upstream commit

obliterate ssh1.h and some dead code that used it ok markus@ Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343
author: djm@openbsd.org <djm@openbsd.org> 2017-04-30 23:28:41 +0000
committer: Damien Miller <djm@mindrot.org> 2017-05-01 10:05:06 +1000
commit: 930e8d2827853bc2e196c20c3e000263cc87fb75 (patch)
tree: d16b2923fab9253da5694a4e74b27de6c4b9b7d8
parent: a3710d5d529a34b8f56aa62db798c70e85d576a0 (diff)
9 files changed, 8 insertions, 274 deletions
diff --git a/channels.c b/channels.c
index 5a7e56ed0..4092a6710 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.358 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.359 2017/04/30 23:28:41 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -69,7 +69,6 @@
 #include "openbsd-compat/sys-queue.h"
 #include "xmalloc.h"
 #include "ssh.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "ssherr.h"
 #include "packet.h"
@@ -2621,46 +2620,6 @@ channel_input_ieof(int type, u_int32_t seq, void *ctxt)
        return 0;
 }
-/* ARGSUSED */
-int
-channel_input_close(int type, u_int32_t seq, void *ctxt)
-{
-        int id;
-        Channel *c;
-        id = packet_get_int();
-        packet_check_eom();
-        c = channel_lookup(id);
-        if (c == NULL)
-                packet_disconnect("Received close for nonexistent channel %d.", id);
-        if (channel_proxy_upstream(c, type, seq, ctxt))
-                return 0;
-        /*
-         * Send a confirmation that we have closed the channel and no more
-         * data is coming for it.
-         */
-        packet_start(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION);
-        packet_put_int(c->remote_id);
-        packet_send();
-        /*
-         * If the channel is in closed state, we have sent a close request,
-         * and the other side will eventually respond with a confirmation.
-         * Thus, we cannot free the channel here, because then there would be
-         * no-one to receive the confirmation.  The channel gets freed when
-         * the confirmation arrives.
-         */
-        if (c->type != SSH_CHANNEL_CLOSED) {
-                /*
-                 * Not a closed channel - mark it as draining, which will
-                 * cause it to be freed later.
-                 */
-                buffer_clear(&c->input);
-                c->type = SSH_CHANNEL_OUTPUT_DRAINING;
-        }
-        return 0;
-}
 /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */
 /* ARGSUSED */
 int
@@ -2819,38 +2778,6 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
 /* ARGSUSED */
 int
-channel_input_port_open(int type, u_int32_t seq, void *ctxt)
-{
-        Channel *c = NULL;
-        u_short host_port;
-        char *host, *originator_string;
-        int remote_id;
-        remote_id = packet_get_int();
-        host = packet_get_string(NULL);
-        host_port = packet_get_int();
-        if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) {
-                originator_string = packet_get_string(NULL);
-        } else {
-                originator_string = xstrdup("unknown (remote did not supply name)");
-        }
-        packet_check_eom();
-        c = channel_connect_to_port(host, host_port,
-            "connected socket", originator_string, NULL, NULL);
-        free(originator_string);
-        free(host);
-        if (c == NULL) {
-                packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
-                packet_put_int(remote_id);
-                packet_send();
-        } else
-                c->remote_id = remote_id;
-        return 0;
-}
-/* ARGSUSED */
-int
 channel_input_status_confirm(int type, u_int32_t seq, void *ctxt)
 {
        Channel *c;
@@ -4256,81 +4183,6 @@ x11_connect_display(void)
 }
 /*
- * This is called when SSH_SMSG_X11_OPEN is received.  The packet contains
- * the remote channel number.  We should do whatever we want, and respond
- * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
- */
-/* ARGSUSED */
-int
-x11_input_open(int type, u_int32_t seq, void *ctxt)
-{
-        Channel *c = NULL;
-        int remote_id, sock = 0;
-        char *remote_host;
-        debug("Received X11 open request.");
-        remote_id = packet_get_int();
-        if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) {
-                remote_host = packet_get_string(NULL);
-        } else {
-                remote_host = xstrdup("unknown (remote did not supply name)");
-        }
-        packet_check_eom();
-        /* Obtain a connection to the real X display. */
-        sock = x11_connect_display();
-        if (sock != -1) {
-                /* Allocate a channel for this connection. */
-                c = channel_new("connected x11 socket",
-                    SSH_CHANNEL_X11_OPEN, sock, sock, -1, 0, 0, 0,
-                    remote_host, 1);
-                c->remote_id = remote_id;
-                c->force_drain = 1;
-        }
-        free(remote_host);
-        if (c == NULL) {
-                /* Send refusal to the remote host. */
-                packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
-                packet_put_int(remote_id);
-        } else {
-                /* Send a confirmation to the remote host. */
-                packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
-                packet_put_int(remote_id);
-                packet_put_int(c->self);
-        }
-        packet_send();
-        return 0;
-}
-/* dummy protocol handler that denies SSH-1 requests (agent/x11) */
-/* ARGSUSED */
-int
-deny_input_open(int type, u_int32_t seq, void *ctxt)
-{
-        int rchan = packet_get_int();
-        switch (type) {
-        case SSH_SMSG_AGENT_OPEN:
-                error("Warning: ssh server tried agent forwarding.");
-                break;
-        case SSH_SMSG_X11_OPEN:
-                error("Warning: ssh server tried X11 forwarding.");
-                break;
-        default:
-                error("deny_input_open: type %d", type);
-                break;
-        }
-        error("Warning: this is probably a break-in attempt by a malicious server.");
-        packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
-        packet_put_int(rchan);
-        packet_send();
-        return 0;
-}
-/*
 * Requests forwarding of X11 connections, generates fake authentication
 * data, and enables authentication spoofing.
 * This should be called in the client only.
@@ -4394,16 +4246,3 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
        packet_write_wait();
        free(new_data);
 }
-/* -- agent forwarding */
-/* Sends a message to the server to request authentication fd forwarding. */
-void
-auth_request_forwarding(void)
-{
-        packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING);
-        packet_send();
-        packet_write_wait();
-}
diff --git a/channels.h b/channels.h
index 77ec4f966..4e9b77de1 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.h,v 1.122 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: channels.h,v 1.123 2017/04/30 23:28:41 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -238,7 +238,6 @@ int	 channel_proxy_upstream(Channel *, int, u_int32_t, void *);
 /* protocol handler */
-int      channel_input_close(int, u_int32_t, void *);
 int      channel_input_close_confirmation(int, u_int32_t, void *);
 int      channel_input_data(int, u_int32_t, void *);
 int      channel_input_extended_data(int, u_int32_t, void *);
@@ -246,7 +245,6 @@ int	 channel_input_ieof(int, u_int32_t, void *);
 int      channel_input_oclose(int, u_int32_t, void *);
 int      channel_input_open_confirmation(int, u_int32_t, void *);
 int      channel_input_open_failure(int, u_int32_t, void *);
-int      channel_input_port_open(int, u_int32_t, void *);
 int      channel_input_window_adjust(int, u_int32_t, void *);
 int      channel_input_status_confirm(int, u_int32_t, void *);
@@ -295,14 +293,8 @@ int	 permitopen_port(const char *);
 void     channel_set_x11_refuse_time(u_int);
 int      x11_connect_display(void);
 int      x11_create_display_inet(int, int, int, u_int *, int **);
-int      x11_input_open(int, u_int32_t, void *);
 void     x11_request_forwarding_with_spoofing(int, const char *, const char *,
             const char *, int);
-int      deny_input_open(int, u_int32_t, void *);
-/* agent forwarding */
-void     auth_request_forwarding(void);
 /* channel close */
diff --git a/clientloop.c b/clientloop.c
index db04098b8..dbc2c85c6 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.294 2017/04/30 23:21:54 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.295 2017/04/30 23:28:41 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -89,7 +89,6 @@
 #include "openbsd-compat/sys-queue.h"
 #include "xmalloc.h"
 #include "ssh.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "packet.h"
 #include "buffer.h"
diff --git a/dispatch.c b/dispatch.c
index fa4152a44..7ef9a38c7 100644
--- a/dispatch.c
+++ b/dispatch.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dispatch.c,v 1.28 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: dispatch.c,v 1.29 2017/04/30 23:28:42 djm Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@@ -30,7 +30,6 @@
 #include <signal.h>
 #include <stdarg.h>
-#include "ssh1.h"
 #include "ssh2.h"
 #include "log.h"
 #include "dispatch.h"
diff --git a/nchan.c b/nchan.c
index 312c0b1e6..36da8904a 100644
--- a/nchan.c
+++ b/nchan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: nchan.c,v 1.64 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: nchan.c,v 1.65 2017/04/30 23:28:42 djm Exp $ */
 /*
 * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
 *
@@ -33,7 +33,6 @@
 #include <stdarg.h>
 #include "openbsd-compat/sys-queue.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "buffer.h"
 #include "packet.h"
diff --git a/packet.c b/packet.c
index 0e312c514..f997064cb 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.251 2017/04/30 23:26:16 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.252 2017/04/30 23:28:42 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -69,7 +69,6 @@
 #include "xmalloc.h"
 #include "crc32.h"
 #include "compat.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "cipher.h"
 #include "sshkey.h"
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index d49d79ad7..7b650d719 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.112 2017/04/30 23:18:44 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.113 2017/04/30 23:28:42 djm Exp $ */
 /*
 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
 *
@@ -32,7 +32,6 @@
 #include "xmalloc.h"
 #include "ssh.h"
-#include "ssh1.h"
 #include "sshbuf.h"
 #include "sshkey.h"
 #include "cipher.h"
diff --git a/ssh.c b/ssh.c
index ea394b0c2..619c2c2a0 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.457 2017/04/30 23:18:44 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.458 2017/04/30 23:28:42 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -81,7 +81,6 @@
 #include "xmalloc.h"
 #include "ssh.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "canohost.h"
 #include "compat.h"
diff --git a/ssh1.h b/ssh1.h
index 6a05c4724..e69de29bb 100644
--- a/ssh1.h
+++ b/ssh1.h
@@ -1,91 +0,0 @@
-/* $OpenBSD: ssh1.h,v 1.7 2016/05/04 14:22:33 markus Exp $ */
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- *                    All rights reserved
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose.  Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-/*
- * Definition of message types.  New values can be added, but old values
- * should not be removed or without careful consideration of the consequences
- * for compatibility.  The maximum value is 254; value 255 is reserved for
- * future extension.
- */
-/* Ranges */
-#define SSH_MSG_MIN                             1
-#define SSH_MSG_MAX                             254
-/* Message name */                      /* msg code */  /* arguments */
-#define SSH_MSG_DISCONNECT                      1       /* cause (string) */
-#define SSH_SMSG_PUBLIC_KEY                     2       /* ck,msk,srvk,hostk */
-#define SSH_CMSG_SESSION_KEY                    3       /* key (BIGNUM) */
-#define SSH_CMSG_USER                           4       /* user (string) */
-#define SSH_CMSG_AUTH_RHOSTS                    5       /* user (string) */
-#define SSH_CMSG_AUTH_RSA                       6       /* modulus (BIGNUM) */
-#define SSH_SMSG_AUTH_RSA_CHALLENGE             7       /* int (BIGNUM) */
-#define SSH_CMSG_AUTH_RSA_RESPONSE              8       /* int (BIGNUM) */
-#define SSH_CMSG_AUTH_PASSWORD                  9       /* pass (string) */
-#define SSH_CMSG_REQUEST_PTY                    10      /* TERM, tty modes */
-#define SSH_CMSG_WINDOW_SIZE                    11      /* row,col,xpix,ypix */
-#define SSH_CMSG_EXEC_SHELL                     12      /* */
-#define SSH_CMSG_EXEC_CMD                       13      /* cmd (string) */
-#define SSH_SMSG_SUCCESS                        14      /* */
-#define SSH_SMSG_FAILURE                        15      /* */
-#define SSH_CMSG_STDIN_DATA                     16      /* data (string) */
-#define SSH_SMSG_STDOUT_DATA                    17      /* data (string) */
-#define SSH_SMSG_STDERR_DATA                    18      /* data (string) */
-#define SSH_CMSG_EOF                            19      /* */
-#define SSH_SMSG_EXITSTATUS                     20      /* status (int) */
-#define SSH_MSG_CHANNEL_OPEN_CONFIRMATION       21      /* channel (int) */
-#define SSH_MSG_CHANNEL_OPEN_FAILURE            22      /* channel (int) */
-#define SSH_MSG_CHANNEL_DATA                    23      /* ch,data (int,str) */
-#define SSH_MSG_CHANNEL_CLOSE                   24      /* channel (int) */
-#define SSH_MSG_CHANNEL_CLOSE_CONFIRMATION      25      /* channel (int) */
-/*      SSH_CMSG_X11_REQUEST_FORWARDING         26         OBSOLETE */
-#define SSH_SMSG_X11_OPEN                       27      /* channel (int) */
-#define SSH_CMSG_PORT_FORWARD_REQUEST           28      /* p,host,hp (i,s,i) */
-#define SSH_MSG_PORT_OPEN                       29      /* ch,h,p (i,s,i) */
-#define SSH_CMSG_AGENT_REQUEST_FORWARDING       30      /* */
-#define SSH_SMSG_AGENT_OPEN                     31      /* port (int) */
-#define SSH_MSG_IGNORE                          32      /* string */
-#define SSH_CMSG_EXIT_CONFIRMATION              33      /* */
-#define SSH_CMSG_X11_REQUEST_FORWARDING         34      /* proto,data (s,s) */
-#define SSH_CMSG_AUTH_RHOSTS_RSA                35      /* user,mod (s,mpi) */
-#define SSH_MSG_DEBUG                           36      /* string */
-#define SSH_CMSG_REQUEST_COMPRESSION            37      /* level 1-9 (int) */
-#define SSH_CMSG_MAX_PACKET_SIZE                38      /* size 4k-1024k (int) */
-#define SSH_CMSG_AUTH_TIS                       39      /* we use this for s/key */
-#define SSH_SMSG_AUTH_TIS_CHALLENGE             40      /* challenge (string) */
-#define SSH_CMSG_AUTH_TIS_RESPONSE              41      /* response (string) */
-#define SSH_CMSG_AUTH_KERBEROS                  42      /* (KTEXT) */
-#define SSH_SMSG_AUTH_KERBEROS_RESPONSE         43      /* (KTEXT) */
-#define SSH_CMSG_HAVE_KERBEROS_TGT              44      /* credentials (s) */
-#define SSH_CMSG_HAVE_AFS_TOKEN                 65      /* token (s) */
-/* protocol version 1.5 overloads some version 1.3 message types */
-#define SSH_MSG_CHANNEL_INPUT_EOF       SSH_MSG_CHANNEL_CLOSE
-#define SSH_MSG_CHANNEL_OUTPUT_CLOSE    SSH_MSG_CHANNEL_CLOSE_CONFIRMATION
-/*
- * Authentication methods.  New types can be added, but old types should not
- * be removed for compatibility.  The maximum allowed value is 31.
- */
-#define SSH_AUTH_RHOSTS         1
-#define SSH_AUTH_RSA            2
-#define SSH_AUTH_PASSWORD       3
-#define SSH_AUTH_RHOSTS_RSA     4
-#define SSH_AUTH_TIS            5
-#define SSH_AUTH_KERBEROS       6
-#define SSH_PASS_KERBEROS_TGT   7
-                                /* 8 to 15 are reserved */
-#define SSH_PASS_AFS_TOKEN      21
-/* Protocol flags.  These are bit masks. */
-#define SSH_PROTOFLAG_SCREEN_NUMBER     1       /* X11 forwarding includes screen */
-#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN  2       /* forwarding opens contain host */
author	djm@openbsd.org <djm@openbsd.org>	2017-04-30 23:28:41 +0000
committer	Damien Miller <djm@mindrot.org>	2017-05-01 10:05:06 +1000
commit	930e8d2827853bc2e196c20c3e000263cc87fb75 (patch)
tree	d16b2923fab9253da5694a4e74b27de6c4b9b7d8
parent	a3710d5d529a34b8f56aa62db798c70e85d576a0 (diff)

diff --git a/channels.c b/channels.c index 5a7e56ed0..4092a6710 100644 --- a/channels.c +++ b/channels.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: channels.c,v 1.358 2017/04/30 23:13:25 djm Exp $ */	1	/* $OpenBSD: channels.c,v 1.359 2017/04/30 23:28:41 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -69,7 +69,6 @@
69	#include "openbsd-compat/sys-queue.h"	69	#include "openbsd-compat/sys-queue.h"
70	#include "xmalloc.h"	70	#include "xmalloc.h"
71	#include "ssh.h"	71	#include "ssh.h"
72	#include "ssh1.h"
73	#include "ssh2.h"	72	#include "ssh2.h"
74	#include "ssherr.h"	73	#include "ssherr.h"
75	#include "packet.h"	74	#include "packet.h"
@@ -2621,46 +2620,6 @@ channel_input_ieof(int type, u_int32_t seq, void *ctxt)
2621	return 0;	2620	return 0;
2622	}	2621	}
2623		2622
2624	/* ARGSUSED */
2625	int
2626	channel_input_close(int type, u_int32_t seq, void *ctxt)
2627	{
2628	int id;
2629	Channel *c;
2630
2631	id = packet_get_int();
2632	packet_check_eom();
2633	c = channel_lookup(id);
2634	if (c == NULL)
2635	packet_disconnect("Received close for nonexistent channel %d.", id);
2636	if (channel_proxy_upstream(c, type, seq, ctxt))
2637	return 0;
2638	/*
2639	* Send a confirmation that we have closed the channel and no more
2640	* data is coming for it.
2641	*/
2642	packet_start(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION);
2643	packet_put_int(c->remote_id);
2644	packet_send();
2645
2646	/*
2647	* If the channel is in closed state, we have sent a close request,
2648	* and the other side will eventually respond with a confirmation.
2649	* Thus, we cannot free the channel here, because then there would be
2650	* no-one to receive the confirmation. The channel gets freed when
2651	* the confirmation arrives.
2652	*/
2653	if (c->type != SSH_CHANNEL_CLOSED) {
2654	/*
2655	* Not a closed channel - mark it as draining, which will
2656	* cause it to be freed later.
2657	*/
2658	buffer_clear(&c->input);
2659	c->type = SSH_CHANNEL_OUTPUT_DRAINING;
2660	}
2661	return 0;
2662	}
2663
2664	/* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */	2623	/* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */
2665	/* ARGSUSED */	2624	/* ARGSUSED */
2666	int	2625	int
@@ -2819,38 +2778,6 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
2819		2778
2820	/* ARGSUSED */	2779	/* ARGSUSED */
2821	int	2780	int
2822	channel_input_port_open(int type, u_int32_t seq, void *ctxt)
2823	{
2824	Channel *c = NULL;
2825	u_short host_port;
2826	char host, originator_string;
2827	int remote_id;
2828
2829	remote_id = packet_get_int();
2830	host = packet_get_string(NULL);
2831	host_port = packet_get_int();
2832
2833	if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) {
2834	originator_string = packet_get_string(NULL);
2835	} else {
2836	originator_string = xstrdup("unknown (remote did not supply name)");
2837	}
2838	packet_check_eom();
2839	c = channel_connect_to_port(host, host_port,
2840	"connected socket", originator_string, NULL, NULL);
2841	free(originator_string);
2842	free(host);
2843	if (c == NULL) {
2844	packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
2845	packet_put_int(remote_id);
2846	packet_send();
2847	} else
2848	c->remote_id = remote_id;
2849	return 0;
2850	}
2851
2852	/* ARGSUSED */
2853	int
2854	channel_input_status_confirm(int type, u_int32_t seq, void *ctxt)	2781	channel_input_status_confirm(int type, u_int32_t seq, void *ctxt)
2855	{	2782	{
2856	Channel *c;	2783	Channel *c;
@@ -4256,81 +4183,6 @@ x11_connect_display(void)
4256	}	4183	}
4257		4184
4258	/*	4185	/*
4259	* This is called when SSH_SMSG_X11_OPEN is received. The packet contains
4260	* the remote channel number. We should do whatever we want, and respond
4261	* with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
4262	*/
4263
4264	/* ARGSUSED */
4265	int
4266	x11_input_open(int type, u_int32_t seq, void *ctxt)
4267	{
4268	Channel *c = NULL;
4269	int remote_id, sock = 0;
4270	char *remote_host;
4271
4272	debug("Received X11 open request.");
4273
4274	remote_id = packet_get_int();
4275
4276	if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) {
4277	remote_host = packet_get_string(NULL);
4278	} else {
4279	remote_host = xstrdup("unknown (remote did not supply name)");
4280	}
4281	packet_check_eom();
4282
4283	/* Obtain a connection to the real X display. */
4284	sock = x11_connect_display();
4285	if (sock != -1) {
4286	/* Allocate a channel for this connection. */
4287	c = channel_new("connected x11 socket",
4288	SSH_CHANNEL_X11_OPEN, sock, sock, -1, 0, 0, 0,
4289	remote_host, 1);
4290	c->remote_id = remote_id;
4291	c->force_drain = 1;
4292	}
4293	free(remote_host);
4294	if (c == NULL) {
4295	/* Send refusal to the remote host. */
4296	packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
4297	packet_put_int(remote_id);
4298	} else {
4299	/* Send a confirmation to the remote host. */
4300	packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
4301	packet_put_int(remote_id);
4302	packet_put_int(c->self);
4303	}
4304	packet_send();
4305	return 0;
4306	}
4307
4308	/* dummy protocol handler that denies SSH-1 requests (agent/x11) */
4309	/* ARGSUSED */
4310	int
4311	deny_input_open(int type, u_int32_t seq, void *ctxt)
4312	{
4313	int rchan = packet_get_int();
4314
4315	switch (type) {
4316	case SSH_SMSG_AGENT_OPEN:
4317	error("Warning: ssh server tried agent forwarding.");
4318	break;
4319	case SSH_SMSG_X11_OPEN:
4320	error("Warning: ssh server tried X11 forwarding.");
4321	break;
4322	default:
4323	error("deny_input_open: type %d", type);
4324	break;
4325	}
4326	error("Warning: this is probably a break-in attempt by a malicious server.");
4327	packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
4328	packet_put_int(rchan);
4329	packet_send();
4330	return 0;
4331	}
4332
4333	/*
4334	* Requests forwarding of X11 connections, generates fake authentication	4186	* Requests forwarding of X11 connections, generates fake authentication
4335	* data, and enables authentication spoofing.	4187	* data, and enables authentication spoofing.
4336	* This should be called in the client only.	4188	* This should be called in the client only.
@@ -4394,16 +4246,3 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
4394	packet_write_wait();	4246	packet_write_wait();
4395	free(new_data);	4247	free(new_data);
4396	}	4248	}
4397
4398
4399	/* -- agent forwarding */
4400
4401	/* Sends a message to the server to request authentication fd forwarding. */
4402
4403	void
4404	auth_request_forwarding(void)
4405	{
4406	packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING);
4407	packet_send();
4408	packet_write_wait();
4409	}


diff --git a/channels.h b/channels.h index 77ec4f966..4e9b77de1 100644 --- a/channels.h +++ b/channels.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: channels.h,v 1.122 2017/04/30 23:13:25 djm Exp $ */	1	/* $OpenBSD: channels.h,v 1.123 2017/04/30 23:28:41 djm Exp $ */
2		2
3	/*	3	/*
4	* Author: Tatu Ylonen <ylo@cs.hut.fi>	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -238,7 +238,6 @@ int channel_proxy_upstream(Channel , int, u_int32_t, void );
238		238
239	/* protocol handler */	239	/* protocol handler */
240		240
241	int channel_input_close(int, u_int32_t, void *);
242	int channel_input_close_confirmation(int, u_int32_t, void *);	241	int channel_input_close_confirmation(int, u_int32_t, void *);
243	int channel_input_data(int, u_int32_t, void *);	242	int channel_input_data(int, u_int32_t, void *);
244	int channel_input_extended_data(int, u_int32_t, void *);	243	int channel_input_extended_data(int, u_int32_t, void *);
@@ -246,7 +245,6 @@ int channel_input_ieof(int, u_int32_t, void *);
246	int channel_input_oclose(int, u_int32_t, void *);	245	int channel_input_oclose(int, u_int32_t, void *);
247	int channel_input_open_confirmation(int, u_int32_t, void *);	246	int channel_input_open_confirmation(int, u_int32_t, void *);
248	int channel_input_open_failure(int, u_int32_t, void *);	247	int channel_input_open_failure(int, u_int32_t, void *);
249	int channel_input_port_open(int, u_int32_t, void *);
250	int channel_input_window_adjust(int, u_int32_t, void *);	248	int channel_input_window_adjust(int, u_int32_t, void *);
251	int channel_input_status_confirm(int, u_int32_t, void *);	249	int channel_input_status_confirm(int, u_int32_t, void *);
252		250
@@ -295,14 +293,8 @@ int permitopen_port(const char *);
295	void channel_set_x11_refuse_time(u_int);	293	void channel_set_x11_refuse_time(u_int);
296	int x11_connect_display(void);	294	int x11_connect_display(void);
297	int x11_create_display_inet(int, int, int, u_int , int *);	295	int x11_create_display_inet(int, int, int, u_int , int *);
298	int x11_input_open(int, u_int32_t, void *);
299	void x11_request_forwarding_with_spoofing(int, const char , const char ,	296	void x11_request_forwarding_with_spoofing(int, const char , const char ,
300	const char *, int);	297	const char *, int);
301	int deny_input_open(int, u_int32_t, void *);
302
303	/* agent forwarding */
304
305	void auth_request_forwarding(void);
306		298
307	/* channel close */	299	/* channel close */
308		300


diff --git a/clientloop.c b/clientloop.c index db04098b8..dbc2c85c6 100644 --- a/clientloop.c +++ b/clientloop.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: clientloop.c,v 1.294 2017/04/30 23:21:54 djm Exp $ */	1	/* $OpenBSD: clientloop.c,v 1.295 2017/04/30 23:28:41 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -89,7 +89,6 @@
89	#include "openbsd-compat/sys-queue.h"	89	#include "openbsd-compat/sys-queue.h"
90	#include "xmalloc.h"	90	#include "xmalloc.h"
91	#include "ssh.h"	91	#include "ssh.h"
92	#include "ssh1.h"
93	#include "ssh2.h"	92	#include "ssh2.h"
94	#include "packet.h"	93	#include "packet.h"
95	#include "buffer.h"	94	#include "buffer.h"


diff --git a/dispatch.c b/dispatch.c index fa4152a44..7ef9a38c7 100644 --- a/dispatch.c +++ b/dispatch.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dispatch.c,v 1.28 2017/04/30 23:13:25 djm Exp $ */	1	/* $OpenBSD: dispatch.c,v 1.29 2017/04/30 23:28:42 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
4	*	4	*
@@ -30,7 +30,6 @@
30	#include <signal.h>	30	#include <signal.h>
31	#include <stdarg.h>	31	#include <stdarg.h>
32		32
33	#include "ssh1.h"
34	#include "ssh2.h"	33	#include "ssh2.h"
35	#include "log.h"	34	#include "log.h"
36	#include "dispatch.h"	35	#include "dispatch.h"


diff --git a/nchan.c b/nchan.c index 312c0b1e6..36da8904a 100644 --- a/nchan.c +++ b/nchan.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: nchan.c,v 1.64 2017/04/30 23:13:25 djm Exp $ */	1	/* $OpenBSD: nchan.c,v 1.65 2017/04/30 23:28:42 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.	3	* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
4	*	4	*
@@ -33,7 +33,6 @@
33	#include <stdarg.h>	33	#include <stdarg.h>
34		34
35	#include "openbsd-compat/sys-queue.h"	35	#include "openbsd-compat/sys-queue.h"
36	#include "ssh1.h"
37	#include "ssh2.h"	36	#include "ssh2.h"
38	#include "buffer.h"	37	#include "buffer.h"
39	#include "packet.h"	38	#include "packet.h"


diff --git a/packet.c b/packet.c index 0e312c514..f997064cb 100644 --- a/packet.c +++ b/packet.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: packet.c,v 1.251 2017/04/30 23:26:16 djm Exp $ */	1	/* $OpenBSD: packet.c,v 1.252 2017/04/30 23:28:42 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -69,7 +69,6 @@
69	#include "xmalloc.h"	69	#include "xmalloc.h"
70	#include "crc32.h"	70	#include "crc32.h"
71	#include "compat.h"	71	#include "compat.h"
72	#include "ssh1.h"
73	#include "ssh2.h"	72	#include "ssh2.h"
74	#include "cipher.h"	73	#include "cipher.h"
75	#include "sshkey.h"	74	#include "sshkey.h"


diff --git a/ssh-keyscan.c b/ssh-keyscan.c index d49d79ad7..7b650d719 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-keyscan.c,v 1.112 2017/04/30 23:18:44 djm Exp $ */	1	/* $OpenBSD: ssh-keyscan.c,v 1.113 2017/04/30 23:28:42 djm Exp $ */
2	/*	2	/*
3	* Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.	3	* Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4	*	4	*
@@ -32,7 +32,6 @@
32		32
33	#include "xmalloc.h"	33	#include "xmalloc.h"
34	#include "ssh.h"	34	#include "ssh.h"
35	#include "ssh1.h"
36	#include "sshbuf.h"	35	#include "sshbuf.h"
37	#include "sshkey.h"	36	#include "sshkey.h"
38	#include "cipher.h"	37	#include "cipher.h"


diff --git a/ssh.c b/ssh.c index ea394b0c2..619c2c2a0 100644 --- a/ssh.c +++ b/ssh.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh.c,v 1.457 2017/04/30 23:18:44 djm Exp $ */	1	/* $OpenBSD: ssh.c,v 1.458 2017/04/30 23:28:42 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -81,7 +81,6 @@
81		81
82	#include "xmalloc.h"	82	#include "xmalloc.h"
83	#include "ssh.h"	83	#include "ssh.h"
84	#include "ssh1.h"
85	#include "ssh2.h"	84	#include "ssh2.h"
86	#include "canohost.h"	85	#include "canohost.h"
87	#include "compat.h"	86	#include "compat.h"


diff --git a/ssh1.h b/ssh1.h index 6a05c4724..e69de29bb 100644 --- a/ssh1.h +++ b/ssh1.h
@@ -1,91 +0,0 @@
1	/* $OpenBSD: ssh1.h,v 1.7 2016/05/04 14:22:33 markus Exp $ */
2
3	/*
4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
5	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6	* All rights reserved
7	*
8	* As far as I am concerned, the code I have written for this software
9	* can be used freely for any purpose. Any derived versions of this
10	* software must be clearly marked as such, and if the derived work is
11	* incompatible with the protocol description in the RFC file, it must be
12	* called by a name other than "ssh" or "Secure Shell".
13	*/
14
15	/*
16	* Definition of message types. New values can be added, but old values
17	* should not be removed or without careful consideration of the consequences
18	* for compatibility. The maximum value is 254; value 255 is reserved for
19	* future extension.
20	*/
21	/* Ranges */
22	#define SSH_MSG_MIN 1
23	#define SSH_MSG_MAX 254
24	/* Message name / / msg code / / arguments */
25	#define SSH_MSG_DISCONNECT 1 /* cause (string) */
26	#define SSH_SMSG_PUBLIC_KEY 2 /* ck,msk,srvk,hostk */
27	#define SSH_CMSG_SESSION_KEY 3 /* key (BIGNUM) */
28	#define SSH_CMSG_USER 4 /* user (string) */
29	#define SSH_CMSG_AUTH_RHOSTS 5 /* user (string) */
30	#define SSH_CMSG_AUTH_RSA 6 /* modulus (BIGNUM) */
31	#define SSH_SMSG_AUTH_RSA_CHALLENGE 7 /* int (BIGNUM) */
32	#define SSH_CMSG_AUTH_RSA_RESPONSE 8 /* int (BIGNUM) */
33	#define SSH_CMSG_AUTH_PASSWORD 9 /* pass (string) */
34	#define SSH_CMSG_REQUEST_PTY 10 /* TERM, tty modes */
35	#define SSH_CMSG_WINDOW_SIZE 11 /* row,col,xpix,ypix */
36	#define SSH_CMSG_EXEC_SHELL 12 /* */
37	#define SSH_CMSG_EXEC_CMD 13 /* cmd (string) */
38	#define SSH_SMSG_SUCCESS 14 /* */
39	#define SSH_SMSG_FAILURE 15 /* */
40	#define SSH_CMSG_STDIN_DATA 16 /* data (string) */
41	#define SSH_SMSG_STDOUT_DATA 17 /* data (string) */
42	#define SSH_SMSG_STDERR_DATA 18 /* data (string) */
43	#define SSH_CMSG_EOF 19 /* */
44	#define SSH_SMSG_EXITSTATUS 20 /* status (int) */
45	#define SSH_MSG_CHANNEL_OPEN_CONFIRMATION 21 /* channel (int) */
46	#define SSH_MSG_CHANNEL_OPEN_FAILURE 22 /* channel (int) */
47	#define SSH_MSG_CHANNEL_DATA 23 /* ch,data (int,str) */
48	#define SSH_MSG_CHANNEL_CLOSE 24 /* channel (int) */
49	#define SSH_MSG_CHANNEL_CLOSE_CONFIRMATION 25 /* channel (int) */
50	/* SSH_CMSG_X11_REQUEST_FORWARDING 26 OBSOLETE */
51	#define SSH_SMSG_X11_OPEN 27 /* channel (int) */
52	#define SSH_CMSG_PORT_FORWARD_REQUEST 28 /* p,host,hp (i,s,i) */
53	#define SSH_MSG_PORT_OPEN 29 /* ch,h,p (i,s,i) */
54	#define SSH_CMSG_AGENT_REQUEST_FORWARDING 30 /* */
55	#define SSH_SMSG_AGENT_OPEN 31 /* port (int) */
56	#define SSH_MSG_IGNORE 32 /* string */
57	#define SSH_CMSG_EXIT_CONFIRMATION 33 /* */
58	#define SSH_CMSG_X11_REQUEST_FORWARDING 34 /* proto,data (s,s) */
59	#define SSH_CMSG_AUTH_RHOSTS_RSA 35 /* user,mod (s,mpi) */
60	#define SSH_MSG_DEBUG 36 /* string */
61	#define SSH_CMSG_REQUEST_COMPRESSION 37 /* level 1-9 (int) */
62	#define SSH_CMSG_MAX_PACKET_SIZE 38 /* size 4k-1024k (int) */
63	#define SSH_CMSG_AUTH_TIS 39 /* we use this for s/key */
64	#define SSH_SMSG_AUTH_TIS_CHALLENGE 40 /* challenge (string) */
65	#define SSH_CMSG_AUTH_TIS_RESPONSE 41 /* response (string) */
66	#define SSH_CMSG_AUTH_KERBEROS 42 /* (KTEXT) */
67	#define SSH_SMSG_AUTH_KERBEROS_RESPONSE 43 /* (KTEXT) */
68	#define SSH_CMSG_HAVE_KERBEROS_TGT 44 /* credentials (s) */
69	#define SSH_CMSG_HAVE_AFS_TOKEN 65 /* token (s) */
70
71	/* protocol version 1.5 overloads some version 1.3 message types */
72	#define SSH_MSG_CHANNEL_INPUT_EOF SSH_MSG_CHANNEL_CLOSE
73	#define SSH_MSG_CHANNEL_OUTPUT_CLOSE SSH_MSG_CHANNEL_CLOSE_CONFIRMATION
74
75	/*
76	* Authentication methods. New types can be added, but old types should not
77	* be removed for compatibility. The maximum allowed value is 31.
78	*/
79	#define SSH_AUTH_RHOSTS 1
80	#define SSH_AUTH_RSA 2
81	#define SSH_AUTH_PASSWORD 3
82	#define SSH_AUTH_RHOSTS_RSA 4
83	#define SSH_AUTH_TIS 5
84	#define SSH_AUTH_KERBEROS 6
85	#define SSH_PASS_KERBEROS_TGT 7
86	/* 8 to 15 are reserved */
87	#define SSH_PASS_AFS_TOKEN 21
88
89	/* Protocol flags. These are bit masks. */
90	#define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes screen */
91	#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain host */