diff options
author | Damien Miller <djm@mindrot.org> | 1999-10-30 11:39:56 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-10-30 11:39:56 +1000 |
commit | 1e4772c32c109e6c69291335ad49350e7762785d (patch) | |
tree | 1a9224ff01d028a4b9f12a477ccf447624fca96f | |
parent | 5ffa64478a963426a1ab92a7b74b87d3ae79ba53 (diff) |
Merged latest OpenBSD changes:
nchan.ms -\
channels.[ch] - remove broken x11 fix and document istate/ostate
ssh-agent.c - call setsid() regardless of argv[]
ssh.c - save a few lines when disabling rhosts-{rsa-}auth
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | README | 5 | ||||
-rw-r--r-- | channels.c | 5 | ||||
-rw-r--r-- | channels.h | 7 | ||||
-rw-r--r-- | nchan.ms | 4 | ||||
-rw-r--r-- | ssh-agent.c | 17 | ||||
-rw-r--r-- | ssh.c | 13 |
7 files changed, 30 insertions, 28 deletions
@@ -1,5 +1,12 @@ | |||
1 | 19991030 | 1 | 19991030 |
2 | - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com> | 2 | - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com> |
3 | - Merged latest updates for OpenBSD CVS: | ||
4 | - channels.[ch] - remove broken x11 fix and document istate/ostate | ||
5 | - ssh-agent.c - call setsid() regardless of argv[] | ||
6 | - ssh.c - save a few lines when disabling rhosts-{rsa-}auth | ||
7 | - Documentation cleanups | ||
8 | - Renamed README -> README.Ylonen | ||
9 | - Renamed README.openssh ->README | ||
3 | 10 | ||
4 | 19991029 | 11 | 19991029 |
5 | - Renamed openssh* back to ssh* at request of Theo de Raadt | 12 | - Renamed openssh* back to ssh* at request of Theo de Raadt |
@@ -6,7 +6,8 @@ fixed, new features reintroduced and many other clean-ups. | |||
6 | 6 | ||
7 | This Linux port basically consists of a few fixes to deal with the way | 7 | This Linux port basically consists of a few fixes to deal with the way |
8 | that OpenSSL is usually installed on Linux systems, a few replacements | 8 | that OpenSSL is usually installed on Linux systems, a few replacements |
9 | for OpenBSD library functions and the introduction of PAM support. | 9 | for OpenBSD library functions and the introduction of PAM support. This |
10 | version tracks changes made to the OpenBSD CVS version. | ||
10 | 11 | ||
11 | The PAM support is now more functional than the popular packages of | 12 | The PAM support is now more functional than the popular packages of |
12 | commercial ssh-1.2.x. It checks "account" and "session" modules for | 13 | commercial ssh-1.2.x. It checks "account" and "session" modules for |
@@ -40,7 +41,7 @@ Nalin Dahyabhai <nalin.dahyabhai@pobox.com> - PAM environment patch | |||
40 | Miscellania - | 41 | Miscellania - |
41 | 42 | ||
42 | This version of SSH is based upon code retrieved from the OpenBSD CVS | 43 | This version of SSH is based upon code retrieved from the OpenBSD CVS |
43 | repository on 1999-10-29 patched by Damien Miller <djm@ibs.com.au>, | 44 | repository on 1999-10-30 patched by Damien Miller <djm@ibs.com.au>, |
44 | which in turn was based on the last free version of SSH released by | 45 | which in turn was based on the last free version of SSH released by |
45 | Tatu Ylonen. | 46 | Tatu Ylonen. |
46 | 47 | ||
diff --git a/channels.c b/channels.c index 29a842fcf..79a02c88b 100644 --- a/channels.c +++ b/channels.c | |||
@@ -16,7 +16,7 @@ arbitrary tcp/ip connections, and the authentication agent connection. | |||
16 | */ | 16 | */ |
17 | 17 | ||
18 | #include "includes.h" | 18 | #include "includes.h" |
19 | RCSID("$Id: channels.c,v 1.2 1999/10/28 05:23:30 damien Exp $"); | 19 | RCSID("$Id: channels.c,v 1.3 1999/10/30 01:39:56 damien Exp $"); |
20 | 20 | ||
21 | #include "ssh.h" | 21 | #include "ssh.h" |
22 | #include "packet.h" | 22 | #include "packet.h" |
@@ -155,7 +155,6 @@ int channel_allocate(int type, int sock, char *remote_name) | |||
155 | chan_init_iostates(c); | 155 | chan_init_iostates(c); |
156 | c->self = found; | 156 | c->self = found; |
157 | c->type = type; | 157 | c->type = type; |
158 | c->x11 = 0; | ||
159 | c->sock = sock; | 158 | c->sock = sock; |
160 | c->remote_id = -1; | 159 | c->remote_id = -1; |
161 | c->remote_name = remote_name; | 160 | c->remote_name = remote_name; |
@@ -316,8 +315,6 @@ void channel_prepare_select(fd_set *readset, fd_set *writeset) | |||
316 | 315 | ||
317 | /* Start normal processing for the channel. */ | 316 | /* Start normal processing for the channel. */ |
318 | ch->type = SSH_CHANNEL_OPEN; | 317 | ch->type = SSH_CHANNEL_OPEN; |
319 | /* Enable X11 Problem FIX */ | ||
320 | ch->x11 = 1; | ||
321 | goto redo; | 318 | goto redo; |
322 | 319 | ||
323 | reject: | 320 | reject: |
diff --git a/channels.h b/channels.h index 9794ef50d..608c774db 100644 --- a/channels.h +++ b/channels.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* RCSID("$Id: channels.h,v 1.1 1999/10/27 03:42:44 damien Exp $"); */ | 1 | /* RCSID("$Id: channels.h,v 1.2 1999/10/30 01:39:56 damien Exp $"); */ |
2 | 2 | ||
3 | #ifndef CHANNELS_H | 3 | #ifndef CHANNELS_H |
4 | #define CHANNELS_H | 4 | #define CHANNELS_H |
@@ -26,9 +26,8 @@ typedef struct Channel | |||
26 | int self; /* my own channel identifier */ | 26 | int self; /* my own channel identifier */ |
27 | int remote_id; /* channel identifier for remote peer */ | 27 | int remote_id; /* channel identifier for remote peer */ |
28 | /* peer can be reached over encrypted connection, via packet-sent */ | 28 | /* peer can be reached over encrypted connection, via packet-sent */ |
29 | int istate; | 29 | int istate; /* input from channel (state of receive half) */ |
30 | int ostate; | 30 | int ostate; /* output to channel (state of transmit half) */ |
31 | int x11; | ||
32 | int sock; /* data socket, linked to this channel */ | 31 | int sock; /* data socket, linked to this channel */ |
33 | Buffer input; /* data read from socket, to be sent over encrypted connection */ | 32 | Buffer input; /* data read from socket, to be sent over encrypted connection */ |
34 | Buffer output; /* data received over encrypted connection for send on socket */ | 33 | Buffer output; /* data received over encrypted connection for send on socket */ |
@@ -50,9 +50,9 @@ Notes | |||
50 | The input buffer is filled with data from the socket | 50 | The input buffer is filled with data from the socket |
51 | (the socket represents the local comsumer/producer of the | 51 | (the socket represents the local comsumer/producer of the |
52 | forwarded channel). | 52 | forwarded channel). |
53 | The data is then sent over the INPUT-end of the channel to the | 53 | The data is then sent over the INPUT-end (transmit-end) of the channel to the |
54 | remote peer. | 54 | remote peer. |
55 | Data sent by the peer is received on the OUTPUT-end, | 55 | Data sent by the peer is received on the OUTPUT-end (receive-end), |
56 | saved in the output buffer and written to the socket. | 56 | saved in the output buffer and written to the socket. |
57 | .PP | 57 | .PP |
58 | If the local protocol instance has forwarded all data on the | 58 | If the local protocol instance has forwarded all data on the |
diff --git a/ssh-agent.c b/ssh-agent.c index a9d2a1426..4f7f57f03 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.15 1999/10/28 08:43:10 markus Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.16 1999/10/28 20:41:23 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | 4 | ||
@@ -15,9 +15,8 @@ The authentication agent program. | |||
15 | 15 | ||
16 | */ | 16 | */ |
17 | 17 | ||
18 | #include "config.h" | ||
19 | #include "includes.h" | 18 | #include "includes.h" |
20 | RCSID("$OpenBSD: ssh-agent.c,v 1.15 1999/10/28 08:43:10 markus Exp $"); | 19 | RCSID("$OpenBSD: ssh-agent.c,v 1.16 1999/10/28 20:41:23 markus Exp $"); |
21 | 20 | ||
22 | #include "ssh.h" | 21 | #include "ssh.h" |
23 | #include "rsa.h" | 22 | #include "rsa.h" |
@@ -656,11 +655,17 @@ main(int ac, char **av) | |||
656 | close(1); | 655 | close(1); |
657 | close(2); | 656 | close(2); |
658 | 657 | ||
659 | if (ac == 0 && setsid() == -1) | 658 | if (setsid() == -1) |
660 | cleanup_exit(1); | 659 | { |
660 | perror("setsid"); | ||
661 | cleanup_exit(1); | ||
662 | } | ||
661 | 663 | ||
662 | if (atexit(cleanup_socket) < 0) | 664 | if (atexit(cleanup_socket) < 0) |
663 | cleanup_exit(1); | 665 | { |
666 | perror("atexit"); | ||
667 | cleanup_exit(1); | ||
668 | } | ||
664 | 669 | ||
665 | new_socket(AUTH_SOCKET, sock); | 670 | new_socket(AUTH_SOCKET, sock); |
666 | if (ac > 0) | 671 | if (ac > 0) |
@@ -18,7 +18,7 @@ Modified to work with SSL by Niels Provos <provos@citi.umich.edu> in Canada. | |||
18 | */ | 18 | */ |
19 | 19 | ||
20 | #include "includes.h" | 20 | #include "includes.h" |
21 | RCSID("$Id: ssh.c,v 1.3 1999/10/28 05:23:30 damien Exp $"); | 21 | RCSID("$Id: ssh.c,v 1.4 1999/10/30 01:39:56 damien Exp $"); |
22 | 22 | ||
23 | #include "xmalloc.h" | 23 | #include "xmalloc.h" |
24 | #include "ssh.h" | 24 | #include "ssh.h" |
@@ -213,7 +213,6 @@ main(int ac, char **av) | |||
213 | else | 213 | else |
214 | cp = av0; | 214 | cp = av0; |
215 | if (strcmp(cp, "rsh") != 0 && strcmp(cp, "ssh") != 0 && | 215 | if (strcmp(cp, "rsh") != 0 && strcmp(cp, "ssh") != 0 && |
216 | strcmp(cp, "openssh") != 0 && strcmp(cp, "openlogin") != 0 && | ||
217 | strcmp(cp, "rlogin") != 0 && strcmp(cp, "slogin") != 0) | 216 | strcmp(cp, "rlogin") != 0 && strcmp(cp, "slogin") != 0) |
218 | host = cp; | 217 | host = cp; |
219 | 218 | ||
@@ -500,7 +499,7 @@ main(int ac, char **av) | |||
500 | } | 499 | } |
501 | 500 | ||
502 | /* Disable rhosts authentication if not running as root. */ | 501 | /* Disable rhosts authentication if not running as root. */ |
503 | if (original_effective_uid != 0) | 502 | if (original_effective_uid != 0 || !options.use_privileged_port) |
504 | { | 503 | { |
505 | options.rhosts_authentication = 0; | 504 | options.rhosts_authentication = 0; |
506 | options.rhosts_rsa_authentication = 0; | 505 | options.rhosts_rsa_authentication = 0; |
@@ -526,13 +525,7 @@ main(int ac, char **av) | |||
526 | restore_uid(); | 525 | restore_uid(); |
527 | 526 | ||
528 | /* Open a connection to the remote host. This needs root privileges if | 527 | /* Open a connection to the remote host. This needs root privileges if |
529 | rhosts_{rsa_}authentication is true. */ | 528 | rhosts_{rsa_}authentication is enabled. */ |
530 | |||
531 | if (!options.use_privileged_port) | ||
532 | { | ||
533 | options.rhosts_authentication = 0; | ||
534 | options.rhosts_rsa_authentication = 0; | ||
535 | } | ||
536 | 529 | ||
537 | ok = ssh_connect(host, &hostaddr, options.port, options.connection_attempts, | 530 | ok = ssh_connect(host, &hostaddr, options.port, options.connection_attempts, |
538 | !options.rhosts_authentication && | 531 | !options.rhosts_authentication && |