summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKevin Steves <stevesk@pobox.com>2001-02-05 12:42:17 +0000
committerKevin Steves <stevesk@pobox.com>2001-02-05 12:42:17 +0000
commitef4eea9badfb65f05ac24f786b710cc3f27f0e43 (patch)
treef54abef181ccd6ad5285a5c16b4c159d8b74e932
parentd2ddda4efab29fd8663757634773fa10e557e0f3 (diff)
- stevesk@cvs.openbsd.org 2001/02/04 08:32:27
[many files; did this manually to our top-level source dir] unexpand and remove end-of-line whitespace; ok markus@
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--acconfig.h2
-rw-r--r--auth-chall.c2
-rw-r--r--auth-pam.c60
-rw-r--r--auth-passwd.c10
-rw-r--r--auth.c8
-rw-r--r--auth1.c18
-rw-r--r--auth2.c26
-rw-r--r--authfd.c2
-rw-r--r--canohost.c2
-rw-r--r--channels.c16
-rw-r--r--cipher.c6
-rw-r--r--cli.c10
-rw-r--r--cli.h2
-rw-r--r--defines.h28
-rw-r--r--dispatch.c2
-rw-r--r--entropy.c130
-rw-r--r--includes.h6
-rw-r--r--kex.c10
-rw-r--r--kex.h2
-rw-r--r--key.c26
-rw-r--r--log.h2
-rw-r--r--loginrec.c104
-rw-r--r--loginrec.h8
-rw-r--r--logintest.c30
-rw-r--r--md5crypt.c12
-rw-r--r--nchan.c2
-rw-r--r--packet.c4
-rw-r--r--pty.c8
-rw-r--r--rijndael.c114
-rw-r--r--rsa.c2
-rw-r--r--scp.c4
-rw-r--r--servconf.c8
-rw-r--r--serverloop.c6
-rw-r--r--session.c16
-rw-r--r--sftp-client.c2
-rw-r--r--sftp-int.c12
-rw-r--r--sftp-server.c8
-rw-r--r--sftp.c4
-rw-r--r--ssh-add.c2
-rw-r--r--ssh-agent.c2
-rw-r--r--ssh-dss.c2
-rw-r--r--ssh-keygen.c2
-rw-r--r--ssh-keyscan.c2
-rw-r--r--ssh.c4
-rw-r--r--sshconnect.c4
-rw-r--r--sshconnect2.c20
-rw-r--r--sshd.c8
-rw-r--r--xmalloc.c2
49 files changed, 386 insertions, 382 deletions
diff --git a/ChangeLog b/ChangeLog
index 202c26052..f9ff71a23 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,11 @@
120010105 120010105
2 - (bal) Disable groupaccess by setting NGROUP_MAX to 0 for platforms 2 - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms
3 that don't have NGROUPS_MAX. 3 that don't have NGROUPS_MAX.
4 - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu> 4 - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu>
5 - (stevesk) OpenBSD sync:
6 - stevesk@cvs.openbsd.org 2001/02/04 08:32:27
7 [many files; did this manually to our top-level source dir]
8 unexpand and remove end-of-line whitespace; ok markus@
5 9
620010104 1020010104
7 - (bal) I think this is the last of the bsd-*.h that don't belong. 11 - (bal) I think this is the last of the bsd-*.h that don't belong.
diff --git a/acconfig.h b/acconfig.h
index f0242eec4..6af298285 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -225,7 +225,7 @@
225/* Define if you are using Solaris-derived PAM which passes pam_messages */ 225/* Define if you are using Solaris-derived PAM which passes pam_messages */
226/* to the conversation function with an extra level of indirection */ 226/* to the conversation function with an extra level of indirection */
227#undef PAM_SUN_CODEBASE 227#undef PAM_SUN_CODEBASE
228 228
229/* Set this to your mail directory if you don't have maillock.h */ 229/* Set this to your mail directory if you don't have maillock.h */
230#undef MAIL_DIRECTORY 230#undef MAIL_DIRECTORY
231 231
diff --git a/auth-chall.c b/auth-chall.c
index b8b0c5d1e..9f5a151fe 100644
--- a/auth-chall.c
+++ b/auth-chall.c
@@ -34,7 +34,7 @@ char *
34get_challenge(Authctxt *authctxt, char *devs) 34get_challenge(Authctxt *authctxt, char *devs)
35{ 35{
36 static char challenge[1024]; 36 static char challenge[1024];
37 struct skey skey; 37 struct skey skey;
38 if (skeychallenge(&skey, authctxt->user, challenge) == -1) 38 if (skeychallenge(&skey, authctxt->user, challenge) == -1)
39 return NULL; 39 return NULL;
40 strlcat(challenge, "\nS/Key Password: ", sizeof challenge); 40 strlcat(challenge, "\nS/Key Password: ", sizeof challenge);
diff --git a/auth-pam.c b/auth-pam.c
index 122896c7f..ab985d15b 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -32,7 +32,7 @@
32#include "canohost.h" 32#include "canohost.h"
33#include "readpass.h" 33#include "readpass.h"
34 34
35RCSID("$Id: auth-pam.c,v 1.23 2001/02/04 12:20:19 djm Exp $"); 35RCSID("$Id: auth-pam.c,v 1.24 2001/02/05 12:42:17 stevesk Exp $");
36 36
37#define NEW_AUTHTOK_MSG \ 37#define NEW_AUTHTOK_MSG \
38 "Warning: Your password has expired, please change it now" 38 "Warning: Your password has expired, please change it now"
@@ -97,7 +97,7 @@ static int pamconv(int num_msg, const struct pam_message **msg,
97 /* PAM will free this later */ 97 /* PAM will free this later */
98 reply = malloc(num_msg * sizeof(*reply)); 98 reply = malloc(num_msg * sizeof(*reply));
99 if (reply == NULL) 99 if (reply == NULL)
100 return PAM_CONV_ERR; 100 return PAM_CONV_ERR;
101 101
102 for (count = 0; count < num_msg; count++) { 102 for (count = 0; count < num_msg; count++) {
103 switch(PAM_MSG_MEMBER(msg, count, msg_style)) { 103 switch(PAM_MSG_MEMBER(msg, count, msg_style)) {
@@ -120,7 +120,7 @@ static int pamconv(int num_msg, const struct pam_message **msg,
120 } 120 }
121 reply[count].resp = xstrdup(pampasswd); 121 reply[count].resp = xstrdup(pampasswd);
122 } else { 122 } else {
123 reply[count].resp = 123 reply[count].resp =
124 xstrdup(read_passphrase(PAM_MSG_MEMBER(msg, count, msg), 1)); 124 xstrdup(read_passphrase(PAM_MSG_MEMBER(msg, count, msg), 1));
125 } 125 }
126 reply[count].resp_retcode = PAM_SUCCESS; 126 reply[count].resp_retcode = PAM_SUCCESS;
@@ -158,19 +158,19 @@ void pam_cleanup_proc(void *context)
158 { 158 {
159 pam_retval = pam_close_session(pamh, 0); 159 pam_retval = pam_close_session(pamh, 0);
160 if (pam_retval != PAM_SUCCESS) { 160 if (pam_retval != PAM_SUCCESS) {
161 log("Cannot close PAM session[%d]: %.200s", 161 log("Cannot close PAM session[%d]: %.200s",
162 pam_retval, PAM_STRERROR(pamh, pam_retval)); 162 pam_retval, PAM_STRERROR(pamh, pam_retval));
163 } 163 }
164 164
165 pam_retval = pam_setcred(pamh, PAM_DELETE_CRED); 165 pam_retval = pam_setcred(pamh, PAM_DELETE_CRED);
166 if (pam_retval != PAM_SUCCESS) { 166 if (pam_retval != PAM_SUCCESS) {
167 debug("Cannot delete credentials[%d]: %.200s", 167 debug("Cannot delete credentials[%d]: %.200s",
168 pam_retval, PAM_STRERROR(pamh, pam_retval)); 168 pam_retval, PAM_STRERROR(pamh, pam_retval));
169 } 169 }
170 170
171 pam_retval = pam_end(pamh, pam_retval); 171 pam_retval = pam_end(pamh, pam_retval);
172 if (pam_retval != PAM_SUCCESS) { 172 if (pam_retval != PAM_SUCCESS) {
173 log("Cannot release PAM authentication[%d]: %.200s", 173 log("Cannot release PAM authentication[%d]: %.200s",
174 pam_retval, PAM_STRERROR(pamh, pam_retval)); 174 pam_retval, PAM_STRERROR(pamh, pam_retval));
175 } 175 }
176 } 176 }
@@ -193,15 +193,15 @@ int auth_pam_password(struct passwd *pw, const char *password)
193 return 0; 193 return 0;
194 194
195 pampasswd = password; 195 pampasswd = password;
196 196
197 pamstate = INITIAL_LOGIN; 197 pamstate = INITIAL_LOGIN;
198 pam_retval = do_pam_authenticate(0); 198 pam_retval = do_pam_authenticate(0);
199 if (pam_retval == PAM_SUCCESS) { 199 if (pam_retval == PAM_SUCCESS) {
200 debug("PAM Password authentication accepted for user \"%.100s\"", 200 debug("PAM Password authentication accepted for user \"%.100s\"",
201 pw->pw_name); 201 pw->pw_name);
202 return 1; 202 return 1;
203 } else { 203 } else {
204 debug("PAM Password authentication for \"%.100s\" failed[%d]: %s", 204 debug("PAM Password authentication for \"%.100s\" failed[%d]: %s",
205 pw->pw_name, pam_retval, PAM_STRERROR(pamh, pam_retval)); 205 pw->pw_name, pam_retval, PAM_STRERROR(pamh, pam_retval));
206 return 0; 206 return 0;
207 } 207 }
@@ -212,13 +212,13 @@ int do_pam_account(char *username, char *remote_user)
212{ 212{
213 int pam_retval; 213 int pam_retval;
214 extern ServerOptions options; 214 extern ServerOptions options;
215 215
216 debug("PAM setting rhost to \"%.200s\"", 216 debug("PAM setting rhost to \"%.200s\"",
217 get_canonical_hostname(options.reverse_mapping_check)); 217 get_canonical_hostname(options.reverse_mapping_check));
218 pam_retval = pam_set_item(pamh, PAM_RHOST, 218 pam_retval = pam_set_item(pamh, PAM_RHOST,
219 get_canonical_hostname(options.reverse_mapping_check)); 219 get_canonical_hostname(options.reverse_mapping_check));
220 if (pam_retval != PAM_SUCCESS) { 220 if (pam_retval != PAM_SUCCESS) {
221 fatal("PAM set rhost failed[%d]: %.200s", 221 fatal("PAM set rhost failed[%d]: %.200s",
222 pam_retval, PAM_STRERROR(pamh, pam_retval)); 222 pam_retval, PAM_STRERROR(pamh, pam_retval));
223 } 223 }
224 224
@@ -226,7 +226,7 @@ int do_pam_account(char *username, char *remote_user)
226 debug("PAM setting ruser to \"%.200s\"", remote_user); 226 debug("PAM setting ruser to \"%.200s\"", remote_user);
227 pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user); 227 pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user);
228 if (pam_retval != PAM_SUCCESS) { 228 if (pam_retval != PAM_SUCCESS) {
229 fatal("PAM set ruser failed[%d]: %.200s", 229 fatal("PAM set ruser failed[%d]: %.200s",
230 pam_retval, PAM_STRERROR(pamh, pam_retval)); 230 pam_retval, PAM_STRERROR(pamh, pam_retval));
231 } 231 }
232 } 232 }
@@ -242,11 +242,11 @@ int do_pam_account(char *username, char *remote_user)
242 password_change_required = 1; 242 password_change_required = 1;
243 break; 243 break;
244 default: 244 default:
245 log("PAM rejected by account configuration[%d]: %.200s", 245 log("PAM rejected by account configuration[%d]: %.200s",
246 pam_retval, PAM_STRERROR(pamh, pam_retval)); 246 pam_retval, PAM_STRERROR(pamh, pam_retval));
247 return(0); 247 return(0);
248 } 248 }
249 249
250 return(1); 250 return(1);
251} 251}
252 252
@@ -259,31 +259,31 @@ void do_pam_session(char *username, const char *ttyname)
259 debug("PAM setting tty to \"%.200s\"", ttyname); 259 debug("PAM setting tty to \"%.200s\"", ttyname);
260 pam_retval = pam_set_item(pamh, PAM_TTY, ttyname); 260 pam_retval = pam_set_item(pamh, PAM_TTY, ttyname);
261 if (pam_retval != PAM_SUCCESS) { 261 if (pam_retval != PAM_SUCCESS) {
262 fatal("PAM set tty failed[%d]: %.200s", 262 fatal("PAM set tty failed[%d]: %.200s",
263 pam_retval, PAM_STRERROR(pamh, pam_retval)); 263 pam_retval, PAM_STRERROR(pamh, pam_retval));
264 } 264 }
265 } 265 }
266 266
267 pam_retval = pam_open_session(pamh, 0); 267 pam_retval = pam_open_session(pamh, 0);
268 if (pam_retval != PAM_SUCCESS) { 268 if (pam_retval != PAM_SUCCESS) {
269 fatal("PAM session setup failed[%d]: %.200s", 269 fatal("PAM session setup failed[%d]: %.200s",
270 pam_retval, PAM_STRERROR(pamh, pam_retval)); 270 pam_retval, PAM_STRERROR(pamh, pam_retval));
271 } 271 }
272} 272}
273 273
274/* Set PAM credentials */ 274/* Set PAM credentials */
275void do_pam_setcred(void) 275void do_pam_setcred(void)
276{ 276{
277 int pam_retval; 277 int pam_retval;
278 278
279 debug("PAM establishing creds"); 279 debug("PAM establishing creds");
280 pam_retval = pam_setcred(pamh, PAM_ESTABLISH_CRED); 280 pam_retval = pam_setcred(pamh, PAM_ESTABLISH_CRED);
281 if (pam_retval != PAM_SUCCESS) { 281 if (pam_retval != PAM_SUCCESS) {
282 if(was_authenticated) { 282 if(was_authenticated) {
283 fatal("PAM setcred failed[%d]: %.200s", 283 fatal("PAM setcred failed[%d]: %.200s",
284 pam_retval, PAM_STRERROR(pamh, pam_retval)); 284 pam_retval, PAM_STRERROR(pamh, pam_retval));
285 } else { 285 } else {
286 debug("PAM setcred failed[%d]: %.200s", 286 debug("PAM setcred failed[%d]: %.200s",
287 pam_retval, PAM_STRERROR(pamh, pam_retval)); 287 pam_retval, PAM_STRERROR(pamh, pam_retval));
288 } 288 }
289 } 289 }
@@ -295,7 +295,7 @@ int pam_password_change_required(void)
295 return password_change_required; 295 return password_change_required;
296} 296}
297 297
298/* 298/*
299 * Have user change authentication token if pam_acct_mgmt() indicated 299 * Have user change authentication token if pam_acct_mgmt() indicated
300 * it was expired. This needs to be called after an interactive 300 * it was expired. This needs to be called after an interactive
301 * session is established and the user's pty is connected to 301 * session is established and the user's pty is connected to
@@ -313,7 +313,7 @@ void do_pam_chauthtok(void)
313 do { 313 do {
314 pam_retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); 314 pam_retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
315 if (pam_retval != PAM_SUCCESS) { 315 if (pam_retval != PAM_SUCCESS) {
316 log("PAM pam_chauthtok failed[%d]: %.200s", 316 log("PAM pam_chauthtok failed[%d]: %.200s",
317 pam_retval, PAM_STRERROR(pamh, pam_retval)); 317 pam_retval, PAM_STRERROR(pamh, pam_retval));
318 } 318 }
319 } while (pam_retval != PAM_SUCCESS); 319 } while (pam_retval != PAM_SUCCESS);
@@ -337,21 +337,21 @@ void start_pam(const char *user)
337 pam_retval = pam_start(SSHD_PAM_SERVICE, user, &conv, &pamh); 337 pam_retval = pam_start(SSHD_PAM_SERVICE, user, &conv, &pamh);
338 338
339 if (pam_retval != PAM_SUCCESS) { 339 if (pam_retval != PAM_SUCCESS) {
340 fatal("PAM initialisation failed[%d]: %.200s", 340 fatal("PAM initialisation failed[%d]: %.200s",
341 pam_retval, PAM_STRERROR(pamh, pam_retval)); 341 pam_retval, PAM_STRERROR(pamh, pam_retval));
342 } 342 }
343 343
344#ifdef PAM_TTY_KLUDGE 344#ifdef PAM_TTY_KLUDGE
345 /* 345 /*
346 * Some PAM modules (e.g. pam_time) require a TTY to operate, 346 * Some PAM modules (e.g. pam_time) require a TTY to operate,
347 * and will fail in various stupid ways if they don't get one. 347 * and will fail in various stupid ways if they don't get one.
348 * sshd doesn't set the tty until too late in the auth process and may 348 * sshd doesn't set the tty until too late in the auth process and may
349 * not even need one (for tty-less connections) 349 * not even need one (for tty-less connections)
350 * Kludge: Set a fake PAM_TTY 350 * Kludge: Set a fake PAM_TTY
351 */ 351 */
352 pam_retval = pam_set_item(pamh, PAM_TTY, "ssh"); 352 pam_retval = pam_set_item(pamh, PAM_TTY, "ssh");
353 if (pam_retval != PAM_SUCCESS) { 353 if (pam_retval != PAM_SUCCESS) {
354 fatal("PAM set tty failed[%d]: %.200s", 354 fatal("PAM set tty failed[%d]: %.200s",
355 pam_retval, PAM_STRERROR(pamh, pam_retval)); 355 pam_retval, PAM_STRERROR(pamh, pam_retval));
356 } 356 }
357#endif /* PAM_TTY_KLUDGE */ 357#endif /* PAM_TTY_KLUDGE */
@@ -383,9 +383,9 @@ void pam_msg_cat(const char *msg)
383 char *p; 383 char *p;
384 size_t new_msg_len; 384 size_t new_msg_len;
385 size_t pam_msg_len; 385 size_t pam_msg_len;
386 386
387 new_msg_len = strlen(msg); 387 new_msg_len = strlen(msg);
388 388
389 if (pam_msg) { 389 if (pam_msg) {
390 pam_msg_len = strlen(pam_msg); 390 pam_msg_len = strlen(pam_msg);
391 pam_msg = xrealloc(pam_msg, new_msg_len + pam_msg_len + 2); 391 pam_msg = xrealloc(pam_msg, new_msg_len + pam_msg_len + 2);
diff --git a/auth-passwd.c b/auth-passwd.c
index 541aca607..9f763267f 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -118,7 +118,7 @@ auth_password(struct passwd * pw, const char *password)
118 * Empty password is only possible on NT if the user has _really_ 118 * Empty password is only possible on NT if the user has _really_
119 * an empty password and authentication is done, though. 119 * an empty password and authentication is done, though.
120 */ 120 */
121 if (!is_winnt) 121 if (!is_winnt)
122#endif 122#endif
123 if (*password == '\0' && options.permit_empty_passwd == 0) 123 if (*password == '\0' && options.permit_empty_passwd == 0)
124 return 0; 124 return 0;
@@ -155,13 +155,13 @@ auth_password(struct passwd * pw, const char *password)
155 */ 155 */
156#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 156#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
157 spw = getspnam(pw->pw_name); 157 spw = getspnam(pw->pw_name);
158 if (spw != NULL) 158 if (spw != NULL)
159 pw_password = spw->sp_pwdp; 159 pw_password = spw->sp_pwdp;
160#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ 160#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */
161 161
162#ifdef HAVE_SCO_PROTECTED_PW 162#ifdef HAVE_SCO_PROTECTED_PW
163 spw = getprpwnam(pw->pw_name); 163 spw = getprpwnam(pw->pw_name);
164 if (spw != NULL) 164 if (spw != NULL)
165 pw_password = spw->ufld.fd_encrypt; 165 pw_password = spw->ufld.fd_encrypt;
166#endif /* HAVE_SCO_PROTECTED_PW */ 166#endif /* HAVE_SCO_PROTECTED_PW */
167 167
@@ -189,7 +189,7 @@ auth_password(struct passwd * pw, const char *password)
189 encrypted_password = md5_crypt(password, salt); 189 encrypted_password = md5_crypt(password, salt);
190 else 190 else
191 encrypted_password = crypt(password, salt); 191 encrypted_password = crypt(password, salt);
192#else /* HAVE_MD5_PASSWORDS */ 192#else /* HAVE_MD5_PASSWORDS */
193# ifdef __hpux 193# ifdef __hpux
194 if (iscomsec()) 194 if (iscomsec())
195 encrypted_password = bigcrypt(password, salt); 195 encrypted_password = bigcrypt(password, salt);
@@ -198,7 +198,7 @@ auth_password(struct passwd * pw, const char *password)
198# else 198# else
199 encrypted_password = crypt(password, salt); 199 encrypted_password = crypt(password, salt);
200# endif /* __hpux */ 200# endif /* __hpux */
201#endif /* HAVE_MD5_PASSWORDS */ 201#endif /* HAVE_MD5_PASSWORDS */
202 202
203 /* Authentication is accepted if the encrypted passwords are identical. */ 203 /* Authentication is accepted if the encrypted passwords are identical. */
204 return (strcmp(encrypted_password, pw_password) == 0); 204 return (strcmp(encrypted_password, pw_password) == 0);
diff --git a/auth.c b/auth.c
index 4e3cf675e..d08a93369 100644
--- a/auth.c
+++ b/auth.c
@@ -79,7 +79,7 @@ allowed_user(struct passwd * pw)
79 return 0; 79 return 0;
80 80
81 /* Check password expiry */ 81 /* Check password expiry */
82 if ((spw->sp_lstchg >= 0) && (spw->sp_max >= 0) && 82 if ((spw->sp_lstchg >= 0) && (spw->sp_max >= 0) &&
83 (days > (spw->sp_lstchg + spw->sp_max))) 83 (days > (spw->sp_lstchg + spw->sp_max)))
84 return 0; 84 return 0;
85 } 85 }
@@ -165,9 +165,9 @@ allowed_user(struct passwd * pw)
165Authctxt * 165Authctxt *
166authctxt_new(void) 166authctxt_new(void)
167{ 167{
168 Authctxt *authctxt = xmalloc(sizeof(*authctxt)); 168 Authctxt *authctxt = xmalloc(sizeof(*authctxt));
169 memset(authctxt, 0, sizeof(*authctxt)); 169 memset(authctxt, 0, sizeof(*authctxt));
170 return authctxt; 170 return authctxt;
171} 171}
172 172
173struct passwd * 173struct passwd *
diff --git a/auth1.c b/auth1.c
index 750fa5b53..1feedc9ac 100644
--- a/auth1.c
+++ b/auth1.c
@@ -265,8 +265,8 @@ do_authloop(Authctxt *authctxt)
265 authenticated = auth_pam_password(pw, password); 265 authenticated = auth_pam_password(pw, password);
266#elif defined(HAVE_OSF_SIA) 266#elif defined(HAVE_OSF_SIA)
267 /* Do SIA auth with password */ 267 /* Do SIA auth with password */
268 if (sia_validate_user(NULL, saved_argc, saved_argv, 268 if (sia_validate_user(NULL, saved_argc, saved_argv,
269 get_canonical_hostname(options.reverse_mapping_check), 269 get_canonical_hostname(options.reverse_mapping_check),
270 pw->pw_name, NULL, 0, NULL, password) == SIASUCCESS) { 270 pw->pw_name, NULL, 0, NULL, password) == SIASUCCESS) {
271 authenticated = 1; 271 authenticated = 1;
272 } 272 }
@@ -317,8 +317,8 @@ do_authloop(Authctxt *authctxt)
317 fatal("INTERNAL ERROR: authenticated invalid user %s", 317 fatal("INTERNAL ERROR: authenticated invalid user %s",
318 authctxt->user); 318 authctxt->user);
319 319
320#ifdef HAVE_CYGWIN 320#ifdef HAVE_CYGWIN
321 if (authenticated && 321 if (authenticated &&
322 !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,pw->pw_uid)) { 322 !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,pw->pw_uid)) {
323 packet_disconnect("Authentication rejected for uid %d.", 323 packet_disconnect("Authentication rejected for uid %d.",
324 (int)pw->pw_uid); 324 (int)pw->pw_uid);
@@ -329,7 +329,7 @@ do_authloop(Authctxt *authctxt)
329 if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed()) 329 if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed())
330 authenticated = 0; 330 authenticated = 0;
331#endif 331#endif
332#ifdef USE_PAM 332#ifdef USE_PAM
333 if (authenticated && !do_pam_account(pw->pw_name, client_user)) 333 if (authenticated && !do_pam_account(pw->pw_name, client_user))
334 authenticated = 0; 334 authenticated = 0;
335#endif 335#endif
@@ -346,9 +346,9 @@ do_authloop(Authctxt *authctxt)
346 return; 346 return;
347 347
348 if (authctxt->failures++ > AUTH_FAIL_MAX) { 348 if (authctxt->failures++ > AUTH_FAIL_MAX) {
349#ifdef WITH_AIXAUTHENTICATE 349#ifdef WITH_AIXAUTHENTICATE
350 loginfailed(authctxt->user, 350 loginfailed(authctxt->user,
351 get_canonical_hostname(options.reverse_mapping_check), 351 get_canonical_hostname(options.reverse_mapping_check),
352 "ssh"); 352 "ssh");
353#endif /* WITH_AIXAUTHENTICATE */ 353#endif /* WITH_AIXAUTHENTICATE */
354 packet_disconnect(AUTH_FAIL_MSG, authctxt->user); 354 packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
@@ -435,7 +435,7 @@ do_authentication()
435 435
436#ifdef WITH_AIXAUTHENTICATE 436#ifdef WITH_AIXAUTHENTICATE
437 /* We don't have a pty yet, so just label the line as "ssh" */ 437 /* We don't have a pty yet, so just label the line as "ssh" */
438 if (loginsuccess(authctxt->user, 438 if (loginsuccess(authctxt->user,
439 get_canonical_hostname(options.reverse_mapping_check), 439 get_canonical_hostname(options.reverse_mapping_check),
440 "ssh", &aixloginmsg) < 0) 440 "ssh", &aixloginmsg) < 0)
441 aixloginmsg = NULL; 441 aixloginmsg = NULL;
diff --git a/auth2.c b/auth2.c
index 5f8b42340..ca2743a5e 100644
--- a/auth2.c
+++ b/auth2.c
@@ -203,7 +203,7 @@ input_userauth_request(int type, int plen, void *ctxt)
203 if ((style = strchr(user, ':')) != NULL) 203 if ((style = strchr(user, ':')) != NULL)
204 *style++ = 0; 204 *style++ = 0;
205 205
206 if (authctxt->attempt++ == 0) { 206 if (authctxt->attempt++ == 0) {
207 /* setup auth context */ 207 /* setup auth context */
208 struct passwd *pw = NULL; 208 struct passwd *pw = NULL;
209 setproctitle("%s", user); 209 setproctitle("%s", user);
@@ -300,7 +300,7 @@ done:
300 return; 300 return;
301} 301}
302 302
303void 303void
304userauth_reply(Authctxt *authctxt, int authenticated) 304userauth_reply(Authctxt *authctxt, int authenticated)
305{ 305{
306 char *methods; 306 char *methods;
@@ -309,8 +309,8 @@ userauth_reply(Authctxt *authctxt, int authenticated)
309 if (authenticated) { 309 if (authenticated) {
310#ifdef WITH_AIXAUTHENTICATE 310#ifdef WITH_AIXAUTHENTICATE
311 /* We don't have a pty yet, so just label the line as "ssh" */ 311 /* We don't have a pty yet, so just label the line as "ssh" */
312 if (loginsuccess(authctxt->user?authctxt->user:"NOUSER", 312 if (loginsuccess(authctxt->user?authctxt->user:"NOUSER",
313 get_canonical_hostname(options.reverse_mapping_check), 313 get_canonical_hostname(options.reverse_mapping_check),
314 "ssh", &aixloginmsg) < 0) 314 "ssh", &aixloginmsg) < 0)
315 aixloginmsg = NULL; 315 aixloginmsg = NULL;
316#endif /* WITH_AIXAUTHENTICATE */ 316#endif /* WITH_AIXAUTHENTICATE */
@@ -323,7 +323,7 @@ userauth_reply(Authctxt *authctxt, int authenticated)
323 authctxt->success = 1; 323 authctxt->success = 1;
324 } else { 324 } else {
325 if (authctxt->failures++ > AUTH_FAIL_MAX) 325 if (authctxt->failures++ > AUTH_FAIL_MAX)
326 packet_disconnect(AUTH_FAIL_MSG, authctxt->user); 326 packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
327 methods = authmethods_get(); 327 methods = authmethods_get();
328 packet_start(SSH2_MSG_USERAUTH_FAILURE); 328 packet_start(SSH2_MSG_USERAUTH_FAILURE);
329 packet_put_cstring(methods); 329 packet_put_cstring(methods);
@@ -342,11 +342,11 @@ userauth_none(Authctxt *authctxt)
342 if (m != NULL) 342 if (m != NULL)
343 m->enabled = NULL; 343 m->enabled = NULL;
344 packet_done(); 344 packet_done();
345 userauth_banner(); 345 userauth_banner();
346 346
347 if (authctxt->valid == 0) 347 if (authctxt->valid == 0)
348 return(0); 348 return(0);
349 349
350#ifdef HAVE_CYGWIN 350#ifdef HAVE_CYGWIN
351 if (check_nt_auth(1, authctxt->pw->pw_uid) == 0) 351 if (check_nt_auth(1, authctxt->pw->pw_uid) == 0)
352 return(0); 352 return(0);
@@ -354,9 +354,9 @@ userauth_none(Authctxt *authctxt)
354#ifdef USE_PAM 354#ifdef USE_PAM
355 return auth_pam_password(authctxt->pw, ""); 355 return auth_pam_password(authctxt->pw, "");
356#elif defined(HAVE_OSF_SIA) 356#elif defined(HAVE_OSF_SIA)
357 return (sia_validate_user(NULL, saved_argc, saved_argv, 357 return (sia_validate_user(NULL, saved_argc, saved_argv,
358 get_canonical_hostname(options.reverse_mapping_check), 358 get_canonical_hostname(options.reverse_mapping_check),
359 authctxt->user?authctxt->user:"NOUSER", NULL, 0, 359 authctxt->user?authctxt->user:"NOUSER", NULL, 0,
360 NULL, "") == SIASUCCESS); 360 NULL, "") == SIASUCCESS);
361#else /* !HAVE_OSF_SIA && !USE_PAM */ 361#else /* !HAVE_OSF_SIA && !USE_PAM */
362 return auth_password(authctxt->pw, ""); 362 return auth_password(authctxt->pw, "");
@@ -382,9 +382,9 @@ userauth_passwd(Authctxt *authctxt)
382#ifdef USE_PAM 382#ifdef USE_PAM
383 auth_pam_password(authctxt->pw, password) == 1) 383 auth_pam_password(authctxt->pw, password) == 1)
384#elif defined(HAVE_OSF_SIA) 384#elif defined(HAVE_OSF_SIA)
385 sia_validate_user(NULL, saved_argc, saved_argv, 385 sia_validate_user(NULL, saved_argc, saved_argv,
386 get_canonical_hostname(options.reverse_mapping_check), 386 get_canonical_hostname(options.reverse_mapping_check),
387 authctxt->user?authctxt->user:"NOUSER", NULL, 0, NULL, 387 authctxt->user?authctxt->user:"NOUSER", NULL, 0, NULL,
388 password) == SIASUCCESS) 388 password) == SIASUCCESS)
389#else /* !USE_PAM && !HAVE_OSF_SIA */ 389#else /* !USE_PAM && !HAVE_OSF_SIA */
390 auth_password(authctxt->pw, password) == 1) 390 auth_password(authctxt->pw, password) == 1)
diff --git a/authfd.c b/authfd.c
index 17f5d139a..d98f1184e 100644
--- a/authfd.c
+++ b/authfd.c
@@ -558,7 +558,7 @@ ssh_remove_all_identities(AuthenticationConnection *auth, int version)
558 return decode_reply(type); 558 return decode_reply(type);
559} 559}
560 560
561int 561int
562decode_reply(int type) 562decode_reply(int type)
563{ 563{
564 switch (type) { 564 switch (type) {
diff --git a/canohost.c b/canohost.c
index 8253e9b6e..87f56054b 100644
--- a/canohost.c
+++ b/canohost.c
@@ -56,7 +56,7 @@ get_remote_hostname(int socket, int reverse_mapping_check)
56 port = from6->sin6_port; 56 port = from6->sin6_port;
57 57
58 memset(&from, 0, sizeof(from)); 58 memset(&from, 0, sizeof(from));
59 59
60 from4->sin_family = AF_INET; 60 from4->sin_family = AF_INET;
61 memcpy(&from4->sin_addr, &addr, sizeof(addr)); 61 memcpy(&from4->sin_addr, &addr, sizeof(addr));
62 from4->sin_port = port; 62 from4->sin_port = port;
diff --git a/channels.c b/channels.c
index d343ac89e..d8c7e1243 100644
--- a/channels.c
+++ b/channels.c
@@ -704,7 +704,7 @@ channel_post_connecting(Channel *c, fd_set * readset, fd_set * writeset)
704 int err = 0; 704 int err = 0;
705 int sz = sizeof(err); 705 int sz = sizeof(err);
706 c->type = SSH_CHANNEL_OPEN; 706 c->type = SSH_CHANNEL_OPEN;
707 if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, (char *)&err, &sz) < 0) { 707 if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, (char *)&err, &sz) < 0) {
708 debug("getsockopt SO_ERROR failed"); 708 debug("getsockopt SO_ERROR failed");
709 } else { 709 } else {
710 if (err == 0) { 710 if (err == 0) {
@@ -1553,7 +1553,7 @@ channel_request_forwarding(
1553 1553
1554 if (remote_fwd) { 1554 if (remote_fwd) {
1555 host = listen_address; 1555 host = listen_address;
1556 ctype = SSH_CHANNEL_RPORT_LISTENER; 1556 ctype = SSH_CHANNEL_RPORT_LISTENER;
1557 } else { 1557 } else {
1558 host = host_to_connect; 1558 host = host_to_connect;
1559 ctype =SSH_CHANNEL_PORT_LISTENER; 1559 ctype =SSH_CHANNEL_PORT_LISTENER;
@@ -1608,7 +1608,7 @@ channel_request_forwarding(
1608 error("bind: %.100s", strerror(errno)); 1608 error("bind: %.100s", strerror(errno));
1609 else 1609 else
1610 verbose("bind: %.100s", strerror(errno)); 1610 verbose("bind: %.100s", strerror(errno));
1611 1611
1612 close(sock); 1612 close(sock);
1613 continue; 1613 continue;
1614 } 1614 }
@@ -1762,14 +1762,14 @@ channel_connect_to(const char *host, u_short host_port)
1762 error("connect %.100s port %s: %.100s", ntop, strport, 1762 error("connect %.100s port %s: %.100s", ntop, strport,
1763 strerror(errno)); 1763 strerror(errno));
1764 close(sock); 1764 close(sock);
1765 continue; /* fail -- try next */ 1765 continue; /* fail -- try next */
1766 } 1766 }
1767 break; /* success */ 1767 break; /* success */
1768 1768
1769 } 1769 }
1770 freeaddrinfo(aitop); 1770 freeaddrinfo(aitop);
1771 if (!ai) { 1771 if (!ai) {
1772 error("connect %.100s port %d: failed.", host, host_port); 1772 error("connect %.100s port %d: failed.", host, host_port);
1773 return -1; 1773 return -1;
1774 } 1774 }
1775 /* success */ 1775 /* success */
@@ -1954,7 +1954,7 @@ x11_create_display_inet(int screen_number, int x11_display_offset)
1954 fatal("gethostname: %.100s", strerror(errno)); 1954 fatal("gethostname: %.100s", strerror(errno));
1955 1955
1956#ifdef IPADDR_IN_DISPLAY 1956#ifdef IPADDR_IN_DISPLAY
1957 /* 1957 /*
1958 * HPUX detects the local hostname in the DISPLAY variable and tries 1958 * HPUX detects the local hostname in the DISPLAY variable and tries
1959 * to set up a shared memory connection to the server, which it 1959 * to set up a shared memory connection to the server, which it
1960 * incorrectly supposes to be local. 1960 * incorrectly supposes to be local.
@@ -1983,7 +1983,7 @@ x11_create_display_inet(int screen_number, int x11_display_offset)
1983 memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr)); 1983 memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr));
1984 1984
1985 /* Set DISPLAY to <ip address>:screen.display */ 1985 /* Set DISPLAY to <ip address>:screen.display */
1986 snprintf(display, sizeof(display), "%.50s:%d.%d", inet_ntoa(my_addr), 1986 snprintf(display, sizeof(display), "%.50s:%d.%d", inet_ntoa(my_addr),
1987 display_number, screen_number); 1987 display_number, screen_number);
1988 } 1988 }
1989#else /* IPADDR_IN_DISPLAY */ 1989#else /* IPADDR_IN_DISPLAY */
@@ -2501,7 +2501,7 @@ channel_cancel_cleanup(int id)
2501 } 2501 }
2502 c->dettach_user = NULL; 2502 c->dettach_user = NULL;
2503} 2503}
2504void 2504void
2505channel_register_filter(int id, channel_filter_fn *fn) 2505channel_register_filter(int id, channel_filter_fn *fn)
2506{ 2506{
2507 Channel *c = channel_lookup(id); 2507 Channel *c = channel_lookup(id);
diff --git a/cipher.c b/cipher.c
index c867216cc..b1740ecf9 100644
--- a/cipher.c
+++ b/cipher.c
@@ -266,7 +266,7 @@ cast_setkey(CipherContext *cc, const u_char *key, u_int keylen)
266void 266void
267cast_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) 267cast_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
268{ 268{
269 if (iv == NULL) 269 if (iv == NULL)
270 fatal("no IV for %s.", cc->cipher->name); 270 fatal("no IV for %s.", cc->cipher->name);
271 memcpy(cc->u.cast.iv, (char *)iv, 8); 271 memcpy(cc->u.cast.iv, (char *)iv, 8);
272} 272}
@@ -295,7 +295,7 @@ rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen)
295void 295void
296rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) 296rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
297{ 297{
298 if (iv == NULL) 298 if (iv == NULL)
299 fatal("no IV for %s.", cc->cipher->name); 299 fatal("no IV for %s.", cc->cipher->name);
300 memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); 300 memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE);
301} 301}
@@ -415,7 +415,7 @@ Cipher ciphers[] = {
415 SSH_CIPHER_SSH2, 16, 32, 415 SSH_CIPHER_SSH2, 16, 32,
416 rijndael_setkey, rijndael_setiv, 416 rijndael_setkey, rijndael_setiv,
417 rijndael_cbc_encrypt, rijndael_cbc_decrypt }, 417 rijndael_cbc_encrypt, rijndael_cbc_decrypt },
418 { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL, NULL, NULL, NULL } 418 { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL, NULL, NULL, NULL }
419}; 419};
420 420
421/*--*/ 421/*--*/
diff --git a/cli.c b/cli.c
index f86adac4e..0e35b826a 100644
--- a/cli.c
+++ b/cli.c
@@ -136,11 +136,11 @@ cli_write(const char* buf, int size)
136 136
137 output = xmalloc(4*size); 137 output = xmalloc(4*size);
138 for (p = output, i = 0; i < size; i++) { 138 for (p = output, i = 0; i < size; i++) {
139 if (buf[i] == '\n') 139 if (buf[i] == '\n')
140 *p++ = buf[i]; 140 *p++ = buf[i];
141 else 141 else
142 p = vis(p, buf[i], 0, 0); 142 p = vis(p, buf[i], 0, 0);
143 } 143 }
144 len = p - output; 144 len = p - output;
145 145
146 for (pos = 0; pos < len; pos += ret) { 146 for (pos = 0; pos < len; pos += ret) {
diff --git a/cli.h b/cli.h
index fbcc87968..b8d0ed056 100644
--- a/cli.h
+++ b/cli.h
@@ -9,7 +9,7 @@
9 * of response depending on arg. Tries to ensure that no other userland 9 * of response depending on arg. Tries to ensure that no other userland
10 * buffer is storing the response. 10 * buffer is storing the response.
11 */ 11 */
12char* cli_read_passphrase(const char* prompt, int from_stdin, 12char* cli_read_passphrase(const char* prompt, int from_stdin,
13 int echo_enable); 13 int echo_enable);
14char* cli_prompt(char* prompt, int echo_enable); 14char* cli_prompt(char* prompt, int echo_enable);
15void cli_mesg(char* mesg); 15void cli_mesg(char* mesg);
diff --git a/defines.h b/defines.h
index 1c2307090..e14646ade 100644
--- a/defines.h
+++ b/defines.h
@@ -19,13 +19,13 @@
19#endif 19#endif
20#ifdef HAVE_SYS_BITYPES_H 20#ifdef HAVE_SYS_BITYPES_H
21# include <sys/bitypes.h> /* For u_intXX_t */ 21# include <sys/bitypes.h> /* For u_intXX_t */
22#endif 22#endif
23#ifdef HAVE_PATHS_H 23#ifdef HAVE_PATHS_H
24# include <paths.h> /* For _PATH_XXX */ 24# include <paths.h> /* For _PATH_XXX */
25#endif 25#endif
26#ifdef HAVE_LIMITS_H 26#ifdef HAVE_LIMITS_H
27# include <limits.h> /* For PATH_MAX */ 27# include <limits.h> /* For PATH_MAX */
28#endif 28#endif
29#ifdef HAVE_SYS_TIME_H 29#ifdef HAVE_SYS_TIME_H
30# include <sys/time.h> /* For timersub */ 30# include <sys/time.h> /* For timersub */
31#endif 31#endif
@@ -34,7 +34,7 @@
34#endif 34#endif
35#ifdef HAVE_SYS_CDEFS_H 35#ifdef HAVE_SYS_CDEFS_H
36# include <sys/cdefs.h> /* For __P() */ 36# include <sys/cdefs.h> /* For __P() */
37#endif 37#endif
38#ifdef HAVE_SYS_SYSMACROS_H 38#ifdef HAVE_SYS_SYSMACROS_H
39# include <sys/sysmacros.h> /* For MIN, MAX, etc */ 39# include <sys/sysmacros.h> /* For MIN, MAX, etc */
40#endif 40#endif
@@ -79,22 +79,22 @@ enum
79# endif /* PATH_MAX */ 79# endif /* PATH_MAX */
80#endif /* MAXPATHLEN */ 80#endif /* MAXPATHLEN */
81 81
82#ifndef STDIN_FILENO 82#ifndef STDIN_FILENO
83# define STDIN_FILENO 0 83# define STDIN_FILENO 0
84#endif 84#endif
85#ifndef STDOUT_FILENO 85#ifndef STDOUT_FILENO
86# define STDOUT_FILENO 1 86# define STDOUT_FILENO 1
87#endif 87#endif
88#ifndef STDERR_FILENO 88#ifndef STDERR_FILENO
89# define STDERR_FILENO 2 89# define STDERR_FILENO 2
90#endif 90#endif
91 91
92#ifndef NGROUPS_MAX /* Disable groupaccess if NGROUP_MAX is not set */ 92#ifndef NGROUPS_MAX /* Disable groupaccess if NGROUP_MAX is not set */
93#define NGROUPS_MAX 0 93#define NGROUPS_MAX 0
94#endif 94#endif
95 95
96#ifndef O_NONBLOCK /* Non Blocking Open */ 96#ifndef O_NONBLOCK /* Non Blocking Open */
97# define O_NONBLOCK 00004 97# define O_NONBLOCK 00004
98#endif 98#endif
99 99
100#ifndef S_ISREG 100#ifndef S_ISREG
@@ -318,8 +318,8 @@ struct winsize {
318 (result)->tv_sec = (a)->tv_sec - (b)->tv_sec; \ 318 (result)->tv_sec = (a)->tv_sec - (b)->tv_sec; \
319 (result)->tv_usec = (a)->tv_usec - (b)->tv_usec; \ 319 (result)->tv_usec = (a)->tv_usec - (b)->tv_usec; \
320 if ((result)->tv_usec < 0) { \ 320 if ((result)->tv_usec < 0) { \
321 --(result)->tv_sec; \ 321 --(result)->tv_sec; \
322 (result)->tv_usec += 1000000; \ 322 (result)->tv_usec += 1000000; \
323 } \ 323 } \
324 } while (0) 324 } while (0)
325#endif 325#endif
@@ -340,7 +340,7 @@ struct winsize {
340 340
341#ifndef SUN_LEN 341#ifndef SUN_LEN
342#define SUN_LEN(su) \ 342#define SUN_LEN(su) \
343 (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path)) 343 (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
344#endif /* SUN_LEN */ 344#endif /* SUN_LEN */
345 345
346/* Function replacement / compatibility hacks */ 346/* Function replacement / compatibility hacks */
diff --git a/dispatch.c b/dispatch.c
index a771094fe..bc58d6cd1 100644
--- a/dispatch.c
+++ b/dispatch.c
@@ -72,7 +72,7 @@ dispatch_run(int mode, int *done, void *ctxt)
72 if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL) 72 if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL)
73 (*dispatch[type])(type, plen, ctxt); 73 (*dispatch[type])(type, plen, ctxt);
74 else 74 else
75 packet_disconnect("protocol error: rcvd type %d", type); 75 packet_disconnect("protocol error: rcvd type %d", type);
76 if (done != NULL && *done) 76 if (done != NULL && *done)
77 return; 77 return;
78 } 78 }
diff --git a/entropy.c b/entropy.c
index 36ce945fc..2e71f5f5a 100644
--- a/entropy.c
+++ b/entropy.c
@@ -38,7 +38,7 @@
38#include "pathnames.h" 38#include "pathnames.h"
39#include "log.h" 39#include "log.h"
40 40
41RCSID("$Id: entropy.c,v 1.25 2001/01/22 21:06:20 mouring Exp $"); 41RCSID("$Id: entropy.c,v 1.26 2001/02/05 12:42:17 stevesk Exp $");
42 42
43#ifndef offsetof 43#ifndef offsetof
44# define offsetof(type, member) ((size_t) &((type *)0)->member) 44# define offsetof(type, member) ((size_t) &((type *)0)->member)
@@ -83,7 +83,7 @@ int get_random_bytes(unsigned char *buf, int len)
83 addr.sun_family = AF_UNIX; 83 addr.sun_family = AF_UNIX;
84 strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path)); 84 strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path));
85 addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET); 85 addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET);
86 86
87 fd = socket(AF_UNIX, SOCK_STREAM, 0); 87 fd = socket(AF_UNIX, SOCK_STREAM, 0);
88 if (fd == -1) { 88 if (fd == -1) {
89 error("Couldn't create AF_UNIX socket: %s", strerror(errno)); 89 error("Couldn't create AF_UNIX socket: %s", strerror(errno));
@@ -91,7 +91,7 @@ int get_random_bytes(unsigned char *buf, int len)
91 } 91 }
92 92
93 if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) { 93 if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) {
94 error("Couldn't connect to EGD socket \"%s\": %s", 94 error("Couldn't connect to EGD socket \"%s\": %s",
95 addr.sun_path, strerror(errno)); 95 addr.sun_path, strerror(errno));
96 close(fd); 96 close(fd);
97 return(0); 97 return(0);
@@ -102,21 +102,21 @@ int get_random_bytes(unsigned char *buf, int len)
102 msg[1] = len; 102 msg[1] = len;
103 103
104 if (atomicio(write, fd, msg, sizeof(msg)) != sizeof(msg)) { 104 if (atomicio(write, fd, msg, sizeof(msg)) != sizeof(msg)) {
105 error("Couldn't write to EGD socket \"%s\": %s", 105 error("Couldn't write to EGD socket \"%s\": %s",
106 EGD_SOCKET, strerror(errno)); 106 EGD_SOCKET, strerror(errno));
107 close(fd); 107 close(fd);
108 return(0); 108 return(0);
109 } 109 }
110 110
111 if (atomicio(read, fd, buf, len) != len) { 111 if (atomicio(read, fd, buf, len) != len) {
112 error("Couldn't read from EGD socket \"%s\": %s", 112 error("Couldn't read from EGD socket \"%s\": %s",
113 EGD_SOCKET, strerror(errno)); 113 EGD_SOCKET, strerror(errno));
114 close(fd); 114 close(fd);
115 return(0); 115 return(0);
116 } 116 }
117 117
118 close(fd); 118 close(fd);
119 119
120 return(1); 120 return(1);
121} 121}
122#else /* !EGD_SOCKET */ 122#else /* !EGD_SOCKET */
@@ -128,20 +128,20 @@ int get_random_bytes(unsigned char *buf, int len)
128 128
129 random_pool = open(RANDOM_POOL, O_RDONLY); 129 random_pool = open(RANDOM_POOL, O_RDONLY);
130 if (random_pool == -1) { 130 if (random_pool == -1) {
131 error("Couldn't open random pool \"%s\": %s", 131 error("Couldn't open random pool \"%s\": %s",
132 RANDOM_POOL, strerror(errno)); 132 RANDOM_POOL, strerror(errno));
133 return(0); 133 return(0);
134 } 134 }
135 135
136 if (atomicio(read, random_pool, buf, len) != len) { 136 if (atomicio(read, random_pool, buf, len) != len) {
137 error("Couldn't read from random pool \"%s\": %s", 137 error("Couldn't read from random pool \"%s\": %s",
138 RANDOM_POOL, strerror(errno)); 138 RANDOM_POOL, strerror(errno));
139 close(random_pool); 139 close(random_pool);
140 return(0); 140 return(0);
141 } 141 }
142 142
143 close(random_pool); 143 close(random_pool);
144 144
145 return(1); 145 return(1);
146} 146}
147#endif /* RANDOM_POOL */ 147#endif /* RANDOM_POOL */
@@ -155,7 +155,7 @@ void
155seed_rng(void) 155seed_rng(void)
156{ 156{
157 char buf[32]; 157 char buf[32];
158 158
159 debug("Seeding random number generator"); 159 debug("Seeding random number generator");
160 160
161 if (!get_random_bytes(buf, sizeof(buf))) { 161 if (!get_random_bytes(buf, sizeof(buf))) {
@@ -164,7 +164,7 @@ seed_rng(void)
164 } else { 164 } else {
165 RAND_add(buf, sizeof(buf), sizeof(buf)); 165 RAND_add(buf, sizeof(buf), sizeof(buf));
166 } 166 }
167 167
168 memset(buf, '\0', sizeof(buf)); 168 memset(buf, '\0', sizeof(buf));
169} 169}
170 170
@@ -173,7 +173,7 @@ void init_rng(void) {}
173 173
174#else /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */ 174#else /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */
175 175
176/* 176/*
177 * FIXME: proper entropy estimations. All current values are guesses 177 * FIXME: proper entropy estimations. All current values are guesses
178 * FIXME: (ATL) do estimates at compile time? 178 * FIXME: (ATL) do estimates at compile time?
179 * FIXME: More entropy sources 179 * FIXME: More entropy sources
@@ -213,18 +213,18 @@ double hash_output_from_command(entropy_source_t *src, char *hash);
213/* this is initialised from a file, by prng_read_commands() */ 213/* this is initialised from a file, by prng_read_commands() */
214entropy_source_t *entropy_sources = NULL; 214entropy_source_t *entropy_sources = NULL;
215 215
216double 216double
217stir_from_system(void) 217stir_from_system(void)
218{ 218{
219 double total_entropy_estimate; 219 double total_entropy_estimate;
220 long int i; 220 long int i;
221 221
222 total_entropy_estimate = 0; 222 total_entropy_estimate = 0;
223 223
224 i = getpid(); 224 i = getpid();
225 RAND_add(&i, sizeof(i), 0.5); 225 RAND_add(&i, sizeof(i), 0.5);
226 total_entropy_estimate += 0.1; 226 total_entropy_estimate += 0.1;
227 227
228 i = getppid(); 228 i = getppid();
229 RAND_add(&i, sizeof(i), 0.5); 229 RAND_add(&i, sizeof(i), 0.5);
230 total_entropy_estimate += 0.1; 230 total_entropy_estimate += 0.1;
@@ -241,7 +241,7 @@ stir_from_system(void)
241 return(total_entropy_estimate); 241 return(total_entropy_estimate);
242} 242}
243 243
244double 244double
245stir_from_programs(void) 245stir_from_programs(void)
246{ 246{
247 int i; 247 int i;
@@ -261,18 +261,18 @@ stir_from_programs(void)
261 261
262 /* Scale back entropy estimate according to command's rate */ 262 /* Scale back entropy estimate according to command's rate */
263 entropy_estimate *= entropy_sources[c].rate; 263 entropy_estimate *= entropy_sources[c].rate;
264 264
265 /* Upper bound of entropy estimate is SHA_DIGEST_LENGTH */ 265 /* Upper bound of entropy estimate is SHA_DIGEST_LENGTH */
266 if (entropy_estimate > SHA_DIGEST_LENGTH) 266 if (entropy_estimate > SHA_DIGEST_LENGTH)
267 entropy_estimate = SHA_DIGEST_LENGTH; 267 entropy_estimate = SHA_DIGEST_LENGTH;
268 268
269 /* Scale back estimates for subsequent passes through list */ 269 /* Scale back estimates for subsequent passes through list */
270 entropy_estimate /= SCALE_PER_RUN * (i + 1.0); 270 entropy_estimate /= SCALE_PER_RUN * (i + 1.0);
271 271
272 /* Stir it in */ 272 /* Stir it in */
273 RAND_add(hash, sizeof(hash), entropy_estimate); 273 RAND_add(hash, sizeof(hash), entropy_estimate);
274 274
275 debug3("Got %0.2f bytes of entropy from '%s'", entropy_estimate, 275 debug3("Got %0.2f bytes of entropy from '%s'", entropy_estimate,
276 entropy_sources[c].cmdstring); 276 entropy_sources[c].cmdstring);
277 277
278 total_entropy_estimate += entropy_estimate; 278 total_entropy_estimate += entropy_estimate;
@@ -293,7 +293,7 @@ stir_from_programs(void)
293 c++; 293 c++;
294 } 294 }
295 } 295 }
296 296
297 return(total_entropy_estimate); 297 return(total_entropy_estimate);
298} 298}
299 299
@@ -301,12 +301,12 @@ double
301stir_gettimeofday(double entropy_estimate) 301stir_gettimeofday(double entropy_estimate)
302{ 302{
303 struct timeval tv; 303 struct timeval tv;
304 304
305 if (gettimeofday(&tv, NULL) == -1) 305 if (gettimeofday(&tv, NULL) == -1)
306 fatal("Couldn't gettimeofday: %s", strerror(errno)); 306 fatal("Couldn't gettimeofday: %s", strerror(errno));
307 307
308 RAND_add(&tv, sizeof(tv), entropy_estimate); 308 RAND_add(&tv, sizeof(tv), entropy_estimate);
309 309
310 return(entropy_estimate); 310 return(entropy_estimate);
311} 311}
312 312
@@ -315,10 +315,10 @@ stir_clock(double entropy_estimate)
315{ 315{
316#ifdef HAVE_CLOCK 316#ifdef HAVE_CLOCK
317 clock_t c; 317 clock_t c;
318 318
319 c = clock(); 319 c = clock();
320 RAND_add(&c, sizeof(c), entropy_estimate); 320 RAND_add(&c, sizeof(c), entropy_estimate);
321 321
322 return(entropy_estimate); 322 return(entropy_estimate);
323#else /* _HAVE_CLOCK */ 323#else /* _HAVE_CLOCK */
324 return(0); 324 return(0);
@@ -330,7 +330,7 @@ stir_rusage(int who, double entropy_estimate)
330{ 330{
331#ifdef HAVE_GETRUSAGE 331#ifdef HAVE_GETRUSAGE
332 struct rusage ru; 332 struct rusage ru;
333 333
334 if (getrusage(who, &ru) == -1) 334 if (getrusage(who, &ru) == -1)
335 return(0); 335 return(0);
336 336
@@ -368,7 +368,7 @@ hash_output_from_command(entropy_source_t *src, char *hash)
368 int bytes_read; 368 int bytes_read;
369 int total_bytes_read; 369 int total_bytes_read;
370 SHA_CTX sha; 370 SHA_CTX sha;
371 371
372 debug3("Reading output from \'%s\'", src->cmdstring); 372 debug3("Reading output from \'%s\'", src->cmdstring);
373 373
374 if (devnull == -1) { 374 if (devnull == -1) {
@@ -376,7 +376,7 @@ hash_output_from_command(entropy_source_t *src, char *hash)
376 if (devnull == -1) 376 if (devnull == -1)
377 fatal("Couldn't open /dev/null: %s", strerror(errno)); 377 fatal("Couldn't open /dev/null: %s", strerror(errno));
378 } 378 }
379 379
380 if (pipe(p) == -1) 380 if (pipe(p) == -1)
381 fatal("Couldn't open pipe: %s", strerror(errno)); 381 fatal("Couldn't open pipe: %s", strerror(errno));
382 382
@@ -469,7 +469,7 @@ hash_output_from_command(entropy_source_t *src, char *hash)
469 close(p[0]); 469 close(p[0]);
470 470
471 debug3("Time elapsed: %d msec", msec_elapsed); 471 debug3("Time elapsed: %d msec", msec_elapsed);
472 472
473 if (waitpid(pid, &status, 0) == -1) { 473 if (waitpid(pid, &status, 0) == -1) {
474 error("Couldn't wait for child '%s' completion: %s", src->cmdstring, 474 error("Couldn't wait for child '%s' completion: %s", src->cmdstring,
475 strerror(errno)); 475 strerror(errno));
@@ -492,13 +492,13 @@ hash_output_from_command(entropy_source_t *src, char *hash)
492 if (WEXITSTATUS(status)==0) { 492 if (WEXITSTATUS(status)==0) {
493 return(total_bytes_read); 493 return(total_bytes_read);
494 } else { 494 } else {
495 debug2("Command '%s' exit status was %d", src->cmdstring, 495 debug2("Command '%s' exit status was %d", src->cmdstring,
496 WEXITSTATUS(status)); 496 WEXITSTATUS(status));
497 src->badness = src->sticky_badness = 128; 497 src->badness = src->sticky_badness = 128;
498 return (0.0); 498 return (0.0);
499 } 499 }
500 } else if (WIFSIGNALED(status)) { 500 } else if (WIFSIGNALED(status)) {
501 debug2("Command '%s' returned on uncaught signal %d !", src->cmdstring, 501 debug2("Command '%s' returned on uncaught signal %d !", src->cmdstring,
502 status); 502 status);
503 src->badness = src->sticky_badness = 128; 503 src->badness = src->sticky_badness = 128;
504 return(0.0); 504 return(0.0);
@@ -519,7 +519,7 @@ prng_check_seedfile(char *filename) {
519 if (lstat(filename, &st) == -1) { 519 if (lstat(filename, &st) == -1) {
520 /* Give up on hard errors */ 520 /* Give up on hard errors */
521 if (errno != ENOENT) 521 if (errno != ENOENT)
522 debug("WARNING: Couldn't stat random seed file \"%s\": %s", 522 debug("WARNING: Couldn't stat random seed file \"%s\": %s",
523 filename, strerror(errno)); 523 filename, strerror(errno));
524 524
525 return(0); 525 return(0);
@@ -535,7 +535,7 @@ prng_check_seedfile(char *filename) {
535 filename, getuid()); 535 filename, getuid());
536 return(0); 536 return(0);
537 } 537 }
538 538
539 return(1); 539 return(1);
540} 540}
541 541
@@ -549,22 +549,22 @@ prng_write_seedfile(void) {
549 /* Don't bother if we have already saved a seed */ 549 /* Don't bother if we have already saved a seed */
550 if (prng_seed_saved) 550 if (prng_seed_saved)
551 return; 551 return;
552 552
553 setuid(original_uid); 553 setuid(original_uid);
554 554
555 prng_seed_saved = 1; 555 prng_seed_saved = 1;
556 556
557 pw = getpwuid(original_uid); 557 pw = getpwuid(original_uid);
558 if (pw == NULL) 558 if (pw == NULL)
559 fatal("Couldn't get password entry for current user (%i): %s", 559 fatal("Couldn't get password entry for current user (%i): %s",
560 original_uid, strerror(errno)); 560 original_uid, strerror(errno));
561 561
562 /* Try to ensure that the parent directory is there */ 562 /* Try to ensure that the parent directory is there */
563 snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, 563 snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir,
564 _PATH_SSH_USER_DIR); 564 _PATH_SSH_USER_DIR);
565 mkdir(filename, 0700); 565 mkdir(filename, 0700);
566 566
567 snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, 567 snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir,
568 SSH_PRNG_SEED_FILE); 568 SSH_PRNG_SEED_FILE);
569 569
570 debug("writing PRNG seed to file %.100s", filename); 570 debug("writing PRNG seed to file %.100s", filename);
@@ -573,13 +573,13 @@ prng_write_seedfile(void) {
573 573
574 /* Don't care if the seed doesn't exist */ 574 /* Don't care if the seed doesn't exist */
575 prng_check_seedfile(filename); 575 prng_check_seedfile(filename);
576 576
577 if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) { 577 if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) {
578 debug("WARNING: couldn't access PRNG seedfile %.100s (%.100s)", 578 debug("WARNING: couldn't access PRNG seedfile %.100s (%.100s)",
579 filename, strerror(errno)); 579 filename, strerror(errno));
580 } else { 580 } else {
581 if (atomicio(write, fd, &seed, sizeof(seed)) != sizeof(seed)) 581 if (atomicio(write, fd, &seed, sizeof(seed)) != sizeof(seed))
582 fatal("problem writing PRNG seedfile %.100s (%.100s)", filename, 582 fatal("problem writing PRNG seedfile %.100s (%.100s)", filename,
583 strerror(errno)); 583 strerror(errno));
584 584
585 close(fd); 585 close(fd);
@@ -592,13 +592,13 @@ prng_read_seedfile(void) {
592 char seed[1024]; 592 char seed[1024];
593 char filename[1024]; 593 char filename[1024];
594 struct passwd *pw; 594 struct passwd *pw;
595 595
596 pw = getpwuid(original_uid); 596 pw = getpwuid(original_uid);
597 if (pw == NULL) 597 if (pw == NULL)
598 fatal("Couldn't get password entry for current user (%i): %s", 598 fatal("Couldn't get password entry for current user (%i): %s",
599 original_uid, strerror(errno)); 599 original_uid, strerror(errno));
600 600
601 snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, 601 snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir,
602 SSH_PRNG_SEED_FILE); 602 SSH_PRNG_SEED_FILE);
603 603
604 debug("loading PRNG seed from file %.100s", filename); 604 debug("loading PRNG seed from file %.100s", filename);
@@ -611,7 +611,7 @@ prng_read_seedfile(void) {
611 /* open the file and read in the seed */ 611 /* open the file and read in the seed */
612 fd = open(filename, O_RDONLY); 612 fd = open(filename, O_RDONLY);
613 if (fd == -1) 613 if (fd == -1)
614 fatal("could not open PRNG seedfile %.100s (%.100s)", filename, 614 fatal("could not open PRNG seedfile %.100s (%.100s)", filename,
615 strerror(errno)); 615 strerror(errno));
616 616
617 if (atomicio(read, fd, &seed, sizeof(seed)) != sizeof(seed)) { 617 if (atomicio(read, fd, &seed, sizeof(seed)) != sizeof(seed)) {
@@ -671,7 +671,7 @@ prng_read_commands(char *cmdfilename)
671 error("bad entropy command, %.100s line %d", cmdfilename, 671 error("bad entropy command, %.100s line %d", cmdfilename,
672 linenum); 672 linenum);
673 continue; 673 continue;
674 } 674 }
675 675
676 /* first token, command args (incl. argv[0]) in double quotes */ 676 /* first token, command args (incl. argv[0]) in double quotes */
677 cp = strtok(cp, "\""); 677 cp = strtok(cp, "\"");
@@ -681,7 +681,7 @@ prng_read_commands(char *cmdfilename)
681 continue; 681 continue;
682 } 682 }
683 strlcpy(cmd, cp, sizeof(cmd)); 683 strlcpy(cmd, cp, sizeof(cmd));
684 684
685 /* second token, full command path */ 685 /* second token, full command path */
686 if ((cp = strtok(NULL, WHITESPACE)) == NULL) { 686 if ((cp = strtok(NULL, WHITESPACE)) == NULL) {
687 error("missing command path, %.100s line %d -- ignored", 687 error("missing command path, %.100s line %d -- ignored",
@@ -693,7 +693,7 @@ prng_read_commands(char *cmdfilename)
693 if (strncmp("undef", cp, 5) == 0) 693 if (strncmp("undef", cp, 5) == 0)
694 continue; 694 continue;
695 695
696 strlcpy(path, cp, sizeof(path)); 696 strlcpy(path, cp, sizeof(path));
697 697
698 /* third token, entropy rate estimate for this command */ 698 /* third token, entropy rate estimate for this command */
699 if ((cp = strtok(NULL, WHITESPACE)) == NULL) { 699 if ((cp = strtok(NULL, WHITESPACE)) == NULL) {
@@ -705,14 +705,14 @@ prng_read_commands(char *cmdfilename)
705 705
706 /* end of line */ 706 /* end of line */
707 if ((cp = strtok(NULL, WHITESPACE)) != NULL) { 707 if ((cp = strtok(NULL, WHITESPACE)) != NULL) {
708 error("garbage at end of line %d in %.100s -- ignored", linenum, 708 error("garbage at end of line %d in %.100s -- ignored", linenum,
709 cmdfilename); 709 cmdfilename);
710 continue; 710 continue;
711 } 711 }
712 712
713 /* save the command for debug messages */ 713 /* save the command for debug messages */
714 entcmd[cur_cmd].cmdstring = xstrdup(cmd); 714 entcmd[cur_cmd].cmdstring = xstrdup(cmd);
715 715
716 /* split the command args */ 716 /* split the command args */
717 cp = strtok(cmd, WHITESPACE); 717 cp = strtok(cmd, WHITESPACE);
718 arg = 0; 718 arg = 0;
@@ -723,7 +723,7 @@ prng_read_commands(char *cmdfilename)
723 entcmd[cur_cmd].args[arg] = s; 723 entcmd[cur_cmd].args[arg] = s;
724 arg++; 724 arg++;
725 } while ((arg < 5) && (cp = strtok(NULL, WHITESPACE))); 725 } while ((arg < 5) && (cp = strtok(NULL, WHITESPACE)));
726 726
727 if (strtok(NULL, WHITESPACE)) 727 if (strtok(NULL, WHITESPACE))
728 error("ignored extra command elements (max 5), %.100s line %d", 728 error("ignored extra command elements (max 5), %.100s line %d",
729 cmdfilename, linenum); 729 cmdfilename, linenum);
@@ -759,7 +759,7 @@ prng_read_commands(char *cmdfilename)
759 759
760/* 760/*
761 * Write a keyfile at exit 761 * Write a keyfile at exit
762 */ 762 */
763void 763void
764prng_seed_cleanup(void *junk) 764prng_seed_cleanup(void *junk)
765{ 765{
@@ -777,7 +777,7 @@ seed_rng(void)
777 777
778 if (!prng_initialised) 778 if (!prng_initialised)
779 fatal("RNG not initialised"); 779 fatal("RNG not initialised");
780 780
781 /* Make sure some other sigchld handler doesn't reap our entropy */ 781 /* Make sure some other sigchld handler doesn't reap our entropy */
782 /* commands */ 782 /* commands */
783 old_sigchld_handler = signal(SIGCHLD, SIG_DFL); 783 old_sigchld_handler = signal(SIGCHLD, SIG_DFL);
@@ -794,10 +794,10 @@ seed_rng(void)
794 fatal("Couldn't initialise builtin random number generator -- exiting."); 794 fatal("Couldn't initialise builtin random number generator -- exiting.");
795} 795}
796 796
797void init_rng(void) 797void init_rng(void)
798{ 798{
799 int original_euid; 799 int original_euid;
800 800
801 original_uid = getuid(); 801 original_uid = getuid();
802 original_euid = geteuid(); 802 original_euid = geteuid();
803 803
@@ -806,12 +806,12 @@ void init_rng(void)
806 fatal("PRNG initialisation failed -- exiting."); 806 fatal("PRNG initialisation failed -- exiting.");
807 807
808 /* Set ourselves up to save a seed upon exit */ 808 /* Set ourselves up to save a seed upon exit */
809 prng_seed_saved = 0; 809 prng_seed_saved = 0;
810 810
811 /* Give up privs while reading seed file */ 811 /* Give up privs while reading seed file */
812 if ((original_uid != original_euid) && (seteuid(original_uid) == -1)) 812 if ((original_uid != original_euid) && (seteuid(original_uid) == -1))
813 fatal("Couldn't give up privileges"); 813 fatal("Couldn't give up privileges");
814 814
815 prng_read_seedfile(); 815 prng_read_seedfile();
816 816
817 if ((original_uid != original_euid) && (seteuid(original_euid) == -1)) 817 if ((original_uid != original_euid) && (seteuid(original_euid) == -1))
diff --git a/includes.h b/includes.h
index f3cdae3c2..92013aa87 100644
--- a/includes.h
+++ b/includes.h
@@ -50,13 +50,13 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
50#endif 50#endif
51#ifdef HAVE_BSTRING_H 51#ifdef HAVE_BSTRING_H
52# include <bstring.h> 52# include <bstring.h>
53#endif 53#endif
54#ifdef HAVE_NETGROUP_H 54#ifdef HAVE_NETGROUP_H
55# include <netgroup.h> 55# include <netgroup.h>
56#endif 56#endif
57#if defined(HAVE_NETDB_H) 57#if defined(HAVE_NETDB_H)
58# include <netdb.h> 58# include <netdb.h>
59#endif 59#endif
60#ifdef HAVE_ENDIAN_H 60#ifdef HAVE_ENDIAN_H
61# include <endian.h> 61# include <endian.h>
62#endif 62#endif
diff --git a/kex.c b/kex.c
index d3099f708..9aab5de9e 100644
--- a/kex.c
+++ b/kex.c
@@ -79,7 +79,7 @@ kex_exchange_kexinit(
79 79
80 debug("send KEXINIT"); 80 debug("send KEXINIT");
81 packet_start(SSH2_MSG_KEXINIT); 81 packet_start(SSH2_MSG_KEXINIT);
82 packet_put_raw(buffer_ptr(my_kexinit), buffer_len(my_kexinit)); 82 packet_put_raw(buffer_ptr(my_kexinit), buffer_len(my_kexinit));
83 packet_send(); 83 packet_send();
84 packet_write_wait(); 84 packet_write_wait();
85 debug("done"); 85 debug("done");
@@ -244,7 +244,7 @@ kex_hash(
244 buffer_put_bignum2(&b, client_dh_pub); 244 buffer_put_bignum2(&b, client_dh_pub);
245 buffer_put_bignum2(&b, server_dh_pub); 245 buffer_put_bignum2(&b, server_dh_pub);
246 buffer_put_bignum2(&b, shared_secret); 246 buffer_put_bignum2(&b, shared_secret);
247 247
248#ifdef DEBUG_KEX 248#ifdef DEBUG_KEX
249 buffer_dump(&b); 249 buffer_dump(&b);
250#endif 250#endif
@@ -297,7 +297,7 @@ kex_hash_gex(
297 buffer_put_bignum2(&b, client_dh_pub); 297 buffer_put_bignum2(&b, client_dh_pub);
298 buffer_put_bignum2(&b, server_dh_pub); 298 buffer_put_bignum2(&b, server_dh_pub);
299 buffer_put_bignum2(&b, shared_secret); 299 buffer_put_bignum2(&b, shared_secret);
300 300
301#ifdef DEBUG_KEX 301#ifdef DEBUG_KEX
302 buffer_dump(&b); 302 buffer_dump(&b);
303#endif 303#endif
@@ -366,7 +366,7 @@ get_match(char *client, char *server)
366 c = cp = xstrdup(client); 366 c = cp = xstrdup(client);
367 s = sp = xstrdup(server); 367 s = sp = xstrdup(server);
368 368
369 for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0'; 369 for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0';
370 (p = strsep(&sp, SEP)), i++) { 370 (p = strsep(&sp, SEP)), i++) {
371 if (i < MAX_PROP) 371 if (i < MAX_PROP)
372 sproposals[i] = p; 372 sproposals[i] = p;
@@ -375,7 +375,7 @@ get_match(char *client, char *server)
375 } 375 }
376 nproposals = i; 376 nproposals = i;
377 377
378 for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0'; 378 for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0';
379 (p = strsep(&cp, SEP)), i++) { 379 (p = strsep(&cp, SEP)), i++) {
380 for (j = 0; j < nproposals; j++) { 380 for (j = 0; j < nproposals; j++) {
381 if (strcmp(p, sproposals[j]) == 0) { 381 if (strcmp(p, sproposals[j]) == 0) {
diff --git a/kex.h b/kex.h
index f07e3d4d3..8e6eea70a 100644
--- a/kex.h
+++ b/kex.h
@@ -54,7 +54,7 @@ enum kex_exchange {
54 DH_GRP1_SHA1, 54 DH_GRP1_SHA1,
55 DH_GEX_SHA1 55 DH_GEX_SHA1
56}; 56};
57 57
58typedef struct Kex Kex; 58typedef struct Kex Kex;
59typedef struct Mac Mac; 59typedef struct Mac Mac;
60typedef struct Comp Comp; 60typedef struct Comp Comp;
diff --git a/key.c b/key.c
index 8cecce017..d11b3817a 100644
--- a/key.c
+++ b/key.c
@@ -452,11 +452,11 @@ key_size(Key *k){
452RSA * 452RSA *
453rsa_generate_private_key(u_int bits) 453rsa_generate_private_key(u_int bits)
454{ 454{
455 RSA *private; 455 RSA *private;
456 private = RSA_generate_key(bits, 35, NULL, NULL); 456 private = RSA_generate_key(bits, 35, NULL, NULL);
457 if (private == NULL) 457 if (private == NULL)
458 fatal("rsa_generate_private_key: key generation failed."); 458 fatal("rsa_generate_private_key: key generation failed.");
459 return private; 459 return private;
460} 460}
461 461
462DSA* 462DSA*
@@ -466,9 +466,9 @@ dsa_generate_private_key(u_int bits)
466 if (private == NULL) 466 if (private == NULL)
467 fatal("dsa_generate_private_key: DSA_generate_parameters failed"); 467 fatal("dsa_generate_private_key: DSA_generate_parameters failed");
468 if (!DSA_generate_key(private)) 468 if (!DSA_generate_key(private))
469 fatal("dsa_generate_private_key: DSA_generate_key failed."); 469 fatal("dsa_generate_private_key: DSA_generate_key failed.");
470 if (private == NULL) 470 if (private == NULL)
471 fatal("dsa_generate_private_key: NULL."); 471 fatal("dsa_generate_private_key: NULL.");
472 return private; 472 return private;
473} 473}
474 474
@@ -477,7 +477,7 @@ key_generate(int type, u_int bits)
477{ 477{
478 Key *k = key_new(KEY_UNSPEC); 478 Key *k = key_new(KEY_UNSPEC);
479 switch (type) { 479 switch (type) {
480 case KEY_DSA: 480 case KEY_DSA:
481 k->dsa = dsa_generate_private_key(bits); 481 k->dsa = dsa_generate_private_key(bits);
482 break; 482 break;
483 case KEY_RSA: 483 case KEY_RSA:
@@ -485,9 +485,9 @@ key_generate(int type, u_int bits)
485 k->rsa = rsa_generate_private_key(bits); 485 k->rsa = rsa_generate_private_key(bits);
486 break; 486 break;
487 default: 487 default:
488 fatal("key_generate: unknown type %d", type); 488 fatal("key_generate: unknown type %d", type);
489 } 489 }
490 k->type = type; 490 k->type = type;
491 return k; 491 return k;
492} 492}
493 493
@@ -496,7 +496,7 @@ key_from_private(Key *k)
496{ 496{
497 Key *n = NULL; 497 Key *n = NULL;
498 switch (k->type) { 498 switch (k->type) {
499 case KEY_DSA: 499 case KEY_DSA:
500 n = key_new(k->type); 500 n = key_new(k->type);
501 BN_copy(n->dsa->p, k->dsa->p); 501 BN_copy(n->dsa->p, k->dsa->p);
502 BN_copy(n->dsa->q, k->dsa->q); 502 BN_copy(n->dsa->q, k->dsa->q);
@@ -510,7 +510,7 @@ key_from_private(Key *k)
510 BN_copy(n->rsa->e, k->rsa->e); 510 BN_copy(n->rsa->e, k->rsa->e);
511 break; 511 break;
512 default: 512 default:
513 fatal("key_from_private: unknown type %d", k->type); 513 fatal("key_from_private: unknown type %d", k->type);
514 break; 514 break;
515 } 515 }
516 return n; 516 return n;
diff --git a/log.h b/log.h
index 786e86d72..d13f73771 100644
--- a/log.h
+++ b/log.h
@@ -21,7 +21,7 @@ typedef enum {
21 SYSLOG_FACILITY_USER, 21 SYSLOG_FACILITY_USER,
22 SYSLOG_FACILITY_AUTH, 22 SYSLOG_FACILITY_AUTH,
23#ifdef LOG_AUTHPRIV 23#ifdef LOG_AUTHPRIV
24 SYSLOG_FACILITY_AUTHPRIV, 24 SYSLOG_FACILITY_AUTHPRIV,
25#endif 25#endif
26 SYSLOG_FACILITY_LOCAL0, 26 SYSLOG_FACILITY_LOCAL0,
27 SYSLOG_FACILITY_LOCAL1, 27 SYSLOG_FACILITY_LOCAL1,
diff --git a/loginrec.c b/loginrec.c
index dc723f742..d74833224 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -30,7 +30,7 @@
30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 */ 31 */
32 32
33/** 33/**
34 ** loginrec.c: platform-independent login recording and lastlog retrieval 34 ** loginrec.c: platform-independent login recording and lastlog retrieval
35 **/ 35 **/
36 36
@@ -63,7 +63,7 @@
63 requires very thorough testing so we do not corrupt local auditing 63 requires very thorough testing so we do not corrupt local auditing
64 information. These files and their access methods are very system 64 information. These files and their access methods are very system
65 specific indeed. 65 specific indeed.
66 66
67 For utmpx systems, the corresponding library functions are 67 For utmpx systems, the corresponding library functions are
68 setutxent() etc. To the author's knowledge, all utmpx systems have 68 setutxent() etc. To the author's knowledge, all utmpx systems have
69 these library functions and so no direct write is attempted. If such 69 these library functions and so no direct write is attempted. If such
@@ -82,14 +82,14 @@
82 82
83 Calling the new code 83 Calling the new code
84 -------------------- 84 --------------------
85 85
86 In OpenSSH all login recording and retrieval is performed in 86 In OpenSSH all login recording and retrieval is performed in
87 login.c. Here you'll find working examples. Also, in the logintest.c 87 login.c. Here you'll find working examples. Also, in the logintest.c
88 program there are more examples. 88 program there are more examples.
89 89
90 Internal handler calling method 90 Internal handler calling method
91 ------------------------------- 91 -------------------------------
92 92
93 When a call is made to login_login() or login_logout(), both 93 When a call is made to login_login() or login_logout(), both
94 routines set a struct logininfo flag defining which action (log in, 94 routines set a struct logininfo flag defining which action (log in,
95 or log out) is to be taken. They both then call login_write(), which 95 or log out) is to be taken. They both then call login_write(), which
@@ -127,7 +127,7 @@
127 with 'make logintest' as it's not built by default.) 127 with 'make logintest' as it's not built by default.)
128 128
129 Otherwise, patches to the specific method(s) are very helpful! 129 Otherwise, patches to the specific method(s) are very helpful!
130 130
131*/ 131*/
132 132
133/** 133/**
@@ -163,7 +163,7 @@
163#include "log.h" 163#include "log.h"
164#include "atomicio.h" 164#include "atomicio.h"
165 165
166RCSID("$Id: loginrec.c,v 1.30 2001/01/22 05:34:42 mouring Exp $"); 166RCSID("$Id: loginrec.c,v 1.31 2001/02/05 12:42:17 stevesk Exp $");
167 167
168#ifdef HAVE_UTIL_H 168#ifdef HAVE_UTIL_H
169# include <util.h> 169# include <util.h>
@@ -207,7 +207,7 @@ int wtmpx_get_entry(struct logininfo *li);
207 **/ 207 **/
208 208
209/* login_login(struct logininfo *) -Record a login 209/* login_login(struct logininfo *) -Record a login
210 * 210 *
211 * Call with a pointer to a struct logininfo initialised with 211 * Call with a pointer to a struct logininfo initialised with
212 * login_init_entry() or login_alloc_entry() 212 * login_init_entry() or login_alloc_entry()
213 * 213 *
@@ -287,17 +287,17 @@ login_get_lastlog(struct logininfo *li, const int uid)
287 memset(li, '\0', sizeof(*li)); 287 memset(li, '\0', sizeof(*li));
288 li->uid = uid; 288 li->uid = uid;
289 289
290 /* 290 /*
291 * If we don't have a 'real' lastlog, we need the username to 291 * If we don't have a 'real' lastlog, we need the username to
292 * reliably search wtmp(x) for the last login (see 292 * reliably search wtmp(x) for the last login (see
293 * wtmp_get_entry().) 293 * wtmp_get_entry().)
294 */ 294 */
295 pw = getpwuid(uid); 295 pw = getpwuid(uid);
296 if (pw == NULL) 296 if (pw == NULL)
297 fatal("login_get_lastlog: Cannot find account for uid %i", uid); 297 fatal("login_get_lastlog: Cannot find account for uid %i", uid);
298 298
299 /* No MIN_SIZEOF here - we absolutely *must not* truncate the 299 /* No MIN_SIZEOF here - we absolutely *must not* truncate the
300 * username */ 300 * username */
301 strlcpy(li->username, pw->pw_name, sizeof(li->username)); 301 strlcpy(li->username, pw->pw_name, sizeof(li->username));
302 302
303 if (getlast_entry(li)) 303 if (getlast_entry(li))
@@ -308,8 +308,8 @@ login_get_lastlog(struct logininfo *li, const int uid)
308 308
309 309
310/* login_alloc_entry(int, char*, char*, char*) - Allocate and initialise 310/* login_alloc_entry(int, char*, char*, char*) - Allocate and initialise
311 * a logininfo structure 311 * a logininfo structure
312 * 312 *
313 * This function creates a new struct logininfo, a data structure 313 * This function creates a new struct logininfo, a data structure
314 * meant to carry the information required to portably record login info. 314 * meant to carry the information required to portably record login info.
315 * 315 *
@@ -338,20 +338,20 @@ login_free_entry(struct logininfo *li)
338 338
339/* login_init_entry(struct logininfo *, int, char*, char*, char*) 339/* login_init_entry(struct logininfo *, int, char*, char*, char*)
340 * - initialise a struct logininfo 340 * - initialise a struct logininfo
341 * 341 *
342 * Populates a new struct logininfo, a data structure meant to carry 342 * Populates a new struct logininfo, a data structure meant to carry
343 * the information required to portably record login info. 343 * the information required to portably record login info.
344 * 344 *
345 * Returns: 1 345 * Returns: 1
346 */ 346 */
347int 347int
348login_init_entry(struct logininfo *li, int pid, const char *username, 348login_init_entry(struct logininfo *li, int pid, const char *username,
349 const char *hostname, const char *line) 349 const char *hostname, const char *line)
350{ 350{
351 struct passwd *pw; 351 struct passwd *pw;
352 352
353 memset(li, 0, sizeof(*li)); 353 memset(li, 0, sizeof(*li));
354 354
355 li->pid = pid; 355 li->pid = pid;
356 356
357 /* set the line information */ 357 /* set the line information */
@@ -384,7 +384,7 @@ login_set_current_time(struct logininfo *li)
384 struct timeval tv; 384 struct timeval tv;
385 385
386 gettimeofday(&tv, NULL); 386 gettimeofday(&tv, NULL);
387 387
388 li->tv_sec = tv.tv_sec; 388 li->tv_sec = tv.tv_sec;
389 li->tv_usec = tv.tv_usec; 389 li->tv_usec = tv.tv_usec;
390} 390}
@@ -457,7 +457,7 @@ getlast_entry(struct logininfo *li)
457#else /* !USE_LASTLOG */ 457#else /* !USE_LASTLOG */
458 458
459#ifdef DISABLE_LASTLOG 459#ifdef DISABLE_LASTLOG
460 /* On some systems we shouldn't even try to obtain last login 460 /* On some systems we shouldn't even try to obtain last login
461 * time, e.g. AIX */ 461 * time, e.g. AIX */
462 return 0; 462 return 0;
463# else /* DISABLE_LASTLOG */ 463# else /* DISABLE_LASTLOG */
@@ -475,7 +475,7 @@ getlast_entry(struct logininfo *li)
475 return 0; 475 return 0;
476# endif /* USE_WTMPX && (HAVE_TIME_IN_UTMPX || HAVE_TV_IN_UTMPX) */ 476# endif /* USE_WTMPX && (HAVE_TIME_IN_UTMPX || HAVE_TV_IN_UTMPX) */
477# endif /* USE_WTMP && (HAVE_TIME_IN_UTMP || HAVE_TV_IN_UTMP) */ 477# endif /* USE_WTMP && (HAVE_TIME_IN_UTMP || HAVE_TV_IN_UTMP) */
478# endif /* DISABLE_LASTLOG */ 478# endif /* DISABLE_LASTLOG */
479#endif /* USE_LASTLOG */ 479#endif /* USE_LASTLOG */
480} 480}
481 481
@@ -532,12 +532,12 @@ line_stripname(char *dst, const char *src, int dstsize)
532 * NOTE: use strncpy because we do NOT necessarily want zero 532 * NOTE: use strncpy because we do NOT necessarily want zero
533 * termination */ 533 * termination */
534char * 534char *
535line_abbrevname(char *dst, const char *src, int dstsize) 535line_abbrevname(char *dst, const char *src, int dstsize)
536{ 536{
537 size_t len; 537 size_t len;
538 538
539 memset(dst, '\0', dstsize); 539 memset(dst, '\0', dstsize);
540 540
541 /* Always skip prefix if present */ 541 /* Always skip prefix if present */
542#ifdef sgi 542#ifdef sgi
543 if (strncmp(src, "/dev/tty", 8) == 0) 543 if (strncmp(src, "/dev/tty", 8) == 0)
@@ -546,7 +546,7 @@ line_abbrevname(char *dst, const char *src, int dstsize)
546 if (strncmp(src, "/dev/", 5) == 0) 546 if (strncmp(src, "/dev/", 5) == 0)
547 src += 5; 547 src += 5;
548#endif 548#endif
549 549
550 len = strlen(src); 550 len = strlen(src);
551 551
552 if (len > 0) { 552 if (len > 0) {
@@ -554,9 +554,9 @@ line_abbrevname(char *dst, const char *src, int dstsize)
554 src += ((int)len - dstsize); 554 src += ((int)len - dstsize);
555 555
556 /* note: _don't_ change this to strlcpy */ 556 /* note: _don't_ change this to strlcpy */
557 strncpy(dst, src, (size_t)dstsize); 557 strncpy(dst, src, (size_t)dstsize);
558 } 558 }
559 559
560 return dst; 560 return dst;
561} 561}
562 562
@@ -620,7 +620,7 @@ construct_utmp(struct logininfo *li,
620 620
621 /* 621 /*
622 * These fields are only used when logging in, and are blank 622 * These fields are only used when logging in, and are blank
623 * for logouts. 623 * for logouts.
624 */ 624 */
625 625
626 /* Use strncpy because we don't necessarily want null termination */ 626 /* Use strncpy because we don't necessarily want null termination */
@@ -632,7 +632,7 @@ construct_utmp(struct logininfo *li,
632 /* this is just a 32-bit IP address */ 632 /* this is just a 32-bit IP address */
633 if (li->hostaddr.sa.sa_family == AF_INET) 633 if (li->hostaddr.sa.sa_family == AF_INET)
634 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr; 634 ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr;
635# endif 635# endif
636} 636}
637#endif /* USE_UTMP || USE_WTMP || USE_LOGIN */ 637#endif /* USE_UTMP || USE_WTMP || USE_LOGIN */
638 638
@@ -684,7 +684,7 @@ construct_utmpx(struct logininfo *li, struct utmpx *utx)
684 684
685 /* 685 /*
686 * These fields are only used when logging in, and are blank 686 * These fields are only used when logging in, and are blank
687 * for logouts. 687 * for logouts.
688 */ 688 */
689 689
690 /* strncpy(): Don't necessarily want null termination */ 690 /* strncpy(): Don't necessarily want null termination */
@@ -774,18 +774,18 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut)
774 * If the new ut_line is empty but the old one is not 774 * If the new ut_line is empty but the old one is not
775 * and ut_line and ut_name match, preserve the old ut_line. 775 * and ut_line and ut_name match, preserve the old ut_line.
776 */ 776 */
777 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) && 777 if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) &&
778 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') && 778 (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') &&
779 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) && 779 (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) &&
780 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0)) { 780 (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0)) {
781 (void)memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host)); 781 (void)memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host));
782 } 782 }
783 783
784 (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET); 784 (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET);
785 if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) 785 if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut))
786 log("utmp_write_direct: error writing %s: %s", 786 log("utmp_write_direct: error writing %s: %s",
787 UTMP_FILE, strerror(errno)); 787 UTMP_FILE, strerror(errno));
788 788
789 (void)close(fd); 789 (void)close(fd);
790 return 1; 790 return 1;
791 } else { 791 } else {
@@ -887,7 +887,7 @@ utmpx_write_library(struct logininfo *li, struct utmpx *utx)
887/* write a utmp entry direct to the file */ 887/* write a utmp entry direct to the file */
888static int 888static int
889utmpx_write_direct(struct logininfo *li, struct utmpx *utx) 889utmpx_write_direct(struct logininfo *li, struct utmpx *utx)
890{ 890{
891 log("utmpx_write_direct: not implemented!"); 891 log("utmpx_write_direct: not implemented!");
892 return 0; 892 return 0;
893} 893}
@@ -957,7 +957,7 @@ utmpx_write_entry(struct logininfo *li)
957 ** Low-level wtmp functions 957 ** Low-level wtmp functions
958 **/ 958 **/
959 959
960#ifdef USE_WTMP 960#ifdef USE_WTMP
961 961
962/* write a wtmp entry direct to the end of the file */ 962/* write a wtmp entry direct to the end of the file */
963/* This is a slight modification of code in OpenBSD's logwtmp.c */ 963/* This is a slight modification of code in OpenBSD's logwtmp.c */
@@ -972,7 +972,7 @@ wtmp_write(struct logininfo *li, struct utmp *ut)
972 WTMP_FILE, strerror(errno)); 972 WTMP_FILE, strerror(errno));
973 return 0; 973 return 0;
974 } 974 }
975 if (fstat(fd, &buf) == 0) 975 if (fstat(fd, &buf) == 0)
976 if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) { 976 if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) {
977 ftruncate(fd, buf.st_size); 977 ftruncate(fd, buf.st_size);
978 log("wtmp_write: problem writing %s: %s", 978 log("wtmp_write: problem writing %s: %s",
@@ -1019,7 +1019,7 @@ wtmp_write_entry(struct logininfo *li)
1019 1019
1020 1020
1021/* Notes on fetching login data from wtmp/wtmpx 1021/* Notes on fetching login data from wtmp/wtmpx
1022 * 1022 *
1023 * Logouts are usually recorded with (amongst other things) a blank 1023 * Logouts are usually recorded with (amongst other things) a blank
1024 * username on a given tty line. However, some systems (HP-UX is one) 1024 * username on a given tty line. However, some systems (HP-UX is one)
1025 * leave all fields set, but change the ut_type field to DEAD_PROCESS. 1025 * leave all fields set, but change the ut_type field to DEAD_PROCESS.
@@ -1038,7 +1038,7 @@ wtmp_write_entry(struct logininfo *li)
1038static int 1038static int
1039wtmp_islogin(struct logininfo *li, struct utmp *ut) 1039wtmp_islogin(struct logininfo *li, struct utmp *ut)
1040{ 1040{
1041 if (strncmp(li->username, ut->ut_name, 1041 if (strncmp(li->username, ut->ut_name,
1042 MIN_SIZEOF(li->username, ut->ut_name)) == 0) { 1042 MIN_SIZEOF(li->username, ut->ut_name)) == 0) {
1043# ifdef HAVE_TYPE_IN_UTMP 1043# ifdef HAVE_TYPE_IN_UTMP
1044 if (ut->ut_type & USER_PROCESS) 1044 if (ut->ut_type & USER_PROCESS)
@@ -1065,7 +1065,7 @@ wtmp_get_entry(struct logininfo *li)
1065 WTMP_FILE, strerror(errno)); 1065 WTMP_FILE, strerror(errno));
1066 return 0; 1066 return 0;
1067 } 1067 }
1068 if (fstat(fd, &st) != 0) { 1068 if (fstat(fd, &st) != 0) {
1069 log("wtmp_get_entry: couldn't stat %s: %s", 1069 log("wtmp_get_entry: couldn't stat %s: %s",
1070 WTMP_FILE, strerror(errno)); 1070 WTMP_FILE, strerror(errno));
1071 close(fd); 1071 close(fd);
@@ -1139,7 +1139,7 @@ wtmpx_write(struct logininfo *li, struct utmpx *utx)
1139 return 0; 1139 return 0;
1140 } 1140 }
1141 1141
1142 if (fstat(fd, &buf) == 0) 1142 if (fstat(fd, &buf) == 0)
1143 if (atomicio(write, fd, utx, sizeof(*utx)) != sizeof(*utx)) { 1143 if (atomicio(write, fd, utx, sizeof(*utx)) != sizeof(*utx)) {
1144 ftruncate(fd, buf.st_size); 1144 ftruncate(fd, buf.st_size);
1145 log("wtmpx_write: problem writing %s: %s", 1145 log("wtmpx_write: problem writing %s: %s",
@@ -1221,13 +1221,13 @@ wtmpx_get_entry(struct logininfo *li)
1221 WTMPX_FILE, strerror(errno)); 1221 WTMPX_FILE, strerror(errno));
1222 return 0; 1222 return 0;
1223 } 1223 }
1224 if (fstat(fd, &st) != 0) { 1224 if (fstat(fd, &st) != 0) {
1225 log("wtmpx_get_entry: couldn't stat %s: %s", 1225 log("wtmpx_get_entry: couldn't stat %s: %s",
1226 WTMP_FILE, strerror(errno)); 1226 WTMP_FILE, strerror(errno));
1227 close(fd); 1227 close(fd);
1228 return 0; 1228 return 0;
1229 } 1229 }
1230 1230
1231 /* Seek to the start of the last struct utmpx */ 1231 /* Seek to the start of the last struct utmpx */
1232 if (lseek(fd, (off_t)(0-sizeof(struct utmpx)), SEEK_END) == -1 ) { 1232 if (lseek(fd, (off_t)(0-sizeof(struct utmpx)), SEEK_END) == -1 ) {
1233 /* probably a newly rotated wtmpx file */ 1233 /* probably a newly rotated wtmpx file */
@@ -1295,7 +1295,7 @@ syslogin_perform_logout(struct logininfo *li)
1295{ 1295{
1296# ifdef HAVE_LOGOUT 1296# ifdef HAVE_LOGOUT
1297 char line[8]; 1297 char line[8];
1298 1298
1299 (void)line_stripname(line, li->line, sizeof(line)); 1299 (void)line_stripname(line, li->line, sizeof(line));
1300 1300
1301 if (!logout(line)) { 1301 if (!logout(line)) {
@@ -1344,7 +1344,7 @@ lastlog_construct(struct logininfo *li, struct lastlog *last)
1344{ 1344{
1345 /* clear the structure */ 1345 /* clear the structure */
1346 memset(last, '\0', sizeof(*last)); 1346 memset(last, '\0', sizeof(*last));
1347 1347
1348 (void)line_stripname(last->ll_line, li->line, sizeof(last->ll_line)); 1348 (void)line_stripname(last->ll_line, li->line, sizeof(last->ll_line));
1349 strlcpy(last->ll_host, li->hostname, 1349 strlcpy(last->ll_host, li->hostname,
1350 MIN_SIZEOF(last->ll_host, li->hostname)); 1350 MIN_SIZEOF(last->ll_host, li->hostname));
@@ -1357,7 +1357,7 @@ lastlog_filetype(char *filename)
1357 struct stat st; 1357 struct stat st;
1358 1358
1359 if (stat(LASTLOG_FILE, &st) != 0) { 1359 if (stat(LASTLOG_FILE, &st) != 0) {
1360 log("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE, 1360 log("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE,
1361 strerror(errno)); 1361 strerror(errno));
1362 return 0; 1362 return 0;
1363 } 1363 }
@@ -1399,18 +1399,18 @@ lastlog_openseek(struct logininfo *li, int *fd, int filemode)
1399 lastlog_file, strerror(errno)); 1399 lastlog_file, strerror(errno));
1400 return 0; 1400 return 0;
1401 } 1401 }
1402 1402
1403 if (type == LL_FILE) { 1403 if (type == LL_FILE) {
1404 /* find this uid's offset in the lastlog file */ 1404 /* find this uid's offset in the lastlog file */
1405 offset = (off_t) ( (long)li->uid * sizeof(struct lastlog)); 1405 offset = (off_t) ( (long)li->uid * sizeof(struct lastlog));
1406 1406
1407 if ( lseek(*fd, offset, SEEK_SET) != offset ) { 1407 if ( lseek(*fd, offset, SEEK_SET) != offset ) {
1408 log("lastlog_openseek: %s->lseek(): %s", 1408 log("lastlog_openseek: %s->lseek(): %s",
1409 lastlog_file, strerror(errno)); 1409 lastlog_file, strerror(errno));
1410 return 0; 1410 return 0;
1411 } 1411 }
1412 } 1412 }
1413 1413
1414 return 1; 1414 return 1;
1415} 1415}
1416 1416
@@ -1425,7 +1425,7 @@ lastlog_perform_login(struct logininfo *li)
1425 1425
1426 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT)) 1426 if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT))
1427 return(0); 1427 return(0);
1428 1428
1429 /* write the entry */ 1429 /* write the entry */
1430 if (atomicio(write, fd, &last, sizeof(last)) != sizeof(last)) { 1430 if (atomicio(write, fd, &last, sizeof(last)) != sizeof(last)) {
1431 close(fd); 1431 close(fd);
@@ -1454,7 +1454,7 @@ static void
1454lastlog_populate_entry(struct logininfo *li, struct lastlog *last) 1454lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
1455{ 1455{
1456 line_fullname(li->line, last->ll_line, sizeof(li->line)); 1456 line_fullname(li->line, last->ll_line, sizeof(li->line));
1457 strlcpy(li->hostname, last->ll_host, 1457 strlcpy(li->hostname, last->ll_host,
1458 MIN_SIZEOF(li->hostname, last->ll_host)); 1458 MIN_SIZEOF(li->hostname, last->ll_host));
1459 li->tv_sec = last->ll_time; 1459 li->tv_sec = last->ll_time;
1460} 1460}
@@ -1475,7 +1475,7 @@ lastlog_get_entry(struct logininfo *li)
1475 return 1; 1475 return 1;
1476 } 1476 }
1477 } else { 1477 } else {
1478 return 0; 1478 return 0;
1479 } 1479 }
1480} 1480}
1481#endif /* USE_LASTLOG */ 1481#endif /* USE_LASTLOG */
diff --git a/loginrec.h b/loginrec.h
index b3dbb43df..ecb430d50 100644
--- a/loginrec.h
+++ b/loginrec.h
@@ -30,7 +30,7 @@
30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 */ 31 */
32 32
33/** 33/**
34 ** loginrec.h: platform-independent login recording and lastlog retrieval 34 ** loginrec.h: platform-independent login recording and lastlog retrieval
35 **/ 35 **/
36 36
@@ -40,7 +40,7 @@
40#include <netinet/in.h> 40#include <netinet/in.h>
41#include <sys/socket.h> 41#include <sys/socket.h>
42 42
43/* RCSID("$Id: loginrec.h,v 1.4 2000/06/27 01:18:27 djm Exp $"); */ 43/* RCSID("$Id: loginrec.h,v 1.5 2001/02/05 12:42:18 stevesk Exp $"); */
44 44
45/** 45/**
46 ** you should use the login_* calls to work around platform dependencies 46 ** you should use the login_* calls to work around platform dependencies
@@ -86,7 +86,7 @@ struct logininfo {
86 * use time_t's value as tv_sec and set tv_usec to 0 86 * use time_t's value as tv_sec and set tv_usec to 0
87 */ 87 */
88 unsigned int tv_sec; 88 unsigned int tv_sec;
89 unsigned int tv_usec; 89 unsigned int tv_usec;
90 union login_netinfo hostaddr; /* caller's host address(es) */ 90 union login_netinfo hostaddr; /* caller's host address(es) */
91}; /* struct logininfo */ 91}; /* struct logininfo */
92 92
@@ -102,7 +102,7 @@ struct logininfo *login_alloc_entry(int pid, const char *username,
102/* free a structure */ 102/* free a structure */
103void login_free_entry(struct logininfo *li); 103void login_free_entry(struct logininfo *li);
104/* fill out a pre-allocated structure with useful information */ 104/* fill out a pre-allocated structure with useful information */
105int login_init_entry(struct logininfo *li, int pid, const char *username, 105int login_init_entry(struct logininfo *li, int pid, const char *username,
106 const char *hostname, const char *line); 106 const char *hostname, const char *line);
107/* place the current time in a logininfo struct */ 107/* place the current time in a logininfo struct */
108void login_set_current_time(struct logininfo *li); 108void login_set_current_time(struct logininfo *li);
diff --git a/logintest.c b/logintest.c
index 886052313..302034da0 100644
--- a/logintest.c
+++ b/logintest.c
@@ -27,7 +27,7 @@
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */ 28 */
29 29
30/** 30/**
31 ** logintest.c: simple test driver for platform-independent login recording 31 ** logintest.c: simple test driver for platform-independent login recording
32 ** and lastlog retrieval 32 ** and lastlog retrieval
33 **/ 33 **/
@@ -48,7 +48,7 @@
48 48
49#include "loginrec.h" 49#include "loginrec.h"
50 50
51RCSID("$Id: logintest.c,v 1.6 2000/06/19 08:25:36 andre Exp $"); 51RCSID("$Id: logintest.c,v 1.7 2001/02/05 12:42:18 stevesk Exp $");
52 52
53 53
54#define PAUSE_BEFORE_LOGOUT 3 54#define PAUSE_BEFORE_LOGOUT 3
@@ -74,10 +74,10 @@ dump_logininfo(struct logininfo *li, char *descname)
74 "\t\t\tfamily\t%d\n\t\t}\n" 74 "\t\t\tfamily\t%d\n\t\t}\n"
75 "\t}\n" 75 "\t}\n"
76 "}\n", 76 "}\n",
77 descname, li->progname, li->type, 77 descname, li->progname, li->type,
78 li->pid, li->uid, li->line, 78 li->pid, li->uid, li->line,
79 li->username, li->hostname, li->exit, 79 li->username, li->hostname, li->exit,
80 li->termination, li->tv_sec, li->tv_usec, 80 li->termination, li->tv_sec, li->tv_usec,
81 li->hostaddr.sa.sa_family); 81 li->hostaddr.sa.sa_family);
82} 82}
83 83
@@ -134,7 +134,7 @@ testAPI()
134 134
135 if (nologtest) 135 if (nologtest)
136 return 1; 136 return 1;
137 137
138 line_stripname(stripline, li1->line, sizeof(stripline)); 138 line_stripname(stripline, li1->line, sizeof(stripline));
139 139
140 printf("Performing an invalid login attempt (no type field)\n--\n"); 140 printf("Performing an invalid login attempt (no type field)\n--\n");
@@ -159,11 +159,11 @@ testAPI()
159#endif 159#endif
160 printf("--\n"); 160 printf("--\n");
161 login_login(li1); 161 login_login(li1);
162 162
163 snprintf(cmdstring, sizeof(cmdstring), "who | grep '%s '", 163 snprintf(cmdstring, sizeof(cmdstring), "who | grep '%s '",
164 stripline); 164 stripline);
165 system(cmdstring); 165 system(cmdstring);
166 166
167 printf("--\nPausing for %d second(s)...\n", PAUSE_BEFORE_LOGOUT); 167 printf("--\nPausing for %d second(s)...\n", PAUSE_BEFORE_LOGOUT);
168 sleep(PAUSE_BEFORE_LOGOUT); 168 sleep(PAUSE_BEFORE_LOGOUT);
169 169
@@ -205,12 +205,12 @@ testAPI()
205#endif 205#endif
206 206
207 printf("--\nThe output of 'last' shown next should have " 207 printf("--\nThe output of 'last' shown next should have "
208 "an entry for root \n on %s for the time shown above:\n--\n", 208 "an entry for root \n on %s for the time shown above:\n--\n",
209 stripline); 209 stripline);
210 snprintf(cmdstring, sizeof(cmdstring), "last | grep '%s ' | head -3", 210 snprintf(cmdstring, sizeof(cmdstring), "last | grep '%s ' | head -3",
211 stripline); 211 stripline);
212 system(cmdstring); 212 system(cmdstring);
213 213
214 printf("--\nEnd of login test.\n"); 214 printf("--\nEnd of login test.\n");
215 215
216 login_free_entry(li1); 216 login_free_entry(li1);
@@ -255,9 +255,9 @@ testOutput()
255/* show which options got compiled in */ 255/* show which options got compiled in */
256void 256void
257showOptions(void) 257showOptions(void)
258{ 258{
259 printf("**\n** Compile-time options\n**\n"); 259 printf("**\n** Compile-time options\n**\n");
260 260
261 printf("login recording methods selected:\n"); 261 printf("login recording methods selected:\n");
262#ifdef USE_LOGIN 262#ifdef USE_LOGIN
263 printf("\tUSE_LOGIN\n"); 263 printf("\tUSE_LOGIN\n");
@@ -293,17 +293,17 @@ main(int argc, char *argv[])
293 else if (strncmp(argv[1], "-v", 3) == 0) 293 else if (strncmp(argv[1], "-v", 3) == 0)
294 be_verbose=1; 294 be_verbose=1;
295 } 295 }
296 296
297 if (!compile_opts_only) { 297 if (!compile_opts_only) {
298 if (be_verbose && !testOutput()) 298 if (be_verbose && !testOutput())
299 return 1; 299 return 1;
300 300
301 if (!testAPI()) 301 if (!testAPI())
302 return 1; 302 return 1;
303 } 303 }
304 304
305 showOptions(); 305 showOptions();
306 306
307 return 0; 307 return 0;
308} /* main() */ 308} /* main() */
309 309
diff --git a/md5crypt.c b/md5crypt.c
index a9f0f26dd..26007831a 100644
--- a/md5crypt.c
+++ b/md5crypt.c
@@ -27,11 +27,11 @@ static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
27 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; 27 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
28 28
29static char *magic = "$1$"; /* 29static char *magic = "$1$"; /*
30 * This string is magic for 30 * This string is magic for
31 * this algorithm. Having 31 * this algorithm. Having
32 * it this way, we can get 32 * it this way, we can get
33 * get better later on 33 * get better later on
34 */ 34 */
35 35
36static void 36static void
37to64(char *s, unsigned long v, int n) 37to64(char *s, unsigned long v, int n)
@@ -45,7 +45,7 @@ to64(char *s, unsigned long v, int n)
45int 45int
46is_md5_salt(const char *salt) 46is_md5_salt(const char *salt)
47{ 47{
48 return (!strncmp(salt, magic, strlen(magic))); 48 return (!strncmp(salt, magic, strlen(magic)));
49} 49}
50 50
51/* 51/*
diff --git a/nchan.c b/nchan.c
index d049a945a..6c347203d 100644
--- a/nchan.c
+++ b/nchan.c
@@ -481,7 +481,7 @@ chan_shutdown_read(Channel *c)
481 return; 481 return;
482 debug("channel %d: close_read", c->self); 482 debug("channel %d: close_read", c->self);
483 if (c->sock != -1) { 483 if (c->sock != -1) {
484 /* 484 /*
485 * shutdown(sock, SHUT_READ) may return ENOTCONN if the 485 * shutdown(sock, SHUT_READ) may return ENOTCONN if the
486 * write side has been closed already. (bug on Linux) 486 * write side has been closed already. (bug on Linux)
487 */ 487 */
diff --git a/packet.c b/packet.c
index 53495b933..9ad87beb4 100644
--- a/packet.c
+++ b/packet.c
@@ -989,7 +989,7 @@ packet_read_poll(int *payload_len_ptr)
989 default: 989 default:
990 return type; 990 return type;
991 break; 991 break;
992 } 992 }
993 } else { 993 } else {
994 switch(type) { 994 switch(type) {
995 case SSH_MSG_IGNORE: 995 case SSH_MSG_IGNORE:
@@ -1011,7 +1011,7 @@ packet_read_poll(int *payload_len_ptr)
1011 DBG(debug("received packet type %d", type)); 1011 DBG(debug("received packet type %d", type));
1012 return type; 1012 return type;
1013 break; 1013 break;
1014 } 1014 }
1015 } 1015 }
1016 } 1016 }
1017} 1017}
diff --git a/pty.c b/pty.c
index 384e921b5..83b219b90 100644
--- a/pty.c
+++ b/pty.c
@@ -176,8 +176,8 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
176 *ptyfd = open(buf, O_RDWR | O_NOCTTY); 176 *ptyfd = open(buf, O_RDWR | O_NOCTTY);
177 if (*ptyfd < 0) 177 if (*ptyfd < 0)
178 continue; 178 continue;
179 } 179 }
180 180
181 /* Open the slave side. */ 181 /* Open the slave side. */
182 *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); 182 *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
183 if (*ttyfd < 0) { 183 if (*ttyfd < 0) {
@@ -315,11 +315,11 @@ pty_setowner(struct passwd *pw, const char *ttyname)
315 if (chown(ttyname, pw->pw_uid, gid) < 0) { 315 if (chown(ttyname, pw->pw_uid, gid) < 0) {
316 if (errno == EROFS && st.st_uid == pw->pw_uid) 316 if (errno == EROFS && st.st_uid == pw->pw_uid)
317 error("chown(%.100s, %d, %d) failed: %.100s", 317 error("chown(%.100s, %d, %d) failed: %.100s",
318 ttyname, pw->pw_uid, gid, 318 ttyname, pw->pw_uid, gid,
319 strerror(errno)); 319 strerror(errno));
320 else 320 else
321 fatal("chown(%.100s, %d, %d) failed: %.100s", 321 fatal("chown(%.100s, %d, %d) failed: %.100s",
322 ttyname, pw->pw_uid, gid, 322 ttyname, pw->pw_uid, gid,
323 strerror(errno)); 323 strerror(errno));
324 } 324 }
325 } 325 }
diff --git a/rijndael.c b/rijndael.c
index 10c779b4c..aa32be514 100644
--- a/rijndael.c
+++ b/rijndael.c
@@ -54,7 +54,7 @@ void gen_tabs __P((void));
54 54
55#define bswap(x) ((rotl(x, 8) & 0x00ff00ff) | (rotr(x, 8) & 0xff00ff00)) 55#define bswap(x) ((rotl(x, 8) & 0x00ff00ff) | (rotr(x, 8) & 0xff00ff00))
56 56
57/* Extract byte from a 32 bit quantity (little endian notation) */ 57/* Extract byte from a 32 bit quantity (little endian notation) */
58 58
59#define byte(x,n) ((u1byte)((x) >> (8 * n))) 59#define byte(x,n) ((u1byte)((x) >> (8 * n)))
60 60
@@ -89,15 +89,15 @@ u4byte tab_gen = 0;
89 89
90#define f_rn(bo, bi, n, k) \ 90#define f_rn(bo, bi, n, k) \
91 bo[n] = ft_tab[0][byte(bi[n],0)] ^ \ 91 bo[n] = ft_tab[0][byte(bi[n],0)] ^ \
92 ft_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ 92 ft_tab[1][byte(bi[(n + 1) & 3],1)] ^ \
93 ft_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ 93 ft_tab[2][byte(bi[(n + 2) & 3],2)] ^ \
94 ft_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) 94 ft_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n)
95 95
96#define i_rn(bo, bi, n, k) \ 96#define i_rn(bo, bi, n, k) \
97 bo[n] = it_tab[0][byte(bi[n],0)] ^ \ 97 bo[n] = it_tab[0][byte(bi[n],0)] ^ \
98 it_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ 98 it_tab[1][byte(bi[(n + 3) & 3],1)] ^ \
99 it_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ 99 it_tab[2][byte(bi[(n + 2) & 3],2)] ^ \
100 it_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) 100 it_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n)
101 101
102#ifdef LARGE_TABLES 102#ifdef LARGE_TABLES
103 103
@@ -109,15 +109,15 @@ u4byte tab_gen = 0;
109 109
110#define f_rl(bo, bi, n, k) \ 110#define f_rl(bo, bi, n, k) \
111 bo[n] = fl_tab[0][byte(bi[n],0)] ^ \ 111 bo[n] = fl_tab[0][byte(bi[n],0)] ^ \
112 fl_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ 112 fl_tab[1][byte(bi[(n + 1) & 3],1)] ^ \
113 fl_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ 113 fl_tab[2][byte(bi[(n + 2) & 3],2)] ^ \
114 fl_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) 114 fl_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n)
115 115
116#define i_rl(bo, bi, n, k) \ 116#define i_rl(bo, bi, n, k) \
117 bo[n] = il_tab[0][byte(bi[n],0)] ^ \ 117 bo[n] = il_tab[0][byte(bi[n],0)] ^ \
118 il_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ 118 il_tab[1][byte(bi[(n + 3) & 3],1)] ^ \
119 il_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ 119 il_tab[2][byte(bi[(n + 2) & 3],2)] ^ \
120 il_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) 120 il_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n)
121 121
122#else 122#else
123 123
@@ -129,15 +129,15 @@ u4byte tab_gen = 0;
129 129
130#define f_rl(bo, bi, n, k) \ 130#define f_rl(bo, bi, n, k) \
131 bo[n] = (u4byte)sbx_tab[byte(bi[n],0)] ^ \ 131 bo[n] = (u4byte)sbx_tab[byte(bi[n],0)] ^ \
132 rotl(((u4byte)sbx_tab[byte(bi[(n + 1) & 3],1)]), 8) ^ \ 132 rotl(((u4byte)sbx_tab[byte(bi[(n + 1) & 3],1)]), 8) ^ \
133 rotl(((u4byte)sbx_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \ 133 rotl(((u4byte)sbx_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \
134 rotl(((u4byte)sbx_tab[byte(bi[(n + 3) & 3],3)]), 24) ^ *(k + n) 134 rotl(((u4byte)sbx_tab[byte(bi[(n + 3) & 3],3)]), 24) ^ *(k + n)
135 135
136#define i_rl(bo, bi, n, k) \ 136#define i_rl(bo, bi, n, k) \
137 bo[n] = (u4byte)isb_tab[byte(bi[n],0)] ^ \ 137 bo[n] = (u4byte)isb_tab[byte(bi[n],0)] ^ \
138 rotl(((u4byte)isb_tab[byte(bi[(n + 3) & 3],1)]), 8) ^ \ 138 rotl(((u4byte)isb_tab[byte(bi[(n + 3) & 3],1)]), 8) ^ \
139 rotl(((u4byte)isb_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \ 139 rotl(((u4byte)isb_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \
140 rotl(((u4byte)isb_tab[byte(bi[(n + 1) & 3],3)]), 24) ^ *(k + n) 140 rotl(((u4byte)isb_tab[byte(bi[(n + 1) & 3],3)]), 24) ^ *(k + n)
141 141
142#endif 142#endif
143 143
@@ -160,7 +160,7 @@ gen_tabs(void)
160 log_tab[1] = 0; p = 1; 160 log_tab[1] = 0; p = 1;
161 161
162 for(i = 0; i < 10; ++i) { 162 for(i = 0; i < 10; ++i) {
163 rco_tab[i] = p; 163 rco_tab[i] = p;
164 164
165 p = (p << 1) ^ (p & 0x80 ? 0x1b : 0); 165 p = (p << 1) ^ (p & 0x80 ? 0x1b : 0);
166 } 166 }
@@ -172,19 +172,19 @@ gen_tabs(void)
172 /* least significant end of a byte. */ 172 /* least significant end of a byte. */
173 173
174 for(i = 0; i < 256; ++i) { 174 for(i = 0; i < 256; ++i) {
175 p = (i ? pow_tab[255 - log_tab[i]] : 0); q = p; 175 p = (i ? pow_tab[255 - log_tab[i]] : 0); q = p;
176 q = (q >> 7) | (q << 1); p ^= q; 176 q = (q >> 7) | (q << 1); p ^= q;
177 q = (q >> 7) | (q << 1); p ^= q; 177 q = (q >> 7) | (q << 1); p ^= q;
178 q = (q >> 7) | (q << 1); p ^= q; 178 q = (q >> 7) | (q << 1); p ^= q;
179 q = (q >> 7) | (q << 1); p ^= q ^ 0x63; 179 q = (q >> 7) | (q << 1); p ^= q ^ 0x63;
180 sbx_tab[i] = (u1byte)p; isb_tab[p] = (u1byte)i; 180 sbx_tab[i] = (u1byte)p; isb_tab[p] = (u1byte)i;
181 } 181 }
182 182
183 for(i = 0; i < 256; ++i) { 183 for(i = 0; i < 256; ++i) {
184 p = sbx_tab[i]; 184 p = sbx_tab[i];
185
186#ifdef LARGE_TABLES
185 187
186#ifdef LARGE_TABLES
187
188 t = p; fl_tab[0][i] = t; 188 t = p; fl_tab[0][i] = t;
189 fl_tab[1][i] = rotl(t, 8); 189 fl_tab[1][i] = rotl(t, 8);
190 fl_tab[2][i] = rotl(t, 16); 190 fl_tab[2][i] = rotl(t, 16);
@@ -194,30 +194,30 @@ gen_tabs(void)
194 ((u4byte)p << 8) | 194 ((u4byte)p << 8) |
195 ((u4byte)p << 16) | 195 ((u4byte)p << 16) |
196 ((u4byte)ff_mult(3, p) << 24); 196 ((u4byte)ff_mult(3, p) << 24);
197 197
198 ft_tab[0][i] = t; 198 ft_tab[0][i] = t;
199 ft_tab[1][i] = rotl(t, 8); 199 ft_tab[1][i] = rotl(t, 8);
200 ft_tab[2][i] = rotl(t, 16); 200 ft_tab[2][i] = rotl(t, 16);
201 ft_tab[3][i] = rotl(t, 24); 201 ft_tab[3][i] = rotl(t, 24);
202 202
203 p = isb_tab[i]; 203 p = isb_tab[i];
204 204
205#ifdef LARGE_TABLES 205#ifdef LARGE_TABLES
206 206
207 t = p; il_tab[0][i] = t; 207 t = p; il_tab[0][i] = t;
208 il_tab[1][i] = rotl(t, 8); 208 il_tab[1][i] = rotl(t, 8);
209 il_tab[2][i] = rotl(t, 16); 209 il_tab[2][i] = rotl(t, 16);
210 il_tab[3][i] = rotl(t, 24); 210 il_tab[3][i] = rotl(t, 24);
211#endif 211#endif
212 t = ((u4byte)ff_mult(14, p)) | 212 t = ((u4byte)ff_mult(14, p)) |
213 ((u4byte)ff_mult( 9, p) << 8) | 213 ((u4byte)ff_mult( 9, p) << 8) |
214 ((u4byte)ff_mult(13, p) << 16) | 214 ((u4byte)ff_mult(13, p) << 16) |
215 ((u4byte)ff_mult(11, p) << 24); 215 ((u4byte)ff_mult(11, p) << 24);
216 216
217 it_tab[0][i] = t; 217 it_tab[0][i] = t;
218 it_tab[1][i] = rotl(t, 8); 218 it_tab[1][i] = rotl(t, 8);
219 it_tab[2][i] = rotl(t, 16); 219 it_tab[2][i] = rotl(t, 16);
220 it_tab[3][i] = rotl(t, 24); 220 it_tab[3][i] = rotl(t, 24);
221 } 221 }
222 222
223 tab_gen = 1; 223 tab_gen = 1;
@@ -232,8 +232,8 @@ gen_tabs(void)
232 t = w ^ (x); \ 232 t = w ^ (x); \
233 (y) = u ^ v ^ w; \ 233 (y) = u ^ v ^ w; \
234 (y) ^= rotr(u ^ t, 8) ^ \ 234 (y) ^= rotr(u ^ t, 8) ^ \
235 rotr(v ^ t, 16) ^ \ 235 rotr(v ^ t, 16) ^ \
236 rotr(t,24) 236 rotr(t,24)
237 237
238/* initialise the key schedule from the user supplied key */ 238/* initialise the key schedule from the user supplied key */
239 239
@@ -271,7 +271,7 @@ gen_tabs(void)
271rijndael_ctx * 271rijndael_ctx *
272rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len, 272rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len,
273 int encrypt) 273 int encrypt)
274{ 274{
275 u4byte i, t, u, v, w; 275 u4byte i, t, u, v, w;
276 u4byte *e_key = ctx->e_key; 276 u4byte *e_key = ctx->e_key;
277 u4byte *d_key = ctx->d_key; 277 u4byte *d_key = ctx->d_key;
@@ -285,23 +285,23 @@ rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len,
285 285
286 e_key[0] = io_swap(in_key[0]); e_key[1] = io_swap(in_key[1]); 286 e_key[0] = io_swap(in_key[0]); e_key[1] = io_swap(in_key[1]);
287 e_key[2] = io_swap(in_key[2]); e_key[3] = io_swap(in_key[3]); 287 e_key[2] = io_swap(in_key[2]); e_key[3] = io_swap(in_key[3]);
288 288
289 switch(ctx->k_len) { 289 switch(ctx->k_len) {
290 case 4: t = e_key[3]; 290 case 4: t = e_key[3];
291 for(i = 0; i < 10; ++i) 291 for(i = 0; i < 10; ++i)
292 loop4(i); 292 loop4(i);
293 break; 293 break;
294 294
295 case 6: e_key[4] = io_swap(in_key[4]); t = e_key[5] = io_swap(in_key[5]); 295 case 6: e_key[4] = io_swap(in_key[4]); t = e_key[5] = io_swap(in_key[5]);
296 for(i = 0; i < 8; ++i) 296 for(i = 0; i < 8; ++i)
297 loop6(i); 297 loop6(i);
298 break; 298 break;
299 299
300 case 8: e_key[4] = io_swap(in_key[4]); e_key[5] = io_swap(in_key[5]); 300 case 8: e_key[4] = io_swap(in_key[4]); e_key[5] = io_swap(in_key[5]);
301 e_key[6] = io_swap(in_key[6]); t = e_key[7] = io_swap(in_key[7]); 301 e_key[6] = io_swap(in_key[6]); t = e_key[7] = io_swap(in_key[7]);
302 for(i = 0; i < 7; ++i) 302 for(i = 0; i < 7; ++i)
303 loop8(i); 303 loop8(i);
304 break; 304 break;
305 } 305 }
306 306
307 if (!encrypt) { 307 if (!encrypt) {
@@ -333,7 +333,7 @@ rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len,
333 333
334void 334void
335rijndael_encrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) 335rijndael_encrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk)
336{ 336{
337 u4byte k_len = ctx->k_len; 337 u4byte k_len = ctx->k_len;
338 u4byte *e_key = ctx->e_key; 338 u4byte *e_key = ctx->e_key;
339 u4byte b0[4], b1[4], *kp; 339 u4byte b0[4], b1[4], *kp;
@@ -380,7 +380,7 @@ rijndael_encrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk)
380 380
381void 381void
382rijndael_decrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) 382rijndael_decrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk)
383{ 383{
384 u4byte b0[4], b1[4], *kp; 384 u4byte b0[4], b1[4], *kp;
385 u4byte k_len = ctx->k_len; 385 u4byte k_len = ctx->k_len;
386 u4byte *e_key = ctx->e_key; 386 u4byte *e_key = ctx->e_key;
diff --git a/rsa.c b/rsa.c
index 100524607..739f92ce2 100644
--- a/rsa.c
+++ b/rsa.c
@@ -8,7 +8,7 @@
8 * software must be clearly marked as such, and if the derived work is 8 * software must be clearly marked as such, and if the derived work is
9 * incompatible with the protocol description in the RFC file, it must be 9 * incompatible with the protocol description in the RFC file, it must be
10 * called by a name other than "ssh" or "Secure Shell". 10 * called by a name other than "ssh" or "Secure Shell".
11 * 11 *
12 * 12 *
13 * Copyright (c) 1999 Niels Provos. All rights reserved. 13 * Copyright (c) 1999 Niels Provos. All rights reserved.
14 * 14 *
diff --git a/scp.c b/scp.c
index f8f123af4..7d818a558 100644
--- a/scp.c
+++ b/scp.c
@@ -308,7 +308,7 @@ main(argc, argv)
308 remin = STDIN_FILENO; 308 remin = STDIN_FILENO;
309 remout = STDOUT_FILENO; 309 remout = STDOUT_FILENO;
310 310
311 if (fflag) { 311 if (fflag) {
312 /* Follow "protocol", send data. */ 312 /* Follow "protocol", send data. */
313 (void) response(); 313 (void) response();
314 source(argc, argv); 314 source(argc, argv);
@@ -1060,7 +1060,7 @@ allocbuf(bp, fd, blksize)
1060 size = blksize + (stb.st_blksize - blksize % stb.st_blksize) % 1060 size = blksize + (stb.st_blksize - blksize % stb.st_blksize) %
1061 stb.st_blksize; 1061 stb.st_blksize;
1062#else /* HAVE_ST_BLKSIZE */ 1062#else /* HAVE_ST_BLKSIZE */
1063 size = blksize; 1063 size = blksize;
1064#endif /* HAVE_ST_BLKSIZE */ 1064#endif /* HAVE_ST_BLKSIZE */
1065 if (bp->cnt >= size) 1065 if (bp->cnt >= size)
1066 return (bp); 1066 return (bp);
diff --git a/servconf.c b/servconf.c
index 5fa41e028..916215061 100644
--- a/servconf.c
+++ b/servconf.c
@@ -222,7 +222,7 @@ static struct {
222 { "port", sPort }, 222 { "port", sPort },
223 { "hostkey", sHostKeyFile }, 223 { "hostkey", sHostKeyFile },
224 { "hostdsakey", sHostKeyFile }, /* alias */ 224 { "hostdsakey", sHostKeyFile }, /* alias */
225 { "pidfile", sPidFile }, 225 { "pidfile", sPidFile },
226 { "serverkeybits", sServerKeyBits }, 226 { "serverkeybits", sServerKeyBits },
227 { "logingracetime", sLoginGraceTime }, 227 { "logingracetime", sLoginGraceTime },
228 { "keyregenerationinterval", sKeyRegenerationTime }, 228 { "keyregenerationinterval", sKeyRegenerationTime },
@@ -560,7 +560,7 @@ parse_flag:
560 case sXAuthLocation: 560 case sXAuthLocation:
561 charptr = &options->xauth_location; 561 charptr = &options->xauth_location;
562 goto parse_filename; 562 goto parse_filename;
563 563
564 case sStrictModes: 564 case sStrictModes:
565 intptr = &options->strict_modes; 565 intptr = &options->strict_modes;
566 goto parse_flag; 566 goto parse_flag;
@@ -716,14 +716,14 @@ parse_flag:
716 case sBanner: 716 case sBanner:
717 charptr = &options->banner; 717 charptr = &options->banner;
718 goto parse_filename; 718 goto parse_filename;
719 719
720 default: 720 default:
721 fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n", 721 fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n",
722 filename, linenum, arg, opcode); 722 filename, linenum, arg, opcode);
723 exit(1); 723 exit(1);
724 } 724 }
725 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') { 725 if ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
726 fprintf(stderr, 726 fprintf(stderr,
727 "%s line %d: garbage at end of line; \"%.200s\".\n", 727 "%s line %d: garbage at end of line; \"%.200s\".\n",
728 filename, linenum, arg); 728 filename, linenum, arg);
729 exit(1); 729 exit(1);
diff --git a/serverloop.c b/serverloop.c
index 353733d31..5a567a252 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -162,7 +162,7 @@ make_packets_from_stdout_data()
162 } else { 162 } else {
163 /* Keep the packets at reasonable size. */ 163 /* Keep the packets at reasonable size. */
164 if (len > packet_get_maxsize()) 164 if (len > packet_get_maxsize())
165 len = packet_get_maxsize(); 165 len = packet_get_maxsize();
166 } 166 }
167 packet_start(SSH_SMSG_STDOUT_DATA); 167 packet_start(SSH_SMSG_STDOUT_DATA);
168 packet_put_string(buffer_ptr(&stdout_buffer), len); 168 packet_put_string(buffer_ptr(&stdout_buffer), len);
@@ -832,7 +832,7 @@ server_input_channel_open(int type, int plen, void *ctxt)
832 xfree(ctype); 832 xfree(ctype);
833} 833}
834 834
835void 835void
836server_input_global_request(int type, int plen, void *ctxt) 836server_input_global_request(int type, int plen, void *ctxt)
837{ 837{
838 char *rtype; 838 char *rtype;
@@ -842,7 +842,7 @@ server_input_global_request(int type, int plen, void *ctxt)
842 rtype = packet_get_string(NULL); 842 rtype = packet_get_string(NULL);
843 want_reply = packet_get_char(); 843 want_reply = packet_get_char();
844 debug("server_input_global_request: rtype %s want_reply %d", rtype, want_reply); 844 debug("server_input_global_request: rtype %s want_reply %d", rtype, want_reply);
845 845
846 if (strcmp(rtype, "tcpip-forward") == 0) { 846 if (strcmp(rtype, "tcpip-forward") == 0) {
847 struct passwd *pw; 847 struct passwd *pw;
848 char *listen_address; 848 char *listen_address;
diff --git a/session.c b/session.c
index 51b661afb..dcbf70f31 100644
--- a/session.c
+++ b/session.c
@@ -62,7 +62,7 @@ RCSID("$OpenBSD: session.c,v 1.52 2001/02/03 10:08:37 markus Exp $");
62#endif /* WITH_IRIX_PROJECT */ 62#endif /* WITH_IRIX_PROJECT */
63#ifdef WITH_IRIX_JOBS 63#ifdef WITH_IRIX_JOBS
64#include <sys/resource.h> 64#include <sys/resource.h>
65#endif 65#endif
66#ifdef WITH_IRIX_AUDIT 66#ifdef WITH_IRIX_AUDIT
67#include <sat.h> 67#include <sat.h>
68#endif /* WITH_IRIX_AUDIT */ 68#endif /* WITH_IRIX_AUDIT */
@@ -150,7 +150,7 @@ extern int startup_pipe;
150static char *xauthfile; 150static char *xauthfile;
151 151
152/* original command from peer. */ 152/* original command from peer. */
153char *original_command = NULL; 153char *original_command = NULL;
154 154
155/* data */ 155/* data */
156#define MAX_SESSIONS 10 156#define MAX_SESSIONS 10
@@ -874,11 +874,11 @@ void do_pam_environment(char ***env, int *envsize)
874 874
875 if ((pam_env = fetch_pam_environment()) == NULL) 875 if ((pam_env = fetch_pam_environment()) == NULL)
876 return; 876 return;
877 877
878 for(i = 0; pam_env[i] != NULL; i++) { 878 for(i = 0; pam_env[i] != NULL; i++) {
879 if ((equals = strstr(pam_env[i], "=")) == NULL) 879 if ((equals = strstr(pam_env[i], "=")) == NULL)
880 continue; 880 continue;
881 881
882 if (strlen(pam_env[i]) < (sizeof(var_name) - 1)) { 882 if (strlen(pam_env[i]) < (sizeof(var_name) - 1)) {
883 memset(var_name, '\0', sizeof(var_name)); 883 memset(var_name, '\0', sizeof(var_name));
884 memset(var_val, '\0', sizeof(var_val)); 884 memset(var_val, '\0', sizeof(var_val));
@@ -904,7 +904,7 @@ void copy_environment(char ***env, int *envsize)
904 for(i = 0; environ[i] != NULL; i++) { 904 for(i = 0; environ[i] != NULL; i++) {
905 if ((equals = strstr(environ[i], "=")) == NULL) 905 if ((equals = strstr(environ[i], "=")) == NULL)
906 continue; 906 continue;
907 907
908 if (strlen(environ[i]) < (sizeof(var_name) - 1)) { 908 if (strlen(environ[i]) < (sizeof(var_name) - 1)) {
909 memset(var_name, '\0', sizeof(var_name)); 909 memset(var_name, '\0', sizeof(var_name));
910 memset(var_val, '\0', sizeof(var_val)); 910 memset(var_val, '\0', sizeof(var_val));
@@ -1106,7 +1106,7 @@ do_child(const char *command, struct passwd * pw, const char *term,
1106 if (jid == -1) { 1106 if (jid == -1) {
1107 fatal("Failed to create job container: %.100s", 1107 fatal("Failed to create job container: %.100s",
1108 strerror(errno)); 1108 strerror(errno));
1109 } 1109 }
1110# endif /* WITH_IRIX_JOBS */ 1110# endif /* WITH_IRIX_JOBS */
1111# ifdef WITH_IRIX_ARRAY 1111# ifdef WITH_IRIX_ARRAY
1112 /* initialize array session */ 1112 /* initialize array session */
@@ -1384,7 +1384,7 @@ do_child(const char *command, struct passwd * pw, const char *term,
1384 fprintf(f, "add %s %s %s\n", display, 1384 fprintf(f, "add %s %s %s\n", display,
1385 auth_proto, auth_data); 1385 auth_proto, auth_data);
1386#ifndef HAVE_CYGWIN /* Unix sockets are not supported */ 1386#ifndef HAVE_CYGWIN /* Unix sockets are not supported */
1387 if (screen != NULL) 1387 if (screen != NULL)
1388 fprintf(f, "add %.*s/unix%s %s %s\n", 1388 fprintf(f, "add %.*s/unix%s %s %s\n",
1389 (int)(screen-display), display, 1389 (int)(screen-display), display,
1390 screen, auth_proto, auth_data); 1390 screen, auth_proto, auth_data);
@@ -1968,7 +1968,7 @@ session_close_by_channel(int id, void *arg)
1968 session_close(s); 1968 session_close(s);
1969 } else { 1969 } else {
1970 /* notify child, delay session cleanup */ 1970 /* notify child, delay session cleanup */
1971 if (s->pid <= 1) 1971 if (s->pid <= 1)
1972 fatal("session_close_by_channel: Unsafe s->pid = %d", s->pid); 1972 fatal("session_close_by_channel: Unsafe s->pid = %d", s->pid);
1973 if (kill(s->pid, (s->ttyfd == -1) ? SIGTERM : SIGHUP) < 0) 1973 if (kill(s->pid, (s->ttyfd == -1) ? SIGTERM : SIGHUP) < 0)
1974 error("session_close_by_channel: kill %d: %s", 1974 error("session_close_by_channel: kill %d: %s",
diff --git a/sftp-client.c b/sftp-client.c
index 458d7364a..c64a43f7a 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -222,7 +222,7 @@ do_init(int fd_in, int fd_out)
222 222
223 get_msg(fd_in, &msg); 223 get_msg(fd_in, &msg);
224 224
225 /* Expecting a VERSION reply */ 225 /* Expecting a VERSION reply */
226 if ((type = buffer_get_char(&msg)) != SSH2_FXP_VERSION) { 226 if ((type = buffer_get_char(&msg)) != SSH2_FXP_VERSION) {
227 error("Invalid packet back from SSH2_FXP_INIT (type %d)", 227 error("Invalid packet back from SSH2_FXP_INIT (type %d)",
228 type); 228 type);
diff --git a/sftp-int.c b/sftp-int.c
index bdb470b1c..9ec5b9712 100644
--- a/sftp-int.c
+++ b/sftp-int.c
@@ -130,10 +130,10 @@ local_do_shell(const char *args)
130 int ret, status; 130 int ret, status;
131 char *shell; 131 char *shell;
132 pid_t pid; 132 pid_t pid;
133 133
134 if (!*args) 134 if (!*args)
135 args = NULL; 135 args = NULL;
136 136
137 if ((shell = getenv("SHELL")) == NULL) 137 if ((shell = getenv("SHELL")) == NULL)
138 shell = _PATH_BSHELL; 138 shell = _PATH_BSHELL;
139 139
@@ -149,7 +149,7 @@ local_do_shell(const char *args)
149 debug3("Executing %s", shell); 149 debug3("Executing %s", shell);
150 ret = execl(shell, shell, NULL); 150 ret = execl(shell, shell, NULL);
151 } 151 }
152 fprintf(stderr, "Couldn't execute \"%s\": %s\n", shell, 152 fprintf(stderr, "Couldn't execute \"%s\": %s\n", shell,
153 strerror(errno)); 153 strerror(errno));
154 _exit(1); 154 _exit(1);
155 } 155 }
@@ -161,7 +161,7 @@ local_do_shell(const char *args)
161 error("Shell exited with status %d", WEXITSTATUS(status)); 161 error("Shell exited with status %d", WEXITSTATUS(status));
162} 162}
163 163
164void 164void
165local_do_ls(const char *args) 165local_do_ls(const char *args)
166{ 166{
167 if (!args || !*args) 167 if (!args || !*args)
@@ -367,7 +367,7 @@ parse_args(const char **cpp, int *pflag, unsigned long *n_arg,
367 if (get_pathname(&cp, path1)) 367 if (get_pathname(&cp, path1))
368 return(-1); 368 return(-1);
369 if (*path1 == NULL) { 369 if (*path1 == NULL) {
370 error("You must specify a path after a %s command.", 370 error("You must specify a path after a %s command.",
371 cmd); 371 cmd);
372 return(-1); 372 return(-1);
373 } 373 }
@@ -403,7 +403,7 @@ parse_args(const char **cpp, int *pflag, unsigned long *n_arg,
403 if (get_pathname(&cp, path1)) 403 if (get_pathname(&cp, path1))
404 return(-1); 404 return(-1);
405 if (*path1 == NULL) { 405 if (*path1 == NULL) {
406 error("You must specify a path after a %s command.", 406 error("You must specify a path after a %s command.",
407 cmd); 407 cmd);
408 return(-1); 408 return(-1);
409 } 409 }
diff --git a/sftp-server.c b/sftp-server.c
index 0e0040094..51026de4e 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -207,7 +207,7 @@ handle_to_dir(int handle)
207int 207int
208handle_to_fd(int handle) 208handle_to_fd(int handle)
209{ 209{
210 if (handle_is_ok(handle, HANDLE_FILE)) 210 if (handle_is_ok(handle, HANDLE_FILE))
211 return handles[handle].fd; 211 return handles[handle].fd;
212 return -1; 212 return -1;
213} 213}
@@ -616,7 +616,7 @@ process_opendir(void)
616 id = get_int(); 616 id = get_int();
617 path = get_string(NULL); 617 path = get_string(NULL);
618 TRACE("opendir id %d path %s", id, path); 618 TRACE("opendir id %d path %s", id, path);
619 dirp = opendir(path); 619 dirp = opendir(path);
620 if (dirp == NULL) { 620 if (dirp == NULL) {
621 status = errno_to_portable(errno); 621 status = errno_to_portable(errno);
622 } else { 622 } else {
@@ -627,7 +627,7 @@ process_opendir(void)
627 send_handle(id, handle); 627 send_handle(id, handle);
628 status = SSH2_FX_OK; 628 status = SSH2_FX_OK;
629 } 629 }
630 630
631 } 631 }
632 if (status != SSH2_FX_OK) 632 if (status != SSH2_FX_OK)
633 send_status(id, status); 633 send_status(id, status);
@@ -932,7 +932,7 @@ main(int ac, char **av)
932 handle_init(); 932 handle_init();
933 933
934#ifdef DEBUG_SFTP_SERVER 934#ifdef DEBUG_SFTP_SERVER
935 log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); 935 log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
936#endif 936#endif
937 937
938 in = dup(STDIN_FILENO); 938 in = dup(STDIN_FILENO);
diff --git a/sftp.c b/sftp.c
index 0dca12d85..be4954b17 100644
--- a/sftp.c
+++ b/sftp.c
@@ -125,14 +125,14 @@ make_ssh_args(char *add_arg)
125 return(args); 125 return(args);
126} 126}
127 127
128void 128void
129usage(void) 129usage(void)
130{ 130{
131 fprintf(stderr, "usage: sftp [-vC] [-osshopt=value] [user@]host\n"); 131 fprintf(stderr, "usage: sftp [-vC] [-osshopt=value] [user@]host\n");
132 exit(1); 132 exit(1);
133} 133}
134 134
135int 135int
136main(int argc, char **argv) 136main(int argc, char **argv)
137{ 137{
138 int in, out, i, debug_level, compress_flag; 138 int in, out, i, debug_level, compress_flag;
diff --git a/ssh-add.c b/ssh-add.c
index da6f3dcf1..78144ee44 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -253,7 +253,7 @@ main(int argc, char **argv)
253 __progname = get_progname(argv[0]); 253 __progname = get_progname(argv[0]);
254 init_rng(); 254 init_rng();
255 255
256 SSLeay_add_all_algorithms(); 256 SSLeay_add_all_algorithms();
257 257
258 /* At first, get a connection to the authentication agent. */ 258 /* At first, get a connection to the authentication agent. */
259 ac = ssh_get_authentication_connection(); 259 ac = ssh_get_authentication_connection();
diff --git a/ssh-agent.c b/ssh-agent.c
index deed3ecae..c23d73b7e 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -728,7 +728,7 @@ main(int ac, char **av)
728 728
729 __progname = get_progname(av[0]); 729 __progname = get_progname(av[0]);
730 init_rng(); 730 init_rng();
731 731
732#ifdef __GNU_LIBRARY__ 732#ifdef __GNU_LIBRARY__
733 while ((ch = getopt(ac, av, "+cks")) != -1) { 733 while ((ch = getopt(ac, av, "+cks")) != -1) {
734#else /* __GNU_LIBRARY__ */ 734#else /* __GNU_LIBRARY__ */
diff --git a/ssh-dss.c b/ssh-dss.c
index 2366c2117..bfef1350c 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -185,7 +185,7 @@ ssh_dss_verify(
185 memset(sigblob, 0, len); 185 memset(sigblob, 0, len);
186 xfree(sigblob); 186 xfree(sigblob);
187 } 187 }
188 188
189 /* sha1 the data */ 189 /* sha1 the data */
190 dlen = evp_md->md_size; 190 dlen = evp_md->md_size;
191 digest = xmalloc(dlen); 191 digest = xmalloc(dlen);
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 9f519e596..1f7e96766 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -128,7 +128,7 @@ try_load_key(char *filename, Key *k)
128#define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----" 128#define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----"
129#define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----" 129#define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----"
130#define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----" 130#define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----"
131#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb 131#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb
132 132
133void 133void
134do_convert_to_ssh2(struct passwd *pw) 134do_convert_to_ssh2(struct passwd *pw)
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index f753ce821..4c8fcc051 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -509,7 +509,7 @@ conloop(void)
509 c = tq.tqh_first; 509 c = tq.tqh_first;
510 while (c && 510 while (c &&
511 (c->c_tv.tv_sec < now.tv_sec || 511 (c->c_tv.tv_sec < now.tv_sec ||
512 (c->c_tv.tv_sec == now.tv_sec && c->c_tv.tv_usec < now.tv_usec))) { 512 (c->c_tv.tv_sec == now.tv_sec && c->c_tv.tv_usec < now.tv_usec))) {
513 int s = c->c_fd; 513 int s = c->c_fd;
514 c = c->c_link.tqe_next; 514 c = c->c_link.tqe_next;
515 conrecycle(s); 515 conrecycle(s);
diff --git a/ssh.c b/ssh.c
index 9eb40967e..5f8ae9549 100644
--- a/ssh.c
+++ b/ssh.c
@@ -156,7 +156,7 @@ usage()
156#ifdef AFS 156#ifdef AFS
157 fprintf(stderr, " -k Disable Kerberos ticket and AFS token forwarding.\n"); 157 fprintf(stderr, " -k Disable Kerberos ticket and AFS token forwarding.\n");
158#endif /* AFS */ 158#endif /* AFS */
159 fprintf(stderr, " -X Enable X11 connection forwarding.\n"); 159 fprintf(stderr, " -X Enable X11 connection forwarding.\n");
160 fprintf(stderr, " -x Disable X11 connection forwarding.\n"); 160 fprintf(stderr, " -x Disable X11 connection forwarding.\n");
161 fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n"); 161 fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n");
162 fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); 162 fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n");
@@ -1035,7 +1035,7 @@ ssh_session2(void)
1035 1035
1036 /* XXX should be pre-session */ 1036 /* XXX should be pre-session */
1037 ssh_init_forwarding(); 1037 ssh_init_forwarding();
1038 1038
1039 /* If requested, let ssh continue in the background. */ 1039 /* If requested, let ssh continue in the background. */
1040 if (fork_after_authentication_flag) 1040 if (fork_after_authentication_flag)
1041 if (daemon(1, 1) < 0) 1041 if (daemon(1, 1) < 0)
diff --git a/sshconnect.c b/sshconnect.c
index 2a2aa98e7..a10a689df 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -328,7 +328,7 @@ ssh_exchange_identification()
328 int remote_major, remote_minor, i, mismatch; 328 int remote_major, remote_minor, i, mismatch;
329 int connection_in = packet_get_connection_in(); 329 int connection_in = packet_get_connection_in();
330 int connection_out = packet_get_connection_out(); 330 int connection_out = packet_get_connection_out();
331 int minor1 = PROTOCOL_MINOR_1; 331 int minor1 = PROTOCOL_MINOR_1;
332 332
333 /* Read other side\'s version identification. */ 333 /* Read other side\'s version identification. */
334 for (;;) { 334 for (;;) {
@@ -688,7 +688,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
688 error("X11 forwarding is disabled to avoid trojan horses."); 688 error("X11 forwarding is disabled to avoid trojan horses.");
689 options.forward_x11 = 0; 689 options.forward_x11 = 0;
690 } 690 }
691 if (options.num_local_forwards > 0 || options.num_remote_forwards > 0) { 691 if (options.num_local_forwards > 0 || options.num_remote_forwards > 0) {
692 error("Port forwarding is disabled to avoid trojan horses."); 692 error("Port forwarding is disabled to avoid trojan horses.");
693 options.num_local_forwards = options.num_remote_forwards = 0; 693 options.num_local_forwards = options.num_remote_forwards = 0;
694 } 694 }
diff --git a/sshconnect2.c b/sshconnect2.c
index 1d911b9bb..6bd524e0b 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -145,7 +145,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
145/* diffie-hellman-group1-sha1 */ 145/* diffie-hellman-group1-sha1 */
146 146
147void 147void
148ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr, 148ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr,
149 Buffer *client_kexinit, Buffer *server_kexinit) 149 Buffer *client_kexinit, Buffer *server_kexinit)
150{ 150{
151#ifdef DEBUG_KEXDH 151#ifdef DEBUG_KEXDH
@@ -281,7 +281,7 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr,
281int 281int
282dh_estimate(int bits) 282dh_estimate(int bits)
283{ 283{
284 284
285 if (bits < 64) 285 if (bits < 64)
286 return (512); /* O(2**63) */ 286 return (512); /* O(2**63) */
287 if (bits < 128) 287 if (bits < 128)
@@ -416,7 +416,7 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr,
416 buffer_ptr(client_kexinit), buffer_len(client_kexinit), 416 buffer_ptr(client_kexinit), buffer_len(client_kexinit),
417 buffer_ptr(server_kexinit), buffer_len(server_kexinit), 417 buffer_ptr(server_kexinit), buffer_len(server_kexinit),
418 server_host_key_blob, sbloblen, 418 server_host_key_blob, sbloblen,
419 nbits, dh->p, dh->g, 419 nbits, dh->p, dh->g,
420 dh->pub_key, 420 dh->pub_key,
421 dh_server_pub, 421 dh_server_pub,
422 shared_secret 422 shared_secret
@@ -608,7 +608,7 @@ input_userauth_failure(int type, int plen, void *ctxt)
608 for (;;) { 608 for (;;) {
609 method = authmethod_get(authlist); 609 method = authmethod_get(authlist);
610 if (method == NULL) 610 if (method == NULL)
611 fatal("Unable to find an authentication method"); 611 fatal("Unable to find an authentication method");
612 authctxt->method = method; 612 authctxt->method = method;
613 if (method->userauth(authctxt) != 0) { 613 if (method->userauth(authctxt) != 0) {
614 debug2("we sent a %s packet, wait for reply", method->name); 614 debug2("we sent a %s packet, wait for reply", method->name);
@@ -617,7 +617,7 @@ input_userauth_failure(int type, int plen, void *ctxt)
617 debug2("we did not send a packet, disable method"); 617 debug2("we did not send a packet, disable method");
618 method->enabled = NULL; 618 method->enabled = NULL;
619 } 619 }
620 } 620 }
621 xfree(authlist); 621 xfree(authlist);
622} 622}
623 623
@@ -683,7 +683,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
683 buffer_init(&b); 683 buffer_init(&b);
684 if (datafellows & SSH_OLD_SESSIONID) { 684 if (datafellows & SSH_OLD_SESSIONID) {
685 buffer_append(&b, session_id2, session_id2_len); 685 buffer_append(&b, session_id2, session_id2_len);
686 skip = session_id2_len; 686 skip = session_id2_len;
687 } else { 687 } else {
688 buffer_put_string(&b, session_id2, session_id2_len); 688 buffer_put_string(&b, session_id2, session_id2_len);
689 skip = buffer_len(&b); 689 skip = buffer_len(&b);
@@ -699,7 +699,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
699 } else { 699 } else {
700 buffer_put_cstring(&b, authctxt->method->name); 700 buffer_put_cstring(&b, authctxt->method->name);
701 buffer_put_char(&b, have_sig); 701 buffer_put_char(&b, have_sig);
702 buffer_put_cstring(&b, key_ssh_name(k)); 702 buffer_put_cstring(&b, key_ssh_name(k));
703 } 703 }
704 buffer_put_string(&b, blob, bloblen); 704 buffer_put_string(&b, blob, bloblen);
705 705
@@ -722,7 +722,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
722 buffer_put_cstring(&b, authctxt->method->name); 722 buffer_put_cstring(&b, authctxt->method->name);
723 buffer_put_char(&b, have_sig); 723 buffer_put_char(&b, have_sig);
724 if (!(datafellows & SSH_BUG_PKAUTH)) 724 if (!(datafellows & SSH_BUG_PKAUTH))
725 buffer_put_cstring(&b, key_ssh_name(k)); 725 buffer_put_cstring(&b, key_ssh_name(k));
726 buffer_put_string(&b, blob, bloblen); 726 buffer_put_string(&b, blob, bloblen);
727 } 727 }
728 xfree(blob); 728 xfree(blob);
@@ -1011,14 +1011,14 @@ authmethod_lookup(const char *name)
1011 * use a built-in default list. If the server sends a nil list after 1011 * use a built-in default list. If the server sends a nil list after
1012 * previously sending a valid list, continue using the list originally 1012 * previously sending a valid list, continue using the list originally
1013 * sent. 1013 * sent.
1014 */ 1014 */
1015 1015
1016Authmethod * 1016Authmethod *
1017authmethod_get(char *authlist) 1017authmethod_get(char *authlist)
1018{ 1018{
1019 char *name = NULL, *authname_old; 1019 char *name = NULL, *authname_old;
1020 Authmethod *method = NULL; 1020 Authmethod *method = NULL;
1021 1021
1022 /* Use a suitable default if we're passed a nil list. */ 1022 /* Use a suitable default if we're passed a nil list. */
1023 if (authlist == NULL || strlen(authlist) == 0) 1023 if (authlist == NULL || strlen(authlist) == 0)
1024 authlist = def_authlist; 1024 authlist = def_authlist;
diff --git a/sshd.c b/sshd.c
index 02fe2ec42..e38d9b986 100644
--- a/sshd.c
+++ b/sshd.c
@@ -429,7 +429,7 @@ destroy_sensitive_data(void)
429 key_free(sensitive_data.server_key); 429 key_free(sensitive_data.server_key);
430 sensitive_data.server_key = NULL; 430 sensitive_data.server_key = NULL;
431 } 431 }
432 for(i = 0; i < options.num_host_key_files; i++) { 432 for(i = 0; i < options.num_host_key_files; i++) {
433 if (sensitive_data.host_keys[i]) { 433 if (sensitive_data.host_keys[i]) {
434 key_free(sensitive_data.host_keys[i]); 434 key_free(sensitive_data.host_keys[i]);
435 sensitive_data.host_keys[i] = NULL; 435 sensitive_data.host_keys[i] = NULL;
@@ -983,7 +983,7 @@ main(int ac, char **av)
983 startups++; 983 startups++;
984 break; 984 break;
985 } 985 }
986 986
987 /* 987 /*
988 * Got connection. Fork a child to handle it, unless 988 * Got connection. Fork a child to handle it, unless
989 * we are in debugging mode. 989 * we are in debugging mode.
@@ -1507,7 +1507,7 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
1507 fprintf(stderr, "\npub= "); 1507 fprintf(stderr, "\npub= ");
1508 BN_print_fp(stderr, dh->pub_key); 1508 BN_print_fp(stderr, dh->pub_key);
1509 fprintf(stderr, "\n"); 1509 fprintf(stderr, "\n");
1510 DHparams_print_fp(stderr, dh); 1510 DHparams_print_fp(stderr, dh);
1511#endif 1511#endif
1512 if (!dh_pub_is_valid(dh, dh_client_pub)) 1512 if (!dh_pub_is_valid(dh, dh_client_pub))
1513 packet_disconnect("bad client public DH value"); 1513 packet_disconnect("bad client public DH value");
@@ -1650,7 +1650,7 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit)
1650 fprintf(stderr, "\npub= "); 1650 fprintf(stderr, "\npub= ");
1651 BN_print_fp(stderr, dh->pub_key); 1651 BN_print_fp(stderr, dh->pub_key);
1652 fprintf(stderr, "\n"); 1652 fprintf(stderr, "\n");
1653 DHparams_print_fp(stderr, dh); 1653 DHparams_print_fp(stderr, dh);
1654#endif 1654#endif
1655 if (!dh_pub_is_valid(dh, dh_client_pub)) 1655 if (!dh_pub_is_valid(dh, dh_client_pub))
1656 packet_disconnect("bad client public DH value"); 1656 packet_disconnect("bad client public DH value");
diff --git a/xmalloc.c b/xmalloc.c
index 819eaf57a..35f668df3 100644
--- a/xmalloc.c
+++ b/xmalloc.c
@@ -4,7 +4,7 @@
4 * All rights reserved 4 * All rights reserved
5 * Versions of malloc and friends that check their results, and never return 5 * Versions of malloc and friends that check their results, and never return
6 * failure (they call fatal if they encounter an error). 6 * failure (they call fatal if they encounter an error).
7 * 7 *
8 * As far as I am concerned, the code I have written for this software 8 * As far as I am concerned, the code I have written for this software
9 * can be used freely for any purpose. Any derived versions of this 9 * can be used freely for any purpose. Any derived versions of this
10 * software must be clearly marked as such, and if the derived work is 10 * software must be clearly marked as such, and if the derived work is
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 17:48:47 +0000