigned char digest[16]; -/* Selects the cipher to use and sets the key. */ + MD5_Init(&md); + MD5_Update(&md, (const unsigned char *) passphrase, strlen(passphrase)); + MD5_Final(digest, &md); -void cipher_set_key(CipherContext *context, int cipher, - const unsigned char *key, int keylen, int for_encryption) -{ - unsigned char padded[32]; + cipher_set_key(context, cipher, digest, 16, for_encryption); - /* Set cipher type. */ - context->type = cipher; + memset(digest, 0, sizeof(digest)); + memset(&md, 0, sizeof(md)); +} - /* Get 32 bytes of key data. Pad if necessary. (So that code below does - not need to worry about key size). */ - memset(padded, 0, sizeof(padded)); - memcpy(padded, key, keylen < sizeof(padded) ? keylen : sizeof(padded)); - - /* Initialize the initialization vector. */ - switch (cipher) - { - case SSH_CIPHER_NONE: - /* Has to stay for authfile saving of private key with no passphrase */ - break; - - case SSH_CIPHER_3DES: - /* Note: the least significant bit of each byte of key is parity, - and must be ignored by the implementation. 16 bytes of key are - used (first and last keys are the same). */ - if (keylen < 16) - error("Key length %d is insufficient for 3DES.", keylen); - des_set_key((void*)padded, context->u.des3.key1); - des_set_key((void*)(padded + 8), context->u.des3.key2); - if (keylen <= 16) - des_set_key((void*)padded, context->u.des3.key3); - else - des_set_key((void*)(padded + 16), context->u.des3.key3); - memset(context->u.des3.iv2, 0, sizeof(context->u.des3.iv2)); - memset(context->u.des3.iv3, 0, sizeof(context->u.des3.iv3)); - break; - - case SSH_CIPHER_BLOWFISH: - BF_set_key(&context->u.bf.key, keylen, padded); - memset(context->u.bf.iv, 0, 8); - break; - - default: - fatal("cipher_set_key: unknown cipher: %d", cipher); - } - memset(padded, 0, sizeof(padded)); +/* Selects the cipher to use and sets the key. */ + +void +cipher_set_key(CipherContext *context, int cipher, + const unsigned char *key, int keylen, int for_encryption) +{ + unsigned char padded[32]; + + /* Set cipher type. */ + context->type = cipher; + + /* Get 32 bytes of key data. Pad if necessary. (So that code + below does not need to worry about key size). */ + memset(padded, 0, sizeof(padded)); + memcpy(padded, key, keylen < sizeof(padded) ? keylen : sizeof(padded)); + + /* Initialize the initialization vector. */ + switch (cipher) { + case SSH_CIPHER_NONE: + /* + * Has to stay for authfile saving of private key with no + * passphrase + */ + break; + + case SSH_CIPHER_3DES: + /* + * Note: the least significant bit of each byte of key is + * parity, and must be ignored by the implementation. 16 + * bytes of key are used (first and last keys are the same). + */ + if (keylen < 16) + error("Key length %d is insufficient for 3DES.", keylen); + des_set_key((void *) padded, context->u.des3.key1); + des_set_key((void *) (padded + 8), context->u.des3.key2); + if (keylen <= 16) + des_set_key((void *) padded, context->u.des3.key3); + else + des_set_key((void *) (padded + 16), context->u.des3.key3); + memset(context->u.des3.iv2, 0, sizeof(context->u.des3.iv2)); + memset(context->u.des3.iv3, 0, sizeof(context->u.des3.iv3)); + break; + + case SSH_CIPHER_BLOWFISH: + BF_set_key(&context->u.bf.key, keylen, padded); + memset(context->u.bf.iv, 0, 8); + break; + + default: + fatal("cipher_set_key: unknown cipher: %s", cipher_name(cipher)); + } + memset(padded, 0, sizeof(padded)); } /* Encrypts data using the cipher. */ - -void cipher_encrypt(CipherContext *context, unsigned char *dest, - const unsigned char *src, unsigned int len) -{ - assert((len & 7) == 0); - switch (context->type) - { - case SSH_CIPHER_NONE: - memcpy(dest, src, len); - break; - - case SSH_CIPHER_3DES: - SSH_3CBC_ENCRYPT(context->u.des3.key1, - context->u.des3.key2, &context->u.des3.iv2, - context->u.des3.key3, &context->u.des3.iv3, - dest, (void*)src, len); - break; - - case SSH_CIPHER_BLOWFISH: - swap_bytes(src, dest, len); - BF_cbc_encrypt(dest, dest, len, - &context->u.bf.key, context->u.bf.iv, BF_ENCRYPT); - swap_bytes(dest, dest, len); - break; - - default: - fatal("cipher_encrypt: unknown cipher: %d", context->type); - } +void +cipher_encrypt(CipherContext *context, unsigned char *dest, + const unsigned char *src, unsigned int len) +{ + if ((len & 7) != 0) + fatal("cipher_encrypt: bad plaintext length %d", len); + + switch (context->type) { + case SSH_CIPHER_NONE: + memcpy(dest, src, len); + break; + + case SSH_CIPHER_3DES: + SSH_3CBC_ENCRYPT(context->u.des3.key1, + context->u.des3.key2, &context->u.des3.iv2, + context->u.des3.key3, &context->u.des3.iv3, + dest, (void *) src, len); + break; + + case SSH_CIPHER_BLOWFISH: + swap_bytes(src, dest, len); + BF_cbc_encrypt(dest, dest, len, + &context->u.bf.key, context->u.bf.iv, + BF_ENCRYPT); + swap_bytes(dest, dest, len); + break; + + default: + fatal("cipher_encrypt: unknown cipher: %s", cipher_name(context->type)); + } } - -/* Decrypts data using the cipher. */ -void cipher_decrypt(CipherContext *context, unsigned char *dest, - const unsigned char *src, unsigned int len) -{ - assert((len & 7) == 0); +/* Decrypts data using the cipher. */ - switch (context->type) - { - case SSH_CIPHER_NONE: - memcpy(dest, src, len); - break; - - case SSH_CIPHER_3DES: - /* CRC-32 attack? */ - SSH_3CBC_DECRYPT(context->u.des3.key1, - context->u.des3.key2, &context->u.des3.iv2, - context->u.des3.key3, &context->u.des3.iv3, - dest, (void*)src, len); - break; - - case SSH_CIPHER_BLOWFISH: - detect_cbc_attack(src, len); - swap_bytes(src, dest, len); - BF_cbc_encrypt((void*)dest, dest, len, - &context->u.bf.key, context->u.bf.iv, BF_DECRYPT); - swap_bytes(dest, dest, len); - break; - - default: - fatal("cipher_decrypt: unknown cipher: %d", context->type); - } +void +cipher_decrypt(CipherContext *context, unsigned char *dest, + const unsigned char *src, unsigned int len) +{ + if ((len & 7) != 0) + fatal("cipher_decrypt: bad ciphertext length %d", len); + + switch (context->type) { + case SSH_CIPHER_NONE: + memcpy(dest, src, len); + break; + + case SSH_CIPHER_3DES: + /* CRC-32 attack? */ + SSH_3CBC_DECRYPT(context->u.des3.key1, + context->u.des3.key2, &context->u.des3.iv2, + context->u.des3.key3, &context->u.des3.iv3, + dest, (void *) src, len); + break; + + case SSH_CIPHER_BLOWFISH: + detect_cbc_attack(src, len); + swap_bytes(src, dest, len); + BF_cbc_encrypt((void *) dest, dest, len, + &context->u.bf.key, context->u.bf.iv, + BF_DECRYPT); + swap_bytes(dest, dest, len); + break; + + default: + fatal("cipher_decrypt: unknown cipher: %s", cipher_name(context->type)); + } } Index: usr.bin/ssh/cipher.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/cipher.h,v retrieving revision 1.7 retrieving revision 1.10 diff -u -r1.7 -r1.10 --- usr.bin/ssh/cipher.h 1999/10/02 19:14:54 1.7 +++ usr.bin/ssh/cipher.h 1999/11/24 19:53:46 1.10 @@ -1,84 +1,97 @@ /* + * + * cipher.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Wed Apr 19 16:50:42 1995 ylo + * + */ -cipher.h +/* RCSID("$Id: cipher.h,v 1.10 1999/11/24 19:53:46 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Apr 19 16:50:42 1995 ylo - -*/ - -/* RCSID("$Id: cipher.h,v 1.7 1999/10/02 19:14:54 deraadt Exp $"); */ - #ifndef CIPHER_H #define CIPHER_H -#include +#include #include /* Cipher types. New types can be added, but old types should not be removed for compatibility. The maximum allowed value is 31. */ -#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ -#define SSH_CIPHER_NONE 0 /* no encryption */ -#define SSH_CIPHER_IDEA 1 /* IDEA CFB */ -#define SSH_CIPHER_DES 2 /* DES CBC */ -#define SSH_CIPHER_3DES 3 /* 3DES CBC */ -#define SSH_CIPHER_TSS 4 /* TRI's Simple Stream encryption CBC */ -#define SSH_CIPHER_RC4 5 /* Alleged RC4 */ +#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ +#define SSH_CIPHER_NONE 0 /* no encryption */ +#define SSH_CIPHER_IDEA 1 /* IDEA CFB */ +#define SSH_CIPHER_DES 2 /* DES CBC */ +#define SSH_CIPHER_3DES 3 /* 3DES CBC */ +#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ +#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ #define SSH_CIPHER_BLOWFISH 6 typedef struct { - unsigned int type; - union { - struct { - des_key_schedule key1; - des_key_schedule key2; - des_cblock iv2; - des_key_schedule key3; - des_cblock iv3; - } des3; - struct { - struct bf_key_st key; - unsigned char iv[8]; - } bf; - } u; -} CipherContext; - -/* Returns a bit mask indicating which ciphers are supported by this - implementation. The bit mask has the corresponding bit set of each - supported cipher. */ + unsigned int type; + union { + struct { + des_key_schedule key1; + des_key_schedule key2; + des_cblock iv2; + des_key_schedule key3; + des_cblock iv3; + } des3; + struct { + struct bf_key_st key; + unsigned char iv[8]; + } bf; + } u; +} CipherContext; +/* + * Returns a bit mask indicating which ciphers are supported by this + * implementation. The bit mask has the corresponding bit set of each + * supported cipher. + */ unsigned int cipher_mask(); /* Returns the name of the cipher. */ const char *cipher_name(int cipher); -/* Parses the name of the cipher. Returns the number of the corresponding - cipher, or -1 on error. */ -int cipher_number(const char *name); - -/* Selects the cipher to use and sets the key. If for_encryption is true, - the key is setup for encryption; otherwise it is setup for decryption. */ -void cipher_set_key(CipherContext *context, int cipher, - const unsigned char *key, int keylen, int for_encryption); - -/* Sets key for the cipher by computing the MD5 checksum of the passphrase, - and using the resulting 16 bytes as the key. */ -void cipher_set_key_string(CipherContext *context, int cipher, - const char *passphrase, int for_encryption); +/* + * Parses the name of the cipher. Returns the number of the corresponding + * cipher, or -1 on error. + */ +int cipher_number(const char *name); + +/* + * Selects the cipher to use and sets the key. If for_encryption is true, + * the key is setup for encryption; otherwise it is setup for decryption. + */ +void +cipher_set_key(CipherContext * context, int cipher, + const unsigned char *key, int keylen, int for_encryption); + +/* + * Sets key for the cipher by computing the MD5 checksum of the passphrase, + * and using the resulting 16 bytes as the key. + */ +void +cipher_set_key_string(CipherContext * context, int cipher, + const char *passphrase, int for_encryption); /* Encrypts data using the cipher. */ -void cipher_encrypt(CipherContext *context, unsigned char *dest, - const unsigned char *src, unsigned int len); +void +cipher_encrypt(CipherContext * context, unsigned char *dest, + const unsigned char *src, unsigned int len); /* Decrypts data using the cipher. */ -void cipher_decrypt(CipherContext *context, unsigned char *dest, - const unsigned char *src, unsigned int len); - -/* If and CRC-32 attack is detected this function is called. Defaults - * to fatal, changed to packet_disconnect in sshd and ssh. */ -extern void (*cipher_attack_detected)(const char *fmt, ...); +void +cipher_decrypt(CipherContext * context, unsigned char *dest, + const unsigned char *src, unsigned int len); + +/* + * If and CRC-32 attack is detected this function is called. Defaults to + * fatal, changed to packet_disconnect in sshd and ssh. + */ +extern void (*cipher_attack_detected) (const char *fmt, ...); -#endif /* CIPHER_H */ +#endif /* CIPHER_H */ Index: usr.bin/ssh/clientloop.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/clientloop.c,v retrieving revision 1.7 retrieving revision 1.14 diff -u -r1.7 -r1.14 --- usr.bin/ssh/clientloop.c 1999/10/16 20:57:52 1.7 +++ usr.bin/ssh/clientloop.c 1999/12/06 20:15:26 1.14 @@ -1,646 +1,667 @@ /* + * + * clientloop.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * + * Created: Sat Sep 23 12:23:57 1995 ylo + * + * The main loop for the interactive session (client side). + * + */ -clientloop.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - - -Created: Sat Sep 23 12:23:57 1995 ylo - -The main loop for the interactive session (client side). - -*/ - #include "includes.h" -RCSID("$Id: clientloop.c,v 1.7 1999/10/16 20:57:52 deraadt Exp $"); +RCSID("$Id: clientloop.c,v 1.14 1999/12/06 20:15:26 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" #include "packet.h" #include "buffer.h" #include "authfd.h" - -/* Flag indicating whether quiet mode is on. */ -extern int quiet_flag; +#include "readconf.h" /* Flag indicating that stdin should be redirected from /dev/null. */ extern int stdin_null_flag; -/* Name of the host we are connecting to. This is the name given on the - command line, or the HostName specified for the user-supplied name - in a configuration file. */ +/* + * Name of the host we are connecting to. This is the name given on the + * command line, or the HostName specified for the user-supplied name in a + * configuration file. + */ extern char *host; -/* Flag to indicate that we have received a window change signal which has - not yet been processed. This will cause a message indicating the new - window size to be sent to the server a little later. This is volatile - because this is updated in a signal handler. */ +/* + * Flag to indicate that we have received a window change signal which has + * not yet been processed. This will cause a message indicating the new + * window size to be sent to the server a little later. This is volatile + * because this is updated in a signal handler. + */ static volatile int received_window_change_signal = 0; /* Terminal modes, as saved by enter_raw_mode. */ static struct termios saved_tio; -/* Flag indicating whether we are in raw mode. This is used by enter_raw_mode - and leave_raw_mode. */ +/* + * Flag indicating whether we are in raw mode. This is used by + * enter_raw_mode and leave_raw_mode. + */ static int in_raw_mode = 0; /* Flag indicating whether the user\'s terminal is in non-blocking mode. */ static int in_non_blocking_mode = 0; /* Common data for the client loop code. */ -static int escape_pending; /* Last character was the escape character */ -static int last_was_cr; /* Last character was a newline. */ -static int exit_status; /* Used to store the exit status of the command. */ -static int stdin_eof; /* EOF has been encountered on standard error. */ -static Buffer stdin_buffer; /* Buffer for stdin data. */ -static Buffer stdout_buffer; /* Buffer for stdout data. */ -static Buffer stderr_buffer; /* Buffer for stderr data. */ -static unsigned int buffer_high; /* Soft max buffer size. */ -static int max_fd; /* Maximum file descriptor number in select(). */ -static int connection_in; /* Connection to server (input). */ -static int connection_out; /* Connection to server (output). */ +static int escape_pending; /* Last character was the escape character */ +static int last_was_cr; /* Last character was a newline. */ +static int exit_status; /* Used to store the exit status of the command. */ +static int stdin_eof; /* EOF has been encountered on standard error. */ +static Buffer stdin_buffer; /* Buffer for stdin data. */ +static Buffer stdout_buffer; /* Buffer for stdout data. */ +static Buffer stderr_buffer; /* Buffer for stderr data. */ +static unsigned int buffer_high;/* Soft max buffer size. */ +static int max_fd; /* Maximum file descriptor number in select(). */ +static int connection_in; /* Connection to server (input). */ +static int connection_out; /* Connection to server (output). */ static unsigned long stdin_bytes, stdout_bytes, stderr_bytes; -static int quit_pending; /* Set to non-zero to quit the client loop. */ -static int escape_char; /* Escape character. */ +static int quit_pending; /* Set to non-zero to quit the client loop. */ +static int escape_char; /* Escape character. */ -/* Returns the user\'s terminal to normal mode if it had been put in raw - mode. */ +/* Returns the user\'s terminal to normal mode if it had been put in raw mode. */ -void leave_raw_mode() +void +leave_raw_mode() { - if (!in_raw_mode) - return; - in_raw_mode = 0; - if (tcsetattr(fileno(stdin), TCSADRAIN, &saved_tio) < 0) - perror("tcsetattr"); + if (!in_raw_mode) + return; + in_raw_mode = 0; + if (tcsetattr(fileno(stdin), TCSADRAIN, &saved_tio) < 0) + perror("tcsetattr"); - fatal_remove_cleanup((void (*)(void *))leave_raw_mode, NULL); + fatal_remove_cleanup((void (*) (void *)) leave_raw_mode, NULL); } /* Puts the user\'s terminal in raw mode. */ -void enter_raw_mode() +void +enter_raw_mode() { - struct termios tio; + struct termios tio; - if (tcgetattr(fileno(stdin), &tio) < 0) - perror("tcgetattr"); - saved_tio = tio; - tio.c_iflag |= IGNPAR; - tio.c_iflag &= ~(ISTRIP|INLCR|IGNCR|ICRNL|IXON|IXANY|IXOFF); - tio.c_lflag &= ~(ISIG|ICANON|ECHO|ECHOE|ECHOK|ECHONL); + if (tcgetattr(fileno(stdin), &tio) < 0) + perror("tcgetattr"); + saved_tio = tio; + tio.c_iflag |= IGNPAR; + tio.c_iflag &= ~(ISTRIP | INLCR | IGNCR | ICRNL | IXON | IXANY | IXOFF); + tio.c_lflag &= ~(ISIG | ICANON | ECHO | ECHOE | ECHOK | ECHONL); #ifdef IEXTEN - tio.c_lflag &= ~IEXTEN; -#endif /* IEXTEN */ - tio.c_oflag &= ~OPOST; - tio.c_cc[VMIN] = 1; - tio.c_cc[VTIME] = 0; - if (tcsetattr(fileno(stdin), TCSADRAIN, &tio) < 0) - perror("tcsetattr"); - in_raw_mode = 1; + tio.c_lflag &= ~IEXTEN; +#endif /* IEXTEN */ + tio.c_oflag &= ~OPOST; + tio.c_cc[VMIN] = 1; + tio.c_cc[VTIME] = 0; + if (tcsetattr(fileno(stdin), TCSADRAIN, &tio) < 0) + perror("tcsetattr"); + in_raw_mode = 1; + + fatal_add_cleanup((void (*) (void *)) leave_raw_mode, NULL); +} - fatal_add_cleanup((void (*)(void *))leave_raw_mode, NULL); -} +/* Restores stdin to blocking mode. */ +void +leave_non_blocking() +{ + if (in_non_blocking_mode) { + (void) fcntl(fileno(stdin), F_SETFL, 0); + in_non_blocking_mode = 0; + fatal_remove_cleanup((void (*) (void *)) leave_non_blocking, NULL); + } +} + /* Puts stdin terminal in non-blocking mode. */ -/* Restores stdin to blocking mode. */ +void +enter_non_blocking() +{ + in_non_blocking_mode = 1; + (void) fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); + fatal_add_cleanup((void (*) (void *)) leave_non_blocking, NULL); +} + +/* + * Signal handler for the window change signal (SIGWINCH). This just sets a + * flag indicating that the window has changed. + */ + +void +window_change_handler(int sig) +{ + received_window_change_signal = 1; + signal(SIGWINCH, window_change_handler); +} + +/* + * Signal handler for signals that cause the program to terminate. These + * signals must be trapped to restore terminal modes. + */ + +void +signal_handler(int sig) +{ + if (in_raw_mode) + leave_raw_mode(); + if (in_non_blocking_mode) + leave_non_blocking(); + channel_stop_listening(); + packet_close(); + fatal("Killed by signal %d.", sig); +} + +/* + * Returns current time in seconds from Jan 1, 1970 with the maximum + * available resolution. + */ + +double +get_current_time() +{ + struct timeval tv; + gettimeofday(&tv, NULL); + return (double) tv.tv_sec + (double) tv.tv_usec / 1000000.0; +} + +/* + * This is called when the interactive is entered. This checks if there is + * an EOF coming on stdin. We must check this explicitly, as select() does + * not appear to wake up when redirecting from /dev/null. + */ + +void +client_check_initial_eof_on_stdin() +{ + int len; + char buf[1]; + + /* + * If standard input is to be "redirected from /dev/null", we simply + * mark that we have seen an EOF and send an EOF message to the + * server. Otherwise, we try to read a single character; it appears + * that for some files, such /dev/null, select() never wakes up for + * read for this descriptor, which means that we never get EOF. This + * way we will get the EOF if stdin comes from /dev/null or similar. + */ + if (stdin_null_flag) { + /* Fake EOF on stdin. */ + debug("Sending eof."); + stdin_eof = 1; + packet_start(SSH_CMSG_EOF); + packet_send(); + } else { + enter_non_blocking(); + + /* Check for immediate EOF on stdin. */ + len = read(fileno(stdin), buf, 1); + if (len == 0) { + /* EOF. Record that we have seen it and send EOF to server. */ + debug("Sending eof."); + stdin_eof = 1; + packet_start(SSH_CMSG_EOF); + packet_send(); + } else if (len > 0) { + /* + * Got data. We must store the data in the buffer, + * and also process it as an escape character if + * appropriate. + */ + if ((unsigned char) buf[0] == escape_char) + escape_pending = 1; + else { + buffer_append(&stdin_buffer, buf, 1); + stdin_bytes += 1; + } + } + leave_non_blocking(); + } +} + +/* + * Get packets from the connection input buffer, and process them as long as + * there are packets available. + */ + +void +client_process_buffered_input_packets() +{ + int type; + char *data; + unsigned int data_len; + int payload_len; + + /* Process any buffered packets from the server. */ + while (!quit_pending && + (type = packet_read_poll(&payload_len)) != SSH_MSG_NONE) { + switch (type) { + + case SSH_SMSG_STDOUT_DATA: + data = packet_get_string(&data_len); + packet_integrity_check(payload_len, 4 + data_len, type); + buffer_append(&stdout_buffer, data, data_len); + stdout_bytes += data_len; + memset(data, 0, data_len); + xfree(data); + break; + + case SSH_SMSG_STDERR_DATA: + data = packet_get_string(&data_len); + packet_integrity_check(payload_len, 4 + data_len, type); + buffer_append(&stderr_buffer, data, data_len); + stdout_bytes += data_len; + memset(data, 0, data_len); + xfree(data); + break; + + case SSH_SMSG_EXITSTATUS: + packet_integrity_check(payload_len, 4, type); + exit_status = packet_get_int(); + /* Acknowledge the exit. */ + packet_start(SSH_CMSG_EXIT_CONFIRMATION); + packet_send(); + /* + * Must wait for packet to be sent since we are + * exiting the loop. + */ + packet_write_wait(); + /* Flag that we want to exit. */ + quit_pending = 1; + break; + + case SSH_SMSG_X11_OPEN: + x11_input_open(payload_len); + break; + + case SSH_MSG_PORT_OPEN: + channel_input_port_open(payload_len); + break; + + case SSH_SMSG_AGENT_OPEN: + packet_integrity_check(payload_len, 4, type); + auth_input_open_request(); + break; + + case SSH_MSG_CHANNEL_OPEN_CONFIRMATION: + packet_integrity_check(payload_len, 4 + 4, type); + channel_input_open_confirmation(); + break; + + case SSH_MSG_CHANNEL_OPEN_FAILURE: + packet_integrity_check(payload_len, 4, type); + channel_input_open_failure(); + break; + + case SSH_MSG_CHANNEL_DATA: + channel_input_data(payload_len); + break; + + case SSH_MSG_CHANNEL_CLOSE: + packet_integrity_check(payload_len, 4, type); + channel_input_close(); + break; + + case SSH_MSG_CHANNEL_CLOSE_CONFIRMATION: + packet_integrity_check(payload_len, 4, type); + channel_input_close_confirmation(); + break; + + default: + /* + * Any unknown packets received during the actual + * session cause the session to terminate. This is + * intended to make debugging easier since no + * confirmations are sent. Any compatible protocol + * extensions must be negotiated during the + * preparatory phase. + */ + packet_disconnect("Protocol error during session: type %d", + type); + } + } +} + +/* + * Make packets from buffered stdin data, and buffer them for sending to the + * connection. + */ + +void +client_make_packets_from_stdin_data() +{ + unsigned int len; + + /* Send buffered stdin data to the server. */ + while (buffer_len(&stdin_buffer) > 0 && + packet_not_very_much_data_to_write()) { + len = buffer_len(&stdin_buffer); + /* Keep the packets at reasonable size. */ + if (len > packet_get_maxsize()) + len = packet_get_maxsize(); + packet_start(SSH_CMSG_STDIN_DATA); + packet_put_string(buffer_ptr(&stdin_buffer), len); + packet_send(); + buffer_consume(&stdin_buffer, len); + /* If we have a pending EOF, send it now. */ + if (stdin_eof && buffer_len(&stdin_buffer) == 0) { + packet_start(SSH_CMSG_EOF); + packet_send(); + } + } +} + +/* + * Checks if the client window has changed, and sends a packet about it to + * the server if so. The actual change is detected elsewhere (by a software + * interrupt on Unix); this just checks the flag and sends a message if + * appropriate. + */ + +void +client_check_window_change() +{ + /* Send possible window change message to the server. */ + if (received_window_change_signal) { + struct winsize ws; + + /* Clear the window change indicator. */ + received_window_change_signal = 0; + + /* Read new window size. */ + if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) >= 0) { + /* Successful, send the packet now. */ + packet_start(SSH_CMSG_WINDOW_SIZE); + packet_put_int(ws.ws_row); + packet_put_int(ws.ws_col); + packet_put_int(ws.ws_xpixel); + packet_put_int(ws.ws_ypixel); + packet_send(); + } + } +} + +/* + * Waits until the client can do something (some data becomes available on + * one of the file descriptors). + */ + +void +client_wait_until_can_do_something(fd_set * readset, fd_set * writeset) +{ + /* Initialize select masks. */ + FD_ZERO(readset); + + /* Read from the connection, unless our buffers are full. */ + if (buffer_len(&stdout_buffer) < buffer_high && + buffer_len(&stderr_buffer) < buffer_high && + channel_not_very_much_buffered_data()) + FD_SET(connection_in, readset); + + /* + * Read from stdin, unless we have seen EOF or have very much + * buffered data to send to the server. + */ + if (!stdin_eof && packet_not_very_much_data_to_write()) + FD_SET(fileno(stdin), readset); + + FD_ZERO(writeset); + + /* Add any selections by the channel mechanism. */ + channel_prepare_select(readset, writeset); + + /* Select server connection if have data to write to the server. */ + if (packet_have_data_to_write()) + FD_SET(connection_out, writeset); + + /* Select stdout if have data in buffer. */ + if (buffer_len(&stdout_buffer) > 0) + FD_SET(fileno(stdout), writeset); + + /* Select stderr if have data in buffer. */ + if (buffer_len(&stderr_buffer) > 0) + FD_SET(fileno(stderr), writeset); + + /* Update maximum file descriptor number, if appropriate. */ + if (channel_max_fd() > max_fd) + max_fd = channel_max_fd(); + + /* + * Wait for something to happen. This will suspend the process until + * some selected descriptor can be read, written, or has some other + * event pending. Note: if you want to implement SSH_MSG_IGNORE + * messages to fool traffic analysis, this might be the place to do + * it: just have a random timeout for the select, and send a random + * SSH_MSG_IGNORE packet when the timeout expires. + */ + + if (select(max_fd + 1, readset, writeset, NULL, NULL) < 0) { + char buf[100]; + /* Some systems fail to clear these automatically. */ + FD_ZERO(readset); + FD_ZERO(writeset); + if (errno == EINTR) + return; + /* Note: we might still have data in the buffers. */ + snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); + buffer_append(&stderr_buffer, buf, strlen(buf)); + stderr_bytes += strlen(buf); + quit_pending = 1; + } +} -void leave_non_blocking() +void +client_suspend_self() { - if (in_non_blocking_mode) - { - (void)fcntl(fileno(stdin), F_SETFL, 0); - in_non_blocking_mode = 0; - fatal_remove_cleanup((void (*)(void *))leave_non_blocking, NULL); - } -} - -void enter_non_blocking() -{ - in_non_blocking_mode = 1; - (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); - fatal_add_cleanup((void (*)(void *))leave_non_blocking, NULL); -} - -/* Signal handler for the window change signal (SIGWINCH). This just - sets a flag indicating that the window has changed. */ - -void window_change_handler(int sig) -{ - received_window_change_signal = 1; - signal(SIGWINCH, window_change_handler); -} - -/* Signal handler for signals that cause the program to terminate. These - signals must be trapped to restore terminal modes. */ - -void signal_handler(int sig) -{ - if (in_raw_mode) - leave_raw_mode(); - if (in_non_blocking_mode) - leave_non_blocking(); - channel_stop_listening(); - packet_close(); - fatal("Killed by signal %d.", sig); -} - -/* Returns current time in seconds from Jan 1, 1970 with the maximum available - resolution. */ - -double get_current_time() -{ - struct timeval tv; - gettimeofday(&tv, NULL); - return (double)tv.tv_sec + (double)tv.tv_usec / 1000000.0; -} - -/* This is called when the interactive is entered. This checks if there - is an EOF coming on stdin. We must check this explicitly, as select() - does not appear to wake up when redirecting from /dev/null. */ - -void client_check_initial_eof_on_stdin() -{ - int len; - char buf[1]; - - /* If standard input is to be "redirected from /dev/null", we simply - mark that we have seen an EOF and send an EOF message to the server. - Otherwise, we try to read a single character; it appears that for some - files, such /dev/null, select() never wakes up for read for this - descriptor, which means that we never get EOF. This way we will get - the EOF if stdin comes from /dev/null or similar. */ - if (stdin_null_flag) - { - /* Fake EOF on stdin. */ - debug("Sending eof."); - stdin_eof = 1; - packet_start(SSH_CMSG_EOF); - packet_send(); - } - else - { - /* Enter non-blocking mode for stdin. */ - enter_non_blocking(); - - /* Check for immediate EOF on stdin. */ - len = read(fileno(stdin), buf, 1); - if (len == 0) - { - /* EOF. Record that we have seen it and send EOF to server. */ - debug("Sending eof."); - stdin_eof = 1; - packet_start(SSH_CMSG_EOF); - packet_send(); - } - else - if (len > 0) - { - /* Got data. We must store the data in the buffer, and also - process it as an escape character if appropriate. */ - if ((unsigned char)buf[0] == escape_char) - escape_pending = 1; - else - { - buffer_append(&stdin_buffer, buf, 1); - stdin_bytes += 1; - } - } - - /* Leave non-blocking mode. */ - leave_non_blocking(); - } -} - -/* Get packets from the connection input buffer, and process them as long - as there are packets available. */ - -void client_process_buffered_input_packets() -{ - int type; - char *data; - unsigned int data_len; - int payload_len; - - /* Process any buffered packets from the server. */ - while (!quit_pending && (type = packet_read_poll(&payload_len)) != SSH_MSG_NONE) - { - switch (type) - { - - case SSH_SMSG_STDOUT_DATA: - data = packet_get_string(&data_len); - packet_integrity_check(payload_len, 4 + data_len, type); - buffer_append(&stdout_buffer, data, data_len); - stdout_bytes += data_len; - memset(data, 0, data_len); - xfree(data); - break; - - case SSH_SMSG_STDERR_DATA: - data = packet_get_string(&data_len); - packet_integrity_check(payload_len, 4 + data_len, type); - buffer_append(&stderr_buffer, data, data_len); - stdout_bytes += data_len; - memset(data, 0, data_len); - xfree(data); - break; - - case SSH_SMSG_EXITSTATUS: - packet_integrity_check(payload_len, 4, type); - exit_status = packet_get_int(); - /* Acknowledge the exit. */ - packet_start(SSH_CMSG_EXIT_CONFIRMATION); - packet_send(); - /* Must wait for packet to be sent since we are exiting the - loop. */ - packet_write_wait(); - /* Flag that we want to exit. */ - quit_pending = 1; - break; - - case SSH_SMSG_X11_OPEN: - x11_input_open(payload_len); - break; - - case SSH_MSG_PORT_OPEN: - channel_input_port_open(payload_len); - break; - - case SSH_SMSG_AGENT_OPEN: - packet_integrity_check(payload_len, 4, type); - auth_input_open_request(); - break; - - case SSH_MSG_CHANNEL_OPEN_CONFIRMATION: - packet_integrity_check(payload_len, 4 + 4, type); - channel_input_open_confirmation(); - break; - - case SSH_MSG_CHANNEL_OPEN_FAILURE: - packet_integrity_check(payload_len, 4, type); - channel_input_open_failure(); - break; - - case SSH_MSG_CHANNEL_DATA: - channel_input_data(payload_len); - break; - - case SSH_MSG_CHANNEL_CLOSE: - packet_integrity_check(payload_len, 4, type); - channel_input_close(); - break; - - case SSH_MSG_CHANNEL_CLOSE_CONFIRMATION: - packet_integrity_check(payload_len, 4, type); - channel_input_close_confirmation(); - break; - - default: - /* Any unknown packets received during the actual session - cause the session to terminate. This is intended to make - debugging easier since no confirmations are sent. Any - compatible protocol extensions must be negotiated during - the preparatory phase. */ - packet_disconnect("Protocol error during session: type %d", - type); - } - } -} - -/* Make packets from buffered stdin data, and buffer them for sending to - the connection. */ - -void client_make_packets_from_stdin_data() -{ - unsigned int len; - - /* Send buffered stdin data to the server. */ - while (buffer_len(&stdin_buffer) > 0 && - packet_not_very_much_data_to_write()) - { - len = buffer_len(&stdin_buffer); - if (len > 32768) - len = 32768; /* Keep the packets at reasonable size. */ - packet_start(SSH_CMSG_STDIN_DATA); - packet_put_string(buffer_ptr(&stdin_buffer), len); - packet_send(); - buffer_consume(&stdin_buffer, len); - /* If we have a pending EOF, send it now. */ - if (stdin_eof && buffer_len(&stdin_buffer) == 0) - { - packet_start(SSH_CMSG_EOF); - packet_send(); - } - } -} - -/* Checks if the client window has changed, and sends a packet about it to - the server if so. The actual change is detected elsewhere (by a software - interrupt on Unix); this just checks the flag and sends a message if - appropriate. */ - -void client_check_window_change() -{ - /* Send possible window change message to the server. */ - if (received_window_change_signal) - { - struct winsize ws; - - /* Clear the window change indicator. */ - received_window_change_signal = 0; - - /* Read new window size. */ - if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) >= 0) - { - /* Successful, send the packet now. */ - packet_start(SSH_CMSG_WINDOW_SIZE); - packet_put_int(ws.ws_row); - packet_put_int(ws.ws_col); - packet_put_int(ws.ws_xpixel); - packet_put_int(ws.ws_ypixel); - packet_send(); - } - } -} - -/* Waits until the client can do something (some data becomes available on - one of the file descriptors). */ - -void client_wait_until_can_do_something(fd_set *readset, fd_set *writeset) -{ - /* Initialize select masks. */ - FD_ZERO(readset); - - /* Read from the connection, unless our buffers are full. */ - if (buffer_len(&stdout_buffer) < buffer_high && - buffer_len(&stderr_buffer) < buffer_high && - channel_not_very_much_buffered_data()) - FD_SET(connection_in, readset); - - /* Read from stdin, unless we have seen EOF or have very much buffered - data to send to the server. */ - if (!stdin_eof && packet_not_very_much_data_to_write()) - FD_SET(fileno(stdin), readset); - - FD_ZERO(writeset); - - /* Add any selections by the channel mechanism. */ - channel_prepare_select(readset, writeset); - - /* Select server connection if have data to write to the server. */ - if (packet_have_data_to_write()) - FD_SET(connection_out, writeset); - - /* Select stdout if have data in buffer. */ - if (buffer_len(&stdout_buffer) > 0) - FD_SET(fileno(stdout), writeset); - - /* Select stderr if have data in buffer. */ - if (buffer_len(&stderr_buffer) > 0) - FD_SET(fileno(stderr), writeset); - - /* Update maximum file descriptor number, if appropriate. */ - if (channel_max_fd() > max_fd) - max_fd = channel_max_fd(); - - /* Wait for something to happen. This will suspend the process until - some selected descriptor can be read, written, or has some other - event pending. Note: if you want to implement SSH_MSG_IGNORE - messages to fool traffic analysis, this might be the place to do - it: just have a random timeout for the select, and send a random - SSH_MSG_IGNORE packet when the timeout expires. */ - if (select(max_fd + 1, readset, writeset, NULL, NULL) < 0) - { - char buf[100]; - /* Some systems fail to clear these automatically. */ - FD_ZERO(readset); - FD_ZERO(writeset); - if (errno == EINTR) - return; - /* Note: we might still have data in the buffers. */ - snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno)); - buffer_append(&stderr_buffer, buf, strlen(buf)); - stderr_bytes += strlen(buf); - quit_pending = 1; - } -} - -void client_suspend_self() -{ - struct winsize oldws, newws; - - /* Flush stdout and stderr buffers. */ - if (buffer_len(&stdout_buffer) > 0) - write(fileno(stdout), - buffer_ptr(&stdout_buffer), - buffer_len(&stdout_buffer)); - if (buffer_len(&stderr_buffer) > 0) - write(fileno(stderr), - buffer_ptr(&stderr_buffer), - buffer_len(&stderr_buffer)); - - /* Leave raw mode. */ - leave_raw_mode(); - - /* Free (and clear) the buffer to reduce the - amount of data that gets written to swap. */ - buffer_free(&stdin_buffer); - buffer_free(&stdout_buffer); - buffer_free(&stderr_buffer); - - /* Save old window size. */ - ioctl(fileno(stdin), TIOCGWINSZ, &oldws); - - /* Send the suspend signal to the program - itself. */ - kill(getpid(), SIGTSTP); - - /* Check if the window size has changed. */ - if (ioctl(fileno(stdin), TIOCGWINSZ, &newws) >= 0 && - (oldws.ws_row != newws.ws_row || oldws.ws_col != newws.ws_col || - oldws.ws_xpixel != newws.ws_xpixel || - oldws.ws_ypixel != newws.ws_ypixel)) - received_window_change_signal = 1; - - /* OK, we have been continued by the user. - Reinitialize buffers. */ - buffer_init(&stdin_buffer); - buffer_init(&stdout_buffer); - buffer_init(&stderr_buffer); - - /* Re-enter raw mode. */ - enter_raw_mode(); -} - -void client_process_input(fd_set *readset) -{ - int len, pid; - char buf[8192], *s; - - /* Read input from the server, and add any such data to the buffer of the - packet subsystem. */ - if (FD_ISSET(connection_in, readset)) - { - /* Read as much as possible. */ - len = read(connection_in, buf, sizeof(buf)); - if (len == 0) - { - /* Received EOF. The remote host has closed the connection. */ - snprintf(buf, sizeof buf, "Connection to %.300s closed by remote host.\r\n", - host); - buffer_append(&stderr_buffer, buf, strlen(buf)); - stderr_bytes += strlen(buf); - quit_pending = 1; - return; - } - - /* There is a kernel bug on Solaris that causes select to sometimes - wake up even though there is no data available. */ - if (len < 0 && errno == EAGAIN) - len = 0; - - if (len < 0) - { - /* An error has encountered. Perhaps there is a network - problem. */ - snprintf(buf, sizeof buf, "Read from remote host %.300s: %.100s\r\n", - host, strerror(errno)); - buffer_append(&stderr_buffer, buf, strlen(buf)); - stderr_bytes += strlen(buf); - quit_pending = 1; - return; - } - packet_process_incoming(buf, len); - } - - /* Read input from stdin. */ - if (FD_ISSET(fileno(stdin), readset)) - { - /* Read as much as possible. */ - len = read(fileno(stdin), buf, sizeof(buf)); - if (len <= 0) - { - /* Received EOF or error. They are treated similarly, - except that an error message is printed if it was - an error condition. */ - if (len < 0) - { - snprintf(buf, sizeof buf, "read: %.100s\r\n", strerror(errno)); - buffer_append(&stderr_buffer, buf, strlen(buf)); - stderr_bytes += strlen(buf); - } - /* Mark that we have seen EOF. */ - stdin_eof = 1; - /* Send an EOF message to the server unless there is data - in the buffer. If there is data in the buffer, no message - will be sent now. Code elsewhere will send the EOF - when the buffer becomes empty if stdin_eof is set. */ - if (buffer_len(&stdin_buffer) == 0) - { - packet_start(SSH_CMSG_EOF); - packet_send(); - } - } - else - if (escape_char == -1) - { - /* Normal successful read, and no escape character. Just - append the data to buffer. */ - buffer_append(&stdin_buffer, buf, len); - stdin_bytes += len; - } - else - { - /* Normal, successful read. But we have an escape character - and have to process the characters one by one. */ - unsigned int i; - for (i = 0; i < len; i++) - { - unsigned char ch; - /* Get one character at a time. */ - ch = buf[i]; - - /* Check if we have a pending escape character. */ - if (escape_pending) - { - /* We have previously seen an escape character. */ - /* Clear the flag now. */ - escape_pending = 0; - /* Process the escaped character. */ - switch (ch) - { - case '.': - /* Terminate the connection. */ - snprintf(buf, sizeof buf, "%c.\r\n", escape_char); + struct winsize oldws, newws; + + /* Flush stdout and stderr buffers. */ + if (buffer_len(&stdout_buffer) > 0) + atomicio(write, fileno(stdout), buffer_ptr(&stdout_buffer), + buffer_len(&stdout_buffer)); + if (buffer_len(&stderr_buffer) > 0) + atomicio(write, fileno(stderr), buffer_ptr(&stderr_buffer), + buffer_len(&stderr_buffer)); + + leave_raw_mode(); + + /* + * Free (and clear) the buffer to reduce the amount of data that gets + * written to swap. + */ + buffer_free(&stdin_buffer); + buffer_free(&stdout_buffer); + buffer_free(&stderr_buffer); + + /* Save old window size. */ + ioctl(fileno(stdin), TIOCGWINSZ, &oldws); + + /* Send the suspend signal to the program itself. */ + kill(getpid(), SIGTSTP); + + /* Check if the window size has changed. */ + if (ioctl(fileno(stdin), TIOCGWINSZ, &newws) >= 0 && + (oldws.ws_row != newws.ws_row || + oldws.ws_col != newws.ws_col || + oldws.ws_xpixel != newws.ws_xpixel || + oldws.ws_ypixel != newws.ws_ypixel)) + received_window_change_signal = 1; + + /* OK, we have been continued by the user. Reinitialize buffers. */ + buffer_init(&stdin_buffer); + buffer_init(&stdout_buffer); + buffer_init(&stderr_buffer); + + enter_raw_mode(); +} + +void +client_process_input(fd_set * readset) +{ + int len, pid; + char buf[8192], *s; + + /* + * Read input from the server, and add any such data to the buffer of + * the packet subsystem. + */ + if (FD_ISSET(connection_in, readset)) { + /* Read as much as possible. */ + len = read(connection_in, buf, sizeof(buf)); + if (len == 0) { + /* Received EOF. The remote host has closed the connection. */ + snprintf(buf, sizeof buf, "Connection to %.300s closed by remote host.\r\n", + host); buffer_append(&stderr_buffer, buf, strlen(buf)); stderr_bytes += strlen(buf); quit_pending = 1; return; - - case 'Z' - 64: - /* Suspend the program. */ - /* Print a message to that effect to the user. */ - snprintf(buf, sizeof buf, "%c^Z\r\n", escape_char); - buffer_append(&stderr_buffer, buf, strlen(buf)); - stderr_bytes += strlen(buf); - - /* Restore terminal modes and suspend. */ - client_suspend_self(); - - /* We have been continued. */ - continue; - - case '&': - /* Detach the program (continue to serve connections, - but put in background and no more new - connections). */ - if (!stdin_eof) - { - /* Sending SSH_CMSG_EOF alone does not always - appear to be enough. So we try to send an - EOF character first. */ - packet_start(SSH_CMSG_STDIN_DATA); - packet_put_string("\004", 1); - packet_send(); - /* Close stdin. */ - stdin_eof = 1; - if (buffer_len(&stdin_buffer) == 0) - { + } + /* + * There is a kernel bug on Solaris that causes select to + * sometimes wake up even though there is no data available. + */ + if (len < 0 && errno == EAGAIN) + len = 0; + + if (len < 0) { + /* An error has encountered. Perhaps there is a network problem. */ + snprintf(buf, sizeof buf, "Read from remote host %.300s: %.100s\r\n", + host, strerror(errno)); + buffer_append(&stderr_buffer, buf, strlen(buf)); + stderr_bytes += strlen(buf); + quit_pending = 1; + return; + } + packet_process_incoming(buf, len); + } + /* Read input from stdin. */ + if (FD_ISSET(fileno(stdin), readset)) { + /* Read as much as possible. */ + len = read(fileno(stdin), buf, sizeof(buf)); + if (len <= 0) { + /* + * Received EOF or error. They are treated + * similarly, except that an error message is printed + * if it was an error condition. + */ + if (len < 0) { + snprintf(buf, sizeof buf, "read: %.100s\r\n", strerror(errno)); + buffer_append(&stderr_buffer, buf, strlen(buf)); + stderr_bytes += strlen(buf); + } + /* Mark that we have seen EOF. */ + stdin_eof = 1; + /* + * Send an EOF message to the server unless there is + * data in the buffer. If there is data in the + * buffer, no message will be sent now. Code + * elsewhere will send the EOF when the buffer + * becomes empty if stdin_eof is set. + */ + if (buffer_len(&stdin_buffer) == 0) { packet_start(SSH_CMSG_EOF); packet_send(); - } - } - /* Restore tty modes. */ - leave_raw_mode(); - - /* Stop listening for new connections. */ - channel_stop_listening(); - - printf("%c& [backgrounded]\n", escape_char); - - /* Fork into background. */ - pid = fork(); - if (pid < 0) - { - error("fork: %.100s", strerror(errno)); - continue; - } - if (pid != 0) - { /* This is the parent. */ - /* The parent just exits. */ - exit(0); - } - - /* The child continues serving connections. */ - continue; - - case '?': - snprintf(buf, sizeof buf, "%c?\r\n\ + } + } else if (escape_char == -1) { + /* + * Normal successful read, and no escape character. + * Just append the data to buffer. + */ + buffer_append(&stdin_buffer, buf, len); + stdin_bytes += len; + } else { + /* + * Normal, successful read. But we have an escape character + * and have to process the characters one by one. + */ + unsigned int i; + for (i = 0; i < len; i++) { + unsigned char ch; + /* Get one character at a time. */ + ch = buf[i]; + + if (escape_pending) { + /* We have previously seen an escape character. */ + /* Clear the flag now. */ + escape_pending = 0; + /* Process the escaped character. */ + switch (ch) { + case '.': + /* Terminate the connection. */ + snprintf(buf, sizeof buf, "%c.\r\n", escape_char); + buffer_append(&stderr_buffer, buf, strlen(buf)); + stderr_bytes += strlen(buf); + quit_pending = 1; + return; + + case 'Z' - 64: + /* Suspend the program. */ + /* Print a message to that effect to the user. */ + snprintf(buf, sizeof buf, "%c^Z\r\n", escape_char); + buffer_append(&stderr_buffer, buf, strlen(buf)); + stderr_bytes += strlen(buf); + + /* Restore terminal modes and suspend. */ + client_suspend_self(); + + /* We have been continued. */ + continue; + + case '&': + /* + * Detach the program (continue to serve connections, + * but put in background and no more new connections). + */ + if (!stdin_eof) { + /* + * Sending SSH_CMSG_EOF alone does not always appear + * to be enough. So we try to send an EOF character + * first. + */ + packet_start(SSH_CMSG_STDIN_DATA); + packet_put_string("\004", 1); + packet_send(); + /* Close stdin. */ + stdin_eof = 1; + if (buffer_len(&stdin_buffer) == 0) { + packet_start(SSH_CMSG_EOF); + packet_send(); + } + } + /* Restore tty modes. */ + leave_raw_mode(); + + /* Stop listening for new connections. */ + channel_stop_listening(); + + printf("%c& [backgrounded]\n", escape_char); + + /* Fork into background. */ + pid = fork(); + if (pid < 0) { + error("fork: %.100s", strerror(errno)); + continue; + } + if (pid != 0) { /* This is the parent. */ + /* The parent just exits. */ + exit(0); + } + /* The child continues serving connections. */ + continue; + + case '?': + snprintf(buf, sizeof buf, +"%c?\r\n\ Supported escape sequences:\r\n\ ~. - terminate connection\r\n\ ~^Z - suspend ssh\r\n\ @@ -649,276 +670,283 @@ ~? - this message\r\n\ ~~ - send the escape character by typing it twice\r\n\ (Note that escapes are only recognized immediately after newline.)\r\n", - escape_char); - buffer_append(&stderr_buffer, buf, strlen(buf)); - continue; + escape_char); + buffer_append(&stderr_buffer, buf, strlen(buf)); + continue; + + case '#': + snprintf(buf, sizeof buf, "%c#\r\n", escape_char); + buffer_append(&stderr_buffer, buf, strlen(buf)); + s = channel_open_message(); + buffer_append(&stderr_buffer, s, strlen(s)); + xfree(s); + continue; + + default: + if (ch != escape_char) { + /* + * Escape character followed by non-special character. + * Append both to the input buffer. + */ + buf[0] = escape_char; + buf[1] = ch; + buffer_append(&stdin_buffer, buf, 2); + stdin_bytes += 2; + continue; + } + /* + * Note that escape character typed twice + * falls through here; the latter gets processed + * as a normal character below. + */ + break; + } + } else { + /* + * The previous character was not an escape char. Check if this + * is an escape. + */ + if (last_was_cr && ch == escape_char) { + /* It is. Set the flag and continue to next character. */ + escape_pending = 1; + continue; + } + } + + /* + * Normal character. Record whether it was a newline, + * and append it to the buffer. + */ + last_was_cr = (ch == '\r' || ch == '\n'); + buf[0] = ch; + buffer_append(&stdin_buffer, buf, 1); + stdin_bytes += 1; + continue; + } + } + } +} - case '#': - snprintf(buf, sizeof buf, "%c#\r\n", escape_char); - buffer_append(&stderr_buffer, buf, strlen(buf)); - s = channel_open_message(); - buffer_append(&stderr_buffer, s, strlen(s)); - xfree(s); - continue; - - default: - if (ch != escape_char) - { - /* Escape character followed by non-special - character. Append both to the input - buffer. */ - buf[0] = escape_char; - buf[1] = ch; - buffer_append(&stdin_buffer, buf, 2); - stdin_bytes += 2; - continue; - } - /* Note that escape character typed twice falls through - here; the latter gets processed as a normal - character below. */ - break; - } - } - else - { - /* The previous character was not an escape char. - Check if this is an escape. */ - if (last_was_cr && ch == escape_char) - { - /* It is. Set the flag and continue to next - character. */ - escape_pending = 1; - continue; - } - } - - /* Normal character. Record whether it was a newline, - and append it to the buffer. */ - last_was_cr = (ch == '\r' || ch == '\n'); - buf[0] = ch; - buffer_append(&stdin_buffer, buf, 1); - stdin_bytes += 1; - continue; - } - } - } -} - -void client_process_output(fd_set *writeset) -{ - int len; - char buf[100]; - - /* Write buffered output to stdout. */ - if (FD_ISSET(fileno(stdout), writeset)) - { - /* Write as much data as possible. */ - len = write(fileno(stdout), buffer_ptr(&stdout_buffer), - buffer_len(&stdout_buffer)); - if (len <= 0) - { - if (errno == EAGAIN) - len = 0; - else - { - /* An error or EOF was encountered. Put an error message - to stderr buffer. */ - snprintf(buf, sizeof buf, "write stdout: %.50s\r\n", strerror(errno)); - buffer_append(&stderr_buffer, buf, strlen(buf)); - stderr_bytes += strlen(buf); - quit_pending = 1; - return; - } - } - /* Consume printed data from the buffer. */ - buffer_consume(&stdout_buffer, len); - } - - /* Write buffered output to stderr. */ - if (FD_ISSET(fileno(stderr), writeset)) - { - /* Write as much data as possible. */ - len = write(fileno(stderr), buffer_ptr(&stderr_buffer), - buffer_len(&stderr_buffer)); - if (len <= 0) { - if (errno == EAGAIN) - len = 0; - else - { - /* EOF or error, but can't even print error message. */ - quit_pending = 1; - return; - } - } - /* Consume printed characters from the buffer. */ - buffer_consume(&stderr_buffer, len); - } -} - -/* Implements the interactive session with the server. This is called - after the user has been authenticated, and a command has been - started on the remote host. If escape_char != -1, it is the character - used as an escape character for terminating or suspending the - session. */ - -int client_loop(int have_pty, int escape_char_arg) -{ - double start_time, total_time; - int len; - char buf[100]; - - debug("Entering interactive session."); - - start_time = get_current_time(); - - /* Initialize variables. */ - escape_pending = 0; - last_was_cr = 1; - exit_status = -1; - stdin_eof = 0; - buffer_high = 64 * 1024; - connection_in = packet_get_connection_in(); - connection_out = packet_get_connection_out(); - max_fd = connection_in; - if (connection_out > max_fd) - max_fd = connection_out; - stdin_bytes = 0; - stdout_bytes = 0; - stderr_bytes = 0; - quit_pending = 0; - escape_char = escape_char_arg; - - /* Initialize buffers. */ - buffer_init(&stdin_buffer); - buffer_init(&stdout_buffer); - buffer_init(&stderr_buffer); - - /* Set signal handlers to restore non-blocking mode. */ - signal(SIGINT, signal_handler); - signal(SIGQUIT, signal_handler); - signal(SIGTERM, signal_handler); - signal(SIGPIPE, SIG_IGN); - if (have_pty) - signal(SIGWINCH, window_change_handler); - - /* Enter raw mode if have a pseudo terminal. */ - if (have_pty) - enter_raw_mode(); - - /* Check if we should immediately send of on stdin. */ - client_check_initial_eof_on_stdin(); - - /* Main loop of the client for the interactive session mode. */ - while (!quit_pending) - { - fd_set readset, writeset; - - /* Precess buffered packets sent by the server. */ - client_process_buffered_input_packets(); - - /* Make packets of buffered stdin data, and buffer them for sending - to the server. */ - client_make_packets_from_stdin_data(); - - /* Make packets from buffered channel data, and buffer them for sending - to the server. */ - if (packet_not_very_much_data_to_write()) - channel_output_poll(); - - /* Check if the window size has changed, and buffer a message about - it to the server if so. */ - client_check_window_change(); - - if (quit_pending) - break; - - /* Wait until we have something to do (something becomes available - on one of the descriptors). */ - client_wait_until_can_do_something(&readset, &writeset); - - if (quit_pending) - break; - - /* Do channel operations. */ - channel_after_select(&readset, &writeset); - - /* Process input from the connection and from stdin. Buffer any data - that is available. */ - client_process_input(&readset); - - /* Process output to stdout and stderr. Output to the connection - is processed elsewhere (above). */ - client_process_output(&writeset); - - /* Send as much buffered packet data as possible to the sender. */ - if (FD_ISSET(connection_out, &writeset)) - packet_write_poll(); - } - - /* Terminate the session. */ - - /* Stop watching for window change. */ - if (have_pty) - signal(SIGWINCH, SIG_DFL); - - /* Stop listening for connections. */ - channel_stop_listening(); - - /* In interactive mode (with pseudo tty) display a message indicating that - the connection has been closed. */ - if (have_pty && !quiet_flag) - { - snprintf(buf, sizeof buf, "Connection to %.64s closed.\r\n", host); - buffer_append(&stderr_buffer, buf, strlen(buf)); - stderr_bytes += strlen(buf); - } - - /* Output any buffered data for stdout. */ - while (buffer_len(&stdout_buffer) > 0) - { - len = write(fileno(stdout), buffer_ptr(&stdout_buffer), - buffer_len(&stdout_buffer)); - if (len <= 0) - { - error("Write failed flushing stdout buffer."); - break; - } - buffer_consume(&stdout_buffer, len); - } - - /* Output any buffered data for stderr. */ - while (buffer_len(&stderr_buffer) > 0) - { - len = write(fileno(stderr), buffer_ptr(&stderr_buffer), - buffer_len(&stderr_buffer)); - if (len <= 0) - { - error("Write failed flushing stderr buffer."); - break; - } - buffer_consume(&stderr_buffer, len); - } - - /* Leave raw mode. */ - if (have_pty) - leave_raw_mode(); - - /* Clear and free any buffers. */ - memset(buf, 0, sizeof(buf)); - buffer_free(&stdin_buffer); - buffer_free(&stdout_buffer); - buffer_free(&stderr_buffer); - - /* Report bytes transferred, and transfer rates. */ - total_time = get_current_time() - start_time; - debug("Transferred: stdin %lu, stdout %lu, stderr %lu bytes in %.1f seconds", - stdin_bytes, stdout_bytes, stderr_bytes, total_time); - if (total_time > 0) - debug("Bytes per second: stdin %.1f, stdout %.1f, stderr %.1f", - stdin_bytes / total_time, stdout_bytes / total_time, - stderr_bytes / total_time); - - /* Return the exit status of the program. */ - debug("Exit status %d", exit_status); - return exit_status; +void +client_process_output(fd_set * writeset) +{ + int len; + char buf[100]; + + /* Write buffered output to stdout. */ + if (FD_ISSET(fileno(stdout), writeset)) { + /* Write as much data as possible. */ + len = write(fileno(stdout), buffer_ptr(&stdout_buffer), + buffer_len(&stdout_buffer)); + if (len <= 0) { + if (errno == EAGAIN) + len = 0; + else { + /* + * An error or EOF was encountered. Put an + * error message to stderr buffer. + */ + snprintf(buf, sizeof buf, "write stdout: %.50s\r\n", strerror(errno)); + buffer_append(&stderr_buffer, buf, strlen(buf)); + stderr_bytes += strlen(buf); + quit_pending = 1; + return; + } + } + /* Consume printed data from the buffer. */ + buffer_consume(&stdout_buffer, len); + } + /* Write buffered output to stderr. */ + if (FD_ISSET(fileno(stderr), writeset)) { + /* Write as much data as possible. */ + len = write(fileno(stderr), buffer_ptr(&stderr_buffer), + buffer_len(&stderr_buffer)); + if (len <= 0) { + if (errno == EAGAIN) + len = 0; + else { + /* EOF or error, but can't even print error message. */ + quit_pending = 1; + return; + } + } + /* Consume printed characters from the buffer. */ + buffer_consume(&stderr_buffer, len); + } +} + +/* + * Implements the interactive session with the server. This is called after + * the user has been authenticated, and a command has been started on the + * remote host. If escape_char != -1, it is the character used as an escape + * character for terminating or suspending the session. + */ + +int +client_loop(int have_pty, int escape_char_arg) +{ + extern Options options; + double start_time, total_time; + int len; + char buf[100]; + + debug("Entering interactive session."); + + start_time = get_current_time(); + + /* Initialize variables. */ + escape_pending = 0; + last_was_cr = 1; + exit_status = -1; + stdin_eof = 0; + buffer_high = 64 * 1024; + connection_in = packet_get_connection_in(); + connection_out = packet_get_connection_out(); + max_fd = connection_in; + if (connection_out > max_fd) + max_fd = connection_out; + stdin_bytes = 0; + stdout_bytes = 0; + stderr_bytes = 0; + quit_pending = 0; + escape_char = escape_char_arg; + + /* Initialize buffers. */ + buffer_init(&stdin_buffer); + buffer_init(&stdout_buffer); + buffer_init(&stderr_buffer); + + /* Set signal handlers to restore non-blocking mode. */ + signal(SIGINT, signal_handler); + signal(SIGQUIT, signal_handler); + signal(SIGTERM, signal_handler); + signal(SIGPIPE, SIG_IGN); + if (have_pty) + signal(SIGWINCH, window_change_handler); + + if (have_pty) + enter_raw_mode(); + + /* Check if we should immediately send of on stdin. */ + client_check_initial_eof_on_stdin(); + + /* Main loop of the client for the interactive session mode. */ + while (!quit_pending) { + fd_set readset, writeset; + + /* Process buffered packets sent by the server. */ + client_process_buffered_input_packets(); + + /* + * Make packets of buffered stdin data, and buffer them for + * sending to the server. + */ + client_make_packets_from_stdin_data(); + + /* + * Make packets from buffered channel data, and buffer them + * for sending to the server. + */ + if (packet_not_very_much_data_to_write()) + channel_output_poll(); + + /* + * Check if the window size has changed, and buffer a message + * about it to the server if so. + */ + client_check_window_change(); + + if (quit_pending) + break; + + /* + * Wait until we have something to do (something becomes + * available on one of the descriptors). + */ + client_wait_until_can_do_something(&readset, &writeset); + + if (quit_pending) + break; + + /* Do channel operations. */ + channel_after_select(&readset, &writeset); + + /* + * Process input from the connection and from stdin. Buffer + * any data that is available. + */ + client_process_input(&readset); + + /* + * Process output to stdout and stderr. Output to the + * connection is processed elsewhere (above). + */ + client_process_output(&writeset); + + /* Send as much buffered packet data as possible to the sender. */ + if (FD_ISSET(connection_out, &writeset)) + packet_write_poll(); + } + + /* Terminate the session. */ + + /* Stop watching for window change. */ + if (have_pty) + signal(SIGWINCH, SIG_DFL); + + /* Stop listening for connections. */ + channel_stop_listening(); + + /* + * In interactive mode (with pseudo tty) display a message indicating + * that the connection has been closed. + */ + if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) { + snprintf(buf, sizeof buf, "Connection to %.64s closed.\r\n", host); + buffer_append(&stderr_buffer, buf, strlen(buf)); + stderr_bytes += strlen(buf); + } + /* Output any buffered data for stdout. */ + while (buffer_len(&stdout_buffer) > 0) { + len = write(fileno(stdout), buffer_ptr(&stdout_buffer), + buffer_len(&stdout_buffer)); + if (len <= 0) { + error("Write failed flushing stdout buffer."); + break; + } + buffer_consume(&stdout_buffer, len); + } + + /* Output any buffered data for stderr. */ + while (buffer_len(&stderr_buffer) > 0) { + len = write(fileno(stderr), buffer_ptr(&stderr_buffer), + buffer_len(&stderr_buffer)); + if (len <= 0) { + error("Write failed flushing stderr buffer."); + break; + } + buffer_consume(&stderr_buffer, len); + } + + if (have_pty) + leave_raw_mode(); + + /* Clear and free any buffers. */ + memset(buf, 0, sizeof(buf)); + buffer_free(&stdin_buffer); + buffer_free(&stdout_buffer); + buffer_free(&stderr_buffer); + + /* Report bytes transferred, and transfer rates. */ + total_time = get_current_time() - start_time; + debug("Transferred: stdin %lu, stdout %lu, stderr %lu bytes in %.1f seconds", + stdin_bytes, stdout_bytes, stderr_bytes, total_time); + if (total_time > 0) + debug("Bytes per second: stdin %.1f, stdout %.1f, stderr %.1f", + stdin_bytes / total_time, stdout_bytes / total_time, + stderr_bytes / total_time); + + /* Return the exit status of the program. */ + debug("Exit status %d", exit_status); + return exit_status; } Index: usr.bin/ssh/compat.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/compat.c,v retrieving revision 1.2 retrieving revision 1.5 diff -u -r1.2 -r1.5 --- usr.bin/ssh/compat.c 1999/10/16 22:29:01 1.2 +++ usr.bin/ssh/compat.c 1999/11/24 16:15:24 1.5 @@ -1,10 +1,42 @@ +/* + * Copyright (c) 1999 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + #include "includes.h" -RCSID("$Id: compat.c,v 1.2 1999/10/16 22:29:01 markus Exp $"); +RCSID("$Id: compat.c,v 1.5 1999/11/24 16:15:24 markus Exp $"); #include "ssh.h" + +int compat13 = 0; -int compat13=0; -void enable_compat13(void){ - log("Enabling compatibility mode for protocol 1.3"); - compat13=1; +void +enable_compat13(void) +{ + verbose("Enabling compatibility mode for protocol 1.3"); + compat13 = 1; } Index: usr.bin/ssh/compat.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/compat.h,v retrieving revision 1.2 retrieving revision 1.4 diff -u -r1.2 -r1.4 --- usr.bin/ssh/compat.h 1999/10/16 22:29:01 1.2 +++ usr.bin/ssh/compat.h 1999/11/24 16:15:24 1.4 @@ -1,7 +1,35 @@ -/* RCSID("$Id: compat.h,v 1.2 1999/10/16 22:29:01 markus Exp $"); */ +/* + * Copyright (c) 1999 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* RCSID("$Id: compat.h,v 1.4 1999/11/24 16:15:24 markus Exp $"); */ #ifndef COMPAT_H #define COMPAT_H -void enable_compat13(void); +void enable_compat13(void); extern int compat13; #endif Index: usr.bin/ssh/compress.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/compress.c,v retrieving revision 1.1 retrieving revision 1.4 diff -u -r1.1 -r1.4 --- usr.bin/ssh/compress.c 1999/09/26 20:53:34 1.1 +++ usr.bin/ssh/compress.c 1999/11/24 19:53:46 1.4 @@ -1,20 +1,20 @@ /* + * + * compress.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Wed Oct 25 22:12:46 1995 ylo + * + * Interface to packet compression for ssh. + * + */ -compress.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Oct 25 22:12:46 1995 ylo - -Interface to packet compression for ssh. - -*/ - #include "includes.h" -RCSID("$Id: compress.c,v 1.1 1999/09/26 20:53:34 deraadt Exp $"); +RCSID("$Id: compress.c,v 1.4 1999/11/24 19:53:46 markus Exp $"); #include "ssh.h" #include "buffer.h" @@ -23,138 +23,143 @@ static z_stream incoming_stream; static z_stream outgoing_stream; -/* Initializes compression; level is compression level from 1 to 9 (as in - gzip). */ +/* + * Initializes compression; level is compression level from 1 to 9 + * (as in gzip). + */ -void buffer_compress_init(int level) +void +buffer_compress_init(int level) { - debug("Enabling compression at level %d.", level); - if (level < 1 || level > 9) - fatal("Bad compression level %d.", level); - inflateInit(&incoming_stream); - deflateInit(&outgoing_stream, level); + debug("Enabling compression at level %d.", level); + if (level < 1 || level > 9) + fatal("Bad compression level %d.", level); + inflateInit(&incoming_stream); + deflateInit(&outgoing_stream, level); } /* Frees any data structures allocated for compression. */ -void buffer_compress_uninit() +void +buffer_compress_uninit() { - debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f", - outgoing_stream.total_in, outgoing_stream.total_out, - outgoing_stream.total_in == 0 ? 0.0 : - (double)outgoing_stream.total_out / outgoing_stream.total_in); - debug("compress incoming: raw data %lu, compressed %lu, factor %.2f", - incoming_stream.total_out, incoming_stream.total_in, - incoming_stream.total_out == 0 ? 0.0 : - (double)incoming_stream.total_in / incoming_stream.total_out); - inflateEnd(&incoming_stream); - deflateEnd(&outgoing_stream); + debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f", + outgoing_stream.total_in, outgoing_stream.total_out, + outgoing_stream.total_in == 0 ? 0.0 : + (double) outgoing_stream.total_out / outgoing_stream.total_in); + debug("compress incoming: raw data %lu, compressed %lu, factor %.2f", + incoming_stream.total_out, incoming_stream.total_in, + incoming_stream.total_out == 0 ? 0.0 : + (double) incoming_stream.total_in / incoming_stream.total_out); + inflateEnd(&incoming_stream); + deflateEnd(&outgoing_stream); } -/* Compresses the contents of input_buffer into output_buffer. All - packets compressed using this function will form a single - compressed data stream; however, data will be flushed at the end of - every call so that each output_buffer can be decompressed - independently (but in the appropriate order since they together - form a single compression stream) by the receiver. This appends - the compressed data to the output buffer. */ +/* + * Compresses the contents of input_buffer into output_buffer. All packets + * compressed using this function will form a single compressed data stream; + * however, data will be flushed at the end of every call so that each + * output_buffer can be decompressed independently (but in the appropriate + * order since they together form a single compression stream) by the + * receiver. This appends the compressed data to the output buffer. + */ -void buffer_compress(Buffer *input_buffer, Buffer *output_buffer) +void +buffer_compress(Buffer * input_buffer, Buffer * output_buffer) { - char buf[4096]; - int status; + char buf[4096]; + int status; - /* This case is not handled below. */ - if (buffer_len(input_buffer) == 0) - return; - - /* Input is the contents of the input buffer. */ - outgoing_stream.next_in = buffer_ptr(input_buffer); - outgoing_stream.avail_in = buffer_len(input_buffer); - - /* Loop compressing until deflate() returns with avail_out != 0. */ - do - { - /* Set up fixed-size output buffer. */ - outgoing_stream.next_out = buf; - outgoing_stream.avail_out = sizeof(buf); - - /* Compress as much data into the buffer as possible. */ - status = deflate(&outgoing_stream, Z_PARTIAL_FLUSH); - switch (status) - { - case Z_OK: - /* Append compressed data to output_buffer. */ - buffer_append(output_buffer, buf, - sizeof(buf) - outgoing_stream.avail_out); - break; - case Z_STREAM_END: - fatal("buffer_compress: deflate returned Z_STREAM_END"); - /*NOTREACHED*/ - case Z_STREAM_ERROR: - fatal("buffer_compress: deflate returned Z_STREAM_ERROR"); - /*NOTREACHED*/ - case Z_BUF_ERROR: - fatal("buffer_compress: deflate returned Z_BUF_ERROR"); - /*NOTREACHED*/ - default: - fatal("buffer_compress: deflate returned %d", status); - /*NOTREACHED*/ + /* This case is not handled below. */ + if (buffer_len(input_buffer) == 0) + return; + + /* Input is the contents of the input buffer. */ + outgoing_stream.next_in = buffer_ptr(input_buffer); + outgoing_stream.avail_in = buffer_len(input_buffer); + + /* Loop compressing until deflate() returns with avail_out != 0. */ + do { + /* Set up fixed-size output buffer. */ + outgoing_stream.next_out = buf; + outgoing_stream.avail_out = sizeof(buf); + + /* Compress as much data into the buffer as possible. */ + status = deflate(&outgoing_stream, Z_PARTIAL_FLUSH); + switch (status) { + case Z_OK: + /* Append compressed data to output_buffer. */ + buffer_append(output_buffer, buf, + sizeof(buf) - outgoing_stream.avail_out); + break; + case Z_STREAM_END: + fatal("buffer_compress: deflate returned Z_STREAM_END"); + /* NOTREACHED */ + case Z_STREAM_ERROR: + fatal("buffer_compress: deflate returned Z_STREAM_ERROR"); + /* NOTREACHED */ + case Z_BUF_ERROR: + fatal("buffer_compress: deflate returned Z_BUF_ERROR"); + /* NOTREACHED */ + default: + fatal("buffer_compress: deflate returned %d", status); + /* NOTREACHED */ + } } - } - while (outgoing_stream.avail_out == 0); + while (outgoing_stream.avail_out == 0); } -/* Uncompresses the contents of input_buffer into output_buffer. All - packets uncompressed using this function will form a single - compressed data stream; however, data will be flushed at the end of - every call so that each output_buffer. This must be called for the - same size units that the buffer_compress was called, and in the - same order that buffers compressed with that. This appends the - uncompressed data to the output buffer. */ +/* + * Uncompresses the contents of input_buffer into output_buffer. All packets + * uncompressed using this function will form a single compressed data + * stream; however, data will be flushed at the end of every call so that + * each output_buffer. This must be called for the same size units that the + * buffer_compress was called, and in the same order that buffers compressed + * with that. This appends the uncompressed data to the output buffer. + */ -void buffer_uncompress(Buffer *input_buffer, Buffer *output_buffer) +void +buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer) { - char buf[4096]; - int status; + char buf[4096]; + int status; - incoming_stream.next_in = buffer_ptr(input_buffer); - incoming_stream.avail_in = buffer_len(input_buffer); + incoming_stream.next_in = buffer_ptr(input_buffer); + incoming_stream.avail_in = buffer_len(input_buffer); - incoming_stream.next_out = buf; - incoming_stream.avail_out = sizeof(buf); + incoming_stream.next_out = buf; + incoming_stream.avail_out = sizeof(buf); - for (;;) - { - status = inflate(&incoming_stream, Z_PARTIAL_FLUSH); - switch (status) - { - case Z_OK: - buffer_append(output_buffer, buf, - sizeof(buf) - incoming_stream.avail_out); - incoming_stream.next_out = buf; - incoming_stream.avail_out = sizeof(buf); - break; - case Z_STREAM_END: - fatal("buffer_uncompress: inflate returned Z_STREAM_END"); - /*NOTREACHED*/ - case Z_DATA_ERROR: - fatal("buffer_uncompress: inflate returned Z_DATA_ERROR"); - /*NOTREACHED*/ - case Z_STREAM_ERROR: - fatal("buffer_uncompress: inflate returned Z_STREAM_ERROR"); - /*NOTREACHED*/ - case Z_BUF_ERROR: - /* Comments in zlib.h say that we should keep calling inflate() - until we get an error. This appears to be the error that we - get. */ - return; - case Z_MEM_ERROR: - fatal("buffer_uncompress: inflate returned Z_MEM_ERROR"); - /*NOTREACHED*/ - default: - fatal("buffer_uncompress: inflate returned %d", status); + for (;;) { + status = inflate(&incoming_stream, Z_PARTIAL_FLUSH); + switch (status) { + case Z_OK: + buffer_append(output_buffer, buf, + sizeof(buf) - incoming_stream.avail_out); + incoming_stream.next_out = buf; + incoming_stream.avail_out = sizeof(buf); + break; + case Z_STREAM_END: + fatal("buffer_uncompress: inflate returned Z_STREAM_END"); + /* NOTREACHED */ + case Z_DATA_ERROR: + fatal("buffer_uncompress: inflate returned Z_DATA_ERROR"); + /* NOTREACHED */ + case Z_STREAM_ERROR: + fatal("buffer_uncompress: inflate returned Z_STREAM_ERROR"); + /* NOTREACHED */ + case Z_BUF_ERROR: + /* + * Comments in zlib.h say that we should keep calling + * inflate() until we get an error. This appears to + * be the error that we get. + */ + return; + case Z_MEM_ERROR: + fatal("buffer_uncompress: inflate returned Z_MEM_ERROR"); + /* NOTREACHED */ + default: + fatal("buffer_uncompress: inflate returned %d", status); + } } - } } - Index: usr.bin/ssh/compress.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/compress.h,v retrieving revision 1.1 retrieving revision 1.3 diff -u -r1.1 -r1.3 --- usr.bin/ssh/compress.h 1999/09/26 20:53:34 1.1 +++ usr.bin/ssh/compress.h 1999/11/24 19:53:46 1.3 @@ -1,46 +1,50 @@ /* + * + * compress.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Wed Oct 25 22:12:46 1995 ylo + * + * Interface to packet compression for ssh. + * + */ -compress.h +/* RCSID("$Id: compress.h,v 1.3 1999/11/24 19:53:46 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Oct 25 22:12:46 1995 ylo - -Interface to packet compression for ssh. - -*/ - -/* RCSID("$Id: compress.h,v 1.1 1999/09/26 20:53:34 deraadt Exp $"); */ - #ifndef COMPRESS_H #define COMPRESS_H -/* Initializes compression; level is compression level from 1 to 9 (as in - gzip). */ -void buffer_compress_init(int level); +/* + * Initializes compression; level is compression level from 1 to 9 (as in + * gzip). + */ +void buffer_compress_init(int level); /* Frees any data structures allocated by buffer_compress_init. */ -void buffer_compress_uninit(); +void buffer_compress_uninit(); -/* Compresses the contents of input_buffer into output_buffer. All - packets compressed using this function will form a single - compressed data stream; however, data will be flushed at the end of - every call so that each output_buffer can be decompressed - independently (but in the appropriate order since they together - form a single compression stream) by the receiver. This appends - the compressed data to the output buffer. */ -void buffer_compress(Buffer *input_buffer, Buffer *output_buffer); - -/* Uncompresses the contents of input_buffer into output_buffer. All - packets uncompressed using this function will form a single - compressed data stream; however, data will be flushed at the end of - every call so that each output_buffer. This must be called for the - same size units that the buffer_compress was called, and in the - same order that buffers compressed with that. This appends the - uncompressed data to the output buffer. */ -void buffer_uncompress(Buffer *input_buffer, Buffer *output_buffer); +/* + * Compresses the contents of input_buffer into output_buffer. All packets + * compressed using this function will form a single compressed data stream; + * however, data will be flushed at the end of every call so that each + * output_buffer can be decompressed independently (but in the appropriate + * order since they together form a single compression stream) by the + * receiver. This appends the compressed data to the output buffer. + */ +void buffer_compress(Buffer * input_buffer, Buffer * output_buffer); + +/* + * Uncompresses the contents of input_buffer into output_buffer. All packets + * uncompressed using this function will form a single compressed data + * stream; however, data will be flushed at the end of every call so that + * each output_buffer. This must be called for the same size units that the + * buffer_compress was called, and in the same order that buffers compressed + * with that. This appends the uncompressed data to the output buffer. + */ +void buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer); -#endif /* COMPRESS_H */ +#endif /* COMPRESS_H */ Index: usr.bin/ssh/config.cache =================================================================== RCS file: config.cache diff -N config.cache --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsGAUvD31367 Wed Dec 8 12:42:05 1999 @@ -0,0 +1,102 @@ +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs. It is not useful on other systems. +# If it contains results you don't want to keep, you may remove or edit it. +# +# By default, configure uses ./config.cache as the cache file, +# creating it if it does not exist already. You can give configure +# the --cache-file=FILE option to use a different cache file; that is +# what configure does when it calls configure scripts in +# subdirectories, so they share the cache. +# Giving --cache-file=/dev/null disables caching, for debugging configure. +# config.status only pays attention to the cache file if you give it the +# --recheck option to rerun configure. +# +ac_cv_c_bigendian=${ac_cv_c_bigendian=no} +ac_cv_c_const=${ac_cv_c_const=yes} +ac_cv_c_inline=${ac_cv_c_inline=inline} +ac_cv_func__getpty=${ac_cv_func__getpty=no} +ac_cv_func_clock=${ac_cv_func_clock=yes} +ac_cv_func_fchmod=${ac_cv_func_fchmod=yes} +ac_cv_func_getdtablesize=${ac_cv_func_getdtablesize=yes} +ac_cv_func_gethostname=${ac_cv_func_gethostname=yes} +ac_cv_func_getrusage=${ac_cv_func_getrusage=yes} +ac_cv_func_gettimeofday=${ac_cv_func_gettimeofday=yes} +ac_cv_func_initgroups=${ac_cv_func_initgroups=yes} +ac_cv_func_innetgr=${ac_cv_func_innetgr=yes} +ac_cv_func_memcpy=${ac_cv_func_memcpy=yes} +ac_cv_func_memmove=${ac_cv_func_memmove=yes} +ac_cv_func_openpty=${ac_cv_func_openpty=no} +ac_cv_func_popen=${ac_cv_func_popen=yes} +ac_cv_func_putenv=${ac_cv_func_putenv=yes} +ac_cv_func_random=${ac_cv_func_random=yes} +ac_cv_func_remove=${ac_cv_func_remove=yes} +ac_cv_func_seteuid=${ac_cv_func_seteuid=yes} +ac_cv_func_setlogin=${ac_cv_func_setlogin=yes} +ac_cv_func_setluid=${ac_cv_func_setluid=no} +ac_cv_func_setrlimit=${ac_cv_func_setrlimit=yes} +ac_cv_func_setsid=${ac_cv_func_setsid=yes} +ac_cv_func_socketpair=${ac_cv_func_socketpair=yes} +ac_cv_func_strchr=${ac_cv_func_strchr=yes} +ac_cv_func_strerror=${ac_cv_func_strerror=yes} +ac_cv_func_times=${ac_cv_func_times=yes} +ac_cv_func_ulimit=${ac_cv_func_ulimit=no} +ac_cv_func_umask=${ac_cv_func_umask=yes} +ac_cv_func_vhangup=${ac_cv_func_vhangup=no} +ac_cv_func_vsnprintf=${ac_cv_func_vsnprintf=yes} +ac_cv_header_dirent_dirent_h=${ac_cv_header_dirent_dirent_h=yes} +ac_cv_header_gmp_h=${ac_cv_header_gmp_h=yes} +ac_cv_header_krb_h=${ac_cv_header_krb_h=no} +ac_cv_header_lastlog_h=${ac_cv_header_lastlog_h=no} +ac_cv_header_netinet_in_systm_h=${ac_cv_header_netinet_in_systm_h=yes} +ac_cv_header_paths_h=${ac_cv_header_paths_h=yes} +ac_cv_header_rusage_h=${ac_cv_header_rusage_h=no} +ac_cv_header_sgtty_h=${ac_cv_header_sgtty_h=yes} +ac_cv_header_stat_broken=${ac_cv_header_stat_broken=no} +ac_cv_header_stdc=${ac_cv_header_stdc=yes} +ac_cv_header_sys_filio_h=${ac_cv_header_sys_filio_h=yes} +ac_cv_header_sys_ioctl_h=${ac_cv_header_sys_ioctl_h=yes} +ac_cv_header_sys_select_h=${ac_cv_header_sys_select_h=yes} +ac_cv_header_sys_time_h=${ac_cv_header_sys_time_h=yes} +ac_cv_header_sys_wait_h=${ac_cv_header_sys_wait_h=yes} +ac_cv_header_termios_h=${ac_cv_header_termios_h=yes} +ac_cv_header_time=${ac_cv_header_time=yes} +ac_cv_header_ulimit_h=${ac_cv_header_ulimit_h=no} +ac_cv_header_unistd_h=${ac_cv_header_unistd_h=yes} +ac_cv_header_usersec_h=${ac_cv_header_usersec_h=no} +ac_cv_header_utime_h=${ac_cv_header_utime_h=yes} +ac_cv_header_utmp_h=${ac_cv_header_utmp_h=yes} +ac_cv_header_utmpx_h=${ac_cv_header_utmpx_h=no} +ac_cv_header_zlib_h=${ac_cv_header_zlib_h=yes} +ac_cv_lib_c_crypt=${ac_cv_lib_c_crypt=yes} +ac_cv_lib_des_main=${ac_cv_lib_des_main=yes} +ac_cv_lib_dir_opendir=${ac_cv_lib_dir_opendir=no} +ac_cv_lib_gmp_main=${ac_cv_lib_gmp_main=yes} +ac_cv_lib_krb_main=${ac_cv_lib_krb_main=yes} +ac_cv_lib_nsl_main=${ac_cv_lib_nsl_main=no} +ac_cv_lib_socket_socket=${ac_cv_lib_socket_socket=no} +ac_cv_lib_sun_getpwnam=${ac_cv_lib_sun_getpwnam=no} +ac_cv_lib_util_login=${ac_cv_lib_util_login=yes} +ac_cv_lib_z_main=${ac_cv_lib_z_main=yes} +ac_cv_path_RSH_PATH=${ac_cv_path_RSH_PATH=/usr/bin/rsh} +ac_cv_path_WISH=${ac_cv_path_WISH=/usr/bin/true} +ac_cv_path_XAUTH_PATH=${ac_cv_path_XAUTH_PATH=/usr/X11R6/bin/xauth} +ac_cv_path_install=${ac_cv_path_install='/usr/bin/install -c'} +ac_cv_prog_CC=${ac_cv_prog_CC=gcc} +ac_cv_prog_CPP=${ac_cv_prog_CPP='gcc -E'} +ac_cv_prog_LN_S=${ac_cv_prog_LN_S='ln -s'} +ac_cv_prog_MAKEDEP=${ac_cv_prog_MAKEDEP=makedepend} +ac_cv_prog_RANLIB=${ac_cv_prog_RANLIB=ranlib} +ac_cv_prog_cc_cross=${ac_cv_prog_cc_cross=no} +ac_cv_prog_cc_g=${ac_cv_prog_cc_g=yes} +ac_cv_prog_cc_works=${ac_cv_prog_cc_works=yes} +ac_cv_prog_gcc=${ac_cv_prog_gcc=yes} +ac_cv_sizeof_int=${ac_cv_sizeof_int=4} +ac_cv_sizeof_long=${ac_cv_sizeof_long=4} +ac_cv_sizeof_short=${ac_cv_sizeof_short=2} +ac_cv_struct_st_blksize=${ac_cv_struct_st_blksize=yes} +ac_cv_type_mode_t=${ac_cv_type_mode_t=yes} +ac_cv_type_off_t=${ac_cv_type_off_t=yes} +ac_cv_type_signal=${ac_cv_type_signal=void} +ac_cv_type_size_t=${ac_cv_type_size_t=yes} +ac_cv_type_uid_t=${ac_cv_type_uid_t=yes} Index: usr.bin/ssh/config.guess =================================================================== RCS file: config.guess diff -N config.guess --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsYZlPR31367 Wed Dec 8 12:42:05 1999 @@ -0,0 +1,1012 @@ +#! /bin/sh +# Attempt to guess a canonical system name. +# Copyright (C) 1992, 93, 94, 95, 96, 97, 1998, 1999 Free Software Foundation, Inc. +# +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# Written by Per Bothner . +# The master version of this file is at the FSF in /home/gd/gnu/lib. +# +# This script attempts to guess a canonical system name similar to +# config.sub. If it succeeds, it prints the system name on stdout, and +# exits with 0. Otherwise, it exits with 1. +# +# The plan is that this can be called by configure scripts if you +# don't specify an explicit system type (host/target name). +# +# Only a few systems have been added to this list; please add others +# (but try to keep the structure clean). +# + +# This is needed to find uname on a Pyramid OSx when run in the BSD universe. +# (ghazi@noc.rutgers.edu 8/24/94.) +if (test -f /.attbin/uname) >/dev/null 2>&1 ; then + PATH=$PATH:/.attbin ; export PATH +fi + +UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown +UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown + +trap 'rm -f dummy.c dummy.o dummy; exit 1' 1 2 15 + +# Note: order is significant - the case branches are not exclusive. + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in + alpha:OSF1:*:*) + if test $UNAME_RELEASE = "V4.0"; then + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` + fi + # A Vn.n version is a released version. + # A Tn.n version is a released field test version. + # A Xn.n version is an unreleased experimental baselevel. + # 1.2 uses "1.2" for uname -r. + cat <dummy.s + .globl main + .ent main +main: + .frame \$30,0,\$26,0 + .prologue 0 + .long 0x47e03d80 # implver $0 + lda \$2,259 + .long 0x47e20c21 # amask $2,$1 + srl \$1,8,\$2 + sll \$2,2,\$2 + sll \$0,3,\$0 + addl \$1,\$0,\$0 + addl \$2,\$0,\$0 + ret \$31,(\$26),1 + .end main +EOF + ${CC-cc} dummy.s -o dummy 2>/dev/null + if test "$?" = 0 ; then + ./dummy + case "$?" in + 7) + UNAME_MACHINE="alpha" + ;; + 15) + UNAME_MACHINE="alphaev5" + ;; + 14) + UNAME_MACHINE="alphaev56" + ;; + 10) + UNAME_MACHINE="alphapca56" + ;; + 16) + UNAME_MACHINE="alphaev6" + ;; + esac + fi + rm -f dummy.s dummy + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + exit 0 ;; + Alpha\ *:Windows_NT*:*) + # How do we know it's Interix rather than generic posix subsystem? + # Should we change UNAME_MACHINE based on the output of uname + # instead of the specific alpha model. + echo alpha-pc-interix + exit 0;; + 21064:Windows_NT:50:3) + echo alpha-dec-winnt3.5 + exit 0 ;; + Amiga*:UNIX_System_V:4.0:*) + echo m68k-cbm-sysv4 + exit 0;; + amiga:NetBSD:*:*) + echo m68k-cbm-netbsd${UNAME_RELEASE} + exit 0 ;; + amiga:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + *:[Aa]miga[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-amigaos + exit 0 ;; + arc64:OpenBSD:*:*) + echo mips64el-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + arc:OpenBSD:*:*) + echo mipsel-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + hkmips:OpenBSD:*:*) + echo mips-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + pmax:OpenBSD:*:*) + echo mipsel-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + sgi:OpenBSD:*:*) + echo mips-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + wgrisc:OpenBSD:*:*) + echo mipsel-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) + echo arm-acorn-riscix${UNAME_RELEASE} + exit 0;; + arm32:NetBSD:*:*) + echo arm-unknown-netbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + exit 0 ;; + SR2?01:HI-UX/MPP:*:*) + echo hppa1.1-hitachi-hiuxmpp + exit 0;; + Pyramid*:OSx*:*:*|MIS*:OSx*:*:*) + # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. + if test "`(/bin/universe) 2>/dev/null`" = att ; then + echo pyramid-pyramid-sysv3 + else + echo pyramid-pyramid-bsd + fi + exit 0 ;; + NILE:*:*:dcosx) + echo pyramid-pyramid-svr4 + exit 0 ;; + sun4H:SunOS:5.*:*) + echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) + echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + i86pc:SunOS:5.*:*) + echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + sun4*:SunOS:6*:*) + # According to config.sub, this is the proper way to canonicalize + # SunOS6. Hard to guess exactly what SunOS6 will be like, but + # it's likely to be more like Solaris than SunOS4. + echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + sun4*:SunOS:*:*) + case "`/usr/bin/arch -k`" in + Series*|S4*) + UNAME_RELEASE=`uname -v` + ;; + esac + # Japanese Language versions have a version number like `4.1.3-JL'. + echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` + exit 0 ;; + sun3*:SunOS:*:*) + echo m68k-sun-sunos${UNAME_RELEASE} + exit 0 ;; + sun*:*:4.2BSD:*) + UNAME_RELEASE=`(head -1 /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 + case "`/bin/arch`" in + sun3) + echo m68k-sun-sunos${UNAME_RELEASE} + ;; + sun4) + echo sparc-sun-sunos${UNAME_RELEASE} + ;; + esac + exit 0 ;; + aushp:SunOS:*:*) + echo sparc-auspex-sunos${UNAME_RELEASE} + exit 0 ;; + atari*:NetBSD:*:*) + echo m68k-atari-netbsd${UNAME_RELEASE} + exit 0 ;; + atari*:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + sun3*:NetBSD:*:*) + echo m68k-sun-netbsd${UNAME_RELEASE} + exit 0 ;; + sun3*:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + mac68k:NetBSD:*:*) + echo m68k-apple-netbsd${UNAME_RELEASE} + exit 0 ;; + mac68k:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + mvme68k:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + mvme88k:OpenBSD:*:*) + echo m88k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + powerpc:machten:*:*) + echo powerpc-apple-machten${UNAME_RELEASE} + exit 0 ;; + RISC*:Mach:*:*) + echo mips-dec-mach_bsd4.3 + exit 0 ;; + RISC*:ULTRIX:*:*) + echo mips-dec-ultrix${UNAME_RELEASE} + exit 0 ;; + VAX*:ULTRIX*:*:*) + echo vax-dec-ultrix${UNAME_RELEASE} + exit 0 ;; + 2020:CLIX:*:*) + echo clipper-intergraph-clix${UNAME_RELEASE} + exit 0 ;; + mips:*:*:UMIPS | mips:*:*:RISCos) + sed 's/^ //' << EOF >dummy.c + int main (argc, argv) int argc; char **argv; { + #if defined (host_mips) && defined (MIPSEB) + #if defined (SYSTYPE_SYSV) + printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_SVR4) + printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) + printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); + #endif + #endif + exit (-1); + } +EOF + ${CC-cc} dummy.c -o dummy \ + && ./dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \ + && rm dummy.c dummy && exit 0 + rm -f dummy.c dummy + echo mips-mips-riscos${UNAME_RELEASE} + exit 0 ;; + Night_Hawk:Power_UNIX:*:*) + echo powerpc-harris-powerunix + exit 0 ;; + m88k:CX/UX:7*:*) + echo m88k-harris-cxux7 + exit 0 ;; + m88k:*:4*:R4*) + echo m88k-motorola-sysv4 + exit 0 ;; + m88k:*:3*:R3*) + echo m88k-motorola-sysv3 + exit 0 ;; + AViiON:dgux:*:*) + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` + if [ $UNAME_PROCESSOR = mc88100 -o $UNAME_PROCESSOR = mc88110 ] ; then + if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx \ + -o ${TARGET_BINARY_INTERFACE}x = x ] ; then + echo m88k-dg-dgux${UNAME_RELEASE} + else + echo m88k-dg-dguxbcs${UNAME_RELEASE} + fi + else echo i586-dg-dgux${UNAME_RELEASE} + fi + exit 0 ;; + M88*:DolphinOS:*:*) # DolphinOS (SVR3) + echo m88k-dolphin-sysv3 + exit 0 ;; + M88*:*:R3*:*) + # Delta 88k system running SVR3 + echo m88k-motorola-sysv3 + exit 0 ;; + XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) + echo m88k-tektronix-sysv3 + exit 0 ;; + Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) + echo m68k-tektronix-bsd + exit 0 ;; + *:IRIX*:*:*) + echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` + exit 0 ;; + ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + i?86:AIX:*:*) + echo i386-ibm-aix + exit 0 ;; + *:AIX:2:3) + if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then + sed 's/^ //' << EOF >dummy.c + #include + + main() + { + if (!__power_pc()) + exit(1); + puts("powerpc-ibm-aix3.2.5"); + exit(0); + } +EOF + ${CC-cc} dummy.c -o dummy && ./dummy && rm dummy.c dummy && exit 0 + rm -f dummy.c dummy + echo rs6000-ibm-aix3.2.5 + elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then + echo rs6000-ibm-aix3.2.4 + else + echo rs6000-ibm-aix3.2 + fi + exit 0 ;; + *:AIX:*:4) + if /usr/sbin/lsattr -EHl proc0 | grep POWER >/dev/null 2>&1; then + IBM_ARCH=rs6000 + else + IBM_ARCH=powerpc + fi + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=4.${UNAME_RELEASE} + fi + echo ${IBM_ARCH}-ibm-aix${IBM_REV} + exit 0 ;; + *:AIX:*:*) + echo rs6000-ibm-aix + exit 0 ;; + ibmrt:4.4BSD:*|romp-ibm:BSD:*) + echo romp-ibm-bsd4.4 + exit 0 ;; + ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC NetBSD and + echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to + exit 0 ;; # report: romp-ibm BSD 4.3 + *:BOSX:*:*) + echo rs6000-bull-bosx + exit 0 ;; + DPX/2?00:B.O.S.:*:*) + echo m68k-bull-sysv3 + exit 0 ;; + 9000/[34]??:4.3bsd:1.*:*) + echo m68k-hp-bsd + exit 0 ;; + hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) + echo m68k-hp-bsd4.4 + exit 0 ;; + *9??*:MPE/iX:*:*) + echo hppa1.0-hp-mpeix + exit 0 ;; + 9000/[34678]??:HP-UX:*:*) + case "${UNAME_MACHINE}" in + 9000/31? ) HP_ARCH=m68000 ;; + 9000/[34]?? ) HP_ARCH=m68k ;; + 9000/[678][0-9][0-9] ) + + sed 's/^ //' << EOF >dummy.c + #include + #include + + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); + + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } +EOF + (${CC-cc} dummy.c -o dummy 2>/dev/null ) && HP_ARCH=`./dummy` + rm -f dummy.c dummy + esac + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + echo ${HP_ARCH}-hp-hpux${HPUX_REV} + exit 0 ;; + 3050*:HI-UX:*:*) + sed 's/^ //' << EOF >dummy.c + #include + int + main () + { + long cpu = sysconf (_SC_CPU_VERSION); + /* The order matters, because CPU_IS_HP_MC68K erroneously returns + true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct + results, however. */ + if (CPU_IS_PA_RISC (cpu)) + { + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; + case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; + default: puts ("hppa-hitachi-hiuxwe2"); break; + } + } + else if (CPU_IS_HP_MC68K (cpu)) + puts ("m68k-hitachi-hiuxwe2"); + else puts ("unknown-hitachi-hiuxwe2"); + exit (0); + } +EOF + ${CC-cc} dummy.c -o dummy && ./dummy && rm dummy.c dummy && exit 0 + rm -f dummy.c dummy + echo unknown-hitachi-hiuxwe2 + exit 0 ;; + 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) + echo hppa1.1-hp-bsd + exit 0 ;; + 9000/8??:4.3bsd:*:*) + echo hppa1.0-hp-bsd + exit 0 ;; + hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) + echo hppa1.1-hp-osf + exit 0 ;; + hp8??:OSF1:*:*) + echo hppa1.0-hp-osf + exit 0 ;; + i?86:OSF1:*:*) + if [ -x /usr/sbin/sysversion ] ; then + echo ${UNAME_MACHINE}-unknown-osf1mk + else + echo ${UNAME_MACHINE}-unknown-osf1 + fi + exit 0 ;; + parisc*:Lites*:*:*) + echo hppa1.1-hp-lites + exit 0 ;; + hppa*:OpenBSD:*:*) + echo hppa-unknown-openbsd + exit 0 ;; + C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) + echo c1-convex-bsd + exit 0 ;; + C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit 0 ;; + C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) + echo c34-convex-bsd + exit 0 ;; + C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) + echo c38-convex-bsd + exit 0 ;; + C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) + echo c4-convex-bsd + exit 0 ;; + CRAY*X-MP:*:*:*) + echo xmp-cray-unicos + exit 0 ;; + CRAY*Y-MP:*:*:*) + echo ymp-cray-unicos${UNAME_RELEASE} + exit 0 ;; + CRAY*[A-Z]90:*:*:*) + echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ + | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ + -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ + exit 0 ;; + CRAY*TS:*:*:*) + echo t90-cray-unicos${UNAME_RELEASE} + exit 0 ;; + CRAY-2:*:*:*) + echo cray2-cray-unicos + exit 0 ;; + F300:UNIX_System_V:*:*) + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "f300-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit 0 ;; + F301:UNIX_System_V:*:*) + echo f301-fujitsu-uxpv`echo $UNAME_RELEASE | sed 's/ .*//'` + exit 0 ;; + hp3[0-9][05]:NetBSD:*:*) + echo m68k-hp-netbsd${UNAME_RELEASE} + exit 0 ;; + hp300:OpenBSD:*:*) + echo m68k-unknown-openbsd${UNAME_RELEASE} + exit 0 ;; + i?86:BSD/386:*:* | *:BSD/OS:*:*) + echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} + exit 0 ;; + *:FreeBSD:*:*) + if test -x /usr/bin/objformat -a "elf" = "`/usr/bin/objformat`"; then + echo ${UNAME_MACHINE}-unknown-freebsdelf + else + echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*//'` + fi + exit 0 ;; + *:NetBSD:*:*) + echo ${UNAME_MACHINE}-unknown-netbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + exit 0 ;; + *:OpenBSD:*:*) + echo ${UNAME_MACHINE}-unknown-openbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + exit 0 ;; + i*:CYGWIN*:*) + echo ${UNAME_MACHINE}-pc-cygwin32 + exit 0 ;; + i*:MINGW*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit 0 ;; + i*:Windows_NT*:* | Pentium*:Windows_NT*:*) + # How do we know it's Interix rather than generic posix subsystem? + # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we + # change UNAME_MACHINE based on the output of uname instead of + # i386? + echo i386-pc-interix + exit 0 ;; + i*:UWIN*:*) + echo ${UNAME_MACHINE}-pc-uwin + exit 0 ;; + p*:CYGWIN*:*) + echo powerpcle-unknown-cygwin32 + exit 0 ;; + prep*:SunOS:5.*:*) + echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit 0 ;; + *:GNU:*:*) + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + exit 0 ;; + *:Linux:*:*) + # uname on the ARM produces all sorts of strangeness, and we need to + # filter it out. + case "$UNAME_MACHINE" in + armv*) UNAME_MACHINE=$UNAME_MACHINE ;; + arm* | sa110*) UNAME_MACHINE="arm" ;; + esac + + # The BFD linker knows what the default object file format is, so + # first see if it will tell us. + ld_help_string=`ld --help 2>&1` + ld_supported_emulations=`echo $ld_help_string \ + | sed -ne '/supported emulations:/!d + s/[ ][ ]*/ /g + s/.*supported emulations: *// + s/ .*// + p'` + case "$ld_supported_emulations" in + i?86linux) echo "${UNAME_MACHINE}-pc-linux-gnuaout" ; exit 0 ;; + i?86coff) echo "${UNAME_MACHINE}-pc-linux-gnucoff" ; exit 0 ;; + sparclinux) echo "${UNAME_MACHINE}-unknown-linux-gnuaout" ; exit 0 ;; + armlinux) echo "${UNAME_MACHINE}-unknown-linux-gnuaout" ; exit 0 ;; + m68klinux) echo "${UNAME_MACHINE}-unknown-linux-gnuaout" ; exit 0 ;; + elf32ppc | elf32ppclinux) + # Determine Lib Version + cat >dummy.c < +#if defined(__GLIBC__) +extern char __libc_version[]; +extern char __libc_release[]; +#endif +main(argc, argv) + int argc; + char *argv[]; +{ +#if defined(__GLIBC__) + printf("%s %s\n", __libc_version, __libc_release); +#else + printf("unkown\n"); +#endif + return 0; +} +EOF + LIBC="" + ${CC-cc} dummy.c -o dummy 2>/dev/null + if test "$?" = 0 ; then + ./dummy | grep 1\.99 > /dev/null + if test "$?" = 0 ; then + LIBC="libc1" + fi + fi + rm -f dummy.c dummy + echo powerpc-unknown-linux-gnu${LIBC} ; exit 0 ;; + esac + + if test "${UNAME_MACHINE}" = "alpha" ; then + sed 's/^ //' <dummy.s + .globl main + .ent main + main: + .frame \$30,0,\$26,0 + .prologue 0 + .long 0x47e03d80 # implver $0 + lda \$2,259 + .long 0x47e20c21 # amask $2,$1 + srl \$1,8,\$2 + sll \$2,2,\$2 + sll \$0,3,\$0 + addl \$1,\$0,\$0 + addl \$2,\$0,\$0 + ret \$31,(\$26),1 + .end main +EOF + LIBC="" + ${CC-cc} dummy.s -o dummy 2>/dev/null + if test "$?" = 0 ; then + ./dummy + case "$?" in + 7) + UNAME_MACHINE="alpha" + ;; + 15) + UNAME_MACHINE="alphaev5" + ;; + 14) + UNAME_MACHINE="alphaev56" + ;; + 10) + UNAME_MACHINE="alphapca56" + ;; + 16) + UNAME_MACHINE="alphaev6" + ;; + esac + + objdump --private-headers dummy | \ + grep ld.so.1 > /dev/null + if test "$?" = 0 ; then + LIBC="libc1" + fi + fi + rm -f dummy.s dummy + echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} ; exit 0 + elif test "${UNAME_MACHINE}" = "mips" ; then + cat >dummy.c </dev/null && ./dummy "${UNAME_MACHINE}" && rm dummy.c dummy && exit 0 + rm -f dummy.c dummy + else + # Either a pre-BFD a.out linker (linux-gnuoldld) + # or one that does not give us useful --help. + # GCC wants to distinguish between linux-gnuoldld and linux-gnuaout. + # If ld does not provide *any* "supported emulations:" + # that means it is gnuoldld. + echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations:" + test $? != 0 && echo "${UNAME_MACHINE}-pc-linux-gnuoldld" && exit 0 + + case "${UNAME_MACHINE}" in + i?86) + VENDOR=pc; + ;; + *) + VENDOR=unknown; + ;; + esac + # Determine whether the default compiler is a.out or elf + cat >dummy.c < +main(argc, argv) + int argc; + char *argv[]; +{ +#ifdef __ELF__ +# ifdef __GLIBC__ +# if __GLIBC__ >= 2 + printf ("%s-${VENDOR}-linux-gnu\n", argv[1]); +# else + printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]); +# endif +# else + printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]); +# endif +#else + printf ("%s-${VENDOR}-linux-gnuaout\n", argv[1]); +#endif + return 0; +} +EOF + ${CC-cc} dummy.c -o dummy 2>/dev/null && ./dummy "${UNAME_MACHINE}" && rm dummy.c dummy && exit 0 + rm -f dummy.c dummy + fi ;; +# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. earlier versions +# are messed up and put the nodename in both sysname and nodename. + i?86:DYNIX/ptx:4*:*) + echo i386-sequent-sysv4 + exit 0 ;; + i?86:UNIX_SV:4.2MP:2.*) + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, + # I just have to hope. -- rms. + # Use sysv4.2uw... so that sysv4* matches it. + echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} + exit 0 ;; + i?86:*:4.*:* | i?86:SYSTEM_V:4.*:*) + if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then + echo ${UNAME_MACHINE}-univel-sysv${UNAME_RELEASE} + else + echo ${UNAME_MACHINE}-pc-sysv${UNAME_RELEASE} + fi + exit 0 ;; + i?86:*:5:7*) + UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')` + (/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \ + && UNAME_MACHINE=i586 +# 5.0.4c returns "Pent II". 5.0.5 returns PentII + (/bin/uname -X|egrep '^Machine.*Pent.*II' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|egrep '^Machine.*Pentium Pro' >/dev/null) \ + && UNAME_MACHINE=i686 + echo ${UNAME_MACHINE}-${UNAME_SYSTEM}${UNAME_VERSION}-sysv${UNAME_RELEASE} + exit 0 ;; + i?86:*:3.2:*) + if test -f /usr/options/cb.name; then + UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then + UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')` + (/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \ + && UNAME_MACHINE=i586 + (/bin/uname -X|egrep '^Machine.*PentII' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|egrep '^Machine.*Pent II' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|egrep '^Machine.*Pentium Pro' >/dev/null) \ + && UNAME_MACHINE=i686 + echo ${UNAME_MACHINE}-pc-sco$UNAME_REL + else + echo ${UNAME_MACHINE}-pc-sysv32 + fi + exit 0 ;; + pc:*:*:*) + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i386. + echo i386-pc-msdosdjgpp + exit 0 ;; + Intel:Mach:3*:*) + echo i386-pc-mach3 + exit 0 ;; + paragon:*:*:*) + echo i860-intel-osf1 + exit 0 ;; + i860:*:4.*:*) # i860-SVR4 + if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then + echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 + else # Add other i860-SVR4 vendors below as they are discovered. + echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 + fi + exit 0 ;; + mini*:CTIX:SYS*5:*) + # "miniframe" + echo m68010-convergent-sysv + exit 0 ;; + M68*:*:R3V[567]*:*) + test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;; + 3[34]??:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 4850:*:4.0:3.0) + OS_REL='' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && echo i486-ncr-sysv4.3${OS_REL} && exit 0 + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; + 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && echo i486-ncr-sysv4 && exit 0 ;; + m68*:LynxOS:2.*:*) + echo m68k-unknown-lynxos${UNAME_RELEASE} + exit 0 ;; + mc68030:UNIX_System_V:4.*:*) + echo m68k-atari-sysv4 + exit 0 ;; + i?86:LynxOS:2.*:*) + echo i386-unknown-lynxos${UNAME_RELEASE} + exit 0 ;; + TSUNAMI:LynxOS:2.*:*) + echo sparc-unknown-lynxos${UNAME_RELEASE} + exit 0 ;; + rs6000:LynxOS:2.*:* | PowerPC:LynxOS:2.*:*) + echo rs6000-unknown-lynxos${UNAME_RELEASE} + exit 0 ;; + SM[BE]S:UNIX_SV:*:*) + echo mips-dde-sysv${UNAME_RELEASE} + exit 0 ;; + RM*:SINIX-*:*:*) + echo mips-sni-sysv4 + exit 0 ;; + *:SINIX-*:*:*) + if uname -p 2>/dev/null >/dev/null ; then + UNAME_MACHINE=`(uname -p) 2>/dev/null` + echo ${UNAME_MACHINE}-sni-sysv4 + else + echo ns32k-sni-sysv + fi + exit 0 ;; + PENTIUM:CPunix:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit 0 ;; + *:UNIX_System_V:4*:FTX*) + # From Gerald Hewes . + # How about differentiating between stratus architectures? -djm + echo hppa1.1-stratus-sysv4 + exit 0 ;; + *:*:*:FTX*) + # From seanf@swdc.stratus.com. + echo i860-stratus-sysv4 + exit 0 ;; + mc68*:A/UX:*:*) + echo m68k-apple-aux${UNAME_RELEASE} + exit 0 ;; + news*:NEWS-OS:*:6*) + echo mips-sony-newsos6 + exit 0 ;; + R3000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R4000:UNIX_SV:*:*) + if [ -d /usr/nec ]; then + echo mips-nec-sysv${UNAME_RELEASE} + else + echo mips-unknown-sysv${UNAME_RELEASE} + fi + exit 0 ;; + BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. + echo powerpc-be-beos + exit 0 ;; + BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. + echo powerpc-apple-beos + exit 0 ;; + BePC:BeOS:*:*) # BeOS running on Intel PC compatible. + echo i586-pc-beos + exit 0 ;; +esac + +#echo '(No uname command or uname output not recognized.)' 1>&2 +#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 + +cat >dummy.c < +# include +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (__arm) && defined (__acorn) && defined (__unix) + printf ("arm-acorn-riscix"); exit (0); +#endif + +#if defined (hp300) && !defined (hpux) + printf ("m68k-hp-bsd\n"); exit (0); +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); + +#endif + +#if defined (vax) +#if !defined (ultrix) + printf ("vax-dec-bsd\n"); exit (0); +#else + printf ("vax-dec-ultrix\n"); exit (0); +#endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +${CC-cc} dummy.c -o dummy 2>/dev/null && ./dummy && rm dummy.c dummy && exit 0 +rm -f dummy.c dummy + +# Apollos put the system type in the environment. + +test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; } + +# Convex versions that predate uname can use getsysinfo(1) + +if [ -x /usr/convex/getsysinfo ] +then + case `getsysinfo -f cpu_type` in + c1*) + echo c1-convex-bsd + exit 0 ;; + c2*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit 0 ;; + c34*) + echo c34-convex-bsd + exit 0 ;; + c38*) + echo c38-convex-bsd + exit 0 ;; + c4*) + echo c4-convex-bsd + exit 0 ;; + esac +fi + +#echo '(Unable to guess system type)' 1>&2 + +exit 1 Index: usr.bin/ssh/config.h =================================================================== RCS file: config.h diff -N config.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsyiyQg31367 Wed Dec 8 12:42:06 1999 @@ -0,0 +1,43 @@ +/* config.h. Generated automatically by configure. */ +/* config.h.in. Generated automatically from configure.in by autoheader. */ +/* + +acconfig.h - template used by autoheader to create config.h.in +config.h.in - used by autoconf to create config.h +config.h - created by autoconf; contains defines generated by autoconf + +Copyright (c) 1995 Tatu Ylonen + +*/ + +#define RCSID(msg) \ +static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } + + +/* Define as the return type of signal handlers (int or void). */ +#define RETSIGTYPE void + +/* Define this to be the path of the xauth program. */ +#define XAUTH_PATH "/usr/X11R6/bin/xauth" + +/* This is defined if we found a lastlog file. The presence of lastlog.h + alone is not a sufficient indicator (at least newer BSD systems have + lastlog but no lastlog.h. */ +#define HAVE_LASTLOG 1 + +/* Define this if libutil.a contains BSD 4.4 compatible login(), logout(), + and logwtmp() calls. */ +#define HAVE_LIBUTIL_LOGIN 1 + +/* Location of system mail spool directory. */ +#define MAIL_SPOOL_DIRECTORY "/var/mail" + +/* Define this to use pipes instead of socketpairs for communicating with the + client program. Socketpairs do not seem to work on all systems. */ +#define USE_PIPES 1 + +/* Define if you have the seteuid function. */ +#define HAVE_SETEUID 1 + +/* Define if you have the setlogin function. */ +#define HAVE_SETLOGIN 1 Index: usr.bin/ssh/config.h.in =================================================================== RCS file: config.h.in diff -N config.h.in --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsMXjGY31367 Wed Dec 8 12:42:06 1999 @@ -0,0 +1,442 @@ +/* config.h.in. Generated automatically from configure.in by autoheader. */ +/* + +acconfig.h - template used by autoheader to create config.h.in +config.h.in - used by autoconf to create config.h +config.h - created by autoconf; contains defines generated by autoconf + +Copyright (c) 1995 Tatu Ylonen + +*/ + +#define RCSID(msg) \ +static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } + + +/* Define to empty if the keyword does not work. */ +#undef const + +/* Define to `int' if doesn't define. */ +#undef gid_t + +/* Define if your struct stat has st_blksize. */ +#undef HAVE_ST_BLKSIZE + +/* Define if you have that is POSIX.1 compatible. */ +#undef HAVE_SYS_WAIT_H + +/* Define as __inline if that's what the C compiler calls it. */ +#undef inline + +/* Define to `int' if doesn't define. */ +#undef mode_t + +/* Define if your C compiler doesn't accept -c and -o together. */ +#undef NO_MINUS_C_MINUS_O + +/* Define if your Fortran 77 compiler doesn't accept -c and -o together. */ +#undef F77_NO_MINUS_C_MINUS_O + +/* Define to `long' if doesn't define. */ +#undef off_t + +/* Define as the return type of signal handlers (int or void). */ +#undef RETSIGTYPE + +/* Define to the type of arg1 for select(). */ +#undef SELECT_TYPE_ARG1 + +/* Define to the type of args 2, 3 and 4 for select(). */ +#undef SELECT_TYPE_ARG234 + +/* Define to the type of arg5 for select(). */ +#undef SELECT_TYPE_ARG5 + +/* Define to `unsigned' if doesn't define. */ +#undef size_t + +/* Define if the `S_IS*' macros in do not work properly. */ +#undef STAT_MACROS_BROKEN + +/* Define if you have the ANSI C header files. */ +#undef STDC_HEADERS + +/* Define if you can safely include both and . */ +#undef TIME_WITH_SYS_TIME + +/* Define to `int' if doesn't define. */ +#undef uid_t + +/* Define if your processor stores words with the most significant + byte first (like Motorola and SPARC, unlike Intel and VAX). */ +#undef WORDS_BIGENDIAN + +/* Define if you have SYSV-style /dev/ptmx and /dev/pts/. */ +#undef HAVE_DEV_PTMX + +/* Define if you have /dev/pts and /dev/ptc devices (as in AIX). */ +#undef HAVE_DEV_PTS_AND_PTC + +/* Define if you have shadow passwords in /etc/security/passwd (AIX style). */ +#undef HAVE_ETC_SECURITY_PASSWD + +/* Define if you have shadow passwords in /etc/security/passwd.adjunct + (SunOS style). */ +#undef HAVE_ETC_SECURITY_PASSWD_ADJUNCT + + +/* Define if you have OSF1 C2 security installed on the system */ +#undef HAVE_OSF1_C2_SECURITY + +/* Define if you have shadow passwords in /etc/shadow (Solaris style). */ +#undef HAVE_ETC_SHADOW + +/* Define if you have system login defaults in /etc/default/login. */ +#undef HAVE_ETC_DEFAULT_LOGIN + +/* Define if utmp structure has host field. */ +#undef HAVE_HOST_IN_UTMP + +/* Define if utmp structure has addr field. */ +#undef HAVE_ADDR_IN_UTMP + +/* Define if utmp structure has id field. */ +#undef HAVE_ID_IN_UTMP + +/* Define if utmp structure has name field. */ +#undef HAVE_NAME_IN_UTMP + +/* Define if utmp structure has pid field. */ +#undef HAVE_PID_IN_UTMP + +/* Define if utmpx structure has ut_session. */ +#undef HAVE_UT_SESSION + +/* Define if utmpx structure has ut_syslen. */ +#undef HAVE_UT_SYSLEN + +/* Define if /var/adm/lastlog or whatever it is called is a directory + (e.g. SGI IRIX). */ +#undef LASTLOG_IS_DIR + +/* Define to use RSAREF. */ +#undef RSAREF + +/* Define to use SSL. */ +#undef DO_SSL + +/* Define this to be the path of the rsh program to support executing rsh. */ +#undef RSH_PATH + +/* Define this to be the path of the xauth program. */ +#undef XAUTH_PATH + +/* Default path for utmp. Determined by configure. */ +#undef SSH_UTMP + +/* Default path for wtmp. Determined by configure. */ +#undef SSH_WTMP + +/* Default path for lastlog. Determined by configure. */ +#undef SSH_LASTLOG + +/* This is defined if we found a lastlog file. The presence of lastlog.h + alone is not a sufficient indicator (at least newer BSD systems have + lastlog but no lastlog.h. */ +#undef HAVE_LASTLOG + +/* Define this if libutil.a contains BSD 4.4 compatible login(), logout(), + and logwtmp() calls. */ +#undef HAVE_LIBUTIL_LOGIN + +/* Location of system mail spool directory. */ +#undef MAIL_SPOOL_DIRECTORY + +/* Defined if mail goes to $HOME/newmail instead of a global mail spool. */ +#undef HAVE_TILDE_NEWMAIL + +/* Define this to be the default user path if you don't like the default. + See the --with-path= configure option. */ +#undef DEFAULT_PATH + +/* Define this if O_NONBLOCK does not work on your system (e.g., Ultrix). */ +#undef O_NONBLOCK_BROKEN + +/* Define this if sys/syslog.h needs to be included in addition to syslog.h. + This is the case on some Ultrix versions. */ +#undef NEED_SYS_SYSLOG_H + +/* Define this to include IDEA encryption. */ +#undef WITH_IDEA + +/* Define this to include RC4 encryption. */ +#undef WITH_RC4 + +/* Define this to include Blowfish encryption. */ +#undef WITH_BLOWFISH + +/* Define this to include libwrap (tcp_wrappers) support. */ +#undef LIBWRAP + +/* This is defined to pw_encrypt on Linux when using John Faugh's shadow + password implementation. */ +#undef crypt + +/* This is defined on 386BSD to preted we are on FreeBSD. */ +#undef __FreeBSD__ + +/* If defines, this overrides "tty" as the terminal group. */ +#undef TTY_GROUP + +/* Define this if you want to support Security Dynammics SecurID + cards. */ +#undef HAVE_SECURID + +/* Define this if you are using HPSUX. HPUX uses non-standard shared + memory communication for X, which seems to be enabled by the display name + matching that of the local host. This circumvents it by using the IP + address instead of the host name in DISPLAY. */ +#undef HPSUX_NONSTANDARD_X11_KLUDGE + +/* Define this if inet_network should be used instead of inet_addr. This is + the case on DGUX 5.4. */ +#undef BROKEN_INET_ADDR + +/* Define this if your system does not like sizeof(struct sockaddr_un) as the + size argument in bind and connect calls for unix domain sockets. */ +#undef USE_STRLEN_FOR_AF_UNIX + +/* Define this to use pipes instead of socketpairs for communicating with the + client program. Socketpairs do not seem to work on all systems. */ +#undef USE_PIPES + +/* Define this if speed_t is defined in stdtypes.h or otherwise gets included + into ttymodes.c from system headers. */ +#undef SPEED_T_IN_STDTYPES_H + +/* Define this if compiling with SOCKS (the firewall traversal library). + Also, you must define connect, getsockname, bind, accept, listen, and + select to their R-versions. */ +#undef SOCKS +#undef connect +#undef getsockname +#undef bind +#undef accept +#undef listen +#undef select + +/* Define these if on SCO Unix. */ +#undef HAVE_SCO_ETC_SHADOW +#undef SCO + +/* Define this if you want to compile in Kerberos V4 support. + This can be done at configure time with the --with-krb4 argument. */ +#undef KRB4 + +/* Define this if you want to compile in AFS support. + This can be done at configure time with the --with-afs argument. */ +#undef AFS + +/* Define this if you want to enable nonstandard krb4 TGT forwarding. */ +#undef KERBEROS_TGT_PASSING + +/* Define this if you want to add optional compression support. */ +#undef WITH_ZLIB + +/* The number of bytes in a int. */ +#undef SIZEOF_INT + +/* The number of bytes in a long. */ +#undef SIZEOF_LONG + +/* The number of bytes in a short. */ +#undef SIZEOF_SHORT + +/* Define if you have the _getpty function. */ +#undef HAVE__GETPTY + +/* Define if you have the clock function. */ +#undef HAVE_CLOCK + +/* Define if you have the fchmod function. */ +#undef HAVE_FCHMOD + +/* Define if you have the getdtablesize function. */ +#undef HAVE_GETDTABLESIZE + +/* Define if you have the gethostname function. */ +#undef HAVE_GETHOSTNAME + +/* Define if you have the getrusage function. */ +#undef HAVE_GETRUSAGE + +/* Define if you have the gettimeofday function. */ +#undef HAVE_GETTIMEOFDAY + +/* Define if you have the initgroups function. */ +#undef HAVE_INITGROUPS + +/* Define if you have the innetgr function. */ +#undef HAVE_INNETGR + +/* Define if you have the memcpy function. */ +#undef HAVE_MEMCPY + +/* Define if you have the memmove function. */ +#undef HAVE_MEMMOVE + +/* Define if you have the openpty function. */ +#undef HAVE_OPENPTY + +/* Define if you have the popen function. */ +#undef HAVE_POPEN + +/* Define if you have the putenv function. */ +#undef HAVE_PUTENV + +/* Define if you have the random function. */ +#undef HAVE_RANDOM + +/* Define if you have the remove function. */ +#undef HAVE_REMOVE + +/* Define if you have the seteuid function. */ +#undef HAVE_SETEUID + +/* Define if you have the setlogin function. */ +#undef HAVE_SETLOGIN + +/* Define if you have the setluid function. */ +#undef HAVE_SETLUID + +/* Define if you have the setrlimit function. */ +#undef HAVE_SETRLIMIT + +/* Define if you have the setsid function. */ +#undef HAVE_SETSID + +/* Define if you have the socketpair function. */ +#undef HAVE_SOCKETPAIR + +/* Define if you have the strchr function. */ +#undef HAVE_STRCHR + +/* Define if you have the strerror function. */ +#undef HAVE_STRERROR + +/* Define if you have the times function. */ +#undef HAVE_TIMES + +/* Define if you have the ulimit function. */ +#undef HAVE_ULIMIT + +/* Define if you have the umask function. */ +#undef HAVE_UMASK + +/* Define if you have the vhangup function. */ +#undef HAVE_VHANGUP + +/* Define if you have the vsnprintf function. */ +#undef HAVE_VSNPRINTF + +/* Define if you have the header file. */ +#undef HAVE_DIRENT_H + +/* Define if you have the header file. */ +#undef HAVE_GMP_H + +/* Define if you have the header file. */ +#undef HAVE_KRB_H + +/* Define if you have the header file. */ +#undef HAVE_LASTLOG_H + +/* Define if you have the header file. */ +#undef HAVE_NDIR_H + +/* Define if you have the header file. */ +#undef HAVE_NETINET_IN_SYSTM_H + +/* Define if you have the header file. */ +#undef HAVE_PATHS_H + +/* Define if you have the header file. */ +#undef HAVE_RUSAGE_H + +/* Define if you have the header file. */ +#undef HAVE_SGTTY_H + +/* Define if you have the header file. */ +#undef HAVE_SYS_DIR_H + +/* Define if you have the header file. */ +#undef HAVE_SYS_FILIO_H + +/* Define if you have the header file. */ +#undef HAVE_SYS_IOCTL_H + +/* Define if you have the header file. */ +#undef HAVE_SYS_NDIR_H + +/* Define if you have the header file. */ +#undef HAVE_SYS_SELECT_H + +/* Define if you have the header file. */ +#undef HAVE_SYS_TIME_H + +/* Define if you have the header file. */ +#undef HAVE_TERMIOS_H + +/* Define if you have the header file. */ +#undef HAVE_ULIMIT_H + +/* Define if you have the header file. */ +#undef HAVE_UNISTD_H + +/* Define if you have the header file. */ +#undef HAVE_USERSEC_H + +/* Define if you have the header file. */ +#undef HAVE_UTIME_H + +/* Define if you have the header file. */ +#undef HAVE_UTMP_H + +/* Define if you have the header file. */ +#undef HAVE_UTMPX_H + +/* Define if you have the header file. */ +#undef HAVE_ZLIB_H + +/* Define if you have the crypt library (-lcrypt). */ +#undef HAVE_LIBCRYPT + +/* Define if you have the des library (-ldes). */ +#undef HAVE_LIBDES + +/* Define if you have the gen library (-lgen). */ +#undef HAVE_LIBGEN + +/* Define if you have the gmp library (-lgmp). */ +#undef HAVE_LIBGMP + +/* Define if you have the krb library (-lkrb). */ +#undef HAVE_LIBKRB + +/* Define if you have the nsl library (-lnsl). */ +#undef HAVE_LIBNSL + +/* Define if you have the s library (-ls). */ +#undef HAVE_LIBS + +/* Define if you have the security library (-lsecurity). */ +#undef HAVE_LIBSECURITY + +/* Define if you have the socket library (-lsocket). */ +#undef HAVE_LIBSOCKET + +/* Define if you have the sun library (-lsun). */ +#undef HAVE_LIBSUN + +/* Define if you have the z library (-lz). */ +#undef HAVE_LIBZ Index: usr.bin/ssh/config.log =================================================================== RCS file: config.log diff -N config.log --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsGNxtO31367 Wed Dec 8 12:42:06 1999 @@ -0,0 +1,420 @@ +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. + +configure:593: checking host system type +configure:617: checking for gcc +configure:730: checking whether the C compiler (gcc ) works +configure:746: gcc -o conftest conftest.c 1>&5 +configure:772: checking whether the C compiler (gcc ) is a cross-compiler +configure:777: checking whether we are using GNU C +configure:786: gcc -E conftest.c +configure:805: checking whether gcc accepts -g +configure:837: checking how to run the C preprocessor +configure:858: gcc -E conftest.c >/dev/null 2>conftest.out +configure:1332: checking that the compiler works +configure:1341: gcc -o conftest -g -O2 conftest.c 1>&5 +configure:1358: checking if the compiler understands -pipe +configure:1369: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure:1397: checking for vhangup +configure:1425: gcc -pipe -o conftest -g -O2 conftest.c 1>&5 +configure:1419: Undefined symbol `_vhangup' referenced from text segment +collect2: ld returned 1 exit status +configure: failed program was: +#line 1402 "configure" +#include "confdefs.h" +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char vhangup(); below. */ +#include +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char vhangup(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_vhangup) || defined (__stub___vhangup) +choke me +#else +vhangup(); +#endif + +; return 0; } +configure:1455: checking for setsid +configure:1483: gcc -pipe -o conftest -g -O2 conftest.c 1>&5 +configure:1510: checking where to find mandatory GMP library +configure:1535: checking for gmp.h +configure:1545: gcc -E conftest.c >/dev/null 2>conftest.out +configure:1577: checking for main in -lgmp +configure:1592: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1636: checking for _getpty +configure:1664: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1658: Undefined symbol `__getpty' referenced from text segment +collect2: ld returned 1 exit status +configure: failed program was: +#line 1641 "configure" +#include "confdefs.h" +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char _getpty(); below. */ +#include +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char _getpty(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub__getpty) || defined (__stub____getpty) +choke me +#else +_getpty(); +#endif + +; return 0; } +configure:1636: checking for clock +configure:1664: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1636: checking for fchmod +configure:1664: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1636: checking for getdtablesize +configure:1664: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1636: checking for gethostname +configure:1664: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1636: checking for getrusage +configure:1664: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1691: checking for gettimeofday +configure:1719: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1691: checking for initgroups +configure:1719: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1691: checking for innetgr +configure:1719: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1691: checking for memcpy +configure:1719: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1703: warning: conflicting types for built-in function `memcpy' +configure:1691: checking for openpty +configure:1719: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1713: Undefined symbol `_openpty' referenced from text segment +collect2: ld returned 1 exit status +configure: failed program was: +#line 1696 "configure" +#include "confdefs.h" +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char openpty(); below. */ +#include +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char openpty(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_openpty) || defined (__stub___openpty) +choke me +#else +openpty(); +#endif + +; return 0; } +configure:1691: checking for popen +configure:1719: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1691: checking for seteuid +configure:1719: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1746: checking for setlogin +configure:1774: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1746: checking for setluid +configure:1774: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1768: Undefined symbol `_setluid' referenced from text segment +collect2: ld returned 1 exit status +configure: failed program was: +#line 1751 "configure" +#include "confdefs.h" +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char setluid(); below. */ +#include +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char setluid(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_setluid) || defined (__stub___setluid) +choke me +#else +setluid(); +#endif + +; return 0; } +configure:1746: checking for setrlimit +configure:1774: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1746: checking for strchr +configure:1774: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1746: checking for times +configure:1774: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1746: checking for ulimit +configure:1774: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1768: Undefined symbol `_ulimit' referenced from text segment +collect2: ld returned 1 exit status +configure: failed program was: +#line 1751 "configure" +#include "confdefs.h" +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char ulimit(); below. */ +#include +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char ulimit(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_ulimit) || defined (__stub___ulimit) +choke me +#else +ulimit(); +#endif + +; return 0; } +configure:1746: checking for umask +configure:1774: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1746: checking for vsnprintf +configure:1774: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1800: checking return type of signal handlers +configure:1822: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure:1841: checking for ANSI C header files +configure:1854: gcc -E conftest.c >/dev/null 2>conftest.out +configure:1921: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:1945: checking for size_t +configure:1978: checking for uid_t in sys/types.h +configure:2012: checking for off_t +configure:2045: checking for mode_t +configure:2078: checking for st_blksize in struct stat +configure:2091: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure:2113: checking for working const +configure:2167: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure:2188: checking for inline +configure:2202: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure:2228: checking whether byte ordering is bigendian +configure:2246: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure:2261: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure: In function `main': +configure:2256: syntax error before `big' +configure: failed program was: +#line 2250 "configure" +#include "confdefs.h" +#include +#include +int main() { + +#if BYTE_ORDER != BIG_ENDIAN + not big endian +#endif +; return 0; } +configure:2318: checking size of long +configure:2337: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:2357: checking size of int +configure:2376: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:2396: checking size of short +configure:2415: gcc -pipe -o conftest -g -O2 conftest.c -lgmp 1>&5 +configure:2440: checking for termios.h +configure:2450: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2479: checking for ANSI C header files +configure:2583: checking for sys/wait.h that is POSIX.1 compatible +configure:2604: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure:2628: checking for unistd.h +configure:2638: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2628: checking for rusage.h +configure:2638: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2634: rusage.h: No such file or directory +configure: failed program was: +#line 2633 "configure" +#include "confdefs.h" +#include +configure:2628: checking for sys/time.h +configure:2638: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2628: checking for lastlog.h +configure:2638: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2634: lastlog.h: No such file or directory +configure: failed program was: +#line 2633 "configure" +#include "confdefs.h" +#include +configure:2628: checking for utmp.h +configure:2638: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2628: checking for utmpx.h +configure:2638: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2634: utmpx.h: No such file or directory +configure: failed program was: +#line 2633 "configure" +#include "confdefs.h" +#include +configure:2668: checking for sgtty.h +configure:2678: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2668: checking for sys/select.h +configure:2678: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2668: checking for sys/ioctl.h +configure:2678: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2668: checking for sys/filio.h +configure:2678: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2708: checking for paths.h +configure:2718: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2708: checking for usersec.h +configure:2718: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2714: usersec.h: No such file or directory +configure: failed program was: +#line 2713 "configure" +#include "confdefs.h" +#include +configure:2708: checking for utime.h +configure:2718: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2708: checking for netinet/in_systm.h +configure:2718: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2708: checking for ulimit.h +configure:2718: gcc -E conftest.c >/dev/null 2>conftest.out +configure:2714: ulimit.h: No such file or directory +configure: failed program was: +#line 2713 "configure" +#include "confdefs.h" +#include +configure:2745: checking whether time.h and sys/time.h may both be included +configure:2759: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure:2784: checking for dirent.h that defines DIR +configure:2797: gcc -pipe -c -g -O2 conftest.c 1>&5 +configure:2822: checking for opendir in -ldir +configure:2841: gcc -pipe -o conftest -g -O2 conftest.c -ldir -lgmp 1>&5 +ld: -ldir: no match +collect2: ld returned 1 exit status +configure: failed program was: +#line 2830 "configure" +#include "confdefs.h" +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char opendir(); + +int main() { +opendir() +; return 0; } +configure:2905: checking whether stat file-mode macros are broken +configure:3038: utmpx.h: No such file or directory +configure:3053: utmpx.h: No such file or directory +configure:3068: checking for crypt in -lc +configure:3087: gcc -pipe -o conftest -g -O2 conftest.c -lc -lgmp 1>&5 +configure:3155: checking for main in -lnsl +configure:3170: gcc -pipe -o conftest -g -O2 conftest.c -lnsl -lgmp 1>&5 +ld: -lnsl: no match +collect2: ld returned 1 exit status +configure: failed program was: +#line 3163 "configure" +#include "confdefs.h" + +int main() { +main() +; return 0; } +configure:3199: checking for socket in -lsocket +configure:3218: gcc -pipe -o conftest -g -O2 conftest.c -lsocket -lgmp 1>&5 +ld: -lsocket: no match +collect2: ld returned 1 exit status +configure: failed program was: +#line 3207 "configure" +#include "confdefs.h" +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char socket(); + +int main() { +socket() +; return 0; } +configure:3248: checking for getpwnam in -lsun +configure:3267: gcc -pipe -o conftest -g -O2 conftest.c -lsun -lgmp 1>&5 +ld: -lsun: no match +collect2: ld returned 1 exit status +configure: failed program was: +#line 3256 "configure" +#include "confdefs.h" +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char getpwnam(); + +int main() { +getpwnam() +; return 0; } +configure:3296: checking for login in -lutil +configure:3315: gcc -pipe -o conftest -g -O2 conftest.c -lutil -lgmp 1>&5 +configure:3341: checking for main in -ldes +configure:3356: gcc -pipe -o conftest -g -O2 conftest.c -ldes -lgmp -lutil 1>&5 +configure:3387: checking for strerror +configure:3415: gcc -pipe -o conftest -g -O2 conftest.c -ldes -lgmp -lutil 1>&5 +configure:3387: checking for memmove +configure:3415: gcc -pipe -o conftest -g -O2 conftest.c -ldes -lgmp -lutil 1>&5 +configure:3387: checking for remove +configure:3415: gcc -pipe -o conftest -g -O2 conftest.c -ldes -lgmp -lutil 1>&5 +configure:3387: checking for random +configure:3415: gcc -pipe -o conftest -g -O2 conftest.c -ldes -lgmp -lutil 1>&5 +configure:3387: checking for putenv +configure:3415: gcc -pipe -o conftest -g -O2 conftest.c -ldes -lgmp -lutil 1>&5 +configure:3387: checking for socketpair +configure:3415: gcc -pipe -o conftest -g -O2 conftest.c -ldes -lgmp -lutil 1>&5 +configure:3443: checking whether ln -s works +configure:3475: checking for a BSD compatible install +configure:3531: checking for ranlib +configure:3566: checking for makedepend +configure:3601: checking for wish8.0 +configure:3601: checking for wish +configure:3601: checking for wishx +configure:3601: checking for wish4.1 +configure:3601: checking for true +configure:3643: checking for xauth +configure:3683: checking for pseudo ttys +configure:3705: checking for /etc/default/login +configure:3718: checking for shadow passwords +configure:3743: checking location of mail spool files +configure:3764: checking location of utmp +configure:3800: checking location of wtmp +configure:3834: checking location of lastlog +configure:3889: checking whether /var/log/lastlog is a directory +configure:3902: checking whether to include the IDEA encryption algorithm +configure:3926: checking whether to include the RC4 encryption algorithm +configure:3950: checking whether to include the Blowfish encryption algorithm +configure:3982: checking whether to use rsaref +configure:4008: checking whether to use ssl +configure:4032: checking whether to use rsh +configure:4102: checking for remsh +configure:4102: checking for rsh +configure:4147: checking default path +configure:4170: checking etcdir +configure:4195: checking whether to support SecurID +configure:4238: checking whether to include compression support +configure:4262: checking for zlib.h +configure:4272: gcc -E conftest.c >/dev/null 2>conftest.out +configure:4303: checking for main in -lz +configure:4318: gcc -pipe -o conftest -g -O2 conftest.c -lz -lcrypto -ldes -lgmp -lutil 1>&5 +configure:4361: checking whether to use Kerberos v4 +configure:4530: checking for krb.h +configure:4540: gcc -E conftest.c >/dev/null 2>conftest.out +configure:4536: krb.h: No such file or directory +configure: failed program was: +#line 4535 "configure" +#include "confdefs.h" +#include +configure:4567: checking for main in -lkrb +configure:4582: gcc -pipe -o conftest -g -O2 conftest.c -lkrb -lz -lcrypto -ldes -lgmp -lutil 1>&5 +configure:4717: checking whether to use AFS +configure:4749: checking whether to use libwrap +configure:4815: checking whether to support SOCKS +configure:4884: checking where to put sshd.pid Index: usr.bin/ssh/config.sample =================================================================== RCS file: config.sample diff -N config.sample --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsclsXl31367 Wed Dec 8 12:42:06 1999 @@ -0,0 +1,62 @@ +# This is a sample per-user ssh configuration file. This file could be +# the user's .ssh/config. + +# Configuration data is parsed as follows: +# 1. command line options +# 2. user-specific file +# 3. system-wide file +# Any configuration value is only changed the first time it is set. +# Thus, host-specific definitions should be at the beginning of the +# configuration file, and defaults at the end. + +# System defaults will be used for anything not explicitly specified +# in this file. + +Host fake + HostName sparc.ngs.fi + UseRsh yes + +Host pooh + HostName pooh.tky.hut.fi + +Host shadows.cs.hut.fi shadows + RhostsAuthentication yes + KeepAlive no + RemoteForward 30000 olari.clinet.fi:23 + LocalForward 30001 lk-hp-13.hut.fi:23 + IdentityFile ~/.identityfiles/shadows + +Host ngs.fi *.ngs.fi + RhostsAuthentication no + FallBackToRsh no + PasswordAuthentication no + IdentityFile ~/.identityfiles/ngs + KeepAlive no + Compression yes + CompressionLevel 9 + +Host *.fr + UseRsh yes + +Host *.su + FallBackToRsh yes + Cipher none + PasswordAuthentication no + ForwardAgent no + +Host *.com *.edu *.gov *.mil *.org *.de *.uk + Cipher 3des + ForwardAgent no + +# Defaults for various options +Host * + ForwardAgent yes + ForwardX11 yes + RhostsAuthentication yes + PasswordAuthentication yes + RSAAuthentication yes + FallBackToRsh no + UseRsh no + IdentityFile ~/.ssh/identity + Port 22 + Cipher idea Index: usr.bin/ssh/config.status =================================================================== RCS file: config.status diff -N config.status --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsggAwY31367 Wed Dec 8 12:42:06 1999 @@ -0,0 +1,536 @@ +#! /bin/sh +# Generated automatically by configure. +# Run this file to recreate the current configuration. +# This directory was configured as follows, +# on host cvs.openbsd.org: +# +# ./configure --with-ssl +# +# Compiler output produced by configure, useful for debugging +# configure, is in ./config.log if it exists. + +ac_cs_usage="Usage: ./config.status [--recheck] [--version] [--help]" +for ac_option +do + case "$ac_option" in + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + echo "running ${CONFIG_SHELL-/bin/sh} ./configure --with-ssl --no-create --no-recursion" + exec ${CONFIG_SHELL-/bin/sh} ./configure --with-ssl --no-create --no-recursion ;; + -version | --version | --versio | --versi | --vers | --ver | --ve | --v) + echo "./config.status generated by autoconf version 2.13" + exit 0 ;; + -help | --help | --hel | --he | --h) + echo "$ac_cs_usage"; exit 0 ;; + *) echo "$ac_cs_usage"; exit 1 ;; + esac +done + +ac_given_srcdir=. +ac_given_INSTALL="/usr/bin/install -c" + +trap 'rm -fr Makefile sshd.8 ssh.1 config.h conftest*; exit 1' 1 2 15 + +# Protect against being on the right side of a sed subst in config.status. +sed 's/%@/@@/; s/@%/@@/; s/%g$/@g/; /@g$/s/[\\&%]/\\&/g; + s/@@/%@/; s/@@/@%/; s/@g$/%g/' > conftest.subs <<\CEOF +/^[ ]*VPATH[ ]*=[^:]*$/d + +s%@SHELL@%/bin/sh%g +s%@CFLAGS@%-g -O2%g +s%@CPPFLAGS@%%g +s%@CXXFLAGS@%%g +s%@FFLAGS@%%g +s%@DEFS@%-DHAVE_CONFIG_H%g +s%@LDFLAGS@%%g +s%@LIBS@%-lkrb -lz -lcrypto -ldes -lgmp -lutil%g +s%@exec_prefix@%${prefix}%g +s%@prefix@%/usr/local%g +s%@program_transform_name@%s,x,x,%g +s%@bindir@%${exec_prefix}/bin%g +s%@sbindir@%${exec_prefix}/sbin%g +s%@libexecdir@%${exec_prefix}/libexec%g +s%@datadir@%${prefix}/share%g +s%@sysconfdir@%${prefix}/etc%g +s%@sharedstatedir@%${prefix}/com%g +s%@localstatedir@%${prefix}/var%g +s%@libdir@%${exec_prefix}/lib%g +s%@includedir@%${prefix}/include%g +s%@oldincludedir@%/usr/include%g +s%@infodir@%${prefix}/info%g +s%@mandir@%${prefix}/man%g +s%@host@%i386-unknown-openbsd2.5%g +s%@host_alias@%i386-unknown-openbsd2.5%g +s%@host_cpu@%i386%g +s%@host_vendor@%unknown%g +s%@host_os@%openbsd2.5%g +s%@CC@%gcc -pipe%g +s%@CPP@%gcc -E%g +s%@GMPINCS@%%g +s%@GMPLIBS@%-lgmp%g +s%@LIBOBJS@%%g +s%@LN_S@%ln -s%g +s%@INSTALL_PROGRAM@%${INSTALL}%g +s%@INSTALL_SCRIPT@%${INSTALL_PROGRAM}%g +s%@INSTALL_DATA@%${INSTALL} -m 644%g +s%@RANLIB@%ranlib%g +s%@MAKEDEP@%makedepend%g +s%@WISH@%/usr/local/bin/wish%g +s%@XAUTH_PATH@%/usr/X11R6/bin/xauth%g +s%@RSH_PATH@%/usr/bin/rsh%g +s%@KRB4_AUTH@%%g +s%@KRB4_ROOT@%%g +s%@KRB4_INCS@%%g +s%@KRB4_LIBS@%%g +s%@RADIX@%%g +s%@ETCDIR@%/etc%g +s%@PIDDIR@%/var/run%g +s%@RSAREFDEP@%%g +s%@CONFOBJS@% bf_skey.o bf_enc.o compress.o%g + +CEOF + +# Split the substitutions into bite-sized pieces for seds with +# small command number limits, like on Digital OSF/1 and HP-UX. +ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script. +ac_file=1 # Number of current file. +ac_beg=1 # First line for current file. +ac_end=$ac_max_sed_cmds # Line after last line for current file. +ac_more_lines=: +ac_sed_cmds="" +while $ac_more_lines; do + if test $ac_beg -gt 1; then + sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file + else + sed "${ac_end}q" conftest.subs > conftest.s$ac_file + fi + if test ! -s conftest.s$ac_file; then + ac_more_lines=false + rm -f conftest.s$ac_file + else + if test -z "$ac_sed_cmds"; then + ac_sed_cmds="sed -f conftest.s$ac_file" + else + ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file" + fi + ac_file=`expr $ac_file + 1` + ac_beg=$ac_end + ac_end=`expr $ac_end + $ac_max_sed_cmds` + fi +done +if test -z "$ac_sed_cmds"; then + ac_sed_cmds=cat +fi + +CONFIG_FILES=${CONFIG_FILES-"Makefile sshd.8 ssh.1"} +for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then + # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". + case "$ac_file" in + *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` + ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; + *) ac_file_in="${ac_file}.in" ;; + esac + + # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories. + + # Remove last slash and all that follows it. Not all systems have dirname. + ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` + if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then + # The file is in a subdirectory. + test ! -d "$ac_dir" && mkdir "$ac_dir" + ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`" + # A "../" for each directory in $ac_dir_suffix. + ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'` + else + ac_dir_suffix= ac_dots= + fi + + case "$ac_given_srcdir" in + .) srcdir=. + if test -z "$ac_dots"; then top_srcdir=. + else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;; + /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;; + *) # Relative path. + srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix" + top_srcdir="$ac_dots$ac_given_srcdir" ;; + esac + + case "$ac_given_INSTALL" in + [/$]*) INSTALL="$ac_given_INSTALL" ;; + *) INSTALL="$ac_dots$ac_given_INSTALL" ;; + esac + + echo creating "$ac_file" + rm -f "$ac_file" + configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure." + case "$ac_file" in + *Makefile*) ac_comsub="1i\\ +# $configure_input" ;; + *) ac_comsub= ;; + esac + + ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` + sed -e "$ac_comsub +s%@configure_input@%$configure_input%g +s%@srcdir@%$srcdir%g +s%@top_srcdir@%$top_srcdir%g +s%@INSTALL@%$INSTALL%g +" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file +fi; done +rm -f conftest.s* + +# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where +# NAME is the cpp macro being defined and VALUE is the value it is being given. +# +# ac_d sets the value in "#define NAME VALUE" lines. +ac_dA='s%^\([ ]*\)#\([ ]*define[ ][ ]*\)' +ac_dB='\([ ][ ]*\)[^ ]*%\1#\2' +ac_dC='\3' +ac_dD='%g' +# ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE". +ac_uA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' +ac_uB='\([ ]\)%\1#\2define\3' +ac_uC=' ' +ac_uD='\4%g' +# ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE". +ac_eA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' +ac_eB='$%\1#\2define\3' +ac_eC=' ' +ac_eD='%g' + +if test "${CONFIG_HEADERS+set}" != set; then + CONFIG_HEADERS="config.h" +fi +for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then + # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". + case "$ac_file" in + *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` + ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; + *) ac_file_in="${ac_file}.in" ;; + esac + + echo creating $ac_file + + rm -f conftest.frag conftest.in conftest.out + ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` + cat $ac_file_inputs > conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + cat > conftest.frag < conftest.out + rm -f conftest.in + mv conftest.out conftest.in + + rm -f conftest.frag conftest.h + echo "/* $ac_file. Generated automatically by configure. */" > conftest.h + cat conftest.in >> conftest.h + rm -f conftest.in + if cmp -s $ac_file conftest.h 2>/dev/null; then + echo "$ac_file is unchanged" + rm -f conftest.h + else + # Remove last slash and all that follows it. Not all systems have dirname. + ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` + if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then + # The file is in a subdirectory. + test ! -d "$ac_dir" && mkdir "$ac_dir" + fi + rm -f $ac_file + mv conftest.h $ac_file + fi +fi; done + + + +exit 0 Index: usr.bin/ssh/config.sub =================================================================== RCS file: config.sub diff -N config.sub --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsOGsvL31367 Wed Dec 8 12:42:06 1999 @@ -0,0 +1,1238 @@ +#! /bin/sh +# Configuration validation subroutine script, version 1.1. +# Copyright (C) 1991, 92-97, 1998, 1999 Free Software Foundation, Inc. +# This file is (in principle) common to ALL GNU software. +# The presence of a machine in this file suggests that SOME GNU software +# can handle that machine. It does not imply ALL GNU software can. +# +# This file is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, +# Boston, MA 02111-1307, USA. + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# Configuration subroutine to validate and canonicalize a configuration type. +# Supply the specified configuration type as an argument. +# If it is invalid, we print an error message on stderr and exit with code 1. +# Otherwise, we print the canonical config type on stdout and succeed. + +# This file is supposed to be the same for all GNU packages +# and recognize all the CPU types, system types and aliases +# that are meaningful with *any* GNU software. +# Each package is responsible for reporting which valid configurations +# it does not support. The user should be able to distinguish +# a failure to support a valid configuration from a meaningless +# configuration. + +# The goal of this file is to map all the various variations of a given +# machine specification into a single specification in the form: +# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM +# or in some cases, the newer four-part form: +# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM +# It is wrong to echo any other type of specification. + +if [ x$1 = x ] +then + echo Configuration name missing. 1>&2 + echo "Usage: $0 CPU-MFR-OPSYS" 1>&2 + echo "or $0 ALIAS" 1>&2 + echo where ALIAS is a recognized configuration type. 1>&2 + exit 1 +fi + +# First pass through any local machine types. +case $1 in + *local*) + echo $1 + exit 0 + ;; + *) + ;; +esac + +# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). +# Here we must recognize all the valid KERNEL-OS combinations. +maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` +case $maybe_os in + linux-gnu*) + os=-$maybe_os + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` + ;; + *) + basic_machine=`echo $1 | sed 's/-[^-]*$//'` + if [ $basic_machine != $1 ] + then os=`echo $1 | sed 's/.*-/-/'` + else os=; fi + ;; +esac + +### Let's recognize common machines as not being operating systems so +### that things like config.sub decstation-3100 work. We also +### recognize some manufacturers as not being operating systems, so we +### can provide default operating systems below. +case $os in + -sun*os*) + # Prevent following clause from handling this invalid input. + ;; + -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ + -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ + -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ + -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ + -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ + -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ + -apple) + os= + basic_machine=$1 + ;; + -sim | -cisco | -oki | -wec | -winbond ) # EGCS LOCAL + os= + basic_machine=$1 + ;; + -scout) # EGCS LOCAL + ;; + -wrs) # EGCS LOCAL + os=-vxworks + basic_machine=$1 + ;; + -hiux*) + os=-hiuxwe2 + ;; + -sco5) + os=-sco3.2v5 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco4) + os=-sco3.2v4 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2.[4-9]*) + os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2v[4-9]*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco*) + os=-sco3.2v2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -udk*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -isc) + os=-isc2.2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -clix*) + basic_machine=clipper-intergraph + ;; + -isc*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -lynx*) + os=-lynxos + ;; + -ptx*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` + ;; + -windowsnt*) + os=`echo $os | sed -e 's/windowsnt/winnt/'` + ;; + -psos*) + os=-psos + ;; +esac + +# Decode aliases for certain CPU-COMPANY combinations. +case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. + tahoe | i860 | m32r | m68k | m68000 | m88k | ns32k | arc | arm \ + | arme[lb] | pyramid | mn10200 | mn10300 \ + | tron | a29k | 580 | i960 | h8300 \ + | hppa | hppa1.0 | hppa1.1 | hppa2.0 | hppa2.0w | hppa2.0n \ + | alpha | alphaev5 | alphaev56 | alphapca56 | alphaev6 \ + | we32k | ns16k | clipper | i370 | sh | powerpc | powerpcle \ + | 1750a | dsp16xx | pdp11 \ + | mips64 | mipsel | mips64el | mips64orion | mips64orionel \ + | mipstx39 | mipstx39el \ + | sparc | sparclet | sparclite | sparc64 | sparcv9 | v850 | c4x) + basic_machine=$basic_machine-unknown + ;; + m88110 | m680[012346]0 | m683?2 | m68360 | m5200 | z8k | v70 \ + | h8500 | w65) # EGCS LOCAL + ;; + thumb) + basic_machine=$basic_machine-unknown + ;; + mips64vr4300 | mips64vr4300el) # EGCS LOCAL jsmith/vr4300 + basic_machine=$basic_machine-unknown + ;; + mips64vr4100 | mips64vr4100el) # EGCS LOCAL jsmith/vr4100 + basic_machine=$basic_machine-unknown + ;; + mips64vr5000 | mips64vr5000el) # EGCS LOCAL ian/vr5000 + basic_machine=$basic_machine-unknown + ;; + mips16) + basic_machine=$basic_machine-unknown + ;; + d10v) + basic_machine=$basic_machine-unknown + ;; + # We use `pc' rather than `unknown' + # because (1) that's what they normally are, and + # (2) the word "unknown" tends to confuse beginning users. + i[34567]86) + basic_machine=$basic_machine-pc + ;; + # Object if more than one company name word. + *-*-*) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; + # Recognize the basic CPU types with company name. + vax-* | tahoe-* | i[34567]86-* | i860-* | m32r-* | m68k-* | m68000-* \ + | m88k-* | sparc-* | ns32k-* | fx80-* | arc-* | arm-* | c[123]* \ + | mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* \ + | power-* | none-* | 580-* | cray2-* | h8300-* | i960-* \ + | xmp-* | ymp-* \ + | hppa-* | hppa1.0-* | hppa1.1-* \ + | hppa2.0-* | hppa2.0w-* | hppa2.0n-* \ + | alpha-* | alphaev5-* | alphaev56-* | alphapca56-* \ + | alphaev6-* | we32k-* | cydra-* | ns16k-* | pn-* | np1-* \ + | xps100-* | clipper-* | orion-* \ + | sparclite-* | pdp11-* | sh-* | powerpc-* | powerpcle-* \ + | sparc64-* | sparcv9-* | sparc86x-* | mips64-* | mipsel-* \ + | mips64el-* | mips64orion-* | mips64orionel-* \ + | mipstx39-* | mipstx39el-* \ + | f301-* | arm*-*) + ;; + m88110-* | m680[01234]0-* | m683?2-* | m68360-* | z8k-* | h8500-* | d10v-*) # EGCS LOCAL + ;; + thumb-*) # EGCS LOCAL angela/thumb + ;; + v850-*) # EGCS LOCAL + ;; + d30v-*) # EGCS LOCAL + ;; + mips64vr4300-* | mips64vr4300el-*) # EGCS LOCAL jsmith/vr4300 + ;; + mips64vr4100-* | mips64vr4100el-*) # EGCS LOCAL jsmith/vr4100 + ;; + mips16-*) # EGCS LOCAL krk/mips16 + ;; + tic30-*) # EGCS LOCAL ian/tic30 + ;; + c30-*) # EGCS LOCAL ian/tic30 + basic_machine=tic30-unknown + ;; + # Recognize the various machine names and aliases which stand + # for a CPU type and a company and sometimes even an OS. + 386bsd) # EGCS LOCAL + basic_machine=i386-unknown + os=-bsd + ;; + 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) + basic_machine=m68000-att + ;; + 3b*) + basic_machine=we32k-att + ;; + a29khif) # EGCS LOCAL + basic_machine=a29k-amd + os=-udi + ;; + adobe68k) # EGCS LOCAL + basic_machine=m68010-adobe + os=-scout + ;; + alliant | fx80) + basic_machine=fx80-alliant + ;; + altos | altos3068) + basic_machine=m68k-altos + ;; + am29k) + basic_machine=a29k-none + os=-bsd + ;; + amdahl) + basic_machine=580-amdahl + os=-sysv + ;; + amiga | amiga-*) + basic_machine=m68k-cbm + ;; + amigaos | amigados) + basic_machine=m68k-cbm + os=-amigaos + ;; + amigaunix | amix) + basic_machine=m68k-cbm + os=-sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + os=-sysv + ;; + apollo68bsd) # EGCS LOCAL + basic_machine=m68k-apollo + os=-bsd + ;; + aux) + basic_machine=m68k-apple + os=-aux + ;; + balance) + basic_machine=ns32k-sequent + os=-dynix + ;; + convex-c1) + basic_machine=c1-convex + os=-bsd + ;; + convex-c2) + basic_machine=c2-convex + os=-bsd + ;; + convex-c32) + basic_machine=c32-convex + os=-bsd + ;; + convex-c34) + basic_machine=c34-convex + os=-bsd + ;; + convex-c38) + basic_machine=c38-convex + os=-bsd + ;; + cray | ymp) + basic_machine=ymp-cray + os=-unicos + ;; + cray2) + basic_machine=cray2-cray + os=-unicos + ;; + [ctj]90-cray) + basic_machine=c90-cray + os=-unicos + ;; + crds | unos) + basic_machine=m68k-crds + ;; + da30 | da30-*) + basic_machine=m68k-da30 + ;; + decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) + basic_machine=mips-dec + ;; + delta | 3300 | motorola-3300 | motorola-delta \ + | 3300-motorola | delta-motorola) + basic_machine=m68k-motorola + ;; + delta88) + basic_machine=m88k-motorola + os=-sysv3 + ;; + dpx20 | dpx20-*) + basic_machine=rs6000-bull + os=-bosx + ;; + dpx2* | dpx2*-bull) + basic_machine=m68k-bull + os=-sysv3 + ;; + ebmon29k) + basic_machine=a29k-amd + os=-ebmon + ;; + elxsi) + basic_machine=elxsi-elxsi + os=-bsd + ;; + encore | umax | mmax) + basic_machine=ns32k-encore + ;; + es1800 | OSE68k | ose68k | ose | OSE) # EGCS LOCAL + basic_machine=m68k-ericsson + os=-ose + ;; + fx2800) + basic_machine=i860-alliant + ;; + genix) + basic_machine=ns32k-ns + ;; + gmicro) + basic_machine=tron-gmicro + os=-sysv + ;; + h3050r* | hiux*) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + h8300hms) + basic_machine=h8300-hitachi + os=-hms + ;; + h8300xray) # EGCS LOCAL + basic_machine=h8300-hitachi + os=-xray + ;; + h8500hms) # EGCS LOCAL + basic_machine=h8500-hitachi + os=-hms + ;; + harris) + basic_machine=m88k-harris + os=-sysv3 + ;; + hp300-*) + basic_machine=m68k-hp + ;; + hp300bsd) + basic_machine=m68k-hp + os=-bsd + ;; + hp300hpux) + basic_machine=m68k-hp + os=-hpux + ;; + w89k-*) # EGCS LOCAL + basic_machine=hppa1.1-winbond + os=-proelf + ;; + op50n-*) # EGCS LOCAL + basic_machine=hppa1.1-oki + os=-proelf + ;; + op60c-*) # EGCS LOCAL + basic_machine=hppa1.1-oki + os=-proelf + ;; + hppro) # EGCS LOCAL + basic_machine=hppa1.1-hp + os=-proelf + ;; + hp3k9[0-9][0-9] | hp9[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k2[0-9][0-9] | hp9k31[0-9]) + basic_machine=m68000-hp + ;; + hp9k3[2-9][0-9]) + basic_machine=m68k-hp + ;; + hp9k6[0-9][0-9] | hp6[0-9][0-9] ) + basic_machine=hppa1.0-hp + ;; + hp9k7[0-79][0-9] | hp7[0-79][0-9] ) + basic_machine=hppa1.1-hp + ;; + hp9k78[0-9] | hp78[0-9] ) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | \ + hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893 ) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][13679] | hp8[0-9][13679] ) + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][0-9] | hp8[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hppa-next) + os=-nextstep3 + ;; + hppaosf) # EGCS LOCAL + basic_machine=hppa1.1-hp + os=-osf + ;; + i370-ibm* | ibm*) + basic_machine=i370-ibm + os=-mvs + ;; +# I'm not sure what "Sysv32" means. Should this be sysv3.2? + i[34567]86v32) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv32 + ;; + i[34567]86v4*) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv4 + ;; + i[34567]86v) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv + ;; + i[34567]86sol2) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-solaris2 + ;; + i386mach) # EGCS LOCAL + basic_machine=i386-mach + os=-mach + ;; + i386-vsta | vsta) # EGCS LOCAL + basic_machine=i386-unknown + os=-vsta + ;; + i386-go32 | go32) # EGCS LOCAL + basic_machine=i386-unknown + os=-go32 + ;; + i386-mingw32 | mingw32) + basic_machine=i386-unknown + os=-mingw32 + ;; + iris | iris4d) + basic_machine=mips-sgi + case $os in + -irix*) + ;; + *) + os=-irix4 + ;; + esac + ;; + isi68 | isi) + basic_machine=m68k-isi + os=-sysv + ;; + m88k-omron*) + basic_machine=m88k-omron + ;; + magnum | m3230) + basic_machine=mips-mips + os=-sysv + ;; + merlin) + basic_machine=ns32k-utek + os=-sysv + ;; + miniframe) + basic_machine=m68000-convergent + ;; + mipsel*-linux*) + basic_machine=mipsel-unknown + os=-linux-gnu + ;; + mips*-linux*) + basic_machine=mips-unknown + os=-linux-gnu + ;; + mips3*-*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` + ;; + mips3*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown + ;; + monitor) # EGCS LOCAL + basic_machine=m68k-rom68k + os=-coff + ;; + msdos) # EGCS LOCAL + basic_machine=i386-unknown + os=-msdos + ;; + ncr3000) + basic_machine=i486-ncr + os=-sysv4 + ;; + netbsd386) + basic_machine=i386-unknown # EGCS LOCAL + os=-netbsd + ;; + netwinder) + basic_machine=armv4l-corel + os=-linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + os=-newsos + ;; + news1000) + basic_machine=m68030-sony + os=-newsos + ;; + news-3600 | risc-news) + basic_machine=mips-sony + os=-newsos + ;; + necv70) # EGCS LOCAL + basic_machine=v70-nec + os=-sysv + ;; + next | m*-next ) + basic_machine=m68k-next + case $os in + -nextstep* ) + ;; + -ns2*) + os=-nextstep2 + ;; + *) + os=-nextstep3 + ;; + esac + ;; + nh3000) + basic_machine=m68k-harris + os=-cxux + ;; + nh[45]000) + basic_machine=m88k-harris + os=-cxux + ;; + nindy960) + basic_machine=i960-intel + os=-nindy + ;; + mon960) # EGCS LOCAL + basic_machine=i960-intel + os=-mon960 + ;; + np1) + basic_machine=np1-gould + ;; + OSE68000 | ose68000) # EGCS LOCAL + basic_machine=m68000-ericsson + os=-ose + ;; + os68k) # EGCS LOCAL + basic_machine=m68k-none + os=-os68k + ;; + pa-hitachi) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + paragon) + basic_machine=i860-intel + os=-osf + ;; + pbd) + basic_machine=sparc-tti + ;; + pbb) + basic_machine=m68k-tti + ;; + pc532 | pc532-*) + basic_machine=ns32k-pc532 + ;; + pentium | p5 | k5 | k6 | nexen) + basic_machine=i586-pc + ;; + pentiumpro | p6 | 6x86) + basic_machine=i686-pc + ;; + pentiumii | pentium2) + basic_machine=i786-pc + ;; + pentium-* | p5-* | k5-* | k6-* | nexen-*) + basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumpro-* | p6-* | 6x86-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumii-* | pentium2-*) + basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pn) + basic_machine=pn-gould + ;; + power) basic_machine=rs6000-ibm + ;; + ppc) basic_machine=powerpc-unknown + ;; + ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppcle | powerpclittle | ppc-le | powerpc-little) + basic_machine=powerpcle-unknown + ;; + ppcle-* | powerpclittle-*) + basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ps2) + basic_machine=i386-ibm + ;; + rom68k) # EGCS LOCAL + basic_machine=m68k-rom68k + os=-coff + ;; + rm[46]00) + basic_machine=mips-siemens + ;; + rtpc | rtpc-*) + basic_machine=romp-ibm + ;; + sa29200) # EGCS LOCAL + basic_machine=a29k-amd + os=-udi + ;; + sequent) + basic_machine=i386-sequent + ;; + sh) + basic_machine=sh-hitachi + os=-hms + ;; + sparclite-wrs) # EGCS LOCAL + basic_machine=sparclite-wrs + os=-vxworks + ;; + sps7) + basic_machine=m68k-bull + os=-sysv2 + ;; + spur) + basic_machine=spur-unknown + ;; + st2000) # EGCS LOCAL + basic_machine=m68k-tandem + ;; + stratus) # EGCS LOCAL + basic_machine=i860-stratus + os=-sysv4 + ;; + sun2) + basic_machine=m68000-sun + ;; + sun2os3) + basic_machine=m68000-sun + os=-sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + os=-sunos4 + ;; + sun3os3) + basic_machine=m68k-sun + os=-sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + os=-sunos4 + ;; + sun4os3) + basic_machine=sparc-sun + os=-sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + os=-sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + os=-solaris2 + ;; + sun3 | sun3-*) + basic_machine=m68k-sun + ;; + sun4) + basic_machine=sparc-sun + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + ;; + symmetry) + basic_machine=i386-sequent + os=-dynix + ;; + tx39) + basic_machine=mipstx39-unknown + ;; + tx39el) + basic_machine=mipstx39el-unknown + ;; + tower | tower-32) + basic_machine=m68k-ncr + ;; + udi29k) + basic_machine=a29k-amd + os=-udi + ;; + ultra3) + basic_machine=a29k-nyu + os=-sym1 + ;; + v810 | necv810) # EGCS LOCAL + basic_machine=v810-nec + os=-none + ;; + vaxv) + basic_machine=vax-dec + os=-sysv + ;; + vms) + basic_machine=vax-dec + os=-vms + ;; + vpp*|vx|vx-*) + basic_machine=f301-fujitsu + ;; + vxworks960) + basic_machine=i960-wrs + os=-vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + os=-vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + os=-vxworks + ;; + w65*) # EGCS LOCAL + basic_machine=w65-wdc + os=-none + ;; + xmp) + basic_machine=xmp-cray + os=-unicos + ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; + z8k-*-coff) # EGCS LOCAL + basic_machine=z8k-unknown + os=-sim + ;; + none) + basic_machine=none-none + os=-none + ;; + +# Here we handle the default manufacturer of certain CPU types. It is in +# some cases the only manufacturer, in others, it is the most popular. + w89k) # EGCS LOCAL + basic_machine=hppa1.1-winbond + ;; + op50n) # EGCS LOCAL + basic_machine=hppa1.1-oki + ;; + op60c) # EGCS LOCAL + basic_machine=hppa1.1-oki + ;; + mips) + if [ x$os = x-linux-gnu ]; then + basic_machine=mips-unknown + else + basic_machine=mips-mips + fi + ;; + romp) + basic_machine=romp-ibm + ;; + rs6000) + basic_machine=rs6000-ibm + ;; + vax) + basic_machine=vax-dec + ;; + pdp11) + basic_machine=pdp11-dec + ;; + we32k) + basic_machine=we32k-att + ;; + sparc | sparcv9) + basic_machine=sparc-sun + ;; + cydra) + basic_machine=cydra-cydrome + ;; + orion) + basic_machine=orion-highlevel + ;; + orion105) + basic_machine=clipper-highlevel + ;; + mac | mpw | mac-mpw) # EGCS LOCAL + basic_machine=m68k-apple + ;; + pmac | pmac-mpw) # EGCS LOCAL + basic_machine=powerpc-apple + ;; + c4x*) + basic_machine=c4x-none + os=-coff + ;; + *) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; +esac + +# Here we canonicalize certain aliases for manufacturers. +case $basic_machine in + *-digital*) + basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` + ;; + *-commodore*) + basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` + ;; + *) + ;; +esac + +# Decode manufacturer-specific aliases for certain operating systems. + +if [ x"$os" != x"" ] +then +case $os in + # First match some system type aliases + # that might get confused with valid system types. + # -solaris* is a basic system type, with this one exception. + -solaris1 | -solaris1.*) + os=`echo $os | sed -e 's|solaris1|sunos4|'` + ;; + -solaris) + os=-solaris2 + ;; + -svr4*) + os=-sysv4 + ;; + -unixware*) + os=-sysv4.2uw + ;; + -gnu/linux*) + os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` + ;; + # First accept the basic system types. + # The portable systems comes first. + # Each alternative MUST END IN A *, to match a version number. + # -sysv* is not here because it comes later, after sysvr4. + -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ + | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ + | -aos* \ + | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ + | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ + | -hiux* | -386bsd* | -netbsd* | -openbsd* | -freebsd* | -riscix* \ + | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ + | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ + | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ + | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \ + | -interix* | -uwin* ) + # Remember, each alternative MUST END IN *, to match a version number. + ;; + # EGCS LOCAL + -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* \ + | -macos* | -mpw* | -magic* | -mon960* | -lnews* ) + ;; + -mac*) + os=`echo $os | sed -e 's|mac|macos|'` + ;; + # END EGCS LOCAL + -linux*) + os=`echo $os | sed -e 's|linux|linux-gnu|'` + ;; + -sunos5*) + os=`echo $os | sed -e 's|sunos5|solaris2|'` + ;; + -sunos6*) + os=`echo $os | sed -e 's|sunos6|solaris3|'` + ;; + -osfrose*) + os=-osfrose + ;; + -osf*) + os=-osf + ;; + -utek*) + os=-bsd + ;; + -dynix*) + os=-bsd + ;; + -acis*) + os=-aos + ;; + -386bsd) # EGCS LOCAL + os=-bsd + ;; + -ctix* | -uts*) + os=-sysv + ;; + -ns2 ) + os=-nextstep2 + ;; + # Preserve the version number of sinix5. + -sinix5.*) + os=`echo $os | sed -e 's|sinix|sysv|'` + ;; + -sinix*) + os=-sysv4 + ;; + -triton*) + os=-sysv3 + ;; + -oss*) + os=-sysv3 + ;; + -svr4) + os=-sysv4 + ;; + -svr3) + os=-sysv3 + ;; + -sysvr4) + os=-sysv4 + ;; + # This must come after -sysvr4. + -sysv*) + ;; + -ose*) # EGCS LOCAL + os=-ose + ;; + -es1800*) # EGCS LOCAL + os=-ose + ;; + -xenix) + os=-xenix + ;; + -none) + ;; + *) + # Get rid of the `-' at the beginning of $os. + os=`echo $os | sed 's/[^-]*-//'` + echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 + exit 1 + ;; +esac +else + +# Here we handle the default operating systems that come with various machines. +# The value should be what the vendor currently ships out the door with their +# machine or put another way, the most popular os provided with the machine. + +# Note that if you're going to try to match "-MANUFACTURER" here (say, +# "-sun"), then you have to tell the case statement up towards the top +# that MANUFACTURER isn't an operating system. Otherwise, code above +# will signal an error saying that MANUFACTURER isn't an operating +# system, and we'll never get to this point. + +case $basic_machine in + *-acorn) + os=-riscix1.2 + ;; + arm*-corel) + os=-linux + ;; + arm*-semi) + os=-aout + ;; + pdp11-*) + os=-none + ;; + *-dec | vax-*) + os=-ultrix4.2 + ;; + m68*-apollo) + os=-domain + ;; + i386-sun) + os=-sunos4.0.2 + ;; + m68000-sun) + os=-sunos3 + # This also exists in the configure program, but was not the + # default. + # os=-sunos4 + ;; + m68*-cisco) # EGCS LOCAL + os=-aout + ;; + mips*-cisco) # EGCS LOCAL + os=-elf + ;; + mips*-*) # EGCS LOCAL + os=-elf + ;; + *-tti) # must be before sparc entry or we get the wrong os. + os=-sysv3 + ;; + sparc-* | *-sun) + os=-sunos4.1.1 + ;; + *-be) + os=-beos + ;; + *-ibm) + os=-aix + ;; + *-wec) # EGCS LOCAL + os=-proelf + ;; + *-winbond) # EGCS LOCAL + os=-proelf + ;; + *-oki) # EGCS LOCAL + os=-proelf + ;; + *-hp) + os=-hpux + ;; + *-hitachi) + os=-hiux + ;; + i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) + os=-sysv + ;; + *-cbm) + os=-amigaos + ;; + *-dg) + os=-dgux + ;; + *-dolphin) + os=-sysv3 + ;; + m68k-ccur) + os=-rtu + ;; + m88k-omron*) + os=-luna + ;; + *-next ) + os=-nextstep + ;; + *-sequent) + os=-ptx + ;; + *-crds) + os=-unos + ;; + *-ns) + os=-genix + ;; + i370-*) + os=-mvs + ;; + *-next) + os=-nextstep3 + ;; + *-gould) + os=-sysv + ;; + *-highlevel) + os=-bsd + ;; + *-encore) + os=-bsd + ;; + *-sgi) + os=-irix + ;; + *-siemens) + os=-sysv4 + ;; + *-masscomp) + os=-rtu + ;; + f301-fujitsu) + os=-uxpv + ;; + *-rom68k) # EGCS LOCAL + os=-coff + ;; + *-*bug) # EGCS LOCAL + os=-coff + ;; + *-apple) # EGCS LOCAL + os=-macos + ;; + *) + os=-none + ;; +esac +fi + +# Here we handle the case where we know the os, and the CPU type, but not the +# manufacturer. We pick the logical manufacturer. +vendor=unknown +case $basic_machine in + *-unknown) + case $os in + -riscix*) + vendor=acorn + ;; + -sunos*) + vendor=sun + ;; + -aix*) + vendor=ibm + ;; + -beos*) + vendor=be + ;; + -hpux*) + vendor=hp + ;; + -mpeix*) + vendor=hp + ;; + -hiux*) + vendor=hitachi + ;; + -unos*) + vendor=crds + ;; + -dgux*) + vendor=dg + ;; + -luna*) + vendor=omron + ;; + -genix*) + vendor=ns + ;; + -mvs*) + vendor=ibm + ;; + -ptx*) + vendor=sequent + ;; + -vxsim* | -vxworks*) + vendor=wrs + ;; + -aux*) + vendor=apple + ;; + -hms*) # EGCS LOCAL + vendor=hitachi + ;; + -mpw* | -macos*) # EGCS LOCAL + vendor=apple + ;; + esac + basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` + ;; +esac + +echo $basic_machine$os Index: usr.bin/ssh/configure =================================================================== RCS file: configure diff -N configure --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsvpJlv31367 Wed Dec 8 12:42:07 1999 @@ -0,0 +1,5293 @@ +#! /bin/sh + +# Guess values for system-dependent variables and create Makefiles. +# Generated automatically using autoconf version 2.13 +# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc. +# +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. + +# Defaults: +ac_help= +ac_default_prefix=/usr/local +# Any additions from configure.in: +ac_help="$ac_help + --enable-warnings Enable -Wall if using gcc." +ac_help="$ac_help + --with-gmp[=PATH] Where to find GMP library." +ac_help="$ac_help + --with-idea Use IDEA (not default). + --without-idea Don't use IDEA: avoids patent problems in commercial use" +ac_help="$ac_help + --with-rc4 Include RC4 support. + --without-rc4 Don't include RC4 support (default)" +ac_help="$ac_help + --with-blowfish Include Blowfish support (default). + --without-blowfish Don't include Blowfish support" +ac_help="$ac_help + --with-rsaref Use RSAREF (try to avoid patent problems in U.S.) + --without-rsaref Use normal RSA routines (default). " +ac_help="$ac_help + --with-ssl Use SSL (try to avoid patent problems in U.S.) + --without-ssl Use normal RSA routines (default). " +ac_help="$ac_help + --with-rsh=PATH Specify where to find rsh. + --without-rsh Do not use rsh under any conditions. " +ac_help="$ac_help + --with-path=PATH Default path passed to user shell by sshd." +ac_help="$ac_help + --with-etcdir=PATH Directory containing ssh system files (default /etc)." +ac_help="$ac_help + --with-securid[=PATH] Enable support for Security Dynamics SecurID card." +ac_help="$ac_help + --with-zlib Use zlib (default). + --without-zlib Don't use zlib." +ac_help="$ac_help + --with-krb4[=PATH] Compile in Kerberos v4 support." +ac_help="$ac_help + --with-afs Compile in AFS support (requires KTH krb4)." +ac_help="$ac_help + --with-libwrap[=PATH] Compile in libwrap (tcp_wrappers) support." +ac_help="$ac_help + --with-socks[=PATH] Compile with SOCKS firewall traversal support." + +# Initialize some variables set by options. +# The variables have the same names as the options, with +# dashes changed to underlines. +build=NONE +cache_file=./config.cache +exec_prefix=NONE +host=NONE +no_create= +nonopt=NONE +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +target=NONE +verbose= +x_includes=NONE +x_libraries=NONE +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datadir='${prefix}/share' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +libdir='${exec_prefix}/lib' +includedir='${prefix}/include' +oldincludedir='/usr/include' +infodir='${prefix}/info' +mandir='${prefix}/man' + +# Initialize some other variables. +subdirs= +MFLAGS= MAKEFLAGS= +SHELL=${CONFIG_SHELL-/bin/sh} +# Maximum number of lines to put in a shell here document. +ac_max_here_lines=12 + +ac_prev= +for ac_option +do + + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval "$ac_prev=\$ac_option" + ac_prev= + continue + fi + + case "$ac_option" in + -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;; + *) ac_optarg= ;; + esac + + # Accept the important Cygnus configure options, so we can diagnose typos. + + case "$ac_option" in + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir="$ac_optarg" ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build="$ac_optarg" ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file="$ac_optarg" ;; + + -datadir | --datadir | --datadi | --datad | --data | --dat | --da) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \ + | --da=*) + datadir="$ac_optarg" ;; + + -disable-* | --disable-*) + ac_feature=`echo $ac_option|sed -e 's/-*disable-//'` + # Reject names that are not valid shell variable names. + if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then + { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } + fi + ac_feature=`echo $ac_feature| sed 's/-/_/g'` + eval "enable_${ac_feature}=no" ;; + + -enable-* | --enable-*) + ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'` + # Reject names that are not valid shell variable names. + if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then + { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } + fi + ac_feature=`echo $ac_feature| sed 's/-/_/g'` + case "$ac_option" in + *=*) ;; + *) ac_optarg=yes ;; + esac + eval "enable_${ac_feature}='$ac_optarg'" ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix="$ac_optarg" ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he) + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat << EOF +Usage: configure [options] [host] +Options: [defaults in brackets after descriptions] +Configuration: + --cache-file=FILE cache test results in FILE + --help print this message + --no-create do not create output files + --quiet, --silent do not print \`checking...' messages + --version print the version of autoconf that created configure +Directory and file names: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [same as prefix] + --bindir=DIR user executables in DIR [EPREFIX/bin] + --sbindir=DIR system admin executables in DIR [EPREFIX/sbin] + --libexecdir=DIR program executables in DIR [EPREFIX/libexec] + --datadir=DIR read-only architecture-independent data in DIR + [PREFIX/share] + --sysconfdir=DIR read-only single-machine data in DIR [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data in DIR + [PREFIX/com] + --localstatedir=DIR modifiable single-machine data in DIR [PREFIX/var] + --libdir=DIR object code libraries in DIR [EPREFIX/lib] + --includedir=DIR C header files in DIR [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc in DIR [/usr/include] + --infodir=DIR info documentation in DIR [PREFIX/info] + --mandir=DIR man documentation in DIR [PREFIX/man] + --srcdir=DIR find the sources in DIR [configure dir or ..] + --program-prefix=PREFIX prepend PREFIX to installed program names + --program-suffix=SUFFIX append SUFFIX to installed program names + --program-transform-name=PROGRAM + run sed PROGRAM on installed program names +EOF + cat << EOF +Host type: + --build=BUILD configure for building on BUILD [BUILD=HOST] + --host=HOST configure for HOST [guessed] + --target=TARGET configure for TARGET [TARGET=HOST] +Features and packages: + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] + --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --x-includes=DIR X include files are in DIR + --x-libraries=DIR X library files are in DIR +EOF + if test -n "$ac_help"; then + echo "--enable and --with options recognized:$ac_help" + fi + exit 0 ;; + + -host | --host | --hos | --ho) + ac_prev=host ;; + -host=* | --host=* | --hos=* | --ho=*) + host="$ac_optarg" ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir="$ac_optarg" ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir="$ac_optarg" ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir="$ac_optarg" ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir="$ac_optarg" ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst \ + | --locals | --local | --loca | --loc | --lo) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* \ + | --locals=* | --local=* | --loca=* | --loc=* | --lo=*) + localstatedir="$ac_optarg" ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir="$ac_optarg" ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir="$ac_optarg" ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix="$ac_optarg" ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix="$ac_optarg" ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix="$ac_optarg" ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name="$ac_optarg" ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir="$ac_optarg" ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir="$ac_optarg" ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site="$ac_optarg" ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir="$ac_optarg" ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir="$ac_optarg" ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target="$ac_optarg" ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers) + echo "configure generated by autoconf version 2.13" + exit 0 ;; + + -with-* | --with-*) + ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'` + # Reject names that are not valid shell variable names. + if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then + { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } + fi + ac_package=`echo $ac_package| sed 's/-/_/g'` + case "$ac_option" in + *=*) ;; + *) ac_optarg=yes ;; + esac + eval "with_${ac_package}='$ac_optarg'" ;; + + -without-* | --without-*) + ac_package=`echo $ac_option|sed -e 's/-*without-//'` + # Reject names that are not valid shell variable names. + if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then + { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } + fi + ac_package=`echo $ac_package| sed 's/-/_/g'` + eval "with_${ac_package}=no" ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes="$ac_optarg" ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries="$ac_optarg" ;; + + -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; } + ;; + + *) + if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then + echo "configure: warning: $ac_option: invalid host type" 1>&2 + fi + if test "x$nonopt" != xNONE; then + { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; } + fi + nonopt="$ac_option" + ;; + + esac +done + +if test -n "$ac_prev"; then + { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; } +fi + +trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 + +# File descriptor usage: +# 0 standard input +# 1 file creation +# 2 errors and warnings +# 3 some systems may open it to /dev/tty +# 4 used on the Kubota Titan +# 6 checking for... messages and results +# 5 compiler messages saved in config.log +if test "$silent" = yes; then + exec 6>/dev/null +else + exec 6>&1 +fi +exec 5>./config.log + +echo "\ +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. +" 1>&5 + +# Strip out --no-create and --no-recursion so they do not pile up. +# Also quote any args containing shell metacharacters. +ac_configure_args= +for ac_arg +do + case "$ac_arg" in + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c) ;; + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;; + *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*) + ac_configure_args="$ac_configure_args '$ac_arg'" ;; + *) ac_configure_args="$ac_configure_args $ac_arg" ;; + esac +done + +# NLS nuisances. +# Only set these to C if already set. These must not be set unconditionally +# because not all systems understand e.g. LANG=C (notably SCO). +# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'! +# Non-C LC_CTYPE values break the ctype check. +if test "${LANG+set}" = set; then LANG=C; export LANG; fi +if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi +if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi +if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -rf conftest* confdefs.h +# AIX cpp loses on an empty file, so make sure it contains at least a newline. +echo > confdefs.h + +# A filename unique to this package, relative to the directory that +# configure is in, which we can look for to find out if srcdir is correct. +ac_unique_file=sshd.c + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then its parent. + ac_prog=$0 + ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'` + test "x$ac_confdir" = "x$ac_prog" && ac_confdir=. + srcdir=$ac_confdir + if test ! -r $srcdir/$ac_unique_file; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r $srcdir/$ac_unique_file; then + if test "$ac_srcdir_defaulted" = yes; then + { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; } + else + { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; } + fi +fi +srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'` + +# Prefer explicitly selected file to automatically selected ones. +if test -z "$CONFIG_SITE"; then + if test "x$prefix" != xNONE; then + CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site" + else + CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" + fi +fi +for ac_site_file in $CONFIG_SITE; do + if test -r "$ac_site_file"; then + echo "loading site script $ac_site_file" + . "$ac_site_file" + fi +done + +if test -r "$cache_file"; then + echo "loading cache $cache_file" + . $cache_file +else + echo "creating cache $cache_file" + > $cache_file +fi + +ac_ext=c +# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. +ac_cpp='$CPP $CPPFLAGS' +ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' +ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' +cross_compiling=$ac_cv_prog_cc_cross + +ac_exeext= +ac_objext=o +if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then + # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu. + if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then + ac_n= ac_c=' +' ac_t=' ' + else + ac_n=-n ac_c= ac_t= + fi +else + ac_n= ac_c='\c' ac_t= +fi + + + + + +ac_aux_dir= +for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do + if test -f $ac_dir/install-sh; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f $ac_dir/install.sh; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + fi +done +if test -z "$ac_aux_dir"; then + { echo "configure: error: can not find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." 1>&2; exit 1; } +fi +ac_config_guess=$ac_aux_dir/config.guess +ac_config_sub=$ac_aux_dir/config.sub +ac_configure=$ac_aux_dir/configure # This should be Cygnus configure. + + +# Make sure we can run config.sub. +if ${CONFIG_SHELL-/bin/sh} $ac_config_sub sun4 >/dev/null 2>&1; then : +else { echo "configure: error: can not run $ac_config_sub" 1>&2; exit 1; } +fi + +echo $ac_n "checking host system type""... $ac_c" 1>&6 +echo "configure:593: checking host system type" >&5 + +host_alias=$host +case "$host_alias" in +NONE) + case $nonopt in + NONE) + if host_alias=`${CONFIG_SHELL-/bin/sh} $ac_config_guess`; then : + else { echo "configure: error: can not guess host type; you must specify one" 1>&2; exit 1; } + fi ;; + *) host_alias=$nonopt ;; + esac ;; +esac + +host=`${CONFIG_SHELL-/bin/sh} $ac_config_sub $host_alias` +host_cpu=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` +host_vendor=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` +host_os=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` +echo "$ac_t""$host" 1>&6 + + +# Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:617: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_prog_CC="gcc" + break + fi + done + IFS="$ac_save_ifs" +fi +fi +CC="$ac_cv_prog_CC" +if test -n "$CC"; then + echo "$ac_t""$CC" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:647: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_prog_rejected=no + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + break + fi + done + IFS="$ac_save_ifs" +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# -gt 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + set dummy "$ac_dir/$ac_word" "$@" + shift + ac_cv_prog_CC="$@" + fi +fi +fi +fi +CC="$ac_cv_prog_CC" +if test -n "$CC"; then + echo "$ac_t""$CC" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + + if test -z "$CC"; then + case "`uname -s`" in + *win32* | *WIN32*) + # Extract the first word of "cl", so it can be a program name with args. +set dummy cl; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:698: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_prog_CC="cl" + break + fi + done + IFS="$ac_save_ifs" +fi +fi +CC="$ac_cv_prog_CC" +if test -n "$CC"; then + echo "$ac_t""$CC" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + ;; + esac + fi + test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; } +fi + +echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 +echo "configure:730: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 + +ac_ext=c +# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. +ac_cpp='$CPP $CPPFLAGS' +ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' +ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' +cross_compiling=$ac_cv_prog_cc_cross + +cat > conftest.$ac_ext << EOF + +#line 741 "configure" +#include "confdefs.h" + +main(){return(0);} +EOF +if { (eval echo configure:746: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + ac_cv_prog_cc_works=yes + # If we can't run a trivial program, we are probably using a cross compiler. + if (./conftest; exit) 2>/dev/null; then + ac_cv_prog_cc_cross=no + else + ac_cv_prog_cc_cross=yes + fi +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + ac_cv_prog_cc_works=no +fi +rm -fr conftest* +ac_ext=c +# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. +ac_cpp='$CPP $CPPFLAGS' +ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' +ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' +cross_compiling=$ac_cv_prog_cc_cross + +echo "$ac_t""$ac_cv_prog_cc_works" 1>&6 +if test $ac_cv_prog_cc_works = no; then + { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } +fi +echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 +echo "configure:772: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 +echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 +cross_compiling=$ac_cv_prog_cc_cross + +echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 +echo "configure:777: checking whether we are using GNU C" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.c <&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then + ac_cv_prog_gcc=yes +else + ac_cv_prog_gcc=no +fi +fi + +echo "$ac_t""$ac_cv_prog_gcc" 1>&6 + +if test $ac_cv_prog_gcc = yes; then + GCC=yes +else + GCC= +fi + +ac_test_CFLAGS="${CFLAGS+set}" +ac_save_CFLAGS="$CFLAGS" +CFLAGS= +echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 +echo "configure:805: checking whether ${CC-cc} accepts -g" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + echo 'void f(){}' > conftest.c +if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then + ac_cv_prog_cc_g=yes +else + ac_cv_prog_cc_g=no +fi +rm -f conftest* + +fi + +echo "$ac_t""$ac_cv_prog_cc_g" 1>&6 +if test "$ac_test_CFLAGS" = set; then + CFLAGS="$ac_save_CFLAGS" +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi +else + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi +fi + +echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 +echo "configure:837: checking how to run the C preprocessor" >&5 +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then +if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + # This must be in double quotes, not single quotes, because CPP may get + # substituted into the Makefile and "${CC-cc}" will confuse make. + CPP="${CC-cc} -E" + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. + cat > conftest.$ac_ext < +Syntax Error +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:858: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + : +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + CPP="${CC-cc} -E -traditional-cpp" + cat > conftest.$ac_ext < +Syntax Error +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:875: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + : +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + CPP="${CC-cc} -nologo -E" + cat > conftest.$ac_ext < +Syntax Error +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:892: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + : +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + CPP=/lib/cpp +fi +rm -f conftest* +fi +rm -f conftest* +fi +rm -f conftest* + ac_cv_prog_CPP="$CPP" +fi + CPP="$ac_cv_prog_CPP" +else + ac_cv_prog_CPP="$CPP" +fi +echo "$ac_t""$CPP" 1>&6 + + +case "$host" in + *-*-sunos4.1.1*) + os_sunos=yes + # Tim Adam says speed_t is defined in stdtypes.h + cat >> confdefs.h <<\EOF +#define SPEED_T_IN_STDTYPES_H 1 +EOF + + ;; + *-*-sunos*) + os_sunos=yes + ;; + *-sgi-irix5*) + # Irix stuff from snabb@niksula.hut.fi and tsurmacz@asic.ict.pwr.wroc.pl. + no_libsocket=yes + no_libsun=yes + ;; + *-sgi-irix6*) + # from d-champion@uchicago.edu + no_libsocket=yes + no_libsun=yes + if test "`uname -s`" = "IRIX64"; then + CFLAGS="-32 $CFLAGS" + LDFLAGS="-32 $LDFLAGS" + fi + ;; + *-ibm-aix3.2|*-ibm-aix3.2.0|*-ibm-aix3.2.1|*-ibm-aix3.2.2|*-ibm-aix3.2.3|*-ibm-aix3.2.4) + os_aix=yes + echo $ac_n "checking for getuserattr in -ls""... $ac_c" 1>&6 +echo "configure:946: checking for getuserattr in -ls" >&5 +ac_lib_var=`echo s'_'getuserattr | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-ls $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo s | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + + ;; + *-ibm-aix*) + os_aix=yes + echo $ac_n "checking for getuserattr in -ls""... $ac_c" 1>&6 +echo "configure:996: checking for getuserattr in -ls" >&5 +ac_lib_var=`echo s'_'getuserattr | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-ls $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo s | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + + ;; + mips-dec-mach3*) + # Mach3 stuff from kivinen@hut.fi + no_vhangup=yes + ;; + *-dec-ultrix*) + # Ultrix stuff from dmckilli@qc.bell.ca, jbotz@orixa.mtholyoke.edu. + cat >> confdefs.h <<\EOF +#define O_NONBLOCK_BROKEN 1 +EOF + + no_vhangup=yes + cat > conftest.$ac_ext < +int main() { +int foo = LOG_DAEMON; +; return 0; } +EOF +if { (eval echo configure:1062: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + : +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define NEED_SYS_SYSLOG_H 1 +EOF + +fi +rm -f conftest* + ;; + *-*-hpux*) + # HPUX flags from jgotts@engin.umich.edu + if test -z "$GCC"; then + CFLAGS="$CFLAGS -Aa -D_HPUX_SOURCE" + fi + cat >> confdefs.h <<\EOF +#define HPSUX_NONSTANDARD_X11_KLUDGE 1 +EOF + + ;; + alpha-dec-osf*) + cat >> confdefs.h <<\EOF +#define TTY_GROUP "terminal" +EOF + + echo $ac_n "checking for set_auth_parameters in -lsecurity""... $ac_c" 1>&6 +echo "configure:1091: checking for set_auth_parameters in -lsecurity" >&5 +ac_lib_var=`echo security'_'set_auth_parameters | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lsecurity $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo security | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + + echo $ac_n "checking for OSF/1 C2 security package""... $ac_c" 1>&6 +echo "configure:1138: checking for OSF/1 C2 security package" >&5 + osfc2sec=`/usr/sbin/setld -i | grep '^OSFC2SEC'` + if test -n "$osfc2sec"; then + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define HAVE_OSF1_C2_SECURITY 1 +EOF + + echo $ac_n "checking for set_auth_parameters in -lsecurity""... $ac_c" 1>&6 +echo "configure:1147: checking for set_auth_parameters in -lsecurity" >&5 +ac_lib_var=`echo security'_'set_auth_parameters | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lsecurity $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + LIBS="$LIBS -lsecurity" +else + echo "$ac_t""no" 1>&6 +{ echo "configure: error: "Could not find libsecurity even though C2 security installed."" 1>&2; exit 1; } +fi + + CONFOBJS="$CONFOBJS osfc2.o" + else + echo "$ac_t""no" 1>&6 + fi + ;; + *-*-nextstep*) + # Nextstep support from a person who wants to remain anonymous + no_termios=yes + cat >> confdefs.h <<\EOF +#define SPEED_T_IN_STDTYPES_H 1 +EOF + + ;; + *-*-linux*) + # Linux shadow password support (Andrew.Macpherson.1248566@bnr.co.uk) + if test -f /etc/shadow && test -f /etc/login.defs; then + echo "$ac_t""Using linux John Haugh shadow passwords and pw_encrypt for password encryption" 1>&6 + cat >> confdefs.h <<\EOF +#define crypt pw_encrypt +EOF + + LIBS="$LIBS -lshadow" + fi + ;; + i*86-*-bsdi*) + no_pipe=yes + ;; + i*86-unknown-bsd*) + # Assume 386BSD. pgut01@cs.auckland.ac.nz reported this makes it compile. + cat >> confdefs.h <<\EOF +#define __FreeBSD__ 1 +EOF + + ;; + m68k-sony-newsos*) + # From snabb@niksula.hut.fi + no_vhangup=yes + ;; + m88k-dg-dgux*) + cat >> confdefs.h <<\EOF +#define BROKEN_INET_ADDR 1 +EOF + + ;; + *-cray-unicos*) + CFLAGS="$CFLAGS -DCRAY_STACKSEG_END=_getb67" + ;; + *-*-sysv4*) + echo $ac_n "checking for openlog in -lgen""... $ac_c" 1>&6 +echo "configure:1236: checking for openlog in -lgen" >&5 +ac_lib_var=`echo gen'_'openlog | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lgen $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo gen | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + + ;; + *-*-machten*) + cat >> confdefs.h <<\EOF +#define USE_STRLEN_FOR_AF_UNIX 1 +EOF + + ;; + i*86-unknown-sco*) + # From moi@dio.com + cat >> confdefs.h <<\EOF +#define HAVE_SCO_ETC_SHADOW 1 +EOF + + cat >> confdefs.h <<\EOF +#define SCO 1 +EOF + + no_ranlib=yes + LIBS="-L/usr/lib/libp -lprot -lx $LIBS" + ;; + *-convex-bsd*) + # From mark.martinec@nsc.ijs.si + # On Convex, getpwnam sets pw_passwd if running as root + no_shadows_password_checking=yes + ;; + *-*-freebsd*) + # From Ollivier Robert: FreeBSD and NetBSD use master.passwd, but set + # pw_passwd automatically when running as root. + no_shadow_password_checking=yes + ;; + *-*-netbsd*) + # From Ollivier Robert: FreeBSD and NetBSD use master.passwd, but set + # pw_passwd automatically when running as root. + no_shadow_password_checking=yes + ;; + *-*-openbsd*) + no_shadow_password_checking=yes + ;; + *) + ;; +esac + +# Socket pairs appear to be broken on several systems. I don't know exactly +# where, so I'll use pipes everywhere for now. +cat >> confdefs.h <<\EOF +#define USE_PIPES 1 +EOF + + +echo $ac_n "checking that the compiler works""... $ac_c" 1>&6 +echo "configure:1332: checking that the compiler works" >&5 +if test "$cross_compiling" = yes; then + { echo "configure: error: Could not compile and run even a trivial ANSI C program - check CC." 1>&2; exit 1; } +else + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +then + echo "$ac_t""yes" 1>&6 +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -fr conftest* + echo "$ac_t""no" 1>&6 + { echo "configure: error: Could not compile and run even a trivial ANSI C program - check CC." 1>&2; exit 1; } +fi +rm -fr conftest* +fi + + +if test -z "$no_pipe"; then +if test -n "$GCC"; then + echo $ac_n "checking if the compiler understands -pipe""... $ac_c" 1>&6 +echo "configure:1358: checking if the compiler understands -pipe" >&5 + OLDCC="$CC" + CC="$CC -pipe" + cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + echo "$ac_t""yes" 1>&6 +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + CC="$OLDCC" + echo "$ac_t""no" 1>&6 +fi +rm -f conftest* +fi +fi + +# Check whether --enable-warnings or --disable-warnings was given. +if test "${enable_warnings+set}" = set; then + enableval="$enable_warnings" + if test -n "$GCC"; then + echo "$ac_t""Adding -Wall to CFLAGS." 1>&6 + CFLAGS="$CFLAGS -Wall" + fi +fi + + +if test -z "$no_vhangup"; then + for ac_func in vhangup +do +echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +echo "configure:1397: checking for $ac_func" >&5 +if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char $ac_func(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_$ac_func) || defined (__stub___$ac_func) +choke me +#else +$ac_func(); +#endif + +; return 0; } +EOF +if { (eval echo configure:1425: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_func_$ac_func=no" +fi +rm -f conftest* +fi + +if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` + cat >> confdefs.h <&6 +fi +done + +fi + +if test -z "$no_setsid"; then + for ac_func in setsid +do +echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +echo "configure:1455: checking for $ac_func" >&5 +if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char $ac_func(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_$ac_func) || defined (__stub___$ac_func) +choke me +#else +$ac_func(); +#endif + +; return 0; } +EOF +if { (eval echo configure:1483: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_func_$ac_func=no" +fi +rm -f conftest* +fi + +if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` + cat >> confdefs.h <&6 +fi +done + +fi + +echo $ac_n "checking where to find mandatory GMP library""... $ac_c" 1>&6 +echo "configure:1510: checking where to find mandatory GMP library" >&5 +# Check whether --with-gmp or --without-gmp was given. +if test "${with_gmp+set}" = set; then + withval="$with_gmp" + case "$withval" in + no) + echo "GMP is mandatory! Aborting!" + exit 1 + ;; + *) + ;; + esac +else + with_gmp=yes + +fi + +# gmp continued +echo argument="$with_gmp" +case "$with_gmp" in +yes) + for ac_hdr in gmp.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +echo "configure:1535: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:1545: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + + if test "$ac_cv_header_gmp_h" != yes; then + echo "Can't find include file gmp.h! Aborting!" + echo "You must first build and install GMP, please read the file INSTALL" + exit 1 + fi + echo $ac_n "checking for main in -lgmp""... $ac_c" 1>&6 +echo "configure:1577: checking for main in -lgmp" >&5 +ac_lib_var=`echo gmp'_'main | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lgmp $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo gmp | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + + if test "$ac_cv_lib_gmp_main" != yes; then + echo "Can't find library gmp (libgmp.a)! Aborting" + echo "You must first build and install GMP, please read the file INSTALL" + exit 1 + fi + GMPINCS="" + GMPLIBS="-lgmp" + ;; +*) + GMPINCS="-I$with_gmp/include" + GMPLIBS="-L$with_gmp/lib -lgmp" + ;; +esac + +for ac_func in _getpty clock fchmod getdtablesize gethostname getrusage +do +echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +echo "configure:1636: checking for $ac_func" >&5 +if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char $ac_func(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_$ac_func) || defined (__stub___$ac_func) +choke me +#else +$ac_func(); +#endif + +; return 0; } +EOF +if { (eval echo configure:1664: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_func_$ac_func=no" +fi +rm -f conftest* +fi + +if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` + cat >> confdefs.h <&6 +fi +done + +for ac_func in gettimeofday initgroups innetgr memcpy openpty popen seteuid +do +echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +echo "configure:1691: checking for $ac_func" >&5 +if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char $ac_func(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_$ac_func) || defined (__stub___$ac_func) +choke me +#else +$ac_func(); +#endif + +; return 0; } +EOF +if { (eval echo configure:1719: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_func_$ac_func=no" +fi +rm -f conftest* +fi + +if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` + cat >> confdefs.h <&6 +fi +done + +for ac_func in setlogin setluid setrlimit strchr times ulimit umask vsnprintf +do +echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +echo "configure:1746: checking for $ac_func" >&5 +if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char $ac_func(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_$ac_func) || defined (__stub___$ac_func) +choke me +#else +$ac_func(); +#endif + +; return 0; } +EOF +if { (eval echo configure:1774: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_func_$ac_func=no" +fi +rm -f conftest* +fi + +if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` + cat >> confdefs.h <&6 +fi +done + + +echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 +echo "configure:1800: checking return type of signal handlers" >&5 +if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#include +#ifdef signal +#undef signal +#endif +#ifdef __cplusplus +extern "C" void (*signal (int, void (*)(int)))(int); +#else +void (*signal ()) (); +#endif + +int main() { +int i; +; return 0; } +EOF +if { (eval echo configure:1822: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + ac_cv_type_signal=void +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + ac_cv_type_signal=int +fi +rm -f conftest* +fi + +echo "$ac_t""$ac_cv_type_signal" 1>&6 +cat >> confdefs.h <&6 +echo "configure:1841: checking for ANSI C header files" >&5 +if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#include +#include +#include +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:1854: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + ac_cv_header_stdc=yes +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + ac_cv_header_stdc=no +fi +rm -f conftest* + +if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "memchr" >/dev/null 2>&1; then + : +else + rm -rf conftest* + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "free" >/dev/null 2>&1; then + : +else + rm -rf conftest* + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. +if test "$cross_compiling" = yes; then + : +else + cat > conftest.$ac_ext < +#define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +#define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) +#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) +int main () { int i; for (i = 0; i < 256; i++) +if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); +exit (0); } + +EOF +if { (eval echo configure:1921: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +then + : +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -fr conftest* + ac_cv_header_stdc=no +fi +rm -fr conftest* +fi + +fi +fi + +echo "$ac_t""$ac_cv_header_stdc" 1>&6 +if test $ac_cv_header_stdc = yes; then + cat >> confdefs.h <<\EOF +#define STDC_HEADERS 1 +EOF + +fi + +echo $ac_n "checking for size_t""... $ac_c" 1>&6 +echo "configure:1945: checking for size_t" >&5 +if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#if STDC_HEADERS +#include +#include +#endif +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "(^|[^a-zA-Z_0-9])size_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then + rm -rf conftest* + ac_cv_type_size_t=yes +else + rm -rf conftest* + ac_cv_type_size_t=no +fi +rm -f conftest* + +fi +echo "$ac_t""$ac_cv_type_size_t" 1>&6 +if test $ac_cv_type_size_t = no; then + cat >> confdefs.h <<\EOF +#define size_t unsigned +EOF + +fi + +echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6 +echo "configure:1978: checking for uid_t in sys/types.h" >&5 +if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "uid_t" >/dev/null 2>&1; then + rm -rf conftest* + ac_cv_type_uid_t=yes +else + rm -rf conftest* + ac_cv_type_uid_t=no +fi +rm -f conftest* + +fi + +echo "$ac_t""$ac_cv_type_uid_t" 1>&6 +if test $ac_cv_type_uid_t = no; then + cat >> confdefs.h <<\EOF +#define uid_t int +EOF + + cat >> confdefs.h <<\EOF +#define gid_t int +EOF + +fi + +echo $ac_n "checking for off_t""... $ac_c" 1>&6 +echo "configure:2012: checking for off_t" >&5 +if eval "test \"`echo '$''{'ac_cv_type_off_t'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#if STDC_HEADERS +#include +#include +#endif +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "(^|[^a-zA-Z_0-9])off_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then + rm -rf conftest* + ac_cv_type_off_t=yes +else + rm -rf conftest* + ac_cv_type_off_t=no +fi +rm -f conftest* + +fi +echo "$ac_t""$ac_cv_type_off_t" 1>&6 +if test $ac_cv_type_off_t = no; then + cat >> confdefs.h <<\EOF +#define off_t long +EOF + +fi + +echo $ac_n "checking for mode_t""... $ac_c" 1>&6 +echo "configure:2045: checking for mode_t" >&5 +if eval "test \"`echo '$''{'ac_cv_type_mode_t'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#if STDC_HEADERS +#include +#include +#endif +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "(^|[^a-zA-Z_0-9])mode_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then + rm -rf conftest* + ac_cv_type_mode_t=yes +else + rm -rf conftest* + ac_cv_type_mode_t=no +fi +rm -f conftest* + +fi +echo "$ac_t""$ac_cv_type_mode_t" 1>&6 +if test $ac_cv_type_mode_t = no; then + cat >> confdefs.h <<\EOF +#define mode_t int +EOF + +fi + +echo $ac_n "checking for st_blksize in struct stat""... $ac_c" 1>&6 +echo "configure:2078: checking for st_blksize in struct stat" >&5 +if eval "test \"`echo '$''{'ac_cv_struct_st_blksize'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#include +int main() { +struct stat s; s.st_blksize; +; return 0; } +EOF +if { (eval echo configure:2091: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + ac_cv_struct_st_blksize=yes +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + ac_cv_struct_st_blksize=no +fi +rm -f conftest* +fi + +echo "$ac_t""$ac_cv_struct_st_blksize" 1>&6 +if test $ac_cv_struct_st_blksize = yes; then + cat >> confdefs.h <<\EOF +#define HAVE_ST_BLKSIZE 1 +EOF + +fi + + +echo $ac_n "checking for working const""... $ac_c" 1>&6 +echo "configure:2113: checking for working const" >&5 +if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext <j = 5; +} +{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ + const int foo = 10; +} + +; return 0; } +EOF +if { (eval echo configure:2167: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + ac_cv_c_const=yes +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + ac_cv_c_const=no +fi +rm -f conftest* +fi + +echo "$ac_t""$ac_cv_c_const" 1>&6 +if test $ac_cv_c_const = no; then + cat >> confdefs.h <<\EOF +#define const +EOF + +fi + +echo $ac_n "checking for inline""... $ac_c" 1>&6 +echo "configure:2188: checking for inline" >&5 +if eval "test \"`echo '$''{'ac_cv_c_inline'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_cv_c_inline=no +for ac_kw in inline __inline__ __inline; do + cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + ac_cv_c_inline=$ac_kw; break +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 +fi +rm -f conftest* +done + +fi + +echo "$ac_t""$ac_cv_c_inline" 1>&6 +case "$ac_cv_c_inline" in + inline | yes) ;; + no) cat >> confdefs.h <<\EOF +#define inline +EOF + ;; + *) cat >> confdefs.h <&6 +echo "configure:2228: checking whether byte ordering is bigendian" >&5 +if eval "test \"`echo '$''{'ac_cv_c_bigendian'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_cv_c_bigendian=unknown +# See if sys/param.h defines the BYTE_ORDER macro. +cat > conftest.$ac_ext < +#include +int main() { + +#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN + bogus endian macros +#endif +; return 0; } +EOF +if { (eval echo configure:2246: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + # It does; now see whether it defined to BIG_ENDIAN or not. +cat > conftest.$ac_ext < +#include +int main() { + +#if BYTE_ORDER != BIG_ENDIAN + not big endian +#endif +; return 0; } +EOF +if { (eval echo configure:2261: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + ac_cv_c_bigendian=yes +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + ac_cv_c_bigendian=no +fi +rm -f conftest* +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 +fi +rm -f conftest* +if test $ac_cv_c_bigendian = unknown; then +if test "$cross_compiling" = yes; then + { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } +else + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +then + ac_cv_c_bigendian=no +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -fr conftest* + ac_cv_c_bigendian=yes +fi +rm -fr conftest* +fi + +fi +fi + +echo "$ac_t""$ac_cv_c_bigendian" 1>&6 +if test $ac_cv_c_bigendian = yes; then + cat >> confdefs.h <<\EOF +#define WORDS_BIGENDIAN 1 +EOF + +fi + +echo $ac_n "checking size of long""... $ac_c" 1>&6 +echo "configure:2318: checking size of long" >&5 +if eval "test \"`echo '$''{'ac_cv_sizeof_long'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test "$cross_compiling" = yes; then + { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } +else + cat > conftest.$ac_ext < +main() +{ + FILE *f=fopen("conftestval", "w"); + if (!f) exit(1); + fprintf(f, "%d\n", sizeof(long)); + exit(0); +} +EOF +if { (eval echo configure:2337: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +then + ac_cv_sizeof_long=`cat conftestval` +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -fr conftest* + ac_cv_sizeof_long=0 +fi +rm -fr conftest* +fi + +fi +echo "$ac_t""$ac_cv_sizeof_long" 1>&6 +cat >> confdefs.h <&6 +echo "configure:2357: checking size of int" >&5 +if eval "test \"`echo '$''{'ac_cv_sizeof_int'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test "$cross_compiling" = yes; then + { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } +else + cat > conftest.$ac_ext < +main() +{ + FILE *f=fopen("conftestval", "w"); + if (!f) exit(1); + fprintf(f, "%d\n", sizeof(int)); + exit(0); +} +EOF +if { (eval echo configure:2376: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +then + ac_cv_sizeof_int=`cat conftestval` +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -fr conftest* + ac_cv_sizeof_int=0 +fi +rm -fr conftest* +fi + +fi +echo "$ac_t""$ac_cv_sizeof_int" 1>&6 +cat >> confdefs.h <&6 +echo "configure:2396: checking size of short" >&5 +if eval "test \"`echo '$''{'ac_cv_sizeof_short'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test "$cross_compiling" = yes; then + { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } +else + cat > conftest.$ac_ext < +main() +{ + FILE *f=fopen("conftestval", "w"); + if (!f) exit(1); + fprintf(f, "%d\n", sizeof(short)); + exit(0); +} +EOF +if { (eval echo configure:2415: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +then + ac_cv_sizeof_short=`cat conftestval` +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -fr conftest* + ac_cv_sizeof_short=0 +fi +rm -fr conftest* +fi + +fi +echo "$ac_t""$ac_cv_sizeof_short" 1>&6 +cat >> confdefs.h <&6 +echo "configure:2440: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:2450: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + +fi + +echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 +echo "configure:2479: checking for ANSI C header files" >&5 +if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#include +#include +#include +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:2492: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + ac_cv_header_stdc=yes +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + ac_cv_header_stdc=no +fi +rm -f conftest* + +if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "memchr" >/dev/null 2>&1; then + : +else + rm -rf conftest* + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "free" >/dev/null 2>&1; then + : +else + rm -rf conftest* + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. +if test "$cross_compiling" = yes; then + : +else + cat > conftest.$ac_ext < +#define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +#define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) +#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) +int main () { int i; for (i = 0; i < 256; i++) +if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); +exit (0); } + +EOF +if { (eval echo configure:2559: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +then + : +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -fr conftest* + ac_cv_header_stdc=no +fi +rm -fr conftest* +fi + +fi +fi + +echo "$ac_t""$ac_cv_header_stdc" 1>&6 +if test $ac_cv_header_stdc = yes; then + cat >> confdefs.h <<\EOF +#define STDC_HEADERS 1 +EOF + +fi + +echo $ac_n "checking for sys/wait.h that is POSIX.1 compatible""... $ac_c" 1>&6 +echo "configure:2583: checking for sys/wait.h that is POSIX.1 compatible" >&5 +if eval "test \"`echo '$''{'ac_cv_header_sys_wait_h'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#include +#ifndef WEXITSTATUS +#define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8) +#endif +#ifndef WIFEXITED +#define WIFEXITED(stat_val) (((stat_val) & 255) == 0) +#endif +int main() { +int s; +wait (&s); +s = WIFEXITED (s) ? WEXITSTATUS (s) : 1; +; return 0; } +EOF +if { (eval echo configure:2604: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + ac_cv_header_sys_wait_h=yes +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + ac_cv_header_sys_wait_h=no +fi +rm -f conftest* +fi + +echo "$ac_t""$ac_cv_header_sys_wait_h" 1>&6 +if test $ac_cv_header_sys_wait_h = yes; then + cat >> confdefs.h <<\EOF +#define HAVE_SYS_WAIT_H 1 +EOF + +fi + +for ac_hdr in unistd.h rusage.h sys/time.h lastlog.h utmp.h utmpx.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +echo "configure:2628: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:2638: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + +for ac_hdr in sgtty.h sys/select.h sys/ioctl.h sys/filio.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +echo "configure:2668: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:2678: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + +for ac_hdr in paths.h usersec.h utime.h netinet/in_systm.h ulimit.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +echo "configure:2708: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:2718: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + +echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6 +echo "configure:2745: checking whether time.h and sys/time.h may both be included" >&5 +if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#include +#include +int main() { +struct tm *tp; +; return 0; } +EOF +if { (eval echo configure:2759: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + ac_cv_header_time=yes +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + ac_cv_header_time=no +fi +rm -f conftest* +fi + +echo "$ac_t""$ac_cv_header_time" 1>&6 +if test $ac_cv_header_time = yes; then + cat >> confdefs.h <<\EOF +#define TIME_WITH_SYS_TIME 1 +EOF + +fi + +ac_header_dirent=no +for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr that defines DIR""... $ac_c" 1>&6 +echo "configure:2784: checking for $ac_hdr that defines DIR" >&5 +if eval "test \"`echo '$''{'ac_cv_header_dirent_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#include <$ac_hdr> +int main() { +DIR *dirp = 0; +; return 0; } +EOF +if { (eval echo configure:2797: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + eval "ac_cv_header_dirent_$ac_safe=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_dirent_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_dirent_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done +# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix. +if test $ac_header_dirent = dirent.h; then +echo $ac_n "checking for opendir in -ldir""... $ac_c" 1>&6 +echo "configure:2822: checking for opendir in -ldir" >&5 +ac_lib_var=`echo dir'_'opendir | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-ldir $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + LIBS="$LIBS -ldir" +else + echo "$ac_t""no" 1>&6 +fi + +else +echo $ac_n "checking for opendir in -lx""... $ac_c" 1>&6 +echo "configure:2863: checking for opendir in -lx" >&5 +ac_lib_var=`echo x'_'opendir | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lx $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + LIBS="$LIBS -lx" +else + echo "$ac_t""no" 1>&6 +fi + +fi + +echo $ac_n "checking whether stat file-mode macros are broken""... $ac_c" 1>&6 +echo "configure:2905: checking whether stat file-mode macros are broken" >&5 +if eval "test \"`echo '$''{'ac_cv_header_stat_broken'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +#include + +#if defined(S_ISBLK) && defined(S_IFDIR) +# if S_ISBLK (S_IFDIR) +You lose. +# endif +#endif + +#if defined(S_ISBLK) && defined(S_IFCHR) +# if S_ISBLK (S_IFCHR) +You lose. +# endif +#endif + +#if defined(S_ISLNK) && defined(S_IFREG) +# if S_ISLNK (S_IFREG) +You lose. +# endif +#endif + +#if defined(S_ISSOCK) && defined(S_IFREG) +# if S_ISSOCK (S_IFREG) +You lose. +# endif +#endif + +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "You lose" >/dev/null 2>&1; then + rm -rf conftest* + ac_cv_header_stat_broken=yes +else + rm -rf conftest* + ac_cv_header_stat_broken=no +fi +rm -f conftest* + +fi + +echo "$ac_t""$ac_cv_header_stat_broken" 1>&6 +if test $ac_cv_header_stat_broken = yes; then + cat >> confdefs.h <<\EOF +#define STAT_MACROS_BROKEN 1 +EOF + +fi + +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "ut_pid" >/dev/null 2>&1; then + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define HAVE_PID_IN_UTMP 1 +EOF + +fi +rm -f conftest* + +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "ut_name" >/dev/null 2>&1; then + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define HAVE_NAME_IN_UTMP 1 +EOF + +fi +rm -f conftest* + +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "ut_id" >/dev/null 2>&1; then + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define HAVE_ID_IN_UTMP 1 +EOF + +fi +rm -f conftest* + +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "ut_host" >/dev/null 2>&1; then + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define HAVE_HOST_IN_UTMP 1 +EOF + +fi +rm -f conftest* + +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "ut_addr" >/dev/null 2>&1; then + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define HAVE_ADDR_IN_UTMP 1 +EOF + +fi +rm -f conftest* + + +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "ut_session" >/dev/null 2>&1; then + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define HAVE_UT_SESSION 1 +EOF + +fi +rm -f conftest* + +cat > conftest.$ac_ext < +EOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + egrep "ut_syslen" >/dev/null 2>&1; then + rm -rf conftest* + cat >> confdefs.h <<\EOF +#define HAVE_UT_SYSLEN 1 +EOF + +fi +rm -f conftest* + + +echo $ac_n "checking for crypt in -lc""... $ac_c" 1>&6 +echo "configure:3068: checking for crypt in -lc" >&5 +ac_lib_var=`echo c'_'crypt | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lc $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + true +else + echo "$ac_t""no" 1>&6 +echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6 +echo "configure:3106: checking for crypt in -lcrypt" >&5 +ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lcrypt $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo crypt | sed -e 's/^a-zA-Z0-9_/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + +fi + +echo $ac_n "checking for main in -lnsl""... $ac_c" 1>&6 +echo "configure:3155: checking for main in -lnsl" >&5 +ac_lib_var=`echo nsl'_'main | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lnsl $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo nsl | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + +if test -z "$no_libsocket"; then + echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6 +echo "configure:3199: checking for socket in -lsocket" >&5 +ac_lib_var=`echo socket'_'socket | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lsocket $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo socket | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + +fi +if test -z "$no_libsun"; then + echo $ac_n "checking for getpwnam in -lsun""... $ac_c" 1>&6 +echo "configure:3248: checking for getpwnam in -lsun" >&5 +ac_lib_var=`echo sun'_'getpwnam | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lsun $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo sun | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + +fi +echo $ac_n "checking for login in -lutil""... $ac_c" 1>&6 +echo "configure:3296: checking for login in -lutil" >&5 +ac_lib_var=`echo util'_'login | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lutil $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define HAVE_LIBUTIL_LOGIN 1 +EOF + + LIBS="$LIBS -lutil" +else + echo "$ac_t""no" 1>&6 +fi + + +echo $ac_n "checking for main in -ldes""... $ac_c" 1>&6 +echo "configure:3341: checking for main in -ldes" >&5 +ac_lib_var=`echo des'_'main | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-ldes $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo des | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + + +for ac_func in strerror memmove remove random putenv socketpair +do +echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +echo "configure:3387: checking for $ac_func" >&5 +if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +/* Override any gcc2 internal prototype to avoid an error. */ +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char $ac_func(); + +int main() { + +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_$ac_func) || defined (__stub___$ac_func) +choke me +#else +$ac_func(); +#endif + +; return 0; } +EOF +if { (eval echo configure:3415: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_func_$ac_func=no" +fi +rm -f conftest* +fi + +if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` + cat >> confdefs.h <&6 +LIBOBJS="$LIBOBJS ${ac_func}.${ac_objext}" +fi +done + + + +echo $ac_n "checking whether ln -s works""... $ac_c" 1>&6 +echo "configure:3443: checking whether ln -s works" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_LN_S'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + rm -f conftestdata +if ln -s X conftestdata 2>/dev/null +then + rm -f conftestdata + ac_cv_prog_LN_S="ln -s" +else + ac_cv_prog_LN_S=ln +fi +fi +LN_S="$ac_cv_prog_LN_S" +if test "$ac_cv_prog_LN_S" = "ln -s"; then + echo "$ac_t""yes" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +# Find a good install program. We prefer a C program (faster), +# so one script is as good as another. But avoid the broken or +# incompatible versions: +# SysV /etc/install, /usr/sbin/install +# SunOS /usr/etc/install +# IRIX /sbin/install +# AIX /bin/install +# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag +# AFS /usr/afsws/bin/install, which mishandles nonexistent args +# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# ./install, which can be erroneously created by make from ./install.sh. +echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6 +echo "configure:3475: checking for a BSD compatible install" >&5 +if test -z "$INSTALL"; then +if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + IFS="${IFS= }"; ac_save_IFS="$IFS"; IFS=":" + for ac_dir in $PATH; do + # Account for people who put trailing slashes in PATH elements. + case "$ac_dir/" in + /|./|.//|/etc/*|/usr/sbin/*|/usr/etc/*|/sbin/*|/usr/afsws/bin/*|/usr/ucb/*) ;; + *) + # OSF1 and SCO ODT 3.0 have their own names for install. + # Don't use installbsd from OSF since it installs stuff as root + # by default. + for ac_prog in ginstall scoinst install; do + if test -f $ac_dir/$ac_prog; then + if test $ac_prog = install && + grep dspmsg $ac_dir/$ac_prog >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + else + ac_cv_path_install="$ac_dir/$ac_prog -c" + break 2 + fi + fi + done + ;; + esac + done + IFS="$ac_save_IFS" + +fi + if test "${ac_cv_path_install+set}" = set; then + INSTALL="$ac_cv_path_install" + else + # As a last resort, use the slow shell script. We don't cache a + # path for INSTALL within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the path is relative. + INSTALL="$ac_install_sh" + fi +fi +echo "$ac_t""$INSTALL" 1>&6 + +# Use test -z because SunOS4 sh mishandles braces in ${var-val}. +# It thinks the first close brace ends the variable substitution. +test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' + +test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL_PROGRAM}' + +test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' + +if test -z "$no_ranlib"; then + # Extract the first word of "ranlib", so it can be a program name with args. +set dummy ranlib; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:3531: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test -n "$RANLIB"; then + ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. +else + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_prog_RANLIB="ranlib" + break + fi + done + IFS="$ac_save_ifs" + test -z "$ac_cv_prog_RANLIB" && ac_cv_prog_RANLIB=":" +fi +fi +RANLIB="$ac_cv_prog_RANLIB" +if test -n "$RANLIB"; then + echo "$ac_t""$RANLIB" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +else + RANLIB=":" +fi +for ac_prog in makedepend makedep +do +# Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:3566: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_prog_MAKEDEP'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + if test -n "$MAKEDEP"; then + ac_cv_prog_MAKEDEP="$MAKEDEP" # Let the user override the test. +else + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_prog_MAKEDEP="$ac_prog" + break + fi + done + IFS="$ac_save_ifs" +fi +fi +MAKEDEP="$ac_cv_prog_MAKEDEP" +if test -n "$MAKEDEP"; then + echo "$ac_t""$MAKEDEP" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +test -n "$MAKEDEP" && break +done +test -n "$MAKEDEP" || MAKEDEP="makedepend" + +for ac_prog in wish8.0 wish wishx wish4.1 true +do +# Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:3601: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_path_WISH'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + case "$WISH" in + /*) + ac_cv_path_WISH="$WISH" # Let the user override the test with a path. + ;; + ?:/*) + ac_cv_path_WISH="$WISH" # Let the user override the test with a dos path. + ;; + *) + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_path_WISH="$ac_dir/$ac_word" + break + fi + done + IFS="$ac_save_ifs" + ;; +esac +fi +WISH="$ac_cv_path_WISH" +if test -n "$WISH"; then + echo "$ac_t""$WISH" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +test -n "$WISH" && break +done + +if test `basename $WISH` = "true"; then + echo "configure: warning: the wish program was not found - ssh-askpass will not work." 1>&2 + WISH="/usr/local/bin/wish" +fi +# Extract the first word of "xauth", so it can be a program name with args. +set dummy xauth; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:3643: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_path_XAUTH_PATH'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + case "$XAUTH_PATH" in + /*) + ac_cv_path_XAUTH_PATH="$XAUTH_PATH" # Let the user override the test with a path. + ;; + ?:/*) + ac_cv_path_XAUTH_PATH="$XAUTH_PATH" # Let the user override the test with a dos path. + ;; + *) + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH:/usr/X11R6/bin" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_path_XAUTH_PATH="$ac_dir/$ac_word" + break + fi + done + IFS="$ac_save_ifs" + ;; +esac +fi +XAUTH_PATH="$ac_cv_path_XAUTH_PATH" +if test -n "$XAUTH_PATH"; then + echo "$ac_t""$XAUTH_PATH" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +if test -n "$XAUTH_PATH"; then + cat >> confdefs.h <&6 +echo "configure:3683: checking for pseudo ttys" >&5 +if test -c /dev/ptmx && test -c /dev/pts/0 +then + cat >> confdefs.h <<\EOF +#define HAVE_DEV_PTMX 1 +EOF + + echo "$ac_t""streams ptys" 1>&6 +else +if test -c /dev/pts && test -c /dev/ptc +then + cat >> confdefs.h <<\EOF +#define HAVE_DEV_PTS_AND_PTC 1 +EOF + + echo "$ac_t""/dev/pts and /dev/ptc" 1>&6 +else + echo "$ac_t""bsd-style ptys" 1>&6 +fi +fi + +echo $ac_n "checking for /etc/default/login""... $ac_c" 1>&6 +echo "configure:3705: checking for /etc/default/login" >&5 +if test -f /etc/default/login; then + cat >> confdefs.h <<\EOF +#define HAVE_ETC_DEFAULT_LOGIN 1 +EOF + + echo "$ac_t""yes" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +if test -z "$no_shadows_password_checking"; then + echo $ac_n "checking for shadow passwords""... $ac_c" 1>&6 +echo "configure:3718: checking for shadow passwords" >&5 + if test -f /etc/shadow; then + cat >> confdefs.h <<\EOF +#define HAVE_ETC_SHADOW 1 +EOF + + echo "$ac_t""/etc/shadow" 1>&6 + elif test -n "$os_aix"; then + cat >> confdefs.h <<\EOF +#define HAVE_ETC_SECURITY_PASSWD 1 +EOF + + echo "$ac_t""/etc/security/passwd" 1>&6 + elif test -n "$os_sunos"; then + cat >> confdefs.h <<\EOF +#define HAVE_ETC_SECURITY_PASSWD_ADJUNCT 1 +EOF + + echo "$ac_t""/etc/security/passwd.adjunct" 1>&6 + else + echo "$ac_t""no" 1>&6 + fi +fi + +echo $ac_n "checking location of mail spool files""... $ac_c" 1>&6 +echo "configure:3743: checking location of mail spool files" >&5 +for dir in /var/spool/mail /var/mail /usr/spool/mail /usr/mail NEWMAIL +do + if test "$dir" = "NEWMAIL"; then + cat >> confdefs.h <<\EOF +#define HAVE_TILDE_NEWMAIL 1 +EOF + + echo "$ac_t""\$HOME/newmail" 1>&6 + echo "configure: warning: mail spool directory was not found: assuming you use \$HOME/newmail" 1>&2 + elif test -d $dir; then + cat >> confdefs.h <&6 + break + fi +done + +echo $ac_n "checking location of utmp""... $ac_c" 1>&6 +echo "configure:3764: checking location of utmp" >&5 +if test -f /var/run/utmp; then + cat >> confdefs.h <<\EOF +#define SSH_UTMP "/var/run/utmp" +EOF + + echo "$ac_t""/var/run/utmp" 1>&6 +elif test -f /var/log/utmp; then + cat >> confdefs.h <<\EOF +#define SSH_UTMP "/var/log/utmp" +EOF + + echo "$ac_t""/var/log/utmp" 1>&6 +elif test -f /var/adm/utmp; then + cat >> confdefs.h <<\EOF +#define SSH_UTMP "/var/adm/utmp" +EOF + + echo "$ac_t""/var/adm/utmp" 1>&6 +elif test -f /usr/adm/utmp; then + cat >> confdefs.h <<\EOF +#define SSH_UTMP "/usr/adm/utmp" +EOF + + echo "$ac_t""/usr/adm/utmp" 1>&6 +elif test -f /etc/utmp; then + cat >> confdefs.h <<\EOF +#define SSH_UTMP "/etc/utmp" +EOF + + echo "$ac_t""/etc/utmp" 1>&6 +else + echo "$ac_t""not found" 1>&6 +fi + +echo $ac_n "checking location of wtmp""... $ac_c" 1>&6 +echo "configure:3800: checking location of wtmp" >&5 +if test -f /var/log/wtmp; then + cat >> confdefs.h <<\EOF +#define SSH_WTMP "/var/log/wtmp" +EOF + + echo "$ac_t""/var/log/wtmp" 1>&6 +elif test -f /var/adm/wtmp; then + cat >> confdefs.h <<\EOF +#define SSH_WTMP "/var/adm/wtmp" +EOF + + echo "$ac_t""/var/adm/wtmp" 1>&6 +elif test -f /usr/adm/wtmp; then + cat >> confdefs.h <<\EOF +#define SSH_WTMP "/usr/adm/wtmp" +EOF + + echo "$ac_t""/usr/adm/wtmp" 1>&6 +elif test -f /etc/wtmp; then + cat >> confdefs.h <<\EOF +#define SSH_WTMP "/etc/wtmp" +EOF + + echo "$ac_t""/etc/wtmp" 1>&6 +else + cat >> confdefs.h <<\EOF +#define SSH_WTMP "/var/adm/wtmp" +EOF + + echo "$ac_t""not found" 1>&6 +fi + +echo $ac_n "checking location of lastlog""... $ac_c" 1>&6 +echo "configure:3834: checking location of lastlog" >&5 +if test -f /var/log/lastlog || test -d /var/log/lastlog; then + cat >> confdefs.h <<\EOF +#define SSH_LASTLOG "/var/log/lastlog" +EOF + + cat >> confdefs.h <<\EOF +#define HAVE_LASTLOG 1 +EOF + + LASTLOG=/var/log/lastlog + echo "$ac_t""/var/log/lastlog" 1>&6 +elif test -f /var/adm/lastlog || test -d /var/adm/lastlog; then + cat >> confdefs.h <<\EOF +#define SSH_LASTLOG "/var/adm/lastlog" +EOF + + cat >> confdefs.h <<\EOF +#define HAVE_LASTLOG 1 +EOF + + LASTLOG=/var/adm/lastlog + echo "$ac_t""/var/adm/lastlog" 1>&6 +elif test -f /usr/adm/lastlog || test -d /usr/adm/lastlog; then + cat >> confdefs.h <<\EOF +#define SSH_LASTLOG "/usr/adm/lastlog" +EOF + + cat >> confdefs.h <<\EOF +#define HAVE_LASTLOG 1 +EOF + + LASTLOG=/usr/adm/lastlog + echo "$ac_t""/usr/adm/lastlog" 1>&6 +elif test -f /etc/lastlog || test -d /etc/lastlog; then + cat >> confdefs.h <<\EOF +#define SSH_LASTLOG "/etc/lastlog" +EOF + + cat >> confdefs.h <<\EOF +#define HAVE_LASTLOG 1 +EOF + + LASTLOG=/etc/lastlog + echo "$ac_t""/etc/lastlog" 1>&6 +else + echo "$ac_t""not found" 1>&6 + cat >> confdefs.h <<\EOF +#define SSH_LASTLOG "/var/log/lastlog" +EOF + + LASTLOG=/var/log/lastlog +fi + +echo $ac_n "checking whether $LASTLOG is a directory""... $ac_c" 1>&6 +echo "configure:3889: checking whether $LASTLOG is a directory" >&5 +if test -d $LASTLOG +then + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define LASTLOG_IS_DIR 1 +EOF + +else + echo "$ac_t""no" 1>&6 +fi + +echo $ac_n "checking whether to include the IDEA encryption algorithm""... $ac_c" 1>&6 +echo "configure:3902: checking whether to include the IDEA encryption algorithm" >&5 +# Check whether --with-idea or --without-idea was given. +if test "${with_idea+set}" = set; then + withval="$with_idea" + case "$withval" in + yes) + echo "$ac_t""yes" 1>&6 + CONFOBJS="$CONFOBJS idea.o" + cat >> confdefs.h <<\EOF +#define WITH_IDEA 1 +EOF + + ;; + *) + echo "$ac_t""no" 1>&6 + ;; + esac +else + echo "$ac_t""no" 1>&6 + +fi + + +echo $ac_n "checking whether to include the RC4 encryption algorithm""... $ac_c" 1>&6 +echo "configure:3926: checking whether to include the RC4 encryption algorithm" >&5 +# Check whether --with-rc4 or --without-rc4 was given. +if test "${with_rc4+set}" = set; then + withval="$with_rc4" + case "$withval" in + yes) + echo "$ac_t""yes" 1>&6 + CONFOBJS="$CONFOBJS rc4.o" + cat >> confdefs.h <<\EOF +#define WITH_RC4 1 +EOF + + ;; + *) + echo "$ac_t""no" 1>&6 + ;; + esac +else + echo "$ac_t""no" 1>&6 + +fi + + +echo $ac_n "checking whether to include the Blowfish encryption algorithm""... $ac_c" 1>&6 +echo "configure:3950: checking whether to include the Blowfish encryption algorithm" >&5 +# Check whether --with-blowfish or --without-blowfish was given. +if test "${with_blowfish+set}" = set; then + withval="$with_blowfish" + case "$withval" in + no) + ;; + *) + with_blowfish=yes + ;; + esac +else + with_blowfish=yes + +fi + + +case "$with_blowfish" in +yes) + cat >> confdefs.h <<\EOF +#define WITH_BLOWFISH 1 +EOF + + CONFOBJS="$CONFOBJS bf_skey.o bf_enc.o" + echo "$ac_t""yes" 1>&6 + ;; +no) + echo "$ac_t""no" 1>&6 + ;; +esac + +echo $ac_n "checking whether to use rsaref""... $ac_c" 1>&6 +echo "configure:3982: checking whether to use rsaref" >&5 +# Check whether --with-rsaref or --without-rsaref was given. +if test "${with_rsaref+set}" = set; then + withval="$with_rsaref" + case "$withval" in + no) + echo "$ac_t""no" 1>&6 + ;; + *) + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define RSAREF 1 +EOF + + RSAREFDEP="rsaref2/source/librsaref.a" + LIBS="-lrsaref $LIBS" + LDFLAGS="-Lrsaref2/source $LDFLAGS" + ;; + esac +else + echo "$ac_t""no" 1>&6 + +fi + + +echo $ac_n "checking whether to use ssl""... $ac_c" 1>&6 +echo "configure:4008: checking whether to use ssl" >&5 +# Check whether --with-ssl or --without-ssl was given. +if test "${with_ssl+set}" = set; then + withval="$with_ssl" + case "$withval" in + no) + echo "$ac_t""no" 1>&6 + ;; + *) + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define DO_SSL 1 +EOF + + LIBS="-lcrypto $LIBS" + ;; + esac +else + echo "$ac_t""no" 1>&6 + +fi + + +echo $ac_n "checking whether to use rsh""... $ac_c" 1>&6 +echo "configure:4032: checking whether to use rsh" >&5 +# Check whether --with-rsh or --without-rsh was given. +if test "${with_rsh+set}" = set; then + withval="$with_rsh" + case "$withval" in + no) + echo "$ac_t""no" 1>&6 + ;; + yes) + echo "$ac_t""yes" 1>&6 + for ac_prog in remsh rsh +do +# Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:4047: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_path_RSH_PATH'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + case "$RSH_PATH" in + /*) + ac_cv_path_RSH_PATH="$RSH_PATH" # Let the user override the test with a path. + ;; + ?:/*) + ac_cv_path_RSH_PATH="$RSH_PATH" # Let the user override the test with a dos path. + ;; + *) + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_path_RSH_PATH="$ac_dir/$ac_word" + break + fi + done + IFS="$ac_save_ifs" + ;; +esac +fi +RSH_PATH="$ac_cv_path_RSH_PATH" +if test -n "$RSH_PATH"; then + echo "$ac_t""$RSH_PATH" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +test -n "$RSH_PATH" && break +done + + cat >> confdefs.h <&6 + cat >> confdefs.h <&6 + for ac_prog in remsh rsh +do +# Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +echo "configure:4102: checking for $ac_word" >&5 +if eval "test \"`echo '$''{'ac_cv_path_RSH_PATH'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + case "$RSH_PATH" in + /*) + ac_cv_path_RSH_PATH="$RSH_PATH" # Let the user override the test with a path. + ;; + ?:/*) + ac_cv_path_RSH_PATH="$RSH_PATH" # Let the user override the test with a dos path. + ;; + *) + IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" + ac_dummy="$PATH" + for ac_dir in $ac_dummy; do + test -z "$ac_dir" && ac_dir=. + if test -f $ac_dir/$ac_word; then + ac_cv_path_RSH_PATH="$ac_dir/$ac_word" + break + fi + done + IFS="$ac_save_ifs" + ;; +esac +fi +RSH_PATH="$ac_cv_path_RSH_PATH" +if test -n "$RSH_PATH"; then + echo "$ac_t""$RSH_PATH" 1>&6 +else + echo "$ac_t""no" 1>&6 +fi + +test -n "$RSH_PATH" && break +done + + cat >> confdefs.h <&6 +echo "configure:4147: checking default path" >&5 +# Check whether --with-path or --without-path was given. +if test "${with_path+set}" = set; then + withval="$with_path" + case "$withval" in + no) + echo "$ac_t""use system default" 1>&6 + ;; + *) + echo "$ac_t""$withval" 1>&6 + cat >> confdefs.h <&6 + +fi + + +echo $ac_n "checking etcdir""... $ac_c" 1>&6 +echo "configure:4170: checking etcdir" >&5 +# Check whether --with-etcdir or --without-etcdir was given. +if test "${with_etcdir+set}" = set; then + withval="$with_etcdir" + case "$withval" in + no) + { echo "configure: error: Need ETCDIR." 1>&2; exit 1; } + ;; + yes) + ETCDIR="/etc" + echo "$ac_t""/etc" 1>&6 + ;; + *) + ETCDIR="$withval" + echo "$ac_t""$withval" 1>&6 + ;; + esac +else + ETCDIR="/etc" + echo "$ac_t""/etc" 1>&6 + +fi + + +echo $ac_n "checking whether to support SecurID""... $ac_c" 1>&6 +echo "configure:4195: checking whether to support SecurID" >&5 +# Check whether --with-securid or --without-securid was given. +if test "${with_securid+set}" = set; then + withval="$with_securid" + case "$withval" in + no) + echo "$ac_t""no" 1>&6 + ;; + yes) + echo "$ac_t""yes" 1>&6 + if test '!' -f /usr/ace/sdiclient.a; then + { echo "configure: error: SecurID sdiclient.a not found in /usr/ace: you must supply the path." 1>&2; exit 1; } + fi + echo "$ac_t""yes" 1>&6 + echo "$ac_t""Assuming SecurID headers and libraries are in /usr/ace." 1>&6 + cat >> confdefs.h <<\EOF +#define HAVE_SECURID 1 +EOF + + CFLAGS="$CFLAGS -I/usr/ace" + LIBS="/usr/ace/sdiclient.a $LIBS" + ;; + *) + echo "$ac_t""yes" 1>&6 + if test '!' -f $withval/sdiclient.a; then + { echo "configure: error: SecurID sdiclient.a not found in $withval: please supply the correct path." 1>&2; exit 1; } + fi + echo "$ac_t""Assuming SecurID headers and libraries are in $withval." 1>&6 + cat >> confdefs.h <<\EOF +#define HAVE_SECURID 1 +EOF + + CFLAGS="$CFLAGS -I$withval" + LIBS="$withval/sdiclient.a $LIBS" + ;; + esac +else + echo "$ac_t""no" 1>&6 + +fi + + +echo $ac_n "checking whether to include compression support""... $ac_c" 1>&6 +echo "configure:4238: checking whether to include compression support" >&5 +# Check whether --with-zlib or --without-zlib was given. +if test "${with_zlib+set}" = set; then + withval="$with_zlib" + case "$withval" in + no) + ;; + *) + with_zlib=yes + ;; + esac +else + with_zlib=yes + +fi + + +case "$with_zlib" in +yes) + echo "$ac_t""yes" 1>&6 + for ac_hdr in zlib.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +echo "configure:4262: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:4272: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + + if test "$ac_cv_header_zlib_h" != yes; then + echo "Can't find zlib.h, disable with --without-zlib" + exit 1 + fi + echo $ac_n "checking for main in -lz""... $ac_c" 1>&6 +echo "configure:4303: checking for main in -lz" >&5 +ac_lib_var=`echo z'_'main | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lz $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo z | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + + if test "$ac_cv_lib_z_main" != yes; then + echo "Can't find library z (libz.a), disable with --without-zlib" + exit 1 + fi + CONFOBJS="$CONFOBJS compress.o" + cat >> confdefs.h <<\EOF +#define WITH_ZLIB 1 +EOF + + ;; +no) + echo "$ac_t""no" 1>&6 + ;; +esac + +echo $ac_n "checking whether to use Kerberos v4""... $ac_c" 1>&6 +echo "configure:4361: checking whether to use Kerberos v4" >&5 +# Check whether --with-krb4 or --without-krb4 was given. +if test "${with_krb4+set}" = set; then + withval="$with_krb4" + case "$withval" in + yes) + ;; + no) + ;; + *) + ;; + esac +else + with_krb4=default + +fi + +# krb4 continued +case "$with_krb4" in +no) + echo "$ac_t""no" 1>&6 + ;; +yes) + echo "$ac_t""yes" 1>&6 + for ac_hdr in krb.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +echo "configure:4389: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:4399: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + + if test "$ac_cv_header_krb_h" != yes; then + echo "Can't find include file krb.h! Aborting!" + exit 1 + fi + echo $ac_n "checking for main in -lkrb""... $ac_c" 1>&6 +echo "configure:4430: checking for main in -lkrb" >&5 +ac_lib_var=`echo krb'_'main | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lkrb $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo krb | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + + if test "$ac_cv_lib_krb_main" != yes; then + echo "Can't find library krb (libkrb.a)! Aborting" + exit 1 + fi + cat >> confdefs.h <<\EOF +#define KRB4 1 +EOF + + KRB4_AUTH="auth-krb4.o" + KRB4_ROOT="" + KRB4_INCS="" + KRB4_LIBS="-lkrb -ldes" + echo $ac_n "checking for dn_expand in -lresolv""... $ac_c" 1>&6 +echo "configure:4485: checking for dn_expand in -lresolv" >&5 +ac_lib_var=`echo resolv'_'dn_expand | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lresolv $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + KRB4_LIBS="$KRB4_LIBS -lresolv" +else + echo "$ac_t""no" 1>&6 +fi + + ;; +default) + for ac_hdr in krb.h +do +ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` +echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +echo "configure:4530: checking for $ac_hdr" >&5 +if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + cat > conftest.$ac_ext < +EOF +ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +{ (eval echo configure:4540: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` +if test -z "$ac_err"; then + rm -rf conftest* + eval "ac_cv_header_$ac_safe=yes" +else + echo "$ac_err" >&5 + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_header_$ac_safe=no" +fi +rm -f conftest* +fi +if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` + cat >> confdefs.h <&6 +fi +done + + echo $ac_n "checking for main in -lkrb""... $ac_c" 1>&6 +echo "configure:4567: checking for main in -lkrb" >&5 +ac_lib_var=`echo krb'_'main | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lkrb $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + ac_tr_lib=HAVE_LIB`echo krb | sed -e 's/[^a-zA-Z0-9_]/_/g' \ + -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` + cat >> confdefs.h <&6 +fi + + if test "$ac_cv_header_krb_h" = yes -a "$ac_cv_lib_krb_main" = yes; then + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define KRB4 1 +EOF + + KRB4_AUTH="auth-krb4.o" + KRB4_ROOT="" + KRB4_INCS="" + KRB4_LIBS="-lkrb -ldes" + echo $ac_n "checking for dn_expand in -lresolv""... $ac_c" 1>&6 +echo "configure:4620: checking for dn_expand in -lresolv" >&5 +ac_lib_var=`echo resolv'_'dn_expand | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lresolv $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + KRB4_LIBS="$KRB4_LIBS -lresolv" +else + echo "$ac_t""no" 1>&6 +fi + + else + echo "$ac_t""no" 1>&6 + fi + ;; +*) + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define KRB4 1 +EOF + + KRB4_AUTH="auth-krb4.o" + KRB4_ROOT="$with_krb4" + KRB4_INCS="-I\$(KRB4_ROOT)/include" + KRB4_LIBS="-L\$(KRB4_ROOT)/lib -lkrb -ldes" + echo $ac_n "checking for dn_expand in -lresolv""... $ac_c" 1>&6 +echo "configure:4674: checking for dn_expand in -lresolv" >&5 +ac_lib_var=`echo resolv'_'dn_expand | sed 'y%./+-%__p_%'` +if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +else + ac_save_LIBS="$LIBS" +LIBS="-lresolv $LIBS" +cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=no" +fi +rm -f conftest* +LIBS="$ac_save_LIBS" + +fi +if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then + echo "$ac_t""yes" 1>&6 + KRB4_LIBS="$KRB4_LIBS -lresolv" +else + echo "$ac_t""no" 1>&6 +fi + + ;; +esac + +echo $ac_n "checking whether to use AFS""... $ac_c" 1>&6 +echo "configure:4717: checking whether to use AFS" >&5 +# Check whether --with-afs or --without-afs was given. +if test "${with_afs+set}" = set; then + withval="$with_afs" + if test "$with_afs" = no; then + echo "$ac_t""no" 1>&6 + else + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define AFS 1 +EOF + + cat >> confdefs.h <<\EOF +#define KERBEROS_TGT_PASSING 1 +EOF + + RADIX="radix.o" + if test "$with_krb4" = no; then + echo "$ac_t""no" 1>&6 + echo "configure: warning: "AFS requires Kerberos v4 support."" 1>&2 + else + KRB4_LIBS="${KRB4_LIBS} -lkafs" + if test -n "$os_aix"; then + KRB4_LIBS="${KRB4_LIBS} -lld" + fi + fi +fi + +fi + + +echo $ac_n "checking whether to use libwrap""... $ac_c" 1>&6 +echo "configure:4749: checking whether to use libwrap" >&5 +# Check whether --with-libwrap or --without-libwrap was given. +if test "${with_libwrap+set}" = set; then + withval="$with_libwrap" + case "$withval" in + no) + echo "$ac_t""no" 1>&6 + ;; + yes) + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define LIBWRAP 1 +EOF + + LIBS="-lwrap $LIBS" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + : +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + { echo "configure: error: Could not find the libwrap.a library. You must first install tcp_wrappers." 1>&2; exit 1; } +fi +rm -f conftest* + ;; + *) + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define LIBWRAP 1 +EOF + + LIBS="$withval $LIBS" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + : +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + { echo "configure: error: Could not find the $withval library. You must first install tcp_wrappers." 1>&2; exit 1; } +fi +rm -f conftest* + ;; + esac +else + echo "$ac_t""no" 1>&6 + +fi + + +echo $ac_n "checking whether to support SOCKS""... $ac_c" 1>&6 +echo "configure:4815: checking whether to support SOCKS" >&5 +# Check whether --with-socks or --without-socks was given. +if test "${with_socks+set}" = set; then + withval="$with_socks" + case "$withval" in + no) + echo "$ac_t""no" 1>&6 + ;; + *) + echo "$ac_t""yes" 1>&6 + cat >> confdefs.h <<\EOF +#define SOCKS 1 +EOF + + cat >> confdefs.h <<\EOF +#define connect Rconnect +EOF + + cat >> confdefs.h <<\EOF +#define getsockname Rgetsockname +EOF + + cat >> confdefs.h <<\EOF +#define bind Rbind +EOF + + cat >> confdefs.h <<\EOF +#define accept Raccept +EOF + + cat >> confdefs.h <<\EOF +#define listen Rlisten +EOF + + cat >> confdefs.h <<\EOF +#define select Rselect +EOF + + if test "x$withval" = "xyes"; then + withval="-lsocks" + fi + LIBS="$withval $LIBS" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + : +else + echo "configure: failed program was:" >&5 + cat conftest.$ac_ext >&5 + rm -rf conftest* + { echo "configure: error: Could not find the $withval library. You must first install socks." 1>&2; exit 1; } +fi +rm -f conftest* + ;; + esac +else + echo "$ac_t""no" 1>&6 + +fi + + +PIDDIR="/var/run" +echo $ac_n "checking where to put sshd.pid""... $ac_c" 1>&6 +echo "configure:4884: checking where to put sshd.pid" >&5 +if test '!' -d $PIDDIR; then + PIDDIR="$ETCDIR" +fi +echo "$ac_t""$PIDDIR" 1>&6 + +if test "$program_transform_name" = s,x,x,; then + program_transform_name= +else + # Double any \ or $. echo might interpret backslashes. + cat <<\EOF_SED > conftestsed +s,\\,\\\\,g; s,\$,$$,g +EOF_SED + program_transform_name="`echo $program_transform_name|sed -f conftestsed`" + rm -f conftestsed +fi +test "$program_prefix" != NONE && + program_transform_name="s,^,${program_prefix},; $program_transform_name" +# Use a double $ so make ignores it. +test "$program_suffix" != NONE && + program_transform_name="s,\$\$,${program_suffix},; $program_transform_name" + +# sed with no file args requires a program. +test "$program_transform_name" = "" && program_transform_name="s,x,x," + + + + + + + +trap '' 1 2 15 +cat > confcache <<\EOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs. It is not useful on other systems. +# If it contains results you don't want to keep, you may remove or edit it. +# +# By default, configure uses ./config.cache as the cache file, +# creating it if it does not exist already. You can give configure +# the --cache-file=FILE option to use a different cache file; that is +# what configure does when it calls configure scripts in +# subdirectories, so they share the cache. +# Giving --cache-file=/dev/null disables caching, for debugging configure. +# config.status only pays attention to the cache file if you give it the +# --recheck option to rerun configure. +# +EOF +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, don't put newlines in cache variables' values. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +(set) 2>&1 | + case `(ac_space=' '; set | grep ac_space) 2>&1` in + *ac_space=\ *) + # `set' does not quote correctly, so add quotes (double-quote substitution + # turns \\\\ into \\, and sed turns \\ into \). + sed -n \ + -e "s/'/'\\\\''/g" \ + -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p" + ;; + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p' + ;; + esac >> confcache +if cmp -s $cache_file confcache; then + : +else + if test -w $cache_file; then + echo "updating cache $cache_file" + cat confcache > $cache_file + else + echo "not updating unwritable cache $cache_file" + fi +fi +rm -f confcache + +trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +# Any assignment to VPATH causes Sun make to only execute +# the first set of double-colon rules, so remove it if not needed. +# If there is a colon in the path, we need to keep it. +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=[^:]*$/d' +fi + +trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15 + +DEFS=-DHAVE_CONFIG_H + +# Without the "./", some shells look in PATH for config.status. +: ${CONFIG_STATUS=./config.status} + +echo creating $CONFIG_STATUS +rm -f $CONFIG_STATUS +cat > $CONFIG_STATUS </dev/null | sed 1q`: +# +# $0 $ac_configure_args +# +# Compiler output produced by configure, useful for debugging +# configure, is in ./config.log if it exists. + +ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]" +for ac_option +do + case "\$ac_option" in + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion" + exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;; + -version | --version | --versio | --versi | --vers | --ver | --ve | --v) + echo "$CONFIG_STATUS generated by autoconf version 2.13" + exit 0 ;; + -help | --help | --hel | --he | --h) + echo "\$ac_cs_usage"; exit 0 ;; + *) echo "\$ac_cs_usage"; exit 1 ;; + esac +done + +ac_given_srcdir=$srcdir +ac_given_INSTALL="$INSTALL" + +trap 'rm -fr `echo "Makefile sshd.8 ssh.1 config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 +EOF +cat >> $CONFIG_STATUS < conftest.subs <<\\CEOF +$ac_vpsub +$extrasub +s%@SHELL@%$SHELL%g +s%@CFLAGS@%$CFLAGS%g +s%@CPPFLAGS@%$CPPFLAGS%g +s%@CXXFLAGS@%$CXXFLAGS%g +s%@FFLAGS@%$FFLAGS%g +s%@DEFS@%$DEFS%g +s%@LDFLAGS@%$LDFLAGS%g +s%@LIBS@%$LIBS%g +s%@exec_prefix@%$exec_prefix%g +s%@prefix@%$prefix%g +s%@program_transform_name@%$program_transform_name%g +s%@bindir@%$bindir%g +s%@sbindir@%$sbindir%g +s%@libexecdir@%$libexecdir%g +s%@datadir@%$datadir%g +s%@sysconfdir@%$sysconfdir%g +s%@sharedstatedir@%$sharedstatedir%g +s%@localstatedir@%$localstatedir%g +s%@libdir@%$libdir%g +s%@includedir@%$includedir%g +s%@oldincludedir@%$oldincludedir%g +s%@infodir@%$infodir%g +s%@mandir@%$mandir%g +s%@host@%$host%g +s%@host_alias@%$host_alias%g +s%@host_cpu@%$host_cpu%g +s%@host_vendor@%$host_vendor%g +s%@host_os@%$host_os%g +s%@CC@%$CC%g +s%@CPP@%$CPP%g +s%@GMPINCS@%$GMPINCS%g +s%@GMPLIBS@%$GMPLIBS%g +s%@LIBOBJS@%$LIBOBJS%g +s%@LN_S@%$LN_S%g +s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g +s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g +s%@INSTALL_DATA@%$INSTALL_DATA%g +s%@RANLIB@%$RANLIB%g +s%@MAKEDEP@%$MAKEDEP%g +s%@WISH@%$WISH%g +s%@XAUTH_PATH@%$XAUTH_PATH%g +s%@RSH_PATH@%$RSH_PATH%g +s%@KRB4_AUTH@%$KRB4_AUTH%g +s%@KRB4_ROOT@%$KRB4_ROOT%g +s%@KRB4_INCS@%$KRB4_INCS%g +s%@KRB4_LIBS@%$KRB4_LIBS%g +s%@RADIX@%$RADIX%g +s%@ETCDIR@%$ETCDIR%g +s%@PIDDIR@%$PIDDIR%g +s%@RSAREFDEP@%$RSAREFDEP%g +s%@CONFOBJS@%$CONFOBJS%g + +CEOF +EOF + +cat >> $CONFIG_STATUS <<\EOF + +# Split the substitutions into bite-sized pieces for seds with +# small command number limits, like on Digital OSF/1 and HP-UX. +ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script. +ac_file=1 # Number of current file. +ac_beg=1 # First line for current file. +ac_end=$ac_max_sed_cmds # Line after last line for current file. +ac_more_lines=: +ac_sed_cmds="" +while $ac_more_lines; do + if test $ac_beg -gt 1; then + sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file + else + sed "${ac_end}q" conftest.subs > conftest.s$ac_file + fi + if test ! -s conftest.s$ac_file; then + ac_more_lines=false + rm -f conftest.s$ac_file + else + if test -z "$ac_sed_cmds"; then + ac_sed_cmds="sed -f conftest.s$ac_file" + else + ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file" + fi + ac_file=`expr $ac_file + 1` + ac_beg=$ac_end + ac_end=`expr $ac_end + $ac_max_sed_cmds` + fi +done +if test -z "$ac_sed_cmds"; then + ac_sed_cmds=cat +fi +EOF + +cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF +for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then + # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". + case "$ac_file" in + *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` + ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; + *) ac_file_in="${ac_file}.in" ;; + esac + + # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories. + + # Remove last slash and all that follows it. Not all systems have dirname. + ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` + if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then + # The file is in a subdirectory. + test ! -d "$ac_dir" && mkdir "$ac_dir" + ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`" + # A "../" for each directory in $ac_dir_suffix. + ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'` + else + ac_dir_suffix= ac_dots= + fi + + case "$ac_given_srcdir" in + .) srcdir=. + if test -z "$ac_dots"; then top_srcdir=. + else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;; + /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;; + *) # Relative path. + srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix" + top_srcdir="$ac_dots$ac_given_srcdir" ;; + esac + + case "$ac_given_INSTALL" in + [/$]*) INSTALL="$ac_given_INSTALL" ;; + *) INSTALL="$ac_dots$ac_given_INSTALL" ;; + esac + + echo creating "$ac_file" + rm -f "$ac_file" + configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure." + case "$ac_file" in + *Makefile*) ac_comsub="1i\\ +# $configure_input" ;; + *) ac_comsub= ;; + esac + + ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` + sed -e "$ac_comsub +s%@configure_input@%$configure_input%g +s%@srcdir@%$srcdir%g +s%@top_srcdir@%$top_srcdir%g +s%@INSTALL@%$INSTALL%g +" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file +fi; done +rm -f conftest.s* + +# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where +# NAME is the cpp macro being defined and VALUE is the value it is being given. +# +# ac_d sets the value in "#define NAME VALUE" lines. +ac_dA='s%^\([ ]*\)#\([ ]*define[ ][ ]*\)' +ac_dB='\([ ][ ]*\)[^ ]*%\1#\2' +ac_dC='\3' +ac_dD='%g' +# ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE". +ac_uA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' +ac_uB='\([ ]\)%\1#\2define\3' +ac_uC=' ' +ac_uD='\4%g' +# ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE". +ac_eA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' +ac_eB='$%\1#\2define\3' +ac_eC=' ' +ac_eD='%g' + +if test "${CONFIG_HEADERS+set}" != set; then +EOF +cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF +fi +for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then + # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". + case "$ac_file" in + *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` + ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; + *) ac_file_in="${ac_file}.in" ;; + esac + + echo creating $ac_file + + rm -f conftest.frag conftest.in conftest.out + ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` + cat $ac_file_inputs > conftest.in + +EOF + +# Transform confdefs.h into a sed script conftest.vals that substitutes +# the proper values into config.h.in to produce config.h. And first: +# Protect against being on the right side of a sed subst in config.status. +# Protect against being in an unquoted here document in config.status. +rm -f conftest.vals +cat > conftest.hdr <<\EOF +s/[\\&%]/\\&/g +s%[\\$`]%\\&%g +s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD}%gp +s%ac_d%ac_u%gp +s%ac_u%ac_e%gp +EOF +sed -n -f conftest.hdr confdefs.h > conftest.vals +rm -f conftest.hdr + +# This sed command replaces #undef with comments. This is necessary, for +# example, in the case of _POSIX_SOURCE, which is predefined and required +# on some systems where configure will not decide to define it. +cat >> conftest.vals <<\EOF +s%^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*%/* & */% +EOF + +# Break up conftest.vals because some shells have a limit on +# the size of here documents, and old seds have small limits too. + +rm -f conftest.tail +while : +do + ac_lines=`grep -c . conftest.vals` + # grep -c gives empty output for an empty file on some AIX systems. + if test -z "$ac_lines" || test "$ac_lines" -eq 0; then break; fi + # Write a limited-size here document to conftest.frag. + echo ' cat > conftest.frag <> $CONFIG_STATUS + sed ${ac_max_here_lines}q conftest.vals >> $CONFIG_STATUS + echo 'CEOF + sed -f conftest.frag conftest.in > conftest.out + rm -f conftest.in + mv conftest.out conftest.in +' >> $CONFIG_STATUS + sed 1,${ac_max_here_lines}d conftest.vals > conftest.tail + rm -f conftest.vals + mv conftest.tail conftest.vals +done +rm -f conftest.vals + +cat >> $CONFIG_STATUS <<\EOF + rm -f conftest.frag conftest.h + echo "/* $ac_file. Generated automatically by configure. */" > conftest.h + cat conftest.in >> conftest.h + rm -f conftest.in + if cmp -s $ac_file conftest.h 2>/dev/null; then + echo "$ac_file is unchanged" + rm -f conftest.h + else + # Remove last slash and all that follows it. Not all systems have dirname. + ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` + if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then + # The file is in a subdirectory. + test ! -d "$ac_dir" && mkdir "$ac_dir" + fi + rm -f $ac_file + mv conftest.h $ac_file + fi +fi; done + +EOF +cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF + +exit 0 +EOF +chmod +x $CONFIG_STATUS +rm -fr confdefs* $ac_clean_files +test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1 + Index: usr.bin/ssh/configure.in =================================================================== RCS file: configure.in diff -N configure.in --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsNVcPl31367 Wed Dec 8 12:42:07 1999 @@ -0,0 +1,815 @@ +# +# configure.in +# +# Author: Tatu Ylonen +# +# Copyright (c) 1995 Tatu Ylonen , Espoo, Finland +# All rights reserved +# +# Created: Wed Mar 22 18:02:48 1995 ylo +# +# $Id: configure.in,v 1.2 1999/09/26 21:47:54 deraadt dead $ +# + +AC_INIT(sshd.c) +AC_CONFIG_HEADER(config.h) +AC_PREREQ(2.4) + +AC_CANONICAL_HOST + +AC_PROG_CC +AC_PROG_CPP + +case "$host" in + *-*-sunos4.1.1*) + os_sunos=yes + # Tim Adam says speed_t is defined in stdtypes.h + AC_DEFINE(SPEED_T_IN_STDTYPES_H) + ;; + *-*-sunos*) + os_sunos=yes + ;; + *-sgi-irix5*) + # Irix stuff from snabb@niksula.hut.fi and tsurmacz@asic.ict.pwr.wroc.pl. + no_libsocket=yes + no_libsun=yes + ;; + *-sgi-irix6*) + # from d-champion@uchicago.edu + no_libsocket=yes + no_libsun=yes + if test "`uname -s`" = "IRIX64"; then + CFLAGS="-32 $CFLAGS" + LDFLAGS="-32 $LDFLAGS" + fi + ;; + *-ibm-aix3.2|*-ibm-aix3.2.0|*-ibm-aix3.2.1|*-ibm-aix3.2.2|*-ibm-aix3.2.3|*-ibm-aix3.2.4) + os_aix=yes + AC_CHECK_LIB(s, getuserattr) + ;; + *-ibm-aix*) + os_aix=yes + AC_CHECK_LIB(s, getuserattr) + ;; + mips-dec-mach3*) + # Mach3 stuff from kivinen@hut.fi + no_vhangup=yes + ;; + *-dec-ultrix*) + # Ultrix stuff from dmckilli@qc.bell.ca, jbotz@orixa.mtholyoke.edu. + AC_DEFINE(O_NONBLOCK_BROKEN) + no_vhangup=yes + AC_TRY_COMPILE([#include ], + [int foo = LOG_DAEMON; ], + , + AC_DEFINE(NEED_SYS_SYSLOG_H)) + ;; + *-*-hpux*) + # HPUX flags from jgotts@engin.umich.edu + if test -z "$GCC"; then + CFLAGS="$CFLAGS -Aa -D_HPUX_SOURCE" + fi + AC_DEFINE(HPSUX_NONSTANDARD_X11_KLUDGE) + ;; + alpha-dec-osf*) + AC_DEFINE(TTY_GROUP, "terminal") + AC_CHECK_LIB(security, set_auth_parameters) + AC_MSG_CHECKING(for OSF/1 C2 security package) + osfc2sec=`/usr/sbin/setld -i | grep '^OSFC2SEC'` + if test -n "$osfc2sec"; then + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_OSF1_C2_SECURITY) + AC_CHECK_LIB(security, set_auth_parameters, + LIBS="$LIBS -lsecurity", + AC_MSG_ERROR("Could not find libsecurity even though C2 security installed.")) + CONFOBJS="$CONFOBJS osfc2.o" + else + AC_MSG_RESULT(no) + fi + ;; + *-*-nextstep*) + # Nextstep support from a person who wants to remain anonymous + no_termios=yes + AC_DEFINE(SPEED_T_IN_STDTYPES_H) + ;; + *-*-linux*) + # Linux shadow password support (Andrew.Macpherson.1248566@bnr.co.uk) + if test -f /etc/shadow && test -f /etc/login.defs; then + AC_MSG_RESULT(Using linux John Haugh shadow passwords and pw_encrypt for password encryption) + AC_DEFINE(crypt,pw_encrypt) + LIBS="$LIBS -lshadow" + fi + ;; + i*86-*-bsdi*) + no_pipe=yes + ;; + i*86-unknown-bsd*) + # Assume 386BSD. pgut01@cs.auckland.ac.nz reported this makes it compile. + AC_DEFINE(__FreeBSD__) + ;; + m68k-sony-newsos*) + # From snabb@niksula.hut.fi + no_vhangup=yes + ;; + m88k-dg-dgux*) + AC_DEFINE(BROKEN_INET_ADDR) + ;; + *-cray-unicos*) + CFLAGS="$CFLAGS -DCRAY_STACKSEG_END=_getb67" + ;; + *-*-sysv4*) + AC_CHECK_LIB(gen, openlog) + ;; + *-*-machten*) + AC_DEFINE(USE_STRLEN_FOR_AF_UNIX) + ;; + i*86-unknown-sco*) + # From moi@dio.com + AC_DEFINE(HAVE_SCO_ETC_SHADOW) + AC_DEFINE(SCO) + no_ranlib=yes + LIBS="-L/usr/lib/libp -lprot -lx $LIBS" + ;; + *-convex-bsd*) + # From mark.martinec@nsc.ijs.si + # On Convex, getpwnam sets pw_passwd if running as root + no_shadows_password_checking=yes + ;; + *-*-freebsd*) + # From Ollivier Robert: FreeBSD and NetBSD use master.passwd, but set + # pw_passwd automatically when running as root. + no_shadow_password_checking=yes + ;; + *-*-netbsd*) + # From Ollivier Robert: FreeBSD and NetBSD use master.passwd, but set + # pw_passwd automatically when running as root. + no_shadow_password_checking=yes + ;; + *-*-openbsd*) + no_shadow_password_checking=yes + ;; + *) + ;; +esac + +# Socket pairs appear to be broken on several systems. I don't know exactly +# where, so I'll use pipes everywhere for now. +AC_DEFINE(USE_PIPES) + +AC_MSG_CHECKING([that the compiler works]) +AC_TRY_RUN([ main(int ac, char **av) { return 0; } ], + AC_MSG_RESULT(yes), + AC_MSG_RESULT(no) + AC_MSG_ERROR(Could not compile and run even a trivial ANSI C program - check CC.), + AC_MSG_ERROR(Could not compile and run even a trivial ANSI C program - check CC.)) + +if test -z "$no_pipe"; then +if test -n "$GCC"; then + AC_MSG_CHECKING([if the compiler understands -pipe]) + OLDCC="$CC" + CC="$CC -pipe" + AC_TRY_COMPILE(,, + AC_MSG_RESULT(yes), + CC="$OLDCC" + AC_MSG_RESULT(no)) +fi +fi + +AC_ARG_ENABLE(warnings, +[ --enable-warnings Enable -Wall if using gcc.], +[ if test -n "$GCC"; then + AC_MSG_RESULT(Adding -Wall to CFLAGS.) + CFLAGS="$CFLAGS -Wall" + fi]) + +if test -z "$no_vhangup"; then + AC_CHECK_FUNCS(vhangup) +fi + +if test -z "$no_setsid"; then + AC_CHECK_FUNCS(setsid) +fi + +AC_MSG_CHECKING(where to find mandatory GMP library) +AC_ARG_WITH(gmp, +[ --with-gmp[=PATH] Where to find GMP library.], +[ case "$withval" in + no) + echo "GMP is mandatory! Aborting!" + exit 1 + ;; + *) + ;; + esac ], +[ with_gmp=yes ] +) +# gmp continued +echo argument="$with_gmp" +case "$with_gmp" in +yes) + AC_CHECK_HEADERS(gmp.h) + if test "$ac_cv_header_gmp_h" != yes; then + echo "Can't find include file gmp.h! Aborting!" + echo "You must first build and install GMP, please read the file INSTALL" + exit 1 + fi + AC_CHECK_LIB(gmp, main) + if test "$ac_cv_lib_gmp_main" != yes; then + echo "Can't find library gmp (libgmp.a)! Aborting" + echo "You must first build and install GMP, please read the file INSTALL" + exit 1 + fi + GMPINCS="" + GMPLIBS="-lgmp" + ;; +*) + GMPINCS="-I$with_gmp/include" + GMPLIBS="-L$with_gmp/lib -lgmp" + ;; +esac +AC_SUBST(GMPINCS) dnl +AC_SUBST(GMPLIBS) dnl + +AC_CHECK_FUNCS(_getpty clock fchmod getdtablesize gethostname getrusage) +AC_CHECK_FUNCS(gettimeofday initgroups innetgr memcpy openpty popen seteuid) +AC_CHECK_FUNCS(setlogin setluid setrlimit strchr times ulimit umask vsnprintf) + +AC_TYPE_SIGNAL +AC_TYPE_SIZE_T +AC_TYPE_UID_T +AC_TYPE_OFF_T +AC_TYPE_MODE_T +AC_STRUCT_ST_BLKSIZE + +AC_C_CONST +AC_C_INLINE +AC_C_BIGENDIAN +AC_CHECK_SIZEOF(long) +AC_CHECK_SIZEOF(int) +AC_CHECK_SIZEOF(short) + +if test -z "$no_termios"; then + AC_CHECK_HEADERS(termios.h) +fi + +AC_HEADER_STDC +AC_HEADER_SYS_WAIT +AC_CHECK_HEADERS(unistd.h rusage.h sys/time.h lastlog.h utmp.h utmpx.h) +AC_CHECK_HEADERS(sgtty.h sys/select.h sys/ioctl.h sys/filio.h) +AC_CHECK_HEADERS(paths.h usersec.h utime.h netinet/in_systm.h ulimit.h) +AC_HEADER_TIME +AC_HEADER_DIRENT +AC_HEADER_STAT +AC_EGREP_HEADER(ut_pid, utmp.h, AC_DEFINE(HAVE_PID_IN_UTMP)) +AC_EGREP_HEADER(ut_name, utmp.h, AC_DEFINE(HAVE_NAME_IN_UTMP)) +AC_EGREP_HEADER(ut_id, utmp.h, AC_DEFINE(HAVE_ID_IN_UTMP)) +AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_HOST_IN_UTMP)) +AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_ADDR_IN_UTMP)) + +AC_EGREP_HEADER(ut_session, utmpx.h, AC_DEFINE(HAVE_UT_SESSION)) +AC_EGREP_HEADER(ut_syslen, utmpx.h, AC_DEFINE(HAVE_UT_SYSLEN)) + +AC_CHECK_LIB(c, crypt, [true], AC_CHECK_LIB(crypt, crypt)) +AC_CHECK_LIB(nsl, main) +if test -z "$no_libsocket"; then + AC_CHECK_LIB(socket, socket) +fi +if test -z "$no_libsun"; then + AC_CHECK_LIB(sun, getpwnam) +fi +AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) + LIBS="$LIBS -lutil") + +AC_CHECK_LIB(des, main) + +AC_REPLACE_FUNCS(strerror memmove remove random putenv socketpair) + +AC_PROG_LN_S +AC_PROG_INSTALL +if test -z "$no_ranlib"; then + AC_PROG_RANLIB +else + RANLIB=":" +fi +AC_PROGRAMS_CHECK(MAKEDEP, makedepend makedep, makedepend) +AC_PATH_PROGS(WISH, wish8.0 wish wishx wish4.1 true) +if test `basename $WISH` = "true"; then + AC_MSG_WARN(the wish program was not found - ssh-askpass will not work.) + WISH="/usr/local/bin/wish" +fi +AC_PATH_PROG(XAUTH_PATH, xauth, , $PATH:/usr/X11R6/bin) +if test -n "$XAUTH_PATH"; then + AC_DEFINE_UNQUOTED(XAUTH_PATH, "$XAUTH_PATH") +fi + +AC_MSG_CHECKING(for pseudo ttys) +if test -c /dev/ptmx && test -c /dev/pts/0 +then + AC_DEFINE(HAVE_DEV_PTMX) + AC_MSG_RESULT(streams ptys) +else +if test -c /dev/pts && test -c /dev/ptc +then + AC_DEFINE(HAVE_DEV_PTS_AND_PTC) + AC_MSG_RESULT(/dev/pts and /dev/ptc) +else + AC_MSG_RESULT(bsd-style ptys) +fi +fi + +AC_MSG_CHECKING(for /etc/default/login) +if test -f /etc/default/login; then + AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) + AC_MSG_RESULT(yes) +else + AC_MSG_RESULT(no) +fi + +if test -z "$no_shadows_password_checking"; then + AC_MSG_CHECKING(for shadow passwords) + if test -f /etc/shadow; then + AC_DEFINE(HAVE_ETC_SHADOW) + AC_MSG_RESULT(/etc/shadow) + elif test -n "$os_aix"; then + AC_DEFINE(HAVE_ETC_SECURITY_PASSWD) + AC_MSG_RESULT(/etc/security/passwd) + elif test -n "$os_sunos"; then + AC_DEFINE(HAVE_ETC_SECURITY_PASSWD_ADJUNCT) + AC_MSG_RESULT(/etc/security/passwd.adjunct) + else + AC_MSG_RESULT(no) + fi +fi + +AC_MSG_CHECKING(location of mail spool files) +for dir in /var/spool/mail /var/mail /usr/spool/mail /usr/mail NEWMAIL +do + if test "$dir" = "NEWMAIL"; then + AC_DEFINE(HAVE_TILDE_NEWMAIL) + AC_MSG_RESULT(\$HOME/newmail) + AC_MSG_WARN(mail spool directory was not found: assuming you use \$HOME/newmail) + elif test -d $dir; then + AC_DEFINE_UNQUOTED(MAIL_SPOOL_DIRECTORY, "$dir") + AC_MSG_RESULT($dir) + break + fi +done + +AC_MSG_CHECKING(location of utmp) +if test -f /var/run/utmp; then + AC_DEFINE(SSH_UTMP, "/var/run/utmp") + AC_MSG_RESULT(/var/run/utmp) +elif test -f /var/log/utmp; then + AC_DEFINE(SSH_UTMP, "/var/log/utmp") + AC_MSG_RESULT(/var/log/utmp) +elif test -f /var/adm/utmp; then + AC_DEFINE(SSH_UTMP, "/var/adm/utmp") + AC_MSG_RESULT(/var/adm/utmp) +elif test -f /usr/adm/utmp; then + AC_DEFINE(SSH_UTMP, "/usr/adm/utmp") + AC_MSG_RESULT(/usr/adm/utmp) +elif test -f /etc/utmp; then + AC_DEFINE(SSH_UTMP, "/etc/utmp") + AC_MSG_RESULT(/etc/utmp) +else + AC_MSG_RESULT(not found) +fi + +AC_MSG_CHECKING(location of wtmp) +if test -f /var/log/wtmp; then + AC_DEFINE(SSH_WTMP, "/var/log/wtmp") + AC_MSG_RESULT(/var/log/wtmp) +elif test -f /var/adm/wtmp; then + AC_DEFINE(SSH_WTMP, "/var/adm/wtmp") + AC_MSG_RESULT(/var/adm/wtmp) +elif test -f /usr/adm/wtmp; then + AC_DEFINE(SSH_WTMP, "/usr/adm/wtmp") + AC_MSG_RESULT(/usr/adm/wtmp) +elif test -f /etc/wtmp; then + AC_DEFINE(SSH_WTMP, "/etc/wtmp") + AC_MSG_RESULT(/etc/wtmp) +else + AC_DEFINE(SSH_WTMP, "/var/adm/wtmp") + AC_MSG_RESULT(not found) +fi + +AC_MSG_CHECKING(location of lastlog) +if test -f /var/log/lastlog || test -d /var/log/lastlog; then + AC_DEFINE(SSH_LASTLOG, "/var/log/lastlog") + AC_DEFINE(HAVE_LASTLOG) + LASTLOG=/var/log/lastlog + AC_MSG_RESULT(/var/log/lastlog) +elif test -f /var/adm/lastlog || test -d /var/adm/lastlog; then + AC_DEFINE(SSH_LASTLOG, "/var/adm/lastlog") + AC_DEFINE(HAVE_LASTLOG) + LASTLOG=/var/adm/lastlog + AC_MSG_RESULT(/var/adm/lastlog) +elif test -f /usr/adm/lastlog || test -d /usr/adm/lastlog; then + AC_DEFINE(SSH_LASTLOG, "/usr/adm/lastlog") + AC_DEFINE(HAVE_LASTLOG) + LASTLOG=/usr/adm/lastlog + AC_MSG_RESULT(/usr/adm/lastlog) +elif test -f /etc/lastlog || test -d /etc/lastlog; then + AC_DEFINE(SSH_LASTLOG, "/etc/lastlog") + AC_DEFINE(HAVE_LASTLOG) + LASTLOG=/etc/lastlog + AC_MSG_RESULT(/etc/lastlog) +else + AC_MSG_RESULT(not found) + AC_DEFINE(SSH_LASTLOG, "/var/log/lastlog") + LASTLOG=/var/log/lastlog +fi + +AC_MSG_CHECKING(whether $LASTLOG is a directory) +if test -d $LASTLOG +then + AC_MSG_RESULT(yes) + AC_DEFINE(LASTLOG_IS_DIR) +else + AC_MSG_RESULT(no) +fi + +AC_MSG_CHECKING(whether to include the IDEA encryption algorithm) +AC_ARG_WITH(idea, +[ --with-idea Use IDEA (not default). + --without-idea Don't use IDEA: avoids patent problems in commercial use], +[ case "$withval" in + yes) + AC_MSG_RESULT(yes) + CONFOBJS="$CONFOBJS idea.o" + AC_DEFINE(WITH_IDEA) + ;; + *) + AC_MSG_RESULT(no) + ;; + esac ], + AC_MSG_RESULT(no) +) + +AC_MSG_CHECKING(whether to include the RC4 encryption algorithm) +AC_ARG_WITH(rc4, +[ --with-rc4 Include RC4 support. + --without-rc4 Don't include RC4 support (default)], +[ case "$withval" in + yes) + AC_MSG_RESULT(yes) + CONFOBJS="$CONFOBJS rc4.o" + AC_DEFINE(WITH_RC4) + ;; + *) + AC_MSG_RESULT(no) + ;; + esac ], + AC_MSG_RESULT(no) +) + +AC_MSG_CHECKING(whether to include the Blowfish encryption algorithm) +AC_ARG_WITH(blowfish, +[ --with-blowfish Include Blowfish support (default). + --without-blowfish Don't include Blowfish support], +[ case "$withval" in + no) + ;; + *) + with_blowfish=yes + ;; + esac ], + with_blowfish=yes +) + +case "$with_blowfish" in +yes) + AC_DEFINE(WITH_BLOWFISH) + CONFOBJS="$CONFOBJS bf_skey.o bf_enc.o" + AC_MSG_RESULT(yes) + ;; +no) + AC_MSG_RESULT(no) + ;; +esac + +AC_MSG_CHECKING(whether to use rsaref) +AC_ARG_WITH(rsaref, +[ --with-rsaref Use RSAREF (try to avoid patent problems in U.S.) + --without-rsaref Use normal RSA routines (default). ], +[ case "$withval" in + no) + AC_MSG_RESULT(no) + ;; + *) + AC_MSG_RESULT(yes) + AC_DEFINE(RSAREF) + RSAREFDEP="rsaref2/source/librsaref.a" + LIBS="-lrsaref $LIBS" + LDFLAGS="-Lrsaref2/source $LDFLAGS" + ;; + esac ], + AC_MSG_RESULT(no) +) + +AC_MSG_CHECKING(whether to use ssl) +AC_ARG_WITH(ssl, +[ --with-ssl Use SSL (try to avoid patent problems in U.S.) + --without-ssl Use normal RSA routines (default). ], +[ case "$withval" in + no) + AC_MSG_RESULT(no) + ;; + *) + AC_MSG_RESULT(yes) + AC_DEFINE(DO_SSL) + LIBS="-lcrypto $LIBS" + ;; + esac ], + AC_MSG_RESULT(no) +) + +AC_MSG_CHECKING(whether to use rsh) +AC_ARG_WITH(rsh, +[ --with-rsh=PATH Specify where to find rsh. + --without-rsh Do not use rsh under any conditions. ], +[ case "$withval" in + no) + AC_MSG_RESULT(no) + ;; + yes) + AC_MSG_RESULT(yes) + AC_PATH_PROGS(RSH_PATH, remsh rsh) + AC_DEFINE_UNQUOTED(RSH_PATH, "$RSH_PATH") + ;; + *) + AC_MSG_RESULT($withval) + AC_DEFINE_UNQUOTED(RSH_PATH, "$withval") + ;; + esac ], + [ AC_MSG_RESULT(yes) + AC_PATH_PROGS(RSH_PATH, remsh rsh) + AC_DEFINE_UNQUOTED(RSH_PATH, "$RSH_PATH") ] +) + +# Code to permit setting default path for users (alden@math.ohio-state.edu) +AC_MSG_CHECKING(default path) +AC_ARG_WITH(path, +[ --with-path=PATH Default path passed to user shell by sshd.], +[ case "$withval" in + no) + AC_MSG_RESULT(use system default) + ;; + *) + AC_MSG_RESULT($withval) + AC_DEFINE_UNQUOTED(DEFAULT_PATH, "$withval") + ;; + esac ], + AC_MSG_RESULT(use system default) +) + +AC_MSG_CHECKING(etcdir) +AC_ARG_WITH(etcdir, +[ --with-etcdir=PATH Directory containing ssh system files (default /etc).], +[ case "$withval" in + no) + AC_MSG_ERROR(Need ETCDIR.) + ;; + yes) + ETCDIR="/etc" + AC_MSG_RESULT(/etc) + ;; + *) + ETCDIR="$withval" + AC_MSG_RESULT($withval) + ;; + esac ], + ETCDIR="/etc" + AC_MSG_RESULT(/etc) +) + +AC_MSG_CHECKING(whether to support SecurID) +AC_ARG_WITH(securid, +[ --with-securid[=PATH] Enable support for Security Dynamics SecurID card.], +[ case "$withval" in + no) + AC_MSG_RESULT(no) + ;; + yes) + AC_MSG_RESULT(yes) + if test '!' -f /usr/ace/sdiclient.a; then + AC_ERROR(SecurID sdiclient.a not found in /usr/ace: you must supply the path.) + fi + AC_MSG_RESULT(yes) + AC_MSG_RESULT(Assuming SecurID headers and libraries are in /usr/ace.) + AC_DEFINE(HAVE_SECURID) + CFLAGS="$CFLAGS -I/usr/ace" + LIBS="/usr/ace/sdiclient.a $LIBS" + ;; + *) + AC_MSG_RESULT(yes) + if test '!' -f $withval/sdiclient.a; then + AC_ERROR(SecurID sdiclient.a not found in $withval: please supply the correct path.) + fi + AC_MSG_RESULT(Assuming SecurID headers and libraries are in $withval.) + AC_DEFINE(HAVE_SECURID) + CFLAGS="$CFLAGS -I$withval" + LIBS="$withval/sdiclient.a $LIBS" + ;; + esac ], + AC_MSG_RESULT(no) +) + +AC_MSG_CHECKING(whether to include compression support) +AC_ARG_WITH(zlib, +[ --with-zlib Use zlib (default). + --without-zlib Don't use zlib.], +[ case "$withval" in + no) + ;; + *) + with_zlib=yes + ;; + esac ], + with_zlib=yes +) + +case "$with_zlib" in +yes) + AC_MSG_RESULT(yes) + AC_CHECK_HEADERS(zlib.h) + if test "$ac_cv_header_zlib_h" != yes; then + echo "Can't find zlib.h, disable with --without-zlib" + exit 1 + fi + AC_CHECK_LIB(z, main) + if test "$ac_cv_lib_z_main" != yes; then + echo "Can't find library z (libz.a), disable with --without-zlib" + exit 1 + fi + CONFOBJS="$CONFOBJS compress.o" + AC_DEFINE(WITH_ZLIB) + ;; +no) + AC_MSG_RESULT(no) + ;; +esac + +AC_MSG_CHECKING(whether to use Kerberos v4) +AC_ARG_WITH(krb4, +[ --with-krb4[=PATH] Compile in Kerberos v4 support.], +[ case "$withval" in + yes) + ;; + no) + ;; + *) + ;; + esac ], +[ with_krb4=default ] +) +# krb4 continued +case "$with_krb4" in +no) + AC_MSG_RESULT(no) + ;; +yes) + AC_MSG_RESULT(yes) + AC_CHECK_HEADERS(krb.h) + if test "$ac_cv_header_krb_h" != yes; then + echo "Can't find include file krb.h! Aborting!" + exit 1 + fi + AC_CHECK_LIB(krb, main) + if test "$ac_cv_lib_krb_main" != yes; then + echo "Can't find library krb (libkrb.a)! Aborting" + exit 1 + fi + AC_DEFINE(KRB4) + KRB4_AUTH="auth-krb4.o" + KRB4_ROOT="" + KRB4_INCS="" + KRB4_LIBS="-lkrb -ldes" + AC_CHECK_LIB(resolv, dn_expand, KRB4_LIBS="$KRB4_LIBS -lresolv") + ;; +default) + AC_CHECK_HEADERS(krb.h) + AC_CHECK_LIB(krb, main) + if test "$ac_cv_header_krb_h" = yes -a "$ac_cv_lib_krb_main" = yes; then + AC_MSG_RESULT(yes) + AC_DEFINE(KRB4) + KRB4_AUTH="auth-krb4.o" + KRB4_ROOT="" + KRB4_INCS="" + KRB4_LIBS="-lkrb -ldes" + AC_CHECK_LIB(resolv, dn_expand, KRB4_LIBS="$KRB4_LIBS -lresolv") + else + AC_MSG_RESULT(no) + fi + ;; +*) + AC_MSG_RESULT(yes) + AC_DEFINE(KRB4) + KRB4_AUTH="auth-krb4.o" + KRB4_ROOT="$with_krb4" + KRB4_INCS="-I\$(KRB4_ROOT)/include" + KRB4_LIBS="-L\$(KRB4_ROOT)/lib -lkrb -ldes" + AC_CHECK_LIB(resolv, dn_expand, KRB4_LIBS="$KRB4_LIBS -lresolv") + ;; +esac +AC_SUBST(KRB4_AUTH) dnl +AC_SUBST(KRB4_ROOT) dnl +AC_SUBST(KRB4_INCS) dnl +AC_SUBST(KRB4_LIBS) dnl + +AC_MSG_CHECKING(whether to use AFS) +AC_ARG_WITH(afs, +[ --with-afs Compile in AFS support (requires KTH krb4).], +if test "$with_afs" = no; then + AC_MSG_RESULT(no) + else + AC_MSG_RESULT(yes) + AC_DEFINE(AFS) + AC_DEFINE(KERBEROS_TGT_PASSING) + RADIX="radix.o" + if test "$with_krb4" = no; then + AC_MSG_RESULT(no) + AC_MSG_WARN("AFS requires Kerberos v4 support.") + else + KRB4_LIBS="${KRB4_LIBS} -lkafs" + if test -n "$os_aix"; then + KRB4_LIBS="${KRB4_LIBS} -lld" + fi + fi +fi +) +AC_SUBST(RADIX)dnl + +AC_MSG_CHECKING(whether to use libwrap) +AC_ARG_WITH(libwrap, +[ --with-libwrap[=PATH] Compile in libwrap (tcp_wrappers) support.], +[ case "$withval" in + no) + AC_MSG_RESULT(no) + ;; + yes) + AC_MSG_RESULT(yes) + AC_DEFINE(LIBWRAP) + LIBS="-lwrap $LIBS" + AC_TRY_LINK([ int allow_severity; int deny_severity; ], + [ hosts_access(); ], + [], + [ AC_MSG_ERROR(Could not find the libwrap.a library. You must first install tcp_wrappers.) ]) + ;; + *) + AC_MSG_RESULT(yes) + AC_DEFINE(LIBWRAP) + LIBS="$withval $LIBS" + AC_TRY_LINK([ int allow_severity; int deny_severity; ], + [ hosts_access(); ], + [], + [ AC_MSG_ERROR(Could not find the $withval library. You must first install tcp_wrappers.) ]) + ;; + esac ], + AC_MSG_RESULT(no) +) + +AC_MSG_CHECKING(whether to support SOCKS) +AC_ARG_WITH(socks, +[ --with-socks[=PATH] Compile with SOCKS firewall traversal support.], +[ case "$withval" in + no) + AC_MSG_RESULT(no) + ;; + *) + AC_MSG_RESULT(yes) + AC_DEFINE(SOCKS) + AC_DEFINE(connect, Rconnect) + AC_DEFINE(getsockname, Rgetsockname) + AC_DEFINE(bind, Rbind) + AC_DEFINE(accept, Raccept) + AC_DEFINE(listen, Rlisten) + AC_DEFINE(select, Rselect) + if test "x$withval" = "xyes"; then + withval="-lsocks" + fi + LIBS="$withval $LIBS" + AC_TRY_LINK([], + [ Rconnect(); ], + [], + [ AC_MSG_ERROR(Could not find the $withval library. You must first install socks.) ]) + ;; + esac ], + AC_MSG_RESULT(no) +) + +PIDDIR="/var/run" +AC_MSG_CHECKING(where to put sshd.pid) +if test '!' -d $PIDDIR; then + PIDDIR="$ETCDIR" +fi +AC_MSG_RESULT($PIDDIR) + +AC_ARG_PROGRAM + +AC_SUBST(ETCDIR) +AC_SUBST(PIDDIR) +AC_SUBST(RSAREFDEP) +AC_SUBST(CONFOBJS) + +AC_OUTPUT(Makefile sshd.8 ssh.1) Index: usr.bin/ssh/crc32.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/crc32.c,v retrieving revision 1.2 retrieving revision 1.4 diff -u -r1.2 -r1.4 --- usr.bin/ssh/crc32.c 1999/10/01 18:18:40 1.2 +++ usr.bin/ssh/crc32.c 1999/11/24 00:26:01 1.4 @@ -1,9 +1,12 @@ -/* The implementation here was originally done by Gary S. Brown. I have - borrowed the tables directly, and made some minor changes to the - crc32-function (including changing the interface). //ylo */ +/* + * The implementation here was originally done by Gary S. Brown. + * I have borrowed the tables directly, and made some minor changes + * to the crc32-function (including changing the interface). + * //ylo + */ #include "includes.h" -RCSID("$Id: crc32.c,v 1.2 1999/10/01 18:18:40 deraadt Exp $"); +RCSID("$Id: crc32.c,v 1.4 1999/11/24 00:26:01 deraadt Exp $"); #include "crc32.h" @@ -48,73 +51,71 @@ /* -------------------------------------------------------------------- */ static unsigned int crc32_tab[] = { - 0x00000000L, 0x77073096L, 0xee0e612cL, 0x990951baL, 0x076dc419L, - 0x706af48fL, 0xe963a535L, 0x9e6495a3L, 0x0edb8832L, 0x79dcb8a4L, - 0xe0d5e91eL, 0x97d2d988L, 0x09b64c2bL, 0x7eb17cbdL, 0xe7b82d07L, - 0x90bf1d91L, 0x1db71064L, 0x6ab020f2L, 0xf3b97148L, 0x84be41deL, - 0x1adad47dL, 0x6ddde4ebL, 0xf4d4b551L, 0x83d385c7L, 0x136c9856L, - 0x646ba8c0L, 0xfd62f97aL, 0x8a65c9ecL, 0x14015c4fL, 0x63066cd9L, - 0xfa0f3d63L, 0x8d080df5L, 0x3b6e20c8L, 0x4c69105eL, 0xd56041e4L, - 0xa2677172L, 0x3c03e4d1L, 0x4b04d447L, 0xd20d85fdL, 0xa50ab56bL, - 0x35b5a8faL, 0x42b2986cL, 0xdbbbc9d6L, 0xacbcf940L, 0x32d86ce3L, - 0x45df5c75L, 0xdcd60dcfL, 0xabd13d59L, 0x26d930acL, 0x51de003aL, - 0xc8d75180L, 0xbfd06116L, 0x21b4f4b5L, 0x56b3c423L, 0xcfba9599L, - 0xb8bda50fL, 0x2802b89eL, 0x5f058808L, 0xc60cd9b2L, 0xb10be924L, - 0x2f6f7c87L, 0x58684c11L, 0xc1611dabL, 0xb6662d3dL, 0x76dc4190L, - 0x01db7106L, 0x98d220bcL, 0xefd5102aL, 0x71b18589L, 0x06b6b51fL, - 0x9fbfe4a5L, 0xe8b8d433L, 0x7807c9a2L, 0x0f00f934L, 0x9609a88eL, - 0xe10e9818L, 0x7f6a0dbbL, 0x086d3d2dL, 0x91646c97L, 0xe6635c01L, - 0x6b6b51f4L, 0x1c6c6162L, 0x856530d8L, 0xf262004eL, 0x6c0695edL, - 0x1b01a57bL, 0x8208f4c1L, 0xf50fc457L, 0x65b0d9c6L, 0x12b7e950L, - 0x8bbeb8eaL, 0xfcb9887cL, 0x62dd1ddfL, 0x15da2d49L, 0x8cd37cf3L, - 0xfbd44c65L, 0x4db26158L, 0x3ab551ceL, 0xa3bc0074L, 0xd4bb30e2L, - 0x4adfa541L, 0x3dd895d7L, 0xa4d1c46dL, 0xd3d6f4fbL, 0x4369e96aL, - 0x346ed9fcL, 0xad678846L, 0xda60b8d0L, 0x44042d73L, 0x33031de5L, - 0xaa0a4c5fL, 0xdd0d7cc9L, 0x5005713cL, 0x270241aaL, 0xbe0b1010L, - 0xc90c2086L, 0x5768b525L, 0x206f85b3L, 0xb966d409L, 0xce61e49fL, - 0x5edef90eL, 0x29d9c998L, 0xb0d09822L, 0xc7d7a8b4L, 0x59b33d17L, - 0x2eb40d81L, 0xb7bd5c3bL, 0xc0ba6cadL, 0xedb88320L, 0x9abfb3b6L, - 0x03b6e20cL, 0x74b1d29aL, 0xead54739L, 0x9dd277afL, 0x04db2615L, - 0x73dc1683L, 0xe3630b12L, 0x94643b84L, 0x0d6d6a3eL, 0x7a6a5aa8L, - 0xe40ecf0bL, 0x9309ff9dL, 0x0a00ae27L, 0x7d079eb1L, 0xf00f9344L, - 0x8708a3d2L, 0x1e01f268L, 0x6906c2feL, 0xf762575dL, 0x806567cbL, - 0x196c3671L, 0x6e6b06e7L, 0xfed41b76L, 0x89d32be0L, 0x10da7a5aL, - 0x67dd4accL, 0xf9b9df6fL, 0x8ebeeff9L, 0x17b7be43L, 0x60b08ed5L, - 0xd6d6a3e8L, 0xa1d1937eL, 0x38d8c2c4L, 0x4fdff252L, 0xd1bb67f1L, - 0xa6bc5767L, 0x3fb506ddL, 0x48b2364bL, 0xd80d2bdaL, 0xaf0a1b4cL, - 0x36034af6L, 0x41047a60L, 0xdf60efc3L, 0xa867df55L, 0x316e8eefL, - 0x4669be79L, 0xcb61b38cL, 0xbc66831aL, 0x256fd2a0L, 0x5268e236L, - 0xcc0c7795L, 0xbb0b4703L, 0x220216b9L, 0x5505262fL, 0xc5ba3bbeL, - 0xb2bd0b28L, 0x2bb45a92L, 0x5cb36a04L, 0xc2d7ffa7L, 0xb5d0cf31L, - 0x2cd99e8bL, 0x5bdeae1dL, 0x9b64c2b0L, 0xec63f226L, 0x756aa39cL, - 0x026d930aL, 0x9c0906a9L, 0xeb0e363fL, 0x72076785L, 0x05005713L, - 0x95bf4a82L, 0xe2b87a14L, 0x7bb12baeL, 0x0cb61b38L, 0x92d28e9bL, - 0xe5d5be0dL, 0x7cdcefb7L, 0x0bdbdf21L, 0x86d3d2d4L, 0xf1d4e242L, - 0x68ddb3f8L, 0x1fda836eL, 0x81be16cdL, 0xf6b9265bL, 0x6fb077e1L, - 0x18b74777L, 0x88085ae6L, 0xff0f6a70L, 0x66063bcaL, 0x11010b5cL, - 0x8f659effL, 0xf862ae69L, 0x616bffd3L, 0x166ccf45L, 0xa00ae278L, - 0xd70dd2eeL, 0x4e048354L, 0x3903b3c2L, 0xa7672661L, 0xd06016f7L, - 0x4969474dL, 0x3e6e77dbL, 0xaed16a4aL, 0xd9d65adcL, 0x40df0b66L, - 0x37d83bf0L, 0xa9bcae53L, 0xdebb9ec5L, 0x47b2cf7fL, 0x30b5ffe9L, - 0xbdbdf21cL, 0xcabac28aL, 0x53b39330L, 0x24b4a3a6L, 0xbad03605L, - 0xcdd70693L, 0x54de5729L, 0x23d967bfL, 0xb3667a2eL, 0xc4614ab8L, - 0x5d681b02L, 0x2a6f2b94L, 0xb40bbe37L, 0xc30c8ea1L, 0x5a05df1bL, - 0x2d02ef8dL - }; + 0x00000000L, 0x77073096L, 0xee0e612cL, 0x990951baL, 0x076dc419L, + 0x706af48fL, 0xe963a535L, 0x9e6495a3L, 0x0edb8832L, 0x79dcb8a4L, + 0xe0d5e91eL, 0x97d2d988L, 0x09b64c2bL, 0x7eb17cbdL, 0xe7b82d07L, + 0x90bf1d91L, 0x1db71064L, 0x6ab020f2L, 0xf3b97148L, 0x84be41deL, + 0x1adad47dL, 0x6ddde4ebL, 0xf4d4b551L, 0x83d385c7L, 0x136c9856L, + 0x646ba8c0L, 0xfd62f97aL, 0x8a65c9ecL, 0x14015c4fL, 0x63066cd9L, + 0xfa0f3d63L, 0x8d080df5L, 0x3b6e20c8L, 0x4c69105eL, 0xd56041e4L, + 0xa2677172L, 0x3c03e4d1L, 0x4b04d447L, 0xd20d85fdL, 0xa50ab56bL, + 0x35b5a8faL, 0x42b2986cL, 0xdbbbc9d6L, 0xacbcf940L, 0x32d86ce3L, + 0x45df5c75L, 0xdcd60dcfL, 0xabd13d59L, 0x26d930acL, 0x51de003aL, + 0xc8d75180L, 0xbfd06116L, 0x21b4f4b5L, 0x56b3c423L, 0xcfba9599L, + 0xb8bda50fL, 0x2802b89eL, 0x5f058808L, 0xc60cd9b2L, 0xb10be924L, + 0x2f6f7c87L, 0x58684c11L, 0xc1611dabL, 0xb6662d3dL, 0x76dc4190L, + 0x01db7106L, 0x98d220bcL, 0xefd5102aL, 0x71b18589L, 0x06b6b51fL, + 0x9fbfe4a5L, 0xe8b8d433L, 0x7807c9a2L, 0x0f00f934L, 0x9609a88eL, + 0xe10e9818L, 0x7f6a0dbbL, 0x086d3d2dL, 0x91646c97L, 0xe6635c01L, + 0x6b6b51f4L, 0x1c6c6162L, 0x856530d8L, 0xf262004eL, 0x6c0695edL, + 0x1b01a57bL, 0x8208f4c1L, 0xf50fc457L, 0x65b0d9c6L, 0x12b7e950L, + 0x8bbeb8eaL, 0xfcb9887cL, 0x62dd1ddfL, 0x15da2d49L, 0x8cd37cf3L, + 0xfbd44c65L, 0x4db26158L, 0x3ab551ceL, 0xa3bc0074L, 0xd4bb30e2L, + 0x4adfa541L, 0x3dd895d7L, 0xa4d1c46dL, 0xd3d6f4fbL, 0x4369e96aL, + 0x346ed9fcL, 0xad678846L, 0xda60b8d0L, 0x44042d73L, 0x33031de5L, + 0xaa0a4c5fL, 0xdd0d7cc9L, 0x5005713cL, 0x270241aaL, 0xbe0b1010L, + 0xc90c2086L, 0x5768b525L, 0x206f85b3L, 0xb966d409L, 0xce61e49fL, + 0x5edef90eL, 0x29d9c998L, 0xb0d09822L, 0xc7d7a8b4L, 0x59b33d17L, + 0x2eb40d81L, 0xb7bd5c3bL, 0xc0ba6cadL, 0xedb88320L, 0x9abfb3b6L, + 0x03b6e20cL, 0x74b1d29aL, 0xead54739L, 0x9dd277afL, 0x04db2615L, + 0x73dc1683L, 0xe3630b12L, 0x94643b84L, 0x0d6d6a3eL, 0x7a6a5aa8L, + 0xe40ecf0bL, 0x9309ff9dL, 0x0a00ae27L, 0x7d079eb1L, 0xf00f9344L, + 0x8708a3d2L, 0x1e01f268L, 0x6906c2feL, 0xf762575dL, 0x806567cbL, + 0x196c3671L, 0x6e6b06e7L, 0xfed41b76L, 0x89d32be0L, 0x10da7a5aL, + 0x67dd4accL, 0xf9b9df6fL, 0x8ebeeff9L, 0x17b7be43L, 0x60b08ed5L, + 0xd6d6a3e8L, 0xa1d1937eL, 0x38d8c2c4L, 0x4fdff252L, 0xd1bb67f1L, + 0xa6bc5767L, 0x3fb506ddL, 0x48b2364bL, 0xd80d2bdaL, 0xaf0a1b4cL, + 0x36034af6L, 0x41047a60L, 0xdf60efc3L, 0xa867df55L, 0x316e8eefL, + 0x4669be79L, 0xcb61b38cL, 0xbc66831aL, 0x256fd2a0L, 0x5268e236L, + 0xcc0c7795L, 0xbb0b4703L, 0x220216b9L, 0x5505262fL, 0xc5ba3bbeL, + 0xb2bd0b28L, 0x2bb45a92L, 0x5cb36a04L, 0xc2d7ffa7L, 0xb5d0cf31L, + 0x2cd99e8bL, 0x5bdeae1dL, 0x9b64c2b0L, 0xec63f226L, 0x756aa39cL, + 0x026d930aL, 0x9c0906a9L, 0xeb0e363fL, 0x72076785L, 0x05005713L, + 0x95bf4a82L, 0xe2b87a14L, 0x7bb12baeL, 0x0cb61b38L, 0x92d28e9bL, + 0xe5d5be0dL, 0x7cdcefb7L, 0x0bdbdf21L, 0x86d3d2d4L, 0xf1d4e242L, + 0x68ddb3f8L, 0x1fda836eL, 0x81be16cdL, 0xf6b9265bL, 0x6fb077e1L, + 0x18b74777L, 0x88085ae6L, 0xff0f6a70L, 0x66063bcaL, 0x11010b5cL, + 0x8f659effL, 0xf862ae69L, 0x616bffd3L, 0x166ccf45L, 0xa00ae278L, + 0xd70dd2eeL, 0x4e048354L, 0x3903b3c2L, 0xa7672661L, 0xd06016f7L, + 0x4969474dL, 0x3e6e77dbL, 0xaed16a4aL, 0xd9d65adcL, 0x40df0b66L, + 0x37d83bf0L, 0xa9bcae53L, 0xdebb9ec5L, 0x47b2cf7fL, 0x30b5ffe9L, + 0xbdbdf21cL, 0xcabac28aL, 0x53b39330L, 0x24b4a3a6L, 0xbad03605L, + 0xcdd70693L, 0x54de5729L, 0x23d967bfL, 0xb3667a2eL, 0xc4614ab8L, + 0x5d681b02L, 0x2a6f2b94L, 0xb40bbe37L, 0xc30c8ea1L, 0x5a05df1bL, + 0x2d02ef8dL +}; /* Return a 32-bit CRC of the contents of the buffer. */ -unsigned int crc32(const unsigned char *s, unsigned int len) +unsigned int +crc32(const unsigned char *s, unsigned int len) { - unsigned int i; - unsigned int crc32val; - - crc32val = 0; - for (i = 0; i < len; i ++) - { - crc32val = - crc32_tab[(crc32val ^ s[i]) & 0xff] ^ - (crc32val >> 8); - } - return crc32val; + unsigned int i; + unsigned int crc32val; + + crc32val = 0; + for (i = 0; i < len; i ++) { + crc32val = crc32_tab[(crc32val ^ s[i]) & 0xff] ^ (crc32val >> 8); + } + return crc32val; } Index: usr.bin/ssh/crc32.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/crc32.h,v retrieving revision 1.2 retrieving revision 1.4 diff -u -r1.2 -r1.4 --- usr.bin/ssh/crc32.h 1999/10/01 18:18:56 1.2 +++ usr.bin/ssh/crc32.h 1999/11/24 19:53:46 1.4 @@ -1,25 +1,27 @@ /* + * + * crc32.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1992 Tatu Ylonen, Espoo, Finland + * All rights reserved + * + * Created: Tue Feb 11 14:37:27 1992 ylo + * + * Functions for computing 32-bit CRC. + * + */ -crc32.h +/* RCSID("$Id: crc32.h,v 1.4 1999/11/24 19:53:46 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1992 Tatu Ylonen, Espoo, Finland - All rights reserved - -Created: Tue Feb 11 14:37:27 1992 ylo - -Functions for computing 32-bit CRC. - -*/ - -/* RCSID("$Id: crc32.h,v 1.2 1999/10/01 18:18:56 deraadt Exp $"); */ - #ifndef CRC32_H #define CRC32_H -/* This computes a 32 bit CRC of the data in the buffer, and returns the - CRC. The polynomial used is 0xedb88320. */ +/* + * This computes a 32 bit CRC of the data in the buffer, and returns the CRC. + * The polynomial used is 0xedb88320. + */ unsigned int crc32(const unsigned char *buf, unsigned int len); -#endif /* CRC32_H */ +#endif /* CRC32_H */ Index: usr.bin/ssh/deattack.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/deattack.c,v retrieving revision 1.3 retrieving revision 1.6 diff -u -r1.3 -r1.6 --- usr.bin/ssh/deattack.c 1999/10/05 22:18:52 1.3 +++ usr.bin/ssh/deattack.c 1999/11/24 00:26:01 1.6 @@ -1,5 +1,5 @@ /* - * $Id: deattack.c,v 1.3 1999/10/05 22:18:52 markus Exp $ + * $Id: deattack.c,v 1.6 1999/11/24 00:26:01 deraadt Exp $ * Cryptographic attack detector for ssh - source code * * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. @@ -15,7 +15,8 @@ * SOFTWARE. * * Ariel Futoransky - * */ + * + */ #include "includes.h" #include "deattack.h" @@ -25,156 +26,130 @@ #include "xmalloc.h" /* SSH Constants */ -#define SSH_MAXBLOCKS (32 * 1024) -#define SSH_BLOCKSIZE (8) +#define SSH_MAXBLOCKS (32 * 1024) +#define SSH_BLOCKSIZE (8) /* Hashing constants */ -#define HASH_MINSIZE (8 * 1024) -#define HASH_ENTRYSIZE (2) -#define HASH_FACTOR(x) ((x)*3/2) -#define HASH_UNUSEDCHAR (0xff) -#define HASH_UNUSED (0xffff) -#define HASH_IV (0xfffe) +#define HASH_MINSIZE (8 * 1024) +#define HASH_ENTRYSIZE (2) +#define HASH_FACTOR(x) ((x)*3/2) +#define HASH_UNUSEDCHAR (0xff) +#define HASH_UNUSED (0xffff) +#define HASH_IV (0xfffe) -#define HASH_MINBLOCKS (7*SSH_BLOCKSIZE) +#define HASH_MINBLOCKS (7*SSH_BLOCKSIZE) /* Hash function (Input keys are cipher results) */ -#define HASH(x) GET_32BIT(x) +#define HASH(x) GET_32BIT(x) -#define CMP(a,b) (memcmp(a, b, SSH_BLOCKSIZE)) +#define CMP(a,b) (memcmp(a, b, SSH_BLOCKSIZE)) void -crc_update(u_int32_t * a, u_int32_t b) +crc_update(u_int32_t *a, u_int32_t b) { - b ^= *a; - *a = crc32((unsigned char *) &b, sizeof(b)); + b ^= *a; + *a = crc32((unsigned char *) &b, sizeof(b)); } - -/* - check_crc - detects if a block is used in a particular pattern - */ +/* detect if a block is used in a particular pattern */ int -check_crc(unsigned char *S, unsigned char *buf, u_int32_t len, unsigned char *IV) +check_crc(unsigned char *S, unsigned char *buf, u_int32_t len, + unsigned char *IV) { - u_int32_t crc; - unsigned char *c; - - crc = 0; - if (IV && !CMP(S, IV)) - { - crc_update(&crc, 1); - crc_update(&crc, 0); - } - for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) - { - if (!CMP(S, c)) - { - crc_update(&crc, 1); - crc_update(&crc, 0); - } else - { - crc_update(&crc, 0); - crc_update(&crc, 0); - } - } + u_int32_t crc; + unsigned char *c; - return (crc == 0); + crc = 0; + if (IV && !CMP(S, IV)) { + crc_update(&crc, 1); + crc_update(&crc, 0); + } + for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { + if (!CMP(S, c)) { + crc_update(&crc, 1); + crc_update(&crc, 0); + } else { + crc_update(&crc, 0); + crc_update(&crc, 0); + } + } + return (crc == 0); } -/* - detect_attack - Detects a crc32 compensation attack on a packet - */ +/* Detect a crc32 compensation attack on a packet */ int detect_attack(unsigned char *buf, u_int32_t len, unsigned char *IV) { - static u_int16_t *h = (u_int16_t *) NULL; - static u_int16_t n = HASH_MINSIZE / HASH_ENTRYSIZE; - register u_int32_t i, j; - u_int32_t l; - register unsigned char *c; - unsigned char *d; - - - assert(len <= (SSH_MAXBLOCKS * SSH_BLOCKSIZE)); - assert(len % SSH_BLOCKSIZE == 0); - - for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2); - - if (h == NULL) - { - debug("Installing crc compensation attack detector."); - n = l; - h = (u_int16_t *) xmalloc(n * HASH_ENTRYSIZE); - } else - { - if (l > n) - { - n = l; - h = (u_int16_t *) xrealloc(h, n * HASH_ENTRYSIZE); - } - } - - - if (len <= HASH_MINBLOCKS) - { - for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) - { - if (IV && (!CMP(c, IV))) - { - if ((check_crc(c, buf, len, IV))) - return (DEATTACK_DETECTED); - else - break; - } - for (d = buf; d < c; d += SSH_BLOCKSIZE) - { - if (!CMP(c, d)) - { - if ((check_crc(c, buf, len, IV))) - return (DEATTACK_DETECTED); - else - break; - } - } - } - return (DEATTACK_OK); - } - memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE); - - if (IV) - h[HASH(IV) & (n - 1)] = HASH_IV; - - - for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) - { - for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; - i = (i + 1) & (n - 1)) - { - if (h[i] == HASH_IV) - { - if (!CMP(c, IV)) - { - if (check_crc(c, buf, len, IV)) - return (DEATTACK_DETECTED); - else - break; - } - } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) - { - if (check_crc(c, buf, len, IV)) - return (DEATTACK_DETECTED); - else - break; - } - } - h[i] = j; - } + static u_int16_t *h = (u_int16_t *) NULL; + static u_int16_t n = HASH_MINSIZE / HASH_ENTRYSIZE; + register u_int32_t i, j; + u_int32_t l; + register unsigned char *c; + unsigned char *d; + + if (len > (SSH_MAXBLOCKS * SSH_BLOCKSIZE) || + len % SSH_BLOCKSIZE != 0) { + fatal("detect_attack: bad length %d", len); + } + for (l = n; l < HASH_FACTOR(len / SSH_BLOCKSIZE); l = l << 2) + ; + + if (h == NULL) { + debug("Installing crc compensation attack detector."); + n = l; + h = (u_int16_t *) xmalloc(n * HASH_ENTRYSIZE); + } else { + if (l > n) { + n = l; + h = (u_int16_t *) xrealloc(h, n * HASH_ENTRYSIZE); + } + } - return (DEATTACK_OK); + if (len <= HASH_MINBLOCKS) { + for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { + if (IV && (!CMP(c, IV))) { + if ((check_crc(c, buf, len, IV))) + return (DEATTACK_DETECTED); + else + break; + } + for (d = buf; d < c; d += SSH_BLOCKSIZE) { + if (!CMP(c, d)) { + if ((check_crc(c, buf, len, IV))) + return (DEATTACK_DETECTED); + else + break; + } + } + } + return (DEATTACK_OK); + } + memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE); + + if (IV) + h[HASH(IV) & (n - 1)] = HASH_IV; + + for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { + for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; + i = (i + 1) & (n - 1)) { + if (h[i] == HASH_IV) { + if (!CMP(c, IV)) { + if (check_crc(c, buf, len, IV)) + return (DEATTACK_DETECTED); + else + break; + } + } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { + if (check_crc(c, buf, len, IV)) + return (DEATTACK_DETECTED); + else + break; + } + } + h[i] = j; + } + return (DEATTACK_OK); } Index: usr.bin/ssh/deattack.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/deattack.h,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- usr.bin/ssh/deattack.h 1999/10/05 02:35:57 1.2 +++ usr.bin/ssh/deattack.h 1999/11/24 00:26:01 1.3 @@ -1,4 +1,4 @@ -/* $Id: deattack.h,v 1.2 1999/10/05 02:35:57 dugsong Exp $ +/* * Cryptographic attack detector for ssh - Header file * * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. @@ -14,7 +14,8 @@ * SOFTWARE. * * Ariel Futoransky - * */ + * + */ #ifndef _DEATTACK_H #define _DEATTACK_H @@ -23,5 +24,5 @@ #define DEATTACK_OK 0 #define DEATTACK_DETECTED 1 -int detect_attack(unsigned char *buf, u_int32_t len, unsigned char IV[8]); +int detect_attack(unsigned char *buf, u_int32_t len, unsigned char IV[8]); #endif Index: usr.bin/ssh/fdlim.h =================================================================== RCS file: fdlim.h diff -N fdlim.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsFCcWW31367 Wed Dec 8 12:42:07 1999 @@ -0,0 +1,46 @@ +/* + +fdlim.h + +Author: David Mazieres + Contributed to be part of ssh. + +Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + All rights reserved + +Created: Tue Aug 22 17:21:32 1995 ylo + +*/ + +/* RCSID("$Id: fdlim.h,v 1.3 1999/10/17 23:44:55 markus dead $"); */ + +#ifndef FDLIM_H +#define FDLIM_H + +static int +fdlim_get (int hard) +{ + struct rlimit rlfd; + + if (getrlimit (RLIMIT_NOFILE, &rlfd) < 0) + return (-1); + if ((hard ? rlfd.rlim_max : rlfd.rlim_cur) == RLIM_INFINITY) + return 10000; + else + return hard ? rlfd.rlim_max : rlfd.rlim_cur; +} + +static int +fdlim_set (int lim) { + struct rlimit rlfd; + if (lim <= 0) + return (-1); + if (getrlimit (RLIMIT_NOFILE, &rlfd) < 0) + return (-1); + rlfd.rlim_cur = lim; + if (setrlimit (RLIMIT_NOFILE, &rlfd) < 0) + return (-1); + return (0); +} + +#endif /* FDLIM_H */ Index: usr.bin/ssh/fingerprint.c =================================================================== RCS file: fingerprint.c diff -N fingerprint.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvseNSMJ31367 Wed Dec 8 12:42:07 1999 @@ -0,0 +1,69 @@ +/* + * Copyright (c) 1999 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +RCSID("$Id: fingerprint.c,v 1.4 1999/11/24 16:15:25 markus Exp $"); + +#include "ssh.h" +#include "xmalloc.h" +#include + +#define FPRINT "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x" + +/* + * Generate key fingerprint in ascii format. + * Based on ideas and code from Bjoern Groenvall + */ +char * +fingerprint(BIGNUM *e, BIGNUM *n) +{ + static char retval[80]; + MD5_CTX md; + unsigned char d[16]; + char *buf; + int nlen, elen; + + nlen = BN_num_bytes(n); + elen = BN_num_bytes(e); + + buf = xmalloc(nlen + elen); + + BN_bn2bin(n, buf); + BN_bn2bin(e, buf + nlen); + + MD5_Init(&md); + MD5_Update(&md, buf, nlen + elen); + MD5_Final(d, &md); + snprintf(retval, sizeof(retval), FPRINT, + d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], + d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); + memset(buf, 0, nlen + elen); + xfree(buf); + return retval; +} Index: usr.bin/ssh/fingerprint.h =================================================================== RCS file: fingerprint.h diff -N fingerprint.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvslgKfZ31367 Wed Dec 8 12:42:07 1999 @@ -0,0 +1,34 @@ +/* + * Copyright (c) 1999 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* RCSID("$Id: fingerprint.h,v 1.3 1999/11/24 16:15:25 markus Exp $"); */ + +#ifndef FINGERPRINT_H +#define FINGERPRINT_H +char *fingerprint(BIGNUM * e, BIGNUM * n); +#endif Index: usr.bin/ssh/gen_minfd.c =================================================================== RCS file: gen_minfd.c diff -N gen_minfd.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvscKXBy31367 Wed Dec 8 12:42:07 1999 @@ -0,0 +1,123 @@ +/* + +gen_minfd.c + +Author: David Mazieres + Contributed to be part of ssh. + +Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + All rights reserved + +Created: Tue Aug 22 17:22:57 1995 ylo +Last modified: Tue Aug 22 17:44:32 1995 ylo + +*/ + +#include "includes.h" +#include +#include "fdlim.h" + +static char *self; + +static void +child_test (char *fdstr) +{ + int fd = atoi (fdstr); + if (fcntl (fd, F_GETFL, NULL) < 0) { + exit (1); + } + exit (0); +} + +static int +run_child (char *shell, int fd) +{ + char cmd[128]; + int pid; + int status; + + if (dup2 (0, fd) < 0) { + perror ("dup2"); + return (-1); + } + + sprintf (cmd, "%s -fd %d", self, fd); + + fflush (stdout); + pid = fork (); + if (! pid) { + close (1); /* prevent any garbage from entering the output */ + dup (2); + execlp (shell, shell, "-c", cmd, NULL); + exit (1); + } + close (fd); + if (wait (&status) != pid) { + fprintf (stderr, "wrong/no child??\n"); + exit (1); + } + return (status ? -1 : 0); +} + +static int +do_shell (char *shell) +{ + int fd, min, max; + + min = 3; + max = fdlim_get (0) - 1; + if (max < 0) { + printf ("fdlim_get: bad value\n"); + exit (1); + } + + if (run_child (shell, max) + && run_child (shell, --max)) /* bizarre ultrix weirdness */ + return (-1); + + while (min + 1 < max) { + fd = (min + max) / 2; + if (run_child (shell, fd)) + min = fd; + else + max = fd; + } + return (max); +} + +int +main (int argc, char **argv) +{ + int fd; + int i; + char *p; + + if (argc == 3 && !strcmp (argv[1], "-fd")) + child_test (argv[2]); + self = argv[0]; + + fd = fdlim_get (1); + if (fd < 0) { + fprintf (stderr, "fdlim_get: bad value\n"); + exit (1); + } + fdlim_set (fd); + printf ("/* maximum file descriptors = %d */\n\n", fd); + printf ("struct Min_Auth_Fd {\n" + " int fd;\n" + " char shell[32];\n" + "};\n\n" + "static struct Min_Auth_Fd mafd[] = {\n"); + for (i = 1; i < argc; i++) { + fd = do_shell (argv[i]); + if ((p = strrchr (argv[i], '/'))) + p++; + else + p = argv[i]; + if (fd > 0) + printf (" { %d, \"%s\" },\n", fd, p); + } + printf (" { 0, \"\" },\n};\n\n" + "#define MAFD_MAX (sizeof (mafd) / sizeof (mafd[0]) - 1)\n"); + return (0); +} Index: usr.bin/ssh/getput.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/getput.h,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- usr.bin/ssh/getput.h 1999/09/26 20:53:36 1.1 +++ usr.bin/ssh/getput.h 1999/11/24 00:26:02 1.2 @@ -1,20 +1,20 @@ /* + * + * getput.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Wed Jun 28 22:36:30 1995 ylo + * + * Macros for storing and retrieving data in msb first and lsb first order. + * + */ -getput.h +/* RCSID("$Id: getput.h,v 1.2 1999/11/24 00:26:02 deraadt Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Jun 28 22:36:30 1995 ylo - -Macros for storing and retrieving data in msb first and lsb first order. - -*/ - -/* RCSID("$Id: getput.h,v 1.1 1999/09/26 20:53:36 deraadt Exp $"); */ - #ifndef GETPUT_H #define GETPUT_H @@ -59,6 +59,5 @@ #define PUT_16BIT_LSB_FIRST(cp, value) do { \ (cp)[0] = (value); \ (cp)[1] = (value) >> 8; } while (0) - -#endif /* GETPUT_H */ +#endif /* GETPUT_H */ Index: usr.bin/ssh/host_config.sample =================================================================== RCS file: host_config.sample diff -N host_config.sample --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsbdaRR31367 Wed Dec 8 12:42:07 1999 @@ -0,0 +1,29 @@ +# This is ssh client systemwide configuration file. This file provides +# defaults for users, and the values can be changed in per-user configuration +# files or on the command line. + +# Configuration data is parsed as follows: +# 1. command line options +# 2. user-specific file +# 3. system-wide file +# Any configuration value is only changed the first time it is set. +# Thus, host-specific definitions should be at the beginning of the +# configuration file, and defaults at the end. + +# Site-wide defaults for various options + +# Host * +# ForwardAgent yes +# ForwardX11 yes +# RhostsAuthentication yes +# RhostsRSAAuthentication yes +# RSAAuthentication yes +# PasswordAuthentication yes +# FallBackToRsh yes +# UseRsh no +# BatchMode no +# StrictHostKeyChecking no +# IdentityFile ~/.ssh/identity +# Port 22 +# Cipher idea +# EscapeChar ~ Index: usr.bin/ssh/hostfile.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/hostfile.c,v retrieving revision 1.3 retrieving revision 1.10 diff -u -r1.3 -r1.10 --- usr.bin/ssh/hostfile.c 1999/10/03 21:50:03 1.3 +++ usr.bin/ssh/hostfile.c 1999/12/02 20:18:59 1.10 @@ -1,279 +1,306 @@ /* + * + * hostfile.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Thu Jun 29 07:10:56 1995 ylo + * + * Functions for manipulating the known hosts files. + * + */ -hostfile.c +#include "includes.h" +RCSID("$OpenBSD: hostfile.c,v 1.10 1999/12/02 20:18:59 markus Exp $"); -Author: Tatu Ylonen +#include "packet.h" +#include "ssh.h" -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved +/* + * Reads a multiple-precision integer in hex from the buffer, and advances + * the pointer. The integer must already be initialized. This function is + * permitted to modify the buffer. This leaves *cpp to point just beyond the + * last processed (and maybe modified) character. Note that this may modify + * the buffer containing the number. + */ -Created: Thu Jun 29 07:10:56 1995 ylo +int +auth_rsa_read_bignum(char **cpp, BIGNUM * value) +{ + char *cp = *cpp; + int len, old; -Functions for manipulating the known hosts files. + /* Skip any leading whitespace. */ + for (; *cp == ' ' || *cp == '\t'; cp++) + ; -*/ + /* Check that it begins with a hex digit. */ + if (*cp < '0' || *cp > '9') + return 0; -#include "includes.h" -RCSID("$Id: hostfile.c,v 1.3 1999/10/03 21:50:03 provos Exp $"); + /* Save starting position. */ + *cpp = cp; -#include "packet.h" -#include "ssh.h" + /* Move forward until all hex digits skipped. */ + for (; *cp >= '0' && *cp <= '9'; cp++) + ; -/* Reads a multiple-precision integer in hex from the buffer, and advances the - pointer. The integer must already be initialized. This function is - permitted to modify the buffer. This leaves *cpp to point just beyond - the last processed (and maybe modified) character. Note that this may - modify the buffer containing the number. */ + /* Compute the length of the hex number. */ + len = cp - *cpp; -int -auth_rsa_read_bignum(char **cpp, BIGNUM *value) -{ - char *cp = *cpp; - int len, old; + /* Save the old terminating character, and replace it by \0. */ + old = *cp; + *cp = 0; + + /* Parse the number. */ + if (BN_dec2bn(&value, *cpp) == 0) + return 0; - /* Skip any leading whitespace. */ - for (; *cp == ' ' || *cp == '\t'; cp++) - ; - - /* Check that it begins with a hex digit. */ - if (*cp < '0' || *cp > '9') - return 0; - - /* Save starting position. */ - *cpp = cp; - - /* Move forward until all hex digits skipped. */ - for (; *cp >= '0' && *cp <= '9'; cp++) - ; - - /* Compute the length of the hex number. */ - len = cp - *cpp; - - /* Save the old terminating character, and replace it by \0. */ - old = *cp; - *cp = 0; - - - /* Parse the number. */ - if (BN_dec2bn(&value, *cpp) == 0) - return 0; - - /* Restore old terminating character. */ - *cp = old; - - /* Move beyond the number and return success. */ - *cpp = cp; - return 1; + /* Restore old terminating character. */ + *cp = old; + + /* Move beyond the number and return success. */ + *cpp = cp; + return 1; } -/* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer - over the key. Skips any whitespace at the beginning and at end. */ +/* + * Parses an RSA key (number of bits, e, n) from a string. Moves the pointer + * over the key. Skips any whitespace at the beginning and at end. + */ int -auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM *e, BIGNUM *n) +auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n) { - unsigned int bits; - char *cp; + unsigned int bits; + char *cp; - /* Skip leading whitespace. */ - for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++) - ; - - /* Get number of bits. */ - if (*cp < '0' || *cp > '9') - return 0; /* Bad bit count... */ - for (bits = 0; *cp >= '0' && *cp <= '9'; cp++) - bits = 10 * bits + *cp - '0'; - - /* Get public exponent. */ - if (!auth_rsa_read_bignum(&cp, e)) - return 0; - - /* Get public modulus. */ - if (!auth_rsa_read_bignum(&cp, n)) - return 0; - - /* Skip trailing whitespace. */ - for (; *cp == ' ' || *cp == '\t'; cp++) - ; - - /* Return results. */ - *cpp = cp; - *bitsp = bits; - return 1; + /* Skip leading whitespace. */ + for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++) + ; + + /* Get number of bits. */ + if (*cp < '0' || *cp > '9') + return 0; /* Bad bit count... */ + for (bits = 0; *cp >= '0' && *cp <= '9'; cp++) + bits = 10 * bits + *cp - '0'; + + /* Get public exponent. */ + if (!auth_rsa_read_bignum(&cp, e)) + return 0; + + /* Get public modulus. */ + if (!auth_rsa_read_bignum(&cp, n)) + return 0; + + /* Skip trailing whitespace. */ + for (; *cp == ' ' || *cp == '\t'; cp++) + ; + + /* Return results. */ + *cpp = cp; + *bitsp = bits; + return 1; } -/* Tries to match the host name (which must be in all lowercase) against the - comma-separated sequence of subpatterns (each possibly preceded by ! to - indicate negation). Returns true if there is a positive match; zero - otherwise. */ +/* + * Tries to match the host name (which must be in all lowercase) against the + * comma-separated sequence of subpatterns (each possibly preceded by ! to + * indicate negation). Returns true if there is a positive match; zero + * otherwise. + */ int match_hostname(const char *host, const char *pattern, unsigned int len) { - char sub[1024]; - int negated; - int got_positive; - unsigned int i, subi; - - got_positive = 0; - for (i = 0; i < len;) - { - /* Check if the subpattern is negated. */ - if (pattern[i] == '!') - { - negated = 1; - i++; + char sub[1024]; + int negated; + int got_positive; + unsigned int i, subi; + + got_positive = 0; + for (i = 0; i < len;) { + /* Check if the subpattern is negated. */ + if (pattern[i] == '!') { + negated = 1; + i++; + } else + negated = 0; + + /* + * Extract the subpattern up to a comma or end. Convert the + * subpattern to lowercase. + */ + for (subi = 0; + i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; + subi++, i++) + sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i]; + /* If subpattern too long, return failure (no match). */ + if (subi >= sizeof(sub) - 1) + return 0; + + /* If the subpattern was terminated by a comma, skip the comma. */ + if (i < len && pattern[i] == ',') + i++; + + /* Null-terminate the subpattern. */ + sub[subi] = '\0'; + + /* Try to match the subpattern against the host name. */ + if (match_pattern(host, sub)) { + if (negated) + return 0; /* Fail */ + else + got_positive = 1; + } } - else - negated = 0; - - /* Extract the subpattern up to a comma or end. Convert the subpattern - to lowercase. */ - for (subi = 0; - i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; - subi++, i++) - sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i]; - /* If subpattern too long, return failure (no match). */ - if (subi >= sizeof(sub) - 1) - return 0; - - /* If the subpattern was terminated by a comma, skip the comma. */ - if (i < len && pattern[i] == ',') - i++; - - /* Null-terminate the subpattern. */ - sub[subi] = '\0'; - - /* Try to match the subpattern against the host name. */ - if (match_pattern(host, sub)) { - if (negated) - return 0; /* Fail if host matches any negated subpattern. */ - else - got_positive = 1; - } - } - - /* Return success if got a positive match. If there was a negative match, - we have already returned zero and never get here. */ - return got_positive; + + /* + * Return success if got a positive match. If there was a negative + * match, we have already returned zero and never get here. + */ + return got_positive; } -/* Checks whether the given host (which must be in all lowercase) is - already in the list of our known hosts. - Returns HOST_OK if the host is known and has the specified key, - HOST_NEW if the host is not known, and HOST_CHANGED if the host is known - but used to have a different host key. */ +/* + * Checks whether the given host (which must be in all lowercase) is already + * in the list of our known hosts. Returns HOST_OK if the host is known and + * has the specified key, HOST_NEW if the host is not known, and HOST_CHANGED + * if the host is known but used to have a different host key. + */ HostStatus -check_host_in_hostfile(const char *filename, - const char *host, unsigned int bits, - BIGNUM *e, BIGNUM *n, - BIGNUM *ke, BIGNUM *kn) +check_host_in_hostfile(const char *filename, const char *host, + BIGNUM * e, BIGNUM * n, BIGNUM * ke, BIGNUM * kn) { - FILE *f; - char line[8192]; - unsigned int kbits, hostlen; - char *cp, *cp2; - HostStatus end_return; - struct stat st; - - /* Open the file containing the list of known hosts. */ - f = fopen(filename, "r"); - if (!f) - { - if (stat(filename, &st) >= 0) - { - packet_send_debug("Could not open %.900s for reading.", filename); - packet_send_debug("If your home directory is on an NFS volume, it may need to be world-readable."); + FILE *f; + char line[8192]; + int linenum = 0; + unsigned int bits, kbits, hostlen; + char *cp, *cp2; + HostStatus end_return; + + /* Open the file containing the list of known hosts. */ + f = fopen(filename, "r"); + if (!f) + return HOST_NEW; + + /* Cache the length of the host name. */ + hostlen = strlen(host); + + /* + * Return value when the loop terminates. This is set to + * HOST_CHANGED if we have seen a different key for the host and have + * not found the proper one. + */ + end_return = HOST_NEW; + + /* size of modulus 'n' */ + bits = BN_num_bits(n); + + /* Go trough the file. */ + while (fgets(line, sizeof(line), f)) { + cp = line; + linenum++; + + /* Skip any leading whitespace, comments and empty lines. */ + for (; *cp == ' ' || *cp == '\t'; cp++) + ; + if (!*cp || *cp == '#' || *cp == '\n') + continue; + + /* Find the end of the host name portion. */ + for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++) + ; + + /* Check if the host name matches. */ + if (!match_hostname(host, cp, (unsigned int) (cp2 - cp))) + continue; + + /* Got a match. Skip host name. */ + cp = cp2; + + /* + * Extract the key from the line. This will skip any leading + * whitespace. Ignore badly formatted lines. + */ + if (!auth_rsa_read_key(&cp, &kbits, ke, kn)) + continue; + + if (kbits != BN_num_bits(kn)) { + error("Warning: %s, line %d: keysize mismatch for host %s: " + "actual %d vs. announced %d.", + filename, linenum, host, BN_num_bits(kn), kbits); + error("Warning: replace %d with %d in %s, line %d.", + kbits, BN_num_bits(kn), filename, linenum); + } + /* Check if the current key is the same as the given key. */ + if (BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0) { + /* Ok, they match. */ + fclose(f); + return HOST_OK; + } + /* + * They do not match. We will continue to go through the + * file; however, we note that we will not return that it is + * new. + */ + end_return = HOST_CHANGED; } - return HOST_NEW; - } + /* Clear variables and close the file. */ + fclose(f); - /* Cache the length of the host name. */ - hostlen = strlen(host); - - /* Return value when the loop terminates. This is set to HOST_CHANGED if - we have seen a different key for the host and have not found the proper - one. */ - end_return = HOST_NEW; - - /* Go trough the file. */ - while (fgets(line, sizeof(line), f)) - { - cp = line; - - /* Skip any leading whitespace. */ - for (; *cp == ' ' || *cp == '\t'; cp++) - ; - - /* Ignore comment lines and empty lines. */ - if (!*cp || *cp == '#' || *cp == '\n') - continue; - - /* Find the end of the host name portion. */ - for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++) - ; - - /* Check if the host name matches. */ - if (!match_hostname(host, cp, (unsigned int)(cp2 - cp))) - continue; - - /* Got a match. Skip host name. */ - cp = cp2; - - /* Extract the key from the line. This will skip any leading - whitespace. Ignore badly formatted lines. */ - if (!auth_rsa_read_key(&cp, &kbits, ke, kn)) - continue; - - /* Check if the current key is the same as the previous one. */ - if (kbits == bits && BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0) - { - /* Ok, they match. */ - fclose(f); - return HOST_OK; - } - - /* They do not match. We will continue to go through the file; however, - we note that we will not return that it is new. */ - end_return = HOST_CHANGED; - } - /* Clear variables and close the file. */ - fclose(f); - - /* Return either HOST_NEW or HOST_CHANGED, depending on whether we saw a - different key for the host. */ - return end_return; + /* + * Return either HOST_NEW or HOST_CHANGED, depending on whether we + * saw a different key for the host. + */ + return end_return; } -/* Appends an entry to the host file. Returns false if the entry - could not be appended. */ +/* + * Appends an entry to the host file. Returns false if the entry could not + * be appended. + */ int add_host_to_hostfile(const char *filename, const char *host, - unsigned int bits, BIGNUM *e, BIGNUM *n) + BIGNUM * e, BIGNUM * n) { - FILE *f; - char *buf; - - /* Open the file for appending. */ - f = fopen(filename, "a"); - if (!f) - return 0; - - /* Print the host name and key to the file. */ - fprintf(f, "%s %u ", host, bits); - buf = BN_bn2dec(e); - assert(buf != NULL); - fprintf(f, "%s ", buf); - free (buf); - buf = BN_bn2dec(n); - assert(buf != NULL); - fprintf(f, "%s\n", buf); - free (buf); - - /* Close the file. */ - fclose(f); - return 1; + FILE *f; + char *buf; + unsigned int bits; + + /* Open the file for appending. */ + f = fopen(filename, "a"); + if (!f) + return 0; + + /* size of modulus 'n' */ + bits = BN_num_bits(n); + + /* Print the host name and key to the file. */ + fprintf(f, "%s %u ", host, bits); + buf = BN_bn2dec(e); + if (buf == NULL) { + error("add_host_to_hostfile: BN_bn2dec(e) failed"); + fclose(f); + return 0; + } + fprintf(f, "%s ", buf); + free(buf); + buf = BN_bn2dec(n); + if (buf == NULL) { + error("add_host_to_hostfile: BN_bn2dec(n) failed"); + fclose(f); + return 0; + } + fprintf(f, "%s\n", buf); + free(buf); + + /* Close the file. */ + fclose(f); + return 1; } Index: usr.bin/ssh/includes.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/includes.h,v retrieving revision 1.8 retrieving revision 1.11 diff -u -r1.8 -r1.11 --- usr.bin/ssh/includes.h 1999/09/30 08:34:25 1.8 +++ usr.bin/ssh/includes.h 1999/11/24 19:53:47 1.11 @@ -1,18 +1,18 @@ /* + * + * includes.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Thu Mar 23 16:29:37 1995 ylo + * + * This file includes most of the needed system headers. + * + */ -includes.h - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Thu Mar 23 16:29:37 1995 ylo - -This file includes most of the needed system headers. - -*/ - #ifndef INCLUDES_H #define INCLUDES_H @@ -43,7 +43,6 @@ #include #include #include -#include #include #include #include @@ -61,8 +60,10 @@ /* Define this to be the path of the xauth program. */ #define XAUTH_PATH "/usr/X11R6/bin/xauth" -/* Define this to use pipes instead of socketpairs for communicating with the - client program. Socketpairs do not seem to work on all systems. */ +/* + * Define this to use pipes instead of socketpairs for communicating with the + * client program. Socketpairs do not seem to work on all systems. + */ #define USE_PIPES 1 -#endif /* INCLUDES_H */ +#endif /* INCLUDES_H */ Index: usr.bin/ssh/install-sh =================================================================== RCS file: install-sh diff -N install-sh --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsatuwL31367 Wed Dec 8 12:42:07 1999 @@ -0,0 +1,238 @@ +#! /bin/sh +# +# install - install a program, script, or datafile +# This comes from X11R5. +# +# Calling this script install-sh is preferred over install.sh, to prevent +# `make' implicit rules from creating a file called install from it +# when there is no Makefile. +# +# This script is compatible with the BSD install script, but was written +# from scratch. +# + + +# set DOITPROG to echo to test this script + +# Don't use :- since 4.3BSD and earlier shells don't like it. +doit="${DOITPROG-}" + + +# put in absolute paths if you don't have them in your path; or use env. vars. + +mvprog="${MVPROG-mv}" +cpprog="${CPPROG-cp}" +chmodprog="${CHMODPROG-chmod}" +chownprog="${CHOWNPROG-chown}" +chgrpprog="${CHGRPPROG-chgrp}" +stripprog="${STRIPPROG-strip}" +rmprog="${RMPROG-rm}" +mkdirprog="${MKDIRPROG-mkdir}" + +tranformbasename="" +transform_arg="" +instcmd="$mvprog" +chmodcmd="$chmodprog 0755" +chowncmd="" +chgrpcmd="" +stripcmd="" +rmcmd="$rmprog -f" +mvcmd="$mvprog" +src="" +dst="" +dir_arg="" + +while [ x"$1" != x ]; do + case $1 in + -c) instcmd="$cpprog" + shift + continue;; + + -d) dir_arg=true + shift + continue;; + + -m) chmodcmd="$chmodprog $2" + shift + shift + continue;; + + -o) chowncmd="$chownprog $2" + shift + shift + continue;; + + -g) chgrpcmd="$chgrpprog $2" + shift + shift + continue;; + + -s) stripcmd="$stripprog" + shift + continue;; + + -t=*) transformarg=`echo $1 | sed 's/-t=//'` + shift + continue;; + + -b=*) transformbasename=`echo $1 | sed 's/-b=//'` + shift + continue;; + + *) if [ x"$src" = x ] + then + src=$1 + else + # this colon is to work around a 386BSD /bin/sh bug + : + dst=$1 + fi + shift + continue;; + esac +done + +if [ x"$src" = x ] +then + echo "install: no input file specified" + exit 1 +else + true +fi + +if [ x"$dir_arg" != x ]; then + dst=$src + src="" + + if [ -d $dst ]; then + instcmd=: + else + instcmd=mkdir + fi +else + +# Waiting for this to be detected by the "$instcmd $src $dsttmp" command +# might cause directories to be created, which would be especially bad +# if $src (and thus $dsttmp) contains '*'. + + if [ -f $src -o -d $src ] + then + true + else + echo "install: $src does not exist" + exit 1 + fi + + if [ x"$dst" = x ] + then + echo "install: no destination specified" + exit 1 + else + true + fi + +# If destination is a directory, append the input filename; if your system +# does not like double slashes in filenames, you may need to add some logic + + if [ -d $dst ] + then + dst="$dst"/`basename $src` + else + true + fi +fi + +## this sed command emulates the dirname command +dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` + +# Make sure that the destination directory exists. +# this part is taken from Noah Friedman's mkinstalldirs script + +# Skip lots of stat calls in the usual case. +if [ ! -d "$dstdir" ]; then +defaultIFS=' +' +IFS="${IFS-${defaultIFS}}" + +oIFS="${IFS}" +# Some sh's can't handle IFS=/ for some reason. +IFS='%' +set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` +IFS="${oIFS}" + +pathcomp='' + +while [ $# -ne 0 ] ; do + pathcomp="${pathcomp}${1}" + shift + + if [ ! -d "${pathcomp}" ] ; + then + $mkdirprog "${pathcomp}" + else + true + fi + + pathcomp="${pathcomp}/" +done +fi + +if [ x"$dir_arg" != x ] +then + $doit $instcmd $dst && + + if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && + if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && + if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && + if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi +else + +# If we're going to rename the final executable, determine the name now. + + if [ x"$transformarg" = x ] + then + dstfile=`basename $dst` + else + dstfile=`basename $dst $transformbasename | + sed $transformarg`$transformbasename + fi + +# don't allow the sed command to completely eliminate the filename + + if [ x"$dstfile" = x ] + then + dstfile=`basename $dst` + else + true + fi + +# Make a temp file name in the proper directory. + + dsttmp=$dstdir/#inst.$$# + +# Move or copy the file name to the temp name + + $doit $instcmd $src $dsttmp && + + trap "rm -f ${dsttmp}" 0 && + +# and set any options; do chmod last to preserve setuid bits + +# If any of these fail, we abort the whole thing. If we want to +# ignore errors from any of these, just make sure not to ignore +# errors from the above "$doit $instcmd $src $dsttmp" command. + + if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && + if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && + if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && + if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && + +# Now rename the file to the real destination. + + $doit $rmcmd -f $dstdir/$dstfile && + $doit $mvcmd $dsttmp $dstdir/$dstfile + +fi && + + +exit 0 Index: usr.bin/ssh/log-client.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/log-client.c,v retrieving revision 1.2 retrieving revision 1.6 diff -u -r1.2 -r1.6 --- usr.bin/ssh/log-client.c 1999/10/16 20:54:54 1.2 +++ usr.bin/ssh/log-client.c 1999/11/24 00:26:02 1.6 @@ -1,138 +1,62 @@ /* + * + * log-client.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 20 21:13:40 1995 ylo + * + * Client-side versions of debug(), log(), etc. These print to stderr. + * This is a stripped down version of log-server.c. + * + */ -log-client.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Mar 20 21:13:40 1995 ylo - -Client-side versions of debug(), log(), etc. These print to stderr. - -*/ - #include "includes.h" -RCSID("$Id: log-client.c,v 1.2 1999/10/16 20:54:54 markus Exp $"); +RCSID("$Id: log-client.c,v 1.6 1999/11/24 00:26:02 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" - -static int log_debug = 0; -static int log_quiet = 0; - -void log_init(char *av0, int on_stderr, int debug, int quiet, - SyslogFacility facility) -{ - log_debug = debug; - log_quiet = quiet; -} - -void log(const char *fmt, ...) -{ - va_list args; - if (log_quiet) - return; - va_start(args, fmt); - vfprintf(stderr, fmt, args); - fprintf(stderr, "\r\n"); - va_end(args); -} - -void debug(const char *fmt, ...) -{ - va_list args; - if (log_quiet || !log_debug) - return; - va_start(args, fmt); - fprintf(stderr, "debug: "); - vfprintf(stderr, fmt, args); - fprintf(stderr, "\r\n"); - va_end(args); -} +static LogLevel log_level = SYSLOG_LEVEL_INFO; -void error(const char *fmt, ...) -{ - va_list args; - if (log_quiet) - return; - va_start(args, fmt); - vfprintf(stderr, fmt, args); - fprintf(stderr, "\r\n"); - va_end(args); -} - -struct fatal_cleanup -{ - struct fatal_cleanup *next; - void (*proc)(void *); - void *context; -}; - -static struct fatal_cleanup *fatal_cleanups = NULL; - -/* Registers a cleanup function to be called by fatal() before exiting. */ - -void fatal_add_cleanup(void (*proc)(void *), void *context) -{ - struct fatal_cleanup *cu; - - cu = xmalloc(sizeof(*cu)); - cu->proc = proc; - cu->context = context; - cu->next = fatal_cleanups; - fatal_cleanups = cu; -} - -/* Removes a cleanup frunction to be called at fatal(). */ - -void fatal_remove_cleanup(void (*proc)(void *context), void *context) -{ - struct fatal_cleanup **cup, *cu; - - for (cup = &fatal_cleanups; *cup; cup = &cu->next) - { - cu = *cup; - if (cu->proc == proc && cu->context == context) - { - *cup = cu->next; - xfree(cu); - return; +/* Initialize the log. + * av0 program name (should be argv[0]) + * level logging level + */ + +void +log_init(char *av0, LogLevel level, SyslogFacility ignored1, int ignored2) +{ + switch (level) { + case SYSLOG_LEVEL_QUIET: + case SYSLOG_LEVEL_ERROR: + case SYSLOG_LEVEL_FATAL: + case SYSLOG_LEVEL_INFO: + case SYSLOG_LEVEL_VERBOSE: + case SYSLOG_LEVEL_DEBUG: + log_level = level; + break; + default: + /* unchanged */ + break; } - } - fatal("fatal_remove_cleanup: no such cleanup function: 0x%lx 0x%lx\n", - (unsigned long)proc, (unsigned long)context); } -/* Function to display an error message and exit. This is in this file because - this needs to restore terminal modes before exiting. See log-client.c - for other related functions. */ +#define MSGBUFSIZE 1024 -void fatal(const char *fmt, ...) +void +do_log(LogLevel level, const char *fmt, va_list args) { - va_list args; - struct fatal_cleanup *cu, *next_cu; - static int fatal_called = 0; - - if (!fatal_called) - { - fatal_called = 1; - - /* Call cleanup functions. */ - for (cu = fatal_cleanups; cu; cu = next_cu) - { - next_cu = cu->next; - (*cu->proc)(cu->context); - } - } + char msgbuf[MSGBUFSIZE]; - va_start(args, fmt); - vfprintf(stderr, fmt, args); - fprintf(stderr, "\r\n"); - va_end(args); - exit(255); + if (level > log_level) + return; + if (level == SYSLOG_LEVEL_DEBUG) + fprintf(stderr, "debug: "); + vsnprintf(msgbuf, sizeof(msgbuf), fmt, args); + fprintf(stderr, "%s", msgbuf); + fprintf(stderr, "\r\n"); } - -/* fatal() is in ssh.c so that it can properly reset terminal modes. */ Index: usr.bin/ssh/log-server.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/log-server.c,v retrieving revision 1.5 retrieving revision 1.11 diff -u -r1.5 -r1.11 --- usr.bin/ssh/log-server.c 1999/10/17 20:39:11 1.5 +++ usr.bin/ssh/log-server.c 1999/11/24 00:26:02 1.11 @@ -1,233 +1,140 @@ /* + * + * log-server.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 20 21:19:30 1995 ylo + * + * Server-side versions of debug(), log(), etc. These normally send the output + * to the system log. + * + */ -log-server.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Mar 20 21:19:30 1995 ylo - -Server-side versions of debug(), log(), etc. These normally send the output -to the system log. - -*/ - #include "includes.h" -RCSID("$Id: log-server.c,v 1.5 1999/10/17 20:39:11 dugsong Exp $"); +RCSID("$Id: log-server.c,v 1.11 1999/11/24 00:26:02 deraadt Exp $"); #include #include "packet.h" #include "xmalloc.h" #include "ssh.h" -static int log_debug = 0; -static int log_quiet = 0; +static LogLevel log_level = SYSLOG_LEVEL_INFO; static int log_on_stderr = 0; +static int log_facility = LOG_AUTH; /* Initialize the log. - av0 program name (should be argv[0]) - on_stderr print also on stderr - debug send debugging messages to system log - quiet don\'t log anything - */ - -void log_init(char *av0, int on_stderr, int debug, int quiet, - SyslogFacility facility) -{ - int log_facility; - - switch (facility) - { - case SYSLOG_FACILITY_DAEMON: - log_facility = LOG_DAEMON; - break; - case SYSLOG_FACILITY_USER: - log_facility = LOG_USER; - break; - case SYSLOG_FACILITY_AUTH: - log_facility = LOG_AUTH; - break; - case SYSLOG_FACILITY_LOCAL0: - log_facility = LOG_LOCAL0; - break; - case SYSLOG_FACILITY_LOCAL1: - log_facility = LOG_LOCAL1; - break; - case SYSLOG_FACILITY_LOCAL2: - log_facility = LOG_LOCAL2; - break; - case SYSLOG_FACILITY_LOCAL3: - log_facility = LOG_LOCAL3; - break; - case SYSLOG_FACILITY_LOCAL4: - log_facility = LOG_LOCAL4; - break; - case SYSLOG_FACILITY_LOCAL5: - log_facility = LOG_LOCAL5; - break; - case SYSLOG_FACILITY_LOCAL6: - log_facility = LOG_LOCAL6; - break; - case SYSLOG_FACILITY_LOCAL7: - log_facility = LOG_LOCAL7; - break; - default: - fprintf(stderr, "Unrecognized internal syslog facility code %d\n", - (int)facility); - exit(1); - } - - log_debug = debug; - log_quiet = quiet; - log_on_stderr = on_stderr; - closelog(); /* Close any previous log. */ - openlog(av0, LOG_PID, log_facility); + * av0 program name (should be argv[0]) + * on_stderr print also on stderr + * level logging level + */ + +void +log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) +{ + switch (level) { + case SYSLOG_LEVEL_QUIET: + case SYSLOG_LEVEL_ERROR: + case SYSLOG_LEVEL_FATAL: + case SYSLOG_LEVEL_INFO: + case SYSLOG_LEVEL_VERBOSE: + case SYSLOG_LEVEL_DEBUG: + log_level = level; + break; + default: + fprintf(stderr, "Unrecognized internal syslog level code %d\n", + (int) level); + exit(1); + } + switch (facility) { + case SYSLOG_FACILITY_DAEMON: + log_facility = LOG_DAEMON; + break; + case SYSLOG_FACILITY_USER: + log_facility = LOG_USER; + break; + case SYSLOG_FACILITY_AUTH: + log_facility = LOG_AUTH; + break; + case SYSLOG_FACILITY_LOCAL0: + log_facility = LOG_LOCAL0; + break; + case SYSLOG_FACILITY_LOCAL1: + log_facility = LOG_LOCAL1; + break; + case SYSLOG_FACILITY_LOCAL2: + log_facility = LOG_LOCAL2; + break; + case SYSLOG_FACILITY_LOCAL3: + log_facility = LOG_LOCAL3; + break; + case SYSLOG_FACILITY_LOCAL4: + log_facility = LOG_LOCAL4; + break; + case SYSLOG_FACILITY_LOCAL5: + log_facility = LOG_LOCAL5; + break; + case SYSLOG_FACILITY_LOCAL6: + log_facility = LOG_LOCAL6; + break; + case SYSLOG_FACILITY_LOCAL7: + log_facility = LOG_LOCAL7; + break; + default: + fprintf(stderr, "Unrecognized internal syslog facility code %d\n", + (int) facility); + exit(1); + } + log_on_stderr = on_stderr; } #define MSGBUFSIZE 1024 - -#define DECL_MSGBUF char msgbuf[MSGBUFSIZE] - -/* Log this message (information that usually should go to the log). */ - -void log(const char *fmt, ...) -{ - va_list args; - DECL_MSGBUF; - if (log_quiet) - return; - va_start(args, fmt); - vsnprintf(msgbuf, MSGBUFSIZE, fmt, args); - va_end(args); - if (log_on_stderr) - fprintf(stderr, "log: %s\n", msgbuf); - syslog(LOG_INFO, "log: %.500s", msgbuf); -} - -/* Debugging messages that should not be logged during normal operation. */ - -void debug(const char *fmt, ...) -{ - va_list args; - DECL_MSGBUF; - if (!log_debug || log_quiet) - return; - va_start(args, fmt); - vsnprintf(msgbuf, MSGBUFSIZE, fmt, args); - va_end(args); - if (log_on_stderr) - fprintf(stderr, "debug: %s\n", msgbuf); - syslog(LOG_DEBUG, "debug: %.500s", msgbuf); -} - -/* Error messages that should be logged. */ -void error(const char *fmt, ...) +void +do_log(LogLevel level, const char *fmt, va_list args) { - va_list args; - DECL_MSGBUF; - if (log_quiet) - return; - va_start(args, fmt); - vsnprintf(msgbuf, MSGBUFSIZE, fmt, args); - va_end(args); - if (log_on_stderr) - fprintf(stderr, "error: %s\n", msgbuf); - syslog(LOG_ERR, "error: %.500s", msgbuf); -} - -struct fatal_cleanup -{ - struct fatal_cleanup *next; - void (*proc)(void *); - void *context; -}; - -static struct fatal_cleanup *fatal_cleanups = NULL; - -/* Registers a cleanup function to be called by fatal() before exiting. */ - -void fatal_add_cleanup(void (*proc)(void *), void *context) -{ - struct fatal_cleanup *cu; - - cu = xmalloc(sizeof(*cu)); - cu->proc = proc; - cu->context = context; - cu->next = fatal_cleanups; - fatal_cleanups = cu; -} - -/* Removes a cleanup frunction to be called at fatal(). */ - -void fatal_remove_cleanup(void (*proc)(void *context), void *context) -{ - struct fatal_cleanup **cup, *cu; - - for (cup = &fatal_cleanups; *cup; cup = &cu->next) - { - cu = *cup; - if (cu->proc == proc && cu->context == context) - { - *cup = cu->next; - xfree(cu); - return; + char msgbuf[MSGBUFSIZE]; + char fmtbuf[MSGBUFSIZE]; + char *txt = NULL; + int pri = LOG_INFO; + extern char *__progname; + + if (level > log_level) + return; + switch (level) { + case SYSLOG_LEVEL_ERROR: + txt = "error"; + pri = LOG_ERR; + break; + case SYSLOG_LEVEL_FATAL: + txt = "fatal"; + pri = LOG_ERR; + break; + case SYSLOG_LEVEL_INFO: + case SYSLOG_LEVEL_VERBOSE: + pri = LOG_INFO; + break; + case SYSLOG_LEVEL_DEBUG: + txt = "debug"; + pri = LOG_DEBUG; + break; + default: + txt = "internal error"; + pri = LOG_ERR; + break; } - } - fatal("fatal_remove_cleanup: no such cleanup function: 0x%lx 0x%lx\n", - (unsigned long)proc, (unsigned long)context); -} - -/* Fatal messages. This function never returns. */ - -void fatal(const char *fmt, ...) -{ - va_list args; - struct fatal_cleanup *cu, *next_cu; - static int fatal_called = 0; -#if defined(KRB4) - extern char *ticket; -#endif /* KRB4 */ - DECL_MSGBUF; - - if (log_quiet) - exit(1); - va_start(args, fmt); - vsnprintf(msgbuf, MSGBUFSIZE, fmt, args); - va_end(args); - if (log_on_stderr) - fprintf(stderr, "fatal: %s\n", msgbuf); - syslog(LOG_ERR, "fatal: %.500s", msgbuf); - - if (fatal_called) - exit(1); - fatal_called = 1; - - /* Call cleanup functions. */ - for (cu = fatal_cleanups; cu; cu = next_cu) - { - next_cu = cu->next; - debug("Calling cleanup 0x%lx(0x%lx)", - (unsigned long)cu->proc, (unsigned long)cu->context); - (*cu->proc)(cu->context); - } -#if defined(KRB4) - /* If you forwarded a ticket you get one shot for proper - authentication. */ - /* If tgt was passed unlink file */ - if (ticket) - { - if (strcmp(ticket,"none")) - unlink(ticket); - else - ticket = NULL; - } -#endif /* KRB4 */ - - /* If local XAUTHORITY was created, remove it. */ - if (xauthfile) unlink(xauthfile); - - exit(1); + if (txt != NULL) { + snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt); + vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args); + } else { + vsnprintf(msgbuf, sizeof(msgbuf), fmt, args); + } + if (log_on_stderr) + fprintf(stderr, "%s\n", msgbuf); + openlog(__progname, LOG_PID, log_facility); + syslog(pri, "%.500s", msgbuf); + closelog(); } Index: usr.bin/ssh/log.c =================================================================== RCS file: log.c diff -N log.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsFYhKn31367 Wed Dec 8 12:42:07 1999 @@ -0,0 +1,184 @@ +/* + * Shared versions of debug(), log(), etc. + */ + +#include "includes.h" +RCSID("$OpenBSD: log.c,v 1.6 1999/11/24 19:53:47 markus Exp $"); + +#include "ssh.h" +#include "xmalloc.h" + +/* Fatal messages. This function never returns. */ + +void +fatal(const char *fmt,...) +{ + va_list args; + va_start(args, fmt); + do_log(SYSLOG_LEVEL_FATAL, fmt, args); + va_end(args); + fatal_cleanup(); +} + +/* Error messages that should be logged. */ + +void +error(const char *fmt,...) +{ + va_list args; + va_start(args, fmt); + do_log(SYSLOG_LEVEL_ERROR, fmt, args); + va_end(args); +} + +/* Log this message (information that usually should go to the log). */ + +void +log(const char *fmt,...) +{ + va_list args; + va_start(args, fmt); + do_log(SYSLOG_LEVEL_INFO, fmt, args); + va_end(args); +} + +/* More detailed messages (information that does not need to go to the log). */ + +void +verbose(const char *fmt,...) +{ + va_list args; + va_start(args, fmt); + do_log(SYSLOG_LEVEL_VERBOSE, fmt, args); + va_end(args); +} + +/* Debugging messages that should not be logged during normal operation. */ + +void +debug(const char *fmt,...) +{ + va_list args; + va_start(args, fmt); + do_log(SYSLOG_LEVEL_DEBUG, fmt, args); + va_end(args); +} + +/* Fatal cleanup */ + +struct fatal_cleanup { + struct fatal_cleanup *next; + void (*proc) (void *); + void *context; +}; + +static struct fatal_cleanup *fatal_cleanups = NULL; + +/* Registers a cleanup function to be called by fatal() before exiting. */ + +void +fatal_add_cleanup(void (*proc) (void *), void *context) +{ + struct fatal_cleanup *cu; + + cu = xmalloc(sizeof(*cu)); + cu->proc = proc; + cu->context = context; + cu->next = fatal_cleanups; + fatal_cleanups = cu; +} + +/* Removes a cleanup frunction to be called at fatal(). */ + +void +fatal_remove_cleanup(void (*proc) (void *context), void *context) +{ + struct fatal_cleanup **cup, *cu; + + for (cup = &fatal_cleanups; *cup; cup = &cu->next) { + cu = *cup; + if (cu->proc == proc && cu->context == context) { + *cup = cu->next; + xfree(cu); + return; + } + } + fatal("fatal_remove_cleanup: no such cleanup function: 0x%lx 0x%lx\n", + (unsigned long) proc, (unsigned long) context); +} + +/* Cleanup and exit */ +void +fatal_cleanup(void) +{ + struct fatal_cleanup *cu, *next_cu; + static int called = 0; + + if (called) + exit(255); + called = 1; + /* Call cleanup functions. */ + for (cu = fatal_cleanups; cu; cu = next_cu) { + next_cu = cu->next; + debug("Calling cleanup 0x%lx(0x%lx)", + (unsigned long) cu->proc, (unsigned long) cu->context); + (*cu->proc) (cu->context); + } + exit(255); +} + +/* textual representation of log-facilities/levels */ + +static struct { + const char *name; + SyslogFacility val; +} log_facilities[] = { + { "DAEMON", SYSLOG_FACILITY_DAEMON }, + { "USER", SYSLOG_FACILITY_USER }, + { "AUTH", SYSLOG_FACILITY_AUTH }, + { "LOCAL0", SYSLOG_FACILITY_LOCAL0 }, + { "LOCAL1", SYSLOG_FACILITY_LOCAL1 }, + { "LOCAL2", SYSLOG_FACILITY_LOCAL2 }, + { "LOCAL3", SYSLOG_FACILITY_LOCAL3 }, + { "LOCAL4", SYSLOG_FACILITY_LOCAL4 }, + { "LOCAL5", SYSLOG_FACILITY_LOCAL5 }, + { "LOCAL6", SYSLOG_FACILITY_LOCAL6 }, + { "LOCAL7", SYSLOG_FACILITY_LOCAL7 }, + { NULL, 0 } +}; + +static struct { + const char *name; + LogLevel val; +} log_levels[] = +{ + { "QUIET", SYSLOG_LEVEL_QUIET }, + { "FATAL", SYSLOG_LEVEL_FATAL }, + { "ERROR", SYSLOG_LEVEL_ERROR }, + { "INFO", SYSLOG_LEVEL_INFO }, + { "VERBOSE", SYSLOG_LEVEL_VERBOSE }, + { "DEBUG", SYSLOG_LEVEL_DEBUG }, + { NULL, 0 } +}; + +SyslogFacility +log_facility_number(char *name) +{ + int i; + if (name != NULL) + for (i = 0; log_facilities[i].name; i++) + if (strcasecmp(log_facilities[i].name, name) == 0) + return log_facilities[i].val; + return (SyslogFacility) - 1; +} + +LogLevel +log_level_number(char *name) +{ + int i; + if (name != NULL) + for (i = 0; log_levels[i].name; i++) + if (strcasecmp(log_levels[i].name, name) == 0) + return log_levels[i].val; + return (LogLevel) - 1; +} Index: usr.bin/ssh/login.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/login.c,v retrieving revision 1.7 retrieving revision 1.10 diff -u -r1.7 -r1.10 --- usr.bin/ssh/login.c 1999/09/30 16:55:06 1.7 +++ usr.bin/ssh/login.c 1999/11/24 19:53:47 1.10 @@ -1,119 +1,124 @@ /* + * + * login.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 24 14:51:08 1995 ylo + * + * This file performs some of the things login(1) normally does. We cannot + * easily use something like login -p -h host -f user, because there are + * several different logins around, and it is hard to determined what kind of + * login the current system has. Also, we want to be able to execute commands + * on a tty. + * + */ -login.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Fri Mar 24 14:51:08 1995 ylo - -This file performs some of the things login(1) normally does. We cannot -easily use something like login -p -h host -f user, because there are -several different logins around, and it is hard to determined what kind of -login the current system has. Also, we want to be able to execute commands -on a tty. - -*/ - #include "includes.h" -RCSID("$Id: login.c,v 1.7 1999/09/30 16:55:06 deraadt Exp $"); +RCSID("$Id: login.c,v 1.10 1999/11/24 19:53:47 markus Exp $"); #include #include #include "ssh.h" -/* Returns the time when the user last logged in. Returns 0 if the - information is not available. This must be called before record_login. - The host the user logged in from will be returned in buf. */ - -/* Returns the time when the user last logged in (or 0 if no previous login - is found). The name of the host used last time is returned in buf. */ - -unsigned long get_last_login_time(uid_t uid, const char *logname, - char *buf, unsigned int bufsize) +/* + * Returns the time when the user last logged in. Returns 0 if the + * information is not available. This must be called before record_login. + * The host the user logged in from will be returned in buf. + */ + +/* + * Returns the time when the user last logged in (or 0 if no previous login + * is found). The name of the host used last time is returned in buf. + */ + +unsigned long +get_last_login_time(uid_t uid, const char *logname, + char *buf, unsigned int bufsize) { - struct lastlog ll; - char *lastlog; - int fd; - - lastlog = _PATH_LASTLOG; - - buf[0] = '\0'; - - fd = open(lastlog, O_RDONLY); - if (fd < 0) - return 0; - lseek(fd, (off_t)((long)uid * sizeof(ll)), SEEK_SET); - if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) - { - close(fd); - return 0; - } - close(fd); - if (bufsize > sizeof(ll.ll_host) + 1) - bufsize = sizeof(ll.ll_host) + 1; - strncpy(buf, ll.ll_host, bufsize - 1); - buf[bufsize - 1] = 0; - return ll.ll_time; + struct lastlog ll; + char *lastlog; + int fd; + + lastlog = _PATH_LASTLOG; + buf[0] = '\0'; + + fd = open(lastlog, O_RDONLY); + if (fd < 0) + return 0; + lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); + if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) { + close(fd); + return 0; + } + close(fd); + if (bufsize > sizeof(ll.ll_host) + 1) + bufsize = sizeof(ll.ll_host) + 1; + strncpy(buf, ll.ll_host, bufsize - 1); + buf[bufsize - 1] = 0; + return ll.ll_time; } -/* Records that the user has logged in. I these parts of operating systems - were more standardized. */ - -void record_login(int pid, const char *ttyname, const char *user, uid_t uid, - const char *host, struct sockaddr_in *addr) +/* + * Records that the user has logged in. I these parts of operating systems + * were more standardized. + */ + +void +record_login(int pid, const char *ttyname, const char *user, uid_t uid, + const char *host, struct sockaddr_in * addr) { - int fd; - struct lastlog ll; - char *lastlog; - - struct utmp u; - const char *utmp, *wtmp; - - /* Construct an utmp/wtmp entry. */ - memset(&u, 0, sizeof(u)); - strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line)); - u.ut_time = time(NULL); - strncpy(u.ut_name, user, sizeof(u.ut_name)); - strncpy(u.ut_host, host, sizeof(u.ut_host)); - - /* Figure out the file names. */ - utmp = _PATH_UTMP; - wtmp = _PATH_WTMP; - - login(&u); - - lastlog = _PATH_LASTLOG; - - /* Update lastlog unless actually recording a logout. */ - if (strcmp(user, "") != 0) - { - /* It is safer to bzero the lastlog structure first because some - systems might have some extra fields in it (e.g. SGI) */ - memset(&ll, 0, sizeof(ll)); - - /* Update lastlog. */ - ll.ll_time = time(NULL); - strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line)); - strncpy(ll.ll_host, host, sizeof(ll.ll_host)); - fd = open(lastlog, O_RDWR); - if (fd >= 0) - { - lseek(fd, (off_t)((long)uid * sizeof(ll)), SEEK_SET); - if (write(fd, &ll, sizeof(ll)) != sizeof(ll)) - log("Could not write %.100s: %.100s", lastlog, strerror(errno)); - close(fd); + int fd; + struct lastlog ll; + char *lastlog; + struct utmp u; + const char *utmp, *wtmp; + + /* Construct an utmp/wtmp entry. */ + memset(&u, 0, sizeof(u)); + strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line)); + u.ut_time = time(NULL); + strncpy(u.ut_name, user, sizeof(u.ut_name)); + strncpy(u.ut_host, host, sizeof(u.ut_host)); + + /* Figure out the file names. */ + utmp = _PATH_UTMP; + wtmp = _PATH_WTMP; + + login(&u); + lastlog = _PATH_LASTLOG; + + /* Update lastlog unless actually recording a logout. */ + if (strcmp(user, "") != 0) { + /* + * It is safer to bzero the lastlog structure first because + * some systems might have some extra fields in it (e.g. SGI) + */ + memset(&ll, 0, sizeof(ll)); + + /* Update lastlog. */ + ll.ll_time = time(NULL); + strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line)); + strncpy(ll.ll_host, host, sizeof(ll.ll_host)); + fd = open(lastlog, O_RDWR); + if (fd >= 0) { + lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET); + if (write(fd, &ll, sizeof(ll)) != sizeof(ll)) + log("Could not write %.100s: %.100s", lastlog, strerror(errno)); + close(fd); + } } - } } - + /* Records that the user has logged out. */ -void record_logout(int pid, const char *ttyname) +void +record_logout(int pid, const char *ttyname) { - const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */ - if (logout(line)) - logwtmp(line, "", ""); + const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */ + if (logout(line)) + logwtmp(line, "", ""); } Index: usr.bin/ssh/match.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/match.c,v retrieving revision 1.1 retrieving revision 1.4 diff -u -r1.1 -r1.4 --- usr.bin/ssh/match.c 1999/09/26 20:53:36 1.1 +++ usr.bin/ssh/match.c 1999/11/24 19:53:48 1.4 @@ -1,78 +1,82 @@ /* + * + * match.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Thu Jun 22 01:17:50 1995 ylo + * + * Simple pattern matching, with '*' and '?' as wildcards. + * + */ -match.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Thu Jun 22 01:17:50 1995 ylo - -Simple pattern matching, with '*' and '?' as wildcards. - -*/ - #include "includes.h" -RCSID("$Id: match.c,v 1.1 1999/09/26 20:53:36 deraadt Exp $"); +RCSID("$Id: match.c,v 1.4 1999/11/24 19:53:48 markus Exp $"); #include "ssh.h" + +/* + * Returns true if the given string matches the pattern (which may contain ? + * and * as wildcards), and zero if it does not match. + */ -/* Returns true if the given string matches the pattern (which may contain - ? and * as wildcards), and zero if it does not match. */ - -int match_pattern(const char *s, const char *pattern) +int +match_pattern(const char *s, const char *pattern) { - while (1) - { - /* If at end of pattern, accept if also at end of string. */ - if (!*pattern) - return !*s; - - /* Process '*'. */ - if (*pattern == '*') - { - /* Skip the asterisk. */ - pattern++; - - /* If at end of pattern, accept immediately. */ - if (!*pattern) - return 1; - - /* If next character in pattern is known, optimize. */ - if (*pattern != '?' && *pattern != '*') - { - /* Look instances of the next character in pattern, and try - to match starting from those. */ - for (; *s; s++) - if (*s == *pattern && - match_pattern(s + 1, pattern + 1)) - return 1; - /* Failed. */ - return 0; - } - - /* Move ahead one character at a time and try to match at each - position. */ - for (; *s; s++) - if (match_pattern(s, pattern)) - return 1; - /* Failed. */ - return 0; - } - - /* There must be at least one more character in the string. If we are - at the end, fail. */ - if (!*s) - return 0; - - /* Check if the next character of the string is acceptable. */ - if (*pattern != '?' && *pattern != *s) - return 0; - - /* Move to the next character, both in string and in pattern. */ - s++; - pattern++; - } - /*NOTREACHED*/ + for (;;) { + /* If at end of pattern, accept if also at end of string. */ + if (!*pattern) + return !*s; + + if (*pattern == '*') { + /* Skip the asterisk. */ + pattern++; + + /* If at end of pattern, accept immediately. */ + if (!*pattern) + return 1; + + /* If next character in pattern is known, optimize. */ + if (*pattern != '?' && *pattern != '*') { + /* + * Look instances of the next character in + * pattern, and try to match starting from + * those. + */ + for (; *s; s++) + if (*s == *pattern && + match_pattern(s + 1, pattern + 1)) + return 1; + /* Failed. */ + return 0; + } + /* + * Move ahead one character at a time and try to + * match at each position. + */ + for (; *s; s++) + if (match_pattern(s, pattern)) + return 1; + /* Failed. */ + return 0; + } + /* + * There must be at least one more character in the string. + * If we are at the end, fail. + */ + if (!*s) + return 0; + + /* Check if the next character of the string is acceptable. */ + if (*pattern != '?' && *pattern != *s) + return 0; + + /* Move to the next character, both in string and in pattern. */ + s++; + pattern++; + } + /* NOTREACHED */ } Index: usr.bin/ssh/minfd.c =================================================================== RCS file: minfd.c diff -N minfd.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvszDPsq31367 Wed Dec 8 12:42:08 1999 @@ -0,0 +1,90 @@ +/* + +minfd.c + +Author: David Mazieres + Contributed to be part of ssh. + +Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + All rights reserved + +Created: Tue Aug 22 17:25:30 1995 ylo + +*/ + +#include "includes.h" +RCSID("$Id: minfd.c,v 1.3 1999/10/04 20:49:09 markus dead $"); + +#include /* Needed by fdlim.h */ +#include "fdlim.h" +#include "minfd.h" + +static int +_get_permanent_fd(const char *shellpath) +{ + const char *shell; + struct passwd *pwd; + int fdmin; + int fdlim; + int fd; + int i; + + if (!shellpath) + { + if (!shellpath) + shellpath = getenv("SHELL"); + if (!shellpath) + if ((pwd = getpwuid(getuid()))) + shellpath = pwd->pw_shell; + if (!shellpath) + shellpath = _PATH_BSHELL; + } + if ((shell = strrchr(shellpath, '/'))) + shell++; + else + shell = shellpath; + + for (i = 0; strcmp(mafd[i].shell, shell); i++) + if (i == MAFD_MAX - 1) + return -1; + + fdmin = mafd[i].fd; + fdlim = fdlim_get(0); + + if (fdmin < fdlim) + { + /* First try to find a file descriptor as high as possible without + upping the limit */ + fd = fdlim - 1; + while (fd >= fdmin) + { + if (fcntl(fd, F_GETFL, NULL) < 0) + return fd; + fd--; + } + } + + fd = fdlim; + for (;;) + { + if (fdlim_set(fd + 1) < 0) + return -1; + if (fcntl(fd, F_GETFL, NULL) < 0) + break; + fd++; + } + return fd; +} + +int +get_permanent_fd(const char *shellpath) +{ + static int fd = -2; + + if (fd >= -1) + return fd; + fd = _get_permanent_fd(shellpath); + if (fd < 0) + fd = -1; + return fd; +} Index: usr.bin/ssh/mpaux.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/mpaux.c,v retrieving revision 1.3 retrieving revision 1.8 diff -u -r1.3 -r1.8 --- usr.bin/ssh/mpaux.c 1999/09/30 17:08:52 1.3 +++ usr.bin/ssh/mpaux.c 1999/11/24 00:26:02 1.8 @@ -1,46 +1,46 @@ /* - -mpaux.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sun Jul 16 04:29:30 1995 ylo - -This file contains various auxiliary functions related to multiple -precision integers. - + * + * mpaux.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sun Jul 16 04:29:30 1995 ylo + * + * This file contains various auxiliary functions related to multiple + * precision integers. + * */ #include "includes.h" -RCSID("$Id: mpaux.c,v 1.3 1999/09/30 17:08:52 deraadt Exp $"); +RCSID("$Id: mpaux.c,v 1.8 1999/11/24 00:26:02 deraadt Exp $"); #include #include "getput.h" #include "xmalloc.h" -#include +#include void compute_session_id(unsigned char session_id[16], unsigned char cookie[8], - unsigned int host_key_bits, - BIGNUM *host_key_n, - unsigned int session_key_bits, - BIGNUM *session_key_n) + BIGNUM* host_key_n, + BIGNUM* session_key_n) { - unsigned int bytes = (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8 + 8; - unsigned char *buf = xmalloc(bytes); - MD5_CTX md; - - BN_bn2bin(host_key_n, buf); - BN_bn2bin(session_key_n, buf + (host_key_bits + 7 ) / 8); - memcpy(buf + (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8, - cookie, 8); - MD5Init(&md); - MD5Update(&md, buf, bytes); - MD5Final(session_id, &md); - xfree(buf); + unsigned int host_key_bits = BN_num_bits(host_key_n); + unsigned int session_key_bits = BN_num_bits(session_key_n); + unsigned int bytes = (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8 + 8; + unsigned char *buf = xmalloc(bytes); + MD5_CTX md; + + BN_bn2bin(host_key_n, buf); + BN_bn2bin(session_key_n, buf + (host_key_bits + 7) / 8); + memcpy(buf + (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8, cookie, 8); + MD5_Init(&md); + MD5_Update(&md, buf, bytes); + MD5_Final(session_id, &md); + memset(buf, 0, bytes); + xfree(buf); } Index: usr.bin/ssh/mpaux.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/mpaux.h,v retrieving revision 1.2 retrieving revision 1.5 diff -u -r1.2 -r1.5 --- usr.bin/ssh/mpaux.h 1999/09/28 04:45:36 1.2 +++ usr.bin/ssh/mpaux.h 1999/11/24 19:53:48 1.5 @@ -1,32 +1,32 @@ /* + * + * mpaux.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sun Jul 16 04:29:30 1995 ylo + * + * This file contains various auxiliary functions related to multiple + * precision integers. + */ -mpaux.h +/* RCSID("$Id: mpaux.h,v 1.5 1999/11/24 19:53:48 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sun Jul 16 04:29:30 1995 ylo - -This file contains various auxiliary functions related to multiple -precision integers. - -*/ - -/* RCSID("$Id: mpaux.h,v 1.2 1999/09/28 04:45:36 provos Exp $"); */ - #ifndef MPAUX_H #define MPAUX_H -/* Computes a 16-byte session id in the global variable session_id. - The session id is computed by concatenating the linearized, msb - first representations of host_key_n, session_key_n, and the cookie. */ -void compute_session_id(unsigned char session_id[16], - unsigned char cookie[8], - unsigned int host_key_bits, - BIGNUM *host_key_n, - unsigned int session_key_bits, - BIGNUM *session_key_n); +/* + * Computes a 16-byte session id in the global variable session_id. The + * session id is computed by concatenating the linearized, msb first + * representations of host_key_n, session_key_n, and the cookie. + */ +void +compute_session_id(unsigned char session_id[16], + unsigned char cookie[8], + BIGNUM * host_key_n, + BIGNUM * session_key_n); -#endif /* MPAUX_H */ +#endif /* MPAUX_H */ Index: usr.bin/ssh/nchan.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/nchan.c,v retrieving revision 1.3 retrieving revision 1.9 diff -u -r1.3 -r1.9 --- usr.bin/ssh/nchan.c 1999/10/17 16:56:09 1.3 +++ usr.bin/ssh/nchan.c 1999/12/02 20:10:05 1.9 @@ -1,5 +1,34 @@ +/* + * Copyright (c) 1999 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + #include "includes.h" -RCSID("$Id: nchan.c,v 1.3 1999/10/17 16:56:09 markus Exp $"); +RCSID("$Id: nchan.c,v 1.9 1999/12/02 20:10:05 markus Exp $"); #include "ssh.h" @@ -15,135 +44,131 @@ static void chan_delele_if_full_closed(Channel *c); /* - * EVENTS: update channel input/ouput states - * execute ACTIONS + * EVENTS update channel input/output states execute ACTIONS */ + /* events concerning the INPUT from socket for channel (istate) */ void -chan_rcvd_oclose(Channel *c){ - switch(c->istate){ +chan_rcvd_oclose(Channel *c) +{ + switch (c->istate) { case CHAN_INPUT_WAIT_OCLOSE: - debug("channel %d: INPUT_WAIT_CLOSE -> INPUT_CLOSED [rcvd OCLOSE]", c->self); - c->istate=CHAN_INPUT_CLOSED; + debug("channel %d: INPUT_WAIT_OCLOSE -> INPUT_CLOSED [rcvd OCLOSE]", c->self); + c->istate = CHAN_INPUT_CLOSED; chan_delele_if_full_closed(c); break; case CHAN_INPUT_OPEN: debug("channel %d: INPUT_OPEN -> INPUT_CLOSED [rvcd OCLOSE, send IEOF]", c->self); chan_shutdown_read(c); chan_send_ieof(c); - c->istate=CHAN_INPUT_CLOSED; + c->istate = CHAN_INPUT_CLOSED; chan_delele_if_full_closed(c); break; default: - debug("protocol error: chan_rcvd_oclose %d for istate %d",c->self,c->istate); + error("protocol error: chan_rcvd_oclose %d for istate %d", c->self, c->istate); break; } } void -chan_read_failed(Channel *c){ - switch(c->istate){ +chan_read_failed(Channel *c) +{ + switch (c->istate) { case CHAN_INPUT_OPEN: debug("channel %d: INPUT_OPEN -> INPUT_WAIT_DRAIN [read failed]", c->self); chan_shutdown_read(c); - c->istate=CHAN_INPUT_WAIT_DRAIN; + c->istate = CHAN_INPUT_WAIT_DRAIN; break; default: - debug("internal error: we do not read, but chan_read_failed %d for istate %d", - c->self,c->istate); + error("internal error: we do not read, but chan_read_failed %d for istate %d", + c->self, c->istate); break; } } void -chan_ibuf_empty(Channel *c){ - if(buffer_len(&c->input)){ - debug("internal error: chan_ibuf_empty %d for non empty buffer",c->self); +chan_ibuf_empty(Channel *c) +{ + if (buffer_len(&c->input)) { + error("internal error: chan_ibuf_empty %d for non empty buffer", c->self); return; } - switch(c->istate){ + switch (c->istate) { case CHAN_INPUT_WAIT_DRAIN: - debug("channel %d: INPUT_WAIT_DRAIN -> INPUT_WAIT_OCLOSE [inbuf empty, send OCLOSE]", c->self); + debug("channel %d: INPUT_WAIT_DRAIN -> INPUT_WAIT_OCLOSE [inbuf empty, send IEOF]", c->self); chan_send_ieof(c); - c->istate=CHAN_INPUT_WAIT_OCLOSE; + c->istate = CHAN_INPUT_WAIT_OCLOSE; break; default: - debug("internal error: chan_ibuf_empty %d for istate %d",c->self,c->istate); + error("internal error: chan_ibuf_empty %d for istate %d", c->self, c->istate); break; } } + /* events concerning the OUTPUT from channel for socket (ostate) */ void -chan_rcvd_ieof(Channel *c){ - - /* X11: if we receive IEOF for X11, then we have to FORCE sending of IEOF, - * this is from ssh-1.2.27 debugging output. - */ - if(c->x11){ - debug("channel %d: OUTPUT_OPEN -> OUTPUT_CLOSED/INPUT_WAIT_OCLOSED [X11 FIX]", c->self); - chan_send_ieof(c); - c->istate=CHAN_INPUT_WAIT_OCLOSE; - chan_send_oclose(c); - c->ostate=CHAN_OUTPUT_CLOSED; - chan_delele_if_full_closed(c); - return; - } - switch(c->ostate){ +chan_rcvd_ieof(Channel *c) +{ + switch (c->ostate) { case CHAN_OUTPUT_OPEN: debug("channel %d: OUTPUT_OPEN -> OUTPUT_WAIT_DRAIN [rvcd IEOF]", c->self); - c->ostate=CHAN_OUTPUT_WAIT_DRAIN; + c->ostate = CHAN_OUTPUT_WAIT_DRAIN; break; case CHAN_OUTPUT_WAIT_IEOF: debug("channel %d: OUTPUT_WAIT_IEOF -> OUTPUT_CLOSED [rvcd IEOF]", c->self); - c->ostate=CHAN_OUTPUT_CLOSED; + c->ostate = CHAN_OUTPUT_CLOSED; chan_delele_if_full_closed(c); break; default: - debug("protocol error: chan_rcvd_ieof %d for ostate %d", c->self,c->ostate); + error("protocol error: chan_rcvd_ieof %d for ostate %d", c->self, c->ostate); break; } } void -chan_write_failed(Channel *c){ - switch(c->ostate){ +chan_write_failed(Channel *c) +{ + switch (c->ostate) { case CHAN_OUTPUT_OPEN: debug("channel %d: OUTPUT_OPEN -> OUTPUT_WAIT_IEOF [write failed]", c->self); chan_send_oclose(c); - c->ostate=CHAN_OUTPUT_WAIT_IEOF; + c->ostate = CHAN_OUTPUT_WAIT_IEOF; break; case CHAN_OUTPUT_WAIT_DRAIN: debug("channel %d: OUTPUT_WAIT_DRAIN -> OUTPUT_CLOSED [write failed]", c->self); chan_send_oclose(c); - c->ostate=CHAN_OUTPUT_CLOSED; + c->ostate = CHAN_OUTPUT_CLOSED; chan_delele_if_full_closed(c); break; default: - debug("internal error: chan_write_failed %d for ostate %d",c->self,c->ostate); + error("internal error: chan_write_failed %d for ostate %d", c->self, c->ostate); break; } } void -chan_obuf_empty(Channel *c){ - if(buffer_len(&c->output)){ - debug("internal error: chan_obuf_empty %d for non empty buffer",c->self); +chan_obuf_empty(Channel *c) +{ + if (buffer_len(&c->output)) { + debug("internal error: chan_obuf_empty %d for non empty buffer", c->self); return; } - switch(c->ostate){ + switch (c->ostate) { case CHAN_OUTPUT_WAIT_DRAIN: debug("channel %d: OUTPUT_WAIT_DRAIN -> OUTPUT_CLOSED [obuf empty, send OCLOSE]", c->self); chan_send_oclose(c); - c->ostate=CHAN_OUTPUT_CLOSED; + c->ostate = CHAN_OUTPUT_CLOSED; chan_delele_if_full_closed(c); break; default: - debug("internal error: chan_obuf_empty %d for ostate %d",c->self,c->ostate); + error("internal error: chan_obuf_empty %d for ostate %d", c->self, c->ostate); break; } } + /* - * ACTIONS: should never update c->istate or c->ostate + * ACTIONS: should never update the channel states: c->istate or c->ostate */ static void -chan_send_ieof(Channel *c){ - switch(c->istate){ +chan_send_ieof(Channel *c) +{ + switch (c->istate) { case CHAN_INPUT_OPEN: case CHAN_INPUT_WAIT_DRAIN: packet_start(SSH_MSG_CHANNEL_INPUT_EOF); @@ -151,13 +176,14 @@ packet_send(); break; default: - debug("internal error: channel %d: cannot send IEOF for istate %d",c->self,c->istate); + error("internal error: channel %d: cannot send IEOF for istate %d", c->self, c->istate); break; } } static void -chan_send_oclose(Channel *c){ - switch(c->ostate){ +chan_send_oclose(Channel *c) +{ + switch (c->ostate) { case CHAN_OUTPUT_OPEN: case CHAN_OUTPUT_WAIT_DRAIN: chan_shutdown_write(c); @@ -167,34 +193,40 @@ packet_send(); break; default: - debug("internal error: channel %d: cannot send IEOF for istate %d",c->self,c->istate); + error("internal error: channel %d: cannot send OCLOSE for ostate %d", c->self, c->istate); break; } } + /* helper */ static void -chan_shutdown_write(Channel *c){ +chan_shutdown_write(Channel *c) +{ + /* shutdown failure is allowed if write failed already */ debug("channel %d: shutdown_write", c->self); - if(shutdown(c->sock, SHUT_WR)<0) - error("chan_shutdown_write failed for %d/%d %.100s", - c->self, c->sock, strerror(errno)); + if (shutdown(c->sock, SHUT_WR) < 0) + debug("chan_shutdown_write failed for #%d/fd%d: %.100s", + c->self, c->sock, strerror(errno)); } static void -chan_shutdown_read(Channel *c){ +chan_shutdown_read(Channel *c) +{ debug("channel %d: shutdown_read", c->self); - if(shutdown(c->sock, SHUT_RD)<0) - error("chan_shutdown_read failed for %d/%d %.100s", - c->self, c->sock, strerror(errno)); + if (shutdown(c->sock, SHUT_RD) < 0) + error("chan_shutdown_read failed for #%d/fd%d: %.100s", + c->self, c->sock, strerror(errno)); } static void -chan_delele_if_full_closed(Channel *c){ - if(c->istate==CHAN_INPUT_CLOSED && c->ostate==CHAN_OUTPUT_CLOSED){ +chan_delele_if_full_closed(Channel *c) +{ + if (c->istate == CHAN_INPUT_CLOSED && c->ostate == CHAN_OUTPUT_CLOSED) { debug("channel %d: closing", c->self); channel_free(c->self); } } void -chan_init_iostates(Channel *c){ - c->ostate=CHAN_OUTPUT_OPEN; - c->istate=CHAN_INPUT_OPEN; +chan_init_iostates(Channel *c) +{ + c->ostate = CHAN_OUTPUT_OPEN; + c->istate = CHAN_INPUT_OPEN; } Index: usr.bin/ssh/nchan.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/nchan.h,v retrieving revision 1.3 retrieving revision 1.5 diff -u -r1.3 -r1.5 --- usr.bin/ssh/nchan.h 1999/10/17 16:56:09 1.3 +++ usr.bin/ssh/nchan.h 1999/11/24 16:15:25 1.5 @@ -1,4 +1,33 @@ -/* RCSID("$Id: nchan.h,v 1.3 1999/10/17 16:56:09 markus Exp $"); */ +/* + * Copyright (c) 1999 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Markus Friedl. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* RCSID("$Id: nchan.h,v 1.5 1999/11/24 16:15:25 markus Exp $"); */ #ifndef NCHAN_H #define NCHAN_H @@ -7,24 +36,24 @@ * SSH Protocol 1.5 aka New Channel Protocol * Thanks to Martina, Axel and everyone who left Erlangen, leaving me bored. * Written by Markus Friedl in October 1999 - * + * * Protocol versions 1.3 and 1.5 differ in the handshake protocol used for the * tear down of channels: - * + * * 1.3: strict request-ack-protocol: * CLOSE -> * <- CLOSE_CONFIRM - * + * * 1.5: uses variations of: * IEOF -> * <- OCLOSE * <- IEOF * OCLOSE -> * i.e. both sides have to close the channel - * + * * See the debugging output from 'ssh -v' and 'sshd -d' of * ssh-1.2.27 as an example. - * + * */ /* ssh-proto-1.5 overloads prot-1.3-message-types */ @@ -44,14 +73,14 @@ #define CHAN_OUTPUT_CLOSED 0x80 /* EVENTS for the input state */ -void chan_rcvd_oclose(Channel *c); -void chan_read_failed(Channel *c); -void chan_ibuf_empty(Channel *c); +void chan_rcvd_oclose(Channel * c); +void chan_read_failed(Channel * c); +void chan_ibuf_empty(Channel * c); /* EVENTS for the output state */ -void chan_rcvd_ieof(Channel *c); -void chan_write_failed(Channel *c); -void chan_obuf_empty(Channel *c); +void chan_rcvd_ieof(Channel * c); +void chan_write_failed(Channel * c); +void chan_obuf_empty(Channel * c); -void chan_init_iostates(Channel *c); +void chan_init_iostates(Channel * c); #endif Index: usr.bin/ssh/nchan.ms =================================================================== RCS file: /cvs/src/usr.bin/ssh/nchan.ms,v retrieving revision 1.1 retrieving revision 1.4 diff -u -r1.1 -r1.4 --- usr.bin/ssh/nchan.ms 1999/10/17 16:56:09 1.1 +++ usr.bin/ssh/nchan.ms 1999/11/24 16:15:25 1.4 @@ -1,3 +1,31 @@ +.\" +.\" Copyright (c) 1999 Markus Friedl. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by Markus Friedl. +.\" 4. The name of the author may not be used to endorse or promote products +.\" derived from this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" .TL OpenSSH Channel Close Protocol 1.5 Implementation .SH @@ -44,3 +72,28 @@ ellipse wid .9*ellipsewid ht .9*ellipseht at S4 arrow "start" "" from S1.w+(-0.5,0) to S1.w .PE +.SH +Notes +.PP +The input buffer is filled with data from the socket +(the socket represents the local comsumer/producer of the +forwarded channel). +The data is then sent over the INPUT-end (transmit-end) of the channel to the +remote peer. +Data sent by the peer is received on the OUTPUT-end (receive-end), +saved in the output buffer and written to the socket. +.PP +If the local protocol instance has forwarded all data on the +INPUT-end of the channel, it sends an IEOF message to the peer. +If the peer receives the IEOF and has comsumed all +data he replies with an OCLOSE. +When the local instance receives the OCLOSE +he considers the INPUT-half of the channel closed. +The peer has his OUTOUT-half closed. +.PP +A channel can be deallocated by a protocol instance +if both the INPUT- and the OUTOUT-half on his +side of the channel are closed. +Note that when an instance is unable to comsume the +received data, he is permitted to send an OCLOSE +before the matching IEOF is received. Index: usr.bin/ssh/packet.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/packet.c,v retrieving revision 1.9 retrieving revision 1.17 diff -u -r1.9 -r1.17 --- usr.bin/ssh/packet.c 1999/10/05 01:23:54 1.9 +++ usr.bin/ssh/packet.c 1999/12/02 20:16:34 1.17 @@ -1,21 +1,21 @@ /* + * + * packet.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sat Mar 18 02:40:40 1995 ylo + * + * This file contains code implementing the packet protocol and communication + * with the other side. This same code is used both on client and server side. + * + */ -packet.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Mar 18 02:40:40 1995 ylo - -This file contains code implementing the packet protocol and communication -with the other side. This same code is used both on client and server side. - -*/ - #include "includes.h" -RCSID("$Id: packet.c,v 1.9 1999/10/05 01:23:54 dugsong Exp $"); +RCSID("$Id: packet.c,v 1.17 1999/12/02 20:16:34 markus Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -29,15 +29,19 @@ #include "compress.h" #include "deattack.h" -/* This variable contains the file descriptors used for communicating with - the other side. connection_in is used for reading; connection_out - for writing. These can be the same descriptor, in which case it is - assumed to be a socket. */ +/* + * This variable contains the file descriptors used for communicating with + * the other side. connection_in is used for reading; connection_out for + * writing. These can be the same descriptor, in which case it is assumed to + * be a socket. + */ static int connection_in = -1; static int connection_out = -1; -/* Cipher type. This value is only used to determine whether to pad the - packets with zeroes or random data. */ +/* + * Cipher type. This value is only used to determine whether to pad the + * packets with zeroes or random data. + */ static int cipher_type = SSH_CIPHER_NONE; /* Protocol flags for the remote side. */ @@ -45,7 +49,8 @@ /* Encryption context for receiving data. This is only used for decryption. */ static CipherContext receive_context; -/* Encryption coontext for sending data. This is only used for encryption. */ + +/* Encryption context for sending data. This is only used for encryption. */ static CipherContext send_context; /* Buffer for raw input data from the socket. */ @@ -66,34 +71,37 @@ /* Flag indicating whether packet compression/decompression is enabled. */ static int packet_compression = 0; +/* default maximum packet size */ +int max_packet_size = 32768; + /* Flag indicating whether this module has been initialized. */ static int initialized = 0; /* Set to true if the connection is interactive. */ static int interactive_mode = 0; -/* Sets the descriptors used for communication. Disables encryption until - packet_set_encryption_key is called. */ +/* + * Sets the descriptors used for communication. Disables encryption until + * packet_set_encryption_key is called. + */ void packet_set_connection(int fd_in, int fd_out) { - connection_in = fd_in; - connection_out = fd_out; - cipher_type = SSH_CIPHER_NONE; - cipher_set_key(&send_context, SSH_CIPHER_NONE, (unsigned char *)"", 0, 1); - cipher_set_key(&receive_context, SSH_CIPHER_NONE, (unsigned char *)"", 0, 0); - if (!initialized) - { - initialized = 1; - buffer_init(&input); - buffer_init(&output); - buffer_init(&outgoing_packet); - buffer_init(&incoming_packet); - } - - /* Kludge: arrange the close function to be called from fatal(). */ - fatal_add_cleanup((void (*)(void *))packet_close, NULL); + connection_in = fd_in; + connection_out = fd_out; + cipher_type = SSH_CIPHER_NONE; + cipher_set_key(&send_context, SSH_CIPHER_NONE, (unsigned char *) "", 0, 1); + cipher_set_key(&receive_context, SSH_CIPHER_NONE, (unsigned char *) "", 0, 0); + if (!initialized) { + initialized = 1; + buffer_init(&input); + buffer_init(&output); + buffer_init(&outgoing_packet); + buffer_init(&incoming_packet); + } + /* Kludge: arrange the close function to be called from fatal(). */ + fatal_add_cleanup((void (*) (void *)) packet_close, NULL); } /* Sets the connection into non-blocking mode. */ @@ -101,15 +109,14 @@ void packet_set_nonblocking() { - /* Set the socket into non-blocking mode. */ - if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0) - error("fcntl O_NONBLOCK: %.100s", strerror(errno)); - - if (connection_out != connection_in) - { - if (fcntl(connection_out, F_SETFL, O_NONBLOCK) < 0) - error("fcntl O_NONBLOCK: %.100s", strerror(errno)); - } + /* Set the socket into non-blocking mode. */ + if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0) + error("fcntl O_NONBLOCK: %.100s", strerror(errno)); + + if (connection_out != connection_in) { + if (fcntl(connection_out, F_SETFL, O_NONBLOCK) < 0) + error("fcntl O_NONBLOCK: %.100s", strerror(errno)); + } } /* Returns the socket used for reading. */ @@ -117,7 +124,7 @@ int packet_get_connection_in() { - return connection_in; + return connection_in; } /* Returns the descriptor used for writing. */ @@ -125,7 +132,7 @@ int packet_get_connection_out() { - return connection_out; + return connection_out; } /* Closes the connection and clears and frees internal data structures. */ @@ -133,28 +140,24 @@ void packet_close() { - if (!initialized) - return; - initialized = 0; - if (connection_in == connection_out) - { - shutdown(connection_out, SHUT_RDWR); - close(connection_out); - } - else - { - close(connection_in); - close(connection_out); - } - buffer_free(&input); - buffer_free(&output); - buffer_free(&outgoing_packet); - buffer_free(&incoming_packet); - if (packet_compression) - { - buffer_free(&compression_buffer); - buffer_compress_uninit(); - } + if (!initialized) + return; + initialized = 0; + if (connection_in == connection_out) { + shutdown(connection_out, SHUT_RDWR); + close(connection_out); + } else { + close(connection_in); + close(connection_out); + } + buffer_free(&input); + buffer_free(&output); + buffer_free(&outgoing_packet); + buffer_free(&incoming_packet); + if (packet_compression) { + buffer_free(&compression_buffer); + buffer_compress_uninit(); + } } /* Sets remote side protocol flags. */ @@ -162,8 +165,8 @@ void packet_set_protocol_flags(unsigned int protocol_flags) { - remote_protocol_flags = protocol_flags; - channel_set_options((protocol_flags & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) != 0); + remote_protocol_flags = protocol_flags; + channel_set_options((protocol_flags & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) != 0); } /* Returns the remote protocol flags set earlier by the above function. */ @@ -171,95 +174,83 @@ unsigned int packet_get_protocol_flags() { - return remote_protocol_flags; + return remote_protocol_flags; } -/* Starts packet compression from the next packet on in both directions. - Level is compression level 1 (fastest) - 9 (slow, best) as in gzip. */ +/* + * Starts packet compression from the next packet on in both directions. + * Level is compression level 1 (fastest) - 9 (slow, best) as in gzip. + */ void packet_start_compression(int level) { - if (packet_compression) - fatal("Compression already enabled."); - packet_compression = 1; - buffer_init(&compression_buffer); - buffer_compress_init(level); + if (packet_compression) + fatal("Compression already enabled."); + packet_compression = 1; + buffer_init(&compression_buffer); + buffer_compress_init(level); } -/* Encrypts the given number of bytes, copying from src to dest. - bytes is known to be a multiple of 8. */ +/* + * Encrypts the given number of bytes, copying from src to dest. bytes is + * known to be a multiple of 8. + */ void -packet_encrypt(CipherContext *cc, void *dest, void *src, +packet_encrypt(CipherContext * cc, void *dest, void *src, unsigned int bytes) { - assert((bytes % 8) == 0); - cipher_encrypt(cc, dest, src, bytes); + cipher_encrypt(cc, dest, src, bytes); } -/* Decrypts the given number of bytes, copying from src to dest. - bytes is known to be a multiple of 8. */ +/* + * Decrypts the given number of bytes, copying from src to dest. bytes is + * known to be a multiple of 8. + */ void -packet_decrypt(CipherContext *cc, void *dest, void *src, +packet_decrypt(CipherContext * cc, void *dest, void *src, unsigned int bytes) { - int i; - - assert((bytes % 8) == 0); - - /* - Cryptographic attack detector for ssh - Modifications for packet.c - (C)1998 CORE-SDI, Buenos Aires Argentina - Ariel Futoransky(futo@core-sdi.com) - */ - switch (cc->type) - { - case SSH_CIPHER_NONE: - i = DEATTACK_OK; - break; - default: - i = detect_attack(src, bytes, NULL); - break; - } - - if (i == DEATTACK_DETECTED) - packet_disconnect("crc32 compensation attack: network attack detected"); - - cipher_decrypt(cc, dest, src, bytes); -} - -/* Causes any further packets to be encrypted using the given key. The same - key is used for both sending and reception. However, both directions - are encrypted independently of each other. */ + int i; + + if ((bytes % 8) != 0) + fatal("packet_decrypt: bad ciphertext length %d", bytes); + + /* + * Cryptographic attack detector for ssh - Modifications for packet.c + * (C)1998 CORE-SDI, Buenos Aires Argentina Ariel Futoransky(futo@core-sdi.com) + */ + + switch (cc->type) { + case SSH_CIPHER_NONE: + i = DEATTACK_OK; + break; + default: + i = detect_attack(src, bytes, NULL); + break; + } + + if (i == DEATTACK_DETECTED) + packet_disconnect("crc32 compensation attack: network attack detected"); + + cipher_decrypt(cc, dest, src, bytes); +} + +/* + * Causes any further packets to be encrypted using the given key. The same + * key is used for both sending and reception. However, both directions are + * encrypted independently of each other. + */ void packet_set_encryption_key(const unsigned char *key, unsigned int keylen, - int cipher, int is_client) + int cipher) { - cipher_type = cipher; - if (cipher == SSH_CIPHER_RC4) - { - if (is_client) - { /* In client: use first half for receiving, second for sending. */ - cipher_set_key(&receive_context, cipher, key, keylen / 2, 0); - cipher_set_key(&send_context, cipher, key + keylen / 2, - keylen / 2, 1); - } - else - { /* In server: use first half for sending, second for receiving. */ - cipher_set_key(&receive_context, cipher, key + keylen / 2, - keylen / 2, 0); - cipher_set_key(&send_context, cipher, key, keylen / 2, 1); - } - } - else - { - /* All other ciphers use the same key in both directions for now. */ - cipher_set_key(&receive_context, cipher, key, keylen, 0); - cipher_set_key(&send_context, cipher, key, keylen, 1); - } + /* All other ciphers use the same key in both directions for now. */ + cipher_set_key(&receive_context, cipher, key, keylen, 0); + cipher_set_key(&send_context, cipher, key, keylen, 1); } /* Starts constructing a packet to send. */ @@ -267,12 +258,12 @@ void packet_start(int type) { - char buf[9]; + char buf[9]; - buffer_clear(&outgoing_packet); - memset(buf, 0, 8); - buf[8] = type; - buffer_append(&outgoing_packet, buf, 9); + buffer_clear(&outgoing_packet); + memset(buf, 0, 8); + buf[8] = type; + buffer_append(&outgoing_packet, buf, 9); } /* Appends a character to the packet data. */ @@ -280,8 +271,8 @@ void packet_put_char(int value) { - char ch = value; - buffer_append(&outgoing_packet, &ch, 1); + char ch = value; + buffer_append(&outgoing_packet, &ch, 1); } /* Appends an integer to the packet data. */ @@ -289,7 +280,7 @@ void packet_put_int(unsigned int value) { - buffer_put_int(&outgoing_packet, value); + buffer_put_int(&outgoing_packet, value); } /* Appends a string to packet data. */ @@ -297,258 +288,275 @@ void packet_put_string(const char *buf, unsigned int len) { - buffer_put_string(&outgoing_packet, buf, len); + buffer_put_string(&outgoing_packet, buf, len); } /* Appends an arbitrary precision integer to packet data. */ void -packet_put_bignum(BIGNUM *value) +packet_put_bignum(BIGNUM * value) { - buffer_put_bignum(&outgoing_packet, value); + buffer_put_bignum(&outgoing_packet, value); } + +/* + * Finalizes and sends the packet. If the encryption key has been set, + * encrypts the packet before sending. + */ -/* Finalizes and sends the packet. If the encryption key has been set, - encrypts the packet before sending. */ - void packet_send() { - char buf[8], *cp; - int i, padding, len; - unsigned int checksum; - u_int32_t rand = 0; - - /* If using packet compression, compress the payload of the outgoing - packet. */ - if (packet_compression) - { - buffer_clear(&compression_buffer); - buffer_consume(&outgoing_packet, 8); /* Skip padding. */ - buffer_append(&compression_buffer, "\0\0\0\0\0\0\0\0", 8); /* padding */ - buffer_compress(&outgoing_packet, &compression_buffer); - buffer_clear(&outgoing_packet); - buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); - } - - /* Compute packet length without padding (add checksum, remove padding). */ - len = buffer_len(&outgoing_packet) + 4 - 8; - - /* Insert padding. */ - padding = 8 - len % 8; - if (cipher_type != SSH_CIPHER_NONE) - { - cp = buffer_ptr(&outgoing_packet); - for (i = 0; i < padding; i++) { - if (i % 4 == 0) - rand = arc4random(); - cp[7 - i] = rand & 0xff; - rand >>= 8; - } - } - buffer_consume(&outgoing_packet, 8 - padding); - - /* Add check bytes. */ - checksum = crc32((unsigned char *)buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); - PUT_32BIT(buf, checksum); - buffer_append(&outgoing_packet, buf, 4); + char buf[8], *cp; + int i, padding, len; + unsigned int checksum; + u_int32_t rand = 0; + + /* + * If using packet compression, compress the payload of the outgoing + * packet. + */ + if (packet_compression) { + buffer_clear(&compression_buffer); + /* Skip padding. */ + buffer_consume(&outgoing_packet, 8); + /* padding */ + buffer_append(&compression_buffer, "\0\0\0\0\0\0\0\0", 8); + buffer_compress(&outgoing_packet, &compression_buffer); + buffer_clear(&outgoing_packet); + buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), + buffer_len(&compression_buffer)); + } + /* Compute packet length without padding (add checksum, remove padding). */ + len = buffer_len(&outgoing_packet) + 4 - 8; + + /* Insert padding. */ + padding = 8 - len % 8; + if (cipher_type != SSH_CIPHER_NONE) { + cp = buffer_ptr(&outgoing_packet); + for (i = 0; i < padding; i++) { + if (i % 4 == 0) + rand = arc4random(); + cp[7 - i] = rand & 0xff; + rand >>= 8; + } + } + buffer_consume(&outgoing_packet, 8 - padding); + /* Add check bytes. */ + checksum = crc32((unsigned char *) buffer_ptr(&outgoing_packet), + buffer_len(&outgoing_packet)); + PUT_32BIT(buf, checksum); + buffer_append(&outgoing_packet, buf, 4); + #ifdef PACKET_DEBUG - fprintf(stderr, "packet_send plain: "); - buffer_dump(&outgoing_packet); + fprintf(stderr, "packet_send plain: "); + buffer_dump(&outgoing_packet); #endif + + /* Append to output. */ + PUT_32BIT(buf, len); + buffer_append(&output, buf, 4); + buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); + packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), + buffer_len(&outgoing_packet)); - /* Append to output. */ - PUT_32BIT(buf, len); - buffer_append(&output, buf, 4); - buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); - packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); - #ifdef PACKET_DEBUG - fprintf(stderr, "encrypted: "); buffer_dump(&output); + fprintf(stderr, "encrypted: "); + buffer_dump(&output); #endif - buffer_clear(&outgoing_packet); + buffer_clear(&outgoing_packet); - /* Note that the packet is now only buffered in output. It won\'t be - actually sent until packet_write_wait or packet_write_poll is called. */ + /* + * Note that the packet is now only buffered in output. It won\'t be + * actually sent until packet_write_wait or packet_write_poll is + * called. + */ } -/* Waits until a packet has been received, and returns its type. Note that - no other data is processed until this returns, so this function should - not be used during the interactive session. */ +/* + * Waits until a packet has been received, and returns its type. Note that + * no other data is processed until this returns, so this function should not + * be used during the interactive session. + */ int packet_read(int *payload_len_ptr) { - int type, len; - fd_set set; - char buf[8192]; - - /* Since we are blocking, ensure that all written packets have been sent. */ - packet_write_wait(); - - /* Stay in the loop until we have received a complete packet. */ - for (;;) - { - /* Try to read a packet from the buffer. */ - type = packet_read_poll(payload_len_ptr); - if (type == SSH_SMSG_SUCCESS - || type == SSH_SMSG_FAILURE - || type == SSH_CMSG_EOF - || type == SSH_CMSG_EXIT_CONFIRMATION) - packet_integrity_check(*payload_len_ptr, 0, type); - /* If we got a packet, return it. */ - if (type != SSH_MSG_NONE) - return type; - /* Otherwise, wait for some data to arrive, add it to the buffer, - and try again. */ - FD_ZERO(&set); - FD_SET(connection_in, &set); - /* Wait for some data to arrive. */ - select(connection_in + 1, &set, NULL, NULL, NULL); - /* Read data from the socket. */ - len = read(connection_in, buf, sizeof(buf)); - if (len == 0) - fatal("Connection closed by remote host."); - if (len < 0) - fatal("Read from socket failed: %.100s", strerror(errno)); - /* Append it to the buffer. */ - packet_process_incoming(buf, len); - } - /*NOTREACHED*/ + int type, len; + fd_set set; + char buf[8192]; + + /* Since we are blocking, ensure that all written packets have been sent. */ + packet_write_wait(); + + /* Stay in the loop until we have received a complete packet. */ + for (;;) { + /* Try to read a packet from the buffer. */ + type = packet_read_poll(payload_len_ptr); + if (type == SSH_SMSG_SUCCESS + || type == SSH_SMSG_FAILURE + || type == SSH_CMSG_EOF + || type == SSH_CMSG_EXIT_CONFIRMATION) + packet_integrity_check(*payload_len_ptr, 0, type); + /* If we got a packet, return it. */ + if (type != SSH_MSG_NONE) + return type; + /* + * Otherwise, wait for some data to arrive, add it to the + * buffer, and try again. + */ + FD_ZERO(&set); + FD_SET(connection_in, &set); + + /* Wait for some data to arrive. */ + select(connection_in + 1, &set, NULL, NULL, NULL); + + /* Read data from the socket. */ + len = read(connection_in, buf, sizeof(buf)); + if (len == 0) + fatal("Connection closed by %.200s", get_remote_ipaddr()); + if (len < 0) + fatal("Read from socket failed: %.100s", strerror(errno)); + /* Append it to the buffer. */ + packet_process_incoming(buf, len); + } + /* NOTREACHED */ } -/* Waits until a packet has been received, verifies that its type matches - that given, and gives a fatal error and exits if there is a mismatch. */ +/* + * Waits until a packet has been received, verifies that its type matches + * that given, and gives a fatal error and exits if there is a mismatch. + */ void packet_read_expect(int *payload_len_ptr, int expected_type) { - int type; + int type; - type = packet_read(payload_len_ptr); - if (type != expected_type) - packet_disconnect("Protocol error: expected packet type %d, got %d", - expected_type, type); + type = packet_read(payload_len_ptr); + if (type != expected_type) + packet_disconnect("Protocol error: expected packet type %d, got %d", + expected_type, type); } /* Checks if a full packet is available in the data received so far via - packet_process_incoming. If so, reads the packet; otherwise returns - SSH_MSG_NONE. This does not wait for data from the connection. - - SSH_MSG_DISCONNECT is handled specially here. Also, - SSH_MSG_IGNORE messages are skipped by this function and are never returned - to higher levels. - - The returned payload_len does include space consumed by: - Packet length - Padding - Packet type - Check bytes + * packet_process_incoming. If so, reads the packet; otherwise returns + * SSH_MSG_NONE. This does not wait for data from the connection. + * + * SSH_MSG_DISCONNECT is handled specially here. Also, + * SSH_MSG_IGNORE messages are skipped by this function and are never returned + * to higher levels. + * + * The returned payload_len does include space consumed by: + * Packet length + * Padding + * Packet type + * Check bytes + */ - - */ - int packet_read_poll(int *payload_len_ptr) { - unsigned int len, padded_len; - unsigned char *ucp; - char buf[8], *cp; - unsigned int checksum, stored_checksum; - - restart: - - /* Check if input size is less than minimum packet size. */ - if (buffer_len(&input) < 4 + 8) - return SSH_MSG_NONE; - /* Get length of incoming packet. */ - ucp = (unsigned char *)buffer_ptr(&input); - len = GET_32BIT(ucp); - if (len < 1 + 2 + 2 || len > 256*1024) - packet_disconnect("Bad packet length %d.", len); - padded_len = (len + 8) & ~7; - - /* Check if the packet has been entirely received. */ - if (buffer_len(&input) < 4 + padded_len) - return SSH_MSG_NONE; - - /* The entire packet is in buffer. */ - - /* Consume packet length. */ - buffer_consume(&input, 4); - - /* Copy data to incoming_packet. */ - buffer_clear(&incoming_packet); - buffer_append_space(&incoming_packet, &cp, padded_len); - packet_decrypt(&receive_context, cp, buffer_ptr(&input), padded_len); - buffer_consume(&input, padded_len); + unsigned int len, padded_len; + unsigned char *ucp; + char buf[8], *cp; + unsigned int checksum, stored_checksum; + +restart: + + /* Check if input size is less than minimum packet size. */ + if (buffer_len(&input) < 4 + 8) + return SSH_MSG_NONE; + /* Get length of incoming packet. */ + ucp = (unsigned char *) buffer_ptr(&input); + len = GET_32BIT(ucp); + if (len < 1 + 2 + 2 || len > 256 * 1024) + packet_disconnect("Bad packet length %d.", len); + padded_len = (len + 8) & ~7; + + /* Check if the packet has been entirely received. */ + if (buffer_len(&input) < 4 + padded_len) + return SSH_MSG_NONE; + + /* The entire packet is in buffer. */ + + /* Consume packet length. */ + buffer_consume(&input, 4); + + /* Copy data to incoming_packet. */ + buffer_clear(&incoming_packet); + buffer_append_space(&incoming_packet, &cp, padded_len); + packet_decrypt(&receive_context, cp, buffer_ptr(&input), padded_len); + buffer_consume(&input, padded_len); #ifdef PACKET_DEBUG - fprintf(stderr, "read_poll plain: "); buffer_dump(&incoming_packet); + fprintf(stderr, "read_poll plain: "); + buffer_dump(&incoming_packet); #endif - - /* Compute packet checksum. */ - checksum = crc32((unsigned char *)buffer_ptr(&incoming_packet), - buffer_len(&incoming_packet) - 4); - - /* Skip padding. */ - buffer_consume(&incoming_packet, 8 - len % 8); - - /* Test check bytes. */ - assert(len == buffer_len(&incoming_packet)); - ucp = (unsigned char *)buffer_ptr(&incoming_packet) + len - 4; - stored_checksum = GET_32BIT(ucp); - if (checksum != stored_checksum) - packet_disconnect("Corrupted check bytes on input."); - buffer_consume_end(&incoming_packet, 4); - - /* If using packet compression, decompress the packet. */ - if (packet_compression) - { - buffer_clear(&compression_buffer); - buffer_uncompress(&incoming_packet, &compression_buffer); - buffer_clear(&incoming_packet); - buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); - } - - /* Get packet type. */ - buffer_get(&incoming_packet, &buf[0], 1); - - /* Return length of payload (without type field). */ - *payload_len_ptr = buffer_len(&incoming_packet); - - /* Handle disconnect message. */ - if ((unsigned char)buf[0] == SSH_MSG_DISCONNECT) - fatal("%.900s", packet_get_string(NULL)); - - /* Ignore ignore messages. */ - if ((unsigned char)buf[0] == SSH_MSG_IGNORE) - goto restart; - - /* Send debug messages as debugging output. */ - if ((unsigned char)buf[0] == SSH_MSG_DEBUG) - { - debug("Remote: %.900s", packet_get_string(NULL)); - goto restart; - } - - /* Return type. */ - return (unsigned char)buf[0]; -} - -/* Buffers the given amount of input characters. This is intended to be - used together with packet_read_poll. */ + /* Compute packet checksum. */ + checksum = crc32((unsigned char *) buffer_ptr(&incoming_packet), + buffer_len(&incoming_packet) - 4); + + /* Skip padding. */ + buffer_consume(&incoming_packet, 8 - len % 8); + + /* Test check bytes. */ + + if (len != buffer_len(&incoming_packet)) + packet_disconnect("packet_read_poll: len %d != buffer_len %d.", + len, buffer_len(&incoming_packet)); + + ucp = (unsigned char *) buffer_ptr(&incoming_packet) + len - 4; + stored_checksum = GET_32BIT(ucp); + if (checksum != stored_checksum) + packet_disconnect("Corrupted check bytes on input."); + buffer_consume_end(&incoming_packet, 4); + + /* If using packet compression, decompress the packet. */ + if (packet_compression) { + buffer_clear(&compression_buffer); + buffer_uncompress(&incoming_packet, &compression_buffer); + buffer_clear(&incoming_packet); + buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), + buffer_len(&compression_buffer)); + } + /* Get packet type. */ + buffer_get(&incoming_packet, &buf[0], 1); + + /* Return length of payload (without type field). */ + *payload_len_ptr = buffer_len(&incoming_packet); + + /* Handle disconnect message. */ + if ((unsigned char) buf[0] == SSH_MSG_DISCONNECT) { + log("Received disconnect: %.900s", packet_get_string(NULL)); + fatal_cleanup(); + } + + /* Ignore ignore messages. */ + if ((unsigned char) buf[0] == SSH_MSG_IGNORE) + goto restart; + + /* Send debug messages as debugging output. */ + if ((unsigned char) buf[0] == SSH_MSG_DEBUG) { + debug("Remote: %.900s", packet_get_string(NULL)); + goto restart; + } + /* Return type. */ + return (unsigned char) buf[0]; +} + +/* + * Buffers the given amount of input characters. This is intended to be used + * together with packet_read_poll. + */ + void packet_process_incoming(const char *buf, unsigned int len) { - buffer_append(&input, buf, len); + buffer_append(&input, buf, len); } /* Returns a character from the packet. */ @@ -556,9 +564,9 @@ unsigned int packet_get_char() { - char ch; - buffer_get(&incoming_packet, &ch, 1); - return (unsigned char)ch; + char ch; + buffer_get(&incoming_packet, &ch, 1); + return (unsigned char) ch; } /* Returns an integer from the packet data. */ @@ -566,126 +574,134 @@ unsigned int packet_get_int() { - return buffer_get_int(&incoming_packet); + return buffer_get_int(&incoming_packet); } -/* Returns an arbitrary precision integer from the packet data. The integer - must have been initialized before this call. */ +/* + * Returns an arbitrary precision integer from the packet data. The integer + * must have been initialized before this call. + */ void -packet_get_bignum(BIGNUM *value, int *length_ptr) +packet_get_bignum(BIGNUM * value, int *length_ptr) { - *length_ptr = buffer_get_bignum(&incoming_packet, value); + *length_ptr = buffer_get_bignum(&incoming_packet, value); } -/* Returns a string from the packet data. The string is allocated using - xmalloc; it is the responsibility of the calling program to free it when - no longer needed. The length_ptr argument may be NULL, or point to an - integer into which the length of the string is stored. */ +/* + * Returns a string from the packet data. The string is allocated using + * xmalloc; it is the responsibility of the calling program to free it when + * no longer needed. The length_ptr argument may be NULL, or point to an + * integer into which the length of the string is stored. + */ -char -*packet_get_string(unsigned int *length_ptr) +char * +packet_get_string(unsigned int *length_ptr) { - return buffer_get_string(&incoming_packet, length_ptr); + return buffer_get_string(&incoming_packet, length_ptr); } -/* Sends a diagnostic message from the server to the client. This message - can be sent at any time (but not while constructing another message). - The message is printed immediately, but only if the client is being - executed in verbose mode. These messages are primarily intended to - ease debugging authentication problems. The length of the formatted - message must not exceed 1024 bytes. This will automatically call - packet_write_wait. */ +/* + * Sends a diagnostic message from the server to the client. This message + * can be sent at any time (but not while constructing another message). The + * message is printed immediately, but only if the client is being executed + * in verbose mode. These messages are primarily intended to ease debugging + * authentication problems. The length of the formatted message must not + * exceed 1024 bytes. This will automatically call packet_write_wait. + */ void -packet_send_debug(const char *fmt, ...) +packet_send_debug(const char *fmt,...) { - char buf[1024]; - va_list args; - - va_start(args, fmt); - vsnprintf(buf, sizeof(buf), fmt, args); - va_end(args); - - packet_start(SSH_MSG_DEBUG); - packet_put_string(buf, strlen(buf)); - packet_send(); - packet_write_wait(); + char buf[1024]; + va_list args; + + va_start(args, fmt); + vsnprintf(buf, sizeof(buf), fmt, args); + va_end(args); + + packet_start(SSH_MSG_DEBUG); + packet_put_string(buf, strlen(buf)); + packet_send(); + packet_write_wait(); } -/* Logs the error plus constructs and sends a disconnect - packet, closes the connection, and exits. This function never returns. - The error message should not contain a newline. The length of the - formatted message must not exceed 1024 bytes. */ +/* + * Logs the error plus constructs and sends a disconnect packet, closes the + * connection, and exits. This function never returns. The error message + * should not contain a newline. The length of the formatted message must + * not exceed 1024 bytes. + */ void -packet_disconnect(const char *fmt, ...) +packet_disconnect(const char *fmt,...) { - char buf[1024]; - va_list args; - static int disconnecting = 0; - if (disconnecting) /* Guard against recursive invocations. */ - fatal("packet_disconnect called recursively."); - disconnecting = 1; + char buf[1024]; + va_list args; + static int disconnecting = 0; + if (disconnecting) /* Guard against recursive invocations. */ + fatal("packet_disconnect called recursively."); + disconnecting = 1; + + /* + * Format the message. Note that the caller must make sure the + * message is of limited size. + */ + va_start(args, fmt); + vsnprintf(buf, sizeof(buf), fmt, args); + va_end(args); - /* Format the message. Note that the caller must make sure the message - is of limited size. */ - va_start(args, fmt); - vsnprintf(buf, sizeof(buf), fmt, args); - va_end(args); + /* Send the disconnect message to the other side, and wait for it to get sent. */ + packet_start(SSH_MSG_DISCONNECT); + packet_put_string(buf, strlen(buf)); + packet_send(); + packet_write_wait(); - /* Send the disconnect message to the other side, and wait for it to get - sent. */ - packet_start(SSH_MSG_DISCONNECT); - packet_put_string(buf, strlen(buf)); - packet_send(); - packet_write_wait(); + /* Stop listening for connections. */ + channel_stop_listening(); - /* Stop listening for connections. */ - channel_stop_listening(); - - /* Close the connection. */ - packet_close(); + /* Close the connection. */ + packet_close(); - /* Display the error locally and exit. */ - fatal("Local: %.100s", buf); + /* Display the error locally and exit. */ + log("Disconnecting: %.100s", buf); + fatal_cleanup(); } -/* Checks if there is any buffered output, and tries to write some of the - output. */ +/* Checks if there is any buffered output, and tries to write some of the output. */ void packet_write_poll() { - int len = buffer_len(&output); - if (len > 0) - { - len = write(connection_out, buffer_ptr(&output), len); - if (len <= 0) { - if (errno == EAGAIN) - return; - else - fatal("Write failed: %.100s", strerror(errno)); - } - buffer_consume(&output, len); - } + int len = buffer_len(&output); + if (len > 0) { + len = write(connection_out, buffer_ptr(&output), len); + if (len <= 0) { + if (errno == EAGAIN) + return; + else + fatal("Write failed: %.100s", strerror(errno)); + } + buffer_consume(&output, len); + } } -/* Calls packet_write_poll repeatedly until all pending output data has - been written. */ +/* + * Calls packet_write_poll repeatedly until all pending output data has been + * written. + */ void packet_write_wait() { - packet_write_poll(); - while (packet_have_data_to_write()) - { - fd_set set; - FD_ZERO(&set); - FD_SET(connection_out, &set); - select(connection_out + 1, NULL, &set, NULL, NULL); - packet_write_poll(); - } + packet_write_poll(); + while (packet_have_data_to_write()) { + fd_set set; + FD_ZERO(&set); + FD_SET(connection_out, &set); + select(connection_out + 1, NULL, &set, NULL, NULL); + packet_write_poll(); + } } /* Returns true if there is buffered data to write to the connection. */ @@ -693,7 +709,7 @@ int packet_have_data_to_write() { - return buffer_len(&output) != 0; + return buffer_len(&output) != 0; } /* Returns true if there is not too much data to write to the connection. */ @@ -701,10 +717,10 @@ int packet_not_very_much_data_to_write() { - if (interactive_mode) - return buffer_len(&output) < 16384; - else - return buffer_len(&output) < 128*1024; + if (interactive_mode) + return buffer_len(&output) < 16384; + else + return buffer_len(&output) < 128 * 1024; } /* Informs that the current session is interactive. Sets IP flags for that. */ @@ -712,45 +728,46 @@ void packet_set_interactive(int interactive, int keepalives) { - int on = 1; + int on = 1; - /* Record that we are in interactive mode. */ - interactive_mode = interactive; + /* Record that we are in interactive mode. */ + interactive_mode = interactive; - /* Only set socket options if using a socket (as indicated by the descriptors - being the same). */ - if (connection_in != connection_out) - return; - - if (keepalives) - { - /* Set keepalives if requested. */ - if (setsockopt(connection_in, SOL_SOCKET, SO_KEEPALIVE, (void *)&on, - sizeof(on)) < 0) - error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); - } - - if (interactive) - { - /* Set IP options for an interactive connection. Use IPTOS_LOWDELAY - and TCP_NODELAY. */ - int lowdelay = IPTOS_LOWDELAY; - if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *)&lowdelay, - sizeof(lowdelay)) < 0) - error("setsockopt IPTOS_LOWDELAY: %.100s", strerror(errno)); - if (setsockopt(connection_in, IPPROTO_TCP, TCP_NODELAY, (void *)&on, - sizeof(on)) < 0) - error("setsockopt TCP_NODELAY: %.100s", strerror(errno)); - } - else - { - /* Set IP options for a non-interactive connection. Use - IPTOS_THROUGHPUT. */ - int throughput = IPTOS_THROUGHPUT; - if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *)&throughput, - sizeof(throughput)) < 0) - error("setsockopt IPTOS_THROUGHPUT: %.100s", strerror(errno)); - } + /* + * Only set socket options if using a socket (as indicated by the + * descriptors being the same). + */ + if (connection_in != connection_out) + return; + + if (keepalives) { + /* Set keepalives if requested. */ + if (setsockopt(connection_in, SOL_SOCKET, SO_KEEPALIVE, (void *) &on, + sizeof(on)) < 0) + error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); + } + if (interactive) { + /* + * Set IP options for an interactive connection. Use + * IPTOS_LOWDELAY and TCP_NODELAY. + */ + int lowdelay = IPTOS_LOWDELAY; + if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &lowdelay, + sizeof(lowdelay)) < 0) + error("setsockopt IPTOS_LOWDELAY: %.100s", strerror(errno)); + if (setsockopt(connection_in, IPPROTO_TCP, TCP_NODELAY, (void *) &on, + sizeof(on)) < 0) + error("setsockopt TCP_NODELAY: %.100s", strerror(errno)); + } else { + /* + * Set IP options for a non-interactive connection. Use + * IPTOS_THROUGHPUT. + */ + int throughput = IPTOS_THROUGHPUT; + if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &throughput, + sizeof(throughput)) < 0) + error("setsockopt IPTOS_THROUGHPUT: %.100s", strerror(errno)); + } } /* Returns true if the current connection is interactive. */ @@ -758,5 +775,22 @@ int packet_is_interactive() { - return interactive_mode; + return interactive_mode; +} + +int +packet_set_maxsize(int s) +{ + static int called = 0; + if (called) { + log("packet_set_maxsize: called twice: old %d new %d", max_packet_size, s); + return -1; + } + if (s < 4 * 1024 || s > 1024 * 1024) { + log("packet_set_maxsize: bad size %d", s); + return -1; + } + log("packet_set_maxsize: setting to %d", s); + max_packet_size = s; + return s; } Index: usr.bin/ssh/packet.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/packet.h,v retrieving revision 1.2 retrieving revision 1.6 diff -u -r1.2 -r1.6 --- usr.bin/ssh/packet.h 1999/09/28 04:45:36 1.2 +++ usr.bin/ssh/packet.h 1999/11/24 19:53:48 1.6 @@ -1,106 +1,122 @@ /* + * + * packet.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sat Mar 18 02:02:14 1995 ylo + * + * Interface for the packet protocol functions. + * + */ -packet.h +/* RCSID("$Id: packet.h,v 1.6 1999/11/24 19:53:48 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Mar 18 02:02:14 1995 ylo - -Interface for the packet protocol functions. - -*/ - -/* RCSID("$Id: packet.h,v 1.2 1999/09/28 04:45:36 provos Exp $"); */ - #ifndef PACKET_H #define PACKET_H #include -/* Sets the socket used for communication. Disables encryption until - packet_set_encryption_key is called. It is permissible that fd_in - and fd_out are the same descriptor; in that case it is assumed to - be a socket. */ -void packet_set_connection(int fd_in, int fd_out); +/* + * Sets the socket used for communication. Disables encryption until + * packet_set_encryption_key is called. It is permissible that fd_in and + * fd_out are the same descriptor; in that case it is assumed to be a socket. + */ +void packet_set_connection(int fd_in, int fd_out); /* Puts the connection file descriptors into non-blocking mode. */ -void packet_set_nonblocking(void); +void packet_set_nonblocking(void); /* Returns the file descriptor used for input. */ -int packet_get_connection_in(void); +int packet_get_connection_in(void); /* Returns the file descriptor used for output. */ -int packet_get_connection_out(void); +int packet_get_connection_out(void); -/* Closes the connection (both descriptors) and clears and frees - internal data structures. */ -void packet_close(void); - -/* Causes any further packets to be encrypted using the given key. The same - key is used for both sending and reception. However, both directions - are encrypted independently of each other. Cipher types are - defined in ssh.h. */ -void packet_set_encryption_key(const unsigned char *key, unsigned int keylen, - int cipher_type, int is_client); - -/* Sets remote side protocol flags for the current connection. This can - be called at any time. */ -void packet_set_protocol_flags(unsigned int flags); +/* + * Closes the connection (both descriptors) and clears and frees internal + * data structures. + */ +void packet_close(void); + +/* + * Causes any further packets to be encrypted using the given key. The same + * key is used for both sending and reception. However, both directions are + * encrypted independently of each other. Cipher types are defined in ssh.h. + */ +void +packet_set_encryption_key(const unsigned char *key, unsigned int keylen, + int cipher_type); + +/* + * Sets remote side protocol flags for the current connection. This can be + * called at any time. + */ +void packet_set_protocol_flags(unsigned int flags); /* Returns the remote protocol flags set earlier by the above function. */ unsigned int packet_get_protocol_flags(void); /* Enables compression in both directions starting from the next packet. */ -void packet_start_compression(int level); +void packet_start_compression(int level); -/* Informs that the current session is interactive. Sets IP flags for optimal - performance in interactive use. */ -void packet_set_interactive(int interactive, int keepalives); +/* + * Informs that the current session is interactive. Sets IP flags for + * optimal performance in interactive use. + */ +void packet_set_interactive(int interactive, int keepalives); /* Returns true if the current connection is interactive. */ -int packet_is_interactive(void); +int packet_is_interactive(void); /* Starts constructing a packet to send. */ -void packet_start(int type); +void packet_start(int type); /* Appends a character to the packet data. */ -void packet_put_char(int ch); +void packet_put_char(int ch); /* Appends an integer to the packet data. */ -void packet_put_int(unsigned int value); +void packet_put_int(unsigned int value); /* Appends an arbitrary precision integer to packet data. */ -void packet_put_bignum(BIGNUM *value); +void packet_put_bignum(BIGNUM * value); /* Appends a string to packet data. */ -void packet_put_string(const char *buf, unsigned int len); +void packet_put_string(const char *buf, unsigned int len); -/* Finalizes and sends the packet. If the encryption key has been set, - encrypts the packet before sending. */ -void packet_send(void); +/* + * Finalizes and sends the packet. If the encryption key has been set, + * encrypts the packet before sending. + */ +void packet_send(void); /* Waits until a packet has been received, and returns its type. */ -int packet_read(int *payload_len_ptr); +int packet_read(int *payload_len_ptr); -/* Waits until a packet has been received, verifies that its type matches - that given, and gives a fatal error and exits if there is a mismatch. */ -void packet_read_expect(int *payload_len_ptr, int type); - -/* Checks if a full packet is available in the data received so far via - packet_process_incoming. If so, reads the packet; otherwise returns - SSH_MSG_NONE. This does not wait for data from the connection. - - SSH_MSG_DISCONNECT is handled specially here. Also, - SSH_MSG_IGNORE messages are skipped by this function and are never returned - to higher levels. */ -int packet_read_poll(int *packet_len_ptr); - -/* Buffers the given amount of input characters. This is intended to be - used together with packet_read_poll. */ -void packet_process_incoming(const char *buf, unsigned int len); +/* + * Waits until a packet has been received, verifies that its type matches + * that given, and gives a fatal error and exits if there is a mismatch. + */ +void packet_read_expect(int *payload_len_ptr, int type); + +/* + * Checks if a full packet is available in the data received so far via + * packet_process_incoming. If so, reads the packet; otherwise returns + * SSH_MSG_NONE. This does not wait for data from the connection. + * SSH_MSG_DISCONNECT is handled specially here. Also, SSH_MSG_IGNORE + * messages are skipped by this function and are never returned to higher + * levels. + */ +int packet_read_poll(int *packet_len_ptr); + +/* + * Buffers the given amount of input characters. This is intended to be used + * together with packet_read_poll. + */ +void packet_process_incoming(const char *buf, unsigned int len); /* Returns a character (0-255) from the packet data. */ unsigned int packet_get_char(void); @@ -108,50 +124,62 @@ /* Returns an integer from the packet data. */ unsigned int packet_get_int(void); -/* Returns an arbitrary precision integer from the packet data. The integer - must have been initialized before this call. */ -void packet_get_bignum(BIGNUM *value, int *length_ptr); - -/* Returns a string from the packet data. The string is allocated using - xmalloc; it is the responsibility of the calling program to free it when - no longer needed. The length_ptr argument may be NULL, or point to an - integer into which the length of the string is stored. */ -char *packet_get_string(unsigned int *length_ptr); - -/* Logs the error in syslog using LOG_INFO, constructs and sends a disconnect - packet, closes the connection, and exits. This function never returns. - The error message should not contain a newline. The total length of the - message must not exceed 1024 bytes. */ -void packet_disconnect(const char *fmt, ...); - -/* Sends a diagnostic message to the other side. This message - can be sent at any time (but not while constructing another message). - The message is printed immediately, but only if the client is being - executed in verbose mode. These messages are primarily intended to - ease debugging authentication problems. The total length of the message - must not exceed 1024 bytes. This will automatically call - packet_write_wait. If the remote side protocol flags do not indicate - that it supports SSH_MSG_DEBUG, this will do nothing. */ -void packet_send_debug(const char *fmt, ...); - -/* Checks if there is any buffered output, and tries to write some of the - output. */ -void packet_write_poll(void); +/* + * Returns an arbitrary precision integer from the packet data. The integer + * must have been initialized before this call. + */ +void packet_get_bignum(BIGNUM * value, int *length_ptr); + +/* + * Returns a string from the packet data. The string is allocated using + * xmalloc; it is the responsibility of the calling program to free it when + * no longer needed. The length_ptr argument may be NULL, or point to an + * integer into which the length of the string is stored. + */ +char *packet_get_string(unsigned int *length_ptr); + +/* + * Logs the error in syslog using LOG_INFO, constructs and sends a disconnect + * packet, closes the connection, and exits. This function never returns. + * The error message should not contain a newline. The total length of the + * message must not exceed 1024 bytes. + */ +void packet_disconnect(const char *fmt,...); + +/* + * Sends a diagnostic message to the other side. This message can be sent at + * any time (but not while constructing another message). The message is + * printed immediately, but only if the client is being executed in verbose + * mode. These messages are primarily intended to ease debugging + * authentication problems. The total length of the message must not exceed + * 1024 bytes. This will automatically call packet_write_wait. If the + * remote side protocol flags do not indicate that it supports SSH_MSG_DEBUG, + * this will do nothing. + */ +void packet_send_debug(const char *fmt,...); +/* Checks if there is any buffered output, and tries to write some of the output. */ +void packet_write_poll(void); + /* Waits until all pending output data has been written. */ -void packet_write_wait(void); +void packet_write_wait(void); /* Returns true if there is buffered data to write to the connection. */ -int packet_have_data_to_write(void); +int packet_have_data_to_write(void); /* Returns true if there is not too much data to write to the connection. */ -int packet_not_very_much_data_to_write(void); +int packet_not_very_much_data_to_write(void); + +/* maximum packet size, requested by client with SSH_CMSG_MAX_PACKET_SIZE */ +extern int max_packet_size; +int packet_set_maxsize(int s); +#define packet_get_maxsize() max_packet_size /* Stores tty modes from the fd into current packet. */ -void tty_make_modes(int fd); +void tty_make_modes(int fd); /* Parses tty modes for the fd from the current packet. */ -void tty_parse_modes(int fd, int *n_bytes_ptr); +void tty_parse_modes(int fd, int *n_bytes_ptr); #define packet_integrity_check(payload_len, expected_len, type) \ do { \ @@ -163,4 +191,4 @@ } \ } while (0) -#endif /* PACKET_H */ +#endif /* PACKET_H */ Index: usr.bin/ssh/pty.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/pty.c,v retrieving revision 1.5 retrieving revision 1.9 diff -u -r1.5 -r1.9 --- usr.bin/ssh/pty.c 1999/10/16 20:57:52 1.5 +++ usr.bin/ssh/pty.c 1999/12/06 12:10:12 1.9 @@ -1,20 +1,20 @@ /* + * + * pty.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 17 04:37:25 1995 ylo + * + * Allocating a pseudo-terminal, and making it the controlling tty. + * + */ -pty.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Fri Mar 17 04:37:25 1995 ylo - -Allocating a pseudo-terminal, and making it the controlling tty. - -*/ - #include "includes.h" -RCSID("$Id: pty.c,v 1.5 1999/10/16 20:57:52 deraadt Exp $"); +RCSID("$Id: pty.c,v 1.9 1999/12/06 12:10:12 deraadt Exp $"); #include "pty.h" #include "ssh.h" @@ -28,237 +28,223 @@ #define O_NOCTTY 0 #endif -/* Allocates and opens a pty. Returns 0 if no pty could be allocated, - or nonzero if a pty was successfully allocated. On success, open file - descriptors for the pty and tty sides and the name of the tty side are - returned (the buffer must be able to hold at least 64 characters). */ +/* + * Allocates and opens a pty. Returns 0 if no pty could be allocated, or + * nonzero if a pty was successfully allocated. On success, open file + * descriptors for the pty and tty sides and the name of the tty side are + * returned (the buffer must be able to hold at least 64 characters). + */ -int pty_allocate(int *ptyfd, int *ttyfd, char *namebuf) +int +pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) { -#ifdef HAVE_OPENPTY - - /* openpty(3) exists in OSF/1 and some other os'es */ - - int i; - - i = openpty(ptyfd, ttyfd, namebuf, NULL, NULL); - - if (i < 0) - { - error("openpty: %.100s", strerror(errno)); - return 0; - } - - return 1; - +#if defined(HAVE_OPENPTY) || defined(BSD4_4) + /* openpty(3) exists in OSF/1 and some other os'es */ + char buf[64]; + int i; + + i = openpty(ptyfd, ttyfd, buf, NULL, NULL); + if (i < 0) { + error("openpty: %.100s", strerror(errno)); + return 0; + } + strlcpy(namebuf, buf, namebuflen); /* possible truncation */ + return 1; #else /* HAVE_OPENPTY */ #ifdef HAVE__GETPTY - - /* _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more - pty's automagically when needed */ - - char *slave; - - slave = _getpty(ptyfd, O_RDWR, 0622, 0); - if (slave == NULL) - { - error("_getpty: %.100s", strerror(errno)); - return 0; - } - strcpy(namebuf, slave); - /* Open the slave side. */ - *ttyfd = open(namebuf, O_RDWR|O_NOCTTY); - if (*ttyfd < 0) - { - error("%.200s: %.100s", namebuf, strerror(errno)); - close(*ptyfd); - return 0; - } - return 1; - + /* + * _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more + * pty's automagically when needed + */ + char *slave; + + slave = _getpty(ptyfd, O_RDWR, 0622, 0); + if (slave == NULL) { + error("_getpty: %.100s", strerror(errno)); + return 0; + } + strlcpy(namebuf, slave, namebuflen); + /* Open the slave side. */ + *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); + if (*ttyfd < 0) { + error("%.200s: %.100s", namebuf, strerror(errno)); + close(*ptyfd); + return 0; + } + return 1; #else /* HAVE__GETPTY */ #ifdef HAVE_DEV_PTMX - /* This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3 also has - bsd-style ptys, but they simply do not work.) */ - - int ptm; - char *pts; - - ptm = open("/dev/ptmx", O_RDWR|O_NOCTTY); - if (ptm < 0) - { - error("/dev/ptmx: %.100s", strerror(errno)); - return 0; - } - if (grantpt(ptm) < 0) - { - error("grantpt: %.100s", strerror(errno)); - return 0; - } - if (unlockpt(ptm) < 0) - { - error("unlockpt: %.100s", strerror(errno)); - return 0; - } - pts = ptsname(ptm); - if (pts == NULL) - error("Slave pty side name could not be obtained."); - strcpy(namebuf, pts); - *ptyfd = ptm; - - /* Open the slave side. */ - *ttyfd = open(namebuf, O_RDWR|O_NOCTTY); - if (*ttyfd < 0) - { - error("%.100s: %.100s", namebuf, strerror(errno)); - close(*ptyfd); - return 0; - } - /* Push the appropriate streams modules, as described in Solaris pts(7). */ - if (ioctl(*ttyfd, I_PUSH, "ptem") < 0) - error("ioctl I_PUSH ptem: %.100s", strerror(errno)); - if (ioctl(*ttyfd, I_PUSH, "ldterm") < 0) - error("ioctl I_PUSH ldterm: %.100s", strerror(errno)); - if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0) - error("ioctl I_PUSH ttcompat: %.100s", strerror(errno)); - return 1; - + /* + * This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3 + * also has bsd-style ptys, but they simply do not work.) + */ + int ptm; + char *pts; + + ptm = open("/dev/ptmx", O_RDWR | O_NOCTTY); + if (ptm < 0) { + error("/dev/ptmx: %.100s", strerror(errno)); + return 0; + } + if (grantpt(ptm) < 0) { + error("grantpt: %.100s", strerror(errno)); + return 0; + } + if (unlockpt(ptm) < 0) { + error("unlockpt: %.100s", strerror(errno)); + return 0; + } + pts = ptsname(ptm); + if (pts == NULL) + error("Slave pty side name could not be obtained."); + strlcpy(namebuf, pts, namebuflen); + *ptyfd = ptm; + + /* Open the slave side. */ + *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); + if (*ttyfd < 0) { + error("%.100s: %.100s", namebuf, strerror(errno)); + close(*ptyfd); + return 0; + } + /* Push the appropriate streams modules, as described in Solaris pts(7). */ + if (ioctl(*ttyfd, I_PUSH, "ptem") < 0) + error("ioctl I_PUSH ptem: %.100s", strerror(errno)); + if (ioctl(*ttyfd, I_PUSH, "ldterm") < 0) + error("ioctl I_PUSH ldterm: %.100s", strerror(errno)); + if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0) + error("ioctl I_PUSH ttcompat: %.100s", strerror(errno)); + return 1; #else /* HAVE_DEV_PTMX */ #ifdef HAVE_DEV_PTS_AND_PTC - - /* AIX-style pty code. */ - - const char *name; - - *ptyfd = open("/dev/ptc", O_RDWR|O_NOCTTY); - if (*ptyfd < 0) - { - error("Could not open /dev/ptc: %.100s", strerror(errno)); - return 0; - } - name = ttyname(*ptyfd); - if (!name) - fatal("Open of /dev/ptc returns device for which ttyname fails."); - strcpy(namebuf, name); - *ttyfd = open(name, O_RDWR|O_NOCTTY); - if (*ttyfd < 0) - { - error("Could not open pty slave side %.100s: %.100s", - name, strerror(errno)); - close(*ptyfd); - return 0; - } - return 1; + /* AIX-style pty code. */ + const char *name; + *ptyfd = open("/dev/ptc", O_RDWR | O_NOCTTY); + if (*ptyfd < 0) { + error("Could not open /dev/ptc: %.100s", strerror(errno)); + return 0; + } + name = ttyname(*ptyfd); + if (!name) + fatal("Open of /dev/ptc returns device for which ttyname fails."); + strlcpy(namebuf, name, namebuflen); + *ttyfd = open(name, O_RDWR | O_NOCTTY); + if (*ttyfd < 0) { + error("Could not open pty slave side %.100s: %.100s", + name, strerror(errno)); + close(*ptyfd); + return 0; + } + return 1; #else /* HAVE_DEV_PTS_AND_PTC */ - /* BSD-style pty code. */ - - char buf[64]; - int i; - const char *ptymajors = - "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ"; - const char *ptyminors = "0123456789abcdef"; - int num_minors = strlen(ptyminors); - int num_ptys = strlen(ptymajors) * num_minors; - - for (i = 0; i < num_ptys; i++) - { - snprintf(buf, sizeof buf, "/dev/pty%c%c", ptymajors[i / num_minors], - ptyminors[i % num_minors]); - *ptyfd = open(buf, O_RDWR|O_NOCTTY); - if (*ptyfd < 0) - continue; - snprintf(namebuf, sizeof buf, "/dev/tty%c%c", ptymajors[i / num_minors], - ptyminors[i % num_minors]); - - /* Open the slave side. */ - *ttyfd = open(namebuf, O_RDWR|O_NOCTTY); - if (*ttyfd < 0) - { - error("%.100s: %.100s", namebuf, strerror(errno)); - close(*ptyfd); - return 0; - } - return 1; - } - return 0; + /* BSD-style pty code. */ + char buf[64]; + int i; + const char *ptymajors = "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ"; + const char *ptyminors = "0123456789abcdef"; + int num_minors = strlen(ptyminors); + int num_ptys = strlen(ptymajors) * num_minors; + + for (i = 0; i < num_ptys; i++) { + snprintf(buf, sizeof buf, "/dev/pty%c%c", ptymajors[i / num_minors], + ptyminors[i % num_minors]); + *ptyfd = open(buf, O_RDWR | O_NOCTTY); + if (*ptyfd < 0) + continue; + snprintf(namebuf, sizeof namebuflen, "/dev/tty%c%c", + ptymajors[i / num_minors], ptyminors[i % num_minors]); + + /* Open the slave side. */ + *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); + if (*ttyfd < 0) { + error("%.100s: %.100s", namebuf, strerror(errno)); + close(*ptyfd); + return 0; + } + return 1; + } + return 0; #endif /* HAVE_DEV_PTS_AND_PTC */ #endif /* HAVE_DEV_PTMX */ #endif /* HAVE__GETPTY */ #endif /* HAVE_OPENPTY */ } -/* Releases the tty. Its ownership is returned to root, and permissions to - 0666. */ +/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */ -void pty_release(const char *ttyname) +void +pty_release(const char *ttyname) { - if (chown(ttyname, (uid_t)0, (gid_t)0) < 0) - debug("chown %.100s 0 0 failed: %.100s", ttyname, strerror(errno)); - if (chmod(ttyname, (mode_t)0666) < 0) - debug("chmod %.100s 0666 failed: %.100s", ttyname, strerror(errno)); + if (chown(ttyname, (uid_t) 0, (gid_t) 0) < 0) + debug("chown %.100s 0 0 failed: %.100s", ttyname, strerror(errno)); + if (chmod(ttyname, (mode_t) 0666) < 0) + debug("chmod %.100s 0666 failed: %.100s", ttyname, strerror(errno)); } /* Makes the tty the processes controlling tty and sets it to sane modes. */ -void pty_make_controlling_tty(int *ttyfd, const char *ttyname) +void +pty_make_controlling_tty(int *ttyfd, const char *ttyname) { - int fd; + int fd; - /* First disconnect from the old controlling tty. */ + /* First disconnect from the old controlling tty. */ #ifdef TIOCNOTTY - fd = open("/dev/tty", O_RDWR|O_NOCTTY); - if (fd >= 0) - { - (void)ioctl(fd, TIOCNOTTY, NULL); - close(fd); - } + fd = open("/dev/tty", O_RDWR | O_NOCTTY); + if (fd >= 0) { + (void) ioctl(fd, TIOCNOTTY, NULL); + close(fd); + } #endif /* TIOCNOTTY */ - if (setsid() < 0) - error("setsid: %.100s", strerror(errno)); - - /* Verify that we are successfully disconnected from the controlling tty. */ - fd = open("/dev/tty", O_RDWR|O_NOCTTY); - if (fd >= 0) - { - error("Failed to disconnect from controlling tty."); - close(fd); - } + if (setsid() < 0) + error("setsid: %.100s", strerror(errno)); - /* Make it our controlling tty. */ + /* + * Verify that we are successfully disconnected from the controlling + * tty. + */ + fd = open("/dev/tty", O_RDWR | O_NOCTTY); + if (fd >= 0) { + error("Failed to disconnect from controlling tty."); + close(fd); + } + /* Make it our controlling tty. */ #ifdef TIOCSCTTY - debug("Setting controlling tty using TIOCSCTTY."); - /* We ignore errors from this, because HPSUX defines TIOCSCTTY, but returns - EINVAL with these arguments, and there is absolutely no documentation. */ - ioctl(*ttyfd, TIOCSCTTY, NULL); + debug("Setting controlling tty using TIOCSCTTY."); + /* + * We ignore errors from this, because HPSUX defines TIOCSCTTY, but + * returns EINVAL with these arguments, and there is absolutely no + * documentation. + */ + ioctl(*ttyfd, TIOCSCTTY, NULL); #endif /* TIOCSCTTY */ - fd = open(ttyname, O_RDWR); - if (fd < 0) - error("%.100s: %.100s", ttyname, strerror(errno)); - else - close(fd); - - /* Verify that we now have a controlling tty. */ - fd = open("/dev/tty", O_WRONLY); - if (fd < 0) - error("open /dev/tty failed - could not set controlling tty: %.100s", - strerror(errno)); - else - { - close(fd); - } + fd = open(ttyname, O_RDWR); + if (fd < 0) + error("%.100s: %.100s", ttyname, strerror(errno)); + else + close(fd); + + /* Verify that we now have a controlling tty. */ + fd = open("/dev/tty", O_WRONLY); + if (fd < 0) + error("open /dev/tty failed - could not set controlling tty: %.100s", + strerror(errno)); + else { + close(fd); + } } /* Changes the window size associated with the pty. */ -void pty_change_window_size(int ptyfd, int row, int col, - int xpixel, int ypixel) +void +pty_change_window_size(int ptyfd, int row, int col, + int xpixel, int ypixel) { - struct winsize w; - w.ws_row = row; - w.ws_col = col; - w.ws_xpixel = xpixel; - w.ws_ypixel = ypixel; - (void)ioctl(ptyfd, TIOCSWINSZ, &w); + struct winsize w; + w.ws_row = row; + w.ws_col = col; + w.ws_xpixel = xpixel; + w.ws_ypixel = ypixel; + (void) ioctl(ptyfd, TIOCSWINSZ, &w); } - Index: usr.bin/ssh/pty.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/pty.h,v retrieving revision 1.1 retrieving revision 1.4 diff -u -r1.1 -r1.4 --- usr.bin/ssh/pty.h 1999/09/26 20:53:36 1.1 +++ usr.bin/ssh/pty.h 1999/12/06 12:10:12 1.4 @@ -1,40 +1,46 @@ /* + * + * pty.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 17 05:03:28 1995 ylo + * + * Functions for allocating a pseudo-terminal and making it the controlling + * tty. + */ -pty.h +/* RCSID("$Id: pty.h,v 1.4 1999/12/06 12:10:12 deraadt Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Fri Mar 17 05:03:28 1995 ylo - -Functions for allocating a pseudo-terminal and making it the controlling -tty. - -*/ - -/* RCSID("$Id: pty.h,v 1.1 1999/09/26 20:53:36 deraadt Exp $"); */ - #ifndef PTY_H #define PTY_H -/* Allocates and opens a pty. Returns 0 if no pty could be allocated, - or nonzero if a pty was successfully allocated. On success, open file - descriptors for the pty and tty sides and the name of the tty side are - returned (the buffer must be able to hold at least 64 characters). */ -int pty_allocate(int *ptyfd, int *ttyfd, char *ttyname); - -/* Releases the tty. Its ownership is returned to root, and permissions to - 0666. */ -void pty_release(const char *ttyname); - -/* Makes the tty the processes controlling tty and sets it to sane modes. - This may need to reopen the tty to get rid of possible eavesdroppers. */ -void pty_make_controlling_tty(int *ttyfd, const char *ttyname); +/* + * Allocates and opens a pty. Returns 0 if no pty could be allocated, or + * nonzero if a pty was successfully allocated. On success, open file + * descriptors for the pty and tty sides and the name of the tty side are + * returned (the buffer must be able to hold at least 64 characters). + */ +int pty_allocate(int *ptyfd, int *ttyfd, char *ttyname, int ttynamelen); + +/* + * Releases the tty. Its ownership is returned to root, and permissions to + * 0666. + */ +void pty_release(const char *ttyname); + +/* + * Makes the tty the processes controlling tty and sets it to sane modes. + * This may need to reopen the tty to get rid of possible eavesdroppers. + */ +void pty_make_controlling_tty(int *ttyfd, const char *ttyname); /* Changes the window size associated with the pty. */ -void pty_change_window_size(int ptyfd, int row, int col, - int xpixel, int ypixel); +void +pty_change_window_size(int ptyfd, int row, int col, + int xpixel, int ypixel); -#endif /* PTY_H */ +#endif /* PTY_H */ Index: usr.bin/ssh/radix.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/radix.c,v retrieving revision 1.3 retrieving revision 1.6 diff -u -r1.3 -r1.6 --- usr.bin/ssh/radix.c 1999/10/01 18:18:40 1.3 +++ usr.bin/ssh/radix.c 1999/11/24 19:53:49 1.6 @@ -1,101 +1,107 @@ /* - radix.c + * radix.c + * + * base-64 encoding pinched from lynx2-7-2, who pinched it from rpem. + * Originally written by Mark Riordan 12 August 1990 and 17 Feb 1991 + * and placed in the public domain. + * + * Dug Song + */ - base-64 encoding pinched from lynx2-7-2, who pinched it from rpem. - Originally written by Mark Riordan 12 August 1990 and 17 Feb 1991 - and placed in the public domain. - - Dug Song -*/ - #include "includes.h" #ifdef AFS #include char six2pr[64] = { - 'A','B','C','D','E','F','G','H','I','J','K','L','M', - 'N','O','P','Q','R','S','T','U','V','W','X','Y','Z', - 'a','b','c','d','e','f','g','h','i','j','k','l','m', - 'n','o','p','q','r','s','t','u','v','w','x','y','z', - '0','1','2','3','4','5','6','7','8','9','+','/' + 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', + 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', + 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', + 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', + '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' }; unsigned char pr2six[256]; -int uuencode(unsigned char *bufin, unsigned int nbytes, char *bufcoded) +int +uuencode(unsigned char *bufin, unsigned int nbytes, char *bufcoded) { - /* ENC is the basic 1 character encoding function to make a char printing */ + /* ENC is the basic 1 character encoding function to make a char printing */ #define ENC(c) six2pr[c] - - register char *outptr = bufcoded; - unsigned int i; - - for (i=0; i> 2); /* c1 */ - *(outptr++) = ENC(((*bufin << 4) & 060) | ((bufin[1] >> 4) & 017)); /*c2*/ - *(outptr++) = ENC(((bufin[1] << 2) & 074) | ((bufin[2] >> 6) & 03));/*c3*/ - *(outptr++) = ENC(bufin[2] & 077); /* c4 */ - bufin += 3; - } - if (i == nbytes+1) { - outptr[-1] = '='; - } else if (i == nbytes+2) { - outptr[-1] = '='; - outptr[-2] = '='; - } - *outptr = '\0'; - return(outptr - bufcoded); + + register char *outptr = bufcoded; + unsigned int i; + + for (i = 0; i < nbytes; i += 3) { + *(outptr++) = ENC(*bufin >> 2); /* c1 */ + *(outptr++) = ENC(((*bufin << 4) & 060) | ((bufin[1] >> 4) & 017)); /* c2 */ + *(outptr++) = ENC(((bufin[1] << 2) & 074) | ((bufin[2] >> 6) & 03)); /* c3 */ + *(outptr++) = ENC(bufin[2] & 077); /* c4 */ + bufin += 3; + } + if (i == nbytes + 1) { + outptr[-1] = '='; + } else if (i == nbytes + 2) { + outptr[-1] = '='; + outptr[-2] = '='; + } + *outptr = '\0'; + return (outptr - bufcoded); } -int uudecode(const char *bufcoded, unsigned char *bufplain, int outbufsize) +int +uudecode(const char *bufcoded, unsigned char *bufplain, int outbufsize) { - /* single character decode */ + /* single character decode */ #define DEC(c) pr2six[(unsigned char)c] #define MAXVAL 63 - - static int first = 1; - int nbytesdecoded, j; - const char *bufin = bufcoded; - register unsigned char *bufout = bufplain; - register int nprbytes; - - /* If this is the first call, initialize the mapping table. */ - if (first) { - first = 0; - for(j=0; j<256; j++) pr2six[j] = MAXVAL+1; - for(j=0; j<64; j++) pr2six[(unsigned char)six2pr[j]] = (unsigned char)j; - } - - /* Strip leading whitespace. */ - while (*bufcoded==' ' || *bufcoded == '\t') bufcoded++; - - /* Figure out how many characters are in the input buffer. - If this would decode into more bytes than would fit into - the output buffer, adjust the number of input bytes downwards. */ - bufin = bufcoded; - while (DEC(*(bufin++)) <= MAXVAL); - nprbytes = bufin - bufcoded - 1; - nbytesdecoded = ((nprbytes+3)/4) * 3; - if (nbytesdecoded > outbufsize) - nprbytes = (outbufsize*4)/3; - - bufin = bufcoded; - - while (nprbytes > 0) { - *(bufout++) = (unsigned char) (DEC(*bufin) << 2 | DEC(bufin[1]) >> 4); - *(bufout++) = (unsigned char) (DEC(bufin[1]) << 4 | DEC(bufin[2]) >> 2); - *(bufout++) = (unsigned char) (DEC(bufin[2]) << 6 | DEC(bufin[3])); - bufin += 4; - nprbytes -= 4; - } - if (nprbytes & 03) { - if (DEC(bufin[-2]) > MAXVAL) - nbytesdecoded -= 2; - else - nbytesdecoded -= 1; - } - return(nbytesdecoded); + + static int first = 1; + int nbytesdecoded, j; + const char *bufin = bufcoded; + register unsigned char *bufout = bufplain; + register int nprbytes; + + /* If this is the first call, initialize the mapping table. */ + if (first) { + first = 0; + for (j = 0; j < 256; j++) + pr2six[j] = MAXVAL + 1; + for (j = 0; j < 64; j++) + pr2six[(unsigned char) six2pr[j]] = (unsigned char) j; + } + /* Strip leading whitespace. */ + while (*bufcoded == ' ' || *bufcoded == '\t') + bufcoded++; + + /* + * Figure out how many characters are in the input buffer. If this + * would decode into more bytes than would fit into the output + * buffer, adjust the number of input bytes downwards. + */ + bufin = bufcoded; + while (DEC(*(bufin++)) <= MAXVAL); + nprbytes = bufin - bufcoded - 1; + nbytesdecoded = ((nprbytes + 3) / 4) * 3; + if (nbytesdecoded > outbufsize) + nprbytes = (outbufsize * 4) / 3; + + bufin = bufcoded; + + while (nprbytes > 0) { + *(bufout++) = (unsigned char) (DEC(*bufin) << 2 | DEC(bufin[1]) >> 4); + *(bufout++) = (unsigned char) (DEC(bufin[1]) << 4 | DEC(bufin[2]) >> 2); + *(bufout++) = (unsigned char) (DEC(bufin[2]) << 6 | DEC(bufin[3])); + bufin += 4; + nprbytes -= 4; + } + if (nprbytes & 03) { + if (DEC(bufin[-2]) > MAXVAL) + nbytesdecoded -= 2; + else + nbytesdecoded -= 1; + } + return (nbytesdecoded); } typedef unsigned char my_u_char; @@ -156,103 +162,124 @@ } -int creds_to_radix(CREDENTIALS *creds, unsigned char *buf) +int +creds_to_radix(CREDENTIALS *creds, unsigned char *buf) { - char *p, *s; - int len; - char temp[2048]; - - p = temp; - *p++ = 1; /* version */ - s = creds->service; while (*s) *p++ = *s++; *p++ = *s; - s = creds->instance; while (*s) *p++ = *s++; *p++ = *s; - s = creds->realm; while (*s) *p++ = *s++; *p++ = *s; - - s = creds->pname; while (*s) *p++ = *s++; *p++ = *s; - s = creds->pinst; while (*s) *p++ = *s++; *p++ = *s; - /* Null string to repeat the realm. */ - *p++ = '\0'; - - PUTLONG(creds->issue_date,p); - { - unsigned int endTime ; - endTime = (unsigned int)krb_life_to_time(creds->issue_date, - creds->lifetime); - PUTLONG(endTime,p); - } - - memcpy(p,&creds->session, sizeof(creds->session)); - p += sizeof(creds->session); - - PUTSHORT(creds->kvno,p); - PUTLONG(creds->ticket_st.length,p); - - memcpy(p,creds->ticket_st.dat, creds->ticket_st.length); - p += creds->ticket_st.length; - len = p - temp; + char *p, *s; + int len; + char temp[2048]; + + p = temp; + *p++ = 1; /* version */ + s = creds->service; + while (*s) + *p++ = *s++; + *p++ = *s; + s = creds->instance; + while (*s) + *p++ = *s++; + *p++ = *s; + s = creds->realm; + while (*s) + *p++ = *s++; + *p++ = *s; + + s = creds->pname; + while (*s) + *p++ = *s++; + *p++ = *s; + s = creds->pinst; + while (*s) + *p++ = *s++; + *p++ = *s; + /* Null string to repeat the realm. */ + *p++ = '\0'; + + PUTLONG(creds->issue_date, p); + { + unsigned int endTime; + endTime = (unsigned int) krb_life_to_time(creds->issue_date, + creds->lifetime); + PUTLONG(endTime, p); + } + + memcpy(p, &creds->session, sizeof(creds->session)); + p += sizeof(creds->session); + + PUTSHORT(creds->kvno, p); + PUTLONG(creds->ticket_st.length, p); + + memcpy(p, creds->ticket_st.dat, creds->ticket_st.length); + p += creds->ticket_st.length; + len = p - temp; - return(uuencode(temp, len, buf)); + return (uuencode(temp, len, buf)); } -int radix_to_creds(const char *buf, CREDENTIALS *creds) +int +radix_to_creds(const char *buf, CREDENTIALS *creds) { - char *p; - int len, tl; - char version; - char temp[2048]; - - if (!(len = uudecode(buf, temp, sizeof(temp)))) - return 0; - - p = temp; - - /* check version and length! */ - if (len < 1) return 0; - version = *p; p++; len--; - - GETSTRING(creds->service, p, len); - GETSTRING(creds->instance, p, len); - GETSTRING(creds->realm, p, len); - - GETSTRING(creds->pname, p, len); - GETSTRING(creds->pinst, p, len); - /* Ignore possibly different realm. */ - while (*p && len) p++, len--; - if (len == 0) return 0; - p++, len--; - - /* Enough space for remaining fixed-length parts? */ - if (len < (4 + 4 + sizeof(creds->session) + 2 + 4)) - return 0; - - GETLONG(creds->issue_date,p); - len -= 4; - { - unsigned int endTime; - GETLONG(endTime,p); - len -= 4; - creds->lifetime = krb_time_to_life(creds->issue_date, endTime); - } - - memcpy(&creds->session, p, sizeof(creds->session)); - p += sizeof(creds->session); - len -= sizeof(creds->session); - - GETSHORT(creds->kvno,p); - len -= 2; - GETLONG(creds->ticket_st.length,p); - len -= 4; - - tl = creds->ticket_st.length; - if (tl < 0 || tl > len || tl > sizeof(creds->ticket_st.dat)) - return 0; - - memcpy(creds->ticket_st.dat, p, tl); - p += tl; - len -= tl; - - return 1; -} + char *p; + int len, tl; + char version; + char temp[2048]; + + if (!(len = uudecode(buf, temp, sizeof(temp)))) + return 0; + + p = temp; + + /* check version and length! */ + if (len < 1) + return 0; + version = *p; + p++; + len--; + + GETSTRING(creds->service, p, len); + GETSTRING(creds->instance, p, len); + GETSTRING(creds->realm, p, len); + + GETSTRING(creds->pname, p, len); + GETSTRING(creds->pinst, p, len); + /* Ignore possibly different realm. */ + while (*p && len) + p++, len--; + if (len == 0) + return 0; + p++, len--; + + /* Enough space for remaining fixed-length parts? */ + if (len < (4 + 4 + sizeof(creds->session) + 2 + 4)) + return 0; + + GETLONG(creds->issue_date, p); + len -= 4; + { + unsigned int endTime; + GETLONG(endTime, p); + len -= 4; + creds->lifetime = krb_time_to_life(creds->issue_date, endTime); + } + + memcpy(&creds->session, p, sizeof(creds->session)); + p += sizeof(creds->session); + len -= sizeof(creds->session); + + GETSHORT(creds->kvno, p); + len -= 2; + GETLONG(creds->ticket_st.length, p); + len -= 4; + + tl = creds->ticket_st.length; + if (tl < 0 || tl > len || tl > sizeof(creds->ticket_st.dat)) + return 0; + + memcpy(creds->ticket_st.dat, p, tl); + p += tl; + len -= tl; + return 1; +} #endif /* AFS */ Index: usr.bin/ssh/random.c =================================================================== RCS file: random.c diff -N random.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsKOxvx31367 Wed Dec 8 12:42:08 1999 @@ -0,0 +1,370 @@ +/* Note: file is included because gmp uses functions that use random in its + primality testing functions. //ylo */ + +/* + * Copyright (c) 1983 Regents of the University of California. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +static char sccsid[] = "@(#)random.c 5.9 (Berkeley) 2/23/91"; +#endif /* LIBC_SCCS and not lint */ + +#include +#include +#include + +/* + * random.c: + * + * An improved random number generation package. In addition to the standard + * rand()/srand() like interface, this package also has a special state info + * interface. The initstate() routine is called with a seed, an array of + * bytes, and a count of how many bytes are being passed in; this array is + * then initialized to contain information for random number generation with + * that much state information. Good sizes for the amount of state + * information are 32, 64, 128, and 256 bytes. The state can be switched by + * calling the setstate() routine with the same array as was initiallized + * with initstate(). By default, the package runs with 128 bytes of state + * information and generates far better random numbers than a linear + * congruential generator. If the amount of state information is less than + * 32 bytes, a simple linear congruential R.N.G. is used. + * + * Internally, the state information is treated as an array of longs; the + * zeroeth element of the array is the type of R.N.G. being used (small + * integer); the remainder of the array is the state information for the + * R.N.G. Thus, 32 bytes of state information will give 7 longs worth of + * state information, which will allow a degree seven polynomial. (Note: + * the zeroeth word of state information also has some other information + * stored in it -- see setstate() for details). + * + * The random number generation technique is a linear feedback shift register + * approach, employing trinomials (since there are fewer terms to sum up that + * way). In this approach, the least significant bit of all the numbers in + * the state table will act as a linear feedback shift register, and will + * have period 2^deg - 1 (where deg is the degree of the polynomial being + * used, assuming that the polynomial is irreducible and primitive). The + * higher order bits will have longer periods, since their values are also + * influenced by pseudo-random carries out of the lower bits. The total + * period of the generator is approximately deg*(2**deg - 1); thus doubling + * the amount of state information has a vast influence on the period of the + * generator. Note: the deg*(2**deg - 1) is an approximation only good for + * large deg, when the period of the shift register is the dominant factor. + * With deg equal to seven, the period is actually much longer than the + * 7*(2**7 - 1) predicted by this formula. + */ + +/* + * For each of the currently supported random number generators, we have a + * break value on the amount of state information (you need at least this + * many bytes of state info to support this random number generator), a degree + * for the polynomial (actually a trinomial) that the R.N.G. is based on, and + * the separation between the two lower order coefficients of the trinomial. + */ +#define TYPE_0 0 /* linear congruential */ +#define BREAK_0 8 +#define DEG_0 0 +#define SEP_0 0 + +#define TYPE_1 1 /* x**7 + x**3 + 1 */ +#define BREAK_1 32 +#define DEG_1 7 +#define SEP_1 3 + +#define TYPE_2 2 /* x**15 + x + 1 */ +#define BREAK_2 64 +#define DEG_2 15 +#define SEP_2 1 + +#define TYPE_3 3 /* x**31 + x**3 + 1 */ +#define BREAK_3 128 +#define DEG_3 31 +#define SEP_3 3 + +#define TYPE_4 4 /* x**63 + x + 1 */ +#define BREAK_4 256 +#define DEG_4 63 +#define SEP_4 1 + +/* + * Array versions of the above information to make code run faster -- + * relies on fact that TYPE_i == i. + */ +#define MAX_TYPES 5 /* max number of types above */ + +static int degrees[MAX_TYPES] = { DEG_0, DEG_1, DEG_2, DEG_3, DEG_4 }; +static int seps [MAX_TYPES] = { SEP_0, SEP_1, SEP_2, SEP_3, SEP_4 }; + +/* + * Initially, everything is set up as if from: + * + * initstate(1, &randtbl, 128); + * + * Note that this initialization takes advantage of the fact that srandom() + * advances the front and rear pointers 10*rand_deg times, and hence the + * rear pointer which starts at 0 will also end up at zero; thus the zeroeth + * element of the state information, which contains info about the current + * position of the rear pointer is just + * + * MAX_TYPES * (rptr - state) + TYPE_3 == TYPE_3. + */ + +static long randtbl[DEG_3 + 1] = { + TYPE_3, + 0x9a319039, 0x32d9c024, 0x9b663182, 0x5da1f342, 0xde3b81e0, 0xdf0a6fb5, + 0xf103bc02, 0x48f340fb, 0x7449e56b, 0xbeb1dbb0, 0xab5c5918, 0x946554fd, + 0x8c2e680f, 0xeb3d799f, 0xb11ee0b7, 0x2d436b86, 0xda672e2a, 0x1588ca88, + 0xe369735d, 0x904f35f7, 0xd7158fd6, 0x6fa6f051, 0x616e6b96, 0xac94efdc, + 0x36413f93, 0xc622c298, 0xf5a42ab8, 0x8a88d77b, 0xf5ad9d0e, 0x8999220b, + 0x27fb47b9, +}; + +/* + * fptr and rptr are two pointers into the state info, a front and a rear + * pointer. These two pointers are always rand_sep places aparts, as they + * cycle cyclically through the state information. (Yes, this does mean we + * could get away with just one pointer, but the code for random() is more + * efficient this way). The pointers are left positioned as they would be + * from the call + * + * initstate(1, randtbl, 128); + * + * (The position of the rear pointer, rptr, is really 0 (as explained above + * in the initialization of randtbl) because the state table pointer is set + * to point to randtbl[1] (as explained below). + */ +static long *fptr = &randtbl[SEP_3 + 1]; +static long *rptr = &randtbl[1]; + +/* + * The following things are the pointer to the state information table, the + * type of the current generator, the degree of the current polynomial being + * used, and the separation between the two pointers. Note that for efficiency + * of random(), we remember the first location of the state information, not + * the zeroeth. Hence it is valid to access state[-1], which is used to + * store the type of the R.N.G. Also, we remember the last location, since + * this is more efficient than indexing every time to find the address of + * the last element to see if the front and rear pointers have wrapped. + */ +static long *state = &randtbl[1]; +static int rand_type = TYPE_3; +static int rand_deg = DEG_3; +static int rand_sep = SEP_3; +static long *end_ptr = &randtbl[DEG_3 + 1]; + +long random(); + +/* + * srandom: + * + * Initialize the random number generator based on the given seed. If the + * type is the trivial no-state-information type, just remember the seed. + * Otherwise, initializes state[] based on the given "seed" via a linear + * congruential generator. Then, the pointers are set to known locations + * that are exactly rand_sep places apart. Lastly, it cycles the state + * information a given number of times to get rid of any initial dependencies + * introduced by the L.C.R.N.G. Note that the initialization of randtbl[] + * for default usage relies on values produced by this routine. + */ +void +srandom(x) + u_int x; +{ + register int i, j; + + if (rand_type == TYPE_0) + state[0] = x; + else { + j = 1; + state[0] = x; + for (i = 1; i < rand_deg; i++) + state[i] = 1103515245 * state[i - 1] + 12345; + fptr = &state[rand_sep]; + rptr = &state[0]; + for (i = 0; i < 10 * rand_deg; i++) + (void)random(); + } +} + +/* + * initstate: + * + * Initialize the state information in the given array of n bytes for future + * random number generation. Based on the number of bytes we are given, and + * the break values for the different R.N.G.'s, we choose the best (largest) + * one we can and set things up for it. srandom() is then called to + * initialize the state information. + * + * Note that on return from srandom(), we set state[-1] to be the type + * multiplexed with the current value of the rear pointer; this is so + * successive calls to initstate() won't lose this information and will be + * able to restart with setstate(). + * + * Note: the first thing we do is save the current state, if any, just like + * setstate() so that it doesn't matter when initstate is called. + * + * Returns a pointer to the old state. + */ +char * +initstate(seed, arg_state, n) + u_int seed; /* seed for R.N.G. */ + char *arg_state; /* pointer to state array */ + int n; /* # bytes of state info */ +{ + register char *ostate = (char *)(&state[-1]); + + if (rand_type == TYPE_0) + state[-1] = rand_type; + else + state[-1] = MAX_TYPES * (rptr - state) + rand_type; + if (n < BREAK_0) { + (void)fprintf(stderr, + "random: not enough state (%d bytes); ignored.\n", n); + return(0); + } + if (n < BREAK_1) { + rand_type = TYPE_0; + rand_deg = DEG_0; + rand_sep = SEP_0; + } else if (n < BREAK_2) { + rand_type = TYPE_1; + rand_deg = DEG_1; + rand_sep = SEP_1; + } else if (n < BREAK_3) { + rand_type = TYPE_2; + rand_deg = DEG_2; + rand_sep = SEP_2; + } else if (n < BREAK_4) { + rand_type = TYPE_3; + rand_deg = DEG_3; + rand_sep = SEP_3; + } else { + rand_type = TYPE_4; + rand_deg = DEG_4; + rand_sep = SEP_4; + } + state = &(((long *)arg_state)[1]); /* first location */ + end_ptr = &state[rand_deg]; /* must set end_ptr before srandom */ + srandom(seed); + if (rand_type == TYPE_0) + state[-1] = rand_type; + else + state[-1] = MAX_TYPES*(rptr - state) + rand_type; + return(ostate); +} + +/* + * setstate: + * + * Restore the state from the given state array. + * + * Note: it is important that we also remember the locations of the pointers + * in the current state information, and restore the locations of the pointers + * from the old state information. This is done by multiplexing the pointer + * location into the zeroeth word of the state information. + * + * Note that due to the order in which things are done, it is OK to call + * setstate() with the same state as the current state. + * + * Returns a pointer to the old state information. + */ +char * +setstate(arg_state) + char *arg_state; +{ + register long *new_state = (long *)arg_state; + register int type = new_state[0] % MAX_TYPES; + register int rear = new_state[0] / MAX_TYPES; + char *ostate = (char *)(&state[-1]); + + if (rand_type == TYPE_0) + state[-1] = rand_type; + else + state[-1] = MAX_TYPES * (rptr - state) + rand_type; + switch(type) { + case TYPE_0: + case TYPE_1: + case TYPE_2: + case TYPE_3: + case TYPE_4: + rand_type = type; + rand_deg = degrees[type]; + rand_sep = seps[type]; + break; + default: + (void)fprintf(stderr, + "random: state info corrupted; not changed.\n"); + } + state = &new_state[1]; + if (rand_type != TYPE_0) { + rptr = &state[rear]; + fptr = &state[(rear + rand_sep) % rand_deg]; + } + end_ptr = &state[rand_deg]; /* set end_ptr too */ + return(ostate); +} + +/* + * random: + * + * If we are using the trivial TYPE_0 R.N.G., just do the old linear + * congruential bit. Otherwise, we do our fancy trinomial stuff, which is + * the same in all the other cases due to all the global variables that have + * been set up. The basic operation is to add the number at the rear pointer + * into the one at the front pointer. Then both pointers are advanced to + * the next location cyclically in the table. The value returned is the sum + * generated, reduced to 31 bits by throwing away the "least random" low bit. + * + * Note: the code takes advantage of the fact that both the front and + * rear pointers can't wrap on the same call by not testing the rear + * pointer if the front one has wrapped. + * + * Returns a 31-bit random number. + */ +long +random() +{ + long i; + + if (rand_type == TYPE_0) + i = state[0] = (state[0] * 1103515245 + 12345) & 0x7fffffff; + else { + *fptr += *rptr; + i = (*fptr >> 1) & 0x7fffffff; /* chucking least random bit */ + if (++fptr >= end_ptr) { + fptr = state; + ++rptr; + } else if (++rptr >= end_ptr) + rptr = state; + } + return(i); +} + Index: usr.bin/ssh/randoms.c =================================================================== RCS file: randoms.c diff -N randoms.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsGHFzS31367 Wed Dec 8 12:42:09 1999 @@ -0,0 +1,365 @@ +/* + +random.c + +Author: Tatu Ylonen + +Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + All rights reserved + +Created: Sat Mar 4 14:55:57 1995 ylo + +Cryptographically strong random number generation. + +*/ + +#include "includes.h" +RCSID("$Id: randoms.c,v 1.2 1999/09/28 04:45:36 provos dead $"); + +#include "randoms.h" +#include "getput.h" +#include "ssh_md5.h" + +#ifdef HAVE_GETRUSAGE +#include +#ifdef HAVE_RUSAGE_H +#include +#endif /* HAVE_RUSAGE_H */ +#endif /* HAVE_GETRUSAGE */ + +#ifdef HAVE_TIMES +#include +#endif /* HAVE_TIMES */ + +/* Initializes the random number generator, loads any random information + from the given file, and acquires as much environmental noise as it + can to initialize the random number generator. More noise can be + acquired later by calling random_add_noise + random_stir, or by + calling random_get_environmental_noise again later when the environmental + situation has changed. */ + +void random_initialize(RandomState *state, const char *filename) +{ + char buf[8192]; + int f, bytes; + + state->add_position = 0; + state->next_available_byte = sizeof(state->stir_key); + + /* This isn't strictly necessary, but will keep programs like 3rd degree or + purify silent. */ + memset(state, 0, sizeof(state)); + + /* Get noise from the file. */ + random_add_noise(state, filename, strlen(filename)); /* Use the path. */ + f = open(filename, O_RDONLY); + if (f >= 0) + { + state->state[0] += f; + bytes = read(f, buf, sizeof(buf)); + close(f); + if (bytes > 0) + random_add_noise(state, buf, bytes); + memset(buf, 0, sizeof(buf)); + } + else + { + /* Get all possible noise since we have no seed. */ + random_acquire_environmental_noise(state); + random_save(state, filename); + } + + /* Get easily available noise from the environment. */ + random_acquire_light_environmental_noise(state); +} + +void random_xor_noise(RandomState *state, unsigned int i, word32 value) +{ + value ^= GET_32BIT(state->state + 4 * i); + PUT_32BIT(state->state + 4 * i, value); +} + +/* Acquires as much environmental noise as it can. This is probably quite + sufficient on a unix machine, but might be grossly inadequate on a + single-user PC or a Macintosh. + + We test the elapsed real time after each command, and abort if we have + consumed over 30 seconds. */ + +void random_acquire_environmental_noise(RandomState *state) +{ + time_t start_time; + + /* Record the start time. */ + start_time = time(NULL); + + /* Run these first so that other statistics accumulate from these. We stop + collecting more noise when we have spent 30 seconds real time; on a large + system a single executed command is probably enough, whereas on small + systems we must use all possible noise sources. */ + random_get_noise_from_command(state, "ps laxww 2>/dev/null"); + if (time(NULL) - start_time < 30) + random_get_noise_from_command(state, "ps -al 2>/dev/null"); + if (time(NULL) - start_time < 30) + random_get_noise_from_command(state, "ls -alni /tmp/. 2>/dev/null"); + if (time(NULL) - start_time < 30) + random_get_noise_from_command(state, "w 2>/dev/null"); + if (time(NULL) - start_time < 30) + random_get_noise_from_command(state, "netstat -s 2>/dev/null"); + if (time(NULL) - start_time < 30) + random_get_noise_from_command(state, "netstat -an 2>/dev/null"); + if (time(NULL) - start_time < 30) + random_get_noise_from_command(state, "netstat -in 2>/dev/null"); + + /* Get other easily available noise. */ + random_acquire_light_environmental_noise(state); +} + +/* Acquires easily available environmental noise. */ + +void random_acquire_light_environmental_noise(RandomState *state) +{ + int f; + char buf[32]; + int len; + + /* If /dev/random is available, read some data from there in non-blocking + mode and mix it into the pool. */ + f = open("/dev/random", O_RDONLY); + if (f >= 0) + { + /* Set the descriptor into non-blocking mode. */ +#if defined(O_NONBLOCK) && !defined(O_NONBLOCK_BROKEN) + fcntl(f, F_SETFL, O_NONBLOCK); +#else /* O_NONBLOCK && !O_NONBLOCK_BROKEN */ + fcntl(f, F_SETFL, O_NDELAY); +#endif /* O_NONBLOCK && !O_NONBLOCK_BROKEN */ + len = read(f, buf, sizeof(buf)); + close(f); + if (len > 0) + random_add_noise(state, buf, len); + } + + /* Get miscellaneous noise from various system parameters and statistics. */ + random_xor_noise(state, + (unsigned int)(state->state[0] + 256*state->state[1]) % + (RANDOM_STATE_BYTES / 4), + (word32)time(NULL)); + +#ifdef HAVE_GETTIMEOFDAY + { + struct timeval tv; + gettimeofday(&tv, NULL); + random_xor_noise(state, 0, (word32)tv.tv_usec); + random_xor_noise(state, 1, (word32)tv.tv_sec); +#ifdef HAVE_CLOCK + random_xor_noise(state, 3, (word32)clock()); +#endif /* HAVE_CLOCK */ + } +#endif /* HAVE_GETTIMEOFDAY */ +#ifdef HAVE_TIMES + { + struct tms tm; + random_xor_noise(state, 2, (word32)times(&tm)); + random_xor_noise(state, 4, (word32)(tm.tms_utime ^ (tm.tms_stime << 8) ^ + (tm.tms_cutime << 16) ^ + (tm.tms_cstime << 24))); + } +#endif /* HAVE_TIMES */ +#ifdef HAVE_GETRUSAGE + { + struct rusage ru, cru; + getrusage(RUSAGE_SELF, &ru); + getrusage(RUSAGE_CHILDREN, &cru); + random_xor_noise(state, 0, (word32)(ru.ru_utime.tv_usec + + cru.ru_utime.tv_usec)); + random_xor_noise(state, 2, (word32)(ru.ru_stime.tv_usec + + cru.ru_stime.tv_usec)); + random_xor_noise(state, 5, (word32)(ru.ru_maxrss + cru.ru_maxrss)); + random_xor_noise(state, 6, (word32)(ru.ru_ixrss + cru.ru_ixrss)); + random_xor_noise(state, 7, (word32)(ru.ru_idrss + cru.ru_idrss)); + random_xor_noise(state, 8, (word32)(ru.ru_minflt + cru.ru_minflt)); + random_xor_noise(state, 9, (word32)(ru.ru_majflt + cru.ru_majflt)); + random_xor_noise(state, 10, (word32)(ru.ru_nswap + cru.ru_nswap)); + random_xor_noise(state, 11, (word32)(ru.ru_inblock + cru.ru_inblock)); + random_xor_noise(state, 12, (word32)(ru.ru_oublock + cru.ru_oublock)); + random_xor_noise(state, 13, (word32)((ru.ru_msgsnd ^ ru.ru_msgrcv ^ + ru.ru_nsignals) + + (cru.ru_msgsnd ^ cru.ru_msgrcv ^ + cru.ru_nsignals))); + random_xor_noise(state, 14, (word32)(ru.ru_nvcsw + cru.ru_nvcsw)); + random_xor_noise(state, 15, (word32)(ru.ru_nivcsw + cru.ru_nivcsw)); + } +#endif /* HAVE_GETRUSAGE */ + random_xor_noise(state, 11, (word32)getpid()); + random_xor_noise(state, 12, (word32)getppid()); + random_xor_noise(state, 10, (word32)getuid()); + random_xor_noise(state, 10, (word32)(getgid() << 16)); +#ifdef _POSIX_CHILD_MAX + random_xor_noise(state, 13, (word32)(_POSIX_CHILD_MAX << 16)); +#endif /* _POSIX_CHILD_MAX */ +#ifdef CLK_TCK + random_xor_noise(state, 14, (word32)(CLK_TCK << 16)); +#endif /* CLK_TCK */ + + random_stir(state); +} + +/* Executes the given command, and processes its output as noise. */ + +void random_get_noise_from_command(RandomState *state, const char *cmd) +{ +#ifdef HAVE_POPEN + char line[1000]; + FILE *f; + + f = popen(cmd, "r"); + if (!f) + return; + while (fgets(line, sizeof(line), f)) + random_add_noise(state, line, strlen(line)); + pclose(f); + memset(line, 0, sizeof(line)); +#endif /* HAVE_POPEN */ +} + +/* Adds the contents of the buffer as noise. */ + +void random_add_noise(RandomState *state, const void *buf, unsigned int bytes) +{ + unsigned int pos = state->add_position; + const char *input = buf; + while (bytes > 0) + { + if (pos >= RANDOM_STATE_BYTES) + { + pos = 0; + random_stir(state); + } + state->state[pos] ^= *input; + input++; + bytes--; + pos++; + } + state->add_position = pos; +} + +/* Stirs the random pool to consume any newly acquired noise or to get more + random numbers. + + This works by encrypting the data in the buffer in CFB mode with MD5 as + the cipher. */ + +void random_stir(RandomState *state) +{ + uint32 iv[4]; + unsigned int i; + + /* Start IV from last block of random pool. */ + iv[0] = GET_32BIT(state->state); + iv[1] = GET_32BIT(state->state + 4); + iv[2] = GET_32BIT(state->state + 8); + iv[3] = GET_32BIT(state->state + 12); + + /* First CFB pass. */ + for (i = 0; i < RANDOM_STATE_BYTES; i += 16) + { + MD5Transform(iv, state->stir_key); + iv[0] ^= GET_32BIT(state->state + i); + PUT_32BIT(state->state + i, iv[0]); + iv[1] ^= GET_32BIT(state->state + i + 4); + PUT_32BIT(state->state + i + 4, iv[1]); + iv[2] ^= GET_32BIT(state->state + i + 8); + PUT_32BIT(state->state + i + 8, iv[2]); + iv[3] ^= GET_32BIT(state->state + i + 12); + PUT_32BIT(state->state + i + 12, iv[3]); + } + + /* Get new key. */ + memcpy(state->stir_key, state->state, sizeof(state->stir_key)); + + /* Second CFB pass. */ + for (i = 0; i < RANDOM_STATE_BYTES; i += 16) + { + MD5Transform(iv, state->stir_key); + iv[0] ^= GET_32BIT(state->state + i); + PUT_32BIT(state->state + i, iv[0]); + iv[1] ^= GET_32BIT(state->state + i + 4); + PUT_32BIT(state->state + i + 4, iv[1]); + iv[2] ^= GET_32BIT(state->state + i + 8); + PUT_32BIT(state->state + i + 8, iv[2]); + iv[3] ^= GET_32BIT(state->state + i + 12); + PUT_32BIT(state->state + i + 12, iv[3]); + } + + memset(iv, 0, sizeof(iv)); + + state->add_position = 0; + + /* Some data in the beginning is not returned to aboid giving an observer + complete knowledge of the contents of our random pool. */ + state->next_available_byte = sizeof(state->stir_key); +} + +/* Returns a random byte. Stirs the random pool if necessary. Acquires + new environmental noise approximately every five minutes. */ + +unsigned int random_get_byte(RandomState *state) +{ + if (state->next_available_byte >= RANDOM_STATE_BYTES) + { + /* Get some easily available noise. More importantly, this stirs + the pool. */ + random_acquire_light_environmental_noise(state); + } + assert(state->next_available_byte < RANDOM_STATE_BYTES); + return state->state[state->next_available_byte++]; +} + +/* Saves random data in a disk file. This is used to create a file that + can be used as a random seed on future runs. Only half of the random + data in our pool is written to the file to avoid an observer being + able to deduce the contents of our random pool from the file. */ + +void random_save(RandomState *state, const char *filename) +{ + char buf[RANDOM_STATE_BYTES / 2]; /* Save only half of its bits. */ + int i, f; + + /* Get some environmental noise to make it harder to predict previous + values from saved bits (besides, we have now probably consumed some + resources so the noise may be really useful). This also stirs + the pool. */ + random_acquire_light_environmental_noise(state); + + /* Get as many bytes as is half the size of the pool. I am assuming + this will get enough randomness for it to be very useful, but will + not reveal enough to make it possible to determine previous or future + returns by the generator. */ + for (i = 0; i < sizeof(buf); i++) + buf[i] = random_get_byte(state); + + /* Again get a little noise and stir it to mix the unrevealed half with + those bits that have been saved to a file. There should be enough + unrevealed bits (plus the new noise) to make it infeasible to try to + guess future values from the saved bits. */ + random_acquire_light_environmental_noise(state); + + /* Create and write the file. Failure to create the file is silently + ignored. */ + f = open(filename, O_WRONLY|O_CREAT|O_TRUNC, 0600); + if (f >= 0) + { + /* Creation successful. Write data to the file. */ + write(f, buf, sizeof(buf)); + close(f); + } + memset(buf, 0, sizeof(buf)); +} + +/* Clears the random number generator data structures. */ + +void random_clear(RandomState *state) +{ + memset(state, 0, sizeof(*state)); +} Index: usr.bin/ssh/randoms.h =================================================================== RCS file: randoms.h diff -N randoms.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsBkDDj31367 Wed Dec 8 12:42:09 1999 @@ -0,0 +1,77 @@ +/* + +random.h + +Author: Tatu Ylonen + +Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + All rights reserved + +Created: Sat Mar 4 14:49:05 1995 ylo + +Cryptographically strong random number generator. + +*/ + +/* RCSID("$Id: randoms.h,v 1.2 1999/09/28 04:45:36 provos dead $"); */ + +#ifndef RANDOM_H +#define RANDOM_H + +#include "ssh_md5.h" + +#define RANDOM_STATE_BITS 8192 +#define RANDOM_STATE_BYTES (RANDOM_STATE_BITS / 8) + +/* Structure for the random state. */ +typedef struct +{ + unsigned char state[RANDOM_STATE_BYTES];/* Pool of random data. */ + unsigned char stir_key[64]; /* Extra data for next stirring. */ + unsigned int next_available_byte; /* Index of next available byte. */ + unsigned int add_position; /* Index to add noise. */ +} RandomState; + +/* Initializes the random number generator, loads any random information + from the given file, and acquires as much environmental noise as it + can to initialize the random number generator. More noise can be + acquired later by calling random_add_noise + random_stir, or by + calling random_get_environmental_noise again later when the environmental + situation has changed. */ +void random_initialize(RandomState *state, const char *filename); + +/* Acquires as much environmental noise as it can. This is probably quite + sufficient on a unix machine, but might be grossly inadequate on a + single-user PC or a Macintosh. This call random_stir automatically. + This call may take many seconds to complete on a busy system. */ +void random_acquire_environmental_noise(RandomState *state); + +/* Acquires easily available noise from the environment. */ +void random_acquire_light_environmental_noise(RandomState *state); + +/* Executes the given command, and processes its output as noise. + random_stir should be called after this. */ +void random_get_noise_from_command(RandomState *state, const char *cmd); + +/* Adds the contents of the buffer as noise. random_stir should be called + after this. */ +void random_add_noise(RandomState *state, const void *buf, unsigned int bytes); + +/* Stirs the random pool to consume any newly acquired noise or to get more + random numbers. This should be called after adding noise to properly + mix the noise into the random pool. */ +void random_stir(RandomState *state); + +/* Returns a random byte. Stirs the random pool if necessary. Acquires + new environmental noise approximately every five minutes. */ +unsigned int random_get_byte(RandomState *state); + +/* Saves some random bits in the file so that it can be used as a source + of randomness for later runs. */ +void random_save(RandomState *state, const char *filename); + +/* Zeroes and frees any data structures associated with the random number + generator. */ +void random_clear(RandomState *state); + +#endif /* RANDOM_H */ Index: usr.bin/ssh/rc4.c =================================================================== RCS file: rc4.c diff -N rc4.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvswrVDr31367 Wed Dec 8 12:42:09 1999 @@ -0,0 +1,72 @@ +/* + +Alleged RC4 (based on the Usenet posting in Spring-95) + +*/ + +#include "includes.h" +RCSID("$Id: rc4.c,v 1.2 1999/09/30 17:08:43 deraadt dead $"); + +#include "rc4.h" + +void rc4_init(RC4Context *ctx, const unsigned char *key, unsigned int key_len) +{ + unsigned int t, u; + unsigned int keyindex; + unsigned int stateindex; + unsigned char* state; + unsigned int counter; + + assert(key_len > 0); + + state = &ctx->state[0]; + ctx->x = 0; + ctx->y = 0; + for (counter = 0; counter < 256; counter++) + state[counter] = counter; + keyindex = 0; + stateindex = 0; + for (counter = 0; counter < 256; counter++) + { + t = state[counter]; + stateindex = (stateindex + key[keyindex] + t) & 0xff; + u = state[stateindex]; + state[stateindex] = t; + state[counter] = u; + if (++keyindex >= key_len) + keyindex = 0; + } +} + +inline unsigned int rc4_byte(RC4Context *ctx) +{ + unsigned int x; + unsigned int y; + unsigned int sx, sy; + unsigned char *state; + + state = ctx->state; + x = (ctx->x + 1) & 0xff; + sx = state[x]; + y = (sx + ctx->y) & 0xff; + sy = state[y]; + ctx->x = x; + ctx->y = y; + state[y] = sx; + state[x] = sy; + return state[(sx + sy) & 0xff]; +} + +void rc4_encrypt(RC4Context *ctx, unsigned char *dest, + const unsigned char *src, unsigned int len) +{ + unsigned int i; + for (i = 0; i < len; i++) + dest[i] = src[i] ^ rc4_byte(ctx); +} + +void rc4_decrypt(RC4Context *ctx, unsigned char *dest, + const unsigned char *src, unsigned int len) +{ + rc4_encrypt(ctx, dest, src, len); +} Index: usr.bin/ssh/rc4.h =================================================================== RCS file: rc4.h diff -N rc4.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsWwPni31367 Wed Dec 8 12:42:09 1999 @@ -0,0 +1,34 @@ +/* + +Alleged RC4 (based on the Usenet posting in Spring-95) + +*/ + +/* RCSID("$Id: rc4.h,v 1.2 1999/09/30 17:08:43 deraadt dead $"); */ + +#ifndef RC4_H +#define RC4_H + +typedef struct +{ + unsigned int x; + unsigned int y; + unsigned char state[256]; +} RC4Context; + +/* Initializes the context and sets the key. */ +void rc4_init(RC4Context *ctx, const unsigned char *key, unsigned int keylen); + +/* Returns the next pseudo-random byte from the RC4 (pseudo-random generator) + stream. */ +unsigned int rc4_byte(RC4Context *ctx); + +/* Encrypts data. */ +void rc4_encrypt(RC4Context *ctx, unsigned char *dest, + const unsigned char *src, unsigned int len); + +/* Decrypts data. */ +void rc4_decrypt(RC4Context *ctx, unsigned char *dest, + const unsigned char *src, unsigned int len); + +#endif /* RC4_H */ Index: usr.bin/ssh/readconf.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/readconf.c,v retrieving revision 1.12 retrieving revision 1.22 diff -u -r1.12 -r1.22 --- usr.bin/ssh/readconf.c 1999/10/15 21:39:02 1.12 +++ usr.bin/ssh/readconf.c 1999/12/01 13:59:15 1.22 @@ -1,20 +1,20 @@ /* + * + * readconf.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sat Apr 22 00:03:10 1995 ylo + * + * Functions for reading the configuration files. + * + */ -readconf.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Apr 22 00:03:10 1995 ylo - -Functions for reading the configuration files. - -*/ - #include "includes.h" -RCSID("$Id: readconf.c,v 1.12 1999/10/15 21:39:02 markus Exp $"); +RCSID("$Id: readconf.c,v 1.22 1999/12/01 13:59:15 markus Exp $"); #include "ssh.h" #include "cipher.h" @@ -86,599 +86,623 @@ /* Keyword tokens. */ -typedef enum -{ - oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication, - oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh, +typedef enum { + oBadOption, + oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication, + oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh, + oSkeyAuthentication, #ifdef KRB4 - oKerberosAuthentication, + oKerberosAuthentication, #endif /* KRB4 */ #ifdef AFS - oKerberosTgtPassing, oAFSTokenPassing, + oKerberosTgtPassing, oAFSTokenPassing, #endif - oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, - oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, - oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, - oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, - oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication, - oUsePrivilegedPort + oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, + oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, + oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, + oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, + oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication, + oUsePrivilegedPort, oLogLevel } OpCodes; /* Textual representations of the tokens. */ -static struct -{ - const char *name; - OpCodes opcode; -} keywords[] = -{ - { "forwardagent", oForwardAgent }, - { "forwardx11", oForwardX11 }, - { "gatewayports", oGatewayPorts }, - { "useprivilegedport", oUsePrivilegedPort }, - { "rhostsauthentication", oRhostsAuthentication }, - { "passwordauthentication", oPasswordAuthentication }, - { "rsaauthentication", oRSAAuthentication }, +static struct { + const char *name; + OpCodes opcode; +} keywords[] = { + { "forwardagent", oForwardAgent }, + { "forwardx11", oForwardX11 }, + { "gatewayports", oGatewayPorts }, + { "useprivilegedport", oUsePrivilegedPort }, + { "rhostsauthentication", oRhostsAuthentication }, + { "passwordauthentication", oPasswordAuthentication }, + { "rsaauthentication", oRSAAuthentication }, + { "skeyauthentication", oSkeyAuthentication }, #ifdef KRB4 - { "kerberosauthentication", oKerberosAuthentication }, + { "kerberosauthentication", oKerberosAuthentication }, #endif /* KRB4 */ #ifdef AFS - { "kerberostgtpassing", oKerberosTgtPassing }, - { "afstokenpassing", oAFSTokenPassing }, + { "kerberostgtpassing", oKerberosTgtPassing }, + { "afstokenpassing", oAFSTokenPassing }, #endif - { "fallbacktorsh", oFallBackToRsh }, - { "usersh", oUseRsh }, - { "identityfile", oIdentityFile }, - { "hostname", oHostName }, - { "proxycommand", oProxyCommand }, - { "port", oPort }, - { "cipher", oCipher }, - { "remoteforward", oRemoteForward }, - { "localforward", oLocalForward }, - { "user", oUser }, - { "host", oHost }, - { "escapechar", oEscapeChar }, - { "rhostsrsaauthentication", oRhostsRSAAuthentication }, - { "globalknownhostsfile", oGlobalKnownHostsFile }, - { "userknownhostsfile", oUserKnownHostsFile }, - { "connectionattempts", oConnectionAttempts }, - { "batchmode", oBatchMode }, - { "checkhostip", oCheckHostIP }, - { "stricthostkeychecking", oStrictHostKeyChecking }, - { "compression", oCompression }, - { "compressionlevel", oCompressionLevel }, - { "keepalive", oKeepAlives }, - { "numberofpasswordprompts", oNumberOfPasswordPrompts }, - { "tisauthentication", oTISAuthentication }, - { NULL, 0 } + { "fallbacktorsh", oFallBackToRsh }, + { "usersh", oUseRsh }, + { "identityfile", oIdentityFile }, + { "hostname", oHostName }, + { "proxycommand", oProxyCommand }, + { "port", oPort }, + { "cipher", oCipher }, + { "remoteforward", oRemoteForward }, + { "localforward", oLocalForward }, + { "user", oUser }, + { "host", oHost }, + { "escapechar", oEscapeChar }, + { "rhostsrsaauthentication", oRhostsRSAAuthentication }, + { "globalknownhostsfile", oGlobalKnownHostsFile }, + { "userknownhostsfile", oUserKnownHostsFile }, + { "connectionattempts", oConnectionAttempts }, + { "batchmode", oBatchMode }, + { "checkhostip", oCheckHostIP }, + { "stricthostkeychecking", oStrictHostKeyChecking }, + { "compression", oCompression }, + { "compressionlevel", oCompressionLevel }, + { "keepalive", oKeepAlives }, + { "numberofpasswordprompts", oNumberOfPasswordPrompts }, + { "tisauthentication", oTISAuthentication }, + { "loglevel", oLogLevel }, + { NULL, 0 } }; /* Characters considered whitespace in strtok calls. */ #define WHITESPACE " \t\r\n" - -/* Adds a local TCP/IP port forward to options. Never returns if there - is an error. */ -void add_local_forward(Options *options, int port, const char *host, - int host_port) +/* + * Adds a local TCP/IP port forward to options. Never returns if there is an + * error. + */ + +void +add_local_forward(Options *options, u_short port, const char *host, + u_short host_port) { - Forward *fwd; - extern uid_t original_real_uid; - if ((port & 0xffff) != port) - fatal("Requested forwarding of nonexistent port %d.", port); - if (port < IPPORT_RESERVED && original_real_uid != 0) - fatal("Privileged ports can only be forwarded by root.\n"); - if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) - fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); - fwd = &options->local_forwards[options->num_local_forwards++]; - fwd->port = port; - fwd->host = xstrdup(host); - fwd->host_port = host_port; + Forward *fwd; + extern uid_t original_real_uid; + if (port < IPPORT_RESERVED && original_real_uid != 0) + fatal("Privileged ports can only be forwarded by root.\n"); + if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) + fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); + fwd = &options->local_forwards[options->num_local_forwards++]; + fwd->port = port; + fwd->host = xstrdup(host); + fwd->host_port = host_port; } -/* Adds a remote TCP/IP port forward to options. Never returns if there - is an error. */ - -void add_remote_forward(Options *options, int port, const char *host, - int host_port) +/* + * Adds a remote TCP/IP port forward to options. Never returns if there is + * an error. + */ + +void +add_remote_forward(Options *options, u_short port, const char *host, + u_short host_port) { - Forward *fwd; - if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) - fatal("Too many remote forwards (max %d).", - SSH_MAX_FORWARDS_PER_DIRECTION); - fwd = &options->remote_forwards[options->num_remote_forwards++]; - fwd->port = port; - fwd->host = xstrdup(host); - fwd->host_port = host_port; + Forward *fwd; + if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) + fatal("Too many remote forwards (max %d).", + SSH_MAX_FORWARDS_PER_DIRECTION); + fwd = &options->remote_forwards[options->num_remote_forwards++]; + fwd->port = port; + fwd->host = xstrdup(host); + fwd->host_port = host_port; } -/* Returns the number of the token pointed to by cp of length len. - Never returns if the token is not known. */ +/* + * Returns the number of the token pointed to by cp of length len. Never + * returns if the token is not known. + */ -static OpCodes parse_token(const char *cp, const char *filename, int linenum) +static OpCodes +parse_token(const char *cp, const char *filename, int linenum) { - unsigned int i; + unsigned int i; - for (i = 0; keywords[i].name; i++) - if (strcmp(cp, keywords[i].name) == 0) - return keywords[i].opcode; - - fatal("%.200s line %d: Bad configuration option.", - filename, linenum); - /*NOTREACHED*/ - return 0; + for (i = 0; keywords[i].name; i++) + if (strcasecmp(cp, keywords[i].name) == 0) + return keywords[i].opcode; + + fprintf(stderr, "%s: line %d: Bad configuration option: %s\n", + filename, linenum, cp); + return oBadOption; } - -/* Processes a single option line as used in the configuration files. - This only sets those values that have not already been set. */ -void process_config_line(Options *options, const char *host, - char *line, const char *filename, int linenum, - int *activep) +/* + * Processes a single option line as used in the configuration files. This + * only sets those values that have not already been set. + */ + +int +process_config_line(Options *options, const char *host, + char *line, const char *filename, int linenum, + int *activep) { - char buf[256], *cp, *string, **charptr; - int opcode, *intptr, value, fwd_port, fwd_host_port; - - /* Skip leading whitespace. */ - cp = line + strspn(line, WHITESPACE); - if (!*cp || *cp == '\n' || *cp == '#') - return; - - /* Get the keyword. (Each line is supposed to begin with a keyword). */ - cp = strtok(cp, WHITESPACE); - { - char *t = cp; - for (; *t != 0; t++) - if ('A' <= *t && *t <= 'Z') - *t = *t - 'A' + 'a'; /* tolower */ - - } - opcode = parse_token(cp, filename, linenum); - - switch (opcode) - { - - case oForwardAgent: - intptr = &options->forward_agent; - parse_flag: - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing yes/no argument.", filename, linenum); - value = 0; /* To avoid compiler warning... */ - if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0) - value = 1; - else if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0) - value = 0; - else - fatal("%.200s line %d: Bad yes/no argument.", filename, linenum); - if (*activep && *intptr == -1) - *intptr = value; - break; - - case oForwardX11: - intptr = &options->forward_x11; - goto parse_flag; - - case oGatewayPorts: - intptr = &options->gateway_ports; - goto parse_flag; - - case oUsePrivilegedPort: - intptr = &options->use_privileged_port; - goto parse_flag; - - case oRhostsAuthentication: - intptr = &options->rhosts_authentication; - goto parse_flag; - - case oPasswordAuthentication: - intptr = &options->password_authentication; - goto parse_flag; - - case oRSAAuthentication: - intptr = &options->rsa_authentication; - goto parse_flag; - - case oRhostsRSAAuthentication: - intptr = &options->rhosts_rsa_authentication; - goto parse_flag; + char buf[256], *cp, *string, **charptr, *cp2; + int opcode, *intptr, value; + u_short fwd_port, fwd_host_port; + + /* Skip leading whitespace. */ + cp = line + strspn(line, WHITESPACE); + if (!*cp || *cp == '\n' || *cp == '#') + return 0; + + /* Get the keyword. (Each line is supposed to begin with a keyword). */ + cp = strtok(cp, WHITESPACE); + opcode = parse_token(cp, filename, linenum); + + switch (opcode) { + case oBadOption: + /* don't panic, but count bad options */ + return -1; + /* NOTREACHED */ + case oForwardAgent: + intptr = &options->forward_agent; +parse_flag: + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing yes/no argument.", filename, linenum); + value = 0; /* To avoid compiler warning... */ + if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0) + value = 1; + else if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0) + value = 0; + else + fatal("%.200s line %d: Bad yes/no argument.", filename, linenum); + if (*activep && *intptr == -1) + *intptr = value; + break; + + case oForwardX11: + intptr = &options->forward_x11; + goto parse_flag; + + case oGatewayPorts: + intptr = &options->gateway_ports; + goto parse_flag; + + case oUsePrivilegedPort: + intptr = &options->use_privileged_port; + goto parse_flag; + + case oRhostsAuthentication: + intptr = &options->rhosts_authentication; + goto parse_flag; + + case oPasswordAuthentication: + intptr = &options->password_authentication; + goto parse_flag; + + case oRSAAuthentication: + intptr = &options->rsa_authentication; + goto parse_flag; + + case oRhostsRSAAuthentication: + intptr = &options->rhosts_rsa_authentication; + goto parse_flag; + + case oTISAuthentication: + /* fallthrough, there is no difference on the client side */ + case oSkeyAuthentication: + intptr = &options->skey_authentication; + goto parse_flag; #ifdef KRB4 - case oKerberosAuthentication: - intptr = &options->kerberos_authentication; - goto parse_flag; + case oKerberosAuthentication: + intptr = &options->kerberos_authentication; + goto parse_flag; #endif /* KRB4 */ #ifdef AFS - case oKerberosTgtPassing: - intptr = &options->kerberos_tgt_passing; - goto parse_flag; - - case oAFSTokenPassing: - intptr = &options->afs_token_passing; - goto parse_flag; + case oKerberosTgtPassing: + intptr = &options->kerberos_tgt_passing; + goto parse_flag; + + case oAFSTokenPassing: + intptr = &options->afs_token_passing; + goto parse_flag; #endif - - case oFallBackToRsh: - intptr = &options->fallback_to_rsh; - goto parse_flag; - - case oUseRsh: - intptr = &options->use_rsh; - goto parse_flag; - - case oBatchMode: - intptr = &options->batch_mode; - goto parse_flag; - - case oCheckHostIP: - intptr = &options->check_host_ip; - goto parse_flag; - - case oStrictHostKeyChecking: - intptr = &options->strict_host_key_checking; - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing yes/no argument.", - filename, linenum); - value = 0; /* To avoid compiler warning... */ - if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0) - value = 1; - else if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0) - value = 0; - else if (strcmp(cp, "ask") == 0) - value = 2; - else - fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum); - if (*activep && *intptr == -1) - *intptr = value; - break; - - case oCompression: - intptr = &options->compression; - goto parse_flag; - - case oKeepAlives: - intptr = &options->keepalives; - goto parse_flag; - - case oNumberOfPasswordPrompts: - intptr = &options->number_of_password_prompts; - goto parse_int; - - case oTISAuthentication: - cp = strtok(NULL, WHITESPACE); - if (cp != 0 && (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0)) - fprintf(stderr, - "%.99s line %d: Warning, TIS is not supported.\n", - filename, - linenum); - break; - - case oCompressionLevel: - intptr = &options->compression_level; - goto parse_int; - - case oIdentityFile: - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (*activep) - { - if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES) - fatal("%.200s line %d: Too many identity files specified (max %d).", - filename, linenum, SSH_MAX_IDENTITY_FILES); - options->identity_files[options->num_identity_files++] = xstrdup(cp); - } - break; - - case oUser: - charptr = &options->user; - parse_string: - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (*activep && *charptr == NULL) - *charptr = xstrdup(cp); - break; - - case oGlobalKnownHostsFile: - charptr = &options->system_hostfile; - goto parse_string; - - case oUserKnownHostsFile: - charptr = &options->user_hostfile; - goto parse_string; - - case oHostName: - charptr = &options->hostname; - goto parse_string; - - case oProxyCommand: - charptr = &options->proxy_command; - string = xstrdup(""); - while ((cp = strtok(NULL, WHITESPACE)) != NULL) - { - string = xrealloc(string, strlen(string) + strlen(cp) + 2); - strcat(string, " "); - strcat(string, cp); + + case oFallBackToRsh: + intptr = &options->fallback_to_rsh; + goto parse_flag; + + case oUseRsh: + intptr = &options->use_rsh; + goto parse_flag; + + case oBatchMode: + intptr = &options->batch_mode; + goto parse_flag; + + case oCheckHostIP: + intptr = &options->check_host_ip; + goto parse_flag; + + case oStrictHostKeyChecking: + intptr = &options->strict_host_key_checking; + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing yes/no argument.", + filename, linenum); + value = 0; /* To avoid compiler warning... */ + if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0) + value = 1; + else if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0) + value = 0; + else if (strcmp(cp, "ask") == 0) + value = 2; + else + fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum); + if (*activep && *intptr == -1) + *intptr = value; + break; + + case oCompression: + intptr = &options->compression; + goto parse_flag; + + case oKeepAlives: + intptr = &options->keepalives; + goto parse_flag; + + case oNumberOfPasswordPrompts: + intptr = &options->number_of_password_prompts; + goto parse_int; + + case oCompressionLevel: + intptr = &options->compression_level; + goto parse_int; + + case oIdentityFile: + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (*activep) { + if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES) + fatal("%.200s line %d: Too many identity files specified (max %d).", + filename, linenum, SSH_MAX_IDENTITY_FILES); + options->identity_files[options->num_identity_files++] = xstrdup(cp); + } + break; + + case oUser: + charptr = &options->user; +parse_string: + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (*activep && *charptr == NULL) + *charptr = xstrdup(cp); + break; + + case oGlobalKnownHostsFile: + charptr = &options->system_hostfile; + goto parse_string; + + case oUserKnownHostsFile: + charptr = &options->user_hostfile; + goto parse_string; + + case oHostName: + charptr = &options->hostname; + goto parse_string; + + case oProxyCommand: + charptr = &options->proxy_command; + string = xstrdup(""); + while ((cp = strtok(NULL, WHITESPACE)) != NULL) { + string = xrealloc(string, strlen(string) + strlen(cp) + 2); + strcat(string, " "); + strcat(string, cp); + } + if (*activep && *charptr == NULL) + *charptr = string; + else + xfree(string); + return 0; + + case oPort: + intptr = &options->port; +parse_int: + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (cp[0] < '0' || cp[0] > '9') + fatal("%.200s line %d: Bad number.", filename, linenum); + + /* Octal, decimal, or hex format? */ + value = strtol(cp, &cp2, 0); + if (cp == cp2) + fatal("%.200s line %d: Bad number.", filename, linenum); + if (*activep && *intptr == -1) + *intptr = value; + break; + + case oConnectionAttempts: + intptr = &options->connection_attempts; + goto parse_int; + + case oCipher: + intptr = &options->cipher; + cp = strtok(NULL, WHITESPACE); + value = cipher_number(cp); + if (value == -1) + fatal("%.200s line %d: Bad cipher '%s'.", + filename, linenum, cp ? cp : ""); + if (*activep && *intptr == -1) + *intptr = value; + break; + + case oLogLevel: + intptr = (int *) &options->log_level; + cp = strtok(NULL, WHITESPACE); + value = log_level_number(cp); + if (value == (LogLevel) - 1) + fatal("%.200s line %d: unsupported log level '%s'\n", + filename, linenum, cp ? cp : ""); + if (*activep && (LogLevel) * intptr == -1) + *intptr = (LogLevel) value; + break; + + case oRemoteForward: + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (cp[0] < '0' || cp[0] > '9') + fatal("%.200s line %d: Badly formatted port number.", + filename, linenum); + fwd_port = atoi(cp); + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing second argument.", + filename, linenum); + if (sscanf(cp, "%255[^:]:%hu", buf, &fwd_host_port) != 2) + fatal("%.200s line %d: Badly formatted host:port.", + filename, linenum); + if (*activep) + add_remote_forward(options, fwd_port, buf, fwd_host_port); + break; + + case oLocalForward: + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (cp[0] < '0' || cp[0] > '9') + fatal("%.200s line %d: Badly formatted port number.", + filename, linenum); + fwd_port = atoi(cp); + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing second argument.", + filename, linenum); + if (sscanf(cp, "%255[^:]:%hu", buf, &fwd_host_port) != 2) + fatal("%.200s line %d: Badly formatted host:port.", + filename, linenum); + if (*activep) + add_local_forward(options, fwd_port, buf, fwd_host_port); + break; + + case oHost: + *activep = 0; + while ((cp = strtok(NULL, WHITESPACE)) != NULL) + if (match_pattern(host, cp)) { + debug("Applying options for %.100s", cp); + *activep = 1; + break; + } + /* Avoid garbage check below, as strtok already returned NULL. */ + return 0; + + case oEscapeChar: + intptr = &options->escape_char; + cp = strtok(NULL, WHITESPACE); + if (!cp) + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (cp[0] == '^' && cp[2] == 0 && + (unsigned char) cp[1] >= 64 && (unsigned char) cp[1] < 128) + value = (unsigned char) cp[1] & 31; + else if (strlen(cp) == 1) + value = (unsigned char) cp[0]; + else if (strcmp(cp, "none") == 0) + value = -2; + else { + fatal("%.200s line %d: Bad escape character.", + filename, linenum); + /* NOTREACHED */ + value = 0; /* Avoid compiler warning. */ + } + if (*activep && *intptr == -1) + *intptr = value; + break; + + default: + fatal("process_config_line: Unimplemented opcode %d", opcode); } - if (*activep && *charptr == NULL) - *charptr = string; - else - xfree(string); - return; - - case oPort: - intptr = &options->port; - parse_int: - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (cp[0] < '0' || cp[0] > '9') - fatal("%.200s line %d: Bad number.", filename, linenum); -#if 0 - value = atoi(cp); -#else - { - char *ptr; - value = strtol(cp, &ptr, 0); /* Octal, decimal, or hex format? */ - if (cp == ptr) - fatal("%.200s line %d: Bad number.", filename, linenum); - } -#endif - if (*activep && *intptr == -1) - *intptr = value; - break; - - case oConnectionAttempts: - intptr = &options->connection_attempts; - goto parse_int; - - case oCipher: - intptr = &options->cipher; - cp = strtok(NULL, WHITESPACE); - value = cipher_number(cp); - if (value == -1) - fatal("%.200s line %d: Bad cipher.", filename, linenum); - if (*activep && *intptr == -1) - *intptr = value; - break; - - case oRemoteForward: - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (cp[0] < '0' || cp[0] > '9') - fatal("%.200s line %d: Badly formatted port number.", - filename, linenum); - fwd_port = atoi(cp); - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing second argument.", - filename, linenum); - if (sscanf(cp, "%255[^:]:%d", buf, &fwd_host_port) != 2) - fatal("%.200s line %d: Badly formatted host:port.", - filename, linenum); - if (*activep) - add_remote_forward(options, fwd_port, buf, fwd_host_port); - break; - - case oLocalForward: - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (cp[0] < '0' || cp[0] > '9') - fatal("%.200s line %d: Badly formatted port number.", - filename, linenum); - fwd_port = atoi(cp); - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing second argument.", - filename, linenum); - if (sscanf(cp, "%255[^:]:%d", buf, &fwd_host_port) != 2) - fatal("%.200s line %d: Badly formatted host:port.", - filename, linenum); - if (*activep) - add_local_forward(options, fwd_port, buf, fwd_host_port); - break; - - case oHost: - *activep = 0; - while ((cp = strtok(NULL, WHITESPACE)) != NULL) - if (match_pattern(host, cp)) - { - debug("Applying options for %.100s", cp); - *activep = 1; - break; - } - /* Avoid garbage check below, as strtok already returned NULL. */ - return; - - case oEscapeChar: - intptr = &options->escape_char; - cp = strtok(NULL, WHITESPACE); - if (!cp) - fatal("%.200s line %d: Missing argument.", filename, linenum); - if (cp[0] == '^' && cp[2] == 0 && - (unsigned char)cp[1] >= 64 && (unsigned char)cp[1] < 128) - value = (unsigned char)cp[1] & 31; - else - if (strlen(cp) == 1) - value = (unsigned char)cp[0]; - else - if (strcmp(cp, "none") == 0) - value = -2; - else - { - fatal("%.200s line %d: Bad escape character.", - filename, linenum); - /*NOTREACHED*/ - value = 0; /* Avoid compiler warning. */ - } - if (*activep && *intptr == -1) - *intptr = value; - break; - - default: - fatal("parse_config_file: Unimplemented opcode %d", opcode); - } - - /* Check that there is no garbage at end of line. */ - if (strtok(NULL, WHITESPACE) != NULL) - fatal("%.200s line %d: garbage at end of line.", - filename, linenum); + + /* Check that there is no garbage at end of line. */ + if (strtok(NULL, WHITESPACE) != NULL) + fatal("%.200s line %d: garbage at end of line.", + filename, linenum); + return 0; } -/* Reads the config file and modifies the options accordingly. Options should - already be initialized before this call. This never returns if there - is an error. If the file does not exist, this returns immediately. */ +/* + * Reads the config file and modifies the options accordingly. Options + * should already be initialized before this call. This never returns if + * there is an error. If the file does not exist, this returns immediately. + */ -void read_config_file(const char *filename, const char *host, Options *options) +void +read_config_file(const char *filename, const char *host, Options *options) { - FILE *f; - char line[1024]; - int active, linenum; - - /* Open the file. */ - f = fopen(filename, "r"); - if (!f) - return; - - debug("Reading configuration data %.200s", filename); - - /* Mark that we are now processing the options. This flag is turned on/off - by Host specifications. */ - active = 1; - linenum = 0; - while (fgets(line, sizeof(line), f)) - { - /* Update line number counter. */ - linenum++; - - process_config_line(options, host, line, filename, linenum, &active); - } - fclose(f); + FILE *f; + char line[1024]; + int active, linenum; + int bad_options = 0; + + /* Open the file. */ + f = fopen(filename, "r"); + if (!f) + return; + + debug("Reading configuration data %.200s", filename); + + /* + * Mark that we are now processing the options. This flag is turned + * on/off by Host specifications. + */ + active = 1; + linenum = 0; + while (fgets(line, sizeof(line), f)) { + /* Update line number counter. */ + linenum++; + if (process_config_line(options, host, line, filename, linenum, &active) != 0) + bad_options++; + } + fclose(f); + if (bad_options > 0) + fatal("%s: terminating, %d bad configuration options\n", + filename, bad_options); } -/* Initializes options to special values that indicate that they have not - yet been set. Read_config_file will only set options with this value. - Options are processed in the following order: command line, user config - file, system config file. Last, fill_default_options is called. */ +/* + * Initializes options to special values that indicate that they have not yet + * been set. Read_config_file will only set options with this value. Options + * are processed in the following order: command line, user config file, + * system config file. Last, fill_default_options is called. + */ -void initialize_options(Options *options) +void +initialize_options(Options * options) { - memset(options, 'X', sizeof(*options)); - options->forward_agent = -1; - options->forward_x11 = -1; - options->gateway_ports = -1; - options->use_privileged_port = -1; - options->rhosts_authentication = -1; - options->rsa_authentication = -1; + memset(options, 'X', sizeof(*options)); + options->forward_agent = -1; + options->forward_x11 = -1; + options->gateway_ports = -1; + options->use_privileged_port = -1; + options->rhosts_authentication = -1; + options->rsa_authentication = -1; + options->skey_authentication = -1; #ifdef KRB4 - options->kerberos_authentication = -1; + options->kerberos_authentication = -1; #endif #ifdef AFS - options->kerberos_tgt_passing = -1; - options->afs_token_passing = -1; + options->kerberos_tgt_passing = -1; + options->afs_token_passing = -1; #endif - options->password_authentication = -1; - options->rhosts_rsa_authentication = -1; - options->fallback_to_rsh = -1; - options->use_rsh = -1; - options->batch_mode = -1; - options->check_host_ip = -1; - options->strict_host_key_checking = -1; - options->compression = -1; - options->keepalives = -1; - options->compression_level = -1; - options->port = -1; - options->connection_attempts = -1; - options->number_of_password_prompts = -1; - options->cipher = -1; - options->num_identity_files = 0; - options->hostname = NULL; - options->proxy_command = NULL; - options->user = NULL; - options->escape_char = -1; - options->system_hostfile = NULL; - options->user_hostfile = NULL; - options->num_local_forwards = 0; - options->num_remote_forwards = 0; + options->password_authentication = -1; + options->rhosts_rsa_authentication = -1; + options->fallback_to_rsh = -1; + options->use_rsh = -1; + options->batch_mode = -1; + options->check_host_ip = -1; + options->strict_host_key_checking = -1; + options->compression = -1; + options->keepalives = -1; + options->compression_level = -1; + options->port = -1; + options->connection_attempts = -1; + options->number_of_password_prompts = -1; + options->cipher = -1; + options->num_identity_files = 0; + options->hostname = NULL; + options->proxy_command = NULL; + options->user = NULL; + options->escape_char = -1; + options->system_hostfile = NULL; + options->user_hostfile = NULL; + options->num_local_forwards = 0; + options->num_remote_forwards = 0; + options->log_level = (LogLevel) - 1; } -/* Called after processing other sources of option data, this fills those - options for which no value has been specified with their default values. */ +/* + * Called after processing other sources of option data, this fills those + * options for which no value has been specified with their default values. + */ -void fill_default_options(Options *options) +void +fill_default_options(Options * options) { - if (options->forward_agent == -1) - options->forward_agent = 1; - if (options->forward_x11 == -1) - options->forward_x11 = 1; - if (options->gateway_ports == -1) - options->gateway_ports = 0; - if (options->use_privileged_port == -1) - options->use_privileged_port = 1; - if (options->rhosts_authentication == -1) - options->rhosts_authentication = 1; - if (options->rsa_authentication == -1) - options->rsa_authentication = 1; + if (options->forward_agent == -1) + options->forward_agent = 1; + if (options->forward_x11 == -1) + options->forward_x11 = 1; + if (options->gateway_ports == -1) + options->gateway_ports = 0; + if (options->use_privileged_port == -1) + options->use_privileged_port = 1; + if (options->rhosts_authentication == -1) + options->rhosts_authentication = 1; + if (options->rsa_authentication == -1) + options->rsa_authentication = 1; + if (options->skey_authentication == -1) + options->skey_authentication = 0; #ifdef KRB4 - if (options->kerberos_authentication == -1) - options->kerberos_authentication = 1; + if (options->kerberos_authentication == -1) + options->kerberos_authentication = 1; #endif /* KRB4 */ #ifdef AFS - if (options->kerberos_tgt_passing == -1) - options->kerberos_tgt_passing = 1; - if (options->afs_token_passing == -1) - options->afs_token_passing = 1; + if (options->kerberos_tgt_passing == -1) + options->kerberos_tgt_passing = 1; + if (options->afs_token_passing == -1) + options->afs_token_passing = 1; #endif /* AFS */ - if (options->password_authentication == -1) - options->password_authentication = 1; - if (options->rhosts_rsa_authentication == -1) - options->rhosts_rsa_authentication = 1; - if (options->fallback_to_rsh == -1) - options->fallback_to_rsh = 1; - if (options->use_rsh == -1) - options->use_rsh = 0; - if (options->batch_mode == -1) - options->batch_mode = 0; - if (options->check_host_ip == -1) - options->check_host_ip = 1; - if (options->strict_host_key_checking == -1) - options->strict_host_key_checking = 2; /* 2 is default */ - if (options->compression == -1) - options->compression = 0; - if (options->keepalives == -1) - options->keepalives = 1; - if (options->compression_level == -1) - options->compression_level = 6; - if (options->port == -1) - options->port = 0; /* Filled in ssh_connect. */ - if (options->connection_attempts == -1) - options->connection_attempts = 4; - if (options->number_of_password_prompts == -1) - options->number_of_password_prompts = 3; - if (options->cipher == -1) - options->cipher = SSH_CIPHER_NOT_SET; /* Selected in ssh_login(). */ - if (options->num_identity_files == 0) - { - options->identity_files[0] = - xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1); - sprintf(options->identity_files[0], "~/%.100s", SSH_CLIENT_IDENTITY); - options->num_identity_files = 1; - } - if (options->escape_char == -1) - options->escape_char = '~'; - if (options->system_hostfile == NULL) - options->system_hostfile = SSH_SYSTEM_HOSTFILE; - if (options->user_hostfile == NULL) - options->user_hostfile = SSH_USER_HOSTFILE; - /* options->proxy_command should not be set by default */ - /* options->user will be set in the main program if appropriate */ - /* options->hostname will be set in the main program if appropriate */ + if (options->password_authentication == -1) + options->password_authentication = 1; + if (options->rhosts_rsa_authentication == -1) + options->rhosts_rsa_authentication = 1; + if (options->fallback_to_rsh == -1) + options->fallback_to_rsh = 1; + if (options->use_rsh == -1) + options->use_rsh = 0; + if (options->batch_mode == -1) + options->batch_mode = 0; + if (options->check_host_ip == -1) + options->check_host_ip = 1; + if (options->strict_host_key_checking == -1) + options->strict_host_key_checking = 2; /* 2 is default */ + if (options->compression == -1) + options->compression = 0; + if (options->keepalives == -1) + options->keepalives = 1; + if (options->compression_level == -1) + options->compression_level = 6; + if (options->port == -1) + options->port = 0; /* Filled in ssh_connect. */ + if (options->connection_attempts == -1) + options->connection_attempts = 4; + if (options->number_of_password_prompts == -1) + options->number_of_password_prompts = 3; + /* Selected in ssh_login(). */ + if (options->cipher == -1) + options->cipher = SSH_CIPHER_NOT_SET; + if (options->num_identity_files == 0) { + options->identity_files[0] = + xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1); + sprintf(options->identity_files[0], "~/%.100s", SSH_CLIENT_IDENTITY); + options->num_identity_files = 1; + } + if (options->escape_char == -1) + options->escape_char = '~'; + if (options->system_hostfile == NULL) + options->system_hostfile = SSH_SYSTEM_HOSTFILE; + if (options->user_hostfile == NULL) + options->user_hostfile = SSH_USER_HOSTFILE; + if (options->log_level == (LogLevel) - 1) + options->log_level = SYSLOG_LEVEL_INFO; + /* options->proxy_command should not be set by default */ + /* options->user will be set in the main program if appropriate */ + /* options->hostname will be set in the main program if appropriate */ } - Index: usr.bin/ssh/readconf.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/readconf.h,v retrieving revision 1.7 retrieving revision 1.13 diff -u -r1.7 -r1.13 --- usr.bin/ssh/readconf.h 1999/10/12 21:04:22 1.7 +++ usr.bin/ssh/readconf.h 1999/12/01 13:59:15 1.13 @@ -1,116 +1,137 @@ /* + * + * readconf.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sat Apr 22 00:25:29 1995 ylo + * + * Functions for reading the configuration file. + * + */ -readconf.h +/* RCSID("$Id: readconf.h,v 1.13 1999/12/01 13:59:15 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Apr 22 00:25:29 1995 ylo - -Functions for reading the configuration file. - -*/ - -/* RCSID("$Id: readconf.h,v 1.7 1999/10/12 21:04:22 markus Exp $"); */ - #ifndef READCONF_H #define READCONF_H /* Data structure for representing a forwarding request. */ -typedef struct -{ - int port; /* Port to forward. */ - char *host; /* Host to connect. */ - int host_port; /* Port to connect on host. */ -} Forward; - +typedef struct { + u_short port; /* Port to forward. */ + char *host; /* Host to connect. */ + u_short host_port; /* Port to connect on host. */ +} Forward; /* Data structure for representing option data. */ -typedef struct -{ - int forward_agent; /* Forward authentication agent. */ - int forward_x11; /* Forward X11 display. */ - int gateway_ports; /* Allow remote connects to forwarded ports. */ - int use_privileged_port; /* Don't use privileged port if false. */ - int rhosts_authentication; /* Try rhosts authentication. */ - int rhosts_rsa_authentication;/* Try rhosts with RSA authentication. */ - int rsa_authentication; /* Try RSA authentication. */ +typedef struct { + int forward_agent; /* Forward authentication agent. */ + int forward_x11; /* Forward X11 display. */ + int gateway_ports; /* Allow remote connects to forwarded ports. */ + int use_privileged_port; /* Don't use privileged port if false. */ + int rhosts_authentication; /* Try rhosts authentication. */ + int rhosts_rsa_authentication; /* Try rhosts with RSA + * authentication. */ + int rsa_authentication; /* Try RSA authentication. */ + int skey_authentication; /* Try S/Key or TIS authentication. */ #ifdef KRB4 - int kerberos_authentication; /* Try Kerberos authentication. */ + int kerberos_authentication; /* Try Kerberos + * authentication. */ #endif #ifdef AFS - int kerberos_tgt_passing; /* Try Kerberos tgt passing. */ - int afs_token_passing; /* Try AFS token passing. */ + int kerberos_tgt_passing; /* Try Kerberos tgt passing. */ + int afs_token_passing; /* Try AFS token passing. */ #endif - int password_authentication; /* Try password authentication. */ - int fallback_to_rsh; /* Use rsh if cannot connect with ssh. */ - int use_rsh; /* Always use rsh (don\'t try ssh). */ - int batch_mode; /* Batch mode: do not ask for passwords. */ - int check_host_ip; /* Also keep track of keys for IP address */ - int strict_host_key_checking; /* Strict host key checking. */ - int compression; /* Compress packets in both directions. */ - int compression_level; /* Compression level 1 (fast) to 9 (best). */ - int keepalives; /* Set SO_KEEPALIVE. */ - - int port; /* Port to connect. */ - int connection_attempts; /* Max attempts (seconds) before giving up */ - int number_of_password_prompts; /* Max number of password prompts. */ - int cipher; /* Cipher to use. */ - char *hostname; /* Real host to connect. */ - char *proxy_command; /* Proxy command for connecting the host. */ - char *user; /* User to log in as. */ - int escape_char; /* Escape character; -2 = none */ - - char *system_hostfile; /* Path for /etc/ssh_known_hosts. */ - char *user_hostfile; /* Path for $HOME/.ssh/known_hosts. */ - - int num_identity_files; /* Number of files for RSA identities. */ - char *identity_files[SSH_MAX_IDENTITY_FILES]; - - /* Local TCP/IP forward requests. */ - int num_local_forwards; - Forward local_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; - - /* Remote TCP/IP forward requests. */ - int num_remote_forwards; - Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; -} Options; - - -/* Initializes options to special values that indicate that they have not - yet been set. Read_config_file will only set options with this value. - Options are processed in the following order: command line, user config - file, system config file. Last, fill_default_options is called. */ -void initialize_options(Options *options); - -/* Called after processing other sources of option data, this fills those - options for which no value has been specified with their default values. */ -void fill_default_options(Options *options); - -/* Processes a single option line as used in the configuration files. - This only sets those values that have not already been set. */ -void process_config_line(Options *options, const char *host, - char *line, const char *filename, int linenum, - int *activep); - -/* Reads the config file and modifies the options accordingly. Options should - already be initialized before this call. This never returns if there - is an error. If the file does not exist, this returns immediately. */ -void read_config_file(const char *filename, const char *host, - Options *options); - -/* Adds a local TCP/IP port forward to options. Never returns if there - is an error. */ -void add_local_forward(Options *options, int port, const char *host, - int host_port); - -/* Adds a remote TCP/IP port forward to options. Never returns if there - is an error. */ -void add_remote_forward(Options *options, int port, const char *host, - int host_port); - + int password_authentication; /* Try password + * authentication. */ + int fallback_to_rsh;/* Use rsh if cannot connect with ssh. */ + int use_rsh; /* Always use rsh (don\'t try ssh). */ + int batch_mode; /* Batch mode: do not ask for passwords. */ + int check_host_ip; /* Also keep track of keys for IP address */ + int strict_host_key_checking; /* Strict host key checking. */ + int compression; /* Compress packets in both directions. */ + int compression_level; /* Compression level 1 (fast) to 9 + * (best). */ + int keepalives; /* Set SO_KEEPALIVE. */ + LogLevel log_level; /* Level for logging. */ + + int port; /* Port to connect. */ + int connection_attempts; /* Max attempts (seconds) before + * giving up */ + int number_of_password_prompts; /* Max number of password + * prompts. */ + int cipher; /* Cipher to use. */ + char *hostname; /* Real host to connect. */ + char *proxy_command; /* Proxy command for connecting the host. */ + char *user; /* User to log in as. */ + int escape_char; /* Escape character; -2 = none */ + + char *system_hostfile;/* Path for /etc/ssh_known_hosts. */ + char *user_hostfile; /* Path for $HOME/.ssh/known_hosts. */ + + int num_identity_files; /* Number of files for RSA identities. */ + char *identity_files[SSH_MAX_IDENTITY_FILES]; + + /* Local TCP/IP forward requests. */ + int num_local_forwards; + Forward local_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; + + /* Remote TCP/IP forward requests. */ + int num_remote_forwards; + Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; +} Options; + + +/* + * Initializes options to special values that indicate that they have not yet + * been set. Read_config_file will only set options with this value. Options + * are processed in the following order: command line, user config file, + * system config file. Last, fill_default_options is called. + */ +void initialize_options(Options * options); + +/* + * Called after processing other sources of option data, this fills those + * options for which no value has been specified with their default values. + */ +void fill_default_options(Options * options); + +/* + * Processes a single option line as used in the configuration files. This + * only sets those values that have not already been set. Returns 0 for legal + * options + */ +int +process_config_line(Options * options, const char *host, + char *line, const char *filename, int linenum, + int *activep); + +/* + * Reads the config file and modifies the options accordingly. Options + * should already be initialized before this call. This never returns if + * there is an error. If the file does not exist, this returns immediately. + */ +void +read_config_file(const char *filename, const char *host, + Options * options); + +/* + * Adds a local TCP/IP port forward to options. Never returns if there is an + * error. + */ +void +add_local_forward(Options * options, u_short port, const char *host, + u_short host_port); + +/* + * Adds a remote TCP/IP port forward to options. Never returns if there is + * an error. + */ +void +add_remote_forward(Options * options, u_short port, const char *host, + u_short host_port); -#endif /* READCONF_H */ +#endif /* READCONF_H */ Index: usr.bin/ssh/readpass.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/readpass.c,v retrieving revision 1.4 retrieving revision 1.8 diff -u -r1.4 -r1.8 --- usr.bin/ssh/readpass.c 1999/10/11 20:24:54 1.4 +++ usr.bin/ssh/readpass.c 1999/12/08 19:32:55 1.8 @@ -1,114 +1,94 @@ /* + * Copyright (c) 1988, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ -readpass.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Jul 10 22:08:59 1995 ylo - -Functions for reading passphrases and passwords. - -*/ - #include "includes.h" -RCSID("$Id: readpass.c,v 1.4 1999/10/11 20:24:54 markus Exp $"); +RCSID("$Id: readpass.c,v 1.8 1999/12/08 19:32:55 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" -/* Saved old terminal mode for read_passphrase. */ -static struct termios saved_tio; - -/* Old interrupt signal handler for read_passphrase. */ -static void (*old_handler)(int sig) = NULL; - -/* Interrupt signal handler for read_passphrase. */ - -void intr_handler(int sig) +/* + * Reads a passphrase from /dev/tty with echo turned off. Returns the + * passphrase (allocated with xmalloc), being very careful to ensure that + * no other userland buffer is storing the password. + */ +char * +read_passphrase(const char *prompt, int from_stdin) { - /* Restore terminal modes. */ - tcsetattr(fileno(stdin), TCSANOW, &saved_tio); - /* Restore the old signal handler. */ - signal(sig, old_handler); - /* Resend the signal, with the old handler. */ - kill(getpid(), sig); -} - -/* Reads a passphrase from /dev/tty with echo turned off. Returns the - passphrase (allocated with xmalloc). Exits if EOF is encountered. - The passphrase if read from stdin if from_stdin is true (as is the - case with ssh-keygen). */ - -char *read_passphrase(const char *prompt, int from_stdin) -{ - char buf[1024], *cp; - struct termios tio; - FILE *f; + char buf[1024], *p, ch; + struct termios tio, saved_tio; + sigset_t oset, nset; + int input, output, echo = 0; - if (from_stdin) - f = stdin; - else - { - /* Read the passphrase from /dev/tty to make it possible to ask it even - when stdin has been redirected. */ - f = fopen("/dev/tty", "r"); - if (!f) - { - /* No controlling terminal and no DISPLAY. Nowhere to read. */ - fprintf(stderr, "You have no controlling tty and no DISPLAY. Cannot read passphrase.\n"); - exit(1); + if (from_stdin) { + input = STDIN_FILENO; + output = STDERR_FILENO; + } else + input = output = open("/dev/tty", O_RDWR); + + if (input == -1) + fatal("You have no controlling tty. Cannot read passphrase.\n"); + + /* block signals, get terminal modes and turn off echo */ + sigemptyset(&nset); + sigaddset(&nset, SIGINT); + sigaddset(&nset, SIGTSTP); + (void) sigprocmask(SIG_BLOCK, &nset, &oset); + + if (tcgetattr(input, &tio) == 0 && (tio.c_lflag & ECHO)) { + echo = 1; + saved_tio = tio; + tio.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL); + (void) tcsetattr(input, TCSANOW, &tio); } - } + + fflush(stdout); - /* Display the prompt (on stderr because stdout might be redirected). */ - fflush(stdout); - fprintf(stderr, "%s", prompt); - fflush(stderr); - - /* Get terminal modes. */ - tcgetattr(fileno(f), &tio); - saved_tio = tio; - /* Save signal handler and set the new handler. */ - old_handler = signal(SIGINT, intr_handler); - - /* Set new terminal modes disabling all echo. */ - tio.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL); - tcsetattr(fileno(f), TCSANOW, &tio); - - /* Read the passphrase from the terminal. */ - if (fgets(buf, sizeof(buf), f) == NULL) - { - /* Got EOF. Just exit. */ - /* Restore terminal modes. */ - tcsetattr(fileno(f), TCSANOW, &saved_tio); - /* Restore the signal handler. */ - signal(SIGINT, old_handler); - /* Print a newline (the prompt probably didn\'t have one). */ - fprintf(stderr, "\n"); - /* Close the file. */ - if (f != stdin) - fclose(f); - exit(1); - } - /* Restore terminal modes. */ - tcsetattr(fileno(f), TCSANOW, &saved_tio); - /* Restore the signal handler. */ - (void)signal(SIGINT, old_handler); - /* Remove newline from the passphrase. */ - if (strchr(buf, '\n')) - *strchr(buf, '\n') = 0; - /* Allocate a copy of the passphrase. */ - cp = xstrdup(buf); - /* Clear the buffer so we don\'t leave copies of the passphrase laying - around. */ - memset(buf, 0, sizeof(buf)); - /* Print a newline since the prompt probably didn\'t have one. */ - fprintf(stderr, "\n"); - /* Close the file. */ - if (f != stdin) - fclose(f); - return cp; + (void)write(output, prompt, strlen(prompt)); + for (p = buf; read(input, &ch, 1) == 1 && ch != '\n';) + if (p < buf + sizeof(buf) - 1) + *p++ = ch; + *p = '\0'; + (void)write(output, "\n", 1); + + /* restore terminal modes and allow signals */ + if (echo) + tcsetattr(input, TCSANOW, &saved_tio); + (void) sigprocmask(SIG_SETMASK, &oset, NULL); + + if (!from_stdin) + (void)close(input); + p = xstrdup(buf); + memset(buf, 0, sizeof(buf)); + return (p); } Index: usr.bin/ssh/remove.c =================================================================== RCS file: remove.c diff -N remove.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsrtjIQ31367 Wed Dec 8 12:42:09 1999 @@ -0,0 +1,6 @@ +#include + +int remove(const char *filename) +{ + return unlink(filename); +} Index: usr.bin/ssh/rfc-pg.c =================================================================== RCS file: rfc-pg.c diff -N rfc-pg.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsuWcSS31367 Wed Dec 8 12:42:09 1999 @@ -0,0 +1,49 @@ +/* + +rfc-pg.c + +Author: Tatu Ylonen + +Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + All rights reserved + +Created: Fri Jul 7 02:14:16 1995 ylo + +*/ + +/* RCSID("$Id: rfc-pg.c,v 1.2 1999/09/26 23:17:24 deraadt dead $"); */ + +#include + +int main() +{ + int add_formfeed = 0; + int skipping = 0; + int ch; + + while ((ch = getc(stdin)) != EOF) + { + if (ch == '\n') + { + if (add_formfeed) + { + putc('\n', stdout); + putc('\014', stdout); + putc('\n', stdout); + add_formfeed = 0; + skipping = 1; + continue; + } + if (skipping) + continue; + } + skipping = 0; + if (ch == '\014') + { + add_formfeed = 1; + continue; + } + putc(ch, stdout); + } + exit(0); +} Index: usr.bin/ssh/rsa.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/rsa.c,v retrieving revision 1.5 retrieving revision 1.11 diff -u -r1.5 -r1.11 --- usr.bin/ssh/rsa.c 1999/10/16 23:54:12 1.5 +++ usr.bin/ssh/rsa.c 1999/11/24 19:53:50 1.11 @@ -1,41 +1,41 @@ /* - -rsa.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Fri Mar 3 22:07:06 1995 ylo - -Description of the RSA algorithm can be found e.g. from the following sources: - - Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994. - - Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to - Computer Security. Prentice-Hall, 1989. - - Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill, - 1994. - - R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications - System and Method. US Patent 4,405,829, 1983. - - Hans Riesel: Prime Numbers and Computer Methods for Factorization. - Birkhauser, 1994. - - The RSA Frequently Asked Questions document by RSA Data Security, Inc., 1995. - - RSA in 3 lines of perl by Adam Back , 1995, as included - below: - - gone - had to be deleted - what a pity - + * + * rsa.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 3 22:07:06 1995 ylo + * + * Description of the RSA algorithm can be found e.g. from the following sources: + * + * Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994. + * + * Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to + * Computer Security. Prentice-Hall, 1989. + * + * Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill, + * 1994. + * + * R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications + * System and Method. US Patent 4,405,829, 1983. + * + * Hans Riesel: Prime Numbers and Computer Methods for Factorization. + * Birkhauser, 1994. + * + * The RSA Frequently Asked Questions document by RSA Data Security, Inc., 1995. + * + * RSA in 3 lines of perl by Adam Back , 1995, as included + * below: + * + * [gone - had to be deleted - what a pity] + * */ #include "includes.h" -RCSID("$Id: rsa.c,v 1.5 1999/10/16 23:54:12 provos Exp $"); +RCSID("$Id: rsa.c,v 1.11 1999/11/24 19:53:50 markus Exp $"); #include "rsa.h" #include "ssh.h" @@ -46,113 +46,118 @@ int rsa_alive() { - RSA *key; + RSA *key; - key = RSA_generate_key(32, 3, NULL, NULL); - if (key == NULL) - return (0); - RSA_free(key); - return (1); + key = RSA_generate_key(32, 3, NULL, NULL); + if (key == NULL) + return (0); + RSA_free(key); + return (1); } -/* Generates RSA public and private keys. This initializes the data - structures; they should be freed with rsa_clear_private_key and - rsa_clear_public_key. */ +/* + * Generates RSA public and private keys. This initializes the data + * structures; they should be freed with rsa_clear_private_key and + * rsa_clear_public_key. + */ void rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits) { - RSA *key; + RSA *key; + + if (rsa_verbose) { + printf("Generating RSA keys: "); + fflush(stdout); + } + key = RSA_generate_key(bits, 35, NULL, NULL); + if (key == NULL) + fatal("rsa_generate_key: key generation failed."); + + /* Copy public key parameters */ + pub->n = BN_new(); + BN_copy(pub->n, key->n); + pub->e = BN_new(); + BN_copy(pub->e, key->e); + + /* Copy private key parameters */ + prv->n = BN_new(); + BN_copy(prv->n, key->n); + prv->e = BN_new(); + BN_copy(prv->e, key->e); + prv->d = BN_new(); + BN_copy(prv->d, key->d); + prv->p = BN_new(); + BN_copy(prv->p, key->p); + prv->q = BN_new(); + BN_copy(prv->q, key->q); + + prv->dmp1 = BN_new(); + BN_copy(prv->dmp1, key->dmp1); + + prv->dmq1 = BN_new(); + BN_copy(prv->dmq1, key->dmq1); - if (rsa_verbose) { - printf("Generating RSA keys: "); - fflush(stdout); - } - - key = RSA_generate_key(bits, 35, NULL, NULL); - - assert(key != NULL); - - /* Copy public key parameters */ - pub->n = BN_new(); - BN_copy(pub->n, key->n); - pub->e = BN_new(); - BN_copy(pub->e, key->e); - - /* Copy private key parameters */ - prv->n = BN_new(); - BN_copy(prv->n, key->n); - prv->e = BN_new(); - BN_copy(prv->e, key->e); - prv->d = BN_new(); - BN_copy(prv->d, key->d); - prv->p = BN_new(); - BN_copy(prv->p, key->p); - prv->q = BN_new(); - BN_copy(prv->q, key->q); - - prv->dmp1 = BN_new(); - BN_copy(prv->dmp1, key->dmp1); - - prv->dmq1 = BN_new(); - BN_copy(prv->dmq1, key->dmq1); - - prv->iqmp = BN_new(); - BN_copy(prv->iqmp, key->iqmp); - - RSA_free(key); - - if (rsa_verbose) - printf("Key generation complete.\n"); + prv->iqmp = BN_new(); + BN_copy(prv->iqmp, key->iqmp); + + RSA_free(key); + + if (rsa_verbose) + printf("Key generation complete.\n"); } void -rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA* key) +rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) { - char *inbuf, *outbuf; - int len; + char *inbuf, *outbuf; + int len, ilen, olen; - if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) - fatal("rsa_public_encrypt() exponent too small or not odd"); + if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) + fatal("rsa_public_encrypt() exponent too small or not odd"); - len = BN_num_bytes(key->n); - outbuf = xmalloc(len); + olen = BN_num_bytes(key->n); + outbuf = xmalloc(olen); - len = BN_num_bytes(in); - inbuf = xmalloc(len); - BN_bn2bin(in, inbuf); + ilen = BN_num_bytes(in); + inbuf = xmalloc(ilen); + BN_bn2bin(in, inbuf); - if ((len = RSA_public_encrypt(len, inbuf, outbuf, key, - RSA_PKCS1_PADDING)) <= 0) - fatal("rsa_public_encrypt() failed"); + if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key, + RSA_PKCS1_PADDING)) <= 0) + fatal("rsa_public_encrypt() failed"); - BN_bin2bn(outbuf, len, out); + BN_bin2bn(outbuf, len, out); - xfree(outbuf); - xfree(inbuf); + memset(outbuf, 0, olen); + memset(inbuf, 0, ilen); + xfree(outbuf); + xfree(inbuf); } void rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) { - char *inbuf, *outbuf; - int len; - - len = BN_num_bytes(key->n); - outbuf = xmalloc(len); - - len = BN_num_bytes(in); - inbuf = xmalloc(len); - BN_bn2bin(in, inbuf); - - if ((len = RSA_private_decrypt(len, inbuf, outbuf, key, - RSA_SSLV23_PADDING)) <= 0) - fatal("rsa_private_decrypt() failed"); + char *inbuf, *outbuf; + int len, ilen, olen; - BN_bin2bn(outbuf, len, out); + olen = BN_num_bytes(key->n); + outbuf = xmalloc(olen); - xfree(outbuf); - xfree(inbuf); + ilen = BN_num_bytes(in); + inbuf = xmalloc(ilen); + BN_bn2bin(in, inbuf); + + if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key, + RSA_SSLV23_PADDING)) <= 0) + fatal("rsa_private_decrypt() failed"); + + BN_bin2bn(outbuf, len, out); + + memset(outbuf, 0, olen); + memset(inbuf, 0, ilen); + xfree(outbuf); + xfree(inbuf); } /* Set whether to output verbose messages during key generation. */ @@ -160,5 +165,5 @@ void rsa_set_verbose(int verbose) { - rsa_verbose = verbose; + rsa_verbose = verbose; } Index: usr.bin/ssh/rsa.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/rsa.h,v retrieving revision 1.2 retrieving revision 1.4 diff -u -r1.2 -r1.4 --- usr.bin/ssh/rsa.h 1999/09/29 06:15:00 1.2 +++ usr.bin/ssh/rsa.h 1999/11/24 19:53:50 1.4 @@ -1,19 +1,19 @@ /* - -rsa.h - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Fri Mar 3 22:01:06 1995 ylo - -RSA key generation, encryption and decryption. - + * + * rsa.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 3 22:01:06 1995 ylo + * + * RSA key generation, encryption and decryption. + * */ -/* RCSID("$Id: rsa.h,v 1.2 1999/09/29 06:15:00 deraadt Exp $"); */ +/* RCSID("$Id: rsa.h,v 1.4 1999/11/24 19:53:50 markus Exp $"); */ #ifndef RSA_H #define RSA_H @@ -22,15 +22,17 @@ #include /* Calls SSL RSA_generate_key, only copies to prv and pub */ -void rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits); +void rsa_generate_key(RSA * prv, RSA * pub, unsigned int bits); -/* Indicates whether the rsa module is permitted to show messages on - the terminal. */ +/* + * Indicates whether the rsa module is permitted to show messages on the + * terminal. + */ void rsa_set_verbose __P((int verbose)); -int rsa_alive __P((void)); +int rsa_alive __P((void)); -void rsa_public_encrypt __P((BIGNUM *out, BIGNUM *in, RSA *prv)); -void rsa_private_decrypt __P((BIGNUM *out, BIGNUM *in, RSA *prv)); +void rsa_public_encrypt __P((BIGNUM * out, BIGNUM * in, RSA * prv)); +void rsa_private_decrypt __P((BIGNUM * out, BIGNUM * in, RSA * prv)); -#endif /* RSA_H */ +#endif /* RSA_H */ Index: usr.bin/ssh/scp.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/scp.c,v retrieving revision 1.13 retrieving revision 1.22 diff -u -r1.13 -r1.22 --- usr.bin/ssh/scp.c 1999/10/08 01:25:20 1.13 +++ usr.bin/ssh/scp.c 1999/12/06 20:15:28 1.22 @@ -1,13 +1,13 @@ /* - -scp - secure remote copy. This is basically patched BSD rcp which uses ssh -to do the data transfer (instead of using rcmd). - -NOTE: This version should NOT be suid root. (This uses ssh to do the transfer -and ssh has the necessary privileges.) - -1995 Timo Rinne , Tatu Ylonen - + * + * scp - secure remote copy. This is basically patched BSD rcp which uses ssh + * to do the data transfer (instead of using rcmd). + * + * NOTE: This version should NOT be suid root. (This uses ssh to do the transfer + * and ssh has the necessary privileges.) + * + * 1995 Timo Rinne , Tatu Ylonen + * */ /* @@ -42,11 +42,10 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: scp.c,v 1.13 1999/10/08 01:25:20 aaron Exp $ */ #include "includes.h" -RCSID("$Id: scp.c,v 1.13 1999/10/08 01:25:20 aaron Exp $"); +RCSID("$Id: scp.c,v 1.22 1999/12/06 20:15:28 deraadt Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -70,13 +69,13 @@ volatile unsigned long statbytes; /* Total size of current file. */ -unsigned long totalbytes = 0; +off_t totalbytes = 0; /* Name of current file being transferred. */ char *curfile; /* This is set to non-zero to enable verbose mode. */ -int verbose = 0; +int verbose_mode = 0; /* This is set to non-zero if compression is desired. */ int compress = 0; @@ -91,109 +90,110 @@ /* This is set to the cipher type string if given on the command line. */ char *cipher = NULL; -/* This is set to the RSA authentication identity file name if given on +/* This is set to the RSA authentication identity file name if given on the command line. */ char *identity = NULL; /* This is the port to use in contacting the remote site (is non-NULL). */ char *port = NULL; + +/* + * This function executes the given command as the specified user on the + * given host. This returns < 0 if execution fails, and >= 0 otherwise. This + * assigns the input and output file descriptors on success. + */ + +int +do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) +{ + int pin[2], pout[2], reserved[2]; + + if (verbose_mode) + fprintf(stderr, "Executing: host %s, user %s, command %s\n", + host, remuser ? remuser : "(unspecified)", cmd); + + /* + * Reserve two descriptors so that the real pipes won't get + * descriptors 0 and 1 because that will screw up dup2 below. + */ + pipe(reserved); + + /* Create a socket pair for communicating with ssh. */ + if (pipe(pin) < 0) + fatal("pipe: %s", strerror(errno)); + if (pipe(pout) < 0) + fatal("pipe: %s", strerror(errno)); + + /* Free the reserved descriptors. */ + close(reserved[0]); + close(reserved[1]); + + /* For a child to execute the command on the remote host using ssh. */ + if (fork() == 0) { + char *args[100]; + unsigned int i; + + /* Child. */ + close(pin[1]); + close(pout[0]); + dup2(pin[0], 0); + dup2(pout[1], 1); + close(pin[0]); + close(pout[1]); + + i = 0; + args[i++] = SSH_PROGRAM; + args[i++] = "-x"; + args[i++] = "-oFallBackToRsh no"; + if (verbose_mode) + args[i++] = "-v"; + if (compress) + args[i++] = "-C"; + if (batchmode) + args[i++] = "-oBatchMode yes"; + if (cipher != NULL) { + args[i++] = "-c"; + args[i++] = cipher; + } + if (identity != NULL) { + args[i++] = "-i"; + args[i++] = identity; + } + if (port != NULL) { + args[i++] = "-p"; + args[i++] = port; + } + if (remuser != NULL) { + args[i++] = "-l"; + args[i++] = remuser; + } + args[i++] = host; + args[i++] = cmd; + args[i++] = NULL; -/* This function executes the given command as the specified user on the given - host. This returns < 0 if execution fails, and >= 0 otherwise. - This assigns the input and output file descriptors on success. */ - -int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) -{ - int pin[2], pout[2], reserved[2]; - - if (verbose) - fprintf(stderr, "Executing: host %s, user %s, command %s\n", - host, remuser ? remuser : "(unspecified)", cmd); - - /* Reserve two descriptors so that the real pipes won't get descriptors - 0 and 1 because that will screw up dup2 below. */ - pipe(reserved); - - /* Create a socket pair for communicating with ssh. */ - if (pipe(pin) < 0) - fatal("pipe: %s", strerror(errno)); - if (pipe(pout) < 0) - fatal("pipe: %s", strerror(errno)); - - /* Free the reserved descriptors. */ - close(reserved[0]); - close(reserved[1]); - - /* For a child to execute the command on the remote host using ssh. */ - if (fork() == 0) - { - char *args[100]; - unsigned int i; - - /* Child. */ - close(pin[1]); - close(pout[0]); - dup2(pin[0], 0); - dup2(pout[1], 1); - close(pin[0]); - close(pout[1]); - - i = 0; - args[i++] = SSH_PROGRAM; - args[i++] = "-x"; - args[i++] = "-oFallBackToRsh no"; - if (verbose) - args[i++] = "-v"; - if (compress) - args[i++] = "-C"; - if (batchmode) - args[i++] = "-oBatchMode yes"; - if (cipher != NULL) - { - args[i++] = "-c"; - args[i++] = cipher; - } - if (identity != NULL) - { - args[i++] = "-i"; - args[i++] = identity; - } - if (port != NULL) - { - args[i++] = "-p"; - args[i++] = port; - } - if (remuser != NULL) - { - args[i++] = "-l"; - args[i++] = remuser; - } - args[i++] = host; - args[i++] = cmd; - args[i++] = NULL; - - execvp(SSH_PROGRAM, args); - perror(SSH_PROGRAM); - exit(1); - } - /* Parent. Close the other side, and return the local side. */ - close(pin[0]); - *fdout = pin[1]; - close(pout[1]); - *fdin = pout[0]; - return 0; -} - -void fatal(const char *fmt, ...) -{ - va_list ap; - char buf[1024]; - - va_start(ap, fmt); - vsnprintf(buf, sizeof(buf), fmt, ap); - va_end(ap); - fprintf(stderr, "%s\n", buf); - exit(255); + execvp(SSH_PROGRAM, args); + perror(SSH_PROGRAM); + exit(1); + } + /* Parent. Close the other side, and return the local side. */ + close(pin[0]); + *fdout = pin[1]; + close(pout[1]); + *fdin = pout[0]; + return 0; +} + +void +fatal(const char *fmt,...) +{ + va_list ap; + char buf[1024]; + + va_start(ap, fmt); + vsnprintf(buf, sizeof(buf), fmt, ap); + va_end(ap); + fprintf(stderr, "%s\n", buf); + exit(255); } /* This stuff used to be in BSD rcp extern.h. */ @@ -205,31 +205,31 @@ extern int iamremote; -BUF *allocbuf(BUF *, int, int); -char *colon(char *); -void lostconn(int); -void nospace(void); -int okname(char *); -void run_err(const char *, ...); -void verifydir(char *); +BUF *allocbuf(BUF *, int, int); +char *colon(char *); +void lostconn(int); +void nospace(void); +int okname(char *); +void run_err(const char *,...); +void verifydir(char *); /* Stuff from BSD rcp.c continues. */ struct passwd *pwd; -uid_t userid; +uid_t userid; int errs, remin, remout; int pflag, iamremote, iamrecursive, targetshouldbedirectory; #define CMDNEEDS 64 char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ -int response(void); -void rsource(char *, struct stat *); -void sink(int, char *[]); -void source(int, char *[]); -void tolocal(int, char *[]); -void toremote(char *, int, char *[]); -void usage(void); +int response(void); +void rsource(char *, struct stat *); +void sink(int, char *[]); +void source(int, char *[]); +void tolocal(int, char *[]); +void toremote(char *, int, char *[]); +void usage(void); int main(argc, argv) @@ -242,47 +242,48 @@ extern int optind; fflag = tflag = 0; - while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q")) != EOF) - switch(ch) { /* User-visible flags. */ + while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q")) != EOF) + switch (ch) { + /* User-visible flags. */ case 'p': pflag = 1; break; case 'P': - port = optarg; - break; + port = optarg; + break; case 'r': iamrecursive = 1; break; - /* Server options. */ + /* Server options. */ case 'd': targetshouldbedirectory = 1; break; - case 'f': /* "from" */ + case 'f': /* "from" */ iamremote = 1; fflag = 1; break; - case 't': /* "to" */ + case 't': /* "to" */ iamremote = 1; tflag = 1; break; case 'c': cipher = optarg; - break; + break; case 'i': - identity = optarg; + identity = optarg; break; case 'v': - verbose = 1; - break; + verbose_mode = 1; + break; case 'B': - batchmode = 1; - break; + batchmode = 1; + break; case 'C': - compress = 1; - break; + compress = 1; + break; case 'q': - showprogress = 0; - break; + showprogress = 0; + break; case '?': default: usage(); @@ -291,25 +292,25 @@ argv += optind; if ((pwd = getpwuid(userid = getuid())) == NULL) - fatal("unknown user %d", (int)userid); + fatal("unknown user %d", (int) userid); - if (! isatty(STDERR_FILENO)) + if (!isatty(STDERR_FILENO)) showprogress = 0; remin = STDIN_FILENO; remout = STDOUT_FILENO; - if (fflag) { /* Follow "protocol", send data. */ - (void)response(); + if (fflag) { + /* Follow "protocol", send data. */ + (void) response(); source(argc, argv); exit(errs != 0); } - - if (tflag) { /* Receive data. */ + if (tflag) { + /* Receive data. */ sink(argc, argv); exit(errs != 0); } - if (argc < 2) usage(); if (argc > 2) @@ -317,16 +318,16 @@ remin = remout = -1; /* Command to be executed on remote system using "ssh". */ - (void)sprintf(cmd, "scp%s%s%s%s", verbose ? " -v" : "", - iamrecursive ? " -r" : "", pflag ? " -p" : "", - targetshouldbedirectory ? " -d" : ""); + (void) sprintf(cmd, "scp%s%s%s%s", verbose_mode ? " -v" : "", + iamrecursive ? " -r" : "", pflag ? " -p" : "", + targetshouldbedirectory ? " -d" : ""); - (void)signal(SIGPIPE, lostconn); + (void) signal(SIGPIPE, lostconn); if ((targ = colon(argv[argc - 1]))) /* Dest is remote host. */ toremote(targ, argc, argv); else { - tolocal(argc, argv); /* Dest is local host. */ + tolocal(argc, argv); /* Dest is local host. */ if (targetshouldbedirectory) verifydir(argv[argc - 1]); } @@ -360,15 +361,15 @@ for (i = 0; i < argc - 1; i++) { src = colon(argv[i]); - if (src) { /* remote to remote */ + if (src) { /* remote to remote */ *src++ = 0; if (*src == 0) src = "."; host = strchr(argv[i], '@'); len = strlen(SSH_PROGRAM) + strlen(argv[i]) + - strlen(src) + (tuser ? strlen(tuser) : 0) + - strlen(thost) + strlen(targ) + CMDNEEDS + 32; - bp = xmalloc(len); + strlen(src) + (tuser ? strlen(tuser) : 0) + + strlen(thost) + strlen(targ) + CMDNEEDS + 32; + bp = xmalloc(len); if (host) { *host++ = 0; suser = argv[i]; @@ -376,37 +377,37 @@ suser = pwd->pw_name; else if (!okname(suser)) continue; - (void)sprintf(bp, - "%s%s -x -o'FallBackToRsh no' -n -l %s %s %s %s '%s%s%s:%s'", - SSH_PROGRAM, verbose ? " -v" : "", - suser, host, cmd, src, - tuser ? tuser : "", tuser ? "@" : "", - thost, targ); + (void) sprintf(bp, + "%s%s -x -o'FallBackToRsh no' -n -l %s %s %s %s '%s%s%s:%s'", + SSH_PROGRAM, verbose_mode ? " -v" : "", + suser, host, cmd, src, + tuser ? tuser : "", tuser ? "@" : "", + thost, targ); } else - (void)sprintf(bp, - "exec %s%s -x -o'FallBackToRsh no' -n %s %s %s '%s%s%s:%s'", - SSH_PROGRAM, verbose ? " -v" : "", - argv[i], cmd, src, - tuser ? tuser : "", tuser ? "@" : "", - thost, targ); - if (verbose) - fprintf(stderr, "Executing: %s\n", bp); - (void)system(bp); - (void)xfree(bp); - } else { /* local to remote */ + (void) sprintf(bp, + "exec %s%s -x -o'FallBackToRsh no' -n %s %s %s '%s%s%s:%s'", + SSH_PROGRAM, verbose_mode ? " -v" : "", + argv[i], cmd, src, + tuser ? tuser : "", tuser ? "@" : "", + thost, targ); + if (verbose_mode) + fprintf(stderr, "Executing: %s\n", bp); + (void) system(bp); + (void) xfree(bp); + } else { /* local to remote */ if (remin == -1) { len = strlen(targ) + CMDNEEDS + 20; - bp = xmalloc(len); - (void)sprintf(bp, "%s -t %s", cmd, targ); + bp = xmalloc(len); + (void) sprintf(bp, "%s -t %s", cmd, targ); host = thost; - if (do_cmd(host, tuser, + if (do_cmd(host, tuser, bp, &remin, &remout) < 0) - exit(1); + exit(1); if (response() < 0) exit(1); - (void)xfree(bp); + (void) xfree(bp); } - source(1, argv+i); + source(1, argv + i); } } } @@ -420,18 +421,18 @@ char *bp, *host, *src, *suser; for (i = 0; i < argc - 1; i++) { - if (!(src = colon(argv[i]))) { /* Local to local. */ + if (!(src = colon(argv[i]))) { /* Local to local. */ len = strlen(_PATH_CP) + strlen(argv[i]) + - strlen(argv[argc - 1]) + 20; + strlen(argv[argc - 1]) + 20; bp = xmalloc(len); - (void)sprintf(bp, "exec %s%s%s %s %s", _PATH_CP, - iamrecursive ? " -r" : "", pflag ? " -p" : "", - argv[i], argv[argc - 1]); - if (verbose) - fprintf(stderr, "Executing: %s\n", bp); + (void) sprintf(bp, "exec %s%s%s %s %s", _PATH_CP, + iamrecursive ? " -r" : "", pflag ? " -p" : "", + argv[i], argv[argc - 1]); + if (verbose_mode) + fprintf(stderr, "Executing: %s\n", bp); if (system(bp)) ++errs; - (void)xfree(bp); + (void) xfree(bp); continue; } *src++ = 0; @@ -449,16 +450,16 @@ continue; } len = strlen(src) + CMDNEEDS + 20; - bp = xmalloc(len); - (void)sprintf(bp, "%s -f %s", cmd, src); - if (do_cmd(host, suser, bp, &remin, &remout) < 0) { - (void)xfree(bp); - ++errs; - continue; + bp = xmalloc(len); + (void) sprintf(bp, "%s -f %s", cmd, src); + if (do_cmd(host, suser, bp, &remin, &remout) < 0) { + (void) xfree(bp); + ++errs; + continue; } - xfree(bp); + xfree(bp); sink(1, argv + argc - 1); - (void)close(remin); + (void) close(remin); remin = remout = -1; } } @@ -476,7 +477,7 @@ char *last, *name, buf[2048]; for (indx = 0; indx < argc; ++indx) { - name = argv[indx]; + name = argv[indx]; statbytes = 0; if ((fd = open(name, O_RDONLY, 0)) < 0) goto syserr; @@ -507,36 +508,33 @@ * Make it compatible with possible future * versions expecting microseconds. */ - (void)sprintf(buf, "T%lu 0 %lu 0\n", - (unsigned long)stb.st_mtime, - (unsigned long)stb.st_atime); - (void)write(remout, buf, strlen(buf)); + (void) sprintf(buf, "T%lu 0 %lu 0\n", + (unsigned long) stb.st_mtime, + (unsigned long) stb.st_atime); + (void) write(remout, buf, strlen(buf)); if (response() < 0) goto next; } #define FILEMODEMASK (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO) - (void)sprintf(buf, "C%04o %lu %s\n", - (unsigned int)(stb.st_mode & FILEMODEMASK), - (unsigned long)stb.st_size, - last); - if (verbose) - { - fprintf(stderr, "Sending file modes: %s", buf); - fflush(stderr); - } - (void)write(remout, buf, strlen(buf)); + (void) sprintf(buf, "C%04o %lu %s\n", + (unsigned int) (stb.st_mode & FILEMODEMASK), + (unsigned long) stb.st_size, + last); + if (verbose_mode) { + fprintf(stderr, "Sending file modes: %s", buf); + fflush(stderr); + } + (void) write(remout, buf, strlen(buf)); if (response() < 0) goto next; if ((bp = allocbuf(&buffer, fd, 2048)) == NULL) { -next: (void)close(fd); +next: (void) close(fd); continue; } - if (showprogress) { totalbytes = stb.st_size; progressmeter(-1); } - /* Keep writing after an error so that we stay sync'd up. */ for (haderr = i = 0; i < stb.st_size; i += bp->cnt) { amt = bp->cnt; @@ -548,7 +546,7 @@ haderr = result >= 0 ? EIO : errno; } if (haderr) - (void)write(remout, bp->buf, amt); + (void) write(remout, bp->buf, amt); else { result = write(remout, bp->buf, amt); if (result != amt) @@ -556,16 +554,16 @@ statbytes += result; } } - if(showprogress) + if (showprogress) progressmeter(1); if (close(fd) < 0 && !haderr) haderr = errno; if (!haderr) - (void)write(remout, "", 1); + (void) write(remout, "", 1); else run_err("%s: %s", name, strerror(haderr)); - (void)response(); + (void) response(); } } @@ -588,21 +586,21 @@ else last++; if (pflag) { - (void)sprintf(path, "T%lu 0 %lu 0\n", - (unsigned long)statp->st_mtime, - (unsigned long)statp->st_atime); - (void)write(remout, path, strlen(path)); + (void) sprintf(path, "T%lu 0 %lu 0\n", + (unsigned long) statp->st_mtime, + (unsigned long) statp->st_atime); + (void) write(remout, path, strlen(path)); if (response() < 0) { closedir(dirp); return; } } - (void)sprintf(path, - "D%04o %d %.1024s\n", (unsigned int)(statp->st_mode & FILEMODEMASK), - 0, last); - if (verbose) - fprintf(stderr, "Entering directory: %s", path); - (void)write(remout, path, strlen(path)); + (void) sprintf(path, "D%04o %d %.1024s\n", + (unsigned int) (statp->st_mode & FILEMODEMASK), + 0, last); + if (verbose_mode) + fprintf(stderr, "Entering directory: %s", path); + (void) write(remout, path, strlen(path)); if (response() < 0) { closedir(dirp); return; @@ -616,13 +614,13 @@ run_err("%s/%s: name too long", name, dp->d_name); continue; } - (void)sprintf(path, "%s/%s", name, dp->d_name); + (void) sprintf(path, "%s/%s", name, dp->d_name); vect[0] = path; source(1, vect); } - (void)closedir(dirp); - (void)write(remout, "E\n", 2); - (void)response(); + (void) closedir(dirp); + (void) write(remout, "E\n", 2); + (void) response(); } void @@ -632,21 +630,23 @@ { static BUF buffer; struct stat stb; - enum { YES, NO, DISPLAYED } wrerr; + enum { + YES, NO, DISPLAYED + } wrerr; BUF *bp; off_t i, j; int amt, count, exists, first, mask, mode, ofd, omode; int setimes, size, targisdir, wrerrno = 0; char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; - struct utimbuf ut; - int dummy_usec; + struct utimbuf ut; + int dummy_usec; #define SCREWUP(str) { why = str; goto screwup; } setimes = targisdir = 0; mask = umask(0); if (!pflag) - (void)umask(mask); + (void) umask(mask); if (argc != 1) { run_err("ambiguous target"); exit(1); @@ -654,8 +654,8 @@ targ = *argv; if (targetshouldbedirectory) verifydir(targ); - - (void)write(remout, "", 1); + + (void) write(remout, "", 1); if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) targisdir = 1; for (first = 1;; first = 0) { @@ -673,18 +673,17 @@ if (buf[0] == '\01' || buf[0] == '\02') { if (iamremote == 0) - (void)write(STDERR_FILENO, - buf + 1, strlen(buf + 1)); + (void) write(STDERR_FILENO, + buf + 1, strlen(buf + 1)); if (buf[0] == '\02') exit(1); ++errs; continue; } if (buf[0] == 'E') { - (void)write(remout, "", 1); + (void) write(remout, "", 1); return; } - if (ch == '\n') *--cp = 0; @@ -706,7 +705,7 @@ getnum(dummy_usec); if (*cp++ != '\0') SCREWUP("atime.usec not delimited"); - (void)write(remout, "", 1); + (void) write(remout, "", 1); continue; } if (*cp != 'C' && *cp != 'D') { @@ -732,7 +731,7 @@ if (*cp++ != ' ') SCREWUP("mode not delimited"); - for (size = 0; *cp >= '0' && *cp <= '9';) + for (size = 0; *cp >= '0' && *cp <= '9';) size = size * 10 + (*cp++ - '0'); if (*cp++ != ' ') SCREWUP("size not delimited"); @@ -743,9 +742,9 @@ need = strlen(targ) + strlen(cp) + 250; if (need > cursize) - namebuf = xmalloc(need); - (void)sprintf(namebuf, "%s%s%s", targ, - *targ ? "/" : "", cp); + namebuf = xmalloc(need); + (void) sprintf(namebuf, "%s%s%s", targ, + *targ ? "/" : "", cp); np = namebuf; } else np = targ; @@ -759,9 +758,10 @@ goto bad; } if (pflag) - (void)chmod(np, mode); + (void) chmod(np, mode); } else { - /* Handle copying from a read-only directory */ + /* Handle copying from a read-only + directory */ mod_flag = 1; if (mkdir(np, mode | S_IRWXU) < 0) goto bad; @@ -771,22 +771,22 @@ if (setimes) { setimes = 0; if (utime(np, &ut) < 0) - run_err("%s: set times: %s", - np, strerror(errno)); + run_err("%s: set times: %s", + np, strerror(errno)); } if (mod_flag) - (void)chmod(np, mode); + (void) chmod(np, mode); continue; } omode = mode; mode |= S_IWRITE; - if ((ofd = open(np, O_WRONLY|O_CREAT|O_TRUNC, mode)) < 0) { + if ((ofd = open(np, O_WRONLY | O_CREAT | O_TRUNC, mode)) < 0) { bad: run_err("%s: %s", np, strerror(errno)); continue; } - (void)write(remout, "", 1); + (void) write(remout, "", 1); if ((bp = allocbuf(&buffer, ofd, 4096)) == NULL) { - (void)close(ofd); + (void) close(ofd); continue; } cp = bp->buf; @@ -806,12 +806,12 @@ j = read(remin, cp, amt); if (j <= 0) { run_err("%s", j ? strerror(errno) : - "dropped connection"); + "dropped connection"); exit(1); } amt -= j; cp += j; - statbytes += j; + statbytes += j; } while (amt > 0); if (count == bp->cnt) { /* Keep reading so we stay sync'd up. */ @@ -819,7 +819,7 @@ j = write(ofd, bp->buf, count); if (j != count) { wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; + wrerrno = j >= 0 ? EIO : errno; } } count = 0; @@ -831,7 +831,7 @@ if (count != 0 && wrerr == NO && (j = write(ofd, bp->buf, count)) != count) { wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; + wrerrno = j >= 0 ? EIO : errno; } #if 0 if (ftruncate(ofd, size)) { @@ -843,29 +843,29 @@ if (exists || omode != mode) if (fchmod(ofd, omode)) run_err("%s: set mode: %s", - np, strerror(errno)); + np, strerror(errno)); } else { if (!exists && omode != mode) if (fchmod(ofd, omode & ~mask)) run_err("%s: set mode: %s", - np, strerror(errno)); + np, strerror(errno)); } - (void)close(ofd); - (void)response(); + (void) close(ofd); + (void) response(); if (setimes && wrerr == NO) { setimes = 0; if (utime(np, &ut) < 0) { run_err("%s: set times: %s", - np, strerror(errno)); + np, strerror(errno)); wrerr = DISPLAYED; } } - switch(wrerr) { + switch (wrerr) { case YES: run_err("%s: %s", np, strerror(wrerrno)); break; case NO: - (void)write(remout, "", 1); + (void) write(remout, "", 1); break; case DISPLAYED: break; @@ -885,14 +885,14 @@ lostconn(0); cp = rbuf; - switch(resp) { - case 0: /* ok */ + switch (resp) { + case 0: /* ok */ return (0); default: *cp++ = resp; /* FALLTHROUGH */ - case 1: /* error, followed by error msg */ - case 2: /* fatal error, "" */ + case 1: /* error, followed by error msg */ + case 2: /* fatal error, "" */ do { if (read(remin, &ch, sizeof(ch)) != sizeof(ch)) lostconn(0); @@ -900,7 +900,7 @@ } while (cp < &rbuf[sizeof(rbuf) - 1] && ch != '\n'); if (!iamremote) - (void)write(STDERR_FILENO, rbuf, cp - rbuf); + (void) write(STDERR_FILENO, rbuf, cp - rbuf); ++errs; if (resp == 1) return (-1); @@ -912,13 +912,13 @@ void usage() { - (void)fprintf(stderr, - "usage: scp [-pqrvC] [-P port] [-c cipher] [-i identity] f1 f2; or:\n scp [options] f1 ... fn directory\n"); + (void) fprintf(stderr, + "usage: scp [-pqrvC] [-P port] [-c cipher] [-i identity] f1 f2; or:\n scp [options] f1 ... fn directory\n"); exit(1); } void -run_err(const char *fmt, ...) +run_err(const char *fmt,...) { static FILE *fp; va_list ap; @@ -927,18 +927,16 @@ ++errs; if (fp == NULL && !(fp = fdopen(remout, "w"))) return; - (void)fprintf(fp, "%c", 0x01); - (void)fprintf(fp, "scp: "); - (void)vfprintf(fp, fmt, ap); - (void)fprintf(fp, "\n"); - (void)fflush(fp); - - if (!iamremote) - { - vfprintf(stderr, fmt, ap); - fprintf(stderr, "\n"); - } - + (void) fprintf(fp, "%c", 0x01); + (void) fprintf(fp, "scp: "); + (void) vfprintf(fp, fmt, ap); + (void) fprintf(fp, "\n"); + (void) fflush(fp); + + if (!iamremote) { + vfprintf(stderr, fmt, ap); + fprintf(stderr, "\n"); + } va_end(ap); } @@ -976,7 +974,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: scp.c,v 1.13 1999/10/08 01:25:20 aaron Exp $ + * $Id: scp.c,v 1.22 1999/12/06 20:15:28 deraadt Exp $ */ char * @@ -1043,17 +1041,17 @@ run_err("fstat: %s", strerror(errno)); return (0); } - if (stb.st_blksize == 0) - size = blksize; - else - size = blksize + (stb.st_blksize - blksize % stb.st_blksize) % - stb.st_blksize; + if (stb.st_blksize == 0) + size = blksize; + else + size = blksize + (stb.st_blksize - blksize % stb.st_blksize) % + stb.st_blksize; if (bp->cnt >= size) return (bp); - if (bp->buf == NULL) - bp->buf = xmalloc(size); - else - bp->buf = xrealloc(bp->buf, size); + if (bp->buf == NULL) + bp->buf = xmalloc(size); + else + bp->buf = xrealloc(bp->buf, size); bp->cnt = size; return (bp); } @@ -1067,40 +1065,16 @@ exit(1); } -/* - * ensure all of data on socket comes through. f==read || f==write - */ -int -atomicio(f, fd, s, n) -int (*f)(); -char *s; -{ - int res, pos = 0; - - while (n>pos) { - res = (f)(fd, s+pos, n-pos); - switch (res) { - case -1: - if (errno==EINTR || errno==EAGAIN) - continue; - case 0: - return (res); - default: - pos += res; - } - } - return (pos); -} void alarmtimer(int wait) { - struct itimerval itv; + struct itimerval itv; - itv.it_value.tv_sec = wait; - itv.it_value.tv_usec = 0; - itv.it_interval = itv.it_value; - setitimer(ITIMER_REAL, &itv, NULL); + itv.it_value.tv_sec = wait; + itv.it_value.tv_usec = 0; + itv.it_interval = itv.it_value; + setitimer(ITIMER_REAL, &itv, NULL); } void @@ -1112,6 +1086,19 @@ errno = save_errno; } +int +foregroundproc() +{ + static pid_t pgrp = -1; + int ctty_pgrp; + + if (pgrp == -1) + pgrp = getpgrp(); + + return ((ioctl(STDOUT_FILENO, TIOCGPGRP, &ctty_pgrp) != -1 && + ctty_pgrp == pgrp)); +} + void progressmeter(int flag) { @@ -1125,32 +1112,33 @@ char buf[256]; if (flag == -1) { - (void)gettimeofday(&start, (struct timezone *)0); + (void) gettimeofday(&start, (struct timezone *) 0); lastupdate = start; lastsize = 0; - } - (void)gettimeofday(&now, (struct timezone *)0); + } + if (foregroundproc() == 0) + return; + + (void) gettimeofday(&now, (struct timezone *) 0); cursize = statbytes; if (totalbytes != 0) { - ratio = cursize * 100 / totalbytes; + ratio = 100.0 * cursize / totalbytes; ratio = MAX(ratio, 0); ratio = MIN(ratio, 100); - } - else + } else ratio = 100; - snprintf(buf, sizeof(buf), "\r%-20.20s %3d%% ", curfile, ratio); + snprintf(buf, sizeof(buf), "\r%-20.20s %3d%% ", curfile, ratio); barlength = getttywidth() - 51; if (barlength > 0) { i = barlength * ratio / 100; snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), - "|%.*s%*s|", i, -"*****************************************************************************" -"*****************************************************************************", - barlength - i, ""); + "|%.*s%*s|", i, + "*****************************************************************************" + "*****************************************************************************", + barlength - i, ""); } - i = 0; abbrevsize = cursize; while (abbrevsize >= 100000 && i < sizeof(prefixes)) { @@ -1158,8 +1146,8 @@ abbrevsize >>= 10; } snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), " %5qd %c%c ", - (quad_t)abbrevsize, prefixes[i], prefixes[i] == ' ' ? ' ' : - 'B'); + (quad_t) abbrevsize, prefixes[i], prefixes[i] == ' ' ? ' ' : + 'B'); timersub(&now, &lastupdate, &wait); if (cursize > lastsize) { @@ -1171,33 +1159,32 @@ } wait.tv_sec = 0; } - timersub(&now, &start, &td); elapsed = td.tv_sec + (td.tv_usec / 1000000.0); if (statbytes <= 0 || elapsed <= 0.0 || cursize > totalbytes) { snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), - " --:-- ETA"); + " --:-- ETA"); } else if (wait.tv_sec >= STALLTIME) { snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), - " - stalled -"); + " - stalled -"); } else { - remaining = (int)(totalbytes / (statbytes / elapsed) - elapsed); - i = elapsed / 3600; + remaining = (int) (totalbytes / (statbytes / elapsed) - elapsed); + i = remaining / 3600; if (i) snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), - "%2d:", i); + "%2d:", i); else snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), - " "); + " "); i = remaining % 3600; snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), - "%02d:%02d ETA", i / 60, i % 60); + "%02d:%02d ETA", i / 60, i % 60); } atomicio(write, fileno(stdout), buf, strlen(buf)); if (flag == -1) { - signal(SIGALRM, (void *)updateprogressmeter); + signal(SIGALRM, (void *) updateprogressmeter); alarmtimer(1); } else if (flag == 1) { alarmtimer(0); @@ -1212,9 +1199,7 @@ struct winsize winsize; if (ioctl(fileno(stdout), TIOCGWINSZ, &winsize) != -1) - return(winsize.ws_col ? winsize.ws_col : 80); + return (winsize.ws_col ? winsize.ws_col : 80); else - return(80); + return (80); } - - Index: usr.bin/ssh/servconf.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/servconf.c,v retrieving revision 1.18 retrieving revision 1.28 diff -u -r1.18 -r1.28 --- usr.bin/ssh/servconf.c 1999/10/17 23:09:16 1.18 +++ usr.bin/ssh/servconf.c 1999/11/24 20:19:37 1.28 @@ -1,18 +1,18 @@ /* + * + * servconf.c + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Mon Aug 21 15:48:58 1995 ylo + * + */ -servconf.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Aug 21 15:48:58 1995 ylo - -*/ - #include "includes.h" -RCSID("$Id: servconf.c,v 1.18 1999/10/17 23:09:16 dugsong Exp $"); +RCSID("$Id: servconf.c,v 1.28 1999/11/24 20:19:37 markus Exp $"); #include "ssh.h" #include "servconf.h" @@ -20,548 +20,509 @@ /* Initializes the server options to their default values. */ -void initialize_server_options(ServerOptions *options) +void +initialize_server_options(ServerOptions *options) { - memset(options, 0, sizeof(*options)); - options->port = -1; - options->listen_addr.s_addr = htonl(INADDR_ANY); - options->host_key_file = NULL; - options->server_key_bits = -1; - options->login_grace_time = -1; - options->key_regeneration_time = -1; - options->permit_root_login = -1; - options->ignore_rhosts = -1; - options->quiet_mode = -1; - options->fascist_logging = -1; - options->print_motd = -1; - options->check_mail = -1; - options->x11_forwarding = -1; - options->x11_display_offset = -1; - options->strict_modes = -1; - options->keepalives = -1; - options->log_facility = (SyslogFacility)-1; - options->rhosts_authentication = -1; - options->rhosts_rsa_authentication = -1; - options->rsa_authentication = -1; + memset(options, 0, sizeof(*options)); + options->port = -1; + options->listen_addr.s_addr = htonl(INADDR_ANY); + options->host_key_file = NULL; + options->server_key_bits = -1; + options->login_grace_time = -1; + options->key_regeneration_time = -1; + options->permit_root_login = -1; + options->ignore_rhosts = -1; + options->ignore_user_known_hosts = -1; + options->print_motd = -1; + options->check_mail = -1; + options->x11_forwarding = -1; + options->x11_display_offset = -1; + options->strict_modes = -1; + options->keepalives = -1; + options->log_facility = (SyslogFacility) - 1; + options->log_level = (LogLevel) - 1; + options->rhosts_authentication = -1; + options->rhosts_rsa_authentication = -1; + options->rsa_authentication = -1; #ifdef KRB4 - options->kerberos_authentication = -1; - options->kerberos_or_local_passwd = -1; - options->kerberos_ticket_cleanup = -1; + options->kerberos_authentication = -1; + options->kerberos_or_local_passwd = -1; + options->kerberos_ticket_cleanup = -1; #endif #ifdef AFS - options->kerberos_tgt_passing = -1; - options->afs_token_passing = -1; + options->kerberos_tgt_passing = -1; + options->afs_token_passing = -1; #endif - options->password_authentication = -1; + options->password_authentication = -1; #ifdef SKEY - options->skey_authentication = -1; + options->skey_authentication = -1; #endif - options->permit_empty_passwd = -1; - options->use_login = -1; - options->num_allow_users = 0; - options->num_deny_users = 0; - options->num_allow_groups = 0; - options->num_deny_groups = 0; + options->permit_empty_passwd = -1; + options->use_login = -1; + options->num_allow_users = 0; + options->num_deny_users = 0; + options->num_allow_groups = 0; + options->num_deny_groups = 0; } -void fill_default_server_options(ServerOptions *options) +void +fill_default_server_options(ServerOptions *options) { - if (options->port == -1) - { - struct servent *sp; - - sp = getservbyname(SSH_SERVICE_NAME, "tcp"); - if (sp) - options->port = ntohs(sp->s_port); - else - options->port = SSH_DEFAULT_PORT; - endservent(); - } - if (options->host_key_file == NULL) - options->host_key_file = HOST_KEY_FILE; - if (options->server_key_bits == -1) - options->server_key_bits = 768; - if (options->login_grace_time == -1) - options->login_grace_time = 600; - if (options->key_regeneration_time == -1) - options->key_regeneration_time = 3600; - if (options->permit_root_login == -1) - options->permit_root_login = 1; /* yes */ - if (options->ignore_rhosts == -1) - options->ignore_rhosts = 0; - if (options->quiet_mode == -1) - options->quiet_mode = 0; - if (options->check_mail == -1) - options->check_mail = 0; - if (options->fascist_logging == -1) - options->fascist_logging = 1; - if (options->print_motd == -1) - options->print_motd = 1; - if (options->x11_forwarding == -1) - options->x11_forwarding = 1; - if (options->x11_display_offset == -1) - options->x11_display_offset = 1; - if (options->strict_modes == -1) - options->strict_modes = 1; - if (options->keepalives == -1) - options->keepalives = 1; - if (options->log_facility == (SyslogFacility)(-1)) - options->log_facility = SYSLOG_FACILITY_DAEMON; - if (options->rhosts_authentication == -1) - options->rhosts_authentication = 0; - if (options->rhosts_rsa_authentication == -1) - options->rhosts_rsa_authentication = 1; - if (options->rsa_authentication == -1) - options->rsa_authentication = 1; + if (options->port == -1) { + struct servent *sp; + + sp = getservbyname(SSH_SERVICE_NAME, "tcp"); + if (sp) + options->port = ntohs(sp->s_port); + else + options->port = SSH_DEFAULT_PORT; + endservent(); + } + if (options->host_key_file == NULL) + options->host_key_file = HOST_KEY_FILE; + if (options->server_key_bits == -1) + options->server_key_bits = 768; + if (options->login_grace_time == -1) + options->login_grace_time = 600; + if (options->key_regeneration_time == -1) + options->key_regeneration_time = 3600; + if (options->permit_root_login == -1) + options->permit_root_login = 1; /* yes */ + if (options->ignore_rhosts == -1) + options->ignore_rhosts = 0; + if (options->ignore_user_known_hosts == -1) + options->ignore_user_known_hosts = 0; + if (options->check_mail == -1) + options->check_mail = 0; + if (options->print_motd == -1) + options->print_motd = 1; + if (options->x11_forwarding == -1) + options->x11_forwarding = 1; + if (options->x11_display_offset == -1) + options->x11_display_offset = 1; + if (options->strict_modes == -1) + options->strict_modes = 1; + if (options->keepalives == -1) + options->keepalives = 1; + if (options->log_facility == (SyslogFacility) (-1)) + options->log_facility = SYSLOG_FACILITY_AUTH; + if (options->log_level == (LogLevel) (-1)) + options->log_level = SYSLOG_LEVEL_INFO; + if (options->rhosts_authentication == -1) + options->rhosts_authentication = 0; + if (options->rhosts_rsa_authentication == -1) + options->rhosts_rsa_authentication = 1; + if (options->rsa_authentication == -1) + options->rsa_authentication = 1; #ifdef KRB4 - if (options->kerberos_authentication == -1) - options->kerberos_authentication = (access(KEYFILE, R_OK) == 0); - if (options->kerberos_or_local_passwd == -1) - options->kerberos_or_local_passwd = 1; - if (options->kerberos_ticket_cleanup == -1) - options->kerberos_ticket_cleanup = 1; + if (options->kerberos_authentication == -1) + options->kerberos_authentication = (access(KEYFILE, R_OK) == 0); + if (options->kerberos_or_local_passwd == -1) + options->kerberos_or_local_passwd = 1; + if (options->kerberos_ticket_cleanup == -1) + options->kerberos_ticket_cleanup = 1; #endif /* KRB4 */ #ifdef AFS - if (options->kerberos_tgt_passing == -1) - options->kerberos_tgt_passing = 0; - if (options->afs_token_passing == -1) - options->afs_token_passing = k_hasafs(); + if (options->kerberos_tgt_passing == -1) + options->kerberos_tgt_passing = 0; + if (options->afs_token_passing == -1) + options->afs_token_passing = k_hasafs(); #endif /* AFS */ - if (options->password_authentication == -1) - options->password_authentication = 1; + if (options->password_authentication == -1) + options->password_authentication = 1; #ifdef SKEY - if (options->skey_authentication == -1) - options->skey_authentication = 1; + if (options->skey_authentication == -1) + options->skey_authentication = 1; #endif - if (options->permit_empty_passwd == -1) - options->permit_empty_passwd = 1; - if (options->use_login == -1) - options->use_login = 0; + if (options->permit_empty_passwd == -1) + options->permit_empty_passwd = 1; + if (options->use_login == -1) + options->use_login = 0; } #define WHITESPACE " \t\r\n" /* Keyword tokens. */ -typedef enum -{ - sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, - sPermitRootLogin, sQuietMode, sFascistLogging, sLogFacility, - sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, +typedef enum { + sBadOption, /* == unknown option */ + sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, + sPermitRootLogin, sLogFacility, sLogLevel, + sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, #ifdef KRB4 - sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, + sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, #endif #ifdef AFS - sKerberosTgtPassing, sAFSTokenPassing, + sKerberosTgtPassing, sAFSTokenPassing, #endif #ifdef SKEY - sSkeyAuthentication, + sSkeyAuthentication, #endif - sPasswordAuthentication, sListenAddress, - sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, - sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, - sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups - + sPasswordAuthentication, sListenAddress, + sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, + sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail, + sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, + sIgnoreUserKnownHosts } ServerOpCodes; /* Textual representation of the tokens. */ -static struct -{ - const char *name; - ServerOpCodes opcode; -} keywords[] = -{ - { "port", sPort }, - { "hostkey", sHostKeyFile }, - { "serverkeybits", sServerKeyBits }, - { "logingracetime", sLoginGraceTime }, - { "keyregenerationinterval", sKeyRegenerationTime }, - { "permitrootlogin", sPermitRootLogin }, - { "quietmode", sQuietMode }, - { "fascistlogging", sFascistLogging }, - { "syslogfacility", sLogFacility }, - { "rhostsauthentication", sRhostsAuthentication }, - { "rhostsrsaauthentication", sRhostsRSAAuthentication }, - { "rsaauthentication", sRSAAuthentication }, +static struct { + const char *name; + ServerOpCodes opcode; +} keywords[] = { + { "port", sPort }, + { "hostkey", sHostKeyFile }, + { "serverkeybits", sServerKeyBits }, + { "logingracetime", sLoginGraceTime }, + { "keyregenerationinterval", sKeyRegenerationTime }, + { "permitrootlogin", sPermitRootLogin }, + { "syslogfacility", sLogFacility }, + { "loglevel", sLogLevel }, + { "rhostsauthentication", sRhostsAuthentication }, + { "rhostsrsaauthentication", sRhostsRSAAuthentication }, + { "rsaauthentication", sRSAAuthentication }, #ifdef KRB4 - { "kerberosauthentication", sKerberosAuthentication }, - { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, - { "kerberosticketcleanup", sKerberosTicketCleanup }, + { "kerberosauthentication", sKerberosAuthentication }, + { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, + { "kerberosticketcleanup", sKerberosTicketCleanup }, #endif #ifdef AFS - { "kerberostgtpassing", sKerberosTgtPassing }, - { "afstokenpassing", sAFSTokenPassing }, + { "kerberostgtpassing", sKerberosTgtPassing }, + { "afstokenpassing", sAFSTokenPassing }, #endif - { "passwordauthentication", sPasswordAuthentication }, + { "passwordauthentication", sPasswordAuthentication }, #ifdef SKEY - { "skeyauthentication", sSkeyAuthentication }, + { "skeyauthentication", sSkeyAuthentication }, #endif - { "checkmail", sCheckMail }, - { "listenaddress", sListenAddress }, - { "printmotd", sPrintMotd }, - { "ignorerhosts", sIgnoreRhosts }, - { "x11forwarding", sX11Forwarding }, - { "x11displayoffset", sX11DisplayOffset }, - { "strictmodes", sStrictModes }, - { "permitemptypasswords", sEmptyPasswd }, - { "uselogin", sUseLogin }, - { "randomseed", sRandomSeedFile }, - { "keepalive", sKeepAlives }, - { "allowusers", sAllowUsers }, - { "denyusers", sDenyUsers }, - { "allowgroups", sAllowGroups }, - { "denygroups", sDenyGroups }, - { NULL, 0 } + { "checkmail", sCheckMail }, + { "listenaddress", sListenAddress }, + { "printmotd", sPrintMotd }, + { "ignorerhosts", sIgnoreRhosts }, + { "ignoreuserknownhosts", sIgnoreUserKnownHosts }, + { "x11forwarding", sX11Forwarding }, + { "x11displayoffset", sX11DisplayOffset }, + { "strictmodes", sStrictModes }, + { "permitemptypasswords", sEmptyPasswd }, + { "uselogin", sUseLogin }, + { "randomseed", sRandomSeedFile }, + { "keepalive", sKeepAlives }, + { "allowusers", sAllowUsers }, + { "denyusers", sDenyUsers }, + { "allowgroups", sAllowGroups }, + { "denygroups", sDenyGroups }, + { NULL, 0 } }; -static struct +/* + * Returns the number of the token pointed to by cp of length len. Never + * returns if the token is not known. + */ + +static ServerOpCodes +parse_token(const char *cp, const char *filename, + int linenum) { - const char *name; - SyslogFacility facility; -} log_facilities[] = -{ - { "DAEMON", SYSLOG_FACILITY_DAEMON }, - { "USER", SYSLOG_FACILITY_USER }, - { "AUTH", SYSLOG_FACILITY_AUTH }, - { "LOCAL0", SYSLOG_FACILITY_LOCAL0 }, - { "LOCAL1", SYSLOG_FACILITY_LOCAL1 }, - { "LOCAL2", SYSLOG_FACILITY_LOCAL2 }, - { "LOCAL3", SYSLOG_FACILITY_LOCAL3 }, - { "LOCAL4", SYSLOG_FACILITY_LOCAL4 }, - { "LOCAL5", SYSLOG_FACILITY_LOCAL5 }, - { "LOCAL6", SYSLOG_FACILITY_LOCAL6 }, - { "LOCAL7", SYSLOG_FACILITY_LOCAL7 }, - { NULL, 0 } -}; - -/* Returns the number of the token pointed to by cp of length len. - Never returns if the token is not known. */ + unsigned int i; -static ServerOpCodes parse_token(const char *cp, const char *filename, - int linenum) -{ - unsigned int i; - - for (i = 0; keywords[i].name; i++) - if (strcmp(cp, keywords[i].name) == 0) - return keywords[i].opcode; - - fprintf(stderr, "%s line %d: Bad configuration option: %s\n", - filename, linenum, cp); - exit(1); + for (i = 0; keywords[i].name; i++) + if (strcasecmp(cp, keywords[i].name) == 0) + return keywords[i].opcode; + + fprintf(stderr, "%s: line %d: Bad configuration option: %s\n", + filename, linenum, cp); + return sBadOption; } /* Reads the server configuration file. */ -void read_server_config(ServerOptions *options, const char *filename) +void +read_server_config(ServerOptions *options, const char *filename) { - FILE *f; - char line[1024]; - char *cp, **charptr; - int linenum, *intptr, i, value; - ServerOpCodes opcode; - - f = fopen(filename, "r"); - if (!f) - { - perror(filename); - exit(1); - } - - linenum = 0; - while (fgets(line, sizeof(line), f)) - { - linenum++; - cp = line + strspn(line, WHITESPACE); - if (!*cp || *cp == '#') - continue; - cp = strtok(cp, WHITESPACE); - { - char *t = cp; - for (; *t != 0; t++) - if ('A' <= *t && *t <= 'Z') - *t = *t - 'A' + 'a'; /* tolower */ - - } - opcode = parse_token(cp, filename, linenum); - switch (opcode) - { - case sPort: - intptr = &options->port; - parse_int: - cp = strtok(NULL, WHITESPACE); - if (!cp) - { - fprintf(stderr, "%s line %d: missing integer value.\n", - filename, linenum); - exit(1); - } - value = atoi(cp); - if (*intptr == -1) - *intptr = value; - break; - - case sServerKeyBits: - intptr = &options->server_key_bits; - goto parse_int; - - case sLoginGraceTime: - intptr = &options->login_grace_time; - goto parse_int; - - case sKeyRegenerationTime: - intptr = &options->key_regeneration_time; - goto parse_int; - - case sListenAddress: - cp = strtok(NULL, WHITESPACE); - if (!cp) - { - fprintf(stderr, "%s line %d: missing inet addr.\n", - filename, linenum); - exit(1); - } - options->listen_addr.s_addr = inet_addr(cp); - break; - - case sHostKeyFile: - charptr = &options->host_key_file; - cp = strtok(NULL, WHITESPACE); - if (!cp) - { - fprintf(stderr, "%s line %d: missing file name.\n", - filename, linenum); - exit(1); - } - if (*charptr == NULL) - *charptr = tilde_expand_filename(cp, getuid()); - break; - - case sRandomSeedFile: - fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n", - filename, linenum); - cp = strtok(NULL, WHITESPACE); - break; - - case sPermitRootLogin: - intptr = &options->permit_root_login; - cp = strtok(NULL, WHITESPACE); - if (!cp) - { - fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n", - filename, linenum); - exit(1); - } - if (strcmp(cp, "without-password") == 0) - value = 2; - else if (strcmp(cp, "yes") == 0) - value = 1; - else if (strcmp(cp, "no") == 0) - value = 0; - else - { - fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n", - filename, linenum, cp); - exit(1); - } - if (*intptr == -1) - *intptr = value; - break; - - case sIgnoreRhosts: - intptr = &options->ignore_rhosts; - parse_flag: - cp = strtok(NULL, WHITESPACE); - if (!cp) - { - fprintf(stderr, "%s line %d: missing yes/no argument.\n", - filename, linenum); - exit(1); - } - if (strcmp(cp, "yes") == 0) - value = 1; - else - if (strcmp(cp, "no") == 0) - value = 0; - else - { - fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n", - filename, linenum, cp); + FILE *f; + char line[1024]; + char *cp, **charptr; + int linenum, *intptr, value; + int bad_options = 0; + ServerOpCodes opcode; + + f = fopen(filename, "r"); + if (!f) { + perror(filename); exit(1); - } - if (*intptr == -1) - *intptr = value; - break; - - case sQuietMode: - intptr = &options->quiet_mode; - goto parse_flag; - - case sFascistLogging: - intptr = &options->fascist_logging; - goto parse_flag; - - case sRhostsAuthentication: - intptr = &options->rhosts_authentication; - goto parse_flag; - - case sRhostsRSAAuthentication: - intptr = &options->rhosts_rsa_authentication; - goto parse_flag; - - case sRSAAuthentication: - intptr = &options->rsa_authentication; - goto parse_flag; - + } + linenum = 0; + while (fgets(line, sizeof(line), f)) { + linenum++; + cp = line + strspn(line, WHITESPACE); + if (!*cp || *cp == '#') + continue; + cp = strtok(cp, WHITESPACE); + opcode = parse_token(cp, filename, linenum); + switch (opcode) { + case sBadOption: + bad_options++; + continue; + case sPort: + intptr = &options->port; +parse_int: + cp = strtok(NULL, WHITESPACE); + if (!cp) { + fprintf(stderr, "%s line %d: missing integer value.\n", + filename, linenum); + exit(1); + } + value = atoi(cp); + if (*intptr == -1) + *intptr = value; + break; + + case sServerKeyBits: + intptr = &options->server_key_bits; + goto parse_int; + + case sLoginGraceTime: + intptr = &options->login_grace_time; + goto parse_int; + + case sKeyRegenerationTime: + intptr = &options->key_regeneration_time; + goto parse_int; + + case sListenAddress: + cp = strtok(NULL, WHITESPACE); + if (!cp) { + fprintf(stderr, "%s line %d: missing inet addr.\n", + filename, linenum); + exit(1); + } + options->listen_addr.s_addr = inet_addr(cp); + break; + + case sHostKeyFile: + charptr = &options->host_key_file; + cp = strtok(NULL, WHITESPACE); + if (!cp) { + fprintf(stderr, "%s line %d: missing file name.\n", + filename, linenum); + exit(1); + } + if (*charptr == NULL) + *charptr = tilde_expand_filename(cp, getuid()); + break; + + case sRandomSeedFile: + fprintf(stderr, "%s line %d: \"randomseed\" option is obsolete.\n", + filename, linenum); + cp = strtok(NULL, WHITESPACE); + break; + + case sPermitRootLogin: + intptr = &options->permit_root_login; + cp = strtok(NULL, WHITESPACE); + if (!cp) { + fprintf(stderr, "%s line %d: missing yes/without-password/no argument.\n", + filename, linenum); + exit(1); + } + if (strcmp(cp, "without-password") == 0) + value = 2; + else if (strcmp(cp, "yes") == 0) + value = 1; + else if (strcmp(cp, "no") == 0) + value = 0; + else { + fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n", + filename, linenum, cp); + exit(1); + } + if (*intptr == -1) + *intptr = value; + break; + + case sIgnoreRhosts: + intptr = &options->ignore_rhosts; +parse_flag: + cp = strtok(NULL, WHITESPACE); + if (!cp) { + fprintf(stderr, "%s line %d: missing yes/no argument.\n", + filename, linenum); + exit(1); + } + if (strcmp(cp, "yes") == 0) + value = 1; + else if (strcmp(cp, "no") == 0) + value = 0; + else { + fprintf(stderr, "%s line %d: Bad yes/no argument: %s\n", + filename, linenum, cp); + exit(1); + } + if (*intptr == -1) + *intptr = value; + break; + + case sIgnoreUserKnownHosts: + intptr = &options->ignore_user_known_hosts; + goto parse_int; + + case sRhostsAuthentication: + intptr = &options->rhosts_authentication; + goto parse_flag; + + case sRhostsRSAAuthentication: + intptr = &options->rhosts_rsa_authentication; + goto parse_flag; + + case sRSAAuthentication: + intptr = &options->rsa_authentication; + goto parse_flag; + #ifdef KRB4 - case sKerberosAuthentication: - intptr = &options->kerberos_authentication; - goto parse_flag; - - case sKerberosOrLocalPasswd: - intptr = &options->kerberos_or_local_passwd; - goto parse_flag; - - case sKerberosTicketCleanup: - intptr = &options->kerberos_ticket_cleanup; - goto parse_flag; + case sKerberosAuthentication: + intptr = &options->kerberos_authentication; + goto parse_flag; + + case sKerberosOrLocalPasswd: + intptr = &options->kerberos_or_local_passwd; + goto parse_flag; + + case sKerberosTicketCleanup: + intptr = &options->kerberos_ticket_cleanup; + goto parse_flag; #endif - + #ifdef AFS - case sKerberosTgtPassing: - intptr = &options->kerberos_tgt_passing; - goto parse_flag; - - case sAFSTokenPassing: - intptr = &options->afs_token_passing; - goto parse_flag; -#endif - - case sPasswordAuthentication: - intptr = &options->password_authentication; - goto parse_flag; - - case sCheckMail: - intptr = &options->check_mail; - goto parse_flag; + case sKerberosTgtPassing: + intptr = &options->kerberos_tgt_passing; + goto parse_flag; + + case sAFSTokenPassing: + intptr = &options->afs_token_passing; + goto parse_flag; +#endif + + case sPasswordAuthentication: + intptr = &options->password_authentication; + goto parse_flag; + + case sCheckMail: + intptr = &options->check_mail; + goto parse_flag; #ifdef SKEY - case sSkeyAuthentication: - intptr = &options->skey_authentication; - goto parse_flag; -#endif - - case sPrintMotd: - intptr = &options->print_motd; - goto parse_flag; - - case sX11Forwarding: - intptr = &options->x11_forwarding; - goto parse_flag; - - case sX11DisplayOffset: - intptr = &options->x11_display_offset; - goto parse_int; - - case sStrictModes: - intptr = &options->strict_modes; - goto parse_flag; - - case sKeepAlives: - intptr = &options->keepalives; - goto parse_flag; - - case sEmptyPasswd: - intptr = &options->permit_empty_passwd; - goto parse_flag; - - case sUseLogin: - intptr = &options->use_login; - goto parse_flag; - - case sLogFacility: - cp = strtok(NULL, WHITESPACE); - if (!cp) - { - fprintf(stderr, "%s line %d: missing facility name.\n", - filename, linenum); - exit(1); - } - for (i = 0; log_facilities[i].name; i++) - if (strcmp(log_facilities[i].name, cp) == 0) - break; - if (!log_facilities[i].name) - { - fprintf(stderr, "%s line %d: unsupported log facility %s\n", - filename, linenum, cp); - exit(1); - } - if (options->log_facility == (SyslogFacility)(-1)) - options->log_facility = log_facilities[i].facility; - break; - - case sAllowUsers: - while ((cp = strtok(NULL, WHITESPACE))) - { - if (options->num_allow_users >= MAX_ALLOW_USERS) - { - fprintf(stderr, "%s line %d: too many allow users.\n", - filename, linenum); - exit(1); - } - options->allow_users[options->num_allow_users++] = xstrdup(cp); - } - break; - - case sDenyUsers: - while ((cp = strtok(NULL, WHITESPACE))) - { - if (options->num_deny_users >= MAX_DENY_USERS) - { - fprintf(stderr, "%s line %d: too many deny users.\n", - filename, linenum); - exit(1); + case sSkeyAuthentication: + intptr = &options->skey_authentication; + goto parse_flag; +#endif + + case sPrintMotd: + intptr = &options->print_motd; + goto parse_flag; + + case sX11Forwarding: + intptr = &options->x11_forwarding; + goto parse_flag; + + case sX11DisplayOffset: + intptr = &options->x11_display_offset; + goto parse_int; + + case sStrictModes: + intptr = &options->strict_modes; + goto parse_flag; + + case sKeepAlives: + intptr = &options->keepalives; + goto parse_flag; + + case sEmptyPasswd: + intptr = &options->permit_empty_passwd; + goto parse_flag; + + case sUseLogin: + intptr = &options->use_login; + goto parse_flag; + + case sLogFacility: + intptr = (int *) &options->log_facility; + cp = strtok(NULL, WHITESPACE); + value = log_facility_number(cp); + if (value == (SyslogFacility) - 1) + fatal("%.200s line %d: unsupported log facility '%s'\n", + filename, linenum, cp ? cp : ""); + if (*intptr == -1) + *intptr = (SyslogFacility) value; + break; + + case sLogLevel: + intptr = (int *) &options->log_level; + cp = strtok(NULL, WHITESPACE); + value = log_level_number(cp); + if (value == (LogLevel) - 1) + fatal("%.200s line %d: unsupported log level '%s'\n", + filename, linenum, cp ? cp : ""); + if (*intptr == -1) + *intptr = (LogLevel) value; + break; + + case sAllowUsers: + while ((cp = strtok(NULL, WHITESPACE))) { + if (options->num_allow_users >= MAX_ALLOW_USERS) { + fprintf(stderr, "%s line %d: too many allow users.\n", + filename, linenum); + exit(1); + } + options->allow_users[options->num_allow_users++] = xstrdup(cp); + } + break; + + case sDenyUsers: + while ((cp = strtok(NULL, WHITESPACE))) { + if (options->num_deny_users >= MAX_DENY_USERS) { + fprintf(stderr, "%s line %d: too many deny users.\n", + filename, linenum); + exit(1); + } + options->deny_users[options->num_deny_users++] = xstrdup(cp); + } + break; + + case sAllowGroups: + while ((cp = strtok(NULL, WHITESPACE))) { + if (options->num_allow_groups >= MAX_ALLOW_GROUPS) { + fprintf(stderr, "%s line %d: too many allow groups.\n", + filename, linenum); + exit(1); + } + options->allow_groups[options->num_allow_groups++] = xstrdup(cp); + } + break; + + case sDenyGroups: + while ((cp = strtok(NULL, WHITESPACE))) { + if (options->num_deny_groups >= MAX_DENY_GROUPS) { + fprintf(stderr, "%s line %d: too many deny groups.\n", + filename, linenum); + exit(1); + } + options->deny_groups[options->num_deny_groups++] = xstrdup(cp); + } + break; + + default: + fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n", + filename, linenum, cp, opcode); + exit(1); } - options->deny_users[options->num_deny_users++] = xstrdup(cp); - } - break; - - case sAllowGroups: - while ((cp = strtok(NULL, WHITESPACE))) - { - if (options->num_allow_groups >= MAX_ALLOW_GROUPS) - { - fprintf(stderr, "%s line %d: too many allow groups.\n", - filename, linenum); - exit(1); + if (strtok(NULL, WHITESPACE) != NULL) { + fprintf(stderr, "%s line %d: garbage at end of line.\n", + filename, linenum); + exit(1); } - options->allow_groups[options->num_allow_groups++] = xstrdup(cp); - } - break; - - case sDenyGroups: - while ((cp = strtok(NULL, WHITESPACE))) - { - if (options->num_deny_groups >= MAX_DENY_GROUPS) - { - fprintf(stderr, "%s line %d: too many deny groups.\n", - filename, linenum); - exit(1); - } - options->deny_groups[options->num_deny_groups++] = xstrdup(cp); - } - break; - - default: - fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n", - filename, linenum, cp, opcode); - exit(1); } - if (strtok(NULL, WHITESPACE) != NULL) - { - fprintf(stderr, "%s line %d: garbage at end of line.\n", - filename, linenum); - exit(1); + fclose(f); + if (bad_options > 0) { + fprintf(stderr, "%s: terminating, %d bad configuration options\n", + filename, bad_options); + exit(1); } - } - fclose(f); } Index: usr.bin/ssh/servconf.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/servconf.h,v retrieving revision 1.10 retrieving revision 1.14 diff -u -r1.10 -r1.14 --- usr.bin/ssh/servconf.h 1999/10/17 20:48:07 1.10 +++ usr.bin/ssh/servconf.h 1999/11/24 19:53:51 1.14 @@ -1,86 +1,102 @@ /* + * + * servconf.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Mon Aug 21 15:35:03 1995 ylo + * + * Definitions for server configuration data and for the functions reading it. + * + */ -servconf.h +/* RCSID("$Id: servconf.h,v 1.14 1999/11/24 19:53:51 markus Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Aug 21 15:35:03 1995 ylo - -Definitions for server configuration data and for the functions reading it. - -*/ - -/* RCSID("$Id: servconf.h,v 1.10 1999/10/17 20:48:07 dugsong Exp $"); */ - #ifndef SERVCONF_H #define SERVCONF_H -#define MAX_ALLOW_USERS 256 /* Max # users on allow list. */ -#define MAX_DENY_USERS 256 /* Max # users on deny list. */ -#define MAX_ALLOW_GROUPS 256 /* Max # groups on allow list. */ -#define MAX_DENY_GROUPS 256 /* Max # groups on deny list. */ - -typedef struct -{ - int port; /* Port number to listen on. */ - struct in_addr listen_addr; /* Address on which the server listens. */ - char *host_key_file; /* File containing host key. */ - int server_key_bits; /* Size of the server key. */ - int login_grace_time; /* Disconnect if no auth in this time (sec). */ - int key_regeneration_time; /* Server key lifetime (seconds). */ - int permit_root_login; /* If true, permit root login. */ - int ignore_rhosts; /* Ignore .rhosts and .shosts. */ - int quiet_mode; /* If true, don't log anything but fatals. */ - int fascist_logging; /* Perform very verbose logging. */ - int print_motd; /* If true, print /etc/motd. */ - int check_mail; /* If true, check for new mail. */ - int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ - int x11_display_offset; /* What DISPLAY number to start searching at */ - int strict_modes; /* If true, require string home dir modes. */ - int keepalives; /* If true, set SO_KEEPALIVE. */ - SyslogFacility log_facility; /* Facility for system logging. */ - int rhosts_authentication; /* If true, permit rhosts authentication. */ - int rhosts_rsa_authentication;/* If true, permit rhosts RSA authentication.*/ - int rsa_authentication; /* If true, permit RSA authentication. */ +#define MAX_ALLOW_USERS 256 /* Max # users on allow list. */ +#define MAX_DENY_USERS 256 /* Max # users on deny list. */ +#define MAX_ALLOW_GROUPS 256 /* Max # groups on allow list. */ +#define MAX_DENY_GROUPS 256 /* Max # groups on deny list. */ + +typedef struct { + int port; /* Port number to listen on. */ + struct in_addr listen_addr; /* Address on which the server + * listens. */ + char *host_key_file; /* File containing host key. */ + int server_key_bits;/* Size of the server key. */ + int login_grace_time; /* Disconnect if no auth in this time + * (sec). */ + int key_regeneration_time; /* Server key lifetime (seconds). */ + int permit_root_login; /* If true, permit root login. */ + int ignore_rhosts; /* Ignore .rhosts and .shosts. */ + int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts + * for RhostsRsaAuth */ + int print_motd; /* If true, print /etc/motd. */ + int check_mail; /* If true, check for new mail. */ + int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ + int x11_display_offset; /* What DISPLAY number to start + * searching at */ + int strict_modes; /* If true, require string home dir modes. */ + int keepalives; /* If true, set SO_KEEPALIVE. */ + SyslogFacility log_facility; /* Facility for system logging. */ + LogLevel log_level; /* Level for system logging. */ + int rhosts_authentication; /* If true, permit rhosts + * authentication. */ + int rhosts_rsa_authentication; /* If true, permit rhosts RSA + * authentication. */ + int rsa_authentication; /* If true, permit RSA authentication. */ #ifdef KRB4 - int kerberos_authentication; /* If true, permit Kerberos authentication. */ - int kerberos_or_local_passwd; /* If true, permit kerberos and any other - password authentication mechanism, such - as SecurID or /etc/passwd */ - int kerberos_ticket_cleanup; /* If true, destroy ticket file on logout. */ + int kerberos_authentication; /* If true, permit Kerberos + * authentication. */ + int kerberos_or_local_passwd; /* If true, permit kerberos + * and any other password + * authentication mechanism, + * such as SecurID or + * /etc/passwd */ + int kerberos_ticket_cleanup; /* If true, destroy ticket + * file on logout. */ #endif #ifdef AFS - int kerberos_tgt_passing; /* If true, permit Kerberos tgt passing. */ - int afs_token_passing; /* If true, permit AFS token passing. */ + int kerberos_tgt_passing; /* If true, permit Kerberos tgt + * passing. */ + int afs_token_passing; /* If true, permit AFS token passing. */ #endif - int password_authentication; /* If true, permit password authentication. */ + int password_authentication; /* If true, permit password + * authentication. */ #ifdef SKEY - int skey_authentication; /* If true, permit s/key authentication. */ + int skey_authentication; /* If true, permit s/key + * authentication. */ #endif - int permit_empty_passwd; /* If false, do not permit empty passwords. */ - int use_login; /* If true, login(1) is used */ - unsigned int num_allow_users; - char *allow_users[MAX_ALLOW_USERS]; - unsigned int num_deny_users; - char *deny_users[MAX_DENY_USERS]; - unsigned int num_allow_groups; - char *allow_groups[MAX_ALLOW_GROUPS]; - unsigned int num_deny_groups; - char *deny_groups[MAX_DENY_GROUPS]; -} ServerOptions; - -/* Initializes the server options to special values that indicate that they - have not yet been set. */ -void initialize_server_options(ServerOptions *options); - -/* Reads the server configuration file. This only sets the values for those - options that have the special value indicating they have not been set. */ -void read_server_config(ServerOptions *options, const char *filename); + int permit_empty_passwd; /* If false, do not permit empty + * passwords. */ + int use_login; /* If true, login(1) is used */ + unsigned int num_allow_users; + char *allow_users[MAX_ALLOW_USERS]; + unsigned int num_deny_users; + char *deny_users[MAX_DENY_USERS]; + unsigned int num_allow_groups; + char *allow_groups[MAX_ALLOW_GROUPS]; + unsigned int num_deny_groups; + char *deny_groups[MAX_DENY_GROUPS]; +} ServerOptions; +/* + * Initializes the server options to special values that indicate that they + * have not yet been set. + */ +void initialize_server_options(ServerOptions * options); + +/* + * Reads the server configuration file. This only sets the values for those + * options that have the special value indicating they have not been set. + */ +void read_server_config(ServerOptions * options, const char *filename); /* Sets values for those values that have not yet been set. */ -void fill_default_server_options(ServerOptions *options); +void fill_default_server_options(ServerOptions * options); -#endif /* SERVCONF_H */ +#endif /* SERVCONF_H */ Index: usr.bin/ssh/server_config.sample =================================================================== RCS file: server_config.sample diff -N server_config.sample --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvstwLnx31367 Wed Dec 8 12:42:09 1999 @@ -0,0 +1,38 @@ +# This is ssh server systemwide configuration file. + +Port 22 +ListenAddress 0.0.0.0 +HostKey _ETCDIR_/ssh_host_key +RandomSeed _ETCDIR_/ssh_random_seed +ServerKeyBits 768 +LoginGraceTime 600 +KeyRegenerationInterval 3600 +PermitRootLogin yes +# +# Don't read ~/.rhosts and ~/.shosts files +IgnoreRhosts yes +StrictModes yes +QuietMode no +X11Forwarding yes +FascistLogging no +PrintMotd yes +KeepAlive yes +SyslogFacility DAEMON +RhostsAuthentication no +# +# For this to work you will also need host keys in _ETCDIR_/ssh_known_hosts +RhostsRSAAuthentication yes +# +# Changed RSAAuthentication to no/bg +RSAAuthentication no +# +# To enable tunneled clear text passwords, change to yes here! +PasswordAuthentication no +PermitEmptyPasswords no +#KerberosOrLocalPasswd yes + +# Kerberos TGT Passing does only work with the AFS kaserver +#KerberosTgtPassing yes + +# AllowHosts *.our.com friend.other.com +# DenyHosts lowsecurity.theirs.com *.evil.org evil.org Index: usr.bin/ssh/serverloop.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/serverloop.c,v retrieving revision 1.6 retrieving revision 1.14 diff -u -r1.6 -r1.14 --- usr.bin/ssh/serverloop.c 1999/10/04 21:54:40 1.6 +++ usr.bin/ssh/serverloop.c 1999/12/06 20:15:28 1.14 @@ -1,18 +1,11 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Sun Sep 10 00:30:37 1995 ylo + * Server main loop for handling the interactive session. + */ -serverloop.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sun Sep 10 00:30:37 1995 ylo - -Server main loop for handling the interactive session. - -*/ - #include "includes.h" #include "xmalloc.h" #include "ssh.h" @@ -40,605 +33,619 @@ static unsigned int buffer_high;/* "Soft" max buffer size. */ static int max_fd; /* Max file descriptor number for select(). */ -/* This SIGCHLD kludge is used to detect when the child exits. The server - will exit after that, as soon as forwarded connections have terminated. */ +/* + * This SIGCHLD kludge is used to detect when the child exits. The server + * will exit after that, as soon as forwarded connections have terminated. + */ -static int child_pid; /* Pid of the child. */ +static int child_pid; /* Pid of the child. */ static volatile int child_terminated; /* The child has terminated. */ static volatile int child_wait_status; /* Status from wait(). */ -void sigchld_handler(int sig) +void +sigchld_handler(int sig) { - int save_errno = errno; - int wait_pid; - debug("Received SIGCHLD."); - wait_pid = wait((int *)&child_wait_status); - if (wait_pid != -1) - { - if (wait_pid != child_pid) - error("Strange, got SIGCHLD and wait returned pid %d but child is %d", - wait_pid, child_pid); - if (WIFEXITED(child_wait_status) || - WIFSIGNALED(child_wait_status)) - child_terminated = 1; - } - signal(SIGCHLD, sigchld_handler); - errno = save_errno; + int save_errno = errno; + int wait_pid; + debug("Received SIGCHLD."); + wait_pid = wait((int *) &child_wait_status); + if (wait_pid != -1) { + if (wait_pid != child_pid) + error("Strange, got SIGCHLD and wait returned pid %d but child is %d", + wait_pid, child_pid); + if (WIFEXITED(child_wait_status) || + WIFSIGNALED(child_wait_status)) + child_terminated = 1; + } + signal(SIGCHLD, sigchld_handler); + errno = save_errno; } - -/* Process any buffered packets that have been received from the client. */ -void process_buffered_input_packets() +/* + * Process any buffered packets that have been received from the client. + */ +void +process_buffered_input_packets() { - int type; - char *data; - unsigned int data_len; - int row, col, xpixel, ypixel; - int payload_len; - - /* Process buffered packets from the client. */ - while ((type = packet_read_poll(&payload_len)) != SSH_MSG_NONE) - { - switch (type) - { - case SSH_CMSG_STDIN_DATA: - /* Stdin data from the client. Append it to the buffer. */ - if (fdin == -1) - break; /* Ignore any data if the client has closed stdin. */ - data = packet_get_string(&data_len); - packet_integrity_check(payload_len, (4 + data_len), type); - buffer_append(&stdin_buffer, data, data_len); - memset(data, 0, data_len); - xfree(data); - break; - - case SSH_CMSG_EOF: - /* Eof from the client. The stdin descriptor to the program - will be closed when all buffered data has drained. */ - debug("EOF received for stdin."); - packet_integrity_check(payload_len, 0, type); - stdin_eof = 1; - break; - - case SSH_CMSG_WINDOW_SIZE: - debug("Window change received."); - packet_integrity_check(payload_len, 4*4, type); - row = packet_get_int(); - col = packet_get_int(); - xpixel = packet_get_int(); - ypixel = packet_get_int(); - if (fdin != -1) - pty_change_window_size(fdin, row, col, xpixel, ypixel); - break; - - case SSH_MSG_PORT_OPEN: - debug("Received port open request."); - channel_input_port_open(payload_len); - break; - - case SSH_MSG_CHANNEL_OPEN_CONFIRMATION: - debug("Received channel open confirmation."); - packet_integrity_check(payload_len, 4 + 4, type); - channel_input_open_confirmation(); - break; - - case SSH_MSG_CHANNEL_OPEN_FAILURE: - debug("Received channel open failure."); - packet_integrity_check(payload_len, 4, type); - channel_input_open_failure(); - break; - - case SSH_MSG_CHANNEL_DATA: - channel_input_data(payload_len); - break; - - case SSH_MSG_CHANNEL_CLOSE: - debug("Received channel close."); - packet_integrity_check(payload_len, 4, type); - channel_input_close(); - break; - - case SSH_MSG_CHANNEL_CLOSE_CONFIRMATION: - debug("Received channel close confirmation."); - packet_integrity_check(payload_len, 4, type); - channel_input_close_confirmation(); - break; - - default: - /* In this phase, any unexpected messages cause a protocol - error. This is to ease debugging; also, since no - confirmations are sent messages, unprocessed unknown - messages could cause strange problems. Any compatible - protocol extensions must be negotiated before entering the - interactive session. */ - packet_disconnect("Protocol error during session: type %d", - type); + int type; + char *data; + unsigned int data_len; + int row, col, xpixel, ypixel; + int payload_len; + + /* Process buffered packets from the client. */ + while ((type = packet_read_poll(&payload_len)) != SSH_MSG_NONE) { + switch (type) { + case SSH_CMSG_STDIN_DATA: + /* Stdin data from the client. Append it to the buffer. */ + /* Ignore any data if the client has closed stdin. */ + if (fdin == -1) + break; + data = packet_get_string(&data_len); + packet_integrity_check(payload_len, (4 + data_len), type); + buffer_append(&stdin_buffer, data, data_len); + memset(data, 0, data_len); + xfree(data); + break; + + case SSH_CMSG_EOF: + /* + * Eof from the client. The stdin descriptor to the + * program will be closed when all buffered data has + * drained. + */ + debug("EOF received for stdin."); + packet_integrity_check(payload_len, 0, type); + stdin_eof = 1; + break; + + case SSH_CMSG_WINDOW_SIZE: + debug("Window change received."); + packet_integrity_check(payload_len, 4 * 4, type); + row = packet_get_int(); + col = packet_get_int(); + xpixel = packet_get_int(); + ypixel = packet_get_int(); + if (fdin != -1) + pty_change_window_size(fdin, row, col, xpixel, ypixel); + break; + + case SSH_MSG_PORT_OPEN: + debug("Received port open request."); + channel_input_port_open(payload_len); + break; + + case SSH_MSG_CHANNEL_OPEN_CONFIRMATION: + debug("Received channel open confirmation."); + packet_integrity_check(payload_len, 4 + 4, type); + channel_input_open_confirmation(); + break; + + case SSH_MSG_CHANNEL_OPEN_FAILURE: + debug("Received channel open failure."); + packet_integrity_check(payload_len, 4, type); + channel_input_open_failure(); + break; + + case SSH_MSG_CHANNEL_DATA: + channel_input_data(payload_len); + break; + + case SSH_MSG_CHANNEL_CLOSE: + debug("Received channel close."); + packet_integrity_check(payload_len, 4, type); + channel_input_close(); + break; + + case SSH_MSG_CHANNEL_CLOSE_CONFIRMATION: + debug("Received channel close confirmation."); + packet_integrity_check(payload_len, 4, type); + channel_input_close_confirmation(); + break; + + default: + /* + * In this phase, any unexpected messages cause a + * protocol error. This is to ease debugging; also, + * since no confirmations are sent messages, + * unprocessed unknown messages could cause strange + * problems. Any compatible protocol extensions must + * be negotiated before entering the interactive + * session. + */ + packet_disconnect("Protocol error during session: type %d", + type); + } } - } } -/* Make packets from buffered stderr data, and buffer it for sending - to the client. */ - -void make_packets_from_stderr_data() +/* + * Make packets from buffered stderr data, and buffer it for sending + * to the client. + */ +void +make_packets_from_stderr_data() { - int len; + int len; - /* Send buffered stderr data to the client. */ - while (buffer_len(&stderr_buffer) > 0 && - packet_not_very_much_data_to_write()) - { - len = buffer_len(&stderr_buffer); - if (packet_is_interactive()) - { - if (len > 512) - len = 512; - } - else - { - if (len > 32768) - len = 32768; /* Keep the packets at reasonable size. */ - } - packet_start(SSH_SMSG_STDERR_DATA); - packet_put_string(buffer_ptr(&stderr_buffer), len); - packet_send(); - buffer_consume(&stderr_buffer, len); - stderr_bytes += len; - } + /* Send buffered stderr data to the client. */ + while (buffer_len(&stderr_buffer) > 0 && + packet_not_very_much_data_to_write()) { + len = buffer_len(&stderr_buffer); + if (packet_is_interactive()) { + if (len > 512) + len = 512; + } else { + /* Keep the packets at reasonable size. */ + if (len > packet_get_maxsize()) + len = packet_get_maxsize(); + } + packet_start(SSH_SMSG_STDERR_DATA); + packet_put_string(buffer_ptr(&stderr_buffer), len); + packet_send(); + buffer_consume(&stderr_buffer, len); + stderr_bytes += len; + } } -/* Make packets from buffered stdout data, and buffer it for sending to the - client. */ - -void make_packets_from_stdout_data() +/* + * Make packets from buffered stdout data, and buffer it for sending to the + * client. + */ +void +make_packets_from_stdout_data() { - int len; + int len; - /* Send buffered stdout data to the client. */ - while (buffer_len(&stdout_buffer) > 0 && - packet_not_very_much_data_to_write()) - { - len = buffer_len(&stdout_buffer); - if (packet_is_interactive()) - { - if (len > 512) - len = 512; - } - else - { - if (len > 32768) - len = 32768; /* Keep the packets at reasonable size. */ - } - packet_start(SSH_SMSG_STDOUT_DATA); - packet_put_string(buffer_ptr(&stdout_buffer), len); - packet_send(); - buffer_consume(&stdout_buffer, len); - stdout_bytes += len; - } + /* Send buffered stdout data to the client. */ + while (buffer_len(&stdout_buffer) > 0 && + packet_not_very_much_data_to_write()) { + len = buffer_len(&stdout_buffer); + if (packet_is_interactive()) { + if (len > 512) + len = 512; + } else { + /* Keep the packets at reasonable size. */ + if (len > packet_get_maxsize()) + len = packet_get_maxsize(); + } + packet_start(SSH_SMSG_STDOUT_DATA); + packet_put_string(buffer_ptr(&stdout_buffer), len); + packet_send(); + buffer_consume(&stdout_buffer, len); + stdout_bytes += len; + } } -/* Sleep in select() until we can do something. This will initialize the - select masks. Upon return, the masks will indicate which descriptors - have data or can accept data. Optionally, a maximum time can be specified - for the duration of the wait (0 = infinite). */ - -void wait_until_can_do_something(fd_set *readset, fd_set *writeset, - unsigned int max_time_milliseconds) +/* + * Sleep in select() until we can do something. This will initialize the + * select masks. Upon return, the masks will indicate which descriptors + * have data or can accept data. Optionally, a maximum time can be specified + * for the duration of the wait (0 = infinite). + */ +void +wait_until_can_do_something(fd_set * readset, fd_set * writeset, + unsigned int max_time_milliseconds) { - struct timeval tv, *tvp; - int ret; + struct timeval tv, *tvp; + int ret; - /* When select fails we restart from here. */ + /* When select fails we restart from here. */ retry_select: - /* Initialize select() masks. */ - FD_ZERO(readset); - - /* Read packets from the client unless we have too much buffered stdin - or channel data. */ - if (buffer_len(&stdin_buffer) < 4096 && - channel_not_very_much_buffered_data()) - FD_SET(connection_in, readset); - - /* If there is not too much data already buffered going to the client, - try to get some more data from the program. */ - if (packet_not_very_much_data_to_write()) - { - if (!fdout_eof) - FD_SET(fdout, readset); - if (!fderr_eof) - FD_SET(fderr, readset); - } - - FD_ZERO(writeset); - - /* Set masks for channel descriptors. */ - channel_prepare_select(readset, writeset); - - /* If we have buffered packet data going to the client, mark that - descriptor. */ - if (packet_have_data_to_write()) - FD_SET(connection_out, writeset); - - /* If we have buffered data, try to write some of that data to the - program. */ - if (fdin != -1 && buffer_len(&stdin_buffer) > 0) - FD_SET(fdin, writeset); - - /* Update the maximum descriptor number if appropriate. */ - if (channel_max_fd() > max_fd) - max_fd = channel_max_fd(); - - /* If child has terminated, read as much as is available and then exit. */ - if (child_terminated) - if (max_time_milliseconds == 0) - max_time_milliseconds = 100; - - if (max_time_milliseconds == 0) - tvp = NULL; - else - { - tv.tv_sec = max_time_milliseconds / 1000; - tv.tv_usec = 1000 * (max_time_milliseconds % 1000); - tvp = &tv; - } - - /* Wait for something to happen, or the timeout to expire. */ - ret = select(max_fd + 1, readset, writeset, NULL, tvp); - - if (ret < 0) - { - if (errno != EINTR) - error("select: %.100s", strerror(errno)); - else - goto retry_select; - } -} + /* Initialize select() masks. */ + FD_ZERO(readset); -/* Processes input from the client and the program. Input data is stored - in buffers and processed later. */ + /* + * Read packets from the client unless we have too much buffered + * stdin or channel data. + */ + if (buffer_len(&stdin_buffer) < 4096 && + channel_not_very_much_buffered_data()) + FD_SET(connection_in, readset); + + /* + * If there is not too much data already buffered going to the + * client, try to get some more data from the program. + */ + if (packet_not_very_much_data_to_write()) { + if (!fdout_eof) + FD_SET(fdout, readset); + if (!fderr_eof) + FD_SET(fderr, readset); + } + FD_ZERO(writeset); + + /* Set masks for channel descriptors. */ + channel_prepare_select(readset, writeset); + + /* + * If we have buffered packet data going to the client, mark that + * descriptor. + */ + if (packet_have_data_to_write()) + FD_SET(connection_out, writeset); + + /* If we have buffered data, try to write some of that data to the + program. */ + if (fdin != -1 && buffer_len(&stdin_buffer) > 0) + FD_SET(fdin, writeset); + + /* Update the maximum descriptor number if appropriate. */ + if (channel_max_fd() > max_fd) + max_fd = channel_max_fd(); + + /* + * If child has terminated and there is enough buffer space to read + * from it, then read as much as is available and exit. + */ + if (child_terminated && packet_not_very_much_data_to_write()) + if (max_time_milliseconds == 0) + max_time_milliseconds = 100; + + if (max_time_milliseconds == 0) + tvp = NULL; + else { + tv.tv_sec = max_time_milliseconds / 1000; + tv.tv_usec = 1000 * (max_time_milliseconds % 1000); + tvp = &tv; + } + + /* Wait for something to happen, or the timeout to expire. */ + ret = select(max_fd + 1, readset, writeset, NULL, tvp); + + if (ret < 0) { + if (errno != EINTR) + error("select: %.100s", strerror(errno)); + else + goto retry_select; + } +} -void process_input(fd_set *readset) +/* + * Processes input from the client and the program. Input data is stored + * in buffers and processed later. + */ +void +process_input(fd_set * readset) { - int len; - char buf[16384]; + int len; + char buf[16384]; - /* Read and buffer any input data from the client. */ - if (FD_ISSET(connection_in, readset)) - { - len = read(connection_in, buf, sizeof(buf)); - if (len == 0) - fatal("Connection closed by remote host."); - - /* There is a kernel bug on Solaris that causes select to sometimes - wake up even though there is no data available. */ - if (len < 0 && errno == EAGAIN) - len = 0; - - if (len < 0) - fatal("Read error from remote host: %.100s", strerror(errno)); - - /* Buffer any received data. */ - packet_process_incoming(buf, len); - } - - /* Read and buffer any available stdout data from the program. */ - if (!fdout_eof && FD_ISSET(fdout, readset)) - { - len = read(fdout, buf, sizeof(buf)); - if (len <= 0) - fdout_eof = 1; - else - { - buffer_append(&stdout_buffer, buf, len); - fdout_bytes += len; - } - } - - /* Read and buffer any available stderr data from the program. */ - if (!fderr_eof && FD_ISSET(fderr, readset)) - { - len = read(fderr, buf, sizeof(buf)); - if (len <= 0) - fderr_eof = 1; - else - buffer_append(&stderr_buffer, buf, len); - } + /* Read and buffer any input data from the client. */ + if (FD_ISSET(connection_in, readset)) { + len = read(connection_in, buf, sizeof(buf)); + if (len == 0) { + verbose("Connection closed by remote host."); + fatal_cleanup(); + } + /* + * There is a kernel bug on Solaris that causes select to + * sometimes wake up even though there is no data available. + */ + if (len < 0 && errno == EAGAIN) + len = 0; + + if (len < 0) { + verbose("Read error from remote host: %.100s", strerror(errno)); + fatal_cleanup(); + } + /* Buffer any received data. */ + packet_process_incoming(buf, len); + } + /* Read and buffer any available stdout data from the program. */ + if (!fdout_eof && FD_ISSET(fdout, readset)) { + len = read(fdout, buf, sizeof(buf)); + if (len <= 0) + fdout_eof = 1; + else { + buffer_append(&stdout_buffer, buf, len); + fdout_bytes += len; + } + } + /* Read and buffer any available stderr data from the program. */ + if (!fderr_eof && FD_ISSET(fderr, readset)) { + len = read(fderr, buf, sizeof(buf)); + if (len <= 0) + fderr_eof = 1; + else + buffer_append(&stderr_buffer, buf, len); + } } -/* Sends data from internal buffers to client program stdin. */ - -void process_output(fd_set *writeset) +/* + * Sends data from internal buffers to client program stdin. + */ +void +process_output(fd_set * writeset) { - int len; + int len; - /* Write buffered data to program stdin. */ - if (fdin != -1 && FD_ISSET(fdin, writeset)) - { - len = write(fdin, buffer_ptr(&stdin_buffer), - buffer_len(&stdin_buffer)); - if (len <= 0) - { + /* Write buffered data to program stdin. */ + if (fdin != -1 && FD_ISSET(fdin, writeset)) { + len = write(fdin, buffer_ptr(&stdin_buffer), + buffer_len(&stdin_buffer)); + if (len <= 0) { #ifdef USE_PIPES - close(fdin); + close(fdin); #else - if (fdout == -1) - close(fdin); - else - shutdown(fdin, SHUT_WR); /* We will no longer send. */ + if (fdout == -1) + close(fdin); + else + shutdown(fdin, SHUT_WR); /* We will no longer send. */ #endif - fdin = -1; - } - else - { - /* Successful write. Consume the data from the buffer. */ - buffer_consume(&stdin_buffer, len); - /* Update the count of bytes written to the program. */ - stdin_bytes += len; - } - } - - /* Send any buffered packet data to the client. */ - if (FD_ISSET(connection_out, writeset)) - packet_write_poll(); + fdin = -1; + } else { + /* Successful write. Consume the data from the buffer. */ + buffer_consume(&stdin_buffer, len); + /* Update the count of bytes written to the program. */ + stdin_bytes += len; + } + } + /* Send any buffered packet data to the client. */ + if (FD_ISSET(connection_out, writeset)) + packet_write_poll(); } -/* Wait until all buffered output has been sent to the client. - This is used when the program terminates. */ - -void drain_output() +/* + * Wait until all buffered output has been sent to the client. + * This is used when the program terminates. + */ +void +drain_output() { - /* Send any buffered stdout data to the client. */ - if (buffer_len(&stdout_buffer) > 0) - { - packet_start(SSH_SMSG_STDOUT_DATA); - packet_put_string(buffer_ptr(&stdout_buffer), - buffer_len(&stdout_buffer)); - packet_send(); - /* Update the count of sent bytes. */ - stdout_bytes += buffer_len(&stdout_buffer); - } - - /* Send any buffered stderr data to the client. */ - if (buffer_len(&stderr_buffer) > 0) - { - packet_start(SSH_SMSG_STDERR_DATA); - packet_put_string(buffer_ptr(&stderr_buffer), - buffer_len(&stderr_buffer)); - packet_send(); - /* Update the count of sent bytes. */ - stderr_bytes += buffer_len(&stderr_buffer); - } - - /* Wait until all buffered data has been written to the client. */ - packet_write_wait(); + /* Send any buffered stdout data to the client. */ + if (buffer_len(&stdout_buffer) > 0) { + packet_start(SSH_SMSG_STDOUT_DATA); + packet_put_string(buffer_ptr(&stdout_buffer), + buffer_len(&stdout_buffer)); + packet_send(); + /* Update the count of sent bytes. */ + stdout_bytes += buffer_len(&stdout_buffer); + } + /* Send any buffered stderr data to the client. */ + if (buffer_len(&stderr_buffer) > 0) { + packet_start(SSH_SMSG_STDERR_DATA); + packet_put_string(buffer_ptr(&stderr_buffer), + buffer_len(&stderr_buffer)); + packet_send(); + /* Update the count of sent bytes. */ + stderr_bytes += buffer_len(&stderr_buffer); + } + /* Wait until all buffered data has been written to the client. */ + packet_write_wait(); } -/* Performs the interactive session. This handles data transmission between - the client and the program. Note that the notion of stdin, stdout, and - stderr in this function is sort of reversed: this function writes to - stdin (of the child program), and reads from stdout and stderr (of the - child program). */ - -void server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg) +/* + * Performs the interactive session. This handles data transmission between + * the client and the program. Note that the notion of stdin, stdout, and + * stderr in this function is sort of reversed: this function writes to + * stdin (of the child program), and reads from stdout and stderr (of the + * child program). + */ +void +server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg) { - int wait_status, wait_pid; /* Status and pid returned by wait(). */ - int waiting_termination = 0; /* Have displayed waiting close message. */ - unsigned int max_time_milliseconds; - unsigned int previous_stdout_buffer_bytes; - unsigned int stdout_buffer_bytes; - int type; - - debug("Entering interactive session."); - - /* Initialize the SIGCHLD kludge. */ - child_pid = pid; - child_terminated = 0; - signal(SIGCHLD, sigchld_handler); - - /* Initialize our global variables. */ - fdin = fdin_arg; - fdout = fdout_arg; - fderr = fderr_arg; - connection_in = packet_get_connection_in(); - connection_out = packet_get_connection_out(); - - previous_stdout_buffer_bytes = 0; - - /* Set approximate I/O buffer size. */ - if (packet_is_interactive()) - buffer_high = 4096; - else - buffer_high = 64 * 1024; - - /* Initialize max_fd to the maximum of the known file descriptors. */ - max_fd = fdin; - if (fdout > max_fd) - max_fd = fdout; - if (fderr != -1 && fderr > max_fd) - max_fd = fderr; - if (connection_in > max_fd) - max_fd = connection_in; - if (connection_out > max_fd) - max_fd = connection_out; - - /* Initialize Initialize buffers. */ - buffer_init(&stdin_buffer); - buffer_init(&stdout_buffer); - buffer_init(&stderr_buffer); - - /* If we have no separate fderr (which is the case when we have a pty - there - we cannot make difference between data sent to stdout and stderr), - indicate that we have seen an EOF from stderr. This way we don\'t - need to check the descriptor everywhere. */ - if (fderr == -1) - fderr_eof = 1; - - /* Main loop of the server for the interactive session mode. */ - for (;;) - { - fd_set readset, writeset; - - /* Process buffered packets from the client. */ - process_buffered_input_packets(); - - /* If we have received eof, and there is no more pending input data, - cause a real eof by closing fdin. */ - if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) - { + int wait_status, wait_pid; /* Status and pid returned by wait(). */ + int waiting_termination = 0; /* Have displayed waiting close message. */ + unsigned int max_time_milliseconds; + unsigned int previous_stdout_buffer_bytes; + unsigned int stdout_buffer_bytes; + int type; + + debug("Entering interactive session."); + + /* Initialize the SIGCHLD kludge. */ + child_pid = pid; + child_terminated = 0; + signal(SIGCHLD, sigchld_handler); + + /* Initialize our global variables. */ + fdin = fdin_arg; + fdout = fdout_arg; + fderr = fderr_arg; + connection_in = packet_get_connection_in(); + connection_out = packet_get_connection_out(); + + previous_stdout_buffer_bytes = 0; + + /* Set approximate I/O buffer size. */ + if (packet_is_interactive()) + buffer_high = 4096; + else + buffer_high = 64 * 1024; + + /* Initialize max_fd to the maximum of the known file descriptors. */ + max_fd = fdin; + if (fdout > max_fd) + max_fd = fdout; + if (fderr != -1 && fderr > max_fd) + max_fd = fderr; + if (connection_in > max_fd) + max_fd = connection_in; + if (connection_out > max_fd) + max_fd = connection_out; + + /* Initialize Initialize buffers. */ + buffer_init(&stdin_buffer); + buffer_init(&stdout_buffer); + buffer_init(&stderr_buffer); + + /* + * If we have no separate fderr (which is the case when we have a pty + * - there we cannot make difference between data sent to stdout and + * stderr), indicate that we have seen an EOF from stderr. This way + * we don\'t need to check the descriptor everywhere. + */ + if (fderr == -1) + fderr_eof = 1; + + /* Main loop of the server for the interactive session mode. */ + for (;;) { + fd_set readset, writeset; + + /* Process buffered packets from the client. */ + process_buffered_input_packets(); + + /* + * If we have received eof, and there is no more pending + * input data, cause a real eof by closing fdin. + */ + if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) { #ifdef USE_PIPES - close(fdin); + close(fdin); #else - if (fdout == -1) - close(fdin); - else - shutdown(fdin, SHUT_WR); /* We will no longer send. */ + if (fdout == -1) + close(fdin); + else + shutdown(fdin, SHUT_WR); /* We will no longer send. */ #endif - fdin = -1; - } - - /* Make packets from buffered stderr data to send to the client. */ - make_packets_from_stderr_data(); - - /* Make packets from buffered stdout data to send to the client. - If there is very little to send, this arranges to not send them - now, but to wait a short while to see if we are getting more data. - This is necessary, as some systems wake up readers from a pty after - each separate character. */ - max_time_milliseconds = 0; - stdout_buffer_bytes = buffer_len(&stdout_buffer); - if (stdout_buffer_bytes != 0 && stdout_buffer_bytes < 256 && - stdout_buffer_bytes != previous_stdout_buffer_bytes) - max_time_milliseconds = 10; /* try again after a while */ - else - make_packets_from_stdout_data(); /* Send it now. */ - previous_stdout_buffer_bytes = buffer_len(&stdout_buffer); - - /* Send channel data to the client. */ - if (packet_not_very_much_data_to_write()) - channel_output_poll(); - - /* Bail out of the loop if the program has closed its output descriptors, - and we have no more data to send to the client, and there is no - pending buffered data. */ - if (fdout_eof && fderr_eof && !packet_have_data_to_write() && - buffer_len(&stdout_buffer) == 0 && buffer_len(&stderr_buffer) == 0) - { - if (!channel_still_open()) - goto quit; - if (!waiting_termination) - { - const char *s = - "Waiting for forwarded connections to terminate...\r\n"; - char *cp; - waiting_termination = 1; - buffer_append(&stderr_buffer, s, strlen(s)); - - /* Display list of open channels. */ - cp = channel_open_message(); - buffer_append(&stderr_buffer, cp, strlen(cp)); - xfree(cp); - } - } - - /* Sleep in select() until we can do something. */ - wait_until_can_do_something(&readset, &writeset, - max_time_milliseconds); - - /* Process any channel events. */ - channel_after_select(&readset, &writeset); - - /* Process input from the client and from program stdout/stderr. */ - process_input(&readset); - - /* Process output to the client and to program stdin. */ - process_output(&writeset); - } - - quit: - /* Cleanup and termination code. */ - - /* Wait until all output has been sent to the client. */ - drain_output(); - - debug("End of interactive session; stdin %ld, stdout (read %ld, sent %ld), stderr %ld bytes.", - stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes); - - /* Free and clear the buffers. */ - buffer_free(&stdin_buffer); - buffer_free(&stdout_buffer); - buffer_free(&stderr_buffer); - - /* Close the file descriptors. */ - if (fdout != -1) - close(fdout); - fdout = -1; - fdout_eof = 1; - if (fderr != -1) - close(fderr); - fderr = -1; - fderr_eof = 1; - if (fdin != -1) - close(fdin); - fdin = -1; - - /* Stop listening for channels; this removes unix domain sockets. */ - channel_stop_listening(); - - /* Wait for the child to exit. Get its exit status. */ - wait_pid = wait(&wait_status); - if (wait_pid < 0) - { - /* It is possible that the wait was handled by SIGCHLD handler. This - may result in either: this call returning with EINTR, or: this - call returning ECHILD. */ - if (child_terminated) - wait_status = child_wait_status; - else - packet_disconnect("wait: %.100s", strerror(errno)); - } - else - { - /* Check if it matches the process we forked. */ - if (wait_pid != pid) - error("Strange, wait returned pid %d, expected %d", wait_pid, pid); - } - - /* We no longer want our SIGCHLD handler to be called. */ - signal(SIGCHLD, SIG_DFL); - - /* Check if it exited normally. */ - if (WIFEXITED(wait_status)) - { - /* Yes, normal exit. Get exit status and send it to the client. */ - debug("Command exited with status %d.", WEXITSTATUS(wait_status)); - packet_start(SSH_SMSG_EXITSTATUS); - packet_put_int(WEXITSTATUS(wait_status)); - packet_send(); - packet_write_wait(); - - /* Wait for exit confirmation. Note that there might be other - packets coming before it; however, the program has already died - so we just ignore them. The client is supposed to respond with - the confirmation when it receives the exit status. */ - do - { - int plen; - type = packet_read(&plen); - } - while (type != SSH_CMSG_EXIT_CONFIRMATION); - - debug("Received exit confirmation."); - return; - } - - /* Check if the program terminated due to a signal. */ - if (WIFSIGNALED(wait_status)) - packet_disconnect("Command terminated on signal %d.", - WTERMSIG(wait_status)); - - /* Some weird exit cause. Just exit. */ - packet_disconnect("wait returned status %04x.", wait_status); - /*NOTREACHED*/ + fdin = -1; + } + /* Make packets from buffered stderr data to send to the client. */ + make_packets_from_stderr_data(); + + /* + * Make packets from buffered stdout data to send to the + * client. If there is very little to send, this arranges to + * not send them now, but to wait a short while to see if we + * are getting more data. This is necessary, as some systems + * wake up readers from a pty after each separate character. + */ + max_time_milliseconds = 0; + stdout_buffer_bytes = buffer_len(&stdout_buffer); + if (stdout_buffer_bytes != 0 && stdout_buffer_bytes < 256 && + stdout_buffer_bytes != previous_stdout_buffer_bytes) { + /* try again after a while */ + max_time_milliseconds = 10; + } else { + /* Send it now. */ + make_packets_from_stdout_data(); + } + previous_stdout_buffer_bytes = buffer_len(&stdout_buffer); + + /* Send channel data to the client. */ + if (packet_not_very_much_data_to_write()) + channel_output_poll(); + + /* + * Bail out of the loop if the program has closed its output + * descriptors, and we have no more data to send to the + * client, and there is no pending buffered data. + */ + if (fdout_eof && fderr_eof && !packet_have_data_to_write() && + buffer_len(&stdout_buffer) == 0 && buffer_len(&stderr_buffer) == 0) { + if (!channel_still_open()) + goto quit; + if (!waiting_termination) { + const char *s = "Waiting for forwarded connections to terminate...\r\n"; + char *cp; + waiting_termination = 1; + buffer_append(&stderr_buffer, s, strlen(s)); + + /* Display list of open channels. */ + cp = channel_open_message(); + buffer_append(&stderr_buffer, cp, strlen(cp)); + xfree(cp); + } + } + /* Sleep in select() until we can do something. */ + wait_until_can_do_something(&readset, &writeset, + max_time_milliseconds); + + /* Process any channel events. */ + channel_after_select(&readset, &writeset); + + /* Process input from the client and from program stdout/stderr. */ + process_input(&readset); + + /* Process output to the client and to program stdin. */ + process_output(&writeset); + } + +quit: + /* Cleanup and termination code. */ + + /* Wait until all output has been sent to the client. */ + drain_output(); + + debug("End of interactive session; stdin %ld, stdout (read %ld, sent %ld), stderr %ld bytes.", + stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes); + + /* Free and clear the buffers. */ + buffer_free(&stdin_buffer); + buffer_free(&stdout_buffer); + buffer_free(&stderr_buffer); + + /* Close the file descriptors. */ + if (fdout != -1) + close(fdout); + fdout = -1; + fdout_eof = 1; + if (fderr != -1) + close(fderr); + fderr = -1; + fderr_eof = 1; + if (fdin != -1) + close(fdin); + fdin = -1; + + /* Stop listening for channels; this removes unix domain sockets. */ + channel_stop_listening(); + + /* Wait for the child to exit. Get its exit status. */ + wait_pid = wait(&wait_status); + if (wait_pid < 0) { + /* + * It is possible that the wait was handled by SIGCHLD + * handler. This may result in either: this call + * returning with EINTR, or: this call returning ECHILD. + */ + if (child_terminated) + wait_status = child_wait_status; + else + packet_disconnect("wait: %.100s", strerror(errno)); + } else { + /* Check if it matches the process we forked. */ + if (wait_pid != pid) + error("Strange, wait returned pid %d, expected %d", + wait_pid, pid); + } + + /* We no longer want our SIGCHLD handler to be called. */ + signal(SIGCHLD, SIG_DFL); + + /* Check if it exited normally. */ + if (WIFEXITED(wait_status)) { + /* Yes, normal exit. Get exit status and send it to the client. */ + debug("Command exited with status %d.", WEXITSTATUS(wait_status)); + packet_start(SSH_SMSG_EXITSTATUS); + packet_put_int(WEXITSTATUS(wait_status)); + packet_send(); + packet_write_wait(); + + /* + * Wait for exit confirmation. Note that there might be + * other packets coming before it; however, the program has + * already died so we just ignore them. The client is + * supposed to respond with the confirmation when it receives + * the exit status. + */ + do { + int plen; + type = packet_read(&plen); + } + while (type != SSH_CMSG_EXIT_CONFIRMATION); + + debug("Received exit confirmation."); + return; + } + /* Check if the program terminated due to a signal. */ + if (WIFSIGNALED(wait_status)) + packet_disconnect("Command terminated on signal %d.", + WTERMSIG(wait_status)); + + /* Some weird exit cause. Just exit. */ + packet_disconnect("wait returned status %04x.", wait_status); + /* NOTREACHED */ } - Index: usr.bin/ssh/ssh-add.1 =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-add.1,v retrieving revision 1.6 retrieving revision 1.9 diff -u -r1.6 -r1.9 --- usr.bin/ssh/ssh-add.1 1999/10/17 20:35:46 1.6 +++ usr.bin/ssh/ssh-add.1 1999/12/02 20:05:40 1.9 @@ -9,7 +9,7 @@ .\" .\" Created: Sat Apr 22 23:55:14 1995 ylo .\" -.\" $Id: ssh-add.1,v 1.6 1999/10/17 20:35:46 aaron Exp $ +.\" $Id: ssh-add.1,v 1.9 1999/12/02 20:05:40 markus Exp $ .\" .Dd September 25, 1999 .Dt SSH-ADD 1 @@ -19,7 +19,7 @@ .Nd adds identities for the authentication agent .Sh SYNOPSIS .Nm ssh-add -.Op Fl ldD +.Op Fl lLdD .Op Ar .Sh DESCRIPTION .Nm @@ -41,7 +41,9 @@ The options are as follows: .Bl -tag -width Ds .It Fl l -Lists all identities currently represented by the agent. +Lists fingerprints of all identities currently represented by the agent. +.It Fl L +Lists public key parameters of all identities currently represented by the agent. .It Fl d Instead of adding the identity, removes the identity from the agent. .It Fl D @@ -49,7 +51,7 @@ .El .Sh FILES .Bl -tag -width Ds -.Pa $HOME/.ssh/identity +.It Pa $HOME/.ssh/identity Contains the RSA authentication identity of the user. This file should not be readable by anyone but the user. Note that @@ -62,6 +64,9 @@ .Nm when no other files have been specified. .Pp +.Sh ENVIRONMENT +.Bl -tag -width Ds +.It Ev "DISPLAY" and "SSH_ASKPASS" If .Nm needs a passphrase, it will read the passphrase from the current @@ -69,8 +74,11 @@ .Nm does not have a terminal associated with it but .Ev DISPLAY -is set, it -will open an X11 window to read the passphrase. This is particularly +and +.Ev SSH_ASKPASS +are set, it will execute the program specified by +.Ev SSH_ASKPASS +and open an X11 window to read the passphrase. This is particularly useful when calling .Nm from a Index: usr.bin/ssh/ssh-add.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-add.c,v retrieving revision 1.6 retrieving revision 1.15 diff -u -r1.6 -r1.15 --- usr.bin/ssh/ssh-add.c 1999/10/17 20:39:11 1.6 +++ usr.bin/ssh/ssh-add.c 1999/12/02 20:05:40 1.15 @@ -1,254 +1,255 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Thu Apr 6 00:52:24 1995 ylo + * Adds an identity to the authentication server, or removes an identity. + */ -ssh-add.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Thu Apr 6 00:52:24 1995 ylo - -Adds an identity to the authentication server, or removes an identity. - -*/ - #include "includes.h" -RCSID("$Id: ssh-add.c,v 1.6 1999/10/17 20:39:11 dugsong Exp $"); +RCSID("$Id: ssh-add.c,v 1.15 1999/12/02 20:05:40 markus Exp $"); #include "rsa.h" #include "ssh.h" #include "xmalloc.h" #include "authfd.h" +#include "fingerprint.h" void -delete_file(const char *filename) +delete_file(AuthenticationConnection *ac, const char *filename) { - RSA *key; - char *comment; - AuthenticationConnection *ac; - - key = RSA_new(); - if (!load_public_key(filename, key, &comment)) - { - printf("Bad key file %s: %s\n", filename, strerror(errno)); - return; - } - - /* Send the request to the authentication agent. */ - ac = ssh_get_authentication_connection(); - if (!ac) - { - fprintf(stderr, - "Could not open a connection to your authentication agent.\n"); - RSA_free(key); - xfree(comment); - return; - } - if (ssh_remove_identity(ac, key)) - fprintf(stderr, "Identity removed: %s (%s)\n", filename, comment); - else - fprintf(stderr, "Could not remove identity: %s\n", filename); - RSA_free(key); - xfree(comment); - ssh_close_authentication_connection(ac); + RSA *key; + char *comment; + + key = RSA_new(); + if (!load_public_key(filename, key, &comment)) { + printf("Bad key file %s: %s\n", filename, strerror(errno)); + return; + } + if (ssh_remove_identity(ac, key)) + fprintf(stderr, "Identity removed: %s (%s)\n", filename, comment); + else + fprintf(stderr, "Could not remove identity: %s\n", filename); + RSA_free(key); + xfree(comment); } void -delete_all() +delete_all(AuthenticationConnection *ac) { - AuthenticationConnection *ac; - - /* Get a connection to the agent. */ - ac = ssh_get_authentication_connection(); - if (!ac) - { - fprintf(stderr, - "Could not open a connection to your authentication agent.\n"); - return; - } - - /* Send a request to remove all identities. */ - if (ssh_remove_all_identities(ac)) - fprintf(stderr, "All identities removed.\n"); - else - fprintf(stderr, "Failed to remove all identitities.\n"); - - /* Close the connection to the agent. */ - ssh_close_authentication_connection(ac); + /* Send a request to remove all identities. */ + if (ssh_remove_all_identities(ac)) + fprintf(stderr, "All identities removed.\n"); + else + fprintf(stderr, "Failed to remove all identitities.\n"); } +char * +ssh_askpass(char *askpass, char *msg) +{ + pid_t pid; + size_t len; + char *nl, *pass; + int p[2], status; + char buf[1024]; + + if (askpass == NULL) + fatal("internal error: askpass undefined"); + if (pipe(p) < 0) + fatal("ssh_askpass: pipe: %s", strerror(errno)); + if ((pid = fork()) < 0) + fatal("ssh_askpass: fork: %s", strerror(errno)); + if (pid == 0) { + close(p[0]); + if (dup2(p[1], STDOUT_FILENO) < 0) + fatal("ssh_askpass: dup2: %s", strerror(errno)); + execlp(askpass, askpass, msg, (char *) 0); + fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); + } + close(p[1]); + len = read(p[0], buf, sizeof buf); + close(p[0]); + while (waitpid(pid, &status, 0) < 0) + if (errno != EINTR) + break; + if (len <= 1) + return xstrdup(""); + nl = strchr(buf, '\n'); + if (nl) + *nl = '\0'; + pass = xstrdup(buf); + memset(buf, 0, sizeof(buf)); + return pass; +} + void -add_file(const char *filename) +add_file(AuthenticationConnection *ac, const char *filename) { - RSA *key; - RSA *public_key; - AuthenticationConnection *ac; - char *saved_comment, *comment, *pass; - int first; - - key = RSA_new(); - public_key = RSA_new(); - if (!load_public_key(filename, public_key, &saved_comment)) - { - printf("Bad key file %s: %s\n", filename, strerror(errno)); - return; - } - RSA_free(public_key); - - pass = xstrdup(""); - first = 1; - while (!load_private_key(filename, pass, key, &comment)) - { - /* Free the old passphrase. */ - memset(pass, 0, strlen(pass)); - xfree(pass); - - /* Ask for a passphrase. */ - if (getenv("DISPLAY") && !isatty(fileno(stdin))) - { - xfree(saved_comment); - return; - } - else - { - if (first) - printf("Need passphrase for %s (%s).\n", filename, saved_comment); - else - printf("Bad passphrase.\n"); - pass = read_passphrase("Enter passphrase: ", 1); - if (strcmp(pass, "") == 0) - { - xfree(saved_comment); - xfree(pass); - return; - } - } - first = 0; - } - memset(pass, 0, strlen(pass)); - xfree(pass); - - xfree(saved_comment); - - /* Send the key to the authentication agent. */ - ac = ssh_get_authentication_connection(); - if (!ac) - { - fprintf(stderr, - "Could not open a connection to your authentication agent.\n"); - RSA_free(key); - xfree(comment); - return; - } - if (ssh_add_identity(ac, key, comment)) - fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); - else - fprintf(stderr, "Could not add identity: %s\n", filename); - RSA_free(key); - xfree(comment); - ssh_close_authentication_connection(ac); + RSA *key; + RSA *public_key; + char *saved_comment, *comment, *askpass = NULL; + char buf[1024], msg[1024]; + int success; + int interactive = isatty(STDIN_FILENO); + + key = RSA_new(); + public_key = RSA_new(); + if (!load_public_key(filename, public_key, &saved_comment)) { + printf("Bad key file %s: %s\n", filename, strerror(errno)); + return; + } + RSA_free(public_key); + + if (!interactive && getenv("DISPLAY")) { + if (getenv(SSH_ASKPASS_ENV)) + askpass = getenv(SSH_ASKPASS_ENV); + else + askpass = SSH_ASKPASS_DEFAULT; + } + + /* At first, try empty passphrase */ + success = load_private_key(filename, "", key, &comment); + if (!success) { + printf("Need passphrase for %.200s\n", filename); + if (!interactive && askpass == NULL) { + xfree(saved_comment); + return; + } + snprintf(msg, sizeof msg, "Enter passphrase for %.200s", saved_comment); + for (;;) { + char *pass; + if (interactive) { + snprintf(buf, sizeof buf, "%s: ", msg); + pass = read_passphrase(buf, 1); + } else { + pass = ssh_askpass(askpass, msg); + } + if (strcmp(pass, "") == 0) { + xfree(pass); + xfree(saved_comment); + return; + } + success = load_private_key(filename, pass, key, &comment); + memset(pass, 0, strlen(pass)); + xfree(pass); + if (success) + break; + strlcpy(msg, "Bad passphrase, try again", sizeof msg); + } + } + xfree(saved_comment); + + if (ssh_add_identity(ac, key, comment)) + fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); + else + fprintf(stderr, "Could not add identity: %s\n", filename); + RSA_free(key); + xfree(comment); } void -list_identities() +list_identities(AuthenticationConnection *ac, int fp) { - AuthenticationConnection *ac; - BIGNUM *e, *n; - int bits, status; - char *comment; - int had_identities; - - ac = ssh_get_authentication_connection(); - if (!ac) - { - fprintf(stderr, "Could not connect to authentication server.\n"); - return; - } - e = BN_new(); - n = BN_new(); - had_identities = 0; - for (status = ssh_get_first_identity(ac, &bits, e, n, &comment); - status; - status = ssh_get_next_identity(ac, &bits, e, n, &comment)) - { - char *buf; - had_identities = 1; - printf("%d ", bits); - buf = BN_bn2dec(e); - assert(buf != NULL); - printf("%s ", buf); - free (buf); - buf = BN_bn2dec(n); - assert(buf != NULL); - printf("%s %s\n", buf, comment); - free (buf); - xfree(comment); - } - BN_clear_free(e); - BN_clear_free(n); - if (!had_identities) - printf("The agent has no identities.\n"); - ssh_close_authentication_connection(ac); + BIGNUM *e, *n; + int status; + char *comment; + int had_identities; + + e = BN_new(); + n = BN_new(); + had_identities = 0; + for (status = ssh_get_first_identity(ac, e, n, &comment); + status; + status = ssh_get_next_identity(ac, e, n, &comment)) { + unsigned int bits = BN_num_bits(n); + had_identities = 1; + if (fp) { + printf("%d %s %s\n", bits, fingerprint(e, n), comment); + } else { + char *ebuf, *nbuf; + ebuf = BN_bn2dec(e); + if (ebuf == NULL) { + error("list_identities: BN_bn2dec(e) failed."); + } else { + nbuf = BN_bn2dec(n); + if (nbuf == NULL) { + error("list_identities: BN_bn2dec(n) failed."); + } else { + printf("%d %s %s %s\n", bits, ebuf, nbuf, comment); + free(nbuf); + } + free(ebuf); + } + } + xfree(comment); + } + BN_clear_free(e); + BN_clear_free(n); + if (!had_identities) + printf("The agent has no identities.\n"); } int -main(int ac, char **av) +main(int argc, char **argv) { - struct passwd *pw; - char buf[1024]; - int no_files = 1; - int i; - int deleting = 0; - - /* check if RSA support exists */ - if (rsa_alive() == 0) { - extern char *__progname; - - fprintf(stderr, - "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", - __progname); - exit(1); - } - - for (i = 1; i < ac; i++) - { - if (strcmp(av[i], "-l") == 0) - { - list_identities(); - no_files = 0; /* Don't default-add/delete if -l. */ - continue; - } - if (strcmp(av[i], "-d") == 0) - { - deleting = 1; - continue; - } - if (strcmp(av[i], "-D") == 0) - { - delete_all(); - no_files = 0; - continue; - } - no_files = 0; - if (deleting) - delete_file(av[i]); - else - add_file(av[i]); - } - if (no_files) - { - pw = getpwuid(getuid()); - if (!pw) - { - fprintf(stderr, "No user found with uid %d\n", (int)getuid()); - exit(1); - } - snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY); - if (deleting) - delete_file(buf); - else - add_file(buf); - } - exit(0); + AuthenticationConnection *ac = NULL; + struct passwd *pw; + char buf[1024]; + int no_files = 1; + int i; + int deleting = 0; + + /* check if RSA support exists */ + if (rsa_alive() == 0) { + extern char *__progname; + + fprintf(stderr, + "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", + __progname); + exit(1); + } + /* At first, get a connection to the authentication agent. */ + ac = ssh_get_authentication_connection(); + if (ac == NULL) { + fprintf(stderr, "Could not open a connection to your authentication agent.\n"); + exit(1); + } + for (i = 1; i < argc; i++) { + if ((strcmp(argv[i], "-l") == 0) || + (strcmp(argv[i], "-L") == 0)) { + list_identities(ac, argv[i][1] == 'l' ? 1 : 0); + /* Don't default-add/delete if -l. */ + no_files = 0; + continue; + } + if (strcmp(argv[i], "-d") == 0) { + deleting = 1; + continue; + } + if (strcmp(argv[i], "-D") == 0) { + delete_all(ac); + no_files = 0; + continue; + } + no_files = 0; + if (deleting) + delete_file(ac, argv[i]); + else + add_file(ac, argv[i]); + } + if (no_files) { + pw = getpwuid(getuid()); + if (!pw) { + fprintf(stderr, "No user found with uid %d\n", (int) getuid()); + ssh_close_authentication_connection(ac); + exit(1); + } + snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY); + if (deleting) + delete_file(ac, buf); + else + add_file(ac, buf); + } + ssh_close_authentication_connection(ac); + exit(0); } Index: usr.bin/ssh/ssh-agent.1 =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-agent.1,v retrieving revision 1.6 retrieving revision 1.8 diff -u -r1.6 -r1.8 --- usr.bin/ssh/ssh-agent.1 1999/10/17 00:31:06 1.6 +++ usr.bin/ssh/ssh-agent.1 1999/11/16 23:59:21 1.8 @@ -1,3 +1,5 @@ +.\" $OpenBSD: ssh-agent.1,v 1.8 1999/11/16 23:59:21 deraadt Exp $ +.\" .\" -*- nroff -*- .\" .\" ssh-agent.1 @@ -9,8 +11,6 @@ .\" .\" Created: Sat Apr 23 20:10:43 1995 ylo .\" -.\" $Id: ssh-agent.1,v 1.6 1999/10/17 00:31:06 deraadt Exp $ -.\" .Dd September 25, 1999 .Dt SSH-AGENT 1 .Os @@ -19,22 +19,47 @@ .Nd authentication agent .Sh SYNOPSIS .Nm ssh-agent +.Op Fl c Li | Fl s +.Op Fl k +.Oo .Ar command +.Op Ar args ... +.Oc .Sh DESCRIPTION .Nm is a program to hold authentication private keys. The idea is that .Nm is started in the beginning of an X-session or a login session, and -all other windows or programs are started as children of the ssh-agent -program (the -.Ar command -normally starts X or is the user shell). Programs started under -the agent inherit a connection to the agent, and the agent is -automatically used for RSA authentication when logging to other +all other windows or programs are started as clients to the ssh-agent +program. Through use of environment variables the agent can be located +and automatically used for RSA authentication when logging in to other machines using .Xr ssh 1 . .Pp +The options are as follows: +.Bl -tag -width Ds +.It Fl c +Generate C-shell commands on +.Dv stdout . +This is the default if +.Ev SHELL +looks like it's a csh style of shell. +.It Fl s +Generate Bourne shell commands on +.Dv stdout . +This is the default if +.Ev SHELL +does not look like it's a csh style of shell. +.It Fl k +Kill the current agent (given by the +.Ev SSH_AGENT_PID +environment variable). +.El +.Pp +If a commandline is given, this is executed as a subprocess of the agent. +When the command dies, so does the agent. +.Pp The agent initially does not have any private keys. Keys are added using .Xr ssh-add 1 . @@ -57,16 +82,30 @@ However, the connection to the agent is forwarded over SSH remote logins, and the user can thus use the privileges given by the identities anywhere in the network in a secure way. +.Pp +There are two main ways to get an agent setup: Either you let the agent +start a new subcommand into which some environment variables are exported, or +you let the agent print the needed shell commands (either +.Xr sh 1 +or +.Xr csh 1 +syntax can be generated) which can be evalled in the calling shell. +Later +.Xr ssh 1 +look at these variables and use them to establish a connection to the agent. .Pp -A connection to the agent is inherited by child programs: A unix-domain socket is created -.Pq Pa /tmp/ssh-XXXX/agent. , +.Pq Pa /tmp/ssh-XXXXXXXX/agent. , and the name of this socket is stored in the .Ev SSH_AUTH_SOCK environment variable. The socket is made accessible only to the current user. This method is easily abused by root or another instance of the same user. +.Pp +The +.Ev SSH_AGENT_PID +environment variable holds the agent's PID. .Pp The agent exits automatically when the command given on the command line terminates. Index: usr.bin/ssh/ssh-agent.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-agent.c,v retrieving revision 1.12 retrieving revision 1.23 diff -u -r1.12 -r1.23 --- usr.bin/ssh/ssh-agent.c 1999/10/14 18:17:42 1.12 +++ usr.bin/ssh/ssh-agent.c 1999/11/24 19:53:51 1.23 @@ -1,20 +1,15 @@ -/* - -ssh-agent.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Mar 29 03:46:59 1995 ylo +/* $OpenBSD: ssh-agent.c,v 1.23 1999/11/24 19:53:51 markus Exp $ */ -The authentication agent program. - -*/ +/* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Wed Mar 29 03:46:59 1995 ylo + * The authentication agent program. + */ #include "includes.h" -RCSID("$Id: ssh-agent.c,v 1.12 1999/10/14 18:17:42 markus Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.23 1999/11/24 19:53:51 markus Exp $"); #include "ssh.h" #include "rsa.h" @@ -26,23 +21,23 @@ #include "getput.h" #include "mpaux.h" -#include +#include -typedef struct -{ - int fd; - enum { AUTH_UNUSED, AUTH_SOCKET, AUTH_CONNECTION } type; - Buffer input; - Buffer output; +typedef struct { + int fd; + enum { + AUTH_UNUSED, AUTH_SOCKET, AUTH_CONNECTION + } type; + Buffer input; + Buffer output; } SocketEntry; unsigned int sockets_alloc = 0; SocketEntry *sockets = NULL; -typedef struct -{ - RSA *key; - char *comment; +typedef struct { + RSA *key; + char *comment; } Identity; unsigned int num_identities = 0; @@ -57,516 +52,600 @@ char socket_name[1024]; char socket_dir[1024]; +extern char *__progname; + void process_request_identity(SocketEntry *e) { - Buffer msg; - int i; + Buffer msg; + int i; - buffer_init(&msg); - buffer_put_char(&msg, SSH_AGENT_RSA_IDENTITIES_ANSWER); - buffer_put_int(&msg, num_identities); - for (i = 0; i < num_identities; i++) - { - buffer_put_int(&msg, BN_num_bits(identities[i].key->n)); - buffer_put_bignum(&msg, identities[i].key->e); - buffer_put_bignum(&msg, identities[i].key->n); - buffer_put_string(&msg, identities[i].comment, - strlen(identities[i].comment)); - } - buffer_put_int(&e->output, buffer_len(&msg)); - buffer_append(&e->output, buffer_ptr(&msg), buffer_len(&msg)); - buffer_free(&msg); + buffer_init(&msg); + buffer_put_char(&msg, SSH_AGENT_RSA_IDENTITIES_ANSWER); + buffer_put_int(&msg, num_identities); + for (i = 0; i < num_identities; i++) { + buffer_put_int(&msg, BN_num_bits(identities[i].key->n)); + buffer_put_bignum(&msg, identities[i].key->e); + buffer_put_bignum(&msg, identities[i].key->n); + buffer_put_string(&msg, identities[i].comment, + strlen(identities[i].comment)); + } + buffer_put_int(&e->output, buffer_len(&msg)); + buffer_append(&e->output, buffer_ptr(&msg), buffer_len(&msg)); + buffer_free(&msg); } void process_authentication_challenge(SocketEntry *e) { - int i, pub_bits, len; - BIGNUM *pub_e, *pub_n, *challenge; - Buffer msg; - MD5_CTX md; - unsigned char buf[32], mdbuf[16], session_id[16]; - unsigned int response_type; - - buffer_init(&msg); - pub_e = BN_new(); - pub_n = BN_new(); - challenge = BN_new(); - pub_bits = buffer_get_int(&e->input); - buffer_get_bignum(&e->input, pub_e); - buffer_get_bignum(&e->input, pub_n); - buffer_get_bignum(&e->input, challenge); - if (buffer_len(&e->input) == 0) - { - /* Compatibility code for old servers. */ - memset(session_id, 0, 16); - response_type = 0; - } - else - { - /* New code. */ - buffer_get(&e->input, (char *)session_id, 16); - response_type = buffer_get_int(&e->input); - } - for (i = 0; i < num_identities; i++) - if (pub_bits == BN_num_bits(identities[i].key->n) && - BN_cmp(pub_e, identities[i].key->e) == 0 && - BN_cmp(pub_n, identities[i].key->n) == 0) - { - /* Decrypt the challenge using the private key. */ - rsa_private_decrypt(challenge, challenge, identities[i].key); - - /* Compute the desired response. */ - switch (response_type) - { - case 0: /* As of protocol 1.0 */ - /* This response type is no longer supported. */ - log("Compatibility with ssh protocol 1.0 no longer supported."); - buffer_put_char(&msg, SSH_AGENT_FAILURE); - goto send; - - case 1: /* As of protocol 1.1 */ - /* The response is MD5 of decrypted challenge plus session id. */ - len = BN_num_bytes(challenge); - assert(len <= 32 && len); - memset(buf, 0, 32); - BN_bn2bin(challenge, buf + 32 - len); - MD5Init(&md); - MD5Update(&md, buf, 32); - MD5Update(&md, session_id, 16); - MD5Final(mdbuf, &md); - break; - - default: - fatal("process_authentication_challenge: bad response_type %d", - response_type); - break; - } - - /* Send the response. */ - buffer_put_char(&msg, SSH_AGENT_RSA_RESPONSE); - for (i = 0; i < 16; i++) - buffer_put_char(&msg, mdbuf[i]); - - goto send; - } - /* Unknown identity. Send failure. */ - buffer_put_char(&msg, SSH_AGENT_FAILURE); - send: - buffer_put_int(&e->output, buffer_len(&msg)); - buffer_append(&e->output, buffer_ptr(&msg), - buffer_len(&msg)); - buffer_free(&msg); - BN_clear_free(pub_e); - BN_clear_free(pub_n); - BN_clear_free(challenge); + int i, pub_bits, len; + BIGNUM *pub_e, *pub_n, *challenge; + Buffer msg; + MD5_CTX md; + unsigned char buf[32], mdbuf[16], session_id[16]; + unsigned int response_type; + + buffer_init(&msg); + pub_e = BN_new(); + pub_n = BN_new(); + challenge = BN_new(); + pub_bits = buffer_get_int(&e->input); + buffer_get_bignum(&e->input, pub_e); + buffer_get_bignum(&e->input, pub_n); + buffer_get_bignum(&e->input, challenge); + if (buffer_len(&e->input) == 0) { + /* Compatibility code for old servers. */ + memset(session_id, 0, 16); + response_type = 0; + } else { + /* New code. */ + buffer_get(&e->input, (char *) session_id, 16); + response_type = buffer_get_int(&e->input); + } + for (i = 0; i < num_identities; i++) + if (pub_bits == BN_num_bits(identities[i].key->n) && + BN_cmp(pub_e, identities[i].key->e) == 0 && + BN_cmp(pub_n, identities[i].key->n) == 0) { + /* Decrypt the challenge using the private key. */ + rsa_private_decrypt(challenge, challenge, identities[i].key); + + /* Compute the desired response. */ + switch (response_type) { + case 0:/* As of protocol 1.0 */ + /* This response type is no longer supported. */ + log("Compatibility with ssh protocol 1.0 no longer supported."); + buffer_put_char(&msg, SSH_AGENT_FAILURE); + goto send; + + case 1:/* As of protocol 1.1 */ + /* The response is MD5 of decrypted challenge plus session id. */ + len = BN_num_bytes(challenge); + + if (len <= 0 || len > 32) { + fatal("process_authentication_challenge: " + "bad challenge length %d", len); + } + memset(buf, 0, 32); + BN_bn2bin(challenge, buf + 32 - len); + MD5_Init(&md); + MD5_Update(&md, buf, 32); + MD5_Update(&md, session_id, 16); + MD5_Final(mdbuf, &md); + break; + + default: + fatal("process_authentication_challenge: bad response_type %d", + response_type); + break; + } + + /* Send the response. */ + buffer_put_char(&msg, SSH_AGENT_RSA_RESPONSE); + for (i = 0; i < 16; i++) + buffer_put_char(&msg, mdbuf[i]); + + goto send; + } + /* Unknown identity. Send failure. */ + buffer_put_char(&msg, SSH_AGENT_FAILURE); +send: + buffer_put_int(&e->output, buffer_len(&msg)); + buffer_append(&e->output, buffer_ptr(&msg), + buffer_len(&msg)); + buffer_free(&msg); + BN_clear_free(pub_e); + BN_clear_free(pub_n); + BN_clear_free(challenge); } void process_remove_identity(SocketEntry *e) { - unsigned int bits; - unsigned int i; - BIGNUM *dummy, *n; - - dummy = BN_new(); - n = BN_new(); - - /* Get the key from the packet. */ - bits = buffer_get_int(&e->input); - buffer_get_bignum(&e->input, dummy); - buffer_get_bignum(&e->input, n); - - /* Check if we have the key. */ - for (i = 0; i < num_identities; i++) - if (BN_cmp(identities[i].key->n, n) == 0) - { - /* We have this key. Free the old key. Since we don\'t want to leave - empty slots in the middle of the array, we actually free the - key there and copy data from the last entry. */ - RSA_free(identities[i].key); - xfree(identities[i].comment); - if (i < num_identities - 1) - identities[i] = identities[num_identities - 1]; - num_identities--; - BN_clear_free(dummy); - BN_clear_free(n); + unsigned int bits; + unsigned int i; + BIGNUM *dummy, *n; + + dummy = BN_new(); + n = BN_new(); + + /* Get the key from the packet. */ + bits = buffer_get_int(&e->input); + buffer_get_bignum(&e->input, dummy); + buffer_get_bignum(&e->input, n); + + if (bits != BN_num_bits(n)) + error("Warning: keysize mismatch: actual %d, announced %d", + BN_num_bits(n), bits); + + /* Check if we have the key. */ + for (i = 0; i < num_identities; i++) + if (BN_cmp(identities[i].key->n, n) == 0) { + /* + * We have this key. Free the old key. Since we + * don\'t want to leave empty slots in the middle of + * the array, we actually free the key there and copy + * data from the last entry. + */ + RSA_free(identities[i].key); + xfree(identities[i].comment); + if (i < num_identities - 1) + identities[i] = identities[num_identities - 1]; + num_identities--; + BN_clear_free(dummy); + BN_clear_free(n); + + /* Send success. */ + buffer_put_int(&e->output, 1); + buffer_put_char(&e->output, SSH_AGENT_SUCCESS); + return; + } + /* We did not have the key. */ + BN_clear(dummy); + BN_clear(n); - /* Send success. */ + /* Send failure. */ buffer_put_int(&e->output, 1); - buffer_put_char(&e->output, SSH_AGENT_SUCCESS); - return; - } - /* We did not have the key. */ - BN_clear(dummy); - BN_clear(n); - - /* Send failure. */ - buffer_put_int(&e->output, 1); - buffer_put_char(&e->output, SSH_AGENT_FAILURE); + buffer_put_char(&e->output, SSH_AGENT_FAILURE); } - -/* Removes all identities from the agent. */ +/* + * Removes all identities from the agent. + */ void process_remove_all_identities(SocketEntry *e) { - unsigned int i; - - /* Loop over all identities and clear the keys. */ - for (i = 0; i < num_identities; i++) - { - RSA_free(identities[i].key); - xfree(identities[i].comment); - } - - /* Mark that there are no identities. */ - num_identities = 0; - - /* Send success. */ - buffer_put_int(&e->output, 1); - buffer_put_char(&e->output, SSH_AGENT_SUCCESS); - return; -} + unsigned int i; -/* Adds an identity to the agent. */ + /* Loop over all identities and clear the keys. */ + for (i = 0; i < num_identities; i++) { + RSA_free(identities[i].key); + xfree(identities[i].comment); + } -void -process_add_identity(SocketEntry *e) -{ - RSA *k; - int i; - BIGNUM *aux; - BN_CTX *ctx; - - if (num_identities == 0) - identities = xmalloc(sizeof(Identity)); - else - identities = xrealloc(identities, (num_identities + 1) * sizeof(Identity)); - - identities[num_identities].key = RSA_new(); - k = identities[num_identities].key; - buffer_get_int(&e->input); /* bits */ - k->n = BN_new(); - buffer_get_bignum(&e->input, k->n); - k->e = BN_new(); - buffer_get_bignum(&e->input, k->e); - k->d = BN_new(); - buffer_get_bignum(&e->input, k->d); - k->iqmp = BN_new(); - buffer_get_bignum(&e->input, k->iqmp); - /* SSH and SSL have p and q swapped */ - k->q = BN_new(); - buffer_get_bignum(&e->input, k->q); /* p */ - k->p = BN_new(); - buffer_get_bignum(&e->input, k->p); /* q */ - - /* Generate additional parameters */ - aux = BN_new(); - ctx = BN_CTX_new(); - - BN_sub(aux, k->q, BN_value_one()); - k->dmq1 = BN_new(); - BN_mod(k->dmq1, k->d, aux, ctx); - - BN_sub(aux, k->p, BN_value_one()); - k->dmp1 = BN_new(); - BN_mod(k->dmp1, k->d, aux, ctx); - - BN_clear_free(aux); - BN_CTX_free(ctx); - - identities[num_identities].comment = buffer_get_string(&e->input, NULL); - - /* Check if we already have the key. */ - for (i = 0; i < num_identities; i++) - if (BN_cmp(identities[i].key->n, k->n) == 0) - { - /* We already have this key. Clear and free the new data and - return success. */ - RSA_free(k); - xfree(identities[num_identities].comment); + /* Mark that there are no identities. */ + num_identities = 0; /* Send success. */ buffer_put_int(&e->output, 1); buffer_put_char(&e->output, SSH_AGENT_SUCCESS); return; - } +} + +/* + * Adds an identity to the agent. + */ +void +process_add_identity(SocketEntry *e) +{ + RSA *k; + int i; + BIGNUM *aux; + BN_CTX *ctx; + + if (num_identities == 0) + identities = xmalloc(sizeof(Identity)); + else + identities = xrealloc(identities, (num_identities + 1) * sizeof(Identity)); + + identities[num_identities].key = RSA_new(); + k = identities[num_identities].key; + buffer_get_int(&e->input); /* bits */ + k->n = BN_new(); + buffer_get_bignum(&e->input, k->n); + k->e = BN_new(); + buffer_get_bignum(&e->input, k->e); + k->d = BN_new(); + buffer_get_bignum(&e->input, k->d); + k->iqmp = BN_new(); + buffer_get_bignum(&e->input, k->iqmp); + /* SSH and SSL have p and q swapped */ + k->q = BN_new(); + buffer_get_bignum(&e->input, k->q); /* p */ + k->p = BN_new(); + buffer_get_bignum(&e->input, k->p); /* q */ + + /* Generate additional parameters */ + aux = BN_new(); + ctx = BN_CTX_new(); + + BN_sub(aux, k->q, BN_value_one()); + k->dmq1 = BN_new(); + BN_mod(k->dmq1, k->d, aux, ctx); + + BN_sub(aux, k->p, BN_value_one()); + k->dmp1 = BN_new(); + BN_mod(k->dmp1, k->d, aux, ctx); + + BN_clear_free(aux); + BN_CTX_free(ctx); + + identities[num_identities].comment = buffer_get_string(&e->input, NULL); + + /* Check if we already have the key. */ + for (i = 0; i < num_identities; i++) + if (BN_cmp(identities[i].key->n, k->n) == 0) { + /* + * We already have this key. Clear and free the new + * data and return success. + */ + RSA_free(k); + xfree(identities[num_identities].comment); + + /* Send success. */ + buffer_put_int(&e->output, 1); + buffer_put_char(&e->output, SSH_AGENT_SUCCESS); + return; + } + /* Increment the number of identities. */ + num_identities++; - /* Increment the number of identities. */ - num_identities++; - - /* Send a success message. */ - buffer_put_int(&e->output, 1); - buffer_put_char(&e->output, SSH_AGENT_SUCCESS); + /* Send a success message. */ + buffer_put_int(&e->output, 1); + buffer_put_char(&e->output, SSH_AGENT_SUCCESS); } void process_message(SocketEntry *e) { - unsigned int msg_len; - unsigned int type; - unsigned char *cp; - if (buffer_len(&e->input) < 5) - return; /* Incomplete message. */ - cp = (unsigned char *)buffer_ptr(&e->input); - msg_len = GET_32BIT(cp); - if (msg_len > 256 * 1024) - { - shutdown(e->fd, SHUT_RDWR); - close(e->fd); - e->type = AUTH_UNUSED; - return; - } - if (buffer_len(&e->input) < msg_len + 4) - return; - buffer_consume(&e->input, 4); - type = buffer_get_char(&e->input); - - switch (type) - { - case SSH_AGENTC_REQUEST_RSA_IDENTITIES: - process_request_identity(e); - break; - case SSH_AGENTC_RSA_CHALLENGE: - process_authentication_challenge(e); - break; - case SSH_AGENTC_ADD_RSA_IDENTITY: - process_add_identity(e); - break; - case SSH_AGENTC_REMOVE_RSA_IDENTITY: - process_remove_identity(e); - break; - case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: - process_remove_all_identities(e); - break; - default: - /* Unknown message. Respond with failure. */ - error("Unknown message %d", type); - buffer_clear(&e->input); - buffer_put_int(&e->output, 1); - buffer_put_char(&e->output, SSH_AGENT_FAILURE); - break; - } + unsigned int msg_len; + unsigned int type; + unsigned char *cp; + if (buffer_len(&e->input) < 5) + return; /* Incomplete message. */ + cp = (unsigned char *) buffer_ptr(&e->input); + msg_len = GET_32BIT(cp); + if (msg_len > 256 * 1024) { + shutdown(e->fd, SHUT_RDWR); + close(e->fd); + e->type = AUTH_UNUSED; + return; + } + if (buffer_len(&e->input) < msg_len + 4) + return; + buffer_consume(&e->input, 4); + type = buffer_get_char(&e->input); + + switch (type) { + case SSH_AGENTC_REQUEST_RSA_IDENTITIES: + process_request_identity(e); + break; + case SSH_AGENTC_RSA_CHALLENGE: + process_authentication_challenge(e); + break; + case SSH_AGENTC_ADD_RSA_IDENTITY: + process_add_identity(e); + break; + case SSH_AGENTC_REMOVE_RSA_IDENTITY: + process_remove_identity(e); + break; + case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: + process_remove_all_identities(e); + break; + default: + /* Unknown message. Respond with failure. */ + error("Unknown message %d", type); + buffer_clear(&e->input); + buffer_put_int(&e->output, 1); + buffer_put_char(&e->output, SSH_AGENT_FAILURE); + break; + } } void new_socket(int type, int fd) { - unsigned int i, old_alloc; - if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) - error("fcntl O_NONBLOCK: %s", strerror(errno)); - - if (fd > max_fd) - max_fd = fd; - - for (i = 0; i < sockets_alloc; i++) - if (sockets[i].type == AUTH_UNUSED) - { - sockets[i].fd = fd; - sockets[i].type = type; - buffer_init(&sockets[i].input); - buffer_init(&sockets[i].output); - return; - } - old_alloc = sockets_alloc; - sockets_alloc += 10; - if (sockets) - sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0])); - else - sockets = xmalloc(sockets_alloc * sizeof(sockets[0])); - for (i = old_alloc; i < sockets_alloc; i++) - sockets[i].type = AUTH_UNUSED; - sockets[old_alloc].type = type; - sockets[old_alloc].fd = fd; - buffer_init(&sockets[old_alloc].input); - buffer_init(&sockets[old_alloc].output); + unsigned int i, old_alloc; + if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) + error("fcntl O_NONBLOCK: %s", strerror(errno)); + + if (fd > max_fd) + max_fd = fd; + + for (i = 0; i < sockets_alloc; i++) + if (sockets[i].type == AUTH_UNUSED) { + sockets[i].fd = fd; + sockets[i].type = type; + buffer_init(&sockets[i].input); + buffer_init(&sockets[i].output); + return; + } + old_alloc = sockets_alloc; + sockets_alloc += 10; + if (sockets) + sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0])); + else + sockets = xmalloc(sockets_alloc * sizeof(sockets[0])); + for (i = old_alloc; i < sockets_alloc; i++) + sockets[i].type = AUTH_UNUSED; + sockets[old_alloc].type = type; + sockets[old_alloc].fd = fd; + buffer_init(&sockets[old_alloc].input); + buffer_init(&sockets[old_alloc].output); } void prepare_select(fd_set *readset, fd_set *writeset) { - unsigned int i; - for (i = 0; i < sockets_alloc; i++) - switch (sockets[i].type) - { - case AUTH_SOCKET: - case AUTH_CONNECTION: - FD_SET(sockets[i].fd, readset); - if (buffer_len(&sockets[i].output) > 0) - FD_SET(sockets[i].fd, writeset); - break; - case AUTH_UNUSED: - break; - default: - fatal("Unknown socket type %d", sockets[i].type); - break; - } -} - -void after_select(fd_set *readset, fd_set *writeset) -{ - unsigned int i; - int len, sock; - char buf[1024]; - struct sockaddr_un sunaddr; - - for (i = 0; i < sockets_alloc; i++) - switch (sockets[i].type) - { - case AUTH_UNUSED: - break; - case AUTH_SOCKET: - if (FD_ISSET(sockets[i].fd, readset)) - { - len = sizeof(sunaddr); - sock = accept(sockets[i].fd, (struct sockaddr *)&sunaddr, &len); - if (sock < 0) - { - perror("accept from AUTH_SOCKET"); - break; - } - new_socket(AUTH_CONNECTION, sock); - } - break; - case AUTH_CONNECTION: - if (buffer_len(&sockets[i].output) > 0 && - FD_ISSET(sockets[i].fd, writeset)) - { - len = write(sockets[i].fd, buffer_ptr(&sockets[i].output), - buffer_len(&sockets[i].output)); - if (len <= 0) - { - shutdown(sockets[i].fd, SHUT_RDWR); - close(sockets[i].fd); - sockets[i].type = AUTH_UNUSED; - break; - } - buffer_consume(&sockets[i].output, len); - } - if (FD_ISSET(sockets[i].fd, readset)) - { - len = read(sockets[i].fd, buf, sizeof(buf)); - if (len <= 0) - { - shutdown(sockets[i].fd, SHUT_RDWR); - close(sockets[i].fd); - sockets[i].type = AUTH_UNUSED; - break; - } - buffer_append(&sockets[i].input, buf, len); - process_message(&sockets[i]); - } - break; - default: - fatal("Unknown type %d", sockets[i].type); - } + unsigned int i; + for (i = 0; i < sockets_alloc; i++) + switch (sockets[i].type) { + case AUTH_SOCKET: + case AUTH_CONNECTION: + FD_SET(sockets[i].fd, readset); + if (buffer_len(&sockets[i].output) > 0) + FD_SET(sockets[i].fd, writeset); + break; + case AUTH_UNUSED: + break; + default: + fatal("Unknown socket type %d", sockets[i].type); + break; + } +} + +void +after_select(fd_set *readset, fd_set *writeset) +{ + unsigned int i; + int len, sock; + char buf[1024]; + struct sockaddr_un sunaddr; + + for (i = 0; i < sockets_alloc; i++) + switch (sockets[i].type) { + case AUTH_UNUSED: + break; + case AUTH_SOCKET: + if (FD_ISSET(sockets[i].fd, readset)) { + len = sizeof(sunaddr); + sock = accept(sockets[i].fd, (struct sockaddr *) & sunaddr, &len); + if (sock < 0) { + perror("accept from AUTH_SOCKET"); + break; + } + new_socket(AUTH_CONNECTION, sock); + } + break; + case AUTH_CONNECTION: + if (buffer_len(&sockets[i].output) > 0 && + FD_ISSET(sockets[i].fd, writeset)) { + len = write(sockets[i].fd, buffer_ptr(&sockets[i].output), + buffer_len(&sockets[i].output)); + if (len <= 0) { + shutdown(sockets[i].fd, SHUT_RDWR); + close(sockets[i].fd); + sockets[i].type = AUTH_UNUSED; + break; + } + buffer_consume(&sockets[i].output, len); + } + if (FD_ISSET(sockets[i].fd, readset)) { + len = read(sockets[i].fd, buf, sizeof(buf)); + if (len <= 0) { + shutdown(sockets[i].fd, SHUT_RDWR); + close(sockets[i].fd); + sockets[i].type = AUTH_UNUSED; + break; + } + buffer_append(&sockets[i].input, buf, len); + process_message(&sockets[i]); + } + break; + default: + fatal("Unknown type %d", sockets[i].type); + } } void check_parent_exists(int sig) { - if (kill(parent_pid, 0) < 0) - { - /* printf("Parent has died - Authentication agent exiting.\n"); */ - exit(1); - } - signal(SIGALRM, check_parent_exists); - alarm(10); + if (kill(parent_pid, 0) < 0) { + /* printf("Parent has died - Authentication agent exiting.\n"); */ + exit(1); + } + signal(SIGALRM, check_parent_exists); + alarm(10); } -void cleanup_socket(void) { - remove(socket_name); - rmdir(socket_dir); +void +cleanup_socket(void) +{ + remove(socket_name); + rmdir(socket_dir); +} + +void +cleanup_exit(int i) +{ + cleanup_socket(); + exit(i); +} + +void +usage() +{ + fprintf(stderr, "ssh-agent version %s\n", SSH_VERSION); + fprintf(stderr, "Usage: %s [-c | -s] [-k] [command {args...]]\n", + __progname); + exit(1); } int main(int ac, char **av) { - fd_set readset, writeset; - int sock; - struct sockaddr_un sunaddr; - - /* check if RSA support exists */ - if (rsa_alive() == 0) { - extern char *__progname; - fprintf(stderr, - "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", - __progname); - exit(1); - } - - if (ac < 2) - { - fprintf(stderr, "ssh-agent version %s\n", SSH_VERSION); - fprintf(stderr, "Usage: %s command\n", av[0]); - exit(1); - } - - parent_pid = getpid(); - - /* Create private directory for agent socket */ - strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir); - if (mkdtemp(socket_dir) == NULL) { - perror("mkdtemp: private socket dir"); - exit(1); - } - snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir, parent_pid); - - /* Fork, and have the parent execute the command. The child continues as - the authentication agent. */ - if (fork() != 0) - { /* Parent - execute the given command. */ - setenv(SSH_AUTHSOCKET_ENV_NAME, socket_name, 1); - execvp(av[1], av + 1); - perror(av[1]); - exit(1); - } + fd_set readset, writeset; + int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch; + struct sockaddr_un sunaddr; + pid_t pid; + char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; + + /* check if RSA support exists */ + if (rsa_alive() == 0) { + fprintf(stderr, + "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", + __progname); + exit(1); + } + while ((ch = getopt(ac, av, "cks")) != -1) { + switch (ch) { + case 'c': + if (s_flag) + usage(); + c_flag++; + break; + case 'k': + k_flag++; + break; + case 's': + if (c_flag) + usage(); + s_flag++; + break; + default: + usage(); + } + } + ac -= optind; + av += optind; - if (atexit(cleanup_socket) < 0) { - perror("atexit"); - cleanup_socket(); - exit(1); - } + if (ac > 0 && (c_flag || k_flag || s_flag)) + usage(); + + if (ac == 0 && !c_flag && !k_flag && !s_flag) { + shell = getenv("SHELL"); + if (shell != NULL && strncmp(shell + strlen(shell) - 3, "csh", 3) == 0) + c_flag = 1; + } + if (k_flag) { + pidstr = getenv(SSH_AGENTPID_ENV_NAME); + if (pidstr == NULL) { + fprintf(stderr, "%s not set, cannot kill agent\n", + SSH_AGENTPID_ENV_NAME); + exit(1); + } + pid = atoi(pidstr); + if (pid < 1) { /* XXX PID_MAX check too */ + fprintf(stderr, "%s=\"%s\", which is not a good PID\n", + SSH_AGENTPID_ENV_NAME, pidstr); + exit(1); + } + if (kill(pid, SIGTERM) == -1) { + perror("kill"); + exit(1); + } + format = c_flag ? "unsetenv %s;\n" : "unset %s;\n"; + printf(format, SSH_AUTHSOCKET_ENV_NAME); + printf(format, SSH_AGENTPID_ENV_NAME); + printf("echo Agent pid %d killed;\n", pid); + exit(0); + } + parent_pid = getpid(); + + /* Create private directory for agent socket */ + strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir); + if (mkdtemp(socket_dir) == NULL) { + perror("mkdtemp: private socket dir"); + exit(1); + } + snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir, + parent_pid); - sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock < 0) - { - perror("socket"); - exit(1); - } - memset(&sunaddr, 0, sizeof(sunaddr)); - sunaddr.sun_family = AF_UNIX; - strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path)); - if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) - { - perror("bind"); - exit(1); - } - if (listen(sock, 5) < 0) - { - perror("listen"); - exit(1); - } - new_socket(AUTH_SOCKET, sock); - signal(SIGALRM, check_parent_exists); - alarm(10); - - signal(SIGINT, SIG_IGN); - while (1) - { - FD_ZERO(&readset); - FD_ZERO(&writeset); - prepare_select(&readset, &writeset); - if (select(max_fd + 1, &readset, &writeset, NULL, NULL) < 0) - { - if (errno == EINTR) - continue; - perror("select"); - exit(1); - } - after_select(&readset, &writeset); - } - /*NOTREACHED*/ + /* + * Create socket early so it will exist before command gets run from + * the parent. + */ + sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (sock < 0) { + perror("socket"); + cleanup_exit(1); + } + memset(&sunaddr, 0, sizeof(sunaddr)); + sunaddr.sun_family = AF_UNIX; + strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path)); + if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) { + perror("bind"); + cleanup_exit(1); + } + if (listen(sock, 5) < 0) { + perror("listen"); + cleanup_exit(1); + } + /* + * Fork, and have the parent execute the command, if any, or present + * the socket data. The child continues as the authentication agent. + */ + pid = fork(); + if (pid == -1) { + perror("fork"); + exit(1); + } + if (pid != 0) { /* Parent - execute the given command. */ + close(sock); + snprintf(pidstrbuf, sizeof pidstrbuf, "%d", pid); + if (ac == 0) { + format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n"; + printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, + SSH_AUTHSOCKET_ENV_NAME); + printf(format, SSH_AGENTPID_ENV_NAME, pidstrbuf, + SSH_AGENTPID_ENV_NAME); + printf("echo Agent pid %d;\n", pid); + exit(0); + } + setenv(SSH_AUTHSOCKET_ENV_NAME, socket_name, 1); + setenv(SSH_AGENTPID_ENV_NAME, pidstrbuf, 1); + execvp(av[0], av); + perror(av[0]); + exit(1); + } + close(0); + close(1); + close(2); + + if (setsid() == -1) { + perror("setsid"); + cleanup_exit(1); + } + if (atexit(cleanup_socket) < 0) { + perror("atexit"); + cleanup_exit(1); + } + new_socket(AUTH_SOCKET, sock); + if (ac > 0) { + signal(SIGALRM, check_parent_exists); + alarm(10); + } + signal(SIGINT, SIG_IGN); + signal(SIGPIPE, SIG_IGN); + while (1) { + FD_ZERO(&readset); + FD_ZERO(&writeset); + prepare_select(&readset, &writeset); + if (select(max_fd + 1, &readset, &writeset, NULL, NULL) < 0) { + if (errno == EINTR) + continue; + exit(1); + } + after_select(&readset, &writeset); + } + /* NOTREACHED */ } Index: usr.bin/ssh/ssh-askpass.wish =================================================================== RCS file: ssh-askpass.wish diff -N ssh-askpass.wish --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsfNwOj31367 Wed Dec 8 12:42:10 1999 @@ -0,0 +1,48 @@ +# This file (ssh-askpass.wish) will be used to create ssh-askpass by-*- tcl -*- +# prepending the header line that executes wish. +# +# $Id: ssh-askpass.wish,v 1.2 1999/09/28 04:45:37 provos dead $ +# + +global result + +wm title . "Authentication Password Entry" + +# Use the first argument as a prompt (if given). +if {$argv==""} { + label .header -text "Please enter your authentication password" +} { + label .header -text "[lindex $argv 0]" +} + +entry .pass -relief sunken -textvariable password +set bgcolor [lindex [.pass configure -bg] 3] +.pass configure -fg $bgcolor -selectforeground $bgcolor \ + -selectbackground $bgcolor + +bind .pass { set result ok } +frame .b +frame .b.ok_f -borderwidth 2 -relief sunken +button .b.ok -text OK -width 6 -command { set result ok } +button .b.cancel -text Cancel -width 6 -command { set result cancel } +pack .b.ok -in .b.ok_f -padx 2 -pady 2 +pack .b.ok_f -side left -padx 5m -pady 3m +pack .b.cancel -side right -padx 5m -pady 3m +pack .header .pass .b +wm protocol . WM_DELETE_WINDOW { set result cancel } + +set old_focus [focus] +grab set . +focus .pass + +set result "none" + +while {"$result" == "none"} { + tkwait variable result +} + +if {$old_focus!=""} { + focus $old_focus +} + +if {"$result" == "ok"} {puts "$password"; exit 0} {exit 1} Index: usr.bin/ssh/ssh-keygen.1 =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.1,v retrieving revision 1.7 retrieving revision 1.9 diff -u -r1.7 -r1.9 --- usr.bin/ssh/ssh-keygen.1 1999/10/17 20:35:46 1.7 +++ usr.bin/ssh/ssh-keygen.1 1999/11/16 22:49:28 1.9 @@ -9,7 +9,7 @@ .\" .\" Created: Sat Apr 22 23:55:14 1995 ylo .\" -.\" $Id: ssh-keygen.1,v 1.7 1999/10/17 20:35:46 aaron Exp $ +.\" $Id: ssh-keygen.1,v 1.9 1999/11/16 22:49:28 markus Exp $ .\" .Dd September 25, 1999 .Dt SSH-KEYGEN 1 @@ -23,14 +23,20 @@ .Op Fl b Ar bits .Op Fl N Ar new_passphrase .Op Fl C Ar comment +.Op Fl f Ar keyfile .Nm ssh-keygen .Fl p .Op Fl P Ar old_passphrase .Op Fl N Ar new_passphrase +.Op Fl f Ar keyfile .Nm ssh-keygen .Fl c .Op Fl P Ar passphrase .Op Fl C Ar comment +.Op Fl f Ar keyfile +.Nm ssh-keygen +.Fl l +.Op Fl f Ar keyfile .Sh DESCRIPTION .Nm generates and manages authentication keys for @@ -79,6 +85,10 @@ Requests changing the comment in the private and public key files. The program will prompt for the file containing the private keys, for passphrase if the key has one, and for the new comment. +.It Fl f +Specifies the filename of the key file. +.It Fl l +Show fingerprint of specified private or public key file. .It Fl p Requests changing the passphrase of a private key file instead of creating a new private key. The program will prompt for the file @@ -150,6 +160,6 @@ .Sh SEE ALSO .Xr ssh 1 , .Xr ssh-add 1 , -.Xr ssh-agent 1, +.Xr ssh-agent 1 , .Xr sshd 8 , .Xr ssl 8 Index: usr.bin/ssh/ssh-keygen.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.c,v retrieving revision 1.6 retrieving revision 1.14 diff -u -r1.6 -r1.14 --- usr.bin/ssh/ssh-keygen.c 1999/10/01 02:38:09 1.6 +++ usr.bin/ssh/ssh-keygen.c 1999/11/24 19:53:52 1.14 @@ -1,24 +1,18 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Mon Mar 27 02:26:40 1995 ylo + * Identity and host key generation and maintenance. + */ -ssh-keygen.c - -Author: Tatu Ylonen - -Copyright (c) 1994 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Mar 27 02:26:40 1995 ylo - -Identity and host key generation and maintenance. - -*/ - #include "includes.h" -RCSID("$Id: ssh-keygen.c,v 1.6 1999/10/01 02:38:09 provos Exp $"); +RCSID("$Id: ssh-keygen.c,v 1.14 1999/11/24 19:53:52 markus Exp $"); #include "rsa.h" #include "ssh.h" #include "xmalloc.h" +#include "fingerprint.h" /* Generated private key. */ RSA *private_key; @@ -26,23 +20,30 @@ /* Generated public key. */ RSA *public_key; -/* Number of bits in the RSA key. This value can be changed on the command - line. */ +/* Number of bits in the RSA key. This value can be changed on the command line. */ int bits = 1024; -/* Flag indicating that we just want to change the passphrase. This can be - set on the command line. */ +/* + * Flag indicating that we just want to change the passphrase. This can be + * set on the command line. + */ int change_passphrase = 0; -/* Flag indicating that we just want to change the comment. This can be set - on the command line. */ +/* + * Flag indicating that we just want to change the comment. This can be set + * on the command line. + */ int change_comment = 0; int quiet = 0; -/* This is set to the identity file name if given on the command line. */ -char *identity_file = NULL; +/* Flag indicating that we just want to see the key fingerprint */ +int print_fingerprint = 0; +/* The identity file name, given on the command line or entered by the user. */ +char identity_file[1024]; +int have_identity = 0; + /* This is set to the passphrase if given on the command line. */ char *identity_passphrase = NULL; @@ -52,501 +53,468 @@ /* This is set to the new comment if given on the command line. */ char *identity_comment = NULL; -/* Perform changing a passphrase. The argument is the passwd structure - for the current user. */ +/* argv0 */ +extern char *__progname; void -do_change_passphrase(struct passwd *pw) +ask_filename(struct passwd *pw, const char *prompt) { - char buf[1024], *comment; - char *old_passphrase, *passphrase1, *passphrase2; - struct stat st; - RSA *private_key; - - /* Read key file name. */ - if (identity_file != NULL) { - strncpy(buf, identity_file, sizeof(buf)); - buf[sizeof(buf) - 1] = '\0'; - } else { - printf("Enter file in which the key is ($HOME/%s): ", SSH_CLIENT_IDENTITY); - fflush(stdout); - if (fgets(buf, sizeof(buf), stdin) == NULL) - exit(1); - if (strchr(buf, '\n')) - *strchr(buf, '\n') = 0; - if (strcmp(buf, "") == 0) - snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY); - } - - /* Check if the file exists. */ - if (stat(buf, &st) < 0) - { - perror(buf); - exit(1); - } - - /* Try to load the public key from the file the verify that it is - readable and of the proper format. */ - public_key = RSA_new(); - if (!load_public_key(buf, public_key, NULL)) - { - printf("%s is not a valid key file.\n", buf); - exit(1); - } - /* Clear the public key since we are just about to load the whole file. */ - RSA_free(public_key); - - /* Try to load the file with empty passphrase. */ - private_key = RSA_new(); - if (!load_private_key(buf, "", private_key, &comment)) { - /* Read passphrase from the user. */ - if (identity_passphrase) - old_passphrase = xstrdup(identity_passphrase); - else - old_passphrase = read_passphrase("Enter old passphrase: ", 1); - /* Try to load using the passphrase. */ - if (!load_private_key(buf, old_passphrase, private_key, &comment)) - { - memset(old_passphrase, 0, strlen(old_passphrase)); - xfree(old_passphrase); - printf("Bad passphrase.\n"); - exit(1); - } - /* Destroy the passphrase. */ - memset(old_passphrase, 0, strlen(old_passphrase)); - xfree(old_passphrase); - } - printf("Key has comment '%s'\n", comment); - - /* Ask the new passphrase (twice). */ - if (identity_new_passphrase) - { - passphrase1 = xstrdup(identity_new_passphrase); - passphrase2 = NULL; - } - else - { - passphrase1 = - read_passphrase("Enter new passphrase (empty for no passphrase): ", 1); - passphrase2 = read_passphrase("Enter same passphrase again: ", 1); - - /* Verify that they are the same. */ - if (strcmp(passphrase1, passphrase2) != 0) - { - memset(passphrase1, 0, strlen(passphrase1)); - memset(passphrase2, 0, strlen(passphrase2)); - xfree(passphrase1); - xfree(passphrase2); - printf("Pass phrases do not match. Try again.\n"); - exit(1); - } - /* Destroy the other copy. */ - memset(passphrase2, 0, strlen(passphrase2)); - xfree(passphrase2); - } - - /* Save the file using the new passphrase. */ - if (!save_private_key(buf, passphrase1, private_key, comment)) - { - printf("Saving the key failed: %s: %s.\n", - buf, strerror(errno)); - memset(passphrase1, 0, strlen(passphrase1)); - xfree(passphrase1); - RSA_free(private_key); - xfree(comment); - exit(1); - } - /* Destroy the passphrase and the copy of the key in memory. */ - memset(passphrase1, 0, strlen(passphrase1)); - xfree(passphrase1); - RSA_free(private_key); /* Destroys contents */ - xfree(comment); + char buf[1024]; + snprintf(identity_file, sizeof(identity_file), "%s/%s", + pw->pw_dir, SSH_CLIENT_IDENTITY); + printf("%s (%s): ", prompt, identity_file); + fflush(stdout); + if (fgets(buf, sizeof(buf), stdin) == NULL) + exit(1); + if (strchr(buf, '\n')) + *strchr(buf, '\n') = 0; + if (strcmp(buf, "") != 0) + strlcpy(identity_file, buf, sizeof(identity_file)); + have_identity = 1; +} - printf("Your identification has been saved with the new passphrase.\n"); - exit(0); +void +do_fingerprint(struct passwd *pw) +{ + char *comment; + RSA *public_key; + struct stat st; + + if (!have_identity) + ask_filename(pw, "Enter file in which the key is"); + if (stat(identity_file, &st) < 0) { + perror(identity_file); + exit(1); + } + public_key = RSA_new(); + if (!load_public_key(identity_file, public_key, &comment)) { + char *cp, line[1024]; + BIGNUM *e, *n; + int dummy, invalid = 0; + FILE *f = fopen(identity_file, "r"); + n = BN_new(); + e = BN_new(); + if (f && fgets(line, sizeof(line), f)) { + cp = line; + line[strlen(line) - 1] = '\0'; + if (auth_rsa_read_key(&cp, &dummy, e, n)) { + public_key->e = e; + public_key->n = n; + comment = xstrdup(cp ? cp : "no comment"); + } else { + invalid = 1; + } + } else { + invalid = 1; + } + if (invalid) { + printf("%s is not a valid key file.\n", identity_file); + BN_free(e); + BN_free(n); + exit(1); + } + } + printf("%d %s %s\n", BN_num_bits(public_key->n), + fingerprint(public_key->e, public_key->n), + comment); + RSA_free(public_key); + exit(0); } + +/* + * Perform changing a passphrase. The argument is the passwd structure + * for the current user. + */ +void +do_change_passphrase(struct passwd *pw) +{ + char *comment; + char *old_passphrase, *passphrase1, *passphrase2; + struct stat st; + RSA *private_key; + + if (!have_identity) + ask_filename(pw, "Enter file in which the key is"); + if (stat(identity_file, &st) < 0) { + perror(identity_file); + exit(1); + } + public_key = RSA_new(); + if (!load_public_key(identity_file, public_key, NULL)) { + printf("%s is not a valid key file.\n", identity_file); + exit(1); + } + /* Clear the public key since we are just about to load the whole file. */ + RSA_free(public_key); + + /* Try to load the file with empty passphrase. */ + private_key = RSA_new(); + if (!load_private_key(identity_file, "", private_key, &comment)) { + if (identity_passphrase) + old_passphrase = xstrdup(identity_passphrase); + else + old_passphrase = read_passphrase("Enter old passphrase: ", 1); + if (!load_private_key(identity_file, old_passphrase, private_key, &comment)) { + memset(old_passphrase, 0, strlen(old_passphrase)); + xfree(old_passphrase); + printf("Bad passphrase.\n"); + exit(1); + } + memset(old_passphrase, 0, strlen(old_passphrase)); + xfree(old_passphrase); + } + printf("Key has comment '%s'\n", comment); -/* Change the comment of a private key file. */ + /* Ask the new passphrase (twice). */ + if (identity_new_passphrase) { + passphrase1 = xstrdup(identity_new_passphrase); + passphrase2 = NULL; + } else { + passphrase1 = + read_passphrase("Enter new passphrase (empty for no passphrase): ", 1); + passphrase2 = read_passphrase("Enter same passphrase again: ", 1); + + /* Verify that they are the same. */ + if (strcmp(passphrase1, passphrase2) != 0) { + memset(passphrase1, 0, strlen(passphrase1)); + memset(passphrase2, 0, strlen(passphrase2)); + xfree(passphrase1); + xfree(passphrase2); + printf("Pass phrases do not match. Try again.\n"); + exit(1); + } + /* Destroy the other copy. */ + memset(passphrase2, 0, strlen(passphrase2)); + xfree(passphrase2); + } + /* Save the file using the new passphrase. */ + if (!save_private_key(identity_file, passphrase1, private_key, comment)) { + printf("Saving the key failed: %s: %s.\n", + identity_file, strerror(errno)); + memset(passphrase1, 0, strlen(passphrase1)); + xfree(passphrase1); + RSA_free(private_key); + xfree(comment); + exit(1); + } + /* Destroy the passphrase and the copy of the key in memory. */ + memset(passphrase1, 0, strlen(passphrase1)); + xfree(passphrase1); + RSA_free(private_key); /* Destroys contents */ + xfree(comment); + + printf("Your identification has been saved with the new passphrase.\n"); + exit(0); +} + +/* + * Change the comment of a private key file. + */ void do_change_comment(struct passwd *pw) { - char buf[1024], new_comment[1024], *comment; - RSA *private_key; - char *passphrase; - struct stat st; - FILE *f; - char *tmpbuf; - - /* Read key file name. */ - if (identity_file) - { - strncpy(buf, identity_file, sizeof(buf)); - buf[sizeof(buf) - 1] = '\0'; - } - else - { - printf("Enter file in which the key is ($HOME/%s): ", - SSH_CLIENT_IDENTITY); - fflush(stdout); - if (fgets(buf, sizeof(buf), stdin) == NULL) - exit(1); - if (strchr(buf, '\n')) - *strchr(buf, '\n') = 0; - if (strcmp(buf, "") == 0) - snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY); - } - - /* Check if the file exists. */ - if (stat(buf, &st) < 0) - { - perror(buf); - exit(1); - } - - /* Try to load the public key from the file the verify that it is - readable and of the proper format. */ - public_key = RSA_new(); - if (!load_public_key(buf, public_key, NULL)) - { - printf("%s is not a valid key file.\n", buf); - exit(1); - } - - private_key = RSA_new(); - /* Try to load the file with empty passphrase. */ - if (load_private_key(buf, "", private_key, &comment)) - passphrase = xstrdup(""); - else - { - /* Read passphrase from the user. */ - if (identity_passphrase) - passphrase = xstrdup(identity_passphrase); - else - if (identity_new_passphrase) - passphrase = xstrdup(identity_new_passphrase); - else - passphrase = read_passphrase("Enter passphrase: ", 1); - /* Try to load using the passphrase. */ - if (!load_private_key(buf, passphrase, private_key, &comment)) - { - memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); - printf("Bad passphrase.\n"); - exit(1); - } - } - printf("Key now has comment '%s'\n", comment); - - if (identity_comment) - { - strncpy(new_comment, identity_comment, sizeof(new_comment)); - new_comment[sizeof(new_comment) - 1] = '\0'; - } - else - { - printf("Enter new comment: "); - fflush(stdout); - if (!fgets(new_comment, sizeof(new_comment), stdin)) - { - memset(passphrase, 0, strlen(passphrase)); - RSA_free(private_key); - exit(1); - } - - /* Remove terminating newline from comment. */ - if (strchr(new_comment, '\n')) - *strchr(new_comment, '\n') = 0; - } - - /* Save the file using the new passphrase. */ - if (!save_private_key(buf, passphrase, private_key, new_comment)) - { - printf("Saving the key failed: %s: %s.\n", - buf, strerror(errno)); - memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); - RSA_free(private_key); - xfree(comment); - exit(1); - } - - /* Destroy the passphrase and the private key in memory. */ - memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); - RSA_free(private_key); - - /* Save the public key in text format in a file with the same name but - .pub appended. */ - strcat(buf, ".pub"); - f = fopen(buf, "w"); - if (!f) - { - printf("Could not save your public key in %s\n", buf); - exit(1); - } - fprintf(f, "%d ", BN_num_bits(public_key->n)); - tmpbuf = BN_bn2dec(public_key->e); - fprintf(f, "%s ", tmpbuf); - free (tmpbuf); - tmpbuf = BN_bn2dec(public_key->n); - fprintf(f, "%s %s\n", tmpbuf, new_comment); - free (tmpbuf); - fclose(f); + char new_comment[1024], *comment; + RSA *private_key; + char *passphrase; + struct stat st; + FILE *f; + char *tmpbuf; + + if (!have_identity) + ask_filename(pw, "Enter file in which the key is"); + if (stat(identity_file, &st) < 0) { + perror(identity_file); + exit(1); + } + /* + * Try to load the public key from the file the verify that it is + * readable and of the proper format. + */ + public_key = RSA_new(); + if (!load_public_key(identity_file, public_key, NULL)) { + printf("%s is not a valid key file.\n", identity_file); + exit(1); + } + private_key = RSA_new(); - xfree(comment); + if (load_private_key(identity_file, "", private_key, &comment)) + passphrase = xstrdup(""); + else { + if (identity_passphrase) + passphrase = xstrdup(identity_passphrase); + else if (identity_new_passphrase) + passphrase = xstrdup(identity_new_passphrase); + else + passphrase = read_passphrase("Enter passphrase: ", 1); + /* Try to load using the passphrase. */ + if (!load_private_key(identity_file, passphrase, private_key, &comment)) { + memset(passphrase, 0, strlen(passphrase)); + xfree(passphrase); + printf("Bad passphrase.\n"); + exit(1); + } + } + printf("Key now has comment '%s'\n", comment); + + if (identity_comment) { + strlcpy(new_comment, identity_comment, sizeof(new_comment)); + } else { + printf("Enter new comment: "); + fflush(stdout); + if (!fgets(new_comment, sizeof(new_comment), stdin)) { + memset(passphrase, 0, strlen(passphrase)); + RSA_free(private_key); + exit(1); + } + if (strchr(new_comment, '\n')) + *strchr(new_comment, '\n') = 0; + } + + /* Save the file using the new passphrase. */ + if (!save_private_key(identity_file, passphrase, private_key, new_comment)) { + printf("Saving the key failed: %s: %s.\n", + identity_file, strerror(errno)); + memset(passphrase, 0, strlen(passphrase)); + xfree(passphrase); + RSA_free(private_key); + xfree(comment); + exit(1); + } + memset(passphrase, 0, strlen(passphrase)); + xfree(passphrase); + RSA_free(private_key); + + strlcat(identity_file, ".pub", sizeof(identity_file)); + f = fopen(identity_file, "w"); + if (!f) { + printf("Could not save your public key in %s\n", identity_file); + exit(1); + } + fprintf(f, "%d ", BN_num_bits(public_key->n)); + tmpbuf = BN_bn2dec(public_key->e); + fprintf(f, "%s ", tmpbuf); + free(tmpbuf); + tmpbuf = BN_bn2dec(public_key->n); + fprintf(f, "%s %s\n", tmpbuf, new_comment); + free(tmpbuf); + fclose(f); - printf("The comment in your key file has been changed.\n"); - exit(0); + xfree(comment); + + printf("The comment in your key file has been changed.\n"); + exit(0); } -/* Main program for key management. */ +void +usage(void) +{ + printf("ssh-keygen version %s\n", SSH_VERSION); + printf("Usage: %s [-b bits] [-p] [-c] [-f file] [-P pass] [-N new-pass] [-C comment]\n", __progname); + exit(1); +} +/* + * Main program for key management. + */ int main(int ac, char **av) { - char buf[16384], buf2[1024], *passphrase1, *passphrase2; - struct passwd *pw; - char *tmpbuf; - int opt; - struct stat st; - FILE *f; - char hostname[MAXHOSTNAMELEN]; - extern int optind; - extern char *optarg; - - /* check if RSA support exists */ - if (rsa_alive() == 0) { - extern char *__progname; - - fprintf(stderr, - "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", - __progname); - exit(1); - } - - /* Get user\'s passwd structure. We need this for the home directory. */ - pw = getpwuid(getuid()); - if (!pw) - { - printf("You don't exist, go away!\n"); - exit(1); - } - - /* Create ~/.ssh directory if it doesn\'t already exist. */ - snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_USER_DIR); - if (stat(buf, &st) < 0) - if (mkdir(buf, 0755) < 0) - error("Could not create directory '%s'.", buf); - - /* Parse command line arguments. */ - while ((opt = getopt(ac, av, "qpcb:f:P:N:C:")) != EOF) - { - switch (opt) - { - case 'b': - bits = atoi(optarg); - if (bits < 512 || bits > 32768) - { - printf("Bits has bad value.\n"); - exit(1); - } - break; - - case 'p': - change_passphrase = 1; - break; - - case 'c': - change_comment = 1; - break; - - case 'f': - identity_file = optarg; - break; - - case 'P': - identity_passphrase = optarg; - break; - - case 'N': - identity_new_passphrase = optarg; - break; - - case 'C': - identity_comment = optarg; - break; - - case 'q': - quiet = 1; - break; - - case '?': - default: - printf("ssh-keygen version %s\n", SSH_VERSION); - printf("Usage: %s [-b bits] [-p] [-c] [-f file] [-P pass] [-N new-pass] [-C comment]\n", av[0]); - exit(1); - } - } - if (optind < ac) - { - printf("Too many arguments.\n"); - exit(1); - } - if (change_passphrase && change_comment) - { - printf("Can only have one of -p and -c.\n"); - exit(1); - } - - /* If the user requested to change the passphrase, do it now. This - function never returns. */ - if (change_passphrase) - do_change_passphrase(pw); - - /* If the user requested to change the comment, do it now. This function - never returns. */ - if (change_comment) - do_change_comment(pw); - - arc4random_stir(); - - if (quiet) - rsa_set_verbose(0); - - /* Generate the rsa key pair. */ - private_key = RSA_new(); - public_key = RSA_new(); - rsa_generate_key(private_key, public_key, bits); - - ask_file_again: - - /* Ask for a file to save the key in. */ - if (identity_file) - { - strncpy(buf, identity_file, sizeof(buf)); - buf[sizeof(buf) - 1] = '\0'; - } - else - { - printf("Enter file in which to save the key ($HOME/%s): ", - SSH_CLIENT_IDENTITY); - fflush(stdout); - if (fgets(buf, sizeof(buf), stdin) == NULL) - exit(1); - if (strchr(buf, '\n')) - *strchr(buf, '\n') = 0; - if (strcmp(buf, "") == 0) - snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY); - } - - /* If the file aready exists, ask the user to confirm. */ - if (stat(buf, &st) >= 0) - { - printf("%s already exists.\n", buf); - printf("Overwrite (y/n)? "); - fflush(stdout); - if (fgets(buf2, sizeof(buf2), stdin) == NULL) - exit(1); - if (buf2[0] != 'y' && buf2[0] != 'Y') - exit(1); - } - - /* Ask for a passphrase (twice). */ - if (identity_passphrase) - passphrase1 = xstrdup(identity_passphrase); - else - if (identity_new_passphrase) - passphrase1 = xstrdup(identity_new_passphrase); - else - { - passphrase_again: - passphrase1 = - read_passphrase("Enter passphrase (empty for no passphrase): ", 1); - passphrase2 = read_passphrase("Enter same passphrase again: ", 1); - if (strcmp(passphrase1, passphrase2) != 0) - { - /* The passphrases do not match. Clear them and retry. */ - memset(passphrase1, 0, strlen(passphrase1)); - memset(passphrase2, 0, strlen(passphrase2)); - xfree(passphrase1); - xfree(passphrase2); - printf("Passphrases do not match. Try again.\n"); - goto passphrase_again; - } - /* Clear the other copy of the passphrase. */ - memset(passphrase2, 0, strlen(passphrase2)); - xfree(passphrase2); - } - - /* Create default commend field for the passphrase. The user can later - edit this field. */ - if (identity_comment) - { - strlcpy(buf2, identity_comment, sizeof(buf2)); - } - else - { - if (gethostname(hostname, sizeof(hostname)) < 0) - { - perror("gethostname"); - exit(1); - } - snprintf(buf2, sizeof buf2, "%s@%s", pw->pw_name, hostname); - } - - /* Save the key with the given passphrase and comment. */ - if (!save_private_key(buf, passphrase1, private_key, buf2)) - { - printf("Saving the key failed: %s: %s.\n", - buf, strerror(errno)); - memset(passphrase1, 0, strlen(passphrase1)); - xfree(passphrase1); - goto ask_file_again; - } - /* Clear the passphrase. */ - memset(passphrase1, 0, strlen(passphrase1)); - xfree(passphrase1); - - /* Clear the private key and the random number generator. */ - RSA_free(private_key); - arc4random_stir(); - - if (!quiet) - printf("Your identification has been saved in %s.\n", buf); - - /* Display the public key on the screen. */ - if (!quiet) { - printf("Your public key is:\n"); - printf("%d ", BN_num_bits(public_key->n)); - tmpbuf = BN_bn2dec(public_key->e); - printf("%s ", tmpbuf); - free(tmpbuf); - tmpbuf = BN_bn2dec(public_key->n); - printf("%s %s\n", tmpbuf, buf2); - free(tmpbuf); - } - - /* Save the public key in text format in a file with the same name but - .pub appended. */ - strcat(buf, ".pub"); - f = fopen(buf, "w"); - if (!f) - { - printf("Could not save your public key in %s\n", buf); - exit(1); - } - fprintf(f, "%d ", BN_num_bits(public_key->n)); - tmpbuf = BN_bn2dec(public_key->e); - fprintf(f, "%s ", tmpbuf); - free(tmpbuf); - tmpbuf = BN_bn2dec(public_key->n); - fprintf(f, "%s %s\n", tmpbuf, buf2); - free(tmpbuf); - fclose(f); - - if (!quiet) - printf("Your public key has been saved in %s\n", buf); - - exit(0); + char dotsshdir[16 * 1024], comment[1024], *passphrase1, *passphrase2; + struct passwd *pw; + char *tmpbuf; + int opt; + struct stat st; + FILE *f; + char hostname[MAXHOSTNAMELEN]; + extern int optind; + extern char *optarg; + + /* check if RSA support exists */ + if (rsa_alive() == 0) { + fprintf(stderr, + "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", + __progname); + exit(1); + } + /* we need this for the home * directory. */ + pw = getpwuid(getuid()); + if (!pw) { + printf("You don't exist, go away!\n"); + exit(1); + } + + while ((opt = getopt(ac, av, "qpclb:f:P:N:C:")) != EOF) { + switch (opt) { + case 'b': + bits = atoi(optarg); + if (bits < 512 || bits > 32768) { + printf("Bits has bad value.\n"); + exit(1); + } + break; + + case 'l': + print_fingerprint = 1; + break; + + case 'p': + change_passphrase = 1; + break; + + case 'c': + change_comment = 1; + break; + + case 'f': + strlcpy(identity_file, optarg, sizeof(identity_file)); + have_identity = 1; + break; + + case 'P': + identity_passphrase = optarg; + break; + + case 'N': + identity_new_passphrase = optarg; + break; + + case 'C': + identity_comment = optarg; + break; + + case 'q': + quiet = 1; + break; + + case '?': + default: + usage(); + } + } + if (optind < ac) { + printf("Too many arguments.\n"); + usage(); + } + if (change_passphrase && change_comment) { + printf("Can only have one of -p and -c.\n"); + usage(); + } + if (print_fingerprint) + do_fingerprint(pw); + if (change_passphrase) + do_change_passphrase(pw); + if (change_comment) + do_change_comment(pw); + + arc4random_stir(); + + if (quiet) + rsa_set_verbose(0); + + /* Generate the rsa key pair. */ + private_key = RSA_new(); + public_key = RSA_new(); + rsa_generate_key(private_key, public_key, bits); + + if (!have_identity) + ask_filename(pw, "Enter file in which to save the key"); + + /* Create ~/.ssh directory if it doesn\'t already exist. */ + snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", pw->pw_dir, SSH_USER_DIR); + if (strstr(identity_file, dotsshdir) != NULL && + stat(dotsshdir, &st) < 0) { + if (mkdir(dotsshdir, 0755) < 0) + error("Could not create directory '%s'.", dotsshdir); + else if (!quiet) + printf("Created directory '%s'.\n", dotsshdir); + } + /* If the file already exists, ask the user to confirm. */ + if (stat(identity_file, &st) >= 0) { + char yesno[3]; + printf("%s already exists.\n", identity_file); + printf("Overwrite (y/n)? "); + fflush(stdout); + if (fgets(yesno, sizeof(yesno), stdin) == NULL) + exit(1); + if (yesno[0] != 'y' && yesno[0] != 'Y') + exit(1); + } + /* Ask for a passphrase (twice). */ + if (identity_passphrase) + passphrase1 = xstrdup(identity_passphrase); + else if (identity_new_passphrase) + passphrase1 = xstrdup(identity_new_passphrase); + else { +passphrase_again: + passphrase1 = + read_passphrase("Enter passphrase (empty for no passphrase): ", 1); + passphrase2 = read_passphrase("Enter same passphrase again: ", 1); + if (strcmp(passphrase1, passphrase2) != 0) { + /* The passphrases do not match. Clear them and retry. */ + memset(passphrase1, 0, strlen(passphrase1)); + memset(passphrase2, 0, strlen(passphrase2)); + xfree(passphrase1); + xfree(passphrase2); + printf("Passphrases do not match. Try again.\n"); + goto passphrase_again; + } + /* Clear the other copy of the passphrase. */ + memset(passphrase2, 0, strlen(passphrase2)); + xfree(passphrase2); + } + + if (identity_comment) { + strlcpy(comment, identity_comment, sizeof(comment)); + } else { + /* Create default commend field for the passphrase. */ + if (gethostname(hostname, sizeof(hostname)) < 0) { + perror("gethostname"); + exit(1); + } + snprintf(comment, sizeof comment, "%s@%s", pw->pw_name, hostname); + } + + /* Save the key with the given passphrase and comment. */ + if (!save_private_key(identity_file, passphrase1, private_key, comment)) { + printf("Saving the key failed: %s: %s.\n", + identity_file, strerror(errno)); + memset(passphrase1, 0, strlen(passphrase1)); + xfree(passphrase1); + exit(1); + } + /* Clear the passphrase. */ + memset(passphrase1, 0, strlen(passphrase1)); + xfree(passphrase1); + + /* Clear the private key and the random number generator. */ + RSA_free(private_key); + arc4random_stir(); + + if (!quiet) + printf("Your identification has been saved in %s.\n", identity_file); + + strlcat(identity_file, ".pub", sizeof(identity_file)); + f = fopen(identity_file, "w"); + if (!f) { + printf("Could not save your public key in %s\n", identity_file); + exit(1); + } + fprintf(f, "%d ", BN_num_bits(public_key->n)); + tmpbuf = BN_bn2dec(public_key->e); + fprintf(f, "%s ", tmpbuf); + free(tmpbuf); + tmpbuf = BN_bn2dec(public_key->n); + fprintf(f, "%s %s\n", tmpbuf, comment); + free(tmpbuf); + fclose(f); + + if (!quiet) { + printf("Your public key has been saved in %s.\n", identity_file); + printf("The key fingerprint is:\n"); + printf("%d %s %s\n", BN_num_bits(public_key->n), + fingerprint(public_key->e, public_key->n), + comment); + } + exit(0); } Index: usr.bin/ssh/ssh.1 =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh.1,v retrieving revision 1.22 retrieving revision 1.29 diff -u -r1.22 -r1.29 --- usr.bin/ssh/ssh.1 1999/10/17 16:58:39 1.22 +++ usr.bin/ssh/ssh.1 1999/12/02 17:23:54 1.29 @@ -9,7 +9,7 @@ .\" .\" Created: Sat Apr 22 21:55:14 1995 ylo .\" -.\" $Id: ssh.1,v 1.22 1999/10/17 16:58:39 provos Exp $ +.\" $Id: ssh.1,v 1.29 1999/12/02 17:23:54 markus Exp $ .\" .Dd September 25, 1999 .Dt SSH 1 @@ -93,6 +93,8 @@ and if additionally the server can verify the client's host key (see .Pa /etc/ssh_known_hosts +and +.Pa $HOME/.ssh/known_hosts in the .Sx FILES section), only then login is @@ -291,7 +293,7 @@ .It Fl f Requests .Nm -to go to background after authentication. This is useful +to go to background just before command execution. This is useful if .Nm is going to ask for passwords or passphrases, but the user @@ -600,6 +602,12 @@ .Dq yes or .Dq no . +.It Cm LogLevel +Gives the verbosity level that is used when logging messages from +.Nm ssh . +The possible values are: +QUIET, FATAL, ERROR, INFO, CHAT and DEBUG. +The default is INFO. .It Cm NumberOfPasswordPrompts Specifies the number of password prompts before giving up. The argument to this keyword must be an integer. Default is 3. @@ -619,6 +627,9 @@ somewhere. Host key management will be done using the HostName of the host being connected (defaulting to the name typed by the user). +Note that +.Cm CheckHostIP +is not available for connects with a proxy command. .Pp .It Cm RemoteForward Specifies that a TCP/IP port on the remote machine be forwarded over @@ -654,6 +665,16 @@ RSA authentication will only be attempted if the identity file exists, or an authentication agent is running. +.It Cm SkeyAuthentication +Specifies whether to use +.Xr skey 1 +authentication. The argument to +this keyword must be +.Dq yes +or +.Dq no . +The default is +.Dq no . .It Cm CheckHostIP If this flag is set to .Dq yes , @@ -954,6 +975,9 @@ The libraries described in .Xr ssl 8 are required for proper operation. +.Pp +OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl, +Niels Provos, Theo de Raadt, and Dug Song. .Sh SEE ALSO .Xr rlogin 1 , .Xr rsh 1 , Index: usr.bin/ssh/ssh.1.in =================================================================== RCS file: ssh.1.in diff -N ssh.1.in --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvskUYTf31367 Wed Dec 8 12:42:10 1999 @@ -0,0 +1,1003 @@ +.\" -*- nroff -*- +.\" +.\" ssh.1.in +.\" +.\" Author: Tatu Ylonen +.\" +.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland +.\" All rights reserved +.\" +.\" Created: Sat Apr 22 21:55:14 1995 ylo +.\" +.\" $Id: ssh.1.in,v 1.2 1999/09/26 22:31:09 deraadt dead $ +.\" +.TH SSH 1 "November 8, 1995" "SSH" "SSH" + +.SH NAME +ssh \- secure shell client (remote login program) + +.SH SYNOPSIS +.B ssh +[\c +.BI \-l \ login_name\fR\c +] +.B hostname +[\c +.IR command \c +] + +.B ssh +[\c +.BR \-k \c +] +[\c +.B \-c +\fIblowfish\fR\||\|\fIidea\fR\||\|\fIdes\fR\||\|\fI3des\fR\||\|\fInone\fR\c +] +[\c +.BI \-e \ escape_char\fR\c +] +[\c +.BI \-i \ identity_file\fR\c +] +[\c +.BI \-l \ login_name\fR\c +] +[\c +.BR \-n \c +] +[\c +.BI \-o \ option\fR\c +] +[\c +.BI \-p \ port\fR\c +] +[\c +.BR \-q \c +] +[\c +.BR \-t \c +] +[\c +.BR \-v \c +] +[\c +.BR \-x \c +] +[\c +.BR \-X \c +] +[\c +.BR \-C \c +] +[\c +.BI \-L \ port\fB:\fIhost\fB:\fIhostport\fR\c +] +[\c +.BI \-R \ port\fB:\fIhost\fB:\fIhostport\fR\c +] +.I hostname +[\c +.IR command \c +] + +.SH DESCRIPTION +.LP +.B Ssh +(Secure Shell) a program for logging into a remote machine and for +executing commands in a remote machine. It is intended to replace +rlogin and rsh, and provide secure encrypted communications between +two untrusted hosts over an insecure network. X11 connections and +arbitrary TCP/IP ports can also be forwarded over the secure channel. +.LP +.B Ssh +connects and logs into the specified +.IR hostname . +The user must prove +his/her identity to the remote machine using one of several methods. +.LP +First, if the machine the user logs in from is listed in +.I /etc/hosts.equiv +or +.I @ETCDIR@/shosts.equiv +on the remote machine, and the user names are +the same on both sides, the user is immediately permitted to log in. +Second, if +.I \&\s+2.\s0rhosts +or +.I \&\s+2.\s0shosts +exists in the user's home directory on the +remote machine and contains a line containing the name of the client +machine and the name of the user on that machine, the user is +permitted to log in. This form of authentication alone is normally not +allowed by the server because it is not secure. +.LP +The second (and primary) authentication method is the +.B rhosts +or +.B hosts.equiv +method combined with RSA-based host authentication. It +means that if the login would be permitted by +.I \&\s+2.\s0rhosts\c +\|, +.I \&\s+2.\s0shosts\c +\|, +.IR /etc/hosts.equiv\c +\|, +or +.IR @ETCDIR@/shosts.equiv ", +and additionally it can verify the client's +host key (see +.I \&$HOME/\s+2.\s0ssh/known_hosts +and +.I @ETCDIR@/ssh_known_hosts +in the +.B \s-1FILES\s0 +section), only then login is +permitted. This authentication method closes security holes due to IP +spoofing, DNS spoofing and routing spoofing. [Note to the +administrator: +.IR /etc/hosts.equiv ", +.IR \&\s+2.\s0rhosts ", +and the rlogin/rsh protocol in general, are inherently insecure and should be +disabled if security is desired.] +.LP +As a third authentication method, +.B ssh +supports RSA based authentication. +The scheme is based on public-key cryptography: there are cryptosystems +where encryption and decryption are done using separate keys, and it +is not possible to derive the decryption key from the encryption key. +RSA is one such system. The idea is that each user creates a public/private +key pair for authentication purposes. The +server knows the public key, and only the user knows the private key. +The file +.I \&$HOME/\s+2.\s0ssh/authorized_keys +lists the public keys that are permitted for logging +in. When the user logs in, the +.B ssh +program tells the server which key pair it would like to use for +authentication. The server checks if this key is permitted, and if +so, sends the user (actually the +.B ssh +program running on behalf of the user) a challenge, a random number, +encrypted by the user's public key. The challenge can only be +decrypted using the proper private key. The user's client then decrypts the +challenge using the private key, proving that he/she knows the private +key but without disclosing it to the server. +.LP +.B Ssh +implements the RSA authentication protocol automatically. The user +creates his/her RSA key pair by running +.BR ssh-keygen (1). +This stores the private key in +.I \&\s+2.\s0ssh/identity +and the public key in +.I \&\s+2.\s0ssh/identity.pub +in the user's home directory. The user should then +copy the +.I identity.pub +to +.I \&\s+2.\s0ssh/authorized_keys +in his/her home directory on the remote machine (the +.I authorized_keys +file corresponds to the conventional +.I \&\s+2.\s0rhosts +file, and has one key +per line, though the lines can be very long). After this, the user +can log in without giving the password. RSA authentication is much +more secure than rhosts authentication. +.LP +The most convenient way to use RSA authentication may be with an +authentication agent. See +.BR ssh-agent (1) +for more information. +.LP +If other authentication methods fail, +.B ssh +prompts the user for a password. The password is sent to the remote +host for checking; however, since all communications are encrypted, +the password cannot be seen by someone listening on the network. +.LP +When the user's identity has been accepted by the server, the server +either executes the given command, or logs into the machine and gives +the user a normal shell on the remote machine. All communication with +the remote command or shell will be automatically encrypted. +.LP +If a pseudo-terminal has been allocated (normal login session), the +user can disconnect with "~.", and suspend +.B ssh +with "~^Z". All forwarded connections can be listed with "~#", and if +the session blocks waiting for forwarded X11 or TCP/IP +connections to terminate, it can be backgrounded with "~&" (this +should not be used while the user shell is active, as it can cause the +shell to hang). All available escapes can be listed with "~?". +.LP +A single tilde character can be sent as "~~" (or by +following the tilde by a character other than those described above). +The escape character must always follow a newline to be interpreted as +special. The escape character can be changed in configuration files +or on the command line. +.LP +If no pseudo tty has been allocated, the +session is transparent and can be used to reliably transfer binary +data. On most systems, setting the escape character to ``none'' will +also make the session transparent even if a tty is used. +.LP +The session terminates when the command or shell in on the remote +machine exists and all X11 and TCP/IP connections have been closed. +The exit status of the remote program is returned as the exit status +of +.B ssh. +.LP +If the user is using X11 (the +.B \s-1DISPLAY\s0 +environment variable is set), the connection to the X11 display is +automatically forwarded to the remote side in such a way that any X11 +programs started from the shell (or command) will go through the +encrypted channel, and the connection to the real X server will be made +from the local machine. The user should not manually set +.BR \s-1DISPLAY\s0 ". +Forwarding of X11 connections can be +configured on the command line or in configuration files. +.LP +The DISPLAY value set by +.B ssh +will point to the server machine, but with a display number greater +than zero. This is normal, and happens because +.B ssh +creates a "proxy" X server on the server machine for forwarding the +connections over the encrypted channel. +.LP +.B Ssh +will also automatically set up Xauthority data on the server machine. +For this purpose, it will generate a random authorization cookie, +store it in Xauthority on the server, and verify that any forwarded +connections carry this cookie and replace it by the real cookie when +the connection is opened. The real authentication cookie is never +sent to the server machine (and no cookies are sent in the plain). +.LP +If the user is using an authentication agent, the connection to the agent +is automatically forwarded to the remote side unless disabled on +command line or in a configuration file. +.LP +Forwarding of arbitrary TCP/IP connections over the secure channel can +be specified either on command line or in a configuration file. One +possible application of TCP/IP forwarding is a secure connection to an +electronic purse; another is going trough firewalls. +.LP +.B Ssh +automatically maintains and checks a database containing RSA-based +identifications for all hosts it has ever been used with. The +database is stored in +.I \&\s+2.\s0ssh/known_hosts +in the user's home directory. Additionally, the file +.I @ETCDIR@/ssh_known_hosts +is automatically checked for known hosts. Any new hosts are +automatically added to the user's file. If a host's identification +ever changes, +.B ssh +warns about this and disables password authentication to prevent a +trojan horse from getting the user's password. Another purpose of +this mechanism is to prevent man-in-the-middle attacks which could +otherwise be used to circumvent the encryption. The +.B StrictHostKeyChecking +option (see below) can be used to prevent logins to machines whose +host key is not known or has changed. + + +.ne 5 +.SH OPTIONS +.TP +.BI \-c \ \fIblowfish\fR\||\|\fIidea\fR\||\|\fIdes\fR\||\|\fI3des\fR\||\|\fInone\fR +Selects the cipher to use for encrypting the session. +.B \s-13DES\s0 +is used by default. It is believed to be secure. +.B \s-1DES\s0 +is the data encryption standard, but is breakable by +governments, large corporations, and major criminal organizations. +.B \s-13DES\s0 +(triple-des) is encrypt-decrypt-encrypt triple with three different +keys. It is presumably more secure than +DES. +.B none +disables encryption entirely; it is only intended for debugging, and +it renders the connection insecure. +.ne 3 +.TP +.B \-e \fIch\fR\||\|\fI^ch\fR\||\|\fInone\fR +Sets the escape character for sessions with a pty (default: ~). The +escape character is only recognized at the beginning of a line. The +escape character followed by a dot (.) closes the connection, followed +by control-Z suspends the connection, and followed by itself sends the +escape character once. Setting the character to 'none' disables any +escapes and makes the session fully transparent. +.ne 3 +.TP +.B \-f +Requests ssh to go to background after authentication. This is useful +if ssh is going to ask for passwords or passphrases, but the user +wants it in the background. This implies +.B \-n. +The recommended way to start X11 programs at a remote site is with +something like "ssh -f host xterm". +.ne 3 +.TP +.BI \-i \ identity_file +Selects the file from which the identity (private key) for +.B \s-1RSA\s0 +authentication is read. Default is +.I \&\s+2.\s0ssh/identity +in the user's home directory. Identity files may also be specified on +a per-host basis in the configuration file. It is possible to have +multiple \-i options (and multiple identities specified in +configuration files). +.ne 3 +.TP +.B \-k +Disables forwarding of Kerberos tickets / AFS tokens. This may +also be specified on a per-host basis in the configuration file. +.ne 3 +.TP +.BI -l \ login_name +Specifies the user to log in as on the remote machine. This may also +be specified on a per-host basis in the configuration file. +.ne 3 +.TP +.B \-n +Redirects stdin from /dev/null (actually, prevents reading from stdin). +This must be used when +.B ssh +is run in the background. A common trick is to use this to run X11 +programs in a remote machine. For example, "ssh -n shadows.cs.hut.fi +emacs &" will start an emacs on shadows.cs.hut.fi, and the X11 +connection will be automatically forwarded over an encrypted channel. +The +.B ssh +program will be put in the background. +(This does not work if +.B ssh +needs to ask for a password or passphrase; see also the -f option.) +.ne 3 +.TP +.BI \-o "\ 'option' +Can be used to give options in the format used in the config file. +This is useful for specifying options for which there is no separate +command-line flag. The option has the same format as a line in the +configuration file. +.ne 3 +.TP +.BI \-p "\ port +Port to connect to on the remote host. This can be specified on a +per-host basis in the configuration file. +.ne 3 +.TP +.B \-q +Quiet mode. Causes all warning and diagnostic messages to be +suppressed. Only fatal errors are displayed. +.ne 3 +.TP +.B \-t +Force pseudo-tty allocation. This can be used to execute arbitary +screen-based programs on a remote machine, which can be very useful +e.g. when implementing menu services. +.ne 3 +.TP +.B \-v +Verbose mode. Causes +.B ssh +to print debugging messages about its progress. This is helpful in +debugging connection, authentication, and configuration problems. +.ne 3 +.TP +.B \-x +Disables X11 forwarding. This can also be specified on a per-host +basis in a configuration file. +.ne 3 +.TP +.B \-X +Enables X11 forwarding. +.ne 3 +.TP +.B \-C +Requests compression of all data (including stdin, stdout, stderr, and +data for forwarded X11 and TCP/IP connections). The compression +algorithm is the same used by gzip, and the "level" can be controlled +by the +.B CompressionLevel +option (see below). Compression is desirable on modem lines and other +slow connections, but will only slow down things on fast networks. +The default value can be set on a host-by-host basis in the +configuration files; see the +.B Compress +option below. +.ne 3 +.TP +.BI \-L "\ port:host:hostport +Specifies that the given port on the local (client) host is to be +forwarded to the given host and port on the remote side. This works +by allocating a socket to listen to +.B port +on the local side, and whenever a connection is made to this port, the +connection is forwarded over the secure channel, and a connection is +made to +.B host:hostport +from the remote machine. Port forwardings can also be specified in the +configuration file. Only root can forward privileged ports. +.ne 3 +.TP +.BI \-R "\ port:host:hostport +Specifies that the given port on the remote (server) host is to be +forwarded to the given host and port on the local side. This works +by allocating a socket to listen to +.B port +on the remote side, and whenever a connection is made to this port, the +connection is forwarded over the secure channel, and a connection is +made to +.B host:hostport +from the local machine. Port forwardings can also be specified in the +configuration file. Privileged ports can be forwarded only when +logging in as root on the remote machine. + +.SH CONFIGURATION FILES +.LP +.B Ssh +obtains configuration data from the following sources (in this order): +command line options, user's configuration file +(\fI\&$HOME/\s+2.\s0ssh/config\fR), and system-wide configuration file +(\fI@ETCDIR@/ssh_config\fR). For each parameter, the first obtained value +will be used. The configuration files contain sections bracketed by +"Host" specifications, and that section is only applied for hosts that +match one of the patterns given in the specification. The matched +host name is the one given on the command line. +.LP +Since the first obtained value for each parameter is used, more +host-specific declarations should be given near the beginning of the +file, and general defaults at the end. +.LP +The configuration file has the following format: +.IP +Empty lines and lines starting with '#' are comments. +.IP +Otherwise a line is of the format "keyword arguments". The possible +keywords and their meanings are as follows (note that the +configuration files are case-sensitive): +.ne 3 +.TP +.de YN +"\fByes\fR" or "\fBno\fR". +.. + +.B Host +Restricts the following declarations (up to the next +.B Host +keyword) to be only for those hosts that match one of the patterns +given after the keyword. '*' and '?' can be as wildcards in the +patterns. A single '*' as a pattern can be used to provide global +defaults for all hosts. The host is the +.IR hostname +argument given on the command line (i.e., the name is not converted to +a canonicalized host name before matching). +.ne 3 +.TP +.B AFSTokenPassing +Specifies whether to pass AFS tokens to remote host. The argument to +this keyword must be +.YN +.ne 3 +.TP +.B BatchMode +If set to "yes", passphrase/password querying will be disabled. This +option is useful in scripts and other batch jobs where you have no +user to supply the password. The argument must be +.YN +.ne 3 +.TP +.B Cipher +Specifies the cipher to use for encrypting the session. Currently, +.IR blowfish ", +.IR idea ", +.IR des ", +.IR 3des ", +and +.I none +are supported. The default is "3des". Using "none" (no encryption) is intended +only for debugging, and will render the connection insecure. +.ne 3 +.TP +.B Compression +Specifies whether to use compression. The argument must be +.YN +.ne 3 +.TP +.B CompressionLevel +Specifies the compression level to use if compression is enable. The +argument must be an integer from 1 (fast) to 9 (slow, best). The +default level is 6, which is good for most applications. The meaning +of the values is the same as in GNU GZIP. +.ne 3 +.TP +.B ConnectionAttempts +Specifies the number of tries (one per second) to make before falling +back to rsh or exiting. The argument must be an integer. This may be +useful in scripts if the connection sometimes fails. +.ne 3 +.TP +.B EscapeChar +Sets the escape character (default: ~). The escape character can also +be set on the command line. The argument should be a single +character, '^' followed by a letter, or ``none'' to disable the escape +character entirely (making the connection transparent for binary +data). +.ne 3 +.TP +.B FallBackToRsh +Specifies that if connecting via +.B ssh +fails due to a connection refused error (there is no +.B sshd +listening on the remote host), +.B rsh +should automatically be used instead (after a suitable warning about +the session being unencrypted). The argument must be +.YN +.ne 3 +.TP +.B ForwardAgent +Specifies whether the connection to the authentication agent (if any) +will be forwarded to the remote machine. The argument must be +.YN +.ne 3 +.TP +.B ForwardX11 +Specifies whether X11 connections will be automatically redirected +over the secure channel and +.B \s-1DISPLAY\s0 +set. The argument must be +.YN +.ne 3 +.TP +.B GlobalKnownHostsFile +Specifies a file to use instead of +.IR @ETCDIR@/ssh_known_hosts ". +.ne 3 +.TP +.B HostName +Specifies the real host name to log into. This can be used to specify +nicnames or abbreviations for hosts. Default is the name given on the +command line. Numeric IP addresses are also permitted (both on the +command line and in +.B HostName +specifications). +.ne 3 +.TP +.B IdentityFile +Specifies the file from which the user's RSA authentication identity +is read (default \fI\s+2.\s0ssh/identity\fR in the user's home directory). +Additionally, any identities represented by the authentication agent +will be used for authentication. The file name may use the tilde +syntax to refer to a user's home directory. It is possible to have +multiple identity files specified in configuration files; all these +identities will be tried in sequence. +.ne 3 +.TP +.B KeepAlive +Specifies whether the system should send keepalive messages to the +other side. If they are sent, death of the connection or crash of one +of the machines will be properly noticed. However, this means that +connections will die if the route is down temporarily, and some people +find it annoying. + +The default is "yes" (to send keepalives), and the client will notice +if the network goes down or the remote host dies. This is important +in scripts, and many users want it too. + +To disable keepalives, the value should be set to "no" in both the +server and the client configuration files. +.ne 3 +.TP +.B KerberosAuthentication +Specifies whether Kerberos authentication will be used. +.TP +.B KerberosTgtPassing +Specifies whether a Kerberos TGT will be forwarded to the server. +Note that TGT forwarding is normally not enabled in the server. +.TP +.B LocalForward +Specifies that a TCP/IP port on the local machine be forwarded over +the secure channel to given host:port from the remote machine. The +first argument must be a port number, and the second must be +host:port. Multiple forwardings may be specified, and additional +forwardings can be given on the command line. Only the root can +forward privileged ports. +.ne 3 +.TP +.B PasswordAuthentication +Specifies whether to use password authentication. The argument to +this keyword must be +.YN +.ne 3 +.TP +.B Port +Specifies the port number to connect on the remote host. Default is +22. +.ne 3 +.TP +.B ProxyCommand +Specifies the command to use to connect to the server. The command +string extends to the end of the line, and is executed with /bin/sh. +In the command string, %h will be substituted by the host name to +connect and %p by the port. The command can be basically anything, +and should read from its stdin and write to its stdout. It should +eventually connect an +.B sshd +server running on some machine, or execute +"sshd -i" somewhere. Host key management will be done using the +HostName of the host being connected (defaulting to the name typed by +the user). + +Note that +.B ssh +can also be configured to support the SOCKS system using the +--with-socks compile-time configuration option. +.ne 3 +.TP +.B RemoteForward +Specifies that a TCP/IP port on the remote machine be forwarded over +the secure channel to given host:port from the local machine. The +first argument must be a port number, and the second must be +host:port. Multiple forwardings may be specified, and additional +forwardings can be given on the command line. Only the root can +forward privileged ports. +.ne 3 +.TP +.B RhostsAuthentication +Specifies whether to try rhosts based authentication. Note that this +declaration only affects the client side and has no effect whatsoever +on security. Disabling rhosts authentication may reduce +authentication time on slow connections when rhosts authentication is +not used. Most servers do not permit RhostsAuthentication because it +is not secure (see RhostsRSAAuthentication). The argument to this +keyword must be +.YN +.ne 3 +.TP +.B RhostsRSAAuthentication +Specifies whether to try rhosts based authentication with RSA host +authentication. This is the primary authentication method for most +sites. The argument must be +.YN +.ne 3 +.TP +.B RSAAuthentication +Specifies whether to try RSA authentication. The argument to this +keyword must be +.YN +RSA authentication will only be +attempted if the identity file exists, or an authentication agent is +running. +.ne 3 +.TP +.B StrictHostKeyChecking +If this flag is set to "yes", +.B ssh +ssh will never automatically add host keys to the +.I $HOME/.ssh/known_hosts +file, and refuses to connect hosts whose host key has changed. This +provides maximum protection against trojan horse attacks. However, it +can be somewhat annoying if you don't have good +.I /etc/ssh_known_hosts +files installed and frequently +connect new hosts. Basically this option forces the user to manually +add any new hosts. Normally this option is disabled, and new hosts +will automatically be added to the known host files. The host keys of +known hosts will be verified automatically in either case. The +argument must be +.YN +.ne3 +.TP +.B User +Specifies the user to log in as. This can be useful if you have a +different user name in different machines. This saves the trouble of +having to remember to give the user name on the command line. +.ne 3 +.TP +.B UserKnownHostsFile +Specifies a file to use instead of \fI$HOME/\s+2.\s0ssh/known_hosts\fR. +.ne 3 +.TP +.B UseRsh +Specifies that rlogin/rsh should be used for this host. It is +possible that the host does not at all support the +.B ssh +protocol. This causes +.B ssh +to immediately exec +.B rsh. +All other options (except +.BR HostName ) +are ignored if this has been specified. The argument must be +.YN + +.SH ENVIRONMENT +.LP +.B Ssh +will normally set the following environment variables: +.TP +.B DISPLAY +The DISPLAY variable indicates the location of the X11 server. It is +automatically set by +.B ssh +to point to a value of the form "hostname:n" where hostname indicates +the host where the shell runs, and n is an integer >= 1. Ssh uses +this special value to forward X11 connections over the secure +channel. The user should normally not set DISPLAY explicitly, as that +will render the X11 connection insecure (and will require the user to +manually copy any required authorization cookies). +.ne 3 +.TP +.B HOME +Set to the path of the user's home directory. +.ne 3 +.TP +.B LOGNAME +Synonym for USER; set for compatibility with systems that use +this variable. +.ne 3 +.TP +.B MAIL +Set to point the user's mailbox. +.ne 3 +.TP +.B PATH +Set to the default PATH, as specified when compiling +.B ssh +or, on some systems, +.I /etc/environment +or +.IR /etc/default/login ". +.ne 3 +.TP +.B SSH_AUTHENTICATION_FD +This is set to an integer value if you are using the authentication +agent and a connection to it has been forwarded. The value indicates +a file descriptor number used for communicating with the agent. On +some systems, +.B SSH_AUTHENTICATION_SOCKET +may be used instead to +indicate the path of a unix-domain socket used to communicate with the +agent (this method is less secure, and is only used on systems that +don't support the first method). +.ne 3 +.TP +.B SSH_CLIENT +Identifies the client end of the connection. The variable contains +three space-separated values: client ip-address, client port number, +and server port number. +.ne 3 +.TP +.B SSH_TTY +This is set to the name of the tty (path to the device) associated +with the current shell or command. If the current session has no tty, +this variable is not set. +.ne 3 +.TP +.B TZ +The timezone variable is set to indicate the present timezone if it +was set when the daemon was started (e.i., the daemon passes the value +on to new connections). +.ne 3 +.TP +.B USER +Set to the name of the user logging in. +.LP +.RT +Additionally, +.B ssh +reads +.I /etc/environment +and +.IR $HOME/.ssh/environment ", +and adds lines of +the format +.I VARNAME=value +to the environment. Some systems may have +still additional mechanisms for setting up the environment, such as +.I /etc/default/login +on Solaris. + +.ne 3 +.SH FILES +.TP +.I \&$HOME/\s+2.\s0ssh/known_hosts +Records host keys for all hosts the user has logged into (that are not +in \fI@ETCDIR@/ssh_known_hosts\fR). See +.B sshd +manual page. +.ne 3 +.TP +.I \&$HOME/\s+2.\s0ssh/random_seed +Used for seeding the random number generator. This file contains +sensitive data and should read/write for the user and not accessible +for others. This file is created the first time the program is run +and updated automatically. The user should never need to read or +modify this file. +.ne 5 +.TP +.I \&$HOME/\s+2.\s0ssh/identity +Contains the RSA authentication identity of the user. This file +contains sensitive data and should be readable by the user but not +accessible by others. It is possible to specify a passphrase when +generating the key; the passphrase will be used to encrypt the +sensitive part of this file using +.BR \s-1IDEA\s0 ". +.ne 3 +.TP +.I \&$HOME/\s+2.\s0ssh/identity.pub +Contains the public key for authentication (public part of the +identity file in human-readable form). The contents of this file +should be added to \fI$HOME/\s+2.\s0ssh/authorized_keys\fR on all machines +where you wish to log in using RSA authentication. This file is not +sensitive and can (but need not) be readable by anyone. This file is +never used automatically and is not necessary; it is only provided for +the convenience of the user. +.ne 3 +.TP +.I \&$HOME/\s+2.\s0ssh/config +This is the per-user configuration file. The format of this file is +described above. This file is used by the +.B ssh +client. This file does not usually contain any sensitive information, +but the recommended permissions are read/write for the user, and not +accessible by others. +.ne 3 +.TP +.I \&$HOME/\s+2.\s0ssh/authorized_keys +Lists the RSA keys that can be used for logging in as this user. The +format of this file is described in the +.B sshd +manual page. In the simplest form the format is the same as the .pub +identity files (that is, each line contains the number of bits in +modulus, public exponent, modulus, and comment fields, separated by +spaces). This file is not highly sensitive, but the recommended +permissions are read/write for the user, and not accessible by others. +.ne 3 +.TP +.I @ETCDIR@/ssh_known_hosts +Systemwide list of known host keys. This file should be prepared by the +system administrator to contain the public host keys of all machines in the +organization. This file should be world-readable. This file contains +public keys, one per line, in the following format (fields separated +by spaces): system name, number of bits in modulus, public exponent, +modulus, and optional comment field. When different names are used +for the same machine, all such names should be listed, separated by +commas. The format is described on the +.B sshd +manual page. +.IP +The canonical system name (as returned by name servers) is used by +.B sshd +to verify the client host when logging in; other names are needed because +.B ssh +does not convert the user-supplied name to a canonical name before +checking the key, because someone with access to the name servers +would then be able to fool host authentication. +.ne 3 +.TP +.I @ETCDIR@/ssh_config +Systemwide configuration file. This file provides defaults for those +values that are not specified in the user's configuration file, and +for those users who do not have a configuration file. This file must +be world-readable. +.ne 3 +.TP +.I $HOME/\s+2.\s0rhosts +This file is used in \s+2.\s0rhosts authentication to list the +host/user pairs that are permitted to log in. (Note that this file is +also used by rlogin and rsh, which makes using this file insecure.) +Each line of the file contains a host name (in the canonical form +returned by name servers), and then a user name on that host, +separated by a space. One some machines this file may need to be +world-readable if the user's home directory is on a NFS partition, +because +.B sshd +reads it as root. Additionally, this file must be owned by the user, +and must not have write permissions for anyone else. The recommended +permission for most machines is read/write for the user, and not +accessible by others. +.IP +Note that by default +.B sshd +will be installed so that it requires successful RSA host +authentication before permitting \s+2.\s0rhosts authentication. If your +server machine does not have the client's host key in +\fI@ETCDIR@/ssh_known_hosts\fR, you can store it in +\fI$HOME/\s+2.\s0ssh/known_hosts\fR. The easiest way to do this is to +connect back to the client from the server machine using ssh; this +will automatically add the host key in \fI$HOME/\s+2.\s0ssh/known_hosts\fR. +.ne 3 +.TP +.I $HOME/\s+2.\s0shosts +This file is used exactly the same way as \s+2.\s0rhosts. The purpose for +having this file is to be able to use rhosts authentication with +.B ssh +without permitting login with rlogin or rsh. +.ne 3 +.TP +.I /etc/hosts.equiv +This file is used during \s+2.\s0rhosts authentication. It contains +canonical hosts names, one per line (the full format is described on +the +.B sshd +manual page). If the client host is found in this file, login is +automatically permitted provided client and server user names are the +same. Additionally, successful RSA host authentication is normally +required. This file should only be writable by root. +.TP +.I @ETCDIR@/shosts.equiv +This file is processed exactly as +.IR /etc/hosts.equiv ". +This file may be useful to permit logins using +.B ssh +but not using rsh/rlogin. +.ne 3 +.TP +.I @ETCDIR@/sshrc +Commands in this file are executed by +.B ssh +when the user logs in just before the user's shell (or command) is started. +See the +.B sshd +manual page for more information. +.ne 3 +.TP +.I $HOME/.ssh/rc +Commands in this file are executed by +.B ssh +when the user logs in just before the user's shell (or command) is +started. +See the +.B sshd +manual page for more information. + +.SH INSTALLATION +.LP +.B Ssh +is normally installed as suid root. It needs root privileges only for +rhosts authentication (rhosts authentication requires that the +connection must come from a privileged port, and allocating such a +port requires root privileges). It also needs to be able to read +\fI@ETCDIR@/ssh_host_key\fR to perform +.B \s-1RSA\s0 +host authentication. It is possible to use +.B ssh +without root privileges, but rhosts authentication will then be +disabled. +.B Ssh +drops any extra privileges immediately after the connection to the +remote host has been made. +.LP +Considerable work has been put into making +.B sshd +secure. However, if you find a security problem, please report it +immediately to . + + +.SH AUTHOR +.LP +Tatu Ylonen +.LP +Information about new releases, mailing lists, and other related +issues can be found from the ssh WWW home page at +http://www.cs.hut.fi/ssh. + +.SH SEE ALSO +.BR sshd (8), +.BR ssh-keygen (1), +.BR ssh-agent (1), +.BR ssh-add (1), +.BR scp (1), +.BR make-ssh-known-hosts (1), +.BR rlogin (1), +.BR rsh (1), +.BR telnet (1) Index: usr.bin/ssh/ssh.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh.c,v retrieving revision 1.24 retrieving revision 1.35 diff -u -r1.24 -r1.35 --- usr.bin/ssh/ssh.c 1999/10/14 18:17:42 1.24 +++ usr.bin/ssh/ssh.c 1999/12/01 13:59:15 1.35 @@ -1,24 +1,17 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Sat Mar 18 16:36:11 1995 ylo + * Ssh client program. This program can be used to log into a remote machine. + * The software supports strong authentication, encryption, and forwarding + * of X11, TCP/IP, and authentication connections. + * + * Modified to work with SSL by Niels Provos in Canada. + */ -ssh.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Mar 18 16:36:11 1995 ylo - -Ssh client program. This program can be used to log into a remote machine. -The software supports strong authentication, encryption, and forwarding -of X11, TCP/IP, and authentication connections. - -Modified to work with SSL by Niels Provos in Canada. - -*/ - #include "includes.h" -RCSID("$Id: ssh.c,v 1.24 1999/10/14 18:17:42 markus Exp $"); +RCSID("$Id: ssh.c,v 1.35 1999/12/01 13:59:15 markus Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -28,43 +21,46 @@ #include "readconf.h" #include "uidswap.h" -/* Flag indicating whether debug mode is on. This can be set on the - command line. */ +/* Flag indicating whether debug mode is on. This can be set on the command line. */ int debug_flag = 0; -/* Flag indicating whether quiet mode is on. */ -int quiet_flag = 0; - -/* Flag indicating whether to allocate a pseudo tty. This can be set on the - command line, and is automatically set if no command is given on the command - line. */ int tty_flag = 0; -/* Flag indicating that nothing should be read from stdin. This can be set - on the command line. */ +/* + * Flag indicating that nothing should be read from stdin. This can be set + * on the command line. + */ int stdin_null_flag = 0; -/* Flag indicating that ssh should fork after authentication. This is useful - so that the pasphrase can be entered manually, and then ssh goes to the - background. */ +/* + * Flag indicating that ssh should fork after authentication. This is useful + * so that the pasphrase can be entered manually, and then ssh goes to the + * background. + */ int fork_after_authentication_flag = 0; -/* General data structure for command line options and options configurable - in configuration files. See readconf.h. */ +/* + * General data structure for command line options and options configurable + * in configuration files. See readconf.h. + */ Options options; -/* Name of the host we are connecting to. This is the name given on the - command line, or the HostName specified for the user-supplied name - in a configuration file. */ +/* + * Name of the host we are connecting to. This is the name given on the + * command line, or the HostName specified for the user-supplied name in a + * configuration file. + */ char *host; /* socket address the host resolves to */ struct sockaddr_in hostaddr; -/* Flag to indicate that we have received a window change signal which has - not yet been processed. This will cause a message indicating the new - window size to be sent to the server a little later. This is volatile - because this is updated in a signal handler. */ +/* + * Flag to indicate that we have received a window change signal which has + * not yet been processed. This will cause a message indicating the new + * window size to be sent to the server a little later. This is volatile + * because this is updated in a signal handler. + */ volatile int received_window_change_signal = 0; /* Value of argv[0] (set in the main program). */ @@ -84,726 +80,699 @@ void usage() { - fprintf(stderr, "Usage: %s [options] host [command]\n", av0); - fprintf(stderr, "Options:\n"); - fprintf(stderr, " -l user Log in using this user name.\n"); - fprintf(stderr, " -n Redirect input from /dev/null.\n"); - fprintf(stderr, " -a Disable authentication agent forwarding.\n"); + fprintf(stderr, "Usage: %s [options] host [command]\n", av0); + fprintf(stderr, "Options:\n"); + fprintf(stderr, " -l user Log in using this user name.\n"); + fprintf(stderr, " -n Redirect input from /dev/null.\n"); + fprintf(stderr, " -a Disable authentication agent forwarding.\n"); #ifdef AFS - fprintf(stderr, " -k Disable Kerberos ticket and AFS token forwarding.\n"); -#endif /* AFS */ - fprintf(stderr, " -x Disable X11 connection forwarding.\n"); - fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n"); - fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); - fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); - fprintf(stderr, " -V Display version number only.\n"); - fprintf(stderr, " -P Don't allocate a privileged port.\n"); - fprintf(stderr, " -q Quiet; don't display any warning messages.\n"); - fprintf(stderr, " -f Fork into background after authentication.\n"); - fprintf(stderr, " -e char Set escape character; ``none'' = disable (default: ~).\n"); - - fprintf(stderr, " -c cipher Select encryption algorithm: " - "``3des'', " - "``blowfish''\n"); - fprintf(stderr, " -p port Connect to this port. Server must be on the same port.\n"); - fprintf(stderr, " -L listen-port:host:port Forward local port to remote address\n"); - fprintf(stderr, " -R listen-port:host:port Forward remote port to local address\n"); - fprintf(stderr, " These cause %s to listen for connections on a port, and\n", av0); - fprintf(stderr, " forward them to the other side by connecting to host:port.\n"); - fprintf(stderr, " -C Enable compression.\n"); - fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n"); - fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n"); - exit(1); + fprintf(stderr, " -k Disable Kerberos ticket and AFS token forwarding.\n"); +#endif /* AFS */ + fprintf(stderr, " -x Disable X11 connection forwarding.\n"); + fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n"); + fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); + fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); + fprintf(stderr, " -V Display version number only.\n"); + fprintf(stderr, " -P Don't allocate a privileged port.\n"); + fprintf(stderr, " -q Quiet; don't display any warning messages.\n"); + fprintf(stderr, " -f Fork into background after authentication.\n"); + fprintf(stderr, " -e char Set escape character; ``none'' = disable (default: ~).\n"); + + fprintf(stderr, " -c cipher Select encryption algorithm: " + "``3des'', " + "``blowfish''\n"); + fprintf(stderr, " -p port Connect to this port. Server must be on the same port.\n"); + fprintf(stderr, " -L listen-port:host:port Forward local port to remote address\n"); + fprintf(stderr, " -R listen-port:host:port Forward remote port to local address\n"); + fprintf(stderr, " These cause %s to listen for connections on a port, and\n", av0); + fprintf(stderr, " forward them to the other side by connecting to host:port.\n"); + fprintf(stderr, " -C Enable compression.\n"); + fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n"); + fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n"); + exit(1); } - -/* Connects to the given host using rsh (or prints an error message and exits - if rsh is not available). This function never returns. */ +/* + * Connects to the given host using rsh (or prints an error message and exits + * if rsh is not available). This function never returns. + */ void -rsh_connect(char *host, char *user, Buffer *command) +rsh_connect(char *host, char *user, Buffer * command) { - char *args[10]; - int i; - - log("Using rsh. WARNING: Connection will not be encrypted."); - /* Build argument list for rsh. */ - i = 0; - args[i++] = _PATH_RSH; - args[i++] = host; /* may have to come after user on some systems */ - if (user) - { - args[i++] = "-l"; - args[i++] = user; - } - if (buffer_len(command) > 0) - { - buffer_append(command, "\0", 1); - args[i++] = buffer_ptr(command); - } - args[i++] = NULL; - if (debug_flag) - { - for (i = 0; args[i]; i++) - { - if (i != 0) - fprintf(stderr, " "); - fprintf(stderr, "%s", args[i]); - } - fprintf(stderr, "\n"); - } - execv(_PATH_RSH, args); - perror(_PATH_RSH); - exit(1); -} - -/* Main program for the ssh client. */ + char *args[10]; + int i; -uid_t original_real_uid; + log("Using rsh. WARNING: Connection will not be encrypted."); + /* Build argument list for rsh. */ + i = 0; + args[i++] = _PATH_RSH; + /* host may have to come after user on some systems */ + args[i++] = host; + if (user) { + args[i++] = "-l"; + args[i++] = user; + } + if (buffer_len(command) > 0) { + buffer_append(command, "\0", 1); + args[i++] = buffer_ptr(command); + } + args[i++] = NULL; + if (debug_flag) { + for (i = 0; args[i]; i++) { + if (i != 0) + fprintf(stderr, " "); + fprintf(stderr, "%s", args[i]); + } + fprintf(stderr, "\n"); + } + execv(_PATH_RSH, args); + perror(_PATH_RSH); + exit(1); +} +/* + * Main program for the ssh client. + */ int main(int ac, char **av) { - int i, opt, optind, type, exit_status, ok, fwd_port, fwd_host_port, authfd; - char *optarg, *cp, buf[256]; - Buffer command; - struct winsize ws; - struct stat st; - struct passwd *pw, pwcopy; - int interactive = 0, dummy; - uid_t original_effective_uid; - int plen; - - /* Save the original real uid. It will be needed later (uid-swapping may - clobber the real uid). */ - original_real_uid = getuid(); - original_effective_uid = geteuid(); - - /* If we are installed setuid root be careful to not drop core. */ - if (original_real_uid != original_effective_uid) - { - struct rlimit rlim; - rlim.rlim_cur = rlim.rlim_max = 0; - if (setrlimit(RLIMIT_CORE, &rlim) < 0) - fatal("setrlimit failed: %.100s", strerror(errno)); - } - - /* Use uid-swapping to give up root privileges for the duration of option - processing. We will re-instantiate the rights when we are ready to - create the privileged port, and will permanently drop them when the - port has been created (actually, when the connection has been made, as - we may need to create the port several times). */ - temporarily_use_uid(original_real_uid); - - /* Set our umask to something reasonable, as some files are created with - the default umask. This will make them world-readable but writable - only by the owner, which is ok for all files for which we don't set - the modes explicitly. */ - umask(022); - - /* Save our own name. */ - av0 = av[0]; - - /* Initialize option structure to indicate that no values have been set. */ - initialize_options(&options); - - /* Parse command-line arguments. */ - host = NULL; - - /* If program name is not one of the standard names, use it as host name. */ - if (strchr(av0, '/')) - cp = strrchr(av0, '/') + 1; - else - cp = av0; - if (strcmp(cp, "rsh") != 0 && strcmp(cp, "ssh") != 0 && - strcmp(cp, "rlogin") != 0 && strcmp(cp, "slogin") != 0) - host = cp; - - for (optind = 1; optind < ac; optind++) - { - if (av[optind][0] != '-') - { - if (host) - break; - if ((cp = strchr(av[optind], '@'))) { - options.user = av[optind]; - *cp = '\0'; - host = ++cp; - } - else - host = av[optind]; - continue; - } - opt = av[optind][1]; - if (!opt) - usage(); - if (strchr("eilcpLRo", opt)) /* options with arguments */ - { - optarg = av[optind] + 2; - if (strcmp(optarg, "") == 0) - { - if (optind >= ac - 1) - usage(); - optarg = av[++optind]; - } + int i, opt, optind, type, exit_status, ok, authfd; + u_short fwd_port, fwd_host_port; + char *optarg, *cp, buf[256]; + Buffer command; + struct winsize ws; + struct stat st; + struct passwd *pw, pwcopy; + int interactive = 0, dummy; + uid_t original_effective_uid; + int plen; + + /* + * Save the original real uid. It will be needed later (uid-swapping + * may clobber the real uid). + */ + original_real_uid = getuid(); + original_effective_uid = geteuid(); + + /* If we are installed setuid root be careful to not drop core. */ + if (original_real_uid != original_effective_uid) { + struct rlimit rlim; + rlim.rlim_cur = rlim.rlim_max = 0; + if (setrlimit(RLIMIT_CORE, &rlim) < 0) + fatal("setrlimit failed: %.100s", strerror(errno)); } - else - { - if (av[optind][2]) - usage(); - optarg = NULL; - } - switch (opt) - { - case 'n': - stdin_null_flag = 1; - break; - - case 'f': - fork_after_authentication_flag = 1; - stdin_null_flag = 1; - break; - - case 'x': - options.forward_x11 = 0; - break; - - case 'X': - options.forward_x11 = 1; - break; - - case 'g': - options.gateway_ports = 1; - break; - - case 'P': - options.use_privileged_port = 0; - break; - - case 'a': - options.forward_agent = 0; - break; + /* + * Use uid-swapping to give up root privileges for the duration of + * option processing. We will re-instantiate the rights when we are + * ready to create the privileged port, and will permanently drop + * them when the port has been created (actually, when the connection + * has been made, as we may need to create the port several times). + */ + temporarily_use_uid(original_real_uid); + + /* + * Set our umask to something reasonable, as some files are created + * with the default umask. This will make them world-readable but + * writable only by the owner, which is ok for all files for which we + * don't set the modes explicitly. + */ + umask(022); + + /* Save our own name. */ + av0 = av[0]; + + /* Initialize option structure to indicate that no values have been set. */ + initialize_options(&options); + + /* Parse command-line arguments. */ + host = NULL; + + /* If program name is not one of the standard names, use it as host name. */ + if (strchr(av0, '/')) + cp = strrchr(av0, '/') + 1; + else + cp = av0; + if (strcmp(cp, "rsh") != 0 && strcmp(cp, "ssh") != 0 && + strcmp(cp, "rlogin") != 0 && strcmp(cp, "slogin") != 0) + host = cp; + + for (optind = 1; optind < ac; optind++) { + if (av[optind][0] != '-') { + if (host) + break; + if ((cp = strchr(av[optind], '@'))) { + options.user = av[optind]; + *cp = '\0'; + host = ++cp; + } else + host = av[optind]; + continue; + } + opt = av[optind][1]; + if (!opt) + usage(); + if (strchr("eilcpLRo", opt)) { /* options with arguments */ + optarg = av[optind] + 2; + if (strcmp(optarg, "") == 0) { + if (optind >= ac - 1) + usage(); + optarg = av[++optind]; + } + } else { + if (av[optind][2]) + usage(); + optarg = NULL; + } + switch (opt) { + case 'n': + stdin_null_flag = 1; + break; + + case 'f': + fork_after_authentication_flag = 1; + stdin_null_flag = 1; + break; + + case 'x': + options.forward_x11 = 0; + break; + + case 'X': + options.forward_x11 = 1; + break; + + case 'g': + options.gateway_ports = 1; + break; + + case 'P': + options.use_privileged_port = 0; + break; + + case 'a': + options.forward_agent = 0; + break; #ifdef AFS - case 'k': - options.kerberos_tgt_passing = 0; - options.afs_token_passing = 0; - break; + case 'k': + options.kerberos_tgt_passing = 0; + options.afs_token_passing = 0; + break; #endif - case 'i': - if (stat(optarg, &st) < 0) - { - fprintf(stderr, "Warning: Identity file %s does not exist.\n", - optarg); - break; - } - if (options.num_identity_files >= SSH_MAX_IDENTITY_FILES) - fatal("Too many identity files specified (max %d)", - SSH_MAX_IDENTITY_FILES); - options.identity_files[options.num_identity_files++] = - xstrdup(optarg); - break; - - case 't': - tty_flag = 1; - break; - - case 'v': - case 'V': - debug_flag = 1; - fprintf(stderr, "SSH Version %s, protocol version %d.%d.\n", - SSH_VERSION, PROTOCOL_MAJOR, PROTOCOL_MINOR); - fprintf(stderr, "Compiled with SSL.\n"); - if (opt == 'V') - exit(0); - break; - - case 'q': - quiet_flag = 1; - break; - - case 'e': - if (optarg[0] == '^' && optarg[2] == 0 && - (unsigned char)optarg[1] >= 64 && (unsigned char)optarg[1] < 128) - options.escape_char = (unsigned char)optarg[1] & 31; - else - if (strlen(optarg) == 1) - options.escape_char = (unsigned char)optarg[0]; - else - if (strcmp(optarg, "none") == 0) - options.escape_char = -2; - else - { - fprintf(stderr, "Bad escape character '%s'.\n", optarg); - exit(1); + case 'i': + if (stat(optarg, &st) < 0) { + fprintf(stderr, "Warning: Identity file %s does not exist.\n", + optarg); + break; + } + if (options.num_identity_files >= SSH_MAX_IDENTITY_FILES) + fatal("Too many identity files specified (max %d)", + SSH_MAX_IDENTITY_FILES); + options.identity_files[options.num_identity_files++] = + xstrdup(optarg); + break; + + case 't': + tty_flag = 1; + break; + + case 'v': + case 'V': + fprintf(stderr, "SSH Version %s, protocol version %d.%d.\n", + SSH_VERSION, PROTOCOL_MAJOR, PROTOCOL_MINOR); + fprintf(stderr, "Compiled with SSL.\n"); + if (opt == 'V') + exit(0); + debug_flag = 1; + options.log_level = SYSLOG_LEVEL_DEBUG; + break; + + case 'q': + options.log_level = SYSLOG_LEVEL_QUIET; + break; + + case 'e': + if (optarg[0] == '^' && optarg[2] == 0 && + (unsigned char) optarg[1] >= 64 && (unsigned char) optarg[1] < 128) + options.escape_char = (unsigned char) optarg[1] & 31; + else if (strlen(optarg) == 1) + options.escape_char = (unsigned char) optarg[0]; + else if (strcmp(optarg, "none") == 0) + options.escape_char = -2; + else { + fprintf(stderr, "Bad escape character '%s'.\n", optarg); + exit(1); + } + break; + + case 'c': + options.cipher = cipher_number(optarg); + if (options.cipher == -1) { + fprintf(stderr, "Unknown cipher type '%s'\n", optarg); + exit(1); + } + break; + + case 'p': + options.port = atoi(optarg); + break; + + case 'l': + options.user = optarg; + break; + + case 'R': + if (sscanf(optarg, "%hu:%255[^:]:%hu", &fwd_port, buf, + &fwd_host_port) != 3) { + fprintf(stderr, "Bad forwarding specification '%s'.\n", optarg); + usage(); + /* NOTREACHED */ + } + add_remote_forward(&options, fwd_port, buf, fwd_host_port); + break; + + case 'L': + if (sscanf(optarg, "%hu:%255[^:]:%hu", &fwd_port, buf, + &fwd_host_port) != 3) { + fprintf(stderr, "Bad forwarding specification '%s'.\n", optarg); + usage(); + /* NOTREACHED */ + } + add_local_forward(&options, fwd_port, buf, fwd_host_port); + break; + + case 'C': + options.compression = 1; + break; + + case 'o': + dummy = 1; + if (process_config_line(&options, host ? host : "", optarg, + "command-line", 0, &dummy) != 0) + exit(1); + break; + + default: + usage(); } - break; + } + + /* Check that we got a host name. */ + if (!host) + usage(); - case 'c': - options.cipher = cipher_number(optarg); - if (options.cipher == -1) - { - fprintf(stderr, "Unknown cipher type '%s'\n", optarg); - exit(1); - } - break; - - case 'p': - options.port = atoi(optarg); - if (options.port < 1 || options.port > 65535) - { - fprintf(stderr, "Bad port %s.\n", optarg); - exit(1); - } - break; - - case 'l': - options.user = optarg; - break; - - case 'R': - if (sscanf(optarg, "%d:%255[^:]:%d", &fwd_port, buf, - &fwd_host_port) != 3) - { - fprintf(stderr, "Bad forwarding specification '%s'.\n", optarg); - usage(); - /*NOTREACHED*/ - } - add_remote_forward(&options, fwd_port, buf, fwd_host_port); - break; - - case 'L': - if (sscanf(optarg, "%d:%255[^:]:%d", &fwd_port, buf, - &fwd_host_port) != 3) - { - fprintf(stderr, "Bad forwarding specification '%s'.\n", optarg); - usage(); - /*NOTREACHED*/ - } - add_local_forward(&options, fwd_port, buf, fwd_host_port); - break; - - case 'C': - options.compression = 1; - break; - - case 'o': - dummy = 1; - process_config_line(&options, host ? host : "", optarg, - "command-line", 0, &dummy); - break; - - default: - usage(); - } - } - - /* Check that we got a host name. */ - if (!host) - usage(); - - /* check if RSA support exists */ - if (rsa_alive() == 0) { - extern char *__progname; - - fprintf(stderr, - "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", - __progname); - exit(1); - } - - /* Initialize the command to execute on remote host. */ - buffer_init(&command); - - /* Save the command to execute on the remote host in a buffer. There is - no limit on the length of the command, except by the maximum packet - size. Also sets the tty flag if there is no command. */ - if (optind == ac) - { - /* No command specified - execute shell on a tty. */ - tty_flag = 1; - } - else - { - /* A command has been specified. Store it into the buffer. */ - for (i = optind; i < ac; i++) - { - if (i > optind) - buffer_append(&command, " ", 1); - buffer_append(&command, av[i], strlen(av[i])); - } - } - - /* Cannot fork to background if no command. */ - if (fork_after_authentication_flag && buffer_len(&command) == 0) - fatal("Cannot fork into background without a command to execute."); - - /* Allocate a tty by default if no command specified. */ - if (buffer_len(&command) == 0) - tty_flag = 1; - - /* Do not allocate a tty if stdin is not a tty. */ - if (!isatty(fileno(stdin))) - { - if (tty_flag) - fprintf(stderr, "Pseudo-terminal will not be allocated because stdin is not a terminal.\n"); - tty_flag = 0; - } - - /* Get user data. */ - pw = getpwuid(original_real_uid); - if (!pw) - { - fprintf(stderr, "You don't exist, go away!\n"); - exit(1); - } - - /* Take a copy of the returned structure. */ - memset(&pwcopy, 0, sizeof(pwcopy)); - pwcopy.pw_name = xstrdup(pw->pw_name); - pwcopy.pw_passwd = xstrdup(pw->pw_passwd); - pwcopy.pw_uid = pw->pw_uid; - pwcopy.pw_gid = pw->pw_gid; - pwcopy.pw_dir = xstrdup(pw->pw_dir); - pwcopy.pw_shell = xstrdup(pw->pw_shell); - pw = &pwcopy; - - /* Initialize "log" output. Since we are the client all output actually - goes to the terminal. */ - log_init(av[0], 1, debug_flag, quiet_flag, SYSLOG_FACILITY_USER); - - /* Read per-user configuration file. */ - snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_CONFFILE); - read_config_file(buf, host, &options); - - /* Read systemwide configuration file. */ - read_config_file(HOST_CONFIG_FILE, host, &options); - - /* Fill configuration defaults. */ - fill_default_options(&options); - if (options.user == NULL) - options.user = xstrdup(pw->pw_name); - - if (options.hostname != NULL) - host = options.hostname; - - /* Find canonic host name. */ - if (strchr(host, '.') == 0) - { - struct hostent *hp = gethostbyname(host); - if (hp != 0) - { - if (strchr(hp->h_name, '.') != 0) - host = xstrdup(hp->h_name); - else if (hp->h_aliases != 0 - && hp->h_aliases[0] != 0 - && strchr(hp->h_aliases[0], '.') != 0) - host = xstrdup(hp->h_aliases[0]); - } - } - - /* Disable rhosts authentication if not running as root. */ - if (original_effective_uid != 0) - { - options.rhosts_authentication = 0; - options.rhosts_rsa_authentication = 0; - } - - /* If using rsh has been selected, exec it now (without trying anything - else). Note that we must release privileges first. */ - if (options.use_rsh) - { - /* Restore our superuser privileges. This must be done before - permanently setting the uid. */ - restore_uid(); - - /* Switch to the original uid permanently. */ - permanently_set_uid(original_real_uid); - - /* Execute rsh. */ - rsh_connect(host, options.user, &command); - fatal("rsh_connect returned"); - } - - /* Restore our superuser privileges. */ - restore_uid(); - - /* Open a connection to the remote host. This needs root privileges if - rhosts_{rsa_}authentication is true. */ - - if (!options.use_privileged_port) - { - options.rhosts_authentication = 0; - options.rhosts_rsa_authentication = 0; - } - - ok = ssh_connect(host, &hostaddr, options.port, options.connection_attempts, - !options.rhosts_authentication && - !options.rhosts_rsa_authentication, - original_real_uid, options.proxy_command); - - /* If we successfully made the connection, load the host private key in - case we will need it later for combined rsa-rhosts authentication. - This must be done before releasing extra privileges, because the file - is only readable by root. */ - if (ok) - { - host_private_key = RSA_new(); - if (load_private_key(HOST_KEY_FILE, "", host_private_key, NULL)) - host_private_key_loaded = 1; - } - - /* Get rid of any extra privileges that we may have. We will no longer need - them. Also, extra privileges could make it very hard to read identity - files and other non-world-readable files from the user's home directory - if it happens to be on a NFS volume where root is mapped to nobody. */ - permanently_set_uid(original_real_uid); - - /* Now that we are back to our own permissions, create ~/.ssh directory - if it doesn\'t already exist. */ - snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_DIR); - if (stat(buf, &st) < 0) - if (mkdir(buf, 0755) < 0) - error("Could not create directory '%.200s'.", buf); - - /* Check if the connection failed, and try "rsh" if appropriate. */ - if (!ok) - { - if (options.port != 0) - log("Secure connection to %.100s on port %d refused%.100s.", - host, options.port, - options.fallback_to_rsh ? "; reverting to insecure method" : ""); - else - log("Secure connection to %.100s refused%.100s.", host, - options.fallback_to_rsh ? "; reverting to insecure method" : ""); - - if (options.fallback_to_rsh) - { - rsh_connect(host, options.user, &command); - fatal("rsh_connect returned"); - } - exit(1); - } - - /* Expand ~ in options.identity_files. */ - for (i = 0; i < options.num_identity_files; i++) - options.identity_files[i] = - tilde_expand_filename(options.identity_files[i], original_real_uid); - - /* Expand ~ in known host file names. */ - options.system_hostfile = tilde_expand_filename(options.system_hostfile, - original_real_uid); - options.user_hostfile = tilde_expand_filename(options.user_hostfile, - original_real_uid); - - /* Log into the remote system. This never returns if the login fails. */ - ssh_login(host_private_key_loaded, host_private_key, - host, &hostaddr, &options, original_real_uid); - - /* We no longer need the host private key. Clear it now. */ - if (host_private_key_loaded) - RSA_free(host_private_key); /* Destroys contents safely */ - - /* Close connection cleanly after attack. */ - cipher_attack_detected = packet_disconnect; - - /* If requested, fork and let ssh continue in the background. */ - if (fork_after_authentication_flag) - { - int ret = fork(); - if (ret == -1) - fatal("fork failed: %.100s", strerror(errno)); - if (ret != 0) - exit(0); - setsid(); - } - - /* Enable compression if requested. */ - if (options.compression) - { - debug("Requesting compression at level %d.", options.compression_level); - - if (options.compression_level < 1 || options.compression_level > 9) - fatal("Compression level must be from 1 (fast) to 9 (slow, best)."); - - /* Send the request. */ - packet_start(SSH_CMSG_REQUEST_COMPRESSION); - packet_put_int(options.compression_level); - packet_send(); - packet_write_wait(); - type = packet_read(&plen); - if (type == SSH_SMSG_SUCCESS) - packet_start_compression(options.compression_level); - else if (type == SSH_SMSG_FAILURE) - log("Warning: Remote host refused compression."); - else - packet_disconnect("Protocol error waiting for compression response."); - } - - /* Allocate a pseudo tty if appropriate. */ - if (tty_flag) - { - debug("Requesting pty."); - - /* Start the packet. */ - packet_start(SSH_CMSG_REQUEST_PTY); - - /* Store TERM in the packet. There is no limit on the length of the - string. */ - cp = getenv("TERM"); - if (!cp) - cp = ""; - packet_put_string(cp, strlen(cp)); - - /* Store window size in the packet. */ - if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0) - memset(&ws, 0, sizeof(ws)); - packet_put_int(ws.ws_row); - packet_put_int(ws.ws_col); - packet_put_int(ws.ws_xpixel); - packet_put_int(ws.ws_ypixel); - - /* Store tty modes in the packet. */ - tty_make_modes(fileno(stdin)); - - /* Send the packet, and wait for it to leave. */ - packet_send(); - packet_write_wait(); - - /* Read response from the server. */ - type = packet_read(&plen); - if (type == SSH_SMSG_SUCCESS) - interactive = 1; - else if (type == SSH_SMSG_FAILURE) - log("Warning: Remote host failed or refused to allocate a pseudo tty."); - else - packet_disconnect("Protocol error waiting for pty request response."); - } - - /* Request X11 forwarding if enabled and DISPLAY is set. */ - if (options.forward_x11 && getenv("DISPLAY") != NULL) - { - char line[512], proto[512], data[512]; - FILE *f; - int forwarded = 0, got_data = 0, i; + /* check if RSA support exists */ + if (rsa_alive() == 0) { + extern char *__progname; + + fprintf(stderr, + "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", + __progname); + exit(1); + } + /* Initialize the command to execute on remote host. */ + buffer_init(&command); + /* + * Save the command to execute on the remote host in a buffer. There + * is no limit on the length of the command, except by the maximum + * packet size. Also sets the tty flag if there is no command. + */ + if (optind == ac) { + /* No command specified - execute shell on a tty. */ + tty_flag = 1; + } else { + /* A command has been specified. Store it into the + buffer. */ + for (i = optind; i < ac; i++) { + if (i > optind) + buffer_append(&command, " ", 1); + buffer_append(&command, av[i], strlen(av[i])); + } + } + + /* Cannot fork to background if no command. */ + if (fork_after_authentication_flag && buffer_len(&command) == 0) + fatal("Cannot fork into background without a command to execute."); + + /* Allocate a tty by default if no command specified. */ + if (buffer_len(&command) == 0) + tty_flag = 1; + + /* Do not allocate a tty if stdin is not a tty. */ + if (!isatty(fileno(stdin))) { + if (tty_flag) + fprintf(stderr, "Pseudo-terminal will not be allocated because stdin is not a terminal.\n"); + tty_flag = 0; + } + /* Get user data. */ + pw = getpwuid(original_real_uid); + if (!pw) { + fprintf(stderr, "You don't exist, go away!\n"); + exit(1); + } + /* Take a copy of the returned structure. */ + memset(&pwcopy, 0, sizeof(pwcopy)); + pwcopy.pw_name = xstrdup(pw->pw_name); + pwcopy.pw_passwd = xstrdup(pw->pw_passwd); + pwcopy.pw_uid = pw->pw_uid; + pwcopy.pw_gid = pw->pw_gid; + pwcopy.pw_dir = xstrdup(pw->pw_dir); + pwcopy.pw_shell = xstrdup(pw->pw_shell); + pw = &pwcopy; + + /* Initialize "log" output. Since we are the client all output + actually goes to the terminal. */ + log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); + + /* Read per-user configuration file. */ + snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_CONFFILE); + read_config_file(buf, host, &options); + + /* Read systemwide configuration file. */ + read_config_file(HOST_CONFIG_FILE, host, &options); + + /* Fill configuration defaults. */ + fill_default_options(&options); + + /* reinit */ + log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 0); + + if (options.user == NULL) + options.user = xstrdup(pw->pw_name); + + if (options.hostname != NULL) + host = options.hostname; + + /* Find canonic host name. */ + if (strchr(host, '.') == 0) { + struct hostent *hp = gethostbyname(host); + if (hp != 0) { + if (strchr(hp->h_name, '.') != 0) + host = xstrdup(hp->h_name); + else if (hp->h_aliases != 0 + && hp->h_aliases[0] != 0 + && strchr(hp->h_aliases[0], '.') != 0) + host = xstrdup(hp->h_aliases[0]); + } + } + /* Disable rhosts authentication if not running as root. */ + if (original_effective_uid != 0 || !options.use_privileged_port) { + options.rhosts_authentication = 0; + options.rhosts_rsa_authentication = 0; + } + /* + * If using rsh has been selected, exec it now (without trying + * anything else). Note that we must release privileges first. + */ + if (options.use_rsh) { + /* + * Restore our superuser privileges. This must be done + * before permanently setting the uid. + */ + restore_uid(); + + /* Switch to the original uid permanently. */ + permanently_set_uid(original_real_uid); + + /* Execute rsh. */ + rsh_connect(host, options.user, &command); + fatal("rsh_connect returned"); + } + /* Restore our superuser privileges. */ + restore_uid(); + + /* + * Open a connection to the remote host. This needs root privileges + * if rhosts_{rsa_}authentication is enabled. + */ + + ok = ssh_connect(host, &hostaddr, options.port, + options.connection_attempts, + !options.rhosts_authentication && + !options.rhosts_rsa_authentication, + original_real_uid, + options.proxy_command); + + /* + * If we successfully made the connection, load the host private key + * in case we will need it later for combined rsa-rhosts + * authentication. This must be done before releasing extra + * privileges, because the file is only readable by root. + */ + if (ok) { + host_private_key = RSA_new(); + if (load_private_key(HOST_KEY_FILE, "", host_private_key, NULL)) + host_private_key_loaded = 1; + } + /* + * Get rid of any extra privileges that we may have. We will no + * longer need them. Also, extra privileges could make it very hard + * to read identity files and other non-world-readable files from the + * user's home directory if it happens to be on a NFS volume where + * root is mapped to nobody. + */ + + /* + * Note that some legacy systems need to postpone the following call + * to permanently_set_uid() until the private hostkey is destroyed + * with RSA_free(). Otherwise the calling user could ptrace() the + * process, read the private hostkey and impersonate the host. + * OpenBSD does not allow ptracing of setuid processes. + */ + permanently_set_uid(original_real_uid); + + /* + * Now that we are back to our own permissions, create ~/.ssh + * directory if it doesn\'t already exist. + */ + snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_DIR); + if (stat(buf, &st) < 0) + if (mkdir(buf, 0755) < 0) + error("Could not create directory '%.200s'.", buf); + + /* Check if the connection failed, and try "rsh" if appropriate. */ + if (!ok) { + if (options.port != 0) + log("Secure connection to %.100s on port %hu refused%.100s.", + host, options.port, + options.fallback_to_rsh ? "; reverting to insecure method" : ""); + else + log("Secure connection to %.100s refused%.100s.", host, + options.fallback_to_rsh ? "; reverting to insecure method" : ""); + + if (options.fallback_to_rsh) { + rsh_connect(host, options.user, &command); + fatal("rsh_connect returned"); + } + exit(1); + } + /* Expand ~ in options.identity_files. */ + for (i = 0; i < options.num_identity_files; i++) + options.identity_files[i] = + tilde_expand_filename(options.identity_files[i], original_real_uid); + + /* Expand ~ in known host file names. */ + options.system_hostfile = tilde_expand_filename(options.system_hostfile, + original_real_uid); + options.user_hostfile = tilde_expand_filename(options.user_hostfile, + original_real_uid); + + /* Log into the remote system. This never returns if the login fails. */ + ssh_login(host_private_key_loaded, host_private_key, + host, &hostaddr, original_real_uid); + + /* We no longer need the host private key. Clear it now. */ + if (host_private_key_loaded) + RSA_free(host_private_key); /* Destroys contents safely */ + + /* Close connection cleanly after attack. */ + cipher_attack_detected = packet_disconnect; + + /* Enable compression if requested. */ + if (options.compression) { + debug("Requesting compression at level %d.", options.compression_level); + + if (options.compression_level < 1 || options.compression_level > 9) + fatal("Compression level must be from 1 (fast) to 9 (slow, best)."); + + /* Send the request. */ + packet_start(SSH_CMSG_REQUEST_COMPRESSION); + packet_put_int(options.compression_level); + packet_send(); + packet_write_wait(); + type = packet_read(&plen); + if (type == SSH_SMSG_SUCCESS) + packet_start_compression(options.compression_level); + else if (type == SSH_SMSG_FAILURE) + log("Warning: Remote host refused compression."); + else + packet_disconnect("Protocol error waiting for compression response."); + } + /* Allocate a pseudo tty if appropriate. */ + if (tty_flag) { + debug("Requesting pty."); + + /* Start the packet. */ + packet_start(SSH_CMSG_REQUEST_PTY); + + /* Store TERM in the packet. There is no limit on the + length of the string. */ + cp = getenv("TERM"); + if (!cp) + cp = ""; + packet_put_string(cp, strlen(cp)); + + /* Store window size in the packet. */ + if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0) + memset(&ws, 0, sizeof(ws)); + packet_put_int(ws.ws_row); + packet_put_int(ws.ws_col); + packet_put_int(ws.ws_xpixel); + packet_put_int(ws.ws_ypixel); + + /* Store tty modes in the packet. */ + tty_make_modes(fileno(stdin)); + + /* Send the packet, and wait for it to leave. */ + packet_send(); + packet_write_wait(); + + /* Read response from the server. */ + type = packet_read(&plen); + if (type == SSH_SMSG_SUCCESS) + interactive = 1; + else if (type == SSH_SMSG_FAILURE) + log("Warning: Remote host failed or refused to allocate a pseudo tty."); + else + packet_disconnect("Protocol error waiting for pty request response."); + } + /* Request X11 forwarding if enabled and DISPLAY is set. */ + if (options.forward_x11 && getenv("DISPLAY") != NULL) { + char line[512], proto[512], data[512]; + FILE *f; + int forwarded = 0, got_data = 0, i; + #ifdef XAUTH_PATH - /* Try to get Xauthority information for the display. */ - snprintf(line, sizeof line, "%.100s list %.200s 2>/dev/null", - XAUTH_PATH, getenv("DISPLAY")); - f = popen(line, "r"); - if (f && fgets(line, sizeof(line), f) && - sscanf(line, "%*s %s %s", proto, data) == 2) - got_data = 1; - if (f) - pclose(f); + /* Try to get Xauthority information for the display. */ + snprintf(line, sizeof line, "%.100s list %.200s 2>/dev/null", + XAUTH_PATH, getenv("DISPLAY")); + f = popen(line, "r"); + if (f && fgets(line, sizeof(line), f) && + sscanf(line, "%*s %s %s", proto, data) == 2) + got_data = 1; + if (f) + pclose(f); #endif /* XAUTH_PATH */ - /* If we didn't get authentication data, just make up some data. The - forwarding code will check the validity of the response anyway, and - substitute this data. The X11 server, however, will ignore this - fake data and use whatever authentication mechanisms it was using - otherwise for the local connection. */ - if (!got_data) - { - u_int32_t rand = 0; - - strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto); - for (i = 0; i < 16; i++) { - if (i % 4 == 0) - rand = arc4random(); - snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", rand & 0xff); - rand >>= 8; - } - } - - /* Got local authentication reasonable information. Request forwarding - with authentication spoofing. */ - debug("Requesting X11 forwarding with authentication spoofing."); - x11_request_forwarding_with_spoofing(proto, data); - - /* Read response from the server. */ - type = packet_read(&plen); - if (type == SSH_SMSG_SUCCESS) - { - forwarded = 1; - interactive = 1; - } - else if (type == SSH_SMSG_FAILURE) - log("Warning: Remote host denied X11 forwarding."); - else - packet_disconnect("Protocol error waiting for X11 forwarding"); - } - - /* Tell the packet module whether this is an interactive session. */ - packet_set_interactive(interactive, options.keepalives); - - /* Clear agent forwarding if we don\'t have an agent. */ - authfd = ssh_get_authentication_socket(); - if (authfd < 0) - options.forward_agent = 0; - else - ssh_close_authentication_socket(authfd); - - /* Request authentication agent forwarding if appropriate. */ - if (options.forward_agent) - { - debug("Requesting authentication agent forwarding."); - auth_request_forwarding(); - - /* Read response from the server. */ - type = packet_read(&plen); - packet_integrity_check(plen, 0, type); - if (type != SSH_SMSG_SUCCESS) - log("Warning: Remote host denied authentication agent forwarding."); - } - - /* Initiate local TCP/IP port forwardings. */ - for (i = 0; i < options.num_local_forwards; i++) - { - debug("Connections to local port %d forwarded to remote address %.200s:%d", - options.local_forwards[i].port, options.local_forwards[i].host, - options.local_forwards[i].host_port); - channel_request_local_forwarding(options.local_forwards[i].port, - options.local_forwards[i].host, - options.local_forwards[i].host_port); - } - - /* Initiate remote TCP/IP port forwardings. */ - for (i = 0; i < options.num_remote_forwards; i++) - { - debug("Connections to remote port %d forwarded to local address %.200s:%d", - options.remote_forwards[i].port, options.remote_forwards[i].host, - options.remote_forwards[i].host_port); - channel_request_remote_forwarding(options.remote_forwards[i].port, - options.remote_forwards[i].host, - options.remote_forwards[i].host_port); - } - - /* If a command was specified on the command line, execute the command now. - Otherwise request the server to start a shell. */ - if (buffer_len(&command) > 0) - { - int len = buffer_len(&command); - if (len > 900) - len = 900; - debug("Sending command: %.*s", len, buffer_ptr(&command)); - packet_start(SSH_CMSG_EXEC_CMD); - packet_put_string(buffer_ptr(&command), buffer_len(&command)); - packet_send(); - packet_write_wait(); - } - else - { - debug("Requesting shell."); - packet_start(SSH_CMSG_EXEC_SHELL); - packet_send(); - packet_write_wait(); - } - - /* Enter the interactive session. */ - exit_status = client_loop(tty_flag, tty_flag ? options.escape_char : -1); - - /* Close the connection to the remote host. */ - packet_close(); - - /* Exit with the status returned by the program on the remote side. */ - exit(exit_status); + /* + * If we didn't get authentication data, just make up some + * data. The forwarding code will check the validity of the + * response anyway, and substitute this data. The X11 + * server, however, will ignore this fake data and use + * whatever authentication mechanisms it was using otherwise + * for the local connection. + */ + if (!got_data) { + u_int32_t rand = 0; + + strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto); + for (i = 0; i < 16; i++) { + if (i % 4 == 0) + rand = arc4random(); + snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", rand & 0xff); + rand >>= 8; + } + } + /* + * Got local authentication reasonable information. Request + * forwarding with authentication spoofing. + */ + debug("Requesting X11 forwarding with authentication spoofing."); + x11_request_forwarding_with_spoofing(proto, data); + + /* Read response from the server. */ + type = packet_read(&plen); + if (type == SSH_SMSG_SUCCESS) { + forwarded = 1; + interactive = 1; + } else if (type == SSH_SMSG_FAILURE) + log("Warning: Remote host denied X11 forwarding."); + else + packet_disconnect("Protocol error waiting for X11 forwarding"); + } + /* Tell the packet module whether this is an interactive session. */ + packet_set_interactive(interactive, options.keepalives); + + /* Clear agent forwarding if we don\'t have an agent. */ + authfd = ssh_get_authentication_socket(); + if (authfd < 0) + options.forward_agent = 0; + else + ssh_close_authentication_socket(authfd); + + /* Request authentication agent forwarding if appropriate. */ + if (options.forward_agent) { + debug("Requesting authentication agent forwarding."); + auth_request_forwarding(); + + /* Read response from the server. */ + type = packet_read(&plen); + packet_integrity_check(plen, 0, type); + if (type != SSH_SMSG_SUCCESS) + log("Warning: Remote host denied authentication agent forwarding."); + } + /* Initiate local TCP/IP port forwardings. */ + for (i = 0; i < options.num_local_forwards; i++) { + debug("Connections to local port %d forwarded to remote address %.200s:%d", + options.local_forwards[i].port, + options.local_forwards[i].host, + options.local_forwards[i].host_port); + channel_request_local_forwarding(options.local_forwards[i].port, + options.local_forwards[i].host, + options.local_forwards[i].host_port); + } + + /* Initiate remote TCP/IP port forwardings. */ + for (i = 0; i < options.num_remote_forwards; i++) { + debug("Connections to remote port %d forwarded to local address %.200s:%d", + options.remote_forwards[i].port, + options.remote_forwards[i].host, + options.remote_forwards[i].host_port); + channel_request_remote_forwarding(options.remote_forwards[i].port, + options.remote_forwards[i].host, + options.remote_forwards[i].host_port); + } + + /* If requested, let ssh continue in the background. */ + if (fork_after_authentication_flag) + if (daemon(1, 1) < 0) + fatal("daemon() failed: %.200s", strerror(errno)); + + /* + * If a command was specified on the command line, execute the + * command now. Otherwise request the server to start a shell. + */ + if (buffer_len(&command) > 0) { + int len = buffer_len(&command); + if (len > 900) + len = 900; + debug("Sending command: %.*s", len, buffer_ptr(&command)); + packet_start(SSH_CMSG_EXEC_CMD); + packet_put_string(buffer_ptr(&command), buffer_len(&command)); + packet_send(); + packet_write_wait(); + } else { + debug("Requesting shell."); + packet_start(SSH_CMSG_EXEC_SHELL); + packet_send(); + packet_write_wait(); + } + + /* Enter the interactive session. */ + exit_status = client_loop(tty_flag, tty_flag ? options.escape_char : -1); + + /* Close the connection to the remote host. */ + packet_close(); + + /* Exit with the status returned by the program on the remote side. */ + exit(exit_status); } Index: usr.bin/ssh/ssh.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh.h,v retrieving revision 1.13 retrieving revision 1.30 diff -u -r1.13 -r1.30 --- usr.bin/ssh/ssh.h 1999/10/16 20:47:14 1.13 +++ usr.bin/ssh/ssh.h 1999/12/06 20:15:29 1.30 @@ -1,29 +1,31 @@ /* + * + * ssh.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 17 17:09:37 1995 ylo + * + * Generic header file for ssh. + * + */ -ssh.h +/* RCSID("$Id: ssh.h,v 1.30 1999/12/06 20:15:29 deraadt Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Fri Mar 17 17:09:37 1995 ylo - -Generic header file for ssh. - -*/ - -/* RCSID("$Id: ssh.h,v 1.13 1999/10/16 20:47:14 markus Exp $"); */ - #ifndef SSH_H #define SSH_H #include "rsa.h" #include "cipher.h" -/* The default cipher used if IDEA is not supported by the remote host. - It is recommended that this be one of the mandatory ciphers (DES, 3DES), - though that is not required. */ +/* + * The default cipher used if IDEA is not supported by the remote host. It is + * recommended that this be one of the mandatory ciphers (DES, 3DES), though + * that is not required. + */ #define SSH_FALLBACK_CIPHER SSH_CIPHER_3DES /* Cipher used for encrypting authentication files. */ @@ -35,123 +37,166 @@ /* Maximum number of TCP/IP ports forwarded per direction. */ #define SSH_MAX_FORWARDS_PER_DIRECTION 100 -/* Maximum number of RSA authentication identity files that can be specified - in configuration files or on the command line. */ +/* + * Maximum number of RSA authentication identity files that can be specified + * in configuration files or on the command line. + */ #define SSH_MAX_IDENTITY_FILES 100 -/* Major protocol version. Different version indicates major incompatiblity - that prevents communication. */ +/* + * Major protocol version. Different version indicates major incompatiblity + * that prevents communication. + */ #define PROTOCOL_MAJOR 1 -/* Minor protocol version. Different version indicates minor incompatibility - that does not prevent interoperation. */ +/* + * Minor protocol version. Different version indicates minor incompatibility + * that does not prevent interoperation. + */ #define PROTOCOL_MINOR 5 -/* Name for the service. The port named by this service overrides the default - port if present. */ +/* + * Name for the service. The port named by this service overrides the + * default port if present. + */ #define SSH_SERVICE_NAME "ssh" #define ETCDIR "/etc" #define PIDDIR "/var/run" -/* System-wide file containing host keys of known hosts. This file should be - world-readable. */ +/* + * System-wide file containing host keys of known hosts. This file should be + * world-readable. + */ #define SSH_SYSTEM_HOSTFILE ETCDIR "/ssh_known_hosts" -/* HOST_KEY_FILE /etc/ssh_host_key, - SERVER_CONFIG_FILE /etc/sshd_config, -and HOST_CONFIG_FILE /etc/ssh_config -are all defined in Makefile.in. Of these, ssh_host_key should be readable -only by root, whereas ssh_config should be world-readable. */ - -#define HOST_KEY_FILE "/etc/ssh_host_key" -#define SERVER_CONFIG_FILE "/etc/sshd_config" -#define HOST_CONFIG_FILE "/etc/ssh_config" +/* + * Of these, ssh_host_key must be readable only by root, whereas ssh_config + * should be world-readable. + */ +#define HOST_KEY_FILE ETCDIR "/ssh_host_key" +#define SERVER_CONFIG_FILE ETCDIR "/sshd_config" +#define HOST_CONFIG_FILE ETCDIR "/ssh_config" #define SSH_PROGRAM "/usr/bin/ssh" -/* The process id of the daemon listening for connections is saved - here to make it easier to kill the correct daemon when necessary. */ +/* + * The process id of the daemon listening for connections is saved here to + * make it easier to kill the correct daemon when necessary. + */ #define SSH_DAEMON_PID_FILE PIDDIR "/sshd.pid" -/* The directory in user\'s home directory in which the files reside. - The directory should be world-readable (though not all files are). */ +/* + * The directory in user\'s home directory in which the files reside. The + * directory should be world-readable (though not all files are). + */ #define SSH_USER_DIR ".ssh" -/* Per-user file containing host keys of known hosts. This file need - not be readable by anyone except the user him/herself, though this does - not contain anything particularly secret. */ +/* + * Per-user file containing host keys of known hosts. This file need not be + * readable by anyone except the user him/herself, though this does not + * contain anything particularly secret. + */ #define SSH_USER_HOSTFILE "~/.ssh/known_hosts" -/* Name of the default file containing client-side authentication key. - This file should only be readable by the user him/herself. */ +/* + * Name of the default file containing client-side authentication key. This + * file should only be readable by the user him/herself. + */ #define SSH_CLIENT_IDENTITY ".ssh/identity" -/* Configuration file in user\'s home directory. This file need not be - readable by anyone but the user him/herself, but does not contain - anything particularly secret. If the user\'s home directory resides - on an NFS volume where root is mapped to nobody, this may need to be - world-readable. */ +/* + * Configuration file in user\'s home directory. This file need not be + * readable by anyone but the user him/herself, but does not contain anything + * particularly secret. If the user\'s home directory resides on an NFS + * volume where root is mapped to nobody, this may need to be world-readable. + */ #define SSH_USER_CONFFILE ".ssh/config" -/* File containing a list of those rsa keys that permit logging in as - this user. This file need not be - readable by anyone but the user him/herself, but does not contain - anything particularly secret. If the user\'s home directory resides - on an NFS volume where root is mapped to nobody, this may need to be - world-readable. (This file is read by the daemon which is running as - root.) */ +/* + * File containing a list of those rsa keys that permit logging in as this + * user. This file need not be readable by anyone but the user him/herself, + * but does not contain anything particularly secret. If the user\'s home + * directory resides on an NFS volume where root is mapped to nobody, this + * may need to be world-readable. (This file is read by the daemon which is + * running as root.) + */ #define SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys" -/* Per-user and system-wide ssh "rc" files. These files are executed with - /bin/sh before starting the shell or command if they exist. They - will be passed "proto cookie" as arguments if X11 forwarding with - spoofing is in use. xauth will be run if neither of these exists. */ +/* + * Per-user and system-wide ssh "rc" files. These files are executed with + * /bin/sh before starting the shell or command if they exist. They will be + * passed "proto cookie" as arguments if X11 forwarding with spoofing is in + * use. xauth will be run if neither of these exists. + */ #define SSH_USER_RC ".ssh/rc" #define SSH_SYSTEM_RC ETCDIR "/sshrc" -/* Ssh-only version of /etc/hosts.equiv. */ +/* + * Ssh-only version of /etc/hosts.equiv. Additionally, the daemon may use + * ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled. + */ #define SSH_HOSTS_EQUIV ETCDIR "/shosts.equiv" -/* Additionally, the daemon may use ~/.rhosts and /etc/hosts.equiv if - rhosts authentication is enabled. */ - -/* Name of the environment variable containing the pathname of the - authentication socket. */ +/* + * Name of the environment variable containing the pathname of the + * authentication socket. + */ #define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK" -/* Force host key length and server key length to differ by at least this - many bits. This is to make double encryption with rsaref work. */ +/* + * Name of the environment variable containing the pathname of the + * authentication socket. + */ +#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID" + +/* + * Default path to ssh-askpass used by ssh-add, + * environment variable for overwriting the default location + */ +#define SSH_ASKPASS_DEFAULT "/usr/X11R6/bin/ssh-askpass" +#define SSH_ASKPASS_ENV "SSH_ASKPASS" + +/* + * Force host key length and server key length to differ by at least this + * many bits. This is to make double encryption with rsaref work. + */ #define SSH_KEY_BITS_RESERVED 128 -/* Length of the session key in bytes. (Specified as 256 bits in the - protocol.) */ +/* + * Length of the session key in bytes. (Specified as 256 bits in the + * protocol.) + */ #define SSH_SESSION_KEY_LENGTH 32 /* Name of Kerberos service for SSH to use. */ #define KRB4_SERVICE_NAME "rcmd" -/* Authentication methods. New types can be added, but old types should not - be removed for compatibility. The maximum allowed value is 31. */ +/* + * Authentication methods. New types can be added, but old types should not + * be removed for compatibility. The maximum allowed value is 31. + */ #define SSH_AUTH_RHOSTS 1 #define SSH_AUTH_RSA 2 #define SSH_AUTH_PASSWORD 3 #define SSH_AUTH_RHOSTS_RSA 4 - /* 5 is TIS */ +#define SSH_AUTH_TIS 5 #define SSH_AUTH_KERBEROS 6 #define SSH_PASS_KERBEROS_TGT 7 /* 8 to 15 are reserved */ #define SSH_PASS_AFS_TOKEN 21 /* Protocol flags. These are bit masks. */ -#define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes screen */ -#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain host */ +#define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes screen */ +#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain host */ -/* Definition of message types. New values can be added, but old values - should not be removed or without careful consideration of the consequences - for compatibility. The maximum value is 254; value 255 is reserved - for future extension. */ -/* Message name */ /* msg code */ /* arguments */ +/* + * Definition of message types. New values can be added, but old values + * should not be removed or without careful consideration of the consequences + * for compatibility. The maximum value is 254; value 255 is reserved for + * future extension. + */ +/* Message name */ /* msg code */ /* arguments */ #define SSH_MSG_NONE 0 /* no message */ #define SSH_MSG_DISCONNECT 1 /* cause (string) */ #define SSH_SMSG_PUBLIC_KEY 2 /* ck,msk,srvk,hostk */ @@ -191,406 +236,486 @@ #define SSH_MSG_DEBUG 36 /* string */ #define SSH_CMSG_REQUEST_COMPRESSION 37 /* level 1-9 (int) */ #define SSH_CMSG_MAX_PACKET_SIZE 38 /* size 4k-1024k (int) */ -#define SSH_CMSG_AUTH_TIS 39 /* this is proto-1.5, but we ignore TIS */ -#define SSH_SMSG_AUTH_TIS_CHALLENGE 40 -#define SSH_CMSG_AUTH_TIS_RESPONSE 41 - +#define SSH_CMSG_AUTH_TIS 39 /* we use this for s/key */ +#define SSH_SMSG_AUTH_TIS_CHALLENGE 40 /* challenge (string) */ +#define SSH_CMSG_AUTH_TIS_RESPONSE 41 /* response (string) */ #define SSH_CMSG_AUTH_KERBEROS 42 /* (KTEXT) */ #define SSH_SMSG_AUTH_KERBEROS_RESPONSE 43 /* (KTEXT) */ #define SSH_CMSG_HAVE_KERBEROS_TGT 44 /* credentials (s) */ #define SSH_CMSG_HAVE_AFS_TOKEN 65 /* token (s) */ - -/* Includes that need definitions above. */ - -#include "readconf.h" - /*------------ definitions for login.c -------------*/ -/* Returns the time when the user last logged in. Returns 0 if the - information is not available. This must be called before record_login. - The host from which the user logged in is stored in buf. */ -unsigned long get_last_login_time(uid_t uid, const char *logname, - char *buf, unsigned int bufsize); - -/* Records that the user has logged in. This does many things normally - done by login(1). */ -void record_login(int pid, const char *ttyname, const char *user, uid_t uid, - const char *host, struct sockaddr_in *addr); - -/* Records that the user has logged out. This does many thigs normally - done by login(1) or init. */ -void record_logout(int pid, const char *ttyname); +/* + * Returns the time when the user last logged in. Returns 0 if the + * information is not available. This must be called before record_login. + * The host from which the user logged in is stored in buf. + */ +unsigned long +get_last_login_time(uid_t uid, const char *logname, + char *buf, unsigned int bufsize); + +/* + * Records that the user has logged in. This does many things normally done + * by login(1). + */ +void +record_login(int pid, const char *ttyname, const char *user, uid_t uid, + const char *host, struct sockaddr_in * addr); + +/* + * Records that the user has logged out. This does many thigs normally done + * by login(1) or init. + */ +void record_logout(int pid, const char *ttyname); /*------------ definitions for sshconnect.c ----------*/ -/* Opens a TCP/IP connection to the remote server on the given host. If - port is 0, the default port will be used. If anonymous is zero, - a privileged port will be allocated to make the connection. - This requires super-user privileges if anonymous is false. - Connection_attempts specifies the maximum number of tries, one per - second. This returns true on success, and zero on failure. If the - connection is successful, this calls packet_set_connection for the - connection. */ -int ssh_connect(const char *host, struct sockaddr_in *hostaddr, - int port, int connection_attempts, - int anonymous, uid_t original_real_uid, - const char *proxy_command); - -/* Starts a dialog with the server, and authenticates the current user on the - server. This does not need any extra privileges. The basic connection - to the server must already have been established before this is called. - If login fails, this function prints an error and never returns. - This initializes the random state, and leaves it initialized (it will also - have references from the packet module). */ -void ssh_login(int host_key_valid, RSA *host_key, const char *host, - struct sockaddr_in *hostaddr, Options *options, - uid_t original_real_uid); +/* + * Opens a TCP/IP connection to the remote server on the given host. If port + * is 0, the default port will be used. If anonymous is zero, a privileged + * port will be allocated to make the connection. This requires super-user + * privileges if anonymous is false. Connection_attempts specifies the + * maximum number of tries, one per second. This returns true on success, + * and zero on failure. If the connection is successful, this calls + * packet_set_connection for the connection. + */ +int +ssh_connect(const char *host, struct sockaddr_in * hostaddr, + u_short port, int connection_attempts, + int anonymous, uid_t original_real_uid, + const char *proxy_command); + +/* + * Starts a dialog with the server, and authenticates the current user on the + * server. This does not need any extra privileges. The basic connection to + * the server must already have been established before this is called. If + * login fails, this function prints an error and never returns. This + * initializes the random state, and leaves it initialized (it will also have + * references from the packet module). + */ + +void +ssh_login(int host_key_valid, RSA * host_key, const char *host, + struct sockaddr_in * hostaddr, uid_t original_real_uid); /*------------ Definitions for various authentication methods. -------*/ -/* Tries to authenticate the user using the .rhosts file. Returns true if - authentication succeeds. If ignore_rhosts is non-zero, this will not - consider .rhosts and .shosts (/etc/hosts.equiv will still be used). - If strict_modes is true, checks ownership and modes of .rhosts/.shosts. */ -int auth_rhosts(struct passwd *pw, const char *client_user, - int ignore_rhosts, int strict_modes); - -/* Tries to authenticate the user using the .rhosts file and the host using - its host key. Returns true if authentication succeeds. */ -int auth_rhosts_rsa(struct passwd *pw, const char *client_user, - unsigned int bits, BIGNUM *client_host_key_e, - BIGNUM *client_host_key_n, int ignore_rhosts, - int strict_modes); - -/* Tries to authenticate the user using password. Returns true if - authentication succeeds. */ -int auth_password(struct passwd *pw, const char *password); - -/* Performs the RSA authentication dialog with the client. This returns - 0 if the client could not be authenticated, and 1 if authentication was - successful. This may exit if there is a serious protocol violation. */ -int auth_rsa(struct passwd *pw, BIGNUM *client_n, int strict_modes); - -/* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer - over the key. Skips any whitespace at the beginning and at end. */ -int auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM *e, BIGNUM *n); - -/* Returns the name of the machine at the other end of the socket. The - returned string should be freed by the caller. */ -char *get_remote_hostname(int socket); - -/* Return the canonical name of the host in the other side of the current - connection (as returned by packet_get_connection). The host name is - cached, so it is efficient to call this several times. */ +/* + * Tries to authenticate the user using the .rhosts file. Returns true if + * authentication succeeds. If ignore_rhosts is non-zero, this will not + * consider .rhosts and .shosts (/etc/hosts.equiv will still be used). + */ +int auth_rhosts(struct passwd * pw, const char *client_user); + +/* + * Tries to authenticate the user using the .rhosts file and the host using + * its host key. Returns true if authentication succeeds. + */ +int +auth_rhosts_rsa(struct passwd * pw, const char *client_user, + BIGNUM * client_host_key_e, BIGNUM * client_host_key_n); + +/* + * Tries to authenticate the user using password. Returns true if + * authentication succeeds. + */ +int auth_password(struct passwd * pw, const char *password); + +/* + * Performs the RSA authentication dialog with the client. This returns 0 if + * the client could not be authenticated, and 1 if authentication was + * successful. This may exit if there is a serious protocol violation. + */ +int auth_rsa(struct passwd * pw, BIGNUM * client_n); + +/* + * Parses an RSA key (number of bits, e, n) from a string. Moves the pointer + * over the key. Skips any whitespace at the beginning and at end. + */ +int auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n); + +/* + * Returns the name of the machine at the other end of the socket. The + * returned string should be freed by the caller. + */ +char *get_remote_hostname(int socket); + +/* + * Return the canonical name of the host in the other side of the current + * connection (as returned by packet_get_connection). The host name is + * cached, so it is efficient to call this several times. + */ const char *get_canonical_hostname(void); -/* Returns the remote IP address as an ascii string. The value need not be - freed by the caller. */ +/* + * Returns the remote IP address as an ascii string. The value need not be + * freed by the caller. + */ const char *get_remote_ipaddr(void); /* Returns the port number of the peer of the socket. */ -int get_peer_port(int sock); +int get_peer_port(int sock); /* Returns the port number of the remote host. */ -int get_remote_port(void); +int get_remote_port(void); -/* Tries to match the host name (which must be in all lowercase) against the - comma-separated sequence of subpatterns (each possibly preceded by ! to - indicate negation). Returns true if there is a positive match; zero - otherwise. */ -int match_hostname(const char *host, const char *pattern, unsigned int len); - -/* Checks whether the given host is already in the list of our known hosts. - Returns HOST_OK if the host is known and has the specified key, - HOST_NEW if the host is not known, and HOST_CHANGED if the host is known - but used to have a different host key. The host must be in all lowercase. */ -typedef enum { HOST_OK, HOST_NEW, HOST_CHANGED } HostStatus; -HostStatus check_host_in_hostfile(const char *filename, - const char *host, unsigned int bits, - BIGNUM *e, BIGNUM *n, - BIGNUM *ke, BIGNUM *kn); - -/* Appends an entry to the host file. Returns false if the entry - could not be appended. */ -int add_host_to_hostfile(const char *filename, const char *host, - unsigned int bits, BIGNUM *e, BIGNUM *n); - -/* Performs the RSA authentication challenge-response dialog with the client, - and returns true (non-zero) if the client gave the correct answer to - our challenge; returns zero if the client gives a wrong answer. */ -int auth_rsa_challenge_dialog(unsigned int bits, BIGNUM *e, BIGNUM *n); - -/* Reads a passphrase from /dev/tty with echo turned off. Returns the - passphrase (allocated with xmalloc). Exits if EOF is encountered. - If from_stdin is true, the passphrase will be read from stdin instead. */ -char *read_passphrase(const char *prompt, int from_stdin); - -/* Saves the authentication (private) key in a file, encrypting it with - passphrase. The identification of the file (lowest 64 bits of n) - will precede the key to provide identification of the key without - needing a passphrase. */ -int save_private_key(const char *filename, const char *passphrase, - RSA *private_key, const char *comment); - -/* Loads the public part of the key file (public key and comment). - Returns 0 if an error occurred; zero if the public key was successfully - read. The comment of the key is returned in comment_return if it is - non-NULL; the caller must free the value with xfree. */ -int load_public_key(const char *filename, RSA *pub, - char **comment_return); - -/* Loads the private key from the file. Returns 0 if an error is encountered - (file does not exist or is not readable, or passphrase is bad). - This initializes the private key. The comment of the key is returned - in comment_return if it is non-NULL; the caller must free the value - with xfree. */ -int load_private_key(const char *filename, const char *passphrase, - RSA *private_key, char **comment_return); +/* + * Tries to match the host name (which must be in all lowercase) against the + * comma-separated sequence of subpatterns (each possibly preceded by ! to + * indicate negation). Returns true if there is a positive match; zero + * otherwise. + */ +int match_hostname(const char *host, const char *pattern, unsigned int len); + +/* + * Checks whether the given host is already in the list of our known hosts. + * Returns HOST_OK if the host is known and has the specified key, HOST_NEW + * if the host is not known, and HOST_CHANGED if the host is known but used + * to have a different host key. The host must be in all lowercase. + */ +typedef enum { + HOST_OK, HOST_NEW, HOST_CHANGED +} HostStatus; +HostStatus +check_host_in_hostfile(const char *filename, const char *host, + BIGNUM * e, BIGNUM * n, BIGNUM * ke, BIGNUM * kn); + +/* + * Appends an entry to the host file. Returns false if the entry could not + * be appended. + */ +int +add_host_to_hostfile(const char *filename, const char *host, + BIGNUM * e, BIGNUM * n); + +/* + * Performs the RSA authentication challenge-response dialog with the client, + * and returns true (non-zero) if the client gave the correct answer to our + * challenge; returns zero if the client gives a wrong answer. + */ +int auth_rsa_challenge_dialog(BIGNUM * e, BIGNUM * n); + +/* + * Reads a passphrase from /dev/tty with echo turned off. Returns the + * passphrase (allocated with xmalloc). Exits if EOF is encountered. If + * from_stdin is true, the passphrase will be read from stdin instead. + */ +char *read_passphrase(const char *prompt, int from_stdin); + +/* + * Saves the authentication (private) key in a file, encrypting it with + * passphrase. The identification of the file (lowest 64 bits of n) will + * precede the key to provide identification of the key without needing a + * passphrase. + */ +int +save_private_key(const char *filename, const char *passphrase, + RSA * private_key, const char *comment); + +/* + * Loads the public part of the key file (public key and comment). Returns 0 + * if an error occurred; zero if the public key was successfully read. The + * comment of the key is returned in comment_return if it is non-NULL; the + * caller must free the value with xfree. + */ +int +load_public_key(const char *filename, RSA * pub, + char **comment_return); + +/* + * Loads the private key from the file. Returns 0 if an error is encountered + * (file does not exist or is not readable, or passphrase is bad). This + * initializes the private key. The comment of the key is returned in + * comment_return if it is non-NULL; the caller must free the value with + * xfree. + */ +int +load_private_key(const char *filename, const char *passphrase, + RSA * private_key, char **comment_return); /*------------ Definitions for logging. -----------------------*/ - -/* Supported syslog facilities. */ -typedef enum -{ - SYSLOG_FACILITY_DAEMON, - SYSLOG_FACILITY_USER, - SYSLOG_FACILITY_AUTH, - SYSLOG_FACILITY_LOCAL0, - SYSLOG_FACILITY_LOCAL1, - SYSLOG_FACILITY_LOCAL2, - SYSLOG_FACILITY_LOCAL3, - SYSLOG_FACILITY_LOCAL4, - SYSLOG_FACILITY_LOCAL5, - SYSLOG_FACILITY_LOCAL6, - SYSLOG_FACILITY_LOCAL7 -} SyslogFacility; - -/* Initializes logging. If debug is non-zero, debug() will output something. - If quiet is non-zero, none of these will log send anything to syslog - (but maybe to stderr). */ -void log_init(char *av0, int on_stderr, int debug, int quiet, - SyslogFacility facility); - -/* Outputs a message to syslog or stderr, depending on the implementation. - The format must guarantee that the final message does not exceed 1024 - characters. The message should not contain newline. */ -void log(const char *fmt, ...); - -/* Outputs a message to syslog or stderr, depending on the implementation. - The format must guarantee that the final message does not exceed 1024 - characters. The message should not contain newline. */ -void debug(const char *fmt, ...); - -/* Outputs a message to syslog or stderr, depending on the implementation. - The format must guarantee that the final message does not exceed 1024 - characters. The message should not contain newline. */ -void error(const char *fmt, ...); - -/* Outputs a message to syslog or stderr, depending on the implementation. - The format must guarantee that the final message does not exceed 1024 - characters. The message should not contain newline. - This call never returns. */ -void fatal(const char *fmt, ...); - -/* Registers a cleanup function to be called by fatal() before exiting. - It is permissible to call fatal_remove_cleanup for the function itself - from the function. */ -void fatal_add_cleanup(void (*proc)(void *context), void *context); -/* Removes a cleanup frunction to be called at fatal(). */ -void fatal_remove_cleanup(void (*proc)(void *context), void *context); +/* Supported syslog facilities and levels. */ +typedef enum { + SYSLOG_FACILITY_DAEMON, + SYSLOG_FACILITY_USER, + SYSLOG_FACILITY_AUTH, + SYSLOG_FACILITY_LOCAL0, + SYSLOG_FACILITY_LOCAL1, + SYSLOG_FACILITY_LOCAL2, + SYSLOG_FACILITY_LOCAL3, + SYSLOG_FACILITY_LOCAL4, + SYSLOG_FACILITY_LOCAL5, + SYSLOG_FACILITY_LOCAL6, + SYSLOG_FACILITY_LOCAL7 +} SyslogFacility; + +typedef enum { + SYSLOG_LEVEL_QUIET, + SYSLOG_LEVEL_FATAL, + SYSLOG_LEVEL_ERROR, + SYSLOG_LEVEL_INFO, + SYSLOG_LEVEL_VERBOSE, + SYSLOG_LEVEL_DEBUG +} LogLevel; +/* Initializes logging. */ +void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr); + +/* Logging implementation, depending on server or client */ +void do_log(LogLevel level, const char *fmt, va_list args); + +/* name to facility/level */ +SyslogFacility log_facility_number(char *name); +LogLevel log_level_number(char *name); + +/* Output a message to syslog or stderr */ +void fatal(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void error(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void log(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void verbose(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); + +/* same as fatal() but w/o logging */ +void fatal_cleanup(void); + +/* + * Registers a cleanup function to be called by fatal()/fatal_cleanup() + * before exiting. It is permissible to call fatal_remove_cleanup for the + * function itself from the function. + */ +void fatal_add_cleanup(void (*proc) (void *context), void *context); -/*---------------- definitions for x11.c ------------------*/ +/* Removes a cleanup function to be called at fatal(). */ +void fatal_remove_cleanup(void (*proc) (void *context), void *context); +/*---------------- definitions for channels ------------------*/ /* Sets specific protocol options. */ -void channel_set_options(int hostname_in_open); +void channel_set_options(int hostname_in_open); -/* Allocate a new channel object and set its type and socket. Remote_name - must have been allocated with xmalloc; this will free it when the channel - is freed. */ -int channel_allocate(int type, int sock, char *remote_name); +/* + * Allocate a new channel object and set its type and socket. Remote_name + * must have been allocated with xmalloc; this will free it when the channel + * is freed. + */ +int channel_allocate(int type, int sock, char *remote_name); /* Free the channel and close its socket. */ -void channel_free(int channel); +void channel_free(int channel); /* Add any bits relevant to channels in select bitmasks. */ -void channel_prepare_select(fd_set *readset, fd_set *writeset); +void channel_prepare_select(fd_set * readset, fd_set * writeset); -/* After select, perform any appropriate operations for channels which - have events pending. */ -void channel_after_select(fd_set *readset, fd_set *writeset); +/* + * After select, perform any appropriate operations for channels which have + * events pending. + */ +void channel_after_select(fd_set * readset, fd_set * writeset); /* If there is data to send to the connection, send some of it now. */ -void channel_output_poll(void); +void channel_output_poll(void); -/* This is called when a packet of type CHANNEL_DATA has just been received. - The message type has already been consumed, but channel number and data - is still there. */ -void channel_input_data(int payload_len); +/* + * This is called when a packet of type CHANNEL_DATA has just been received. + * The message type has already been consumed, but channel number and data is + * still there. + */ +void channel_input_data(int payload_len); /* Returns true if no channel has too much buffered data. */ -int channel_not_very_much_buffered_data(void); +int channel_not_very_much_buffered_data(void); /* This is called after receiving CHANNEL_CLOSE. */ -void channel_input_close(void); +void channel_input_close(void); /* This is called after receiving CHANNEL_CLOSE_CONFIRMATION. */ -void channel_input_close_confirmation(void); +void channel_input_close_confirmation(void); /* This is called after receiving CHANNEL_OPEN_CONFIRMATION. */ -void channel_input_open_confirmation(void); +void channel_input_open_confirmation(void); /* This is called after receiving CHANNEL_OPEN_FAILURE from the other side. */ -void channel_input_open_failure(void); +void channel_input_open_failure(void); /* This closes any sockets that are listening for connections; this removes any unix domain sockets. */ -void channel_stop_listening(void); +void channel_stop_listening(void); -/* Closes the sockets of all channels. This is used to close extra file - descriptors after a fork. */ -void channel_close_all(void); +/* + * Closes the sockets of all channels. This is used to close extra file + * descriptors after a fork. + */ +void channel_close_all(void); /* Returns the maximum file descriptor number used by the channels. */ -int channel_max_fd(void); +int channel_max_fd(void); /* Returns true if there is still an open channel over the connection. */ -int channel_still_open(void); +int channel_still_open(void); -/* Returns a string containing a list of all open channels. The list is - suitable for displaying to the user. It uses crlf instead of newlines. - The caller should free the string with xfree. */ -char *channel_open_message(void); - -/* Initiate forwarding of connections to local port "port" through the secure - channel to host:port from remote side. This never returns if there - was an error. */ -void channel_request_local_forwarding(int port, const char *host, - int remote_port); - -/* Initiate forwarding of connections to port "port" on remote host through - the secure channel to host:port from local side. This never returns - if there was an error. This registers that open requests for that - port are permitted. */ -void channel_request_remote_forwarding(int port, const char *host, - int remote_port); - -/* Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually - called by the server, because the user could connect to any port anyway, - and the server has no way to know but to trust the client anyway. */ -void channel_permit_all_opens(void); - -/* This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates - listening for the port, and sends back a success reply (or disconnect - message if there was an error). This never returns if there was an - error. */ -void channel_input_port_forward_request(int is_root); - -/* This is called after receiving PORT_OPEN message. This attempts to connect - to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION or - CHANNEL_OPEN_FAILURE. */ -void channel_input_port_open(int payload_len); - -/* Creates a port for X11 connections, and starts listening for it. - Returns the display name, or NULL if an error was encountered. */ -char *x11_create_display(int screen); - -/* Creates an internet domain socket for listening for X11 connections. - Returns a suitable value for the DISPLAY variable, or NULL if an error - occurs. */ -char *x11_create_display_inet(int screen); - -/* This is called when SSH_SMSG_X11_OPEN is received. The packet contains - the remote channel number. We should do whatever we want, and respond - with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. */ -void x11_input_open(int payload_len); - -/* Requests forwarding of X11 connections. This should be called on the - client only. */ -void x11_request_forwarding(void); - -/* Requests forwarding for X11 connections, with authentication spoofing. - This should be called in the client only. */ -void x11_request_forwarding_with_spoofing(const char *proto, const char *data); +/* + * Returns a string containing a list of all open channels. The list is + * suitable for displaying to the user. It uses crlf instead of newlines. + * The caller should free the string with xfree. + */ +char *channel_open_message(void); + +/* + * Initiate forwarding of connections to local port "port" through the secure + * channel to host:port from remote side. This never returns if there was an + * error. + */ +void +channel_request_local_forwarding(u_short port, const char *host, + u_short remote_port); + +/* + * Initiate forwarding of connections to port "port" on remote host through + * the secure channel to host:port from local side. This never returns if + * there was an error. This registers that open requests for that port are + * permitted. + */ +void +channel_request_remote_forwarding(u_short port, const char *host, + u_short remote_port); + +/* + * Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually + * called by the server, because the user could connect to any port anyway, + * and the server has no way to know but to trust the client anyway. + */ +void channel_permit_all_opens(void); + +/* + * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates + * listening for the port, and sends back a success reply (or disconnect + * message if there was an error). This never returns if there was an error. + */ +void channel_input_port_forward_request(int is_root); + +/* + * This is called after receiving PORT_OPEN message. This attempts to + * connect to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION + * or CHANNEL_OPEN_FAILURE. + */ +void channel_input_port_open(int payload_len); + +/* + * Creates a port for X11 connections, and starts listening for it. Returns + * the display name, or NULL if an error was encountered. + */ +char *x11_create_display(int screen); + +/* + * Creates an internet domain socket for listening for X11 connections. + * Returns a suitable value for the DISPLAY variable, or NULL if an error + * occurs. + */ +char *x11_create_display_inet(int screen); + +/* + * This is called when SSH_SMSG_X11_OPEN is received. The packet contains + * the remote channel number. We should do whatever we want, and respond + * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. + */ +void x11_input_open(int payload_len); + +/* + * Requests forwarding of X11 connections. This should be called on the + * client only. + */ +void x11_request_forwarding(void); + +/* + * Requests forwarding for X11 connections, with authentication spoofing. + * This should be called in the client only. + */ +void x11_request_forwarding_with_spoofing(const char *proto, const char *data); -/* Local Xauthority file (server only). */ -extern char *xauthfile; - /* Sends a message to the server to request authentication fd forwarding. */ -void auth_request_forwarding(void); +void auth_request_forwarding(void); -/* Returns the number of the file descriptor to pass to child programs as - the authentication fd. */ -int auth_get_fd(void); - -/* Returns the name of the forwarded authentication socket. Returns NULL - if there is no forwarded authentication socket. The returned value points - to a static buffer. */ -char *auth_get_socket_name(void); - -/* This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. - This starts forwarding authentication requests. */ -void auth_input_request_forwarding(struct passwd *pw); +/* + * Returns the name of the forwarded authentication socket. Returns NULL if + * there is no forwarded authentication socket. The returned value points to + * a static buffer. + */ +char *auth_get_socket_name(void); + +/* + * This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. + * This starts forwarding authentication requests. + */ +void auth_input_request_forwarding(struct passwd * pw); /* This is called to process an SSH_SMSG_AGENT_OPEN message. */ -void auth_input_open_request(void); +void auth_input_open_request(void); -/* Returns true if the given string matches the pattern (which may contain - ? and * as wildcards), and zero if it does not match. */ -int match_pattern(const char *s, const char *pattern); - -/* Expands tildes in the file name. Returns data allocated by xmalloc. - Warning: this calls getpw*. */ -char *tilde_expand_filename(const char *filename, uid_t my_uid); - -/* Gets a file descriptor that won't get closed by shell pathname. - If pathname is NULL, the path is inferred from the SHELL environment - variable or the user id. */ -int get_permanent_fd(const char *pathname); - -/* Performs the interactive session. This handles data transmission between - the client and the program. Note that the notion of stdin, stdout, and - stderr in this function is sort of reversed: this function writes to - stdin (of the child program), and reads from stdout and stderr (of the - child program). */ -void server_loop(int pid, int fdin, int fdout, int fderr); +/* + * Returns true if the given string matches the pattern (which may contain ? + * and * as wildcards), and zero if it does not match. + */ +int match_pattern(const char *s, const char *pattern); + +/* + * Expands tildes in the file name. Returns data allocated by xmalloc. + * Warning: this calls getpw*. + */ +char *tilde_expand_filename(const char *filename, uid_t my_uid); + +/* + * Performs the interactive session. This handles data transmission between + * the client and the program. Note that the notion of stdin, stdout, and + * stderr in this function is sort of reversed: this function writes to stdin + * (of the child program), and reads from stdout and stderr (of the child + * program). + */ +void server_loop(int pid, int fdin, int fdout, int fderr); /* Client side main loop for the interactive session. */ -int client_loop(int have_pty, int escape_char); +int client_loop(int have_pty, int escape_char); /* Linked list of custom environment strings (see auth-rsa.c). */ struct envstring { - struct envstring *next; - char *s; + struct envstring *next; + char *s; }; +/* + * Ensure all of data on socket comes through. f==read || f==write + */ +int atomicio(int (*f)(), int fd, void *s, size_t n); + #ifdef KRB4 #include - -/* Performs Kerberos v4 mutual authentication with the client. This returns - 0 if the client could not be authenticated, and 1 if authentication was - successful. This may exit if there is a serious protocol violation. */ -int auth_krb4(const char *server_user, KTEXT auth, char **client); -int ssh_tf_init(uid_t uid); +/* + * Performs Kerberos v4 mutual authentication with the client. This returns 0 + * if the client could not be authenticated, and 1 if authentication was + * successful. This may exit if there is a serious protocol violation. + */ +int auth_krb4(const char *server_user, KTEXT auth, char **client); +int krb4_init(uid_t uid); +void krb4_cleanup_proc(void *ignore); +int auth_krb4_password(struct passwd * pw, const char *password); #ifdef AFS #include /* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */ -int auth_kerberos_tgt(struct passwd *pw, const char *string); -int auth_afs_token(char *server_user, uid_t uid, const char *string); +int auth_kerberos_tgt(struct passwd * pw, const char *string); +int auth_afs_token(struct passwd * pw, const char *token_string); -int creds_to_radix(CREDENTIALS *creds, unsigned char *buf); -int radix_to_creds(const char *buf, CREDENTIALS *creds); -#endif /* AFS */ +int creds_to_radix(CREDENTIALS * creds, unsigned char *buf); +int radix_to_creds(const char *buf, CREDENTIALS * creds); +#endif /* AFS */ -#endif /* KRB4 */ +#endif /* KRB4 */ #ifdef SKEY #include -char *skey_fake_keyinfo(char *username); -#endif /* SKEY */ +char *skey_fake_keyinfo(char *username); +int auth_skey_password(struct passwd * pw, const char *password); +#endif /* SKEY */ -#endif /* SSH_H */ +#endif /* SSH_H */ Index: usr.bin/ssh/ssh_config =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh_config,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- usr.bin/ssh/ssh_config 1999/10/03 22:10:11 1.2 +++ usr.bin/ssh/ssh_config 1999/10/27 03:38:42 1.3 @@ -26,5 +26,5 @@ # StrictHostKeyChecking no # IdentityFile ~/.ssh/identity # Port 22 -# Cipher idea +# Cipher blowfish # EscapeChar ~ Index: usr.bin/ssh/ssh_md5.c =================================================================== RCS file: ssh_md5.c diff -N ssh_md5.c --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsEUcPF31367 Wed Dec 8 12:42:11 1999 @@ -0,0 +1,237 @@ +/* This code has been heavily hacked by Tatu Ylonen to + make it compile on machines like Cray that don't have a 32 bit integer + type. */ +/* + * This code implements the MD5 message-digest algorithm. + * The algorithm is due to Ron Rivest. This code was + * written by Colin Plumb in 1993, no copyright is claimed. + * This code is in the public domain; do with it what you wish. + * + * Equivalent code is available from RSA Data Security, Inc. + * This code has been tested against that, and is equivalent, + * except that you don't need to include two pages of legalese + * with every copy. + * + * To compute the message digest of a chunk of bytes, declare an + * MD5Context structure, pass it to MD5Init, call MD5Update as + * needed on buffers full of bytes, and then call MD5Final, which + * will fill a supplied 16-byte array with the digest. + */ + +#include "includes.h" +#include "ssh_md5.h" +#include "getput.h" + +/* + * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious + * initialization constants. + */ +void MD5Init(struct MD5Context *ctx) +{ + ctx->buf[0] = 0x67452301; + ctx->buf[1] = 0xefcdab89; + ctx->buf[2] = 0x98badcfe; + ctx->buf[3] = 0x10325476; + + ctx->bits[0] = 0; + ctx->bits[1] = 0; +} + +/* + * Update context to reflect the concatenation of another buffer full + * of bytes. + */ +void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len) +{ + u_int32_t t; + + /* Update bitcount */ + + t = ctx->bits[0]; + if ((ctx->bits[0] = (t + ((u_int32_t)len << 3)) & 0xffffffff) < t) + ctx->bits[1]++; /* Carry from low to high */ + ctx->bits[1] += len >> 29; + + t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ + + /* Handle any leading odd-sized chunks */ + + if (t) { + unsigned char *p = ctx->in + t; + + t = 64 - t; + if (len < t) { + memcpy(p, buf, len); + return; + } + memcpy(p, buf, t); + MD5Transform(ctx->buf, ctx->in); + buf += t; + len -= t; + } + /* Process data in 64-byte chunks */ + + while (len >= 64) { + memcpy(ctx->in, buf, 64); + MD5Transform(ctx->buf, ctx->in); + buf += 64; + len -= 64; + } + + /* Handle any remaining bytes of data. */ + + memcpy(ctx->in, buf, len); +} + +/* + * Final wrapup - pad to 64-byte boundary with the bit pattern + * 1 0* (64-bit count of bits processed, MSB-first) + */ +void MD5Final(unsigned char digest[16], struct MD5Context *ctx) +{ + unsigned count; + unsigned char *p; + + /* Compute number of bytes mod 64 */ + count = (ctx->bits[0] >> 3) & 0x3F; + + /* Set the first char of padding to 0x80. This is safe since there is + always at least one byte free */ + p = ctx->in + count; + *p++ = 0x80; + + /* Bytes of padding needed to make 64 bytes */ + count = 64 - 1 - count; + + /* Pad out to 56 mod 64 */ + if (count < 8) { + /* Two lots of padding: Pad the first block to 64 bytes */ + memset(p, 0, count); + MD5Transform(ctx->buf, ctx->in); + + /* Now fill the next block with 56 bytes */ + memset(ctx->in, 0, 56); + } else { + /* Pad block to 56 bytes */ + memset(p, 0, count - 8); + } + + /* Append length in bits and transform */ + PUT_32BIT_LSB_FIRST(ctx->in + 56, ctx->bits[0]); + PUT_32BIT_LSB_FIRST(ctx->in + 60, ctx->bits[1]); + + MD5Transform(ctx->buf, ctx->in); + PUT_32BIT_LSB_FIRST(digest, ctx->buf[0]); + PUT_32BIT_LSB_FIRST(digest + 4, ctx->buf[1]); + PUT_32BIT_LSB_FIRST(digest + 8, ctx->buf[2]); + PUT_32BIT_LSB_FIRST(digest + 12, ctx->buf[3]); + memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ +} + +#ifndef ASM_MD5 + +/* The four core functions - F1 is optimized somewhat */ + +/* #define F1(x, y, z) (x & y | ~x & z) */ +#define F1(x, y, z) (z ^ (x & (y ^ z))) +#define F2(x, y, z) F1(z, x, y) +#define F3(x, y, z) (x ^ y ^ z) +#define F4(x, y, z) (y ^ (x | ~z)) + +/* This is the central step in the MD5 algorithm. */ +#define MD5STEP(f, w, x, y, z, data, s) \ + ( w += f(x, y, z) + data, w = w<>(32-s), w += x ) + +/* + * The core of the MD5 algorithm, this alters an existing MD5 hash to + * reflect the addition of 16 longwords of new data. MD5Update blocks + * the data and converts bytes into longwords for this routine. + */ +void MD5Transform(u_int32_t buf[4], const unsigned char inext[64]) +{ + register u_int32_t a, b, c, d, i; + u_int32_t in[16]; + + for (i = 0; i < 16; i++) + in[i] = GET_32BIT_LSB_FIRST(inext + 4 * i); + + a = buf[0]; + b = buf[1]; + c = buf[2]; + d = buf[3]; + + MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); + MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); + MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); + MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); + MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); + MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); + MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); + MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); + MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); + MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); + MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); + MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); + MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); + MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); + MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); + MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); + + MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); + MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); + MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); + MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); + MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); + MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); + MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); + MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); + MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); + MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); + MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); + MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); + MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); + MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); + MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); + MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); + + MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); + MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); + MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); + MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); + MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); + MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); + MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); + MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); + MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); + MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); + MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); + MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); + MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); + MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); + MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); + MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); + + MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); + MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); + MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); + MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); + MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); + MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); + MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); + MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); + MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); + MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); + MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); + MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); + MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); + MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); + MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); + MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); + + buf[0] += a; + buf[1] += b; + buf[2] += c; + buf[3] += d; +} + +#endif Index: usr.bin/ssh/ssh_md5.h =================================================================== RCS file: ssh_md5.h diff -N ssh_md5.h --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsqsVfZ31367 Wed Dec 8 12:42:11 1999 @@ -0,0 +1,20 @@ +#ifndef MD5_H +#define MD5_H + +struct MD5Context { + u_int32_t buf[4]; + u_int32_t bits[2]; + unsigned char in[64]; +}; + +#define MD5Init ssh_MD5Init +void MD5Init(struct MD5Context *context); +#define MD5Update ssh_MD5Update +void MD5Update(struct MD5Context *context, unsigned char const *buf, + unsigned len); +#define MD5Final ssh_MD5Final +void MD5Final(unsigned char digest[16], struct MD5Context *context); +#define MD5Transform ssh_MD5Transform +void MD5Transform(u_int32_t buf[4], const unsigned char in[64]); + +#endif /* !MD5_H */ Index: usr.bin/ssh/sshconnect.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshconnect.c,v retrieving revision 1.22 retrieving revision 1.45 diff -u -r1.22 -r1.45 --- usr.bin/ssh/sshconnect.c 1999/10/16 23:11:29 1.22 +++ usr.bin/ssh/sshconnect.c 1999/12/06 20:15:30 1.45 @@ -1,21 +1,14 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Sat Mar 18 22:15:47 1995 ylo + * Code to connect to a remote host, and to perform the client side of the + * login (authentication) dialog. + */ -sshconnect.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Mar 18 22:15:47 1995 ylo - -Code to connect to a remote host, and to perform the client side of the -login (authentication) dialog. - -*/ - #include "includes.h" -RCSID("$Id: sshconnect.c,v 1.22 1999/10/16 23:11:29 markus Exp $"); +RCSID("$Id: sshconnect.c,v 1.45 1999/12/06 20:15:30 deraadt Exp $"); #include #include "xmalloc.h" @@ -27,1469 +20,1586 @@ #include "mpaux.h" #include "uidswap.h" #include "compat.h" +#include "readconf.h" +#include "fingerprint.h" -#include +#include /* Session id for the current session. */ unsigned char session_id[16]; -/* Connect to the given ssh server using a proxy command. */ +extern Options options; +/* + * Connect to the given ssh server using a proxy command. + */ int -ssh_proxy_connect(const char *host, int port, uid_t original_real_uid, +ssh_proxy_connect(const char *host, u_short port, uid_t original_real_uid, const char *proxy_command) { - Buffer command; - const char *cp; - char *command_string; - int pin[2], pout[2]; - int pid; - char portstring[100]; - - /* Convert the port number into a string. */ - snprintf(portstring, sizeof portstring, "%d", port); - - /* Build the final command string in the buffer by making the appropriate - substitutions to the given proxy command. */ - buffer_init(&command); - for (cp = proxy_command; *cp; cp++) - { - if (cp[0] == '%' && cp[1] == '%') - { - buffer_append(&command, "%", 1); - cp++; - continue; - } - if (cp[0] == '%' && cp[1] == 'h') - { - buffer_append(&command, host, strlen(host)); - cp++; - continue; - } - if (cp[0] == '%' && cp[1] == 'p') - { - buffer_append(&command, portstring, strlen(portstring)); - cp++; - continue; - } - buffer_append(&command, cp, 1); - } - buffer_append(&command, "\0", 1); - - /* Get the final command string. */ - command_string = buffer_ptr(&command); - - /* Create pipes for communicating with the proxy. */ - if (pipe(pin) < 0 || pipe(pout) < 0) - fatal("Could not create pipes to communicate with the proxy: %.100s", - strerror(errno)); - - debug("Executing proxy command: %.500s", command_string); - - /* Fork and execute the proxy command. */ - if ((pid = fork()) == 0) - { - char *argv[10]; - - /* Child. Permanently give up superuser privileges. */ - permanently_set_uid(original_real_uid); - - /* Redirect stdin and stdout. */ - close(pin[1]); - if (pin[0] != 0) - { - if (dup2(pin[0], 0) < 0) - perror("dup2 stdin"); - close(pin[0]); - } - close(pout[0]); - if (dup2(pout[1], 1) < 0) - perror("dup2 stdout"); - close(pout[1]); /* Cannot be 1 because pin allocated two descriptors. */ - - /* Stderr is left as it is so that error messages get printed on - the user's terminal. */ - argv[0] = "/bin/sh"; - argv[1] = "-c"; - argv[2] = command_string; - argv[3] = NULL; - - /* Execute the proxy command. Note that we gave up any extra - privileges above. */ - execv("/bin/sh", argv); - perror("/bin/sh"); - exit(1); - } - /* Parent. */ - if (pid < 0) - fatal("fork failed: %.100s", strerror(errno)); - - /* Close child side of the descriptors. */ - close(pin[0]); - close(pout[1]); - - /* Free the command name. */ - buffer_free(&command); - - /* Set the connection file descriptors. */ - packet_set_connection(pout[0], pin[1]); + Buffer command; + const char *cp; + char *command_string; + int pin[2], pout[2]; + int pid; + char portstring[100]; + + /* Convert the port number into a string. */ + snprintf(portstring, sizeof portstring, "%hu", port); + + /* Build the final command string in the buffer by making the + appropriate substitutions to the given proxy command. */ + buffer_init(&command); + for (cp = proxy_command; *cp; cp++) { + if (cp[0] == '%' && cp[1] == '%') { + buffer_append(&command, "%", 1); + cp++; + continue; + } + if (cp[0] == '%' && cp[1] == 'h') { + buffer_append(&command, host, strlen(host)); + cp++; + continue; + } + if (cp[0] == '%' && cp[1] == 'p') { + buffer_append(&command, portstring, strlen(portstring)); + cp++; + continue; + } + buffer_append(&command, cp, 1); + } + buffer_append(&command, "\0", 1); - return 1; -} + /* Get the final command string. */ + command_string = buffer_ptr(&command); -/* Creates a (possibly privileged) socket for use as the ssh connection. */ + /* Create pipes for communicating with the proxy. */ + if (pipe(pin) < 0 || pipe(pout) < 0) + fatal("Could not create pipes to communicate with the proxy: %.100s", + strerror(errno)); + + debug("Executing proxy command: %.500s", command_string); + + /* Fork and execute the proxy command. */ + if ((pid = fork()) == 0) { + char *argv[10]; + + /* Child. Permanently give up superuser privileges. */ + permanently_set_uid(original_real_uid); + + /* Redirect stdin and stdout. */ + close(pin[1]); + if (pin[0] != 0) { + if (dup2(pin[0], 0) < 0) + perror("dup2 stdin"); + close(pin[0]); + } + close(pout[0]); + if (dup2(pout[1], 1) < 0) + perror("dup2 stdout"); + /* Cannot be 1 because pin allocated two descriptors. */ + close(pout[1]); + + /* Stderr is left as it is so that error messages get + printed on the user's terminal. */ + argv[0] = "/bin/sh"; + argv[1] = "-c"; + argv[2] = command_string; + argv[3] = NULL; + + /* Execute the proxy command. Note that we gave up any + extra privileges above. */ + execv("/bin/sh", argv); + perror("/bin/sh"); + exit(1); + } + /* Parent. */ + if (pid < 0) + fatal("fork failed: %.100s", strerror(errno)); + + /* Close child side of the descriptors. */ + close(pin[0]); + close(pout[1]); + + /* Free the command name. */ + buffer_free(&command); + + /* Set the connection file descriptors. */ + packet_set_connection(pout[0], pin[1]); + + return 1; +} -int ssh_create_socket(uid_t original_real_uid, int privileged) +/* + * Creates a (possibly privileged) socket for use as the ssh connection. + */ +int +ssh_create_socket(uid_t original_real_uid, int privileged) { - int sock; + int sock; - /* If we are running as root and want to connect to a privileged port, - bind our own socket to a privileged port. */ - if (privileged) - { - int p = IPPORT_RESERVED - 1; - - sock = rresvport(&p); - if (sock < 0) - fatal("rresvport: %.100s", strerror(errno)); - debug("Allocated local port %d.", p); - } - else - { - /* Just create an ordinary socket on arbitrary port. We use the - user's uid to create the socket. */ - temporarily_use_uid(original_real_uid); - sock = socket(AF_INET, SOCK_STREAM, 0); - if (sock < 0) - fatal("socket: %.100s", strerror(errno)); - restore_uid(); - } - return sock; + /* + * If we are running as root and want to connect to a privileged + * port, bind our own socket to a privileged port. + */ + if (privileged) { + int p = IPPORT_RESERVED - 1; + + sock = rresvport(&p); + if (sock < 0) + fatal("rresvport: %.100s", strerror(errno)); + debug("Allocated local port %d.", p); + } else { + /* Just create an ordinary socket on arbitrary port. We + use the user's uid to create the socket. */ + temporarily_use_uid(original_real_uid); + sock = socket(AF_INET, SOCK_STREAM, 0); + if (sock < 0) + fatal("socket: %.100s", strerror(errno)); + restore_uid(); + } + return sock; } -/* Opens a TCP/IP connection to the remote server on the given host. If - port is 0, the default port will be used. If anonymous is zero, - a privileged port will be allocated to make the connection. - This requires super-user privileges if anonymous is false. - Connection_attempts specifies the maximum number of tries (one per - second). If proxy_command is non-NULL, it specifies the command (with %h - and %p substituted for host and port, respectively) to use to contact - the daemon. */ - -int ssh_connect(const char *host, struct sockaddr_in *hostaddr, - int port, int connection_attempts, - int anonymous, uid_t original_real_uid, - const char *proxy_command) +/* + * Opens a TCP/IP connection to the remote server on the given host. If + * port is 0, the default port will be used. If anonymous is zero, + * a privileged port will be allocated to make the connection. + * This requires super-user privileges if anonymous is false. + * Connection_attempts specifies the maximum number of tries (one per + * second). If proxy_command is non-NULL, it specifies the command (with %h + * and %p substituted for host and port, respectively) to use to contact + * the daemon. + */ +int +ssh_connect(const char *host, struct sockaddr_in * hostaddr, + u_short port, int connection_attempts, + int anonymous, uid_t original_real_uid, + const char *proxy_command) { - int sock = -1, attempt, i; - int on = 1; - struct servent *sp; - struct hostent *hp; - struct linger linger; - - debug("ssh_connect: getuid %d geteuid %d anon %d", - (int)getuid(), (int)geteuid(), anonymous); - - /* Get default port if port has not been set. */ - if (port == 0) - { - sp = getservbyname(SSH_SERVICE_NAME, "tcp"); - if (sp) - port = ntohs(sp->s_port); - else - port = SSH_DEFAULT_PORT; - } - - /* If a proxy command is given, connect using it. */ - if (proxy_command != NULL) - return ssh_proxy_connect(host, port, original_real_uid, proxy_command); - - /* No proxy command. */ - - /* No host lookup made yet. */ - hp = NULL; - - /* Try to connect several times. On some machines, the first time will - sometimes fail. In general socket code appears to behave quite - magically on many machines. */ - for (attempt = 0; attempt < connection_attempts; attempt++) - { - if (attempt > 0) - debug("Trying again..."); - - /* Try to parse the host name as a numeric inet address. */ - memset(hostaddr, 0, sizeof(hostaddr)); - hostaddr->sin_family = AF_INET; - hostaddr->sin_port = htons(port); - hostaddr->sin_addr.s_addr = inet_addr(host); - if ((hostaddr->sin_addr.s_addr & 0xffffffff) != 0xffffffff) - { - /* Valid numeric IP address */ - debug("Connecting to %.100s port %d.", - inet_ntoa(hostaddr->sin_addr), port); - - /* Create a socket. */ - sock = ssh_create_socket(original_real_uid, - !anonymous && geteuid() == 0 && - port < IPPORT_RESERVED); - - /* Connect to the host. We use the user's uid in the hope that - it will help with the problems of tcp_wrappers showing the - remote uid as root. */ - temporarily_use_uid(original_real_uid); - if (connect(sock, (struct sockaddr *)hostaddr, sizeof(*hostaddr)) - >= 0) - { - /* Successful connect. */ - restore_uid(); - break; - } - debug("connect: %.100s", strerror(errno)); - restore_uid(); - - /* Destroy the failed socket. */ - shutdown(sock, SHUT_RDWR); - close(sock); - } - else - { - /* Not a valid numeric inet address. */ - /* Map host name to an address. */ - if (!hp) - hp = gethostbyname(host); - if (!hp) - fatal("Bad host name: %.100s", host); - if (!hp->h_addr_list[0]) - fatal("Host does not have an IP address: %.100s", host); - - /* Loop through addresses for this host, and try each one in - sequence until the connection succeeds. */ - for (i = 0; hp->h_addr_list[i]; i++) - { - /* Set the address to connect to. */ - hostaddr->sin_family = hp->h_addrtype; - memcpy(&hostaddr->sin_addr, hp->h_addr_list[i], - sizeof(hostaddr->sin_addr)); - - debug("Connecting to %.200s [%.100s] port %d.", - host, inet_ntoa(hostaddr->sin_addr), port); - - /* Create a socket for connecting. */ - sock = ssh_create_socket(original_real_uid, - !anonymous && geteuid() == 0 && - port < IPPORT_RESERVED); - - /* Connect to the host. We use the user's uid in the hope that - it will help with tcp_wrappers showing the remote uid as - root. */ - temporarily_use_uid(original_real_uid); - if (connect(sock, (struct sockaddr *)hostaddr, - sizeof(*hostaddr)) >= 0) - { - /* Successful connection. */ - restore_uid(); - break; - } - debug("connect: %.100s", strerror(errno)); - restore_uid(); - - /* Close the failed socket; there appear to be some problems - when reusing a socket for which connect() has already - returned an error. */ - shutdown(sock, SHUT_RDWR); - close(sock); - } - if (hp->h_addr_list[i]) - break; /* Successful connection. */ - } - - /* Sleep a moment before retrying. */ - sleep(1); - } - /* Return failure if we didn't get a successful connection. */ - if (attempt >= connection_attempts) - return 0; - - debug("Connection established."); - - /* Set socket options. We would like the socket to disappear as soon as - it has been closed for whatever reason. */ - /* setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */ - setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (void *)&on, sizeof(on)); - linger.l_onoff = 1; - linger.l_linger = 5; - setsockopt(sock, SOL_SOCKET, SO_LINGER, (void *)&linger, sizeof(linger)); + int sock = -1, attempt, i; + int on = 1; + struct servent *sp; + struct hostent *hp; + struct linger linger; + + debug("ssh_connect: getuid %d geteuid %d anon %d", + (int) getuid(), (int) geteuid(), anonymous); + + /* Get default port if port has not been set. */ + if (port == 0) { + sp = getservbyname(SSH_SERVICE_NAME, "tcp"); + if (sp) + port = ntohs(sp->s_port); + else + port = SSH_DEFAULT_PORT; + } + /* If a proxy command is given, connect using it. */ + if (proxy_command != NULL) + return ssh_proxy_connect(host, port, original_real_uid, proxy_command); + + /* No proxy command. */ + + /* No host lookup made yet. */ + hp = NULL; + + /* Try to connect several times. On some machines, the first time + will sometimes fail. In general socket code appears to behave + quite magically on many machines. */ + for (attempt = 0; attempt < connection_attempts; attempt++) { + if (attempt > 0) + debug("Trying again..."); + + /* Try to parse the host name as a numeric inet address. */ + memset(hostaddr, 0, sizeof(hostaddr)); + hostaddr->sin_family = AF_INET; + hostaddr->sin_port = htons(port); + hostaddr->sin_addr.s_addr = inet_addr(host); + if ((hostaddr->sin_addr.s_addr & 0xffffffff) != 0xffffffff) { + /* Valid numeric IP address */ + debug("Connecting to %.100s port %d.", + inet_ntoa(hostaddr->sin_addr), port); + + /* Create a socket. */ + sock = ssh_create_socket(original_real_uid, + !anonymous && geteuid() == 0 && + port < IPPORT_RESERVED); + + /* + * Connect to the host. We use the user's uid in the + * hope that it will help with the problems of + * tcp_wrappers showing the remote uid as root. + */ + temporarily_use_uid(original_real_uid); + if (connect(sock, (struct sockaddr *) hostaddr, sizeof(*hostaddr)) + >= 0) { + /* Successful connect. */ + restore_uid(); + break; + } + debug("connect: %.100s", strerror(errno)); + restore_uid(); + + /* Destroy the failed socket. */ + shutdown(sock, SHUT_RDWR); + close(sock); + } else { + /* Not a valid numeric inet address. */ + /* Map host name to an address. */ + if (!hp) + hp = gethostbyname(host); + if (!hp) + fatal("Bad host name: %.100s", host); + if (!hp->h_addr_list[0]) + fatal("Host does not have an IP address: %.100s", host); + + /* Loop through addresses for this host, and try + each one in sequence until the connection + succeeds. */ + for (i = 0; hp->h_addr_list[i]; i++) { + /* Set the address to connect to. */ + hostaddr->sin_family = hp->h_addrtype; + memcpy(&hostaddr->sin_addr, hp->h_addr_list[i], + sizeof(hostaddr->sin_addr)); + + debug("Connecting to %.200s [%.100s] port %d.", + host, inet_ntoa(hostaddr->sin_addr), port); + + /* Create a socket for connecting. */ + sock = ssh_create_socket(original_real_uid, + !anonymous && geteuid() == 0 && + port < IPPORT_RESERVED); + + /* + * Connect to the host. We use the user's + * uid in the hope that it will help with + * tcp_wrappers showing the remote uid as + * root. + */ + temporarily_use_uid(original_real_uid); + if (connect(sock, (struct sockaddr *) hostaddr, + sizeof(*hostaddr)) >= 0) { + /* Successful connection. */ + restore_uid(); + break; + } + debug("connect: %.100s", strerror(errno)); + restore_uid(); + + /* + * Close the failed socket; there appear to + * be some problems when reusing a socket for + * which connect() has already returned an + * error. + */ + shutdown(sock, SHUT_RDWR); + close(sock); + } + if (hp->h_addr_list[i]) + break; /* Successful connection. */ + } - /* Set the connection. */ - packet_set_connection(sock, sock); + /* Sleep a moment before retrying. */ + sleep(1); + } + /* Return failure if we didn't get a successful connection. */ + if (attempt >= connection_attempts) + return 0; + + debug("Connection established."); + + /* + * Set socket options. We would like the socket to disappear as soon + * as it has been closed for whatever reason. + */ + /* setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */ + setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (void *) &on, sizeof(on)); + linger.l_onoff = 1; + linger.l_linger = 5; + setsockopt(sock, SOL_SOCKET, SO_LINGER, (void *) &linger, sizeof(linger)); - return 1; -} + /* Set the connection. */ + packet_set_connection(sock, sock); -/* Checks if the user has an authentication agent, and if so, tries to - authenticate using the agent. */ + return 1; +} +/* + * Checks if the user has an authentication agent, and if so, tries to + * authenticate using the agent. + */ int try_agent_authentication() { - int status, type, bits; - char *comment; - AuthenticationConnection *auth; - unsigned char response[16]; - unsigned int i; - BIGNUM *e, *n, *challenge; - - /* Get connection to the agent. */ - auth = ssh_get_authentication_connection(); - if (!auth) - return 0; - - e = BN_new(); - n = BN_new(); - challenge = BN_new(); - - /* Loop through identities served by the agent. */ - for (status = ssh_get_first_identity(auth, &bits, e, n, &comment); - status; - status = ssh_get_next_identity(auth, &bits, e, n, &comment)) - { - int plen, clen; - - /* Try this identity. */ - debug("Trying RSA authentication via agent with '%.100s'", comment); - xfree(comment); - - /* Tell the server that we are willing to authenticate using this key. */ - packet_start(SSH_CMSG_AUTH_RSA); - packet_put_bignum(n); - packet_send(); - packet_write_wait(); - - /* Wait for server's response. */ - type = packet_read(&plen); - - /* The server sends failure if it doesn\'t like our key or does not - support RSA authentication. */ - if (type == SSH_SMSG_FAILURE) - { - debug("Server refused our key."); - continue; - } - - /* Otherwise it should have sent a challenge. */ - if (type != SSH_SMSG_AUTH_RSA_CHALLENGE) - packet_disconnect("Protocol error during RSA authentication: %d", - type); - - packet_get_bignum(challenge, &clen); - - packet_integrity_check(plen, clen, type); - - debug("Received RSA challenge from server."); - - /* Ask the agent to decrypt the challenge. */ - if (!ssh_decrypt_challenge(auth, bits, e, n, challenge, - session_id, 1, response)) - { - /* The agent failed to authenticate this identifier although it - advertised it supports this. Just return a wrong value. */ - log("Authentication agent failed to decrypt challenge."); - memset(response, 0, sizeof(response)); - } - - debug("Sending response to RSA challenge."); - - /* Send the decrypted challenge back to the server. */ - packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); - for (i = 0; i < 16; i++) - packet_put_char(response[i]); - packet_send(); - packet_write_wait(); - - /* Wait for response from the server. */ - type = packet_read(&plen); - - /* The server returns success if it accepted the authentication. */ - if (type == SSH_SMSG_SUCCESS) - { - debug("RSA authentication accepted by server."); - BN_clear_free(e); - BN_clear_free(n); - BN_clear_free(challenge); - return 1; - } - - /* Otherwise it should return failure. */ - if (type != SSH_SMSG_FAILURE) - packet_disconnect("Protocol error waiting RSA auth response: %d", - type); - } - - BN_clear_free(e); - BN_clear_free(n); - BN_clear_free(challenge); + int status, type; + char *comment; + AuthenticationConnection *auth; + unsigned char response[16]; + unsigned int i; + BIGNUM *e, *n, *challenge; + + /* Get connection to the agent. */ + auth = ssh_get_authentication_connection(); + if (!auth) + return 0; + + e = BN_new(); + n = BN_new(); + challenge = BN_new(); + + /* Loop through identities served by the agent. */ + for (status = ssh_get_first_identity(auth, e, n, &comment); + status; + status = ssh_get_next_identity(auth, e, n, &comment)) { + int plen, clen; + + /* Try this identity. */ + debug("Trying RSA authentication via agent with '%.100s'", comment); + xfree(comment); + + /* Tell the server that we are willing to authenticate using this key. */ + packet_start(SSH_CMSG_AUTH_RSA); + packet_put_bignum(n); + packet_send(); + packet_write_wait(); + + /* Wait for server's response. */ + type = packet_read(&plen); + + /* The server sends failure if it doesn\'t like our key or + does not support RSA authentication. */ + if (type == SSH_SMSG_FAILURE) { + debug("Server refused our key."); + continue; + } + /* Otherwise it should have sent a challenge. */ + if (type != SSH_SMSG_AUTH_RSA_CHALLENGE) + packet_disconnect("Protocol error during RSA authentication: %d", + type); + + packet_get_bignum(challenge, &clen); + + packet_integrity_check(plen, clen, type); + + debug("Received RSA challenge from server."); + + /* Ask the agent to decrypt the challenge. */ + if (!ssh_decrypt_challenge(auth, e, n, challenge, + session_id, 1, response)) { + /* The agent failed to authenticate this identifier although it + advertised it supports this. Just return a wrong value. */ + log("Authentication agent failed to decrypt challenge."); + memset(response, 0, sizeof(response)); + } + debug("Sending response to RSA challenge."); - debug("RSA authentication using agent refused."); - return 0; -} + /* Send the decrypted challenge back to the server. */ + packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); + for (i = 0; i < 16; i++) + packet_put_char(response[i]); + packet_send(); + packet_write_wait(); + + /* Wait for response from the server. */ + type = packet_read(&plen); + + /* The server returns success if it accepted the authentication. */ + if (type == SSH_SMSG_SUCCESS) { + debug("RSA authentication accepted by server."); + BN_clear_free(e); + BN_clear_free(n); + BN_clear_free(challenge); + return 1; + } + /* Otherwise it should return failure. */ + if (type != SSH_SMSG_FAILURE) + packet_disconnect("Protocol error waiting RSA auth response: %d", + type); + } + + BN_clear_free(e); + BN_clear_free(n); + BN_clear_free(challenge); -/* Computes the proper response to a RSA challenge, and sends the response to - the server. */ + debug("RSA authentication using agent refused."); + return 0; +} +/* + * Computes the proper response to a RSA challenge, and sends the response to + * the server. + */ void -respond_to_rsa_challenge(BIGNUM *challenge, RSA *prv) +respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) { - unsigned char buf[32], response[16]; - MD5_CTX md; - int i, len; - - /* Decrypt the challenge using the private key. */ - rsa_private_decrypt(challenge, challenge, prv); - - /* Compute the response. */ - /* The response is MD5 of decrypted challenge plus session id. */ - len = BN_num_bytes(challenge); - assert(len <= sizeof(buf) && len); - memset(buf, 0, sizeof(buf)); - BN_bn2bin(challenge, buf + sizeof(buf) - len); - MD5Init(&md); - MD5Update(&md, buf, 32); - MD5Update(&md, session_id, 16); - MD5Final(response, &md); - - debug("Sending response to host key RSA challenge."); - - /* Send the response back to the server. */ - packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); - for (i = 0; i < 16; i++) - packet_put_char(response[i]); - packet_send(); - packet_write_wait(); - - memset(buf, 0, sizeof(buf)); - memset(response, 0, sizeof(response)); - memset(&md, 0, sizeof(md)); -} + unsigned char buf[32], response[16]; + MD5_CTX md; + int i, len; + + /* Decrypt the challenge using the private key. */ + rsa_private_decrypt(challenge, challenge, prv); + + /* Compute the response. */ + /* The response is MD5 of decrypted challenge plus session id. */ + len = BN_num_bytes(challenge); + if (len <= 0 || len > sizeof(buf)) + packet_disconnect("respond_to_rsa_challenge: bad challenge length %d", + len); + + memset(buf, 0, sizeof(buf)); + BN_bn2bin(challenge, buf + sizeof(buf) - len); + MD5_Init(&md); + MD5_Update(&md, buf, 32); + MD5_Update(&md, session_id, 16); + MD5_Final(response, &md); + + debug("Sending response to host key RSA challenge."); + + /* Send the response back to the server. */ + packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); + for (i = 0; i < 16; i++) + packet_put_char(response[i]); + packet_send(); + packet_write_wait(); -/* Checks if the user has authentication file, and if so, tries to authenticate - the user using it. */ + memset(buf, 0, sizeof(buf)); + memset(response, 0, sizeof(response)); + memset(&md, 0, sizeof(md)); +} +/* + * Checks if the user has authentication file, and if so, tries to authenticate + * the user using it. + */ int -try_rsa_authentication(struct passwd *pw, const char *authfile, - int may_ask_passphrase) +try_rsa_authentication(const char *authfile) { - BIGNUM *challenge; - RSA *private_key; - RSA *public_key; - char *passphrase, *comment; - int type, i; - int plen, clen; - - /* Try to load identification for the authentication key. */ - public_key = RSA_new(); - if (!load_public_key(authfile, public_key, &comment)) { - RSA_free(public_key); - return 0; /* Could not load it. Fail. */ - } - - debug("Trying RSA authentication with key '%.100s'", comment); - - /* Tell the server that we are willing to authenticate using this key. */ - packet_start(SSH_CMSG_AUTH_RSA); - packet_put_bignum(public_key->n); - packet_send(); - packet_write_wait(); - - /* We no longer need the public key. */ - RSA_free(public_key); - - /* Wait for server's response. */ - type = packet_read(&plen); - - /* The server responds with failure if it doesn\'t like our key or doesn\'t - support RSA authentication. */ - if (type == SSH_SMSG_FAILURE) - { - debug("Server refused our key."); - xfree(comment); - return 0; /* Server refuses to authenticate with this key. */ - } - - /* Otherwise, the server should respond with a challenge. */ - if (type != SSH_SMSG_AUTH_RSA_CHALLENGE) - packet_disconnect("Protocol error during RSA authentication: %d", type); - - /* Get the challenge from the packet. */ - challenge = BN_new(); - packet_get_bignum(challenge, &clen); - - packet_integrity_check(plen, clen, type); - - debug("Received RSA challenge from server."); - - private_key = RSA_new(); - /* Load the private key. Try first with empty passphrase; if it fails, - ask for a passphrase. */ - if (!load_private_key(authfile, "", private_key, NULL)) - { - char buf[300]; - /* Request passphrase from the user. We read from /dev/tty to make - this work even if stdin has been redirected. If running in - batch mode, we just use the empty passphrase, which will fail and - return. */ - snprintf(buf, sizeof buf, - "Enter passphrase for RSA key '%.100s': ", comment); - if (may_ask_passphrase) - passphrase = read_passphrase(buf, 0); - else - { - debug("Will not query passphrase for %.100s in batch mode.", - comment); - passphrase = xstrdup(""); - } - - /* Load the authentication file using the pasphrase. */ - if (!load_private_key(authfile, passphrase, private_key, NULL)) - { - memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); - error("Bad passphrase."); - - /* Send a dummy response packet to avoid protocol error. */ - packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); - for (i = 0; i < 16; i++) - packet_put_char(0); - packet_send(); - packet_write_wait(); - - /* Expect the server to reject it... */ - packet_read_expect(&plen, SSH_SMSG_FAILURE); - xfree(comment); - return 0; - } - - /* Destroy the passphrase. */ - memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); - } - - /* We no longer need the comment. */ - xfree(comment); - - /* Compute and send a response to the challenge. */ - respond_to_rsa_challenge(challenge, private_key); - - /* Destroy the private key. */ - RSA_free(private_key); - - /* We no longer need the challenge. */ - BN_clear_free(challenge); - - /* Wait for response from the server. */ - type = packet_read(&plen); - if (type == SSH_SMSG_SUCCESS) - { - debug("RSA authentication accepted by server."); - return 1; - } - if (type != SSH_SMSG_FAILURE) - packet_disconnect("Protocol error waiting RSA auth response: %d", type); - debug("RSA authentication refused."); - return 0; -} + BIGNUM *challenge; + RSA *private_key; + RSA *public_key; + char *passphrase, *comment; + int type, i; + int plen, clen; + + /* Try to load identification for the authentication key. */ + public_key = RSA_new(); + if (!load_public_key(authfile, public_key, &comment)) { + RSA_free(public_key); + /* Could not load it. Fail. */ + return 0; + } + debug("Trying RSA authentication with key '%.100s'", comment); + + /* Tell the server that we are willing to authenticate using this key. */ + packet_start(SSH_CMSG_AUTH_RSA); + packet_put_bignum(public_key->n); + packet_send(); + packet_write_wait(); + + /* We no longer need the public key. */ + RSA_free(public_key); + + /* Wait for server's response. */ + type = packet_read(&plen); + + /* + * The server responds with failure if it doesn\'t like our key or + * doesn\'t support RSA authentication. + */ + if (type == SSH_SMSG_FAILURE) { + debug("Server refused our key."); + xfree(comment); + return 0; + } + /* Otherwise, the server should respond with a challenge. */ + if (type != SSH_SMSG_AUTH_RSA_CHALLENGE) + packet_disconnect("Protocol error during RSA authentication: %d", type); + + /* Get the challenge from the packet. */ + challenge = BN_new(); + packet_get_bignum(challenge, &clen); + + packet_integrity_check(plen, clen, type); + + debug("Received RSA challenge from server."); + + private_key = RSA_new(); + /* + * Load the private key. Try first with empty passphrase; if it + * fails, ask for a passphrase. + */ + if (!load_private_key(authfile, "", private_key, NULL)) { + char buf[300]; + snprintf(buf, sizeof buf, "Enter passphrase for RSA key '%.100s': ", + comment); + if (!options.batch_mode) + passphrase = read_passphrase(buf, 0); + else { + debug("Will not query passphrase for %.100s in batch mode.", + comment); + passphrase = xstrdup(""); + } + + /* Load the authentication file using the pasphrase. */ + if (!load_private_key(authfile, passphrase, private_key, NULL)) { + memset(passphrase, 0, strlen(passphrase)); + xfree(passphrase); + error("Bad passphrase."); + + /* Send a dummy response packet to avoid protocol error. */ + packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); + for (i = 0; i < 16; i++) + packet_put_char(0); + packet_send(); + packet_write_wait(); + + /* Expect the server to reject it... */ + packet_read_expect(&plen, SSH_SMSG_FAILURE); + xfree(comment); + return 0; + } + /* Destroy the passphrase. */ + memset(passphrase, 0, strlen(passphrase)); + xfree(passphrase); + } + /* We no longer need the comment. */ + xfree(comment); + + /* Compute and send a response to the challenge. */ + respond_to_rsa_challenge(challenge, private_key); + + /* Destroy the private key. */ + RSA_free(private_key); -/* Tries to authenticate the user using combined rhosts or /etc/hosts.equiv - authentication and RSA host authentication. */ + /* We no longer need the challenge. */ + BN_clear_free(challenge); + + /* Wait for response from the server. */ + type = packet_read(&plen); + if (type == SSH_SMSG_SUCCESS) { + debug("RSA authentication accepted by server."); + return 1; + } + if (type != SSH_SMSG_FAILURE) + packet_disconnect("Protocol error waiting RSA auth response: %d", type); + debug("RSA authentication refused."); + return 0; +} +/* + * Tries to authenticate the user using combined rhosts or /etc/hosts.equiv + * authentication and RSA host authentication. + */ int -try_rhosts_rsa_authentication(const char *local_user, RSA *host_key) +try_rhosts_rsa_authentication(const char *local_user, RSA * host_key) { - int type; - BIGNUM *challenge; - int plen, clen; - - debug("Trying rhosts or /etc/hosts.equiv with RSA host authentication."); - - /* Tell the server that we are willing to authenticate using this key. */ - packet_start(SSH_CMSG_AUTH_RHOSTS_RSA); - packet_put_string(local_user, strlen(local_user)); - packet_put_int(BN_num_bits(host_key->n)); - packet_put_bignum(host_key->e); - packet_put_bignum(host_key->n); - packet_send(); - packet_write_wait(); - - /* Wait for server's response. */ - type = packet_read(&plen); - - /* The server responds with failure if it doesn't admit our .rhosts - authentication or doesn't know our host key. */ - if (type == SSH_SMSG_FAILURE) - { - debug("Server refused our rhosts authentication or host key."); - return 0; /* Server refuses to authenticate us with this method. */ - } - - /* Otherwise, the server should respond with a challenge. */ - if (type != SSH_SMSG_AUTH_RSA_CHALLENGE) - packet_disconnect("Protocol error during RSA authentication: %d", type); - - /* Get the challenge from the packet. */ - challenge = BN_new(); - packet_get_bignum(challenge, &clen); - - packet_integrity_check(plen, clen, type); - - debug("Received RSA challenge for host key from server."); - - /* Compute a response to the challenge. */ - respond_to_rsa_challenge(challenge, host_key); - - /* We no longer need the challenge. */ - BN_clear_free(challenge); - - /* Wait for response from the server. */ - type = packet_read(&plen); - if (type == SSH_SMSG_SUCCESS) - { - debug("Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server."); - return 1; - } - if (type != SSH_SMSG_FAILURE) - packet_disconnect("Protocol error waiting RSA auth response: %d", type); - debug("Rhosts or /etc/hosts.equiv with RSA host authentication refused."); - return 0; + int type; + BIGNUM *challenge; + int plen, clen; + + debug("Trying rhosts or /etc/hosts.equiv with RSA host authentication."); + + /* Tell the server that we are willing to authenticate using this key. */ + packet_start(SSH_CMSG_AUTH_RHOSTS_RSA); + packet_put_string(local_user, strlen(local_user)); + packet_put_int(BN_num_bits(host_key->n)); + packet_put_bignum(host_key->e); + packet_put_bignum(host_key->n); + packet_send(); + packet_write_wait(); + + /* Wait for server's response. */ + type = packet_read(&plen); + + /* The server responds with failure if it doesn't admit our + .rhosts authentication or doesn't know our host key. */ + if (type == SSH_SMSG_FAILURE) { + debug("Server refused our rhosts authentication or host key."); + return 0; + } + /* Otherwise, the server should respond with a challenge. */ + if (type != SSH_SMSG_AUTH_RSA_CHALLENGE) + packet_disconnect("Protocol error during RSA authentication: %d", type); + + /* Get the challenge from the packet. */ + challenge = BN_new(); + packet_get_bignum(challenge, &clen); + + packet_integrity_check(plen, clen, type); + + debug("Received RSA challenge for host key from server."); + + /* Compute a response to the challenge. */ + respond_to_rsa_challenge(challenge, host_key); + + /* We no longer need the challenge. */ + BN_clear_free(challenge); + + /* Wait for response from the server. */ + type = packet_read(&plen); + if (type == SSH_SMSG_SUCCESS) { + debug("Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server."); + return 1; + } + if (type != SSH_SMSG_FAILURE) + packet_disconnect("Protocol error waiting RSA auth response: %d", type); + debug("Rhosts or /etc/hosts.equiv with RSA host authentication refused."); + return 0; } #ifdef KRB4 -int try_kerberos_authentication() +int +try_kerberos_authentication() { - KTEXT_ST auth; /* Kerberos data */ - char *reply; - char inst[INST_SZ]; - char *realm; - CREDENTIALS cred; - int r, type, plen; - Key_schedule schedule; - u_long checksum, cksum; - MSG_DAT msg_data; - struct sockaddr_in local, foreign; - struct stat st; - - /* Don't do anything if we don't have any tickets. */ - if (stat(tkt_string(), &st) < 0) return 0; - - strncpy(inst, (char *) krb_get_phost(get_canonical_hostname()), INST_SZ); - - realm = (char *)krb_realmofhost(get_canonical_hostname()); - if (!realm) { - debug("Kerberos V4: no realm for %s", get_canonical_hostname()); - return 0; - } - /* This can really be anything. */ - checksum = (u_long) getpid(); - - r = krb_mk_req(&auth, KRB4_SERVICE_NAME, inst, realm, checksum); - if (r != KSUCCESS) { - debug("Kerberos V4 krb_mk_req failed: %s", krb_err_txt[r]); - return 0; - } - /* Get session key to decrypt the server's reply with. */ - r = krb_get_cred(KRB4_SERVICE_NAME, inst, realm, &cred); - if (r != KSUCCESS) { - debug("get_cred failed: %s", krb_err_txt[r]); - return 0; - } - des_key_sched((des_cblock *)cred.session, schedule); - - /* Send authentication info to server. */ - packet_start(SSH_CMSG_AUTH_KERBEROS); - packet_put_string((char *)auth.dat, auth.length); - packet_send(); - packet_write_wait(); - - /* Zero the buffer. */ - (void) memset(auth.dat, 0, MAX_KTXT_LEN); - - r = sizeof(local); - memset(&local, 0, sizeof(local)); - if (getsockname(packet_get_connection_in(), - (struct sockaddr *) &local, &r) < 0) - debug("getsockname failed: %s", strerror(errno)); - - r = sizeof(foreign); - memset(&foreign, 0, sizeof(foreign)); - if (getpeername(packet_get_connection_in(), - (struct sockaddr *)&foreign, &r) < 0) - debug("getpeername failed: %s", strerror(errno)); - - /* Get server reply. */ - type = packet_read(&plen); - switch(type) { - - case SSH_SMSG_FAILURE: /* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */ - debug("Kerberos V4 authentication failed."); - return 0; - break; - - case SSH_SMSG_AUTH_KERBEROS_RESPONSE: /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */ - debug("Kerberos V4 authentication accepted."); - - /* Get server's response. */ - reply = packet_get_string((unsigned int *)&auth.length); - memcpy(auth.dat, reply, auth.length); - xfree(reply); - - packet_integrity_check(plen, 4 + auth.length, type); - - /* If his response isn't properly encrypted with the session key, - and the decrypted checksum fails to match, he's bogus. Bail out. */ - r = krb_rd_priv(auth.dat, auth.length, schedule, &cred.session, - &foreign, &local, &msg_data); - if (r != KSUCCESS) { - debug("Kerberos V4 krb_rd_priv failed: %s", krb_err_txt[r]); - packet_disconnect("Kerberos V4 challenge failed!"); - } - /* Fetch the (incremented) checksum that we supplied in the request. */ - (void)memcpy((char *)&cksum, (char *)msg_data.app_data, sizeof(cksum)); - cksum = ntohl(cksum); - - /* If it matches, we're golden. */ - if (cksum == checksum + 1) { - debug("Kerberos V4 challenge successful."); - return 1; - } - else - packet_disconnect("Kerberos V4 challenge failed!"); - break; - - default: - packet_disconnect("Protocol error on Kerberos V4 response: %d", type); - } - return 0; + KTEXT_ST auth; /* Kerberos data */ + char *reply; + char inst[INST_SZ]; + char *realm; + CREDENTIALS cred; + int r, type, plen; + Key_schedule schedule; + u_long checksum, cksum; + MSG_DAT msg_data; + struct sockaddr_in local, foreign; + struct stat st; + + /* Don't do anything if we don't have any tickets. */ + if (stat(tkt_string(), &st) < 0) + return 0; + + strncpy(inst, (char *) krb_get_phost(get_canonical_hostname()), INST_SZ); + + realm = (char *) krb_realmofhost(get_canonical_hostname()); + if (!realm) { + debug("Kerberos V4: no realm for %s", get_canonical_hostname()); + return 0; + } + /* This can really be anything. */ + checksum = (u_long) getpid(); + + r = krb_mk_req(&auth, KRB4_SERVICE_NAME, inst, realm, checksum); + if (r != KSUCCESS) { + debug("Kerberos V4 krb_mk_req failed: %s", krb_err_txt[r]); + return 0; + } + /* Get session key to decrypt the server's reply with. */ + r = krb_get_cred(KRB4_SERVICE_NAME, inst, realm, &cred); + if (r != KSUCCESS) { + debug("get_cred failed: %s", krb_err_txt[r]); + return 0; + } + des_key_sched((des_cblock *) cred.session, schedule); + + /* Send authentication info to server. */ + packet_start(SSH_CMSG_AUTH_KERBEROS); + packet_put_string((char *) auth.dat, auth.length); + packet_send(); + packet_write_wait(); + + /* Zero the buffer. */ + (void) memset(auth.dat, 0, MAX_KTXT_LEN); + + r = sizeof(local); + memset(&local, 0, sizeof(local)); + if (getsockname(packet_get_connection_in(), + (struct sockaddr *) & local, &r) < 0) + debug("getsockname failed: %s", strerror(errno)); + + r = sizeof(foreign); + memset(&foreign, 0, sizeof(foreign)); + if (getpeername(packet_get_connection_in(), + (struct sockaddr *) & foreign, &r) < 0) { + debug("getpeername failed: %s", strerror(errno)); + fatal_cleanup(); + } + /* Get server reply. */ + type = packet_read(&plen); + switch (type) { + case SSH_SMSG_FAILURE: + /* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */ + debug("Kerberos V4 authentication failed."); + return 0; + break; + + case SSH_SMSG_AUTH_KERBEROS_RESPONSE: + /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */ + debug("Kerberos V4 authentication accepted."); + + /* Get server's response. */ + reply = packet_get_string((unsigned int *) &auth.length); + memcpy(auth.dat, reply, auth.length); + xfree(reply); + + packet_integrity_check(plen, 4 + auth.length, type); + + /* + * If his response isn't properly encrypted with the session + * key, and the decrypted checksum fails to match, he's + * bogus. Bail out. + */ + r = krb_rd_priv(auth.dat, auth.length, schedule, &cred.session, + &foreign, &local, &msg_data); + if (r != KSUCCESS) { + debug("Kerberos V4 krb_rd_priv failed: %s", krb_err_txt[r]); + packet_disconnect("Kerberos V4 challenge failed!"); + } + /* Fetch the (incremented) checksum that we supplied in the request. */ + (void) memcpy((char *) &cksum, (char *) msg_data.app_data, sizeof(cksum)); + cksum = ntohl(cksum); + + /* If it matches, we're golden. */ + if (cksum == checksum + 1) { + debug("Kerberos V4 challenge successful."); + return 1; + } else + packet_disconnect("Kerberos V4 challenge failed!"); + break; + + default: + packet_disconnect("Protocol error on Kerberos V4 response: %d", type); + } + return 0; } + #endif /* KRB4 */ #ifdef AFS -int send_kerberos_tgt() +int +send_kerberos_tgt() { - CREDENTIALS *creds; - char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; - int r, type, plen; - unsigned char buffer[8192]; - struct stat st; - - /* Don't do anything if we don't have any tickets. */ - if (stat(tkt_string(), &st) < 0) return 0; - - creds = xmalloc(sizeof(*creds)); - - if ((r = krb_get_tf_fullname(TKT_FILE, pname, pinst, prealm)) != KSUCCESS) { - debug("Kerberos V4 tf_fullname failed: %s",krb_err_txt[r]); - return 0; - } - if ((r = krb_get_cred("krbtgt", prealm, prealm, creds)) != GC_OK) { - debug("Kerberos V4 get_cred failed: %s", krb_err_txt[r]); - return 0; - } - if (time(0) > krb_life_to_time(creds->issue_date, creds->lifetime)) { - debug("Kerberos V4 ticket expired: %s", TKT_FILE); - return 0; - } - - creds_to_radix(creds, buffer); - xfree(creds); - - packet_start(SSH_CMSG_HAVE_KERBEROS_TGT); - packet_put_string((char *)buffer, strlen(buffer)); - packet_send(); - packet_write_wait(); - - type = packet_read(&plen); - - if (type == SSH_SMSG_FAILURE) - debug("Kerberos TGT for realm %s rejected.", prealm); - else if (type != SSH_SMSG_SUCCESS) - packet_disconnect("Protocol error on Kerberos TGT response: %d", type); + CREDENTIALS *creds; + char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; + int r, type, plen; + unsigned char buffer[8192]; + struct stat st; + + /* Don't do anything if we don't have any tickets. */ + if (stat(tkt_string(), &st) < 0) + return 0; + + creds = xmalloc(sizeof(*creds)); + + if ((r = krb_get_tf_fullname(TKT_FILE, pname, pinst, prealm)) != KSUCCESS) { + debug("Kerberos V4 tf_fullname failed: %s", krb_err_txt[r]); + return 0; + } + if ((r = krb_get_cred("krbtgt", prealm, prealm, creds)) != GC_OK) { + debug("Kerberos V4 get_cred failed: %s", krb_err_txt[r]); + return 0; + } + if (time(0) > krb_life_to_time(creds->issue_date, creds->lifetime)) { + debug("Kerberos V4 ticket expired: %s", TKT_FILE); + return 0; + } + creds_to_radix(creds, buffer); + xfree(creds); + + packet_start(SSH_CMSG_HAVE_KERBEROS_TGT); + packet_put_string((char *) buffer, strlen(buffer)); + packet_send(); + packet_write_wait(); + + type = packet_read(&plen); + + if (type == SSH_SMSG_FAILURE) + debug("Kerberos TGT for realm %s rejected.", prealm); + else if (type != SSH_SMSG_SUCCESS) + packet_disconnect("Protocol error on Kerberos TGT response: %d", type); - return 1; + return 1; } -void send_afs_tokens(void) +void +send_afs_tokens(void) { - CREDENTIALS creds; - struct ViceIoctl parms; - struct ClearToken ct; - int i, type, len, plen; - char buf[2048], *p, *server_cell; - unsigned char buffer[8192]; - - /* Move over ktc_GetToken, here's something leaner. */ - for (i = 0; i < 100; i++) { /* just in case */ - parms.in = (char *)&i; - parms.in_size = sizeof(i); - parms.out = buf; - parms.out_size = sizeof(buf); - if (k_pioctl(0, VIOCGETTOK, &parms, 0) != 0) break; - p = buf; - - /* Get secret token. */ - memcpy(&creds.ticket_st.length, p, sizeof(unsigned int)); - if (creds.ticket_st.length > MAX_KTXT_LEN) break; - p += sizeof(unsigned int); - memcpy(creds.ticket_st.dat, p, creds.ticket_st.length); - p += creds.ticket_st.length; - - /* Get clear token. */ - memcpy(&len, p, sizeof(len)); - if (len != sizeof(struct ClearToken)) break; - p += sizeof(len); - memcpy(&ct, p, len); - p += len; - p += sizeof(len); /* primary flag */ - server_cell = p; - - /* Flesh out our credentials. */ - strlcpy(creds.service, "afs", sizeof creds.service); - creds.instance[0] = '\0'; - strlcpy(creds.realm, server_cell, REALM_SZ); - memcpy(creds.session, ct.HandShakeKey, DES_KEY_SZ); - creds.issue_date = ct.BeginTimestamp; - creds.lifetime = krb_time_to_life(creds.issue_date, ct.EndTimestamp); - creds.kvno = ct.AuthHandle; - snprintf(creds.pname, sizeof(creds.pname), "AFS ID %d", ct.ViceId); - creds.pinst[0] = '\0'; - - /* Encode token, ship it off. */ - if (!creds_to_radix(&creds, buffer)) break; - packet_start(SSH_CMSG_HAVE_AFS_TOKEN); - packet_put_string((char *)buffer, strlen(buffer)); - packet_send(); - packet_write_wait(); - - /* Roger, Roger. Clearance, Clarence. What's your vector, Victor? */ - type = packet_read(&plen); - - if (type == SSH_SMSG_FAILURE) - debug("AFS token for cell %s rejected.", server_cell); - else if (type != SSH_SMSG_SUCCESS) - packet_disconnect("Protocol error on AFS token response: %d", type); - } + CREDENTIALS creds; + struct ViceIoctl parms; + struct ClearToken ct; + int i, type, len, plen; + char buf[2048], *p, *server_cell; + unsigned char buffer[8192]; + + /* Move over ktc_GetToken, here's something leaner. */ + for (i = 0; i < 100; i++) { /* just in case */ + parms.in = (char *) &i; + parms.in_size = sizeof(i); + parms.out = buf; + parms.out_size = sizeof(buf); + if (k_pioctl(0, VIOCGETTOK, &parms, 0) != 0) + break; + p = buf; + + /* Get secret token. */ + memcpy(&creds.ticket_st.length, p, sizeof(unsigned int)); + if (creds.ticket_st.length > MAX_KTXT_LEN) + break; + p += sizeof(unsigned int); + memcpy(creds.ticket_st.dat, p, creds.ticket_st.length); + p += creds.ticket_st.length; + + /* Get clear token. */ + memcpy(&len, p, sizeof(len)); + if (len != sizeof(struct ClearToken)) + break; + p += sizeof(len); + memcpy(&ct, p, len); + p += len; + p += sizeof(len); /* primary flag */ + server_cell = p; + + /* Flesh out our credentials. */ + strlcpy(creds.service, "afs", sizeof creds.service); + creds.instance[0] = '\0'; + strlcpy(creds.realm, server_cell, REALM_SZ); + memcpy(creds.session, ct.HandShakeKey, DES_KEY_SZ); + creds.issue_date = ct.BeginTimestamp; + creds.lifetime = krb_time_to_life(creds.issue_date, ct.EndTimestamp); + creds.kvno = ct.AuthHandle; + snprintf(creds.pname, sizeof(creds.pname), "AFS ID %d", ct.ViceId); + creds.pinst[0] = '\0'; + + /* Encode token, ship it off. */ + if (!creds_to_radix(&creds, buffer)) + break; + packet_start(SSH_CMSG_HAVE_AFS_TOKEN); + packet_put_string((char *) buffer, strlen(buffer)); + packet_send(); + packet_write_wait(); + + /* Roger, Roger. Clearance, Clarence. What's your vector, + Victor? */ + type = packet_read(&plen); + + if (type == SSH_SMSG_FAILURE) + debug("AFS token for cell %s rejected.", server_cell); + else if (type != SSH_SMSG_SUCCESS) + packet_disconnect("Protocol error on AFS token response: %d", type); + } } + #endif /* AFS */ + +/* + * Tries to authenticate with any string-based challenge/response system. + * Note that the client code is not tied to s/key or TIS. + */ +int +try_skey_authentication() +{ + int type, i, payload_len; + char *challenge, *response; -/* Waits for the server identification string, and sends our own identification - string. */ + debug("Doing skey authentication."); -void ssh_exchange_identification() + /* request a challenge */ + packet_start(SSH_CMSG_AUTH_TIS); + packet_send(); + packet_write_wait(); + + type = packet_read(&payload_len); + if (type != SSH_SMSG_FAILURE && + type != SSH_SMSG_AUTH_TIS_CHALLENGE) { + packet_disconnect("Protocol error: got %d in response " + "to skey-auth", type); + } + if (type != SSH_SMSG_AUTH_TIS_CHALLENGE) { + debug("No challenge for skey authentication."); + return 0; + } + challenge = packet_get_string(&payload_len); + if (options.cipher == SSH_CIPHER_NONE) + log("WARNING: Encryption is disabled! " + "Reponse will be transmitted in clear text."); + fprintf(stderr, "%s\n", challenge); + fflush(stderr); + for (i = 0; i < options.number_of_password_prompts; i++) { + if (i != 0) + error("Permission denied, please try again."); + response = read_passphrase("Response: ", 0); + packet_start(SSH_CMSG_AUTH_TIS_RESPONSE); + packet_put_string(response, strlen(response)); + memset(response, 0, strlen(response)); + xfree(response); + packet_send(); + packet_write_wait(); + type = packet_read(&payload_len); + if (type == SSH_SMSG_SUCCESS) + return 1; + if (type != SSH_SMSG_FAILURE) + packet_disconnect("Protocol error: got %d in response " + "to skey-auth-reponse", type); + } + /* failure */ + return 0; +} + +/* + * Tries to authenticate with plain passwd authentication. + */ +int +try_password_authentication(char *prompt) { - char buf[256], remote_version[256]; /* must be same size! */ - int remote_major, remote_minor, i; - int connection_in = packet_get_connection_in(); - int connection_out = packet_get_connection_out(); - extern Options options; - - /* Read other side\'s version identification. */ - for (i = 0; i < sizeof(buf) - 1; i++) - { - if (read(connection_in, &buf[i], 1) != 1) - fatal("read: %.100s", strerror(errno)); - if (buf[i] == '\r') - { - buf[i] = '\n'; - buf[i + 1] = 0; - break; - } - if (buf[i] == '\n') - { - buf[i + 1] = 0; - break; - } - } - buf[sizeof(buf) - 1] = 0; - - /* Check that the versions match. In future this might accept several - versions and set appropriate flags to handle them. */ - if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor, - remote_version) != 3) - fatal("Bad remote protocol version identification: '%.100s'", buf); - debug("Remote protocol version %d.%d, remote software version %.100s", - remote_major, remote_minor, remote_version); - - /* Check if the remote protocol version is too old. */ - if (remote_major == 1 && remote_minor < 3) - fatal("Remote machine has too old SSH software version."); - - /* We speak 1.3, too. */ - if (remote_major == 1 && remote_minor == 3) { - enable_compat13(); - if (options.forward_agent && strcmp(remote_version, SSH_VERSION) != 0) { - log("Agent forwarding disabled, remote version '%s' is not compatible.", - SSH_VERSION); - options.forward_agent = 0; - } - } + int type, i, payload_len; + char *password; + + debug("Doing password authentication."); + if (options.cipher == SSH_CIPHER_NONE) + log("WARNING: Encryption is disabled! Password will be transmitted in clear text."); + for (i = 0; i < options.number_of_password_prompts; i++) { + if (i != 0) + error("Permission denied, please try again."); + password = read_passphrase(prompt, 0); + packet_start(SSH_CMSG_AUTH_PASSWORD); + packet_put_string(password, strlen(password)); + memset(password, 0, strlen(password)); + xfree(password); + packet_send(); + packet_write_wait(); + + type = packet_read(&payload_len); + if (type == SSH_SMSG_SUCCESS) + return 1; + if (type != SSH_SMSG_FAILURE) + packet_disconnect("Protocol error: got %d in response to passwd auth", type); + } + /* failure */ + return 0; +} + +/* + * Waits for the server identification string, and sends our own + * identification string. + */ +void +ssh_exchange_identification() +{ + char buf[256], remote_version[256]; /* must be same size! */ + int remote_major, remote_minor, i; + int connection_in = packet_get_connection_in(); + int connection_out = packet_get_connection_out(); + + /* Read other side\'s version identification. */ + for (i = 0; i < sizeof(buf) - 1; i++) { + if (read(connection_in, &buf[i], 1) != 1) + fatal("ssh_exchange_identification: read: %.100s", strerror(errno)); + if (buf[i] == '\r') { + buf[i] = '\n'; + buf[i + 1] = 0; + break; + } + if (buf[i] == '\n') { + buf[i + 1] = 0; + break; + } + } + buf[sizeof(buf) - 1] = 0; + + /* + * Check that the versions match. In future this might accept + * several versions and set appropriate flags to handle them. + */ + if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor, + remote_version) != 3) + fatal("Bad remote protocol version identification: '%.100s'", buf); + debug("Remote protocol version %d.%d, remote software version %.100s", + remote_major, remote_minor, remote_version); + + /* Check if the remote protocol version is too old. */ + if (remote_major == 1 && remote_minor < 3) + fatal("Remote machine has too old SSH software version."); + + /* We speak 1.3, too. */ + if (remote_major == 1 && remote_minor == 3) { + enable_compat13(); + if (options.forward_agent && strcmp(remote_version, SSH_VERSION) != 0) { + log("Agent forwarding disabled, remote version '%s' is not compatible.", + remote_version); + options.forward_agent = 0; + } + } #if 0 - /* Removed for now, to permit compatibility with latter versions. The server - will reject our version and disconnect if it doesn't support it. */ - if (remote_major != PROTOCOL_MAJOR) - fatal("Protocol major versions differ: %d vs. %d", - PROTOCOL_MAJOR, remote_major); + /* + * Removed for now, to permit compatibility with latter versions. The + * server will reject our version and disconnect if it doesn't + * support it. + */ + if (remote_major != PROTOCOL_MAJOR) + fatal("Protocol major versions differ: %d vs. %d", + PROTOCOL_MAJOR, remote_major); #endif - /* Send our own protocol version identification. */ - snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", - PROTOCOL_MAJOR, PROTOCOL_MINOR, SSH_VERSION); - if (write(connection_out, buf, strlen(buf)) != strlen(buf)) - fatal("write: %.100s", strerror(errno)); + /* Send our own protocol version identification. */ + snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", + PROTOCOL_MAJOR, PROTOCOL_MINOR, SSH_VERSION); + if (atomicio(write, connection_out, buf, strlen(buf)) != strlen(buf)) + fatal("write: %.100s", strerror(errno)); } int ssh_cipher_default = SSH_CIPHER_3DES; -int read_yes_or_no(const char *prompt, int defval) +int +read_yes_or_no(const char *prompt, int defval) { - char buf[1024]; - FILE *f; - int retval = -1; - - if (isatty(0)) - f = stdin; - else - f = fopen("/dev/tty", "rw"); - - if (f == NULL) - return 0; - - fflush(stdout); - - while (1) - { - fprintf(stderr, "%s", prompt); - if (fgets(buf, sizeof(buf), f) == NULL) - { - /* Print a newline (the prompt probably didn\'t have one). */ - fprintf(stderr, "\n"); - strlcpy(buf, "no", sizeof buf); - } - /* Remove newline from response. */ - if (strchr(buf, '\n')) - *strchr(buf, '\n') = 0; - - if (buf[0] == 0) - retval = defval; - if (strcmp(buf, "yes") == 0) - retval = 1; - if (strcmp(buf, "no") == 0) - retval = 0; - - if (retval != -1) - { - if (f != stdin) - fclose(f); - return retval; + char buf[1024]; + FILE *f; + int retval = -1; + + if (isatty(0)) + f = stdin; + else + f = fopen("/dev/tty", "rw"); + + if (f == NULL) + return 0; + + fflush(stdout); + + while (1) { + fprintf(stderr, "%s", prompt); + if (fgets(buf, sizeof(buf), f) == NULL) { + /* Print a newline (the prompt probably didn\'t have one). */ + fprintf(stderr, "\n"); + strlcpy(buf, "no", sizeof buf); + } + /* Remove newline from response. */ + if (strchr(buf, '\n')) + *strchr(buf, '\n') = 0; + + if (buf[0] == 0) + retval = defval; + if (strcmp(buf, "yes") == 0) + retval = 1; + if (strcmp(buf, "no") == 0) + retval = 0; + + if (retval != -1) { + if (f != stdin) + fclose(f); + return retval; + } } - } } -/* Starts a dialog with the server, and authenticates the current user on the - server. This does not need any extra privileges. The basic connection - to the server must already have been established before this is called. - User is the remote user; if it is NULL, the current local user name will - be used. Anonymous indicates that no rhosts authentication will be used. - If login fails, this function prints an error and never returns. - This function does not require super-user privileges. */ - -void ssh_login(int host_key_valid, - RSA *own_host_key, - const char *orighost, - struct sockaddr_in *hostaddr, - Options *options, uid_t original_real_uid) +/* + * Starts a dialog with the server, and authenticates the current user on the + * server. This does not need any extra privileges. The basic connection + * to the server must already have been established before this is called. + * User is the remote user; if it is NULL, the current local user name will + * be used. Anonymous indicates that no rhosts authentication will be used. + * If login fails, this function prints an error and never returns. + * This function does not require super-user privileges. + */ +void +ssh_login(int host_key_valid, + RSA *own_host_key, + const char *orighost, + struct sockaddr_in *hostaddr, + uid_t original_real_uid) { - int i, type; - char *password; - struct passwd *pw; - BIGNUM *key; - RSA *host_key, *file_key; - RSA *public_key; - unsigned char session_key[SSH_SESSION_KEY_LENGTH]; - const char *server_user, *local_user; - char *cp, *host, *ip = NULL; - unsigned char check_bytes[8]; - unsigned int supported_ciphers, supported_authentications, protocol_flags; - HostStatus host_status; - HostStatus ip_status; - int host_ip_differ = 0; - int local = (ntohl(hostaddr->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; - int payload_len, clen, sum_len = 0; - u_int32_t rand = 0; - - if (options->check_host_ip) - ip = xstrdup(inet_ntoa(hostaddr->sin_addr)); - - /* Convert the user-supplied hostname into all lowercase. */ - host = xstrdup(orighost); - for (cp = host; *cp; cp++) - if (isupper(*cp)) - *cp = tolower(*cp); - - /* Exchange protocol version identification strings with the server. */ - ssh_exchange_identification(); - - /* Put the connection into non-blocking mode. */ - packet_set_nonblocking(); - - /* Get local user name. Use it as server user if no user name - was given. */ - pw = getpwuid(original_real_uid); - if (!pw) - fatal("User id %d not found from user database.", original_real_uid); - local_user = xstrdup(pw->pw_name); - server_user = options->user ? options->user : local_user; - - debug("Waiting for server public key."); - - /* Wait for a public key packet from the server. */ - packet_read_expect(&payload_len, SSH_SMSG_PUBLIC_KEY); - - /* Get check bytes from the packet. */ - for (i = 0; i < 8; i++) - check_bytes[i] = packet_get_char(); - - /* Get the public key. */ - public_key = RSA_new(); - packet_get_int(); /* bits */ - public_key->e = BN_new(); - packet_get_bignum(public_key->e, &clen); - sum_len += clen; - public_key->n = BN_new(); - packet_get_bignum(public_key->n, &clen); - sum_len += clen; - - /* Get the host key. */ - host_key = RSA_new(); - packet_get_int(); /* bits */ - host_key->e = BN_new(); - packet_get_bignum(host_key->e, &clen); - sum_len += clen; - host_key->n = BN_new(); - packet_get_bignum(host_key->n, &clen); - sum_len += clen; - - /* Store the host key from the known host file in here - * so that we can compare it with the key for the IP - * address. */ - file_key = RSA_new(); - file_key->n = BN_new(); - file_key->e = BN_new(); - - /* Get protocol flags. */ - protocol_flags = packet_get_int(); - packet_set_protocol_flags(protocol_flags); - - /* Get supported cipher types. */ - supported_ciphers = packet_get_int(); - - /* Get supported authentication types. */ - supported_authentications = packet_get_int(); - - debug("Received server public key (%d bits) and host key (%d bits).", - BN_num_bits(public_key->n), BN_num_bits(host_key->n)); - - packet_integrity_check(payload_len, - 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4, - SSH_SMSG_PUBLIC_KEY); - - /* Compute the session id. */ - compute_session_id(session_id, check_bytes, - BN_num_bits(host_key->n), host_key->n, - BN_num_bits(public_key->n), public_key->n); - - /* Check if the host key is present in the user\'s list of known hosts - or in the systemwide list. */ - host_status = check_host_in_hostfile(options->user_hostfile, - host, BN_num_bits(host_key->n), - host_key->e, host_key->n, - file_key->e, file_key->n); - if (host_status == HOST_NEW) - host_status = check_host_in_hostfile(options->system_hostfile, host, - BN_num_bits(host_key->n), - host_key->e, host_key->n, - file_key->e, file_key->n); - /* Force accepting of the host key for localhost and 127.0.0.1. - The problem is that if the home directory is NFS-mounted to multiple - machines, localhost will refer to a different machine in each of them, - and the user will get bogus HOST_CHANGED warnings. This essentially - disables host authentication for localhost; however, this is probably - not a real problem. */ - if (local) { - debug("Forcing accepting of host key for localhost."); - host_status = HOST_OK; - } - - /* Also perform check for the ip address, skip the check if we are - localhost or the hostname was an ip address to begin with */ - if (options->check_host_ip && !local && strcmp(host, ip)) { - RSA *ip_key = RSA_new(); - ip_key->n = BN_new(); - ip_key->e = BN_new(); - ip_status = check_host_in_hostfile(options->user_hostfile, ip, - BN_num_bits(host_key->n), - host_key->e, host_key->n, - ip_key->e, ip_key->n); - - if (ip_status == HOST_NEW) - ip_status = check_host_in_hostfile(options->system_hostfile, ip, - BN_num_bits(host_key->n), - host_key->e, host_key->n, - ip_key->e, ip_key->n); - if (host_status == HOST_CHANGED && - (ip_status != HOST_CHANGED || - (BN_cmp(ip_key->e, file_key->e) || BN_cmp(ip_key->n, file_key->n)))) - host_ip_differ = 1; - - RSA_free(ip_key); - } else - ip_status = host_status; - - RSA_free(file_key); - - switch (host_status) { - case HOST_OK: - /* The host is known and the key matches. */ - debug("Host '%.200s' is known and matches the host key.", host); - if (options->check_host_ip) { - if (ip_status == HOST_NEW) { - if (!add_host_to_hostfile(options->user_hostfile, ip, - BN_num_bits(host_key->n), - host_key->e, host_key->n)) - log("Failed to add the host ip to the list of known hosts (%.30s).", - options->user_hostfile); - else - log("Warning: Permanently added host ip '%.30s' to the list of known hosts.", ip); - } else if (ip_status != HOST_OK) - log("Warning: the host key differ from the key of the ip address '%.30s' differs", ip); - } - - break; - case HOST_NEW: - { - char hostline[1000], *hostp = hostline; - /* The host is new. */ - if (options->strict_host_key_checking == 1) { - /* User has requested strict host key checking. We will not - add the host key automatically. The only alternative left - is to abort. */ - fatal("No host key is known for %.200s and you have requested strict checking.", host); - } else if (options->strict_host_key_checking == 2) { /* The default */ - char prompt[1024]; - snprintf(prompt, sizeof(prompt), - "The authenticity of host '%.200s' can't be established.\n" - "Are you sure you want to continue connecting (yes/no)? ", - host); - if (!read_yes_or_no(prompt, -1)) - fatal("Aborted by user!\n"); - } - - if (options->check_host_ip && ip_status == HOST_NEW && strcmp(host, ip)) - snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); - else - hostp = host; - - /* If not in strict mode, add the key automatically to the local - known_hosts file. */ - if (!add_host_to_hostfile(options->user_hostfile, hostp, - BN_num_bits(host_key->n), - host_key->e, host_key->n)) - log("Failed to add the host to the list of known hosts (%.500s).", - options->user_hostfile); - else - log("Warning: Permanently added '%.200s' to the list of known hosts.", - hostp); - break; - } - case HOST_CHANGED: - if (options->check_host_ip) { - if (host_ip_differ) { - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @"); - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("The host key for %s has changed,", host); - error("but the key for the according IP address %s has", ip); - error("a different status. This could either mean that DNS"); - error("SPOOFING is happening or the IP address for the host"); - error("and its host key have changed at the same time"); - } - } - - /* The host key has changed. */ - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("@ WARNING: HOST IDENTIFICATION HAS CHANGED! @"); - error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!"); - error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); - error("It is also possible that the host key has just been changed."); - error("Please contact your system administrator."); - error("Add correct host key in %.100s to get rid of this message.", - options->user_hostfile); - - /* If strict host key checking is in use, the user will have to edit - the key manually and we can only abort. */ - if (options->strict_host_key_checking) - fatal("Host key for %.200s has changed and you have requested strict checking.", host); - - /* If strict host key checking has not been requested, allow the - connection but without password authentication or - agent forwarding. */ - if (options->password_authentication) { - error("Password authentication is disabled to avoid trojan horses."); - options->password_authentication = 0; - } - if (options->forward_agent) { - error("Agent forwarding is disabled to avoid trojan horses."); - options->forward_agent = 0; - } - /* XXX Should permit the user to change to use the new id. This could - be done by converting the host key to an identifying sentence, tell - that the host identifies itself by that sentence, and ask the user - if he/she whishes to accept the authentication. */ - break; - } - - if (options->check_host_ip) - xfree(ip); - - /* Generate a session key. */ - arc4random_stir(); - - /* Generate an encryption key for the session. The key is a 256 bit - random number, interpreted as a 32-byte key, with the least significant - 8 bits being the first byte of the key. */ - for (i = 0; i < 32; i++) { - if (i % 4 == 0) - rand = arc4random(); - session_key[i] = rand & 0xff; - rand >>= 8; - } - - /* According to the protocol spec, the first byte of the session key is - the highest byte of the integer. The session key is xored with the - first 16 bytes of the session id. */ - key = BN_new(); - BN_set_word(key, 0); - for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) - { - BN_lshift(key, key, 8); - if (i < 16) - BN_add_word(key, session_key[i] ^ session_id[i]); - else - BN_add_word(key, session_key[i]); - } - - /* Encrypt the integer using the public key and host key of the server - (key with smaller modulus first). */ - if (BN_cmp(public_key->n, host_key->n) < 0) - { - /* Public key has smaller modulus. */ - assert(BN_num_bits(host_key->n) >= - BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED); - - rsa_public_encrypt(key, key, public_key); - rsa_public_encrypt(key, key, host_key); - } - else - { - /* Host key has smaller modulus (or they are equal). */ - assert(BN_num_bits(public_key->n) >= - BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED); - - rsa_public_encrypt(key, key, host_key); - rsa_public_encrypt(key, key, public_key); - } - - if (options->cipher == SSH_CIPHER_NOT_SET) { - if (cipher_mask() & supported_ciphers & (1 << ssh_cipher_default)) - options->cipher = ssh_cipher_default; - else { - debug("Cipher %d not supported, using %.100s instead.", - cipher_name(ssh_cipher_default), - cipher_name(SSH_FALLBACK_CIPHER)); - options->cipher = SSH_FALLBACK_CIPHER; - } - } - - /* Check that the selected cipher is supported. */ - if (!(supported_ciphers & (1 << options->cipher))) - fatal("Selected cipher type %.100s not supported by server.", - cipher_name(options->cipher)); - - debug("Encryption type: %.100s", cipher_name(options->cipher)); - - /* Send the encrypted session key to the server. */ - packet_start(SSH_CMSG_SESSION_KEY); - packet_put_char(options->cipher); - - /* Send the check bytes back to the server. */ - for (i = 0; i < 8; i++) - packet_put_char(check_bytes[i]); - - /* Send the encrypted encryption key. */ - packet_put_bignum(key); - - /* Send protocol flags. */ - packet_put_int(SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN); - - /* Send the packet now. */ - packet_send(); - packet_write_wait(); - - /* Destroy the session key integer and the public keys since we no longer - need them. */ - BN_clear_free(key); - RSA_free(public_key); - RSA_free(host_key); - - debug("Sent encrypted session key."); - - /* Set the encryption key. */ - packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, - options->cipher, 1); - - /* We will no longer need the session key here. Destroy any extra copies. */ - memset(session_key, 0, sizeof(session_key)); - - /* Expect a success message from the server. Note that this message will - be received in encrypted form. */ - packet_read_expect(&payload_len, SSH_SMSG_SUCCESS); - - debug("Received encrypted confirmation."); - - /* Send the name of the user to log in as on the server. */ - packet_start(SSH_CMSG_USER); - packet_put_string(server_user, strlen(server_user)); - packet_send(); - packet_write_wait(); - - /* The server should respond with success if no authentication is needed - (the user has no password). Otherwise the server responds with - failure. */ - type = packet_read(&payload_len); - if (type == SSH_SMSG_SUCCESS) - return; /* Connection was accepted without authentication. */ - if (type != SSH_SMSG_FAILURE) - packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", - type); - -#ifdef AFS - /* Try Kerberos tgt passing if the server supports it. */ - if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && - options->kerberos_tgt_passing) - { - if (options->cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); - (void)send_kerberos_tgt(); - } - - /* Try AFS token passing if the server supports it. */ - if ((supported_authentications & (1 << SSH_PASS_AFS_TOKEN)) && - options->afs_token_passing && k_hasafs()) { - if (options->cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Token will be transmitted in the clear!"); - send_afs_tokens(); - } -#endif /* AFS */ - -#ifdef KRB4 - if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) && - options->kerberos_authentication) - { - debug("Trying Kerberos authentication."); - if (try_kerberos_authentication()) { - /* The server should respond with success or failure. */ - type = packet_read(&payload_len); - if (type == SSH_SMSG_SUCCESS) - return; /* Successful connection. */ - if (type != SSH_SMSG_FAILURE) - packet_disconnect("Protocol error: got %d in response to Kerberos auth", type); - } - } -#endif /* KRB4 */ - - /* Use rhosts authentication if running in privileged socket and we do not - wish to remain anonymous. */ - if ((supported_authentications & (1 << SSH_AUTH_RHOSTS)) && - options->rhosts_authentication) - { - debug("Trying rhosts authentication."); - packet_start(SSH_CMSG_AUTH_RHOSTS); - packet_put_string(local_user, strlen(local_user)); - packet_send(); - packet_write_wait(); - - /* The server should respond with success or failure. */ - type = packet_read(&payload_len); - if (type == SSH_SMSG_SUCCESS) - return; /* Successful connection. */ - if (type != SSH_SMSG_FAILURE) - packet_disconnect("Protocol error: got %d in response to rhosts auth", - type); - } - - /* Try .rhosts or /etc/hosts.equiv authentication with RSA host - authentication. */ - if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) && - options->rhosts_rsa_authentication && host_key_valid) - { - if (try_rhosts_rsa_authentication(local_user, own_host_key)) - return; /* Successful authentication. */ - } - - /* Try RSA authentication if the server supports it. */ - if ((supported_authentications & (1 << SSH_AUTH_RSA)) && - options->rsa_authentication) - { - /* Try RSA authentication using the authentication agent. The agent - is tried first because no passphrase is needed for it, whereas - identity files may require passphrases. */ - if (try_agent_authentication()) - return; /* Successful connection. */ - - /* Try RSA authentication for each identity. */ - for (i = 0; i < options->num_identity_files; i++) - if (try_rsa_authentication(pw, options->identity_files[i], - !options->batch_mode)) - return; /* Successful connection. */ - } - - /* Try password authentication if the server supports it. */ - if ((supported_authentications & (1 << SSH_AUTH_PASSWORD)) && - options->password_authentication && !options->batch_mode) - { - char prompt[80]; - snprintf(prompt, sizeof(prompt), "%.30s@%.30s's password: ", - server_user, host); - debug("Doing password authentication."); - if (options->cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Password will be transmitted in clear text."); - for (i = 0; i < options->number_of_password_prompts; i++) { - if (i != 0) - error("Permission denied, please try again."); - password = read_passphrase(prompt, 0); - packet_start(SSH_CMSG_AUTH_PASSWORD); - packet_put_string(password, strlen(password)); - memset(password, 0, strlen(password)); - xfree(password); + int i, type; + struct passwd *pw; + BIGNUM *key; + RSA *host_key, *file_key; + RSA *public_key; + int bits, rbits; + unsigned char session_key[SSH_SESSION_KEY_LENGTH]; + const char *server_user, *local_user; + char *cp, *host, *ip = NULL; + char hostline[1000], *hostp; + unsigned char check_bytes[8]; + unsigned int supported_ciphers, supported_authentications, protocol_flags; + HostStatus host_status; + HostStatus ip_status; + int host_ip_differ = 0; + int local = (ntohl(hostaddr->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; + int payload_len, clen, sum_len = 0; + u_int32_t rand = 0; + + /* + * Turn off check_host_ip for proxy connects, since + * we don't have the remote ip-address + */ + if (options.proxy_command != NULL && options.check_host_ip) + options.check_host_ip = 0; + + if (options.check_host_ip) + ip = xstrdup(inet_ntoa(hostaddr->sin_addr)); + + /* Convert the user-supplied hostname into all lowercase. */ + host = xstrdup(orighost); + for (cp = host; *cp; cp++) + if (isupper(*cp)) + *cp = tolower(*cp); + + /* Exchange protocol version identification strings with the server. */ + ssh_exchange_identification(); + + /* Put the connection into non-blocking mode. */ + packet_set_nonblocking(); + + /* Get local user name. Use it as server user if no user name was given. */ + pw = getpwuid(original_real_uid); + if (!pw) + fatal("User id %d not found from user database.", original_real_uid); + local_user = xstrdup(pw->pw_name); + server_user = options.user ? options.user : local_user; + + debug("Waiting for server public key."); + + /* Wait for a public key packet from the server. */ + packet_read_expect(&payload_len, SSH_SMSG_PUBLIC_KEY); + + /* Get check bytes from the packet. */ + for (i = 0; i < 8; i++) + check_bytes[i] = packet_get_char(); + + /* Get the public key. */ + public_key = RSA_new(); + bits = packet_get_int();/* bits */ + public_key->e = BN_new(); + packet_get_bignum(public_key->e, &clen); + sum_len += clen; + public_key->n = BN_new(); + packet_get_bignum(public_key->n, &clen); + sum_len += clen; + + rbits = BN_num_bits(public_key->n); + if (bits != rbits) { + log("Warning: Server lies about size of server public key: " + "actual size is %d bits vs. announced %d.", rbits, bits); + log("Warning: This may be due to an old implementation of ssh."); + } + /* Get the host key. */ + host_key = RSA_new(); + bits = packet_get_int();/* bits */ + host_key->e = BN_new(); + packet_get_bignum(host_key->e, &clen); + sum_len += clen; + host_key->n = BN_new(); + packet_get_bignum(host_key->n, &clen); + sum_len += clen; + + rbits = BN_num_bits(host_key->n); + if (bits != rbits) { + log("Warning: Server lies about size of server host key: " + "actual size is %d bits vs. announced %d.", rbits, bits); + log("Warning: This may be due to an old implementation of ssh."); + } + /* Store the host key from the known host file in here so that we + can compare it with the key for the IP address. */ + file_key = RSA_new(); + file_key->n = BN_new(); + file_key->e = BN_new(); + + /* Get protocol flags. */ + protocol_flags = packet_get_int(); + packet_set_protocol_flags(protocol_flags); + + supported_ciphers = packet_get_int(); + supported_authentications = packet_get_int(); + + debug("Received server public key (%d bits) and host key (%d bits).", + BN_num_bits(public_key->n), BN_num_bits(host_key->n)); + + packet_integrity_check(payload_len, + 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4, + SSH_SMSG_PUBLIC_KEY); + + compute_session_id(session_id, check_bytes, host_key->n, public_key->n); + + /* + * Check if the host key is present in the user\'s list of known + * hosts or in the systemwide list. + */ + host_status = check_host_in_hostfile(options.user_hostfile, host, + host_key->e, host_key->n, + file_key->e, file_key->n); + if (host_status == HOST_NEW) + host_status = check_host_in_hostfile(options.system_hostfile, host, + host_key->e, host_key->n, + file_key->e, file_key->n); + /* + * Force accepting of the host key for localhost and 127.0.0.1. The + * problem is that if the home directory is NFS-mounted to multiple + * machines, localhost will refer to a different machine in each of + * them, and the user will get bogus HOST_CHANGED warnings. This + * essentially disables host authentication for localhost; however, + * this is probably not a real problem. + */ + if (local) { + debug("Forcing accepting of host key for localhost."); + host_status = HOST_OK; + } + /* + * Also perform check for the ip address, skip the check if we are + * localhost or the hostname was an ip address to begin with + */ + if (options.check_host_ip && !local && strcmp(host, ip)) { + RSA *ip_key = RSA_new(); + ip_key->n = BN_new(); + ip_key->e = BN_new(); + ip_status = check_host_in_hostfile(options.user_hostfile, ip, + host_key->e, host_key->n, + ip_key->e, ip_key->n); + + if (ip_status == HOST_NEW) + ip_status = check_host_in_hostfile(options.system_hostfile, ip, + host_key->e, host_key->n, + ip_key->e, ip_key->n); + if (host_status == HOST_CHANGED && + (ip_status != HOST_CHANGED || + (BN_cmp(ip_key->e, file_key->e) || BN_cmp(ip_key->n, file_key->n)))) + host_ip_differ = 1; + + RSA_free(ip_key); + } else + ip_status = host_status; + + RSA_free(file_key); + + switch (host_status) { + case HOST_OK: + /* The host is known and the key matches. */ + debug("Host '%.200s' is known and matches the host key.", host); + if (options.check_host_ip) { + if (ip_status == HOST_NEW) { + if (!add_host_to_hostfile(options.user_hostfile, ip, + host_key->e, host_key->n)) + log("Failed to add the host key for IP address '%.30s' to the list of known hosts (%.30s).", + ip, options.user_hostfile); + else + log("Warning: Permanently added host key for IP address '%.30s' to the list of known hosts.", + ip); + } else if (ip_status != HOST_OK) + log("Warning: the host key for '%.200s' differs from the key for the IP address '%.30s'", + host, ip); + } + break; + case HOST_NEW: + /* The host is new. */ + if (options.strict_host_key_checking == 1) { + /* User has requested strict host key checking. We will not add the host key + automatically. The only alternative left is to abort. */ + fatal("No host key is known for %.200s and you have requested strict checking.", host); + } else if (options.strict_host_key_checking == 2) { + /* The default */ + char prompt[1024]; + char *fp = fingerprint(host_key->e, host_key->n); + snprintf(prompt, sizeof(prompt), + "The authenticity of host '%.200s' can't be established.\n" + "Key fingerprint is %d %s.\n" + "Are you sure you want to continue connecting (yes/no)? ", + host, BN_num_bits(host_key->n), fp); + if (!read_yes_or_no(prompt, -1)) + fatal("Aborted by user!\n"); + } + if (options.check_host_ip && ip_status == HOST_NEW && strcmp(host, ip)) { + snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); + hostp = hostline; + } else + hostp = host; + + /* If not in strict mode, add the key automatically to the local known_hosts file. */ + if (!add_host_to_hostfile(options.user_hostfile, hostp, + host_key->e, host_key->n)) + log("Failed to add the host to the list of known hosts (%.500s).", + options.user_hostfile); + else + log("Warning: Permanently added '%.200s' to the list of known hosts.", + hostp); + break; + case HOST_CHANGED: + if (options.check_host_ip && host_ip_differ) { + char *msg; + if (ip_status == HOST_NEW) + msg = "is unknown"; + else if (ip_status == HOST_OK) + msg = "is unchanged"; + else + msg = "has a different value"; + error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); + error("@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @"); + error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); + error("The host key for %s has changed,", host); + error("and the key for the according IP address %s", ip); + error("%s. This could either mean that", msg); + error("DNS SPOOFING is happening or the IP address for the host"); + error("and its host key have changed at the same time"); + } + /* The host key has changed. */ + error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); + error("@ WARNING: HOST IDENTIFICATION HAS CHANGED! @"); + error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); + error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!"); + error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); + error("It is also possible that the host key has just been changed."); + error("Please contact your system administrator."); + error("Add correct host key in %.100s to get rid of this message.", + options.user_hostfile); + + /* + * If strict host key checking is in use, the user will have + * to edit the key manually and we can only abort. + */ + if (options.strict_host_key_checking) + fatal("Host key for %.200s has changed and you have requested strict checking.", host); + + /* + * If strict host key checking has not been requested, allow + * the connection but without password authentication or + * agent forwarding. + */ + if (options.password_authentication) { + error("Password authentication is disabled to avoid trojan horses."); + options.password_authentication = 0; + } + if (options.forward_agent) { + error("Agent forwarding is disabled to avoid trojan horses."); + options.forward_agent = 0; + } + /* + * XXX Should permit the user to change to use the new id. + * This could be done by converting the host key to an + * identifying sentence, tell that the host identifies itself + * by that sentence, and ask the user if he/she whishes to + * accept the authentication. + */ + break; + } + + if (options.check_host_ip) + xfree(ip); + + /* Generate a session key. */ + arc4random_stir(); + + /* + * Generate an encryption key for the session. The key is a 256 bit + * random number, interpreted as a 32-byte key, with the least + * significant 8 bits being the first byte of the key. + */ + for (i = 0; i < 32; i++) { + if (i % 4 == 0) + rand = arc4random(); + session_key[i] = rand & 0xff; + rand >>= 8; + } + + /* + * According to the protocol spec, the first byte of the session key + * is the highest byte of the integer. The session key is xored with + * the first 16 bytes of the session id. + */ + key = BN_new(); + BN_set_word(key, 0); + for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) { + BN_lshift(key, key, 8); + if (i < 16) + BN_add_word(key, session_key[i] ^ session_id[i]); + else + BN_add_word(key, session_key[i]); + } + + /* + * Encrypt the integer using the public key and host key of the + * server (key with smaller modulus first). + */ + if (BN_cmp(public_key->n, host_key->n) < 0) { + /* Public key has smaller modulus. */ + if (BN_num_bits(host_key->n) < + BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED) { + fatal("respond_to_rsa_challenge: host_key %d < public_key %d + " + "SSH_KEY_BITS_RESERVED %d", + BN_num_bits(host_key->n), + BN_num_bits(public_key->n), + SSH_KEY_BITS_RESERVED); + } + rsa_public_encrypt(key, key, public_key); + rsa_public_encrypt(key, key, host_key); + } else { + /* Host key has smaller modulus (or they are equal). */ + if (BN_num_bits(public_key->n) < + BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED) { + fatal("respond_to_rsa_challenge: public_key %d < host_key %d + " + "SSH_KEY_BITS_RESERVED %d", + BN_num_bits(public_key->n), + BN_num_bits(host_key->n), + SSH_KEY_BITS_RESERVED); + } + rsa_public_encrypt(key, key, host_key); + rsa_public_encrypt(key, key, public_key); + } + + if (options.cipher == SSH_CIPHER_NOT_SET) { + if (cipher_mask() & supported_ciphers & (1 << ssh_cipher_default)) + options.cipher = ssh_cipher_default; + else { + debug("Cipher %s not supported, using %.100s instead.", + cipher_name(ssh_cipher_default), + cipher_name(SSH_FALLBACK_CIPHER)); + options.cipher = SSH_FALLBACK_CIPHER; + } + } + /* Check that the selected cipher is supported. */ + if (!(supported_ciphers & (1 << options.cipher))) + fatal("Selected cipher type %.100s not supported by server.", + cipher_name(options.cipher)); + + debug("Encryption type: %.100s", cipher_name(options.cipher)); + + /* Send the encrypted session key to the server. */ + packet_start(SSH_CMSG_SESSION_KEY); + packet_put_char(options.cipher); + + /* Send the check bytes back to the server. */ + for (i = 0; i < 8; i++) + packet_put_char(check_bytes[i]); + + /* Send the encrypted encryption key. */ + packet_put_bignum(key); + + /* Send protocol flags. */ + packet_put_int(SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN); + + /* Send the packet now. */ + packet_send(); + packet_write_wait(); + + /* Destroy the session key integer and the public keys since we no longer need them. */ + BN_clear_free(key); + RSA_free(public_key); + RSA_free(host_key); + + debug("Sent encrypted session key."); + + /* Set the encryption key. */ + packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, options.cipher); + + /* We will no longer need the session key here. Destroy any extra copies. */ + memset(session_key, 0, sizeof(session_key)); + + /* + * Expect a success message from the server. Note that this message + * will be received in encrypted form. + */ + packet_read_expect(&payload_len, SSH_SMSG_SUCCESS); + + debug("Received encrypted confirmation."); + + /* Send the name of the user to log in as on the server. */ + packet_start(SSH_CMSG_USER); + packet_put_string(server_user, strlen(server_user)); packet_send(); packet_write_wait(); - + + /* + * The server should respond with success if no authentication is + * needed (the user has no password). Otherwise the server responds + * with failure. + */ type = packet_read(&payload_len); + + /* check whether the connection was accepted without authentication. */ if (type == SSH_SMSG_SUCCESS) - return; /* Successful connection. */ + return; if (type != SSH_SMSG_FAILURE) - packet_disconnect("Protocol error: got %d in response to passwd auth", type); - } - } - - /* All authentication methods have failed. Exit with an error message. */ - fatal("Permission denied."); - /*NOTREACHED*/ + packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", + type); + +#ifdef AFS + /* Try Kerberos tgt passing if the server supports it. */ + if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && + options.kerberos_tgt_passing) { + if (options.cipher == SSH_CIPHER_NONE) + log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); + (void) send_kerberos_tgt(); + } + /* Try AFS token passing if the server supports it. */ + if ((supported_authentications & (1 << SSH_PASS_AFS_TOKEN)) && + options.afs_token_passing && k_hasafs()) { + if (options.cipher == SSH_CIPHER_NONE) + log("WARNING: Encryption is disabled! Token will be transmitted in the clear!"); + send_afs_tokens(); + } +#endif /* AFS */ + +#ifdef KRB4 + if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) && + options.kerberos_authentication) { + debug("Trying Kerberos authentication."); + if (try_kerberos_authentication()) { + /* The server should respond with success or failure. */ + type = packet_read(&payload_len); + if (type == SSH_SMSG_SUCCESS) + return; + if (type != SSH_SMSG_FAILURE) + packet_disconnect("Protocol error: got %d in response to Kerberos auth", type); + } + } +#endif /* KRB4 */ + + /* + * Use rhosts authentication if running in privileged socket and we + * do not wish to remain anonymous. + */ + if ((supported_authentications & (1 << SSH_AUTH_RHOSTS)) && + options.rhosts_authentication) { + debug("Trying rhosts authentication."); + packet_start(SSH_CMSG_AUTH_RHOSTS); + packet_put_string(local_user, strlen(local_user)); + packet_send(); + packet_write_wait(); + + /* The server should respond with success or failure. */ + type = packet_read(&payload_len); + if (type == SSH_SMSG_SUCCESS) + return; + if (type != SSH_SMSG_FAILURE) + packet_disconnect("Protocol error: got %d in response to rhosts auth", + type); + } + /* + * Try .rhosts or /etc/hosts.equiv authentication with RSA host + * authentication. + */ + if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) && + options.rhosts_rsa_authentication && host_key_valid) { + if (try_rhosts_rsa_authentication(local_user, own_host_key)) + return; + } + /* Try RSA authentication if the server supports it. */ + if ((supported_authentications & (1 << SSH_AUTH_RSA)) && + options.rsa_authentication) { + /* + * Try RSA authentication using the authentication agent. The + * agent is tried first because no passphrase is needed for + * it, whereas identity files may require passphrases. + */ + if (try_agent_authentication()) + return; + + /* Try RSA authentication for each identity. */ + for (i = 0; i < options.num_identity_files; i++) + if (try_rsa_authentication(options.identity_files[i])) + return; + } + /* Try skey authentication if the server supports it. */ + if ((supported_authentications & (1 << SSH_AUTH_TIS)) && + options.skey_authentication && !options.batch_mode) { + if (try_skey_authentication()) + return; + } + /* Try password authentication if the server supports it. */ + if ((supported_authentications & (1 << SSH_AUTH_PASSWORD)) && + options.password_authentication && !options.batch_mode) { + char prompt[80]; + + snprintf(prompt, sizeof(prompt), "%.30s@%.40s's password: ", + server_user, host); + if (try_password_authentication(prompt)) + return; + } + /* All authentication methods have failed. Exit with an error message. */ + fatal("Permission denied."); + /* NOTREACHED */ } Index: usr.bin/ssh/sshd.8 =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshd.8,v retrieving revision 1.20 retrieving revision 1.27 diff -u -r1.20 -r1.27 --- usr.bin/ssh/sshd.8 1999/10/17 23:09:16 1.20 +++ usr.bin/ssh/sshd.8 1999/11/22 21:02:39 1.27 @@ -9,7 +9,7 @@ .\" .\" Created: Sat Apr 22 21:55:14 1995 ylo .\" -.\" $Id: sshd.8,v 1.20 1999/10/17 23:09:16 dugsong Exp $ +.\" $Id: sshd.8,v 1.27 1999/11/22 21:02:39 markus Exp $ .\" .Dd September 25, 1999 .Dt SSHD 8 @@ -19,13 +19,14 @@ .Nd secure shell daemon .Sh SYNOPSIS .Nm sshd -.Op Fl diq +.Op Fl diqQ .Op Fl b Ar bits .Op Fl f Ar config_file .Op Fl g Ar login_grace_time .Op Fl h Ar host_key_file .Op Fl k Ar key_gen_time .Op Fl p Ar port +.Op Fl V Ar client_protocol_id .Sh DESCRIPTION .Nm (Secure Shell Daemon) is the daemon program for @@ -106,6 +107,10 @@ file. Command-line options override values specified in the configuration file. .Pp +.Nm +rereads its configuration file when it receives a hangup signal, +.Dv SIGHUP . +.Pp The options are as follows: .Bl -tag -width Ds .It Fl b Ar bits @@ -161,6 +166,13 @@ authentication, and termination of each connection is logged. .It Fl Q Do not print an error message if RSA support is missing. +.It Fl V Ar client_protocol_id +SSH2 compatibility mode. +When this options is specified +.Nm +assumes the client has sent the given version string +and skips the +Protocol Version Identification Exchange. .El .Sh CONFIGURATION FILE .Nm @@ -231,15 +243,6 @@ wildcards in the patterns. Only user names are valid, a numerical user id isn't recognized. By default login is allowed regardless of the user name. -.Pp -.It Cm FascistLogging -Specifies whether to use verbose logging. Verbose logging violates -the privacy of users and is not recommended. The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . .It Cm HostKey Specifies the file containing the private host key (default .Pa /etc/ssh_host_key ) . @@ -254,6 +257,15 @@ .Pa /etc/shosts.equiv are still used. The default is .Dq no . +.It Cm IgnoreUserKnownHosts +Specifies whether +.Nm +should ignore the user's +.Pa $HOME/.ssh/known_hosts +during +.Cm RhostsRSAAuthentication . +The default is +.Dq no . .It Cm KeepAlive Specifies whether the system should send keepalive messages to the other side. If they are sent, death of the connection or crash of one @@ -312,6 +324,14 @@ The server disconnects after this time if the user has not successfully logged in. If the value is 0, there is no time limit. The default is 600 (seconds). +.It Cm LogLevel +Gives the verbosity level that is used when logging messages from +.Nm sshd . +The possible values are: +QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG. +The default is INFO. +Logging with level DEBUG violates the privacy of users +and is not recommended. .It Cm PasswordAuthentication Specifies whether password authentication is allowed. The default is @@ -355,11 +375,6 @@ .Pa /etc/profile , or equivalent.) The default is .Dq yes . -.It Cm QuietMode -Specifies whether the system runs in quiet mode. In quiet mode, -nothing is logged in the system log, except fatal errors. The default -is -.Dq no . .It Cm RandomSeed Obsolete. Random number generation uses other techniques. .It Cm RhostsAuthentication @@ -402,7 +417,7 @@ Gives the facility code that is used when logging messages from .Nm sshd . The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, -LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is DAEMON. +LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH. .It Cm UseLogin Specifies whether .Xr login 1 @@ -622,14 +637,11 @@ it being world-readable if the user's home directory resides on an NFS volume). It is recommended that it not be accessible by others. The format of this file is described above. -.It Pa /etc/ssh_known_hosts -This file is consulted when using rhosts with RSA host +.It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts" +These files are consulted when using rhosts with RSA host authentication to check the public key of the host. The key must be -listed in this file to be accepted. -.It Pa $HOME/.ssh/known_hosts -The client uses this file -and -.Pa /etc/ssh_known_hosts +listed in one of these files to be accepted. +The client uses the same files to verify that the remote host is the one we intended to connect. These files should be writable only by root/the owner. .Pa /etc/ssh_known_hosts Index: usr.bin/ssh/sshd.8.in =================================================================== RCS file: sshd.8.in diff -N sshd.8.in --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsulyQY31367 Wed Dec 8 12:42:11 1999 @@ -0,0 +1,734 @@ +.\" -*- nroff -*- +.\" +.\" sshd.8.in +.\" +.\" Author: Tatu Ylonen +.\" +.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland +.\" All rights reserved +.\" +.\" Created: Sat Apr 22 21:55:14 1995 ylo +.\" +.\" $Id: sshd.8.in,v 1.2 1999/09/26 22:31:09 deraadt dead $ +.\" +.TH SSHD 8 "November 8, 1995" "SSH" "SSH" + +.SH NAME +sshd \- secure shell daemon + +.SH SYNOPSIS +.na +.B sshd +[\c +.BI \-b \ bits\fR\c +] +[\c +.B \-d \c +] +[\c +.BI \-f \ config_file\fR\c +] +[\c +.BI \-g \ login_grace_time\fR\c +] +[\c +.BI \-h \ host_key_file\fR\c +] +[\c +.B \-i \c +] +[\c +.BI \-k \ key_gen_time\fR\c +] +[\c +.BI \-p \ port\fR\c +] +[\c +.B \-q \c +] +.ad + + +.SH DESCRIPTION +.LP +.B Sshd +(Secure Shell Daemon) is the daemon program for +.BR ssh ". +Together these programs replace rlogin and rsh programs, and +provide secure encrypted communications between two untrusted hosts +over an insecure network. The programs are intended to be as easy to +install and use as possible. +.LP +.B Sshd +is the daemon that listens for connections from clients. It is +normally started at boot from +.I /etc/rc.local +or equivalent. It forks a new +daemon for each incoming connection. The forked daemons handle +key exchange, encryption, authentication, command execution, +and data exchange. +.LP +Sshd works as follows. Each host has a host-specific RSA key +(normally 1024 bits) used to identify the host. Additionally, when +the daemon starts, it generates a server RSA key (normally 768 bits). +This key is normally regenerated every hour if it has been used, and +is never stored on disk. +.LP +Whenever a client connects the daemon, the daemon sends its host +and server public keys to the client. The client compares the +host key against its own database to verify that it has not changed. +The client then generates a 256 bit random number. It encrypts this +random number using both the host key and the server key, and sends +the encrypted number to the server. Both sides then start to use this +random number as a session key which is used to encrypt all further +communications in the session. The rest of the session is encrypted +using a conventional cipher. Currently, +.BR \s-1Blowfish\s0 ", +.BR \s-1IDEA\s0 ", +.BR \s-1DES\s0 ", +.BR \s-1\&3DES\s0 ", +.B \s-13DES\s0 +is used by default. The client selects the encryption algorithm to use +from those offered by the server. +.LP +Next, the server and the client enter an authentication dialog. The +client tries to authenticate itself using \|\s+2.\s0rhosts +authentication, \|\s+2.\s0rhosts authentication combined with RSA host +authentication, RSA challenge-response authentication, or password +based authentication. +.LP +Rhosts authentication is normally disabled +because it is fundamentally insecure, but can be enabled in the server +configuration file if desired. System security is not improved unless +.BR rshd "(8), +.BR rlogind "(8), +.BR rexecd "(8), and +.B rexd "(8) +are disabled (thus completely disabling +.BR rlogin (1) +and +.BR rsh (1) +into that machine). +.LP +If the client successfully authenticates itself, a dialog for +preparing the session is entered. At this time the client may request +things like allocating a pseudo-tty, forwarding X11 connections, +forwarding TCP/IP connections, or forwarding the authentication agent +connection over the secure channel. +.LP +Finally, the client either requests a shell or execution of a command. +The sides then enter session mode. In this mode, either side may send +data at any time, and such data is forwarded to/from the shell or +command on the server side, and the user terminal in the client side. +.LP +When the user program terminates and all forwarded X11 and other +connections have been closed, the server sends command exit status to +the client, and both sides exit. +.LP +.B Sshd +can be configured using command-line options or a configuration +file. Command-line options override values specified in the +configuration file. + + +.SH OPTIONS +.TP +.BI \-b \ bits +Specifies the number of bits in the server key (default 768). +.TP +.B \-d +Debug mode. The server sends verbose debug output to the system +log, and does not put itself in the background. The server also will +not fork and will only process one connection. This option is only +intended for debugging for the server. +.TP +.BI \-f \ configuration_file +Specifies the name of the configuration file. The default is +.IR @ETCDIR@/sshd_config ". +.TP +.BI \-g \ login_grace_time +Gives the grace time for clients to authenticate themselves (default +300 seconds). If the client fails to authenticate the user within +this many seconds, the server disconnects and exits. A value of zero +indicates no limit. +.TP +.BI \-h \ host_key_file +Specifies the file from which the host key is read (default +.IR @ETCDIR@/ssh_host_key). +This option must be given if sshd is not run as root (as the normal +host file is normally not readable by anyone but root). +.TP +.B \-i +Specifies that sshd is being run from inetd. Sshd is normally not run +from inetd because it needs to generate the server key before it can +respond to the client, and this may take tens of seconds. Clients +would have to wait too long if the key was regenerated every time. +However, with small key sizes (e.g. 512) using sshd from inetd may +be feasible. +.TP +.BI \-k \ key_gen_time +Specifies how often the server key is regenerated (default 3600 +seconds, or one hour). The motivation for regenerating the key fairly +often is that the key is not stored anywhere, and after about an hour, +it becomes impossible to recover the key for decrypting intercepted +communications even if the machine is cracked into or physically +seized. A value of zero indicates that the key will never be regenerated. +.TP +.BI \-p \ port +Specifies the port on which the server listens for connections +(default 22). +.TP +.B \-q +Quiet mode. Nothing is sent to the system log. Normally the beginning, +authentication, and termination of each connection is logged. + +.SH CONFIGURATION FILE + +.B Sshd +reads configuration data from +.I @ETCDIR@/sshd_config +(or the file specified with -f on the command line). The file +contains keyword-value pairs, one per line. Lines starting with '#' +and empty lines are interpreted as comments. + +The following keywords are possible. +.TP +.B AFSTokenPassing +Specifies whether to accept AFS tokens passed from the client. Default +is "yes". +.TP +.B AllowHosts +This keyword can be followed by any number of host name patterns, +separated by spaces. If specified, login is allowed only from hosts +whose name matches one of the patterns. '*' and '?' can be used as +wildcards in the patterns. Normal name servers are used to map the +client's host into a canonical host name. If the name cannot be +mapped, its IP-address is used as the host name. By default all hosts +are allowed to connect. + +Note that +.B sshd +can also be configured to use tcp_wrappers using the --with-libwrap +compile-time configuration option. +.TP +.B DenyHosts +This keyword can be followed by any number of host name patterns, +separated by spaces. If specified, login is disallowed from the hosts +whose name matches any of the patterns. +.TP +.B FascistLogging +Specifies whether to use verbose logging. Verbose logging violates +the privacy of users and is not recommended. The argument must be +"yes" or "no" (without the quotes). The default is "no". +.TP +.B HostKey +Specifies the file containing the private host key (default +.IR @ETCDIR@/ssh_host_key "). +.TP +.B IgnoreRhosts +Specifies that rhosts and shosts files will not be used in +authentication. +.I /etc/hosts.equiv +and +.I @ETCDIR@/shosts.equiv +are still used. The default is "no". +.TP +.B KeepAlive +Specifies whether the system should send keepalive messages to the +other side. If they are sent, death of the connection or crash of one +of the machines will be properly noticed. However, this means that +connections will die if the route is down temporarily, and some people +find it annoying. On the other hand, if keepalives are not send, +sessions may hang indefinitely on the server, leaving "ghost" users +and consuming server resources. + +The default is "yes" (to send keepalives), and the server will notice +if the network goes down or the client host reboots. This avoids +infinitely hanging sessions. + +To disable keepalives, the value should be set to "no" in both the +server and the client configuration files. +.TP +.B KerberosAuthentication +Specifies whether Kerberos authentication is allowed. This can +be in the form of a Kerberos ticket, or if PasswordAuthentication +is yes, the password provided by the user will be validated through +the Kerberos KDC / AFS kaserver / DCE Security Server. Default is yes. +.TP +.B KerberosOrLocalPasswd +If set then if password authentication through Kerberos fails then +the password will be validated via any additional local mechanism +such as /etc/passwd or SecurID. Default is no. +.TP +.B KerberosTgtPassing +Specifies whether a Kerberos TGT may be forwarded to the server. +Default is no, TGT forwarding does only work with the AFS kaserver. +.TP +.B KerberosTicketCleanup +Specifies whether to automatically destroy the user's +ticket cache file on logout. Default is yes. +.TP +.B KeyRegenerationInterval +The server key is automatically regenerated after this many seconds +(if it has been used). The purpose of regeneration is to prevent +decrypting captured sessions by later breaking into the machine and +stealing the keys. The key is never stored anywhere. If the value is +0, the key is never regenerated. The default is 3600 +(seconds). +.TP +.B LoginGraceTime +The server disconnects after this time if the user has not +successfully logged in. If the value is 0, there is no time limit. +The default is 600 (seconds). +.TP +.B PasswordAuthentication +Specifies whether password authentication is allowed. +The default is "yes". +.TP +.B PermitEmptyPasswords +When password authentication is allowed, it specifies whether the +server allows login to accounts with empty password strings. The default +is "yes". +.TP +.B PermitRootLogin +Specifies whether the root can log in using +.BR ssh . +The default is "yes". + +Root login with RSA authentication when the "command" option has been +specified will be allowed regardless of the value of this setting +(which may be useful for taking remote backups even if root login is +normally not allowed). +.TP +.B Port +Specifies the port number that +.B sshd +listens on. The default is 22. +.TP +.B PrintMotd +Specifies whether +.B sshd +should print +.I /etc/motd +when a user logs in interactively. (On some systems it is also +printed by the shell, /etc/profile, or equivalent.) The default is +"yes". +.TP +.B QuietMode +Specifies whether the system runs in quiet mode. In quiet mode, +nothing is logged in the system log, except fatal errors. The default +is "no". +.TP +.B RandomSeed +Specifies the file containing the random seed for the server; this +file is created automatically and updated regularly. The default is +.IR @ETCDIR@/ssh_random_seed ". +.TP +.B RhostsAuthentication +Specifies whether authentication using rhosts or /etc/hosts.equiv +files is sufficient. Normally, this method should not be permitted +because it is insecure. RhostsRSAAuthentication should be used +instead, because it performs RSA-based host authentication in addition +to normal rhosts or /etc/hosts.equiv authentication. +The default is "no". +.TP +.B RhostsRSAAuthentication +Specifies whether rhosts or /etc/hosts.equiv authentication together +with successful RSA host authentication is allowed. The default is "yes". +.TP +.B RSAAuthentication +Specifies whether pure RSA authentication is allowed. The default is "yes". +.TP +.B ServerKeyBits +Defines the number of bits in the server key. The minimum value is +512, and the default is 768. +.TP +.B StrictModes +Specifies whether ssh should check file modes and ownership of the +user's home directory and rhosts files before accepting login. This +is normally desirable because novices sometimes accidentally leave their +directory or files world-writable. The default is "yes". +.TP +.B SyslogFacility +Gives the facility code that is used when logging messages from +.B sshd. +The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, +LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is DAEMON. +.TP +.B X11Forwarding +Specifies whether X11 forwarding is permitted. The default is "yes". +Note that disabling X11 forwarding does not improve security in any +way, as users can always install their own forwarders. + +.SH LOGIN PROCESS + +When a user successfully logs in, +.B sshd +does the following: +.IP 1. +If the login is on a tty, and no command has been specified, +prints last login time and +.B /etc/motd +(unless prevented in the configuration file or by +.IR $HOME/\s+2.\s0hushlogin ; +see the FILES section). +.IP 2. +If the login is on a tty, records login time. +.IP 3. +Checks /etc/nologin; if it exists, prints contents and quits +(unless root). +.IP 4. +Changes to run with normal user privileges. +.IP 5. +Sets up basic environment. +.IP 6. +Reads /etc/environment if it exists. +.IP 7. +Reads $HOME/.ssh/environment if it exists. +.IP 8. +Changes to user's home directory. +.IP 9. +If $HOME/.ssh/rc exists, runs it; else if @ETCDIR@/sshrc exists, runs +it; otherwise runs xauth. The "rc" files are given the X11 +authentication protocol and cookie in standard input. +.IP 10. +Runs user's shell or command. +.RT + + +.SH AUTHORIZED_KEYS FILE FORMAT +.LP +The +.I \&$HOME/\s+2.\s0ssh/authorized_keys +file lists the RSA keys that are +permitted for RSA authentication. Each line of the file contains one +key (empty lines and lines starting with a '#' are ignored as +comments). Each line consists of the following fields, separated by +spaces: options, bits, exponent, modulus, comment. The options field +is optional; its presence is determined by whether the line starts +with a number or not (the option field never starts with a number). +The bits, exponent, modulus and comment fields give the RSA key; the +comment field is not used for anything (but may be convenient for the +user to identify the key). +.LP +Note that lines in this file are usually several hundred bytes long +(because of the size of the RSA key modulus). You don't want to type +them in; instead, copy the +.I identity.pub +file and edit it. +.LP +The options (if present) consists of comma-separated option +specifications. No spaces are permitted, except within double quotes. +The following option specifications are supported: +.IP +.ti -.5i +\fBfrom="pattern-list" \fR +.br +Specifies that in addition to RSA authentication, the canonical name +of the remote host must be present in the comma-separated list of +patterns ('*' and '?' serve as wildcards). The list may also contain +patterns negated by prefixing them with '!'; if the canonical host +name matches a negated pattern, the key is not accepted. The purpose +of this option is to optionally increase security: RSA authentication +by itself does not trust the network or name servers or anything (but +the key); however, if somebody somehow steals the key, the key +permits an intruder to log in from anywhere in the world. This +additional option makes using a stolen key more difficult (name +servers and/or routers would have to be compromised in addition to +just the key). +.IP +.ti -.5i +\fBcommand="command"\fR +.br +Specifies that the command is executed whenever this key is used for +authentication. The command supplied by the user (if any) is ignored. +The command is run on a pty if the connection requests a pty; +otherwise it is run without a tty. A quote may be included in the +command by quoting it with a backslash. This option might be useful +to restrict certain RSA keys to perform just a specific operation. An +example might be a key that permits remote backups but nothing +else. Notice that the client may specify TCP/IP and/or X11 +forwardings unless they are explicitly prohibited. +.IP +.ti -.5i +\fBenvironment="NAME=value"\fR +.br +Specifies that the string is to be added to the environment when +logging in using this key. Environment variables set this way +override other default environment values. Multiple options of this +type are permitted. +.TP +.B no-port-forwarding +Forbids TCP/IP forwarding when this key is used for authentication. +Any port forward requests by the client will return an error. This +might be used e.g. in connection with the +.B command +option. +.TP +.B no-X11-forwarding +Forbids X11 forwarding when this key is used for authentication. +Any X11 forward requests by the client will return an error. +.TP +.B no-agent-forwarding +Forbids authentication agent forwarding when this key is used for +authentication. +.TP +.B no-pty +Prevents tty allocation (a request to allocate a pty will fail). + +.SS Examples +.LP +1024 33 12121.\|.\|.\|312314325 ylo@foo.bar +.LP +from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula +.LP +command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi + + + +.SH SSH_KNOWN_HOSTS FILE FORMAT +.LP +The +.I @ETCDIR@/ssh_known_hosts +and +.I \&$HOME/\s+2.\s0ssh/known_hosts +files contain host public keys for all known hosts. The global file should +be prepared by the admistrator (optional), and the per-user file is +maintained automatically: whenever the user connects an unknown host +its key is added to the per-user file. The recommended way to create +.I @ETCDIR@/ssh_known_hosts +is to use the +.B make-ssh-known-hosts +command. +.LP +Each line in these files contains the following fields: hostnames, +bits, exponent, modulus, comment. The fields are separated by spaces. +.LP +Hostnames is a comma-separated list of patterns ('*' and '?' act as +wildcards); each pattern in turn is matched against the canonical host +name (when authenticating a client) or against the user-supplied +name (when authenticating a server). A pattern may also be preceded +by '!' to indicate negation: if the host name matches a negated +pattern, it is not accepted (by that line) even if it matched another +pattern on the line. +.LP +Bits, exponent, and modulus are taken directly from the host key; they +can be obtained e.g. from +.IR @ETCDIR@/ssh_host_key.pub ". +The optional comment field continues to the end of the line, and is not used. +.LP +Lines starting with '#' and empty lines are ignored as comments. +.LP +When performing host authentication, authentication is accepted if any +matching line has the proper key. It is thus permissible (but not +recommended) to have several lines or different host keys for the same +names. This will inevitably happen when short forms of host names +from different domains are put in the file. It is possible +that the files contain conflicting information; authentication is +accepted if valid information can be found from either file. +.LP +Note that the lines in these files are typically hundreds of characters +long, and you definitely don't want to type in the host keys by hand. +Rather, generate them by a script (see +.BR make-ssh-known-hosts (1)) +or by taking +.I @ETCDIR@/ssh_host_key.pub +and adding the host names at the front. + +.SS Examples + +closenet,closenet.hut.fi,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi + +.SH FILES +.TP +.I @ETCDIR@/sshd_config +Contains configuration data for +.BR sshd . +This file should be writable by root only, but it is recommended +(though not necessary) that it be world-readable. +.TP +.I @ETCDIR@/ssh_host_key +Contains the private part of the host key. This file is normally +created automatically by "make install", but can also be created +manually using +.BR ssh-keygen (1). +This file should only be owned by root, readable only by root, and not +accessible to others. +.TP +.I @ETCDIR@/ssh_host_key.pub +Contains the public part of the host key. This file is normally +created automatically by "make install", but can also be created +manually. This file should be world-readable but writable only by +root. Its contents should match the private part. This file is not +really used for anything; it is only provided for the convenience of +the user so its contents can be copied to known hosts files. +.TP +.I @ETCDIR@/ssh_random_seed +This file contains a seed for the random number generator. This file +should only be accessible by root. +.TP +.I @PIDDIR@/sshd.pid +Contains the process id of the +.B sshd +listening for connections (if there are several daemons running +concurrently for different ports, this contains the pid of the one +started last). The contents of this file are not sensitive; it can be +world-readable. +.TP +.I \&$HOME/\s+2.\s0ssh/authorized_keys +Lists the RSA keys that can be used to log into the user's account. +This file must be readable by root (which may on some machines imply +it being world-readable if the user's home directory resides on an NFS +volume). It is recommended that it not be accessible by others. The +format of this file is described above. +.TP +.I "@ETCDIR@/ssh_known_hosts\fR and \fI$HOME/\s+2.\s0ssh/known_hosts\fR +These files are consulted when using rhosts with RSA host +authentication to check the public key of the host. The key must be +listed in one of these files to be accepted. (The client uses the +same files to verify that the remote host is the one we intended to +connect.) These files should be writable only by root/the owner. +.I @ETCDIR@/ssh_known_hosts +should be world-readable, and \fI$HOME/\s+2.\s0ssh/known_hosts\fR can +but need not be world-readable. +.TP +.I /etc/nologin +If this file exists, +.B sshd +refuses to let anyone except root log in. The contents of the file +are displayed to anyone trying to log in, and non-root connections are +refused. The file should be world-readable. +.TP +.I \&$HOME/\s+2.\s0rhosts +This file contains host-username pairs, separated by a space, one per +line. The given user on the corresponding host is permitted to log in +without password. The same file is used by rlogind and rshd. +.B Ssh +differs from rlogind +and rshd in that it requires RSA host authentication in addition to +validating the host name retrieved from domain name servers (unless +compiled with the \-\-with\-rhosts configuration option). The file must +be writable only by the user; it is recommended that it not be +accessible by others. + +If is also possible to use netgroups in the file. Either host or user +name may be of the form +@groupname to specify all hosts or all users +in the group. +.TP +.I \&$HOME/\s+2.\s0shosts +For +.B ssh, +this file is exactly the same as for \s+2.\s0rhosts. However, this file is +not used by rlogin and rshd, so using this permits access using +.B ssh +only. +.TP +.I /etc/hosts.equiv +This file is used during \s+2.\s0rhosts authentication. In the +simplest form, this file contains host names, one per line. Users on +those hosts are permitted to log in without a password, provided they +have the same user name on both machines. The host name may also be +followed by a user name; such users are permitted to log in as +.B any +user on this machine (except root). Additionally, the syntax +@group +can be used to specify netgroups. Negated entries start with '-'. + +If the client host/user is successfully matched in this file, login is +automatically permitted provided the client and server user names are the +same. Additionally, successful RSA host authentication is normally +required. This file must be writable only by root; it is recommended +that it be world-readable. + +\fBWarning: It is almost never a good idea to use user names in +hosts.equiv.\fR +Beware that it really means that the named user(s) can log in as +\fBanybody\fR, +which includes bin, daemon, adm, and other accounts that own critical +binaries and directories. Using a user name practically grants the +user root access. The only valid use for user names that I can think +of is in negative entries. +\fBNote that this warning also applies to rsh/rlogin.\fR +.TP +.I @ETCDIR@/shosts.equiv +This is processed exactly as +.I /etc/hosts.equiv. +However, this file may be useful in environments that want to run both +rsh/rlogin and +.B ssh. +.TP +.I /etc/environment +This file is read into the environment at login (if it exists). It +can only contain empty lines, comment lines (that start with '#'), and +assignment lines of the form name=value. This file is processed in +all environments (normal rsh/rlogin only process it on AIX and +potentially some other systems). The file should be writable only by +root, and should be world-readable. +.TP +.I \&$HOME/\s+2.\s0ssh/environment +This file is read into the environment after /etc/environment. It has +the same format. The file should be writable only by the user; it +need not be readable by anyone else. +.TP +.I \&$HOME/\s+2.\s0ssh/rc +If this file exists, it is run with /bin/sh after reading the +environment files but before starting the user's shell or command. If +X11 spoofing is in use, this will receive the "proto cookie" pair in +standard input (and DISPLAY in environment). This must call xauth in +that case. + +The primary purpose of this file is to run any initialization routines +which may be needed before the user's home directory becomes +accessible; AFS is a particular example of such an environment. + +This file will probably contain some initialization code followed by +something similar to: "if read proto cookie; then echo add $DISPLAY +$proto $cookie | xauth -q -; fi". + +If this file does not exist, @ETCDIR@/sshrc is run, and if that +does not exist either, xauth is used to store the cookie. + +This file should be writable only by the user, and need not be +readable by anyone else. +.TP +.I @ETCDIR@/sshrc +Like $HOME/\s+2.\s0ssh/rc. This can be used to specify +machine-specific login-time initializations globally. This file +should be writable only by root, and should be world-readable. + + +.SH INSTALLATION +.LP +.B Sshd +is normally run as root. If it is not run as root, it can +only log in as the user it is running as, and password authentication +may not work if the system uses shadow passwords. An alternative +host key file must also be used. +.LP +.B Sshd +is normally started from +.I /etc/rc.local +or equivalent at system boot. +.LP +Considerable work has been put to making +.B sshd +secure. However, if you find a security problem, please report it +immediately to . + +.SH AUTHOR +.LP +Tatu Ylonen +.LP +Information about new releases, mailing lists, and other related +issues can be found from the ssh WWW home page at +http://www.cs.hut.fi/ssh. + +.SH SEE ALSO +.LP +.BR ssh (1), +.BR make-ssh-known-hosts (1), +.BR ssh-keygen (1), +.BR ssh-agent (1), +.BR ssh-add (1), +.BR scp (1), +.BR rlogin (1), +.BR rsh (1) Index: usr.bin/ssh/sshd.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshd.c,v retrieving revision 1.40 retrieving revision 1.72 diff -u -r1.40 -r1.72 --- usr.bin/ssh/sshd.c 1999/10/18 06:16:50 1.40 +++ usr.bin/ssh/sshd.c 1999/12/08 04:36:41 1.72 @@ -1,24 +1,19 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Fri Mar 17 17:09:28 1995 ylo + * This program is the ssh daemon. It listens for connections from clients, and + * performs authentication, executes use commands or shell, and forwards + * information to/from the application to the user client over an encrypted + * connection. This can also handle forwarding of X11, TCP/IP, and authentication + * agent connections. + */ -sshd.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Fri Mar 17 17:09:28 1995 ylo - -This program is the ssh daemon. It listens for connections from clients, and -performs authentication, executes use commands or shell, and forwards -information to/from the application to the user client over an encrypted -connection. This can also handle forwarding of X11, TCP/IP, and authentication -agent connections. - -*/ - #include "includes.h" -RCSID("$Id: sshd.c,v 1.40 1999/10/18 06:16:50 markus Exp $"); +RCSID("$Id: sshd.c,v 1.72 1999/12/08 04:36:41 deraadt Exp $"); + +#include #include "xmalloc.h" #include "rsa.h" @@ -43,12 +38,8 @@ #define O_NOCTTY 0 #endif -#ifdef KRB4 -char *ticket = NULL; -#endif /* KRB4 */ - /* Local Xauthority file. */ -char *xauthfile = NULL; +static char *xauthfile = NULL; /* Server configuration options. */ ServerOptions options; @@ -56,55 +47,70 @@ /* Name of the server configuration file. */ char *config_file_name = SERVER_CONFIG_FILE; -/* Debug mode flag. This can be set on the command line. If debug - mode is enabled, extra debugging output will be sent to the system - log, the daemon will not go to background, and will exit after processing - the first connection. */ +/* + * Debug mode flag. This can be set on the command line. If debug + * mode is enabled, extra debugging output will be sent to the system + * log, the daemon will not go to background, and will exit after processing + * the first connection. + */ int debug_flag = 0; /* Flag indicating that the daemon is being started from inetd. */ int inetd_flag = 0; +/* debug goes to stderr unless inetd_flag is set */ +int log_stderr = 0; + /* argv[0] without path. */ char *av0; /* Saved arguments to main(). */ char **saved_argv; -/* This is set to the socket that the server is listening; this is used in - the SIGHUP signal handler. */ +/* + * This is set to the socket that the server is listening; this is used in + * the SIGHUP signal handler. + */ int listen_sock; -/* Flags set in auth-rsa from authorized_keys flags. These are set in - auth-rsa.c. */ +/* + * the client's version string, passed by sshd2 in compat mode. if != NULL, + * sshd will skip the version-number exchange + */ +char *client_version_string = NULL; + +/* Flags set in auth-rsa from authorized_keys flags. These are set in auth-rsa.c. */ int no_port_forwarding_flag = 0; int no_agent_forwarding_flag = 0; int no_x11_forwarding_flag = 0; int no_pty_flag = 0; -char *forced_command = NULL; /* RSA authentication "command=" option. */ -struct envstring *custom_environment = NULL; - /* RSA authentication "environment=" options. */ + +/* RSA authentication "command=" option. */ +char *forced_command = NULL; + +/* RSA authentication "environment=" options. */ +struct envstring *custom_environment = NULL; /* Session id for the current session. */ unsigned char session_id[16]; -/* Any really sensitive data in the application is contained in this structure. - The idea is that this structure could be locked into memory so that the - pages do not get written into swap. However, there are some problems. - The private key contains BIGNUMs, and we do not (in principle) have - access to the internals of them, and locking just the structure is not - very useful. Currently, memory locking is not implemented. */ -struct -{ - /* Private part of server key. */ - RSA *private_key; - - /* Private part of host key. */ - RSA *host_key; +/* + * Any really sensitive data in the application is contained in this + * structure. The idea is that this structure could be locked into memory so + * that the pages do not get written into swap. However, there are some + * problems. The private key contains BIGNUMs, and we do not (in principle) + * have access to the internals of them, and locking just the structure is + * not very useful. Currently, memory locking is not implemented. + */ +struct { + RSA *private_key; /* Private part of server key. */ + RSA *host_key; /* Private part of host key. */ } sensitive_data; -/* Flag indicating whether the current session key has been used. This flag - is set whenever the key is used, and cleared when the key is regenerated. */ +/* + * Flag indicating whether the current session key has been used. This flag + * is set whenever the key is used, and cleared when the key is regenerated. + */ int key_used = 0; /* This is set to true when SIGHUP is received. */ @@ -115,2226 +121,2311 @@ RSA *public_key; /* Prototypes for various functions defined later in this file. */ -void do_connection(int privileged_port); -void do_authentication(char *user, int privileged_port); -void do_authenticated(struct passwd *pw); -void do_exec_pty(const char *command, int ptyfd, int ttyfd, - const char *ttyname, struct passwd *pw, const char *term, - const char *display, const char *auth_proto, - const char *auth_data); -void do_exec_no_pty(const char *command, struct passwd *pw, - const char *display, const char *auth_proto, - const char *auth_data); -void do_child(const char *command, struct passwd *pw, const char *term, +void do_connection(); +void do_authentication(char *user); +void do_authloop(struct passwd * pw); +void do_fake_authloop(char *user); +void do_authenticated(struct passwd * pw); +void do_exec_pty(const char *command, int ptyfd, int ttyfd, + const char *ttyname, struct passwd * pw, const char *term, + const char *display, const char *auth_proto, + const char *auth_data); +void do_exec_no_pty(const char *command, struct passwd * pw, + const char *display, const char *auth_proto, + const char *auth_data); +void do_child(const char *command, struct passwd * pw, const char *term, const char *display, const char *auth_proto, const char *auth_data, const char *ttyname); -/* Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP; - the effect is to reread the configuration file (and to regenerate - the server key). */ - -void sighup_handler(int sig) +/* + * Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP; + * the effect is to reread the configuration file (and to regenerate + * the server key). + */ +void +sighup_handler(int sig) { - received_sighup = 1; - signal(SIGHUP, sighup_handler); + received_sighup = 1; + signal(SIGHUP, sighup_handler); } - -/* Called from the main program after receiving SIGHUP. Restarts the - server. */ -void sighup_restart() +/* + * Called from the main program after receiving SIGHUP. + * Restarts the server. + */ +void +sighup_restart() { - log("Received SIGHUP; restarting."); - close(listen_sock); - execv(saved_argv[0], saved_argv); - log("RESTART FAILED: av0='%s', error: %s.", av0, strerror(errno)); - exit(1); + log("Received SIGHUP; restarting."); + close(listen_sock); + execv(saved_argv[0], saved_argv); + log("RESTART FAILED: av0='%s', error: %s.", av0, strerror(errno)); + exit(1); } -/* Generic signal handler for terminating signals in the master daemon. - These close the listen socket; not closing it seems to cause "Address - already in use" problems on some machines, which is inconvenient. */ - -void sigterm_handler(int sig) -{ - log("Received signal %d; terminating.", sig); - close(listen_sock); - exit(255); +/* + * Generic signal handler for terminating signals in the master daemon. + * These close the listen socket; not closing it seems to cause "Address + * already in use" problems on some machines, which is inconvenient. + */ +void +sigterm_handler(int sig) +{ + log("Received signal %d; terminating.", sig); + close(listen_sock); + exit(255); } - -/* SIGCHLD handler. This is called whenever a child dies. This will then - reap any zombies left by exited c. */ -void main_sigchld_handler(int sig) +/* + * SIGCHLD handler. This is called whenever a child dies. This will then + * reap any zombies left by exited c. + */ +void +main_sigchld_handler(int sig) { - int save_errno = errno; - int status; - wait(&status); - signal(SIGCHLD, main_sigchld_handler); - errno = save_errno; -} + int save_errno = errno; + int status; -/* Signal handler for the alarm after the login grace period has expired. */ + while (waitpid(-1, &status, WNOHANG) > 0) + ; -void grace_alarm_handler(int sig) -{ - /* Close the connection. */ - packet_close(); - - /* Log error and exit. */ - fatal("Timeout before authentication."); + signal(SIGCHLD, main_sigchld_handler); + errno = save_errno; } - -/* Signal handler for the key regeneration alarm. Note that this - alarm only occurs in the daemon waiting for connections, and it does not - do anything with the private key or random state before forking. Thus there - should be no concurrency control/asynchronous execution problems. */ - -void key_regeneration_alarm(int sig) -{ - int save_errno = errno; - - /* Check if we should generate a new key. */ - if (key_used) - { - /* This should really be done in the background. */ - log("Generating new %d bit RSA key.", options.server_key_bits); - if (sensitive_data.private_key != NULL) - RSA_free(sensitive_data.private_key); - sensitive_data.private_key = RSA_new(); +/* + * Signal handler for the alarm after the login grace period has expired. + */ +void +grace_alarm_handler(int sig) +{ + /* Close the connection. */ + packet_close(); - if (public_key != NULL) - RSA_free(public_key); - public_key = RSA_new(); + /* Log error and exit. */ + fatal("Timeout before authentication for %s.", get_remote_ipaddr()); +} - rsa_generate_key(sensitive_data.private_key, public_key, - options.server_key_bits); - arc4random_stir(); - key_used = 0; - log("RSA key generation complete."); - } - - /* Reschedule the alarm. */ - signal(SIGALRM, key_regeneration_alarm); - alarm(options.key_regeneration_time); - errno = save_errno; +/* + * convert ssh auth msg type into description + */ +char * +get_authname(int type) +{ + switch (type) { + case SSH_CMSG_AUTH_PASSWORD: + return "password"; + case SSH_CMSG_AUTH_RSA: + return "rsa"; + case SSH_CMSG_AUTH_RHOSTS_RSA: + return "rhosts-rsa"; + case SSH_CMSG_AUTH_RHOSTS: + return "rhosts"; +#ifdef KRB4 + case SSH_CMSG_AUTH_KERBEROS: + return "kerberos"; +#endif +#ifdef SKEY + case SSH_CMSG_AUTH_TIS_RESPONSE: + return "s/key"; +#endif + } + fatal("get_authname: unknown auth %d: internal error", type); + return NULL; } -/* Main program for the daemon. */ +/* + * Signal handler for the key regeneration alarm. Note that this + * alarm only occurs in the daemon waiting for connections, and it does not + * do anything with the private key or random state before forking. + * Thus there should be no concurrency control/asynchronous execution + * problems. + */ +void +key_regeneration_alarm(int sig) +{ + int save_errno = errno; + + /* Check if we should generate a new key. */ + if (key_used) { + /* This should really be done in the background. */ + log("Generating new %d bit RSA key.", options.server_key_bits); + + if (sensitive_data.private_key != NULL) + RSA_free(sensitive_data.private_key); + sensitive_data.private_key = RSA_new(); + + if (public_key != NULL) + RSA_free(public_key); + public_key = RSA_new(); + + rsa_generate_key(sensitive_data.private_key, public_key, + options.server_key_bits); + arc4random_stir(); + key_used = 0; + log("RSA key generation complete."); + } + /* Reschedule the alarm. */ + signal(SIGALRM, key_regeneration_alarm); + alarm(options.key_regeneration_time); + errno = save_errno; +} +/* + * Main program for the daemon. + */ int main(int ac, char **av) { - extern char *optarg; - extern int optind; - int opt, aux, sock_in, sock_out, newsock, i, pid, on = 1; - int remote_major, remote_minor; - int silentrsa = 0; - struct sockaddr_in sin; - char buf[100]; /* Must not be larger than remote_version. */ - char remote_version[100]; /* Must be at least as big as buf. */ - char *comment; - FILE *f; - struct linger linger; - - /* Save argv[0]. */ - saved_argv = av; - if (strchr(av[0], '/')) - av0 = strrchr(av[0], '/') + 1; - else - av0 = av[0]; - - /* Initialize configuration options to their default values. */ - initialize_server_options(&options); - - /* Parse command-line arguments. */ - while ((opt = getopt(ac, av, "f:p:b:k:h:g:diqQ")) != EOF) - { - switch (opt) - { - case 'f': - config_file_name = optarg; - break; - case 'd': - debug_flag = 1; - break; - case 'i': - inetd_flag = 1; - break; - case 'Q': - silentrsa = 1; - break; - case 'q': - options.quiet_mode = 1; - break; - case 'b': - options.server_key_bits = atoi(optarg); - break; - case 'p': - options.port = atoi(optarg); - break; - case 'g': - options.login_grace_time = atoi(optarg); - break; - case 'k': - options.key_regeneration_time = atoi(optarg); - break; - case 'h': - options.host_key_file = optarg; - break; - case '?': - default: - fprintf(stderr, "sshd version %s\n", SSH_VERSION); - fprintf(stderr, "Usage: %s [options]\n", av0); - fprintf(stderr, "Options:\n"); - fprintf(stderr, " -f file Configuration file (default %s/sshd_config)\n", ETCDIR); - fprintf(stderr, " -d Debugging mode\n"); - fprintf(stderr, " -i Started from inetd\n"); - fprintf(stderr, " -q Quiet (no logging)\n"); - fprintf(stderr, " -p port Listen on the specified port (default: 22)\n"); - fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n"); - fprintf(stderr, " -g seconds Grace period for authentication (default: 300)\n"); - fprintf(stderr, " -b bits Size of server RSA key (default: 768 bits)\n"); - fprintf(stderr, " -h file File from which to read host key (default: %s)\n", - HOST_KEY_FILE); - exit(1); - } - } - - /* check if RSA support exists */ - if (rsa_alive() == 0) { - if (silentrsa == 0) - printf("sshd: no RSA support in libssl and libcrypto -- exiting. See ssl(8)\n"); - log("no RSA support in libssl and libcrypto -- exiting. See ssl(8)"); - exit(1); - } - - /* Read server configuration options from the configuration file. */ - read_server_config(&options, config_file_name); - - /* Fill in default values for those options not explicitly set. */ - fill_default_server_options(&options); - - /* Check certain values for sanity. */ - if (options.server_key_bits < 512 || - options.server_key_bits > 32768) - { - fprintf(stderr, "Bad server key size.\n"); - exit(1); - } - if (options.port < 1 || options.port > 65535) - { - fprintf(stderr, "Bad port number.\n"); - exit(1); - } - - /* Check that there are no remaining arguments. */ - if (optind < ac) - { - fprintf(stderr, "Extra argument %s.\n", av[optind]); - exit(1); - } - - /* Initialize the log (it is reinitialized below in case we forked). */ - log_init(av0, debug_flag && !inetd_flag, - debug_flag || options.fascist_logging, - options.quiet_mode, options.log_facility); - - debug("sshd version %.100s", SSH_VERSION); - - sensitive_data.host_key = RSA_new(); - /* Load the host key. It must have empty passphrase. */ - if (!load_private_key(options.host_key_file, "", - sensitive_data.host_key, &comment)) - { - if (debug_flag) - fprintf(stderr, "Could not load host key: %s: %s\n", - options.host_key_file, strerror(errno)); - else - { - int err = errno; - log_init(av0, !inetd_flag, 1, 0, options.log_facility); - error("Could not load host key: %.200s: %.100s", - options.host_key_file, strerror(err)); - } - exit(1); - } - xfree(comment); - - /* If not in debugging mode, and not started from inetd, disconnect from - the controlling terminal, and fork. The original process exits. */ - if (!debug_flag && !inetd_flag) - { + extern char *optarg; + extern int optind; + int opt, aux, sock_in, sock_out, newsock, i, pid, on = 1; + int remote_major, remote_minor; + int silentrsa = 0; + struct pollfd fds; + struct sockaddr_in sin; + char buf[100]; /* Must not be larger than remote_version. */ + char remote_version[100]; /* Must be at least as big as buf. */ + const char *remote_ip; + int remote_port; + char *comment; + FILE *f; + struct linger linger; + + /* Save argv[0]. */ + saved_argv = av; + if (strchr(av[0], '/')) + av0 = strrchr(av[0], '/') + 1; + else + av0 = av[0]; + + /* Initialize configuration options to their default values. */ + initialize_server_options(&options); + + /* Parse command-line arguments. */ + while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:diqQ")) != EOF) { + switch (opt) { + case 'f': + config_file_name = optarg; + break; + case 'd': + debug_flag = 1; + options.log_level = SYSLOG_LEVEL_DEBUG; + break; + case 'i': + inetd_flag = 1; + break; + case 'Q': + silentrsa = 1; + break; + case 'q': + options.log_level = SYSLOG_LEVEL_QUIET; + break; + case 'b': + options.server_key_bits = atoi(optarg); + break; + case 'p': + options.port = atoi(optarg); + break; + case 'g': + options.login_grace_time = atoi(optarg); + break; + case 'k': + options.key_regeneration_time = atoi(optarg); + break; + case 'h': + options.host_key_file = optarg; + break; + case 'V': + client_version_string = optarg; + /* only makes sense with inetd_flag, i.e. no listen() */ + inetd_flag = 1; + break; + case '?': + default: + fprintf(stderr, "sshd version %s\n", SSH_VERSION); + fprintf(stderr, "Usage: %s [options]\n", av0); + fprintf(stderr, "Options:\n"); + fprintf(stderr, " -f file Configuration file (default %s)\n", SERVER_CONFIG_FILE); + fprintf(stderr, " -d Debugging mode\n"); + fprintf(stderr, " -i Started from inetd\n"); + fprintf(stderr, " -q Quiet (no logging)\n"); + fprintf(stderr, " -p port Listen on the specified port (default: 22)\n"); + fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n"); + fprintf(stderr, " -g seconds Grace period for authentication (default: 300)\n"); + fprintf(stderr, " -b bits Size of server RSA key (default: 768 bits)\n"); + fprintf(stderr, " -h file File from which to read host key (default: %s)\n", + HOST_KEY_FILE); + exit(1); + } + } + + /* check if RSA support exists */ + if (rsa_alive() == 0) { + if (silentrsa == 0) + printf("sshd: no RSA support in libssl and libcrypto -- exiting. See ssl(8)\n"); + log("no RSA support in libssl and libcrypto -- exiting. See ssl(8)"); + exit(1); + } + /* Read server configuration options from the configuration file. */ + read_server_config(&options, config_file_name); + + /* Fill in default values for those options not explicitly set. */ + fill_default_server_options(&options); + + /* Check certain values for sanity. */ + if (options.server_key_bits < 512 || + options.server_key_bits > 32768) { + fprintf(stderr, "Bad server key size.\n"); + exit(1); + } + if (options.port < 1 || options.port > 65535) { + fprintf(stderr, "Bad port number.\n"); + exit(1); + } + /* Check that there are no remaining arguments. */ + if (optind < ac) { + fprintf(stderr, "Extra argument %s.\n", av[optind]); + exit(1); + } + /* Force logging to stderr while loading the private host key + unless started from inetd */ + log_init(av0, options.log_level, options.log_facility, !inetd_flag); + + debug("sshd version %.100s", SSH_VERSION); + + sensitive_data.host_key = RSA_new(); + errno = 0; + /* Load the host key. It must have empty passphrase. */ + if (!load_private_key(options.host_key_file, "", + sensitive_data.host_key, &comment)) { + error("Could not load host key: %.200s: %.100s", + options.host_key_file, strerror(errno)); + exit(1); + } + xfree(comment); + + /* Initialize the log (it is reinitialized below in case we + forked). */ + if (debug_flag && !inetd_flag) + log_stderr = 1; + log_init(av0, options.log_level, options.log_facility, log_stderr); + + /* If not in debugging mode, and not started from inetd, + disconnect from the controlling terminal, and fork. The + original process exits. */ + if (!debug_flag && !inetd_flag) { #ifdef TIOCNOTTY - int fd; + int fd; #endif /* TIOCNOTTY */ - if (daemon(0, 0) < 0) - fatal("daemon() failed: %.200s", strerror(errno)); - - /* Disconnect from the controlling tty. */ + if (daemon(0, 0) < 0) + fatal("daemon() failed: %.200s", strerror(errno)); + + /* Disconnect from the controlling tty. */ #ifdef TIOCNOTTY - fd = open("/dev/tty", O_RDWR|O_NOCTTY); - if (fd >= 0) - { - (void)ioctl(fd, TIOCNOTTY, NULL); - close(fd); - } + fd = open("/dev/tty", O_RDWR | O_NOCTTY); + if (fd >= 0) { + (void) ioctl(fd, TIOCNOTTY, NULL); + close(fd); + } #endif /* TIOCNOTTY */ - } + } + /* Reinitialize the log (because of the fork above). */ + log_init(av0, options.log_level, options.log_facility, log_stderr); - /* Reinitialize the log (because of the fork above). */ - log_init(av0, debug_flag && !inetd_flag, - debug_flag || options.fascist_logging, - options.quiet_mode, options.log_facility); - - /* Check that server and host key lengths differ sufficiently. This is - necessary to make double encryption work with rsaref. Oh, I hate - software patents. I dont know if this can go? Niels */ - if (options.server_key_bits > - BN_num_bits(sensitive_data.host_key->n) - SSH_KEY_BITS_RESERVED && - options.server_key_bits < - BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED) - { - options.server_key_bits = - BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED; - debug("Forcing server key to %d bits to make it differ from host key.", - options.server_key_bits); - } - - /* Do not display messages to stdout in RSA code. */ - rsa_set_verbose(0); - - /* Initialize the random number generator. */ - arc4random_stir(); - - /* Chdir to the root directory so that the current disk can be unmounted - if desired. */ - chdir("/"); - - /* Close connection cleanly after attack. */ - cipher_attack_detected = packet_disconnect; - - /* Start listening for a socket, unless started from inetd. */ - if (inetd_flag) - { - int s1, s2; - s1 = dup(0); /* Make sure descriptors 0, 1, and 2 are in use. */ - s2 = dup(s1); - sock_in = dup(0); - sock_out = dup(1); - /* We intentionally do not close the descriptors 0, 1, and 2 as our - code for setting the descriptors won\'t work if ttyfd happens to - be one of those. */ - debug("inetd sockets after dupping: %d, %d", sock_in, sock_out); - - public_key = RSA_new(); - sensitive_data.private_key = RSA_new(); - /* Generate an rsa key. */ - log("Generating %d bit RSA key.", options.server_key_bits); - rsa_generate_key(sensitive_data.private_key, public_key, - options.server_key_bits); - arc4random_stir(); - log("RSA key generation complete."); - } - else - { - /* Create socket for listening. */ - listen_sock = socket(AF_INET, SOCK_STREAM, 0); - if (listen_sock < 0) - fatal("socket: %.100s", strerror(errno)); - - /* Set socket options. We try to make the port reusable and have it - close as fast as possible without waiting in unnecessary wait states - on close. */ - setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, - sizeof(on)); - linger.l_onoff = 1; - linger.l_linger = 5; - setsockopt(listen_sock, SOL_SOCKET, SO_LINGER, (void *)&linger, - sizeof(linger)); - - /* Initialize the socket address. */ - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - sin.sin_addr = options.listen_addr; - sin.sin_port = htons(options.port); + /* Check that server and host key lengths differ sufficiently. + This is necessary to make double encryption work with rsaref. + Oh, I hate software patents. I dont know if this can go? Niels */ + if (options.server_key_bits > + BN_num_bits(sensitive_data.host_key->n) - SSH_KEY_BITS_RESERVED && + options.server_key_bits < + BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED) { + options.server_key_bits = + BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED; + debug("Forcing server key to %d bits to make it differ from host key.", + options.server_key_bits); + } + /* Do not display messages to stdout in RSA code. */ + rsa_set_verbose(0); - /* Bind the socket to the desired port. */ - if (bind(listen_sock, (struct sockaddr *)&sin, sizeof(sin)) < 0) - { - error("bind: %.100s", strerror(errno)); - shutdown(listen_sock, SHUT_RDWR); - close(listen_sock); - fatal("Bind to port %d failed.", options.port); + /* Initialize the random number generator. */ + arc4random_stir(); + + /* Chdir to the root directory so that the current disk can be + unmounted if desired. */ + chdir("/"); + + /* Close connection cleanly after attack. */ + cipher_attack_detected = packet_disconnect; + + /* Start listening for a socket, unless started from inetd. */ + if (inetd_flag) { + int s1, s2; + s1 = dup(0); /* Make sure descriptors 0, 1, and 2 are in use. */ + s2 = dup(s1); + sock_in = dup(0); + sock_out = dup(1); + /* We intentionally do not close the descriptors 0, 1, and 2 + as our code for setting the descriptors won\'t work + if ttyfd happens to be one of those. */ + debug("inetd sockets after dupping: %d, %d", sock_in, sock_out); + + public_key = RSA_new(); + sensitive_data.private_key = RSA_new(); + + log("Generating %d bit RSA key.", options.server_key_bits); + rsa_generate_key(sensitive_data.private_key, public_key, + options.server_key_bits); + arc4random_stir(); + log("RSA key generation complete."); + } else { + /* Create socket for listening. */ + listen_sock = socket(AF_INET, SOCK_STREAM, 0); + if (listen_sock < 0) + fatal("socket: %.100s", strerror(errno)); + + /* Set socket options. We try to make the port reusable + and have it close as fast as possible without waiting + in unnecessary wait states on close. */ + setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, (void *) &on, + sizeof(on)); + linger.l_onoff = 1; + linger.l_linger = 5; + setsockopt(listen_sock, SOL_SOCKET, SO_LINGER, (void *) &linger, + sizeof(linger)); + + memset(&sin, 0, sizeof(sin)); + sin.sin_family = AF_INET; + sin.sin_addr = options.listen_addr; + sin.sin_port = htons(options.port); + + if (bind(listen_sock, (struct sockaddr *) & sin, sizeof(sin)) < 0) { + error("bind: %.100s", strerror(errno)); + shutdown(listen_sock, SHUT_RDWR); + close(listen_sock); + fatal("Bind to port %d failed.", options.port); + } + if (!debug_flag) { + /* + * Record our pid in /etc/sshd_pid to make it easier + * to kill the correct sshd. We don\'t want to do + * this before the bind above because the bind will + * fail if there already is a daemon, and this will + * overwrite any old pid in the file. + */ + f = fopen(SSH_DAEMON_PID_FILE, "w"); + if (f) { + fprintf(f, "%u\n", (unsigned int) getpid()); + fclose(f); + } + } + + log("Server listening on port %d.", options.port); + if (listen(listen_sock, 5) < 0) + fatal("listen: %.100s", strerror(errno)); + + public_key = RSA_new(); + sensitive_data.private_key = RSA_new(); + + log("Generating %d bit RSA key.", options.server_key_bits); + rsa_generate_key(sensitive_data.private_key, public_key, + options.server_key_bits); + arc4random_stir(); + log("RSA key generation complete."); + + /* Schedule server key regeneration alarm. */ + signal(SIGALRM, key_regeneration_alarm); + alarm(options.key_regeneration_time); + + /* Arrange to restart on SIGHUP. The handler needs listen_sock. */ + signal(SIGHUP, sighup_handler); + signal(SIGTERM, sigterm_handler); + signal(SIGQUIT, sigterm_handler); + + /* Arrange SIGCHLD to be caught. */ + signal(SIGCHLD, main_sigchld_handler); + + /* + * Stay listening for connections until the system crashes or + * the daemon is killed with a signal. + */ + for (;;) { + if (received_sighup) + sighup_restart(); + /* Wait in poll until there is a connection. */ + memset(&fds, 0, sizeof(fds)); + fds.fd = listen_sock; + fds.events = POLLIN; + if (poll(&fds, 1, -1) == -1) { + if (errno == EINTR) + continue; + fatal("poll: %.100s", strerror(errno)); + /*NOTREACHED*/ + } + if (fds.revents == 0) + continue; + aux = sizeof(sin); + newsock = accept(listen_sock, (struct sockaddr *) & sin, &aux); + if (received_sighup) + sighup_restart(); + if (newsock < 0) { + if (errno == EINTR) + continue; + error("accept: %.100s", strerror(errno)); + continue; + } + /* + * Got connection. Fork a child to handle it, unless + * we are in debugging mode. + */ + if (debug_flag) { + /* + * In debugging mode. Close the listening + * socket, and start processing the + * connection without forking. + */ + debug("Server will not fork when running in debugging mode."); + close(listen_sock); + sock_in = newsock; + sock_out = newsock; + pid = getpid(); + break; + } else { + /* + * Normal production daemon. Fork, and have + * the child process the connection. The + * parent continues listening. + */ + if ((pid = fork()) == 0) { + /* + * Child. Close the listening socket, and start using the + * accepted socket. Reinitialize logging (since our pid has + * changed). We break out of the loop to handle the connection. + */ + close(listen_sock); + sock_in = newsock; + sock_out = newsock; + log_init(av0, options.log_level, options.log_facility, log_stderr); + break; + } + } + + /* Parent. Stay in the loop. */ + if (pid < 0) + error("fork: %.100s", strerror(errno)); + else + debug("Forked child %d.", pid); + + /* Mark that the key has been used (it was "given" to the child). */ + key_used = 1; + + arc4random_stir(); + + /* Close the new socket (the child is now taking care of it). */ + close(newsock); + } } - if (!debug_flag) - { - /* Record our pid in /etc/sshd_pid to make it easier to kill the - correct sshd. We don\'t want to do this before the bind above - because the bind will fail if there already is a daemon, and this - will overwrite any old pid in the file. */ - f = fopen(SSH_DAEMON_PID_FILE, "w"); - if (f) - { - fprintf(f, "%u\n", (unsigned int)getpid()); - fclose(f); - } - } - - /* Start listening on the port. */ - log("Server listening on port %d.", options.port); - if (listen(listen_sock, 5) < 0) - fatal("listen: %.100s", strerror(errno)); - - public_key = RSA_new(); - sensitive_data.private_key = RSA_new(); - /* Generate an rsa key. */ - log("Generating %d bit RSA key.", options.server_key_bits); - rsa_generate_key(sensitive_data.private_key, public_key, - options.server_key_bits); - arc4random_stir(); - log("RSA key generation complete."); - - /* Schedule server key regeneration alarm. */ - signal(SIGALRM, key_regeneration_alarm); - alarm(options.key_regeneration_time); - - /* Arrange to restart on SIGHUP. The handler needs listen_sock. */ - signal(SIGHUP, sighup_handler); - signal(SIGTERM, sigterm_handler); - signal(SIGQUIT, sigterm_handler); - - /* Arrange SIGCHLD to be caught. */ - signal(SIGCHLD, main_sigchld_handler); - - /* Stay listening for connections until the system crashes or the - daemon is killed with a signal. */ - for (;;) - { - if (received_sighup) - sighup_restart(); - /* Wait in accept until there is a connection. */ - aux = sizeof(sin); - newsock = accept(listen_sock, (struct sockaddr *)&sin, &aux); - if (received_sighup) - sighup_restart(); - if (newsock < 0) - { - if (errno == EINTR) - continue; - error("accept: %.100s", strerror(errno)); - continue; - } - - /* Got connection. Fork a child to handle it, unless we are in - debugging mode. */ - if (debug_flag) - { - /* In debugging mode. Close the listening socket, and start - processing the connection without forking. */ - debug("Server will not fork when running in debugging mode."); - close(listen_sock); - sock_in = newsock; - sock_out = newsock; - pid = getpid(); - break; - } - else - { - /* Normal production daemon. Fork, and have the child process - the connection. The parent continues listening. */ - if ((pid = fork()) == 0) - { - /* Child. Close the listening socket, and start using - the accepted socket. Reinitialize logging (since our - pid has changed). We break out of the loop to handle - the connection. */ - close(listen_sock); - sock_in = newsock; - sock_out = newsock; - log_init(av0, debug_flag && !inetd_flag, - options.fascist_logging || debug_flag, - options.quiet_mode, options.log_facility); - break; - } - } - - /* Parent. Stay in the loop. */ - if (pid < 0) - error("fork: %.100s", strerror(errno)); - else - debug("Forked child %d.", pid); - - /* Mark that the key has been used (it was "given" to the child). */ - key_used = 1; - - arc4random_stir(); - - /* Close the new socket (the child is now taking care of it). */ - close(newsock); - } - } - - /* This is the child processing a new connection. */ - - /* Disable the key regeneration alarm. We will not regenerate the key - since we are no longer in a position to give it to anyone. We will - not restart on SIGHUP since it no longer makes sense. */ - alarm(0); - signal(SIGALRM, SIG_DFL); - signal(SIGHUP, SIG_DFL); - signal(SIGTERM, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - signal(SIGCHLD, SIG_DFL); - - /* Set socket options for the connection. We want the socket to close - as fast as possible without waiting for anything. If the connection - is not a socket, these will do nothing. */ - /* setsockopt(sock_in, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */ - linger.l_onoff = 1; - linger.l_linger = 5; - setsockopt(sock_in, SOL_SOCKET, SO_LINGER, (void *)&linger, sizeof(linger)); - - /* Register our connection. This turns encryption off because we do not - have a key. */ - packet_set_connection(sock_in, sock_out); + /* This is the child processing a new connection. */ - /* Check whether logins are denied from this host. */ + /* + * Disable the key regeneration alarm. We will not regenerate the + * key since we are no longer in a position to give it to anyone. We + * will not restart on SIGHUP since it no longer makes sense. + */ + alarm(0); + signal(SIGALRM, SIG_DFL); + signal(SIGHUP, SIG_DFL); + signal(SIGTERM, SIG_DFL); + signal(SIGQUIT, SIG_DFL); + signal(SIGCHLD, SIG_DFL); + + /* + * Set socket options for the connection. We want the socket to + * close as fast as possible without waiting for anything. If the + * connection is not a socket, these will do nothing. + */ + /* setsockopt(sock_in, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */ + linger.l_onoff = 1; + linger.l_linger = 5; + setsockopt(sock_in, SOL_SOCKET, SO_LINGER, (void *) &linger, sizeof(linger)); + + /* + * Register our connection. This turns encryption off because we do + * not have a key. + */ + packet_set_connection(sock_in, sock_out); + + remote_port = get_remote_port(); + remote_ip = get_remote_ipaddr(); + + /* Check whether logins are denied from this host. */ #ifdef LIBWRAP - { - struct request_info req; + { + struct request_info req; - request_init(&req, RQ_DAEMON, av0, RQ_FILE, sock_in, NULL); - fromhost(&req); + request_init(&req, RQ_DAEMON, av0, RQ_FILE, sock_in, NULL); + fromhost(&req); - if (!hosts_access(&req)) { - close(sock_in); - close(sock_out); - refuse(&req); - } - log("Connection from %.500s port %d", - eval_client(&req), get_remote_port()); - } + if (!hosts_access(&req)) { + close(sock_in); + close(sock_out); + refuse(&req); + } + verbose("Connection from %.500s port %d", eval_client(&req), remote_port); + } #else - /* Log the connection. */ - log("Connection from %.100s port %d", - get_remote_ipaddr(), get_remote_port()); + /* Log the connection. */ + verbose("Connection from %.500s port %d", remote_ip, remote_port); #endif /* LIBWRAP */ - /* We don\'t want to listen forever unless the other side successfully - authenticates itself. So we set up an alarm which is cleared after - successful authentication. A limit of zero indicates no limit. - Note that we don\'t set the alarm in debugging mode; it is just annoying - to have the server exit just when you are about to discover the bug. */ - signal(SIGALRM, grace_alarm_handler); - if (!debug_flag) - alarm(options.login_grace_time); - - /* Send our protocol version identification. */ - snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", - PROTOCOL_MAJOR, PROTOCOL_MINOR, SSH_VERSION); - if (write(sock_out, buf, strlen(buf)) != strlen(buf)) - fatal("Could not write ident string."); - - /* Read other side\'s version identification. */ - for (i = 0; i < sizeof(buf) - 1; i++) - { - if (read(sock_in, &buf[i], 1) != 1) - fatal("Did not receive ident string."); - if (buf[i] == '\r') - { - buf[i] = '\n'; - buf[i + 1] = 0; - break; + /* + * We don\'t want to listen forever unless the other side + * successfully authenticates itself. So we set up an alarm which is + * cleared after successful authentication. A limit of zero + * indicates no limit. Note that we don\'t set the alarm in debugging + * mode; it is just annoying to have the server exit just when you + * are about to discover the bug. + */ + signal(SIGALRM, grace_alarm_handler); + if (!debug_flag) + alarm(options.login_grace_time); + + if (client_version_string != NULL) { + /* we are exec'ed by sshd2, so skip exchange of protocol version */ + strlcpy(buf, client_version_string, sizeof(buf)); + } else { + /* Send our protocol version identification. */ + snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", + PROTOCOL_MAJOR, PROTOCOL_MINOR, SSH_VERSION); + if (atomicio(write, sock_out, buf, strlen(buf)) != strlen(buf)) + fatal("Could not write ident string to %s.", get_remote_ipaddr()); + + /* Read other side\'s version identification. */ + for (i = 0; i < sizeof(buf) - 1; i++) { + if (read(sock_in, &buf[i], 1) != 1) + fatal("Did not receive ident string from %s.", get_remote_ipaddr()); + if (buf[i] == '\r') { + buf[i] = '\n'; + buf[i + 1] = 0; + break; + } + if (buf[i] == '\n') { + /* buf[i] == '\n' */ + buf[i + 1] = 0; + break; + } + } + buf[sizeof(buf) - 1] = 0; } - if (buf[i] == '\n') - { - /* buf[i] == '\n' */ - buf[i + 1] = 0; - break; - } - } - buf[sizeof(buf) - 1] = 0; - - /* Check that the versions match. In future this might accept several - versions and set appropriate flags to handle them. */ - if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor, - remote_version) != 3) - { - const char *s = "Protocol mismatch.\n"; - (void) write(sock_out, s, strlen(s)); - close(sock_in); - close(sock_out); - fatal("Bad protocol version identification: %.100s", buf); - } - debug("Client protocol version %d.%d; client software version %.100s", - remote_major, remote_minor, remote_version); - if (remote_major != PROTOCOL_MAJOR) - { - const char *s = "Protocol major versions differ.\n"; - (void) write(sock_out, s, strlen(s)); - close(sock_in); - close(sock_out); - fatal("Protocol major versions differ: %d vs. %d", - PROTOCOL_MAJOR, remote_major); - } - - /* Check that the client has sufficiently high software version. */ - if (remote_major == 1 && remote_minor < 3) - packet_disconnect("Your ssh version is too old and is no longer supported. Please install a newer version."); - - if (remote_major == 1 && remote_minor == 3) { - enable_compat13(); - if (strcmp(remote_version, "OpenSSH-1.1") != 0) { - debug("Agent forwarding disabled, remote version is not compatible."); - no_agent_forwarding_flag = 1; - } - } - - packet_set_nonblocking(); - - /* Handle the connection. We pass as argument whether the connection - came from a privileged port. */ - do_connection(get_remote_port() < IPPORT_RESERVED); + + /* + * Check that the versions match. In future this might accept + * several versions and set appropriate flags to handle them. + */ + if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor, + remote_version) != 3) { + char *s = "Protocol mismatch.\n"; + + (void) atomicio(write, sock_out, s, strlen(s)); + close(sock_in); + close(sock_out); + fatal("Bad protocol version identification '%.100s' from %s", + buf, get_remote_ipaddr()); + } + debug("Client protocol version %d.%d; client software version %.100s", + remote_major, remote_minor, remote_version); + if (remote_major != PROTOCOL_MAJOR) { + char *s = "Protocol major versions differ.\n"; + + (void) atomicio(write, sock_out, s, strlen(s)); + close(sock_in); + close(sock_out); + fatal("Protocol major versions differ for %s: %d vs. %d", + get_remote_ipaddr(), + PROTOCOL_MAJOR, remote_major); + } + /* Check that the client has sufficiently high software version. */ + if (remote_major == 1 && remote_minor < 3) + packet_disconnect("Your ssh version is too old and is no longer supported. Please install a newer version."); + + if (remote_major == 1 && remote_minor == 3) { + enable_compat13(); + if (strcmp(remote_version, "OpenSSH-1.1") != 0) { + debug("Agent forwarding disabled, remote version is not compatible."); + no_agent_forwarding_flag = 1; + } + } + /* + * Check that the connection comes from a privileged port. Rhosts- + * and Rhosts-RSA-Authentication only make sense from priviledged + * programs. Of course, if the intruder has root access on his local + * machine, he can connect from any port. So do not use these + * authentication methods from machines that you do not trust. + */ + if (remote_port >= IPPORT_RESERVED || + remote_port < IPPORT_RESERVED / 2) { + options.rhosts_authentication = 0; + options.rhosts_rsa_authentication = 0; + } + packet_set_nonblocking(); + + /* Handle the connection. */ + do_connection(); #ifdef KRB4 - /* Cleanup user's ticket cache file. */ - if (options.kerberos_ticket_cleanup) - (void) dest_tkt(); + /* Cleanup user's ticket cache file. */ + if (options.kerberos_ticket_cleanup) + (void) dest_tkt(); #endif /* KRB4 */ - - /* Cleanup user's local Xauthority file. */ - if (xauthfile) unlink(xauthfile); - /* The connection has been terminated. */ - log("Closing connection to %.100s", inet_ntoa(sin.sin_addr)); - packet_close(); - exit(0); + /* Cleanup user's local Xauthority file. */ + if (xauthfile) + unlink(xauthfile); + + /* The connection has been terminated. */ + verbose("Closing connection to %.100s", remote_ip); + packet_close(); + exit(0); } -/* Process an incoming connection. Protocol version identifiers have already - been exchanged. This sends server key and performs the key exchange. - Server and host keys will no longer be needed after this functions. */ - -void do_connection(int privileged_port) -{ - int i; - BIGNUM *session_key_int; - unsigned char session_key[SSH_SESSION_KEY_LENGTH]; - unsigned char check_bytes[8]; - char *user; - unsigned int cipher_type, auth_mask, protocol_flags; - int plen, slen; - u_int32_t rand = 0; - - /* Generate check bytes that the client must send back in the user packet - in order for it to be accepted; this is used to defy ip spoofing - attacks. Note that this only works against somebody doing IP spoofing - from a remote machine; any machine on the local network can still see - outgoing packets and catch the random cookie. This only affects - rhosts authentication, and this is one of the reasons why it is - inherently insecure. */ - for (i = 0; i < 8; i++) { - if (i % 4 == 0) - rand = arc4random(); - check_bytes[i] = rand & 0xff; - rand >>= 8; - } - - /* Send our public key. We include in the packet 64 bits of random - data that must be matched in the reply in order to prevent IP spoofing. */ - packet_start(SSH_SMSG_PUBLIC_KEY); - for (i = 0; i < 8; i++) - packet_put_char(check_bytes[i]); - - /* Store our public server RSA key. */ - packet_put_int(BN_num_bits(public_key->n)); - packet_put_bignum(public_key->e); - packet_put_bignum(public_key->n); - - /* Store our public host RSA key. */ - packet_put_int(BN_num_bits(sensitive_data.host_key->n)); - packet_put_bignum(sensitive_data.host_key->e); - packet_put_bignum(sensitive_data.host_key->n); - - /* Put protocol flags. */ - packet_put_int(SSH_PROTOFLAG_HOST_IN_FWD_OPEN); - - /* Declare which ciphers we support. */ - packet_put_int(cipher_mask()); - - /* Declare supported authentication types. */ - auth_mask = 0; - if (options.rhosts_authentication) - auth_mask |= 1 << SSH_AUTH_RHOSTS; - if (options.rhosts_rsa_authentication) - auth_mask |= 1 << SSH_AUTH_RHOSTS_RSA; - if (options.rsa_authentication) - auth_mask |= 1 << SSH_AUTH_RSA; +/* + * Process an incoming connection. Protocol version identifiers have already + * been exchanged. This sends server key and performs the key exchange. + * Server and host keys will no longer be needed after this functions. + */ +void +do_connection() +{ + int i, len; + BIGNUM *session_key_int; + unsigned char session_key[SSH_SESSION_KEY_LENGTH]; + unsigned char check_bytes[8]; + char *user; + unsigned int cipher_type, auth_mask, protocol_flags; + int plen, slen; + u_int32_t rand = 0; + + /* + * Generate check bytes that the client must send back in the user + * packet in order for it to be accepted; this is used to defy ip + * spoofing attacks. Note that this only works against somebody + * doing IP spoofing from a remote machine; any machine on the local + * network can still see outgoing packets and catch the random + * cookie. This only affects rhosts authentication, and this is one + * of the reasons why it is inherently insecure. + */ + for (i = 0; i < 8; i++) { + if (i % 4 == 0) + rand = arc4random(); + check_bytes[i] = rand & 0xff; + rand >>= 8; + } + + /* + * Send our public key. We include in the packet 64 bits of random + * data that must be matched in the reply in order to prevent IP + * spoofing. + */ + packet_start(SSH_SMSG_PUBLIC_KEY); + for (i = 0; i < 8; i++) + packet_put_char(check_bytes[i]); + + /* Store our public server RSA key. */ + packet_put_int(BN_num_bits(public_key->n)); + packet_put_bignum(public_key->e); + packet_put_bignum(public_key->n); + + /* Store our public host RSA key. */ + packet_put_int(BN_num_bits(sensitive_data.host_key->n)); + packet_put_bignum(sensitive_data.host_key->e); + packet_put_bignum(sensitive_data.host_key->n); + + /* Put protocol flags. */ + packet_put_int(SSH_PROTOFLAG_HOST_IN_FWD_OPEN); + + /* Declare which ciphers we support. */ + packet_put_int(cipher_mask()); + + /* Declare supported authentication types. */ + auth_mask = 0; + if (options.rhosts_authentication) + auth_mask |= 1 << SSH_AUTH_RHOSTS; + if (options.rhosts_rsa_authentication) + auth_mask |= 1 << SSH_AUTH_RHOSTS_RSA; + if (options.rsa_authentication) + auth_mask |= 1 << SSH_AUTH_RSA; #ifdef KRB4 - if (options.kerberos_authentication) - auth_mask |= 1 << SSH_AUTH_KERBEROS; + if (options.kerberos_authentication) + auth_mask |= 1 << SSH_AUTH_KERBEROS; #endif #ifdef AFS - if (options.kerberos_tgt_passing) - auth_mask |= 1 << SSH_PASS_KERBEROS_TGT; - if (options.afs_token_passing) - auth_mask |= 1 << SSH_PASS_AFS_TOKEN; + if (options.kerberos_tgt_passing) + auth_mask |= 1 << SSH_PASS_KERBEROS_TGT; + if (options.afs_token_passing) + auth_mask |= 1 << SSH_PASS_AFS_TOKEN; #endif - if (options.password_authentication) - auth_mask |= 1 << SSH_AUTH_PASSWORD; - packet_put_int(auth_mask); - - /* Send the packet and wait for it to be sent. */ - packet_send(); - packet_write_wait(); - - debug("Sent %d bit public key and %d bit host key.", - BN_num_bits(public_key->n), BN_num_bits(sensitive_data.host_key->n)); - - /* Read clients reply (cipher type and session key). */ - packet_read_expect(&plen, SSH_CMSG_SESSION_KEY); - - /* Get cipher type. */ - cipher_type = packet_get_char(); - - /* Get check bytes from the packet. These must match those we sent earlier - with the public key packet. */ - for (i = 0; i < 8; i++) - if (check_bytes[i] != packet_get_char()) - packet_disconnect("IP Spoofing check bytes do not match."); - - debug("Encryption type: %.200s", cipher_name(cipher_type)); - - /* Get the encrypted integer. */ - session_key_int = BN_new(); - packet_get_bignum(session_key_int, &slen); - - /* Get protocol flags. */ - protocol_flags = packet_get_int(); - packet_set_protocol_flags(protocol_flags); - - packet_integrity_check(plen, 1 + 8 + slen + 4, SSH_CMSG_SESSION_KEY); - - /* Decrypt it using our private server key and private host key (key with - larger modulus first). */ - if (BN_cmp(sensitive_data.private_key->n, sensitive_data.host_key->n) > 0) - { - /* Private key has bigger modulus. */ - assert(BN_num_bits(sensitive_data.private_key->n) >= - BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED); - rsa_private_decrypt(session_key_int, session_key_int, - sensitive_data.private_key); - rsa_private_decrypt(session_key_int, session_key_int, - sensitive_data.host_key); - } - else - { - /* Host key has bigger modulus (or they are equal). */ - assert(BN_num_bits(sensitive_data.host_key->n) >= - BN_num_bits(sensitive_data.private_key->n) + - SSH_KEY_BITS_RESERVED); - rsa_private_decrypt(session_key_int, session_key_int, - sensitive_data.host_key); - rsa_private_decrypt(session_key_int, session_key_int, - sensitive_data.private_key); - } - - /* Compute session id for this session. */ - compute_session_id(session_id, check_bytes, - BN_num_bits(sensitive_data.host_key->n), - sensitive_data.host_key->n, - BN_num_bits(sensitive_data.private_key->n), - sensitive_data.private_key->n); - - /* Extract session key from the decrypted integer. The key is in the - least significant 256 bits of the integer; the first byte of the - key is in the highest bits. */ - BN_mask_bits(session_key_int, sizeof(session_key) * 8); - assert(BN_num_bytes(session_key_int) == sizeof(session_key)); - BN_bn2bin(session_key_int, session_key); - - /* Xor the first 16 bytes of the session key with the session id. */ - for (i = 0; i < 16; i++) - session_key[i] ^= session_id[i]; - - /* Destroy the decrypted integer. It is no longer needed. */ - BN_clear_free(session_key_int); - - /* Set the session key. From this on all communications will be - encrypted. */ - packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, - cipher_type, 0); - - /* Destroy our copy of the session key. It is no longer needed. */ - memset(session_key, 0, sizeof(session_key)); - - debug("Received session key; encryption turned on."); - - /* Send an acknowledgement packet. Note that this packet is sent - encrypted. */ - packet_start(SSH_SMSG_SUCCESS); - packet_send(); - packet_write_wait(); - - /* Get the name of the user that we wish to log in as. */ - packet_read_expect(&plen, SSH_CMSG_USER); - - /* Get the user name. */ - { - int ulen; - user = packet_get_string(&ulen); - packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); - } - - /* Destroy the private and public keys. They will no longer be needed. */ - RSA_free(public_key); - RSA_free(sensitive_data.private_key); - RSA_free(sensitive_data.host_key); - - setproctitle("%s", user); - /* Do the authentication. */ - do_authentication(user, privileged_port); -} +#ifdef SKEY + if (options.skey_authentication == 1) + auth_mask |= 1 << SSH_AUTH_TIS; +#endif + if (options.password_authentication) + auth_mask |= 1 << SSH_AUTH_PASSWORD; + packet_put_int(auth_mask); + + /* Send the packet and wait for it to be sent. */ + packet_send(); + packet_write_wait(); + + debug("Sent %d bit public key and %d bit host key.", + BN_num_bits(public_key->n), BN_num_bits(sensitive_data.host_key->n)); + + /* Read clients reply (cipher type and session key). */ + packet_read_expect(&plen, SSH_CMSG_SESSION_KEY); + + /* Get cipher type and check whether we accept this. */ + cipher_type = packet_get_char(); + + if (!(cipher_mask() & (1 << cipher_type))) + packet_disconnect("Warning: client selects unsupported cipher."); + + /* Get check bytes from the packet. These must match those we + sent earlier with the public key packet. */ + for (i = 0; i < 8; i++) + if (check_bytes[i] != packet_get_char()) + packet_disconnect("IP Spoofing check bytes do not match."); + + debug("Encryption type: %.200s", cipher_name(cipher_type)); + + /* Get the encrypted integer. */ + session_key_int = BN_new(); + packet_get_bignum(session_key_int, &slen); + + protocol_flags = packet_get_int(); + packet_set_protocol_flags(protocol_flags); + + packet_integrity_check(plen, 1 + 8 + slen + 4, SSH_CMSG_SESSION_KEY); + + /* + * Decrypt it using our private server key and private host key (key + * with larger modulus first). + */ + if (BN_cmp(sensitive_data.private_key->n, sensitive_data.host_key->n) > 0) { + /* Private key has bigger modulus. */ + if (BN_num_bits(sensitive_data.private_key->n) < + BN_num_bits(sensitive_data.host_key->n) + SSH_KEY_BITS_RESERVED) { + fatal("do_connection: %s: private_key %d < host_key %d + SSH_KEY_BITS_RESERVED %d", + get_remote_ipaddr(), + BN_num_bits(sensitive_data.private_key->n), + BN_num_bits(sensitive_data.host_key->n), + SSH_KEY_BITS_RESERVED); + } + rsa_private_decrypt(session_key_int, session_key_int, + sensitive_data.private_key); + rsa_private_decrypt(session_key_int, session_key_int, + sensitive_data.host_key); + } else { + /* Host key has bigger modulus (or they are equal). */ + if (BN_num_bits(sensitive_data.host_key->n) < + BN_num_bits(sensitive_data.private_key->n) + SSH_KEY_BITS_RESERVED) { + fatal("do_connection: %s: host_key %d < private_key %d + SSH_KEY_BITS_RESERVED %d", + get_remote_ipaddr(), + BN_num_bits(sensitive_data.host_key->n), + BN_num_bits(sensitive_data.private_key->n), + SSH_KEY_BITS_RESERVED); + } + rsa_private_decrypt(session_key_int, session_key_int, + sensitive_data.host_key); + rsa_private_decrypt(session_key_int, session_key_int, + sensitive_data.private_key); + } -/* Check if the user is allowed to log in via ssh. If user is listed in - DenyUsers or user's primary group is listed in DenyGroups, false will - be returned. If AllowUsers isn't empty and user isn't listed there, or - if AllowGroups isn't empty and user isn't listed there, false will be - returned. Otherwise true is returned. - XXX This function should also check if user has a valid shell */ + compute_session_id(session_id, check_bytes, + sensitive_data.host_key->n, + sensitive_data.private_key->n); + + /* + * Extract session key from the decrypted integer. The key is in the + * least significant 256 bits of the integer; the first byte of the + * key is in the highest bits. + */ + BN_mask_bits(session_key_int, sizeof(session_key) * 8); + len = BN_num_bytes(session_key_int); + if (len < 0 || len > sizeof(session_key)) + fatal("do_connection: bad len from %s: session_key_int %d > sizeof(session_key) %d", + get_remote_ipaddr(), + len, sizeof(session_key)); + memset(session_key, 0, sizeof(session_key)); + BN_bn2bin(session_key_int, session_key + sizeof(session_key) - len); + + /* Xor the first 16 bytes of the session key with the session id. */ + for (i = 0; i < 16; i++) + session_key[i] ^= session_id[i]; + + /* Destroy the decrypted integer. It is no longer needed. */ + BN_clear_free(session_key_int); + + /* Set the session key. From this on all communications will be encrypted. */ + packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, cipher_type); + + /* Destroy our copy of the session key. It is no longer needed. */ + memset(session_key, 0, sizeof(session_key)); + + debug("Received session key; encryption turned on."); + + /* Send an acknowledgement packet. Note that this packet is sent encrypted. */ + packet_start(SSH_SMSG_SUCCESS); + packet_send(); + packet_write_wait(); -static int -allowed_user(struct passwd *pw) -{ - struct group *grp; - int i; + /* Get the name of the user that we wish to log in as. */ + packet_read_expect(&plen, SSH_CMSG_USER); - /* Shouldn't be called if pw is NULL, but better safe than sorry... */ - if (!pw) - return 0; - - /* XXX Should check for valid login shell */ - - /* Return false if user is listed in DenyUsers */ - if (options.num_deny_users > 0) - { - if (!pw->pw_name) - return 0; - for (i = 0; i < options.num_deny_users; i++) - if (match_pattern(pw->pw_name, options.deny_users[i])) - return 0; - } - - /* Return false if AllowUsers isn't empty and user isn't listed there */ - if (options.num_allow_users > 0) - { - if (!pw->pw_name) - return 0; - for (i = 0; i < options.num_allow_users; i++) - if (match_pattern(pw->pw_name, options.allow_users[i])) - break; - /* i < options.num_allow_users iff we break for loop */ - if (i >= options.num_allow_users) - return 0; - } - - /* Get the primary group name if we need it. Return false if it fails */ - if (options.num_deny_groups > 0 || options.num_allow_groups > 0 ) - { - grp = getgrgid(pw->pw_gid); - if (!grp) - return 0; - - /* Return false if user's group is listed in DenyGroups */ - if (options.num_deny_groups > 0) - { - if (!grp->gr_name) - return 0; - for (i = 0; i < options.num_deny_groups; i++) - if (match_pattern(grp->gr_name, options.deny_groups[i])) - return 0; - } - - /* Return false if AllowGroups isn't empty and user's group isn't - listed there */ - if (options.num_allow_groups > 0) - { - if (!grp->gr_name) - return 0; - for (i = 0; i < options.num_allow_groups; i++) - if (match_pattern(grp->gr_name, options.allow_groups[i])) - break; - /* i < options.num_allow_groups iff we break for loop */ - if (i >= options.num_allow_groups) - return 0; - } - } + /* Get the user name. */ + { + int ulen; + user = packet_get_string(&ulen); + packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); + } - /* We found no reason not to let this user try to log on... */ - return 1; + /* Destroy the private and public keys. They will no longer be needed. */ + RSA_free(public_key); + RSA_free(sensitive_data.private_key); + RSA_free(sensitive_data.host_key); + + setproctitle("%s", user); + /* Do the authentication. */ + do_authentication(user); } -/* Performs authentication of an incoming connection. Session key has already - been exchanged and encryption is enabled. User is the user name to log - in as (received from the clinet). Privileged_port is true if the - connection comes from a privileged port (used for .rhosts authentication).*/ +/* + * Check if the user is allowed to log in via ssh. If user is listed in + * DenyUsers or user's primary group is listed in DenyGroups, false will + * be returned. If AllowUsers isn't empty and user isn't listed there, or + * if AllowGroups isn't empty and user isn't listed there, false will be + * returned. Otherwise true is returned. + * XXX This function should also check if user has a valid shell + */ +static int +allowed_user(struct passwd * pw) +{ + struct group *grp; + int i; -#define MAX_AUTH_FAILURES 5 + /* Shouldn't be called if pw is NULL, but better safe than sorry... */ + if (!pw) + return 0; + + /* XXX Should check for valid login shell */ + + /* Return false if user is listed in DenyUsers */ + if (options.num_deny_users > 0) { + if (!pw->pw_name) + return 0; + for (i = 0; i < options.num_deny_users; i++) + if (match_pattern(pw->pw_name, options.deny_users[i])) + return 0; + } + /* Return false if AllowUsers isn't empty and user isn't listed there */ + if (options.num_allow_users > 0) { + if (!pw->pw_name) + return 0; + for (i = 0; i < options.num_allow_users; i++) + if (match_pattern(pw->pw_name, options.allow_users[i])) + break; + /* i < options.num_allow_users iff we break for loop */ + if (i >= options.num_allow_users) + return 0; + } + /* Get the primary group name if we need it. Return false if it fails */ + if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { + grp = getgrgid(pw->pw_gid); + if (!grp) + return 0; + + /* Return false if user's group is listed in DenyGroups */ + if (options.num_deny_groups > 0) { + if (!grp->gr_name) + return 0; + for (i = 0; i < options.num_deny_groups; i++) + if (match_pattern(grp->gr_name, options.deny_groups[i])) + return 0; + } + /* + * Return false if AllowGroups isn't empty and user's group + * isn't listed there + */ + if (options.num_allow_groups > 0) { + if (!grp->gr_name) + return 0; + for (i = 0; i < options.num_allow_groups; i++) + if (match_pattern(grp->gr_name, options.allow_groups[i])) + break; + /* i < options.num_allow_groups iff we break for + loop */ + if (i >= options.num_allow_groups) + return 0; + } + } + /* We found no reason not to let this user try to log on... */ + return 1; +} +/* + * Performs authentication of an incoming connection. Session key has already + * been exchanged and encryption is enabled. User is the user name to log + * in as (received from the client). + */ void -do_authentication(char *user, int privileged_port) +do_authentication(char *user) { - int type; - int authenticated = 0; - int authentication_failures = 0; - char *password; - struct passwd *pw, pwcopy; - char *client_user; - unsigned int client_host_key_bits; - BIGNUM *client_host_key_e, *client_host_key_n; - + struct passwd *pw, pwcopy; + #ifdef AFS - /* If machine has AFS, set process authentication group. */ - if (k_hasafs()) { - k_setpag(); - k_unlog(); - } + /* If machine has AFS, set process authentication group. */ + if (k_hasafs()) { + k_setpag(); + k_unlog(); + } #endif /* AFS */ - - /* Verify that the user is a valid user. */ - pw = getpwnam(user); - if (!pw || !allowed_user(pw)) - { - /* The user does not exist or access is denied, - but fake indication that authentication is needed. */ - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - - /* Keep reading packets, and always respond with a failure. This is to - avoid disclosing whether such a user really exists. */ - for (;;) - { - /* Read a packet. This will not return if the client disconnects. */ - int plen; - int type = packet_read(&plen); -#ifdef SKEY - int passw_len; - char *password, *skeyinfo; - if (options.password_authentication && - options.skey_authentication == 1 && - type == SSH_CMSG_AUTH_PASSWORD && - (password = packet_get_string(&passw_len)) != NULL && - passw_len == 5 && - strncasecmp(password, "s/key", 5) == 0 && - (skeyinfo = skey_fake_keyinfo(user)) != NULL ){ - /* Send a fake s/key challenge. */ - packet_send_debug(skeyinfo); - } -#endif - /* Send failure. This should be indistinguishable from a failed - authentication. */ - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - if (++authentication_failures >= MAX_AUTH_FAILURES) { - packet_disconnect("To many authentication failures for %.100s from %.200s", - user, get_canonical_hostname()); - } - } - /*NOTREACHED*/ - abort(); - } - - /* Take a copy of the returned structure. */ - memset(&pwcopy, 0, sizeof(pwcopy)); - pwcopy.pw_name = xstrdup(pw->pw_name); - pwcopy.pw_passwd = xstrdup(pw->pw_passwd); - pwcopy.pw_uid = pw->pw_uid; - pwcopy.pw_gid = pw->pw_gid; - pwcopy.pw_dir = xstrdup(pw->pw_dir); - pwcopy.pw_shell = xstrdup(pw->pw_shell); - pw = &pwcopy; - - /* If we are not running as root, the user must have the same uid as the - server. */ - if (getuid() != 0 && pw->pw_uid != getuid()) - packet_disconnect("Cannot change user when server not running as root."); + + /* Verify that the user is a valid user. */ + pw = getpwnam(user); + if (!pw || !allowed_user(pw)) + do_fake_authloop(user); + + /* Take a copy of the returned structure. */ + memset(&pwcopy, 0, sizeof(pwcopy)); + pwcopy.pw_name = xstrdup(pw->pw_name); + pwcopy.pw_passwd = xstrdup(pw->pw_passwd); + pwcopy.pw_uid = pw->pw_uid; + pwcopy.pw_gid = pw->pw_gid; + pwcopy.pw_dir = xstrdup(pw->pw_dir); + pwcopy.pw_shell = xstrdup(pw->pw_shell); + pw = &pwcopy; + + /* + * If we are not running as root, the user must have the same uid as + * the server. + */ + if (getuid() != 0 && pw->pw_uid != getuid()) + packet_disconnect("Cannot change user when server not running as root."); - debug("Attempting authentication for %.100s.", user); + debug("Attempting authentication for %.100s.", user); - /* If the user has no password, accept authentication immediately. */ - if (options.password_authentication && + /* If the user has no password, accept authentication immediately. */ + if (options.password_authentication && #ifdef KRB4 - (!options.kerberos_authentication || options.kerberos_or_local_passwd) && + (!options.kerberos_authentication || options.kerberos_or_local_passwd) && #endif /* KRB4 */ - auth_password(pw, "")) - { - /* Authentication with empty password succeeded. */ - debug("Login for user %.100s accepted without authentication.", user); - /* authentication_type = SSH_AUTH_PASSWORD; */ - authenticated = 1; - /* Success packet will be sent after loop below. */ - } - else - { - /* Indicate that authentication is needed. */ - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - } - - /* Loop until the user has been authenticated or the connection is closed. */ - while (!authenticated) - { - int plen; - /* Get a packet from the client. */ - type = packet_read(&plen); - - /* Process the packet. */ - switch (type) - { + auth_password(pw, "")) { + /* Authentication with empty password succeeded. */ + log("Login for user %s from %.100s, accepted without authentication.", + pw->pw_name, get_remote_ipaddr()); + } else { + /* Loop until the user has been authenticated or the + connection is closed, do_authloop() returns only if + authentication is successfull */ + do_authloop(pw); + } + /* Check if the user is logging in as root and root logins are disallowed. */ + if (pw->pw_uid == 0 && !options.permit_root_login) { + if (forced_command) + log("Root login accepted for forced command."); + else + packet_disconnect("ROOT LOGIN REFUSED FROM %.200s", + get_canonical_hostname()); + } + /* The user has been authenticated and accepted. */ + packet_start(SSH_SMSG_SUCCESS); + packet_send(); + packet_write_wait(); + + /* Perform session preparation. */ + do_authenticated(pw); +} + +#define AUTH_FAIL_MAX 6 +#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2) +#define AUTH_FAIL_MSG "Too many authentication failures for %.100s" + +/* + * read packets and try to authenticate local user *pw. + * return if authentication is successfull + */ +void +do_authloop(struct passwd * pw) +{ + int attempt = 0; + unsigned int bits; + BIGNUM *client_host_key_e, *client_host_key_n; + BIGNUM *n; + char *client_user, *password; + char user[1024]; + int plen, dlen, nlen, ulen, elen; + int type = 0; + void (*authlog) (const char *fmt,...) = verbose; + + /* Indicate that authentication is needed. */ + packet_start(SSH_SMSG_FAILURE); + packet_send(); + packet_write_wait(); + + for (attempt = 1;; attempt++) { + int authenticated = 0; + strlcpy(user, "", sizeof user); + + /* Get a packet from the client. */ + type = packet_read(&plen); + + /* Process the packet. */ + switch (type) { #ifdef AFS - case SSH_CMSG_HAVE_KERBEROS_TGT: - if (!options.kerberos_tgt_passing) - { - /* packet_get_all(); */ - log("Kerberos tgt passing disabled."); - break; - } - else { - /* Accept Kerberos tgt. */ - int dlen; - char *tgt = packet_get_string(&dlen); - packet_integrity_check(plen, 4 + dlen, type); - if (!auth_kerberos_tgt(pw, tgt)) - debug("Kerberos tgt REFUSED for %s", user); - xfree(tgt); - } - continue; - - case SSH_CMSG_HAVE_AFS_TOKEN: - if (!options.afs_token_passing || !k_hasafs()) { - /* packet_get_all(); */ - log("AFS token passing disabled."); - break; - } - else { - /* Accept AFS token. */ - int dlen; - char *token_string = packet_get_string(&dlen); - packet_integrity_check(plen, 4 + dlen, type); - if (!auth_afs_token(user, pw->pw_uid, token_string)) - debug("AFS token REFUSED for %s", user); - xfree(token_string); - continue; - } + case SSH_CMSG_HAVE_KERBEROS_TGT: + if (!options.kerberos_tgt_passing) { + /* packet_get_all(); */ + verbose("Kerberos tgt passing disabled."); + break; + } else { + /* Accept Kerberos tgt. */ + char *tgt = packet_get_string(&dlen); + packet_integrity_check(plen, 4 + dlen, type); + if (!auth_kerberos_tgt(pw, tgt)) + verbose("Kerberos tgt REFUSED for %s", pw->pw_name); + xfree(tgt); + } + continue; + + case SSH_CMSG_HAVE_AFS_TOKEN: + if (!options.afs_token_passing || !k_hasafs()) { + /* packet_get_all(); */ + verbose("AFS token passing disabled."); + break; + } else { + /* Accept AFS token. */ + char *token_string = packet_get_string(&dlen); + packet_integrity_check(plen, 4 + dlen, type); + if (!auth_afs_token(pw, token_string)) + verbose("AFS token REFUSED for %s", pw->pw_name); + xfree(token_string); + } + continue; #endif /* AFS */ - #ifdef KRB4 - case SSH_CMSG_AUTH_KERBEROS: - if (!options.kerberos_authentication) - { - /* packet_get_all(); */ - log("Kerberos authentication disabled."); - break; - } - else { - /* Try Kerberos v4 authentication. */ - KTEXT_ST auth; - char *tkt_user = NULL; - char *kdata = packet_get_string((unsigned int *)&auth.length); - packet_integrity_check(plen, 4 + auth.length, type); - - if (auth.length < MAX_KTXT_LEN) - memcpy(auth.dat, kdata, auth.length); - xfree(kdata); - - if (auth_krb4(user, &auth, &tkt_user)) { - /* Client has successfully authenticated to us. */ - log("Kerberos authentication accepted %s for account " - "%s from %s", tkt_user, user, get_canonical_hostname()); - /* authentication_type = SSH_AUTH_KERBEROS; */ - authenticated = 1; - xfree(tkt_user); - } - else { - log("Kerberos authentication failed for account " - "%s from %s", user, get_canonical_hostname()); - } - } - break; + case SSH_CMSG_AUTH_KERBEROS: + if (!options.kerberos_authentication) { + /* packet_get_all(); */ + verbose("Kerberos authentication disabled."); + break; + } else { + /* Try Kerberos v4 authentication. */ + KTEXT_ST auth; + char *tkt_user = NULL; + char *kdata = packet_get_string((unsigned int *) &auth.length); + packet_integrity_check(plen, 4 + auth.length, type); + + if (auth.length < MAX_KTXT_LEN) + memcpy(auth.dat, kdata, auth.length); + xfree(kdata); + + authenticated = auth_krb4(pw->pw_name, &auth, &tkt_user); + + if (authenticated) { + snprintf(user, sizeof user, " tktuser %s", tkt_user); + xfree(tkt_user); + } + } + break; #endif /* KRB4 */ - - case SSH_CMSG_AUTH_RHOSTS: - if (!options.rhosts_authentication) - { - log("Rhosts authentication disabled."); - break; - } - - /* Rhosts authentication (also uses /etc/hosts.equiv). */ - if (!privileged_port) - { - log("Rhosts authentication not available for connections from unprivileged port."); - break; - } - - /* Get client user name. Note that we just have to trust the client; - this is one reason why rhosts authentication is insecure. - (Another is IP-spoofing on a local network.) */ - { - int dlen; - client_user = packet_get_string(&dlen); - packet_integrity_check(plen, 4 + dlen, type); - } - - /* Try to authenticate using /etc/hosts.equiv and .rhosts. */ - if (auth_rhosts(pw, client_user, options.ignore_rhosts, - options.strict_modes)) - { - /* Authentication accepted. */ - log("Rhosts authentication accepted for %.100s, remote %.100s on %.700s.", - user, client_user, get_canonical_hostname()); - authenticated = 1; - xfree(client_user); - break; - } - log("Rhosts authentication failed for %.100s, remote %.100s.", - user, client_user); - xfree(client_user); - break; - case SSH_CMSG_AUTH_RHOSTS_RSA: - if (!options.rhosts_rsa_authentication) - { - log("Rhosts with RSA authentication disabled."); - break; - } - - /* Rhosts authentication (also uses /etc/hosts.equiv) with RSA - host authentication. */ - if (!privileged_port) - { - log("Rhosts authentication not available for connections from unprivileged port."); - break; - } - - { - int ulen, elen, nlen; - /* Get client user name. Note that we just have to trust - the client; root on the client machine can claim to be - any user. */ - client_user = packet_get_string(&ulen); - - /* Get the client host key. */ - client_host_key_e = BN_new(); - client_host_key_n = BN_new(); - client_host_key_bits = packet_get_int(); - packet_get_bignum(client_host_key_e, &elen); - packet_get_bignum(client_host_key_n, &nlen); - - packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type); - } - - /* Try to authenticate using /etc/hosts.equiv and .rhosts. */ - if (auth_rhosts_rsa(pw, client_user, - client_host_key_bits, client_host_key_e, - client_host_key_n, options.ignore_rhosts, - options.strict_modes)) - { - /* Authentication accepted. */ - authenticated = 1; - xfree(client_user); - BN_clear_free(client_host_key_e); - BN_clear_free(client_host_key_n); - break; - } - log("Rhosts authentication failed for %.100s, remote %.100s.", - user, client_user); - xfree(client_user); - BN_clear_free(client_host_key_e); - BN_clear_free(client_host_key_n); - break; - - case SSH_CMSG_AUTH_RSA: - if (!options.rsa_authentication) - { - log("RSA authentication disabled."); - break; - } - - /* RSA authentication requested. */ - { - int nlen; - BIGNUM *n; - n = BN_new(); - packet_get_bignum(n, &nlen); - - packet_integrity_check(plen, nlen, type); - - if (auth_rsa(pw, n, options.strict_modes)) - { - /* Successful authentication. */ - BN_clear_free(n); - log("RSA authentication for %.100s accepted.", user); - authenticated = 1; - break; - } - BN_clear_free(n); - log("RSA authentication for %.100s failed.", user); - } - break; + case SSH_CMSG_AUTH_RHOSTS: + if (!options.rhosts_authentication) { + verbose("Rhosts authentication disabled."); + break; + } + /* + * Get client user name. Note that we just have to + * trust the client; this is one reason why rhosts + * authentication is insecure. (Another is + * IP-spoofing on a local network.) + */ + client_user = packet_get_string(&ulen); + packet_integrity_check(plen, 4 + ulen, type); + + /* Try to authenticate using /etc/hosts.equiv and + .rhosts. */ + authenticated = auth_rhosts(pw, client_user); + + snprintf(user, sizeof user, " ruser %s", client_user); + xfree(client_user); + break; + + case SSH_CMSG_AUTH_RHOSTS_RSA: + if (!options.rhosts_rsa_authentication) { + verbose("Rhosts with RSA authentication disabled."); + break; + } + /* + * Get client user name. Note that we just have to + * trust the client; root on the client machine can + * claim to be any user. + */ + client_user = packet_get_string(&ulen); + + /* Get the client host key. */ + client_host_key_e = BN_new(); + client_host_key_n = BN_new(); + bits = packet_get_int(); + packet_get_bignum(client_host_key_e, &elen); + packet_get_bignum(client_host_key_n, &nlen); + + if (bits != BN_num_bits(client_host_key_n)) + error("Warning: keysize mismatch for client_host_key: " + "actual %d, announced %d", BN_num_bits(client_host_key_n), bits); + packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type); + + authenticated = auth_rhosts_rsa(pw, client_user, + client_host_key_e, client_host_key_n); + BN_clear_free(client_host_key_e); + BN_clear_free(client_host_key_n); + + snprintf(user, sizeof user, " ruser %s", client_user); + xfree(client_user); + break; + + case SSH_CMSG_AUTH_RSA: + if (!options.rsa_authentication) { + verbose("RSA authentication disabled."); + break; + } + /* RSA authentication requested. */ + n = BN_new(); + packet_get_bignum(n, &nlen); + packet_integrity_check(plen, nlen, type); + authenticated = auth_rsa(pw, n); + BN_clear_free(n); + break; + + case SSH_CMSG_AUTH_PASSWORD: + if (!options.password_authentication) { + verbose("Password authentication disabled."); + break; + } + /* + * Read user password. It is in plain text, but was + * transmitted over the encrypted channel so it is + * not visible to an outside observer. + */ + password = packet_get_string(&dlen); + packet_integrity_check(plen, 4 + dlen, type); + + /* Try authentication with the password. */ + authenticated = auth_password(pw, password); + + memset(password, 0, strlen(password)); + xfree(password); + break; - case SSH_CMSG_AUTH_PASSWORD: - if (!options.password_authentication) - { - log("Password authentication disabled."); - break; - } - - /* Password authentication requested. */ - /* Read user password. It is in plain text, but was transmitted - over the encrypted channel so it is not visible to an outside - observer. */ - { - int passw_len; - password = packet_get_string(&passw_len); - packet_integrity_check(plen, 4 + passw_len, type); - } - - /* Try authentication with the password. */ - if (auth_password(pw, password)) - { - /* Successful authentication. */ - /* Clear the password from memory. */ - memset(password, 0, strlen(password)); - xfree(password); - log("Password authentication for %.100s accepted.", user); - authenticated = 1; - break; - } - log("Password authentication for %.100s failed.", user); - memset(password, 0, strlen(password)); - xfree(password); - break; - - case SSH_CMSG_AUTH_TIS: - /* TIS Authentication is unsupported */ - log("TIS authentication disabled."); - break; - - default: - /* Any unknown messages will be ignored (and failure returned) - during authentication. */ - log("Unknown message during authentication: type %d", type); - break; /* Respond with a failure message. */ - } - /* If successfully authenticated, break out of loop. */ - if (authenticated) - break; - - /* Send a message indicating that the authentication attempt failed. */ - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - - if (++authentication_failures >= MAX_AUTH_FAILURES) { - packet_disconnect("To many authentication failures for %.100s from %.200s", - pw->pw_name, get_canonical_hostname()); - } - } - - /* Check if the user is logging in as root and root logins are disallowed. */ - if (pw->pw_uid == 0 && !options.permit_root_login) - { - if (forced_command) - log("Root login accepted for forced command.", forced_command); - else - packet_disconnect("ROOT LOGIN REFUSED FROM %.200s", - get_canonical_hostname()); - } - - /* The user has been authenticated and accepted. */ - packet_start(SSH_SMSG_SUCCESS); - packet_send(); - packet_write_wait(); +#ifdef SKEY + case SSH_CMSG_AUTH_TIS: + debug("rcvd SSH_CMSG_AUTH_TIS"); + if (options.skey_authentication == 1) { + char *skeyinfo = skey_keyinfo(pw->pw_name); + if (skeyinfo == NULL) { + debug("generating fake skeyinfo for %.100s.", pw->pw_name); + skeyinfo = skey_fake_keyinfo(pw->pw_name); + } + if (skeyinfo != NULL) { + /* we send our s/key- in tis-challenge messages */ + debug("sending challenge '%s'", skeyinfo); + packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); + packet_put_string(skeyinfo, strlen(skeyinfo)); + packet_send(); + packet_write_wait(); + continue; + } + } + break; + case SSH_CMSG_AUTH_TIS_RESPONSE: + debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE"); + if (options.skey_authentication == 1) { + char *response = packet_get_string(&dlen); + debug("skey response == '%s'", response); + packet_integrity_check(plen, 4 + dlen, type); + authenticated = (skey_haskey(pw->pw_name) == 0 && + skey_passcheck(pw->pw_name, response) != -1); + xfree(response); + } + break; +#else + case SSH_CMSG_AUTH_TIS: + /* TIS Authentication is unsupported */ + log("TIS authentication unsupported."); + break; +#endif + + default: + /* + * Any unknown messages will be ignored (and failure + * returned) during authentication. + */ + log("Unknown message during authentication: type %d", type); + break; + } - /* Perform session preparation. */ - do_authenticated(pw); + /* Raise logging level */ + if (authenticated || + attempt == AUTH_FAIL_LOG || + type == SSH_CMSG_AUTH_PASSWORD) + authlog = log; + + authlog("%s %s for %.200s from %.200s port %d%s", + authenticated ? "Accepted" : "Failed", + get_authname(type), + pw->pw_uid == 0 ? "ROOT" : pw->pw_name, + get_remote_ipaddr(), + get_remote_port(), + user); + + if (authenticated) + return; + + if (attempt > AUTH_FAIL_MAX) + packet_disconnect(AUTH_FAIL_MSG, pw->pw_name); + + /* Send a message indicating that the authentication attempt failed. */ + packet_start(SSH_SMSG_FAILURE); + packet_send(); + packet_write_wait(); + } } -/* Prepares for an interactive session. This is called after the user has - been successfully authenticated. During this message exchange, pseudo - terminals are allocated, X11, TCP/IP, and authentication agent forwardings - are requested, etc. */ - -void do_authenticated(struct passwd *pw) -{ - int type; - int compression_level = 0, enable_compression_after_reply = 0; - int have_pty = 0, ptyfd = -1, ttyfd = -1, xauthfd = -1; - int row, col, xpixel, ypixel, screen; - char ttyname[64]; - char *command, *term = NULL, *display = NULL, *proto = NULL, *data = NULL; - struct group *grp; - gid_t tty_gid; - mode_t tty_mode; - int n_bytes; - - /* Cancel the alarm we set to limit the time taken for authentication. */ - alarm(0); - - /* Inform the channel mechanism that we are the server side and that - the client may request to connect to any port at all. (The user could - do it anyway, and we wouldn\'t know what is permitted except by the - client telling us, so we can equally well trust the client not to request - anything bogus.) */ - channel_permit_all_opens(); - - /* We stay in this loop until the client requests to execute a shell or a - command. */ - while (1) - { - int plen, dlen; - - /* Get a packet from the client. */ - type = packet_read(&plen); - - /* Process the packet. */ - switch (type) - { - case SSH_CMSG_REQUEST_COMPRESSION: - packet_integrity_check(plen, 4, type); - compression_level = packet_get_int(); - if (compression_level < 1 || compression_level > 9) - { - packet_send_debug("Received illegal compression level %d.", - compression_level); - goto fail; - } - /* Enable compression after we have responded with SUCCESS. */ - enable_compression_after_reply = 1; - break; - - case SSH_CMSG_REQUEST_PTY: - if (no_pty_flag) - { - debug("Allocating a pty not permitted for this authentication."); - goto fail; - } - if (have_pty) - packet_disconnect("Protocol error: you already have a pty."); - - debug("Allocating pty."); - - /* Allocate a pty and open it. */ - if (!pty_allocate(&ptyfd, &ttyfd, ttyname)) - { - error("Failed to allocate pty."); - goto fail; - } - - /* Determine the group to make the owner of the tty. */ - grp = getgrnam("tty"); - if (grp) - { - tty_gid = grp->gr_gid; - tty_mode = S_IRUSR|S_IWUSR|S_IWGRP; - } - else - { - tty_gid = pw->pw_gid; - tty_mode = S_IRUSR|S_IWUSR|S_IWGRP|S_IWOTH; - } - - /* Change ownership of the tty. */ - if (chown(ttyname, pw->pw_uid, tty_gid) < 0) - fatal("chown(%.100s, %d, %d) failed: %.100s", - ttyname, pw->pw_uid, tty_gid, strerror(errno)); - if (chmod(ttyname, tty_mode) < 0) - fatal("chmod(%.100s, 0%o) failed: %.100s", - ttyname, tty_mode, strerror(errno)); - - /* Get TERM from the packet. Note that the value may be of arbitrary - length. */ - - term = packet_get_string(&dlen); - packet_integrity_check(dlen, strlen(term), type); - /* packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type); */ - /* Remaining bytes */ - n_bytes = plen - (4 + dlen + 4*4); - - if (strcmp(term, "") == 0) - term = NULL; - - /* Get window size from the packet. */ - row = packet_get_int(); - col = packet_get_int(); - xpixel = packet_get_int(); - ypixel = packet_get_int(); - pty_change_window_size(ptyfd, row, col, xpixel, ypixel); - - /* Get tty modes from the packet. */ - tty_parse_modes(ttyfd, &n_bytes); - packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type); - - /* Indicate that we now have a pty. */ - have_pty = 1; - break; - - case SSH_CMSG_X11_REQUEST_FORWARDING: - if (!options.x11_forwarding) - { - packet_send_debug("X11 forwarding disabled in server configuration file."); - goto fail; - } +/* + * The user does not exist or access is denied, + * but fake indication that authentication is needed. + */ +void +do_fake_authloop(char *user) +{ + int attempt = 0; + + log("Faking authloop for illegal user %.200s from %.200s port %d", + user, + get_remote_ipaddr(), + get_remote_port()); + + /* Indicate that authentication is needed. */ + packet_start(SSH_SMSG_FAILURE); + packet_send(); + packet_write_wait(); + + /* + * Keep reading packets, and always respond with a failure. This is + * to avoid disclosing whether such a user really exists. + */ + for (attempt = 1;; attempt++) { + /* Read a packet. This will not return if the client disconnects. */ + int plen; + int type = packet_read(&plen); +#ifdef SKEY + int dlen; + char *password, *skeyinfo; + if (options.password_authentication && + options.skey_authentication == 1 && + type == SSH_CMSG_AUTH_PASSWORD && + (password = packet_get_string(&dlen)) != NULL && + dlen == 5 && + strncasecmp(password, "s/key", 5) == 0 && + (skeyinfo = skey_fake_keyinfo(user)) != NULL) { + /* Send a fake s/key challenge. */ + packet_send_debug(skeyinfo); + } +#endif + if (attempt > AUTH_FAIL_MAX) + packet_disconnect(AUTH_FAIL_MSG, user); + + /* + * Send failure. This should be indistinguishable from a + * failed authentication. + */ + packet_start(SSH_SMSG_FAILURE); + packet_send(); + packet_write_wait(); + } + /* NOTREACHED */ + abort(); +} + + +/* + * Remove local Xauthority file. + */ +static void +xauthfile_cleanup_proc(void *ignore) +{ + debug("xauthfile_cleanup_proc called"); + + if (xauthfile != NULL) { + unlink(xauthfile); + xfree(xauthfile); + xauthfile = NULL; + } +} + +/* + * Prepares for an interactive session. This is called after the user has + * been successfully authenticated. During this message exchange, pseudo + * terminals are allocated, X11, TCP/IP, and authentication agent forwardings + * are requested, etc. + */ +void +do_authenticated(struct passwd * pw) +{ + int type; + int compression_level = 0, enable_compression_after_reply = 0; + int have_pty = 0, ptyfd = -1, ttyfd = -1, xauthfd = -1; + int row, col, xpixel, ypixel, screen; + char ttyname[64]; + char *command, *term = NULL, *display = NULL, *proto = NULL, + *data = NULL; + struct group *grp; + gid_t tty_gid; + mode_t tty_mode; + int n_bytes; + + /* + * Cancel the alarm we set to limit the time taken for + * authentication. + */ + alarm(0); + + /* + * Inform the channel mechanism that we are the server side and that + * the client may request to connect to any port at all. (The user + * could do it anyway, and we wouldn\'t know what is permitted except + * by the client telling us, so we can equally well trust the client + * not to request anything bogus.) + */ + channel_permit_all_opens(); + + /* + * We stay in this loop until the client requests to execute a shell + * or a command. + */ + while (1) { + int plen, dlen; + + /* Get a packet from the client. */ + type = packet_read(&plen); + + /* Process the packet. */ + switch (type) { + case SSH_CMSG_REQUEST_COMPRESSION: + packet_integrity_check(plen, 4, type); + compression_level = packet_get_int(); + if (compression_level < 1 || compression_level > 9) { + packet_send_debug("Received illegal compression level %d.", + compression_level); + goto fail; + } + /* Enable compression after we have responded with SUCCESS. */ + enable_compression_after_reply = 1; + break; + + case SSH_CMSG_REQUEST_PTY: + if (no_pty_flag) { + debug("Allocating a pty not permitted for this authentication."); + goto fail; + } + if (have_pty) + packet_disconnect("Protocol error: you already have a pty."); + + debug("Allocating pty."); + + /* Allocate a pty and open it. */ + if (!pty_allocate(&ptyfd, &ttyfd, ttyname, + sizeof(ttyname))) { + error("Failed to allocate pty."); + goto fail; + } + /* Determine the group to make the owner of the tty. */ + grp = getgrnam("tty"); + if (grp) { + tty_gid = grp->gr_gid; + tty_mode = S_IRUSR | S_IWUSR | S_IWGRP; + } else { + tty_gid = pw->pw_gid; + tty_mode = S_IRUSR | S_IWUSR | S_IWGRP | S_IWOTH; + } + + /* Change ownership of the tty. */ + if (chown(ttyname, pw->pw_uid, tty_gid) < 0) + fatal("chown(%.100s, %d, %d) failed: %.100s", + ttyname, pw->pw_uid, tty_gid, strerror(errno)); + if (chmod(ttyname, tty_mode) < 0) + fatal("chmod(%.100s, 0%o) failed: %.100s", + ttyname, tty_mode, strerror(errno)); + + /* Get TERM from the packet. Note that the value may be of arbitrary length. */ + term = packet_get_string(&dlen); + packet_integrity_check(dlen, strlen(term), type); + /* packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type); */ + /* Remaining bytes */ + n_bytes = plen - (4 + dlen + 4 * 4); + + if (strcmp(term, "") == 0) + term = NULL; + + /* Get window size from the packet. */ + row = packet_get_int(); + col = packet_get_int(); + xpixel = packet_get_int(); + ypixel = packet_get_int(); + pty_change_window_size(ptyfd, row, col, xpixel, ypixel); + + /* Get tty modes from the packet. */ + tty_parse_modes(ttyfd, &n_bytes); + packet_integrity_check(plen, 4 + dlen + 4 * 4 + n_bytes, type); + + /* Indicate that we now have a pty. */ + have_pty = 1; + break; + + case SSH_CMSG_X11_REQUEST_FORWARDING: + if (!options.x11_forwarding) { + packet_send_debug("X11 forwarding disabled in server configuration file."); + goto fail; + } #ifdef XAUTH_PATH - if (no_x11_forwarding_flag) - { - packet_send_debug("X11 forwarding not permitted for this authentication."); - goto fail; - } - debug("Received request for X11 forwarding with auth spoofing."); - if (display) - packet_disconnect("Protocol error: X11 display already set."); - { - int proto_len, data_len; - proto = packet_get_string(&proto_len); - data = packet_get_string(&data_len); - packet_integrity_check(plen, 4+proto_len + 4+data_len + 4, type); - } - if (packet_get_protocol_flags() & SSH_PROTOFLAG_SCREEN_NUMBER) - screen = packet_get_int(); - else - screen = 0; - display = x11_create_display_inet(screen); - if (!display) - goto fail; - - /* Setup to always have a local .Xauthority. */ - xauthfile = xmalloc(MAXPATHLEN); - snprintf(xauthfile, MAXPATHLEN, "/tmp/XauthXXXXXX"); - - if ((xauthfd = mkstemp(xauthfile)) != -1) { - fchown(xauthfd, pw->pw_uid, pw->pw_gid); - close(xauthfd); - } - else { - xfree(xauthfile); - xauthfile = NULL; - } - break; + if (no_x11_forwarding_flag) { + packet_send_debug("X11 forwarding not permitted for this authentication."); + goto fail; + } + debug("Received request for X11 forwarding with auth spoofing."); + if (display) + packet_disconnect("Protocol error: X11 display already set."); + { + int proto_len, data_len; + proto = packet_get_string(&proto_len); + data = packet_get_string(&data_len); + packet_integrity_check(plen, 4 + proto_len + 4 + data_len + 4, type); + } + if (packet_get_protocol_flags() & SSH_PROTOFLAG_SCREEN_NUMBER) + screen = packet_get_int(); + else + screen = 0; + display = x11_create_display_inet(screen); + if (!display) + goto fail; + + /* Setup to always have a local .Xauthority. */ + xauthfile = xmalloc(MAXPATHLEN); + snprintf(xauthfile, MAXPATHLEN, "/tmp/XauthXXXXXX"); + + if ((xauthfd = mkstemp(xauthfile)) != -1) { + fchown(xauthfd, pw->pw_uid, pw->pw_gid); + close(xauthfd); + fatal_add_cleanup(xauthfile_cleanup_proc, NULL); + } else { + xfree(xauthfile); + xauthfile = NULL; + } + break; #else /* XAUTH_PATH */ - /* No xauth program; we won't accept forwarding with spoofing. */ - packet_send_debug("No xauth program; cannot forward with spoofing."); - goto fail; + packet_send_debug("No xauth program; cannot forward with spoofing."); + goto fail; #endif /* XAUTH_PATH */ - case SSH_CMSG_AGENT_REQUEST_FORWARDING: - if (no_agent_forwarding_flag) - { - debug("Authentication agent forwarding not permitted for this authentication."); - goto fail; - } - debug("Received authentication agent forwarding request."); - auth_input_request_forwarding(pw); - break; - - case SSH_CMSG_PORT_FORWARD_REQUEST: - if (no_port_forwarding_flag) - { - debug("Port forwarding not permitted for this authentication."); - goto fail; - } - debug("Received TCP/IP port forwarding request."); - channel_input_port_forward_request(pw->pw_uid == 0); - break; - - case SSH_CMSG_EXEC_SHELL: - /* Set interactive/non-interactive mode. */ - packet_set_interactive(have_pty || display != NULL, - options.keepalives); - - if (forced_command != NULL) - goto do_forced_command; - debug("Forking shell."); - packet_integrity_check(plen, 0, type); - if (have_pty) - do_exec_pty(NULL, ptyfd, ttyfd, ttyname, pw, term, display, proto, - data); - else - do_exec_no_pty(NULL, pw, display, proto, data); - return; - - case SSH_CMSG_EXEC_CMD: - /* Set interactive/non-interactive mode. */ - packet_set_interactive(have_pty || display != NULL, - options.keepalives); - - if (forced_command != NULL) - goto do_forced_command; - /* Get command from the packet. */ - { - int dlen; - command = packet_get_string(&dlen); - debug("Executing command '%.500s'", command); - packet_integrity_check(plen, 4 + dlen, type); - } - if (have_pty) - do_exec_pty(command, ptyfd, ttyfd, ttyname, pw, term, display, - proto, data); - else - do_exec_no_pty(command, pw, display, proto, data); - xfree(command); - return; - - case SSH_CMSG_MAX_PACKET_SIZE: - debug("The server does not support limiting packet size."); - goto fail; - - default: - /* Any unknown messages in this phase are ignored, and a failure - message is returned. */ - log("Unknown packet type received after authentication: %d", type); - goto fail; - } - - /* The request was successfully processed. */ - packet_start(SSH_SMSG_SUCCESS); - packet_send(); - packet_write_wait(); + case SSH_CMSG_AGENT_REQUEST_FORWARDING: + if (no_agent_forwarding_flag) { + debug("Authentication agent forwarding not permitted for this authentication."); + goto fail; + } + debug("Received authentication agent forwarding request."); + auth_input_request_forwarding(pw); + break; + + case SSH_CMSG_PORT_FORWARD_REQUEST: + if (no_port_forwarding_flag) { + debug("Port forwarding not permitted for this authentication."); + goto fail; + } + debug("Received TCP/IP port forwarding request."); + channel_input_port_forward_request(pw->pw_uid == 0); + break; + + case SSH_CMSG_MAX_PACKET_SIZE: + if (packet_set_maxsize(packet_get_int()) < 0) + goto fail; + break; + + case SSH_CMSG_EXEC_SHELL: + /* Set interactive/non-interactive mode. */ + packet_set_interactive(have_pty || display != NULL, + options.keepalives); + + if (forced_command != NULL) + goto do_forced_command; + debug("Forking shell."); + packet_integrity_check(plen, 0, type); + if (have_pty) + do_exec_pty(NULL, ptyfd, ttyfd, ttyname, pw, term, display, proto, data); + else + do_exec_no_pty(NULL, pw, display, proto, data); + return; + + case SSH_CMSG_EXEC_CMD: + /* Set interactive/non-interactive mode. */ + packet_set_interactive(have_pty || display != NULL, + options.keepalives); + + if (forced_command != NULL) + goto do_forced_command; + /* Get command from the packet. */ + { + int dlen; + command = packet_get_string(&dlen); + debug("Executing command '%.500s'", command); + packet_integrity_check(plen, 4 + dlen, type); + } + if (have_pty) + do_exec_pty(command, ptyfd, ttyfd, ttyname, pw, term, display, proto, data); + else + do_exec_no_pty(command, pw, display, proto, data); + xfree(command); + return; + + default: + /* + * Any unknown messages in this phase are ignored, + * and a failure message is returned. + */ + log("Unknown packet type received after authentication: %d", type); + goto fail; + } - /* Enable compression now that we have replied if appropriate. */ - if (enable_compression_after_reply) - { - enable_compression_after_reply = 0; - packet_start_compression(compression_level); - } + /* The request was successfully processed. */ + packet_start(SSH_SMSG_SUCCESS); + packet_send(); + packet_write_wait(); + + /* Enable compression now that we have replied if appropriate. */ + if (enable_compression_after_reply) { + enable_compression_after_reply = 0; + packet_start_compression(compression_level); + } + continue; - continue; +fail: + /* The request failed. */ + packet_start(SSH_SMSG_FAILURE); + packet_send(); + packet_write_wait(); + continue; - fail: - /* The request failed. */ - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - continue; - - do_forced_command: - /* There is a forced command specified for this login. Execute it. */ - debug("Executing forced command: %.900s", forced_command); - if (have_pty) - do_exec_pty(forced_command, ptyfd, ttyfd, ttyname, pw, term, display, - proto, data); - else - do_exec_no_pty(forced_command, pw, display, proto, data); - return; - } +do_forced_command: + /* + * There is a forced command specified for this login. + * Execute it. + */ + debug("Executing forced command: %.900s", forced_command); + if (have_pty) + do_exec_pty(forced_command, ptyfd, ttyfd, ttyname, pw, term, display, proto, data); + else + do_exec_no_pty(forced_command, pw, display, proto, data); + return; + } } -/* This is called to fork and execute a command when we have no tty. This - will call do_child from the child, and server_loop from the parent after - setting up file descriptors and such. */ - -void do_exec_no_pty(const char *command, struct passwd *pw, - const char *display, const char *auth_proto, - const char *auth_data) -{ - int pid; +/* + * This is called to fork and execute a command when we have no tty. This + * will call do_child from the child, and server_loop from the parent after + * setting up file descriptors and such. + */ +void +do_exec_no_pty(const char *command, struct passwd * pw, + const char *display, const char *auth_proto, + const char *auth_data) +{ + int pid; #ifdef USE_PIPES - int pin[2], pout[2], perr[2]; - /* Allocate pipes for communicating with the program. */ - if (pipe(pin) < 0 || pipe(pout) < 0 || pipe(perr) < 0) - packet_disconnect("Could not create pipes: %.100s", - strerror(errno)); + int pin[2], pout[2], perr[2]; + /* Allocate pipes for communicating with the program. */ + if (pipe(pin) < 0 || pipe(pout) < 0 || pipe(perr) < 0) + packet_disconnect("Could not create pipes: %.100s", + strerror(errno)); #else /* USE_PIPES */ - int inout[2], err[2]; - /* Uses socket pairs to communicate with the program. */ - if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0 || - socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) - packet_disconnect("Could not create socket pairs: %.100s", - strerror(errno)); + int inout[2], err[2]; + /* Uses socket pairs to communicate with the program. */ + if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0 || + socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) + packet_disconnect("Could not create socket pairs: %.100s", + strerror(errno)); #endif /* USE_PIPES */ - - setproctitle("%s@notty", pw->pw_name); - /* Fork the child. */ - if ((pid = fork()) == 0) - { - /* Child. Reinitialize the log since the pid has changed. */ - log_init(av0, debug_flag && !inetd_flag, debug_flag, - options.quiet_mode, options.log_facility); - - /* Create a new session and process group since the 4.4BSD setlogin() - affects the entire process group. */ - if (setsid() < 0) - error("setsid failed: %.100s", strerror(errno)); + setproctitle("%s@notty", pw->pw_name); + /* Fork the child. */ + if ((pid = fork()) == 0) { + /* Child. Reinitialize the log since the pid has changed. */ + log_init(av0, options.log_level, options.log_facility, log_stderr); + + /* + * Create a new session and process group since the 4.4BSD + * setlogin() affects the entire process group. + */ + if (setsid() < 0) + error("setsid failed: %.100s", strerror(errno)); + #ifdef USE_PIPES - /* Redirect stdin. We close the parent side of the socket pair, - and make the child side the standard input. */ - close(pin[1]); - if (dup2(pin[0], 0) < 0) - perror("dup2 stdin"); - close(pin[0]); - - /* Redirect stdout. */ - close(pout[0]); - if (dup2(pout[1], 1) < 0) - perror("dup2 stdout"); - close(pout[1]); - - /* Redirect stderr. */ - close(perr[0]); - if (dup2(perr[1], 2) < 0) - perror("dup2 stderr"); - close(perr[1]); + /* + * Redirect stdin. We close the parent side of the socket + * pair, and make the child side the standard input. + */ + close(pin[1]); + if (dup2(pin[0], 0) < 0) + perror("dup2 stdin"); + close(pin[0]); + + /* Redirect stdout. */ + close(pout[0]); + if (dup2(pout[1], 1) < 0) + perror("dup2 stdout"); + close(pout[1]); + + /* Redirect stderr. */ + close(perr[0]); + if (dup2(perr[1], 2) < 0) + perror("dup2 stderr"); + close(perr[1]); #else /* USE_PIPES */ - /* Redirect stdin, stdout, and stderr. Stdin and stdout will use the - same socket, as some programs (particularly rdist) seem to depend - on it. */ - close(inout[1]); - close(err[1]); - if (dup2(inout[0], 0) < 0) /* stdin */ - perror("dup2 stdin"); - if (dup2(inout[0], 1) < 0) /* stdout. Note: same socket as stdin. */ - perror("dup2 stdout"); - if (dup2(err[0], 2) < 0) /* stderr */ - perror("dup2 stderr"); + /* + * Redirect stdin, stdout, and stderr. Stdin and stdout will + * use the same socket, as some programs (particularly rdist) + * seem to depend on it. + */ + close(inout[1]); + close(err[1]); + if (dup2(inout[0], 0) < 0) /* stdin */ + perror("dup2 stdin"); + if (dup2(inout[0], 1) < 0) /* stdout. Note: same socket as stdin. */ + perror("dup2 stdout"); + if (dup2(err[0], 2) < 0) /* stderr */ + perror("dup2 stderr"); #endif /* USE_PIPES */ - /* Do processing for the child (exec command etc). */ - do_child(command, pw, NULL, display, auth_proto, auth_data, NULL); - /*NOTREACHED*/ - } - if (pid < 0) - packet_disconnect("fork failed: %.100s", strerror(errno)); + /* Do processing for the child (exec command etc). */ + do_child(command, pw, NULL, display, auth_proto, auth_data, NULL); + /* NOTREACHED */ + } + if (pid < 0) + packet_disconnect("fork failed: %.100s", strerror(errno)); #ifdef USE_PIPES - /* We are the parent. Close the child sides of the pipes. */ - close(pin[0]); - close(pout[1]); - close(perr[1]); - - /* Enter the interactive session. */ - server_loop(pid, pin[1], pout[0], perr[0]); - /* server_loop has closed pin[1], pout[1], and perr[1]. */ + /* We are the parent. Close the child sides of the pipes. */ + close(pin[0]); + close(pout[1]); + close(perr[1]); + + /* Enter the interactive session. */ + server_loop(pid, pin[1], pout[0], perr[0]); + /* server_loop has closed pin[1], pout[1], and perr[1]. */ #else /* USE_PIPES */ - /* We are the parent. Close the child sides of the socket pairs. */ - close(inout[0]); - close(err[0]); - - /* Enter the interactive session. Note: server_loop must be able to handle - the case that fdin and fdout are the same. */ - server_loop(pid, inout[1], inout[1], err[1]); - /* server_loop has closed inout[1] and err[1]. */ + /* We are the parent. Close the child sides of the socket pairs. */ + close(inout[0]); + close(err[0]); + + /* + * Enter the interactive session. Note: server_loop must be able to + * handle the case that fdin and fdout are the same. + */ + server_loop(pid, inout[1], inout[1], err[1]); + /* server_loop has closed inout[1] and err[1]. */ #endif /* USE_PIPES */ } -struct pty_cleanup_context -{ - const char *ttyname; - int pid; +struct pty_cleanup_context { + const char *ttyname; + int pid; }; -/* Function to perform cleanup if we get aborted abnormally (e.g., due to a - dropped connection). */ - -void pty_cleanup_proc(void *context) +/* + * Function to perform cleanup if we get aborted abnormally (e.g., due to a + * dropped connection). + */ +void +pty_cleanup_proc(void *context) { - struct pty_cleanup_context *cu = context; + struct pty_cleanup_context *cu = context; - debug("pty_cleanup_proc called"); + debug("pty_cleanup_proc called"); -#if defined(KRB4) - /* Destroy user's ticket cache file. */ - (void) dest_tkt(); -#endif /* KRB4 */ - - /* Record that the user has logged out. */ - record_logout(cu->pid, cu->ttyname); + /* Record that the user has logged out. */ + record_logout(cu->pid, cu->ttyname); - /* Release the pseudo-tty. */ - pty_release(cu->ttyname); + /* Release the pseudo-tty. */ + pty_release(cu->ttyname); } -/* This is called to fork and execute a command when we have a tty. This - will call do_child from the child, and server_loop from the parent after - setting up file descriptors, controlling tty, updating wtmp, utmp, - lastlog, and other such operations. */ - -void do_exec_pty(const char *command, int ptyfd, int ttyfd, - const char *ttyname, struct passwd *pw, const char *term, - const char *display, const char *auth_proto, - const char *auth_data) -{ - int pid, fdout; - const char *hostname; - time_t last_login_time; - char buf[100], *time_string; - FILE *f; - char line[256]; - struct stat st; - int quiet_login; - struct sockaddr_in from; - int fromlen; - struct pty_cleanup_context cleanup_context; - - /* Get remote host name. */ - hostname = get_canonical_hostname(); - - /* Get the time when the user last logged in. Buf will be set to contain - the hostname the last login was from. */ - if(!options.use_login) { - last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name, - buf, sizeof(buf)); - } - - setproctitle("%s@%s", pw->pw_name, strrchr(ttyname, '/') + 1); - - /* Fork the child. */ - if ((pid = fork()) == 0) - { - pid = getpid(); - - /* Child. Reinitialize the log because the pid has changed. */ - log_init(av0, debug_flag && !inetd_flag, debug_flag, options.quiet_mode, - options.log_facility); - - /* Close the master side of the pseudo tty. */ - close(ptyfd); - - /* Make the pseudo tty our controlling tty. */ - pty_make_controlling_tty(&ttyfd, ttyname); - - /* Redirect stdin from the pseudo tty. */ - if (dup2(ttyfd, fileno(stdin)) < 0) - error("dup2 stdin failed: %.100s", strerror(errno)); - - /* Redirect stdout to the pseudo tty. */ - if (dup2(ttyfd, fileno(stdout)) < 0) - error("dup2 stdin failed: %.100s", strerror(errno)); - - /* Redirect stderr to the pseudo tty. */ - if (dup2(ttyfd, fileno(stderr)) < 0) - error("dup2 stdin failed: %.100s", strerror(errno)); - - /* Close the extra descriptor for the pseudo tty. */ - close(ttyfd); - - /* Get IP address of client. This is needed because we want to record - where the user logged in from. If the connection is not a socket, - let the ip address be 0.0.0.0. */ - memset(&from, 0, sizeof(from)); - if (packet_get_connection_in() == packet_get_connection_out()) - { - fromlen = sizeof(from); - if (getpeername(packet_get_connection_in(), - (struct sockaddr *)&from, &fromlen) < 0) - fatal("getpeername: %.100s", strerror(errno)); - } - - /* Record that there was a login on that terminal. */ - record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname, - &from); - - /* Check if .hushlogin exists. */ - snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir); - quiet_login = stat(line, &st) >= 0; - - /* If the user has logged in before, display the time of last login. - However, don't display anything extra if a command has been - specified (so that ssh can be used to execute commands on a remote - machine without users knowing they are going to another machine). - Login(1) will do this for us as well, so check if login(1) is used */ - if (command == NULL && last_login_time != 0 && !quiet_login && - !options.use_login) - { - /* Convert the date to a string. */ - time_string = ctime(&last_login_time); - /* Remove the trailing newline. */ - if (strchr(time_string, '\n')) - *strchr(time_string, '\n') = 0; - /* Display the last login time. Host if displayed if known. */ - if (strcmp(buf, "") == 0) - printf("Last login: %s\r\n", time_string); - else - printf("Last login: %s from %s\r\n", time_string, buf); - } - - /* Print /etc/motd unless a command was specified or printing it was - disabled in server options or login(1) will be used. Note that - some machines appear to print it in /etc/profile or similar. */ - if (command == NULL && options.print_motd && !quiet_login && - !options.use_login) - { - /* Print /etc/motd if it exists. */ - f = fopen("/etc/motd", "r"); - if (f) - { - while (fgets(line, sizeof(line), f)) - fputs(line, stdout); - fclose(f); - } - } - - /* Do common processing for the child, such as execing the command. */ - do_child(command, pw, term, display, auth_proto, auth_data, ttyname); - /*NOTREACHED*/ - } - if (pid < 0) - packet_disconnect("fork failed: %.100s", strerror(errno)); - /* Parent. Close the slave side of the pseudo tty. */ - close(ttyfd); - - /* Create another descriptor of the pty master side for use as the standard - input. We could use the original descriptor, but this simplifies code - in server_loop. The descriptor is bidirectional. */ - fdout = dup(ptyfd); - if (fdout < 0) - packet_disconnect("dup failed: %.100s", strerror(errno)); - - /* Add a cleanup function to clear the utmp entry and record logout time - in case we call fatal() (e.g., the connection gets closed). */ - cleanup_context.pid = pid; - cleanup_context.ttyname = ttyname; - fatal_add_cleanup(pty_cleanup_proc, (void *)&cleanup_context); - - /* Enter interactive session. */ - server_loop(pid, ptyfd, fdout, -1); - /* server_loop has not closed ptyfd and fdout. */ - - /* Cancel the cleanup function. */ - fatal_remove_cleanup(pty_cleanup_proc, (void *)&cleanup_context); - - /* Record that the user has logged out. */ - record_logout(pid, ttyname); - - /* Release the pseudo-tty. */ - pty_release(ttyname); - - /* Close the server side of the socket pairs. We must do this after the - pty cleanup, so that another process doesn't get this pty while we're - still cleaning up. */ - close(ptyfd); - close(fdout); -} +/* + * This is called to fork and execute a command when we have a tty. This + * will call do_child from the child, and server_loop from the parent after + * setting up file descriptors, controlling tty, updating wtmp, utmp, + * lastlog, and other such operations. + */ +void +do_exec_pty(const char *command, int ptyfd, int ttyfd, + const char *ttyname, struct passwd * pw, const char *term, + const char *display, const char *auth_proto, + const char *auth_data) +{ + int pid, fdout; + const char *hostname; + time_t last_login_time; + char buf[100], *time_string; + FILE *f; + char line[256]; + struct stat st; + int quiet_login; + struct sockaddr_in from; + int fromlen; + struct pty_cleanup_context cleanup_context; + + /* Get remote host name. */ + hostname = get_canonical_hostname(); + + /* + * Get the time when the user last logged in. Buf will be set to + * contain the hostname the last login was from. + */ + if (!options.use_login) { + last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name, + buf, sizeof(buf)); + } + setproctitle("%s@%s", pw->pw_name, strrchr(ttyname, '/') + 1); -/* Sets the value of the given variable in the environment. If the variable - already exists, its value is overriden. */ + /* Fork the child. */ + if ((pid = fork()) == 0) { + pid = getpid(); + + /* Child. Reinitialize the log because the pid has + changed. */ + log_init(av0, options.log_level, options.log_facility, log_stderr); + + /* Close the master side of the pseudo tty. */ + close(ptyfd); + + /* Make the pseudo tty our controlling tty. */ + pty_make_controlling_tty(&ttyfd, ttyname); + + /* Redirect stdin from the pseudo tty. */ + if (dup2(ttyfd, fileno(stdin)) < 0) + error("dup2 stdin failed: %.100s", strerror(errno)); + + /* Redirect stdout to the pseudo tty. */ + if (dup2(ttyfd, fileno(stdout)) < 0) + error("dup2 stdin failed: %.100s", strerror(errno)); + + /* Redirect stderr to the pseudo tty. */ + if (dup2(ttyfd, fileno(stderr)) < 0) + error("dup2 stdin failed: %.100s", strerror(errno)); + + /* Close the extra descriptor for the pseudo tty. */ + close(ttyfd); + + /* + * Get IP address of client. This is needed because we want + * to record where the user logged in from. If the + * connection is not a socket, let the ip address be 0.0.0.0. + */ + memset(&from, 0, sizeof(from)); + if (packet_get_connection_in() == packet_get_connection_out()) { + fromlen = sizeof(from); + if (getpeername(packet_get_connection_in(), + (struct sockaddr *) & from, &fromlen) < 0) { + debug("getpeername: %.100s", strerror(errno)); + fatal_cleanup(); + } + } + /* Record that there was a login on that terminal. */ + record_login(pid, ttyname, pw->pw_name, pw->pw_uid, hostname, + &from); + + /* Check if .hushlogin exists. */ + snprintf(line, sizeof line, "%.200s/.hushlogin", pw->pw_dir); + quiet_login = stat(line, &st) >= 0; + + /* + * If the user has logged in before, display the time of last + * login. However, don't display anything extra if a command + * has been specified (so that ssh can be used to execute + * commands on a remote machine without users knowing they + * are going to another machine). Login(1) will do this for + * us as well, so check if login(1) is used + */ + if (command == NULL && last_login_time != 0 && !quiet_login && + !options.use_login) { + /* Convert the date to a string. */ + time_string = ctime(&last_login_time); + /* Remove the trailing newline. */ + if (strchr(time_string, '\n')) + *strchr(time_string, '\n') = 0; + /* Display the last login time. Host if displayed + if known. */ + if (strcmp(buf, "") == 0) + printf("Last login: %s\r\n", time_string); + else + printf("Last login: %s from %s\r\n", time_string, buf); + } + /* + * Print /etc/motd unless a command was specified or printing + * it was disabled in server options or login(1) will be + * used. Note that some machines appear to print it in + * /etc/profile or similar. + */ + if (command == NULL && options.print_motd && !quiet_login && + !options.use_login) { + /* Print /etc/motd if it exists. */ + f = fopen("/etc/motd", "r"); + if (f) { + while (fgets(line, sizeof(line), f)) + fputs(line, stdout); + fclose(f); + } + } + /* Do common processing for the child, such as execing the command. */ + do_child(command, pw, term, display, auth_proto, auth_data, ttyname); + /* NOTREACHED */ + } + if (pid < 0) + packet_disconnect("fork failed: %.100s", strerror(errno)); + /* Parent. Close the slave side of the pseudo tty. */ + close(ttyfd); + + /* + * Create another descriptor of the pty master side for use as the + * standard input. We could use the original descriptor, but this + * simplifies code in server_loop. The descriptor is bidirectional. + */ + fdout = dup(ptyfd); + if (fdout < 0) + packet_disconnect("dup failed: %.100s", strerror(errno)); + + /* + * Add a cleanup function to clear the utmp entry and record logout + * time in case we call fatal() (e.g., the connection gets closed). + */ + cleanup_context.pid = pid; + cleanup_context.ttyname = ttyname; + fatal_add_cleanup(pty_cleanup_proc, (void *) &cleanup_context); + + /* Enter interactive session. */ + server_loop(pid, ptyfd, fdout, -1); + /* server_loop has not closed ptyfd and fdout. */ + + /* Cancel the cleanup function. */ + fatal_remove_cleanup(pty_cleanup_proc, (void *) &cleanup_context); + + /* Record that the user has logged out. */ + record_logout(pid, ttyname); + + /* Release the pseudo-tty. */ + pty_release(ttyname); + + /* + * Close the server side of the socket pairs. We must do this after + * the pty cleanup, so that another process doesn't get this pty + * while we're still cleaning up. + */ + close(ptyfd); + close(fdout); +} -void child_set_env(char ***envp, unsigned int *envsizep, const char *name, - const char *value) +/* + * Sets the value of the given variable in the environment. If the variable + * already exists, its value is overriden. + */ +void +child_set_env(char ***envp, unsigned int *envsizep, const char *name, + const char *value) { - unsigned int i, namelen; - char **env; + unsigned int i, namelen; + char **env; - /* Find the slot where the value should be stored. If the variable already - exists, we reuse the slot; otherwise we append a new slot at the end - of the array, expanding if necessary. */ - env = *envp; - namelen = strlen(name); - for (i = 0; env[i]; i++) - if (strncmp(env[i], name, namelen) == 0 && env[i][namelen] == '=') - break; - if (env[i]) - { - /* Name already exists. Reuse the slot. */ - xfree(env[i]); - } - else - { - /* New variable. Expand the array if necessary. */ - if (i >= (*envsizep) - 1) - { - (*envsizep) += 50; - env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *)); + /* + * Find the slot where the value should be stored. If the variable + * already exists, we reuse the slot; otherwise we append a new slot + * at the end of the array, expanding if necessary. + */ + env = *envp; + namelen = strlen(name); + for (i = 0; env[i]; i++) + if (strncmp(env[i], name, namelen) == 0 && env[i][namelen] == '=') + break; + if (env[i]) { + /* Reuse the slot. */ + xfree(env[i]); + } else { + /* New variable. Expand if necessary. */ + if (i >= (*envsizep) - 1) { + (*envsizep) += 50; + env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *)); + } + /* Need to set the NULL pointer at end of array beyond the new slot. */ + env[i + 1] = NULL; } - /* Need to set the NULL pointer at end of array beyond the new - slot. */ - env[i + 1] = NULL; - } - - /* Allocate space and format the variable in the appropriate slot. */ - env[i] = xmalloc(strlen(name) + 1 + strlen(value) + 1); - snprintf(env[i], strlen(name) + 1 + strlen(value) + 1, "%s=%s", name, value); + /* Allocate space and format the variable in the appropriate slot. */ + env[i] = xmalloc(strlen(name) + 1 + strlen(value) + 1); + snprintf(env[i], strlen(name) + 1 + strlen(value) + 1, "%s=%s", name, value); } -/* Reads environment variables from the given file and adds/overrides them - into the environment. If the file does not exist, this does nothing. - Otherwise, it must consist of empty lines, comments (line starts with '#') - and assignments of the form name=value. No other forms are allowed. */ - -void read_environment_file(char ***env, unsigned int *envsize, - const char *filename) -{ - FILE *f; - char buf[4096]; - char *cp, *value; - - /* Open the environment file. */ - f = fopen(filename, "r"); - if (!f) - return; /* Not found. */ - - /* Process each line. */ - while (fgets(buf, sizeof(buf), f)) - { - /* Skip leading whitespace. */ - for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) - ; - - /* Ignore empty and comment lines. */ - if (!*cp || *cp == '#' || *cp == '\n') - continue; - - /* Remove newline. */ - if (strchr(cp, '\n')) - *strchr(cp, '\n') = '\0'; - - /* Find the equals sign. Its lack indicates badly formatted line. */ - value = strchr(cp, '='); - if (value == NULL) - { - fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf); - continue; +/* + * Reads environment variables from the given file and adds/overrides them + * into the environment. If the file does not exist, this does nothing. + * Otherwise, it must consist of empty lines, comments (line starts with '#') + * and assignments of the form name=value. No other forms are allowed. + */ +void +read_environment_file(char ***env, unsigned int *envsize, + const char *filename) +{ + FILE *f; + char buf[4096]; + char *cp, *value; + + f = fopen(filename, "r"); + if (!f) + return; + + while (fgets(buf, sizeof(buf), f)) { + for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) + ; + if (!*cp || *cp == '#' || *cp == '\n') + continue; + if (strchr(cp, '\n')) + *strchr(cp, '\n') = '\0'; + value = strchr(cp, '='); + if (value == NULL) { + fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf); + continue; + } + /* Replace the equals sign by nul, and advance value to the value string. */ + *value = '\0'; + value++; + child_set_env(env, envsize, cp, value); } - - /* Replace the equals sign by nul, and advance value to the value - string. */ - *value = '\0'; - value++; - - /* Set the value in environment. */ - child_set_env(env, envsize, cp, value); - } - - fclose(f); + fclose(f); } + +/* + * Performs common processing for the child, such as setting up the + * environment, closing extra file descriptors, setting the user and group + * ids, and executing the command or shell. + */ +void +do_child(const char *command, struct passwd * pw, const char *term, + const char *display, const char *auth_proto, + const char *auth_data, const char *ttyname) +{ + const char *shell, *cp = NULL; + char buf[256]; + FILE *f; + unsigned int envsize, i; + char **env; + extern char **environ; + struct stat st; + char *argv[10]; + + f = fopen("/etc/nologin", "r"); + if (f) { + /* /etc/nologin exists. Print its contents and exit. */ + while (fgets(buf, sizeof(buf), f)) + fputs(buf, stderr); + fclose(f); + if (pw->pw_uid != 0) + exit(254); + } + /* Set login name in the kernel. */ + if (setlogin(pw->pw_name) < 0) + error("setlogin failed: %s", strerror(errno)); + + /* Set uid, gid, and groups. */ + /* Login(1) does this as well, and it needs uid 0 for the "-h" + switch, so we let login(1) to this for us. */ + if (!options.use_login) { + if (getuid() == 0 || geteuid() == 0) { + if (setgid(pw->pw_gid) < 0) { + perror("setgid"); + exit(1); + } + /* Initialize the group list. */ + if (initgroups(pw->pw_name, pw->pw_gid) < 0) { + perror("initgroups"); + exit(1); + } + endgrent(); -/* Performs common processing for the child, such as setting up the - environment, closing extra file descriptors, setting the user and group - ids, and executing the command or shell. */ - -void do_child(const char *command, struct passwd *pw, const char *term, - const char *display, const char *auth_proto, - const char *auth_data, const char *ttyname) -{ - const char *shell, *cp = NULL; - char buf[256]; - FILE *f; - unsigned int envsize, i; - char **env; - extern char **environ; - struct stat st; - char *argv[10]; - - /* Check /etc/nologin. */ - f = fopen("/etc/nologin", "r"); - if (f) - { /* /etc/nologin exists. Print its contents and exit. */ - while (fgets(buf, sizeof(buf), f)) - fputs(buf, stderr); - fclose(f); - if (pw->pw_uid != 0) - exit(254); - } - - /* Set login name in the kernel. */ - if (setlogin(pw->pw_name) < 0) - error("setlogin failed: %s", strerror(errno)); - - /* Set uid, gid, and groups. */ - /* Login(1) does this as well, and it needs uid 0 for the "-h" switch, - so we let login(1) to this for us. */ - if(!options.use_login) { - if (getuid() == 0 || geteuid() == 0) - { - if (setgid(pw->pw_gid) < 0) - { - perror("setgid"); - exit(1); - } - /* Initialize the group list. */ - if (initgroups(pw->pw_name, pw->pw_gid) < 0) - { - perror("initgroups"); - exit(1); - } - endgrent(); - - /* Permanently switch to the desired uid. */ - permanently_set_uid(pw->pw_uid); - } - - if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) - fatal("Failed to set uids to %d.", (int)pw->pw_uid); - } - - /* Get the shell from the password data. An empty shell field is legal, - and means /bin/sh. */ - shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; + /* Permanently switch to the desired uid. */ + permanently_set_uid(pw->pw_uid); + } + if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) + fatal("Failed to set uids to %d.", (int) pw->pw_uid); + } + /* + * Get the shell from the password data. An empty shell field is + * legal, and means /bin/sh. + */ + shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; #ifdef AFS - /* Try to get AFS tokens for the local cell. */ - if (k_hasafs()) { - char cell[64]; - - if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); + /* Try to get AFS tokens for the local cell. */ + if (k_hasafs()) { + char cell[64]; - krb_afslog(0, 0); - } + if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0) + krb_afslog(cell, 0); + + krb_afslog(0, 0); + } #endif /* AFS */ - - /* Initialize the environment. In the first part we allocate space for - all environment variables. */ - envsize = 100; - env = xmalloc(envsize * sizeof(char *)); - env[0] = NULL; - - if(!options.use_login) { - /* Set basic environment. */ - child_set_env(&env, &envsize, "USER", pw->pw_name); - child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); - child_set_env(&env, &envsize, "HOME", pw->pw_dir); - child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); - - snprintf(buf, sizeof buf, "%.200s/%.50s", - _PATH_MAILDIR, pw->pw_name); - child_set_env(&env, &envsize, "MAIL", buf); - - /* Normal systems set SHELL by default. */ - child_set_env(&env, &envsize, "SHELL", shell); - } - - /* Let it inherit timezone if we have one. */ - if (getenv("TZ")) - child_set_env(&env, &envsize, "TZ", getenv("TZ")); - - /* Set custom environment options from RSA authentication. */ - while (custom_environment) - { - struct envstring *ce = custom_environment; - char *s = ce->s; - int i; - for (i = 0; s[i] != '=' && s[i]; i++) - ; - if (s[i] == '=') - { - s[i] = 0; - child_set_env(&env, &envsize, s, s + i + 1); + + /* Initialize the environment. */ + envsize = 100; + env = xmalloc(envsize * sizeof(char *)); + env[0] = NULL; + + if (!options.use_login) { + /* Set basic environment. */ + child_set_env(&env, &envsize, "USER", pw->pw_name); + child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); + child_set_env(&env, &envsize, "HOME", pw->pw_dir); + child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); + + snprintf(buf, sizeof buf, "%.200s/%.50s", + _PATH_MAILDIR, pw->pw_name); + child_set_env(&env, &envsize, "MAIL", buf); + + /* Normal systems set SHELL by default. */ + child_set_env(&env, &envsize, "SHELL", shell); } - custom_environment = ce->next; - xfree(ce->s); - xfree(ce); - } - - /* Set SSH_CLIENT. */ - snprintf(buf, sizeof buf, "%.50s %d %d", - get_remote_ipaddr(), get_remote_port(), options.port); - child_set_env(&env, &envsize, "SSH_CLIENT", buf); - - /* Set SSH_TTY if we have a pty. */ - if (ttyname) - child_set_env(&env, &envsize, "SSH_TTY", ttyname); - - /* Set TERM if we have a pty. */ - if (term) - child_set_env(&env, &envsize, "TERM", term); - - /* Set DISPLAY if we have one. */ - if (display) - child_set_env(&env, &envsize, "DISPLAY", display); + if (getenv("TZ")) + child_set_env(&env, &envsize, "TZ", getenv("TZ")); + /* Set custom environment options from RSA authentication. */ + while (custom_environment) { + struct envstring *ce = custom_environment; + char *s = ce->s; + int i; + for (i = 0; s[i] != '=' && s[i]; i++); + if (s[i] == '=') { + s[i] = 0; + child_set_env(&env, &envsize, s, s + i + 1); + } + custom_environment = ce->next; + xfree(ce->s); + xfree(ce); + } + + snprintf(buf, sizeof buf, "%.50s %d %d", + get_remote_ipaddr(), get_remote_port(), options.port); + child_set_env(&env, &envsize, "SSH_CLIENT", buf); + + if (ttyname) + child_set_env(&env, &envsize, "SSH_TTY", ttyname); + if (term) + child_set_env(&env, &envsize, "TERM", term); + if (display) + child_set_env(&env, &envsize, "DISPLAY", display); + #ifdef KRB4 - if (ticket) - child_set_env(&env, &envsize, "KRBTKFILE", ticket); + { + extern char *ticket; + + if (ticket) + child_set_env(&env, &envsize, "KRBTKFILE", ticket); + } #endif /* KRB4 */ - /* Set XAUTHORITY to always be a local file. */ - if (xauthfile) - child_set_env(&env, &envsize, "XAUTHORITY", xauthfile); - - /* Set variable for forwarded authentication connection, if we have one. */ - if (auth_get_socket_name() != NULL) - child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, - auth_get_socket_name()); - - /* Read $HOME/.ssh/environment. */ - if(!options.use_login) { - snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir); - read_environment_file(&env, &envsize, buf); - } - - /* If debugging, dump the environment to stderr. */ - if (debug_flag) - { - fprintf(stderr, "Environment:\n"); - for (i = 0; env[i]; i++) - fprintf(stderr, " %.200s\n", env[i]); - } - - /* Close the connection descriptors; note that this is the child, and the - server will still have the socket open, and it is important that we - do not shutdown it. Note that the descriptors cannot be closed before - building the environment, as we call get_remote_ipaddr there. */ - if (packet_get_connection_in() == packet_get_connection_out()) - close(packet_get_connection_in()); - else - { - close(packet_get_connection_in()); - close(packet_get_connection_out()); - } - /* Close all descriptors related to channels. They will still remain - open in the parent. */ - channel_close_all(); - - /* Close any extra file descriptors. Note that there may still be - descriptors left by system functions. They will be closed later. */ - endpwent(); - endhostent(); - - /* Close any extra open file descriptors so that we don\'t have them - hanging around in clients. Note that we want to do this after - initgroups, because at least on Solaris 2.3 it leaves file descriptors - open. */ - for (i = 3; i < 64; i++) - close(i); - - /* Change current directory to the user\'s home directory. */ - if (chdir(pw->pw_dir) < 0) - fprintf(stderr, "Could not chdir to home directory %s: %s\n", - pw->pw_dir, strerror(errno)); - - /* Must take new environment into use so that .ssh/rc, /etc/sshrc and - xauth are run in the proper environment. */ - environ = env; - - /* Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found first - in this order). */ - if(!options.use_login) { - if (stat(SSH_USER_RC, &st) >= 0) - { - if (debug_flag) - fprintf(stderr, "Running /bin/sh %s\n", SSH_USER_RC); - - f = popen("/bin/sh " SSH_USER_RC, "w"); - if (f) - { - if (auth_proto != NULL && auth_data != NULL) - fprintf(f, "%s %s\n", auth_proto, auth_data); - pclose(f); - } - else - fprintf(stderr, "Could not run %s\n", SSH_USER_RC); - } - else - if (stat(SSH_SYSTEM_RC, &st) >= 0) - { - if (debug_flag) - fprintf(stderr, "Running /bin/sh %s\n", SSH_SYSTEM_RC); - - f = popen("/bin/sh " SSH_SYSTEM_RC, "w"); - if (f) - { - if (auth_proto != NULL && auth_data != NULL) - fprintf(f, "%s %s\n", auth_proto, auth_data); - pclose(f); - } - else - fprintf(stderr, "Could not run %s\n", SSH_SYSTEM_RC); - } + if (xauthfile) + child_set_env(&env, &envsize, "XAUTHORITY", xauthfile); + if (auth_get_socket_name() != NULL) + child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, + auth_get_socket_name()); + + /* read $HOME/.ssh/environment. */ + if (!options.use_login) { + snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir); + read_environment_file(&env, &envsize, buf); + } + if (debug_flag) { + /* dump the environment */ + fprintf(stderr, "Environment:\n"); + for (i = 0; env[i]; i++) + fprintf(stderr, " %.200s\n", env[i]); + } + /* + * Close the connection descriptors; note that this is the child, and + * the server will still have the socket open, and it is important + * that we do not shutdown it. Note that the descriptors cannot be + * closed before building the environment, as we call + * get_remote_ipaddr there. + */ + if (packet_get_connection_in() == packet_get_connection_out()) + close(packet_get_connection_in()); + else { + close(packet_get_connection_in()); + close(packet_get_connection_out()); + } + /* + * Close all descriptors related to channels. They will still remain + * open in the parent. + */ + /* XXX better use close-on-exec? -markus */ + channel_close_all(); + + /* + * Close any extra file descriptors. Note that there may still be + * descriptors left by system functions. They will be closed later. + */ + endpwent(); + endhostent(); + + /* + * Close any extra open file descriptors so that we don\'t have them + * hanging around in clients. Note that we want to do this after + * initgroups, because at least on Solaris 2.3 it leaves file + * descriptors open. + */ + for (i = 3; i < 64; i++) + close(i); + + /* Change current directory to the user\'s home directory. */ + if (chdir(pw->pw_dir) < 0) + fprintf(stderr, "Could not chdir to home directory %s: %s\n", + pw->pw_dir, strerror(errno)); + + /* + * Must take new environment into use so that .ssh/rc, /etc/sshrc and + * xauth are run in the proper environment. + */ + environ = env; + + /* + * Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found first + * in this order). + */ + if (!options.use_login) { + if (stat(SSH_USER_RC, &st) >= 0) { + if (debug_flag) + fprintf(stderr, "Running /bin/sh %s\n", SSH_USER_RC); + + f = popen("/bin/sh " SSH_USER_RC, "w"); + if (f) { + if (auth_proto != NULL && auth_data != NULL) + fprintf(f, "%s %s\n", auth_proto, auth_data); + pclose(f); + } else + fprintf(stderr, "Could not run %s\n", SSH_USER_RC); + } else if (stat(SSH_SYSTEM_RC, &st) >= 0) { + if (debug_flag) + fprintf(stderr, "Running /bin/sh %s\n", SSH_SYSTEM_RC); + + f = popen("/bin/sh " SSH_SYSTEM_RC, "w"); + if (f) { + if (auth_proto != NULL && auth_data != NULL) + fprintf(f, "%s %s\n", auth_proto, auth_data); + pclose(f); + } else + fprintf(stderr, "Could not run %s\n", SSH_SYSTEM_RC); + } #ifdef XAUTH_PATH - else - { - /* Add authority data to .Xauthority if appropriate. */ - if (auth_proto != NULL && auth_data != NULL) - { - if (debug_flag) - fprintf(stderr, "Running %.100s add %.100s %.100s %.100s\n", - XAUTH_PATH, display, auth_proto, auth_data); - - f = popen(XAUTH_PATH " -q -", "w"); - if (f) - { - fprintf(f, "add %s %s %s\n", display, auth_proto, auth_data); - fclose(f); - } - else - fprintf(stderr, "Could not run %s -q -\n", XAUTH_PATH); - } - } + else { + /* Add authority data to .Xauthority if appropriate. */ + if (auth_proto != NULL && auth_data != NULL) { + if (debug_flag) + fprintf(stderr, "Running %.100s add %.100s %.100s %.100s\n", + XAUTH_PATH, display, auth_proto, auth_data); + + f = popen(XAUTH_PATH " -q -", "w"); + if (f) { + fprintf(f, "add %s %s %s\n", display, auth_proto, auth_data); + fclose(f); + } else + fprintf(stderr, "Could not run %s -q -\n", XAUTH_PATH); + } + } #endif /* XAUTH_PATH */ - /* Get the last component of the shell name. */ - cp = strrchr(shell, '/'); - if (cp) - cp++; - else - cp = shell; - } - - /* If we have no command, execute the shell. In this case, the shell name - to be passed in argv[0] is preceded by '-' to indicate that this is - a login shell. */ - if (!command) - { - if(!options.use_login) { - char buf[256]; - - /* Check for mail if we have a tty and it was enabled in server options. */ - if (ttyname && options.check_mail) { - char *mailbox; - struct stat mailstat; - mailbox = getenv("MAIL"); - if(mailbox != NULL) { - if(stat(mailbox, &mailstat) != 0 || mailstat.st_size == 0) { - printf("No mail.\n"); - } else if(mailstat.st_mtime < mailstat.st_atime) { - printf("You have mail.\n"); - } else { - printf("You have new mail.\n"); - } - } - } - /* Start the shell. Set initial character to '-'. */ - buf[0] = '-'; - strncpy(buf + 1, cp, sizeof(buf) - 1); - buf[sizeof(buf) - 1] = 0; - /* Execute the shell. */ - argv[0] = buf; - argv[1] = NULL; - execve(shell, argv, env); - /* Executing the shell failed. */ - perror(shell); - exit(1); - - } else { - /* Launch login(1). */ - - execl("/usr/bin/login", "login", "-h", get_remote_ipaddr(), "-p", "-f", "--", pw->pw_name, NULL); - - /* Login couldn't be executed, die. */ - - perror("login"); - exit(1); - } - } - - /* Execute the command using the user's shell. This uses the -c option - to execute the command. */ - argv[0] = (char *)cp; - argv[1] = "-c"; - argv[2] = (char *)command; - argv[3] = NULL; - execve(shell, argv, env); - perror(shell); - exit(1); + /* Get the last component of the shell name. */ + cp = strrchr(shell, '/'); + if (cp) + cp++; + else + cp = shell; + } + /* + * If we have no command, execute the shell. In this case, the shell + * name to be passed in argv[0] is preceded by '-' to indicate that + * this is a login shell. + */ + if (!command) { + if (!options.use_login) { + char buf[256]; + + /* + * Check for mail if we have a tty and it was enabled + * in server options. + */ + if (ttyname && options.check_mail) { + char *mailbox; + struct stat mailstat; + mailbox = getenv("MAIL"); + if (mailbox != NULL) { + if (stat(mailbox, &mailstat) != 0 || mailstat.st_size == 0) + printf("No mail.\n"); + else if (mailstat.st_mtime < mailstat.st_atime) + printf("You have mail.\n"); + else + printf("You have new mail.\n"); + } + } + /* Start the shell. Set initial character to '-'. */ + buf[0] = '-'; + strncpy(buf + 1, cp, sizeof(buf) - 1); + buf[sizeof(buf) - 1] = 0; + + /* Execute the shell. */ + argv[0] = buf; + argv[1] = NULL; + execve(shell, argv, env); + + /* Executing the shell failed. */ + perror(shell); + exit(1); + + } else { + /* Launch login(1). */ + + execl("/usr/bin/login", "login", "-h", get_remote_ipaddr(), + "-p", "-f", "--", pw->pw_name, NULL); + + /* Login couldn't be executed, die. */ + + perror("login"); + exit(1); + } + } + /* + * Execute the command using the user's shell. This uses the -c + * option to execute the command. + */ + argv[0] = (char *) cp; + argv[1] = "-c"; + argv[2] = (char *) command; + argv[3] = NULL; + execve(shell, argv, env); + perror(shell); + exit(1); } Index: usr.bin/ssh/sshd_config =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshd_config,v retrieving revision 1.12 retrieving revision 1.14 diff -u -r1.12 -r1.14 --- usr.bin/ssh/sshd_config 1999/10/17 20:48:08 1.12 +++ usr.bin/ssh/sshd_config 1999/11/11 22:58:39 1.14 @@ -10,14 +10,19 @@ # # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes +# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication +#IgnoreUserKnownHosts yes StrictModes yes -QuietMode no X11Forwarding no X11DisplayOffset 10 -FascistLogging no PrintMotd yes KeepAlive yes + +# Logging SyslogFacility AUTH +LogLevel INFO +#obsoletes QuietMode and FascistLogging + RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh_known_hosts Index: usr.bin/ssh/tildexpand.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/tildexpand.c,v retrieving revision 1.2 retrieving revision 1.6 diff -u -r1.2 -r1.6 --- usr.bin/ssh/tildexpand.c 1999/09/30 16:48:48 1.2 +++ usr.bin/ssh/tildexpand.c 1999/12/06 19:10:38 1.6 @@ -1,70 +1,66 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Wed Jul 12 01:07:36 1995 ylo + */ -tildexpand.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Wed Jul 12 01:07:36 1995 ylo - -*/ - #include "includes.h" -RCSID("$Id: tildexpand.c,v 1.2 1999/09/30 16:48:48 deraadt Exp $"); +RCSID("$Id: tildexpand.c,v 1.6 1999/12/06 19:10:38 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" - -/* Expands tildes in the file name. Returns data allocated by xmalloc. - Warning: this calls getpw*. */ -char *tilde_expand_filename(const char *filename, uid_t my_uid) +/* + * Expands tildes in the file name. Returns data allocated by xmalloc. + * Warning: this calls getpw*. + */ +char * +tilde_expand_filename(const char *filename, uid_t my_uid) { - const char *cp; - unsigned int userlen; - char *expanded; - struct passwd *pw; - char user[100]; - - /* Return immediately if no tilde. */ - if (filename[0] != '~') - return xstrdup(filename); - - /* Skip the tilde. */ - filename++; - - /* Find where the username ends. */ - cp = strchr(filename, '/'); - if (cp) - userlen = cp - filename; /* Have something after username. */ - else - userlen = strlen(filename); /* Nothign after username. */ - if (userlen == 0) - pw = getpwuid(my_uid); /* Own home directory. */ - else - { - /* Tilde refers to someone elses home directory. */ - if (userlen > sizeof(user) - 1) - fatal("User name after tilde too long."); - memcpy(user, filename, userlen); - user[userlen] = 0; - pw = getpwnam(user); - } - - /* Check that we found the user. */ - if (!pw) - fatal("Unknown user %100s.", user); - - /* If referring to someones home directory, return it now. */ - if (!cp) - { /* Only home directory specified */ - return xstrdup(pw->pw_dir); - } - - /* Build a path combining the specified directory and path. */ - expanded = xmalloc(strlen(pw->pw_dir) + strlen(cp + 1) + 2); - sprintf(expanded, "%s/%s", pw->pw_dir, cp + 1); - return expanded; + const char *cp; + unsigned int userlen; + char *expanded; + struct passwd *pw; + char user[100]; + int len; + + /* Return immediately if no tilde. */ + if (filename[0] != '~') + return xstrdup(filename); + + /* Skip the tilde. */ + filename++; + + /* Find where the username ends. */ + cp = strchr(filename, '/'); + if (cp) + userlen = cp - filename; /* Something after username. */ + else + userlen = strlen(filename); /* Nothing after username. */ + if (userlen == 0) + pw = getpwuid(my_uid); /* Own home directory. */ + else { + /* Tilde refers to someone elses home directory. */ + if (userlen > sizeof(user) - 1) + fatal("User name after tilde too long."); + memcpy(user, filename, userlen); + user[userlen] = 0; + pw = getpwnam(user); + } + if (!pw) + fatal("Unknown user %100s.", user); + + /* If referring to someones home directory, return it now. */ + if (!cp) { + /* Only home directory specified */ + return xstrdup(pw->pw_dir); + } + /* Build a path combining the specified directory and path. */ + len = strlen(pw->pw_dir) + strlen(cp + 1) + 2; + if (len > MAXPATHLEN) + fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1); + expanded = xmalloc(len); + snprintf(expanded, len, "%s/%s", pw->pw_dir, cp + 1); + return expanded; } Index: usr.bin/ssh/ttymodes.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ttymodes.c,v retrieving revision 1.2 retrieving revision 1.5 diff -u -r1.2 -r1.5 --- usr.bin/ssh/ttymodes.c 1999/09/30 05:03:05 1.2 +++ usr.bin/ssh/ttymodes.c 1999/11/24 19:53:54 1.5 @@ -1,233 +1,228 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Tue Mar 21 15:59:15 1995 ylo + * Encoding and decoding of terminal modes in a portable way. + * Much of the format is defined in ttymodes.h; it is included multiple times + * into this file with the appropriate macro definitions to generate the + * suitable code. + */ -ttymodes.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Tue Mar 21 15:59:15 1995 ylo - -Encoding and decoding of terminal modes in a portable way. -Much of the format is defined in ttymodes.h; it is included multiple times -into this file with the appropriate macro definitions to generate the -suitable code. - -*/ - #include "includes.h" -RCSID("$Id: ttymodes.c,v 1.2 1999/09/30 05:03:05 deraadt Exp $"); +RCSID("$Id: ttymodes.c,v 1.5 1999/11/24 19:53:54 markus Exp $"); #include "packet.h" #include "ssh.h" #define TTY_OP_END 0 -#define TTY_OP_ISPEED 192 /* int follows */ -#define TTY_OP_OSPEED 193 /* int follows */ +#define TTY_OP_ISPEED 192 /* int follows */ +#define TTY_OP_OSPEED 193 /* int follows */ -/* Converts POSIX speed_t to a baud rate. The values of the constants - for speed_t are not themselves portable. */ - -static int speed_to_baud(speed_t speed) +/* + * Converts POSIX speed_t to a baud rate. The values of the + * constants for speed_t are not themselves portable. + */ +static int +speed_to_baud(speed_t speed) { - switch (speed) - { - case B0: - return 0; - case B50: - return 50; - case B75: - return 75; - case B110: - return 110; - case B134: - return 134; - case B150: - return 150; - case B200: - return 200; - case B300: - return 300; - case B600: - return 600; - case B1200: - return 1200; - case B1800: - return 1800; - case B2400: - return 2400; - case B4800: - return 4800; - case B9600: - return 9600; + switch (speed) { + case B0: + return 0; + case B50: + return 50; + case B75: + return 75; + case B110: + return 110; + case B134: + return 134; + case B150: + return 150; + case B200: + return 200; + case B300: + return 300; + case B600: + return 600; + case B1200: + return 1200; + case B1800: + return 1800; + case B2400: + return 2400; + case B4800: + return 4800; + case B9600: + return 9600; #ifdef B19200 - case B19200: - return 19200; + case B19200: + return 19200; #else /* B19200 */ #ifdef EXTA - case EXTA: - return 19200; + case EXTA: + return 19200; #endif /* EXTA */ #endif /* B19200 */ #ifdef B38400 - case B38400: - return 38400; + case B38400: + return 38400; #else /* B38400 */ #ifdef EXTB - case EXTB: - return 38400; + case EXTB: + return 38400; #endif /* EXTB */ #endif /* B38400 */ #ifdef B7200 - case B7200: - return 7200; + case B7200: + return 7200; #endif /* B7200 */ #ifdef B14400 - case B14400: - return 14400; + case B14400: + return 14400; #endif /* B14400 */ #ifdef B28800 - case B28800: - return 28800; + case B28800: + return 28800; #endif /* B28800 */ #ifdef B57600 - case B57600: - return 57600; + case B57600: + return 57600; #endif /* B57600 */ #ifdef B76800 - case B76800: - return 76800; + case B76800: + return 76800; #endif /* B76800 */ #ifdef B115200 - case B115200: - return 115200; + case B115200: + return 115200; #endif /* B115200 */ #ifdef B230400 - case B230400: - return 230400; + case B230400: + return 230400; #endif /* B230400 */ - default: - return 9600; - } + default: + return 9600; + } } -/* Converts a numeric baud rate to a POSIX speed_t. */ - -static speed_t baud_to_speed(int baud) +/* + * Converts a numeric baud rate to a POSIX speed_t. + */ +static speed_t +baud_to_speed(int baud) { - switch (baud) - { - case 0: - return B0; - case 50: - return B50; - case 75: - return B75; - case 110: - return B110; - case 134: - return B134; - case 150: - return B150; - case 200: - return B200; - case 300: - return B300; - case 600: - return B600; - case 1200: - return B1200; - case 1800: - return B1800; - case 2400: - return B2400; - case 4800: - return B4800; - case 9600: - return B9600; + switch (baud) { + case 0: + return B0; + case 50: + return B50; + case 75: + return B75; + case 110: + return B110; + case 134: + return B134; + case 150: + return B150; + case 200: + return B200; + case 300: + return B300; + case 600: + return B600; + case 1200: + return B1200; + case 1800: + return B1800; + case 2400: + return B2400; + case 4800: + return B4800; + case 9600: + return B9600; #ifdef B19200 - case 19200: - return B19200; + case 19200: + return B19200; #else /* B19200 */ #ifdef EXTA - case 19200: - return EXTA; + case 19200: + return EXTA; #endif /* EXTA */ #endif /* B19200 */ #ifdef B38400 - case 38400: - return B38400; + case 38400: + return B38400; #else /* B38400 */ #ifdef EXTB - case 38400: - return EXTB; + case 38400: + return EXTB; #endif /* EXTB */ #endif /* B38400 */ #ifdef B7200 - case 7200: - return B7200; + case 7200: + return B7200; #endif /* B7200 */ #ifdef B14400 - case 14400: - return B14400; + case 14400: + return B14400; #endif /* B14400 */ #ifdef B28800 - case 28800: - return B28800; + case 28800: + return B28800; #endif /* B28800 */ #ifdef B57600 - case 57600: - return B57600; + case 57600: + return B57600; #endif /* B57600 */ #ifdef B76800 - case 76800: - return B76800; + case 76800: + return B76800; #endif /* B76800 */ #ifdef B115200 - case 115200: - return B115200; + case 115200: + return B115200; #endif /* B115200 */ #ifdef B230400 - case 230400: - return B230400; + case 230400: + return B230400; #endif /* B230400 */ - default: - return B9600; - } + default: + return B9600; + } } - -/* Encodes terminal modes for the terminal referenced by fd in a portable - manner, and appends the modes to a packet being constructed. */ -void tty_make_modes(int fd) +/* + * Encodes terminal modes for the terminal referenced by fd + * in a portable manner, and appends the modes to a packet + * being constructed. + */ +void +tty_make_modes(int fd) { - struct termios tio; - int baud; + struct termios tio; + int baud; - /* Get the modes. */ - if (tcgetattr(fd, &tio) < 0) - { - packet_put_char(TTY_OP_END); - log("tcgetattr: %.100s", strerror(errno)); - return; - } - - /* Store input and output baud rates. */ - baud = speed_to_baud(cfgetospeed(&tio)); - packet_put_char(TTY_OP_OSPEED); - packet_put_int(baud); - baud = speed_to_baud(cfgetispeed(&tio)); - packet_put_char(TTY_OP_ISPEED); - packet_put_int(baud); + if (tcgetattr(fd, &tio) < 0) { + packet_put_char(TTY_OP_END); + log("tcgetattr: %.100s", strerror(errno)); + return; + } + /* Store input and output baud rates. */ + baud = speed_to_baud(cfgetospeed(&tio)); + packet_put_char(TTY_OP_OSPEED); + packet_put_int(baud); + baud = speed_to_baud(cfgetispeed(&tio)); + packet_put_char(TTY_OP_ISPEED); + packet_put_int(baud); - /* Store values of mode flags. */ + /* Store values of mode flags. */ #define TTYCHAR(NAME, OP) \ packet_put_char(OP); packet_put_char(tio.c_cc[NAME]); #define TTYMODE(NAME, FIELD, OP) \ @@ -244,49 +239,51 @@ #undef SGTTYMODE #undef SGTTYMODEN - /* Mark end of mode data. */ - packet_put_char(TTY_OP_END); + /* Mark end of mode data. */ + packet_put_char(TTY_OP_END); } -/* Decodes terminal modes for the terminal referenced by fd in a portable - manner from a packet being read. */ - -void tty_parse_modes(int fd, int *n_bytes_ptr) +/* + * Decodes terminal modes for the terminal referenced by fd in a portable + * manner from a packet being read. + */ +void +tty_parse_modes(int fd, int *n_bytes_ptr) { - struct termios tio; - int opcode, baud; - int n_bytes = 0; - int failure = 0; - - /* Get old attributes for the terminal. We will modify these flags. - I am hoping that if there are any machine-specific modes, they will - initially have reasonable values. */ - if (tcgetattr(fd, &tio) < 0) - failure = -1; - - for (;;) - { - n_bytes += 1; - opcode = packet_get_char(); - switch (opcode) - { - case TTY_OP_END: - goto set; - - case TTY_OP_ISPEED: - n_bytes += 4; - baud = packet_get_int(); - if (failure != -1 && cfsetispeed(&tio, baud_to_speed(baud)) < 0) - error("cfsetispeed failed for %d", baud); - break; + struct termios tio; + int opcode, baud; + int n_bytes = 0; + int failure = 0; + + /* + * Get old attributes for the terminal. We will modify these + * flags. I am hoping that if there are any machine-specific + * modes, they will initially have reasonable values. + */ + if (tcgetattr(fd, &tio) < 0) + failure = -1; + + for (;;) { + n_bytes += 1; + opcode = packet_get_char(); + switch (opcode) { + case TTY_OP_END: + goto set; + + case TTY_OP_ISPEED: + n_bytes += 4; + baud = packet_get_int(); + if (failure != -1 && cfsetispeed(&tio, baud_to_speed(baud)) < 0) + error("cfsetispeed failed for %d", baud); + break; + + case TTY_OP_OSPEED: + n_bytes += 4; + baud = packet_get_int(); + if (failure != -1 && cfsetospeed(&tio, baud_to_speed(baud)) < 0) + error("cfsetospeed failed for %d", baud); + break; - case TTY_OP_OSPEED: - n_bytes += 4; - baud = packet_get_int(); - if (failure != -1 && cfsetospeed(&tio, baud_to_speed(baud)) < 0) - error("cfsetospeed failed for %d", baud); - break; - #define TTYCHAR(NAME, OP) \ case OP: \ n_bytes += 1; \ @@ -312,48 +309,51 @@ #undef SGTTYMODE #undef SGTTYMODEN - default: - debug("Ignoring unsupported tty mode opcode %d (0x%x)", - opcode, opcode); - /* Opcodes 0 to 127 are defined to have a one-byte argument. */ - if (opcode >= 0 && opcode < 128) - { - n_bytes += 1; - (void)packet_get_char(); - break; - } - else - { - /* Opcodes 128 to 159 are defined to have an integer argument. */ - if (opcode >= 128 && opcode < 160) - { - n_bytes += 4; - (void)packet_get_int(); - break; + default: + debug("Ignoring unsupported tty mode opcode %d (0x%x)", + opcode, opcode); + /* + * Opcodes 0 to 127 are defined to have + * a one-byte argument. + */ + if (opcode >= 0 && opcode < 128) { + n_bytes += 1; + (void) packet_get_char(); + break; + } else { + /* + * Opcodes 128 to 159 are defined to have + * an integer argument. + */ + if (opcode >= 128 && opcode < 160) { + n_bytes += 4; + (void) packet_get_int(); + break; + } + } + /* + * It is a truly undefined opcode (160 to 255). + * We have no idea about its arguments. So we + * must stop parsing. Note that some data may be + * left in the packet; hopefully there is nothing + * more coming after the mode data. + */ + log("parse_tty_modes: unknown opcode %d", opcode); + packet_integrity_check(0, 1, SSH_CMSG_REQUEST_PTY); + goto set; } - } - /* It is a truly undefined opcode (160 to 255). We have no idea - about its arguments. So we must stop parsing. Note that some - data may be left in the packet; hopefully there is nothing more - coming after the mode data. */ - log("parse_tty_modes: unknown opcode %d", opcode); - packet_integrity_check(0, 1, SSH_CMSG_REQUEST_PTY); - goto set; + } + +set: + if (*n_bytes_ptr != n_bytes) { + *n_bytes_ptr = n_bytes; + return; /* Don't process bytes passed */ } - } + if (failure == -1) + return; /* Packet parsed ok but tty stuff failed */ - set: - if (*n_bytes_ptr != n_bytes) - { - *n_bytes_ptr = n_bytes; - return; /* Don't process bytes passed */ - } - - if (failure == -1) - return; /* Packet parsed ok but tty stuff failed */ - - /* Set the new modes for the terminal. */ - if (tcsetattr(fd, TCSANOW, &tio) < 0) - log("Setting tty modes failed: %.100s", strerror(errno)); - return; + /* Set the new modes for the terminal. */ + if (tcsetattr(fd, TCSANOW, &tio) < 0) + log("Setting tty modes failed: %.100s", strerror(errno)); + return; } Index: usr.bin/ssh/ttymodes.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/ttymodes.h,v retrieving revision 1.4 retrieving revision 1.6 diff -u -r1.4 -r1.6 --- usr.bin/ssh/ttymodes.h 1999/10/03 04:12:21 1.4 +++ usr.bin/ssh/ttymodes.h 1999/11/24 19:53:54 1.6 @@ -1,33 +1,36 @@ /* + * + * ttymodes.h + * + * Author: Tatu Ylonen + * SGTTY stuff contributed by Janne Snabb + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Tue Mar 21 15:42:09 1995 ylo + * + */ -ttymodes.h +/* RCSID("$Id: ttymodes.h,v 1.6 1999/11/24 19:53:54 markus Exp $"); */ -Author: Tatu Ylonen - SGTTY stuff contributed by Janne Snabb - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Tue Mar 21 15:42:09 1995 ylo - -*/ - -/* RCSID("$Id: ttymodes.h,v 1.4 1999/10/03 04:12:21 deraadt Exp $"); */ - /* The tty mode description is a stream of bytes. The stream consists of - opcode-arguments pairs. It is terminated by opcode TTY_OP_END (0). - Opcodes 1-127 have one-byte arguments. Opcodes 128-159 have integer - arguments. Opcodes 160-255 are not yet defined, and cause parsing to - stop (they should only be used after any other data). - - The client puts in the stream any modes it knows about, and the - server ignores any modes it does not know about. This allows some degree - of machine-independence, at least between systems that use a posix-like - tty interface. The protocol can support other systems as well, but might - require reimplementing as mode names would likely be different. */ - -/* Some constants and prototypes are defined in packet.h; this file - is only intended for including from ttymodes.h. */ + * opcode-arguments pairs. It is terminated by opcode TTY_OP_END (0). + * Opcodes 1-127 have one-byte arguments. Opcodes 128-159 have integer + * arguments. Opcodes 160-255 are not yet defined, and cause parsing to + * stop (they should only be used after any other data). + * + * The client puts in the stream any modes it knows about, and the + * server ignores any modes it does not know about. This allows some degree + * of machine-independence, at least between systems that use a posix-like + * tty interface. The protocol can support other systems as well, but might + * require reimplementing as mode names would likely be different. + */ + +/* + * Some constants and prototypes are defined in packet.h; this file + * is only intended for including from ttymodes.c. + */ /* termios macro */ /* sgtty macro */ /* name, op */ Index: usr.bin/ssh/uidswap.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/uidswap.c,v retrieving revision 1.2 retrieving revision 1.5 diff -u -r1.2 -r1.5 --- usr.bin/ssh/uidswap.c 1999/09/30 08:34:25 1.2 +++ usr.bin/ssh/uidswap.c 1999/11/24 19:53:54 1.5 @@ -1,32 +1,25 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Sat Sep 9 01:56:14 1995 ylo + * Code for uid-swapping. + */ -uidswap.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Sep 9 01:56:14 1995 ylo - -Code for uid-swapping. - -*/ - #include "includes.h" -RCSID("$Id: uidswap.c,v 1.2 1999/09/30 08:34:25 deraadt Exp $"); +RCSID("$Id: uidswap.c,v 1.5 1999/11/24 19:53:54 markus Exp $"); #include "ssh.h" #include "uidswap.h" - -/* Note: all these functions must work in all of the following cases: - - 1. euid=0, ruid=0 - 2. euid=0, ruid!=0 - 3. euid!=0, ruid!=0 - Additionally, they must work regardless of whether the system has - POSIX saved uids or not. */ +/* + * Note: all these functions must work in all of the following cases: + * 1. euid=0, ruid=0 + * 2. euid=0, ruid!=0 + * 3. euid!=0, ruid!=0 + * Additionally, they must work regardless of whether the system has + * POSIX saved uids or not. + */ #ifdef _POSIX_SAVED_IDS /* Lets assume that posix saved ids also work with seteuid, even though that @@ -37,59 +30,58 @@ /* Saved effective uid. */ static uid_t saved_euid = 0; -/* Temporarily changes to the given uid. If the effective user id is not - root, this does nothing. This call cannot be nested. */ - -void temporarily_use_uid(uid_t uid) +/* + * Temporarily changes to the given uid. If the effective user + * id is not root, this does nothing. This call cannot be nested. + */ +void +temporarily_use_uid(uid_t uid) { #ifdef SAVED_IDS_WORK_WITH_SETEUID - - /* Save the current euid. */ - saved_euid = geteuid(); + /* Save the current euid. */ + saved_euid = geteuid(); - /* Set the effective uid to the given (unprivileged) uid. */ - if (seteuid(uid) == -1) - debug("seteuid %d: %.100s", (int)uid, strerror(errno)); - + /* Set the effective uid to the given (unprivileged) uid. */ + if (seteuid(uid) == -1) + debug("seteuid %d: %.100s", (int) uid, strerror(errno)); #else /* SAVED_IDS_WORK_WITH_SETUID */ - - /* Propagate the privileged uid to all of our uids. */ - if (setuid(geteuid()) < 0) - debug("setuid %d: %.100s", (int)geteuid(), strerror(errno)); - - /* Set the effective uid to the given (unprivileged) uid. */ - if (seteuid(uid) == -1) - debug("seteuid %d: %.100s", (int)uid, strerror(errno)); - + /* Propagate the privileged uid to all of our uids. */ + if (setuid(geteuid()) < 0) + debug("setuid %d: %.100s", (int) geteuid(), strerror(errno)); + + /* Set the effective uid to the given (unprivileged) uid. */ + if (seteuid(uid) == -1) + debug("seteuid %d: %.100s", (int) uid, strerror(errno)); #endif /* SAVED_IDS_WORK_WITH_SETEUID */ - } - -/* Restores to the original uid. */ -void restore_uid() +/* + * Restores to the original uid. + */ +void +restore_uid() { #ifdef SAVED_IDS_WORK_WITH_SETEUID - - /* Set the effective uid back to the saved uid. */ - if (seteuid(saved_euid) < 0) - debug("seteuid %d: %.100s", (int)saved_euid, strerror(errno)); - + /* Set the effective uid back to the saved uid. */ + if (seteuid(saved_euid) < 0) + debug("seteuid %d: %.100s", (int) saved_euid, strerror(errno)); #else /* SAVED_IDS_WORK_WITH_SETEUID */ - - /* We are unable to restore the real uid to its unprivileged value. */ - /* Propagate the real uid (usually more privileged) to effective uid - as well. */ - setuid(getuid()); - + /* + * We are unable to restore the real uid to its unprivileged value. + * Propagate the real uid (usually more privileged) to effective uid + * as well. + */ + setuid(getuid()); #endif /* SAVED_IDS_WORK_WITH_SETEUID */ } - -/* Permanently sets all uids to the given uid. This cannot be called while - temporarily_use_uid is effective. */ -void permanently_set_uid(uid_t uid) +/* + * Permanently sets all uids to the given uid. This cannot be + * called while temporarily_use_uid is effective. + */ +void +permanently_set_uid(uid_t uid) { - if (setuid(uid) < 0) - debug("setuid %d: %.100s", (int)uid, strerror(errno)); + if (setuid(uid) < 0) + debug("setuid %d: %.100s", (int) uid, strerror(errno)); } Index: usr.bin/ssh/uidswap.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/uidswap.h,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- usr.bin/ssh/uidswap.h 1999/09/26 20:53:38 1.1 +++ usr.bin/ssh/uidswap.h 1999/11/24 00:26:04 1.2 @@ -1,30 +1,36 @@ /* + * + * uidswap.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Sat Sep 9 01:43:15 1995 ylo + * Last modified: Sat Sep 9 02:34:04 1995 ylo + * + */ -uidswap.h - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Sat Sep 9 01:43:15 1995 ylo -Last modified: Sat Sep 9 02:34:04 1995 ylo - -*/ - #ifndef UIDSWAP_H #define UIDSWAP_H - -/* Temporarily changes to the given uid. If the effective user id is not - root, this does nothing. This call cannot be nested. */ -void temporarily_use_uid(uid_t uid); - -/* Restores the original effective user id after temporarily_use_uid(). - This should only be called while temporarily_use_uid is effective. */ -void restore_uid(); -/* Permanently sets all uids to the given uid. This cannot be called while - temporarily_use_uid is effective. This must also clear any saved uids. */ -void permanently_set_uid(uid_t uid); +/* + * Temporarily changes to the given uid. If the effective user id is not + * root, this does nothing. This call cannot be nested. + */ +void temporarily_use_uid(uid_t uid); + +/* + * Restores the original effective user id after temporarily_use_uid(). + * This should only be called while temporarily_use_uid is effective. + */ +void restore_uid(); + +/* + * Permanently sets all uids to the given uid. This cannot be called while + * temporarily_use_uid is effective. This must also clear any saved uids. + */ +void permanently_set_uid(uid_t uid); -#endif /* UIDSWAP_H */ +#endif /* UIDSWAP_H */ Index: usr.bin/ssh/xmalloc.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/xmalloc.c,v retrieving revision 1.3 retrieving revision 1.5 diff -u -r1.3 -r1.5 --- usr.bin/ssh/xmalloc.c 1999/09/30 04:30:03 1.3 +++ usr.bin/ssh/xmalloc.c 1999/11/24 00:26:04 1.5 @@ -1,56 +1,53 @@ /* + * Author: Tatu Ylonen + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * Created: Mon Mar 20 21:23:10 1995 ylo + * Versions of malloc and friends that check their results, and never return + * failure (they call fatal if they encounter an error). + */ -xmalloc.c - -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Mar 20 21:23:10 1995 ylo - -Versions of malloc and friends that check their results, and never return -failure (they call fatal if they encounter an error). - -*/ - #include "includes.h" -RCSID("$Id: xmalloc.c,v 1.3 1999/09/30 04:30:03 deraadt Exp $"); +RCSID("$Id: xmalloc.c,v 1.5 1999/11/24 00:26:04 deraadt Exp $"); #include "ssh.h" -void *xmalloc(size_t size) +void * +xmalloc(size_t size) { - void *ptr = malloc(size); - if (ptr == NULL) - fatal("xmalloc: out of memory (allocating %d bytes)", (int)size); - return ptr; + void *ptr = malloc(size); + if (ptr == NULL) + fatal("xmalloc: out of memory (allocating %d bytes)", (int) size); + return ptr; } -void *xrealloc(void *ptr, size_t new_size) +void * +xrealloc(void *ptr, size_t new_size) { - void *new_ptr; + void *new_ptr; - if (ptr == NULL) - fatal("xrealloc: NULL pointer given as argument"); - new_ptr = realloc(ptr, new_size); - if (new_ptr == NULL) - fatal("xrealloc: out of memory (new_size %d bytes)", (int)new_size); - return new_ptr; + if (ptr == NULL) + fatal("xrealloc: NULL pointer given as argument"); + new_ptr = realloc(ptr, new_size); + if (new_ptr == NULL) + fatal("xrealloc: out of memory (new_size %d bytes)", (int) new_size); + return new_ptr; } -void xfree(void *ptr) +void +xfree(void *ptr) { - if (ptr == NULL) - fatal("xfree: NULL pointer given as argument"); - free(ptr); + if (ptr == NULL) + fatal("xfree: NULL pointer given as argument"); + free(ptr); } -char *xstrdup(const char *str) +char * +xstrdup(const char *str) { - int len = strlen(str) + 1; + int len = strlen(str) + 1; - char *cp = xmalloc(len); - strlcpy(cp, str, len); - return cp; + char *cp = xmalloc(len); + strlcpy(cp, str, len); + return cp; } Index: usr.bin/ssh/xmalloc.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/xmalloc.h,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- usr.bin/ssh/xmalloc.h 1999/09/26 20:53:38 1.1 +++ usr.bin/ssh/xmalloc.h 1999/11/24 00:26:04 1.2 @@ -1,34 +1,34 @@ /* + * + * xmalloc.h + * + * Author: Tatu Ylonen + * + * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 20 22:09:17 1995 ylo + * + * Versions of malloc and friends that check their results, and never return + * failure (they call fatal if they encounter an error). + * + */ -xmalloc.h +/* RCSID("$Id: xmalloc.h,v 1.2 1999/11/24 00:26:04 deraadt Exp $"); */ -Author: Tatu Ylonen - -Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - All rights reserved - -Created: Mon Mar 20 22:09:17 1995 ylo - -Versions of malloc and friends that check their results, and never return -failure (they call fatal if they encounter an error). - -*/ - -/* RCSID("$Id: xmalloc.h,v 1.1 1999/09/26 20:53:38 deraadt Exp $"); */ - #ifndef XMALLOC_H #define XMALLOC_H /* Like malloc, but calls fatal() if out of memory. */ -void *xmalloc(size_t size); +void *xmalloc(size_t size); /* Like realloc, but calls fatal() if out of memory. */ -void *xrealloc(void *ptr, size_t new_size); +void *xrealloc(void *ptr, size_t new_size); /* Frees memory allocated using xmalloc or xrealloc. */ -void xfree(void *ptr); +void xfree(void *ptr); /* Allocates memory using xmalloc, and copies the string into that memory. */ -char *xstrdup(const char *str); +char *xstrdup(const char *str); -#endif /* XMALLOC_H */ +#endif /* XMALLOC_H */ Index: usr.bin/ssh/lib/Makefile =================================================================== RCS file: Makefile diff -N Makefile --- /dev/null Wed Dec 8 12:40:35 1999 +++ /tmp/cvsZcWkd31367 Wed Dec 8 12:42:13 1999 @@ -0,0 +1,25 @@ +.PATH: ${.CURDIR}/.. + +LIB= ssh +SRCS= authfd.c authfile.c bufaux.c buffer.c canohost.c channels.c \ + cipher.c compat.c compress.c crc32.c deattack.c fingerprint.c \ + hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \ + rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c + +NOPROFILE= yes +NOPIC= yes + +install: + @echo -n + +.include + +.if (${KERBEROS} == "yes") +CFLAGS+= -DKRB4 -I/usr/include/kerberosIV +.if (${AFS} == "yes") +CFLAGS+= -DAFS +SRCS+= radix.c +.endif # AFS +.endif # KERBEROS + +.include Index: usr.bin/ssh/scp/Makefile =================================================================== RCS file: /cvs/src/usr.bin/ssh/scp/Makefile,v retrieving revision 1.4 retrieving revision 1.7 diff -u -r1.4 -r1.7 --- usr.bin/ssh/scp/Makefile 1999/10/07 05:10:24 1.4 +++ usr.bin/ssh/scp/Makefile 1999/12/06 21:47:11 1.7 @@ -13,6 +13,6 @@ BINDIR= /usr/bin MAN= scp.1 -SRCS= scp.c xmalloc.c +SRCS= scp.c .include Index: usr.bin/ssh/ssh/Makefile =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh/Makefile,v retrieving revision 1.17 retrieving revision 1.22 diff -u -r1.17 -r1.22 --- usr.bin/ssh/ssh/Makefile 1999/10/16 20:47:14 1.17 +++ usr.bin/ssh/ssh/Makefile 1999/12/06 21:47:12 1.22 @@ -15,17 +15,9 @@ LINKS= ${BINDIR}/ssh ${BINDIR}/slogin MLINKS= ssh.1 slogin.1 -SRCS= ssh.c sshconnect.c log-client.c readconf.c hostfile.c readpass.c \ - tildexpand.c uidswap.c clientloop.c canohost.c rsa.c buffer.c \ - packet.c xmalloc.c ttymodes.c channels.c bufaux.c authfd.c \ - authfile.c crc32.c match.c mpaux.c cipher.c compress.c deattack.c\ - nchan.c compat.c +SRCS= ssh.c sshconnect.c log-client.c readconf.c clientloop.c .include # for AFS - -.if (${AFS} == "yes") -SRCS+= radix.c -.endif .if (${KERBEROS} == "yes") CFLAGS+= -DKRB4 -I/usr/include/kerberosIV Index: usr.bin/ssh/ssh-add/Makefile =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-add/Makefile,v retrieving revision 1.12 retrieving revision 1.16 diff -u -r1.12 -r1.16 --- usr.bin/ssh/ssh-add/Makefile 1999/10/07 05:10:25 1.12 +++ usr.bin/ssh/ssh-add/Makefile 1999/12/06 21:47:11 1.16 @@ -11,22 +11,11 @@ .endif BINDIR= /usr/bin -LDADD= -lcrypto -lutil -lz -DPADD= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} MAN= ssh-add.1 -SRCS= ssh-add.c log-client.c readpass.c rsa.c buffer.c xmalloc.c \ - bufaux.c authfd.c authfile.c mpaux.c cipher.c +SRCS= ssh-add.c log-client.c .include -.if (${KERBEROS} == "yes") -CFLAGS+= -DKRB4 -I/usr/include/kerberosIV -LDADD+= -lkrb -DPADD+= ${LIBKRB} -.if (${AFS} == "yes") -CFLAGS+= -DAFS -LDADD+= -lkafs -DPADD+= ${LIBKRBAFS} -.endif # AFS -.endif # KERBEROS +LDADD+= -lcrypto -lutil -lz +DPADD+= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} Index: usr.bin/ssh/ssh-agent/Makefile =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-agent/Makefile,v retrieving revision 1.11 retrieving revision 1.13 diff -u -r1.11 -r1.13 --- usr.bin/ssh/ssh-agent/Makefile 1999/10/07 05:10:25 1.11 +++ usr.bin/ssh/ssh-agent/Makefile 1999/10/27 16:54:49 1.13 @@ -11,22 +11,11 @@ .endif BINDIR= /usr/bin -LDADD= -lcrypto -lutil -lz -DPADD= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} MAN= ssh-agent.1 -SRCS= ssh-agent.c log-client.c rsa.c buffer.c xmalloc.c bufaux.c \ - authfd.c authfile.c mpaux.c cipher.c +SRCS= ssh-agent.c log-client.c .include -.if (${KERBEROS} == "yes") -CFLAGS+= -DKRB4 -I/usr/include/kerberosIV -LDADD+= -lkrb -DPADD+= ${LIBKRB} -.if (${AFS} == "yes") -CFLAGS+= -DAFS -LDADD+= -lkafs -DPADD+= ${LIBKRBAFS} -.endif # AFS -.endif # KERBEROS +LDADD+= -lcrypto -lutil -lz +DPADD+= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} Index: usr.bin/ssh/ssh-keygen/Makefile =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-keygen/Makefile,v retrieving revision 1.11 retrieving revision 1.13 diff -u -r1.11 -r1.13 --- usr.bin/ssh/ssh-keygen/Makefile 1999/10/07 05:10:25 1.11 +++ usr.bin/ssh/ssh-keygen/Makefile 1999/10/27 16:54:49 1.13 @@ -11,22 +11,11 @@ .endif BINDIR= /usr/bin -LDADD= -lcrypto -lutil -lz -DPADD= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} MAN= ssh-keygen.1 -SRCS= ssh-keygen.c log-client.c readpass.c rsa.c buffer.c \ - xmalloc.c authfile.c mpaux.c bufaux.c cipher.c +SRCS= ssh-keygen.c log-client.c .include -.if (${KERBEROS} == "yes") -CFLAGS+= -DKRB4 -I/usr/include/kerberosIV -LDADD+= -lkrb -DPADD+= ${LIBKRB} -.if (${AFS} == "yes") -CFLAGS+= -DAFS -LDADD+= -lkafs -DPADD+= ${LIBKRBAFS} -.endif # AFS -.endif # KERBEROS +LDADD+= -lcrypto -lutil -lz +DPADD+= ${LIBCRYPTO} ${LIBDES} ${LIBUTIL} ${LIBZ} Index: usr.bin/ssh/sshd/Makefile =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshd/Makefile,v retrieving revision 1.19 retrieving revision 1.22 diff -u -r1.19 -r1.22 --- usr.bin/ssh/sshd/Makefile 1999/10/16 20:47:15 1.19 +++ usr.bin/ssh/sshd/Makefile 1999/12/06 21:47:12 1.22 @@ -7,11 +7,7 @@ MAN= sshd.8 SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \ - pty.c log-server.c login.c hostfile.c canohost.c servconf.c \ - tildexpand.c uidswap.c serverloop.c rsa.c buffer.c packet.c \ - xmalloc.c ttymodes.c channels.c bufaux.c authfd.c authfile.c \ - crc32.c match.c mpaux.c cipher.c compress.c deattack.c \ - nchan.c compat.c + pty.c log-server.c login.c servconf.c serverloop.c .include # for KERBEROS and AFS @@ -21,7 +17,6 @@ LDADD+= -lkrb DPADD+= ${LIBKRB} .if (${AFS} == "yes") -SRCS+= radix.c CFLAGS+= -DAFS LDADD+= -lkafs DPADD+= ${LIBKRBAFS}