diff options
author | Damien Miller <djm@mindrot.org> | 2001-12-21 14:45:46 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2001-12-21 14:45:46 +1100 |
commit | 9f0f5c64bc4b6144e3fed6a7f538f7c21819a492 (patch) | |
tree | f79317ab211f59181a61b526f566e9c8cfe70c73 | |
parent | 89681214ca2f50a1b1ed6164c3afe1ce14995ffc (diff) |
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
-rw-r--r-- | ChangeLog | 12 | ||||
-rw-r--r-- | auth-bsdauth.c | 102 | ||||
-rw-r--r-- | auth-krb4.c | 74 | ||||
-rw-r--r-- | auth-rhosts.c | 22 | ||||
-rw-r--r-- | auth-skey.c | 8 | ||||
-rw-r--r-- | auth.c | 8 | ||||
-rw-r--r-- | auth.h | 6 | ||||
-rw-r--r-- | auth1.c | 20 | ||||
-rw-r--r-- | auth2-chall.c | 4 | ||||
-rw-r--r-- | auth2.c | 4 | ||||
-rw-r--r-- | authfile.c | 8 | ||||
-rw-r--r-- | bufaux.c | 8 | ||||
-rw-r--r-- | canohost.c | 10 | ||||
-rw-r--r-- | channels.c | 20 | ||||
-rw-r--r-- | cipher.c | 12 | ||||
-rw-r--r-- | clientloop.c | 16 | ||||
-rw-r--r-- | compat.c | 18 | ||||
-rw-r--r-- | compress.c | 14 | ||||
-rw-r--r-- | deattack.c | 6 | ||||
-rw-r--r-- | key.c | 8 | ||||
-rw-r--r-- | log.c | 4 | ||||
-rw-r--r-- | mac.c | 4 | ||||
-rw-r--r-- | match.c | 12 | ||||
-rw-r--r-- | misc.c | 6 | ||||
-rw-r--r-- | nchan.c | 10 | ||||
-rw-r--r-- | packet.c | 8 | ||||
-rw-r--r-- | readconf.c | 32 | ||||
-rw-r--r-- | rijndael.c | 351 | ||||
-rw-r--r-- | rijndael.h | 6 | ||||
-rw-r--r-- | scard.c | 16 | ||||
-rw-r--r-- | servconf.c | 20 | ||||
-rw-r--r-- | servconf.h | 8 | ||||
-rw-r--r-- | serverloop.c | 12 | ||||
-rw-r--r-- | session.c | 46 | ||||
-rw-r--r-- | sftp-client.c | 17 | ||||
-rw-r--r-- | sftp-glob.c | 22 | ||||
-rw-r--r-- | sftp-int.c | 20 | ||||
-rw-r--r-- | sftp-server.c | 10 | ||||
-rw-r--r-- | sftp.c | 6 | ||||
-rw-r--r-- | ssh-add.c | 18 | ||||
-rw-r--r-- | ssh-agent.c | 10 | ||||
-rw-r--r-- | ssh-keygen.c | 6 | ||||
-rw-r--r-- | ssh.c | 8 | ||||
-rw-r--r-- | sshconnect.c | 16 | ||||
-rw-r--r-- | sshconnect1.c | 200 | ||||
-rw-r--r-- | sshconnect2.c | 8 | ||||
-rw-r--r-- | sshd.8 | 4 | ||||
-rw-r--r-- | sshd.c | 20 | ||||
-rw-r--r-- | sshd_config | 4 | ||||
-rw-r--r-- | sshlogin.c | 4 | ||||
-rw-r--r-- | sshpty.c | 22 | ||||
-rw-r--r-- | sshtty.c | 4 | ||||
-rw-r--r-- | ttymodes.c | 4 | ||||
-rw-r--r-- | uidswap.c | 6 |
54 files changed, 666 insertions, 658 deletions
@@ -28,6 +28,16 @@ | |||
28 | [auth-rsa.c] | 28 | [auth-rsa.c] |
29 | log fingerprint on successful public key authentication, simplify | 29 | log fingerprint on successful public key authentication, simplify |
30 | usage of key structs; ok markus@ | 30 | usage of key structs; ok markus@ |
31 | - deraadt@cvs.openbsd.org 2001/12/19 07:18:56 | ||
32 | [auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] | ||
33 | [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] | ||
34 | [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] | ||
35 | [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] | ||
36 | [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] | ||
37 | [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] | ||
38 | [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] | ||
39 | [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] | ||
40 | basic KNF done while i was looking for something else | ||
31 | 41 | ||
32 | 20011219 | 42 | 20011219 |
33 | - (stevesk) OpenBSD CVS sync X11 localhost display | 43 | - (stevesk) OpenBSD CVS sync X11 localhost display |
@@ -7056,4 +7066,4 @@ | |||
7056 | - Wrote replacements for strlcpy and mkdtemp | 7066 | - Wrote replacements for strlcpy and mkdtemp |
7057 | - Released 1.0pre1 | 7067 | - Released 1.0pre1 |
7058 | 7068 | ||
7059 | $Id: ChangeLog,v 1.1700 2001/12/21 01:52:39 djm Exp $ | 7069 | $Id: ChangeLog,v 1.1701 2001/12/21 03:45:46 djm Exp $ |
diff --git a/auth-bsdauth.c b/auth-bsdauth.c index 3732477de..b70d48f20 100644 --- a/auth-bsdauth.c +++ b/auth-bsdauth.c | |||
@@ -22,7 +22,7 @@ | |||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | */ | 23 | */ |
24 | #include "includes.h" | 24 | #include "includes.h" |
25 | RCSID("$OpenBSD: auth-bsdauth.c,v 1.1 2001/05/18 14:13:28 markus Exp $"); | 25 | RCSID("$OpenBSD: auth-bsdauth.c,v 1.2 2001/12/19 07:18:56 deraadt Exp $"); |
26 | 26 | ||
27 | #ifdef BSD_AUTH | 27 | #ifdef BSD_AUTH |
28 | #include "xmalloc.h" | 28 | #include "xmalloc.h" |
@@ -36,74 +36,74 @@ bsdauth_init_ctx(Authctxt *authctxt) | |||
36 | } | 36 | } |
37 | 37 | ||
38 | static int | 38 | static int |
39 | bsdauth_query(void *ctx, char **name, char **infotxt, | 39 | bsdauth_query(void *ctx, char **name, char **infotxt, |
40 | u_int *numprompts, char ***prompts, u_int **echo_on) | 40 | u_int *numprompts, char ***prompts, u_int **echo_on) |
41 | { | 41 | { |
42 | Authctxt *authctxt = ctx; | 42 | Authctxt *authctxt = ctx; |
43 | char *challenge = NULL; | 43 | char *challenge = NULL; |
44 | 44 | ||
45 | if (authctxt->as != NULL) { | 45 | if (authctxt->as != NULL) { |
46 | debug2("bsdauth_query: try reuse session"); | 46 | debug2("bsdauth_query: try reuse session"); |
47 | challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); | 47 | challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); |
48 | if (challenge == NULL) { | 48 | if (challenge == NULL) { |
49 | auth_close(authctxt->as); | 49 | auth_close(authctxt->as); |
50 | authctxt->as = NULL; | 50 | authctxt->as = NULL; |
51 | } | 51 | } |
52 | } | 52 | } |
53 | 53 | ||
54 | if (challenge == NULL) { | 54 | if (challenge == NULL) { |
55 | debug2("bsdauth_query: new bsd auth session"); | 55 | debug2("bsdauth_query: new bsd auth session"); |
56 | debug3("bsdauth_query: style %s", | 56 | debug3("bsdauth_query: style %s", |
57 | authctxt->style ? authctxt->style : "<default>"); | 57 | authctxt->style ? authctxt->style : "<default>"); |
58 | authctxt->as = auth_userchallenge(authctxt->user, | 58 | authctxt->as = auth_userchallenge(authctxt->user, |
59 | authctxt->style, "auth-ssh", &challenge); | 59 | authctxt->style, "auth-ssh", &challenge); |
60 | if (authctxt->as == NULL) | 60 | if (authctxt->as == NULL) |
61 | challenge = NULL; | 61 | challenge = NULL; |
62 | debug2("bsdauth_query: <%s>", challenge ? challenge : "empty"); | 62 | debug2("bsdauth_query: <%s>", challenge ? challenge : "empty"); |
63 | } | 63 | } |
64 | 64 | ||
65 | if (challenge == NULL) | 65 | if (challenge == NULL) |
66 | return -1; | 66 | return -1; |
67 | 67 | ||
68 | *name = xstrdup(""); | 68 | *name = xstrdup(""); |
69 | *infotxt = xstrdup(""); | 69 | *infotxt = xstrdup(""); |
70 | *numprompts = 1; | 70 | *numprompts = 1; |
71 | *prompts = xmalloc(*numprompts * sizeof(char*)); | 71 | *prompts = xmalloc(*numprompts * sizeof(char*)); |
72 | *echo_on = xmalloc(*numprompts * sizeof(u_int)); | 72 | *echo_on = xmalloc(*numprompts * sizeof(u_int)); |
73 | (*echo_on)[0] = 0; | 73 | (*echo_on)[0] = 0; |
74 | (*prompts)[0] = xstrdup(challenge); | 74 | (*prompts)[0] = xstrdup(challenge); |
75 | 75 | ||
76 | return 0; | 76 | return 0; |
77 | } | 77 | } |
78 | 78 | ||
79 | static int | 79 | static int |
80 | bsdauth_respond(void *ctx, u_int numresponses, char **responses) | 80 | bsdauth_respond(void *ctx, u_int numresponses, char **responses) |
81 | { | 81 | { |
82 | Authctxt *authctxt = ctx; | 82 | Authctxt *authctxt = ctx; |
83 | int authok; | 83 | int authok; |
84 | 84 | ||
85 | if (authctxt->as == 0) | 85 | if (authctxt->as == 0) |
86 | error("bsdauth_respond: no bsd auth session"); | 86 | error("bsdauth_respond: no bsd auth session"); |
87 | 87 | ||
88 | if (numresponses != 1) | 88 | if (numresponses != 1) |
89 | return -1; | 89 | return -1; |
90 | 90 | ||
91 | authok = auth_userresponse(authctxt->as, responses[0], 0); | 91 | authok = auth_userresponse(authctxt->as, responses[0], 0); |
92 | authctxt->as = NULL; | 92 | authctxt->as = NULL; |
93 | debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok); | 93 | debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok); |
94 | 94 | ||
95 | return (authok == 0) ? -1 : 0; | 95 | return (authok == 0) ? -1 : 0; |
96 | } | 96 | } |
97 | 97 | ||
98 | static void | 98 | static void |
99 | bsdauth_free_ctx(void *ctx) | 99 | bsdauth_free_ctx(void *ctx) |
100 | { | 100 | { |
101 | Authctxt *authctxt = ctx; | 101 | Authctxt *authctxt = ctx; |
102 | 102 | ||
103 | if (authctxt && authctxt->as) { | 103 | if (authctxt && authctxt->as) { |
104 | auth_close(authctxt->as); | 104 | auth_close(authctxt->as); |
105 | authctxt->as = NULL; | 105 | authctxt->as = NULL; |
106 | } | 106 | } |
107 | } | 107 | } |
108 | 108 | ||
109 | KbdintDevice bsdauth_device = { | 109 | KbdintDevice bsdauth_device = { |
diff --git a/auth-krb4.c b/auth-krb4.c index 031dcd301..f7a144f9d 100644 --- a/auth-krb4.c +++ b/auth-krb4.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth-krb4.c,v 1.24 2001/06/26 16:15:22 dugsong Exp $"); | 26 | RCSID("$OpenBSD: auth-krb4.c,v 1.25 2001/12/19 07:18:56 deraadt Exp $"); |
27 | 27 | ||
28 | #include "ssh.h" | 28 | #include "ssh.h" |
29 | #include "ssh1.h" | 29 | #include "ssh1.h" |
@@ -49,7 +49,7 @@ krb4_init(void *context) | |||
49 | const char *tkt_root = TKT_ROOT; | 49 | const char *tkt_root = TKT_ROOT; |
50 | struct stat st; | 50 | struct stat st; |
51 | int fd; | 51 | int fd; |
52 | 52 | ||
53 | if (!authctxt->krb4_ticket_file) { | 53 | if (!authctxt->krb4_ticket_file) { |
54 | /* Set unique ticket string manually since we're still root. */ | 54 | /* Set unique ticket string manually since we're still root. */ |
55 | authctxt->krb4_ticket_file = xmalloc(MAXPATHLEN); | 55 | authctxt->krb4_ticket_file = xmalloc(MAXPATHLEN); |
@@ -79,13 +79,13 @@ krb4_init(void *context) | |||
79 | } | 79 | } |
80 | /* Failure - cancel cleanup function, leaving ticket for inspection. */ | 80 | /* Failure - cancel cleanup function, leaving ticket for inspection. */ |
81 | log("WARNING: bad ticket file %s", authctxt->krb4_ticket_file); | 81 | log("WARNING: bad ticket file %s", authctxt->krb4_ticket_file); |
82 | 82 | ||
83 | fatal_remove_cleanup(krb4_cleanup_proc, authctxt); | 83 | fatal_remove_cleanup(krb4_cleanup_proc, authctxt); |
84 | cleanup_registered = 0; | 84 | cleanup_registered = 0; |
85 | 85 | ||
86 | xfree(authctxt->krb4_ticket_file); | 86 | xfree(authctxt->krb4_ticket_file); |
87 | authctxt->krb4_ticket_file = NULL; | 87 | authctxt->krb4_ticket_file = NULL; |
88 | 88 | ||
89 | return (0); | 89 | return (0); |
90 | } | 90 | } |
91 | 91 | ||
@@ -103,10 +103,10 @@ auth_krb4_password(Authctxt *authctxt, const char *password) | |||
103 | char localhost[MAXHOSTNAMELEN], phost[INST_SZ], realm[REALM_SZ]; | 103 | char localhost[MAXHOSTNAMELEN], phost[INST_SZ], realm[REALM_SZ]; |
104 | u_int32_t faddr; | 104 | u_int32_t faddr; |
105 | int r; | 105 | int r; |
106 | 106 | ||
107 | if ((pw = authctxt->pw) == NULL) | 107 | if ((pw = authctxt->pw) == NULL) |
108 | return (0); | 108 | return (0); |
109 | 109 | ||
110 | /* | 110 | /* |
111 | * Try Kerberos password authentication only for non-root | 111 | * Try Kerberos password authentication only for non-root |
112 | * users and only if Kerberos is installed. | 112 | * users and only if Kerberos is installed. |
@@ -128,7 +128,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password) | |||
128 | } | 128 | } |
129 | /* Successful authentication. */ | 129 | /* Successful authentication. */ |
130 | chown(tkt_string(), pw->pw_uid, pw->pw_gid); | 130 | chown(tkt_string(), pw->pw_uid, pw->pw_gid); |
131 | 131 | ||
132 | /* | 132 | /* |
133 | * Now that we have a TGT, try to get a local | 133 | * Now that we have a TGT, try to get a local |
134 | * "rcmd" ticket to ensure that we are not talking | 134 | * "rcmd" ticket to ensure that we are not talking |
@@ -138,7 +138,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password) | |||
138 | strlcpy(phost, (char *)krb_get_phost(localhost), | 138 | strlcpy(phost, (char *)krb_get_phost(localhost), |
139 | sizeof(phost)); | 139 | sizeof(phost)); |
140 | r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33); | 140 | r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33); |
141 | 141 | ||
142 | if (r == KSUCCESS) { | 142 | if (r == KSUCCESS) { |
143 | if ((hp = gethostbyname(localhost)) == NULL) { | 143 | if ((hp = gethostbyname(localhost)) == NULL) { |
144 | log("Couldn't get local host address!"); | 144 | log("Couldn't get local host address!"); |
@@ -146,7 +146,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password) | |||
146 | } | 146 | } |
147 | memmove((void *)&faddr, (void *)hp->h_addr, | 147 | memmove((void *)&faddr, (void *)hp->h_addr, |
148 | sizeof(faddr)); | 148 | sizeof(faddr)); |
149 | 149 | ||
150 | /* Verify our "rcmd" ticket. */ | 150 | /* Verify our "rcmd" ticket. */ |
151 | r = krb_rd_req(&tkt, KRB4_SERVICE_NAME, phost, | 151 | r = krb_rd_req(&tkt, KRB4_SERVICE_NAME, phost, |
152 | faddr, &adata, ""); | 152 | faddr, &adata, ""); |
@@ -186,13 +186,13 @@ auth_krb4_password(Authctxt *authctxt, const char *password) | |||
186 | } else | 186 | } else |
187 | /* Logging in as root or no local Kerberos realm. */ | 187 | /* Logging in as root or no local Kerberos realm. */ |
188 | debug("Unable to authenticate to Kerberos."); | 188 | debug("Unable to authenticate to Kerberos."); |
189 | 189 | ||
190 | failure: | 190 | failure: |
191 | krb4_cleanup_proc(authctxt); | 191 | krb4_cleanup_proc(authctxt); |
192 | 192 | ||
193 | if (!options.kerberos_or_local_passwd) | 193 | if (!options.kerberos_or_local_passwd) |
194 | return (0); | 194 | return (0); |
195 | 195 | ||
196 | /* Fall back to ordinary passwd authentication. */ | 196 | /* Fall back to ordinary passwd authentication. */ |
197 | return (-1); | 197 | return (-1); |
198 | } | 198 | } |
@@ -220,9 +220,9 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client) | |||
220 | socklen_t slen; | 220 | socklen_t slen; |
221 | u_int cksum; | 221 | u_int cksum; |
222 | int r, s; | 222 | int r, s; |
223 | 223 | ||
224 | s = packet_get_connection_in(); | 224 | s = packet_get_connection_in(); |
225 | 225 | ||
226 | slen = sizeof(local); | 226 | slen = sizeof(local); |
227 | memset(&local, 0, sizeof(local)); | 227 | memset(&local, 0, sizeof(local)); |
228 | if (getsockname(s, (struct sockaddr *) & local, &slen) < 0) | 228 | if (getsockname(s, (struct sockaddr *) & local, &slen) < 0) |
@@ -235,7 +235,7 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client) | |||
235 | } | 235 | } |
236 | instance[0] = '*'; | 236 | instance[0] = '*'; |
237 | instance[1] = 0; | 237 | instance[1] = 0; |
238 | 238 | ||
239 | /* Get the encrypted request, challenge, and session key. */ | 239 | /* Get the encrypted request, challenge, and session key. */ |
240 | if ((r = krb_rd_req(auth, KRB4_SERVICE_NAME, instance, | 240 | if ((r = krb_rd_req(auth, KRB4_SERVICE_NAME, instance, |
241 | 0, &adat, ""))) { | 241 | 0, &adat, ""))) { |
@@ -243,11 +243,11 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client) | |||
243 | return (0); | 243 | return (0); |
244 | } | 244 | } |
245 | des_key_sched((des_cblock *) adat.session, schedule); | 245 | des_key_sched((des_cblock *) adat.session, schedule); |
246 | 246 | ||
247 | *client = xmalloc(MAX_K_NAME_SZ); | 247 | *client = xmalloc(MAX_K_NAME_SZ); |
248 | (void) snprintf(*client, MAX_K_NAME_SZ, "%s%s%s@%s", adat.pname, | 248 | (void) snprintf(*client, MAX_K_NAME_SZ, "%s%s%s@%s", adat.pname, |
249 | *adat.pinst ? "." : "", adat.pinst, adat.prealm); | 249 | *adat.pinst ? "." : "", adat.pinst, adat.prealm); |
250 | 250 | ||
251 | /* Check ~/.klogin authorization now. */ | 251 | /* Check ~/.klogin authorization now. */ |
252 | if (kuserok(&adat, authctxt->user) != KSUCCESS) { | 252 | if (kuserok(&adat, authctxt->user) != KSUCCESS) { |
253 | log("Kerberos v4 .klogin authorization failed for %s to " | 253 | log("Kerberos v4 .klogin authorization failed for %s to " |
@@ -259,7 +259,7 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client) | |||
259 | session key. */ | 259 | session key. */ |
260 | cksum = adat.checksum + 1; | 260 | cksum = adat.checksum + 1; |
261 | cksum = htonl(cksum); | 261 | cksum = htonl(cksum); |
262 | 262 | ||
263 | /* If we can't successfully encrypt the checksum, we send back an | 263 | /* If we can't successfully encrypt the checksum, we send back an |
264 | empty message, admitting our failure. */ | 264 | empty message, admitting our failure. */ |
265 | if ((r = krb_mk_priv((u_char *) & cksum, reply.dat, sizeof(cksum) + 1, | 265 | if ((r = krb_mk_priv((u_char *) & cksum, reply.dat, sizeof(cksum) + 1, |
@@ -269,10 +269,10 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client) | |||
269 | reply.length = 0; | 269 | reply.length = 0; |
270 | } else | 270 | } else |
271 | reply.length = r; | 271 | reply.length = r; |
272 | 272 | ||
273 | /* Clear session key. */ | 273 | /* Clear session key. */ |
274 | memset(&adat.session, 0, sizeof(&adat.session)); | 274 | memset(&adat.session, 0, sizeof(&adat.session)); |
275 | 275 | ||
276 | packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE); | 276 | packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE); |
277 | packet_put_string((char *) reply.dat, reply.length); | 277 | packet_put_string((char *) reply.dat, reply.length); |
278 | packet_send(); | 278 | packet_send(); |
@@ -287,19 +287,19 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string) | |||
287 | { | 287 | { |
288 | CREDENTIALS creds; | 288 | CREDENTIALS creds; |
289 | struct passwd *pw; | 289 | struct passwd *pw; |
290 | 290 | ||
291 | if ((pw = authctxt->pw) == NULL) | 291 | if ((pw = authctxt->pw) == NULL) |
292 | goto failure; | 292 | goto failure; |
293 | 293 | ||
294 | temporarily_use_uid(pw); | 294 | temporarily_use_uid(pw); |
295 | 295 | ||
296 | if (!radix_to_creds(string, &creds)) { | 296 | if (!radix_to_creds(string, &creds)) { |
297 | log("Protocol error decoding Kerberos v4 TGT"); | 297 | log("Protocol error decoding Kerberos v4 TGT"); |
298 | goto failure; | 298 | goto failure; |
299 | } | 299 | } |
300 | if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ | 300 | if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ |
301 | strlcpy(creds.service, "krbtgt", sizeof creds.service); | 301 | strlcpy(creds.service, "krbtgt", sizeof creds.service); |
302 | 302 | ||
303 | if (strcmp(creds.service, "krbtgt")) { | 303 | if (strcmp(creds.service, "krbtgt")) { |
304 | log("Kerberos v4 TGT (%s%s%s@%s) rejected for %s", | 304 | log("Kerberos v4 TGT (%s%s%s@%s) rejected for %s", |
305 | creds.pname, creds.pinst[0] ? "." : "", creds.pinst, | 305 | creds.pname, creds.pinst[0] ? "." : "", creds.pinst, |
@@ -308,10 +308,10 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string) | |||
308 | } | 308 | } |
309 | if (!krb4_init(authctxt)) | 309 | if (!krb4_init(authctxt)) |
310 | goto failure; | 310 | goto failure; |
311 | 311 | ||
312 | if (in_tkt(creds.pname, creds.pinst) != KSUCCESS) | 312 | if (in_tkt(creds.pname, creds.pinst) != KSUCCESS) |
313 | goto failure; | 313 | goto failure; |
314 | 314 | ||
315 | if (save_credentials(creds.service, creds.instance, creds.realm, | 315 | if (save_credentials(creds.service, creds.instance, creds.realm, |
316 | creds.session, creds.lifetime, creds.kvno, &creds.ticket_st, | 316 | creds.session, creds.lifetime, creds.kvno, &creds.ticket_st, |
317 | creds.issue_date) != KSUCCESS) { | 317 | creds.issue_date) != KSUCCESS) { |
@@ -320,20 +320,20 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string) | |||
320 | } | 320 | } |
321 | /* Successful authentication, passed all checks. */ | 321 | /* Successful authentication, passed all checks. */ |
322 | chown(tkt_string(), pw->pw_uid, pw->pw_gid); | 322 | chown(tkt_string(), pw->pw_uid, pw->pw_gid); |
323 | 323 | ||
324 | debug("Kerberos v4 TGT accepted (%s%s%s@%s)", | 324 | debug("Kerberos v4 TGT accepted (%s%s%s@%s)", |
325 | creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm); | 325 | creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm); |
326 | memset(&creds, 0, sizeof(creds)); | 326 | memset(&creds, 0, sizeof(creds)); |
327 | 327 | ||
328 | restore_uid(); | 328 | restore_uid(); |
329 | 329 | ||
330 | return (1); | 330 | return (1); |
331 | 331 | ||
332 | failure: | 332 | failure: |
333 | krb4_cleanup_proc(authctxt); | 333 | krb4_cleanup_proc(authctxt); |
334 | memset(&creds, 0, sizeof(creds)); | 334 | memset(&creds, 0, sizeof(creds)); |
335 | restore_uid(); | 335 | restore_uid(); |
336 | 336 | ||
337 | return (0); | 337 | return (0); |
338 | } | 338 | } |
339 | 339 | ||
@@ -343,22 +343,22 @@ auth_afs_token(Authctxt *authctxt, const char *token_string) | |||
343 | CREDENTIALS creds; | 343 | CREDENTIALS creds; |
344 | struct passwd *pw; | 344 | struct passwd *pw; |
345 | uid_t uid; | 345 | uid_t uid; |
346 | 346 | ||
347 | if ((pw = authctxt->pw) == NULL) | 347 | if ((pw = authctxt->pw) == NULL) |
348 | return (0); | 348 | return (0); |
349 | 349 | ||
350 | if (!radix_to_creds(token_string, &creds)) { | 350 | if (!radix_to_creds(token_string, &creds)) { |
351 | log("Protocol error decoding AFS token"); | 351 | log("Protocol error decoding AFS token"); |
352 | return (0); | 352 | return (0); |
353 | } | 353 | } |
354 | if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ | 354 | if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ |
355 | strlcpy(creds.service, "afs", sizeof creds.service); | 355 | strlcpy(creds.service, "afs", sizeof creds.service); |
356 | 356 | ||
357 | if (strncmp(creds.pname, "AFS ID ", 7) == 0) | 357 | if (strncmp(creds.pname, "AFS ID ", 7) == 0) |
358 | uid = atoi(creds.pname + 7); | 358 | uid = atoi(creds.pname + 7); |
359 | else | 359 | else |
360 | uid = pw->pw_uid; | 360 | uid = pw->pw_uid; |
361 | 361 | ||
362 | if (kafs_settoken(creds.realm, uid, &creds)) { | 362 | if (kafs_settoken(creds.realm, uid, &creds)) { |
363 | log("AFS token (%s@%s) rejected for %s", | 363 | log("AFS token (%s@%s) rejected for %s", |
364 | creds.pname, creds.realm, pw->pw_name); | 364 | creds.pname, creds.realm, pw->pw_name); |
@@ -367,7 +367,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string) | |||
367 | } | 367 | } |
368 | debug("AFS token accepted (%s@%s)", creds.pname, creds.realm); | 368 | debug("AFS token accepted (%s@%s)", creds.pname, creds.realm); |
369 | memset(&creds, 0, sizeof(creds)); | 369 | memset(&creds, 0, sizeof(creds)); |
370 | 370 | ||
371 | return (1); | 371 | return (1); |
372 | } | 372 | } |
373 | #endif /* AFS */ | 373 | #endif /* AFS */ |
diff --git a/auth-rhosts.c b/auth-rhosts.c index 9ba64dbc3..cbceb6319 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c | |||
@@ -14,7 +14,7 @@ | |||
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$OpenBSD: auth-rhosts.c,v 1.24 2001/06/23 15:12:17 itojun Exp $"); | 17 | RCSID("$OpenBSD: auth-rhosts.c,v 1.25 2001/12/19 07:18:56 deraadt Exp $"); |
18 | 18 | ||
19 | #include "packet.h" | 19 | #include "packet.h" |
20 | #include "xmalloc.h" | 20 | #include "xmalloc.h" |
@@ -186,7 +186,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, | |||
186 | * servers. | 186 | * servers. |
187 | */ | 187 | */ |
188 | for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; | 188 | for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; |
189 | rhosts_file_index++) { | 189 | rhosts_file_index++) { |
190 | /* Check users .rhosts or .shosts. */ | 190 | /* Check users .rhosts or .shosts. */ |
191 | snprintf(buf, sizeof buf, "%.500s/%.100s", | 191 | snprintf(buf, sizeof buf, "%.500s/%.100s", |
192 | pw->pw_dir, rhosts_files[rhosts_file_index]); | 192 | pw->pw_dir, rhosts_files[rhosts_file_index]); |
@@ -204,16 +204,16 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, | |||
204 | 204 | ||
205 | /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ | 205 | /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ |
206 | if (pw->pw_uid != 0) { | 206 | if (pw->pw_uid != 0) { |
207 | if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, client_user, | 207 | if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, |
208 | pw->pw_name)) { | 208 | client_user, pw->pw_name)) { |
209 | packet_send_debug("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", | 209 | packet_send_debug("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", |
210 | hostname, ipaddr); | 210 | hostname, ipaddr); |
211 | return 1; | 211 | return 1; |
212 | } | 212 | } |
213 | if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr, client_user, | 213 | if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr, |
214 | pw->pw_name)) { | 214 | client_user, pw->pw_name)) { |
215 | packet_send_debug("Accepted for %.100s [%.100s] by %.100s.", | 215 | packet_send_debug("Accepted for %.100s [%.100s] by %.100s.", |
216 | hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV); | 216 | hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV); |
217 | return 1; | 217 | return 1; |
218 | } | 218 | } |
219 | } | 219 | } |
@@ -230,7 +230,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, | |||
230 | } | 230 | } |
231 | if (options.strict_modes && | 231 | if (options.strict_modes && |
232 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || | 232 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
233 | (st.st_mode & 022) != 0)) { | 233 | (st.st_mode & 022) != 0)) { |
234 | log("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", | 234 | log("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", |
235 | pw->pw_name); | 235 | pw->pw_name); |
236 | packet_send_debug("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", | 236 | packet_send_debug("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", |
@@ -242,7 +242,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, | |||
242 | 242 | ||
243 | /* Check all .rhosts files (currently .shosts and .rhosts). */ | 243 | /* Check all .rhosts files (currently .shosts and .rhosts). */ |
244 | for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; | 244 | for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; |
245 | rhosts_file_index++) { | 245 | rhosts_file_index++) { |
246 | /* Check users .rhosts or .shosts. */ | 246 | /* Check users .rhosts or .shosts. */ |
247 | snprintf(buf, sizeof buf, "%.500s/%.100s", | 247 | snprintf(buf, sizeof buf, "%.500s/%.100s", |
248 | pw->pw_dir, rhosts_files[rhosts_file_index]); | 248 | pw->pw_dir, rhosts_files[rhosts_file_index]); |
@@ -257,7 +257,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, | |||
257 | */ | 257 | */ |
258 | if (options.strict_modes && | 258 | if (options.strict_modes && |
259 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || | 259 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
260 | (st.st_mode & 022) != 0)) { | 260 | (st.st_mode & 022) != 0)) { |
261 | log("Rhosts authentication refused for %.100s: bad modes for %.200s", | 261 | log("Rhosts authentication refused for %.100s: bad modes for %.200s", |
262 | pw->pw_name, buf); | 262 | pw->pw_name, buf); |
263 | packet_send_debug("Bad file modes for %.200s", buf); | 263 | packet_send_debug("Bad file modes for %.200s", buf); |
diff --git a/auth-skey.c b/auth-skey.c index f921fc1bb..6dc71223b 100644 --- a/auth-skey.c +++ b/auth-skey.c | |||
@@ -22,7 +22,7 @@ | |||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | */ | 23 | */ |
24 | #include "includes.h" | 24 | #include "includes.h" |
25 | RCSID("$OpenBSD: auth-skey.c,v 1.12 2001/05/18 14:13:28 markus Exp $"); | 25 | RCSID("$OpenBSD: auth-skey.c,v 1.13 2001/12/19 07:18:56 deraadt Exp $"); |
26 | 26 | ||
27 | #ifdef SKEY | 27 | #ifdef SKEY |
28 | 28 | ||
@@ -40,7 +40,7 @@ skey_init_ctx(Authctxt *authctxt) | |||
40 | #define PROMPT "\nS/Key Password: " | 40 | #define PROMPT "\nS/Key Password: " |
41 | 41 | ||
42 | static int | 42 | static int |
43 | skey_query(void *ctx, char **name, char **infotxt, | 43 | skey_query(void *ctx, char **name, char **infotxt, |
44 | u_int* numprompts, char ***prompts, u_int **echo_on) | 44 | u_int* numprompts, char ***prompts, u_int **echo_on) |
45 | { | 45 | { |
46 | Authctxt *authctxt = ctx; | 46 | Authctxt *authctxt = ctx; |
@@ -72,9 +72,9 @@ static int | |||
72 | skey_respond(void *ctx, u_int numresponses, char **responses) | 72 | skey_respond(void *ctx, u_int numresponses, char **responses) |
73 | { | 73 | { |
74 | Authctxt *authctxt = ctx; | 74 | Authctxt *authctxt = ctx; |
75 | 75 | ||
76 | if (authctxt->valid && | 76 | if (authctxt->valid && |
77 | numresponses == 1 && | 77 | numresponses == 1 && |
78 | skey_haskey(authctxt->pw->pw_name) == 0 && | 78 | skey_haskey(authctxt->pw->pw_name) == 0 && |
79 | skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1) | 79 | skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1) |
80 | return 0; | 80 | return 0; |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth.c,v 1.30 2001/11/17 19:14:34 stevesk Exp $"); | 26 | RCSID("$OpenBSD: auth.c,v 1.31 2001/12/19 07:18:56 deraadt Exp $"); |
27 | 27 | ||
28 | #ifdef HAVE_LOGIN_H | 28 | #ifdef HAVE_LOGIN_H |
29 | #include <login.h> | 29 | #include <login.h> |
@@ -272,7 +272,7 @@ expand_filename(const char *filename, struct passwd *pw) | |||
272 | } | 272 | } |
273 | if (cp[0] == '%' && cp[1] == 'u') { | 273 | if (cp[0] == '%' && cp[1] == 'u') { |
274 | buffer_append(&buffer, pw->pw_name, | 274 | buffer_append(&buffer, pw->pw_name, |
275 | strlen(pw->pw_name)); | 275 | strlen(pw->pw_name)); |
276 | cp++; | 276 | cp++; |
277 | continue; | 277 | continue; |
278 | } | 278 | } |
@@ -326,7 +326,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, | |||
326 | if (options.strict_modes && | 326 | if (options.strict_modes && |
327 | (stat(user_hostfile, &st) == 0) && | 327 | (stat(user_hostfile, &st) == 0) && |
328 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || | 328 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
329 | (st.st_mode & 022) != 0)) { | 329 | (st.st_mode & 022) != 0)) { |
330 | log("Authentication refused for %.100s: " | 330 | log("Authentication refused for %.100s: " |
331 | "bad owner or modes for %.200s", | 331 | "bad owner or modes for %.200s", |
332 | pw->pw_name, user_hostfile); | 332 | pw->pw_name, user_hostfile); |
@@ -399,7 +399,7 @@ secure_filename(FILE *f, const char *file, struct passwd *pw, | |||
399 | if (stat(buf, &st) < 0 || | 399 | if (stat(buf, &st) < 0 || |
400 | (st.st_uid != 0 && st.st_uid != uid) || | 400 | (st.st_uid != 0 && st.st_uid != uid) || |
401 | (st.st_mode & 022) != 0) { | 401 | (st.st_mode & 022) != 0) { |
402 | snprintf(err, errlen, | 402 | snprintf(err, errlen, |
403 | "bad ownership or modes for directory %s", buf); | 403 | "bad ownership or modes for directory %s", buf); |
404 | return -1; | 404 | return -1; |
405 | } | 405 | } |
@@ -21,7 +21,7 @@ | |||
21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 21 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | * | 23 | * |
24 | * $OpenBSD: auth.h,v 1.24 2001/12/18 10:04:21 jakob Exp $ | 24 | * $OpenBSD: auth.h,v 1.25 2001/12/19 07:18:56 deraadt Exp $ |
25 | */ | 25 | */ |
26 | #ifndef AUTH_H | 26 | #ifndef AUTH_H |
27 | #define AUTH_H | 27 | #define AUTH_H |
@@ -71,8 +71,8 @@ struct Authctxt { | |||
71 | 71 | ||
72 | /* | 72 | /* |
73 | * Keyboard interactive device: | 73 | * Keyboard interactive device: |
74 | * init_ctx returns: non NULL upon success | 74 | * init_ctx returns: non NULL upon success |
75 | * query returns: 0 - success, otherwise failure | 75 | * query returns: 0 - success, otherwise failure |
76 | * respond returns: 0 - success, 1 - need further interaction, | 76 | * respond returns: 0 - success, 1 - need further interaction, |
77 | * otherwise - failure | 77 | * otherwise - failure |
78 | */ | 78 | */ |
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: auth1.c,v 1.26 2001/12/05 03:56:39 itojun Exp $"); | 13 | RCSID("$OpenBSD: auth1.c,v 1.27 2001/12/19 07:18:56 deraadt Exp $"); |
14 | 14 | ||
15 | #include "xmalloc.h" | 15 | #include "xmalloc.h" |
16 | #include "rsa.h" | 16 | #include "rsa.h" |
@@ -77,7 +77,7 @@ do_authloop(Authctxt *authctxt) | |||
77 | struct passwd *pw = authctxt->pw; | 77 | struct passwd *pw = authctxt->pw; |
78 | 78 | ||
79 | debug("Attempting authentication for %s%.100s.", | 79 | debug("Attempting authentication for %s%.100s.", |
80 | authctxt->valid ? "" : "illegal user ", authctxt->user); | 80 | authctxt->valid ? "" : "illegal user ", authctxt->user); |
81 | 81 | ||
82 | /* If the user has no password, accept authentication immediately. */ | 82 | /* If the user has no password, accept authentication immediately. */ |
83 | if (options.password_authentication && | 83 | if (options.password_authentication && |
@@ -120,17 +120,17 @@ do_authloop(Authctxt *authctxt) | |||
120 | verbose("Kerberos authentication disabled."); | 120 | verbose("Kerberos authentication disabled."); |
121 | } else { | 121 | } else { |
122 | char *kdata = packet_get_string(&dlen); | 122 | char *kdata = packet_get_string(&dlen); |
123 | 123 | ||
124 | packet_integrity_check(plen, 4 + dlen, type); | 124 | packet_integrity_check(plen, 4 + dlen, type); |
125 | 125 | ||
126 | if (kdata[0] == 4) { /* KRB_PROT_VERSION */ | 126 | if (kdata[0] == 4) { /* KRB_PROT_VERSION */ |
127 | #ifdef KRB4 | 127 | #ifdef KRB4 |
128 | KTEXT_ST tkt; | 128 | KTEXT_ST tkt; |
129 | 129 | ||
130 | tkt.length = dlen; | 130 | tkt.length = dlen; |
131 | if (tkt.length < MAX_KTXT_LEN) | 131 | if (tkt.length < MAX_KTXT_LEN) |
132 | memcpy(tkt.dat, kdata, tkt.length); | 132 | memcpy(tkt.dat, kdata, tkt.length); |
133 | 133 | ||
134 | if (auth_krb4(authctxt, &tkt, &client_user)) { | 134 | if (auth_krb4(authctxt, &tkt, &client_user)) { |
135 | authenticated = 1; | 135 | authenticated = 1; |
136 | snprintf(info, sizeof(info), | 136 | snprintf(info, sizeof(info), |
@@ -143,7 +143,7 @@ do_authloop(Authctxt *authctxt) | |||
143 | krb5_data tkt; | 143 | krb5_data tkt; |
144 | tkt.length = dlen; | 144 | tkt.length = dlen; |
145 | tkt.data = kdata; | 145 | tkt.data = kdata; |
146 | 146 | ||
147 | if (auth_krb5(authctxt, &tkt, &client_user)) { | 147 | if (auth_krb5(authctxt, &tkt, &client_user)) { |
148 | authenticated = 1; | 148 | authenticated = 1; |
149 | snprintf(info, sizeof(info), | 149 | snprintf(info, sizeof(info), |
@@ -156,7 +156,7 @@ do_authloop(Authctxt *authctxt) | |||
156 | } | 156 | } |
157 | break; | 157 | break; |
158 | #endif /* KRB4 || KRB5 */ | 158 | #endif /* KRB4 || KRB5 */ |
159 | 159 | ||
160 | #if defined(AFS) || defined(KRB5) | 160 | #if defined(AFS) || defined(KRB5) |
161 | /* XXX - punt on backward compatibility here. */ | 161 | /* XXX - punt on backward compatibility here. */ |
162 | case SSH_CMSG_HAVE_KERBEROS_TGT: | 162 | case SSH_CMSG_HAVE_KERBEROS_TGT: |
@@ -168,7 +168,7 @@ do_authloop(Authctxt *authctxt) | |||
168 | break; | 168 | break; |
169 | #endif /* AFS */ | 169 | #endif /* AFS */ |
170 | #endif /* AFS || KRB5 */ | 170 | #endif /* AFS || KRB5 */ |
171 | 171 | ||
172 | case SSH_CMSG_AUTH_RHOSTS: | 172 | case SSH_CMSG_AUTH_RHOSTS: |
173 | if (!options.rhosts_authentication) { | 173 | if (!options.rhosts_authentication) { |
174 | verbose("Rhosts authentication disabled."); | 174 | verbose("Rhosts authentication disabled."); |
@@ -381,7 +381,7 @@ do_authentication(void) | |||
381 | /* XXX - SSH.com Kerberos v5 braindeath. */ | 381 | /* XXX - SSH.com Kerberos v5 braindeath. */ |
382 | if ((p = strchr(user, '@')) != NULL) | 382 | if ((p = strchr(user, '@')) != NULL) |
383 | *p = '\0'; | 383 | *p = '\0'; |
384 | 384 | ||
385 | authctxt = authctxt_new(); | 385 | authctxt = authctxt_new(); |
386 | authctxt->user = user; | 386 | authctxt->user = user; |
387 | authctxt->style = style; | 387 | authctxt->style = style; |
diff --git a/auth2-chall.c b/auth2-chall.c index 4b97e47bd..8ad1efcd6 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
@@ -23,7 +23,7 @@ | |||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | */ | 24 | */ |
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2-chall.c,v 1.9 2001/12/09 18:45:56 markus Exp $"); | 26 | RCSID("$OpenBSD: auth2-chall.c,v 1.10 2001/12/19 07:18:56 deraadt Exp $"); |
27 | 27 | ||
28 | #include "ssh2.h" | 28 | #include "ssh2.h" |
29 | #include "auth.h" | 29 | #include "auth.h" |
@@ -151,7 +151,7 @@ auth2_challenge(Authctxt *authctxt, char *devs) | |||
151 | 151 | ||
152 | if (authctxt->user == NULL || !devs) | 152 | if (authctxt->user == NULL || !devs) |
153 | return 0; | 153 | return 0; |
154 | if (authctxt->kbdintctxt == NULL) | 154 | if (authctxt->kbdintctxt == NULL) |
155 | authctxt->kbdintctxt = kbdint_alloc(devs); | 155 | authctxt->kbdintctxt = kbdint_alloc(devs); |
156 | return auth2_challenge_start(authctxt); | 156 | return auth2_challenge_start(authctxt); |
157 | } | 157 | } |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2.c,v 1.76 2001/12/18 10:05:15 jakob Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.77 2001/12/19 07:18:56 deraadt Exp $"); |
27 | 27 | ||
28 | #include <openssl/evp.h> | 28 | #include <openssl/evp.h> |
29 | 29 | ||
@@ -721,7 +721,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) | |||
721 | file, linenum); | 721 | file, linenum); |
722 | fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); | 722 | fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); |
723 | verbose("Found matching %s key: %s", | 723 | verbose("Found matching %s key: %s", |
724 | key_type(found), fp); | 724 | key_type(found), fp); |
725 | xfree(fp); | 725 | xfree(fp); |
726 | break; | 726 | break; |
727 | } | 727 | } |
diff --git a/authfile.c b/authfile.c index 8a6021fc6..abf2877f5 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -36,7 +36,7 @@ | |||
36 | */ | 36 | */ |
37 | 37 | ||
38 | #include "includes.h" | 38 | #include "includes.h" |
39 | RCSID("$OpenBSD: authfile.c,v 1.40 2001/12/05 10:06:12 deraadt Exp $"); | 39 | RCSID("$OpenBSD: authfile.c,v 1.41 2001/12/19 07:18:56 deraadt Exp $"); |
40 | 40 | ||
41 | #include <openssl/err.h> | 41 | #include <openssl/err.h> |
42 | #include <openssl/evp.h> | 42 | #include <openssl/evp.h> |
@@ -147,7 +147,7 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, | |||
147 | if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != | 147 | if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != |
148 | buffer_len(&encrypted)) { | 148 | buffer_len(&encrypted)) { |
149 | error("write to key file %s failed: %s", filename, | 149 | error("write to key file %s failed: %s", filename, |
150 | strerror(errno)); | 150 | strerror(errno)); |
151 | buffer_free(&encrypted); | 151 | buffer_free(&encrypted); |
152 | close(fd); | 152 | close(fd); |
153 | unlink(filename); | 153 | unlink(filename); |
@@ -450,7 +450,7 @@ key_load_private_pem(int fd, int type, const char *passphrase, | |||
450 | debug("PEM_read_PrivateKey failed"); | 450 | debug("PEM_read_PrivateKey failed"); |
451 | (void)ERR_get_error(); | 451 | (void)ERR_get_error(); |
452 | } else if (pk->type == EVP_PKEY_RSA && | 452 | } else if (pk->type == EVP_PKEY_RSA && |
453 | (type == KEY_UNSPEC||type==KEY_RSA)) { | 453 | (type == KEY_UNSPEC||type==KEY_RSA)) { |
454 | prv = key_new(KEY_UNSPEC); | 454 | prv = key_new(KEY_UNSPEC); |
455 | prv->rsa = EVP_PKEY_get1_RSA(pk); | 455 | prv->rsa = EVP_PKEY_get1_RSA(pk); |
456 | prv->type = KEY_RSA; | 456 | prv->type = KEY_RSA; |
@@ -459,7 +459,7 @@ key_load_private_pem(int fd, int type, const char *passphrase, | |||
459 | RSA_print_fp(stderr, prv->rsa, 8); | 459 | RSA_print_fp(stderr, prv->rsa, 8); |
460 | #endif | 460 | #endif |
461 | } else if (pk->type == EVP_PKEY_DSA && | 461 | } else if (pk->type == EVP_PKEY_DSA && |
462 | (type == KEY_UNSPEC||type==KEY_DSA)) { | 462 | (type == KEY_UNSPEC||type==KEY_DSA)) { |
463 | prv = key_new(KEY_UNSPEC); | 463 | prv = key_new(KEY_UNSPEC); |
464 | prv->dsa = EVP_PKEY_get1_DSA(pk); | 464 | prv->dsa = EVP_PKEY_get1_DSA(pk); |
465 | prv->type = KEY_DSA; | 465 | prv->type = KEY_DSA; |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: bufaux.c,v 1.18 2001/12/05 10:06:12 deraadt Exp $"); | 40 | RCSID("$OpenBSD: bufaux.c,v 1.19 2001/12/19 07:18:56 deraadt Exp $"); |
41 | 41 | ||
42 | #include <openssl/bn.h> | 42 | #include <openssl/bn.h> |
43 | #include "bufaux.h" | 43 | #include "bufaux.h" |
@@ -62,7 +62,7 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value) | |||
62 | oi = BN_bn2bin(value, buf); | 62 | oi = BN_bn2bin(value, buf); |
63 | if (oi != bin_size) | 63 | if (oi != bin_size) |
64 | fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", | 64 | fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", |
65 | oi, bin_size); | 65 | oi, bin_size); |
66 | 66 | ||
67 | /* Store the number of bits in the buffer in two bytes, msb first. */ | 67 | /* Store the number of bits in the buffer in two bytes, msb first. */ |
68 | PUT_16BIT(msg, bits); | 68 | PUT_16BIT(msg, bits); |
@@ -112,14 +112,14 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value) | |||
112 | oi = BN_bn2bin(value, buf+1); | 112 | oi = BN_bn2bin(value, buf+1); |
113 | if (oi != bytes-1) | 113 | if (oi != bytes-1) |
114 | fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", | 114 | fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", |
115 | oi, bytes); | 115 | oi, bytes); |
116 | hasnohigh = (buf[1] & 0x80) ? 0 : 1; | 116 | hasnohigh = (buf[1] & 0x80) ? 0 : 1; |
117 | if (value->neg) { | 117 | if (value->neg) { |
118 | /**XXX should be two's-complement */ | 118 | /**XXX should be two's-complement */ |
119 | int i, carry; | 119 | int i, carry; |
120 | u_char *uc = buf; | 120 | u_char *uc = buf; |
121 | log("negativ!"); | 121 | log("negativ!"); |
122 | for(i = bytes-1, carry = 1; i>=0; i--) { | 122 | for (i = bytes-1, carry = 1; i>=0; i--) { |
123 | uc[i] ^= 0xff; | 123 | uc[i] ^= 0xff; |
124 | if (carry) | 124 | if (carry) |
125 | carry = !++uc[i]; | 125 | carry = !++uc[i]; |
diff --git a/canohost.c b/canohost.c index 015a328e8..4f2e576b2 100644 --- a/canohost.c +++ b/canohost.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: canohost.c,v 1.28 2001/12/05 03:56:39 itojun Exp $"); | 15 | RCSID("$OpenBSD: canohost.c,v 1.29 2001/12/19 07:18:56 deraadt Exp $"); |
16 | 16 | ||
17 | #include "packet.h" | 17 | #include "packet.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -68,13 +68,13 @@ get_remote_hostname(int socket, int reverse_mapping_check) | |||
68 | check_ip_options(socket, ntop); | 68 | check_ip_options(socket, ntop); |
69 | 69 | ||
70 | if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), | 70 | if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), |
71 | NULL, 0, NI_NUMERICHOST) != 0) | 71 | NULL, 0, NI_NUMERICHOST) != 0) |
72 | fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); | 72 | fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); |
73 | 73 | ||
74 | debug3("Trying to reverse map address %.100s.", ntop); | 74 | debug3("Trying to reverse map address %.100s.", ntop); |
75 | /* Map the IP address to a host name. */ | 75 | /* Map the IP address to a host name. */ |
76 | if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), | 76 | if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), |
77 | NULL, 0, NI_NAMEREQD) != 0) { | 77 | NULL, 0, NI_NAMEREQD) != 0) { |
78 | /* Host name not found. Use ip address. */ | 78 | /* Host name not found. Use ip address. */ |
79 | log("Could not reverse map address %.100s.", ntop); | 79 | log("Could not reverse map address %.100s.", ntop); |
80 | return xstrdup(ntop); | 80 | return xstrdup(ntop); |
@@ -230,7 +230,7 @@ get_socket_address(int socket, int remote, int flags) | |||
230 | } | 230 | } |
231 | /* Get the address in ascii. */ | 231 | /* Get the address in ascii. */ |
232 | if (getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop), | 232 | if (getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop), |
233 | NULL, 0, flags) != 0) { | 233 | NULL, 0, flags) != 0) { |
234 | error("get_socket_ipaddr: getnameinfo %d failed", flags); | 234 | error("get_socket_ipaddr: getnameinfo %d failed", flags); |
235 | return NULL; | 235 | return NULL; |
236 | } | 236 | } |
@@ -316,7 +316,7 @@ get_sock_port(int sock, int local) | |||
316 | } | 316 | } |
317 | /* Return port number. */ | 317 | /* Return port number. */ |
318 | if (getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0, | 318 | if (getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0, |
319 | strport, sizeof(strport), NI_NUMERICSERV) != 0) | 319 | strport, sizeof(strport), NI_NUMERICSERV) != 0) |
320 | fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed"); | 320 | fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed"); |
321 | return atoi(strport); | 321 | return atoi(strport); |
322 | } | 322 | } |
diff --git a/channels.c b/channels.c index 97a865f56..63eb5bcff 100644 --- a/channels.c +++ b/channels.c | |||
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: channels.c,v 1.147 2001/12/08 17:49:28 stevesk Exp $"); | 42 | RCSID("$OpenBSD: channels.c,v 1.148 2001/12/19 07:18:56 deraadt Exp $"); |
43 | 43 | ||
44 | #include "ssh.h" | 44 | #include "ssh.h" |
45 | #include "ssh1.h" | 45 | #include "ssh1.h" |
@@ -794,7 +794,7 @@ x11_open_helper(Buffer *b) | |||
794 | data_len = ucp[8] + 256 * ucp[9]; | 794 | data_len = ucp[8] + 256 * ucp[9]; |
795 | } else { | 795 | } else { |
796 | debug("Initial X11 packet contains bad byte order byte: 0x%x", | 796 | debug("Initial X11 packet contains bad byte order byte: 0x%x", |
797 | ucp[0]); | 797 | ucp[0]); |
798 | return -1; | 798 | return -1; |
799 | } | 799 | } |
800 | 800 | ||
@@ -884,7 +884,7 @@ channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) | |||
884 | { | 884 | { |
885 | u_char *p, *host; | 885 | u_char *p, *host; |
886 | int len, have, i, found; | 886 | int len, have, i, found; |
887 | char username[256]; | 887 | char username[256]; |
888 | struct { | 888 | struct { |
889 | u_int8_t version; | 889 | u_int8_t version; |
890 | u_int8_t command; | 890 | u_int8_t command; |
@@ -931,7 +931,7 @@ channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) | |||
931 | host = inet_ntoa(s4_req.dest_addr); | 931 | host = inet_ntoa(s4_req.dest_addr); |
932 | strlcpy(c->path, host, sizeof(c->path)); | 932 | strlcpy(c->path, host, sizeof(c->path)); |
933 | c->host_port = ntohs(s4_req.dest_port); | 933 | c->host_port = ntohs(s4_req.dest_port); |
934 | 934 | ||
935 | debug("channel %d: dynamic request: socks4 host %s port %u command %u", | 935 | debug("channel %d: dynamic request: socks4 host %s port %u command %u", |
936 | c->self, host, c->host_port, s4_req.command); | 936 | c->self, host, c->host_port, s4_req.command); |
937 | 937 | ||
@@ -1373,7 +1373,7 @@ channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset) | |||
1373 | FD_ISSET(c->efd, readset)) { | 1373 | FD_ISSET(c->efd, readset)) { |
1374 | len = read(c->efd, buf, sizeof(buf)); | 1374 | len = read(c->efd, buf, sizeof(buf)); |
1375 | debug2("channel %d: read %d from efd %d", | 1375 | debug2("channel %d: read %d from efd %d", |
1376 | c->self, len, c->efd); | 1376 | c->self, len, c->efd); |
1377 | if (len < 0 && (errno == EINTR || errno == EAGAIN)) | 1377 | if (len < 0 && (errno == EINTR || errno == EAGAIN)) |
1378 | return 1; | 1378 | return 1; |
1379 | if (len <= 0) { | 1379 | if (len <= 0) { |
@@ -1509,7 +1509,7 @@ static void | |||
1509 | channel_handler_init(void) | 1509 | channel_handler_init(void) |
1510 | { | 1510 | { |
1511 | int i; | 1511 | int i; |
1512 | for(i = 0; i < SSH_CHANNEL_MAX_TYPE; i++) { | 1512 | for (i = 0; i < SSH_CHANNEL_MAX_TYPE; i++) { |
1513 | channel_pre[i] = NULL; | 1513 | channel_pre[i] = NULL; |
1514 | channel_post[i] = NULL; | 1514 | channel_post[i] = NULL; |
1515 | } | 1515 | } |
@@ -2414,8 +2414,8 @@ x11_create_display_inet(int x11_display_offset, int gateway_ports) | |||
2414 | int gaierr, n, num_socks = 0, socks[NUM_SOCKS]; | 2414 | int gaierr, n, num_socks = 0, socks[NUM_SOCKS]; |
2415 | 2415 | ||
2416 | for (display_number = x11_display_offset; | 2416 | for (display_number = x11_display_offset; |
2417 | display_number < MAX_DISPLAYS; | 2417 | display_number < MAX_DISPLAYS; |
2418 | display_number++) { | 2418 | display_number++) { |
2419 | port = 6000 + display_number; | 2419 | port = 6000 + display_number; |
2420 | memset(&hints, 0, sizeof(hints)); | 2420 | memset(&hints, 0, sizeof(hints)); |
2421 | hints.ai_family = IPv4or6; | 2421 | hints.ai_family = IPv4or6; |
@@ -2541,7 +2541,7 @@ x11_connect_display(void) | |||
2541 | /* Connect to the unix domain socket. */ | 2541 | /* Connect to the unix domain socket. */ |
2542 | if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) { | 2542 | if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) { |
2543 | error("Could not parse display number from DISPLAY: %.100s", | 2543 | error("Could not parse display number from DISPLAY: %.100s", |
2544 | display); | 2544 | display); |
2545 | return -1; | 2545 | return -1; |
2546 | } | 2546 | } |
2547 | /* Create a socket. */ | 2547 | /* Create a socket. */ |
@@ -2566,7 +2566,7 @@ x11_connect_display(void) | |||
2566 | /* buf now contains the host name. But first we parse the display number. */ | 2566 | /* buf now contains the host name. But first we parse the display number. */ |
2567 | if (sscanf(cp + 1, "%d", &display_number) != 1) { | 2567 | if (sscanf(cp + 1, "%d", &display_number) != 1) { |
2568 | error("Could not parse display number from DISPLAY: %.100s", | 2568 | error("Could not parse display number from DISPLAY: %.100s", |
2569 | display); | 2569 | display); |
2570 | return -1; | 2570 | return -1; |
2571 | } | 2571 | } |
2572 | 2572 | ||
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: cipher.c,v 1.47 2001/08/23 11:31:59 markus Exp $"); | 38 | RCSID("$OpenBSD: cipher.c,v 1.48 2001/12/19 07:18:56 deraadt Exp $"); |
39 | 39 | ||
40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
41 | #include "log.h" | 41 | #include "log.h" |
@@ -184,14 +184,14 @@ blowfish_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) | |||
184 | } | 184 | } |
185 | static void | 185 | static void |
186 | blowfish_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, | 186 | blowfish_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, |
187 | u_int len) | 187 | u_int len) |
188 | { | 188 | { |
189 | BF_cbc_encrypt((void *)src, dest, len, &cc->u.bf.key, cc->u.bf.iv, | 189 | BF_cbc_encrypt((void *)src, dest, len, &cc->u.bf.key, cc->u.bf.iv, |
190 | BF_ENCRYPT); | 190 | BF_ENCRYPT); |
191 | } | 191 | } |
192 | static void | 192 | static void |
193 | blowfish_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, | 193 | blowfish_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, |
194 | u_int len) | 194 | u_int len) |
195 | { | 195 | { |
196 | BF_cbc_encrypt((void *)src, dest, len, &cc->u.bf.key, cc->u.bf.iv, | 196 | BF_cbc_encrypt((void *)src, dest, len, &cc->u.bf.key, cc->u.bf.iv, |
197 | BF_DECRYPT); | 197 | BF_DECRYPT); |
@@ -289,7 +289,7 @@ rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen) | |||
289 | static void | 289 | static void |
290 | rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) | 290 | rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) |
291 | { | 291 | { |
292 | if (iv == NULL || ivlen != RIJNDAEL_BLOCKSIZE) | 292 | if (iv == NULL || ivlen != RIJNDAEL_BLOCKSIZE) |
293 | fatal("bad/no IV for %s.", cc->cipher->name); | 293 | fatal("bad/no IV for %s.", cc->cipher->name); |
294 | memcpy(cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); | 294 | memcpy(cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); |
295 | } | 295 | } |
@@ -417,7 +417,7 @@ u_int | |||
417 | cipher_mask_ssh1(int client) | 417 | cipher_mask_ssh1(int client) |
418 | { | 418 | { |
419 | u_int mask = 0; | 419 | u_int mask = 0; |
420 | mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ | 420 | mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ |
421 | mask |= 1 << SSH_CIPHER_BLOWFISH; | 421 | mask |= 1 << SSH_CIPHER_BLOWFISH; |
422 | if (client) { | 422 | if (client) { |
423 | mask |= 1 << SSH_CIPHER_DES; | 423 | mask |= 1 << SSH_CIPHER_DES; |
@@ -457,7 +457,7 @@ ciphers_valid(const char *names) | |||
457 | return 0; | 457 | return 0; |
458 | ciphers = cp = xstrdup(names); | 458 | ciphers = cp = xstrdup(names); |
459 | for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; | 459 | for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; |
460 | (p = strsep(&cp, CIPHER_SEP))) { | 460 | (p = strsep(&cp, CIPHER_SEP))) { |
461 | c = cipher_by_name(p); | 461 | c = cipher_by_name(p); |
462 | if (c == NULL || c->number != SSH_CIPHER_SSH2) { | 462 | if (c == NULL || c->number != SSH_CIPHER_SSH2) { |
463 | debug("bad cipher %s [%s]", p, names); | 463 | debug("bad cipher %s [%s]", p, names); |
diff --git a/clientloop.c b/clientloop.c index 76b8101fe..84484604d 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -59,7 +59,7 @@ | |||
59 | */ | 59 | */ |
60 | 60 | ||
61 | #include "includes.h" | 61 | #include "includes.h" |
62 | RCSID("$OpenBSD: clientloop.c,v 1.89 2001/12/05 03:50:01 itojun Exp $"); | 62 | RCSID("$OpenBSD: clientloop.c,v 1.90 2001/12/19 07:18:56 deraadt Exp $"); |
63 | 63 | ||
64 | #include "ssh.h" | 64 | #include "ssh.h" |
65 | #include "ssh1.h" | 65 | #include "ssh1.h" |
@@ -254,7 +254,7 @@ client_make_packets_from_stdin_data(void) | |||
254 | 254 | ||
255 | /* Send buffered stdin data to the server. */ | 255 | /* Send buffered stdin data to the server. */ |
256 | while (buffer_len(&stdin_buffer) > 0 && | 256 | while (buffer_len(&stdin_buffer) > 0 && |
257 | packet_not_very_much_data_to_write()) { | 257 | packet_not_very_much_data_to_write()) { |
258 | len = buffer_len(&stdin_buffer); | 258 | len = buffer_len(&stdin_buffer); |
259 | /* Keep the packets at reasonable size. */ | 259 | /* Keep the packets at reasonable size. */ |
260 | if (len > packet_get_maxsize()) | 260 | if (len > packet_get_maxsize()) |
@@ -417,9 +417,9 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) | |||
417 | /* Check if the window size has changed. */ | 417 | /* Check if the window size has changed. */ |
418 | if (ioctl(fileno(stdin), TIOCGWINSZ, &newws) >= 0 && | 418 | if (ioctl(fileno(stdin), TIOCGWINSZ, &newws) >= 0 && |
419 | (oldws.ws_row != newws.ws_row || | 419 | (oldws.ws_row != newws.ws_row || |
420 | oldws.ws_col != newws.ws_col || | 420 | oldws.ws_col != newws.ws_col || |
421 | oldws.ws_xpixel != newws.ws_xpixel || | 421 | oldws.ws_xpixel != newws.ws_xpixel || |
422 | oldws.ws_ypixel != newws.ws_ypixel)) | 422 | oldws.ws_ypixel != newws.ws_ypixel)) |
423 | received_window_change_signal = 1; | 423 | received_window_change_signal = 1; |
424 | 424 | ||
425 | /* OK, we have been continued by the user. Reinitialize buffers. */ | 425 | /* OK, we have been continued by the user. Reinitialize buffers. */ |
@@ -994,11 +994,11 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) | |||
994 | /* Report bytes transferred, and transfer rates. */ | 994 | /* Report bytes transferred, and transfer rates. */ |
995 | total_time = get_current_time() - start_time; | 995 | total_time = get_current_time() - start_time; |
996 | debug("Transferred: stdin %lu, stdout %lu, stderr %lu bytes in %.1f seconds", | 996 | debug("Transferred: stdin %lu, stdout %lu, stderr %lu bytes in %.1f seconds", |
997 | stdin_bytes, stdout_bytes, stderr_bytes, total_time); | 997 | stdin_bytes, stdout_bytes, stderr_bytes, total_time); |
998 | if (total_time > 0) | 998 | if (total_time > 0) |
999 | debug("Bytes per second: stdin %.1f, stdout %.1f, stderr %.1f", | 999 | debug("Bytes per second: stdin %.1f, stdout %.1f, stderr %.1f", |
1000 | stdin_bytes / total_time, stdout_bytes / total_time, | 1000 | stdin_bytes / total_time, stdout_bytes / total_time, |
1001 | stderr_bytes / total_time); | 1001 | stderr_bytes / total_time); |
1002 | 1002 | ||
1003 | /* Return the exit status of the program. */ | 1003 | /* Return the exit status of the program. */ |
1004 | debug("Exit status %d", exit_status); | 1004 | debug("Exit status %d", exit_status); |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: compat.c,v 1.55 2001/12/05 16:54:51 markus Exp $"); | 26 | RCSID("$OpenBSD: compat.c,v 1.56 2001/12/19 07:18:56 deraadt Exp $"); |
27 | 27 | ||
28 | #include "packet.h" | 28 | #include "packet.h" |
29 | #include "xmalloc.h" | 29 | #include "xmalloc.h" |
@@ -82,19 +82,19 @@ compat_datafellows(const char *version) | |||
82 | { "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 82 | { "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
83 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 83 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
84 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, | 84 | SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, |
85 | { "2.0.13*," | 85 | { "2.0.13*," |
86 | "2.0.14*," | 86 | "2.0.14*," |
87 | "2.0.15*," | 87 | "2.0.15*," |
88 | "2.0.16*," | 88 | "2.0.16*," |
89 | "2.0.17*," | 89 | "2.0.17*," |
90 | "2.0.18*," | 90 | "2.0.18*," |
91 | "2.0.19*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 91 | "2.0.19*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
92 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 92 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
93 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 93 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
94 | SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| | 94 | SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| |
95 | SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| | 95 | SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| |
96 | SSH_BUG_DUMMYCHAN }, | 96 | SSH_BUG_DUMMYCHAN }, |
97 | { "2.0.11*," | 97 | { "2.0.11*," |
98 | "2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| | 98 | "2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| |
99 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| | 99 | SSH_OLD_SESSIONID|SSH_BUG_DEBUG| |
100 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| | 100 | SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| |
@@ -124,7 +124,7 @@ compat_datafellows(const char *version) | |||
124 | { "1.3.2*", SSH_BUG_IGNOREMSG }, /* f-secure */ | 124 | { "1.3.2*", SSH_BUG_IGNOREMSG }, /* f-secure */ |
125 | { "*SSH Compatible Server*", /* Netscreen */ | 125 | { "*SSH Compatible Server*", /* Netscreen */ |
126 | SSH_BUG_PASSWORDPAD }, | 126 | SSH_BUG_PASSWORDPAD }, |
127 | { "*OSU_0*," | 127 | { "*OSU_0*," |
128 | "OSU_1.0*," | 128 | "OSU_1.0*," |
129 | "OSU_1.1*," | 129 | "OSU_1.1*," |
130 | "OSU_1.2*," | 130 | "OSU_1.2*," |
diff --git a/compress.c b/compress.c index a779af6d7..73aebe89a 100644 --- a/compress.c +++ b/compress.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: compress.c,v 1.15 2001/09/27 11:58:16 markus Exp $"); | 15 | RCSID("$OpenBSD: compress.c,v 1.16 2001/12/19 07:18:56 deraadt Exp $"); |
16 | 16 | ||
17 | #include "log.h" | 17 | #include "log.h" |
18 | #include "buffer.h" | 18 | #include "buffer.h" |
@@ -55,13 +55,13 @@ void | |||
55 | buffer_compress_uninit(void) | 55 | buffer_compress_uninit(void) |
56 | { | 56 | { |
57 | debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f", | 57 | debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f", |
58 | outgoing_stream.total_in, outgoing_stream.total_out, | 58 | outgoing_stream.total_in, outgoing_stream.total_out, |
59 | outgoing_stream.total_in == 0 ? 0.0 : | 59 | outgoing_stream.total_in == 0 ? 0.0 : |
60 | (double) outgoing_stream.total_out / outgoing_stream.total_in); | 60 | (double) outgoing_stream.total_out / outgoing_stream.total_in); |
61 | debug("compress incoming: raw data %lu, compressed %lu, factor %.2f", | 61 | debug("compress incoming: raw data %lu, compressed %lu, factor %.2f", |
62 | incoming_stream.total_out, incoming_stream.total_in, | 62 | incoming_stream.total_out, incoming_stream.total_in, |
63 | incoming_stream.total_out == 0 ? 0.0 : | 63 | incoming_stream.total_out == 0 ? 0.0 : |
64 | (double) incoming_stream.total_in / incoming_stream.total_out); | 64 | (double) incoming_stream.total_in / incoming_stream.total_out); |
65 | if (compress_init_recv_called == 1) | 65 | if (compress_init_recv_called == 1) |
66 | inflateEnd(&incoming_stream); | 66 | inflateEnd(&incoming_stream); |
67 | if (compress_init_send_called == 1) | 67 | if (compress_init_send_called == 1) |
diff --git a/deattack.c b/deattack.c index 96a7ebf4c..12849a32d 100644 --- a/deattack.c +++ b/deattack.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: deattack.c,v 1.16 2001/12/05 03:56:39 itojun Exp $ */ | 1 | /* $OpenBSD: deattack.c,v 1.17 2001/12/19 07:18:56 deraadt Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Cryptographic attack detector for ssh - source code | 4 | * Cryptographic attack detector for ssh - source code |
@@ -37,7 +37,7 @@ | |||
37 | #define HASH_FACTOR(x) ((x)*3/2) | 37 | #define HASH_FACTOR(x) ((x)*3/2) |
38 | #define HASH_UNUSEDCHAR (0xff) | 38 | #define HASH_UNUSEDCHAR (0xff) |
39 | #define HASH_UNUSED (0xffff) | 39 | #define HASH_UNUSED (0xffff) |
40 | #define HASH_IV (0xfffe) | 40 | #define HASH_IV (0xfffe) |
41 | 41 | ||
42 | #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE) | 42 | #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE) |
43 | 43 | ||
@@ -135,7 +135,7 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) | |||
135 | 135 | ||
136 | for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { | 136 | for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { |
137 | for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; | 137 | for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; |
138 | i = (i + 1) & (n - 1)) { | 138 | i = (i + 1) & (n - 1)) { |
139 | if (h[i] == HASH_IV) { | 139 | if (h[i] == HASH_IV) { |
140 | if (!CMP(c, IV)) { | 140 | if (!CMP(c, IV)) { |
141 | if (check_crc(c, buf, len, IV)) | 141 | if (check_crc(c, buf, len, IV)) |
@@ -32,7 +32,7 @@ | |||
32 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 32 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
33 | */ | 33 | */ |
34 | #include "includes.h" | 34 | #include "includes.h" |
35 | RCSID("$OpenBSD: key.c,v 1.35 2001/12/05 10:06:12 deraadt Exp $"); | 35 | RCSID("$OpenBSD: key.c,v 1.36 2001/12/19 07:18:56 deraadt Exp $"); |
36 | 36 | ||
37 | #include <openssl/evp.h> | 37 | #include <openssl/evp.h> |
38 | 38 | ||
@@ -219,7 +219,7 @@ key_fingerprint_hex(u_char* dgst_raw, size_t dgst_raw_len) | |||
219 | 219 | ||
220 | retval = xmalloc(dgst_raw_len * 3 + 1); | 220 | retval = xmalloc(dgst_raw_len * 3 + 1); |
221 | retval[0] = '\0'; | 221 | retval[0] = '\0'; |
222 | for(i = 0; i < dgst_raw_len; i++) { | 222 | for (i = 0; i < dgst_raw_len; i++) { |
223 | char hex[4]; | 223 | char hex[4]; |
224 | snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]); | 224 | snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]); |
225 | strlcat(retval, hex, dgst_raw_len * 3); | 225 | strlcat(retval, hex, dgst_raw_len * 3); |
@@ -281,7 +281,7 @@ key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) | |||
281 | char *retval = NULL; | 281 | char *retval = NULL; |
282 | u_char *dgst_raw; | 282 | u_char *dgst_raw; |
283 | size_t dgst_raw_len; | 283 | size_t dgst_raw_len; |
284 | 284 | ||
285 | dgst_raw = key_fingerprint_raw(k, dgst_type, &dgst_raw_len); | 285 | dgst_raw = key_fingerprint_raw(k, dgst_type, &dgst_raw_len); |
286 | if (!dgst_raw) | 286 | if (!dgst_raw) |
287 | fatal("key_fingerprint: null from key_fingerprint_raw()"); | 287 | fatal("key_fingerprint: null from key_fingerprint_raw()"); |
@@ -641,7 +641,7 @@ key_names_valid2(const char *names) | |||
641 | return 0; | 641 | return 0; |
642 | s = cp = xstrdup(names); | 642 | s = cp = xstrdup(names); |
643 | for ((p = strsep(&cp, ",")); p && *p != '\0'; | 643 | for ((p = strsep(&cp, ",")); p && *p != '\0'; |
644 | (p = strsep(&cp, ","))) { | 644 | (p = strsep(&cp, ","))) { |
645 | switch (key_type_from_name(p)) { | 645 | switch (key_type_from_name(p)) { |
646 | case KEY_RSA1: | 646 | case KEY_RSA1: |
647 | case KEY_UNSPEC: | 647 | case KEY_UNSPEC: |
@@ -34,7 +34,7 @@ | |||
34 | */ | 34 | */ |
35 | 35 | ||
36 | #include "includes.h" | 36 | #include "includes.h" |
37 | RCSID("$OpenBSD: log.c,v 1.18 2001/06/26 17:27:23 markus Exp $"); | 37 | RCSID("$OpenBSD: log.c,v 1.19 2001/12/19 07:18:56 deraadt Exp $"); |
38 | 38 | ||
39 | #include "log.h" | 39 | #include "log.h" |
40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
@@ -242,7 +242,7 @@ fatal_cleanup(void) | |||
242 | for (cu = fatal_cleanups; cu; cu = next_cu) { | 242 | for (cu = fatal_cleanups; cu; cu = next_cu) { |
243 | next_cu = cu->next; | 243 | next_cu = cu->next; |
244 | debug("Calling cleanup 0x%lx(0x%lx)", | 244 | debug("Calling cleanup 0x%lx(0x%lx)", |
245 | (u_long) cu->proc, (u_long) cu->context); | 245 | (u_long) cu->proc, (u_long) cu->context); |
246 | (*cu->proc) (cu->context); | 246 | (*cu->proc) (cu->context); |
247 | } | 247 | } |
248 | exit(255); | 248 | exit(255); |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: mac.c,v 1.2 2001/04/05 10:42:51 markus Exp $"); | 26 | RCSID("$OpenBSD: mac.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $"); |
27 | 27 | ||
28 | #include <openssl/hmac.h> | 28 | #include <openssl/hmac.h> |
29 | 29 | ||
@@ -99,7 +99,7 @@ mac_valid(const char *names) | |||
99 | return (0); | 99 | return (0); |
100 | maclist = cp = xstrdup(names); | 100 | maclist = cp = xstrdup(names); |
101 | for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0'; | 101 | for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0'; |
102 | (p = strsep(&cp, MAC_SEP))) { | 102 | (p = strsep(&cp, MAC_SEP))) { |
103 | if (mac_init(NULL, p) < 0) { | 103 | if (mac_init(NULL, p) < 0) { |
104 | debug("bad mac %s [%s]", p, names); | 104 | debug("bad mac %s [%s]", p, names); |
105 | xfree(maclist); | 105 | xfree(maclist); |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: match.c,v 1.15 2001/12/05 16:54:51 markus Exp $"); | 38 | RCSID("$OpenBSD: match.c,v 1.16 2001/12/19 07:18:56 deraadt Exp $"); |
39 | 39 | ||
40 | #include "match.h" | 40 | #include "match.h" |
41 | #include "xmalloc.h" | 41 | #include "xmalloc.h" |
@@ -133,10 +133,10 @@ match_pattern_list(const char *string, const char *pattern, u_int len, | |||
133 | * subpattern to lowercase. | 133 | * subpattern to lowercase. |
134 | */ | 134 | */ |
135 | for (subi = 0; | 135 | for (subi = 0; |
136 | i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; | 136 | i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; |
137 | subi++, i++) | 137 | subi++, i++) |
138 | sub[subi] = dolower && isupper(pattern[i]) ? | 138 | sub[subi] = dolower && isupper(pattern[i]) ? |
139 | tolower(pattern[i]) : pattern[i]; | 139 | tolower(pattern[i]) : pattern[i]; |
140 | /* If subpattern too long, return failure (no match). */ | 140 | /* If subpattern too long, return failure (no match). */ |
141 | if (subi >= sizeof(sub) - 1) | 141 | if (subi >= sizeof(sub) - 1) |
142 | return 0; | 142 | return 0; |
@@ -239,7 +239,7 @@ match_list(const char *client, const char *server, u_int *next) | |||
239 | s = sp = xstrdup(server); | 239 | s = sp = xstrdup(server); |
240 | 240 | ||
241 | for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0'; | 241 | for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0'; |
242 | (p = strsep(&sp, SEP)), i++) { | 242 | (p = strsep(&sp, SEP)), i++) { |
243 | if (i < MAX_PROP) | 243 | if (i < MAX_PROP) |
244 | sproposals[i] = p; | 244 | sproposals[i] = p; |
245 | else | 245 | else |
@@ -248,7 +248,7 @@ match_list(const char *client, const char *server, u_int *next) | |||
248 | nproposals = i; | 248 | nproposals = i; |
249 | 249 | ||
250 | for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0'; | 250 | for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0'; |
251 | (p = strsep(&cp, SEP)), i++) { | 251 | (p = strsep(&cp, SEP)), i++) { |
252 | for (j = 0; j < nproposals; j++) { | 252 | for (j = 0; j < nproposals; j++) { |
253 | if (strcmp(p, sproposals[j]) == 0) { | 253 | if (strcmp(p, sproposals[j]) == 0) { |
254 | ret = xstrdup(p); | 254 | ret = xstrdup(p); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.c,v 1.13 2001/12/05 10:06:12 deraadt Exp $ */ | 1 | /* $OpenBSD: misc.c,v 1.14 2001/12/19 07:18:56 deraadt Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -25,7 +25,7 @@ | |||
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "includes.h" | 27 | #include "includes.h" |
28 | RCSID("$OpenBSD: misc.c,v 1.13 2001/12/05 10:06:12 deraadt Exp $"); | 28 | RCSID("$OpenBSD: misc.c,v 1.14 2001/12/19 07:18:56 deraadt Exp $"); |
29 | 29 | ||
30 | #include "misc.h" | 30 | #include "misc.h" |
31 | #include "log.h" | 31 | #include "log.h" |
@@ -298,7 +298,7 @@ addargs(arglist *args, char *fmt, ...) | |||
298 | if (args->list == NULL) { | 298 | if (args->list == NULL) { |
299 | args->nalloc = 32; | 299 | args->nalloc = 32; |
300 | args->num = 0; | 300 | args->num = 0; |
301 | } else if (args->num+2 >= args->nalloc) | 301 | } else if (args->num+2 >= args->nalloc) |
302 | args->nalloc *= 2; | 302 | args->nalloc *= 2; |
303 | 303 | ||
304 | args->list = xrealloc(args->list, args->nalloc * sizeof(char *)); | 304 | args->list = xrealloc(args->list, args->nalloc * sizeof(char *)); |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: nchan.c,v 1.32 2001/10/10 22:18:47 markus Exp $"); | 26 | RCSID("$OpenBSD: nchan.c,v 1.33 2001/12/19 07:18:56 deraadt Exp $"); |
27 | 27 | ||
28 | #include "ssh1.h" | 28 | #include "ssh1.h" |
29 | #include "ssh2.h" | 29 | #include "ssh2.h" |
@@ -273,7 +273,7 @@ chan_send_oclose1(Channel *c) | |||
273 | break; | 273 | break; |
274 | default: | 274 | default: |
275 | error("channel %d: cannot send oclose for ostate %d", | 275 | error("channel %d: cannot send oclose for ostate %d", |
276 | c->self, c->ostate); | 276 | c->self, c->ostate); |
277 | break; | 277 | break; |
278 | } | 278 | } |
279 | } | 279 | } |
@@ -322,7 +322,7 @@ chan_ibuf_empty2(Channel *c) | |||
322 | debug("channel %d: ibuf empty", c->self); | 322 | debug("channel %d: ibuf empty", c->self); |
323 | if (buffer_len(&c->input)) { | 323 | if (buffer_len(&c->input)) { |
324 | error("channel %d: chan_ibuf_empty for non empty buffer", | 324 | error("channel %d: chan_ibuf_empty for non empty buffer", |
325 | c->self); | 325 | c->self); |
326 | return; | 326 | return; |
327 | } | 327 | } |
328 | switch (c->istate) { | 328 | switch (c->istate) { |
@@ -334,7 +334,7 @@ chan_ibuf_empty2(Channel *c) | |||
334 | break; | 334 | break; |
335 | default: | 335 | default: |
336 | error("channel %d: chan_ibuf_empty for istate %d", | 336 | error("channel %d: chan_ibuf_empty for istate %d", |
337 | c->self, c->istate); | 337 | c->self, c->istate); |
338 | break; | 338 | break; |
339 | } | 339 | } |
340 | } | 340 | } |
@@ -458,7 +458,7 @@ chan_is_dead(Channel *c, int send) | |||
458 | debug2("channel %d: active efd: %d len %d type %s", | 458 | debug2("channel %d: active efd: %d len %d type %s", |
459 | c->self, c->efd, buffer_len(&c->extended), | 459 | c->self, c->efd, buffer_len(&c->extended), |
460 | c->extended_usage==CHAN_EXTENDED_READ ? | 460 | c->extended_usage==CHAN_EXTENDED_READ ? |
461 | "read": "write"); | 461 | "read": "write"); |
462 | } else { | 462 | } else { |
463 | if (!(c->flags & CHAN_CLOSE_SENT)) { | 463 | if (!(c->flags & CHAN_CLOSE_SENT)) { |
464 | if (send) { | 464 | if (send) { |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: packet.c,v 1.74 2001/12/05 10:06:12 deraadt Exp $"); | 40 | RCSID("$OpenBSD: packet.c,v 1.75 2001/12/19 07:18:56 deraadt Exp $"); |
41 | 41 | ||
42 | #include "xmalloc.h" | 42 | #include "xmalloc.h" |
43 | #include "buffer.h" | 43 | #include "buffer.h" |
@@ -380,7 +380,7 @@ packet_send1(void) | |||
380 | buffer_compress(&outgoing_packet, &compression_buffer); | 380 | buffer_compress(&outgoing_packet, &compression_buffer); |
381 | buffer_clear(&outgoing_packet); | 381 | buffer_clear(&outgoing_packet); |
382 | buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), | 382 | buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), |
383 | buffer_len(&compression_buffer)); | 383 | buffer_len(&compression_buffer)); |
384 | } | 384 | } |
385 | /* Compute packet length without padding (add checksum, remove padding). */ | 385 | /* Compute packet length without padding (add checksum, remove padding). */ |
386 | len = buffer_len(&outgoing_packet) + 4 - 8; | 386 | len = buffer_len(&outgoing_packet) + 4 - 8; |
@@ -414,7 +414,7 @@ packet_send1(void) | |||
414 | buffer_append(&output, buf, 4); | 414 | buffer_append(&output, buf, 4); |
415 | buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); | 415 | buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); |
416 | cipher_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), | 416 | cipher_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), |
417 | buffer_len(&outgoing_packet)); | 417 | buffer_len(&outgoing_packet)); |
418 | 418 | ||
419 | #ifdef PACKET_DEBUG | 419 | #ifdef PACKET_DEBUG |
420 | fprintf(stderr, "encrypted: "); | 420 | fprintf(stderr, "encrypted: "); |
@@ -1277,7 +1277,7 @@ packet_send_ignore(int nbytes) | |||
1277 | 1277 | ||
1278 | packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); | 1278 | packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); |
1279 | packet_put_int(nbytes); | 1279 | packet_put_int(nbytes); |
1280 | for(i = 0; i < nbytes; i++) { | 1280 | for (i = 0; i < nbytes; i++) { |
1281 | if (i % 4 == 0) | 1281 | if (i % 4 == 0) |
1282 | rand = arc4random(); | 1282 | rand = arc4random(); |
1283 | packet_put_char(rand & 0xff); | 1283 | packet_put_char(rand & 0xff); |
diff --git a/readconf.c b/readconf.c index 19fcfdd3f..6db96b978 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: readconf.c,v 1.92 2001/11/17 19:14:34 stevesk Exp $"); | 15 | RCSID("$OpenBSD: readconf.c,v 1.93 2001/12/19 07:18:56 deraadt Exp $"); |
16 | 16 | ||
17 | #include "ssh.h" | 17 | #include "ssh.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -115,7 +115,7 @@ typedef enum { | |||
115 | oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, | 115 | oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, |
116 | oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, | 116 | oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, |
117 | oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, | 117 | oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, |
118 | oClearAllForwardings, oNoHostAuthenticationForLocalhost | 118 | oClearAllForwardings, oNoHostAuthenticationForLocalhost |
119 | } OpCodes; | 119 | } OpCodes; |
120 | 120 | ||
121 | /* Textual representations of the tokens. */ | 121 | /* Textual representations of the tokens. */ |
@@ -185,8 +185,8 @@ static struct { | |||
185 | { "hostkeyalgorithms", oHostKeyAlgorithms }, | 185 | { "hostkeyalgorithms", oHostKeyAlgorithms }, |
186 | { "bindaddress", oBindAddress }, | 186 | { "bindaddress", oBindAddress }, |
187 | { "smartcarddevice", oSmartcardDevice }, | 187 | { "smartcarddevice", oSmartcardDevice }, |
188 | { "clearallforwardings", oClearAllForwardings }, | 188 | { "clearallforwardings", oClearAllForwardings }, |
189 | { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, | 189 | { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, |
190 | { NULL, oBadOption } | 190 | { NULL, oBadOption } |
191 | }; | 191 | }; |
192 | 192 | ||
@@ -225,7 +225,7 @@ add_remote_forward(Options *options, u_short port, const char *host, | |||
225 | Forward *fwd; | 225 | Forward *fwd; |
226 | if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) | 226 | if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
227 | fatal("Too many remote forwards (max %d).", | 227 | fatal("Too many remote forwards (max %d).", |
228 | SSH_MAX_FORWARDS_PER_DIRECTION); | 228 | SSH_MAX_FORWARDS_PER_DIRECTION); |
229 | fwd = &options->remote_forwards[options->num_remote_forwards++]; | 229 | fwd = &options->remote_forwards[options->num_remote_forwards++]; |
230 | fwd->port = port; | 230 | fwd->port = port; |
231 | fwd->host = xstrdup(host); | 231 | fwd->host = xstrdup(host); |
@@ -394,7 +394,7 @@ parse_flag: | |||
394 | arg = strdelim(&s); | 394 | arg = strdelim(&s); |
395 | if (!arg || *arg == '\0') | 395 | if (!arg || *arg == '\0') |
396 | fatal("%.200s line %d: Missing yes/no/ask argument.", | 396 | fatal("%.200s line %d: Missing yes/no/ask argument.", |
397 | filename, linenum); | 397 | filename, linenum); |
398 | value = 0; /* To avoid compiler warning... */ | 398 | value = 0; /* To avoid compiler warning... */ |
399 | if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) | 399 | if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) |
400 | value = 1; | 400 | value = 1; |
@@ -436,7 +436,7 @@ parse_flag: | |||
436 | intptr = &options->num_identity_files; | 436 | intptr = &options->num_identity_files; |
437 | if (*intptr >= SSH_MAX_IDENTITY_FILES) | 437 | if (*intptr >= SSH_MAX_IDENTITY_FILES) |
438 | fatal("%.200s line %d: Too many identity files specified (max %d).", | 438 | fatal("%.200s line %d: Too many identity files specified (max %d).", |
439 | filename, linenum, SSH_MAX_IDENTITY_FILES); | 439 | filename, linenum, SSH_MAX_IDENTITY_FILES); |
440 | charptr = &options->identity_files[*intptr]; | 440 | charptr = &options->identity_files[*intptr]; |
441 | *charptr = xstrdup(arg); | 441 | *charptr = xstrdup(arg); |
442 | *intptr = *intptr + 1; | 442 | *intptr = *intptr + 1; |
@@ -536,7 +536,7 @@ parse_int: | |||
536 | value = cipher_number(arg); | 536 | value = cipher_number(arg); |
537 | if (value == -1) | 537 | if (value == -1) |
538 | fatal("%.200s line %d: Bad cipher '%s'.", | 538 | fatal("%.200s line %d: Bad cipher '%s'.", |
539 | filename, linenum, arg ? arg : "<NONE>"); | 539 | filename, linenum, arg ? arg : "<NONE>"); |
540 | if (*activep && *intptr == -1) | 540 | if (*activep && *intptr == -1) |
541 | *intptr = value; | 541 | *intptr = value; |
542 | break; | 542 | break; |
@@ -547,7 +547,7 @@ parse_int: | |||
547 | fatal("%.200s line %d: Missing argument.", filename, linenum); | 547 | fatal("%.200s line %d: Missing argument.", filename, linenum); |
548 | if (!ciphers_valid(arg)) | 548 | if (!ciphers_valid(arg)) |
549 | fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", | 549 | fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", |
550 | filename, linenum, arg ? arg : "<NONE>"); | 550 | filename, linenum, arg ? arg : "<NONE>"); |
551 | if (*activep && options->ciphers == NULL) | 551 | if (*activep && options->ciphers == NULL) |
552 | options->ciphers = xstrdup(arg); | 552 | options->ciphers = xstrdup(arg); |
553 | break; | 553 | break; |
@@ -558,7 +558,7 @@ parse_int: | |||
558 | fatal("%.200s line %d: Missing argument.", filename, linenum); | 558 | fatal("%.200s line %d: Missing argument.", filename, linenum); |
559 | if (!mac_valid(arg)) | 559 | if (!mac_valid(arg)) |
560 | fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", | 560 | fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", |
561 | filename, linenum, arg ? arg : "<NONE>"); | 561 | filename, linenum, arg ? arg : "<NONE>"); |
562 | if (*activep && options->macs == NULL) | 562 | if (*activep && options->macs == NULL) |
563 | options->macs = xstrdup(arg); | 563 | options->macs = xstrdup(arg); |
564 | break; | 564 | break; |
@@ -569,7 +569,7 @@ parse_int: | |||
569 | fatal("%.200s line %d: Missing argument.", filename, linenum); | 569 | fatal("%.200s line %d: Missing argument.", filename, linenum); |
570 | if (!key_names_valid2(arg)) | 570 | if (!key_names_valid2(arg)) |
571 | fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.", | 571 | fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.", |
572 | filename, linenum, arg ? arg : "<NONE>"); | 572 | filename, linenum, arg ? arg : "<NONE>"); |
573 | if (*activep && options->hostkeyalgorithms == NULL) | 573 | if (*activep && options->hostkeyalgorithms == NULL) |
574 | options->hostkeyalgorithms = xstrdup(arg); | 574 | options->hostkeyalgorithms = xstrdup(arg); |
575 | break; | 575 | break; |
@@ -582,7 +582,7 @@ parse_int: | |||
582 | value = proto_spec(arg); | 582 | value = proto_spec(arg); |
583 | if (value == SSH_PROTO_UNKNOWN) | 583 | if (value == SSH_PROTO_UNKNOWN) |
584 | fatal("%.200s line %d: Bad protocol spec '%s'.", | 584 | fatal("%.200s line %d: Bad protocol spec '%s'.", |
585 | filename, linenum, arg ? arg : "<NONE>"); | 585 | filename, linenum, arg ? arg : "<NONE>"); |
586 | if (*activep && *intptr == SSH_PROTO_UNKNOWN) | 586 | if (*activep && *intptr == SSH_PROTO_UNKNOWN) |
587 | *intptr = value; | 587 | *intptr = value; |
588 | break; | 588 | break; |
@@ -593,7 +593,7 @@ parse_int: | |||
593 | value = log_level_number(arg); | 593 | value = log_level_number(arg); |
594 | if (value == (LogLevel) - 1) | 594 | if (value == (LogLevel) - 1) |
595 | fatal("%.200s line %d: unsupported log level '%s'", | 595 | fatal("%.200s line %d: unsupported log level '%s'", |
596 | filename, linenum, arg ? arg : "<NONE>"); | 596 | filename, linenum, arg ? arg : "<NONE>"); |
597 | if (*activep && (LogLevel) * intptr == -1) | 597 | if (*activep && (LogLevel) * intptr == -1) |
598 | *intptr = (LogLevel) value; | 598 | *intptr = (LogLevel) value; |
599 | break; | 599 | break; |
@@ -670,7 +670,7 @@ parse_int: | |||
670 | value = SSH_ESCAPECHAR_NONE; | 670 | value = SSH_ESCAPECHAR_NONE; |
671 | else { | 671 | else { |
672 | fatal("%.200s line %d: Bad escape character.", | 672 | fatal("%.200s line %d: Bad escape character.", |
673 | filename, linenum); | 673 | filename, linenum); |
674 | /* NOTREACHED */ | 674 | /* NOTREACHED */ |
675 | value = 0; /* Avoid compiler warning. */ | 675 | value = 0; /* Avoid compiler warning. */ |
676 | } | 676 | } |
@@ -685,7 +685,7 @@ parse_int: | |||
685 | /* Check that there is no garbage at end of line. */ | 685 | /* Check that there is no garbage at end of line. */ |
686 | if ((arg = strdelim(&s)) != NULL && *arg != '\0') { | 686 | if ((arg = strdelim(&s)) != NULL && *arg != '\0') { |
687 | fatal("%.200s line %d: garbage at end of line; \"%.200s\".", | 687 | fatal("%.200s line %d: garbage at end of line; \"%.200s\".", |
688 | filename, linenum, arg); | 688 | filename, linenum, arg); |
689 | } | 689 | } |
690 | return 0; | 690 | return 0; |
691 | } | 691 | } |
@@ -727,7 +727,7 @@ read_config_file(const char *filename, const char *host, Options *options) | |||
727 | fclose(f); | 727 | fclose(f); |
728 | if (bad_options > 0) | 728 | if (bad_options > 0) |
729 | fatal("%s: terminating, %d bad configuration options", | 729 | fatal("%s: terminating, %d bad configuration options", |
730 | filename, bad_options); | 730 | filename, bad_options); |
731 | return 1; | 731 | return 1; |
732 | } | 732 | } |
733 | 733 | ||
diff --git a/rijndael.c b/rijndael.c index f28a9c669..c8ba55e78 100644 --- a/rijndael.c +++ b/rijndael.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: rijndael.c,v 1.12 2001/09/13 09:48:39 markus Exp $ */ | 1 | /* $OpenBSD: rijndael.c,v 1.13 2001/12/19 07:18:56 deraadt Exp $ */ |
2 | 2 | ||
3 | /** | 3 | /** |
4 | * rijndael-alg-fst.c | 4 | * rijndael-alg-fst.c |
@@ -775,32 +775,31 @@ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int | |||
775 | rk[6] = GETU32(cipherKey + 24); | 775 | rk[6] = GETU32(cipherKey + 24); |
776 | rk[7] = GETU32(cipherKey + 28); | 776 | rk[7] = GETU32(cipherKey + 28); |
777 | if (keyBits == 256) { | 777 | if (keyBits == 256) { |
778 | for (;;) { | 778 | for (;;) { |
779 | temp = rk[ 7]; | 779 | temp = rk[ 7]; |
780 | rk[ 8] = rk[ 0] ^ | 780 | rk[ 8] = rk[ 0] ^ |
781 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ | 781 | (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ |
782 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ | 782 | (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ |
783 | (Te4[(temp ) & 0xff] & 0x0000ff00) ^ | 783 | (Te4[(temp ) & 0xff] & 0x0000ff00) ^ |
784 | (Te4[(temp >> 24) ] & 0x000000ff) ^ | 784 | (Te4[(temp >> 24) ] & 0x000000ff) ^ |
785 | rcon[i]; | 785 | rcon[i]; |
786 | rk[ 9] = rk[ 1] ^ rk[ 8]; | 786 | rk[ 9] = rk[ 1] ^ rk[ 8]; |
787 | rk[10] = rk[ 2] ^ rk[ 9]; | 787 | rk[10] = rk[ 2] ^ rk[ 9]; |
788 | rk[11] = rk[ 3] ^ rk[10]; | 788 | rk[11] = rk[ 3] ^ rk[10]; |
789 | if (++i == 7) { | 789 | if (++i == 7) { |
790 | return 14; | 790 | return 14; |
791 | } | 791 | } |
792 | temp = rk[11]; | 792 | temp = rk[11]; |
793 | rk[12] = rk[ 4] ^ | 793 | rk[12] = rk[ 4] ^ |
794 | (Te4[(temp >> 24) ] & 0xff000000) ^ | 794 | (Te4[(temp >> 24) ] & 0xff000000) ^ |
795 | (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ | 795 | (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ |
796 | (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ | 796 | (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ |
797 | (Te4[(temp ) & 0xff] & 0x000000ff); | 797 | (Te4[(temp ) & 0xff] & 0x000000ff); |
798 | rk[13] = rk[ 5] ^ rk[12]; | 798 | rk[13] = rk[ 5] ^ rk[12]; |
799 | rk[14] = rk[ 6] ^ rk[13]; | 799 | rk[14] = rk[ 6] ^ rk[13]; |
800 | rk[15] = rk[ 7] ^ rk[14]; | 800 | rk[15] = rk[ 7] ^ rk[14]; |
801 | |||
802 | rk += 8; | 801 | rk += 8; |
803 | } | 802 | } |
804 | } | 803 | } |
805 | return 0; | 804 | return 0; |
806 | } | 805 | } |
@@ -917,28 +916,28 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16 | |||
917 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; | 916 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; |
918 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; | 917 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; |
919 | if (Nr > 10) { | 918 | if (Nr > 10) { |
920 | /* round 10: */ | 919 | /* round 10: */ |
921 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; | 920 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; |
922 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41]; | 921 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41]; |
923 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42]; | 922 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42]; |
924 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43]; | 923 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43]; |
925 | /* round 11: */ | 924 | /* round 11: */ |
926 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44]; | 925 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44]; |
927 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45]; | 926 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45]; |
928 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46]; | 927 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46]; |
929 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47]; | 928 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47]; |
930 | if (Nr > 12) { | 929 | if (Nr > 12) { |
931 | /* round 12: */ | 930 | /* round 12: */ |
932 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48]; | 931 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48]; |
933 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49]; | 932 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49]; |
934 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50]; | 933 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50]; |
935 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51]; | 934 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51]; |
936 | /* round 13: */ | 935 | /* round 13: */ |
937 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52]; | 936 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52]; |
938 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53]; | 937 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53]; |
939 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54]; | 938 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54]; |
940 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55]; | 939 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55]; |
941 | } | 940 | } |
942 | } | 941 | } |
943 | rk += Nr << 2; | 942 | rk += Nr << 2; |
944 | #else /* !FULL_UNROLL */ | 943 | #else /* !FULL_UNROLL */ |
@@ -947,60 +946,60 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16 | |||
947 | */ | 946 | */ |
948 | r = Nr >> 1; | 947 | r = Nr >> 1; |
949 | for (;;) { | 948 | for (;;) { |
950 | t0 = | 949 | t0 = |
951 | Te0[(s0 >> 24) ] ^ | 950 | Te0[(s0 >> 24) ] ^ |
952 | Te1[(s1 >> 16) & 0xff] ^ | 951 | Te1[(s1 >> 16) & 0xff] ^ |
953 | Te2[(s2 >> 8) & 0xff] ^ | 952 | Te2[(s2 >> 8) & 0xff] ^ |
954 | Te3[(s3 ) & 0xff] ^ | 953 | Te3[(s3 ) & 0xff] ^ |
955 | rk[4]; | 954 | rk[4]; |
956 | t1 = | 955 | t1 = |
957 | Te0[(s1 >> 24) ] ^ | 956 | Te0[(s1 >> 24) ] ^ |
958 | Te1[(s2 >> 16) & 0xff] ^ | 957 | Te1[(s2 >> 16) & 0xff] ^ |
959 | Te2[(s3 >> 8) & 0xff] ^ | 958 | Te2[(s3 >> 8) & 0xff] ^ |
960 | Te3[(s0 ) & 0xff] ^ | 959 | Te3[(s0 ) & 0xff] ^ |
961 | rk[5]; | 960 | rk[5]; |
962 | t2 = | 961 | t2 = |
963 | Te0[(s2 >> 24) ] ^ | 962 | Te0[(s2 >> 24) ] ^ |
964 | Te1[(s3 >> 16) & 0xff] ^ | 963 | Te1[(s3 >> 16) & 0xff] ^ |
965 | Te2[(s0 >> 8) & 0xff] ^ | 964 | Te2[(s0 >> 8) & 0xff] ^ |
966 | Te3[(s1 ) & 0xff] ^ | 965 | Te3[(s1 ) & 0xff] ^ |
967 | rk[6]; | 966 | rk[6]; |
968 | t3 = | 967 | t3 = |
969 | Te0[(s3 >> 24) ] ^ | 968 | Te0[(s3 >> 24) ] ^ |
970 | Te1[(s0 >> 16) & 0xff] ^ | 969 | Te1[(s0 >> 16) & 0xff] ^ |
971 | Te2[(s1 >> 8) & 0xff] ^ | 970 | Te2[(s1 >> 8) & 0xff] ^ |
972 | Te3[(s2 ) & 0xff] ^ | 971 | Te3[(s2 ) & 0xff] ^ |
973 | rk[7]; | 972 | rk[7]; |
974 | 973 | ||
975 | rk += 8; | 974 | rk += 8; |
976 | if (--r == 0) { | 975 | if (--r == 0) { |
977 | break; | 976 | break; |
978 | } | 977 | } |
979 | 978 | ||
980 | s0 = | 979 | s0 = |
981 | Te0[(t0 >> 24) ] ^ | 980 | Te0[(t0 >> 24) ] ^ |
982 | Te1[(t1 >> 16) & 0xff] ^ | 981 | Te1[(t1 >> 16) & 0xff] ^ |
983 | Te2[(t2 >> 8) & 0xff] ^ | 982 | Te2[(t2 >> 8) & 0xff] ^ |
984 | Te3[(t3 ) & 0xff] ^ | 983 | Te3[(t3 ) & 0xff] ^ |
985 | rk[0]; | 984 | rk[0]; |
986 | s1 = | 985 | s1 = |
987 | Te0[(t1 >> 24) ] ^ | 986 | Te0[(t1 >> 24) ] ^ |
988 | Te1[(t2 >> 16) & 0xff] ^ | 987 | Te1[(t2 >> 16) & 0xff] ^ |
989 | Te2[(t3 >> 8) & 0xff] ^ | 988 | Te2[(t3 >> 8) & 0xff] ^ |
990 | Te3[(t0 ) & 0xff] ^ | 989 | Te3[(t0 ) & 0xff] ^ |
991 | rk[1]; | 990 | rk[1]; |
992 | s2 = | 991 | s2 = |
993 | Te0[(t2 >> 24) ] ^ | 992 | Te0[(t2 >> 24) ] ^ |
994 | Te1[(t3 >> 16) & 0xff] ^ | 993 | Te1[(t3 >> 16) & 0xff] ^ |
995 | Te2[(t0 >> 8) & 0xff] ^ | 994 | Te2[(t0 >> 8) & 0xff] ^ |
996 | Te3[(t1 ) & 0xff] ^ | 995 | Te3[(t1 ) & 0xff] ^ |
997 | rk[2]; | 996 | rk[2]; |
998 | s3 = | 997 | s3 = |
999 | Te0[(t3 >> 24) ] ^ | 998 | Te0[(t3 >> 24) ] ^ |
1000 | Te1[(t0 >> 16) & 0xff] ^ | 999 | Te1[(t0 >> 16) & 0xff] ^ |
1001 | Te2[(t1 >> 8) & 0xff] ^ | 1000 | Te2[(t1 >> 8) & 0xff] ^ |
1002 | Te3[(t2 ) & 0xff] ^ | 1001 | Te3[(t2 ) & 0xff] ^ |
1003 | rk[3]; | 1002 | rk[3]; |
1004 | } | 1003 | } |
1005 | #endif /* ?FULL_UNROLL */ | 1004 | #endif /* ?FULL_UNROLL */ |
1006 | /* | 1005 | /* |
@@ -1098,28 +1097,28 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16 | |||
1098 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38]; | 1097 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38]; |
1099 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39]; | 1098 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39]; |
1100 | if (Nr > 10) { | 1099 | if (Nr > 10) { |
1101 | /* round 10: */ | 1100 | /* round 10: */ |
1102 | s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40]; | 1101 | s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40]; |
1103 | s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41]; | 1102 | s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41]; |
1104 | s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42]; | 1103 | s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42]; |
1105 | s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43]; | 1104 | s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43]; |
1106 | /* round 11: */ | 1105 | /* round 11: */ |
1107 | t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44]; | 1106 | t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44]; |
1108 | t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45]; | 1107 | t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45]; |
1109 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46]; | 1108 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46]; |
1110 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47]; | 1109 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47]; |
1111 | if (Nr > 12) { | 1110 | if (Nr > 12) { |
1112 | /* round 12: */ | 1111 | /* round 12: */ |
1113 | s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48]; | 1112 | s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48]; |
1114 | s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49]; | 1113 | s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49]; |
1115 | s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50]; | 1114 | s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50]; |
1116 | s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51]; | 1115 | s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51]; |
1117 | /* round 13: */ | 1116 | /* round 13: */ |
1118 | t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52]; | 1117 | t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52]; |
1119 | t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53]; | 1118 | t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53]; |
1120 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54]; | 1119 | t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54]; |
1121 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; | 1120 | t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; |
1122 | } | 1121 | } |
1123 | } | 1122 | } |
1124 | rk += Nr << 2; | 1123 | rk += Nr << 2; |
1125 | #else /* !FULL_UNROLL */ | 1124 | #else /* !FULL_UNROLL */ |
@@ -1128,60 +1127,60 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16 | |||
1128 | */ | 1127 | */ |
1129 | r = Nr >> 1; | 1128 | r = Nr >> 1; |
1130 | for (;;) { | 1129 | for (;;) { |
1131 | t0 = | 1130 | t0 = |
1132 | Td0[(s0 >> 24) ] ^ | 1131 | Td0[(s0 >> 24) ] ^ |
1133 | Td1[(s3 >> 16) & 0xff] ^ | 1132 | Td1[(s3 >> 16) & 0xff] ^ |
1134 | Td2[(s2 >> 8) & 0xff] ^ | 1133 | Td2[(s2 >> 8) & 0xff] ^ |
1135 | Td3[(s1 ) & 0xff] ^ | 1134 | Td3[(s1 ) & 0xff] ^ |
1136 | rk[4]; | 1135 | rk[4]; |
1137 | t1 = | 1136 | t1 = |
1138 | Td0[(s1 >> 24) ] ^ | 1137 | Td0[(s1 >> 24) ] ^ |
1139 | Td1[(s0 >> 16) & 0xff] ^ | 1138 | Td1[(s0 >> 16) & 0xff] ^ |
1140 | Td2[(s3 >> 8) & 0xff] ^ | 1139 | Td2[(s3 >> 8) & 0xff] ^ |
1141 | Td3[(s2 ) & 0xff] ^ | 1140 | Td3[(s2 ) & 0xff] ^ |
1142 | rk[5]; | 1141 | rk[5]; |
1143 | t2 = | 1142 | t2 = |
1144 | Td0[(s2 >> 24) ] ^ | 1143 | Td0[(s2 >> 24) ] ^ |
1145 | Td1[(s1 >> 16) & 0xff] ^ | 1144 | Td1[(s1 >> 16) & 0xff] ^ |
1146 | Td2[(s0 >> 8) & 0xff] ^ | 1145 | Td2[(s0 >> 8) & 0xff] ^ |
1147 | Td3[(s3 ) & 0xff] ^ | 1146 | Td3[(s3 ) & 0xff] ^ |
1148 | rk[6]; | 1147 | rk[6]; |
1149 | t3 = | 1148 | t3 = |
1150 | Td0[(s3 >> 24) ] ^ | 1149 | Td0[(s3 >> 24) ] ^ |
1151 | Td1[(s2 >> 16) & 0xff] ^ | 1150 | Td1[(s2 >> 16) & 0xff] ^ |
1152 | Td2[(s1 >> 8) & 0xff] ^ | 1151 | Td2[(s1 >> 8) & 0xff] ^ |
1153 | Td3[(s0 ) & 0xff] ^ | 1152 | Td3[(s0 ) & 0xff] ^ |
1154 | rk[7]; | 1153 | rk[7]; |
1155 | 1154 | ||
1156 | rk += 8; | 1155 | rk += 8; |
1157 | if (--r == 0) { | 1156 | if (--r == 0) { |
1158 | break; | 1157 | break; |
1159 | } | 1158 | } |
1160 | 1159 | ||
1161 | s0 = | 1160 | s0 = |
1162 | Td0[(t0 >> 24) ] ^ | 1161 | Td0[(t0 >> 24) ] ^ |
1163 | Td1[(t3 >> 16) & 0xff] ^ | 1162 | Td1[(t3 >> 16) & 0xff] ^ |
1164 | Td2[(t2 >> 8) & 0xff] ^ | 1163 | Td2[(t2 >> 8) & 0xff] ^ |
1165 | Td3[(t1 ) & 0xff] ^ | 1164 | Td3[(t1 ) & 0xff] ^ |
1166 | rk[0]; | 1165 | rk[0]; |
1167 | s1 = | 1166 | s1 = |
1168 | Td0[(t1 >> 24) ] ^ | 1167 | Td0[(t1 >> 24) ] ^ |
1169 | Td1[(t0 >> 16) & 0xff] ^ | 1168 | Td1[(t0 >> 16) & 0xff] ^ |
1170 | Td2[(t3 >> 8) & 0xff] ^ | 1169 | Td2[(t3 >> 8) & 0xff] ^ |
1171 | Td3[(t2 ) & 0xff] ^ | 1170 | Td3[(t2 ) & 0xff] ^ |
1172 | rk[1]; | 1171 | rk[1]; |
1173 | s2 = | 1172 | s2 = |
1174 | Td0[(t2 >> 24) ] ^ | 1173 | Td0[(t2 >> 24) ] ^ |
1175 | Td1[(t1 >> 16) & 0xff] ^ | 1174 | Td1[(t1 >> 16) & 0xff] ^ |
1176 | Td2[(t0 >> 8) & 0xff] ^ | 1175 | Td2[(t0 >> 8) & 0xff] ^ |
1177 | Td3[(t3 ) & 0xff] ^ | 1176 | Td3[(t3 ) & 0xff] ^ |
1178 | rk[2]; | 1177 | rk[2]; |
1179 | s3 = | 1178 | s3 = |
1180 | Td0[(t3 >> 24) ] ^ | 1179 | Td0[(t3 >> 24) ] ^ |
1181 | Td1[(t2 >> 16) & 0xff] ^ | 1180 | Td1[(t2 >> 16) & 0xff] ^ |
1182 | Td2[(t1 >> 8) & 0xff] ^ | 1181 | Td2[(t1 >> 8) & 0xff] ^ |
1183 | Td3[(t0 ) & 0xff] ^ | 1182 | Td3[(t0 ) & 0xff] ^ |
1184 | rk[3]; | 1183 | rk[3]; |
1185 | } | 1184 | } |
1186 | #endif /* ?FULL_UNROLL */ | 1185 | #endif /* ?FULL_UNROLL */ |
1187 | /* | 1186 | /* |
@@ -1222,13 +1221,13 @@ void | |||
1222 | rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int encrypt) | 1221 | rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int encrypt) |
1223 | { | 1222 | { |
1224 | ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits); | 1223 | ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits); |
1225 | if (encrypt) { | 1224 | if (encrypt) { |
1226 | ctx->decrypt = 0; | 1225 | ctx->decrypt = 0; |
1227 | memset(ctx->dk, 0, sizeof(ctx->dk)); | 1226 | memset(ctx->dk, 0, sizeof(ctx->dk)); |
1228 | } else { | 1227 | } else { |
1229 | ctx->decrypt = 1; | 1228 | ctx->decrypt = 1; |
1230 | memcpy(ctx->dk, ctx->ek, sizeof(ctx->ek)); | 1229 | memcpy(ctx->dk, ctx->ek, sizeof(ctx->ek)); |
1231 | rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr); | 1230 | rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr); |
1232 | } | 1231 | } |
1233 | } | 1232 | } |
1234 | 1233 | ||
diff --git a/rijndael.h b/rijndael.h index 18a4d805e..c614bb188 100644 --- a/rijndael.h +++ b/rijndael.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: rijndael.h,v 1.11 2001/09/13 09:48:39 markus Exp $ */ | 1 | /* $OpenBSD: rijndael.h,v 1.12 2001/12/19 07:18:56 deraadt Exp $ */ |
2 | 2 | ||
3 | /** | 3 | /** |
4 | * rijndael-alg-fst.h | 4 | * rijndael-alg-fst.h |
@@ -32,8 +32,8 @@ | |||
32 | #define MAXKB (256/8) | 32 | #define MAXKB (256/8) |
33 | #define MAXNR 14 | 33 | #define MAXNR 14 |
34 | 34 | ||
35 | typedef unsigned char u8; | 35 | typedef unsigned char u8; |
36 | typedef unsigned short u16; | 36 | typedef unsigned short u16; |
37 | typedef unsigned int u32; | 37 | typedef unsigned int u32; |
38 | 38 | ||
39 | /* The structure for key information */ | 39 | /* The structure for key information */ |
@@ -24,7 +24,7 @@ | |||
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | #ifdef SMARTCARD | 26 | #ifdef SMARTCARD |
27 | RCSID("$OpenBSD: scard.c,v 1.15 2001/09/28 09:49:31 djm Exp $"); | 27 | RCSID("$OpenBSD: scard.c,v 1.16 2001/12/19 07:18:56 deraadt Exp $"); |
28 | 28 | ||
29 | #include <openssl/engine.h> | 29 | #include <openssl/engine.h> |
30 | #include <sectok.h> | 30 | #include <sectok.h> |
@@ -48,7 +48,7 @@ static int cla = 0x00; /* class */ | |||
48 | 48 | ||
49 | /* interface to libsectok */ | 49 | /* interface to libsectok */ |
50 | 50 | ||
51 | static int | 51 | static int |
52 | sc_open(void) | 52 | sc_open(void) |
53 | { | 53 | { |
54 | int sw; | 54 | int sw; |
@@ -79,7 +79,7 @@ sc_open(void) | |||
79 | return sc_fd; | 79 | return sc_fd; |
80 | } | 80 | } |
81 | 81 | ||
82 | static int | 82 | static int |
83 | sc_enable_applet(void) | 83 | sc_enable_applet(void) |
84 | { | 84 | { |
85 | static u_char aid[] = {0xfc, 0x53, 0x73, 0x68, 0x2e, 0x62, 0x69, 0x6e}; | 85 | static u_char aid[] = {0xfc, 0x53, 0x73, 0x68, 0x2e, 0x62, 0x69, 0x6e}; |
@@ -95,7 +95,7 @@ sc_enable_applet(void) | |||
95 | return 0; | 95 | return 0; |
96 | } | 96 | } |
97 | 97 | ||
98 | static int | 98 | static int |
99 | sc_init(void) | 99 | sc_init(void) |
100 | { | 100 | { |
101 | int status; | 101 | int status; |
@@ -115,7 +115,7 @@ sc_init(void) | |||
115 | return 0; | 115 | return 0; |
116 | } | 116 | } |
117 | 117 | ||
118 | static int | 118 | static int |
119 | sc_read_pubkey(Key * k) | 119 | sc_read_pubkey(Key * k) |
120 | { | 120 | { |
121 | u_char buf[2], *n; | 121 | u_char buf[2], *n; |
@@ -133,7 +133,7 @@ sc_read_pubkey(Key * k) | |||
133 | 133 | ||
134 | /* get key size */ | 134 | /* get key size */ |
135 | sectok_apdu(sc_fd, CLA_SSH, INS_GET_KEYLENGTH, 0, 0, 0, NULL, | 135 | sectok_apdu(sc_fd, CLA_SSH, INS_GET_KEYLENGTH, 0, 0, 0, NULL, |
136 | sizeof(buf), buf, &sw); | 136 | sizeof(buf), buf, &sw); |
137 | if (!sectok_swOK(sw)) { | 137 | if (!sectok_swOK(sw)) { |
138 | error("could not obtain key length: %s", sectok_get_sw(sw)); | 138 | error("could not obtain key length: %s", sectok_get_sw(sw)); |
139 | goto err; | 139 | goto err; |
@@ -204,7 +204,7 @@ sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | |||
204 | goto err; | 204 | goto err; |
205 | } | 205 | } |
206 | sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, | 206 | sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
207 | len, padded, &sw); | 207 | len, padded, &sw); |
208 | if (!sectok_swOK(sw)) { | 208 | if (!sectok_swOK(sw)) { |
209 | error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", | 209 | error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
210 | sectok_get_sw(sw)); | 210 | sectok_get_sw(sw)); |
@@ -249,7 +249,7 @@ sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) | |||
249 | goto err; | 249 | goto err; |
250 | } | 250 | } |
251 | sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, | 251 | sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, |
252 | len, to, &sw); | 252 | len, to, &sw); |
253 | if (!sectok_swOK(sw)) { | 253 | if (!sectok_swOK(sw)) { |
254 | error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", | 254 | error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", |
255 | sectok_get_sw(sw)); | 255 | sectok_get_sw(sw)); |
diff --git a/servconf.c b/servconf.c index 0f0a7396b..76a80499d 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: servconf.c,v 1.94 2001/12/06 13:30:05 markus Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.95 2001/12/19 07:18:56 deraadt Exp $"); |
14 | 14 | ||
15 | #if defined(KRB4) || defined(KRB5) | 15 | #if defined(KRB4) || defined(KRB5) |
16 | #include <krb.h> | 16 | #include <krb.h> |
@@ -190,7 +190,7 @@ fill_default_server_options(ServerOptions *options) | |||
190 | if (options->kerberos_tgt_passing == -1) | 190 | if (options->kerberos_tgt_passing == -1) |
191 | options->kerberos_tgt_passing = 0; | 191 | options->kerberos_tgt_passing = 0; |
192 | #endif | 192 | #endif |
193 | #ifdef AFS | 193 | #ifdef AFS |
194 | if (options->afs_token_passing == -1) | 194 | if (options->afs_token_passing == -1) |
195 | options->afs_token_passing = k_hasafs(); | 195 | options->afs_token_passing = k_hasafs(); |
196 | #endif | 196 | #endif |
@@ -217,7 +217,7 @@ fill_default_server_options(ServerOptions *options) | |||
217 | if (options->reverse_mapping_check == -1) | 217 | if (options->reverse_mapping_check == -1) |
218 | options->reverse_mapping_check = 0; | 218 | options->reverse_mapping_check = 0; |
219 | if (options->client_alive_interval == -1) | 219 | if (options->client_alive_interval == -1) |
220 | options->client_alive_interval = 0; | 220 | options->client_alive_interval = 0; |
221 | if (options->client_alive_count_max == -1) | 221 | if (options->client_alive_count_max == -1) |
222 | options->client_alive_count_max = 3; | 222 | options->client_alive_count_max = 3; |
223 | if (options->authorized_keys_file2 == NULL) { | 223 | if (options->authorized_keys_file2 == NULL) { |
@@ -259,7 +259,7 @@ typedef enum { | |||
259 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, | 259 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, |
260 | sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, | 260 | sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, |
261 | sBanner, sReverseMappingCheck, sHostbasedAuthentication, | 261 | sBanner, sReverseMappingCheck, sHostbasedAuthentication, |
262 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, | 262 | sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, |
263 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, | 263 | sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, |
264 | sDeprecated | 264 | sDeprecated |
265 | } ServerOpCodes; | 265 | } ServerOpCodes; |
@@ -772,7 +772,7 @@ parse_flag: | |||
772 | value = proto_spec(arg); | 772 | value = proto_spec(arg); |
773 | if (value == SSH_PROTO_UNKNOWN) | 773 | if (value == SSH_PROTO_UNKNOWN) |
774 | fatal("%s line %d: Bad protocol spec '%s'.", | 774 | fatal("%s line %d: Bad protocol spec '%s'.", |
775 | filename, linenum, arg ? arg : "<NONE>"); | 775 | filename, linenum, arg ? arg : "<NONE>"); |
776 | if (*intptr == SSH_PROTO_UNKNOWN) | 776 | if (*intptr == SSH_PROTO_UNKNOWN) |
777 | *intptr = value; | 777 | *intptr = value; |
778 | break; | 778 | break; |
@@ -780,21 +780,21 @@ parse_flag: | |||
780 | case sSubsystem: | 780 | case sSubsystem: |
781 | if (options->num_subsystems >= MAX_SUBSYSTEMS) { | 781 | if (options->num_subsystems >= MAX_SUBSYSTEMS) { |
782 | fatal("%s line %d: too many subsystems defined.", | 782 | fatal("%s line %d: too many subsystems defined.", |
783 | filename, linenum); | 783 | filename, linenum); |
784 | } | 784 | } |
785 | arg = strdelim(&cp); | 785 | arg = strdelim(&cp); |
786 | if (!arg || *arg == '\0') | 786 | if (!arg || *arg == '\0') |
787 | fatal("%s line %d: Missing subsystem name.", | 787 | fatal("%s line %d: Missing subsystem name.", |
788 | filename, linenum); | 788 | filename, linenum); |
789 | for (i = 0; i < options->num_subsystems; i++) | 789 | for (i = 0; i < options->num_subsystems; i++) |
790 | if (strcmp(arg, options->subsystem_name[i]) == 0) | 790 | if (strcmp(arg, options->subsystem_name[i]) == 0) |
791 | fatal("%s line %d: Subsystem '%s' already defined.", | 791 | fatal("%s line %d: Subsystem '%s' already defined.", |
792 | filename, linenum, arg); | 792 | filename, linenum, arg); |
793 | options->subsystem_name[options->num_subsystems] = xstrdup(arg); | 793 | options->subsystem_name[options->num_subsystems] = xstrdup(arg); |
794 | arg = strdelim(&cp); | 794 | arg = strdelim(&cp); |
795 | if (!arg || *arg == '\0') | 795 | if (!arg || *arg == '\0') |
796 | fatal("%s line %d: Missing subsystem command.", | 796 | fatal("%s line %d: Missing subsystem command.", |
797 | filename, linenum); | 797 | filename, linenum); |
798 | options->subsystem_command[options->num_subsystems] = xstrdup(arg); | 798 | options->subsystem_command[options->num_subsystems] = xstrdup(arg); |
799 | options->num_subsystems++; | 799 | options->num_subsystems++; |
800 | break; | 800 | break; |
@@ -803,7 +803,7 @@ parse_flag: | |||
803 | arg = strdelim(&cp); | 803 | arg = strdelim(&cp); |
804 | if (!arg || *arg == '\0') | 804 | if (!arg || *arg == '\0') |
805 | fatal("%s line %d: Missing MaxStartups spec.", | 805 | fatal("%s line %d: Missing MaxStartups spec.", |
806 | filename, linenum); | 806 | filename, linenum); |
807 | if ((n = sscanf(arg, "%d:%d:%d", | 807 | if ((n = sscanf(arg, "%d:%d:%d", |
808 | &options->max_startups_begin, | 808 | &options->max_startups_begin, |
809 | &options->max_startups_rate, | 809 | &options->max_startups_rate, |
diff --git a/servconf.h b/servconf.h index 90ecbc70e..943c7ef56 100644 --- a/servconf.h +++ b/servconf.h | |||
@@ -11,7 +11,7 @@ | |||
11 | * called by a name other than "ssh" or "Secure Shell". | 11 | * called by a name other than "ssh" or "Secure Shell". |
12 | */ | 12 | */ |
13 | 13 | ||
14 | /* RCSID("$OpenBSD: servconf.h,v 1.50 2001/12/06 13:30:05 markus Exp $"); */ | 14 | /* RCSID("$OpenBSD: servconf.h,v 1.51 2001/12/19 07:18:56 deraadt Exp $"); */ |
15 | 15 | ||
16 | #ifndef SERVCONF_H | 16 | #ifndef SERVCONF_H |
17 | #define SERVCONF_H | 17 | #define SERVCONF_H |
@@ -117,13 +117,13 @@ typedef struct { | |||
117 | char *banner; /* SSH-2 banner message */ | 117 | char *banner; /* SSH-2 banner message */ |
118 | int reverse_mapping_check; /* cross-check ip and dns */ | 118 | int reverse_mapping_check; /* cross-check ip and dns */ |
119 | int client_alive_interval; /* | 119 | int client_alive_interval; /* |
120 | * poke the client this often to | 120 | * poke the client this often to |
121 | * see if it's still there | 121 | * see if it's still there |
122 | */ | 122 | */ |
123 | int client_alive_count_max; /* | 123 | int client_alive_count_max; /* |
124 | * If the client is unresponsive | 124 | * If the client is unresponsive |
125 | * for this many intervals above, | 125 | * for this many intervals above, |
126 | * disconnect the session | 126 | * disconnect the session |
127 | */ | 127 | */ |
128 | 128 | ||
129 | char *authorized_keys_file; /* File containing public keys */ | 129 | char *authorized_keys_file; /* File containing public keys */ |
diff --git a/serverloop.c b/serverloop.c index fd051070d..1fa1f5800 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: serverloop.c,v 1.85 2001/12/05 03:50:01 itojun Exp $"); | 38 | RCSID("$OpenBSD: serverloop.c,v 1.86 2001/12/19 07:18:56 deraadt Exp $"); |
39 | 39 | ||
40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
41 | #include "packet.h" | 41 | #include "packet.h" |
@@ -195,12 +195,12 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, | |||
195 | int client_alive_scheduled = 0; | 195 | int client_alive_scheduled = 0; |
196 | 196 | ||
197 | /* | 197 | /* |
198 | * if using client_alive, set the max timeout accordingly, | 198 | * if using client_alive, set the max timeout accordingly, |
199 | * and indicate that this particular timeout was for client | 199 | * and indicate that this particular timeout was for client |
200 | * alive by setting the client_alive_scheduled flag. | 200 | * alive by setting the client_alive_scheduled flag. |
201 | * | 201 | * |
202 | * this could be randomized somewhat to make traffic | 202 | * this could be randomized somewhat to make traffic |
203 | * analysis more difficult, but we're not doing it yet. | 203 | * analysis more difficult, but we're not doing it yet. |
204 | */ | 204 | */ |
205 | if (compat20 && | 205 | if (compat20 && |
206 | max_time_milliseconds == 0 && options.client_alive_interval) { | 206 | max_time_milliseconds == 0 && options.client_alive_interval) { |
@@ -598,7 +598,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) | |||
598 | drain_output(); | 598 | drain_output(); |
599 | 599 | ||
600 | debug("End of interactive session; stdin %ld, stdout (read %ld, sent %ld), stderr %ld bytes.", | 600 | debug("End of interactive session; stdin %ld, stdout (read %ld, sent %ld), stderr %ld bytes.", |
601 | stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes); | 601 | stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes); |
602 | 602 | ||
603 | /* Free and clear the buffers. */ | 603 | /* Free and clear the buffers. */ |
604 | buffer_free(&stdin_buffer); | 604 | buffer_free(&stdin_buffer); |
@@ -738,12 +738,12 @@ static void | |||
738 | server_input_channel_failure(int type, int plen, void *ctxt) | 738 | server_input_channel_failure(int type, int plen, void *ctxt) |
739 | { | 739 | { |
740 | debug("Got CHANNEL_FAILURE for keepalive"); | 740 | debug("Got CHANNEL_FAILURE for keepalive"); |
741 | /* | 741 | /* |
742 | * reset timeout, since we got a sane answer from the client. | 742 | * reset timeout, since we got a sane answer from the client. |
743 | * even if this was generated by something other than | 743 | * even if this was generated by something other than |
744 | * the bogus CHANNEL_REQUEST we send for keepalives. | 744 | * the bogus CHANNEL_REQUEST we send for keepalives. |
745 | */ | 745 | */ |
746 | client_alive_timeouts = 0; | 746 | client_alive_timeouts = 0; |
747 | } | 747 | } |
748 | 748 | ||
749 | 749 | ||
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.111 2001/12/06 18:09:23 stevesk Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.112 2001/12/19 07:18:56 deraadt Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -258,7 +258,7 @@ do_authenticated1(Authctxt *authctxt) | |||
258 | compression_level = packet_get_int(); | 258 | compression_level = packet_get_int(); |
259 | if (compression_level < 1 || compression_level > 9) { | 259 | if (compression_level < 1 || compression_level > 9) { |
260 | packet_send_debug("Received illegal compression level %d.", | 260 | packet_send_debug("Received illegal compression level %d.", |
261 | compression_level); | 261 | compression_level); |
262 | break; | 262 | break; |
263 | } | 263 | } |
264 | /* Enable compression after we have responded with SUCCESS. */ | 264 | /* Enable compression after we have responded with SUCCESS. */ |
@@ -323,7 +323,7 @@ do_authenticated1(Authctxt *authctxt) | |||
323 | if (packet_set_maxsize(packet_get_int()) > 0) | 323 | if (packet_set_maxsize(packet_get_int()) > 0) |
324 | success = 1; | 324 | success = 1; |
325 | break; | 325 | break; |
326 | 326 | ||
327 | #if defined(AFS) || defined(KRB5) | 327 | #if defined(AFS) || defined(KRB5) |
328 | case SSH_CMSG_HAVE_KERBEROS_TGT: | 328 | case SSH_CMSG_HAVE_KERBEROS_TGT: |
329 | if (!options.kerberos_tgt_passing) { | 329 | if (!options.kerberos_tgt_passing) { |
@@ -331,14 +331,14 @@ do_authenticated1(Authctxt *authctxt) | |||
331 | } else { | 331 | } else { |
332 | char *kdata = packet_get_string(&dlen); | 332 | char *kdata = packet_get_string(&dlen); |
333 | packet_integrity_check(plen, 4 + dlen, type); | 333 | packet_integrity_check(plen, 4 + dlen, type); |
334 | 334 | ||
335 | /* XXX - 0x41, see creds_to_radix version */ | 335 | /* XXX - 0x41, see creds_to_radix version */ |
336 | if (kdata[0] != 0x41) { | 336 | if (kdata[0] != 0x41) { |
337 | #ifdef KRB5 | 337 | #ifdef KRB5 |
338 | krb5_data tgt; | 338 | krb5_data tgt; |
339 | tgt.data = kdata; | 339 | tgt.data = kdata; |
340 | tgt.length = dlen; | 340 | tgt.length = dlen; |
341 | 341 | ||
342 | if (auth_krb5_tgt(s->authctxt, &tgt)) | 342 | if (auth_krb5_tgt(s->authctxt, &tgt)) |
343 | success = 1; | 343 | success = 1; |
344 | else | 344 | else |
@@ -356,7 +356,7 @@ do_authenticated1(Authctxt *authctxt) | |||
356 | } | 356 | } |
357 | break; | 357 | break; |
358 | #endif /* AFS || KRB5 */ | 358 | #endif /* AFS || KRB5 */ |
359 | 359 | ||
360 | #ifdef AFS | 360 | #ifdef AFS |
361 | case SSH_CMSG_HAVE_AFS_TOKEN: | 361 | case SSH_CMSG_HAVE_AFS_TOKEN: |
362 | if (!options.afs_token_passing || !k_hasafs()) { | 362 | if (!options.afs_token_passing || !k_hasafs()) { |
@@ -365,7 +365,7 @@ do_authenticated1(Authctxt *authctxt) | |||
365 | /* Accept AFS token. */ | 365 | /* Accept AFS token. */ |
366 | char *token = packet_get_string(&dlen); | 366 | char *token = packet_get_string(&dlen); |
367 | packet_integrity_check(plen, 4 + dlen, type); | 367 | packet_integrity_check(plen, 4 + dlen, type); |
368 | 368 | ||
369 | if (auth_afs_token(s->authctxt, token)) | 369 | if (auth_afs_token(s->authctxt, token)) |
370 | success = 1; | 370 | success = 1; |
371 | else | 371 | else |
@@ -649,7 +649,7 @@ do_pre_login(Session *s) | |||
649 | if (packet_connection_is_on_socket()) { | 649 | if (packet_connection_is_on_socket()) { |
650 | fromlen = sizeof(from); | 650 | fromlen = sizeof(from); |
651 | if (getpeername(packet_get_connection_in(), | 651 | if (getpeername(packet_get_connection_in(), |
652 | (struct sockaddr *) & from, &fromlen) < 0) { | 652 | (struct sockaddr *) & from, &fromlen) < 0) { |
653 | debug("getpeername: %.100s", strerror(errno)); | 653 | debug("getpeername: %.100s", strerror(errno)); |
654 | fatal_cleanup(); | 654 | fatal_cleanup(); |
655 | } | 655 | } |
@@ -811,7 +811,7 @@ check_quietlogin(Session *s, const char *command) | |||
811 | */ | 811 | */ |
812 | static void | 812 | static void |
813 | child_set_env(char ***envp, u_int *envsizep, const char *name, | 813 | child_set_env(char ***envp, u_int *envsizep, const char *name, |
814 | const char *value) | 814 | const char *value) |
815 | { | 815 | { |
816 | u_int i, namelen; | 816 | u_int i, namelen; |
817 | char **env; | 817 | char **env; |
@@ -852,7 +852,7 @@ child_set_env(char ***envp, u_int *envsizep, const char *name, | |||
852 | */ | 852 | */ |
853 | static void | 853 | static void |
854 | read_environment_file(char ***env, u_int *envsize, | 854 | read_environment_file(char ***env, u_int *envsize, |
855 | const char *filename) | 855 | const char *filename) |
856 | { | 856 | { |
857 | FILE *f; | 857 | FILE *f; |
858 | char buf[4096]; | 858 | char buf[4096]; |
@@ -1304,7 +1304,7 @@ do_child(Session *s, const char *command) | |||
1304 | 1304 | ||
1305 | if (auth_get_socket_name() != NULL) | 1305 | if (auth_get_socket_name() != NULL) |
1306 | child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, | 1306 | child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, |
1307 | auth_get_socket_name()); | 1307 | auth_get_socket_name()); |
1308 | 1308 | ||
1309 | /* read $HOME/.ssh/environment. */ | 1309 | /* read $HOME/.ssh/environment. */ |
1310 | if (!options.use_login) { | 1310 | if (!options.use_login) { |
@@ -1367,10 +1367,10 @@ do_child(Session *s, const char *command) | |||
1367 | /* Try to get AFS tokens for the local cell. */ | 1367 | /* Try to get AFS tokens for the local cell. */ |
1368 | if (k_hasafs()) { | 1368 | if (k_hasafs()) { |
1369 | char cell[64]; | 1369 | char cell[64]; |
1370 | 1370 | ||
1371 | if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0) | 1371 | if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0) |
1372 | krb_afslog(cell, 0); | 1372 | krb_afslog(cell, 0); |
1373 | 1373 | ||
1374 | krb_afslog(0, 0); | 1374 | krb_afslog(0, 0); |
1375 | } | 1375 | } |
1376 | #endif /* AFS */ | 1376 | #endif /* AFS */ |
@@ -1487,9 +1487,9 @@ do_child(Session *s, const char *command) | |||
1487 | 1487 | ||
1488 | execl(LOGIN_PROGRAM, "login", "-h", hostname, | 1488 | execl(LOGIN_PROGRAM, "login", "-h", hostname, |
1489 | #ifdef LOGIN_NEEDS_TERM | 1489 | #ifdef LOGIN_NEEDS_TERM |
1490 | s->term? s->term : "unknown", | 1490 | s->term? s->term : "unknown", |
1491 | #endif | 1491 | #endif |
1492 | "-p", "-f", "--", pw->pw_name, (char *)NULL); | 1492 | "-p", "-f", "--", pw->pw_name, (char *)NULL); |
1493 | 1493 | ||
1494 | /* Login couldn't be executed, die. */ | 1494 | /* Login couldn't be executed, die. */ |
1495 | 1495 | ||
@@ -1517,12 +1517,12 @@ session_new(void) | |||
1517 | static int did_init = 0; | 1517 | static int did_init = 0; |
1518 | if (!did_init) { | 1518 | if (!did_init) { |
1519 | debug("session_new: init"); | 1519 | debug("session_new: init"); |
1520 | for(i = 0; i < MAX_SESSIONS; i++) { | 1520 | for (i = 0; i < MAX_SESSIONS; i++) { |
1521 | sessions[i].used = 0; | 1521 | sessions[i].used = 0; |
1522 | } | 1522 | } |
1523 | did_init = 1; | 1523 | did_init = 1; |
1524 | } | 1524 | } |
1525 | for(i = 0; i < MAX_SESSIONS; i++) { | 1525 | for (i = 0; i < MAX_SESSIONS; i++) { |
1526 | Session *s = &sessions[i]; | 1526 | Session *s = &sessions[i]; |
1527 | if (! s->used) { | 1527 | if (! s->used) { |
1528 | memset(s, 0, sizeof(*s)); | 1528 | memset(s, 0, sizeof(*s)); |
@@ -1542,7 +1542,7 @@ static void | |||
1542 | session_dump(void) | 1542 | session_dump(void) |
1543 | { | 1543 | { |
1544 | int i; | 1544 | int i; |
1545 | for(i = 0; i < MAX_SESSIONS; i++) { | 1545 | for (i = 0; i < MAX_SESSIONS; i++) { |
1546 | Session *s = &sessions[i]; | 1546 | Session *s = &sessions[i]; |
1547 | debug("dump: used %d session %d %p channel %d pid %d", | 1547 | debug("dump: used %d session %d %p channel %d pid %d", |
1548 | s->used, | 1548 | s->used, |
@@ -1575,7 +1575,7 @@ static Session * | |||
1575 | session_by_channel(int id) | 1575 | session_by_channel(int id) |
1576 | { | 1576 | { |
1577 | int i; | 1577 | int i; |
1578 | for(i = 0; i < MAX_SESSIONS; i++) { | 1578 | for (i = 0; i < MAX_SESSIONS; i++) { |
1579 | Session *s = &sessions[i]; | 1579 | Session *s = &sessions[i]; |
1580 | if (s->used && s->chanid == id) { | 1580 | if (s->used && s->chanid == id) { |
1581 | debug("session_by_channel: session %d channel %d", i, id); | 1581 | debug("session_by_channel: session %d channel %d", i, id); |
@@ -1592,7 +1592,7 @@ session_by_pid(pid_t pid) | |||
1592 | { | 1592 | { |
1593 | int i; | 1593 | int i; |
1594 | debug("session_by_pid: pid %d", pid); | 1594 | debug("session_by_pid: pid %d", pid); |
1595 | for(i = 0; i < MAX_SESSIONS; i++) { | 1595 | for (i = 0; i < MAX_SESSIONS; i++) { |
1596 | Session *s = &sessions[i]; | 1596 | Session *s = &sessions[i]; |
1597 | if (s->used && s->pid == pid) | 1597 | if (s->used && s->pid == pid) |
1598 | return s; | 1598 | return s; |
@@ -2001,9 +2001,9 @@ void | |||
2001 | session_destroy_all(void) | 2001 | session_destroy_all(void) |
2002 | { | 2002 | { |
2003 | int i; | 2003 | int i; |
2004 | for(i = 0; i < MAX_SESSIONS; i++) { | 2004 | for (i = 0; i < MAX_SESSIONS; i++) { |
2005 | Session *s = &sessions[i]; | 2005 | Session *s = &sessions[i]; |
2006 | if (s->used) | 2006 | if (s->used) |
2007 | session_close(s); | 2007 | session_close(s); |
2008 | } | 2008 | } |
2009 | } | 2009 | } |
@@ -2014,7 +2014,7 @@ session_tty_list(void) | |||
2014 | static char buf[1024]; | 2014 | static char buf[1024]; |
2015 | int i; | 2015 | int i; |
2016 | buf[0] = '\0'; | 2016 | buf[0] = '\0'; |
2017 | for(i = 0; i < MAX_SESSIONS; i++) { | 2017 | for (i = 0; i < MAX_SESSIONS; i++) { |
2018 | Session *s = &sessions[i]; | 2018 | Session *s = &sessions[i]; |
2019 | if (s->used && s->ttyfd != -1) { | 2019 | if (s->used && s->ttyfd != -1) { |
2020 | if (buf[0] != '\0') | 2020 | if (buf[0] != '\0') |
diff --git a/sftp-client.c b/sftp-client.c index 4f2a1e280..ca5a48597 100644 --- a/sftp-client.c +++ b/sftp-client.c | |||
@@ -29,7 +29,7 @@ | |||
29 | /* XXX: copy between two remote sites */ | 29 | /* XXX: copy between two remote sites */ |
30 | 30 | ||
31 | #include "includes.h" | 31 | #include "includes.h" |
32 | RCSID("$OpenBSD: sftp-client.c,v 1.18 2001/07/14 15:10:16 stevesk Exp $"); | 32 | RCSID("$OpenBSD: sftp-client.c,v 1.19 2001/12/19 07:18:56 deraadt Exp $"); |
33 | 33 | ||
34 | #include "buffer.h" | 34 | #include "buffer.h" |
35 | #include "bufaux.h" | 35 | #include "bufaux.h" |
@@ -308,9 +308,8 @@ do_lsreaddir(int fd_in, int fd_out, char *path, int printflag, | |||
308 | *dir = xmalloc(sizeof(**dir)); | 308 | *dir = xmalloc(sizeof(**dir)); |
309 | (*dir)[0] = NULL; | 309 | (*dir)[0] = NULL; |
310 | } | 310 | } |
311 | |||
312 | 311 | ||
313 | for(;;) { | 312 | for (;;) { |
314 | int count; | 313 | int count; |
315 | 314 | ||
316 | id = expected_id = msg_id++; | 315 | id = expected_id = msg_id++; |
@@ -356,7 +355,7 @@ do_lsreaddir(int fd_in, int fd_out, char *path, int printflag, | |||
356 | if (count == 0) | 355 | if (count == 0) |
357 | break; | 356 | break; |
358 | debug3("Received %d SSH2_FXP_NAME responses", count); | 357 | debug3("Received %d SSH2_FXP_NAME responses", count); |
359 | for(i = 0; i < count; i++) { | 358 | for (i = 0; i < count; i++) { |
360 | char *filename, *longname; | 359 | char *filename, *longname; |
361 | Attrib *a; | 360 | Attrib *a; |
362 | 361 | ||
@@ -404,8 +403,8 @@ do_readdir(int fd_in, int fd_out, char *path, SFTP_DIRENT ***dir) | |||
404 | void free_sftp_dirents(SFTP_DIRENT **s) | 403 | void free_sftp_dirents(SFTP_DIRENT **s) |
405 | { | 404 | { |
406 | int i; | 405 | int i; |
407 | 406 | ||
408 | for(i = 0; s[i]; i++) { | 407 | for (i = 0; s[i]; i++) { |
409 | xfree(s[i]->filename); | 408 | xfree(s[i]->filename); |
410 | xfree(s[i]->longname); | 409 | xfree(s[i]->longname); |
411 | xfree(s[i]); | 410 | xfree(s[i]); |
@@ -726,7 +725,7 @@ do_download(int fd_in, int fd_out, char *remote_path, char *local_path, | |||
726 | 725 | ||
727 | /* Read from remote and write to local */ | 726 | /* Read from remote and write to local */ |
728 | offset = 0; | 727 | offset = 0; |
729 | for(;;) { | 728 | for (;;) { |
730 | u_int len; | 729 | u_int len; |
731 | char *data; | 730 | char *data; |
732 | 731 | ||
@@ -758,7 +757,7 @@ do_download(int fd_in, int fd_out, char *remote_path, char *local_path, | |||
758 | else { | 757 | else { |
759 | error("Couldn't read from remote " | 758 | error("Couldn't read from remote " |
760 | "file \"%s\" : %s", remote_path, | 759 | "file \"%s\" : %s", remote_path, |
761 | fx2txt(status)); | 760 | fx2txt(status)); |
762 | do_close(fd_in, fd_out, handle, handle_len); | 761 | do_close(fd_in, fd_out, handle, handle_len); |
763 | goto done; | 762 | goto done; |
764 | } | 763 | } |
@@ -868,7 +867,7 @@ do_upload(int fd_in, int fd_out, char *local_path, char *remote_path, | |||
868 | 867 | ||
869 | /* Read from local and write to remote */ | 868 | /* Read from local and write to remote */ |
870 | offset = 0; | 869 | offset = 0; |
871 | for(;;) { | 870 | for (;;) { |
872 | int len; | 871 | int len; |
873 | char data[COPY_SIZE]; | 872 | char data[COPY_SIZE]; |
874 | 873 | ||
diff --git a/sftp-glob.c b/sftp-glob.c index a432bdfc2..849ac65ed 100644 --- a/sftp-glob.c +++ b/sftp-glob.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sftp-glob.c,v 1.8 2001/07/14 15:10:17 stevesk Exp $"); | 26 | RCSID("$OpenBSD: sftp-glob.c,v 1.9 2001/12/19 07:18:56 deraadt Exp $"); |
27 | 27 | ||
28 | #include "buffer.h" | 28 | #include "buffer.h" |
29 | #include "bufaux.h" | 29 | #include "bufaux.h" |
@@ -49,9 +49,9 @@ static void * | |||
49 | fudge_opendir(const char *path) | 49 | fudge_opendir(const char *path) |
50 | { | 50 | { |
51 | struct SFTP_OPENDIR *r; | 51 | struct SFTP_OPENDIR *r; |
52 | 52 | ||
53 | r = xmalloc(sizeof(*r)); | 53 | r = xmalloc(sizeof(*r)); |
54 | 54 | ||
55 | if (do_readdir(cur.fd_in, cur.fd_out, (char*)path, &r->dir)) | 55 | if (do_readdir(cur.fd_in, cur.fd_out, (char*)path, &r->dir)) |
56 | return(NULL); | 56 | return(NULL); |
57 | 57 | ||
@@ -110,7 +110,7 @@ static void | |||
110 | attrib_to_stat(Attrib *a, struct stat *st) | 110 | attrib_to_stat(Attrib *a, struct stat *st) |
111 | { | 111 | { |
112 | memset(st, 0, sizeof(*st)); | 112 | memset(st, 0, sizeof(*st)); |
113 | 113 | ||
114 | if (a->flags & SSH2_FILEXFER_ATTR_SIZE) | 114 | if (a->flags & SSH2_FILEXFER_ATTR_SIZE) |
115 | st->st_size = a->size; | 115 | st->st_size = a->size; |
116 | if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) { | 116 | if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) { |
@@ -129,12 +129,12 @@ static int | |||
129 | fudge_lstat(const char *path, struct stat *st) | 129 | fudge_lstat(const char *path, struct stat *st) |
130 | { | 130 | { |
131 | Attrib *a; | 131 | Attrib *a; |
132 | 132 | ||
133 | if (!(a = do_lstat(cur.fd_in, cur.fd_out, (char*)path, 0))) | 133 | if (!(a = do_lstat(cur.fd_in, cur.fd_out, (char*)path, 0))) |
134 | return(-1); | 134 | return(-1); |
135 | 135 | ||
136 | attrib_to_stat(a, st); | 136 | attrib_to_stat(a, st); |
137 | 137 | ||
138 | return(0); | 138 | return(0); |
139 | } | 139 | } |
140 | 140 | ||
@@ -142,12 +142,12 @@ static int | |||
142 | fudge_stat(const char *path, struct stat *st) | 142 | fudge_stat(const char *path, struct stat *st) |
143 | { | 143 | { |
144 | Attrib *a; | 144 | Attrib *a; |
145 | 145 | ||
146 | if (!(a = do_stat(cur.fd_in, cur.fd_out, (char*)path, 0))) | 146 | if (!(a = do_stat(cur.fd_in, cur.fd_out, (char*)path, 0))) |
147 | return(-1); | 147 | return(-1); |
148 | 148 | ||
149 | attrib_to_stat(a, st); | 149 | attrib_to_stat(a, st); |
150 | 150 | ||
151 | return(0); | 151 | return(0); |
152 | } | 152 | } |
153 | 153 | ||
@@ -160,7 +160,7 @@ remote_glob(int fd_in, int fd_out, const char *pattern, int flags, | |||
160 | pglob->gl_closedir = (void (*)(void *))fudge_closedir; | 160 | pglob->gl_closedir = (void (*)(void *))fudge_closedir; |
161 | pglob->gl_lstat = fudge_lstat; | 161 | pglob->gl_lstat = fudge_lstat; |
162 | pglob->gl_stat = fudge_stat; | 162 | pglob->gl_stat = fudge_stat; |
163 | 163 | ||
164 | memset(&cur, 0, sizeof(cur)); | 164 | memset(&cur, 0, sizeof(cur)); |
165 | cur.fd_in = fd_in; | 165 | cur.fd_in = fd_in; |
166 | cur.fd_out = fd_out; | 166 | cur.fd_out = fd_out; |
diff --git a/sftp-int.c b/sftp-int.c index 841e562e1..d8eec3f3d 100644 --- a/sftp-int.c +++ b/sftp-int.c | |||
@@ -26,7 +26,7 @@ | |||
26 | /* XXX: recursive operations */ | 26 | /* XXX: recursive operations */ |
27 | 27 | ||
28 | #include "includes.h" | 28 | #include "includes.h" |
29 | RCSID("$OpenBSD: sftp-int.c,v 1.40 2001/08/14 09:23:02 markus Exp $"); | 29 | RCSID("$OpenBSD: sftp-int.c,v 1.41 2001/12/19 07:18:56 deraadt Exp $"); |
30 | 30 | ||
31 | #include "buffer.h" | 31 | #include "buffer.h" |
32 | #include "xmalloc.h" | 32 | #include "xmalloc.h" |
@@ -205,7 +205,7 @@ path_append(char *p1, char *p2) | |||
205 | 205 | ||
206 | ret = xmalloc(len); | 206 | ret = xmalloc(len); |
207 | strlcpy(ret, p1, len); | 207 | strlcpy(ret, p1, len); |
208 | if (strcmp(p1, "/") != 0) | 208 | if (strcmp(p1, "/") != 0) |
209 | strlcat(ret, "/", len); | 209 | strlcat(ret, "/", len); |
210 | strlcat(ret, p2, len); | 210 | strlcat(ret, p2, len); |
211 | 211 | ||
@@ -393,7 +393,7 @@ process_get(int in, int out, char *src, char *dst, char *pwd, int pflag) | |||
393 | goto out; | 393 | goto out; |
394 | } | 394 | } |
395 | 395 | ||
396 | for(i = 0; g.gl_pathv[i]; i++) { | 396 | for (i = 0; g.gl_pathv[i]; i++) { |
397 | if (infer_path(g.gl_pathv[i], &tmp)) { | 397 | if (infer_path(g.gl_pathv[i], &tmp)) { |
398 | err = -1; | 398 | err = -1; |
399 | goto out; | 399 | goto out; |
@@ -475,7 +475,7 @@ process_put(int in, int out, char *src, char *dst, char *pwd, int pflag) | |||
475 | goto out; | 475 | goto out; |
476 | } | 476 | } |
477 | 477 | ||
478 | for(i = 0; g.gl_pathv[i]; i++) { | 478 | for (i = 0; g.gl_pathv[i]; i++) { |
479 | if (infer_path(g.gl_pathv[i], &tmp)) { | 479 | if (infer_path(g.gl_pathv[i], &tmp)) { |
480 | err = -1; | 480 | err = -1; |
481 | goto out; | 481 | goto out; |
@@ -517,7 +517,7 @@ parse_args(const char **cpp, int *pflag, unsigned long *n_arg, | |||
517 | return(-1); | 517 | return(-1); |
518 | 518 | ||
519 | /* Figure out which command we have */ | 519 | /* Figure out which command we have */ |
520 | for(i = 0; cmds[i].c; i++) { | 520 | for (i = 0; cmds[i].c; i++) { |
521 | int cmdlen = strlen(cmds[i].c); | 521 | int cmdlen = strlen(cmds[i].c); |
522 | 522 | ||
523 | /* Check for command followed by whitespace */ | 523 | /* Check for command followed by whitespace */ |
@@ -688,7 +688,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) | |||
688 | case I_RM: | 688 | case I_RM: |
689 | path1 = make_absolute(path1, *pwd); | 689 | path1 = make_absolute(path1, *pwd); |
690 | remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); | 690 | remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); |
691 | for(i = 0; g.gl_pathv[i]; i++) { | 691 | for (i = 0; g.gl_pathv[i]; i++) { |
692 | printf("Removing %s\n", g.gl_pathv[i]); | 692 | printf("Removing %s\n", g.gl_pathv[i]); |
693 | if (do_rm(in, out, g.gl_pathv[i]) == -1) | 693 | if (do_rm(in, out, g.gl_pathv[i]) == -1) |
694 | err = -1; | 694 | err = -1; |
@@ -781,7 +781,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) | |||
781 | a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS; | 781 | a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS; |
782 | a.perm = n_arg; | 782 | a.perm = n_arg; |
783 | remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); | 783 | remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); |
784 | for(i = 0; g.gl_pathv[i]; i++) { | 784 | for (i = 0; g.gl_pathv[i]; i++) { |
785 | printf("Changing mode on %s\n", g.gl_pathv[i]); | 785 | printf("Changing mode on %s\n", g.gl_pathv[i]); |
786 | do_setstat(in, out, g.gl_pathv[i], &a); | 786 | do_setstat(in, out, g.gl_pathv[i], &a); |
787 | } | 787 | } |
@@ -789,7 +789,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) | |||
789 | case I_CHOWN: | 789 | case I_CHOWN: |
790 | path1 = make_absolute(path1, *pwd); | 790 | path1 = make_absolute(path1, *pwd); |
791 | remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); | 791 | remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); |
792 | for(i = 0; g.gl_pathv[i]; i++) { | 792 | for (i = 0; g.gl_pathv[i]; i++) { |
793 | if (!(aa = do_stat(in, out, g.gl_pathv[i], 0))) | 793 | if (!(aa = do_stat(in, out, g.gl_pathv[i], 0))) |
794 | continue; | 794 | continue; |
795 | if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) { | 795 | if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) { |
@@ -806,7 +806,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) | |||
806 | case I_CHGRP: | 806 | case I_CHGRP: |
807 | path1 = make_absolute(path1, *pwd); | 807 | path1 = make_absolute(path1, *pwd); |
808 | remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); | 808 | remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); |
809 | for(i = 0; g.gl_pathv[i]; i++) { | 809 | for (i = 0; g.gl_pathv[i]; i++) { |
810 | if (!(aa = do_stat(in, out, g.gl_pathv[i], 0))) | 810 | if (!(aa = do_stat(in, out, g.gl_pathv[i], 0))) |
811 | continue; | 811 | continue; |
812 | if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) { | 812 | if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) { |
@@ -899,7 +899,7 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) | |||
899 | setlinebuf(infile); | 899 | setlinebuf(infile); |
900 | #endif | 900 | #endif |
901 | 901 | ||
902 | for(;;) { | 902 | for (;;) { |
903 | char *cp; | 903 | char *cp; |
904 | 904 | ||
905 | printf("sftp> "); | 905 | printf("sftp> "); |
diff --git a/sftp-server.c b/sftp-server.c index 2ef9753bf..7c8a6b65b 100644 --- a/sftp-server.c +++ b/sftp-server.c | |||
@@ -22,7 +22,7 @@ | |||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | */ | 23 | */ |
24 | #include "includes.h" | 24 | #include "includes.h" |
25 | RCSID("$OpenBSD: sftp-server.c,v 1.30 2001/07/31 12:42:50 jakob Exp $"); | 25 | RCSID("$OpenBSD: sftp-server.c,v 1.31 2001/12/19 07:18:56 deraadt Exp $"); |
26 | 26 | ||
27 | #include "buffer.h" | 27 | #include "buffer.h" |
28 | #include "bufaux.h" | 28 | #include "bufaux.h" |
@@ -144,7 +144,7 @@ handle_init(void) | |||
144 | { | 144 | { |
145 | int i; | 145 | int i; |
146 | 146 | ||
147 | for(i = 0; i < sizeof(handles)/sizeof(Handle); i++) | 147 | for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) |
148 | handles[i].use = HANDLE_UNUSED; | 148 | handles[i].use = HANDLE_UNUSED; |
149 | } | 149 | } |
150 | 150 | ||
@@ -153,7 +153,7 @@ handle_new(int use, char *name, int fd, DIR *dirp) | |||
153 | { | 153 | { |
154 | int i; | 154 | int i; |
155 | 155 | ||
156 | for(i = 0; i < sizeof(handles)/sizeof(Handle); i++) { | 156 | for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) { |
157 | if (handles[i].use == HANDLE_UNUSED) { | 157 | if (handles[i].use == HANDLE_UNUSED) { |
158 | handles[i].use = use; | 158 | handles[i].use = use; |
159 | handles[i].dirp = dirp; | 159 | handles[i].dirp = dirp; |
@@ -771,7 +771,7 @@ process_readdir(void) | |||
771 | } | 771 | } |
772 | if (count > 0) { | 772 | if (count > 0) { |
773 | send_names(id, count, stats); | 773 | send_names(id, count, stats); |
774 | for(i = 0; i < count; i++) { | 774 | for (i = 0; i < count; i++) { |
775 | xfree(stats[i].name); | 775 | xfree(stats[i].name); |
776 | xfree(stats[i].long_name); | 776 | xfree(stats[i].long_name); |
777 | } | 777 | } |
@@ -897,7 +897,7 @@ process_readlink(void) | |||
897 | send_status(id, errno_to_portable(errno)); | 897 | send_status(id, errno_to_portable(errno)); |
898 | else { | 898 | else { |
899 | Stat s; | 899 | Stat s; |
900 | 900 | ||
901 | link[len] = '\0'; | 901 | link[len] = '\0'; |
902 | attrib_clear(&s.attrib); | 902 | attrib_clear(&s.attrib); |
903 | s.name = s.long_name = link; | 903 | s.name = s.long_name = link; |
@@ -24,7 +24,7 @@ | |||
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | 26 | ||
27 | RCSID("$OpenBSD: sftp.c,v 1.21 2001/09/19 19:24:19 stevesk Exp $"); | 27 | RCSID("$OpenBSD: sftp.c,v 1.22 2001/12/19 07:18:56 deraadt Exp $"); |
28 | 28 | ||
29 | /* XXX: commandline mode */ | 29 | /* XXX: commandline mode */ |
30 | /* XXX: short-form remote directory listings (like 'ls -C') */ | 30 | /* XXX: short-form remote directory listings (like 'ls -C') */ |
@@ -114,7 +114,7 @@ main(int argc, char **argv) | |||
114 | 114 | ||
115 | __progname = get_progname(argv[0]); | 115 | __progname = get_progname(argv[0]); |
116 | args.list = NULL; | 116 | args.list = NULL; |
117 | addargs(&args, "ssh"); /* overwritten with ssh_program */ | 117 | addargs(&args, "ssh"); /* overwritten with ssh_program */ |
118 | addargs(&args, "-oFallBackToRsh no"); | 118 | addargs(&args, "-oFallBackToRsh no"); |
119 | addargs(&args, "-oForwardX11 no"); | 119 | addargs(&args, "-oForwardX11 no"); |
120 | addargs(&args, "-oForwardAgent no"); | 120 | addargs(&args, "-oForwardAgent no"); |
@@ -195,7 +195,7 @@ main(int argc, char **argv) | |||
195 | addargs(&args, "-oProtocol %d", sshver); | 195 | addargs(&args, "-oProtocol %d", sshver); |
196 | 196 | ||
197 | /* no subsystem if the server-spec contains a '/' */ | 197 | /* no subsystem if the server-spec contains a '/' */ |
198 | if (sftp_server == NULL || strchr(sftp_server, '/') == NULL) | 198 | if (sftp_server == NULL || strchr(sftp_server, '/') == NULL) |
199 | addargs(&args, "-s"); | 199 | addargs(&args, "-s"); |
200 | 200 | ||
201 | addargs(&args, "%s", host); | 201 | addargs(&args, "%s", host); |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: ssh-add.c,v 1.46 2001/10/02 08:38:50 djm Exp $"); | 38 | RCSID("$OpenBSD: ssh-add.c,v 1.47 2001/12/19 07:18:56 deraadt Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | 41 | ||
@@ -90,7 +90,7 @@ delete_file(AuthenticationConnection *ac, const char *filename) | |||
90 | 90 | ||
91 | key_free(public); | 91 | key_free(public); |
92 | xfree(comment); | 92 | xfree(comment); |
93 | 93 | ||
94 | return ret; | 94 | return ret; |
95 | } | 95 | } |
96 | 96 | ||
@@ -160,7 +160,7 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
160 | 160 | ||
161 | xfree(comment); | 161 | xfree(comment); |
162 | key_free(private); | 162 | key_free(private); |
163 | 163 | ||
164 | return ret; | 164 | return ret; |
165 | } | 165 | } |
166 | 166 | ||
@@ -169,11 +169,11 @@ update_card(AuthenticationConnection *ac, int add, const char *id) | |||
169 | { | 169 | { |
170 | if (ssh_update_card(ac, add, id)) { | 170 | if (ssh_update_card(ac, add, id)) { |
171 | fprintf(stderr, "Card %s: %s\n", | 171 | fprintf(stderr, "Card %s: %s\n", |
172 | add ? "added" : "removed", id); | 172 | add ? "added" : "removed", id); |
173 | return 0; | 173 | return 0; |
174 | } else { | 174 | } else { |
175 | fprintf(stderr, "Could not %s card: %s\n", | 175 | fprintf(stderr, "Could not %s card: %s\n", |
176 | add ? "add" : "remove", id); | 176 | add ? "add" : "remove", id); |
177 | return -1; | 177 | return -1; |
178 | } | 178 | } |
179 | } | 179 | } |
@@ -188,8 +188,8 @@ list_identities(AuthenticationConnection *ac, int do_fp) | |||
188 | 188 | ||
189 | for (version = 1; version <= 2; version++) { | 189 | for (version = 1; version <= 2; version++) { |
190 | for (key = ssh_get_first_identity(ac, &comment, version); | 190 | for (key = ssh_get_first_identity(ac, &comment, version); |
191 | key != NULL; | 191 | key != NULL; |
192 | key = ssh_get_next_identity(ac, &comment, version)) { | 192 | key = ssh_get_next_identity(ac, &comment, version)) { |
193 | had_identities = 1; | 193 | had_identities = 1; |
194 | if (do_fp) { | 194 | if (do_fp) { |
195 | fp = key_fingerprint(key, SSH_FP_MD5, | 195 | fp = key_fingerprint(key, SSH_FP_MD5, |
@@ -248,7 +248,7 @@ main(int argc, char **argv) | |||
248 | fprintf(stderr, "Could not open a connection to your authentication agent.\n"); | 248 | fprintf(stderr, "Could not open a connection to your authentication agent.\n"); |
249 | exit(1); | 249 | exit(1); |
250 | } | 250 | } |
251 | while ((ch = getopt(argc, argv, "lLdDe:s:")) != -1) { | 251 | while ((ch = getopt(argc, argv, "lLdDe:s:")) != -1) { |
252 | switch (ch) { | 252 | switch (ch) { |
253 | case 'l': | 253 | case 'l': |
254 | case 'L': | 254 | case 'L': |
@@ -267,7 +267,7 @@ main(int argc, char **argv) | |||
267 | sc_reader_id = optarg; | 267 | sc_reader_id = optarg; |
268 | break; | 268 | break; |
269 | case 'e': | 269 | case 'e': |
270 | deleting = 1; | 270 | deleting = 1; |
271 | sc_reader_id = optarg; | 271 | sc_reader_id = optarg; |
272 | break; | 272 | break; |
273 | default: | 273 | default: |
diff --git a/ssh-agent.c b/ssh-agent.c index 4db16e45e..e8018bf3a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.74 2001/12/05 10:06:12 deraadt Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.75 2001/12/19 07:18:56 deraadt Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -36,7 +36,7 @@ | |||
36 | */ | 36 | */ |
37 | 37 | ||
38 | #include "includes.h" | 38 | #include "includes.h" |
39 | RCSID("$OpenBSD: ssh-agent.c,v 1.74 2001/12/05 10:06:12 deraadt Exp $"); | 39 | RCSID("$OpenBSD: ssh-agent.c,v 1.75 2001/12/19 07:18:56 deraadt Exp $"); |
40 | 40 | ||
41 | #include <openssl/evp.h> | 41 | #include <openssl/evp.h> |
42 | #include <openssl/md5.h> | 42 | #include <openssl/md5.h> |
@@ -457,7 +457,7 @@ process_add_smartcard_key (SocketEntry *e) | |||
457 | Key *n = NULL, *k = NULL; | 457 | Key *n = NULL, *k = NULL; |
458 | char *sc_reader_id = NULL; | 458 | char *sc_reader_id = NULL; |
459 | int success = 0; | 459 | int success = 0; |
460 | 460 | ||
461 | sc_reader_id = buffer_get_string(&e->input, NULL); | 461 | sc_reader_id = buffer_get_string(&e->input, NULL); |
462 | k = sc_get_key(sc_reader_id); | 462 | k = sc_get_key(sc_reader_id); |
463 | xfree(sc_reader_id); | 463 | xfree(sc_reader_id); |
@@ -615,10 +615,10 @@ process_message(SocketEntry *e) | |||
615 | #ifdef SMARTCARD | 615 | #ifdef SMARTCARD |
616 | case SSH_AGENTC_ADD_SMARTCARD_KEY: | 616 | case SSH_AGENTC_ADD_SMARTCARD_KEY: |
617 | process_add_smartcard_key(e); | 617 | process_add_smartcard_key(e); |
618 | break; | 618 | break; |
619 | case SSH_AGENTC_REMOVE_SMARTCARD_KEY: | 619 | case SSH_AGENTC_REMOVE_SMARTCARD_KEY: |
620 | process_remove_smartcard_key(e); | 620 | process_remove_smartcard_key(e); |
621 | break; | 621 | break; |
622 | #endif /* SMARTCARD */ | 622 | #endif /* SMARTCARD */ |
623 | default: | 623 | default: |
624 | /* Unknown message. Respond with failure. */ | 624 | /* Unknown message. Respond with failure. */ |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 9b3b7f4c7..ccd737781 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.85 2001/12/05 10:06:12 deraadt Exp $"); | 15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.86 2001/12/19 07:18:56 deraadt Exp $"); |
16 | 16 | ||
17 | #include <openssl/evp.h> | 17 | #include <openssl/evp.h> |
18 | #include <openssl/pem.h> | 18 | #include <openssl/pem.h> |
@@ -670,7 +670,7 @@ do_change_passphrase(struct passwd *pw) | |||
670 | read_passphrase("Enter new passphrase (empty for no " | 670 | read_passphrase("Enter new passphrase (empty for no " |
671 | "passphrase): ", RP_ALLOW_STDIN); | 671 | "passphrase): ", RP_ALLOW_STDIN); |
672 | passphrase2 = read_passphrase("Enter same passphrase again: ", | 672 | passphrase2 = read_passphrase("Enter same passphrase again: ", |
673 | RP_ALLOW_STDIN); | 673 | RP_ALLOW_STDIN); |
674 | 674 | ||
675 | /* Verify that they are the same. */ | 675 | /* Verify that they are the same. */ |
676 | if (strcmp(passphrase1, passphrase2) != 0) { | 676 | if (strcmp(passphrase1, passphrase2) != 0) { |
@@ -748,7 +748,7 @@ do_change_comment(struct passwd *pw) | |||
748 | fprintf(stderr, "Comments are only supported for RSA1 keys.\n"); | 748 | fprintf(stderr, "Comments are only supported for RSA1 keys.\n"); |
749 | key_free(private); | 749 | key_free(private); |
750 | exit(1); | 750 | exit(1); |
751 | } | 751 | } |
752 | printf("Key now has comment '%s'\n", comment); | 752 | printf("Key now has comment '%s'\n", comment); |
753 | 753 | ||
754 | if (identity_comment) { | 754 | if (identity_comment) { |
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: ssh.c,v 1.150 2001/11/30 20:39:28 stevesk Exp $"); | 42 | RCSID("$OpenBSD: ssh.c,v 1.151 2001/12/19 07:18:56 deraadt Exp $"); |
43 | 43 | ||
44 | #include <openssl/evp.h> | 44 | #include <openssl/evp.h> |
45 | #include <openssl/err.h> | 45 | #include <openssl/err.h> |
@@ -485,7 +485,7 @@ again: | |||
485 | fwd_host_port); | 485 | fwd_host_port); |
486 | else if (opt == 'R') | 486 | else if (opt == 'R') |
487 | add_remote_forward(&options, fwd_port, buf, | 487 | add_remote_forward(&options, fwd_port, buf, |
488 | fwd_host_port); | 488 | fwd_host_port); |
489 | break; | 489 | break; |
490 | 490 | ||
491 | case 'D': | 491 | case 'D': |
@@ -1150,8 +1150,8 @@ ssh_session2_open(void) | |||
1150 | channel_send_open(c->self); | 1150 | channel_send_open(c->self); |
1151 | if (!no_shell_flag) | 1151 | if (!no_shell_flag) |
1152 | channel_register_callback(c->self, | 1152 | channel_register_callback(c->self, |
1153 | SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, | 1153 | SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, |
1154 | ssh_session2_setup, (void *)0); | 1154 | ssh_session2_setup, (void *)0); |
1155 | 1155 | ||
1156 | return c->self; | 1156 | return c->self; |
1157 | } | 1157 | } |
diff --git a/sshconnect.c b/sshconnect.c index 64eb8d5fa..785c9dbe2 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect.c,v 1.117 2001/12/06 18:02:32 stevesk Exp $"); | 16 | RCSID("$OpenBSD: sshconnect.c,v 1.118 2001/12/19 07:18:56 deraadt Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | 19 | ||
@@ -109,7 +109,7 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw, | |||
109 | /* Create pipes for communicating with the proxy. */ | 109 | /* Create pipes for communicating with the proxy. */ |
110 | if (pipe(pin) < 0 || pipe(pout) < 0) | 110 | if (pipe(pin) < 0 || pipe(pout) < 0) |
111 | fatal("Could not create pipes to communicate with the proxy: %.100s", | 111 | fatal("Could not create pipes to communicate with the proxy: %.100s", |
112 | strerror(errno)); | 112 | strerror(errno)); |
113 | 113 | ||
114 | debug("Executing proxy command: %.500s", command_string); | 114 | debug("Executing proxy command: %.500s", command_string); |
115 | 115 | ||
@@ -258,7 +258,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, | |||
258 | int full_failure = 1; | 258 | int full_failure = 1; |
259 | 259 | ||
260 | debug("ssh_connect: getuid %u geteuid %u anon %d", | 260 | debug("ssh_connect: getuid %u geteuid %u anon %d", |
261 | (u_int) getuid(), (u_int) geteuid(), anonymous); | 261 | (u_int) getuid(), (u_int) geteuid(), anonymous); |
262 | 262 | ||
263 | /* Get default port if port has not been set. */ | 263 | /* Get default port if port has not been set. */ |
264 | if (port == 0) { | 264 | if (port == 0) { |
@@ -428,7 +428,7 @@ ssh_exchange_identification(void) | |||
428 | &remote_major, &remote_minor, remote_version) != 3) | 428 | &remote_major, &remote_minor, remote_version) != 3) |
429 | fatal("Bad remote protocol version identification: '%.100s'", buf); | 429 | fatal("Bad remote protocol version identification: '%.100s'", buf); |
430 | debug("Remote protocol version %d.%d, remote software version %.100s", | 430 | debug("Remote protocol version %d.%d, remote software version %.100s", |
431 | remote_major, remote_minor, remote_version); | 431 | remote_major, remote_minor, remote_version); |
432 | 432 | ||
433 | compat_datafellows(remote_version); | 433 | compat_datafellows(remote_version); |
434 | mismatch = 0; | 434 | mismatch = 0; |
@@ -620,7 +620,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
620 | */ | 620 | */ |
621 | host_file = user_hostfile; | 621 | host_file = user_hostfile; |
622 | host_status = check_host_in_hostfile(host_file, host, host_key, | 622 | host_status = check_host_in_hostfile(host_file, host, host_key, |
623 | file_key, &host_line); | 623 | file_key, &host_line); |
624 | if (host_status == HOST_NEW) { | 624 | if (host_status == HOST_NEW) { |
625 | host_file = system_hostfile; | 625 | host_file = system_hostfile; |
626 | host_status = check_host_in_hostfile(host_file, host, host_key, | 626 | host_status = check_host_in_hostfile(host_file, host, host_key, |
@@ -663,7 +663,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
663 | "'%.128s' not in list of known hosts.", | 663 | "'%.128s' not in list of known hosts.", |
664 | type, ip); | 664 | type, ip); |
665 | else if (!add_host_to_hostfile(user_hostfile, ip, | 665 | else if (!add_host_to_hostfile(user_hostfile, ip, |
666 | host_key)) | 666 | host_key)) |
667 | log("Failed to add the %s host key for IP " | 667 | log("Failed to add the %s host key for IP " |
668 | "address '%.128s' to the list of known " | 668 | "address '%.128s' to the list of known " |
669 | "hosts (%.30s).", type, ip, user_hostfile); | 669 | "hosts (%.30s).", type, ip, user_hostfile); |
@@ -789,7 +789,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
789 | error("Port forwarding is disabled to avoid " | 789 | error("Port forwarding is disabled to avoid " |
790 | "man-in-the-middle attacks."); | 790 | "man-in-the-middle attacks."); |
791 | options.num_local_forwards = | 791 | options.num_local_forwards = |
792 | options.num_remote_forwards = 0; | 792 | options.num_remote_forwards = 0; |
793 | } | 793 | } |
794 | /* | 794 | /* |
795 | * XXX Should permit the user to change to use the new id. | 795 | * XXX Should permit the user to change to use the new id. |
@@ -813,7 +813,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
813 | error("Exiting, you have requested strict checking."); | 813 | error("Exiting, you have requested strict checking."); |
814 | goto fail; | 814 | goto fail; |
815 | } else if (options.strict_host_key_checking == 2) { | 815 | } else if (options.strict_host_key_checking == 2) { |
816 | if (!confirm("Are you sure you want " | 816 | if (!confirm("Are you sure you want " |
817 | "to continue connecting (yes/no)? ")) { | 817 | "to continue connecting (yes/no)? ")) { |
818 | goto fail; | 818 | goto fail; |
819 | } | 819 | } |
diff --git a/sshconnect1.c b/sshconnect1.c index d6b862352..2829ca5a7 100644 --- a/sshconnect1.c +++ b/sshconnect1.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect1.c,v 1.41 2001/10/06 11:18:19 markus Exp $"); | 16 | RCSID("$OpenBSD: sshconnect1.c,v 1.42 2001/12/19 07:18:56 deraadt Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | #include <openssl/evp.h> | 19 | #include <openssl/evp.h> |
@@ -80,8 +80,8 @@ try_agent_authentication(void) | |||
80 | 80 | ||
81 | /* Loop through identities served by the agent. */ | 81 | /* Loop through identities served by the agent. */ |
82 | for (key = ssh_get_first_identity(auth, &comment, 1); | 82 | for (key = ssh_get_first_identity(auth, &comment, 1); |
83 | key != NULL; | 83 | key != NULL; |
84 | key = ssh_get_next_identity(auth, &comment, 1)) { | 84 | key = ssh_get_next_identity(auth, &comment, 1)) { |
85 | 85 | ||
86 | /* Try this identity. */ | 86 | /* Try this identity. */ |
87 | debug("Trying RSA authentication via agent with '%.100s'", comment); | 87 | debug("Trying RSA authentication via agent with '%.100s'", comment); |
@@ -400,10 +400,10 @@ try_krb4_authentication(void) | |||
400 | /* Don't do anything if we don't have any tickets. */ | 400 | /* Don't do anything if we don't have any tickets. */ |
401 | if (stat(tkt_string(), &st) < 0) | 401 | if (stat(tkt_string(), &st) < 0) |
402 | return 0; | 402 | return 0; |
403 | 403 | ||
404 | strlcpy(inst, (char *)krb_get_phost(get_canonical_hostname(1)), | 404 | strlcpy(inst, (char *)krb_get_phost(get_canonical_hostname(1)), |
405 | INST_SZ); | 405 | INST_SZ); |
406 | 406 | ||
407 | realm = (char *)krb_realmofhost(get_canonical_hostname(1)); | 407 | realm = (char *)krb_realmofhost(get_canonical_hostname(1)); |
408 | if (!realm) { | 408 | if (!realm) { |
409 | debug("Kerberos v4: no realm for %s", get_canonical_hostname(1)); | 409 | debug("Kerberos v4: no realm for %s", get_canonical_hostname(1)); |
@@ -411,7 +411,7 @@ try_krb4_authentication(void) | |||
411 | } | 411 | } |
412 | /* This can really be anything. */ | 412 | /* This can really be anything. */ |
413 | checksum = (u_long)getpid(); | 413 | checksum = (u_long)getpid(); |
414 | 414 | ||
415 | r = krb_mk_req(&auth, KRB4_SERVICE_NAME, inst, realm, checksum); | 415 | r = krb_mk_req(&auth, KRB4_SERVICE_NAME, inst, realm, checksum); |
416 | if (r != KSUCCESS) { | 416 | if (r != KSUCCESS) { |
417 | debug("Kerberos v4 krb_mk_req failed: %s", krb_err_txt[r]); | 417 | debug("Kerberos v4 krb_mk_req failed: %s", krb_err_txt[r]); |
@@ -424,22 +424,22 @@ try_krb4_authentication(void) | |||
424 | return 0; | 424 | return 0; |
425 | } | 425 | } |
426 | des_key_sched((des_cblock *) cred.session, schedule); | 426 | des_key_sched((des_cblock *) cred.session, schedule); |
427 | 427 | ||
428 | /* Send authentication info to server. */ | 428 | /* Send authentication info to server. */ |
429 | packet_start(SSH_CMSG_AUTH_KERBEROS); | 429 | packet_start(SSH_CMSG_AUTH_KERBEROS); |
430 | packet_put_string((char *) auth.dat, auth.length); | 430 | packet_put_string((char *) auth.dat, auth.length); |
431 | packet_send(); | 431 | packet_send(); |
432 | packet_write_wait(); | 432 | packet_write_wait(); |
433 | 433 | ||
434 | /* Zero the buffer. */ | 434 | /* Zero the buffer. */ |
435 | (void) memset(auth.dat, 0, MAX_KTXT_LEN); | 435 | (void) memset(auth.dat, 0, MAX_KTXT_LEN); |
436 | 436 | ||
437 | slen = sizeof(local); | 437 | slen = sizeof(local); |
438 | memset(&local, 0, sizeof(local)); | 438 | memset(&local, 0, sizeof(local)); |
439 | if (getsockname(packet_get_connection_in(), | 439 | if (getsockname(packet_get_connection_in(), |
440 | (struct sockaddr *)&local, &slen) < 0) | 440 | (struct sockaddr *)&local, &slen) < 0) |
441 | debug("getsockname failed: %s", strerror(errno)); | 441 | debug("getsockname failed: %s", strerror(errno)); |
442 | 442 | ||
443 | slen = sizeof(foreign); | 443 | slen = sizeof(foreign); |
444 | memset(&foreign, 0, sizeof(foreign)); | 444 | memset(&foreign, 0, sizeof(foreign)); |
445 | if (getpeername(packet_get_connection_in(), | 445 | if (getpeername(packet_get_connection_in(), |
@@ -455,18 +455,18 @@ try_krb4_authentication(void) | |||
455 | debug("Kerberos v4 authentication failed."); | 455 | debug("Kerberos v4 authentication failed."); |
456 | return 0; | 456 | return 0; |
457 | break; | 457 | break; |
458 | 458 | ||
459 | case SSH_SMSG_AUTH_KERBEROS_RESPONSE: | 459 | case SSH_SMSG_AUTH_KERBEROS_RESPONSE: |
460 | /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */ | 460 | /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */ |
461 | debug("Kerberos v4 authentication accepted."); | 461 | debug("Kerberos v4 authentication accepted."); |
462 | 462 | ||
463 | /* Get server's response. */ | 463 | /* Get server's response. */ |
464 | reply = packet_get_string((u_int *) &auth.length); | 464 | reply = packet_get_string((u_int *) &auth.length); |
465 | memcpy(auth.dat, reply, auth.length); | 465 | memcpy(auth.dat, reply, auth.length); |
466 | xfree(reply); | 466 | xfree(reply); |
467 | 467 | ||
468 | packet_integrity_check(plen, 4 + auth.length, type); | 468 | packet_integrity_check(plen, 4 + auth.length, type); |
469 | 469 | ||
470 | /* | 470 | /* |
471 | * If his response isn't properly encrypted with the session | 471 | * If his response isn't properly encrypted with the session |
472 | * key, and the decrypted checksum fails to match, he's | 472 | * key, and the decrypted checksum fails to match, he's |
@@ -483,7 +483,7 @@ try_krb4_authentication(void) | |||
483 | memcpy((char *)&cksum, (char *)msg_data.app_data, | 483 | memcpy((char *)&cksum, (char *)msg_data.app_data, |
484 | sizeof(cksum)); | 484 | sizeof(cksum)); |
485 | cksum = ntohl(cksum); | 485 | cksum = ntohl(cksum); |
486 | 486 | ||
487 | /* If it matches, we're golden. */ | 487 | /* If it matches, we're golden. */ |
488 | if (cksum == checksum + 1) { | 488 | if (cksum == checksum + 1) { |
489 | debug("Kerberos v4 challenge successful."); | 489 | debug("Kerberos v4 challenge successful."); |
@@ -491,7 +491,7 @@ try_krb4_authentication(void) | |||
491 | } else | 491 | } else |
492 | packet_disconnect("Kerberos v4 challenge failed!"); | 492 | packet_disconnect("Kerberos v4 challenge failed!"); |
493 | break; | 493 | break; |
494 | 494 | ||
495 | default: | 495 | default: |
496 | packet_disconnect("Protocol error on Kerberos v4 response: %d", type); | 496 | packet_disconnect("Protocol error on Kerberos v4 response: %d", type); |
497 | } | 497 | } |
@@ -513,26 +513,26 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) | |||
513 | int type, payload_len; | 513 | int type, payload_len; |
514 | krb5_ap_rep_enc_part *reply = NULL; | 514 | krb5_ap_rep_enc_part *reply = NULL; |
515 | int ret; | 515 | int ret; |
516 | 516 | ||
517 | memset(&ap, 0, sizeof(ap)); | 517 | memset(&ap, 0, sizeof(ap)); |
518 | 518 | ||
519 | problem = krb5_init_context(context); | 519 | problem = krb5_init_context(context); |
520 | if (problem) { | 520 | if (problem) { |
521 | debug("Kerberos v5: krb5_init_context failed"); | 521 | debug("Kerberos v5: krb5_init_context failed"); |
522 | ret = 0; | 522 | ret = 0; |
523 | goto out; | 523 | goto out; |
524 | } | 524 | } |
525 | 525 | ||
526 | tkfile = krb5_cc_default_name(*context); | 526 | tkfile = krb5_cc_default_name(*context); |
527 | if (strncmp(tkfile, "FILE:", 5) == 0) | 527 | if (strncmp(tkfile, "FILE:", 5) == 0) |
528 | tkfile += 5; | 528 | tkfile += 5; |
529 | 529 | ||
530 | if (stat(tkfile, &buf) == 0 && getuid() != buf.st_uid) { | 530 | if (stat(tkfile, &buf) == 0 && getuid() != buf.st_uid) { |
531 | debug("Kerberos v5: could not get default ccache (permission denied)."); | 531 | debug("Kerberos v5: could not get default ccache (permission denied)."); |
532 | ret = 0; | 532 | ret = 0; |
533 | goto out; | 533 | goto out; |
534 | } | 534 | } |
535 | 535 | ||
536 | problem = krb5_cc_default(*context, &ccache); | 536 | problem = krb5_cc_default(*context, &ccache); |
537 | if (problem) { | 537 | if (problem) { |
538 | debug("Kerberos v5: krb5_cc_default failed: %s", | 538 | debug("Kerberos v5: krb5_cc_default failed: %s", |
@@ -540,9 +540,9 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) | |||
540 | ret = 0; | 540 | ret = 0; |
541 | goto out; | 541 | goto out; |
542 | } | 542 | } |
543 | 543 | ||
544 | remotehost = get_canonical_hostname(1); | 544 | remotehost = get_canonical_hostname(1); |
545 | 545 | ||
546 | problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED, | 546 | problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED, |
547 | "host", remotehost, NULL, ccache, &ap); | 547 | "host", remotehost, NULL, ccache, &ap); |
548 | if (problem) { | 548 | if (problem) { |
@@ -551,48 +551,48 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) | |||
551 | ret = 0; | 551 | ret = 0; |
552 | goto out; | 552 | goto out; |
553 | } | 553 | } |
554 | 554 | ||
555 | packet_start(SSH_CMSG_AUTH_KERBEROS); | 555 | packet_start(SSH_CMSG_AUTH_KERBEROS); |
556 | packet_put_string((char *) ap.data, ap.length); | 556 | packet_put_string((char *) ap.data, ap.length); |
557 | packet_send(); | 557 | packet_send(); |
558 | packet_write_wait(); | 558 | packet_write_wait(); |
559 | 559 | ||
560 | xfree(ap.data); | 560 | xfree(ap.data); |
561 | ap.length = 0; | 561 | ap.length = 0; |
562 | 562 | ||
563 | type = packet_read(&payload_len); | 563 | type = packet_read(&payload_len); |
564 | switch (type) { | 564 | switch (type) { |
565 | case SSH_SMSG_FAILURE: | 565 | case SSH_SMSG_FAILURE: |
566 | /* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */ | 566 | /* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */ |
567 | debug("Kerberos v5 authentication failed."); | 567 | debug("Kerberos v5 authentication failed."); |
568 | ret = 0; | 568 | ret = 0; |
569 | break; | 569 | break; |
570 | 570 | ||
571 | case SSH_SMSG_AUTH_KERBEROS_RESPONSE: | 571 | case SSH_SMSG_AUTH_KERBEROS_RESPONSE: |
572 | /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */ | 572 | /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */ |
573 | debug("Kerberos v5 authentication accepted."); | 573 | debug("Kerberos v5 authentication accepted."); |
574 | 574 | ||
575 | /* Get server's response. */ | 575 | /* Get server's response. */ |
576 | ap.data = packet_get_string((unsigned int *) &ap.length); | 576 | ap.data = packet_get_string((unsigned int *) &ap.length); |
577 | 577 | ||
578 | packet_integrity_check(payload_len, 4 + ap.length, type); | 578 | packet_integrity_check(payload_len, 4 + ap.length, type); |
579 | /* XXX je to dobre? */ | 579 | /* XXX je to dobre? */ |
580 | 580 | ||
581 | problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); | 581 | problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); |
582 | if (problem) { | 582 | if (problem) { |
583 | ret = 0; | 583 | ret = 0; |
584 | } | 584 | } |
585 | ret = 1; | 585 | ret = 1; |
586 | break; | 586 | break; |
587 | 587 | ||
588 | default: | 588 | default: |
589 | packet_disconnect("Protocol error on Kerberos v5 response: %d", | 589 | packet_disconnect("Protocol error on Kerberos v5 response: %d", |
590 | type); | 590 | type); |
591 | ret = 0; | 591 | ret = 0; |
592 | break; | 592 | break; |
593 | 593 | ||
594 | } | 594 | } |
595 | 595 | ||
596 | out: | 596 | out: |
597 | if (ccache != NULL) | 597 | if (ccache != NULL) |
598 | krb5_cc_close(*context, ccache); | 598 | krb5_cc_close(*context, ccache); |
@@ -600,7 +600,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) | |||
600 | krb5_free_ap_rep_enc_part(*context, reply); | 600 | krb5_free_ap_rep_enc_part(*context, reply); |
601 | if (ap.length > 0) | 601 | if (ap.length > 0) |
602 | krb5_data_free(&ap); | 602 | krb5_data_free(&ap); |
603 | 603 | ||
604 | return (ret); | 604 | return (ret); |
605 | } | 605 | } |
606 | 606 | ||
@@ -614,62 +614,62 @@ send_krb5_tgt(krb5_context context, krb5_auth_context auth_context) | |||
614 | krb5_creds creds; | 614 | krb5_creds creds; |
615 | krb5_kdc_flags flags; | 615 | krb5_kdc_flags flags; |
616 | const char *remotehost; | 616 | const char *remotehost; |
617 | 617 | ||
618 | memset(&creds, 0, sizeof(creds)); | 618 | memset(&creds, 0, sizeof(creds)); |
619 | memset(&outbuf, 0, sizeof(outbuf)); | 619 | memset(&outbuf, 0, sizeof(outbuf)); |
620 | 620 | ||
621 | fd = packet_get_connection_in(); | 621 | fd = packet_get_connection_in(); |
622 | 622 | ||
623 | problem = krb5_auth_con_setaddrs_from_fd(context, auth_context, &fd); | 623 | problem = krb5_auth_con_setaddrs_from_fd(context, auth_context, &fd); |
624 | if (problem) | 624 | if (problem) |
625 | goto out; | 625 | goto out; |
626 | 626 | ||
627 | problem = krb5_cc_default(context, &ccache); | 627 | problem = krb5_cc_default(context, &ccache); |
628 | if (problem) | 628 | if (problem) |
629 | goto out; | 629 | goto out; |
630 | 630 | ||
631 | problem = krb5_cc_get_principal(context, ccache, &creds.client); | 631 | problem = krb5_cc_get_principal(context, ccache, &creds.client); |
632 | if (problem) | 632 | if (problem) |
633 | goto out; | 633 | goto out; |
634 | 634 | ||
635 | problem = krb5_build_principal(context, &creds.server, | 635 | problem = krb5_build_principal(context, &creds.server, |
636 | strlen(creds.client->realm), creds.client->realm, | 636 | strlen(creds.client->realm), creds.client->realm, |
637 | "krbtgt", creds.client->realm, NULL); | 637 | "krbtgt", creds.client->realm, NULL); |
638 | if (problem) | 638 | if (problem) |
639 | goto out; | 639 | goto out; |
640 | 640 | ||
641 | creds.times.endtime = 0; | 641 | creds.times.endtime = 0; |
642 | 642 | ||
643 | flags.i = 0; | 643 | flags.i = 0; |
644 | flags.b.forwarded = 1; | 644 | flags.b.forwarded = 1; |
645 | flags.b.forwardable = krb5_config_get_bool(context, NULL, | 645 | flags.b.forwardable = krb5_config_get_bool(context, NULL, |
646 | "libdefaults", "forwardable", NULL); | 646 | "libdefaults", "forwardable", NULL); |
647 | 647 | ||
648 | remotehost = get_canonical_hostname(1); | 648 | remotehost = get_canonical_hostname(1); |
649 | 649 | ||
650 | problem = krb5_get_forwarded_creds(context, auth_context, | 650 | problem = krb5_get_forwarded_creds(context, auth_context, |
651 | ccache, flags.i, remotehost, &creds, &outbuf); | 651 | ccache, flags.i, remotehost, &creds, &outbuf); |
652 | if (problem) | 652 | if (problem) |
653 | goto out; | 653 | goto out; |
654 | 654 | ||
655 | packet_start(SSH_CMSG_HAVE_KERBEROS_TGT); | 655 | packet_start(SSH_CMSG_HAVE_KERBEROS_TGT); |
656 | packet_put_string((char *)outbuf.data, outbuf.length); | 656 | packet_put_string((char *)outbuf.data, outbuf.length); |
657 | packet_send(); | 657 | packet_send(); |
658 | packet_write_wait(); | 658 | packet_write_wait(); |
659 | 659 | ||
660 | type = packet_read(&payload_len); | 660 | type = packet_read(&payload_len); |
661 | 661 | ||
662 | if (type == SSH_SMSG_SUCCESS) { | 662 | if (type == SSH_SMSG_SUCCESS) { |
663 | char *pname; | 663 | char *pname; |
664 | 664 | ||
665 | krb5_unparse_name(context, creds.client, &pname); | 665 | krb5_unparse_name(context, creds.client, &pname); |
666 | debug("Kerberos v5 TGT forwarded (%s).", pname); | 666 | debug("Kerberos v5 TGT forwarded (%s).", pname); |
667 | xfree(pname); | 667 | xfree(pname); |
668 | } else | 668 | } else |
669 | debug("Kerberos v5 TGT forwarding failed."); | 669 | debug("Kerberos v5 TGT forwarding failed."); |
670 | 670 | ||
671 | return; | 671 | return; |
672 | 672 | ||
673 | out: | 673 | out: |
674 | if (problem) | 674 | if (problem) |
675 | debug("Kerberos v5 TGT forwarding failed: %s", | 675 | debug("Kerberos v5 TGT forwarding failed: %s", |
@@ -693,44 +693,44 @@ send_krb4_tgt(void) | |||
693 | struct stat st; | 693 | struct stat st; |
694 | char buffer[4096], pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; | 694 | char buffer[4096], pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; |
695 | int problem, type, len; | 695 | int problem, type, len; |
696 | 696 | ||
697 | /* Don't do anything if we don't have any tickets. */ | 697 | /* Don't do anything if we don't have any tickets. */ |
698 | if (stat(tkt_string(), &st) < 0) | 698 | if (stat(tkt_string(), &st) < 0) |
699 | return; | 699 | return; |
700 | 700 | ||
701 | creds = xmalloc(sizeof(*creds)); | 701 | creds = xmalloc(sizeof(*creds)); |
702 | 702 | ||
703 | problem = krb_get_tf_fullname(TKT_FILE, pname, pinst, prealm); | 703 | problem = krb_get_tf_fullname(TKT_FILE, pname, pinst, prealm); |
704 | if (problem) | 704 | if (problem) |
705 | goto out; | 705 | goto out; |
706 | 706 | ||
707 | problem = krb_get_cred("krbtgt", prealm, prealm, creds); | 707 | problem = krb_get_cred("krbtgt", prealm, prealm, creds); |
708 | if (problem) | 708 | if (problem) |
709 | goto out; | 709 | goto out; |
710 | 710 | ||
711 | if (time(0) > krb_life_to_time(creds->issue_date, creds->lifetime)) { | 711 | if (time(0) > krb_life_to_time(creds->issue_date, creds->lifetime)) { |
712 | problem = RD_AP_EXP; | 712 | problem = RD_AP_EXP; |
713 | goto out; | 713 | goto out; |
714 | } | 714 | } |
715 | creds_to_radix(creds, (u_char *)buffer, sizeof(buffer)); | 715 | creds_to_radix(creds, (u_char *)buffer, sizeof(buffer)); |
716 | 716 | ||
717 | packet_start(SSH_CMSG_HAVE_KERBEROS_TGT); | 717 | packet_start(SSH_CMSG_HAVE_KERBEROS_TGT); |
718 | packet_put_cstring(buffer); | 718 | packet_put_cstring(buffer); |
719 | packet_send(); | 719 | packet_send(); |
720 | packet_write_wait(); | 720 | packet_write_wait(); |
721 | 721 | ||
722 | type = packet_read(&len); | 722 | type = packet_read(&len); |
723 | 723 | ||
724 | if (type == SSH_SMSG_SUCCESS) | 724 | if (type == SSH_SMSG_SUCCESS) |
725 | debug("Kerberos v4 TGT forwarded (%s%s%s@%s).", | 725 | debug("Kerberos v4 TGT forwarded (%s%s%s@%s).", |
726 | creds->pname, creds->pinst[0] ? "." : "", | 726 | creds->pname, creds->pinst[0] ? "." : "", |
727 | creds->pinst, creds->realm); | 727 | creds->pinst, creds->realm); |
728 | else | 728 | else |
729 | debug("Kerberos v4 TGT rejected."); | 729 | debug("Kerberos v4 TGT rejected."); |
730 | 730 | ||
731 | xfree(creds); | 731 | xfree(creds); |
732 | return; | 732 | return; |
733 | 733 | ||
734 | out: | 734 | out: |
735 | debug("Kerberos v4 TGT passing failed: %s", krb_err_txt[problem]); | 735 | debug("Kerberos v4 TGT passing failed: %s", krb_err_txt[problem]); |
736 | xfree(creds); | 736 | xfree(creds); |
@@ -745,7 +745,7 @@ send_afs_tokens(void) | |||
745 | int i, type, len; | 745 | int i, type, len; |
746 | char buf[2048], *p, *server_cell; | 746 | char buf[2048], *p, *server_cell; |
747 | char buffer[8192]; | 747 | char buffer[8192]; |
748 | 748 | ||
749 | /* Move over ktc_GetToken, here's something leaner. */ | 749 | /* Move over ktc_GetToken, here's something leaner. */ |
750 | for (i = 0; i < 100; i++) { /* just in case */ | 750 | for (i = 0; i < 100; i++) { /* just in case */ |
751 | parms.in = (char *) &i; | 751 | parms.in = (char *) &i; |
@@ -755,7 +755,7 @@ send_afs_tokens(void) | |||
755 | if (k_pioctl(0, VIOCGETTOK, &parms, 0) != 0) | 755 | if (k_pioctl(0, VIOCGETTOK, &parms, 0) != 0) |
756 | break; | 756 | break; |
757 | p = buf; | 757 | p = buf; |
758 | 758 | ||
759 | /* Get secret token. */ | 759 | /* Get secret token. */ |
760 | memcpy(&creds.ticket_st.length, p, sizeof(u_int)); | 760 | memcpy(&creds.ticket_st.length, p, sizeof(u_int)); |
761 | if (creds.ticket_st.length > MAX_KTXT_LEN) | 761 | if (creds.ticket_st.length > MAX_KTXT_LEN) |
@@ -763,7 +763,7 @@ send_afs_tokens(void) | |||
763 | p += sizeof(u_int); | 763 | p += sizeof(u_int); |
764 | memcpy(creds.ticket_st.dat, p, creds.ticket_st.length); | 764 | memcpy(creds.ticket_st.dat, p, creds.ticket_st.length); |
765 | p += creds.ticket_st.length; | 765 | p += creds.ticket_st.length; |
766 | 766 | ||
767 | /* Get clear token. */ | 767 | /* Get clear token. */ |
768 | memcpy(&len, p, sizeof(len)); | 768 | memcpy(&len, p, sizeof(len)); |
769 | if (len != sizeof(struct ClearToken)) | 769 | if (len != sizeof(struct ClearToken)) |
@@ -773,7 +773,7 @@ send_afs_tokens(void) | |||
773 | p += len; | 773 | p += len; |
774 | p += sizeof(len); /* primary flag */ | 774 | p += sizeof(len); /* primary flag */ |
775 | server_cell = p; | 775 | server_cell = p; |
776 | 776 | ||
777 | /* Flesh out our credentials. */ | 777 | /* Flesh out our credentials. */ |
778 | strlcpy(creds.service, "afs", sizeof(creds.service)); | 778 | strlcpy(creds.service, "afs", sizeof(creds.service)); |
779 | creds.instance[0] = '\0'; | 779 | creds.instance[0] = '\0'; |
@@ -785,7 +785,7 @@ send_afs_tokens(void) | |||
785 | creds.kvno = ct.AuthHandle; | 785 | creds.kvno = ct.AuthHandle; |
786 | snprintf(creds.pname, sizeof(creds.pname), "AFS ID %d", ct.ViceId); | 786 | snprintf(creds.pname, sizeof(creds.pname), "AFS ID %d", ct.ViceId); |
787 | creds.pinst[0] = '\0'; | 787 | creds.pinst[0] = '\0'; |
788 | 788 | ||
789 | /* Encode token, ship it off. */ | 789 | /* Encode token, ship it off. */ |
790 | if (creds_to_radix(&creds, (u_char *)buffer, | 790 | if (creds_to_radix(&creds, (u_char *)buffer, |
791 | sizeof(buffer)) <= 0) | 791 | sizeof(buffer)) <= 0) |
@@ -798,7 +798,7 @@ send_afs_tokens(void) | |||
798 | /* Roger, Roger. Clearance, Clarence. What's your vector, | 798 | /* Roger, Roger. Clearance, Clarence. What's your vector, |
799 | Victor? */ | 799 | Victor? */ |
800 | type = packet_read(&len); | 800 | type = packet_read(&len); |
801 | 801 | ||
802 | if (type == SSH_SMSG_FAILURE) | 802 | if (type == SSH_SMSG_FAILURE) |
803 | debug("AFS token for cell %s rejected.", server_cell); | 803 | debug("AFS token for cell %s rejected.", server_cell); |
804 | else if (type != SSH_SMSG_SUCCESS) | 804 | else if (type != SSH_SMSG_SUCCESS) |
@@ -842,7 +842,7 @@ try_challenge_response_authentication(void) | |||
842 | challenge = packet_get_string(&clen); | 842 | challenge = packet_get_string(&clen); |
843 | packet_integrity_check(payload_len, (4 + clen), type); | 843 | packet_integrity_check(payload_len, (4 + clen), type); |
844 | snprintf(prompt, sizeof prompt, "%s%s", challenge, | 844 | snprintf(prompt, sizeof prompt, "%s%s", challenge, |
845 | strchr(challenge, '\n') ? "" : "\nResponse: "); | 845 | strchr(challenge, '\n') ? "" : "\nResponse: "); |
846 | xfree(challenge); | 846 | xfree(challenge); |
847 | if (i != 0) | 847 | if (i != 0) |
848 | error("Permission denied, please try again."); | 848 | error("Permission denied, please try again."); |
@@ -974,11 +974,11 @@ ssh_kex(char *host, struct sockaddr *hostaddr) | |||
974 | supported_authentications = packet_get_int(); | 974 | supported_authentications = packet_get_int(); |
975 | 975 | ||
976 | debug("Received server public key (%d bits) and host key (%d bits).", | 976 | debug("Received server public key (%d bits) and host key (%d bits).", |
977 | BN_num_bits(public_key->n), BN_num_bits(host_key->n)); | 977 | BN_num_bits(public_key->n), BN_num_bits(host_key->n)); |
978 | 978 | ||
979 | packet_integrity_check(payload_len, | 979 | packet_integrity_check(payload_len, |
980 | 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4, | 980 | 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4, |
981 | SSH_SMSG_PUBLIC_KEY); | 981 | SSH_SMSG_PUBLIC_KEY); |
982 | k.type = KEY_RSA1; | 982 | k.type = KEY_RSA1; |
983 | k.rsa = host_key; | 983 | k.rsa = host_key; |
984 | if (verify_host_key(host, hostaddr, &k) == -1) | 984 | if (verify_host_key(host, hostaddr, &k) == -1) |
@@ -1027,10 +1027,10 @@ ssh_kex(char *host, struct sockaddr *hostaddr) | |||
1027 | if (BN_num_bits(host_key->n) < | 1027 | if (BN_num_bits(host_key->n) < |
1028 | BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED) { | 1028 | BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED) { |
1029 | fatal("respond_to_rsa_challenge: host_key %d < public_key %d + " | 1029 | fatal("respond_to_rsa_challenge: host_key %d < public_key %d + " |
1030 | "SSH_KEY_BITS_RESERVED %d", | 1030 | "SSH_KEY_BITS_RESERVED %d", |
1031 | BN_num_bits(host_key->n), | 1031 | BN_num_bits(host_key->n), |
1032 | BN_num_bits(public_key->n), | 1032 | BN_num_bits(public_key->n), |
1033 | SSH_KEY_BITS_RESERVED); | 1033 | SSH_KEY_BITS_RESERVED); |
1034 | } | 1034 | } |
1035 | rsa_public_encrypt(key, key, public_key); | 1035 | rsa_public_encrypt(key, key, public_key); |
1036 | rsa_public_encrypt(key, key, host_key); | 1036 | rsa_public_encrypt(key, key, host_key); |
@@ -1039,10 +1039,10 @@ ssh_kex(char *host, struct sockaddr *hostaddr) | |||
1039 | if (BN_num_bits(public_key->n) < | 1039 | if (BN_num_bits(public_key->n) < |
1040 | BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED) { | 1040 | BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED) { |
1041 | fatal("respond_to_rsa_challenge: public_key %d < host_key %d + " | 1041 | fatal("respond_to_rsa_challenge: public_key %d < host_key %d + " |
1042 | "SSH_KEY_BITS_RESERVED %d", | 1042 | "SSH_KEY_BITS_RESERVED %d", |
1043 | BN_num_bits(public_key->n), | 1043 | BN_num_bits(public_key->n), |
1044 | BN_num_bits(host_key->n), | 1044 | BN_num_bits(host_key->n), |
1045 | SSH_KEY_BITS_RESERVED); | 1045 | SSH_KEY_BITS_RESERVED); |
1046 | } | 1046 | } |
1047 | rsa_public_encrypt(key, key, host_key); | 1047 | rsa_public_encrypt(key, key, host_key); |
1048 | rsa_public_encrypt(key, key, public_key); | 1048 | rsa_public_encrypt(key, key, public_key); |
@@ -1064,7 +1064,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) | |||
1064 | /* Check that the selected cipher is supported. */ | 1064 | /* Check that the selected cipher is supported. */ |
1065 | if (!(supported_ciphers & (1 << options.cipher))) | 1065 | if (!(supported_ciphers & (1 << options.cipher))) |
1066 | fatal("Selected cipher type %.100s not supported by server.", | 1066 | fatal("Selected cipher type %.100s not supported by server.", |
1067 | cipher_name(options.cipher)); | 1067 | cipher_name(options.cipher)); |
1068 | 1068 | ||
1069 | debug("Encryption type: %.100s", cipher_name(options.cipher)); | 1069 | debug("Encryption type: %.100s", cipher_name(options.cipher)); |
1070 | 1070 | ||
@@ -1117,7 +1117,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, | |||
1117 | #endif | 1117 | #endif |
1118 | int i, type; | 1118 | int i, type; |
1119 | int payload_len; | 1119 | int payload_len; |
1120 | 1120 | ||
1121 | if (supported_authentications == 0) | 1121 | if (supported_authentications == 0) |
1122 | fatal("ssh_userauth1: server supports no auth methods"); | 1122 | fatal("ssh_userauth1: server supports no auth methods"); |
1123 | 1123 | ||
@@ -1139,12 +1139,12 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, | |||
1139 | goto success; | 1139 | goto success; |
1140 | if (type != SSH_SMSG_FAILURE) | 1140 | if (type != SSH_SMSG_FAILURE) |
1141 | packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", type); | 1141 | packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", type); |
1142 | 1142 | ||
1143 | #ifdef KRB5 | 1143 | #ifdef KRB5 |
1144 | if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) && | 1144 | if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) && |
1145 | options.kerberos_authentication) { | 1145 | options.kerberos_authentication) { |
1146 | debug("Trying Kerberos v5 authentication."); | 1146 | debug("Trying Kerberos v5 authentication."); |
1147 | 1147 | ||
1148 | if (try_krb5_authentication(&context, &auth_context)) { | 1148 | if (try_krb5_authentication(&context, &auth_context)) { |
1149 | type = packet_read(&payload_len); | 1149 | type = packet_read(&payload_len); |
1150 | if (type == SSH_SMSG_SUCCESS) | 1150 | if (type == SSH_SMSG_SUCCESS) |
@@ -1154,12 +1154,12 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, | |||
1154 | } | 1154 | } |
1155 | } | 1155 | } |
1156 | #endif /* KRB5 */ | 1156 | #endif /* KRB5 */ |
1157 | 1157 | ||
1158 | #ifdef KRB4 | 1158 | #ifdef KRB4 |
1159 | if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) && | 1159 | if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) && |
1160 | options.kerberos_authentication) { | 1160 | options.kerberos_authentication) { |
1161 | debug("Trying Kerberos v4 authentication."); | 1161 | debug("Trying Kerberos v4 authentication."); |
1162 | 1162 | ||
1163 | if (try_krb4_authentication()) { | 1163 | if (try_krb4_authentication()) { |
1164 | type = packet_read(&payload_len); | 1164 | type = packet_read(&payload_len); |
1165 | if (type == SSH_SMSG_SUCCESS) | 1165 | if (type == SSH_SMSG_SUCCESS) |
@@ -1169,7 +1169,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, | |||
1169 | } | 1169 | } |
1170 | } | 1170 | } |
1171 | #endif /* KRB4 */ | 1171 | #endif /* KRB4 */ |
1172 | 1172 | ||
1173 | /* | 1173 | /* |
1174 | * Use rhosts authentication if running in privileged socket and we | 1174 | * Use rhosts authentication if running in privileged socket and we |
1175 | * do not wish to remain anonymous. | 1175 | * do not wish to remain anonymous. |
@@ -1254,7 +1254,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, | |||
1254 | if (context) | 1254 | if (context) |
1255 | krb5_free_context(context); | 1255 | krb5_free_context(context); |
1256 | #endif | 1256 | #endif |
1257 | 1257 | ||
1258 | #ifdef AFS | 1258 | #ifdef AFS |
1259 | /* Try Kerberos v4 TGT passing if the server supports it. */ | 1259 | /* Try Kerberos v4 TGT passing if the server supports it. */ |
1260 | if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && | 1260 | if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && |
diff --git a/sshconnect2.c b/sshconnect2.c index 514637f2d..8689da087 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.87 2001/12/05 10:06:13 deraadt Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.88 2001/12/19 07:18:56 deraadt Exp $"); |
27 | 27 | ||
28 | #include <openssl/bn.h> | 28 | #include <openssl/bn.h> |
29 | #include <openssl/md5.h> | 29 | #include <openssl/md5.h> |
@@ -111,7 +111,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
111 | myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; | 111 | myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; |
112 | } | 112 | } |
113 | if (options.hostkeyalgorithms != NULL) | 113 | if (options.hostkeyalgorithms != NULL) |
114 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = | 114 | myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = |
115 | options.hostkeyalgorithms; | 115 | options.hostkeyalgorithms; |
116 | 116 | ||
117 | /* start key exchange */ | 117 | /* start key exchange */ |
@@ -613,7 +613,7 @@ load_identity_file(char *filename) | |||
613 | if (options.batch_mode) | 613 | if (options.batch_mode) |
614 | return NULL; | 614 | return NULL; |
615 | snprintf(prompt, sizeof prompt, | 615 | snprintf(prompt, sizeof prompt, |
616 | "Enter passphrase for key '%.100s': ", filename); | 616 | "Enter passphrase for key '%.100s': ", filename); |
617 | for (i = 0; i < options.number_of_password_prompts; i++) { | 617 | for (i = 0; i < options.number_of_password_prompts; i++) { |
618 | passphrase = read_passphrase(prompt, 0); | 618 | passphrase = read_passphrase(prompt, 0); |
619 | if (strcmp(passphrase, "") != 0) { | 619 | if (strcmp(passphrase, "") != 0) { |
@@ -646,7 +646,7 @@ identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, | |||
646 | return -1; | 646 | return -1; |
647 | 647 | ||
648 | /* private key is stored in external hardware */ | 648 | /* private key is stored in external hardware */ |
649 | if (options.identity_keys[idx]->flags & KEY_FLAG_EXT) | 649 | if (options.identity_keys[idx]->flags & KEY_FLAG_EXT) |
650 | return key_sign(options.identity_keys[idx], sigp, lenp, data, datalen); | 650 | return key_sign(options.identity_keys[idx], sigp, lenp, data, datalen); |
651 | 651 | ||
652 | private = load_identity_file(options.identity_files[idx]); | 652 | private = load_identity_file(options.identity_files[idx]); |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.156 2001/12/06 13:30:06 markus Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.157 2001/12/19 07:18:56 deraadt Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -253,7 +253,7 @@ authentication, and termination of each connection is logged. | |||
253 | .It Fl t | 253 | .It Fl t |
254 | Test mode. | 254 | Test mode. |
255 | Only check the validity of the configuration file and sanity of the keys. | 255 | Only check the validity of the configuration file and sanity of the keys. |
256 | This is useful for updating | 256 | This is useful for updating |
257 | .Nm | 257 | .Nm |
258 | reliably as configuration options may change. | 258 | reliably as configuration options may change. |
259 | .It Fl u Ar len | 259 | .It Fl u Ar len |
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: sshd.c,v 1.216 2001/12/10 16:45:04 stevesk Exp $"); | 43 | RCSID("$OpenBSD: sshd.c,v 1.217 2001/12/19 07:18:56 deraadt Exp $"); |
44 | 44 | ||
45 | #include <openssl/dh.h> | 45 | #include <openssl/dh.h> |
46 | #include <openssl/bn.h> | 46 | #include <openssl/bn.h> |
@@ -399,7 +399,7 @@ sshd_exchange_identification(int sock_in, int sock_out) | |||
399 | fatal_cleanup(); | 399 | fatal_cleanup(); |
400 | } | 400 | } |
401 | debug("Client protocol version %d.%d; client software version %.100s", | 401 | debug("Client protocol version %d.%d; client software version %.100s", |
402 | remote_major, remote_minor, remote_version); | 402 | remote_major, remote_minor, remote_version); |
403 | 403 | ||
404 | compat_datafellows(remote_version); | 404 | compat_datafellows(remote_version); |
405 | 405 | ||
@@ -467,7 +467,7 @@ destroy_sensitive_data(void) | |||
467 | key_free(sensitive_data.server_key); | 467 | key_free(sensitive_data.server_key); |
468 | sensitive_data.server_key = NULL; | 468 | sensitive_data.server_key = NULL; |
469 | } | 469 | } |
470 | for(i = 0; i < options.num_host_key_files; i++) { | 470 | for (i = 0; i < options.num_host_key_files; i++) { |
471 | if (sensitive_data.host_keys[i]) { | 471 | if (sensitive_data.host_keys[i]) { |
472 | key_free(sensitive_data.host_keys[i]); | 472 | key_free(sensitive_data.host_keys[i]); |
473 | sensitive_data.host_keys[i] = NULL; | 473 | sensitive_data.host_keys[i] = NULL; |
@@ -483,7 +483,7 @@ list_hostkey_types(void) | |||
483 | static char buf[1024]; | 483 | static char buf[1024]; |
484 | int i; | 484 | int i; |
485 | buf[0] = '\0'; | 485 | buf[0] = '\0'; |
486 | for(i = 0; i < options.num_host_key_files; i++) { | 486 | for (i = 0; i < options.num_host_key_files; i++) { |
487 | Key *key = sensitive_data.host_keys[i]; | 487 | Key *key = sensitive_data.host_keys[i]; |
488 | if (key == NULL) | 488 | if (key == NULL) |
489 | continue; | 489 | continue; |
@@ -506,7 +506,7 @@ static Key * | |||
506 | get_hostkey_by_type(int type) | 506 | get_hostkey_by_type(int type) |
507 | { | 507 | { |
508 | int i; | 508 | int i; |
509 | for(i = 0; i < options.num_host_key_files; i++) { | 509 | for (i = 0; i < options.num_host_key_files; i++) { |
510 | Key *key = sensitive_data.host_keys[i]; | 510 | Key *key = sensitive_data.host_keys[i]; |
511 | if (key != NULL && key->type == type) | 511 | if (key != NULL && key->type == type) |
512 | return key; | 512 | return key; |
@@ -687,9 +687,9 @@ main(int ac, char **av) | |||
687 | utmp_len = atoi(optarg); | 687 | utmp_len = atoi(optarg); |
688 | break; | 688 | break; |
689 | case 'o': | 689 | case 'o': |
690 | if (process_server_config_line(&options, optarg, | 690 | if (process_server_config_line(&options, optarg, |
691 | "command-line", 0) != 0) | 691 | "command-line", 0) != 0) |
692 | exit(1); | 692 | exit(1); |
693 | break; | 693 | break; |
694 | case '?': | 694 | case '?': |
695 | default: | 695 | default: |
@@ -734,14 +734,14 @@ main(int ac, char **av) | |||
734 | 734 | ||
735 | /* load private host keys */ | 735 | /* load private host keys */ |
736 | sensitive_data.host_keys = xmalloc(options.num_host_key_files*sizeof(Key*)); | 736 | sensitive_data.host_keys = xmalloc(options.num_host_key_files*sizeof(Key*)); |
737 | for(i = 0; i < options.num_host_key_files; i++) | 737 | for (i = 0; i < options.num_host_key_files; i++) |
738 | sensitive_data.host_keys[i] = NULL; | 738 | sensitive_data.host_keys[i] = NULL; |
739 | sensitive_data.server_key = NULL; | 739 | sensitive_data.server_key = NULL; |
740 | sensitive_data.ssh1_host_key = NULL; | 740 | sensitive_data.ssh1_host_key = NULL; |
741 | sensitive_data.have_ssh1_key = 0; | 741 | sensitive_data.have_ssh1_key = 0; |
742 | sensitive_data.have_ssh2_key = 0; | 742 | sensitive_data.have_ssh2_key = 0; |
743 | 743 | ||
744 | for(i = 0; i < options.num_host_key_files; i++) { | 744 | for (i = 0; i < options.num_host_key_files; i++) { |
745 | key = key_load_private(options.host_key_files[i], "", NULL); | 745 | key = key_load_private(options.host_key_files[i], "", NULL); |
746 | sensitive_data.host_keys[i] = key; | 746 | sensitive_data.host_keys[i] = key; |
747 | if (key == NULL) { | 747 | if (key == NULL) { |
@@ -842,7 +842,7 @@ main(int ac, char **av) | |||
842 | /* Chdir to the root directory so that the current disk can be | 842 | /* Chdir to the root directory so that the current disk can be |
843 | unmounted if desired. */ | 843 | unmounted if desired. */ |
844 | chdir("/"); | 844 | chdir("/"); |
845 | 845 | ||
846 | /* ignore SIGPIPE */ | 846 | /* ignore SIGPIPE */ |
847 | signal(SIGPIPE, SIG_IGN); | 847 | signal(SIGPIPE, SIG_IGN); |
848 | 848 | ||
diff --git a/sshd_config b/sshd_config index e1a052a16..41e3388da 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.42 2001/09/20 20:57:51 mouring Exp $ | 1 | # $OpenBSD: sshd_config,v 1.43 2001/12/19 07:18:56 deraadt Exp $ |
2 | 2 | ||
3 | # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin | 3 | # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin |
4 | 4 | ||
@@ -50,7 +50,7 @@ HostbasedAuthentication no | |||
50 | PasswordAuthentication yes | 50 | PasswordAuthentication yes |
51 | PermitEmptyPasswords no | 51 | PermitEmptyPasswords no |
52 | 52 | ||
53 | # Uncomment to disable s/key passwords | 53 | # Uncomment to disable s/key passwords |
54 | #ChallengeResponseAuthentication no | 54 | #ChallengeResponseAuthentication no |
55 | 55 | ||
56 | # Uncomment to enable PAM keyboard-interactive authentication | 56 | # Uncomment to enable PAM keyboard-interactive authentication |
diff --git a/sshlogin.c b/sshlogin.c index b7558b9e9..2fb96bb6c 100644 --- a/sshlogin.c +++ b/sshlogin.c | |||
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: sshlogin.c,v 1.2 2001/03/24 16:43:27 stevesk Exp $"); | 42 | RCSID("$OpenBSD: sshlogin.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $"); |
43 | 43 | ||
44 | #include "loginrec.h" | 44 | #include "loginrec.h" |
45 | 45 | ||
@@ -67,7 +67,7 @@ get_last_login_time(uid_t uid, const char *logname, | |||
67 | 67 | ||
68 | void | 68 | void |
69 | record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, | 69 | record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, |
70 | const char *host, struct sockaddr * addr) | 70 | const char *host, struct sockaddr * addr) |
71 | { | 71 | { |
72 | struct logininfo *li; | 72 | struct logininfo *li; |
73 | 73 | ||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: sshpty.c,v 1.3 2001/07/22 21:32:27 markus Exp $"); | 15 | RCSID("$OpenBSD: sshpty.c,v 1.4 2001/12/19 07:18:56 deraadt Exp $"); |
16 | 16 | ||
17 | #ifdef HAVE_UTIL_H | 17 | #ifdef HAVE_UTIL_H |
18 | # include <util.h> | 18 | # include <util.h> |
@@ -156,7 +156,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) | |||
156 | *ttyfd = open(name, O_RDWR | O_NOCTTY); | 156 | *ttyfd = open(name, O_RDWR | O_NOCTTY); |
157 | if (*ttyfd < 0) { | 157 | if (*ttyfd < 0) { |
158 | error("Could not open pty slave side %.100s: %.100s", | 158 | error("Could not open pty slave side %.100s: %.100s", |
159 | name, strerror(errno)); | 159 | name, strerror(errno)); |
160 | close(*ptyfd); | 160 | close(*ptyfd); |
161 | return 0; | 161 | return 0; |
162 | } | 162 | } |
@@ -328,7 +328,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) | |||
328 | fd = open(_PATH_TTY, O_WRONLY); | 328 | fd = open(_PATH_TTY, O_WRONLY); |
329 | if (fd < 0) | 329 | if (fd < 0) |
330 | error("open /dev/tty failed - could not set controlling tty: %.100s", | 330 | error("open /dev/tty failed - could not set controlling tty: %.100s", |
331 | strerror(errno)); | 331 | strerror(errno)); |
332 | else { | 332 | else { |
333 | close(fd); | 333 | close(fd); |
334 | } | 334 | } |
@@ -339,7 +339,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) | |||
339 | 339 | ||
340 | void | 340 | void |
341 | pty_change_window_size(int ptyfd, int row, int col, | 341 | pty_change_window_size(int ptyfd, int row, int col, |
342 | int xpixel, int ypixel) | 342 | int xpixel, int ypixel) |
343 | { | 343 | { |
344 | struct winsize w; | 344 | struct winsize w; |
345 | w.ws_row = row; | 345 | w.ws_row = row; |
@@ -378,15 +378,15 @@ pty_setowner(struct passwd *pw, const char *ttyname) | |||
378 | 378 | ||
379 | if (st.st_uid != pw->pw_uid || st.st_gid != gid) { | 379 | if (st.st_uid != pw->pw_uid || st.st_gid != gid) { |
380 | if (chown(ttyname, pw->pw_uid, gid) < 0) { | 380 | if (chown(ttyname, pw->pw_uid, gid) < 0) { |
381 | if (errno == EROFS && | 381 | if (errno == EROFS && |
382 | (st.st_uid == pw->pw_uid || st.st_uid == 0)) | 382 | (st.st_uid == pw->pw_uid || st.st_uid == 0)) |
383 | error("chown(%.100s, %d, %d) failed: %.100s", | 383 | error("chown(%.100s, %d, %d) failed: %.100s", |
384 | ttyname, pw->pw_uid, gid, | 384 | ttyname, pw->pw_uid, gid, |
385 | strerror(errno)); | 385 | strerror(errno)); |
386 | else | 386 | else |
387 | fatal("chown(%.100s, %d, %d) failed: %.100s", | 387 | fatal("chown(%.100s, %d, %d) failed: %.100s", |
388 | ttyname, pw->pw_uid, gid, | 388 | ttyname, pw->pw_uid, gid, |
389 | strerror(errno)); | 389 | strerror(errno)); |
390 | } | 390 | } |
391 | } | 391 | } |
392 | 392 | ||
@@ -395,10 +395,10 @@ pty_setowner(struct passwd *pw, const char *ttyname) | |||
395 | if (errno == EROFS && | 395 | if (errno == EROFS && |
396 | (st.st_mode & (S_IRGRP | S_IROTH)) == 0) | 396 | (st.st_mode & (S_IRGRP | S_IROTH)) == 0) |
397 | error("chmod(%.100s, 0%o) failed: %.100s", | 397 | error("chmod(%.100s, 0%o) failed: %.100s", |
398 | ttyname, mode, strerror(errno)); | 398 | ttyname, mode, strerror(errno)); |
399 | else | 399 | else |
400 | fatal("chmod(%.100s, 0%o) failed: %.100s", | 400 | fatal("chmod(%.100s, 0%o) failed: %.100s", |
401 | ttyname, mode, strerror(errno)); | 401 | ttyname, mode, strerror(errno)); |
402 | } | 402 | } |
403 | } | 403 | } |
404 | } | 404 | } |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshtty.c,v 1.1 2001/04/14 16:33:20 stevesk Exp $ */ | 1 | /* $OpenBSD: sshtty.c,v 1.2 2001/12/19 07:18:56 deraadt Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -46,7 +46,7 @@ static int _in_raw_mode = 0; | |||
46 | int | 46 | int |
47 | in_raw_mode(void) | 47 | in_raw_mode(void) |
48 | { | 48 | { |
49 | return _in_raw_mode; | 49 | return _in_raw_mode; |
50 | } | 50 | } |
51 | 51 | ||
52 | struct termios | 52 | struct termios |
diff --git a/ttymodes.c b/ttymodes.c index c0bb0b1f8..ada3a1481 100644 --- a/ttymodes.c +++ b/ttymodes.c | |||
@@ -43,7 +43,7 @@ | |||
43 | */ | 43 | */ |
44 | 44 | ||
45 | #include "includes.h" | 45 | #include "includes.h" |
46 | RCSID("$OpenBSD: ttymodes.c,v 1.14 2001/06/24 17:18:31 markus Exp $"); | 46 | RCSID("$OpenBSD: ttymodes.c,v 1.15 2001/12/19 07:18:56 deraadt Exp $"); |
47 | 47 | ||
48 | #include "packet.h" | 48 | #include "packet.h" |
49 | #include "log.h" | 49 | #include "log.h" |
@@ -396,7 +396,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) | |||
396 | 396 | ||
397 | default: | 397 | default: |
398 | debug("Ignoring unsupported tty mode opcode %d (0x%x)", | 398 | debug("Ignoring unsupported tty mode opcode %d (0x%x)", |
399 | opcode, opcode); | 399 | opcode, opcode); |
400 | if (!compat20) { | 400 | if (!compat20) { |
401 | /* | 401 | /* |
402 | * SSH1: | 402 | * SSH1: |
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: uidswap.c,v 1.18 2001/08/08 21:34:19 markus Exp $"); | 15 | RCSID("$OpenBSD: uidswap.c,v 1.19 2001/12/19 07:18:56 deraadt Exp $"); |
16 | 16 | ||
17 | #include "log.h" | 17 | #include "log.h" |
18 | #include "uidswap.h" | 18 | #include "uidswap.h" |
@@ -67,7 +67,7 @@ temporarily_use_uid(struct passwd *pw) | |||
67 | 67 | ||
68 | privileged = 1; | 68 | privileged = 1; |
69 | temporarily_use_uid_effective = 1; | 69 | temporarily_use_uid_effective = 1; |
70 | saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups); | 70 | saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups); |
71 | if (saved_egroupslen < 0) | 71 | if (saved_egroupslen < 0) |
72 | fatal("getgroups: %.100s", strerror(errno)); | 72 | fatal("getgroups: %.100s", strerror(errno)); |
73 | 73 | ||
@@ -76,7 +76,7 @@ temporarily_use_uid(struct passwd *pw) | |||
76 | if (initgroups(pw->pw_name, pw->pw_gid) < 0) | 76 | if (initgroups(pw->pw_name, pw->pw_gid) < 0) |
77 | fatal("initgroups: %s: %.100s", pw->pw_name, | 77 | fatal("initgroups: %s: %.100s", pw->pw_name, |
78 | strerror(errno)); | 78 | strerror(errno)); |
79 | user_groupslen = getgroups(NGROUPS_MAX, user_groups); | 79 | user_groupslen = getgroups(NGROUPS_MAX, user_groups); |
80 | if (user_groupslen < 0) | 80 | if (user_groupslen < 0) |
81 | fatal("getgroups: %.100s", strerror(errno)); | 81 | fatal("getgroups: %.100s", strerror(errno)); |
82 | } | 82 | } |