diff options
82 files changed, 855 insertions, 851 deletions
@@ -1,6 +1,6 @@ | |||
1 | Tatu Ylonen <ylo@cs.hut.fi> - Creator of SSH | 1 | Tatu Ylonen <ylo@cs.hut.fi> - Creator of SSH |
2 | 2 | ||
3 | Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, | 3 | Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, |
4 | Theo de Raadt, and Dug Song - Creators of OpenSSH | 4 | Theo de Raadt, and Dug Song - Creators of OpenSSH |
5 | 5 | ||
6 | Alain St-Denis <Alain.St-Denis@ec.gc.ca> - Irix fix | 6 | Alain St-Denis <Alain.St-Denis@ec.gc.ca> - Irix fix |
@@ -94,5 +94,5 @@ Apologies to anyone I have missed. | |||
94 | 94 | ||
95 | Damien Miller <djm@mindrot.org> | 95 | Damien Miller <djm@mindrot.org> |
96 | 96 | ||
97 | $Id: CREDITS,v 1.74 2003/09/07 02:34:54 dtucker Exp $ | 97 | $Id: CREDITS,v 1.75 2003/11/21 12:48:55 djm Exp $ |
98 | 98 | ||
@@ -3,6 +3,10 @@ | |||
3 | - markus@cvs.openbsd.org 2003/11/20 11:39:28 | 3 | - markus@cvs.openbsd.org 2003/11/20 11:39:28 |
4 | [progressmeter.c] | 4 | [progressmeter.c] |
5 | fix rounding errors; from andreas@ | 5 | fix rounding errors; from andreas@ |
6 | - djm@cvs.openbsd.org 2003/11/21 11:57:03 | ||
7 | [everything] | ||
8 | unexpand and delete whitespace at EOL; ok markus@ | ||
9 | (done locally and RCS IDs synced) | ||
6 | 10 | ||
7 | 20031118 | 11 | 20031118 |
8 | - (djm) Fix early exit for root auth success when UsePAM=yes and | 12 | - (djm) Fix early exit for root auth success when UsePAM=yes and |
@@ -1494,4 +1498,4 @@ | |||
1494 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. | 1498 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. |
1495 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au | 1499 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au |
1496 | 1500 | ||
1497 | $Id: ChangeLog,v 1.3118 2003/11/21 12:09:10 djm Exp $ | 1501 | $Id: ChangeLog,v 1.3119 2003/11/21 12:48:55 djm Exp $ |
@@ -4,21 +4,21 @@ | |||
4 | You will need working installations of Zlib and OpenSSL. | 4 | You will need working installations of Zlib and OpenSSL. |
5 | 5 | ||
6 | Zlib 1.1.4 or greater: | 6 | Zlib 1.1.4 or greater: |
7 | http://www.gzip.org/zlib/ | 7 | http://www.gzip.org/zlib/ |
8 | 8 | ||
9 | OpenSSL 0.9.6 or greater: | 9 | OpenSSL 0.9.6 or greater: |
10 | http://www.openssl.org/ | 10 | http://www.openssl.org/ |
11 | 11 | ||
12 | (OpenSSL 0.9.5a is partially supported, but some ciphers (SSH protocol 1 | 12 | (OpenSSL 0.9.5a is partially supported, but some ciphers (SSH protocol 1 |
13 | Blowfish) do not work correctly.) | 13 | Blowfish) do not work correctly.) |
14 | 14 | ||
15 | OpenSSH can utilise Pluggable Authentication Modules (PAM) if your system | 15 | OpenSSH can utilise Pluggable Authentication Modules (PAM) if your system |
16 | supports it. PAM is standard on Redhat and Debian Linux, Solaris and | 16 | supports it. PAM is standard on Redhat and Debian Linux, Solaris and |
17 | HP-UX 11. | 17 | HP-UX 11. |
18 | 18 | ||
19 | NB. If you operating system supports /dev/random, you should configure | 19 | NB. If you operating system supports /dev/random, you should configure |
20 | OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of | 20 | OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of |
21 | /dev/random. If you don't you will have to rely on ssh-rand-helper, which | 21 | /dev/random. If you don't you will have to rely on ssh-rand-helper, which |
22 | is inferior to a good kernel-based solution. | 22 | is inferior to a good kernel-based solution. |
23 | 23 | ||
24 | PAM: | 24 | PAM: |
@@ -37,7 +37,7 @@ http://www.jmknoble.net/software/x11-ssh-askpass/ | |||
37 | 37 | ||
38 | PRNGD: | 38 | PRNGD: |
39 | 39 | ||
40 | If your system lacks Kernel based random collection, the use of Lutz | 40 | If your system lacks Kernel based random collection, the use of Lutz |
41 | Jaenicke's PRNGd is recommended. | 41 | Jaenicke's PRNGd is recommended. |
42 | 42 | ||
43 | http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html | 43 | http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html |
@@ -54,7 +54,7 @@ http://www.sparc.spb.su/solaris/skey/ | |||
54 | 54 | ||
55 | If you wish to use --with-skey then you will need the above library | 55 | If you wish to use --with-skey then you will need the above library |
56 | installed. No other current S/Key library is currently known to be | 56 | installed. No other current S/Key library is currently known to be |
57 | supported. | 57 | supported. |
58 | 58 | ||
59 | 2. Building / Installation | 59 | 2. Building / Installation |
60 | -------------------------- | 60 | -------------------------- |
@@ -73,7 +73,7 @@ installation prefix, use the --prefix option to configure: | |||
73 | make | 73 | make |
74 | make install | 74 | make install |
75 | 75 | ||
76 | Will install OpenSSH in /opt/{bin,etc,lib,sbin}. You can also override | 76 | Will install OpenSSH in /opt/{bin,etc,lib,sbin}. You can also override |
77 | specific paths, for example: | 77 | specific paths, for example: |
78 | 78 | ||
79 | ./configure --prefix=/opt --sysconfdir=/etc/ssh | 79 | ./configure --prefix=/opt --sysconfdir=/etc/ssh |
@@ -104,26 +104,26 @@ There are a few other options to the configure script: | |||
104 | --with-pam enables PAM support. If PAM support is compiled in, it must | 104 | --with-pam enables PAM support. If PAM support is compiled in, it must |
105 | also be enabled in sshd_config (refer to the UsePAM directive). | 105 | also be enabled in sshd_config (refer to the UsePAM directive). |
106 | 106 | ||
107 | --with-prngd-socket=/some/file allows you to enable EGD or PRNGD | 107 | --with-prngd-socket=/some/file allows you to enable EGD or PRNGD |
108 | support and to specify a PRNGd socket. Use this if your Unix lacks | 108 | support and to specify a PRNGd socket. Use this if your Unix lacks |
109 | /dev/random and you don't want to use OpenSSH's builtin entropy | 109 | /dev/random and you don't want to use OpenSSH's builtin entropy |
110 | collection support. | 110 | collection support. |
111 | 111 | ||
112 | --with-prngd-port=portnum allows you to enable EGD or PRNGD support | 112 | --with-prngd-port=portnum allows you to enable EGD or PRNGD support |
113 | and to specify a EGD localhost TCP port. Use this if your Unix lacks | 113 | and to specify a EGD localhost TCP port. Use this if your Unix lacks |
114 | /dev/random and you don't want to use OpenSSH's builtin entropy | 114 | /dev/random and you don't want to use OpenSSH's builtin entropy |
115 | collection support. | 115 | collection support. |
116 | 116 | ||
117 | --with-lastlog=FILE will specify the location of the lastlog file. | 117 | --with-lastlog=FILE will specify the location of the lastlog file. |
118 | ./configure searches a few locations for lastlog, but may not find | 118 | ./configure searches a few locations for lastlog, but may not find |
119 | it if lastlog is installed in a different place. | 119 | it if lastlog is installed in a different place. |
120 | 120 | ||
121 | --without-lastlog will disable lastlog support entirely. | 121 | --without-lastlog will disable lastlog support entirely. |
122 | 122 | ||
123 | --with-osfsia, --without-osfsia will enable or disable OSF1's Security | 123 | --with-osfsia, --without-osfsia will enable or disable OSF1's Security |
124 | Integration Architecture. The default for OSF1 machines is enable. | 124 | Integration Architecture. The default for OSF1 machines is enable. |
125 | 125 | ||
126 | --with-skey=PATH will enable S/Key one time password support. You will | 126 | --with-skey=PATH will enable S/Key one time password support. You will |
127 | need the S/Key libraries and header files installed for this to work. | 127 | need the S/Key libraries and header files installed for this to work. |
128 | 128 | ||
129 | --with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny) | 129 | --with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny) |
@@ -134,12 +134,12 @@ if your operating system uses MD5 passwords and the system crypt() does | |||
134 | not support them directly (see the crypt(3/3c) man page). If enabled, the | 134 | not support them directly (see the crypt(3/3c) man page). If enabled, the |
135 | resulting binary will support both MD5 and traditional crypt passwords. | 135 | resulting binary will support both MD5 and traditional crypt passwords. |
136 | 136 | ||
137 | --with-utmpx enables utmpx support. utmpx support is automatic for | 137 | --with-utmpx enables utmpx support. utmpx support is automatic for |
138 | some platforms. | 138 | some platforms. |
139 | 139 | ||
140 | --without-shadow disables shadow password support. | 140 | --without-shadow disables shadow password support. |
141 | 141 | ||
142 | --with-ipaddr-display forces the use of a numeric IP address in the | 142 | --with-ipaddr-display forces the use of a numeric IP address in the |
143 | $DISPLAY environment variable. Some broken systems need this. | 143 | $DISPLAY environment variable. Some broken systems need this. |
144 | 144 | ||
145 | --with-default-path=PATH allows you to specify a default $PATH for sessions | 145 | --with-default-path=PATH allows you to specify a default $PATH for sessions |
@@ -169,35 +169,35 @@ CFLAGS="-O -m486" LDFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure | |||
169 | 3. Configuration | 169 | 3. Configuration |
170 | ---------------- | 170 | ---------------- |
171 | 171 | ||
172 | The runtime configuration files are installed by in ${prefix}/etc or | 172 | The runtime configuration files are installed by in ${prefix}/etc or |
173 | whatever you specified as your --sysconfdir (/usr/local/etc by default). | 173 | whatever you specified as your --sysconfdir (/usr/local/etc by default). |
174 | 174 | ||
175 | The default configuration should be instantly usable, though you should | 175 | The default configuration should be instantly usable, though you should |
176 | review it to ensure that it matches your security requirements. | 176 | review it to ensure that it matches your security requirements. |
177 | 177 | ||
178 | To generate a host key, run "make host-key". Alternately you can do so | 178 | To generate a host key, run "make host-key". Alternately you can do so |
179 | manually using the following commands: | 179 | manually using the following commands: |
180 | 180 | ||
181 | ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N "" | 181 | ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N "" |
182 | ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" | 182 | ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" |
183 | ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N "" | 183 | ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N "" |
184 | 184 | ||
185 | Replacing /etc/ssh with the correct path to the configuration directory. | 185 | Replacing /etc/ssh with the correct path to the configuration directory. |
186 | (${prefix}/etc or whatever you specified with --sysconfdir during | 186 | (${prefix}/etc or whatever you specified with --sysconfdir during |
187 | configuration) | 187 | configuration) |
188 | 188 | ||
189 | If you have configured OpenSSH with EGD support, ensure that EGD is | 189 | If you have configured OpenSSH with EGD support, ensure that EGD is |
190 | running and has collected some Entropy. | 190 | running and has collected some Entropy. |
191 | 191 | ||
192 | For more information on configuration, please refer to the manual pages | 192 | For more information on configuration, please refer to the manual pages |
193 | for sshd, ssh and ssh-agent. | 193 | for sshd, ssh and ssh-agent. |
194 | 194 | ||
195 | 4. Problems? | 195 | 4. Problems? |
196 | ------------ | 196 | ------------ |
197 | 197 | ||
198 | If you experience problems compiling, installing or running OpenSSH. | 198 | If you experience problems compiling, installing or running OpenSSH. |
199 | Please refer to the "reporting bugs" section of the webpage at | 199 | Please refer to the "reporting bugs" section of the webpage at |
200 | http://www.openssh.com/ | 200 | http://www.openssh.com/ |
201 | 201 | ||
202 | 202 | ||
203 | $Id: INSTALL,v 1.62 2003/10/21 02:41:14 dtucker Exp $ | 203 | $Id: INSTALL,v 1.63 2003/11/21 12:48:55 djm Exp $ |
@@ -45,16 +45,16 @@ OpenSSH contains no GPL code. | |||
45 | software are publicly available on the Internet and at any major | 45 | software are publicly available on the Internet and at any major |
46 | bookstore, scientific library, and patent office worldwide. More | 46 | bookstore, scientific library, and patent office worldwide. More |
47 | information can be found e.g. at "http://www.cs.hut.fi/crypto". | 47 | information can be found e.g. at "http://www.cs.hut.fi/crypto". |
48 | 48 | ||
49 | The legal status of this program is some combination of all these | 49 | The legal status of this program is some combination of all these |
50 | permissions and restrictions. Use only at your own responsibility. | 50 | permissions and restrictions. Use only at your own responsibility. |
51 | You will be responsible for any legal consequences yourself; I am not | 51 | You will be responsible for any legal consequences yourself; I am not |
52 | making any claims whether possessing or using this is legal or not in | 52 | making any claims whether possessing or using this is legal or not in |
53 | your country, and I am not taking any responsibility on your behalf. | 53 | your country, and I am not taking any responsibility on your behalf. |
54 | 54 | ||
55 | 55 | ||
56 | NO WARRANTY | 56 | NO WARRANTY |
57 | 57 | ||
58 | BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY | 58 | BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY |
59 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN | 59 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN |
60 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES | 60 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES |
@@ -64,7 +64,7 @@ OpenSSH contains no GPL code. | |||
64 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE | 64 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE |
65 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, | 65 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, |
66 | REPAIR OR CORRECTION. | 66 | REPAIR OR CORRECTION. |
67 | 67 | ||
68 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING | 68 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING |
69 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR | 69 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR |
70 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, | 70 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, |
@@ -112,15 +112,15 @@ OpenSSH contains no GPL code. | |||
112 | with the following license: | 112 | with the following license: |
113 | 113 | ||
114 | * @version 3.0 (December 2000) | 114 | * @version 3.0 (December 2000) |
115 | * | 115 | * |
116 | * Optimised ANSI C code for the Rijndael cipher (now AES) | 116 | * Optimised ANSI C code for the Rijndael cipher (now AES) |
117 | * | 117 | * |
118 | * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> | 118 | * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> |
119 | * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> | 119 | * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> |
120 | * @author Paulo Barreto <paulo.barreto@terra.com.br> | 120 | * @author Paulo Barreto <paulo.barreto@terra.com.br> |
121 | * | 121 | * |
122 | * This code is hereby placed in the public domain. | 122 | * This code is hereby placed in the public domain. |
123 | * | 123 | * |
124 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS | 124 | * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS |
125 | * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | 125 | * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
126 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | 126 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
@@ -183,7 +183,7 @@ OpenSSH contains no GPL code. | |||
183 | Nils Nordman | 183 | Nils Nordman |
184 | Simon Wilkinson | 184 | Simon Wilkinson |
185 | 185 | ||
186 | Portable OpenSSH additionally includes code from the following copyright | 186 | Portable OpenSSH additionally includes code from the following copyright |
187 | holders, also under the 2-term BSD license: | 187 | holders, also under the 2-term BSD license: |
188 | 188 | ||
189 | Ben Lindstrom | 189 | Ben Lindstrom |
@@ -229,24 +229,24 @@ OpenSSH contains no GPL code. | |||
229 | a) md5crypt.c, md5crypt.h | 229 | a) md5crypt.c, md5crypt.h |
230 | 230 | ||
231 | * "THE BEER-WARE LICENSE" (Revision 42): | 231 | * "THE BEER-WARE LICENSE" (Revision 42): |
232 | * <phk@login.dknet.dk> wrote this file. As long as you retain this | 232 | * <phk@login.dknet.dk> wrote this file. As long as you retain this |
233 | * notice you can do whatever you want with this stuff. If we meet | 233 | * notice you can do whatever you want with this stuff. If we meet |
234 | * some day, and you think this stuff is worth it, you can buy me a | 234 | * some day, and you think this stuff is worth it, you can buy me a |
235 | * beer in return. Poul-Henning Kamp | 235 | * beer in return. Poul-Henning Kamp |
236 | 236 | ||
237 | b) snprintf replacement | 237 | b) snprintf replacement |
238 | 238 | ||
239 | * Copyright Patrick Powell 1995 | 239 | * Copyright Patrick Powell 1995 |
240 | * This code is based on code written by Patrick Powell | 240 | * This code is based on code written by Patrick Powell |
241 | * (papowell@astart.com) It may be used for any purpose as long as this | 241 | * (papowell@astart.com) It may be used for any purpose as long as this |
242 | * notice remains intact on all source code distributions | 242 | * notice remains intact on all source code distributions |
243 | 243 | ||
244 | c) Compatibility code (openbsd-compat) | 244 | c) Compatibility code (openbsd-compat) |
245 | 245 | ||
246 | Apart from the previously mentioned licenses, various pieces of code | 246 | Apart from the previously mentioned licenses, various pieces of code |
247 | in the openbsd-compat/ subdirectory are licensed as follows: | 247 | in the openbsd-compat/ subdirectory are licensed as follows: |
248 | 248 | ||
249 | Some code is licensed under a 3-term BSD license, to the following | 249 | Some code is licensed under a 3-term BSD license, to the following |
250 | copyright holders: | 250 | copyright holders: |
251 | 251 | ||
252 | Todd C. Miller | 252 | Todd C. Miller |
@@ -279,7 +279,7 @@ OpenSSH contains no GPL code. | |||
279 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 279 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
280 | * SUCH DAMAGE. | 280 | * SUCH DAMAGE. |
281 | 281 | ||
282 | Some code is licensed under an ISC-style license, to the following | 282 | Some code is licensed under an ISC-style license, to the following |
283 | copyright holders: | 283 | copyright holders: |
284 | 284 | ||
285 | Internet Software Consortium. | 285 | Internet Software Consortium. |
@@ -297,7 +297,7 @@ OpenSSH contains no GPL code. | |||
297 | * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN | 297 | * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN |
298 | * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 298 | * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
299 | 299 | ||
300 | Some code is licensed under a MIT-style license to the following | 300 | Some code is licensed under a MIT-style license to the following |
301 | copyright holders: | 301 | copyright holders: |
302 | 302 | ||
303 | Free Software Foundation, Inc. | 303 | Free Software Foundation, Inc. |
@@ -329,4 +329,4 @@ OpenSSH contains no GPL code. | |||
329 | 329 | ||
330 | 330 | ||
331 | ------ | 331 | ------ |
332 | $OpenBSD: LICENCE,v 1.17 2003/08/22 20:55:06 markus Exp $ | 332 | $OpenBSD: LICENCE,v 1.18 2003/11/21 11:57:02 djm Exp $ |
diff --git a/Makefile.in b/Makefile.in index 61e3d4076..f1098fcb0 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: Makefile.in,v 1.252 2003/10/07 00:18:22 djm Exp $ | 1 | # $Id: Makefile.in,v 1.253 2003/11/21 12:48:55 djm Exp $ |
2 | 2 | ||
3 | # uncomment if you run a non bourne compatable shell. Ie. csh | 3 | # uncomment if you run a non bourne compatable shell. Ie. csh |
4 | #SHELL = @SH@ | 4 | #SHELL = @SH@ |
@@ -140,22 +140,22 @@ scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o | |||
140 | $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 140 | $(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
141 | 141 | ||
142 | ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o | 142 | ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o |
143 | $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 143 | $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
144 | 144 | ||
145 | ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o | 145 | ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o |
146 | $(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 146 | $(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
147 | 147 | ||
148 | ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o | 148 | ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o |
149 | $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 149 | $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
150 | 150 | ||
151 | ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o | 151 | ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o |
152 | $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 152 | $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
153 | 153 | ||
154 | ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o | 154 | ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o |
155 | $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) | 155 | $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) |
156 | 156 | ||
157 | sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o | 157 | sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o |
158 | $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 158 | $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
159 | 159 | ||
160 | sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-int.o sftp-common.o sftp-glob.o progressmeter.o | 160 | sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-int.o sftp-common.o sftp-glob.o progressmeter.o |
161 | $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-int.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 161 | $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-int.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
@@ -193,12 +193,12 @@ moduli: | |||
193 | echo | 193 | echo |
194 | 194 | ||
195 | clean: regressclean | 195 | clean: regressclean |
196 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log | 196 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log |
197 | rm -f *.out core | 197 | rm -f *.out core |
198 | (cd openbsd-compat && $(MAKE) clean) | 198 | (cd openbsd-compat && $(MAKE) clean) |
199 | 199 | ||
200 | distclean: regressclean | 200 | distclean: regressclean |
201 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log | 201 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log |
202 | rm -f *.out core | 202 | rm -f *.out core |
203 | rm -f Makefile config.h config.status ssh_prng_cmds *~ | 203 | rm -f Makefile config.h config.status ssh_prng_cmds *~ |
204 | rm -rf autom4te.cache | 204 | rm -rf autom4te.cache |
@@ -343,7 +343,7 @@ uninstallall: uninstall | |||
343 | -rmdir $(DESTDIR)$(mandir) | 343 | -rmdir $(DESTDIR)$(mandir) |
344 | -rmdir $(DESTDIR)$(libexecdir) | 344 | -rmdir $(DESTDIR)$(libexecdir) |
345 | 345 | ||
346 | uninstall: | 346 | uninstall: |
347 | -rm -f $(DESTDIR)$(bindir)/slogin | 347 | -rm -f $(DESTDIR)$(bindir)/slogin |
348 | -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT) | 348 | -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT) |
349 | -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT) | 349 | -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT) |
@@ -5,7 +5,7 @@ to developers.] | |||
5 | 5 | ||
6 | This document is intended for those who wish to read the ssh source | 6 | This document is intended for those who wish to read the ssh source |
7 | code. This tries to give an overview of the structure of the code. | 7 | code. This tries to give an overview of the structure of the code. |
8 | 8 | ||
9 | Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi> | 9 | Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi> |
10 | Updated 17 Nov 1995. | 10 | Updated 17 Nov 1995. |
11 | Updated 19 Oct 1999 for OpenSSH-1.2 | 11 | Updated 19 Oct 1999 for OpenSSH-1.2 |
@@ -20,7 +20,7 @@ There are some subsystems/abstractions that are used by a number of | |||
20 | these programs. | 20 | these programs. |
21 | 21 | ||
22 | Buffer manipulation routines | 22 | Buffer manipulation routines |
23 | 23 | ||
24 | - These provide an arbitrary size buffer, where data can be appended. | 24 | - These provide an arbitrary size buffer, where data can be appended. |
25 | Data can be consumed from either end. The code is used heavily | 25 | Data can be consumed from either end. The code is used heavily |
26 | throughout ssh. The basic buffer manipulation functions are in | 26 | throughout ssh. The basic buffer manipulation functions are in |
@@ -28,7 +28,7 @@ these programs. | |||
28 | data types is in bufaux.c. | 28 | data types is in bufaux.c. |
29 | 29 | ||
30 | Compression Library | 30 | Compression Library |
31 | 31 | ||
32 | - Ssh uses the GNU GZIP compression library (ZLIB). | 32 | - Ssh uses the GNU GZIP compression library (ZLIB). |
33 | 33 | ||
34 | Encryption/Decryption | 34 | Encryption/Decryption |
@@ -89,7 +89,7 @@ these programs. | |||
89 | code is linked into the server. The routines also manipulate | 89 | code is linked into the server. The routines also manipulate |
90 | known hosts files using code in hostfile.c. Code in canohost.c | 90 | known hosts files using code in hostfile.c. Code in canohost.c |
91 | is used to retrieve the canonical host name of the remote host. | 91 | is used to retrieve the canonical host name of the remote host. |
92 | Code in match.c is used to match host names. | 92 | Code in match.c is used to match host names. |
93 | 93 | ||
94 | - In the client end, authentication code is in sshconnect.c. It | 94 | - In the client end, authentication code is in sshconnect.c. It |
95 | reads Passwords/passphrases using code in readpass.c. It reads | 95 | reads Passwords/passphrases using code in readpass.c. It reads |
@@ -147,10 +147,10 @@ these programs. | |||
147 | operations, and finally the server enters the normal session | 147 | operations, and finally the server enters the normal session |
148 | mode by calling server_loop in serverloop.c. This does the real | 148 | mode by calling server_loop in serverloop.c. This does the real |
149 | work, calling functions in other modules. | 149 | work, calling functions in other modules. |
150 | 150 | ||
151 | - The code for the server is in sshd.c. It contains a lot of | 151 | - The code for the server is in sshd.c. It contains a lot of |
152 | stuff, including: | 152 | stuff, including: |
153 | - server main program | 153 | - server main program |
154 | - waiting for connections | 154 | - waiting for connections |
155 | - processing new connection | 155 | - processing new connection |
156 | - authentication | 156 | - authentication |
@@ -162,9 +162,9 @@ these programs. | |||
162 | 162 | ||
163 | - There are several other files in the distribution that contain | 163 | - There are several other files in the distribution that contain |
164 | various auxiliary routines: | 164 | various auxiliary routines: |
165 | ssh.h the main header file for ssh (various definitions) | 165 | ssh.h the main header file for ssh (various definitions) |
166 | getput.h byte-order independent storage of integers | 166 | getput.h byte-order independent storage of integers |
167 | includes.h includes most system headers. Lots of #ifdefs. | 167 | includes.h includes most system headers. Lots of #ifdefs. |
168 | tildexpand.c expand tilde in file names | 168 | tildexpand.c expand tilde in file names |
169 | uidswap.c uid-swapping | 169 | uidswap.c uid-swapping |
170 | xmalloc.c "safe" malloc routines | 170 | xmalloc.c "safe" malloc routines |
@@ -1,4 +1,4 @@ | |||
1 | - A Japanese translation of this document and of the OpenSSH FAQ is | 1 | - A Japanese translation of this document and of the OpenSSH FAQ is |
2 | - available at http://www.unixuser.org/~haruyama/security/openssh/index.html | 2 | - available at http://www.unixuser.org/~haruyama/security/openssh/index.html |
3 | - Thanks to HARUYAMA Seigo <haruyama@unixuser.org> | 3 | - Thanks to HARUYAMA Seigo <haruyama@unixuser.org> |
4 | 4 | ||
@@ -13,10 +13,10 @@ Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, | |||
13 | and Dug Song. It has a homepage at http://www.openssh.com/ | 13 | and Dug Song. It has a homepage at http://www.openssh.com/ |
14 | 14 | ||
15 | This port consists of the re-introduction of autoconf support, PAM | 15 | This port consists of the re-introduction of autoconf support, PAM |
16 | support (for Linux and Solaris), EGD[1]/PRNGD[2] support and replacements | 16 | support (for Linux and Solaris), EGD[1]/PRNGD[2] support and replacements |
17 | for OpenBSD library functions that are (regrettably) absent from other | 17 | for OpenBSD library functions that are (regrettably) absent from other |
18 | unices. This port has been best tested on Linux, Solaris, HP-UX, NetBSD, | 18 | unices. This port has been best tested on Linux, Solaris, HP-UX, NetBSD, |
19 | Irix and AIX. Support for SCO, NeXT and other Unices is underway. | 19 | Irix and AIX. Support for SCO, NeXT and other Unices is underway. |
20 | This version actively tracks changes in the OpenBSD CVS repository. | 20 | This version actively tracks changes in the OpenBSD CVS repository. |
21 | 21 | ||
22 | The PAM support is now more functional than the popular packages of | 22 | The PAM support is now more functional than the popular packages of |
@@ -32,20 +32,20 @@ Please send bug reports and patches to the mailing list | |||
32 | openssh-unix-dev@mindrot.org. The list is open to posting by | 32 | openssh-unix-dev@mindrot.org. The list is open to posting by |
33 | unsubscribed users. | 33 | unsubscribed users. |
34 | 34 | ||
35 | If you are a citizen of an USA-embargoed country to which export of | 35 | If you are a citizen of an USA-embargoed country to which export of |
36 | cryptographic products is restricted, then please refrain from sending | 36 | cryptographic products is restricted, then please refrain from sending |
37 | crypto-related code or patches to the list. We cannot accept them. | 37 | crypto-related code or patches to the list. We cannot accept them. |
38 | Other code contribution are accepted, but please follow the OpenBSD | 38 | Other code contribution are accepted, but please follow the OpenBSD |
39 | style guidelines[6]. | 39 | style guidelines[6]. |
40 | 40 | ||
41 | Please refer to the INSTALL document for information on how to install | 41 | Please refer to the INSTALL document for information on how to install |
42 | OpenSSH on your system. There are a number of differences between this | 42 | OpenSSH on your system. There are a number of differences between this |
43 | port of OpenSSH and F-Secure SSH 1.x, please refer to the OpenSSH FAQ[7] | 43 | port of OpenSSH and F-Secure SSH 1.x, please refer to the OpenSSH FAQ[7] |
44 | for details and general tips. | 44 | for details and general tips. |
45 | 45 | ||
46 | Damien Miller <djm@mindrot.org> | 46 | Damien Miller <djm@mindrot.org> |
47 | 47 | ||
48 | Miscellania - | 48 | Miscellania - |
49 | 49 | ||
50 | This version of OpenSSH is based upon code retrieved from the OpenBSD | 50 | This version of OpenSSH is based upon code retrieved from the OpenBSD |
51 | CVS repository which in turn was based on the last free sample | 51 | CVS repository which in turn was based on the last free sample |
@@ -63,4 +63,4 @@ References - | |||
63 | [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 | 63 | [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 |
64 | [7] http://www.openssh.com/faq.html | 64 | [7] http://www.openssh.com/faq.html |
65 | 65 | ||
66 | $Id: README,v 1.51 2003/01/08 12:28:40 djm Exp $ | 66 | $Id: README,v 1.52 2003/11/21 12:48:55 djm Exp $ |
diff --git a/README.privsep b/README.privsep index 64adad83b..9d48bbcf9 100644 --- a/README.privsep +++ b/README.privsep | |||
@@ -1,15 +1,15 @@ | |||
1 | Privilege separation, or privsep, is method in OpenSSH by which | 1 | Privilege separation, or privsep, is method in OpenSSH by which |
2 | operations that require root privilege are performed by a separate | 2 | operations that require root privilege are performed by a separate |
3 | privileged monitor process. Its purpose is to prevent privilege | 3 | privileged monitor process. Its purpose is to prevent privilege |
4 | escalation by containing corruption to an unprivileged process. | 4 | escalation by containing corruption to an unprivileged process. |
5 | More information is available at: | 5 | More information is available at: |
6 | http://www.citi.umich.edu/u/provos/ssh/privsep.html | 6 | http://www.citi.umich.edu/u/provos/ssh/privsep.html |
7 | 7 | ||
8 | Privilege separation is now enabled by default; see the | 8 | Privilege separation is now enabled by default; see the |
9 | UsePrivilegeSeparation option in sshd_config(5). | 9 | UsePrivilegeSeparation option in sshd_config(5). |
10 | 10 | ||
11 | On systems which lack mmap or anonymous (MAP_ANON) memory mapping, | 11 | On systems which lack mmap or anonymous (MAP_ANON) memory mapping, |
12 | compression must be disabled in order for privilege separation to | 12 | compression must be disabled in order for privilege separation to |
13 | function. | 13 | function. |
14 | 14 | ||
15 | When privsep is enabled, during the pre-authentication phase sshd will | 15 | When privsep is enabled, during the pre-authentication phase sshd will |
@@ -38,9 +38,9 @@ privsep user and chroot directory: | |||
38 | Privsep requires operating system support for file descriptor passing. | 38 | Privsep requires operating system support for file descriptor passing. |
39 | Compression will be disabled on systems without a working mmap MAP_ANON. | 39 | Compression will be disabled on systems without a working mmap MAP_ANON. |
40 | 40 | ||
41 | PAM-enabled OpenSSH is known to function with privsep on Linux. | 41 | PAM-enabled OpenSSH is known to function with privsep on Linux. |
42 | It does not function on HP-UX with a trusted system | 42 | It does not function on HP-UX with a trusted system |
43 | configuration. | 43 | configuration. |
44 | 44 | ||
45 | On Compaq Tru64 Unix, only the pre-authentication part of privsep is | 45 | On Compaq Tru64 Unix, only the pre-authentication part of privsep is |
46 | supported. Post-authentication privsep is disabled automatically (so | 46 | supported. Post-authentication privsep is disabled automatically (so |
@@ -61,4 +61,4 @@ process 1005 is the sshd process listening for new connections. | |||
61 | process 6917 is the privileged monitor process, 6919 is the user owned | 61 | process 6917 is the privileged monitor process, 6919 is the user owned |
62 | sshd process and 6921 is the shell process. | 62 | sshd process and 6921 is the shell process. |
63 | 63 | ||
64 | $Id: README.privsep,v 1.12 2003/08/26 00:48:15 djm Exp $ | 64 | $Id: README.privsep,v 1.13 2003/11/21 12:48:55 djm Exp $ |
diff --git a/README.smartcard b/README.smartcard index 88810fc83..fdf83ecab 100644 --- a/README.smartcard +++ b/README.smartcard | |||
@@ -1,7 +1,7 @@ | |||
1 | How to use smartcards with OpenSSH? | 1 | How to use smartcards with OpenSSH? |
2 | 2 | ||
3 | OpenSSH contains experimental support for authentication using | 3 | OpenSSH contains experimental support for authentication using |
4 | Cyberflex smartcards and TODOS card readers, in addition to the cards | 4 | Cyberflex smartcards and TODOS card readers, in addition to the cards |
5 | with PKCS#15 structure supported by OpenSC. To enable this you | 5 | with PKCS#15 structure supported by OpenSC. To enable this you |
6 | need to: | 6 | need to: |
7 | 7 | ||
@@ -27,8 +27,8 @@ Using libsectok: | |||
27 | sectok> login -d | 27 | sectok> login -d |
28 | sectok> jload /usr/libdata/ssh/Ssh.bin | 28 | sectok> jload /usr/libdata/ssh/Ssh.bin |
29 | sectok> setpass | 29 | sectok> setpass |
30 | Enter new AUT0 passphrase: | 30 | Enter new AUT0 passphrase: |
31 | Re-enter passphrase: | 31 | Re-enter passphrase: |
32 | sectok> quit | 32 | sectok> quit |
33 | 33 | ||
34 | Do not forget the passphrase. There is no way to | 34 | Do not forget the passphrase. There is no way to |
@@ -51,9 +51,9 @@ Using libsectok: | |||
51 | 51 | ||
52 | $ sectok | 52 | $ sectok |
53 | sectok> login -d | 53 | sectok> login -d |
54 | sectok> acl 0012 world: w | 54 | sectok> acl 0012 world: w |
55 | world: w | 55 | world: w |
56 | AUT0: w inval | 56 | AUT0: w inval |
57 | sectok> quit | 57 | sectok> quit |
58 | 58 | ||
59 | If you do this, anyone who has access to your card | 59 | If you do this, anyone who has access to your card |
@@ -90,4 +90,4 @@ Common operations: | |||
90 | -markus, | 90 | -markus, |
91 | Tue Jul 17 23:54:51 CEST 2001 | 91 | Tue Jul 17 23:54:51 CEST 2001 |
92 | 92 | ||
93 | $OpenBSD: README.smartcard,v 1.8 2002/03/26 18:56:23 rees Exp $ | 93 | $OpenBSD: README.smartcard,v 1.9 2003/11/21 11:57:02 djm Exp $ |
@@ -137,7 +137,7 @@ pseudo tty, starting X11 [X11] or TCP/IP port forwarding, starting | |||
137 | authentication agent forwarding, and executing the shell or a command. | 137 | authentication agent forwarding, and executing the shell or a command. |
138 | 138 | ||
139 | When a shell or command is executed, the connection enters interactive | 139 | When a shell or command is executed, the connection enters interactive |
140 | session mode. In this mode, data is passed in both directions, | 140 | session mode. In this mode, data is passed in both directions, |
141 | new forwarded connections may be opened, etc. The interactive session | 141 | new forwarded connections may be opened, etc. The interactive session |
142 | normally terminates when the server sends the exit status of the | 142 | normally terminates when the server sends the exit status of the |
143 | program to the client. | 143 | program to the client. |
@@ -372,7 +372,7 @@ previous versions keep the same major protocol version; changes that | |||
372 | are not compatible increment the major version (which will hopefully | 372 | are not compatible increment the major version (which will hopefully |
373 | never happen). The version described in this document is 1.3. | 373 | never happen). The version described in this document is 1.3. |
374 | 374 | ||
375 | The client will | 375 | The client will |
376 | 376 | ||
377 | .ti 0 | 377 | .ti 0 |
378 | Key Exchange and Server Host Authentication | 378 | Key Exchange and Server Host Authentication |
@@ -8,7 +8,7 @@ Documentation: | |||
8 | - Install FAQ? | 8 | - Install FAQ? |
9 | 9 | ||
10 | - General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it | 10 | - General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it |
11 | would be best to use them. | 11 | would be best to use them. |
12 | 12 | ||
13 | - Create a Documentation/ directory? | 13 | - Create a Documentation/ directory? |
14 | 14 | ||
@@ -17,7 +17,7 @@ Programming: | |||
17 | - Grep for 'XXX' comments and fix | 17 | - Grep for 'XXX' comments and fix |
18 | 18 | ||
19 | - Link order is incorrect for some systems using Kerberos 4 and AFS. Result | 19 | - Link order is incorrect for some systems using Kerberos 4 and AFS. Result |
20 | is multiple inclusion of DES symbols. Holger Trapp | 20 | is multiple inclusion of DES symbols. Holger Trapp |
21 | <holger.trapp@hrz.tu-chemnitz.de> reports that changing the configure | 21 | <holger.trapp@hrz.tu-chemnitz.de> reports that changing the configure |
22 | generated link order from: | 22 | generated link order from: |
23 | -lresolv -lkrb -lz -lnsl -lutil -lkafs -lkrb -ldes -lcrypto | 23 | -lresolv -lkrb -lz -lnsl -lutil -lkafs -lkrb -ldes -lcrypto |
@@ -26,7 +26,7 @@ Programming: | |||
26 | fixing the problem. | 26 | fixing the problem. |
27 | 27 | ||
28 | - Write a test program that calls stat() to search for EGD/PRNGd socket | 28 | - Write a test program that calls stat() to search for EGD/PRNGd socket |
29 | rather than use the (non-portable) "test -S". | 29 | rather than use the (non-portable) "test -S". |
30 | 30 | ||
31 | - More platforms for for setproctitle() emulation (testing needed) | 31 | - More platforms for for setproctitle() emulation (testing needed) |
32 | 32 | ||
@@ -70,7 +70,7 @@ Clean up configure/makefiles: | |||
70 | to allow people to (right/wrongfully) link against Bind directly. | 70 | to allow people to (right/wrongfully) link against Bind directly. |
71 | 71 | ||
72 | - Consider splitting configure.ac into seperate files which do logically | 72 | - Consider splitting configure.ac into seperate files which do logically |
73 | similar tests. E.g move all the type detection stuff into one file, | 73 | similar tests. E.g move all the type detection stuff into one file, |
74 | entropy related stuff into another. | 74 | entropy related stuff into another. |
75 | 75 | ||
76 | Packaging: | 76 | Packaging: |
@@ -86,7 +86,7 @@ PrivSep Issues: | |||
86 | + /dev/zero solution (Solaris) | 86 | + /dev/zero solution (Solaris) |
87 | + No/broken MAP_ANON (Irix) | 87 | + No/broken MAP_ANON (Irix) |
88 | + broken /dev/zero parse (Linux) | 88 | + broken /dev/zero parse (Linux) |
89 | - PAM | 89 | - PAM |
90 | + See above PAM notes | 90 | + See above PAM notes |
91 | - AIX | 91 | - AIX |
92 | + usrinfo() does not set TTY, but only required for legacy systems. Works | 92 | + usrinfo() does not set TTY, but only required for legacy systems. Works |
@@ -96,4 +96,4 @@ PrivSep Issues: | |||
96 | - Cygwin | 96 | - Cygwin |
97 | + Privsep for Pre-auth only (no fd passing) | 97 | + Privsep for Pre-auth only (no fd passing) |
98 | 98 | ||
99 | $Id: TODO,v 1.55 2003/06/11 13:56:41 dtucker Exp $ | 99 | $Id: TODO,v 1.56 2003/11/21 12:48:55 djm Exp $ |
diff --git a/WARNING.RNG b/WARNING.RNG index ae43930a7..5d4ea8753 100644 --- a/WARNING.RNG +++ b/WARNING.RNG | |||
@@ -44,16 +44,16 @@ the specified program. | |||
44 | 44 | ||
45 | The random number code will also read and save a seed file to | 45 | The random number code will also read and save a seed file to |
46 | ~/.ssh/prng_seed. This contents of this file are added to the random | 46 | ~/.ssh/prng_seed. This contents of this file are added to the random |
47 | number generator at startup. The goal here is to maintain as much | 47 | number generator at startup. The goal here is to maintain as much |
48 | randomness between sessions as possible. | 48 | randomness between sessions as possible. |
49 | 49 | ||
50 | The default entropy collection code has two main problems: | 50 | The default entropy collection code has two main problems: |
51 | 51 | ||
52 | 1. It is slow. | 52 | 1. It is slow. |
53 | 53 | ||
54 | Executing each program in the list can take a large amount of time, | 54 | Executing each program in the list can take a large amount of time, |
55 | especially on slower machines. Additionally some program can take a | 55 | especially on slower machines. Additionally some program can take a |
56 | disproportionate time to execute. | 56 | disproportionate time to execute. |
57 | 57 | ||
58 | Tuning the default entropy collection code is difficult at this point. | 58 | Tuning the default entropy collection code is difficult at this point. |
59 | It requires doing 'times ./ssh-rand-helper' and modifying the | 59 | It requires doing 'times ./ssh-rand-helper' and modifying the |
@@ -93,4 +93,4 @@ If you are forced to use ssh-rand-helper consider still downloading | |||
93 | prngd/egd and configure OpenSSH using --with-prngd-port=xx or | 93 | prngd/egd and configure OpenSSH using --with-prngd-port=xx or |
94 | --with-prngd-socket=xx (refer to INSTALL for more information). | 94 | --with-prngd-socket=xx (refer to INSTALL for more information). |
95 | 95 | ||
96 | $Id: WARNING.RNG,v 1.5 2002/04/14 13:16:05 djm Exp $ | 96 | $Id: WARNING.RNG,v 1.6 2003/11/21 12:48:55 djm Exp $ |
diff --git a/auth-chall.c b/auth-chall.c index dd55d6eb0..a9d314dd2 100644 --- a/auth-chall.c +++ b/auth-chall.c | |||
@@ -84,7 +84,7 @@ verify_response(Authctxt *authctxt, const char *response) | |||
84 | if ((device->query(authctxt->kbdintctxt, &name, &info, | 84 | if ((device->query(authctxt->kbdintctxt, &name, &info, |
85 | &numprompts, &prompts, &echo_on)) != 0) | 85 | &numprompts, &prompts, &echo_on)) != 0) |
86 | break; | 86 | break; |
87 | if (numprompts == 0 && | 87 | if (numprompts == 0 && |
88 | device->respond(authctxt->kbdintctxt, 0, resp) == 0) | 88 | device->respond(authctxt->kbdintctxt, 0, resp) == 0) |
89 | authenticated = 1; | 89 | authenticated = 1; |
90 | 90 | ||
diff --git a/auth-krb5.c b/auth-krb5.c index 101e53bca..b41c4882b 100644 --- a/auth-krb5.c +++ b/auth-krb5.c | |||
@@ -28,7 +28,7 @@ | |||
28 | */ | 28 | */ |
29 | 29 | ||
30 | #include "includes.h" | 30 | #include "includes.h" |
31 | RCSID("$OpenBSD: auth-krb5.c,v 1.14 2003/11/04 08:54:09 djm Exp $"); | 31 | RCSID("$OpenBSD: auth-krb5.c,v 1.15 2003/11/21 11:57:02 djm Exp $"); |
32 | 32 | ||
33 | #include "ssh.h" | 33 | #include "ssh.h" |
34 | #include "ssh1.h" | 34 | #include "ssh1.h" |
@@ -136,11 +136,11 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
136 | if (problem) | 136 | if (problem) |
137 | goto out; | 137 | goto out; |
138 | 138 | ||
139 | if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user, | 139 | if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user, |
140 | authctxt->pw->pw_name)) { | 140 | authctxt->pw->pw_name)) { |
141 | problem = -1; | 141 | problem = -1; |
142 | goto out; | 142 | goto out; |
143 | } | 143 | } |
144 | 144 | ||
145 | snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); | 145 | snprintf(ccname,sizeof(ccname),"FILE:/tmp/krb5cc_%d_XXXXXX",geteuid()); |
146 | 146 | ||
diff --git a/auth-pam.c b/auth-pam.c index 2594bed3d..8b1915669 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -31,7 +31,7 @@ | |||
31 | 31 | ||
32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
33 | #include "includes.h" | 33 | #include "includes.h" |
34 | RCSID("$Id: auth-pam.c,v 1.82 2003/11/18 01:45:36 dtucker Exp $"); | 34 | RCSID("$Id: auth-pam.c,v 1.83 2003/11/21 12:48:55 djm Exp $"); |
35 | 35 | ||
36 | #ifdef USE_PAM | 36 | #ifdef USE_PAM |
37 | #include <security/pam_appl.h> | 37 | #include <security/pam_appl.h> |
@@ -59,11 +59,11 @@ extern Buffer loginmsg; | |||
59 | #ifdef USE_POSIX_THREADS | 59 | #ifdef USE_POSIX_THREADS |
60 | #include <pthread.h> | 60 | #include <pthread.h> |
61 | /* | 61 | /* |
62 | * Avoid namespace clash when *not* using pthreads for systems *with* | 62 | * Avoid namespace clash when *not* using pthreads for systems *with* |
63 | * pthreads, which unconditionally define pthread_t via sys/types.h | 63 | * pthreads, which unconditionally define pthread_t via sys/types.h |
64 | * (e.g. Linux) | 64 | * (e.g. Linux) |
65 | */ | 65 | */ |
66 | typedef pthread_t sp_pthread_t; | 66 | typedef pthread_t sp_pthread_t; |
67 | #else | 67 | #else |
68 | /* | 68 | /* |
69 | * Simulate threads with processes. | 69 | * Simulate threads with processes. |
@@ -136,7 +136,7 @@ static char ** | |||
136 | pam_getenvlist(pam_handle_t *pamh) | 136 | pam_getenvlist(pam_handle_t *pamh) |
137 | { | 137 | { |
138 | /* | 138 | /* |
139 | * XXX - If necessary, we can still support envrionment passing | 139 | * XXX - If necessary, we can still support envrionment passing |
140 | * for platforms without pam_getenvlist by searching for known | 140 | * for platforms without pam_getenvlist by searching for known |
141 | * env vars (e.g. KRB5CCNAME) from the PAM environment. | 141 | * env vars (e.g. KRB5CCNAME) from the PAM environment. |
142 | */ | 142 | */ |
@@ -203,21 +203,21 @@ sshpam_thread_conv(int n, const struct pam_message **msg, | |||
203 | for (i = 0; i < n; ++i) { | 203 | for (i = 0; i < n; ++i) { |
204 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { | 204 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { |
205 | case PAM_PROMPT_ECHO_OFF: | 205 | case PAM_PROMPT_ECHO_OFF: |
206 | buffer_put_cstring(&buffer, | 206 | buffer_put_cstring(&buffer, |
207 | PAM_MSG_MEMBER(msg, i, msg)); | 207 | PAM_MSG_MEMBER(msg, i, msg)); |
208 | if (ssh_msg_send(ctxt->pam_csock, | 208 | if (ssh_msg_send(ctxt->pam_csock, |
209 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) | 209 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) |
210 | goto fail; | 210 | goto fail; |
211 | if (ssh_msg_recv(ctxt->pam_csock, &buffer) == -1) | 211 | if (ssh_msg_recv(ctxt->pam_csock, &buffer) == -1) |
212 | goto fail; | 212 | goto fail; |
213 | if (buffer_get_char(&buffer) != PAM_AUTHTOK) | 213 | if (buffer_get_char(&buffer) != PAM_AUTHTOK) |
214 | goto fail; | 214 | goto fail; |
215 | reply[i].resp = buffer_get_string(&buffer, NULL); | 215 | reply[i].resp = buffer_get_string(&buffer, NULL); |
216 | break; | 216 | break; |
217 | case PAM_PROMPT_ECHO_ON: | 217 | case PAM_PROMPT_ECHO_ON: |
218 | buffer_put_cstring(&buffer, | 218 | buffer_put_cstring(&buffer, |
219 | PAM_MSG_MEMBER(msg, i, msg)); | 219 | PAM_MSG_MEMBER(msg, i, msg)); |
220 | if (ssh_msg_send(ctxt->pam_csock, | 220 | if (ssh_msg_send(ctxt->pam_csock, |
221 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) | 221 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) |
222 | goto fail; | 222 | goto fail; |
223 | if (ssh_msg_recv(ctxt->pam_csock, &buffer) == -1) | 223 | if (ssh_msg_recv(ctxt->pam_csock, &buffer) == -1) |
@@ -227,16 +227,16 @@ sshpam_thread_conv(int n, const struct pam_message **msg, | |||
227 | reply[i].resp = buffer_get_string(&buffer, NULL); | 227 | reply[i].resp = buffer_get_string(&buffer, NULL); |
228 | break; | 228 | break; |
229 | case PAM_ERROR_MSG: | 229 | case PAM_ERROR_MSG: |
230 | buffer_put_cstring(&buffer, | 230 | buffer_put_cstring(&buffer, |
231 | PAM_MSG_MEMBER(msg, i, msg)); | 231 | PAM_MSG_MEMBER(msg, i, msg)); |
232 | if (ssh_msg_send(ctxt->pam_csock, | 232 | if (ssh_msg_send(ctxt->pam_csock, |
233 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) | 233 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) |
234 | goto fail; | 234 | goto fail; |
235 | break; | 235 | break; |
236 | case PAM_TEXT_INFO: | 236 | case PAM_TEXT_INFO: |
237 | buffer_put_cstring(&buffer, | 237 | buffer_put_cstring(&buffer, |
238 | PAM_MSG_MEMBER(msg, i, msg)); | 238 | PAM_MSG_MEMBER(msg, i, msg)); |
239 | if (ssh_msg_send(ctxt->pam_csock, | 239 | if (ssh_msg_send(ctxt->pam_csock, |
240 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) | 240 | PAM_MSG_MEMBER(msg, i, msg_style), &buffer) == -1) |
241 | goto fail; | 241 | goto fail; |
242 | break; | 242 | break; |
@@ -402,11 +402,11 @@ sshpam_init(const char *user) | |||
402 | return (-1); | 402 | return (-1); |
403 | } | 403 | } |
404 | #ifdef PAM_TTY_KLUDGE | 404 | #ifdef PAM_TTY_KLUDGE |
405 | /* | 405 | /* |
406 | * Some silly PAM modules (e.g. pam_time) require a TTY to operate. | 406 | * Some silly PAM modules (e.g. pam_time) require a TTY to operate. |
407 | * sshd doesn't set the tty until too late in the auth process and | 407 | * sshd doesn't set the tty until too late in the auth process and |
408 | * may not even set one (for tty-less connections) | 408 | * may not even set one (for tty-less connections) |
409 | */ | 409 | */ |
410 | debug("PAM: setting PAM_TTY to \"ssh\""); | 410 | debug("PAM: setting PAM_TTY to \"ssh\""); |
411 | sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, "ssh"); | 411 | sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, "ssh"); |
412 | if (sshpam_err != PAM_SUCCESS) { | 412 | if (sshpam_err != PAM_SUCCESS) { |
@@ -695,7 +695,7 @@ pam_tty_conv(int n, const struct pam_message **msg, | |||
695 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { | 695 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { |
696 | case PAM_PROMPT_ECHO_OFF: | 696 | case PAM_PROMPT_ECHO_OFF: |
697 | reply[i].resp = | 697 | reply[i].resp = |
698 | read_passphrase(PAM_MSG_MEMBER(msg, i, msg), | 698 | read_passphrase(PAM_MSG_MEMBER(msg, i, msg), |
699 | RP_ALLOW_STDIN); | 699 | RP_ALLOW_STDIN); |
700 | reply[i].resp_retcode = PAM_SUCCESS; | 700 | reply[i].resp_retcode = PAM_SUCCESS; |
701 | break; | 701 | break; |
@@ -752,7 +752,7 @@ do_pam_chauthtok(void) | |||
752 | void | 752 | void |
753 | do_pam_session(void) | 753 | do_pam_session(void) |
754 | { | 754 | { |
755 | sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, | 755 | sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, |
756 | (const void *)&tty_conv); | 756 | (const void *)&tty_conv); |
757 | if (sshpam_err != PAM_SUCCESS) | 757 | if (sshpam_err != PAM_SUCCESS) |
758 | fatal("PAM: failed to set PAM_CONV: %s", | 758 | fatal("PAM: failed to set PAM_CONV: %s", |
@@ -764,13 +764,13 @@ do_pam_session(void) | |||
764 | sshpam_session_open = 1; | 764 | sshpam_session_open = 1; |
765 | } | 765 | } |
766 | 766 | ||
767 | /* | 767 | /* |
768 | * Set a PAM environment string. We need to do this so that the session | 768 | * Set a PAM environment string. We need to do this so that the session |
769 | * modules can handle things like Kerberos/GSI credentials that appear | 769 | * modules can handle things like Kerberos/GSI credentials that appear |
770 | * during the ssh authentication process. | 770 | * during the ssh authentication process. |
771 | */ | 771 | */ |
772 | int | 772 | int |
773 | do_pam_putenv(char *name, char *value) | 773 | do_pam_putenv(char *name, char *value) |
774 | { | 774 | { |
775 | int ret = 1; | 775 | int ret = 1; |
776 | #ifdef HAVE_PAM_PUTENV | 776 | #ifdef HAVE_PAM_PUTENV |
diff --git a/auth-passwd.c b/auth-passwd.c index b7e275556..4cbfe3689 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
@@ -97,7 +97,7 @@ auth_password(Authctxt *authctxt, const char *password) | |||
97 | if (authenticate(pw->pw_name, password, &reenter, | 97 | if (authenticate(pw->pw_name, password, &reenter, |
98 | &authmsg) == 0 && ok) { | 98 | &authmsg) == 0 && ok) { |
99 | char *msg; | 99 | char *msg; |
100 | char *host = | 100 | char *host = |
101 | (char *)get_canonical_hostname(options.use_dns); | 101 | (char *)get_canonical_hostname(options.use_dns); |
102 | 102 | ||
103 | authsuccess = 1; | 103 | authsuccess = 1; |
@@ -106,13 +106,13 @@ auth_password(Authctxt *authctxt, const char *password) | |||
106 | debug3("AIX/authenticate succeeded for user %s: %.100s", | 106 | debug3("AIX/authenticate succeeded for user %s: %.100s", |
107 | pw->pw_name, authmsg); | 107 | pw->pw_name, authmsg); |
108 | 108 | ||
109 | /* No pty yet, so just label the line as "ssh" */ | 109 | /* No pty yet, so just label the line as "ssh" */ |
110 | aix_setauthdb(authctxt->user); | 110 | aix_setauthdb(authctxt->user); |
111 | if (loginsuccess(authctxt->user, host, "ssh", | 111 | if (loginsuccess(authctxt->user, host, "ssh", |
112 | &msg) == 0) { | 112 | &msg) == 0) { |
113 | if (msg != NULL) { | 113 | if (msg != NULL) { |
114 | debug("%s: msg %s", __func__, msg); | 114 | debug("%s: msg %s", __func__, msg); |
115 | buffer_append(&loginmsg, msg, | 115 | buffer_append(&loginmsg, msg, |
116 | strlen(msg)); | 116 | strlen(msg)); |
117 | xfree(msg); | 117 | xfree(msg); |
118 | } | 118 | } |
diff --git a/auth-sia.c b/auth-sia.c index cae5f0912..544b601b3 100644 --- a/auth-sia.c +++ b/auth-sia.c | |||
@@ -83,7 +83,7 @@ session_setup_sia(struct passwd *pw, char *tty) | |||
83 | 83 | ||
84 | host = get_canonical_hostname(options.use_dns); | 84 | host = get_canonical_hostname(options.use_dns); |
85 | 85 | ||
86 | if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name, | 86 | if (sia_ses_init(&ent, saved_argc, saved_argv, host, pw->pw_name, |
87 | tty, 0, NULL) != SIASUCCESS) | 87 | tty, 0, NULL) != SIASUCCESS) |
88 | fatal("sia_ses_init failed"); | 88 | fatal("sia_ses_init failed"); |
89 | 89 | ||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth.c,v 1.50 2003/09/23 20:17:11 markus Exp $"); | 26 | RCSID("$OpenBSD: auth.c,v 1.51 2003/11/21 11:57:02 djm Exp $"); |
27 | 27 | ||
28 | #ifdef HAVE_LOGIN_H | 28 | #ifdef HAVE_LOGIN_H |
29 | #include <login.h> | 29 | #include <login.h> |
@@ -129,7 +129,7 @@ allowed_user(struct passwd * pw) | |||
129 | #endif /* HAS_SHADOW_EXPIRE */ | 129 | #endif /* HAS_SHADOW_EXPIRE */ |
130 | #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ | 130 | #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ |
131 | 131 | ||
132 | /* grab passwd field for locked account check */ | 132 | /* grab passwd field for locked account check */ |
133 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | 133 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) |
134 | if (spw != NULL) | 134 | if (spw != NULL) |
135 | passwd = spw->sp_pwdp; | 135 | passwd = spw->sp_pwdp; |
@@ -137,7 +137,7 @@ allowed_user(struct passwd * pw) | |||
137 | passwd = pw->pw_passwd; | 137 | passwd = pw->pw_passwd; |
138 | #endif | 138 | #endif |
139 | 139 | ||
140 | /* check for locked account */ | 140 | /* check for locked account */ |
141 | if (!options.use_pam && passwd && *passwd) { | 141 | if (!options.use_pam && passwd && *passwd) { |
142 | int locked = 0; | 142 | int locked = 0; |
143 | 143 | ||
@@ -249,7 +249,7 @@ allowed_user(struct passwd * pw) | |||
249 | if ((pw->pw_uid != 0) && (geteuid() == 0)) { | 249 | if ((pw->pw_uid != 0) && (geteuid() == 0)) { |
250 | char *msg; | 250 | char *msg; |
251 | 251 | ||
252 | if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) { | 252 | if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) { |
253 | int loginrestrict_errno = errno; | 253 | int loginrestrict_errno = errno; |
254 | 254 | ||
255 | if (msg && *msg) { | 255 | if (msg && *msg) { |
@@ -259,7 +259,7 @@ allowed_user(struct passwd * pw) | |||
259 | pw->pw_name, msg); | 259 | pw->pw_name, msg); |
260 | } | 260 | } |
261 | /* Don't fail if /etc/nologin set */ | 261 | /* Don't fail if /etc/nologin set */ |
262 | if (!(loginrestrict_errno == EPERM && | 262 | if (!(loginrestrict_errno == EPERM && |
263 | stat(_PATH_NOLOGIN, &st) == 0)) | 263 | stat(_PATH_NOLOGIN, &st) == 0)) |
264 | return 0; | 264 | return 0; |
265 | } | 265 | } |
@@ -246,7 +246,7 @@ do_authloop(Authctxt *authctxt) | |||
246 | #endif | 246 | #endif |
247 | 247 | ||
248 | #ifdef USE_PAM | 248 | #ifdef USE_PAM |
249 | if (options.use_pam && authenticated && | 249 | if (options.use_pam && authenticated && |
250 | !PRIVSEP(do_pam_account())) | 250 | !PRIVSEP(do_pam_account())) |
251 | authenticated = 0; | 251 | authenticated = 0; |
252 | #endif | 252 | #endif |
diff --git a/auth2-gss.c b/auth2-gss.c index 220862dc8..799d3326c 100644 --- a/auth2-gss.c +++ b/auth2-gss.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-gss.c,v 1.6 2003/11/17 11:06:07 markus Exp $ */ | 1 | /* $OpenBSD: auth2-gss.c,v 1.7 2003/11/21 11:57:03 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -82,11 +82,11 @@ userauth_gssapi(Authctxt *authctxt) | |||
82 | present = 0; | 82 | present = 0; |
83 | doid = packet_get_string(&len); | 83 | doid = packet_get_string(&len); |
84 | 84 | ||
85 | if (len > 2 && | 85 | if (len > 2 && |
86 | doid[0] == SSH_GSS_OIDTYPE && | 86 | doid[0] == SSH_GSS_OIDTYPE && |
87 | doid[1] == len - 2) { | 87 | doid[1] == len - 2) { |
88 | oid.elements = doid + 2; | 88 | oid.elements = doid + 2; |
89 | oid.length = len - 2; | 89 | oid.length = len - 2; |
90 | gss_test_oid_set_member(&ms, &oid, supported, | 90 | gss_test_oid_set_member(&ms, &oid, supported, |
91 | &present); | 91 | &present); |
92 | } else { | 92 | } else { |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: authfd.c,v 1.62 2003/09/18 13:02:21 miod Exp $"); | 38 | RCSID("$OpenBSD: authfd.c,v 1.63 2003/11/21 11:57:03 djm Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | 41 | ||
@@ -590,7 +590,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) | |||
590 | } | 590 | } |
591 | 591 | ||
592 | int | 592 | int |
593 | ssh_update_card(AuthenticationConnection *auth, int add, | 593 | ssh_update_card(AuthenticationConnection *auth, int add, |
594 | const char *reader_id, const char *pin, u_int life, u_int confirm) | 594 | const char *reader_id, const char *pin, u_int life, u_int confirm) |
595 | { | 595 | { |
596 | Buffer msg; | 596 | Buffer msg; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.h,v 1.33 2003/06/11 11:18:38 djm Exp $ */ | 1 | /* $OpenBSD: authfd.h,v 1.34 2003/11/21 11:57:03 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -83,7 +83,7 @@ int ssh_add_identity_constrained(AuthenticationConnection *, Key *, | |||
83 | int ssh_remove_identity(AuthenticationConnection *, Key *); | 83 | int ssh_remove_identity(AuthenticationConnection *, Key *); |
84 | int ssh_remove_all_identities(AuthenticationConnection *, int); | 84 | int ssh_remove_all_identities(AuthenticationConnection *, int); |
85 | int ssh_lock_agent(AuthenticationConnection *, int, const char *); | 85 | int ssh_lock_agent(AuthenticationConnection *, int, const char *); |
86 | int ssh_update_card(AuthenticationConnection *, int, const char *, | 86 | int ssh_update_card(AuthenticationConnection *, int, const char *, |
87 | const char *, u_int, u_int); | 87 | const char *, u_int, u_int); |
88 | 88 | ||
89 | int | 89 | int |
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: buffer.c,v 1.20 2003/09/19 09:03:00 markus Exp $"); | 15 | RCSID("$OpenBSD: buffer.c,v 1.21 2003/11/21 11:57:03 djm Exp $"); |
16 | 16 | ||
17 | #include "xmalloc.h" | 17 | #include "xmalloc.h" |
18 | #include "buffer.h" | 18 | #include "buffer.h" |
diff --git a/channels.c b/channels.c index 060d0f507..4150b5504 100644 --- a/channels.c +++ b/channels.c | |||
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: channels.c,v 1.197 2003/09/23 20:41:11 markus Exp $"); | 42 | RCSID("$OpenBSD: channels.c,v 1.198 2003/11/21 11:57:03 djm Exp $"); |
43 | 43 | ||
44 | #include "ssh.h" | 44 | #include "ssh.h" |
45 | #include "ssh1.h" | 45 | #include "ssh1.h" |
@@ -970,7 +970,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset) | |||
970 | have = buffer_len(&c->input); | 970 | have = buffer_len(&c->input); |
971 | if (!(c->flags & SSH_SOCKS5_AUTHDONE)) { | 971 | if (!(c->flags & SSH_SOCKS5_AUTHDONE)) { |
972 | /* format: ver | nmethods | methods */ | 972 | /* format: ver | nmethods | methods */ |
973 | if (have < 2) | 973 | if (have < 2) |
974 | return 0; | 974 | return 0; |
975 | nmethods = p[1]; | 975 | nmethods = p[1]; |
976 | if (have < nmethods + 2) | 976 | if (have < nmethods + 2) |
@@ -1397,7 +1397,7 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) | |||
1397 | data = buffer_ptr(&c->output); | 1397 | data = buffer_ptr(&c->output); |
1398 | dlen = buffer_len(&c->output); | 1398 | dlen = buffer_len(&c->output); |
1399 | #ifdef _AIX | 1399 | #ifdef _AIX |
1400 | /* XXX: Later AIX versions can't push as much data to tty */ | 1400 | /* XXX: Later AIX versions can't push as much data to tty */ |
1401 | if (compat20 && c->wfd_isatty && dlen > 8*1024) | 1401 | if (compat20 && c->wfd_isatty && dlen > 8*1024) |
1402 | dlen = 8*1024; | 1402 | dlen = 8*1024; |
1403 | #endif | 1403 | #endif |
diff --git a/cipher-ctr.c b/cipher-ctr.c index 4f0814b22..a9ddb8a66 100644 --- a/cipher-ctr.c +++ b/cipher-ctr.c | |||
@@ -14,7 +14,7 @@ | |||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
15 | */ | 15 | */ |
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$OpenBSD: cipher-ctr.c,v 1.2 2003/06/17 18:14:23 markus Exp $"); | 17 | RCSID("$OpenBSD: cipher-ctr.c,v 1.3 2003/11/21 11:57:03 djm Exp $"); |
18 | 18 | ||
19 | #include <openssl/evp.h> | 19 | #include <openssl/evp.h> |
20 | 20 | ||
@@ -94,7 +94,7 @@ ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, | |||
94 | EVP_CIPHER_CTX_set_app_data(ctx, c); | 94 | EVP_CIPHER_CTX_set_app_data(ctx, c); |
95 | } | 95 | } |
96 | if (key != NULL) | 96 | if (key != NULL) |
97 | AES_set_encrypt_key(key, ctx->key_len * 8, &c->aes_ctx); | 97 | AES_set_encrypt_key(key, ctx->key_len * 8, &c->aes_ctx); |
98 | if (iv != NULL) | 98 | if (iv != NULL) |
99 | memcpy(c->aes_counter, iv, AES_BLOCK_SIZE); | 99 | memcpy(c->aes_counter, iv, AES_BLOCK_SIZE); |
100 | return (1); | 100 | return (1); |
diff --git a/config.guess b/config.guess index e8f206123..3fe4d4f35 100755 --- a/config.guess +++ b/config.guess | |||
@@ -174,7 +174,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in | |||
174 | fi | 174 | fi |
175 | ;; | 175 | ;; |
176 | *) | 176 | *) |
177 | os=netbsd | 177 | os=netbsd |
178 | ;; | 178 | ;; |
179 | esac | 179 | esac |
180 | # The OS release | 180 | # The OS release |
@@ -382,23 +382,23 @@ EOF | |||
382 | # MiNT. But MiNT is downward compatible to TOS, so this should | 382 | # MiNT. But MiNT is downward compatible to TOS, so this should |
383 | # be no problem. | 383 | # be no problem. |
384 | atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) | 384 | atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) |
385 | echo m68k-atari-mint${UNAME_RELEASE} | 385 | echo m68k-atari-mint${UNAME_RELEASE} |
386 | exit 0 ;; | 386 | exit 0 ;; |
387 | atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) | 387 | atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) |
388 | echo m68k-atari-mint${UNAME_RELEASE} | 388 | echo m68k-atari-mint${UNAME_RELEASE} |
389 | exit 0 ;; | 389 | exit 0 ;; |
390 | *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) | 390 | *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) |
391 | echo m68k-atari-mint${UNAME_RELEASE} | 391 | echo m68k-atari-mint${UNAME_RELEASE} |
392 | exit 0 ;; | 392 | exit 0 ;; |
393 | milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) | 393 | milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) |
394 | echo m68k-milan-mint${UNAME_RELEASE} | 394 | echo m68k-milan-mint${UNAME_RELEASE} |
395 | exit 0 ;; | 395 | exit 0 ;; |
396 | hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) | 396 | hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) |
397 | echo m68k-hades-mint${UNAME_RELEASE} | 397 | echo m68k-hades-mint${UNAME_RELEASE} |
398 | exit 0 ;; | 398 | exit 0 ;; |
399 | *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) | 399 | *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) |
400 | echo m68k-unknown-mint${UNAME_RELEASE} | 400 | echo m68k-unknown-mint${UNAME_RELEASE} |
401 | exit 0 ;; | 401 | exit 0 ;; |
402 | powerpc:machten:*:*) | 402 | powerpc:machten:*:*) |
403 | echo powerpc-apple-machten${UNAME_RELEASE} | 403 | echo powerpc-apple-machten${UNAME_RELEASE} |
404 | exit 0 ;; | 404 | exit 0 ;; |
@@ -462,8 +462,8 @@ EOF | |||
462 | echo m88k-motorola-sysv3 | 462 | echo m88k-motorola-sysv3 |
463 | exit 0 ;; | 463 | exit 0 ;; |
464 | AViiON:dgux:*:*) | 464 | AViiON:dgux:*:*) |
465 | # DG/UX returns AViiON for all architectures | 465 | # DG/UX returns AViiON for all architectures |
466 | UNAME_PROCESSOR=`/usr/bin/uname -p` | 466 | UNAME_PROCESSOR=`/usr/bin/uname -p` |
467 | if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] | 467 | if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] |
468 | then | 468 | then |
469 | if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ | 469 | if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ |
@@ -476,7 +476,7 @@ EOF | |||
476 | else | 476 | else |
477 | echo i586-dg-dgux${UNAME_RELEASE} | 477 | echo i586-dg-dgux${UNAME_RELEASE} |
478 | fi | 478 | fi |
479 | exit 0 ;; | 479 | exit 0 ;; |
480 | M88*:DolphinOS:*:*) # DolphinOS (SVR3) | 480 | M88*:DolphinOS:*:*) # DolphinOS (SVR3) |
481 | echo m88k-dolphin-sysv3 | 481 | echo m88k-dolphin-sysv3 |
482 | exit 0 ;; | 482 | exit 0 ;; |
@@ -573,52 +573,52 @@ EOF | |||
573 | 9000/[678][0-9][0-9]) | 573 | 9000/[678][0-9][0-9]) |
574 | if [ -x /usr/bin/getconf ]; then | 574 | if [ -x /usr/bin/getconf ]; then |
575 | sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` | 575 | sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` |
576 | sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` | 576 | sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` |
577 | case "${sc_cpu_version}" in | 577 | case "${sc_cpu_version}" in |
578 | 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 | 578 | 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 |
579 | 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 | 579 | 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 |
580 | 532) # CPU_PA_RISC2_0 | 580 | 532) # CPU_PA_RISC2_0 |
581 | case "${sc_kernel_bits}" in | 581 | case "${sc_kernel_bits}" in |
582 | 32) HP_ARCH="hppa2.0n" ;; | 582 | 32) HP_ARCH="hppa2.0n" ;; |
583 | 64) HP_ARCH="hppa2.0w" ;; | 583 | 64) HP_ARCH="hppa2.0w" ;; |
584 | '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 | 584 | '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 |
585 | esac ;; | 585 | esac ;; |
586 | esac | 586 | esac |
587 | fi | 587 | fi |
588 | if [ "${HP_ARCH}" = "" ]; then | 588 | if [ "${HP_ARCH}" = "" ]; then |
589 | eval $set_cc_for_build | 589 | eval $set_cc_for_build |
590 | sed 's/^ //' << EOF >$dummy.c | 590 | sed 's/^ //' << EOF >$dummy.c |
591 | 591 | ||
592 | #define _HPUX_SOURCE | 592 | #define _HPUX_SOURCE |
593 | #include <stdlib.h> | 593 | #include <stdlib.h> |
594 | #include <unistd.h> | 594 | #include <unistd.h> |
595 | 595 | ||
596 | int main () | 596 | int main () |
597 | { | 597 | { |
598 | #if defined(_SC_KERNEL_BITS) | 598 | #if defined(_SC_KERNEL_BITS) |
599 | long bits = sysconf(_SC_KERNEL_BITS); | 599 | long bits = sysconf(_SC_KERNEL_BITS); |
600 | #endif | 600 | #endif |
601 | long cpu = sysconf (_SC_CPU_VERSION); | 601 | long cpu = sysconf (_SC_CPU_VERSION); |
602 | 602 | ||
603 | switch (cpu) | 603 | switch (cpu) |
604 | { | 604 | { |
605 | case CPU_PA_RISC1_0: puts ("hppa1.0"); break; | 605 | case CPU_PA_RISC1_0: puts ("hppa1.0"); break; |
606 | case CPU_PA_RISC1_1: puts ("hppa1.1"); break; | 606 | case CPU_PA_RISC1_1: puts ("hppa1.1"); break; |
607 | case CPU_PA_RISC2_0: | 607 | case CPU_PA_RISC2_0: |
608 | #if defined(_SC_KERNEL_BITS) | 608 | #if defined(_SC_KERNEL_BITS) |
609 | switch (bits) | 609 | switch (bits) |
610 | { | 610 | { |
611 | case 64: puts ("hppa2.0w"); break; | 611 | case 64: puts ("hppa2.0w"); break; |
612 | case 32: puts ("hppa2.0n"); break; | 612 | case 32: puts ("hppa2.0n"); break; |
613 | default: puts ("hppa2.0"); break; | 613 | default: puts ("hppa2.0"); break; |
614 | } break; | 614 | } break; |
615 | #else /* !defined(_SC_KERNEL_BITS) */ | 615 | #else /* !defined(_SC_KERNEL_BITS) */ |
616 | puts ("hppa2.0"); break; | 616 | puts ("hppa2.0"); break; |
617 | #endif | 617 | #endif |
618 | default: puts ("hppa1.0"); break; | 618 | default: puts ("hppa1.0"); break; |
619 | } | 619 | } |
620 | exit (0); | 620 | exit (0); |
621 | } | 621 | } |
622 | EOF | 622 | EOF |
623 | (CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null) && HP_ARCH=`$dummy` | 623 | (CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null) && HP_ARCH=`$dummy` |
624 | if test -z "$HP_ARCH"; then HP_ARCH=hppa; fi | 624 | if test -z "$HP_ARCH"; then HP_ARCH=hppa; fi |
@@ -689,22 +689,22 @@ EOF | |||
689 | exit 0 ;; | 689 | exit 0 ;; |
690 | C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) | 690 | C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) |
691 | echo c1-convex-bsd | 691 | echo c1-convex-bsd |
692 | exit 0 ;; | 692 | exit 0 ;; |
693 | C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) | 693 | C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) |
694 | if getsysinfo -f scalar_acc | 694 | if getsysinfo -f scalar_acc |
695 | then echo c32-convex-bsd | 695 | then echo c32-convex-bsd |
696 | else echo c2-convex-bsd | 696 | else echo c2-convex-bsd |
697 | fi | 697 | fi |
698 | exit 0 ;; | 698 | exit 0 ;; |
699 | C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) | 699 | C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) |
700 | echo c34-convex-bsd | 700 | echo c34-convex-bsd |
701 | exit 0 ;; | 701 | exit 0 ;; |
702 | C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) | 702 | C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) |
703 | echo c38-convex-bsd | 703 | echo c38-convex-bsd |
704 | exit 0 ;; | 704 | exit 0 ;; |
705 | C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) | 705 | C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) |
706 | echo c4-convex-bsd | 706 | echo c4-convex-bsd |
707 | exit 0 ;; | 707 | exit 0 ;; |
708 | CRAY*Y-MP:*:*:*) | 708 | CRAY*Y-MP:*:*:*) |
709 | echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' | 709 | echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' |
710 | exit 0 ;; | 710 | exit 0 ;; |
@@ -731,10 +731,10 @@ EOF | |||
731 | exit 0 ;; | 731 | exit 0 ;; |
732 | F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) | 732 | F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) |
733 | FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` | 733 | FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` |
734 | FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` | 734 | FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` |
735 | FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` | 735 | FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` |
736 | echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" | 736 | echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" |
737 | exit 0 ;; | 737 | exit 0 ;; |
738 | i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) | 738 | i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) |
739 | echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} | 739 | echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} |
740 | exit 0 ;; | 740 | exit 0 ;; |
@@ -836,7 +836,7 @@ EOF | |||
836 | EV6) UNAME_MACHINE=alphaev6 ;; | 836 | EV6) UNAME_MACHINE=alphaev6 ;; |
837 | EV67) UNAME_MACHINE=alphaev67 ;; | 837 | EV67) UNAME_MACHINE=alphaev67 ;; |
838 | EV68*) UNAME_MACHINE=alphaev68 ;; | 838 | EV68*) UNAME_MACHINE=alphaev68 ;; |
839 | esac | 839 | esac |
840 | objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null | 840 | objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null |
841 | if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi | 841 | if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi |
842 | echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} | 842 | echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} |
@@ -875,7 +875,7 @@ EOF | |||
875 | s/.*supported targets: *// | 875 | s/.*supported targets: *// |
876 | s/ .*// | 876 | s/ .*// |
877 | p'` | 877 | p'` |
878 | case "$ld_supported_targets" in | 878 | case "$ld_supported_targets" in |
879 | elf32-i386) | 879 | elf32-i386) |
880 | TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" | 880 | TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" |
881 | ;; | 881 | ;; |
@@ -925,11 +925,11 @@ EOF | |||
925 | echo i386-sequent-sysv4 | 925 | echo i386-sequent-sysv4 |
926 | exit 0 ;; | 926 | exit 0 ;; |
927 | i*86:UNIX_SV:4.2MP:2.*) | 927 | i*86:UNIX_SV:4.2MP:2.*) |
928 | # Unixware is an offshoot of SVR4, but it has its own version | 928 | # Unixware is an offshoot of SVR4, but it has its own version |
929 | # number series starting with 2... | 929 | # number series starting with 2... |
930 | # I am not positive that other SVR4 systems won't match this, | 930 | # I am not positive that other SVR4 systems won't match this, |
931 | # I just have to hope. -- rms. | 931 | # I just have to hope. -- rms. |
932 | # Use sysv4.2uw... so that sysv4* matches it. | 932 | # Use sysv4.2uw... so that sysv4* matches it. |
933 | echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} | 933 | echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} |
934 | exit 0 ;; | 934 | exit 0 ;; |
935 | i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) | 935 | i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) |
@@ -971,10 +971,10 @@ EOF | |||
971 | exit 0 ;; | 971 | exit 0 ;; |
972 | pc:*:*:*) | 972 | pc:*:*:*) |
973 | # Left here for compatibility: | 973 | # Left here for compatibility: |
974 | # uname -m prints for DJGPP always 'pc', but it prints nothing about | 974 | # uname -m prints for DJGPP always 'pc', but it prints nothing about |
975 | # the processor, so we play safe by assuming i386. | 975 | # the processor, so we play safe by assuming i386. |
976 | echo i386-pc-msdosdjgpp | 976 | echo i386-pc-msdosdjgpp |
977 | exit 0 ;; | 977 | exit 0 ;; |
978 | Intel:Mach:3*:*) | 978 | Intel:Mach:3*:*) |
979 | echo i386-pc-mach3 | 979 | echo i386-pc-mach3 |
980 | exit 0 ;; | 980 | exit 0 ;; |
@@ -1003,8 +1003,8 @@ EOF | |||
1003 | /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ | 1003 | /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ |
1004 | && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; | 1004 | && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; |
1005 | 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) | 1005 | 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) |
1006 | /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ | 1006 | /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ |
1007 | && echo i486-ncr-sysv4 && exit 0 ;; | 1007 | && echo i486-ncr-sysv4 && exit 0 ;; |
1008 | m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) | 1008 | m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) |
1009 | echo m68k-unknown-lynxos${UNAME_RELEASE} | 1009 | echo m68k-unknown-lynxos${UNAME_RELEASE} |
1010 | exit 0 ;; | 1010 | exit 0 ;; |
@@ -1041,9 +1041,9 @@ EOF | |||
1041 | fi | 1041 | fi |
1042 | exit 0 ;; | 1042 | exit 0 ;; |
1043 | PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort | 1043 | PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort |
1044 | # says <Richard.M.Bartel@ccMail.Census.GOV> | 1044 | # says <Richard.M.Bartel@ccMail.Census.GOV> |
1045 | echo i586-unisys-sysv4 | 1045 | echo i586-unisys-sysv4 |
1046 | exit 0 ;; | 1046 | exit 0 ;; |
1047 | *:UNIX_System_V:4*:FTX*) | 1047 | *:UNIX_System_V:4*:FTX*) |
1048 | # From Gerald Hewes <hewes@openmarket.com>. | 1048 | # From Gerald Hewes <hewes@openmarket.com>. |
1049 | # How about differentiating between stratus architectures? -djm | 1049 | # How about differentiating between stratus architectures? -djm |
@@ -1065,11 +1065,11 @@ EOF | |||
1065 | exit 0 ;; | 1065 | exit 0 ;; |
1066 | R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) | 1066 | R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) |
1067 | if [ -d /usr/nec ]; then | 1067 | if [ -d /usr/nec ]; then |
1068 | echo mips-nec-sysv${UNAME_RELEASE} | 1068 | echo mips-nec-sysv${UNAME_RELEASE} |
1069 | else | 1069 | else |
1070 | echo mips-unknown-sysv${UNAME_RELEASE} | 1070 | echo mips-unknown-sysv${UNAME_RELEASE} |
1071 | fi | 1071 | fi |
1072 | exit 0 ;; | 1072 | exit 0 ;; |
1073 | BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. | 1073 | BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. |
1074 | echo powerpc-be-beos | 1074 | echo powerpc-be-beos |
1075 | exit 0 ;; | 1075 | exit 0 ;; |
@@ -1179,11 +1179,11 @@ main () | |||
1179 | #include <sys/param.h> | 1179 | #include <sys/param.h> |
1180 | printf ("m68k-sony-newsos%s\n", | 1180 | printf ("m68k-sony-newsos%s\n", |
1181 | #ifdef NEWSOS4 | 1181 | #ifdef NEWSOS4 |
1182 | "4" | 1182 | "4" |
1183 | #else | 1183 | #else |
1184 | "" | 1184 | "" |
1185 | #endif | 1185 | #endif |
1186 | ); exit (0); | 1186 | ); exit (0); |
1187 | #endif | 1187 | #endif |
1188 | #endif | 1188 | #endif |
1189 | 1189 | ||
diff --git a/config.sub b/config.sub index a0b7bb9e8..75a74f78e 100755 --- a/config.sub +++ b/config.sub | |||
@@ -162,10 +162,10 @@ case $os in | |||
162 | os=-chorusos | 162 | os=-chorusos |
163 | basic_machine=$1 | 163 | basic_machine=$1 |
164 | ;; | 164 | ;; |
165 | -chorusrdb) | 165 | -chorusrdb) |
166 | os=-chorusrdb | 166 | os=-chorusrdb |
167 | basic_machine=$1 | 167 | basic_machine=$1 |
168 | ;; | 168 | ;; |
169 | -hiux*) | 169 | -hiux*) |
170 | os=-hiuxwe2 | 170 | os=-hiuxwe2 |
171 | ;; | 171 | ;; |
@@ -748,7 +748,7 @@ case $basic_machine in | |||
748 | pbb) | 748 | pbb) |
749 | basic_machine=m68k-tti | 749 | basic_machine=m68k-tti |
750 | ;; | 750 | ;; |
751 | pc532 | pc532-*) | 751 | pc532 | pc532-*) |
752 | basic_machine=ns32k-pc532 | 752 | basic_machine=ns32k-pc532 |
753 | ;; | 753 | ;; |
754 | pentium | p5 | k5 | k6 | nexgen | viac3) | 754 | pentium | p5 | k5 | k6 | nexgen | viac3) |
@@ -775,22 +775,22 @@ case $basic_machine in | |||
775 | power) basic_machine=power-ibm | 775 | power) basic_machine=power-ibm |
776 | ;; | 776 | ;; |
777 | ppc) basic_machine=powerpc-unknown | 777 | ppc) basic_machine=powerpc-unknown |
778 | ;; | 778 | ;; |
779 | ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` | 779 | ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` |
780 | ;; | 780 | ;; |
781 | ppcle | powerpclittle | ppc-le | powerpc-little) | 781 | ppcle | powerpclittle | ppc-le | powerpc-little) |
782 | basic_machine=powerpcle-unknown | 782 | basic_machine=powerpcle-unknown |
783 | ;; | 783 | ;; |
784 | ppcle-* | powerpclittle-*) | 784 | ppcle-* | powerpclittle-*) |
785 | basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` | 785 | basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` |
786 | ;; | 786 | ;; |
787 | ppc64) basic_machine=powerpc64-unknown | 787 | ppc64) basic_machine=powerpc64-unknown |
788 | ;; | 788 | ;; |
789 | ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` | 789 | ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` |
790 | ;; | 790 | ;; |
791 | ppc64le | powerpc64little | ppc64-le | powerpc64-little) | 791 | ppc64le | powerpc64little | ppc64-le | powerpc64-little) |
792 | basic_machine=powerpc64le-unknown | 792 | basic_machine=powerpc64le-unknown |
793 | ;; | 793 | ;; |
794 | ppc64le-* | powerpc64little-*) | 794 | ppc64le-* | powerpc64little-*) |
795 | basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` | 795 | basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` |
796 | ;; | 796 | ;; |
@@ -886,11 +886,11 @@ case $basic_machine in | |||
886 | sun386 | sun386i | roadrunner) | 886 | sun386 | sun386i | roadrunner) |
887 | basic_machine=i386-sun | 887 | basic_machine=i386-sun |
888 | ;; | 888 | ;; |
889 | sv1) | 889 | sv1) |
890 | basic_machine=sv1-cray | 890 | basic_machine=sv1-cray |
891 | os=-unicos | 891 | os=-unicos |
892 | ;; | 892 | ;; |
893 | sx*-nec) | 893 | sx*-nec) |
894 | basic_machine=sx6-nec | 894 | basic_machine=sx6-nec |
895 | os=-sysv | 895 | os=-sysv |
896 | ;; | 896 | ;; |
@@ -948,8 +948,8 @@ case $basic_machine in | |||
948 | os=-vms | 948 | os=-vms |
949 | ;; | 949 | ;; |
950 | vpp*|vx|vx-*) | 950 | vpp*|vx|vx-*) |
951 | basic_machine=f301-fujitsu | 951 | basic_machine=f301-fujitsu |
952 | ;; | 952 | ;; |
953 | vxworks960) | 953 | vxworks960) |
954 | basic_machine=i960-wrs | 954 | basic_machine=i960-wrs |
955 | os=-vxworks | 955 | os=-vxworks |
@@ -974,7 +974,7 @@ case $basic_machine in | |||
974 | basic_machine=i386-pc | 974 | basic_machine=i386-pc |
975 | os=-windows32-msvcrt | 975 | os=-windows32-msvcrt |
976 | ;; | 976 | ;; |
977 | xps | xps100) | 977 | xps | xps100) |
978 | basic_machine=xps100-honeywell | 978 | basic_machine=xps100-honeywell |
979 | ;; | 979 | ;; |
980 | ymp) | 980 | ymp) |
@@ -1029,7 +1029,7 @@ case $basic_machine in | |||
1029 | sparc | sparcv9 | sparcv9b) | 1029 | sparc | sparcv9 | sparcv9b) |
1030 | basic_machine=sparc-sun | 1030 | basic_machine=sparc-sun |
1031 | ;; | 1031 | ;; |
1032 | cydra) | 1032 | cydra) |
1033 | basic_machine=cydra-cydrome | 1033 | basic_machine=cydra-cydrome |
1034 | ;; | 1034 | ;; |
1035 | orion) | 1035 | orion) |
@@ -1074,8 +1074,8 @@ esac | |||
1074 | if [ x"$os" != x"" ] | 1074 | if [ x"$os" != x"" ] |
1075 | then | 1075 | then |
1076 | case $os in | 1076 | case $os in |
1077 | # First match some system type aliases | 1077 | # First match some system type aliases |
1078 | # that might get confused with valid system types. | 1078 | # that might get confused with valid system types. |
1079 | # -solaris* is a basic system type, with this one exception. | 1079 | # -solaris* is a basic system type, with this one exception. |
1080 | -solaris1 | -solaris1.*) | 1080 | -solaris1 | -solaris1.*) |
1081 | os=`echo $os | sed -e 's|solaris1|sunos4|'` | 1081 | os=`echo $os | sed -e 's|solaris1|sunos4|'` |
@@ -1179,7 +1179,7 @@ case $os in | |||
1179 | os=-rtmk-nova | 1179 | os=-rtmk-nova |
1180 | ;; | 1180 | ;; |
1181 | -ns2 ) | 1181 | -ns2 ) |
1182 | os=-nextstep2 | 1182 | os=-nextstep2 |
1183 | ;; | 1183 | ;; |
1184 | -nsk*) | 1184 | -nsk*) |
1185 | os=-nsk | 1185 | os=-nsk |
@@ -1218,8 +1218,8 @@ case $os in | |||
1218 | -xenix) | 1218 | -xenix) |
1219 | os=-xenix | 1219 | os=-xenix |
1220 | ;; | 1220 | ;; |
1221 | -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) | 1221 | -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) |
1222 | os=-mint | 1222 | os=-mint |
1223 | ;; | 1223 | ;; |
1224 | -none) | 1224 | -none) |
1225 | ;; | 1225 | ;; |
@@ -1256,7 +1256,7 @@ case $basic_machine in | |||
1256 | pdp10-*) | 1256 | pdp10-*) |
1257 | os=-tops20 | 1257 | os=-tops20 |
1258 | ;; | 1258 | ;; |
1259 | pdp11-*) | 1259 | pdp11-*) |
1260 | os=-none | 1260 | os=-none |
1261 | ;; | 1261 | ;; |
1262 | *-dec | vax-*) | 1262 | *-dec | vax-*) |
@@ -1349,19 +1349,19 @@ case $basic_machine in | |||
1349 | *-next) | 1349 | *-next) |
1350 | os=-nextstep3 | 1350 | os=-nextstep3 |
1351 | ;; | 1351 | ;; |
1352 | *-gould) | 1352 | *-gould) |
1353 | os=-sysv | 1353 | os=-sysv |
1354 | ;; | 1354 | ;; |
1355 | *-highlevel) | 1355 | *-highlevel) |
1356 | os=-bsd | 1356 | os=-bsd |
1357 | ;; | 1357 | ;; |
1358 | *-encore) | 1358 | *-encore) |
1359 | os=-bsd | 1359 | os=-bsd |
1360 | ;; | 1360 | ;; |
1361 | *-sgi) | 1361 | *-sgi) |
1362 | os=-irix | 1362 | os=-irix |
1363 | ;; | 1363 | ;; |
1364 | *-siemens) | 1364 | *-siemens) |
1365 | os=-sysv4 | 1365 | os=-sysv4 |
1366 | ;; | 1366 | ;; |
1367 | *-masscomp) | 1367 | *-masscomp) |
diff --git a/configure.ac b/configure.ac index 3d230a6e9..5f302f5e5 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.173 2003/10/15 06:57:57 dtucker Exp $ | 1 | # $Id: configure.ac,v 1.174 2003/11/21 12:48:55 djm Exp $ |
2 | 2 | ||
3 | AC_INIT | 3 | AC_INIT |
4 | AC_CONFIG_SRCDIR([ssh.c]) | 4 | AC_CONFIG_SRCDIR([ssh.c]) |
@@ -48,7 +48,7 @@ fi | |||
48 | AC_SUBST(LD) | 48 | AC_SUBST(LD) |
49 | 49 | ||
50 | AC_C_INLINE | 50 | AC_C_INLINE |
51 | if test "$GCC" = "yes" || test "$GCC" = "egcs"; then | 51 | if test "$GCC" = "yes" || test "$GCC" = "egcs"; then |
52 | CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized" | 52 | CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized" |
53 | fi | 53 | fi |
54 | 54 | ||
@@ -57,7 +57,7 @@ case "$host" in | |||
57 | *-*-aix*) | 57 | *-*-aix*) |
58 | CPPFLAGS="$CPPFLAGS -I/usr/local/include" | 58 | CPPFLAGS="$CPPFLAGS -I/usr/local/include" |
59 | LDFLAGS="$LDFLAGS -L/usr/local/lib" | 59 | LDFLAGS="$LDFLAGS -L/usr/local/lib" |
60 | AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) | 60 | AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) |
61 | if (test -z "$blibpath"); then | 61 | if (test -z "$blibpath"); then |
62 | blibpath="/usr/lib:/lib:/usr/local/lib" | 62 | blibpath="/usr/lib:/lib:/usr/local/lib" |
63 | fi | 63 | fi |
@@ -252,7 +252,7 @@ mips-sony-bsd|mips-sony-newsos4) | |||
252 | ;; | 252 | ;; |
253 | *-*-solaris*) | 253 | *-*-solaris*) |
254 | CPPFLAGS="$CPPFLAGS -I/usr/local/include" | 254 | CPPFLAGS="$CPPFLAGS -I/usr/local/include" |
255 | LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib" | 255 | LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib" |
256 | need_dash_r=1 | 256 | need_dash_r=1 |
257 | AC_DEFINE(PAM_SUN_CODEBASE) | 257 | AC_DEFINE(PAM_SUN_CODEBASE) |
258 | AC_DEFINE(LOGIN_NEEDS_UTMPX) | 258 | AC_DEFINE(LOGIN_NEEDS_UTMPX) |
@@ -581,10 +581,10 @@ AC_ARG_WITH(zlib, | |||
581 | AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])) | 581 | AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])) |
582 | 582 | ||
583 | dnl UnixWare 2.x | 583 | dnl UnixWare 2.x |
584 | AC_CHECK_FUNC(strcasecmp, | 584 | AC_CHECK_FUNC(strcasecmp, |
585 | [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] | 585 | [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] |
586 | ) | 586 | ) |
587 | AC_CHECK_FUNC(utimes, | 587 | AC_CHECK_FUNC(utimes, |
588 | [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) | 588 | [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) |
589 | LIBS="$LIBS -lc89"]) ] | 589 | LIBS="$LIBS -lc89"]) ] |
590 | ) | 590 | ) |
@@ -604,7 +604,7 @@ AC_EGREP_CPP(FOUNDIT, | |||
604 | #ifdef GLOB_ALTDIRFUNC | 604 | #ifdef GLOB_ALTDIRFUNC |
605 | FOUNDIT | 605 | FOUNDIT |
606 | #endif | 606 | #endif |
607 | ], | 607 | ], |
608 | [ | 608 | [ |
609 | AC_DEFINE(GLOB_HAS_ALTDIRFUNC) | 609 | AC_DEFINE(GLOB_HAS_ALTDIRFUNC) |
610 | AC_MSG_RESULT(yes) | 610 | AC_MSG_RESULT(yes) |
@@ -617,17 +617,17 @@ AC_EGREP_CPP(FOUNDIT, | |||
617 | # Check for g.gl_matchc glob() extension | 617 | # Check for g.gl_matchc glob() extension |
618 | AC_MSG_CHECKING(for gl_matchc field in glob_t) | 618 | AC_MSG_CHECKING(for gl_matchc field in glob_t) |
619 | AC_EGREP_CPP(FOUNDIT, | 619 | AC_EGREP_CPP(FOUNDIT, |
620 | [ | 620 | [ |
621 | #include <glob.h> | 621 | #include <glob.h> |
622 | int main(void){glob_t g; g.gl_matchc = 1;} | 622 | int main(void){glob_t g; g.gl_matchc = 1;} |
623 | ], | 623 | ], |
624 | [ | 624 | [ |
625 | AC_DEFINE(GLOB_HAS_GL_MATCHC) | 625 | AC_DEFINE(GLOB_HAS_GL_MATCHC) |
626 | AC_MSG_RESULT(yes) | 626 | AC_MSG_RESULT(yes) |
627 | ], | 627 | ], |
628 | [ | 628 | [ |
629 | AC_MSG_RESULT(no) | 629 | AC_MSG_RESULT(no) |
630 | ] | 630 | ] |
631 | ) | 631 | ) |
632 | 632 | ||
633 | AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) | 633 | AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) |
@@ -637,7 +637,7 @@ AC_TRY_RUN( | |||
637 | #include <dirent.h> | 637 | #include <dirent.h> |
638 | int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} | 638 | int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} |
639 | ], | 639 | ], |
640 | [AC_MSG_RESULT(yes)], | 640 | [AC_MSG_RESULT(yes)], |
641 | [ | 641 | [ |
642 | AC_MSG_RESULT(no) | 642 | AC_MSG_RESULT(no) |
643 | AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) | 643 | AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) |
@@ -645,10 +645,10 @@ int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} | |||
645 | ) | 645 | ) |
646 | 646 | ||
647 | # Check whether user wants S/Key support | 647 | # Check whether user wants S/Key support |
648 | SKEY_MSG="no" | 648 | SKEY_MSG="no" |
649 | AC_ARG_WITH(skey, | 649 | AC_ARG_WITH(skey, |
650 | [ --with-skey[[=PATH]] Enable S/Key support | 650 | [ --with-skey[[=PATH]] Enable S/Key support |
651 | (optionally in PATH)], | 651 | (optionally in PATH)], |
652 | [ | 652 | [ |
653 | if test "x$withval" != "xno" ; then | 653 | if test "x$withval" != "xno" ; then |
654 | 654 | ||
@@ -659,7 +659,7 @@ AC_ARG_WITH(skey, | |||
659 | 659 | ||
660 | AC_DEFINE(SKEY) | 660 | AC_DEFINE(SKEY) |
661 | LIBS="-lskey $LIBS" | 661 | LIBS="-lskey $LIBS" |
662 | SKEY_MSG="yes" | 662 | SKEY_MSG="yes" |
663 | 663 | ||
664 | AC_MSG_CHECKING([for s/key support]) | 664 | AC_MSG_CHECKING([for s/key support]) |
665 | AC_TRY_RUN( | 665 | AC_TRY_RUN( |
@@ -681,7 +681,7 @@ int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } | |||
681 | TCPW_MSG="no" | 681 | TCPW_MSG="no" |
682 | AC_ARG_WITH(tcp-wrappers, | 682 | AC_ARG_WITH(tcp-wrappers, |
683 | [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support | 683 | [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support |
684 | (optionally in PATH)], | 684 | (optionally in PATH)], |
685 | [ | 685 | [ |
686 | if test "x$withval" != "xno" ; then | 686 | if test "x$withval" != "xno" ; then |
687 | saved_LIBS="$LIBS" | 687 | saved_LIBS="$LIBS" |
@@ -771,7 +771,7 @@ AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) | |||
771 | dnl tcsendbreak might be a macro | 771 | dnl tcsendbreak might be a macro |
772 | AC_CHECK_DECL(tcsendbreak, | 772 | AC_CHECK_DECL(tcsendbreak, |
773 | [AC_DEFINE(HAVE_TCSENDBREAK)], | 773 | [AC_DEFINE(HAVE_TCSENDBREAK)], |
774 | [AC_CHECK_FUNCS(tcsendbreak)], | 774 | [AC_CHECK_FUNCS(tcsendbreak)], |
775 | [#include <termios.h>] | 775 | [#include <termios.h>] |
776 | ) | 776 | ) |
777 | 777 | ||
@@ -784,12 +784,12 @@ dnl Checks for utmpx functions | |||
784 | AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) | 784 | AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) |
785 | AC_CHECK_FUNCS(setutxent utmpxname) | 785 | AC_CHECK_FUNCS(setutxent utmpxname) |
786 | 786 | ||
787 | AC_CHECK_FUNC(daemon, | 787 | AC_CHECK_FUNC(daemon, |
788 | [AC_DEFINE(HAVE_DAEMON)], | 788 | [AC_DEFINE(HAVE_DAEMON)], |
789 | [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] | 789 | [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] |
790 | ) | 790 | ) |
791 | 791 | ||
792 | AC_CHECK_FUNC(getpagesize, | 792 | AC_CHECK_FUNC(getpagesize, |
793 | [AC_DEFINE(HAVE_GETPAGESIZE)], | 793 | [AC_DEFINE(HAVE_GETPAGESIZE)], |
794 | [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] | 794 | [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] |
795 | ) | 795 | ) |
@@ -802,7 +802,7 @@ if test "x$ac_cv_func_snprintf" = "xyes" ; then | |||
802 | #include <stdio.h> | 802 | #include <stdio.h> |
803 | int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} | 803 | int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} |
804 | ], | 804 | ], |
805 | [AC_MSG_RESULT(yes)], | 805 | [AC_MSG_RESULT(yes)], |
806 | [ | 806 | [ |
807 | AC_MSG_RESULT(no) | 807 | AC_MSG_RESULT(no) |
808 | AC_DEFINE(BROKEN_SNPRINTF) | 808 | AC_DEFINE(BROKEN_SNPRINTF) |
@@ -826,14 +826,14 @@ unlink(template); exit(0); | |||
826 | [ | 826 | [ |
827 | AC_MSG_RESULT(no) | 827 | AC_MSG_RESULT(no) |
828 | ], | 828 | ], |
829 | [ | 829 | [ |
830 | AC_MSG_RESULT(yes) | 830 | AC_MSG_RESULT(yes) |
831 | AC_DEFINE(HAVE_STRICT_MKSTEMP) | 831 | AC_DEFINE(HAVE_STRICT_MKSTEMP) |
832 | ], | 832 | ], |
833 | [ | 833 | [ |
834 | AC_MSG_RESULT(yes) | 834 | AC_MSG_RESULT(yes) |
835 | AC_DEFINE(HAVE_STRICT_MKSTEMP) | 835 | AC_DEFINE(HAVE_STRICT_MKSTEMP) |
836 | ] | 836 | ] |
837 | ) | 837 | ) |
838 | fi | 838 | fi |
839 | 839 | ||
@@ -858,7 +858,7 @@ main() | |||
858 | exit(1); | 858 | exit(1); |
859 | } else if (pid > 0) { /* parent */ | 859 | } else if (pid > 0) { /* parent */ |
860 | waitpid(pid, &status, 0); | 860 | waitpid(pid, &status, 0); |
861 | if (WIFEXITED(status)) | 861 | if (WIFEXITED(status)) |
862 | exit(WEXITSTATUS(status)); | 862 | exit(WEXITSTATUS(status)); |
863 | else | 863 | else |
864 | exit(2); | 864 | exit(2); |
@@ -922,8 +922,8 @@ if test "x$PAM_MSG" = "xyes" ; then | |||
922 | [ | 922 | [ |
923 | #include <stdlib.h> | 923 | #include <stdlib.h> |
924 | #include <security/pam_appl.h> | 924 | #include <security/pam_appl.h> |
925 | ], | 925 | ], |
926 | [(void)pam_strerror((pam_handle_t *)NULL, -1);], | 926 | [(void)pam_strerror((pam_handle_t *)NULL, -1);], |
927 | [AC_MSG_RESULT(no)], | 927 | [AC_MSG_RESULT(no)], |
928 | [ | 928 | [ |
929 | AC_DEFINE(HAVE_OLD_PAM) | 929 | AC_DEFINE(HAVE_OLD_PAM) |
@@ -994,12 +994,12 @@ AC_TRY_RUN( | |||
994 | #include <openssl/opensslv.h> | 994 | #include <openssl/opensslv.h> |
995 | #define DATA "conftest.sslincver" | 995 | #define DATA "conftest.sslincver" |
996 | int main(void) { | 996 | int main(void) { |
997 | FILE *fd; | 997 | FILE *fd; |
998 | int rc; | 998 | int rc; |
999 | 999 | ||
1000 | fd = fopen(DATA,"w"); | 1000 | fd = fopen(DATA,"w"); |
1001 | if(fd == NULL) | 1001 | if(fd == NULL) |
1002 | exit(1); | 1002 | exit(1); |
1003 | 1003 | ||
1004 | if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) | 1004 | if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) |
1005 | exit(1); | 1005 | exit(1); |
@@ -1027,12 +1027,12 @@ AC_TRY_RUN( | |||
1027 | #include <openssl/crypto.h> | 1027 | #include <openssl/crypto.h> |
1028 | #define DATA "conftest.ssllibver" | 1028 | #define DATA "conftest.ssllibver" |
1029 | int main(void) { | 1029 | int main(void) { |
1030 | FILE *fd; | 1030 | FILE *fd; |
1031 | int rc; | 1031 | int rc; |
1032 | 1032 | ||
1033 | fd = fopen(DATA,"w"); | 1033 | fd = fopen(DATA,"w"); |
1034 | if(fd == NULL) | 1034 | if(fd == NULL) |
1035 | exit(1); | 1035 | exit(1); |
1036 | 1036 | ||
1037 | if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) | 1037 | if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) |
1038 | exit(1); | 1038 | exit(1); |
@@ -1069,7 +1069,7 @@ Also see contrib/findssl.sh for help identifying header/library mismatches.]) | |||
1069 | ] | 1069 | ] |
1070 | ) | 1070 | ) |
1071 | 1071 | ||
1072 | # Some Linux systems (Slackware) need crypt() from libcrypt, *not* the | 1072 | # Some Linux systems (Slackware) need crypt() from libcrypt, *not* the |
1073 | # version in OpenSSL. Skip this for PAM | 1073 | # version in OpenSSL. Skip this for PAM |
1074 | if test "x$check_for_libcrypt_later" = "x1"; then | 1074 | if test "x$check_for_libcrypt_later" = "x1"; then |
1075 | AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") | 1075 | AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") |
@@ -1104,7 +1104,7 @@ AC_ARG_WITH(rand-helper, | |||
1104 | [ --with-rand-helper Use subprocess to gather strong randomness ], | 1104 | [ --with-rand-helper Use subprocess to gather strong randomness ], |
1105 | [ | 1105 | [ |
1106 | if test "x$withval" = "xno" ; then | 1106 | if test "x$withval" = "xno" ; then |
1107 | # Force use of OpenSSL's internal RNG, even if | 1107 | # Force use of OpenSSL's internal RNG, even if |
1108 | # the previous test showed it to be unseeded. | 1108 | # the previous test showed it to be unseeded. |
1109 | if test -z "$OPENSSL_SEEDS_ITSELF" ; then | 1109 | if test -z "$OPENSSL_SEEDS_ITSELF" ; then |
1110 | AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) | 1110 | AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) |
@@ -1241,7 +1241,7 @@ test -d /sbin && PATH=$PATH:/sbin | |||
1241 | test -d /usr/sbin && PATH=$PATH:/usr/sbin | 1241 | test -d /usr/sbin && PATH=$PATH:/usr/sbin |
1242 | PATH=$PATH:/etc:$OPATH | 1242 | PATH=$PATH:/etc:$OPATH |
1243 | 1243 | ||
1244 | # These programs are used by the command hashing source to gather entropy | 1244 | # These programs are used by the command hashing source to gather entropy |
1245 | OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) | 1245 | OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) |
1246 | OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) | 1246 | OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) |
1247 | OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) | 1247 | OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) |
@@ -1297,8 +1297,8 @@ fi | |||
1297 | # More checks for data types | 1297 | # More checks for data types |
1298 | AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ | 1298 | AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ |
1299 | AC_TRY_COMPILE( | 1299 | AC_TRY_COMPILE( |
1300 | [ #include <sys/types.h> ], | 1300 | [ #include <sys/types.h> ], |
1301 | [ u_int a; a = 1;], | 1301 | [ u_int a; a = 1;], |
1302 | [ ac_cv_have_u_int="yes" ], | 1302 | [ ac_cv_have_u_int="yes" ], |
1303 | [ ac_cv_have_u_int="no" ] | 1303 | [ ac_cv_have_u_int="no" ] |
1304 | ) | 1304 | ) |
@@ -1310,8 +1310,8 @@ fi | |||
1310 | 1310 | ||
1311 | AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ | 1311 | AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ |
1312 | AC_TRY_COMPILE( | 1312 | AC_TRY_COMPILE( |
1313 | [ #include <sys/types.h> ], | 1313 | [ #include <sys/types.h> ], |
1314 | [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], | 1314 | [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], |
1315 | [ ac_cv_have_intxx_t="yes" ], | 1315 | [ ac_cv_have_intxx_t="yes" ], |
1316 | [ ac_cv_have_intxx_t="no" ] | 1316 | [ ac_cv_have_intxx_t="no" ] |
1317 | ) | 1317 | ) |
@@ -1322,12 +1322,12 @@ if test "x$ac_cv_have_intxx_t" = "xyes" ; then | |||
1322 | fi | 1322 | fi |
1323 | 1323 | ||
1324 | if (test -z "$have_intxx_t" && \ | 1324 | if (test -z "$have_intxx_t" && \ |
1325 | test "x$ac_cv_header_stdint_h" = "xyes") | 1325 | test "x$ac_cv_header_stdint_h" = "xyes") |
1326 | then | 1326 | then |
1327 | AC_MSG_CHECKING([for intXX_t types in stdint.h]) | 1327 | AC_MSG_CHECKING([for intXX_t types in stdint.h]) |
1328 | AC_TRY_COMPILE( | 1328 | AC_TRY_COMPILE( |
1329 | [ #include <stdint.h> ], | 1329 | [ #include <stdint.h> ], |
1330 | [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], | 1330 | [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], |
1331 | [ | 1331 | [ |
1332 | AC_DEFINE(HAVE_INTXX_T) | 1332 | AC_DEFINE(HAVE_INTXX_T) |
1333 | AC_MSG_RESULT(yes) | 1333 | AC_MSG_RESULT(yes) |
@@ -1347,8 +1347,8 @@ AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ | |||
1347 | #ifdef HAVE_SYS_BITYPES_H | 1347 | #ifdef HAVE_SYS_BITYPES_H |
1348 | # include <sys/bitypes.h> | 1348 | # include <sys/bitypes.h> |
1349 | #endif | 1349 | #endif |
1350 | ], | 1350 | ], |
1351 | [ int64_t a; a = 1;], | 1351 | [ int64_t a; a = 1;], |
1352 | [ ac_cv_have_int64_t="yes" ], | 1352 | [ ac_cv_have_int64_t="yes" ], |
1353 | [ ac_cv_have_int64_t="no" ] | 1353 | [ ac_cv_have_int64_t="no" ] |
1354 | ) | 1354 | ) |
@@ -1359,8 +1359,8 @@ fi | |||
1359 | 1359 | ||
1360 | AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ | 1360 | AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ |
1361 | AC_TRY_COMPILE( | 1361 | AC_TRY_COMPILE( |
1362 | [ #include <sys/types.h> ], | 1362 | [ #include <sys/types.h> ], |
1363 | [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], | 1363 | [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], |
1364 | [ ac_cv_have_u_intxx_t="yes" ], | 1364 | [ ac_cv_have_u_intxx_t="yes" ], |
1365 | [ ac_cv_have_u_intxx_t="no" ] | 1365 | [ ac_cv_have_u_intxx_t="no" ] |
1366 | ) | 1366 | ) |
@@ -1373,8 +1373,8 @@ fi | |||
1373 | if test -z "$have_u_intxx_t" ; then | 1373 | if test -z "$have_u_intxx_t" ; then |
1374 | AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) | 1374 | AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) |
1375 | AC_TRY_COMPILE( | 1375 | AC_TRY_COMPILE( |
1376 | [ #include <sys/socket.h> ], | 1376 | [ #include <sys/socket.h> ], |
1377 | [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], | 1377 | [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], |
1378 | [ | 1378 | [ |
1379 | AC_DEFINE(HAVE_U_INTXX_T) | 1379 | AC_DEFINE(HAVE_U_INTXX_T) |
1380 | AC_MSG_RESULT(yes) | 1380 | AC_MSG_RESULT(yes) |
@@ -1385,8 +1385,8 @@ fi | |||
1385 | 1385 | ||
1386 | AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ | 1386 | AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ |
1387 | AC_TRY_COMPILE( | 1387 | AC_TRY_COMPILE( |
1388 | [ #include <sys/types.h> ], | 1388 | [ #include <sys/types.h> ], |
1389 | [ u_int64_t a; a = 1;], | 1389 | [ u_int64_t a; a = 1;], |
1390 | [ ac_cv_have_u_int64_t="yes" ], | 1390 | [ ac_cv_have_u_int64_t="yes" ], |
1391 | [ ac_cv_have_u_int64_t="no" ] | 1391 | [ ac_cv_have_u_int64_t="no" ] |
1392 | ) | 1392 | ) |
@@ -1399,7 +1399,7 @@ fi | |||
1399 | if test -z "$have_u_int64_t" ; then | 1399 | if test -z "$have_u_int64_t" ; then |
1400 | AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) | 1400 | AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) |
1401 | AC_TRY_COMPILE( | 1401 | AC_TRY_COMPILE( |
1402 | [ #include <sys/bitypes.h> ], | 1402 | [ #include <sys/bitypes.h> ], |
1403 | [ u_int64_t a; a = 1], | 1403 | [ u_int64_t a; a = 1], |
1404 | [ | 1404 | [ |
1405 | AC_DEFINE(HAVE_U_INT64_T) | 1405 | AC_DEFINE(HAVE_U_INT64_T) |
@@ -1414,8 +1414,8 @@ if test -z "$have_u_intxx_t" ; then | |||
1414 | AC_TRY_COMPILE( | 1414 | AC_TRY_COMPILE( |
1415 | [ | 1415 | [ |
1416 | #include <sys/types.h> | 1416 | #include <sys/types.h> |
1417 | ], | 1417 | ], |
1418 | [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], | 1418 | [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], |
1419 | [ ac_cv_have_uintxx_t="yes" ], | 1419 | [ ac_cv_have_uintxx_t="yes" ], |
1420 | [ ac_cv_have_uintxx_t="no" ] | 1420 | [ ac_cv_have_uintxx_t="no" ] |
1421 | ) | 1421 | ) |
@@ -1428,8 +1428,8 @@ fi | |||
1428 | if test -z "$have_uintxx_t" ; then | 1428 | if test -z "$have_uintxx_t" ; then |
1429 | AC_MSG_CHECKING([for uintXX_t types in stdint.h]) | 1429 | AC_MSG_CHECKING([for uintXX_t types in stdint.h]) |
1430 | AC_TRY_COMPILE( | 1430 | AC_TRY_COMPILE( |
1431 | [ #include <stdint.h> ], | 1431 | [ #include <stdint.h> ], |
1432 | [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], | 1432 | [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], |
1433 | [ | 1433 | [ |
1434 | AC_DEFINE(HAVE_UINTXX_T) | 1434 | AC_DEFINE(HAVE_UINTXX_T) |
1435 | AC_MSG_RESULT(yes) | 1435 | AC_MSG_RESULT(yes) |
@@ -1439,25 +1439,25 @@ if test -z "$have_uintxx_t" ; then | |||
1439 | fi | 1439 | fi |
1440 | 1440 | ||
1441 | if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ | 1441 | if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ |
1442 | test "x$ac_cv_header_sys_bitypes_h" = "xyes") | 1442 | test "x$ac_cv_header_sys_bitypes_h" = "xyes") |
1443 | then | 1443 | then |
1444 | AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) | 1444 | AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) |
1445 | AC_TRY_COMPILE( | 1445 | AC_TRY_COMPILE( |
1446 | [ | 1446 | [ |
1447 | #include <sys/bitypes.h> | 1447 | #include <sys/bitypes.h> |
1448 | ], | 1448 | ], |
1449 | [ | 1449 | [ |
1450 | int8_t a; int16_t b; int32_t c; | 1450 | int8_t a; int16_t b; int32_t c; |
1451 | u_int8_t e; u_int16_t f; u_int32_t g; | 1451 | u_int8_t e; u_int16_t f; u_int32_t g; |
1452 | a = b = c = e = f = g = 1; | 1452 | a = b = c = e = f = g = 1; |
1453 | ], | 1453 | ], |
1454 | [ | 1454 | [ |
1455 | AC_DEFINE(HAVE_U_INTXX_T) | 1455 | AC_DEFINE(HAVE_U_INTXX_T) |
1456 | AC_DEFINE(HAVE_INTXX_T) | 1456 | AC_DEFINE(HAVE_INTXX_T) |
1457 | AC_MSG_RESULT(yes) | 1457 | AC_MSG_RESULT(yes) |
1458 | ], | 1458 | ], |
1459 | [AC_MSG_RESULT(no)] | 1459 | [AC_MSG_RESULT(no)] |
1460 | ) | 1460 | ) |
1461 | fi | 1461 | fi |
1462 | 1462 | ||
1463 | 1463 | ||
@@ -1638,8 +1638,8 @@ fi | |||
1638 | 1638 | ||
1639 | AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ | 1639 | AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ |
1640 | AC_TRY_COMPILE( | 1640 | AC_TRY_COMPILE( |
1641 | [ #include <sys/time.h> ], | 1641 | [ #include <sys/time.h> ], |
1642 | [ struct timeval tv; tv.tv_sec = 1;], | 1642 | [ struct timeval tv; tv.tv_sec = 1;], |
1643 | [ ac_cv_have_struct_timeval="yes" ], | 1643 | [ ac_cv_have_struct_timeval="yes" ], |
1644 | [ ac_cv_have_struct_timeval="no" ] | 1644 | [ ac_cv_have_struct_timeval="no" ] |
1645 | ) | 1645 | ) |
@@ -1679,7 +1679,7 @@ main() | |||
1679 | strcpy(expected_out, "9223372036854775807"); | 1679 | strcpy(expected_out, "9223372036854775807"); |
1680 | snprintf(buf, mazsize, "%lld", num); | 1680 | snprintf(buf, mazsize, "%lld", num); |
1681 | if(strcmp(buf, expected_out) != 0) | 1681 | if(strcmp(buf, expected_out) != 0) |
1682 | exit(1); | 1682 | exit(1); |
1683 | exit(0); | 1683 | exit(0); |
1684 | } | 1684 | } |
1685 | #else | 1685 | #else |
@@ -1837,8 +1837,8 @@ if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then | |||
1837 | fi | 1837 | fi |
1838 | 1838 | ||
1839 | AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ | 1839 | AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ |
1840 | AC_TRY_LINK([], | 1840 | AC_TRY_LINK([], |
1841 | [ extern char *__progname; printf("%s", __progname); ], | 1841 | [ extern char *__progname; printf("%s", __progname); ], |
1842 | [ ac_cv_libc_defines___progname="yes" ], | 1842 | [ ac_cv_libc_defines___progname="yes" ], |
1843 | [ ac_cv_libc_defines___progname="no" ] | 1843 | [ ac_cv_libc_defines___progname="no" ] |
1844 | ) | 1844 | ) |
@@ -1850,8 +1850,8 @@ fi | |||
1850 | AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ | 1850 | AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ |
1851 | AC_TRY_LINK([ | 1851 | AC_TRY_LINK([ |
1852 | #include <stdio.h> | 1852 | #include <stdio.h> |
1853 | ], | 1853 | ], |
1854 | [ printf("%s", __FUNCTION__); ], | 1854 | [ printf("%s", __FUNCTION__); ], |
1855 | [ ac_cv_cc_implements___FUNCTION__="yes" ], | 1855 | [ ac_cv_cc_implements___FUNCTION__="yes" ], |
1856 | [ ac_cv_cc_implements___FUNCTION__="no" ] | 1856 | [ ac_cv_cc_implements___FUNCTION__="no" ] |
1857 | ) | 1857 | ) |
@@ -1863,8 +1863,8 @@ fi | |||
1863 | AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ | 1863 | AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ |
1864 | AC_TRY_LINK([ | 1864 | AC_TRY_LINK([ |
1865 | #include <stdio.h> | 1865 | #include <stdio.h> |
1866 | ], | 1866 | ], |
1867 | [ printf("%s", __func__); ], | 1867 | [ printf("%s", __func__); ], |
1868 | [ ac_cv_cc_implements___func__="yes" ], | 1868 | [ ac_cv_cc_implements___func__="yes" ], |
1869 | [ ac_cv_cc_implements___func__="no" ] | 1869 | [ ac_cv_cc_implements___func__="no" ] |
1870 | ) | 1870 | ) |
@@ -1889,8 +1889,8 @@ if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then | |||
1889 | fi | 1889 | fi |
1890 | 1890 | ||
1891 | AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ | 1891 | AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ |
1892 | AC_TRY_LINK([], | 1892 | AC_TRY_LINK([], |
1893 | [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], | 1893 | [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], |
1894 | [ ac_cv_libc_defines_sys_errlist="yes" ], | 1894 | [ ac_cv_libc_defines_sys_errlist="yes" ], |
1895 | [ ac_cv_libc_defines_sys_errlist="no" ] | 1895 | [ ac_cv_libc_defines_sys_errlist="no" ] |
1896 | ) | 1896 | ) |
@@ -1901,8 +1901,8 @@ fi | |||
1901 | 1901 | ||
1902 | 1902 | ||
1903 | AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ | 1903 | AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ |
1904 | AC_TRY_LINK([], | 1904 | AC_TRY_LINK([], |
1905 | [ extern int sys_nerr; printf("%i", sys_nerr);], | 1905 | [ extern int sys_nerr; printf("%i", sys_nerr);], |
1906 | [ ac_cv_libc_defines_sys_nerr="yes" ], | 1906 | [ ac_cv_libc_defines_sys_nerr="yes" ], |
1907 | [ ac_cv_libc_defines_sys_nerr="no" ] | 1907 | [ ac_cv_libc_defines_sys_nerr="no" ] |
1908 | ) | 1908 | ) |
@@ -1911,7 +1911,7 @@ if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then | |||
1911 | AC_DEFINE(HAVE_SYS_NERR) | 1911 | AC_DEFINE(HAVE_SYS_NERR) |
1912 | fi | 1912 | fi |
1913 | 1913 | ||
1914 | SCARD_MSG="no" | 1914 | SCARD_MSG="no" |
1915 | # Check whether user wants sectok support | 1915 | # Check whether user wants sectok support |
1916 | AC_ARG_WITH(sectok, | 1916 | AC_ARG_WITH(sectok, |
1917 | [ --with-sectok Enable smartcard support using libsectok], | 1917 | [ --with-sectok Enable smartcard support using libsectok], |
@@ -1937,7 +1937,7 @@ AC_ARG_WITH(sectok, | |||
1937 | fi | 1937 | fi |
1938 | AC_DEFINE(SMARTCARD) | 1938 | AC_DEFINE(SMARTCARD) |
1939 | AC_DEFINE(USE_SECTOK) | 1939 | AC_DEFINE(USE_SECTOK) |
1940 | SCARD_MSG="yes, using sectok" | 1940 | SCARD_MSG="yes, using sectok" |
1941 | fi | 1941 | fi |
1942 | ] | 1942 | ] |
1943 | ) | 1943 | ) |
@@ -1957,12 +1957,12 @@ if test x$opensc_config_prefix != x ; then | |||
1957 | LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" | 1957 | LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" |
1958 | AC_DEFINE(SMARTCARD) | 1958 | AC_DEFINE(SMARTCARD) |
1959 | AC_DEFINE(USE_OPENSC) | 1959 | AC_DEFINE(USE_OPENSC) |
1960 | SCARD_MSG="yes, using OpenSC" | 1960 | SCARD_MSG="yes, using OpenSC" |
1961 | fi | 1961 | fi |
1962 | fi | 1962 | fi |
1963 | 1963 | ||
1964 | # Check libraries needed by DNS fingerprint support | 1964 | # Check libraries needed by DNS fingerprint support |
1965 | AC_SEARCH_LIBS(getrrsetbyname, resolv, | 1965 | AC_SEARCH_LIBS(getrrsetbyname, resolv, |
1966 | [AC_DEFINE(HAVE_GETRRSETBYNAME)], | 1966 | [AC_DEFINE(HAVE_GETRRSETBYNAME)], |
1967 | [ | 1967 | [ |
1968 | # Needed by our getrrsetbyname() | 1968 | # Needed by our getrrsetbyname() |
@@ -1975,37 +1975,37 @@ AC_SEARCH_LIBS(getrrsetbyname, resolv, | |||
1975 | ]) | 1975 | ]) |
1976 | 1976 | ||
1977 | # Check whether user wants Kerberos 5 support | 1977 | # Check whether user wants Kerberos 5 support |
1978 | KRB5_MSG="no" | 1978 | KRB5_MSG="no" |
1979 | AC_ARG_WITH(kerberos5, | 1979 | AC_ARG_WITH(kerberos5, |
1980 | [ --with-kerberos5=PATH Enable Kerberos 5 support], | 1980 | [ --with-kerberos5=PATH Enable Kerberos 5 support], |
1981 | [ | 1981 | [ |
1982 | if test "x$withval" != "xno" ; then | 1982 | if test "x$withval" != "xno" ; then |
1983 | if test "x$withval" = "xyes" ; then | 1983 | if test "x$withval" = "xyes" ; then |
1984 | KRB5ROOT="/usr/local" | 1984 | KRB5ROOT="/usr/local" |
1985 | else | 1985 | else |
1986 | KRB5ROOT=${withval} | 1986 | KRB5ROOT=${withval} |
1987 | fi | 1987 | fi |
1988 | CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" | 1988 | CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" |
1989 | LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" | 1989 | LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" |
1990 | AC_DEFINE(KRB5) | 1990 | AC_DEFINE(KRB5) |
1991 | KRB5_MSG="yes" | 1991 | KRB5_MSG="yes" |
1992 | AC_MSG_CHECKING(whether we are using Heimdal) | 1992 | AC_MSG_CHECKING(whether we are using Heimdal) |
1993 | AC_TRY_COMPILE([ #include <krb5.h> ], | 1993 | AC_TRY_COMPILE([ #include <krb5.h> ], |
1994 | [ char *tmp = heimdal_version; ], | 1994 | [ char *tmp = heimdal_version; ], |
1995 | [ AC_MSG_RESULT(yes) | 1995 | [ AC_MSG_RESULT(yes) |
1996 | AC_DEFINE(HEIMDAL) | 1996 | AC_DEFINE(HEIMDAL) |
1997 | K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken" | 1997 | K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken" |
1998 | ], | 1998 | ], |
1999 | [ AC_MSG_RESULT(no) | 1999 | [ AC_MSG_RESULT(no) |
2000 | K5LIBS="-lkrb5 -lk5crypto -lcom_err" | 2000 | K5LIBS="-lkrb5 -lk5crypto -lcom_err" |
2001 | ] | 2001 | ] |
2002 | ) | 2002 | ) |
2003 | if test ! -z "$need_dash_r" ; then | 2003 | if test ! -z "$need_dash_r" ; then |
2004 | LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" | 2004 | LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" |
2005 | fi | 2005 | fi |
2006 | if test ! -z "$blibpath" ; then | 2006 | if test ! -z "$blibpath" ; then |
2007 | blibpath="$blibpath:${KRB5ROOT}/lib" | 2007 | blibpath="$blibpath:${KRB5ROOT}/lib" |
2008 | fi | 2008 | fi |
2009 | AC_SEARCH_LIBS(dn_expand, resolv) | 2009 | AC_SEARCH_LIBS(dn_expand, resolv) |
2010 | 2010 | ||
2011 | AC_CHECK_LIB(gssapi,gss_init_sec_context, | 2011 | AC_CHECK_LIB(gssapi,gss_init_sec_context, |
@@ -2013,7 +2013,7 @@ AC_ARG_WITH(kerberos5, | |||
2013 | K5LIBS="-lgssapi $K5LIBS" ], | 2013 | K5LIBS="-lgssapi $K5LIBS" ], |
2014 | [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, | 2014 | [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, |
2015 | [ AC_DEFINE(GSSAPI) | 2015 | [ AC_DEFINE(GSSAPI) |
2016 | K5LIBS="-lgssapi_krb5 $K5LIBS" ], | 2016 | K5LIBS="-lgssapi_krb5 $K5LIBS" ], |
2017 | AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), | 2017 | AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), |
2018 | $K5LIBS) | 2018 | $K5LIBS) |
2019 | ], | 2019 | ], |
@@ -2021,10 +2021,10 @@ AC_ARG_WITH(kerberos5, | |||
2021 | 2021 | ||
2022 | AC_CHECK_HEADER(gssapi.h, , | 2022 | AC_CHECK_HEADER(gssapi.h, , |
2023 | [ unset ac_cv_header_gssapi_h | 2023 | [ unset ac_cv_header_gssapi_h |
2024 | CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" | 2024 | CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" |
2025 | AC_CHECK_HEADERS(gssapi.h, , | 2025 | AC_CHECK_HEADERS(gssapi.h, , |
2026 | AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) | 2026 | AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) |
2027 | ) | 2027 | ) |
2028 | ] | 2028 | ] |
2029 | ) | 2029 | ) |
2030 | 2030 | ||
@@ -2033,9 +2033,9 @@ AC_ARG_WITH(kerberos5, | |||
2033 | AC_CHECK_HEADER(gssapi_krb5.h, , | 2033 | AC_CHECK_HEADER(gssapi_krb5.h, , |
2034 | [ CPPFLAGS="$oldCPP" ]) | 2034 | [ CPPFLAGS="$oldCPP" ]) |
2035 | 2035 | ||
2036 | KRB5=yes | 2036 | KRB5=yes |
2037 | fi | 2037 | fi |
2038 | ] | 2038 | ] |
2039 | ) | 2039 | ) |
2040 | LIBS="$LIBS $K5LIBS" | 2040 | LIBS="$LIBS $K5LIBS" |
2041 | 2041 | ||
@@ -2100,7 +2100,7 @@ fi | |||
2100 | 2100 | ||
2101 | if test -z "$no_dev_ptmx" ; then | 2101 | if test -z "$no_dev_ptmx" ; then |
2102 | if test "x$disable_ptmx_check" != "xyes" ; then | 2102 | if test "x$disable_ptmx_check" != "xyes" ; then |
2103 | AC_CHECK_FILE("/dev/ptmx", | 2103 | AC_CHECK_FILE("/dev/ptmx", |
2104 | [ | 2104 | [ |
2105 | AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) | 2105 | AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) |
2106 | have_dev_ptmx=1 | 2106 | have_dev_ptmx=1 |
@@ -2108,7 +2108,7 @@ if test -z "$no_dev_ptmx" ; then | |||
2108 | ) | 2108 | ) |
2109 | fi | 2109 | fi |
2110 | fi | 2110 | fi |
2111 | AC_CHECK_FILE("/dev/ptc", | 2111 | AC_CHECK_FILE("/dev/ptc", |
2112 | [ | 2112 | [ |
2113 | AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) | 2113 | AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) |
2114 | have_dev_ptc=1 | 2114 | have_dev_ptc=1 |
@@ -2149,13 +2149,13 @@ fi | |||
2149 | AC_SUBST(mansubdir) | 2149 | AC_SUBST(mansubdir) |
2150 | 2150 | ||
2151 | # Check whether to enable MD5 passwords | 2151 | # Check whether to enable MD5 passwords |
2152 | MD5_MSG="no" | 2152 | MD5_MSG="no" |
2153 | AC_ARG_WITH(md5-passwords, | 2153 | AC_ARG_WITH(md5-passwords, |
2154 | [ --with-md5-passwords Enable use of MD5 passwords], | 2154 | [ --with-md5-passwords Enable use of MD5 passwords], |
2155 | [ | 2155 | [ |
2156 | if test "x$withval" != "xno" ; then | 2156 | if test "x$withval" != "xno" ; then |
2157 | AC_DEFINE(HAVE_MD5_PASSWORDS) | 2157 | AC_DEFINE(HAVE_MD5_PASSWORDS) |
2158 | MD5_MSG="yes" | 2158 | MD5_MSG="yes" |
2159 | fi | 2159 | fi |
2160 | ] | 2160 | ] |
2161 | ) | 2161 | ) |
@@ -2195,13 +2195,13 @@ if test ! -z "$IPADDR_IN_DISPLAY" ; then | |||
2195 | DISPLAY_HACK_MSG="yes" | 2195 | DISPLAY_HACK_MSG="yes" |
2196 | AC_DEFINE(IPADDR_IN_DISPLAY) | 2196 | AC_DEFINE(IPADDR_IN_DISPLAY) |
2197 | else | 2197 | else |
2198 | DISPLAY_HACK_MSG="no" | 2198 | DISPLAY_HACK_MSG="no" |
2199 | AC_ARG_WITH(ipaddr-display, | 2199 | AC_ARG_WITH(ipaddr-display, |
2200 | [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], | 2200 | [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], |
2201 | [ | 2201 | [ |
2202 | if test "x$withval" != "xno" ; then | 2202 | if test "x$withval" != "xno" ; then |
2203 | AC_DEFINE(IPADDR_IN_DISPLAY) | 2203 | AC_DEFINE(IPADDR_IN_DISPLAY) |
2204 | DISPLAY_HACK_MSG="yes" | 2204 | DISPLAY_HACK_MSG="yes" |
2205 | fi | 2205 | fi |
2206 | ] | 2206 | ] |
2207 | ) | 2207 | ) |
@@ -2225,7 +2225,7 @@ if test $ac_cv_func_login_getcapbool = "yes" -a \ | |||
2225 | fi | 2225 | fi |
2226 | 2226 | ||
2227 | # Whether to mess with the default path | 2227 | # Whether to mess with the default path |
2228 | SERVER_PATH_MSG="(default)" | 2228 | SERVER_PATH_MSG="(default)" |
2229 | AC_ARG_WITH(default-path, | 2229 | AC_ARG_WITH(default-path, |
2230 | [ --with-default-path= Specify default \$PATH environment for server], | 2230 | [ --with-default-path= Specify default \$PATH environment for server], |
2231 | [ | 2231 | [ |
@@ -2240,7 +2240,7 @@ Edit /etc/login.conf instead.]) | |||
2240 | $external_path_file .]) | 2240 | $external_path_file .]) |
2241 | fi | 2241 | fi |
2242 | user_path="$withval" | 2242 | user_path="$withval" |
2243 | SERVER_PATH_MSG="$withval" | 2243 | SERVER_PATH_MSG="$withval" |
2244 | fi | 2244 | fi |
2245 | ], | 2245 | ], |
2246 | [ if test "x$external_path_file" = "x/etc/login.conf" ; then | 2246 | [ if test "x$external_path_file" = "x/etc/login.conf" ; then |
@@ -2324,14 +2324,14 @@ AC_ARG_WITH(superuser-path, | |||
2324 | 2324 | ||
2325 | 2325 | ||
2326 | AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) | 2326 | AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) |
2327 | IPV4_IN6_HACK_MSG="no" | 2327 | IPV4_IN6_HACK_MSG="no" |
2328 | AC_ARG_WITH(4in6, | 2328 | AC_ARG_WITH(4in6, |
2329 | [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], | 2329 | [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], |
2330 | [ | 2330 | [ |
2331 | if test "x$withval" != "xno" ; then | 2331 | if test "x$withval" != "xno" ; then |
2332 | AC_MSG_RESULT(yes) | 2332 | AC_MSG_RESULT(yes) |
2333 | AC_DEFINE(IPV4_IN_IPV6) | 2333 | AC_DEFINE(IPV4_IN_IPV6) |
2334 | IPV4_IN6_HACK_MSG="yes" | 2334 | IPV4_IN6_HACK_MSG="yes" |
2335 | else | 2335 | else |
2336 | AC_MSG_RESULT(no) | 2336 | AC_MSG_RESULT(no) |
2337 | fi | 2337 | fi |
@@ -2339,7 +2339,7 @@ AC_ARG_WITH(4in6, | |||
2339 | if test "x$inet6_default_4in6" = "xyes"; then | 2339 | if test "x$inet6_default_4in6" = "xyes"; then |
2340 | AC_MSG_RESULT([yes (default)]) | 2340 | AC_MSG_RESULT([yes (default)]) |
2341 | AC_DEFINE(IPV4_IN_IPV6) | 2341 | AC_DEFINE(IPV4_IN_IPV6) |
2342 | IPV4_IN6_HACK_MSG="yes" | 2342 | IPV4_IN6_HACK_MSG="yes" |
2343 | else | 2343 | else |
2344 | AC_MSG_RESULT([no (default)]) | 2344 | AC_MSG_RESULT([no (default)]) |
2345 | fi | 2345 | fi |
@@ -2364,7 +2364,7 @@ piddir=/var/run | |||
2364 | if test ! -d $piddir ; then | 2364 | if test ! -d $piddir ; then |
2365 | piddir=`eval echo ${sysconfdir}` | 2365 | piddir=`eval echo ${sysconfdir}` |
2366 | case $piddir in | 2366 | case $piddir in |
2367 | NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; | 2367 | NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; |
2368 | esac | 2368 | esac |
2369 | fi | 2369 | fi |
2370 | 2370 | ||
@@ -2436,7 +2436,7 @@ AC_ARG_ENABLE(pututline, | |||
2436 | [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], | 2436 | [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], |
2437 | [ | 2437 | [ |
2438 | if test "x$enableval" = "xno" ; then | 2438 | if test "x$enableval" = "xno" ; then |
2439 | AC_DEFINE(DISABLE_PUTUTLINE) | 2439 | AC_DEFINE(DISABLE_PUTUTLINE) |
2440 | fi | 2440 | fi |
2441 | ] | 2441 | ] |
2442 | ) | 2442 | ) |
@@ -2719,7 +2719,7 @@ echo "" | |||
2719 | if test "x$PAM_MSG" = "xyes" ; then | 2719 | if test "x$PAM_MSG" = "xyes" ; then |
2720 | echo "PAM is enabled. You may need to install a PAM control file " | 2720 | echo "PAM is enabled. You may need to install a PAM control file " |
2721 | echo "for sshd, otherwise password authentication may fail. " | 2721 | echo "for sshd, otherwise password authentication may fail. " |
2722 | echo "Example PAM control files can be found in the contrib/ " | 2722 | echo "Example PAM control files can be found in the contrib/ " |
2723 | echo "subdirectory" | 2723 | echo "subdirectory" |
2724 | echo "" | 2724 | echo "" |
2725 | fi | 2725 | fi |
diff --git a/contrib/README b/contrib/README index 67dbbd277..9de3d961d 100644 --- a/contrib/README +++ b/contrib/README | |||
@@ -1,4 +1,4 @@ | |||
1 | Other patches and addons for OpenSSH. Please send submissions to | 1 | Other patches and addons for OpenSSH. Please send submissions to |
2 | djm@mindrot.org | 2 | djm@mindrot.org |
3 | 3 | ||
4 | Externally maintained | 4 | Externally maintained |
@@ -7,7 +7,7 @@ Externally maintained | |||
7 | SSH Proxy Command -- connect.c | 7 | SSH Proxy Command -- connect.c |
8 | 8 | ||
9 | Shun-ichi GOTO <gotoh@imasy.or.jp> has written a very useful ProxyCommand | 9 | Shun-ichi GOTO <gotoh@imasy.or.jp> has written a very useful ProxyCommand |
10 | which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or | 10 | which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or |
11 | https CONNECT style proxy server. His page for connect.c has extensive | 11 | https CONNECT style proxy server. His page for connect.c has extensive |
12 | documentation on its use as well as compiled versions for Win32. | 12 | documentation on its use as well as compiled versions for Win32. |
13 | 13 | ||
@@ -47,7 +47,7 @@ Dominik Brettnacher <domi@saargate.de> | |||
47 | mdoc2man.pl: | 47 | mdoc2man.pl: |
48 | 48 | ||
49 | Converts mdoc formated manpages into normal manpages. This can be used | 49 | Converts mdoc formated manpages into normal manpages. This can be used |
50 | on Solaris machines to provide manpages that are not preformated. | 50 | on Solaris machines to provide manpages that are not preformated. |
51 | Contributed by Mark D. Roth <roth@feep.net> | 51 | Contributed by Mark D. Roth <roth@feep.net> |
52 | 52 | ||
53 | redhat: | 53 | redhat: |
diff --git a/contrib/aix/buildbff.sh b/contrib/aix/buildbff.sh index 727ac446d..4a5c32b0e 100755 --- a/contrib/aix/buildbff.sh +++ b/contrib/aix/buildbff.sh | |||
@@ -1,12 +1,12 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # | 2 | # |
3 | # buildbff.sh: Create AIX SMIT-installable OpenSSH packages | 3 | # buildbff.sh: Create AIX SMIT-installable OpenSSH packages |
4 | # $Id: buildbff.sh,v 1.6 2003/08/25 05:01:04 dtucker Exp $ | 4 | # $Id: buildbff.sh,v 1.7 2003/11/21 12:48:56 djm Exp $ |
5 | # | 5 | # |
6 | # Author: Darren Tucker (dtucker at zip dot com dot au) | 6 | # Author: Darren Tucker (dtucker at zip dot com dot au) |
7 | # This file is placed in the public domain and comes with absolutely | 7 | # This file is placed in the public domain and comes with absolutely |
8 | # no warranty. | 8 | # no warranty. |
9 | # | 9 | # |
10 | # Based originally on Ben Lindstrom's buildpkg.sh for Solaris | 10 | # Based originally on Ben Lindstrom's buildpkg.sh for Solaris |
11 | # | 11 | # |
12 | 12 | ||
@@ -45,7 +45,7 @@ fi | |||
45 | if [ ! -f Makefile ] | 45 | if [ ! -f Makefile ] |
46 | then | 46 | then |
47 | echo "Makefile not found (did you run configure?)" | 47 | echo "Makefile not found (did you run configure?)" |
48 | exit 1 | 48 | exit 1 |
49 | fi | 49 | fi |
50 | 50 | ||
51 | # | 51 | # |
@@ -96,12 +96,12 @@ then | |||
96 | PRIVSEP_PATH=/var/empty | 96 | PRIVSEP_PATH=/var/empty |
97 | fi | 97 | fi |
98 | 98 | ||
99 | # Clean package build directory | 99 | # Clean package build directory |
100 | rm -rf $objdir/$PKGDIR | 100 | rm -rf $objdir/$PKGDIR |
101 | FAKE_ROOT=$objdir/$PKGDIR/root | 101 | FAKE_ROOT=$objdir/$PKGDIR/root |
102 | mkdir -p $FAKE_ROOT | 102 | mkdir -p $FAKE_ROOT |
103 | 103 | ||
104 | # Start by faking root install | 104 | # Start by faking root install |
105 | echo "Faking root install..." | 105 | echo "Faking root install..." |
106 | cd $objdir | 106 | cd $objdir |
107 | make install-nokeys DESTDIR=$FAKE_ROOT | 107 | make install-nokeys DESTDIR=$FAKE_ROOT |
@@ -136,15 +136,15 @@ echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)" | |||
136 | # | 136 | # |
137 | # Set ssh and sshd parameters as per config.local | 137 | # Set ssh and sshd parameters as per config.local |
138 | # | 138 | # |
139 | if [ "${PERMIT_ROOT_LOGIN}" = no ] | 139 | if [ "${PERMIT_ROOT_LOGIN}" = no ] |
140 | then | 140 | then |
141 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ | 141 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ |
142 | $FAKE_ROOT/${sysconfdir}/sshd_config | 142 | $FAKE_ROOT/${sysconfdir}/sshd_config |
143 | fi | 143 | fi |
144 | if [ "${X11_FORWARDING}" = yes ] | 144 | if [ "${X11_FORWARDING}" = yes ] |
145 | then | 145 | then |
146 | perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ | 146 | perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ |
147 | $FAKE_ROOT/${sysconfdir}/sshd_config | 147 | $FAKE_ROOT/${sysconfdir}/sshd_config |
148 | fi | 148 | fi |
149 | 149 | ||
150 | 150 | ||
@@ -190,13 +190,13 @@ cat <<EOF >>../openssh.post_i | |||
190 | echo Creating configs from defaults if necessary. | 190 | echo Creating configs from defaults if necessary. |
191 | for cfgfile in ssh_config sshd_config ssh_prng_cmds | 191 | for cfgfile in ssh_config sshd_config ssh_prng_cmds |
192 | do | 192 | do |
193 | if [ ! -f $sysconfdir/\$cfgfile ] | 193 | if [ ! -f $sysconfdir/\$cfgfile ] |
194 | then | 194 | then |
195 | echo "Creating \$cfgfile from default" | 195 | echo "Creating \$cfgfile from default" |
196 | cp $sysconfdir/\$cfgfile.default $sysconfdir/\$cfgfile | 196 | cp $sysconfdir/\$cfgfile.default $sysconfdir/\$cfgfile |
197 | else | 197 | else |
198 | echo "\$cfgfile already exists." | 198 | echo "\$cfgfile already exists." |
199 | fi | 199 | fi |
200 | done | 200 | done |
201 | echo | 201 | echo |
202 | 202 | ||
@@ -244,19 +244,19 @@ echo | |||
244 | # Generate keys unless they already exist | 244 | # Generate keys unless they already exist |
245 | echo Creating host keys if required. | 245 | echo Creating host keys if required. |
246 | if [ -f "$sysconfdir/ssh_host_key" ] ; then | 246 | if [ -f "$sysconfdir/ssh_host_key" ] ; then |
247 | echo "$sysconfdir/ssh_host_key already exists, skipping." | 247 | echo "$sysconfdir/ssh_host_key already exists, skipping." |
248 | else | 248 | else |
249 | $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N "" | 249 | $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N "" |
250 | fi | 250 | fi |
251 | if [ -f $sysconfdir/ssh_host_dsa_key ] ; then | 251 | if [ -f $sysconfdir/ssh_host_dsa_key ] ; then |
252 | echo "$sysconfdir/ssh_host_dsa_key already exists, skipping." | 252 | echo "$sysconfdir/ssh_host_dsa_key already exists, skipping." |
253 | else | 253 | else |
254 | $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N "" | 254 | $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N "" |
255 | fi | 255 | fi |
256 | if [ -f $sysconfdir/ssh_host_rsa_key ] ; then | 256 | if [ -f $sysconfdir/ssh_host_rsa_key ] ; then |
257 | echo "$sysconfdir/ssh_host_rsa_key already exists, skipping." | 257 | echo "$sysconfdir/ssh_host_rsa_key already exists, skipping." |
258 | else | 258 | else |
259 | $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" | 259 | $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" |
260 | fi | 260 | fi |
261 | echo | 261 | echo |
262 | 262 | ||
@@ -369,7 +369,7 @@ echo Creating $PKGNAME-$VERSION.bff with backup... | |||
369 | rm -f $PKGNAME-$VERSION.bff | 369 | rm -f $PKGNAME-$VERSION.bff |
370 | ( | 370 | ( |
371 | echo "./lpp_name" | 371 | echo "./lpp_name" |
372 | find . ! -name lpp_name -a ! -name . -print | 372 | find . ! -name lpp_name -a ! -name . -print |
373 | ) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist | 373 | ) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist |
374 | 374 | ||
375 | # | 375 | # |
diff --git a/contrib/aix/inventory.sh b/contrib/aix/inventory.sh index 4f408e678..e2641e79c 100755 --- a/contrib/aix/inventory.sh +++ b/contrib/aix/inventory.sh | |||
@@ -1,7 +1,7 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # | 2 | # |
3 | # inventory.sh | 3 | # inventory.sh |
4 | # $Id: inventory.sh,v 1.5 2003/08/26 03:43:13 dtucker Exp $ | 4 | # $Id: inventory.sh,v 1.6 2003/11/21 12:48:56 djm Exp $ |
5 | # | 5 | # |
6 | # Originally written by Ben Lindstrom, modified by Darren Tucker to use perl | 6 | # Originally written by Ben Lindstrom, modified by Darren Tucker to use perl |
7 | # This file is placed into the public domain. | 7 | # This file is placed into the public domain. |
@@ -59,5 +59,5 @@ find . ! -name . -print | perl -ne '{ | |||
59 | } elsif ( -d $_ ) { | 59 | } elsif ( -d $_ ) { |
60 | # Entry is Directory | 60 | # Entry is Directory |
61 | print "\ttype=DIRECTORY\n"; | 61 | print "\ttype=DIRECTORY\n"; |
62 | } | 62 | } |
63 | }' | 63 | }' |
diff --git a/contrib/caldera/ssh-host-keygen b/contrib/caldera/ssh-host-keygen index 28a97b9b4..3c5c17182 100755 --- a/contrib/caldera/ssh-host-keygen +++ b/contrib/caldera/ssh-host-keygen | |||
@@ -1,6 +1,6 @@ | |||
1 | #! /bin/sh | 1 | #! /bin/sh |
2 | # | 2 | # |
3 | # $Id: ssh-host-keygen,v 1.1 2001/04/27 05:50:50 tim Exp $ | 3 | # $Id: ssh-host-keygen,v 1.2 2003/11/21 12:48:57 djm Exp $ |
4 | # | 4 | # |
5 | # This script is normally run only *once* for a given host | 5 | # This script is normally run only *once* for a given host |
6 | # (in a given period of time) -- on updates/upgrades/recovery | 6 | # (in a given period of time) -- on updates/upgrades/recovery |
@@ -12,7 +12,7 @@ keydir=@sysconfdir@ | |||
12 | keygen=@sshkeygen@ | 12 | keygen=@sshkeygen@ |
13 | 13 | ||
14 | if [ -f $keydir/ssh_host_key -o \ | 14 | if [ -f $keydir/ssh_host_key -o \ |
15 | -f $keydir/ssh_host_key.pub ]; then | 15 | -f $keydir/ssh_host_key.pub ]; then |
16 | echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key." | 16 | echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key." |
17 | else | 17 | else |
18 | echo "Generating 1024 bit SSH1 RSA host key." | 18 | echo "Generating 1024 bit SSH1 RSA host key." |
@@ -20,7 +20,7 @@ else | |||
20 | fi | 20 | fi |
21 | 21 | ||
22 | if [ -f $keydir/ssh_host_rsa_key -o \ | 22 | if [ -f $keydir/ssh_host_rsa_key -o \ |
23 | -f $keydir/ssh_host_rsa_key.pub ]; then | 23 | -f $keydir/ssh_host_rsa_key.pub ]; then |
24 | echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key." | 24 | echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key." |
25 | else | 25 | else |
26 | echo "Generating 1024 bit SSH2 RSA host key." | 26 | echo "Generating 1024 bit SSH2 RSA host key." |
@@ -28,7 +28,7 @@ else | |||
28 | fi | 28 | fi |
29 | 29 | ||
30 | if [ -f $keydir/ssh_host_dsa_key -o \ | 30 | if [ -f $keydir/ssh_host_dsa_key -o \ |
31 | -f $keydir/ssh_host_dsa_key.pub ]; then | 31 | -f $keydir/ssh_host_dsa_key.pub ]; then |
32 | echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key." | 32 | echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key." |
33 | else | 33 | else |
34 | echo "Generating SSH2 DSA host key." | 34 | echo "Generating SSH2 DSA host key." |
diff --git a/contrib/caldera/sshd.init b/contrib/caldera/sshd.init index 90b36379a..983146f4f 100755 --- a/contrib/caldera/sshd.init +++ b/contrib/caldera/sshd.init | |||
@@ -1,6 +1,6 @@ | |||
1 | #! /bin/bash | 1 | #! /bin/bash |
2 | # | 2 | # |
3 | # $Id: sshd.init,v 1.3 2001/11/03 19:09:33 tim Exp $ | 3 | # $Id: sshd.init,v 1.4 2003/11/21 12:48:57 djm Exp $ |
4 | # | 4 | # |
5 | ### BEGIN INIT INFO | 5 | ### BEGIN INIT INFO |
6 | # Provides: | 6 | # Provides: |
@@ -64,11 +64,11 @@ case "$1" in | |||
64 | SVIemptyConfig @sysconfdir@/sshd_config && exit 6 | 64 | SVIemptyConfig @sysconfdir@/sshd_config && exit 6 |
65 | 65 | ||
66 | if [ ! \( -f @sysconfdir@/ssh_host_key -a \ | 66 | if [ ! \( -f @sysconfdir@/ssh_host_key -a \ |
67 | -f @sysconfdir@/ssh_host_key.pub \) -a \ | 67 | -f @sysconfdir@/ssh_host_key.pub \) -a \ |
68 | ! \( -f @sysconfdir@/ssh_host_rsa_key -a \ | 68 | ! \( -f @sysconfdir@/ssh_host_rsa_key -a \ |
69 | -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \ | 69 | -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \ |
70 | ! \( -f @sysconfdir@/ssh_host_dsa_key -a \ | 70 | ! \( -f @sysconfdir@/ssh_host_dsa_key -a \ |
71 | -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then | 71 | -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then |
72 | 72 | ||
73 | echo "$SVIsubsys: host key not initialized: skipped!" | 73 | echo "$SVIsubsys: host key not initialized: skipped!" |
74 | echo "$SVIsubsys: use ssh-host-keygen to generate one!" | 74 | echo "$SVIsubsys: use ssh-host-keygen to generate one!" |
diff --git a/contrib/cygwin/README b/contrib/cygwin/README index 1cc6ae65c..1ed934307 100644 --- a/contrib/cygwin/README +++ b/contrib/cygwin/README | |||
@@ -25,7 +25,7 @@ Important note for Windows 2003 Server users: | |||
25 | --------------------------------------------- | 25 | --------------------------------------------- |
26 | 26 | ||
27 | 2003 Server has a funny new feature. When starting services under SYSTEM | 27 | 2003 Server has a funny new feature. When starting services under SYSTEM |
28 | account, these services have nearly all user rights which SYSTEM holds... | 28 | account, these services have nearly all user rights which SYSTEM holds... |
29 | except for the "Create a token object" right, which is needed to allow | 29 | except for the "Create a token object" right, which is needed to allow |
30 | public key authentication :-( | 30 | public key authentication :-( |
31 | 31 | ||
@@ -103,7 +103,7 @@ features of the FAT/FAT32 filesystems. | |||
103 | 103 | ||
104 | If you are installing OpenSSH the first time, you can generate global config | 104 | If you are installing OpenSSH the first time, you can generate global config |
105 | files and server keys by running | 105 | files and server keys by running |
106 | 106 | ||
107 | /usr/bin/ssh-host-config | 107 | /usr/bin/ssh-host-config |
108 | 108 | ||
109 | Note that this binary archive doesn't contain default config files in /etc. | 109 | Note that this binary archive doesn't contain default config files in /etc. |
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 18793ca85..9c0dabf41 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config | |||
@@ -263,7 +263,7 @@ then | |||
263 | net user sshd >/dev/null 2>&1 && sshd_in_sam=yes | 263 | net user sshd >/dev/null 2>&1 && sshd_in_sam=yes |
264 | if [ "${sshd_in_passwd}" != "yes" ] | 264 | if [ "${sshd_in_passwd}" != "yes" ] |
265 | then | 265 | then |
266 | if [ "${sshd_in_sam}" != "yes" ] | 266 | if [ "${sshd_in_sam}" != "yes" ] |
267 | then | 267 | then |
268 | echo "Warning: The following function requires administrator privileges!" | 268 | echo "Warning: The following function requires administrator privileges!" |
269 | if request "Should this script create a local user 'sshd' on this machine?" | 269 | if request "Should this script create a local user 'sshd' on this machine?" |
@@ -339,13 +339,13 @@ if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -eq 0 ] | |||
339 | then | 339 | then |
340 | grep -v 'sshd[ \t][ \t]*22' "${_services}" > "${_serv_tmp}" | 340 | grep -v 'sshd[ \t][ \t]*22' "${_services}" > "${_serv_tmp}" |
341 | if [ -f "${_serv_tmp}" ] | 341 | if [ -f "${_serv_tmp}" ] |
342 | then | 342 | then |
343 | if mv "${_serv_tmp}" "${_services}" | 343 | if mv "${_serv_tmp}" "${_services}" |
344 | then | 344 | then |
345 | echo "Removing sshd from ${_wservices}" | 345 | echo "Removing sshd from ${_wservices}" |
346 | else | 346 | else |
347 | echo "Removing sshd from ${_wservices} failed!" | 347 | echo "Removing sshd from ${_wservices} failed!" |
348 | fi | 348 | fi |
349 | rm -f "${_serv_tmp}" | 349 | rm -f "${_serv_tmp}" |
350 | else | 350 | else |
351 | echo "Removing sshd from ${_wservices} failed!" | 351 | echo "Removing sshd from ${_wservices} failed!" |
@@ -388,9 +388,9 @@ then | |||
388 | then | 388 | then |
389 | if mv "${_inetcnf_tmp}" "${_inetcnf}" | 389 | if mv "${_inetcnf_tmp}" "${_inetcnf}" |
390 | then | 390 | then |
391 | echo "Removed sshd from ${_inetcnf}" | 391 | echo "Removed sshd from ${_inetcnf}" |
392 | else | 392 | else |
393 | echo "Removing sshd from ${_inetcnf} failed!" | 393 | echo "Removing sshd from ${_inetcnf} failed!" |
394 | fi | 394 | fi |
395 | rm -f "${_inetcnf_tmp}" | 395 | rm -f "${_inetcnf_tmp}" |
396 | else | 396 | else |
@@ -462,7 +462,7 @@ then | |||
462 | do | 462 | do |
463 | if [ -n "${password_value}" ] | 463 | if [ -n "${password_value}" ] |
464 | then | 464 | then |
465 | _password="${password_value}" | 465 | _password="${password_value}" |
466 | # Allow to ask for password if first try fails | 466 | # Allow to ask for password if first try fails |
467 | password_value="" | 467 | password_value="" |
468 | else | 468 | else |
@@ -541,7 +541,7 @@ then | |||
541 | fi | 541 | fi |
542 | if [ -n "${cygwin_value}" ] | 542 | if [ -n "${cygwin_value}" ] |
543 | then | 543 | then |
544 | _cygwin="${cygwin_value}" | 544 | _cygwin="${cygwin_value}" |
545 | else | 545 | else |
546 | echo | 546 | echo |
547 | echo "Which value should the environment variable CYGWIN have when" | 547 | echo "Which value should the environment variable CYGWIN have when" |
@@ -574,9 +574,9 @@ then | |||
574 | then | 574 | then |
575 | if [ $_nt2003 -gt 0 -a "${sshd_server_in_sam}" = "yes" ] | 575 | if [ $_nt2003 -gt 0 -a "${sshd_server_in_sam}" = "yes" ] |
576 | then | 576 | then |
577 | _user="sshd_server" | 577 | _user="sshd_server" |
578 | else | 578 | else |
579 | _user="system" | 579 | _user="system" |
580 | fi | 580 | fi |
581 | chown "${_user}" ${SYSCONFDIR}/ssh* | 581 | chown "${_user}" ${SYSCONFDIR}/ssh* |
582 | chown "${_user}".544 ${LOCALSTATEDIR}/empty | 582 | chown "${_user}".544 ${LOCALSTATEDIR}/empty |
diff --git a/contrib/findssl.sh b/contrib/findssl.sh index 87a4abce2..0c08d4a18 100644 --- a/contrib/findssl.sh +++ b/contrib/findssl.sh | |||
@@ -9,24 +9,24 @@ | |||
9 | # Written by Darren Tucker (dtucker at zip dot com dot au) | 9 | # Written by Darren Tucker (dtucker at zip dot com dot au) |
10 | # This file is placed in the public domain. | 10 | # This file is placed in the public domain. |
11 | # | 11 | # |
12 | # $Id: findssl.sh,v 1.1 2003/06/24 10:22:10 dtucker Exp $ | 12 | # $Id: findssl.sh,v 1.2 2003/11/21 12:48:56 djm Exp $ |
13 | # 2002-07-27: Initial release. | 13 | # 2002-07-27: Initial release. |
14 | # 2002-08-04: Added public domain notice. | 14 | # 2002-08-04: Added public domain notice. |
15 | # 2003-06-24: Incorporated readme, set library paths. First cvs version. | 15 | # 2003-06-24: Incorporated readme, set library paths. First cvs version. |
16 | # | 16 | # |
17 | # "OpenSSL headers do not match your library" are usually caused by | 17 | # "OpenSSL headers do not match your library" are usually caused by |
18 | # OpenSSH's configure picking up an older version of OpenSSL headers | 18 | # OpenSSH's configure picking up an older version of OpenSSL headers |
19 | # or libraries. You can use the following # procedure to help identify | 19 | # or libraries. You can use the following # procedure to help identify |
20 | # the cause. | 20 | # the cause. |
21 | # | 21 | # |
22 | # The output of configure will tell you the versions of the OpenSSL | 22 | # The output of configure will tell you the versions of the OpenSSL |
23 | # headers and libraries that were picked up, for example: | 23 | # headers and libraries that were picked up, for example: |
24 | # | 24 | # |
25 | # checking OpenSSL header version... 90604f (OpenSSL 0.9.6d 9 May 2002) | 25 | # checking OpenSSL header version... 90604f (OpenSSL 0.9.6d 9 May 2002) |
26 | # checking OpenSSL library version... 90602f (OpenSSL 0.9.6b [engine] 9 Jul 2001) | 26 | # checking OpenSSL library version... 90602f (OpenSSL 0.9.6b [engine] 9 Jul 2001) |
27 | # checking whether OpenSSL's headers match the library... no | 27 | # checking whether OpenSSL's headers match the library... no |
28 | # configure: error: Your OpenSSL headers do not match your library | 28 | # configure: error: Your OpenSSL headers do not match your library |
29 | # | 29 | # |
30 | # Now run findssl.sh. This should identify the headers and libraries | 30 | # Now run findssl.sh. This should identify the headers and libraries |
31 | # present and their versions. You should be able to identify the | 31 | # present and their versions. You should be able to identify the |
32 | # libraries and headers used and adjust your CFLAGS or remove incorrect | 32 | # libraries and headers used and adjust your CFLAGS or remove incorrect |
@@ -37,7 +37,7 @@ | |||
37 | # Searching for OpenSSL header files. | 37 | # Searching for OpenSSL header files. |
38 | # 0x0090604fL /usr/include/openssl/opensslv.h | 38 | # 0x0090604fL /usr/include/openssl/opensslv.h |
39 | # 0x0090604fL /usr/local/ssl/include/openssl/opensslv.h | 39 | # 0x0090604fL /usr/local/ssl/include/openssl/opensslv.h |
40 | # | 40 | # |
41 | # Searching for OpenSSL shared library files. | 41 | # Searching for OpenSSL shared library files. |
42 | # 0x0090602fL /lib/libcrypto.so.0.9.6b | 42 | # 0x0090602fL /lib/libcrypto.so.0.9.6b |
43 | # 0x0090602fL /lib/libcrypto.so.2 | 43 | # 0x0090602fL /lib/libcrypto.so.2 |
@@ -46,11 +46,11 @@ | |||
46 | # 0x0090581fL /usr/lib/libcrypto.so.0.9.5a | 46 | # 0x0090581fL /usr/lib/libcrypto.so.0.9.5a |
47 | # 0x0090600fL /usr/lib/libcrypto.so.0.9.6 | 47 | # 0x0090600fL /usr/lib/libcrypto.so.0.9.6 |
48 | # 0x0090600fL /usr/lib/libcrypto.so.1 | 48 | # 0x0090600fL /usr/lib/libcrypto.so.1 |
49 | # | 49 | # |
50 | # Searching for OpenSSL static library files. | 50 | # Searching for OpenSSL static library files. |
51 | # 0x0090602fL /usr/lib/libcrypto.a | 51 | # 0x0090602fL /usr/lib/libcrypto.a |
52 | # 0x0090604fL /usr/local/ssl/lib/libcrypto.a | 52 | # 0x0090604fL /usr/local/ssl/lib/libcrypto.a |
53 | # | 53 | # |
54 | # In this example, I gave configure no extra flags, so it's picking up | 54 | # In this example, I gave configure no extra flags, so it's picking up |
55 | # the OpenSSL header from /usr/include/openssl (90604f) and the library | 55 | # the OpenSSL header from /usr/include/openssl (90604f) and the library |
56 | # from /usr/lib/ (90602f). | 56 | # from /usr/lib/ (90602f). |
diff --git a/contrib/gnome-ssh-askpass1.c b/contrib/gnome-ssh-askpass1.c index b6b342b84..4d51032d1 100644 --- a/contrib/gnome-ssh-askpass1.c +++ b/contrib/gnome-ssh-askpass1.c | |||
@@ -23,14 +23,14 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | /* | 25 | /* |
26 | * This is a simple GNOME SSH passphrase grabber. To use it, set the | 26 | * This is a simple GNOME SSH passphrase grabber. To use it, set the |
27 | * environment variable SSH_ASKPASS to point to the location of | 27 | * environment variable SSH_ASKPASS to point to the location of |
28 | * gnome-ssh-askpass before calling "ssh-add < /dev/null". | 28 | * gnome-ssh-askpass before calling "ssh-add < /dev/null". |
29 | * | 29 | * |
30 | * There is only two run-time options: if you set the environment variable | 30 | * There is only two run-time options: if you set the environment variable |
31 | * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab | 31 | * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab |
32 | * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the | 32 | * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the |
33 | * pointer will be grabbed too. These may have some benefit to security if | 33 | * pointer will be grabbed too. These may have some benefit to security if |
34 | * you don't trust your X server. We grab the keyboard always. | 34 | * you don't trust your X server. We grab the keyboard always. |
35 | */ | 35 | */ |
36 | 36 | ||
@@ -87,7 +87,7 @@ passphrase_dialog(char *message) | |||
87 | } | 87 | } |
88 | 88 | ||
89 | entry = gtk_entry_new(); | 89 | entry = gtk_entry_new(); |
90 | gtk_box_pack_start(GTK_BOX(GNOME_DIALOG(dialog)->vbox), entry, FALSE, | 90 | gtk_box_pack_start(GTK_BOX(GNOME_DIALOG(dialog)->vbox), entry, FALSE, |
91 | FALSE, 0); | 91 | FALSE, 0); |
92 | gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE); | 92 | gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE); |
93 | gtk_widget_grab_focus(entry); | 93 | gtk_widget_grab_focus(entry); |
@@ -105,7 +105,7 @@ passphrase_dialog(char *message) | |||
105 | /* Grab focus */ | 105 | /* Grab focus */ |
106 | if (grab_server) | 106 | if (grab_server) |
107 | XGrabServer(GDK_DISPLAY()); | 107 | XGrabServer(GDK_DISPLAY()); |
108 | if (grab_pointer && gdk_pointer_grab(dialog->window, TRUE, 0, | 108 | if (grab_pointer && gdk_pointer_grab(dialog->window, TRUE, 0, |
109 | NULL, NULL, GDK_CURRENT_TIME)) | 109 | NULL, NULL, GDK_CURRENT_TIME)) |
110 | goto nograb; | 110 | goto nograb; |
111 | if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME)) | 111 | if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME)) |
diff --git a/contrib/gnome-ssh-askpass2.c b/contrib/gnome-ssh-askpass2.c index 9e8eaf920..0ce8daec9 100644 --- a/contrib/gnome-ssh-askpass2.c +++ b/contrib/gnome-ssh-askpass2.c | |||
@@ -25,14 +25,14 @@ | |||
25 | /* GTK2 support by Nalin Dahyabhai <nalin@redhat.com> */ | 25 | /* GTK2 support by Nalin Dahyabhai <nalin@redhat.com> */ |
26 | 26 | ||
27 | /* | 27 | /* |
28 | * This is a simple GNOME SSH passphrase grabber. To use it, set the | 28 | * This is a simple GNOME SSH passphrase grabber. To use it, set the |
29 | * environment variable SSH_ASKPASS to point to the location of | 29 | * environment variable SSH_ASKPASS to point to the location of |
30 | * gnome-ssh-askpass before calling "ssh-add < /dev/null". | 30 | * gnome-ssh-askpass before calling "ssh-add < /dev/null". |
31 | * | 31 | * |
32 | * There is only two run-time options: if you set the environment variable | 32 | * There is only two run-time options: if you set the environment variable |
33 | * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab | 33 | * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab |
34 | * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the | 34 | * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the |
35 | * pointer will be grabbed too. These may have some benefit to security if | 35 | * pointer will be grabbed too. These may have some benefit to security if |
36 | * you don't trust your X server. We grab the keyboard always. | 36 | * you don't trust your X server. We grab the keyboard always. |
37 | */ | 37 | */ |
38 | 38 | ||
@@ -103,7 +103,7 @@ passphrase_dialog(char *message) | |||
103 | message); | 103 | message); |
104 | 104 | ||
105 | entry = gtk_entry_new(); | 105 | entry = gtk_entry_new(); |
106 | gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), entry, FALSE, | 106 | gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), entry, FALSE, |
107 | FALSE, 0); | 107 | FALSE, 0); |
108 | gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE); | 108 | gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE); |
109 | gtk_widget_grab_focus(entry); | 109 | gtk_widget_grab_focus(entry); |
@@ -124,7 +124,7 @@ passphrase_dialog(char *message) | |||
124 | if (grab_pointer) { | 124 | if (grab_pointer) { |
125 | for(;;) { | 125 | for(;;) { |
126 | status = gdk_pointer_grab( | 126 | status = gdk_pointer_grab( |
127 | (GTK_WIDGET(dialog))->window, TRUE, 0, NULL, | 127 | (GTK_WIDGET(dialog))->window, TRUE, 0, NULL, |
128 | NULL, GDK_CURRENT_TIME); | 128 | NULL, GDK_CURRENT_TIME); |
129 | if (status == GDK_GRAB_SUCCESS) | 129 | if (status == GDK_GRAB_SUCCESS) |
130 | break; | 130 | break; |
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index dd00c9fa9..a4d49f61c 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec | |||
@@ -200,7 +200,7 @@ CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS | |||
200 | --with-pam \ | 200 | --with-pam \ |
201 | %endif | 201 | %endif |
202 | %if %{kerberos5} | 202 | %if %{kerberos5} |
203 | --with-kerberos5=/usr/kerberos \ | 203 | --with-kerberos5=/usr/kerberos \ |
204 | %endif | 204 | %endif |
205 | 205 | ||
206 | 206 | ||
@@ -398,7 +398,7 @@ fi | |||
398 | 398 | ||
399 | %changelog | 399 | %changelog |
400 | * Mon Jun 2 2003 Damien Miller <djm@mindrot.org> | 400 | * Mon Jun 2 2003 Damien Miller <djm@mindrot.org> |
401 | - Remove noip6 option. This may be controlled at run-time in client config | 401 | - Remove noip6 option. This may be controlled at run-time in client config |
402 | file using new AddressFamily directive | 402 | file using new AddressFamily directive |
403 | 403 | ||
404 | * Mon May 12 2003 Damien Miller <djm@mindrot.org> | 404 | * Mon May 12 2003 Damien Miller <djm@mindrot.org> |
@@ -558,7 +558,7 @@ fi | |||
558 | 558 | ||
559 | * Sun Apr 8 2001 Preston Brown <pbrown@redhat.com> | 559 | * Sun Apr 8 2001 Preston Brown <pbrown@redhat.com> |
560 | - remove explicit openssl requirement, fixes builddistro issue | 560 | - remove explicit openssl requirement, fixes builddistro issue |
561 | - make initscript stop() function wait until sshd really dead to avoid | 561 | - make initscript stop() function wait until sshd really dead to avoid |
562 | races in condrestart | 562 | races in condrestart |
563 | 563 | ||
564 | * Mon Apr 2 2001 Nalin Dahyabhai <nalin@redhat.com> | 564 | * Mon Apr 2 2001 Nalin Dahyabhai <nalin@redhat.com> |
diff --git a/contrib/solaris/README b/contrib/solaris/README index 9b0a46e29..eb4c590f4 100644 --- a/contrib/solaris/README +++ b/contrib/solaris/README | |||
@@ -17,7 +17,7 @@ Directions: | |||
17 | 17 | ||
18 | If all goes well you should have a solaris package ready to be installed. | 18 | If all goes well you should have a solaris package ready to be installed. |
19 | 19 | ||
20 | If you have any problems with this script please post them to | 20 | If you have any problems with this script please post them to |
21 | openssh-unix-dev@mindrot.org and I will try to assist you as best as I can. | 21 | openssh-unix-dev@mindrot.org and I will try to assist you as best as I can. |
22 | 22 | ||
23 | - Ben Lindstrom | 23 | - Ben Lindstrom |
diff --git a/contrib/solaris/buildpkg.sh b/contrib/solaris/buildpkg.sh index c41b3f963..55203d7d5 100755 --- a/contrib/solaris/buildpkg.sh +++ b/contrib/solaris/buildpkg.sh | |||
@@ -5,7 +5,7 @@ | |||
5 | # The following code has been provide under Public Domain License. I really | 5 | # The following code has been provide under Public Domain License. I really |
6 | # don't care what you use it for. Just as long as you don't complain to me | 6 | # don't care what you use it for. Just as long as you don't complain to me |
7 | # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) | 7 | # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) |
8 | # | 8 | # |
9 | umask 022 | 9 | umask 022 |
10 | # | 10 | # |
11 | # Options for building the package | 11 | # Options for building the package |
@@ -13,7 +13,7 @@ umask 022 | |||
13 | # | 13 | # |
14 | # uncommenting TEST_DIR and using | 14 | # uncommenting TEST_DIR and using |
15 | # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty | 15 | # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty |
16 | # and | 16 | # and |
17 | # PKGNAME=tOpenSSH should allow testing a package without interfering | 17 | # PKGNAME=tOpenSSH should allow testing a package without interfering |
18 | # with a real OpenSSH package on a system. This is not needed on systems | 18 | # with a real OpenSSH package on a system. This is not needed on systems |
19 | # that support the -R option to pkgadd. | 19 | # that support the -R option to pkgadd. |
@@ -81,7 +81,7 @@ export PATH | |||
81 | # we will look for config.local to override the above options | 81 | # we will look for config.local to override the above options |
82 | [ -s ./config.local ] && . ./config.local | 82 | [ -s ./config.local ] && . ./config.local |
83 | 83 | ||
84 | ## Start by faking root install | 84 | ## Start by faking root install |
85 | echo "Faking root install..." | 85 | echo "Faking root install..." |
86 | START=`pwd` | 86 | START=`pwd` |
87 | OPENSSHD_IN=`dirname $0`/opensshd.in | 87 | OPENSSHD_IN=`dirname $0`/opensshd.in |
@@ -98,20 +98,20 @@ fi | |||
98 | ## Fill in some details, like prefix and sysconfdir | 98 | ## Fill in some details, like prefix and sysconfdir |
99 | for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir | 99 | for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir |
100 | do | 100 | do |
101 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` | 101 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` |
102 | done | 102 | done |
103 | 103 | ||
104 | 104 | ||
105 | ## Collect value of privsep user | 105 | ## Collect value of privsep user |
106 | for confvar in SSH_PRIVSEP_USER | 106 | for confvar in SSH_PRIVSEP_USER |
107 | do | 107 | do |
108 | eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` | 108 | eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` |
109 | done | 109 | done |
110 | 110 | ||
111 | ## Set privsep defaults if not defined | 111 | ## Set privsep defaults if not defined |
112 | if [ -z "$SSH_PRIVSEP_USER" ] | 112 | if [ -z "$SSH_PRIVSEP_USER" ] |
113 | then | 113 | then |
114 | SSH_PRIVSEP_USER=sshd | 114 | SSH_PRIVSEP_USER=sshd |
115 | fi | 115 | fi |
116 | 116 | ||
117 | ## Extract common info requires for the 'info' part of the package. | 117 | ## Extract common info requires for the 'info' part of the package. |
@@ -243,16 +243,16 @@ fi | |||
243 | 243 | ||
244 | if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null | 244 | if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null |
245 | then | 245 | then |
246 | echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user" | 246 | echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user" |
247 | echo "or group." | 247 | echo "or group." |
248 | else | 248 | else |
249 | echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." | 249 | echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." |
250 | 250 | ||
251 | # create group if required | 251 | # create group if required |
252 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null | 252 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null |
253 | then | 253 | then |
254 | echo "PrivSep group $SSH_PRIVSEP_USER already exists." | 254 | echo "PrivSep group $SSH_PRIVSEP_USER already exists." |
255 | else | 255 | else |
256 | # Use gid of 67 if possible | 256 | # Use gid of 67 if possible |
257 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null | 257 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null |
258 | then | 258 | then |
@@ -260,15 +260,15 @@ else | |||
260 | else | 260 | else |
261 | sshdgid="-g $SSHDGID" | 261 | sshdgid="-g $SSHDGID" |
262 | fi | 262 | fi |
263 | echo "Creating PrivSep group $SSH_PRIVSEP_USER." | 263 | echo "Creating PrivSep group $SSH_PRIVSEP_USER." |
264 | \$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER | 264 | \$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER |
265 | fi | 265 | fi |
266 | 266 | ||
267 | # Create user if required | 267 | # Create user if required |
268 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null | 268 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null |
269 | then | 269 | then |
270 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." | 270 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." |
271 | else | 271 | else |
272 | # Use uid of 67 if possible | 272 | # Use uid of 67 if possible |
273 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null | 273 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null |
274 | then | 274 | then |
@@ -276,10 +276,10 @@ else | |||
276 | else | 276 | else |
277 | sshduid="-u $SSHDUID" | 277 | sshduid="-u $SSHDUID" |
278 | fi | 278 | fi |
279 | echo "Creating PrivSep user $SSH_PRIVSEP_USER." | 279 | echo "Creating PrivSep user $SSH_PRIVSEP_USER." |
280 | \$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER | 280 | \$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER |
281 | \$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER | 281 | \$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER |
282 | fi | 282 | fi |
283 | fi | 283 | fi |
284 | 284 | ||
285 | [ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start | 285 | [ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start |
@@ -358,12 +358,12 @@ cat >mk-proto.awk << _EOF | |||
358 | BEGIN { print "i pkginfo"; print "i preinstall"; \\ | 358 | BEGIN { print "i pkginfo"; print "i preinstall"; \\ |
359 | print "i postinstall"; print "i preremove"; \\ | 359 | print "i postinstall"; print "i preremove"; \\ |
360 | print "i request"; print "i space"; \\ | 360 | print "i request"; print "i space"; \\ |
361 | split("$SYSTEM_DIR",sys_files); } | 361 | split("$SYSTEM_DIR",sys_files); } |
362 | { | 362 | { |
363 | for (dir in sys_files) { if ( \$3 != sys_files[dir] ) | 363 | for (dir in sys_files) { if ( \$3 != sys_files[dir] ) |
364 | { \$5="root"; \$6="sys"; } | 364 | { \$5="root"; \$6="sys"; } |
365 | else | 365 | else |
366 | { \$4="?"; \$5="?"; \$6="?"; break;} | 366 | { \$4="?"; \$5="?"; \$6="?"; break;} |
367 | } } | 367 | } } |
368 | { print; } | 368 | { print; } |
369 | _EOF | 369 | _EOF |
diff --git a/contrib/solaris/opensshd.in b/contrib/solaris/opensshd.in index 48b6c5702..50e18deea 100755 --- a/contrib/solaris/opensshd.in +++ b/contrib/solaris/opensshd.in | |||
@@ -22,24 +22,24 @@ HOST_KEY_RSA=$etcdir/ssh_host_rsa_key | |||
22 | 22 | ||
23 | checkkeys() { | 23 | checkkeys() { |
24 | if [ ! -f $HOST_KEY_RSA1 ]; then | 24 | if [ ! -f $HOST_KEY_RSA1 ]; then |
25 | ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N "" | 25 | ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N "" |
26 | fi | 26 | fi |
27 | if [ ! -f $HOST_KEY_DSA ]; then | 27 | if [ ! -f $HOST_KEY_DSA ]; then |
28 | ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N "" | 28 | ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N "" |
29 | fi | 29 | fi |
30 | if [ ! -f $HOST_KEY_RSA ]; then | 30 | if [ ! -f $HOST_KEY_RSA ]; then |
31 | ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N "" | 31 | ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N "" |
32 | fi | 32 | fi |
33 | } | 33 | } |
34 | 34 | ||
35 | stop_service() { | 35 | stop_service() { |
36 | if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then | 36 | if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then |
37 | PID=`${CAT} ${PIDFILE}` | 37 | PID=`${CAT} ${PIDFILE}` |
38 | fi | 38 | fi |
39 | if [ ${PID:=0} -gt 1 -a ! "X$PID" = "X " ]; then | 39 | if [ ${PID:=0} -gt 1 -a ! "X$PID" = "X " ]; then |
40 | ${KILL} ${PID} | 40 | ${KILL} ${PID} |
41 | else | 41 | else |
42 | echo "Unable to read PID file" | 42 | echo "Unable to read PID file" |
43 | fi | 43 | fi |
44 | } | 44 | } |
45 | 45 | ||
@@ -55,8 +55,8 @@ start_service() { | |||
55 | 55 | ||
56 | sshd_rc=$? | 56 | sshd_rc=$? |
57 | if [ $sshd_rc -ne 0 ]; then | 57 | if [ $sshd_rc -ne 0 ]; then |
58 | echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing." | 58 | echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing." |
59 | exit $sshd_rc | 59 | exit $sshd_rc |
60 | fi | 60 | fi |
61 | echo done. | 61 | echo done. |
62 | } | 62 | } |
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 940bc4ade..d984ff22d 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec | |||
@@ -30,7 +30,7 @@ two untrusted hosts over an insecure network. X11 connections and | |||
30 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | 30 | arbitrary TCP/IP ports can also be forwarded over the secure channel. |
31 | 31 | ||
32 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | 32 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it |
33 | up to date in terms of security and features, as well as removing all | 33 | up to date in terms of security and features, as well as removing all |
34 | patented algorithms to seperate libraries (OpenSSL). | 34 | patented algorithms to seperate libraries (OpenSSL). |
35 | 35 | ||
36 | This package includes all files necessary for both the OpenSSH | 36 | This package includes all files necessary for both the OpenSSH |
@@ -100,8 +100,8 @@ make | |||
100 | 100 | ||
101 | cd contrib | 101 | cd contrib |
102 | gcc -O -g `gnome-config --cflags gnome gnomeui` \ | 102 | gcc -O -g `gnome-config --cflags gnome gnomeui` \ |
103 | gnome-ssh-askpass.c -o gnome-ssh-askpass \ | 103 | gnome-ssh-askpass.c -o gnome-ssh-askpass \ |
104 | `gnome-config --libs gnome gnomeui` | 104 | `gnome-config --libs gnome gnomeui` |
105 | cd .. | 105 | cd .. |
106 | 106 | ||
107 | %install | 107 | %install |
@@ -140,34 +140,34 @@ else | |||
140 | echo " /var/adm/fillup-templates/rc.config.sshd" | 140 | echo " /var/adm/fillup-templates/rc.config.sshd" |
141 | fi | 141 | fi |
142 | if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then | 142 | if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then |
143 | echo "Generating SSH host key..." | 143 | echo "Generating SSH host key..." |
144 | /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2 | 144 | /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2 |
145 | fi | 145 | fi |
146 | if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then | 146 | if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then |
147 | echo "Generating SSH DSA host key..." | 147 | echo "Generating SSH DSA host key..." |
148 | /usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' >&2 | 148 | /usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' >&2 |
149 | fi | 149 | fi |
150 | if test -r /var/run/sshd.pid | 150 | if test -r /var/run/sshd.pid |
151 | then | 151 | then |
152 | echo "Restarting the running SSH daemon..." | 152 | echo "Restarting the running SSH daemon..." |
153 | /usr/sbin/rcsshd restart >&2 | 153 | /usr/sbin/rcsshd restart >&2 |
154 | fi | 154 | fi |
155 | 155 | ||
156 | %preun | 156 | %preun |
157 | if [ "$1" = 0 ] | 157 | if [ "$1" = 0 ] |
158 | then | 158 | then |
159 | echo "Stopping the SSH daemon..." | 159 | echo "Stopping the SSH daemon..." |
160 | /usr/sbin/rcsshd stop >&2 | 160 | /usr/sbin/rcsshd stop >&2 |
161 | echo "Removing SSH stop/start scripts from the rc directories..." | 161 | echo "Removing SSH stop/start scripts from the rc directories..." |
162 | rm /sbin/init.d/rc2.d/K20sshd | 162 | rm /sbin/init.d/rc2.d/K20sshd |
163 | rm /sbin/init.d/rc2.d/S20sshd | 163 | rm /sbin/init.d/rc2.d/S20sshd |
164 | rm /sbin/init.d/rc3.d/K20sshd | 164 | rm /sbin/init.d/rc3.d/K20sshd |
165 | rm /sbin/init.d/rc3.d/S20sshd | 165 | rm /sbin/init.d/rc3.d/S20sshd |
166 | fi | 166 | fi |
167 | 167 | ||
168 | %files | 168 | %files |
169 | %defattr(-,root,root) | 169 | %defattr(-,root,root) |
170 | %doc ChangeLog OVERVIEW README* | 170 | %doc ChangeLog OVERVIEW README* |
171 | %doc RFC.nroff TODO CREDITS LICENCE | 171 | %doc RFC.nroff TODO CREDITS LICENCE |
172 | %attr(0755,root,root) %dir /etc/ssh | 172 | %attr(0755,root,root) %dir /etc/ssh |
173 | %attr(0644,root,root) %config /etc/ssh/ssh_config | 173 | %attr(0644,root,root) %config /etc/ssh/ssh_config |
@@ -25,7 +25,7 @@ | |||
25 | #ifndef _DEFINES_H | 25 | #ifndef _DEFINES_H |
26 | #define _DEFINES_H | 26 | #define _DEFINES_H |
27 | 27 | ||
28 | /* $Id: defines.h,v 1.103 2003/09/16 01:52:19 dtucker Exp $ */ | 28 | /* $Id: defines.h,v 1.104 2003/11/21 12:48:55 djm Exp $ */ |
29 | 29 | ||
30 | 30 | ||
31 | /* Constants */ | 31 | /* Constants */ |
@@ -84,7 +84,7 @@ enum | |||
84 | # define S_ISDIR(mode) (((mode) & (_S_IFMT)) == (_S_IFDIR)) | 84 | # define S_ISDIR(mode) (((mode) & (_S_IFMT)) == (_S_IFDIR)) |
85 | #endif /* S_ISDIR */ | 85 | #endif /* S_ISDIR */ |
86 | 86 | ||
87 | #ifndef S_ISREG | 87 | #ifndef S_ISREG |
88 | # define S_ISREG(mode) (((mode) & (_S_IFMT)) == (_S_IFREG)) | 88 | # define S_ISREG(mode) (((mode) & (_S_IFMT)) == (_S_IFREG)) |
89 | #endif /* S_ISREG */ | 89 | #endif /* S_ISREG */ |
90 | 90 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dns.c,v 1.8 2003/11/12 16:39:58 jakob Exp $ */ | 1 | /* $OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. | 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. |
@@ -43,7 +43,7 @@ | |||
43 | #include "uuencode.h" | 43 | #include "uuencode.h" |
44 | 44 | ||
45 | extern char *__progname; | 45 | extern char *__progname; |
46 | RCSID("$OpenBSD: dns.c,v 1.8 2003/11/12 16:39:58 jakob Exp $"); | 46 | RCSID("$OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $"); |
47 | 47 | ||
48 | #ifndef LWRES | 48 | #ifndef LWRES |
49 | static const char *errset_text[] = { | 49 | static const char *errset_text[] = { |
@@ -145,7 +145,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, | |||
145 | 145 | ||
146 | /* | 146 | /* |
147 | * Verify the given hostname, address and host key using DNS. | 147 | * Verify the given hostname, address and host key using DNS. |
148 | * Returns 0 if lookup succeeds, -1 otherwise | 148 | * Returns 0 if lookup succeeds, -1 otherwise |
149 | */ | 149 | */ |
150 | int | 150 | int |
151 | verify_host_key_dns(const char *hostname, struct sockaddr *address, | 151 | verify_host_key_dns(const char *hostname, struct sockaddr *address, |
@@ -36,16 +36,16 @@ | |||
36 | 36 | ||
37 | /* | 37 | /* |
38 | * Portable OpenSSH PRNG seeding: | 38 | * Portable OpenSSH PRNG seeding: |
39 | * If OpenSSL has not "internally seeded" itself (e.g. pulled data from | 39 | * If OpenSSL has not "internally seeded" itself (e.g. pulled data from |
40 | * /dev/random), then we execute a "ssh-rand-helper" program which | 40 | * /dev/random), then we execute a "ssh-rand-helper" program which |
41 | * collects entropy and writes it to stdout. The child program must | 41 | * collects entropy and writes it to stdout. The child program must |
42 | * write at least RANDOM_SEED_SIZE bytes. The child is run with stderr | 42 | * write at least RANDOM_SEED_SIZE bytes. The child is run with stderr |
43 | * attached, so error/debugging output should be visible. | 43 | * attached, so error/debugging output should be visible. |
44 | * | 44 | * |
45 | * XXX: we should tell the child how many bytes we need. | 45 | * XXX: we should tell the child how many bytes we need. |
46 | */ | 46 | */ |
47 | 47 | ||
48 | RCSID("$Id: entropy.c,v 1.46 2003/08/25 01:16:21 mouring Exp $"); | 48 | RCSID("$Id: entropy.c,v 1.47 2003/11/21 12:48:55 djm Exp $"); |
49 | 49 | ||
50 | #ifndef OPENSSL_PRNG_ONLY | 50 | #ifndef OPENSSL_PRNG_ONLY |
51 | #define RANDOM_SEED_SIZE 48 | 51 | #define RANDOM_SEED_SIZE 48 |
@@ -86,16 +86,16 @@ seed_rng(void) | |||
86 | close(p[1]); | 86 | close(p[1]); |
87 | close(devnull); | 87 | close(devnull); |
88 | 88 | ||
89 | if (original_uid != original_euid && | 89 | if (original_uid != original_euid && |
90 | ( seteuid(getuid()) == -1 || | 90 | ( seteuid(getuid()) == -1 || |
91 | setuid(original_uid) == -1) ) { | 91 | setuid(original_uid) == -1) ) { |
92 | fprintf(stderr, "(rand child) setuid(%li): %s\n", | 92 | fprintf(stderr, "(rand child) setuid(%li): %s\n", |
93 | (long int)original_uid, strerror(errno)); | 93 | (long int)original_uid, strerror(errno)); |
94 | _exit(1); | 94 | _exit(1); |
95 | } | 95 | } |
96 | 96 | ||
97 | execl(SSH_RAND_HELPER, "ssh-rand-helper", NULL); | 97 | execl(SSH_RAND_HELPER, "ssh-rand-helper", NULL); |
98 | fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n", | 98 | fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n", |
99 | SSH_RAND_HELPER, strerror(errno)); | 99 | SSH_RAND_HELPER, strerror(errno)); |
100 | _exit(1); | 100 | _exit(1); |
101 | } | 101 | } |
@@ -114,12 +114,12 @@ seed_rng(void) | |||
114 | close(p[0]); | 114 | close(p[0]); |
115 | 115 | ||
116 | if (waitpid(pid, &ret, 0) == -1) | 116 | if (waitpid(pid, &ret, 0) == -1) |
117 | fatal("Couldn't wait for ssh-rand-helper completion: %s", | 117 | fatal("Couldn't wait for ssh-rand-helper completion: %s", |
118 | strerror(errno)); | 118 | strerror(errno)); |
119 | signal(SIGCHLD, old_sigchld); | 119 | signal(SIGCHLD, old_sigchld); |
120 | 120 | ||
121 | /* We don't mind if the child exits upon a SIGPIPE */ | 121 | /* We don't mind if the child exits upon a SIGPIPE */ |
122 | if (!WIFEXITED(ret) && | 122 | if (!WIFEXITED(ret) && |
123 | (!WIFSIGNALED(ret) || WTERMSIG(ret) != SIGPIPE)) | 123 | (!WIFSIGNALED(ret) || WTERMSIG(ret) != SIGPIPE)) |
124 | fatal("ssh-rand-helper terminated abnormally"); | 124 | fatal("ssh-rand-helper terminated abnormally"); |
125 | if (WEXITSTATUS(ret) != 0) | 125 | if (WEXITSTATUS(ret) != 0) |
@@ -134,7 +134,7 @@ seed_rng(void) | |||
134 | } | 134 | } |
135 | 135 | ||
136 | void | 136 | void |
137 | init_rng(void) | 137 | init_rng(void) |
138 | { | 138 | { |
139 | /* | 139 | /* |
140 | * OpenSSL version numbers: MNNFFPPS: major minor fix patch status | 140 | * OpenSSL version numbers: MNNFFPPS: major minor fix patch status |
@@ -65,7 +65,7 @@ foreach (@infile) { | |||
65 | ($null, $null, $rate) = split(/,/, $ent[0]); | 65 | ($null, $null, $rate) = split(/,/, $ent[0]); |
66 | $est = $rate / $entscale; # scale the estimate back | 66 | $est = $rate / $entscale; # scale the estimate back |
67 | } | 67 | } |
68 | } | 68 | } |
69 | print OUT "\"$cmd\" $path $est\n"; | 69 | print OUT "\"$cmd\" $path $est\n"; |
70 | } | 70 | } |
71 | 71 | ||
diff --git a/gss-genr.c b/gss-genr.c index 6b7caad0e..1e044dbbb 100644 --- a/gss-genr.c +++ b/gss-genr.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: gss-genr.c,v 1.2 2003/11/17 11:06:07 markus Exp $ */ | 1 | /* $OpenBSD: gss-genr.c,v 1.3 2003/11/21 11:57:03 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -258,8 +258,8 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) | |||
258 | } | 258 | } |
259 | 259 | ||
260 | void | 260 | void |
261 | ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, | 261 | ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, |
262 | const char *context) | 262 | const char *context) |
263 | { | 263 | { |
264 | buffer_init(b); | 264 | buffer_init(b); |
265 | buffer_put_string(b, session_id2, session_id2_len); | 265 | buffer_put_string(b, session_id2, session_id2_len); |
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index f48e09911..e358bcbdc 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: gss-serv-krb5.c,v 1.1 2003/08/22 10:56:09 markus Exp $ */ | 1 | /* $OpenBSD: gss-serv-krb5.c,v 1.2 2003/11/21 11:57:03 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. | 4 | * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. |
@@ -48,7 +48,7 @@ static krb5_context krb_context = NULL; | |||
48 | 48 | ||
49 | /* Initialise the krb5 library, for the stuff that GSSAPI won't do */ | 49 | /* Initialise the krb5 library, for the stuff that GSSAPI won't do */ |
50 | 50 | ||
51 | static int | 51 | static int |
52 | ssh_gssapi_krb5_init() | 52 | ssh_gssapi_krb5_init() |
53 | { | 53 | { |
54 | krb5_error_code problem; | 54 | krb5_error_code problem; |
@@ -127,10 +127,10 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) | |||
127 | { | 127 | { |
128 | int tmpfd; | 128 | int tmpfd; |
129 | char ccname[40]; | 129 | char ccname[40]; |
130 | 130 | ||
131 | snprintf(ccname, sizeof(ccname), | 131 | snprintf(ccname, sizeof(ccname), |
132 | "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid()); | 132 | "FILE:/tmp/krb5cc_%d_XXXXXX", geteuid()); |
133 | 133 | ||
134 | if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) { | 134 | if ((tmpfd = mkstemp(ccname + strlen("FILE:"))) == -1) { |
135 | logit("mkstemp(): %.100s", strerror(errno)); | 135 | logit("mkstemp(): %.100s", strerror(errno)); |
136 | problem = errno; | 136 | problem = errno; |
@@ -151,7 +151,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) | |||
151 | } | 151 | } |
152 | #endif /* #ifdef HEIMDAL */ | 152 | #endif /* #ifdef HEIMDAL */ |
153 | 153 | ||
154 | if ((problem = krb5_parse_name(krb_context, | 154 | if ((problem = krb5_parse_name(krb_context, |
155 | client->exportedname.value, &princ))) { | 155 | client->exportedname.value, &princ))) { |
156 | logit("krb5_parse_name(): %.100s", | 156 | logit("krb5_parse_name(): %.100s", |
157 | krb5_get_err_text(krb_context, problem)); | 157 | krb5_get_err_text(krb_context, problem)); |
@@ -169,7 +169,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) | |||
169 | 169 | ||
170 | krb5_free_principal(krb_context, princ); | 170 | krb5_free_principal(krb_context, princ); |
171 | 171 | ||
172 | if ((maj_status = gss_krb5_copy_ccache(&min_status, | 172 | if ((maj_status = gss_krb5_copy_ccache(&min_status, |
173 | client->creds, ccache))) { | 173 | client->creds, ccache))) { |
174 | logit("gss_krb5_copy_ccache() failed"); | 174 | logit("gss_krb5_copy_ccache() failed"); |
175 | krb5_cc_destroy(krb_context, ccache); | 175 | krb5_cc_destroy(krb_context, ccache); |
diff --git a/install-sh b/install-sh index e9de23842..220abbf61 100755 --- a/install-sh +++ b/install-sh | |||
@@ -125,7 +125,7 @@ if [ x"$dir_arg" != x ]; then | |||
125 | else | 125 | else |
126 | 126 | ||
127 | # Waiting for this to be detected by the "$instcmd $src $dsttmp" command | 127 | # Waiting for this to be detected by the "$instcmd $src $dsttmp" command |
128 | # might cause directories to be created, which would be especially bad | 128 | # might cause directories to be created, which would be especially bad |
129 | # if $src (and thus $dsttmp) contains '*'. | 129 | # if $src (and thus $dsttmp) contains '*'. |
130 | 130 | ||
131 | if [ -f $src -o -d $src ] | 131 | if [ -f $src -o -d $src ] |
@@ -180,7 +180,7 @@ while [ $# -ne 0 ] ; do | |||
180 | shift | 180 | shift |
181 | 181 | ||
182 | if [ ! -d "${pathcomp}" ] ; | 182 | if [ ! -d "${pathcomp}" ] ; |
183 | then | 183 | then |
184 | $mkdirprog "${pathcomp}" | 184 | $mkdirprog "${pathcomp}" |
185 | else | 185 | else |
186 | true | 186 | true |
@@ -202,17 +202,17 @@ else | |||
202 | 202 | ||
203 | # If we're going to rename the final executable, determine the name now. | 203 | # If we're going to rename the final executable, determine the name now. |
204 | 204 | ||
205 | if [ x"$transformarg" = x ] | 205 | if [ x"$transformarg" = x ] |
206 | then | 206 | then |
207 | dstfile=`basename $dst` | 207 | dstfile=`basename $dst` |
208 | else | 208 | else |
209 | dstfile=`basename $dst $transformbasename | | 209 | dstfile=`basename $dst $transformbasename | |
210 | sed $transformarg`$transformbasename | 210 | sed $transformarg`$transformbasename |
211 | fi | 211 | fi |
212 | 212 | ||
213 | # don't allow the sed command to completely eliminate the filename | 213 | # don't allow the sed command to completely eliminate the filename |
214 | 214 | ||
215 | if [ x"$dstfile" = x ] | 215 | if [ x"$dstfile" = x ] |
216 | then | 216 | then |
217 | dstfile=`basename $dst` | 217 | dstfile=`basename $dst` |
218 | else | 218 | else |
@@ -243,7 +243,7 @@ else | |||
243 | # Now rename the file to the real destination. | 243 | # Now rename the file to the real destination. |
244 | 244 | ||
245 | $doit $rmcmd -f $dstdir/$dstfile && | 245 | $doit $rmcmd -f $dstdir/$dstfile && |
246 | $doit $mvcmd $dsttmp $dstdir/$dstfile | 246 | $doit $mvcmd $dsttmp $dstdir/$dstfile |
247 | 247 | ||
248 | fi && | 248 | fi && |
249 | 249 | ||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: kex.c,v 1.55 2003/04/01 10:31:26 markus Exp $"); | 26 | RCSID("$OpenBSD: kex.c,v 1.56 2003/11/21 11:57:03 djm Exp $"); |
27 | 27 | ||
28 | #include <openssl/crypto.h> | 28 | #include <openssl/crypto.h> |
29 | 29 | ||
@@ -310,7 +310,7 @@ choose_hostkeyalg(Kex *k, char *client, char *server) | |||
310 | xfree(hostkeyalg); | 310 | xfree(hostkeyalg); |
311 | } | 311 | } |
312 | 312 | ||
313 | static int | 313 | static int |
314 | proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX]) | 314 | proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX]) |
315 | { | 315 | { |
316 | static int check[] = { | 316 | static int check[] = { |
@@ -392,7 +392,7 @@ kex_choose_conf(Kex *kex) | |||
392 | kex->we_need = need; | 392 | kex->we_need = need; |
393 | 393 | ||
394 | /* ignore the next message if the proposals do not match */ | 394 | /* ignore the next message if the proposals do not match */ |
395 | if (first_kex_follows && !proposals_match(my, peer) && | 395 | if (first_kex_follows && !proposals_match(my, peer) && |
396 | !(datafellows & SSH_BUG_FIRSTKEX)) { | 396 | !(datafellows & SSH_BUG_FIRSTKEX)) { |
397 | type = packet_read(); | 397 | type = packet_read(); |
398 | debug2("skipping next packet (type %u)", type); | 398 | debug2("skipping next packet (type %u)", type); |
diff --git a/loginrec.c b/loginrec.c index bdac3e959..ce9e26fc5 100644 --- a/loginrec.c +++ b/loginrec.c | |||
@@ -158,7 +158,7 @@ | |||
158 | #include "log.h" | 158 | #include "log.h" |
159 | #include "atomicio.h" | 159 | #include "atomicio.h" |
160 | 160 | ||
161 | RCSID("$Id: loginrec.c,v 1.52 2003/07/06 05:20:46 dtucker Exp $"); | 161 | RCSID("$Id: loginrec.c,v 1.53 2003/11/21 12:48:55 djm Exp $"); |
162 | 162 | ||
163 | #ifdef HAVE_UTIL_H | 163 | #ifdef HAVE_UTIL_H |
164 | # include <util.h> | 164 | # include <util.h> |
@@ -442,7 +442,7 @@ login_write (struct logininfo *li) | |||
442 | int | 442 | int |
443 | login_utmp_only(struct logininfo *li) | 443 | login_utmp_only(struct logininfo *li) |
444 | { | 444 | { |
445 | li->type = LTYPE_LOGIN; | 445 | li->type = LTYPE_LOGIN; |
446 | login_set_current_time(li); | 446 | login_set_current_time(li); |
447 | # ifdef USE_UTMP | 447 | # ifdef USE_UTMP |
448 | utmp_write_entry(li); | 448 | utmp_write_entry(li); |
@@ -1534,7 +1534,7 @@ lastlog_get_entry(struct logininfo *li) | |||
1534 | lastlog_populate_entry(li, &last); | 1534 | lastlog_populate_entry(li, &last); |
1535 | return (1); | 1535 | return (1); |
1536 | case -1: | 1536 | case -1: |
1537 | error("%s: Error reading from %s: %s", __func__, | 1537 | error("%s: Error reading from %s: %s", __func__, |
1538 | LASTLOG_FILE, strerror(errno)); | 1538 | LASTLOG_FILE, strerror(errno)); |
1539 | return (0); | 1539 | return (0); |
1540 | default: | 1540 | default: |
diff --git a/md5crypt.c b/md5crypt.c index e14d53ac1..b5e3b91ab 100644 --- a/md5crypt.c +++ b/md5crypt.c | |||
@@ -1,9 +1,9 @@ | |||
1 | /* | 1 | /* |
2 | * ---------------------------------------------------------------------------- | 2 | * ---------------------------------------------------------------------------- |
3 | * "THE BEER-WARE LICENSE" (Revision 42): | 3 | * "THE BEER-WARE LICENSE" (Revision 42): |
4 | * <phk@login.dknet.dk> wrote this file. As long as you retain this | 4 | * <phk@login.dknet.dk> wrote this file. As long as you retain this |
5 | * notice you can do whatever you want with this stuff. If we meet some | 5 | * notice you can do whatever you want with this stuff. If we meet some |
6 | * day, and you think this stuff is worth it, you can buy me a beer in | 6 | * day, and you think this stuff is worth it, you can buy me a beer in |
7 | * return. Poul-Henning Kamp | 7 | * return. Poul-Henning Kamp |
8 | * ---------------------------------------------------------------------------- | 8 | * ---------------------------------------------------------------------------- |
9 | */ | 9 | */ |
@@ -13,7 +13,7 @@ | |||
13 | #if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) | 13 | #if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) |
14 | #include <openssl/md5.h> | 14 | #include <openssl/md5.h> |
15 | 15 | ||
16 | RCSID("$Id: md5crypt.c,v 1.7 2003/05/30 06:58:23 dtucker Exp $"); | 16 | RCSID("$Id: md5crypt.c,v 1.8 2003/11/21 12:48:55 djm Exp $"); |
17 | 17 | ||
18 | /* 0 ... 63 => ascii - 64 */ | 18 | /* 0 ... 63 => ascii - 64 */ |
19 | static unsigned char itoa64[] = | 19 | static unsigned char itoa64[] = |
diff --git a/mdoc2man.awk b/mdoc2man.awk index 856e2d7c5..9135af07e 100644 --- a/mdoc2man.awk +++ b/mdoc2man.awk | |||
@@ -76,19 +76,19 @@ function add(str) { | |||
76 | skip=1 | 76 | skip=1 |
77 | ext=1 | 77 | ext=1 |
78 | if(length(line)&&!(match(line," $")||prenl)) | 78 | if(length(line)&&!(match(line," $")||prenl)) |
79 | add(OFS) | 79 | add(OFS) |
80 | } else if(match(words[w],"^Xc$")) { | 80 | } else if(match(words[w],"^Xc$")) { |
81 | skip=1 | 81 | skip=1 |
82 | ext=0 | 82 | ext=0 |
83 | if(!extopt) | 83 | if(!extopt) |
84 | prenl++ | 84 | prenl++ |
85 | w=nwords | 85 | w=nwords |
86 | } else if(match(words[w],"^Bd$")) { | 86 | } else if(match(words[w],"^Bd$")) { |
87 | skip=1 | 87 | skip=1 |
88 | if(match(words[w+1],"-literal")) { | 88 | if(match(words[w+1],"-literal")) { |
89 | literal=1 | 89 | literal=1 |
90 | prenl++ | 90 | prenl++ |
91 | w=nwords | 91 | w=nwords |
92 | } | 92 | } |
93 | } else if(match(words[w],"^Ed$")) { | 93 | } else if(match(words[w],"^Ed$")) { |
94 | skip=1 | 94 | skip=1 |
@@ -96,7 +96,7 @@ function add(str) { | |||
96 | } else if(match(words[w],"^Ns$")) { | 96 | } else if(match(words[w],"^Ns$")) { |
97 | skip=1 | 97 | skip=1 |
98 | if(!nospace) | 98 | if(!nospace) |
99 | nospace=1 | 99 | nospace=1 |
100 | sub(" $","",line) | 100 | sub(" $","",line) |
101 | } else if(match(words[w],"^No$")) { | 101 | } else if(match(words[w],"^No$")) { |
102 | skip=1 | 102 | skip=1 |
@@ -107,20 +107,20 @@ function add(str) { | |||
107 | add("``") | 107 | add("``") |
108 | add(words[++w]) | 108 | add(words[++w]) |
109 | while(w<nwords&&!match(words[w+1],"^[\\.,]")) | 109 | while(w<nwords&&!match(words[w+1],"^[\\.,]")) |
110 | add(OFS words[++w]) | 110 | add(OFS words[++w]) |
111 | add("''") | 111 | add("''") |
112 | if(!nospace&&match(words[w+1],"^[\\.,]")) | 112 | if(!nospace&&match(words[w+1],"^[\\.,]")) |
113 | nospace=1 | 113 | nospace=1 |
114 | } else if(match(words[w],"^Sq|Ql$")) { | 114 | } else if(match(words[w],"^Sq|Ql$")) { |
115 | skip=1 | 115 | skip=1 |
116 | add("`" words[++w] "'") | 116 | add("`" words[++w] "'") |
117 | if(!nospace&&match(words[w+1],"^[\\.,]")) | 117 | if(!nospace&&match(words[w+1],"^[\\.,]")) |
118 | nospace=1 | 118 | nospace=1 |
119 | } else if(match(words[w],"^Oo$")) { | 119 | } else if(match(words[w],"^Oo$")) { |
120 | skip=1 | 120 | skip=1 |
121 | extopt=1 | 121 | extopt=1 |
122 | if(!nospace) | 122 | if(!nospace) |
123 | nospace=1 | 123 | nospace=1 |
124 | add("[") | 124 | add("[") |
125 | } else if(match(words[w],"^Oc$")) { | 125 | } else if(match(words[w],"^Oc$")) { |
126 | skip=1 | 126 | skip=1 |
@@ -129,9 +129,9 @@ function add(str) { | |||
129 | } | 129 | } |
130 | if(!skip) { | 130 | if(!skip) { |
131 | if(!nospace&&length(line)&&!(match(line," $")||prenl)) | 131 | if(!nospace&&length(line)&&!(match(line," $")||prenl)) |
132 | add(OFS) | 132 | add(OFS) |
133 | if(nospace==1) | 133 | if(nospace==1) |
134 | nospace=0 | 134 | nospace=0 |
135 | } | 135 | } |
136 | if(match(words[w],"^Dd$")) { | 136 | if(match(words[w],"^Dd$")) { |
137 | date=wtail() | 137 | date=wtail() |
@@ -158,69 +158,69 @@ function add(str) { | |||
158 | } else if(match(words[w],"^Re$")) { | 158 | } else if(match(words[w],"^Re$")) { |
159 | prenl++ | 159 | prenl++ |
160 | for(i=nrefauthors-1;i>0;i--) { | 160 | for(i=nrefauthors-1;i>0;i--) { |
161 | add(refauthors[i]) | 161 | add(refauthors[i]) |
162 | if(i>1) | 162 | if(i>1) |
163 | add(", ") | 163 | add(", ") |
164 | } | 164 | } |
165 | if(nrefauthors>1) | 165 | if(nrefauthors>1) |
166 | add(" and ") | 166 | add(" and ") |
167 | add(refauthors[0] ", \\fI" reftitle "\\fP") | 167 | add(refauthors[0] ", \\fI" reftitle "\\fP") |
168 | if(length(refissue)) | 168 | if(length(refissue)) |
169 | add(", " refissue) | 169 | add(", " refissue) |
170 | if(length(refdate)) | 170 | if(length(refdate)) |
171 | add(", " refdate) | 171 | add(", " refdate) |
172 | if(length(refopt)) | 172 | if(length(refopt)) |
173 | add(", " refopt) | 173 | add(", " refopt) |
174 | add(".") | 174 | add(".") |
175 | reference=0 | 175 | reference=0 |
176 | } else if(reference) { | 176 | } else if(reference) { |
177 | if(match(words[w],"^%A$")) { refauthors[nrefauthors++]=wtail() } | 177 | if(match(words[w],"^%A$")) { refauthors[nrefauthors++]=wtail() } |
178 | if(match(words[w],"^%T$")) { | 178 | if(match(words[w],"^%T$")) { |
179 | reftitle=wtail() | 179 | reftitle=wtail() |
180 | sub("^\"","",reftitle) | 180 | sub("^\"","",reftitle) |
181 | sub("\"$","",reftitle) | 181 | sub("\"$","",reftitle) |
182 | } | 182 | } |
183 | if(match(words[w],"^%N$")) { refissue=wtail() } | 183 | if(match(words[w],"^%N$")) { refissue=wtail() } |
184 | if(match(words[w],"^%D$")) { refdate=wtail() } | 184 | if(match(words[w],"^%D$")) { refdate=wtail() } |
185 | if(match(words[w],"^%O$")) { refopt=wtail() } | 185 | if(match(words[w],"^%O$")) { refopt=wtail() } |
186 | } else if(match(words[w],"^Nm$")) { | 186 | } else if(match(words[w],"^Nm$")) { |
187 | if(synopsis) { | 187 | if(synopsis) { |
188 | add(".br") | 188 | add(".br") |
189 | prenl++ | 189 | prenl++ |
190 | } | 190 | } |
191 | n=words[++w] | 191 | n=words[++w] |
192 | if(!length(name)) | 192 | if(!length(name)) |
193 | name=n | 193 | name=n |
194 | if(!length(n)) | 194 | if(!length(n)) |
195 | n=name | 195 | n=name |
196 | add("\\fB" n "\\fP") | 196 | add("\\fB" n "\\fP") |
197 | if(!nospace&&match(words[w+1],"^[\\.,]")) | 197 | if(!nospace&&match(words[w+1],"^[\\.,]")) |
198 | nospace=1 | 198 | nospace=1 |
199 | } else if(match(words[w],"^Nd$")) { | 199 | } else if(match(words[w],"^Nd$")) { |
200 | add("\\- " wtail()) | 200 | add("\\- " wtail()) |
201 | } else if(match(words[w],"^Fl$")) { | 201 | } else if(match(words[w],"^Fl$")) { |
202 | add("\\fB\\-" words[++w] "\\fP") | 202 | add("\\fB\\-" words[++w] "\\fP") |
203 | if(!nospace&&match(words[w+1],"^[\\.,]")) | 203 | if(!nospace&&match(words[w+1],"^[\\.,]")) |
204 | nospace=1 | 204 | nospace=1 |
205 | } else if(match(words[w],"^Ar$")) { | 205 | } else if(match(words[w],"^Ar$")) { |
206 | add("\\fI") | 206 | add("\\fI") |
207 | if(w==nwords) | 207 | if(w==nwords) |
208 | add("file ...\\fP") | 208 | add("file ...\\fP") |
209 | else { | 209 | else { |
210 | add(words[++w] "\\fP") | 210 | add(words[++w] "\\fP") |
211 | while(match(words[w+1],"^\\|$")) | 211 | while(match(words[w+1],"^\\|$")) |
212 | add(OFS words[++w] " \\fI" words[++w] "\\fP") | 212 | add(OFS words[++w] " \\fI" words[++w] "\\fP") |
213 | } | 213 | } |
214 | if(!nospace&&match(words[w+1],"^[\\.,]")) | 214 | if(!nospace&&match(words[w+1],"^[\\.,]")) |
215 | nospace=1 | 215 | nospace=1 |
216 | } else if(match(words[w],"^Cm$")) { | 216 | } else if(match(words[w],"^Cm$")) { |
217 | add("\\fB" words[++w] "\\fP") | 217 | add("\\fB" words[++w] "\\fP") |
218 | while(w<nwords&&match(words[w+1],"^[\\.,:;)]")) | 218 | while(w<nwords&&match(words[w+1],"^[\\.,:;)]")) |
219 | add(words[++w]) | 219 | add(words[++w]) |
220 | } else if(match(words[w],"^Op$")) { | 220 | } else if(match(words[w],"^Op$")) { |
221 | option=1 | 221 | option=1 |
222 | if(!nospace) | 222 | if(!nospace) |
223 | nospace=1 | 223 | nospace=1 |
224 | add("[") | 224 | add("[") |
225 | } else if(match(words[w],"^Pp$")) { | 225 | } else if(match(words[w],"^Pp$")) { |
226 | prenl++ | 226 | prenl++ |
@@ -232,10 +232,10 @@ function add(str) { | |||
232 | add("\\fI") | 232 | add("\\fI") |
233 | w++ | 233 | w++ |
234 | if(match(words[w],"^\\.")) | 234 | if(match(words[w],"^\\.")) |
235 | add("\\&") | 235 | add("\\&") |
236 | add(words[w] "\\fP") | 236 | add(words[w] "\\fP") |
237 | while(w<nwords&&match(words[w+1],"^[\\.,:;)]")) | 237 | while(w<nwords&&match(words[w+1],"^[\\.,:;)]")) |
238 | add(words[++w]) | 238 | add(words[++w]) |
239 | } else if(match(words[w],"^Dv$")) { | 239 | } else if(match(words[w],"^Dv$")) { |
240 | add(".BR") | 240 | add(".BR") |
241 | } else if(match(words[w],"^Em|Ev$")) { | 241 | } else if(match(words[w],"^Em|Ev$")) { |
@@ -254,69 +254,69 @@ function add(str) { | |||
254 | plain=1 | 254 | plain=1 |
255 | add("\\fB") | 255 | add("\\fB") |
256 | while(w<nwords) { | 256 | while(w<nwords) { |
257 | w++ | 257 | w++ |
258 | if(match(words[w],"^Op$")) { | 258 | if(match(words[w],"^Op$")) { |
259 | w++ | 259 | w++ |
260 | add("[") | 260 | add("[") |
261 | words[nwords]=words[nwords] "]" | 261 | words[nwords]=words[nwords] "]" |
262 | } | 262 | } |
263 | if(match(words[w],"^Ar$")) { | 263 | if(match(words[w],"^Ar$")) { |
264 | add("\\fI" words[++w] "\\fP") | 264 | add("\\fI" words[++w] "\\fP") |
265 | } else if(match(words[w],"^[\\.,]")) { | 265 | } else if(match(words[w],"^[\\.,]")) { |
266 | sub(" $","",line) | 266 | sub(" $","",line) |
267 | if(plain) { | 267 | if(plain) { |
268 | add("\\fP") | 268 | add("\\fP") |
269 | plain=0 | 269 | plain=0 |
270 | } | 270 | } |
271 | add(words[w]) | 271 | add(words[w]) |
272 | } else { | 272 | } else { |
273 | if(!plain) { | 273 | if(!plain) { |
274 | add("\\fB") | 274 | add("\\fB") |
275 | plain=1 | 275 | plain=1 |
276 | } | 276 | } |
277 | add(words[w]) | 277 | add(words[w]) |
278 | } | 278 | } |
279 | if(!nospace) | 279 | if(!nospace) |
280 | add(OFS) | 280 | add(OFS) |
281 | } | 281 | } |
282 | sub(" $","",line) | 282 | sub(" $","",line) |
283 | if(plain) | 283 | if(plain) |
284 | add("\\fP") | 284 | add("\\fP") |
285 | } else if(match(words[w],"^Bl$")) { | 285 | } else if(match(words[w],"^Bl$")) { |
286 | oldoptlist=optlist | 286 | oldoptlist=optlist |
287 | if(match(words[w+1],"-bullet")) | 287 | if(match(words[w+1],"-bullet")) |
288 | optlist=1 | 288 | optlist=1 |
289 | else if(match(words[w+1],"-enum")) { | 289 | else if(match(words[w+1],"-enum")) { |
290 | optlist=2 | 290 | optlist=2 |
291 | enum=0 | 291 | enum=0 |
292 | } else if(match(words[w+1],"-tag")) | 292 | } else if(match(words[w+1],"-tag")) |
293 | optlist=3 | 293 | optlist=3 |
294 | else if(match(words[w+1],"-item")) | 294 | else if(match(words[w+1],"-item")) |
295 | optlist=4 | 295 | optlist=4 |
296 | else if(match(words[w+1],"-bullet")) | 296 | else if(match(words[w+1],"-bullet")) |
297 | optlist=1 | 297 | optlist=1 |
298 | w=nwords | 298 | w=nwords |
299 | } else if(match(words[w],"^El$")) { | 299 | } else if(match(words[w],"^El$")) { |
300 | optlist=oldoptlist | 300 | optlist=oldoptlist |
301 | } else if(match(words[w],"^It$")&&optlist) { | 301 | } else if(match(words[w],"^It$")&&optlist) { |
302 | if(optlist==1) | 302 | if(optlist==1) |
303 | add(".IP \\(bu") | 303 | add(".IP \\(bu") |
304 | else if(optlist==2) | 304 | else if(optlist==2) |
305 | add(".IP " ++enum ".") | 305 | add(".IP " ++enum ".") |
306 | else if(optlist==3) { | 306 | else if(optlist==3) { |
307 | add(".TP") | 307 | add(".TP") |
308 | prenl++ | 308 | prenl++ |
309 | if(match(words[w+1],"^Pa|Ev$")) { | 309 | if(match(words[w+1],"^Pa|Ev$")) { |
310 | add(".B") | 310 | add(".B") |
311 | w++ | 311 | w++ |
312 | } | 312 | } |
313 | } else if(optlist==4) | 313 | } else if(optlist==4) |
314 | add(".IP") | 314 | add(".IP") |
315 | } else if(match(words[w],"^Sm$")) { | 315 | } else if(match(words[w],"^Sm$")) { |
316 | if(match(words[w+1],"off")) | 316 | if(match(words[w+1],"off")) |
317 | nospace=2 | 317 | nospace=2 |
318 | else if(match(words[w+1],"on")) | 318 | else if(match(words[w+1],"on")) |
319 | nospace=0 | 319 | nospace=0 |
320 | w++ | 320 | w++ |
321 | } else if(!skip) { | 321 | } else if(!skip) { |
322 | add(words[w]) | 322 | add(words[w]) |
diff --git a/mkinstalldirs b/mkinstalldirs index 614ef33d8..47d5f43fe 100755 --- a/mkinstalldirs +++ b/mkinstalldirs | |||
@@ -4,7 +4,7 @@ | |||
4 | # Created: 1993-05-16 | 4 | # Created: 1993-05-16 |
5 | # Public domain | 5 | # Public domain |
6 | 6 | ||
7 | # $Id: mkinstalldirs,v 1.1 2000/05/20 05:33:45 damien Exp $ | 7 | # $Id: mkinstalldirs,v 1.2 2003/11/21 12:48:55 djm Exp $ |
8 | 8 | ||
9 | errstatus=0 | 9 | errstatus=0 |
10 | 10 | ||
@@ -22,13 +22,13 @@ do | |||
22 | esac | 22 | esac |
23 | 23 | ||
24 | if test ! -d "$pathcomp"; then | 24 | if test ! -d "$pathcomp"; then |
25 | echo "mkdir $pathcomp" | 25 | echo "mkdir $pathcomp" |
26 | 26 | ||
27 | mkdir "$pathcomp" || lasterr=$? | 27 | mkdir "$pathcomp" || lasterr=$? |
28 | 28 | ||
29 | if test ! -d "$pathcomp"; then | 29 | if test ! -d "$pathcomp"; then |
30 | errstatus=$lasterr | 30 | errstatus=$lasterr |
31 | fi | 31 | fi |
32 | fi | 32 | fi |
33 | 33 | ||
34 | pathcomp="$pathcomp/" | 34 | pathcomp="$pathcomp/" |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: moduli.c,v 1.1 2003/07/28 09:49:56 djm Exp $ */ | 1 | /* $OpenBSD: moduli.c,v 1.2 2003/11/21 11:57:03 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> | 3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> |
4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> | 4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> |
@@ -46,7 +46,7 @@ | |||
46 | 46 | ||
47 | 47 | ||
48 | /* | 48 | /* |
49 | * Debugging defines | 49 | * Debugging defines |
50 | */ | 50 | */ |
51 | 51 | ||
52 | /* define DEBUG_LARGE 1 */ | 52 | /* define DEBUG_LARGE 1 */ |
@@ -244,9 +244,9 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) | |||
244 | largememory = memory; | 244 | largememory = memory; |
245 | 245 | ||
246 | /* | 246 | /* |
247 | * Set power to the length in bits of the prime to be generated. | 247 | * Set power to the length in bits of the prime to be generated. |
248 | * This is changed to 1 less than the desired safe prime moduli p. | 248 | * This is changed to 1 less than the desired safe prime moduli p. |
249 | */ | 249 | */ |
250 | if (power > TEST_MAXIMUM) { | 250 | if (power > TEST_MAXIMUM) { |
251 | error("Too many bits: %u > %lu", power, TEST_MAXIMUM); | 251 | error("Too many bits: %u > %lu", power, TEST_MAXIMUM); |
252 | return (-1); | 252 | return (-1); |
@@ -257,16 +257,16 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) | |||
257 | power--; /* decrement before squaring */ | 257 | power--; /* decrement before squaring */ |
258 | 258 | ||
259 | /* | 259 | /* |
260 | * The density of ordinary primes is on the order of 1/bits, so the | 260 | * The density of ordinary primes is on the order of 1/bits, so the |
261 | * density of safe primes should be about (1/bits)**2. Set test range | 261 | * density of safe primes should be about (1/bits)**2. Set test range |
262 | * to something well above bits**2 to be reasonably sure (but not | 262 | * to something well above bits**2 to be reasonably sure (but not |
263 | * guaranteed) of catching at least one safe prime. | 263 | * guaranteed) of catching at least one safe prime. |
264 | */ | 264 | */ |
265 | largewords = ((power * power) >> (SHIFT_WORD - TEST_POWER)); | 265 | largewords = ((power * power) >> (SHIFT_WORD - TEST_POWER)); |
266 | 266 | ||
267 | /* | 267 | /* |
268 | * Need idea of how much memory is available. We don't have to use all | 268 | * Need idea of how much memory is available. We don't have to use all |
269 | * of it. | 269 | * of it. |
270 | */ | 270 | */ |
271 | if (largememory > LARGE_MAXIMUM) { | 271 | if (largememory > LARGE_MAXIMUM) { |
272 | logit("Limited memory: %u MB; limit %lu MB", | 272 | logit("Limited memory: %u MB; limit %lu MB", |
@@ -315,8 +315,8 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) | |||
315 | q = BN_new(); | 315 | q = BN_new(); |
316 | 316 | ||
317 | /* | 317 | /* |
318 | * Generate random starting point for subprime search, or use | 318 | * Generate random starting point for subprime search, or use |
319 | * specified parameter. | 319 | * specified parameter. |
320 | */ | 320 | */ |
321 | largebase = BN_new(); | 321 | largebase = BN_new(); |
322 | if (start == NULL) | 322 | if (start == NULL) |
@@ -329,13 +329,13 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) | |||
329 | 329 | ||
330 | time(&time_start); | 330 | time(&time_start); |
331 | 331 | ||
332 | logit("%.24s Sieve next %u plus %u-bit", ctime(&time_start), | 332 | logit("%.24s Sieve next %u plus %u-bit", ctime(&time_start), |
333 | largenumbers, power); | 333 | largenumbers, power); |
334 | debug2("start point: 0x%s", BN_bn2hex(largebase)); | 334 | debug2("start point: 0x%s", BN_bn2hex(largebase)); |
335 | 335 | ||
336 | /* | 336 | /* |
337 | * TinySieve | 337 | * TinySieve |
338 | */ | 338 | */ |
339 | for (i = 0; i < tinybits; i++) { | 339 | for (i = 0; i < tinybits; i++) { |
340 | if (BIT_TEST(TinySieve, i)) | 340 | if (BIT_TEST(TinySieve, i)) |
341 | continue; /* 2*i+3 is composite */ | 341 | continue; /* 2*i+3 is composite */ |
@@ -351,9 +351,9 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) | |||
351 | } | 351 | } |
352 | 352 | ||
353 | /* | 353 | /* |
354 | * Start the small block search at the next possible prime. To avoid | 354 | * Start the small block search at the next possible prime. To avoid |
355 | * fencepost errors, the last pass is skipped. | 355 | * fencepost errors, the last pass is skipped. |
356 | */ | 356 | */ |
357 | for (smallbase = TINY_NUMBER + 3; | 357 | for (smallbase = TINY_NUMBER + 3; |
358 | smallbase < (SMALL_MAXIMUM - TINY_NUMBER); | 358 | smallbase < (SMALL_MAXIMUM - TINY_NUMBER); |
359 | smallbase += TINY_NUMBER) { | 359 | smallbase += TINY_NUMBER) { |
@@ -386,8 +386,8 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) | |||
386 | } | 386 | } |
387 | 387 | ||
388 | /* | 388 | /* |
389 | * SmallSieve | 389 | * SmallSieve |
390 | */ | 390 | */ |
391 | for (i = 0; i < smallbits; i++) { | 391 | for (i = 0; i < smallbits; i++) { |
392 | if (BIT_TEST(SmallSieve, i)) | 392 | if (BIT_TEST(SmallSieve, i)) |
393 | continue; /* 2*i+smallbase is composite */ | 393 | continue; /* 2*i+smallbase is composite */ |
@@ -438,7 +438,7 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) | |||
438 | * The result is a list of so-call "safe" primes | 438 | * The result is a list of so-call "safe" primes |
439 | */ | 439 | */ |
440 | int | 440 | int |
441 | prime_test(FILE *in, FILE *out, u_int32_t trials, | 441 | prime_test(FILE *in, FILE *out, u_int32_t trials, |
442 | u_int32_t generator_wanted) | 442 | u_int32_t generator_wanted) |
443 | { | 443 | { |
444 | BIGNUM *q, *p, *a; | 444 | BIGNUM *q, *p, *a; |
@@ -562,10 +562,10 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, | |||
562 | count_possible++; | 562 | count_possible++; |
563 | 563 | ||
564 | /* | 564 | /* |
565 | * The (1/4)^N performance bound on Miller-Rabin is | 565 | * The (1/4)^N performance bound on Miller-Rabin is |
566 | * extremely pessimistic, so don't spend a lot of time | 566 | * extremely pessimistic, so don't spend a lot of time |
567 | * really verifying that q is prime until after we know | 567 | * really verifying that q is prime until after we know |
568 | * that p is also prime. A single pass will weed out the | 568 | * that p is also prime. A single pass will weed out the |
569 | * vast majority of composite q's. | 569 | * vast majority of composite q's. |
570 | */ | 570 | */ |
571 | if (BN_is_prime(q, 1, NULL, ctx, NULL) <= 0) { | 571 | if (BN_is_prime(q, 1, NULL, ctx, NULL) <= 0) { |
@@ -575,9 +575,9 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, | |||
575 | } | 575 | } |
576 | 576 | ||
577 | /* | 577 | /* |
578 | * q is possibly prime, so go ahead and really make sure | 578 | * q is possibly prime, so go ahead and really make sure |
579 | * that p is prime. If it is, then we can go back and do | 579 | * that p is prime. If it is, then we can go back and do |
580 | * the same for q. If p is composite, chances are that | 580 | * the same for q. If p is composite, chances are that |
581 | * will show up on the first Rabin-Miller iteration so it | 581 | * will show up on the first Rabin-Miller iteration so it |
582 | * doesn't hurt to specify a high iteration count. | 582 | * doesn't hurt to specify a high iteration count. |
583 | */ | 583 | */ |
@@ -594,7 +594,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, | |||
594 | } | 594 | } |
595 | debug("%10u: q is almost certainly prime", count_in); | 595 | debug("%10u: q is almost certainly prime", count_in); |
596 | 596 | ||
597 | if (qfileout(out, QTYPE_SAFE, (in_tests | QTEST_MILLER_RABIN), | 597 | if (qfileout(out, QTYPE_SAFE, (in_tests | QTEST_MILLER_RABIN), |
598 | in_tries, in_size, generator_known, p)) { | 598 | in_tries, in_size, generator_known, p)) { |
599 | res = -1; | 599 | res = -1; |
600 | break; | 600 | break; |
@@ -610,7 +610,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, | |||
610 | BN_CTX_free(ctx); | 610 | BN_CTX_free(ctx); |
611 | 611 | ||
612 | logit("%.24s Found %u safe primes of %u candidates in %ld seconds", | 612 | logit("%.24s Found %u safe primes of %u candidates in %ld seconds", |
613 | ctime(&time_stop), count_out, count_possible, | 613 | ctime(&time_stop), count_out, count_possible, |
614 | (long) (time_stop - time_start)); | 614 | (long) (time_stop - time_start)); |
615 | 615 | ||
616 | return (res); | 616 | return (res); |
@@ -25,7 +25,7 @@ | |||
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "includes.h" | 27 | #include "includes.h" |
28 | RCSID("$OpenBSD: monitor.c,v 1.53 2003/11/18 10:53:07 djm Exp $"); | 28 | RCSID("$OpenBSD: monitor.c,v 1.54 2003/11/21 11:57:03 djm Exp $"); |
29 | 29 | ||
30 | #include <openssl/dh.h> | 30 | #include <openssl/dh.h> |
31 | 31 | ||
@@ -313,7 +313,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) | |||
313 | Buffer m; | 313 | Buffer m; |
314 | 314 | ||
315 | buffer_init(&m); | 315 | buffer_init(&m); |
316 | mm_request_receive_expect(pmonitor->m_sendfd, | 316 | mm_request_receive_expect(pmonitor->m_sendfd, |
317 | MONITOR_REQ_PAM_ACCOUNT, &m); | 317 | MONITOR_REQ_PAM_ACCOUNT, &m); |
318 | authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m); | 318 | authenticated = mm_answer_pam_account(pmonitor->m_sendfd, &m); |
319 | buffer_free(&m); | 319 | buffer_free(&m); |
diff --git a/monitor_wrap.c b/monitor_wrap.c index c685535d3..7ca9672ff 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -715,7 +715,7 @@ mm_do_pam_account(void) | |||
715 | buffer_init(&m); | 715 | buffer_init(&m); |
716 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, &m); | 716 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_ACCOUNT, &m); |
717 | 717 | ||
718 | mm_request_receive_expect(pmonitor->m_recvfd, | 718 | mm_request_receive_expect(pmonitor->m_recvfd, |
719 | MONITOR_ANS_PAM_ACCOUNT, &m); | 719 | MONITOR_ANS_PAM_ACCOUNT, &m); |
720 | ret = buffer_get_int(&m); | 720 | ret = buffer_get_int(&m); |
721 | 721 | ||
@@ -1,8 +1,8 @@ | |||
1 | .\" $OpenBSD: nchan.ms,v 1.7 2001/01/29 01:58:17 niklas Exp $ | 1 | .\" $OpenBSD: nchan.ms,v 1.8 2003/11/21 11:57:03 djm Exp $ |
2 | .\" | ||
2 | .\" | 3 | .\" |
3 | .\" | ||
4 | .\" Copyright (c) 1999 Markus Friedl. All rights reserved. | 4 | .\" Copyright (c) 1999 Markus Friedl. All rights reserved. |
5 | .\" | 5 | .\" |
6 | .\" Redistribution and use in source and binary forms, with or without | 6 | .\" Redistribution and use in source and binary forms, with or without |
7 | .\" modification, are permitted provided that the following conditions | 7 | .\" modification, are permitted provided that the following conditions |
8 | .\" are met: | 8 | .\" are met: |
@@ -11,7 +11,7 @@ | |||
11 | .\" 2. Redistributions in binary form must reproduce the above copyright | 11 | .\" 2. Redistributions in binary form must reproduce the above copyright |
12 | .\" notice, this list of conditions and the following disclaimer in the | 12 | .\" notice, this list of conditions and the following disclaimer in the |
13 | .\" documentation and/or other materials provided with the distribution. | 13 | .\" documentation and/or other materials provided with the distribution. |
14 | .\" | 14 | .\" |
15 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 15 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
16 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | 16 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
17 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | 17 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
@@ -1,7 +1,7 @@ | |||
1 | .\" $OpenBSD: nchan2.ms,v 1.2 2001/10/03 10:05:57 markus Exp $ | 1 | .\" $OpenBSD: nchan2.ms,v 1.3 2003/11/21 11:57:03 djm Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | .\" Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | .\" | 4 | .\" |
5 | .\" Redistribution and use in source and binary forms, with or without | 5 | .\" Redistribution and use in source and binary forms, with or without |
6 | .\" modification, are permitted provided that the following conditions | 6 | .\" modification, are permitted provided that the following conditions |
7 | .\" are met: | 7 | .\" are met: |
@@ -10,7 +10,7 @@ | |||
10 | .\" 2. Redistributions in binary form must reproduce the above copyright | 10 | .\" 2. Redistributions in binary form must reproduce the above copyright |
11 | .\" notice, this list of conditions and the following disclaimer in the | 11 | .\" notice, this list of conditions and the following disclaimer in the |
12 | .\" documentation and/or other materials provided with the distribution. | 12 | .\" documentation and/or other materials provided with the distribution. |
13 | .\" | 13 | .\" |
14 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 14 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
15 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | 15 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
16 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | 16 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
@@ -304,7 +304,7 @@ packet_connection_is_ipv4(void) | |||
304 | if (to.ss_family == AF_INET) | 304 | if (to.ss_family == AF_INET) |
305 | return 1; | 305 | return 1; |
306 | #ifdef IPV4_IN_IPV6 | 306 | #ifdef IPV4_IN_IPV6 |
307 | if (to.ss_family == AF_INET6 && | 307 | if (to.ss_family == AF_INET6 && |
308 | IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&to)->sin6_addr)) | 308 | IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&to)->sin6_addr)) |
309 | return 1; | 309 | return 1; |
310 | #endif | 310 | #endif |
diff --git a/readconf.h b/readconf.h index 8aab2e606..650132346 100644 --- a/readconf.h +++ b/readconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.h,v 1.56 2003/10/11 08:24:08 markus Exp $ */ | 1 | /* $OpenBSD: readconf.h,v 1.57 2003/11/21 11:57:03 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -61,7 +61,7 @@ typedef struct { | |||
61 | int connection_attempts; /* Max attempts (seconds) before | 61 | int connection_attempts; /* Max attempts (seconds) before |
62 | * giving up */ | 62 | * giving up */ |
63 | int connection_timeout; /* Max time (seconds) before | 63 | int connection_timeout; /* Max time (seconds) before |
64 | * aborting connection attempt */ | 64 | * aborting connection attempt */ |
65 | int number_of_password_prompts; /* Max number of password | 65 | int number_of_password_prompts; /* Max number of password |
66 | * prompts. */ | 66 | * prompts. */ |
67 | int cipher; /* Cipher to use. */ | 67 | int cipher; /* Cipher to use. */ |
diff --git a/rijndael.c b/rijndael.c index 6965ca3b0..1cd24de14 100644 --- a/rijndael.c +++ b/rijndael.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: rijndael.c,v 1.14 2002/07/10 17:53:54 deraadt Exp $ */ | 1 | /* $OpenBSD: rijndael.c,v 1.15 2003/11/21 11:57:03 djm Exp $ */ |
2 | 2 | ||
3 | /** | 3 | /** |
4 | * rijndael-alg-fst.c | 4 | * rijndael-alg-fst.c |
@@ -725,7 +725,7 @@ static const u32 rcon[] = { | |||
725 | * @return the number of rounds for the given cipher key size. | 725 | * @return the number of rounds for the given cipher key size. |
726 | */ | 726 | */ |
727 | static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) { | 727 | static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) { |
728 | int i = 0; | 728 | int i = 0; |
729 | u32 temp; | 729 | u32 temp; |
730 | 730 | ||
731 | rk[0] = GETU32(cipherKey ); | 731 | rk[0] = GETU32(cipherKey ); |
@@ -797,7 +797,7 @@ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int | |||
797 | (Te4[(temp ) & 0xff] & 0x000000ff); | 797 | (Te4[(temp ) & 0xff] & 0x000000ff); |
798 | rk[13] = rk[ 5] ^ rk[12]; | 798 | rk[13] = rk[ 5] ^ rk[12]; |
799 | rk[14] = rk[ 6] ^ rk[13]; | 799 | rk[14] = rk[ 6] ^ rk[13]; |
800 | rk[15] = rk[ 7] ^ rk[14]; | 800 | rk[15] = rk[ 7] ^ rk[14]; |
801 | rk += 8; | 801 | rk += 8; |
802 | } | 802 | } |
803 | } | 803 | } |
@@ -871,50 +871,50 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16 | |||
871 | s3 = GETU32(pt + 12) ^ rk[3]; | 871 | s3 = GETU32(pt + 12) ^ rk[3]; |
872 | #ifdef FULL_UNROLL | 872 | #ifdef FULL_UNROLL |
873 | /* round 1: */ | 873 | /* round 1: */ |
874 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; | 874 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; |
875 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; | 875 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; |
876 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; | 876 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; |
877 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; | 877 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; |
878 | /* round 2: */ | 878 | /* round 2: */ |
879 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; | 879 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; |
880 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; | 880 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; |
881 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; | 881 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; |
882 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; | 882 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; |
883 | /* round 3: */ | 883 | /* round 3: */ |
884 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; | 884 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; |
885 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; | 885 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; |
886 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; | 886 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; |
887 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; | 887 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; |
888 | /* round 4: */ | 888 | /* round 4: */ |
889 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; | 889 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; |
890 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; | 890 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; |
891 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; | 891 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; |
892 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; | 892 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; |
893 | /* round 5: */ | 893 | /* round 5: */ |
894 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; | 894 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; |
895 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; | 895 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; |
896 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; | 896 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; |
897 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; | 897 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; |
898 | /* round 6: */ | 898 | /* round 6: */ |
899 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; | 899 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; |
900 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; | 900 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; |
901 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; | 901 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; |
902 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; | 902 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; |
903 | /* round 7: */ | 903 | /* round 7: */ |
904 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; | 904 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; |
905 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; | 905 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; |
906 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; | 906 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; |
907 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; | 907 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; |
908 | /* round 8: */ | 908 | /* round 8: */ |
909 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; | 909 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; |
910 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; | 910 | s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; |
911 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; | 911 | s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; |
912 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; | 912 | s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; |
913 | /* round 9: */ | 913 | /* round 9: */ |
914 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; | 914 | t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; |
915 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; | 915 | t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; |
916 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; | 916 | t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; |
917 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; | 917 | t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; |
918 | if (Nr > 10) { | 918 | if (Nr > 10) { |
919 | /* round 10: */ | 919 | /* round 10: */ |
920 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; | 920 | s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; |
@@ -1187,33 +1187,33 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16 | |||
1187 | * apply last round and | 1187 | * apply last round and |
1188 | * map cipher state to byte array block: | 1188 | * map cipher state to byte array block: |
1189 | */ | 1189 | */ |
1190 | s0 = | 1190 | s0 = |
1191 | (Td4[(t0 >> 24) ] & 0xff000000) ^ | 1191 | (Td4[(t0 >> 24) ] & 0xff000000) ^ |
1192 | (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ | 1192 | (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ |
1193 | (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ | 1193 | (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ |
1194 | (Td4[(t1 ) & 0xff] & 0x000000ff) ^ | 1194 | (Td4[(t1 ) & 0xff] & 0x000000ff) ^ |
1195 | rk[0]; | 1195 | rk[0]; |
1196 | PUTU32(pt , s0); | 1196 | PUTU32(pt , s0); |
1197 | s1 = | 1197 | s1 = |
1198 | (Td4[(t1 >> 24) ] & 0xff000000) ^ | 1198 | (Td4[(t1 >> 24) ] & 0xff000000) ^ |
1199 | (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ | 1199 | (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ |
1200 | (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ | 1200 | (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ |
1201 | (Td4[(t2 ) & 0xff] & 0x000000ff) ^ | 1201 | (Td4[(t2 ) & 0xff] & 0x000000ff) ^ |
1202 | rk[1]; | 1202 | rk[1]; |
1203 | PUTU32(pt + 4, s1); | 1203 | PUTU32(pt + 4, s1); |
1204 | s2 = | 1204 | s2 = |
1205 | (Td4[(t2 >> 24) ] & 0xff000000) ^ | 1205 | (Td4[(t2 >> 24) ] & 0xff000000) ^ |
1206 | (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ | 1206 | (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ |
1207 | (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ | 1207 | (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ |
1208 | (Td4[(t3 ) & 0xff] & 0x000000ff) ^ | 1208 | (Td4[(t3 ) & 0xff] & 0x000000ff) ^ |
1209 | rk[2]; | 1209 | rk[2]; |
1210 | PUTU32(pt + 8, s2); | 1210 | PUTU32(pt + 8, s2); |
1211 | s3 = | 1211 | s3 = |
1212 | (Td4[(t3 >> 24) ] & 0xff000000) ^ | 1212 | (Td4[(t3 >> 24) ] & 0xff000000) ^ |
1213 | (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ | 1213 | (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ |
1214 | (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ | 1214 | (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ |
1215 | (Td4[(t0 ) & 0xff] & 0x000000ff) ^ | 1215 | (Td4[(t0 ) & 0xff] & 0x000000ff) ^ |
1216 | rk[3]; | 1216 | rk[3]; |
1217 | PUTU32(pt + 12, s3); | 1217 | PUTU32(pt + 12, s3); |
1218 | } | 1218 | } |
1219 | 1219 | ||
diff --git a/scard-opensc.c b/scard-opensc.c index 2489fec45..ff3017f5e 100644 --- a/scard-opensc.c +++ b/scard-opensc.c | |||
@@ -1,7 +1,7 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (c) 2002 Juha Yrjölä. All rights reserved. | 2 | * Copyright (c) 2002 Juha Yrjölä. All rights reserved. |
3 | * Copyright (c) 2001 Markus Friedl. | 3 | * Copyright (c) 2001 Markus Friedl. |
4 | * | 4 | * |
5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
7 | * are met: | 7 | * are met: |
@@ -81,7 +81,7 @@ sc_close(void) | |||
81 | } | 81 | } |
82 | } | 82 | } |
83 | 83 | ||
84 | static int | 84 | static int |
85 | sc_init(void) | 85 | sc_init(void) |
86 | { | 86 | { |
87 | int r; | 87 | int r; |
@@ -91,7 +91,7 @@ sc_init(void) | |||
91 | goto err; | 91 | goto err; |
92 | if (sc_reader_id >= ctx->reader_count) { | 92 | if (sc_reader_id >= ctx->reader_count) { |
93 | r = SC_ERROR_NO_READERS_FOUND; | 93 | r = SC_ERROR_NO_READERS_FOUND; |
94 | error("Illegal reader number %d (max %d)", sc_reader_id, | 94 | error("Illegal reader number %d (max %d)", sc_reader_id, |
95 | ctx->reader_count -1); | 95 | ctx->reader_count -1); |
96 | goto err; | 96 | goto err; |
97 | } | 97 | } |
@@ -131,7 +131,7 @@ sc_prkey_op_init(RSA *rsa, struct sc_pkcs15_object **key_obj_out, | |||
131 | goto err; | 131 | goto err; |
132 | } | 132 | } |
133 | } | 133 | } |
134 | r = sc_pkcs15_find_prkey_by_id_usage(p15card, &priv->cert_id, | 134 | r = sc_pkcs15_find_prkey_by_id_usage(p15card, &priv->cert_id, |
135 | usage, &key_obj); | 135 | usage, &key_obj); |
136 | if (r) { | 136 | if (r) { |
137 | error("Unable to find private key from SmartCard: %s", | 137 | error("Unable to find private key from SmartCard: %s", |
@@ -193,7 +193,7 @@ sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, | |||
193 | r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_DECRYPT); | 193 | r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_DECRYPT); |
194 | if (r) | 194 | if (r) |
195 | return -1; | 195 | return -1; |
196 | r = sc_pkcs15_decipher(p15card, key_obj, SC_ALGORITHM_RSA_PAD_PKCS1, | 196 | r = sc_pkcs15_decipher(p15card, key_obj, SC_ALGORITHM_RSA_PAD_PKCS1, |
197 | from, flen, to, flen); | 197 | from, flen, to, flen); |
198 | sc_unlock(card); | 198 | sc_unlock(card); |
199 | if (r < 0) { | 199 | if (r < 0) { |
@@ -223,7 +223,7 @@ sc_sign(int type, u_char *m, unsigned int m_len, | |||
223 | * the key will be rejected as using a non-repudiation key | 223 | * the key will be rejected as using a non-repudiation key |
224 | * for authentication is not recommended. Note: This does not | 224 | * for authentication is not recommended. Note: This does not |
225 | * prevent the use of a non-repudiation key for authentication | 225 | * prevent the use of a non-repudiation key for authentication |
226 | * if the sign or signrecover flag is set as well. | 226 | * if the sign or signrecover flag is set as well. |
227 | */ | 227 | */ |
228 | r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_SIGN); | 228 | r = sc_prkey_op_init(rsa, &key_obj, SC_USAGE_SIGN); |
229 | if (r) | 229 | if (r) |
@@ -337,7 +337,7 @@ convert_rsa_to_rsa1(Key * in, Key * out) | |||
337 | return; | 337 | return; |
338 | } | 338 | } |
339 | 339 | ||
340 | static int | 340 | static int |
341 | sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) | 341 | sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) |
342 | { | 342 | { |
343 | int r; | 343 | int r; |
@@ -358,7 +358,7 @@ sc_read_pubkey(Key * k, const struct sc_pkcs15_object *cert_obj) | |||
358 | } | 358 | } |
359 | x509 = X509_new(); | 359 | x509 = X509_new(); |
360 | if (x509 == NULL) { | 360 | if (x509 == NULL) { |
361 | r = -1; | 361 | r = -1; |
362 | goto err; | 362 | goto err; |
363 | } | 363 | } |
364 | p = cert->data; | 364 | p = cert->data; |
@@ -71,7 +71,7 @@ | |||
71 | */ | 71 | */ |
72 | 72 | ||
73 | #include "includes.h" | 73 | #include "includes.h" |
74 | RCSID("$OpenBSD: scp.c,v 1.111 2003/11/12 10:12:15 dtucker Exp $"); | 74 | RCSID("$OpenBSD: scp.c,v 1.112 2003/11/21 11:57:03 djm Exp $"); |
75 | 75 | ||
76 | #include "xmalloc.h" | 76 | #include "xmalloc.h" |
77 | #include "atomicio.h" | 77 | #include "atomicio.h" |
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.167 2003/11/04 08:54:09 djm Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.168 2003/11/21 11:57:03 djm Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -980,7 +980,7 @@ do_setup_env(Session *s, const char *shell) | |||
980 | #endif | 980 | #endif |
981 | 981 | ||
982 | #ifdef GSSAPI | 982 | #ifdef GSSAPI |
983 | /* Allow any GSSAPI methods that we've used to alter | 983 | /* Allow any GSSAPI methods that we've used to alter |
984 | * the childs environment as they see fit | 984 | * the childs environment as they see fit |
985 | */ | 985 | */ |
986 | ssh_gssapi_do_child(&env, &envsize); | 986 | ssh_gssapi_do_child(&env, &envsize); |
@@ -1012,7 +1012,7 @@ do_setup_env(Session *s, const char *shell) | |||
1012 | path = child_get_env(env, "PATH"); | 1012 | path = child_get_env(env, "PATH"); |
1013 | # endif /* HAVE_ETC_DEFAULT_LOGIN */ | 1013 | # endif /* HAVE_ETC_DEFAULT_LOGIN */ |
1014 | if (path == NULL || *path == '\0') { | 1014 | if (path == NULL || *path == '\0') { |
1015 | child_set_env(&env, &envsize, "PATH", | 1015 | child_set_env(&env, &envsize, "PATH", |
1016 | s->pw->pw_uid == 0 ? | 1016 | s->pw->pw_uid == 0 ? |
1017 | SUPERUSER_PATH : _PATH_STDPATH); | 1017 | SUPERUSER_PATH : _PATH_STDPATH); |
1018 | } | 1018 | } |
@@ -1266,7 +1266,7 @@ do_setusercontext(struct passwd *pw) | |||
1266 | endgrent(); | 1266 | endgrent(); |
1267 | # ifdef USE_PAM | 1267 | # ifdef USE_PAM |
1268 | /* | 1268 | /* |
1269 | * PAM credentials may take the form of supplementary groups. | 1269 | * PAM credentials may take the form of supplementary groups. |
1270 | * These will have been wiped by the above initgroups() call. | 1270 | * These will have been wiped by the above initgroups() call. |
1271 | * Reestablish them here. | 1271 | * Reestablish them here. |
1272 | */ | 1272 | */ |
diff --git a/sftp-client.c b/sftp-client.c index ffff0fe5a..8e657d1b5 100644 --- a/sftp-client.c +++ b/sftp-client.c | |||
@@ -28,7 +28,7 @@ | |||
28 | /* XXX: copy between two remote sites */ | 28 | /* XXX: copy between two remote sites */ |
29 | 29 | ||
30 | #include "includes.h" | 30 | #include "includes.h" |
31 | RCSID("$OpenBSD: sftp-client.c,v 1.44 2003/06/28 16:23:06 deraadt Exp $"); | 31 | RCSID("$OpenBSD: sftp-client.c,v 1.45 2003/11/21 11:57:03 djm Exp $"); |
32 | 32 | ||
33 | #include "openbsd-compat/sys-queue.h" | 33 | #include "openbsd-compat/sys-queue.h" |
34 | 34 | ||
@@ -798,7 +798,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, | |||
798 | return(-1); | 798 | return(-1); |
799 | } | 799 | } |
800 | 800 | ||
801 | local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, | 801 | local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, |
802 | mode | S_IWRITE); | 802 | mode | S_IWRITE); |
803 | if (local_fd == -1) { | 803 | if (local_fd == -1) { |
804 | error("Couldn't open local file \"%s\" for writing: %s", | 804 | error("Couldn't open local file \"%s\" for writing: %s", |
@@ -946,7 +946,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, | |||
946 | /* Override umask and utimes if asked */ | 946 | /* Override umask and utimes if asked */ |
947 | #ifdef HAVE_FCHMOD | 947 | #ifdef HAVE_FCHMOD |
948 | if (pflag && fchmod(local_fd, mode) == -1) | 948 | if (pflag && fchmod(local_fd, mode) == -1) |
949 | #else | 949 | #else |
950 | if (pflag && chmod(local_path, mode) == -1) | 950 | if (pflag && chmod(local_path, mode) == -1) |
951 | #endif /* HAVE_FCHMOD */ | 951 | #endif /* HAVE_FCHMOD */ |
952 | error("Couldn't set mode on \"%s\": %s", local_path, | 952 | error("Couldn't set mode on \"%s\": %s", local_path, |
diff --git a/sftp-glob.c b/sftp-glob.c index ee122a2cd..4f2234654 100644 --- a/sftp-glob.c +++ b/sftp-glob.c | |||
@@ -89,7 +89,7 @@ fudge_readdir(struct SFTP_OPENDIR *od) | |||
89 | #ifdef __GNU_LIBRARY__ | 89 | #ifdef __GNU_LIBRARY__ |
90 | /* | 90 | /* |
91 | * Idiot glibc uses extensions to struct dirent for readdir with | 91 | * Idiot glibc uses extensions to struct dirent for readdir with |
92 | * ALTDIRFUNCs. Not that this is documented anywhere but the | 92 | * ALTDIRFUNCs. Not that this is documented anywhere but the |
93 | * source... Fake an inode number to appease it. | 93 | * source... Fake an inode number to appease it. |
94 | */ | 94 | */ |
95 | ret->d_ino = inum++; | 95 | ret->d_ino = inum++; |
diff --git a/sftp-int.c b/sftp-int.c index bc5cce8de..4c280b492 100644 --- a/sftp-int.c +++ b/sftp-int.c | |||
@@ -25,7 +25,7 @@ | |||
25 | /* XXX: recursive operations */ | 25 | /* XXX: recursive operations */ |
26 | 26 | ||
27 | #include "includes.h" | 27 | #include "includes.h" |
28 | RCSID("$OpenBSD: sftp-int.c,v 1.64 2003/11/08 19:17:29 jmc Exp $"); | 28 | RCSID("$OpenBSD: sftp-int.c,v 1.65 2003/11/21 11:57:03 djm Exp $"); |
29 | 29 | ||
30 | #include "buffer.h" | 30 | #include "buffer.h" |
31 | #include "xmalloc.h" | 31 | #include "xmalloc.h" |
@@ -361,7 +361,7 @@ get_pathname(const char **cpp, char **path) | |||
361 | } | 361 | } |
362 | if (cp[i] == '\\') { /* Escaped characters */ | 362 | if (cp[i] == '\\') { /* Escaped characters */ |
363 | i++; | 363 | i++; |
364 | if (cp[i] != '\'' && cp[i] != '\"' && | 364 | if (cp[i] != '\'' && cp[i] != '\"' && |
365 | cp[i] != '\\') { | 365 | cp[i] != '\\') { |
366 | error("Bad escaped character '\%c'", | 366 | error("Bad escaped character '\%c'", |
367 | cp[i]); | 367 | cp[i]); |
@@ -389,7 +389,7 @@ get_pathname(const char **cpp, char **path) | |||
389 | return (0); | 389 | return (0); |
390 | 390 | ||
391 | fail: | 391 | fail: |
392 | xfree(*path); | 392 | xfree(*path); |
393 | *path = NULL; | 393 | *path = NULL; |
394 | return (-1); | 394 | return (-1); |
395 | } | 395 | } |
@@ -530,7 +530,7 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) | |||
530 | 530 | ||
531 | for (i = 0; g.gl_pathv[i]; i++) { | 531 | for (i = 0; g.gl_pathv[i]; i++) { |
532 | if (!is_reg(g.gl_pathv[i])) { | 532 | if (!is_reg(g.gl_pathv[i])) { |
533 | error("skipping non-regular file %s", | 533 | error("skipping non-regular file %s", |
534 | g.gl_pathv[i]); | 534 | g.gl_pathv[i]); |
535 | continue; | 535 | continue; |
536 | } | 536 | } |
@@ -598,7 +598,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) | |||
598 | for (n = 0; d[n] != NULL; n++) | 598 | for (n = 0; d[n] != NULL; n++) |
599 | m = MAX(m, strlen(d[n]->filename)); | 599 | m = MAX(m, strlen(d[n]->filename)); |
600 | 600 | ||
601 | if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1) | 601 | if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1) |
602 | width = ws.ws_col; | 602 | width = ws.ws_col; |
603 | 603 | ||
604 | columns = width / (m + 2); | 604 | columns = width / (m + 2); |
@@ -668,7 +668,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
668 | strncmp(path, g.gl_pathv[0], strlen(g.gl_pathv[0]) - 1) == 0) { | 668 | strncmp(path, g.gl_pathv[0], strlen(g.gl_pathv[0]) - 1) == 0) { |
669 | if ((a = do_lstat(conn, path, 1)) == NULL) { | 669 | if ((a = do_lstat(conn, path, 1)) == NULL) { |
670 | globfree(&g); | 670 | globfree(&g); |
671 | return (-1); | 671 | return (-1); |
672 | } | 672 | } |
673 | if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && | 673 | if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && |
674 | S_ISDIR(a->perm)) { | 674 | S_ISDIR(a->perm)) { |
@@ -682,7 +682,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
682 | struct winsize ws; | 682 | struct winsize ws; |
683 | 683 | ||
684 | /* Count entries for sort and find longest filename */ | 684 | /* Count entries for sort and find longest filename */ |
685 | for (i = 0; g.gl_pathv[i]; i++) | 685 | for (i = 0; g.gl_pathv[i]; i++) |
686 | m = MAX(m, strlen(g.gl_pathv[i])); | 686 | m = MAX(m, strlen(g.gl_pathv[i])); |
687 | 687 | ||
688 | if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1) | 688 | if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1) |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: ssh-add.c,v 1.68 2003/06/16 10:22:45 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-add.c,v 1.69 2003/11/21 11:57:03 djm Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | 41 | ||
@@ -169,14 +169,14 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
169 | } | 169 | } |
170 | } | 170 | } |
171 | 171 | ||
172 | if (ssh_add_identity_constrained(ac, private, comment, lifetime, | 172 | if (ssh_add_identity_constrained(ac, private, comment, lifetime, |
173 | confirm)) { | 173 | confirm)) { |
174 | fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); | 174 | fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
175 | ret = 0; | 175 | ret = 0; |
176 | if (lifetime != 0) | 176 | if (lifetime != 0) |
177 | fprintf(stderr, | 177 | fprintf(stderr, |
178 | "Lifetime set to %d seconds\n", lifetime); | 178 | "Lifetime set to %d seconds\n", lifetime); |
179 | if (confirm != 0) | 179 | if (confirm != 0) |
180 | fprintf(stderr, | 180 | fprintf(stderr, |
181 | "The user has to confirm each use of the key\n"); | 181 | "The user has to confirm each use of the key\n"); |
182 | } else if (ssh_add_identity(ac, private, comment)) { | 182 | } else if (ssh_add_identity(ac, private, comment)) { |
diff --git a/ssh-agent.c b/ssh-agent.c index d595479f9..b1d603006 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -35,7 +35,7 @@ | |||
35 | 35 | ||
36 | #include "includes.h" | 36 | #include "includes.h" |
37 | #include "openbsd-compat/sys-queue.h" | 37 | #include "openbsd-compat/sys-queue.h" |
38 | RCSID("$OpenBSD: ssh-agent.c,v 1.115 2003/10/14 19:54:39 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.116 2003/11/21 11:57:03 djm Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | #include <openssl/md5.h> | 41 | #include <openssl/md5.h> |
@@ -179,7 +179,7 @@ confirm_key(Identity *id) | |||
179 | p = read_passphrase(prompt, RP_ALLOW_EOF); | 179 | p = read_passphrase(prompt, RP_ALLOW_EOF); |
180 | if (p != NULL) { | 180 | if (p != NULL) { |
181 | /* | 181 | /* |
182 | * Accept empty responses and responses consisting | 182 | * Accept empty responses and responses consisting |
183 | * of the word "yes" as affirmative. | 183 | * of the word "yes" as affirmative. |
184 | */ | 184 | */ |
185 | if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0) | 185 | if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0) |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 4a3cf241a..95d22b6a4 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.110 2003/10/14 19:42:10 jakob Exp $"); | 15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.111 2003/11/21 11:57:03 djm Exp $"); |
16 | 16 | ||
17 | #include <openssl/evp.h> | 17 | #include <openssl/evp.h> |
18 | #include <openssl/pem.h> | 18 | #include <openssl/pem.h> |
@@ -902,13 +902,13 @@ main(int ac, char **av) | |||
902 | case 'a': | 902 | case 'a': |
903 | trials = atoi(optarg); | 903 | trials = atoi(optarg); |
904 | if (trials < TRIAL_MINIMUM) { | 904 | if (trials < TRIAL_MINIMUM) { |
905 | fatal("Minimum primality trials is %d", | 905 | fatal("Minimum primality trials is %d", |
906 | TRIAL_MINIMUM); | 906 | TRIAL_MINIMUM); |
907 | } | 907 | } |
908 | break; | 908 | break; |
909 | case 'M': | 909 | case 'M': |
910 | memory = atoi(optarg); | 910 | memory = atoi(optarg); |
911 | if (memory != 0 && | 911 | if (memory != 0 && |
912 | (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) { | 912 | (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) { |
913 | fatal("Invalid memory amount (min %ld, max %ld)", | 913 | fatal("Invalid memory amount (min %ld, max %ld)", |
914 | LARGE_MINIMUM, LARGE_MAXIMUM); | 914 | LARGE_MINIMUM, LARGE_MAXIMUM); |
@@ -987,7 +987,7 @@ main(int ac, char **av) | |||
987 | if (have_identity && strcmp(identity_file, "-") != 0) { | 987 | if (have_identity && strcmp(identity_file, "-") != 0) { |
988 | if ((in = fopen(identity_file, "r")) == NULL) { | 988 | if ((in = fopen(identity_file, "r")) == NULL) { |
989 | fatal("Couldn't open modulus candidate " | 989 | fatal("Couldn't open modulus candidate " |
990 | "file \"%s\": %s", identity_file, | 990 | "file \"%s\": %s", identity_file, |
991 | strerror(errno)); | 991 | strerror(errno)); |
992 | } | 992 | } |
993 | } else | 993 | } else |
diff --git a/ssh-rand-helper.8 b/ssh-rand-helper.8 index a89185c0a..df559d332 100644 --- a/ssh-rand-helper.8 +++ b/ssh-rand-helper.8 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $Id: ssh-rand-helper.8,v 1.1 2002/04/14 09:27:13 djm Exp $ | 1 | .\" $Id: ssh-rand-helper.8,v 1.2 2003/11/21 12:48:56 djm Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2002 Damien Miller. All rights reserved. | 3 | .\" Copyright (c) 2002 Damien Miller. All rights reserved. |
4 | .\" | 4 | .\" |
@@ -34,22 +34,22 @@ | |||
34 | .Op Fl b Ar bytes | 34 | .Op Fl b Ar bytes |
35 | .Sh DESCRIPTION | 35 | .Sh DESCRIPTION |
36 | .Nm | 36 | .Nm |
37 | is a small helper program used by | 37 | is a small helper program used by |
38 | .Xr ssh 1 , | 38 | .Xr ssh 1 , |
39 | .Xr ssh-add 1 , | 39 | .Xr ssh-add 1 , |
40 | .Xr ssh-agent 1 , | 40 | .Xr ssh-agent 1 , |
41 | .Xr ssh-keygen 1 , | 41 | .Xr ssh-keygen 1 , |
42 | .Xr ssh-keyscan 1 | 42 | .Xr ssh-keyscan 1 |
43 | and | 43 | and |
44 | .Xr sshd 8 | 44 | .Xr sshd 8 |
45 | to gather random numbers of cryptographic quality if the | 45 | to gather random numbers of cryptographic quality if the |
46 | .Xr openssl 4 | 46 | .Xr openssl 4 |
47 | library has not been configured to provide them itself. | 47 | library has not been configured to provide them itself. |
48 | .Pp | 48 | .Pp |
49 | Normally | 49 | Normally |
50 | .Nm | 50 | .Nm |
51 | will generate a strong random seed and provide it to the calling | 51 | will generate a strong random seed and provide it to the calling |
52 | program via standard output. If standard output is a tty, | 52 | program via standard output. If standard output is a tty, |
53 | .Nm | 53 | .Nm |
54 | will instead print the seed in hexidecimal format unless told otherwise. | 54 | will instead print the seed in hexidecimal format unless told otherwise. |
55 | .Pp | 55 | .Pp |
@@ -57,19 +57,19 @@ will instead print the seed in hexidecimal format unless told otherwise. | |||
57 | will by default gather random numbers from the system commands listed | 57 | will by default gather random numbers from the system commands listed |
58 | in | 58 | in |
59 | .Pa /etc/ssh/ssh_prng_cmds . | 59 | .Pa /etc/ssh/ssh_prng_cmds . |
60 | The output of each of the commands listed will be hashed and used to | 60 | The output of each of the commands listed will be hashed and used to |
61 | generate a random seed for the calling program. | 61 | generate a random seed for the calling program. |
62 | .Nm | 62 | .Nm |
63 | will also store seed files in | 63 | will also store seed files in |
64 | .Pa ~/.ssh/prng_seed | 64 | .Pa ~/.ssh/prng_seed |
65 | between executions. | 65 | between executions. |
66 | .Pp | 66 | .Pp |
67 | Alternately, | 67 | Alternately, |
68 | .Nm | 68 | .Nm |
69 | may be configured at build time to collect random numbers from a | 69 | may be configured at build time to collect random numbers from a |
70 | EGD/PRNGd server via a unix domain or localhost tcp socket. | 70 | EGD/PRNGd server via a unix domain or localhost tcp socket. |
71 | .Pp | 71 | .Pp |
72 | This program is not intended to be run by the end-user, so the few | 72 | This program is not intended to be run by the end-user, so the few |
73 | commandline options are for debugging purposes only. | 73 | commandline options are for debugging purposes only. |
74 | .Bl -tag -width Ds | 74 | .Bl -tag -width Ds |
75 | .It Fl b Ar bytes | 75 | .It Fl b Ar bytes |
diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c index effc8745e..abdb779f0 100644 --- a/ssh-rand-helper.c +++ b/ssh-rand-helper.c | |||
@@ -39,7 +39,7 @@ | |||
39 | #include "pathnames.h" | 39 | #include "pathnames.h" |
40 | #include "log.h" | 40 | #include "log.h" |
41 | 41 | ||
42 | RCSID("$Id: ssh-rand-helper.c,v 1.14 2003/09/22 15:36:15 mouring Exp $"); | 42 | RCSID("$Id: ssh-rand-helper.c,v 1.15 2003/11/21 12:48:56 djm Exp $"); |
43 | 43 | ||
44 | /* Number of bytes we write out */ | 44 | /* Number of bytes we write out */ |
45 | #define OUTPUT_SEED_SIZE 48 | 45 | #define OUTPUT_SEED_SIZE 48 |
@@ -115,19 +115,19 @@ double stir_gettimeofday(double entropy_estimate); | |||
115 | double stir_clock(double entropy_estimate); | 115 | double stir_clock(double entropy_estimate); |
116 | double stir_rusage(int who, double entropy_estimate); | 116 | double stir_rusage(int who, double entropy_estimate); |
117 | double hash_command_output(entropy_cmd_t *src, unsigned char *hash); | 117 | double hash_command_output(entropy_cmd_t *src, unsigned char *hash); |
118 | int get_random_bytes_prngd(unsigned char *buf, int len, | 118 | int get_random_bytes_prngd(unsigned char *buf, int len, |
119 | unsigned short tcp_port, char *socket_path); | 119 | unsigned short tcp_port, char *socket_path); |
120 | 120 | ||
121 | /* | 121 | /* |
122 | * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon | 122 | * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon |
123 | * listening either on 'tcp_port', or via Unix domain socket at * | 123 | * listening either on 'tcp_port', or via Unix domain socket at * |
124 | * 'socket_path'. | 124 | * 'socket_path'. |
125 | * Either a non-zero tcp_port or a non-null socket_path must be | 125 | * Either a non-zero tcp_port or a non-null socket_path must be |
126 | * supplied. | 126 | * supplied. |
127 | * Returns 0 on success, -1 on error | 127 | * Returns 0 on success, -1 on error |
128 | */ | 128 | */ |
129 | int | 129 | int |
130 | get_random_bytes_prngd(unsigned char *buf, int len, | 130 | get_random_bytes_prngd(unsigned char *buf, int len, |
131 | unsigned short tcp_port, char *socket_path) | 131 | unsigned short tcp_port, char *socket_path) |
132 | { | 132 | { |
133 | int fd, addr_len, rval, errors; | 133 | int fd, addr_len, rval, errors; |
@@ -289,7 +289,7 @@ hash_command_output(entropy_cmd_t *src, unsigned char *hash) | |||
289 | if (devnull == -1) { | 289 | if (devnull == -1) { |
290 | devnull = open("/dev/null", O_RDWR); | 290 | devnull = open("/dev/null", O_RDWR); |
291 | if (devnull == -1) | 291 | if (devnull == -1) |
292 | fatal("Couldn't open /dev/null: %s", | 292 | fatal("Couldn't open /dev/null: %s", |
293 | strerror(errno)); | 293 | strerror(errno)); |
294 | } | 294 | } |
295 | 295 | ||
@@ -314,7 +314,7 @@ hash_command_output(entropy_cmd_t *src, unsigned char *hash) | |||
314 | 314 | ||
315 | execv(src->path, (char**)(src->args)); | 315 | execv(src->path, (char**)(src->args)); |
316 | 316 | ||
317 | debug("(child) Couldn't exec '%s': %s", | 317 | debug("(child) Couldn't exec '%s': %s", |
318 | src->cmdstring, strerror(errno)); | 318 | src->cmdstring, strerror(errno)); |
319 | _exit(-1); | 319 | _exit(-1); |
320 | default: /* Parent */ | 320 | default: /* Parent */ |
@@ -376,7 +376,7 @@ hash_command_output(entropy_cmd_t *src, unsigned char *hash) | |||
376 | case -1: | 376 | case -1: |
377 | default: | 377 | default: |
378 | /* error */ | 378 | /* error */ |
379 | debug("Command '%s': select() failed: %s", | 379 | debug("Command '%s': select() failed: %s", |
380 | src->cmdstring, strerror(errno)); | 380 | src->cmdstring, strerror(errno)); |
381 | error_abort = 1; | 381 | error_abort = 1; |
382 | break; | 382 | break; |
@@ -400,8 +400,8 @@ hash_command_output(entropy_cmd_t *src, unsigned char *hash) | |||
400 | if (error_abort) { | 400 | if (error_abort) { |
401 | /* | 401 | /* |
402 | * Closing p[0] on timeout causes the entropy command to | 402 | * Closing p[0] on timeout causes the entropy command to |
403 | * SIGPIPE. Take whatever output we got, and mark this | 403 | * SIGPIPE. Take whatever output we got, and mark this |
404 | * command as slow | 404 | * command as slow |
405 | */ | 405 | */ |
406 | debug2("Command '%s' timed out", src->cmdstring); | 406 | debug2("Command '%s' timed out", src->cmdstring); |
407 | src->sticky_badness *= 2; | 407 | src->sticky_badness *= 2; |
@@ -479,7 +479,7 @@ stir_from_programs(void) | |||
479 | /* Stir it in */ | 479 | /* Stir it in */ |
480 | RAND_add(hash, sizeof(hash), entropy); | 480 | RAND_add(hash, sizeof(hash), entropy); |
481 | 481 | ||
482 | debug3("Got %0.2f bytes of entropy from '%s'", | 482 | debug3("Got %0.2f bytes of entropy from '%s'", |
483 | entropy, entropy_cmds[c].cmdstring); | 483 | entropy, entropy_cmds[c].cmdstring); |
484 | 484 | ||
485 | total_entropy += entropy; | 485 | total_entropy += entropy; |
@@ -491,7 +491,7 @@ stir_from_programs(void) | |||
491 | total_entropy += stir_rusage(RUSAGE_CHILDREN, 0.1); | 491 | total_entropy += stir_rusage(RUSAGE_CHILDREN, 0.1); |
492 | } else { | 492 | } else { |
493 | debug2("Command '%s' disabled (badness %d)", | 493 | debug2("Command '%s' disabled (badness %d)", |
494 | entropy_cmds[c].cmdstring, | 494 | entropy_cmds[c].cmdstring, |
495 | entropy_cmds[c].badness); | 495 | entropy_cmds[c].badness); |
496 | 496 | ||
497 | if (entropy_cmds[c].badness > 0) | 497 | if (entropy_cmds[c].badness > 0) |
@@ -511,8 +511,8 @@ prng_check_seedfile(char *filename) | |||
511 | struct stat st; | 511 | struct stat st; |
512 | 512 | ||
513 | /* | 513 | /* |
514 | * XXX raceable: eg replace seed between this stat and subsequent | 514 | * XXX raceable: eg replace seed between this stat and subsequent |
515 | * open. Not such a problem because we don't really trust the | 515 | * open. Not such a problem because we don't really trust the |
516 | * seed file anyway. | 516 | * seed file anyway. |
517 | * XXX: use secure path checking as elsewhere in OpenSSH | 517 | * XXX: use secure path checking as elsewhere in OpenSSH |
518 | */ | 518 | */ |
@@ -651,7 +651,7 @@ prng_read_commands(char *cmdfilename) | |||
651 | continue; /* done with this line */ | 651 | continue; /* done with this line */ |
652 | 652 | ||
653 | /* | 653 | /* |
654 | * The first non-whitespace char should be a double quote | 654 | * The first non-whitespace char should be a double quote |
655 | * delimiting the commandline | 655 | * delimiting the commandline |
656 | */ | 656 | */ |
657 | if (*cp != '"') { | 657 | if (*cp != '"') { |
@@ -726,7 +726,7 @@ prng_read_commands(char *cmdfilename) | |||
726 | 726 | ||
727 | /* | 727 | /* |
728 | * If we've filled the array, reallocate it twice the size | 728 | * If we've filled the array, reallocate it twice the size |
729 | * Do this now because even if this we're on the last | 729 | * Do this now because even if this we're on the last |
730 | * command we need another slot to mark the last entry | 730 | * command we need another slot to mark the last entry |
731 | */ | 731 | */ |
732 | if (cur_cmd == num_cmds) { | 732 | if (cur_cmd == num_cmds) { |
@@ -761,7 +761,7 @@ usage(void) | |||
761 | OUTPUT_SEED_SIZE); | 761 | OUTPUT_SEED_SIZE); |
762 | } | 762 | } |
763 | 763 | ||
764 | int | 764 | int |
765 | main(int argc, char **argv) | 765 | main(int argc, char **argv) |
766 | { | 766 | { |
767 | unsigned char *buf; | 767 | unsigned char *buf; |
@@ -816,11 +816,11 @@ main(int argc, char **argv) | |||
816 | /* | 816 | /* |
817 | * Seed the RNG from wherever we can | 817 | * Seed the RNG from wherever we can |
818 | */ | 818 | */ |
819 | 819 | ||
820 | /* Take whatever is on the stack, but don't credit it */ | 820 | /* Take whatever is on the stack, but don't credit it */ |
821 | RAND_add(buf, bytes, 0); | 821 | RAND_add(buf, bytes, 0); |
822 | 822 | ||
823 | debug("Seeded RNG with %i bytes from system calls", | 823 | debug("Seeded RNG with %i bytes from system calls", |
824 | (int)stir_from_system()); | 824 | (int)stir_from_system()); |
825 | 825 | ||
826 | #ifdef PRNGD_PORT | 826 | #ifdef PRNGD_PORT |
@@ -835,7 +835,7 @@ main(int argc, char **argv) | |||
835 | /* Read in collection commands */ | 835 | /* Read in collection commands */ |
836 | if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1) | 836 | if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1) |
837 | fatal("PRNG initialisation failed -- exiting."); | 837 | fatal("PRNG initialisation failed -- exiting."); |
838 | debug("Seeded RNG with %i bytes from programs", | 838 | debug("Seeded RNG with %i bytes from programs", |
839 | (int)stir_from_programs()); | 839 | (int)stir_from_programs()); |
840 | #endif | 840 | #endif |
841 | 841 | ||
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: ssh.c,v 1.202 2003/10/11 08:24:08 markus Exp $"); | 43 | RCSID("$OpenBSD: ssh.c,v 1.203 2003/11/21 11:57:03 djm Exp $"); |
44 | 44 | ||
45 | #include <openssl/evp.h> | 45 | #include <openssl/evp.h> |
46 | #include <openssl/err.h> | 46 | #include <openssl/err.h> |
@@ -221,7 +221,7 @@ main(int ac, char **av) | |||
221 | */ | 221 | */ |
222 | original_real_uid = getuid(); | 222 | original_real_uid = getuid(); |
223 | original_effective_uid = geteuid(); | 223 | original_effective_uid = geteuid(); |
224 | 224 | ||
225 | /* | 225 | /* |
226 | * Use uid-swapping to give up root privileges for the duration of | 226 | * Use uid-swapping to give up root privileges for the duration of |
227 | * option processing. We will re-instantiate the rights when we are | 227 | * option processing. We will re-instantiate the rights when we are |
@@ -717,7 +717,7 @@ again: | |||
717 | packet_close(); | 717 | packet_close(); |
718 | 718 | ||
719 | /* | 719 | /* |
720 | * Send SIGHUP to proxy command if used. We don't wait() in | 720 | * Send SIGHUP to proxy command if used. We don't wait() in |
721 | * case it hangs and instead rely on init to reap the child | 721 | * case it hangs and instead rely on init to reap the child |
722 | */ | 722 | */ |
723 | if (proxy_command_pid > 1) | 723 | if (proxy_command_pid > 1) |
diff --git a/ssh_prng_cmds.in b/ssh_prng_cmds.in index 50e7771f9..0d29d49f1 100644 --- a/ssh_prng_cmds.in +++ b/ssh_prng_cmds.in | |||
@@ -2,10 +2,10 @@ | |||
2 | 2 | ||
3 | # Format is: "program-name args" path rate | 3 | # Format is: "program-name args" path rate |
4 | 4 | ||
5 | # The "rate" represents the number of bits of usuable entropy per | 5 | # The "rate" represents the number of bits of usuable entropy per |
6 | # byte of command output. Be conservative. | 6 | # byte of command output. Be conservative. |
7 | # | 7 | # |
8 | # $Id: ssh_prng_cmds.in,v 1.8 2002/07/14 21:43:58 tim Exp $ | 8 | # $Id: ssh_prng_cmds.in,v 1.9 2003/11/21 12:48:56 djm Exp $ |
9 | 9 | ||
10 | "ls -alni /var/log" @PROG_LS@ 0.02 | 10 | "ls -alni /var/log" @PROG_LS@ 0.02 |
11 | "ls -alni /var/adm" @PROG_LS@ 0.02 | 11 | "ls -alni /var/adm" @PROG_LS@ 0.02 |
diff --git a/sshconnect.c b/sshconnect.c index 5972e2ba9..3d6cc375a 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect.c,v 1.153 2003/11/12 16:39:58 jakob Exp $"); | 16 | RCSID("$OpenBSD: sshconnect.c,v 1.154 2003/11/21 11:57:03 djm Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | 19 | ||
@@ -74,7 +74,7 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) | |||
74 | * Build the final command string in the buffer by making the | 74 | * Build the final command string in the buffer by making the |
75 | * appropriate substitutions to the given proxy command. | 75 | * appropriate substitutions to the given proxy command. |
76 | * | 76 | * |
77 | * Use "exec" to avoid "sh -c" processes on some platforms | 77 | * Use "exec" to avoid "sh -c" processes on some platforms |
78 | * (e.g. Solaris) | 78 | * (e.g. Solaris) |
79 | */ | 79 | */ |
80 | buffer_init(&command); | 80 | buffer_init(&command); |
@@ -261,15 +261,15 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr, | |||
261 | break; | 261 | break; |
262 | case -1: | 262 | case -1: |
263 | /* Select error */ | 263 | /* Select error */ |
264 | debug("select: %s", strerror(errno)); | 264 | debug("select: %s", strerror(errno)); |
265 | break; | 265 | break; |
266 | case 1: | 266 | case 1: |
267 | /* Completed or failed */ | 267 | /* Completed or failed */ |
268 | optval = 0; | 268 | optval = 0; |
269 | optlen = sizeof(optval); | 269 | optlen = sizeof(optval); |
270 | if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, | 270 | if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, |
271 | &optlen) == -1) { | 271 | &optlen) == -1) { |
272 | debug("getsockopt: %s", strerror(errno)); | 272 | debug("getsockopt: %s", strerror(errno)); |
273 | break; | 273 | break; |
274 | } | 274 | } |
275 | if (optval != 0) { | 275 | if (optval != 0) { |
diff --git a/sshconnect2.c b/sshconnect2.c index f6368aadd..76670e8a8 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.132 2003/11/17 11:06:07 markus Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.133 2003/11/21 11:57:03 djm Exp $"); |
27 | 27 | ||
28 | #include "openbsd-compat/sys-queue.h" | 28 | #include "openbsd-compat/sys-queue.h" |
29 | 29 | ||
@@ -476,7 +476,7 @@ done: | |||
476 | } | 476 | } |
477 | 477 | ||
478 | #ifdef GSSAPI | 478 | #ifdef GSSAPI |
479 | int | 479 | int |
480 | userauth_gssapi(Authctxt *authctxt) | 480 | userauth_gssapi(Authctxt *authctxt) |
481 | { | 481 | { |
482 | Gssctxt *gssctxt = NULL; | 482 | Gssctxt *gssctxt = NULL; |
@@ -584,7 +584,7 @@ process_gssapi_token(void *ctxt, gss_buffer_t recv_tok) | |||
584 | 584 | ||
585 | buffer_free(&b); | 585 | buffer_free(&b); |
586 | gss_release_buffer(&ms, &mic); | 586 | gss_release_buffer(&ms, &mic); |
587 | } | 587 | } |
588 | } | 588 | } |
589 | 589 | ||
590 | return status; | 590 | return status; |
@@ -1033,7 +1033,7 @@ pubkey_prepare(Authctxt *authctxt) | |||
1033 | key = ssh_get_next_identity(ac, &comment, 2)) { | 1033 | key = ssh_get_next_identity(ac, &comment, 2)) { |
1034 | found = 0; | 1034 | found = 0; |
1035 | TAILQ_FOREACH(id, &files, next) { | 1035 | TAILQ_FOREACH(id, &files, next) { |
1036 | /* agent keys from the config file are preferred */ | 1036 | /* agent keys from the config file are preferred */ |
1037 | if (key_equal(key, id->key)) { | 1037 | if (key_equal(key, id->key)) { |
1038 | key_free(key); | 1038 | key_free(key); |
1039 | xfree(comment); | 1039 | xfree(comment); |
@@ -1055,8 +1055,8 @@ main(int ac, char **av) | |||
1055 | /* | 1055 | /* |
1056 | * Clear out any supplemental groups we may have inherited. This | 1056 | * Clear out any supplemental groups we may have inherited. This |
1057 | * prevents inadvertent creation of files with bad modes (in the | 1057 | * prevents inadvertent creation of files with bad modes (in the |
1058 | * portable version at least, it's certainly possible for PAM | 1058 | * portable version at least, it's certainly possible for PAM |
1059 | * to create a file, and we can't control the code in every | 1059 | * to create a file, and we can't control the code in every |
1060 | * module which might be used). | 1060 | * module which might be used). |
1061 | */ | 1061 | */ |
1062 | if (setgroups(0, NULL) < 0) | 1062 | if (setgroups(0, NULL) < 0) |
@@ -1446,7 +1446,7 @@ main(int ac, char **av) | |||
1446 | 1446 | ||
1447 | packet_set_nonblocking(); | 1447 | packet_set_nonblocking(); |
1448 | 1448 | ||
1449 | /* prepare buffers to collect authentication messages */ | 1449 | /* prepare buffers to collect authentication messages */ |
1450 | buffer_init(&loginmsg); | 1450 | buffer_init(&loginmsg); |
1451 | 1451 | ||
1452 | /* allocate authentication context */ | 1452 | /* allocate authentication context */ |
diff --git a/sshd_config.5 b/sshd_config.5 index b402bbdad..06a197b76 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd_config.5,v 1.25 2003/09/01 09:50:04 markus Exp $ | 37 | .\" $OpenBSD: sshd_config.5,v 1.26 2003/11/21 11:57:03 djm Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD_CONFIG 5 | 39 | .Dt SSHD_CONFIG 5 |
40 | .Os | 40 | .Os |
@@ -227,7 +227,7 @@ The default is | |||
227 | .Dq no . | 227 | .Dq no . |
228 | .It Cm GSSAPIAuthentication | 228 | .It Cm GSSAPIAuthentication |
229 | Specifies whether user authentication based on GSSAPI is allowed. | 229 | Specifies whether user authentication based on GSSAPI is allowed. |
230 | The default is | 230 | The default is |
231 | .Dq no . | 231 | .Dq no . |
232 | Note that this option applies to protocol version 2 only. | 232 | Note that this option applies to protocol version 2 only. |
233 | .It Cm GSSAPICleanupCredentials | 233 | .It Cm GSSAPICleanupCredentials |
@@ -608,10 +608,10 @@ If | |||
608 | .Cm UsePrivilegeSeparation | 608 | .Cm UsePrivilegeSeparation |
609 | is specified, it will be disabled after authentication. | 609 | is specified, it will be disabled after authentication. |
610 | .It Cm UsePAM | 610 | .It Cm UsePAM |
611 | Enables PAM authentication (via challenge-response) and session set up. | 611 | Enables PAM authentication (via challenge-response) and session set up. |
612 | If you enable this, you should probably disable | 612 | If you enable this, you should probably disable |
613 | .Cm PasswordAuthentication . | 613 | .Cm PasswordAuthentication . |
614 | If you enable | 614 | If you enable |
615 | .CM UsePAM | 615 | .CM UsePAM |
616 | then you will not be able to run sshd as a non-root user. The default is | 616 | then you will not be able to run sshd as a non-root user. The default is |
617 | .Dq no . | 617 | .Dq no . |
@@ -343,7 +343,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) | |||
343 | if (fd < 0) | 343 | if (fd < 0) |
344 | error("open /dev/tty failed - could not set controlling tty: %.100s", | 344 | error("open /dev/tty failed - could not set controlling tty: %.100s", |
345 | strerror(errno)); | 345 | strerror(errno)); |
346 | else | 346 | else |
347 | close(fd); | 347 | close(fd); |
348 | #endif /* _UNICOS */ | 348 | #endif /* _UNICOS */ |
349 | } | 349 | } |
@@ -180,28 +180,28 @@ permanently_set_uid(struct passwd *pw) | |||
180 | #endif | 180 | #endif |
181 | 181 | ||
182 | /* Try restoration of GID if changed (test clearing of saved gid) */ | 182 | /* Try restoration of GID if changed (test clearing of saved gid) */ |
183 | if (old_gid != pw->pw_gid && | 183 | if (old_gid != pw->pw_gid && |
184 | (setgid(old_gid) != -1 || setegid(old_gid) != -1)) | 184 | (setgid(old_gid) != -1 || setegid(old_gid) != -1)) |
185 | fatal("%s: was able to restore old [e]gid", __func__); | 185 | fatal("%s: was able to restore old [e]gid", __func__); |
186 | 186 | ||
187 | /* Verify GID drop was successful */ | 187 | /* Verify GID drop was successful */ |
188 | if (getgid() != pw->pw_gid || getegid() != pw->pw_gid) { | 188 | if (getgid() != pw->pw_gid || getegid() != pw->pw_gid) { |
189 | fatal("%s: egid incorrect gid:%u egid:%u (should be %u)", | 189 | fatal("%s: egid incorrect gid:%u egid:%u (should be %u)", |
190 | __func__, (u_int)getgid(), (u_int)getegid(), | 190 | __func__, (u_int)getgid(), (u_int)getegid(), |
191 | (u_int)pw->pw_gid); | 191 | (u_int)pw->pw_gid); |
192 | } | 192 | } |
193 | 193 | ||
194 | #ifndef HAVE_CYGWIN | 194 | #ifndef HAVE_CYGWIN |
195 | /* Try restoration of UID if changed (test clearing of saved uid) */ | 195 | /* Try restoration of UID if changed (test clearing of saved uid) */ |
196 | if (old_uid != pw->pw_uid && | 196 | if (old_uid != pw->pw_uid && |
197 | (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) | 197 | (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) |
198 | fatal("%s: was able to restore old [e]uid", __func__); | 198 | fatal("%s: was able to restore old [e]uid", __func__); |
199 | #endif | 199 | #endif |
200 | 200 | ||
201 | /* Verify UID drop was successful */ | 201 | /* Verify UID drop was successful */ |
202 | if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) { | 202 | if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) { |
203 | fatal("%s: euid incorrect uid:%u euid:%u (should be %u)", | 203 | fatal("%s: euid incorrect uid:%u euid:%u (should be %u)", |
204 | __func__, (u_int)getuid(), (u_int)geteuid(), | 204 | __func__, (u_int)getuid(), (u_int)geteuid(), |
205 | (u_int)pw->pw_uid); | 205 | (u_int)pw->pw_uid); |
206 | } | 206 | } |
207 | } | 207 | } |