diff options
148 files changed, 7367 insertions, 2382 deletions
@@ -1,3 +1,670 @@ | |||
1 | 20050309 | ||
2 | - (dtucker) [regress/test-exec.sh] Set BIN_SH=xpg4 on OSF1/Digital Unix/Tru64 | ||
3 | so that regress tests behave. From Chris Adams. | ||
4 | - (djm) OpenBSD CVS Sync | ||
5 | - jmc@cvs.openbsd.org 2005/03/07 23:41:54 | ||
6 | [ssh.1 ssh_config.5] | ||
7 | more macro simplification; | ||
8 | - djm@cvs.openbsd.org 2005/03/08 23:49:48 | ||
9 | [version.h] | ||
10 | OpenSSH 4.0 | ||
11 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
12 | [contrib/suse/openssh.spec] Update spec file versions | ||
13 | - (djm) [log.c] Fix dumb syntax error; ok dtucker@ | ||
14 | - (djm) Release OpenSSH 4.0p1 | ||
15 | |||
16 | 20050307 | ||
17 | - (dtucker) [configure.ac] Disable gettext search when configuring with | ||
18 | BSM audit support for the time being. ok djm@ | ||
19 | - (dtucker) OpenBSD CVS Sync (regress/) | ||
20 | - fgsch@cvs.openbsd.org 2004/12/10 01:31:30 | ||
21 | [Makefile sftp-glob.sh] | ||
22 | some globbing regress; prompted and ok djm@ | ||
23 | - david@cvs.openbsd.org 2005/01/14 04:21:18 | ||
24 | [Makefile test-exec.sh] | ||
25 | pass the SUDO make variable to the individual sh tests; ok dtucker@ markus@ | ||
26 | - dtucker@cvs.openbsd.org 2005/02/27 11:33:30 | ||
27 | [multiplex.sh test-exec.sh sshd-log-wrapper.sh] | ||
28 | Add optional capability to log output from regress commands; ok markus@ | ||
29 | Use with: make TEST_SSH_LOGFILE=/tmp/regress.log | ||
30 | - djm@cvs.openbsd.org 2005/02/27 23:13:36 | ||
31 | [login-timeout.sh] | ||
32 | avoid nameservice lookups in regress test; ok dtucker@ | ||
33 | - djm@cvs.openbsd.org 2005/03/04 08:48:46 | ||
34 | [Makefile envpass.sh] | ||
35 | regress test for SendEnv config parsing bug; ok dtucker@ | ||
36 | - (dtucker) [regress/test-exec.sh] Put SUDO in the right place. | ||
37 | - (tim) [configure.ac] SCO 3.2v4.2 no longer supported. | ||
38 | |||
39 | 20050306 | ||
40 | - (dtucker) [monitor.c] Bug #125 comment #47: fix errors returned by monitor | ||
41 | when attempting to audit disconnect events. Reported by Phil Dibowitz. | ||
42 | - (dtucker) [session.c sshd.c] Bug #125 comment #49: Send disconnect audit | ||
43 | events earlier, prevents mm_request_send errors reported by Matt Goebel. | ||
44 | |||
45 | 20050305 | ||
46 | - (djm) [contrib/cygwin/README] Improve Cygwin build documentation. Patch | ||
47 | from vinschen at redhat.com | ||
48 | - (djm) OpenBSD CVS Sync | ||
49 | - jmc@cvs.openbsd.org 2005/03/02 11:45:01 | ||
50 | [ssh.1] | ||
51 | missing word; | ||
52 | - djm@cvs.openbsd.org 2005/03/04 08:48:06 | ||
53 | [readconf.c] | ||
54 | fix SendEnv config parsing bug found by Roumen Petrov; ok dtucker@ | ||
55 | |||
56 | 20050302 | ||
57 | - (djm) OpenBSD CVS sync: | ||
58 | - jmc@cvs.openbsd.org 2005/03/01 14:47:58 | ||
59 | [ssh.1] | ||
60 | remove some unneccesary macros; | ||
61 | do not mark up punctuation; | ||
62 | - jmc@cvs.openbsd.org 2005/03/01 14:55:23 | ||
63 | [ssh_config.5] | ||
64 | do not mark up punctuation; | ||
65 | whitespace; | ||
66 | - jmc@cvs.openbsd.org 2005/03/01 14:59:49 | ||
67 | [sshd.8] | ||
68 | new sentence, new line; | ||
69 | whitespace; | ||
70 | - jmc@cvs.openbsd.org 2005/03/01 15:05:00 | ||
71 | [ssh-keygen.1] | ||
72 | whitespace; | ||
73 | - jmc@cvs.openbsd.org 2005/03/01 15:47:14 | ||
74 | [ssh-keyscan.1 ssh-keyscan.c] | ||
75 | sort options and sync usage(); | ||
76 | - jmc@cvs.openbsd.org 2005/03/01 17:19:35 | ||
77 | [scp.1 sftp.1] | ||
78 | add HashKnownHosts to -o list; | ||
79 | ok markus@ | ||
80 | - jmc@cvs.openbsd.org 2005/03/01 17:22:06 | ||
81 | [ssh.c] | ||
82 | sync usage() w/ man SYNOPSIS; | ||
83 | ok markus@ | ||
84 | - jmc@cvs.openbsd.org 2005/03/01 17:32:19 | ||
85 | [ssh-add.1] | ||
86 | sort options; | ||
87 | - jmc@cvs.openbsd.org 2005/03/01 18:15:56 | ||
88 | [ssh-keygen.1] | ||
89 | sort options (no attempt made at synopsis clean up though); | ||
90 | spelling (occurance -> occurrence); | ||
91 | use prompt before examples; | ||
92 | grammar; | ||
93 | - djm@cvs.openbsd.org 2005/03/02 01:00:06 | ||
94 | [sshconnect.c] | ||
95 | fix addition of new hashed hostnames when CheckHostIP=yes; | ||
96 | found and ok dtucker@ | ||
97 | - djm@cvs.openbsd.org 2005/03/02 01:27:41 | ||
98 | [ssh-keygen.c] | ||
99 | ignore hostnames with metachars when hashing; ok deraadt@ | ||
100 | - djm@cvs.openbsd.org 2005/03/02 02:21:07 | ||
101 | [ssh.1] | ||
102 | bz#987: mention ForwardX11Trusted in ssh.1, | ||
103 | reported by andrew.benham AT thus.net; ok deraadt@ | ||
104 | - (tim) [regress/agent-ptrace.sh] add another possible gdb error. | ||
105 | |||
106 | 20050301 | ||
107 | - (djm) OpenBSD CVS sync: | ||
108 | - otto@cvs.openbsd.org 2005/02/16 09:56:44 | ||
109 | [ssh.c] | ||
110 | Better diagnostic if an identity file is not accesible. ok markus@ djm@ | ||
111 | - djm@cvs.openbsd.org 2005/02/18 03:05:53 | ||
112 | [canohost.c] | ||
113 | better error messages for getnameinfo failures; ok dtucker@ | ||
114 | - djm@cvs.openbsd.org 2005/02/20 22:59:06 | ||
115 | [sftp.c] | ||
116 | turn on ssh batch mode when in sftp batch mode, patch from | ||
117 | jdmossh AT nand.net; | ||
118 | ok markus@ | ||
119 | - jmc@cvs.openbsd.org 2005/02/25 10:55:13 | ||
120 | [sshd.8] | ||
121 | add /etc/motd and $HOME/.hushlogin to FILES; | ||
122 | from michael knudsen; | ||
123 | - djm@cvs.openbsd.org 2005/02/28 00:54:10 | ||
124 | [ssh_config.5] | ||
125 | bz#849: document timeout on untrusted x11 forwarding sessions. Reported by | ||
126 | orion AT cora.nwra.com; ok markus@ | ||
127 | - djm@cvs.openbsd.org 2005/03/01 10:09:52 | ||
128 | [auth-options.c channels.c channels.h clientloop.c compat.c compat.h] | ||
129 | [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5] | ||
130 | [sshd_config.5] | ||
131 | bz#413: allow optional specification of bind address for port forwardings. | ||
132 | Patch originally by Dan Astorian, but worked on by several people | ||
133 | Adds GatewayPorts=clientspecified option on server to allow remote | ||
134 | forwards to bind to client-specified ports. | ||
135 | - djm@cvs.openbsd.org 2005/03/01 10:40:27 | ||
136 | [hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5] | ||
137 | [sshconnect.c sshd.8] | ||
138 | add support for hashing host names and addresses added to known_hosts | ||
139 | files, to improve privacy of which hosts user have been visiting; ok | ||
140 | markus@ deraadt@ | ||
141 | - djm@cvs.openbsd.org 2005/03/01 10:41:28 | ||
142 | [ssh-keyscan.1 ssh-keyscan.c] | ||
143 | option to hash hostnames output by ssh-keyscan; ok markus@ deraadt@ | ||
144 | - djm@cvs.openbsd.org 2005/03/01 10:42:49 | ||
145 | [ssh-keygen.1 ssh-keygen.c ssh_config.5] | ||
146 | add tools for managing known_hosts files with hashed hostnames, including | ||
147 | hashing existing files and deleting hosts by name; ok markus@ deraadt@ | ||
148 | |||
149 | 20050226 | ||
150 | - (dtucker) [openbsd-compat/bsd-openpty.c openbsd-compat/inet_ntop.c] | ||
151 | Remove two obsolete Cygwin #ifdefs. Patch from vinschen at redhat.com. | ||
152 | - (dtucker) [acconfig.h configure.ac openbsd-compat/bsd-misc.{c,h}] | ||
153 | Remove SETGROUPS_NOOP, was only used by Cygwin, which doesn't need it any | ||
154 | more. Patch from vinschen at redhat.com. | ||
155 | - (dtucker) [Makefile.in] Add a install-nosysconf target for installing the | ||
156 | binaries without the config files. Primarily useful for packaging. | ||
157 | Patch from phil at usc.edu. ok djm@ | ||
158 | |||
159 | 20050224 | ||
160 | - (djm) [configure.ac] in_addr_t test needs sys/types.h too | ||
161 | |||
162 | 20050222 | ||
163 | - (dtucker) [uidswap.c] Skip uid restore test on Cygwin. Patch from | ||
164 | vinschen at redhat.com. | ||
165 | |||
166 | 20050220 | ||
167 | - (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac | ||
168 | defines.h] Bug #125: Add *EXPERIMENTAL* BSM audit support. Configure | ||
169 | --with-audit=bsm to enable. Patch originally from Sun Microsystems, | ||
170 | parts by John R. Jackson. ok djm@ | ||
171 | - (dtucker) [configure.ac] Missing comma in AIX section, somehow causes | ||
172 | unrelated platforms to be configured incorrectly. | ||
173 | |||
174 | 20050216 | ||
175 | - (djm) write seed to temporary file and atomically rename into place; | ||
176 | ok dtucker@ | ||
177 | - (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be called | ||
178 | via mkstemp in some configurations. ok djm@ | ||
179 | - (dtucker) [auth-shadow.c] Prevent compiler warnings if "DAY" is defined | ||
180 | by the system headers. | ||
181 | - (dtucker) [configure.ac] Bug #893: check for libresolv early on Reliant | ||
182 | Unix; prevents problems relating to the location of -lresolv in the | ||
183 | link order. | ||
184 | - (dtucker) [session.c] Bug #918: store credentials from gssapi-with-mic | ||
185 | authentication early enough to be available to PAM session modules when | ||
186 | privsep=yes. Patch from deengert at anl.gov, ok'ed in principle by Sam | ||
187 | Hartman and similar to Debian's ssh-krb5 package. | ||
188 | - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more | ||
189 | compiler warnings on AIX. | ||
190 | |||
191 | 20050215 | ||
192 | - (dtucker) [config.sh.in] Collect oslevel -r too. | ||
193 | - (dtucker) [README.platform auth.c configure.ac loginrec.c | ||
194 | openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835: enable IPv6 | ||
195 | on AIX where possible (see README.platform for details) and work around | ||
196 | a misfeature of AIX's getnameinfo. ok djm@ | ||
197 | - (dtucker) [loginrec.c] Add missing #include. | ||
198 | |||
199 | 20050211 | ||
200 | - (dtucker) [configure.ac] Tidy up configure --help output. | ||
201 | - (dtucker) [openbsd-compat/fake-rfc2553.h] We now need EAI_SYSTEM too. | ||
202 | |||
203 | 20050210 | ||
204 | - (dtucker) [configure.ac] Bug #919: Provide visible feedback for the | ||
205 | --disable-etc-default-login configure option. | ||
206 | |||
207 | 20050209 | ||
208 | - (dtucker) OpenBSD CVS Sync | ||
209 | - dtucker@cvs.openbsd.org 2005/01/28 09:45:53 | ||
210 | [ssh_config] | ||
211 | Make it clear that the example entries in ssh_config are only some of the | ||
212 | commonly-used options and refer the user to ssh_config(5) for more | ||
213 | details; ok djm@ | ||
214 | - jmc@cvs.openbsd.org 2005/01/28 15:05:43 | ||
215 | [ssh_config.5] | ||
216 | grammar; | ||
217 | - jmc@cvs.openbsd.org 2005/01/28 18:14:09 | ||
218 | [ssh_config.5] | ||
219 | wording; | ||
220 | ok markus@ | ||
221 | - dtucker@cvs.openbsd.org 2005/01/30 11:18:08 | ||
222 | [monitor.c] | ||
223 | Make code match intent; ok djm@ | ||
224 | - dtucker@cvs.openbsd.org 2005/02/08 22:24:57 | ||
225 | [sshd.c] | ||
226 | Provide reason in error message if getnameinfo fails; ok markus@ | ||
227 | - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call | ||
228 | disable_forwarding() from compat library. Prevent linker errrors trying | ||
229 | to resolve it for binaries other than sshd. ok djm@ | ||
230 | - (dtucker) [configure.ac] Bug #854: prepend pwd to relative --with-ssl-dir | ||
231 | paths. ok djm@ | ||
232 | - (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require | ||
233 | the username to be passed to the passwd command when changing expired | ||
234 | passwords. ok djm@ | ||
235 | |||
236 | 20050208 | ||
237 | - (dtucker) [regress/test-exec.sh] Bug #912: Set _POSIX2_VERSION for the | ||
238 | regress tests so newer versions of GNU head(1) behave themselves. Patch | ||
239 | by djm, so ok me. | ||
240 | - (dtucker) [openbsd-compat/port-aix.c] Silence compiler warnings. | ||
241 | - (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c | ||
242 | monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit | ||
243 | defines and enums with SSH_ to prevent namespace collisions on some | ||
244 | platforms (eg AIX). | ||
245 | |||
246 | 20050204 | ||
247 | - (dtucker) [monitor.c] Permit INVALID_USER audit events from slave too. | ||
248 | - (dtucker) [auth.c] Fix parens in audit log check. | ||
249 | |||
250 | 20050202 | ||
251 | - (dtucker) [configure.ac openbsd-compat/realpath.c] Sync up with realpath | ||
252 | rev 1.11 from OpenBSD and make it use fchdir if available. ok djm@ | ||
253 | - (dtucker) [auth.c loginrec.h openbsd-compat/{bsd-cray,port-aix}.{c,h}] | ||
254 | Make record_failed_login() call provide hostname rather than having the | ||
255 | implementations having to do lookups themselves. Only affects AIX and | ||
256 | UNICOS (the latter only uses the "user" parameter anyway). ok djm@ | ||
257 | - (dtucker) [session.c sshd.c] Bug #445: Propogate KRB5CCNAME if set to child | ||
258 | the process. Since we also unset KRB5CCNAME at startup, if it's set after | ||
259 | authentication it must have been set by the platform's native auth system. | ||
260 | This was already done for AIX; this enables it for the general case. | ||
261 | - (dtucker) [auth.c canohost.c canohost.h configure.ac defines.h loginrec.c] | ||
262 | Bug #974: Teach sshd to write failed login records to btmp for failed auth | ||
263 | attempts (currently only for password, kbdint and C/R, only on Linux and | ||
264 | HP-UX), based on code from login.c from util-linux. With ashok_kovai at | ||
265 | hotmail.com, ok djm@ | ||
266 | - (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c | ||
267 | monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125: | ||
268 | (first stage) Add audit instrumentation to sshd, currently disabled by | ||
269 | default. with suggestions from and ok djm@ | ||
270 | |||
271 | 20050201 | ||
272 | - (dtucker) [log.c] Bug #973: force log_init() to open syslog, since on some | ||
273 | platforms syslog will revert to its default values. This may result in | ||
274 | messages from external libraries (eg libwrap) being sent to a different | ||
275 | facility. | ||
276 | - (dtucker) [sshd_config.5] Bug #701: remove warning about | ||
277 | keyboard-interactive since this is no longer the case. | ||
278 | |||
279 | 20050124 | ||
280 | - (dtucker) OpenBSD CVS Sync | ||
281 | - otto@cvs.openbsd.org 2005/01/21 08:32:02 | ||
282 | [auth-passwd.c sshd.c] | ||
283 | Warn in advance for password and account expiry; initialize loginmsg | ||
284 | buffer earlier and clear it after privsep fork. ok and help dtucker@ | ||
285 | markus@ | ||
286 | - dtucker@cvs.openbsd.org 2005/01/22 08:17:59 | ||
287 | [auth.c] | ||
288 | Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and | ||
289 | DenyGroups. bz #909, ok djm@ | ||
290 | - djm@cvs.openbsd.org 2005/01/23 10:18:12 | ||
291 | [cipher.c] | ||
292 | config option "Ciphers" should be case-sensitive; ok dtucker@ | ||
293 | - dtucker@cvs.openbsd.org 2005/01/24 10:22:06 | ||
294 | [scp.c sftp.c] | ||
295 | Have scp and sftp wait for the spawned ssh to exit before they exit | ||
296 | themselves. This prevents ssh from being unable to restore terminal | ||
297 | modes (not normally a problem on OpenBSD but common with -Portable | ||
298 | on POSIX platforms). From peak at argo.troja.mff.cuni.cz (bz#950); | ||
299 | ok djm@ markus@ | ||
300 | - dtucker@cvs.openbsd.org 2005/01/24 10:29:06 | ||
301 | [moduli] | ||
302 | Import new moduli; requested by deraadt@ a week ago | ||
303 | - dtucker@cvs.openbsd.org 2005/01/24 11:47:13 | ||
304 | [auth-passwd.c] | ||
305 | #if -> #ifdef so builds without HAVE_LOGIN_CAP work too; ok djm@ otto@ | ||
306 | |||
307 | 20050120 | ||
308 | - (dtucker) OpenBSD CVS Sync | ||
309 | - markus@cvs.openbsd.org 2004/12/23 17:35:48 | ||
310 | [session.c] | ||
311 | check for NULL; from mpech | ||
312 | - markus@cvs.openbsd.org 2004/12/23 17:38:07 | ||
313 | [ssh-keygen.c] | ||
314 | leak; from mpech | ||
315 | - djm@cvs.openbsd.org 2004/12/23 23:11:00 | ||
316 | [servconf.c servconf.h sshd.c sshd_config sshd_config.5] | ||
317 | bz #898: support AddressFamily in sshd_config. from | ||
318 | peak@argo.troja.mff.cuni.cz; ok deraadt@ | ||
319 | - markus@cvs.openbsd.org 2005/01/05 08:51:32 | ||
320 | [sshconnect.c] | ||
321 | remove dead code, log connect() failures with level error, ok djm@ | ||
322 | - jmc@cvs.openbsd.org 2005/01/08 00:41:19 | ||
323 | [sshd_config.5] | ||
324 | `login'(n) -> `log in'(v); | ||
325 | - dtucker@cvs.openbsd.org 2005/01/17 03:25:46 | ||
326 | [moduli.c] | ||
327 | Correct spelling: SCHNOOR->SCHNORR; ok djm@ | ||
328 | - dtucker@cvs.openbsd.org 2005/01/17 22:48:39 | ||
329 | [sshd.c] | ||
330 | Make debugging output continue after reexec; ok djm@ | ||
331 | - dtucker@cvs.openbsd.org 2005/01/19 13:11:47 | ||
332 | [auth-bsdauth.c auth2-chall.c] | ||
333 | Have keyboard-interactive code call the drivers even for responses for | ||
334 | invalid logins. This allows the drivers themselves to decide how to | ||
335 | handle them and prevent leaking information where possible. Existing | ||
336 | behaviour for bsdauth is maintained by checking authctxt->valid in the | ||
337 | bsdauth driver. Note that any third-party kbdint drivers will now need | ||
338 | to be able to handle responses for invalid logins. ok markus@ | ||
339 | - djm@cvs.openbsd.org 2004/12/22 02:13:19 | ||
340 | [cipher-ctr.c cipher.c] | ||
341 | remove fallback AES support for old OpenSSL, as OpenBSD has had it for | ||
342 | many years now; ok deraadt@ | ||
343 | (Id sync only: Portable will continue to support older OpenSSLs) | ||
344 | - (dtucker) [auth-pam.c] Bug #971: Prevent leaking information about user | ||
345 | existence via keyboard-interactive/pam, in conjunction with previous | ||
346 | auth2-chall.c change; with Colin Watson and djm. | ||
347 | - (dtucker) [loginrec.h] Bug #952: Increase size of username field to 128 | ||
348 | bytes to prevent errors from login_init_entry() when the username is | ||
349 | exactly 64 bytes(!) long. From brhamon at cisco.com, ok djm@ | ||
350 | - (dtucker) [auth-chall.c auth.h auth2-chall.c] Bug #936: Remove pam from | ||
351 | the list of available kbdint devices if UsePAM=no. ok djm@ | ||
352 | |||
353 | 20050118 | ||
354 | - (dtucker) [INSTALL Makefile.in configure.ac survey.sh.in] Implement | ||
355 | "make survey" and "make send-survey". This will provide data on the | ||
356 | configure parameters, platform and platform features to the development | ||
357 | team, which will allow (among other things) better targetting of testing. | ||
358 | It's entirely voluntary and is off be default. ok djm@ | ||
359 | - (dtucker) [survey.sh.in] Remove any blank lines from the output of | ||
360 | ccver-v and ccver-V. | ||
361 | |||
362 | 20041220 | ||
363 | - (dtucker) [ssh-rand-helper.c] Fall back to command-based seeding if reading | ||
364 | from prngd is enabled at compile time but fails at run time, eg because | ||
365 | prngd is not running. Note that if you have prngd running when OpenSSH is | ||
366 | built, OpenSSL will consider itself internally seeded and rand-helper won't | ||
367 | be built at all unless explicitly enabled via --with-rand-helper. ok djm@ | ||
368 | - (dtucker) [regress/rekey.sh] Touch datafile before filling with dd, since | ||
369 | on some wacky platforms (eg old AIXes), dd will refuse to create an output | ||
370 | file if it doesn't exist. | ||
371 | |||
372 | 20041213 | ||
373 | - (dtucker) [contrib/findssh.sh] Clean up on interrupt; from | ||
374 | amarendra.godbole at ge com. | ||
375 | |||
376 | 20041211 | ||
377 | - (dtucker) OpenBSD CVS Sync | ||
378 | - markus@cvs.openbsd.org 2004/12/06 16:00:43 | ||
379 | [bufaux.c] | ||
380 | use 0x00 not \0 since buf[] is a bignum | ||
381 | - fgsch@cvs.openbsd.org 2004/12/10 03:10:42 | ||
382 | [sftp.c] | ||
383 | - fix globbed ls for paths the same lenght as the globbed path when | ||
384 | we have a unique matching. | ||
385 | - fix globbed ls in case of a directory when we have a unique matching. | ||
386 | - as a side effect, if the path does not exist error (used to silently | ||
387 | ignore). | ||
388 | - don't do extra do_lstat() if we only have one matching file. | ||
389 | djm@ ok | ||
390 | - dtucker@cvs.openbsd.org 2004/12/11 01:48:56 | ||
391 | [auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h] | ||
392 | Fix debug call in error path of authorized_keys processing and fix related | ||
393 | warnings; ok djm@ | ||
394 | |||
395 | 20041208 | ||
396 | - (tim) [configure.ac] Comment some non obvious platforms in the | ||
397 | target-specific case statement. Suggested and OK by dtucker@ | ||
398 | |||
399 | 20041207 | ||
400 | - (dtucker) [regress/scp.sh] Use portable-friendly $DIFFOPTs in new test. | ||
401 | |||
402 | 20041206 | ||
403 | - (dtucker) [TODO WARNING.RNG] Update to reflect current reality. ok djm@ | ||
404 | - (dtucker) OpenBSD CVS Sync | ||
405 | - markus@cvs.openbsd.org 2004/11/25 22:22:14 | ||
406 | [sftp-client.c sftp.c] | ||
407 | leak; from mpech | ||
408 | - jmc@cvs.openbsd.org 2004/11/29 00:05:17 | ||
409 | [sftp.1] | ||
410 | missing full stop; | ||
411 | - djm@cvs.openbsd.org 2004/11/29 07:41:24 | ||
412 | [sftp-client.h sftp.c] | ||
413 | Some small fixes from moritz@jodeit.org. ok deraadt@ | ||
414 | - jaredy@cvs.openbsd.org 2004/12/05 23:55:07 | ||
415 | [sftp.1] | ||
416 | - explain that patterns can be used as arguments in get/put/ls/etc | ||
417 | commands (prodded by Michael Knudsen) | ||
418 | - describe ls flags as a list | ||
419 | - other minor improvements | ||
420 | ok jmc, djm | ||
421 | - dtucker@cvs.openbsd.org 2004/12/06 11:41:03 | ||
422 | [auth-rsa.c auth2-pubkey.c authfile.c misc.c misc.h ssh.h sshd.8] | ||
423 | Discard over-length authorized_keys entries rather than complaining when | ||
424 | they don't decode. bz #884, with & ok djm@ | ||
425 | - (dtucker) OpenBSD CVS Sync (regress/) | ||
426 | - djm@cvs.openbsd.org 2004/06/26 06:16:07 | ||
427 | [reexec.sh] | ||
428 | don't change the name of the copied sshd for the reexec fallback test, | ||
429 | makes life simpler for portable | ||
430 | - dtucker@cvs.openbsd.org 2004/07/08 12:59:35 | ||
431 | [scp.sh] | ||
432 | Regress test for bz #863 (scp double-error), requires $SUDO. ok markus@ | ||
433 | - david@cvs.openbsd.org 2004/07/09 19:45:43 | ||
434 | [Makefile] | ||
435 | add a missing CLEANFILES used in the re-exec test | ||
436 | - djm@cvs.openbsd.org 2004/10/08 02:01:50 | ||
437 | [reexec.sh] | ||
438 | shrink and tidy; ok dtucker@ | ||
439 | - djm@cvs.openbsd.org 2004/10/29 23:59:22 | ||
440 | [Makefile added brokenkeys.sh] | ||
441 | regression test for handling of corrupt keys in authorized_keys file | ||
442 | - djm@cvs.openbsd.org 2004/11/07 00:32:41 | ||
443 | [multiplex.sh] | ||
444 | regression tests for new multiplex commands | ||
445 | - dtucker@cvs.openbsd.org 2004/11/25 09:39:27 | ||
446 | [test-exec.sh] | ||
447 | Remove obsolete RhostsAuthentication from test config; ok markus@ | ||
448 | - dtucker@cvs.openbsd.org 2004/12/06 10:49:56 | ||
449 | [test-exec.sh] | ||
450 | Check if TEST_SSH_SSHD is a full path to sshd before searching; ok markus@ | ||
451 | |||
452 | 20041203 | ||
453 | - (dtucker) OpenBSD CVS Sync | ||
454 | - jmc@cvs.openbsd.org 2004/11/07 17:42:36 | ||
455 | [ssh.1] | ||
456 | options sort, and whitespace; | ||
457 | - jmc@cvs.openbsd.org 2004/11/07 17:57:30 | ||
458 | [ssh.c] | ||
459 | usage(): | ||
460 | - add -O | ||
461 | - sync -S w/ manpage | ||
462 | - remove -h | ||
463 | - (dtucker) [auth1.c auth2.c] If the user successfully authenticates but is | ||
464 | subsequently denied by the PAM auth stack, send the PAM message to the | ||
465 | user via packet_disconnect (Protocol 1) or userauth_banner (Protocol 2). | ||
466 | ok djm@ | ||
467 | |||
468 | 20041107 | ||
469 | - (dtucker) OpenBSD CVS Sync | ||
470 | - djm@cvs.openbsd.org 2004/11/05 12:19:56 | ||
471 | [sftp.c] | ||
472 | command editing and history support via libedit; ok markus@ | ||
473 | thanks to hshoexer@ and many testers on tech@ too | ||
474 | - djm@cvs.openbsd.org 2004/11/07 00:01:46 | ||
475 | [clientloop.c clientloop.h ssh.1 ssh.c] | ||
476 | add basic control of a running multiplex master connection; including the | ||
477 | ability to check its status and request it to exit; ok markus@ | ||
478 | - (dtucker) [INSTALL Makefile.in configure.ac] Add --with-libedit configure | ||
479 | option and supporting makefile bits and documentation. | ||
480 | |||
481 | 20041105 | ||
482 | - (dtucker) OpenBSD CVS Sync | ||
483 | - markus@cvs.openbsd.org 2004/08/30 09:18:08 | ||
484 | [LICENCE] | ||
485 | s/keygen/keyscan/ | ||
486 | - jmc@cvs.openbsd.org 2004/08/30 21:22:49 | ||
487 | [ssh-add.1 ssh.1] | ||
488 | .Xsession -> .xsession; | ||
489 | originally from a pr from f at obiit dot org, but missed by myself; | ||
490 | ok markus@ matthieu@ | ||
491 | - djm@cvs.openbsd.org 2004/09/07 23:41:30 | ||
492 | [clientloop.c ssh.c] | ||
493 | cleanup multiplex control socket on SIGHUP too, spotted by sturm@ | ||
494 | ok markus@ deraadt@ | ||
495 | - deraadt@cvs.openbsd.org 2004/09/15 00:46:01 | ||
496 | [ssh.c] | ||
497 | /* fallthrough */ is something a programmer understands. But | ||
498 | /* FALLTHROUGH */ is also understood by lint, so that is better. | ||
499 | - jaredy@cvs.openbsd.org 2004/09/15 03:25:41 | ||
500 | [sshd_config.5] | ||
501 | mention PrintLastLog only prints last login time for interactive | ||
502 | sessions, like PrintMotd mentions. | ||
503 | From Michael Knudsen, with wording changed slightly to match the | ||
504 | PrintMotd description. | ||
505 | ok djm | ||
506 | - mickey@cvs.openbsd.org 2004/09/15 18:42:27 | ||
507 | [sshd.c] | ||
508 | use less doubles in daemons; markus@ ok | ||
509 | - deraadt@cvs.openbsd.org 2004/09/15 18:46:04 | ||
510 | [scp.c] | ||
511 | scratch that do { } while (0) wrapper in this case | ||
512 | - djm@cvs.openbsd.org 2004/09/23 13:00:04 | ||
513 | [ssh.c] | ||
514 | correctly honour -n in multiplex client mode; spotted by sturm@ ok markus@ | ||
515 | - djm@cvs.openbsd.org 2004/09/25 03:45:14 | ||
516 | [sshd.c] | ||
517 | these printf args are no longer double; ok deraadt@ markus@ | ||
518 | - djm@cvs.openbsd.org 2004/10/07 10:10:24 | ||
519 | [scp.1 sftp.1 ssh.1 ssh_config.5] | ||
520 | document KbdInteractiveDevices; ok markus@ | ||
521 | - djm@cvs.openbsd.org 2004/10/07 10:12:36 | ||
522 | [ssh-agent.c] | ||
523 | don't unlink agent socket when bind() fails, spotted by rich AT | ||
524 | rich-paul.net, ok markus@ | ||
525 | - markus@cvs.openbsd.org 2004/10/20 11:48:53 | ||
526 | [packet.c ssh1.h] | ||
527 | disconnect for invalid (out of range) message types. | ||
528 | - djm@cvs.openbsd.org 2004/10/29 21:47:15 | ||
529 | [channels.c channels.h clientloop.c] | ||
530 | fix some window size change bugs for multiplexed connections: windows sizes | ||
531 | were not being updated if they had changed after ~^Z suspends and SIGWINCH | ||
532 | was not being processed unless the first connection had requested a tty; | ||
533 | ok markus | ||
534 | - djm@cvs.openbsd.org 2004/10/29 22:53:56 | ||
535 | [clientloop.c misc.h readpass.c ssh-agent.c] | ||
536 | factor out common permission-asking code to separate function; ok markus@ | ||
537 | - djm@cvs.openbsd.org 2004/10/29 23:56:17 | ||
538 | [bufaux.c bufaux.h buffer.c buffer.h] | ||
539 | introduce a new buffer API that returns an error rather than fatal()ing | ||
540 | when presented with bad data; ok markus@ | ||
541 | - djm@cvs.openbsd.org 2004/10/29 23:57:05 | ||
542 | [key.c] | ||
543 | use new buffer API to avoid fatal errors on corrupt keys in authorized_keys | ||
544 | files; ok markus@ | ||
545 | |||
546 | 20041102 | ||
547 | - (dtucker) [configure.ac includes.h] Bug #947: Fix compile error on HP-UX | ||
548 | 10.x by testing for conflicts in shadow.h and undef'ing _INCLUDE__STDC__ | ||
549 | only if a conflict is detected. | ||
550 | |||
551 | 20041019 | ||
552 | - (dtucker) [uidswap.c] Don't test dropping of gids for the root user or | ||
553 | on Cygwin. Cygwin parts from vinschen at redhat com; ok djm@ | ||
554 | |||
555 | 20041016 | ||
556 | - (djm) [auth-pam.c] snprintf->strl*, fix server message length calculations; | ||
557 | ok dtucker@ | ||
558 | |||
559 | 20041006 | ||
560 | - (dtucker) [README.privsep] Bug #939: update info about HP-UX Trusted Mode | ||
561 | and other PAM platforms. | ||
562 | - (dtucker) [monitor_mm.c openbsd-compat/xmmap.c] Bug #940: cast constants | ||
563 | to void * to appease picky compilers (eg Tru64's "cc -std1"). | ||
564 | |||
565 | 20040930 | ||
566 | - (dtucker) [configure.ac] Set AC_PACKAGE_NAME. ok djm@ | ||
567 | |||
568 | 20040923 | ||
569 | - (dtucker) [openbsd-compat/bsd-snprintf.c] Previous change was off by one, | ||
570 | which could have caused the justification to be wrong. ok djm@ | ||
571 | |||
572 | 20040921 | ||
573 | - (dtucker) [openbsd-compat/bsd-snprintf.c] Check for max length too. | ||
574 | ok djm@ | ||
575 | - (dtucker) [contrib/cygwin/ssh-host-config] Update to match current Cygwin | ||
576 | install process. Patch from vinschen at redhat.com. | ||
577 | |||
578 | 20040912 | ||
579 | - (djm) [loginrec.c] Start KNF and tidy up of this long-neglected file. | ||
580 | No change in resultant binary | ||
581 | - (djm) [loginrec.c] __func__ifiy | ||
582 | - (djm) [loginrec.c] xmalloc | ||
583 | - (djm) [ssh.c sshd.c version.h] Don't divulge portable version in protocol | ||
584 | banner. Suggested by deraadt@, ok mouring@, dtucker@ | ||
585 | - (dtucker) [configure.ac] Fix incorrect quoting and tests for cross-compile. | ||
586 | Partly by & ok djm@. | ||
587 | |||
588 | 20040911 | ||
589 | - (djm) [ssh-agent.c] unifdef some cygwin code; ok dtucker@ | ||
590 | - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890: Send output from | ||
591 | failing PAM session modules to user then exit, similar to the way | ||
592 | /etc/nologin is handled. ok djm@ | ||
593 | - (dtucker) [auth-pam.c] Relocate sshpam_store_conv(), no code change. | ||
594 | - (djm) [auth2-kbdint.c auth2-none.c auth2-passwd.c auth2-pubkey.c] | ||
595 | Make cygwin code more consistent with that which surrounds it | ||
596 | - (dtucker) [auth-pam.c auth.h auth2-none.c auth2.c monitor.c monitor_wrap.c] | ||
597 | Bug #892: Send messages from failing PAM account modules to the client via | ||
598 | SSH2_MSG_USERAUTH_BANNER messages. Note that this will not happen with | ||
599 | SSH2 kbdint authentication, which need to be dealt with separately. ok djm@ | ||
600 | - (dtucker) [session.c] Bug #927: make .hushlogin silent again. ok djm@ | ||
601 | - (dtucker) [configure.ac] Bug #321: Add cross-compile support to configure. | ||
602 | Parts by chua at ayrnetworks.com, astrand at lysator.liu.se and me. ok djm@ | ||
603 | - (dtucker) [auth-krb5.c] Bug #922: Pass KRB5CCNAME to PAM. From deengert | ||
604 | at anl.gov, ok djm@ | ||
605 | |||
606 | 20040830 | ||
607 | - (dtucker) [session.c openbsd-compat/bsd-cygwin_util.{c,h}] Bug #915: only | ||
608 | copy required environment variables on Cygwin. Patch from vinschen at | ||
609 | redhat.com, ok djm@ | ||
610 | - (dtucker) [regress/Makefile] Clean scp-ssh-wrapper.scp too. Patch from | ||
611 | vinschen at redhat.com. | ||
612 | - (dtucker) [Makefile.in contrib/ssh-copy-id] Bug #894: Improve portability | ||
613 | of shell constructs. Patch from cjwatson at debian.org. | ||
614 | |||
615 | 20040829 | ||
616 | - (dtucker) [openbsd-compat/getrrsetbyname.c] Prevent getrrsetbyname from | ||
617 | failing with NOMEMORY if no sigs are returned and malloc(0) returns NULL. | ||
618 | From Martin.Kraemer at Fujitsu-Siemens.com; ok djm@ | ||
619 | - (dtucker) OpenBSD CVS Sync | ||
620 | - djm@cvs.openbsd.org 2004/08/23 11:48:09 | ||
621 | [authfile.c] | ||
622 | fix error path, spotted by Martin.Kraemer AT Fujitsu-Siemens.com; ok markus | ||
623 | - djm@cvs.openbsd.org 2004/08/23 11:48:47 | ||
624 | [channels.c] | ||
625 | typo, spotted by Martin.Kraemer AT Fujitsu-Siemens.com; ok markus | ||
626 | - dtucker@cvs.openbsd.org 2004/08/23 14:26:38 | ||
627 | [ssh-keysign.c ssh.c] | ||
628 | Use permanently_set_uid() in ssh and ssh-keysign for consistency, matches | ||
629 | change in Portable; ok markus@ (CVS ID sync only) | ||
630 | - dtucker@cvs.openbsd.org 2004/08/23 14:29:23 | ||
631 | [ssh-keysign.c] | ||
632 | Remove duplicate getuid(), suggested by & ok markus@ | ||
633 | - markus@cvs.openbsd.org 2004/08/26 16:00:55 | ||
634 | [ssh.1 sshd.8] | ||
635 | get rid of references to rhosts authentication; with jmc@ | ||
636 | - djm@cvs.openbsd.org 2004/08/28 01:01:48 | ||
637 | [sshd.c] | ||
638 | don't erroneously close stdin for !reexec case, from Dave Johnson; | ||
639 | ok markus@ | ||
640 | - (dtucker) [configure.ac] Include sys/stream.h in sys/ptms.h header check, | ||
641 | fixes configure warning on Solaris reported by wknox at mitre.org. | ||
642 | - (dtucker) [regress/multiplex.sh] Skip test on platforms that do not | ||
643 | support FD passing since multiplex requires it. Noted by tim@ | ||
644 | - (dtucker) [regress/dynamic-forward.sh] Allow time for connections to be torn | ||
645 | down, needed on some platforms, should be harmless on others. Patch from | ||
646 | jason at devrandom.org. | ||
647 | - (dtucker) [regress/scp.sh] Make this work on Cygwin too, which doesn't like | ||
648 | files ending in .exe that aren't binaries; patch from vinschen at redhat.com. | ||
649 | - (dtucker) [Makefile.in] Get regress/Makefile symlink right for out-of-tree | ||
650 | builds too, from vinschen at redhat.com. | ||
651 | - (dtucker) [regress/agent-ptrace.sh] Skip ptrace test on OSF1/DUnix/Tru64 | ||
652 | too; patch from cmadams at hiwaay.net. | ||
653 | - (dtucker) [configure.ac] Replace non-portable echo \n with extra echo. | ||
654 | - (dtucker) [openbsd-compat/port-aix.c] Bug #712: Explicitly check for | ||
655 | accounts with authentication configs that sshd can't support (ie | ||
656 | SYSTEM=NONE and AUTH1=something). | ||
657 | |||
658 | 20040828 | ||
659 | - (dtucker) [openbsd-compat/mktemp.c] Remove superfluous Cygwin #ifdef; from | ||
660 | vinschen at redhat.com. | ||
661 | |||
662 | 20040823 | ||
663 | - (djm) [ssh-rand-helper.c] Typo. Found by | ||
664 | Martin.Kraemer AT Fujitsu-Siemens.com | ||
665 | - (djm) [loginrec.c] Typo and bad args in error messages; Spotted by | ||
666 | Martin.Kraemer AT Fujitsu-Siemens.com | ||
667 | |||
1 | 20040817 | 668 | 20040817 |
2 | - (dtucker) [regress/README.regress] Note compatibility issues with GNU head. | 669 | - (dtucker) [regress/README.regress] Note compatibility issues with GNU head. |
3 | - (djm) OpenBSD CVS Sync | 670 | - (djm) OpenBSD CVS Sync |
@@ -1654,4 +2321,4 @@ | |||
1654 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 2321 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
1655 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 2322 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
1656 | 2323 | ||
1657 | $Id: ChangeLog,v 1.3517 2004/08/17 12:50:40 djm Exp $ | 2324 | $Id: ChangeLog,v 1.3707.2.1 2005/03/09 04:52:09 djm Exp $ |
@@ -52,6 +52,14 @@ http://www.lothar.com/tech/crypto/ | |||
52 | S/Key Libraries: | 52 | S/Key Libraries: |
53 | http://www.sparc.spb.su/solaris/skey/ | 53 | http://www.sparc.spb.su/solaris/skey/ |
54 | 54 | ||
55 | LibEdit: | ||
56 | |||
57 | sftp now supports command-line editing via NetBSD's libedit. If your | ||
58 | platform has it available natively you can use that, alternatively | ||
59 | you might try these multi-platform ports: | ||
60 | http://www.thrysoee.dk/editline/ | ||
61 | http://sourceforge.net/projects/libedit/ | ||
62 | |||
55 | If you wish to use --with-skey then you will need the above library | 63 | If you wish to use --with-skey then you will need the above library |
56 | installed. No other current S/Key library is currently known to be | 64 | installed. No other current S/Key library is currently known to be |
57 | supported. | 65 | supported. |
@@ -192,7 +200,20 @@ running and has collected some Entropy. | |||
192 | For more information on configuration, please refer to the manual pages | 200 | For more information on configuration, please refer to the manual pages |
193 | for sshd, ssh and ssh-agent. | 201 | for sshd, ssh and ssh-agent. |
194 | 202 | ||
195 | 4. Problems? | 203 | 4. (Optional) Send survey |
204 | ------------------------- | ||
205 | |||
206 | $ make survey | ||
207 | [check the contents and make sure there's no sensitive information] | ||
208 | $ make send-survey | ||
209 | |||
210 | This will send configuration information for the currently configured | ||
211 | host to a survey address. This will help determine which configurations | ||
212 | are actually in use, and what valid combinations of configure options | ||
213 | exist. The raw data is available only to the OpenSSH developers, however | ||
214 | summary data may be published. | ||
215 | |||
216 | 5. Problems? | ||
196 | ------------ | 217 | ------------ |
197 | 218 | ||
198 | If you experience problems compiling, installing or running OpenSSH. | 219 | If you experience problems compiling, installing or running OpenSSH. |
@@ -200,4 +221,4 @@ Please refer to the "reporting bugs" section of the webpage at | |||
200 | http://www.openssh.com/ | 221 | http://www.openssh.com/ |
201 | 222 | ||
202 | 223 | ||
203 | $Id: INSTALL,v 1.64 2004/05/26 23:59:31 dtucker Exp $ | 224 | $Id: INSTALL,v 1.66 2005/01/18 01:05:18 dtucker Exp $ |
@@ -97,7 +97,7 @@ OpenSSH contains no GPL code. | |||
97 | * <http://www.core-sdi.com> | 97 | * <http://www.core-sdi.com> |
98 | 98 | ||
99 | 3) | 99 | 3) |
100 | ssh-keygen was contributed by David Mazieres under a BSD-style | 100 | ssh-keyscan was contributed by David Mazieres under a BSD-style |
101 | license. | 101 | license. |
102 | 102 | ||
103 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 103 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
@@ -203,6 +203,7 @@ OpenSSH contains no GPL code. | |||
203 | Wayne Schroeder | 203 | Wayne Schroeder |
204 | William Jones | 204 | William Jones |
205 | Darren Tucker | 205 | Darren Tucker |
206 | Sun Microsystems | ||
206 | 207 | ||
207 | * Redistribution and use in source and binary forms, with or without | 208 | * Redistribution and use in source and binary forms, with or without |
208 | * modification, are permitted provided that the following conditions | 209 | * modification, are permitted provided that the following conditions |
@@ -329,4 +330,4 @@ OpenSSH contains no GPL code. | |||
329 | 330 | ||
330 | 331 | ||
331 | ------ | 332 | ------ |
332 | $OpenBSD: LICENCE,v 1.18 2003/11/21 11:57:02 djm Exp $ | 333 | $OpenBSD: LICENCE,v 1.19 2004/08/30 09:18:08 markus Exp $ |
diff --git a/Makefile.in b/Makefile.in index ea0f9c3ef..bca425d36 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: Makefile.in,v 1.263 2004/08/15 11:01:37 dtucker Exp $ | 1 | # $Id: Makefile.in,v 1.270 2005/02/25 23:12:38 dtucker Exp $ |
2 | 2 | ||
3 | # uncomment if you run a non bourne compatable shell. Ie. csh | 3 | # uncomment if you run a non bourne compatable shell. Ie. csh |
4 | #SHELL = @SH@ | 4 | #SHELL = @SH@ |
@@ -43,6 +43,7 @@ LD=@LD@ | |||
43 | CFLAGS=@CFLAGS@ | 43 | CFLAGS=@CFLAGS@ |
44 | CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ | 44 | CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ |
45 | LIBS=@LIBS@ | 45 | LIBS=@LIBS@ |
46 | LIBEDIT=@LIBEDIT@ | ||
46 | LIBPAM=@LIBPAM@ | 47 | LIBPAM=@LIBPAM@ |
47 | LIBWRAP=@LIBWRAP@ | 48 | LIBWRAP=@LIBWRAP@ |
48 | AR=@AR@ | 49 | AR=@AR@ |
@@ -84,7 +85,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ | |||
84 | monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o \ | 85 | monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o \ |
85 | auth-krb5.o \ | 86 | auth-krb5.o \ |
86 | auth2-gss.o gss-serv.o gss-serv-krb5.o \ | 87 | auth2-gss.o gss-serv.o gss-serv-krb5.o \ |
87 | loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o | 88 | loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ |
89 | audit.o audit-bsm.o | ||
88 | 90 | ||
89 | MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out | 91 | MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out |
90 | MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5 | 92 | MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5 |
@@ -158,7 +160,7 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o | |||
158 | $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 160 | $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
159 | 161 | ||
160 | sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o | 162 | sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o |
161 | $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 163 | $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) |
162 | 164 | ||
163 | ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o | 165 | ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o |
164 | $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 166 | $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
@@ -194,13 +196,13 @@ moduli: | |||
194 | 196 | ||
195 | clean: regressclean | 197 | clean: regressclean |
196 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log | 198 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log |
197 | rm -f *.out core | 199 | rm -f *.out core survey |
198 | (cd openbsd-compat && $(MAKE) clean) | 200 | (cd openbsd-compat && $(MAKE) clean) |
199 | 201 | ||
200 | distclean: regressclean | 202 | distclean: regressclean |
201 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log | 203 | rm -f *.o *.a $(TARGETS) logintest config.cache config.log |
202 | rm -f *.out core opensshd.init | 204 | rm -f *.out core opensshd.init |
203 | rm -f Makefile buildpkg.sh config.h config.status ssh_prng_cmds *~ | 205 | rm -f Makefile buildpkg.sh config.h config.status ssh_prng_cmds survey.sh *~ |
204 | rm -rf autom4te.cache | 206 | rm -rf autom4te.cache |
205 | (cd openbsd-compat && $(MAKE) distclean) | 207 | (cd openbsd-compat && $(MAKE) distclean) |
206 | (cd scard && $(MAKE) distclean) | 208 | (cd scard && $(MAKE) distclean) |
@@ -228,8 +230,9 @@ distprep: catman-do | |||
228 | -rm -rf autom4te.cache | 230 | -rm -rf autom4te.cache |
229 | (cd scard && $(MAKE) -f Makefile.in distprep) | 231 | (cd scard && $(MAKE) -f Makefile.in distprep) |
230 | 232 | ||
231 | install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files host-key check-config | 233 | install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config |
232 | install-nokeys: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files | 234 | install-nokeys: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf |
235 | install-nosysconf: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files | ||
233 | 236 | ||
234 | check-config: | 237 | check-config: |
235 | -$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config | 238 | -$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config |
@@ -279,6 +282,8 @@ install-files: scard-install | |||
279 | ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin | 282 | ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin |
280 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 | 283 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 |
281 | ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 | 284 | ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 |
285 | |||
286 | install-sysconf: | ||
282 | if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \ | 287 | if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \ |
283 | $(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \ | 288 | $(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \ |
284 | fi | 289 | fi |
@@ -376,7 +381,7 @@ tests: $(TARGETS) | |||
376 | BUILDDIR=`pwd`; \ | 381 | BUILDDIR=`pwd`; \ |
377 | [ -d `pwd`/regress ] || mkdir -p `pwd`/regress; \ | 382 | [ -d `pwd`/regress ] || mkdir -p `pwd`/regress; \ |
378 | [ -f `pwd`/regress/Makefile ] || \ | 383 | [ -f `pwd`/regress/Makefile ] || \ |
379 | ln -s $(srcdir)/regress/Makefile `pwd`/regress/Makefile ; \ | 384 | ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile ; \ |
380 | TEST_SHELL="@TEST_SHELL@"; \ | 385 | TEST_SHELL="@TEST_SHELL@"; \ |
381 | TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ | 386 | TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ |
382 | TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \ | 387 | TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \ |
@@ -410,6 +415,15 @@ regressclean: | |||
410 | (cd regress && $(MAKE) clean) \ | 415 | (cd regress && $(MAKE) clean) \ |
411 | fi | 416 | fi |
412 | 417 | ||
418 | survey: survey.sh ssh | ||
419 | @$(SHELL) ./survey.sh > survey | ||
420 | @echo 'The survey results have been placed in the file "survey" in the' | ||
421 | @echo 'current directory. Please review the file then send with' | ||
422 | @echo '"make send-survey".' | ||
423 | |||
424 | send-survey: survey | ||
425 | mail portable-survey@mindrot.org <survey | ||
426 | |||
413 | package: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) | 427 | package: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) |
414 | if [ "@MAKE_PACKAGE_SUPPORTED@" = yes ]; then \ | 428 | if [ "@MAKE_PACKAGE_SUPPORTED@" = yes ]; then \ |
415 | sh buildpkg.sh; \ | 429 | sh buildpkg.sh; \ |
@@ -1,4 +1,4 @@ | |||
1 | See http://www.openssh.com/txt/release-3.8.1 for the release notes. | 1 | See http://www.openssh.com/txt/release-4.0 for the release notes. |
2 | 2 | ||
3 | - A Japanese translation of this document and of the OpenSSH FAQ is | 3 | - A Japanese translation of this document and of the OpenSSH FAQ is |
4 | - available at http://www.unixuser.org/~haruyama/security/openssh/index.html | 4 | - available at http://www.unixuser.org/~haruyama/security/openssh/index.html |
@@ -61,4 +61,4 @@ References - | |||
61 | [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 | 61 | [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 |
62 | [7] http://www.openssh.com/faq.html | 62 | [7] http://www.openssh.com/faq.html |
63 | 63 | ||
64 | $Id: README,v 1.56 2004/08/14 00:26:30 djm Exp $ | 64 | $Id: README,v 1.56.4.1 2005/03/09 03:12:09 djm Exp $ |
diff --git a/README.platform b/README.platform index 880b83c63..af551de48 100644 --- a/README.platform +++ b/README.platform | |||
@@ -13,6 +13,15 @@ Accounts in this state must have their passwords reset manually by the | |||
13 | administrator. As a precaution, it is recommended that the administrative | 13 | administrator. As a precaution, it is recommended that the administrative |
14 | passwords be reset before upgrading from OpenSSH <3.8. | 14 | passwords be reset before upgrading from OpenSSH <3.8. |
15 | 15 | ||
16 | As of OpenSSH 4.0, configure will attempt to detect if your version | ||
17 | and maintenance level of AIX has a working getaddrinfo, and will use it | ||
18 | if found. This will enable IPv6 support. If for some reason configure | ||
19 | gets it wrong, or if you want to build binaries to work on earlier MLs | ||
20 | than the build host then you can add "-DBROKEN_GETADDRINFO" to CFLAGS | ||
21 | to force the previous IPv4-only behaviour. | ||
22 | |||
23 | IPv6 known to work: 5.1ML7 5.2ML2 5.2ML5 | ||
24 | IPv6 known broken: 4.3.3ML11 5.1ML4 | ||
16 | 25 | ||
17 | Cygwin | 26 | Cygwin |
18 | ------ | 27 | ------ |
@@ -23,8 +32,17 @@ openssl-devel, zlib, minres, minires-devel. | |||
23 | 32 | ||
24 | Solaris | 33 | Solaris |
25 | ------- | 34 | ------- |
26 | Currently, sshd does not support BSM auditting. This can show up as errors | 35 | If you enable BSM auditing on Solaris, you need to update audit_event(4) |
27 | when editting cron entries via crontab. See. | 36 | for praudit(1m) to give sensible output. The following line needs to be |
28 | http://bugzilla.mindrot.org/show_bug.cgi?id=125 | 37 | added to /etc/security/audit_event: |
38 | |||
39 | 32800:AUE_openssh:OpenSSH login:lo | ||
40 | |||
41 | The BSM audit event range available for third party TCB applications is | ||
42 | 32768 - 65535. Event number 32800 has been choosen for AUE_openssh. | ||
43 | There is no official registry of 3rd party event numbers, so if this | ||
44 | number is already in use on your system, you may change it at build time | ||
45 | by configure'ing --with-cflags=-DAUE_openssh=32801 then rebuilding. | ||
46 | |||
29 | 47 | ||
30 | $Id: README.platform,v 1.2 2004/04/23 08:57:13 dtucker Exp $ | 48 | $Id: README.platform,v 1.5 2005/02/20 10:01:49 dtucker Exp $ |
diff --git a/README.privsep b/README.privsep index 32403770d..ecb9d6914 100644 --- a/README.privsep +++ b/README.privsep | |||
@@ -38,9 +38,8 @@ privsep user and chroot directory: | |||
38 | Privsep requires operating system support for file descriptor passing. | 38 | Privsep requires operating system support for file descriptor passing. |
39 | Compression will be disabled on systems without a working mmap MAP_ANON. | 39 | Compression will be disabled on systems without a working mmap MAP_ANON. |
40 | 40 | ||
41 | PAM-enabled OpenSSH is known to function with privsep on Linux. | 41 | PAM-enabled OpenSSH is known to function with privsep on AIX, HP-UX |
42 | It does not function on HP-UX with a trusted system | 42 | (including Trusted Mode), Linux and Solaris. |
43 | configuration. | ||
44 | 43 | ||
45 | On Cygwin, Tru64 Unix, OpenServer, and Unicos only the pre-authentication | 44 | On Cygwin, Tru64 Unix, OpenServer, and Unicos only the pre-authentication |
46 | part of privsep is supported. Post-authentication privsep is disabled | 45 | part of privsep is supported. Post-authentication privsep is disabled |
@@ -61,4 +60,4 @@ process 1005 is the sshd process listening for new connections. | |||
61 | process 6917 is the privileged monitor process, 6919 is the user owned | 60 | process 6917 is the privileged monitor process, 6919 is the user owned |
62 | sshd process and 6921 is the shell process. | 61 | sshd process and 6921 is the shell process. |
63 | 62 | ||
64 | $Id: README.privsep,v 1.14 2004/06/28 03:50:36 tim Exp $ | 63 | $Id: README.privsep,v 1.15 2004/10/06 10:09:32 dtucker Exp $ |
@@ -30,13 +30,8 @@ Programming: | |||
30 | 30 | ||
31 | - More platforms for for setproctitle() emulation (testing needed) | 31 | - More platforms for for setproctitle() emulation (testing needed) |
32 | 32 | ||
33 | - Improve PAM support (a pam_lastlog module will cause sshd to exit) | ||
34 | and maybe support alternate forms of authentications like OPIE via | ||
35 | pam? | ||
36 | |||
37 | - Improve PAM ChallengeResponseAuthentication | 33 | - Improve PAM ChallengeResponseAuthentication |
38 | - Informational messages | 34 | - Informational messages |
39 | - chauthtok | ||
40 | - Use different PAM service name for kbdint vs regular auth (suggest from | 35 | - Use different PAM service name for kbdint vs regular auth (suggest from |
41 | Solar Designer) | 36 | Solar Designer) |
42 | - Ability to select which ChallengeResponseAuthentications may be used | 37 | - Ability to select which ChallengeResponseAuthentications may be used |
@@ -59,8 +54,6 @@ Clean up configure/makefiles: | |||
59 | information in wtmpx or utmpx or any of that stuff if it's not detected | 54 | information in wtmpx or utmpx or any of that stuff if it's not detected |
60 | from the start | 55 | from the start |
61 | 56 | ||
62 | - Fails to compile when cross compile. (vinschen@redhat.com) | ||
63 | |||
64 | - Replace the whole u_intXX_t evilness in acconfig.h with something better??? | 57 | - Replace the whole u_intXX_t evilness in acconfig.h with something better??? |
65 | - Do it in configure.ac | 58 | - Do it in configure.ac |
66 | 59 | ||
@@ -72,10 +65,6 @@ Clean up configure/makefiles: | |||
72 | entropy related stuff into another. | 65 | entropy related stuff into another. |
73 | 66 | ||
74 | Packaging: | 67 | Packaging: |
75 | - Solaris: Update packaging scripts and build new sysv startup scripts | ||
76 | Ideally the package metadata should be generated by autoconf. | ||
77 | (gilbert.r.loomis@saic.com) | ||
78 | |||
79 | - HP-UX: Provide DEPOT package scripts. | 68 | - HP-UX: Provide DEPOT package scripts. |
80 | (gilbert.r.loomis@saic.com) | 69 | (gilbert.r.loomis@saic.com) |
81 | 70 | ||
@@ -94,4 +83,4 @@ PrivSep Issues: | |||
94 | - Cygwin | 83 | - Cygwin |
95 | + Privsep for Pre-auth only (no fd passing) | 84 | + Privsep for Pre-auth only (no fd passing) |
96 | 85 | ||
97 | $Id: TODO,v 1.57 2004/02/11 09:44:13 dtucker Exp $ | 86 | $Id: TODO,v 1.58 2004/12/06 11:40:11 dtucker Exp $ |
diff --git a/WARNING.RNG b/WARNING.RNG index 5d4ea8753..687891a73 100644 --- a/WARNING.RNG +++ b/WARNING.RNG | |||
@@ -55,11 +55,10 @@ Executing each program in the list can take a large amount of time, | |||
55 | especially on slower machines. Additionally some program can take a | 55 | especially on slower machines. Additionally some program can take a |
56 | disproportionate time to execute. | 56 | disproportionate time to execute. |
57 | 57 | ||
58 | Tuning the default entropy collection code is difficult at this point. | 58 | Tuning the random helper can be done by running ./ssh-random-helper in |
59 | It requires doing 'times ./ssh-rand-helper' and modifying the | 59 | very verbose mode ("-vvv") and identifying the commands that are taking |
60 | ($etcdir)/ssh_prng_cmds until you have found the issue. In the next | 60 | accessive amounts of time or hanging altogher. Any problem commands can |
61 | release we will be looking at support '-v' for verbose output to allow | 61 | be modified or removed from ssh_prng_cmds. |
62 | easier debugging. | ||
63 | 62 | ||
64 | The default entropy collector will timeout programs which take too long | 63 | The default entropy collector will timeout programs which take too long |
65 | to execute, the actual timeout used can be adjusted with the | 64 | to execute, the actual timeout used can be adjusted with the |
@@ -93,4 +92,4 @@ If you are forced to use ssh-rand-helper consider still downloading | |||
93 | prngd/egd and configure OpenSSH using --with-prngd-port=xx or | 92 | prngd/egd and configure OpenSSH using --with-prngd-port=xx or |
94 | --with-prngd-socket=xx (refer to INSTALL for more information). | 93 | --with-prngd-socket=xx (refer to INSTALL for more information). |
95 | 94 | ||
96 | $Id: WARNING.RNG,v 1.6 2003/11/21 12:48:55 djm Exp $ | 95 | $Id: WARNING.RNG,v 1.7 2004/12/06 11:40:11 dtucker Exp $ |
diff --git a/acconfig.h b/acconfig.h index 014413505..5721f65fb 100644 --- a/acconfig.h +++ b/acconfig.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: acconfig.h,v 1.180 2004/08/16 13:12:06 dtucker Exp $ */ | 1 | /* $Id: acconfig.h,v 1.181 2005/02/25 23:07:38 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 1999-2003 Damien Miller. All rights reserved. | 4 | * Copyright (c) 1999-2003 Damien Miller. All rights reserved. |
@@ -52,9 +52,6 @@ | |||
52 | #undef SPT_TYPE | 52 | #undef SPT_TYPE |
53 | #undef SPT_PADCHAR | 53 | #undef SPT_PADCHAR |
54 | 54 | ||
55 | /* setgroups() NOOP allowed */ | ||
56 | #undef SETGROUPS_NOOP | ||
57 | |||
58 | /* SCO workaround */ | 55 | /* SCO workaround */ |
59 | #undef BROKEN_SYS_TERMIO_H | 56 | #undef BROKEN_SYS_TERMIO_H |
60 | 57 | ||
diff --git a/audit-bsm.c b/audit-bsm.c new file mode 100644 index 000000000..c2679d3da --- /dev/null +++ b/audit-bsm.c | |||
@@ -0,0 +1,329 @@ | |||
1 | /* $Id: audit-bsm.c,v 1.1 2005/02/20 10:08:00 dtucker Exp $ */ | ||
2 | |||
3 | /* | ||
4 | * TODO | ||
5 | * | ||
6 | * - deal with overlap between this and sys_auth_allowed_user | ||
7 | * sys_auth_record_login and record_failed_login. | ||
8 | */ | ||
9 | |||
10 | /* | ||
11 | * Copyright 1988-2002 Sun Microsystems, Inc. All rights reserved. | ||
12 | * Use is subject to license terms. | ||
13 | * | ||
14 | * Redistribution and use in source and binary forms, with or without | ||
15 | * modification, are permitted provided that the following conditions | ||
16 | * are met: | ||
17 | * 1. Redistributions of source code must retain the above copyright | ||
18 | * notice, this list of conditions and the following disclaimer. | ||
19 | * 2. Redistributions in binary form must reproduce the above copyright | ||
20 | * notice, this list of conditions and the following disclaimer in the | ||
21 | * documentation and/or other materials provided with the distribution. | ||
22 | * | ||
23 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
24 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
25 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
26 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
27 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
28 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
29 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
30 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
31 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
32 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
33 | * | ||
34 | */ | ||
35 | /* #pragma ident "@(#)bsmaudit.c 1.1 01/09/17 SMI" */ | ||
36 | |||
37 | #include "includes.h" | ||
38 | #if defined(USE_BSM_AUDIT) | ||
39 | |||
40 | #include "ssh.h" | ||
41 | #include "log.h" | ||
42 | #include "auth.h" | ||
43 | #include "xmalloc.h" | ||
44 | |||
45 | #ifndef AUE_openssh | ||
46 | # define AUE_openssh 32800 | ||
47 | #endif | ||
48 | #include <bsm/audit.h> | ||
49 | #include <bsm/libbsm.h> | ||
50 | #include <bsm/audit_uevents.h> | ||
51 | #include <bsm/audit_record.h> | ||
52 | #include <locale.h> | ||
53 | |||
54 | #if defined(HAVE_GETAUDIT_ADDR) | ||
55 | #define AuditInfoStruct auditinfo_addr | ||
56 | #define AuditInfoTermID au_tid_addr_t | ||
57 | #define GetAuditFunc(a,b) getaudit_addr((a),(b)) | ||
58 | #define GetAuditFuncText "getaudit_addr" | ||
59 | #define SetAuditFunc(a,b) setaudit_addr((a),(b)) | ||
60 | #define SetAuditFuncText "setaudit_addr" | ||
61 | #define AUToSubjectFunc au_to_subject_ex | ||
62 | #define AUToReturnFunc(a,b) au_to_return32((a), (int32_t)(b)) | ||
63 | #else | ||
64 | #define AuditInfoStruct auditinfo | ||
65 | #define AuditInfoTermID au_tid_t | ||
66 | #define GetAuditFunc(a,b) getaudit(a) | ||
67 | #define GetAuditFuncText "getaudit" | ||
68 | #define SetAuditFunc(a,b) setaudit(a) | ||
69 | #define SetAuditFuncText "setaudit" | ||
70 | #define AUToSubjectFunc au_to_subject | ||
71 | #define AUToReturnFunc(a,b) au_to_return((a), (u_int)(b)) | ||
72 | #endif | ||
73 | |||
74 | extern int cannot_audit(int); | ||
75 | extern void aug_init(void); | ||
76 | extern dev_t aug_get_port(void); | ||
77 | extern int aug_get_machine(char *, u_int32_t *, u_int32_t *); | ||
78 | extern void aug_save_auid(au_id_t); | ||
79 | extern void aug_save_uid(uid_t); | ||
80 | extern void aug_save_euid(uid_t); | ||
81 | extern void aug_save_gid(gid_t); | ||
82 | extern void aug_save_egid(gid_t); | ||
83 | extern void aug_save_pid(pid_t); | ||
84 | extern void aug_save_asid(au_asid_t); | ||
85 | extern void aug_save_tid(dev_t, unsigned int); | ||
86 | extern void aug_save_tid_ex(dev_t, u_int32_t *, u_int32_t); | ||
87 | extern int aug_save_me(void); | ||
88 | extern int aug_save_namask(void); | ||
89 | extern void aug_save_event(au_event_t); | ||
90 | extern void aug_save_sorf(int); | ||
91 | extern void aug_save_text(char *); | ||
92 | extern void aug_save_text1(char *); | ||
93 | extern void aug_save_text2(char *); | ||
94 | extern void aug_save_na(int); | ||
95 | extern void aug_save_user(char *); | ||
96 | extern void aug_save_path(char *); | ||
97 | extern int aug_save_policy(void); | ||
98 | extern void aug_save_afunc(int (*)(int)); | ||
99 | extern int aug_audit(void); | ||
100 | extern int aug_na_selected(void); | ||
101 | extern int aug_selected(void); | ||
102 | extern int aug_daemon_session(void); | ||
103 | |||
104 | #ifndef HAVE_GETTEXT | ||
105 | # define gettext(a) (a) | ||
106 | #endif | ||
107 | |||
108 | extern Authctxt *the_authctxt; | ||
109 | static AuditInfoTermID ssh_bsm_tid; | ||
110 | |||
111 | /* Below is the low-level BSM interface code */ | ||
112 | |||
113 | /* | ||
114 | * Check if the specified event is selected (enabled) for auditing. | ||
115 | * Returns 1 if the event is selected, 0 if not and -1 on failure. | ||
116 | */ | ||
117 | static int | ||
118 | selected(char *username, uid_t uid, au_event_t event, int sf) | ||
119 | { | ||
120 | int rc, sorf; | ||
121 | char naflags[512]; | ||
122 | struct au_mask mask; | ||
123 | |||
124 | mask.am_success = mask.am_failure = 0; | ||
125 | if (uid < 0) { | ||
126 | /* get flags for non-attributable (to a real user) events */ | ||
127 | rc = getacna(naflags, sizeof(naflags)); | ||
128 | if (rc == 0) | ||
129 | (void) getauditflagsbin(naflags, &mask); | ||
130 | } else | ||
131 | rc = au_user_mask(username, &mask); | ||
132 | |||
133 | sorf = (sf == 0) ? AU_PRS_SUCCESS : AU_PRS_FAILURE; | ||
134 | return(au_preselect(event, &mask, sorf, AU_PRS_REREAD)); | ||
135 | } | ||
136 | |||
137 | static void | ||
138 | bsm_audit_record(int typ, char *string, au_event_t event_no) | ||
139 | { | ||
140 | int ad, rc, sel; | ||
141 | uid_t uid = -1; | ||
142 | gid_t gid = -1; | ||
143 | pid_t pid = getpid(); | ||
144 | AuditInfoTermID tid = ssh_bsm_tid; | ||
145 | |||
146 | if (the_authctxt != NULL && the_authctxt->valid) { | ||
147 | uid = the_authctxt->pw->pw_uid; | ||
148 | gid = the_authctxt->pw->pw_gid; | ||
149 | } | ||
150 | |||
151 | rc = (typ == 0) ? 0 : -1; | ||
152 | sel = selected(the_authctxt->user, uid, event_no, rc); | ||
153 | debug3("BSM audit: typ %d rc %d \"%s\"", typ, rc, string); | ||
154 | if (!sel) | ||
155 | return; /* audit event does not match mask, do not write */ | ||
156 | |||
157 | debug3("BSM audit: writing audit new record"); | ||
158 | ad = au_open(); | ||
159 | |||
160 | (void) au_write(ad, AUToSubjectFunc(uid, uid, gid, uid, gid, | ||
161 | pid, pid, &tid)); | ||
162 | (void) au_write(ad, au_to_text(string)); | ||
163 | (void) au_write(ad, AUToReturnFunc(typ, rc)); | ||
164 | |||
165 | rc = au_close(ad, AU_TO_WRITE, event_no); | ||
166 | if (rc < 0) | ||
167 | error("BSM audit: %s failed to write \"%s\" record: %s", | ||
168 | __func__, string, strerror(errno)); | ||
169 | } | ||
170 | |||
171 | static void | ||
172 | bsm_audit_session_setup(void) | ||
173 | { | ||
174 | int rc; | ||
175 | struct AuditInfoStruct info; | ||
176 | au_mask_t mask; | ||
177 | |||
178 | if (the_authctxt == NULL) { | ||
179 | error("BSM audit: session setup internal error (NULL ctxt)"); | ||
180 | return; | ||
181 | } | ||
182 | |||
183 | if (the_authctxt->valid) | ||
184 | info.ai_auid = the_authctxt->pw->pw_uid; | ||
185 | else | ||
186 | info.ai_auid = -1; | ||
187 | info.ai_asid = getpid(); | ||
188 | mask.am_success = 0; | ||
189 | mask.am_failure = 0; | ||
190 | |||
191 | (void) au_user_mask(the_authctxt->user, &mask); | ||
192 | |||
193 | info.ai_mask.am_success = mask.am_success; | ||
194 | info.ai_mask.am_failure = mask.am_failure; | ||
195 | |||
196 | info.ai_termid = ssh_bsm_tid; | ||
197 | |||
198 | rc = SetAuditFunc(&info, sizeof(info)); | ||
199 | if (rc < 0) | ||
200 | error("BSM audit: %s: %s failed: %s", __func__, | ||
201 | SetAuditFuncText, strerror(errno)); | ||
202 | } | ||
203 | |||
204 | static void | ||
205 | bsm_audit_bad_login(const char *what) | ||
206 | { | ||
207 | char textbuf[BSM_TEXTBUFSZ]; | ||
208 | |||
209 | if (the_authctxt->valid) { | ||
210 | (void) snprintf(textbuf, sizeof (textbuf), | ||
211 | gettext("invalid %s for user %s"), | ||
212 | what, the_authctxt->user); | ||
213 | bsm_audit_record(4, textbuf, AUE_openssh); | ||
214 | } else { | ||
215 | (void) snprintf(textbuf, sizeof (textbuf), | ||
216 | gettext("invalid user name \"%s\""), | ||
217 | the_authctxt->user); | ||
218 | bsm_audit_record(3, textbuf, AUE_openssh); | ||
219 | } | ||
220 | } | ||
221 | |||
222 | /* Below is the sshd audit API code */ | ||
223 | |||
224 | void | ||
225 | audit_connection_from(const char *host, int port) | ||
226 | { | ||
227 | AuditInfoTermID *tid = &ssh_bsm_tid; | ||
228 | char buf[1024]; | ||
229 | |||
230 | if (cannot_audit(0)) | ||
231 | return; | ||
232 | debug3("BSM audit: connection from %.100s port %d", host, port); | ||
233 | |||
234 | /* populate our terminal id structure */ | ||
235 | #if defined(HAVE_GETAUDIT_ADDR) | ||
236 | tid->at_port = (dev_t)port; | ||
237 | aug_get_machine((char *)host, &(tid->at_addr[0]), &(tid->at_type)); | ||
238 | snprintf(buf, sizeof(buf), "%08x %08x %08x %08x", tid->at_addr[0], | ||
239 | tid->at_addr[1], tid->at_addr[2], tid->at_addr[3]); | ||
240 | debug3("BSM audit: iptype %d machine ID %s", (int)tid->at_type, buf); | ||
241 | #else | ||
242 | /* this is used on IPv4-only machines */ | ||
243 | tid->port = (dev_t)port; | ||
244 | tid->machine = inet_addr(host); | ||
245 | snprintf(buf, sizeof(buf), "%08x", tid->machine); | ||
246 | debug3("BSM audit: machine ID %s", buf); | ||
247 | #endif | ||
248 | } | ||
249 | |||
250 | void | ||
251 | audit_run_command(const char *command) | ||
252 | { | ||
253 | /* not implemented */ | ||
254 | } | ||
255 | |||
256 | void | ||
257 | audit_session_open(const char *ttyn) | ||
258 | { | ||
259 | /* not implemented */ | ||
260 | } | ||
261 | |||
262 | void | ||
263 | audit_session_close(const char *ttyn) | ||
264 | { | ||
265 | /* not implemented */ | ||
266 | } | ||
267 | |||
268 | void | ||
269 | audit_event(ssh_audit_event_t event) | ||
270 | { | ||
271 | char textbuf[BSM_TEXTBUFSZ]; | ||
272 | static int logged_in = 0; | ||
273 | const char *user = the_authctxt ? the_authctxt->user : "(unknown user)"; | ||
274 | |||
275 | if (cannot_audit(0)) | ||
276 | return; | ||
277 | |||
278 | switch(event) { | ||
279 | case SSH_AUTH_SUCCESS: | ||
280 | logged_in = 1; | ||
281 | bsm_audit_session_setup(); | ||
282 | snprintf(textbuf, sizeof(textbuf), | ||
283 | gettext("successful login %s"), user); | ||
284 | bsm_audit_record(0, textbuf, AUE_openssh); | ||
285 | break; | ||
286 | |||
287 | case SSH_CONNECTION_CLOSE: | ||
288 | /* | ||
289 | * We can also get a close event if the user attempted auth | ||
290 | * but never succeeded. | ||
291 | */ | ||
292 | if (logged_in) { | ||
293 | snprintf(textbuf, sizeof(textbuf), | ||
294 | gettext("sshd logout %s"), the_authctxt->user); | ||
295 | bsm_audit_record(0, textbuf, AUE_logout); | ||
296 | } else { | ||
297 | debug("%s: connection closed without authentication", | ||
298 | __func__); | ||
299 | } | ||
300 | break; | ||
301 | |||
302 | case SSH_NOLOGIN: | ||
303 | bsm_audit_record(1, | ||
304 | gettext("logins disabled by /etc/nologin"), AUE_openssh); | ||
305 | break; | ||
306 | |||
307 | case SSH_LOGIN_EXCEED_MAXTRIES: | ||
308 | snprintf(textbuf, sizeof(textbuf), | ||
309 | gettext("too many tries for user %s"), the_authctxt->user); | ||
310 | bsm_audit_record(1, textbuf, AUE_openssh); | ||
311 | break; | ||
312 | |||
313 | case SSH_LOGIN_ROOT_DENIED: | ||
314 | bsm_audit_record(2, gettext("not_console"), AUE_openssh); | ||
315 | break; | ||
316 | |||
317 | case SSH_AUTH_FAIL_PASSWD: | ||
318 | bsm_audit_bad_login("password"); | ||
319 | break; | ||
320 | |||
321 | case SSH_AUTH_FAIL_KBDINT: | ||
322 | bsm_audit_bad_login("interactive password entry"); | ||
323 | break; | ||
324 | |||
325 | default: | ||
326 | debug("%s: unhandled event %d", __func__, event); | ||
327 | } | ||
328 | } | ||
329 | #endif /* BSM */ | ||
diff --git a/audit.c b/audit.c new file mode 100644 index 000000000..18fc41047 --- /dev/null +++ b/audit.c | |||
@@ -0,0 +1,181 @@ | |||
1 | /* $Id: audit.c,v 1.2 2005/02/08 10:52:48 dtucker Exp $ */ | ||
2 | |||
3 | /* | ||
4 | * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved. | ||
5 | * | ||
6 | * Redistribution and use in source and binary forms, with or without | ||
7 | * modification, are permitted provided that the following conditions | ||
8 | * are met: | ||
9 | * 1. Redistributions of source code must retain the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer. | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in the | ||
13 | * documentation and/or other materials provided with the distribution. | ||
14 | * | ||
15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
25 | */ | ||
26 | |||
27 | #include "includes.h" | ||
28 | |||
29 | #ifdef SSH_AUDIT_EVENTS | ||
30 | |||
31 | #include "audit.h" | ||
32 | #include "log.h" | ||
33 | #include "auth.h" | ||
34 | |||
35 | /* | ||
36 | * Care must be taken when using this since it WILL NOT be initialized when | ||
37 | * audit_connection_from() is called and MAY NOT be initialized when | ||
38 | * audit_event(CONNECTION_ABANDON) is called. Test for NULL before using. | ||
39 | */ | ||
40 | extern Authctxt *the_authctxt; | ||
41 | |||
42 | /* Maybe add the audit class to struct Authmethod? */ | ||
43 | ssh_audit_event_t | ||
44 | audit_classify_auth(const char *method) | ||
45 | { | ||
46 | if (strcmp(method, "none") == 0) | ||
47 | return SSH_AUTH_FAIL_NONE; | ||
48 | else if (strcmp(method, "password") == 0) | ||
49 | return SSH_AUTH_FAIL_PASSWD; | ||
50 | else if (strcmp(method, "publickey") == 0 || | ||
51 | strcmp(method, "rsa") == 0) | ||
52 | return SSH_AUTH_FAIL_PUBKEY; | ||
53 | else if (strncmp(method, "keyboard-interactive", 20) == 0 || | ||
54 | strcmp(method, "challenge-response") == 0) | ||
55 | return SSH_AUTH_FAIL_KBDINT; | ||
56 | else if (strcmp(method, "hostbased") == 0 || | ||
57 | strcmp(method, "rhosts-rsa") == 0) | ||
58 | return SSH_AUTH_FAIL_HOSTBASED; | ||
59 | else if (strcmp(method, "gssapi-with-mic") == 0) | ||
60 | return SSH_AUTH_FAIL_GSSAPI; | ||
61 | else | ||
62 | return SSH_AUDIT_UNKNOWN; | ||
63 | } | ||
64 | |||
65 | /* helper to return supplied username */ | ||
66 | const char * | ||
67 | audit_username(void) | ||
68 | { | ||
69 | static const char unknownuser[] = "(unknown user)"; | ||
70 | static const char invaliduser[] = "(invalid user)"; | ||
71 | |||
72 | if (the_authctxt == NULL || the_authctxt->user == NULL) | ||
73 | return (unknownuser); | ||
74 | if (!the_authctxt->valid) | ||
75 | return (invaliduser); | ||
76 | return (the_authctxt->user); | ||
77 | } | ||
78 | |||
79 | const char * | ||
80 | audit_event_lookup(ssh_audit_event_t ev) | ||
81 | { | ||
82 | int i; | ||
83 | static struct event_lookup_struct { | ||
84 | ssh_audit_event_t event; | ||
85 | const char *name; | ||
86 | } event_lookup[] = { | ||
87 | {SSH_LOGIN_EXCEED_MAXTRIES, "LOGIN_EXCEED_MAXTRIES"}, | ||
88 | {SSH_LOGIN_ROOT_DENIED, "LOGIN_ROOT_DENIED"}, | ||
89 | {SSH_AUTH_SUCCESS, "AUTH_SUCCESS"}, | ||
90 | {SSH_AUTH_FAIL_NONE, "AUTH_FAIL_NONE"}, | ||
91 | {SSH_AUTH_FAIL_PASSWD, "AUTH_FAIL_PASSWD"}, | ||
92 | {SSH_AUTH_FAIL_KBDINT, "AUTH_FAIL_KBDINT"}, | ||
93 | {SSH_AUTH_FAIL_PUBKEY, "AUTH_FAIL_PUBKEY"}, | ||
94 | {SSH_AUTH_FAIL_HOSTBASED, "AUTH_FAIL_HOSTBASED"}, | ||
95 | {SSH_AUTH_FAIL_GSSAPI, "AUTH_FAIL_GSSAPI"}, | ||
96 | {SSH_INVALID_USER, "INVALID_USER"}, | ||
97 | {SSH_NOLOGIN, "NOLOGIN"}, | ||
98 | {SSH_CONNECTION_CLOSE, "CONNECTION_CLOSE"}, | ||
99 | {SSH_CONNECTION_ABANDON, "CONNECTION_ABANDON"}, | ||
100 | {SSH_AUDIT_UNKNOWN, "AUDIT_UNKNOWN"} | ||
101 | }; | ||
102 | |||
103 | for (i = 0; event_lookup[i].event != SSH_AUDIT_UNKNOWN; i++) | ||
104 | if (event_lookup[i].event == ev) | ||
105 | break; | ||
106 | return(event_lookup[i].name); | ||
107 | } | ||
108 | |||
109 | # ifndef CUSTOM_SSH_AUDIT_EVENTS | ||
110 | /* | ||
111 | * Null implementations of audit functions. | ||
112 | * These get used if SSH_AUDIT_EVENTS is defined but no audit module is enabled. | ||
113 | */ | ||
114 | |||
115 | /* | ||
116 | * Called after a connection has been accepted but before any authentication | ||
117 | * has been attempted. | ||
118 | */ | ||
119 | void | ||
120 | audit_connection_from(const char *host, int port) | ||
121 | { | ||
122 | debug("audit connection from %s port %d euid %d", host, port, | ||
123 | (int)geteuid()); | ||
124 | } | ||
125 | |||
126 | /* | ||
127 | * Called when various events occur (see audit.h for a list of possible | ||
128 | * events and what they mean). | ||
129 | */ | ||
130 | void | ||
131 | audit_event(ssh_audit_event_t event) | ||
132 | { | ||
133 | debug("audit event euid %d user %s event %d (%s)", geteuid(), | ||
134 | audit_username(), event, audit_event_lookup(event)); | ||
135 | } | ||
136 | |||
137 | /* | ||
138 | * Called when a user session is started. Argument is the tty allocated to | ||
139 | * the session, or NULL if no tty was allocated. | ||
140 | * | ||
141 | * Note that this may be called multiple times if multiple sessions are used | ||
142 | * within a single connection. | ||
143 | */ | ||
144 | void | ||
145 | audit_session_open(const char *ttyn) | ||
146 | { | ||
147 | const char *t = ttyn ? ttyn : "(no tty)"; | ||
148 | |||
149 | debug("audit session open euid %d user %s tty name %s", geteuid(), | ||
150 | audit_username(), t); | ||
151 | } | ||
152 | |||
153 | /* | ||
154 | * Called when a user session is closed. Argument is the tty allocated to | ||
155 | * the session, or NULL if no tty was allocated. | ||
156 | * | ||
157 | * Note that this may be called multiple times if multiple sessions are used | ||
158 | * within a single connection. | ||
159 | */ | ||
160 | void | ||
161 | audit_session_close(const char *ttyn) | ||
162 | { | ||
163 | const char *t = ttyn ? ttyn : "(no tty)"; | ||
164 | |||
165 | debug("audit session close euid %d user %s tty name %s", geteuid(), | ||
166 | audit_username(), t); | ||
167 | } | ||
168 | |||
169 | /* | ||
170 | * This will be called when a user runs a non-interactive command. Note that | ||
171 | * it may be called multiple times for a single connection since SSH2 allows | ||
172 | * multiple sessions within a single connection. | ||
173 | */ | ||
174 | void | ||
175 | audit_run_command(const char *command) | ||
176 | { | ||
177 | debug("audit run command euid %d user %s command '%.200s'", geteuid(), | ||
178 | audit_username(), command); | ||
179 | } | ||
180 | # endif /* !defined CUSTOM_SSH_AUDIT_EVENTS */ | ||
181 | #endif /* SSH_AUDIT_EVENTS */ | ||
diff --git a/audit.h b/audit.h new file mode 100644 index 000000000..78e58966f --- /dev/null +++ b/audit.h | |||
@@ -0,0 +1,56 @@ | |||
1 | /* $Id: audit.h,v 1.2 2005/02/08 10:52:48 dtucker Exp $ */ | ||
2 | |||
3 | /* | ||
4 | * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved. | ||
5 | * | ||
6 | * Redistribution and use in source and binary forms, with or without | ||
7 | * modification, are permitted provided that the following conditions | ||
8 | * are met: | ||
9 | * 1. Redistributions of source code must retain the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer. | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in the | ||
13 | * documentation and/or other materials provided with the distribution. | ||
14 | * | ||
15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
25 | */ | ||
26 | |||
27 | #include "auth.h" | ||
28 | |||
29 | #ifndef _SSH_AUDIT_H | ||
30 | # define _SSH_AUDIT_H | ||
31 | enum ssh_audit_event_type { | ||
32 | SSH_LOGIN_EXCEED_MAXTRIES, | ||
33 | SSH_LOGIN_ROOT_DENIED, | ||
34 | SSH_AUTH_SUCCESS, | ||
35 | SSH_AUTH_FAIL_NONE, | ||
36 | SSH_AUTH_FAIL_PASSWD, | ||
37 | SSH_AUTH_FAIL_KBDINT, /* keyboard-interactive or challenge-response */ | ||
38 | SSH_AUTH_FAIL_PUBKEY, /* ssh2 pubkey or ssh1 rsa */ | ||
39 | SSH_AUTH_FAIL_HOSTBASED, /* ssh2 hostbased or ssh1 rhostsrsa */ | ||
40 | SSH_AUTH_FAIL_GSSAPI, | ||
41 | SSH_INVALID_USER, | ||
42 | SSH_NOLOGIN, /* denied by /etc/nologin, not implemented */ | ||
43 | SSH_CONNECTION_CLOSE, /* closed after attempting auth or session */ | ||
44 | SSH_CONNECTION_ABANDON, /* closed without completing auth */ | ||
45 | SSH_AUDIT_UNKNOWN | ||
46 | }; | ||
47 | typedef enum ssh_audit_event_type ssh_audit_event_t; | ||
48 | |||
49 | void audit_connection_from(const char *, int); | ||
50 | void audit_event(ssh_audit_event_t); | ||
51 | void audit_session_open(const char *); | ||
52 | void audit_session_close(const char *); | ||
53 | void audit_run_command(const char *); | ||
54 | ssh_audit_event_t audit_classify_auth(const char *); | ||
55 | |||
56 | #endif /* _SSH_AUDIT_H */ | ||
diff --git a/auth-bsdauth.c b/auth-bsdauth.c index 2ac27a7a2..920c977d8 100644 --- a/auth-bsdauth.c +++ b/auth-bsdauth.c | |||
@@ -22,7 +22,7 @@ | |||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | */ | 23 | */ |
24 | #include "includes.h" | 24 | #include "includes.h" |
25 | RCSID("$OpenBSD: auth-bsdauth.c,v 1.5 2002/06/30 21:59:45 deraadt Exp $"); | 25 | RCSID("$OpenBSD: auth-bsdauth.c,v 1.6 2005/01/19 13:11:47 dtucker Exp $"); |
26 | 26 | ||
27 | #ifdef BSD_AUTH | 27 | #ifdef BSD_AUTH |
28 | #include "xmalloc.h" | 28 | #include "xmalloc.h" |
@@ -83,6 +83,9 @@ bsdauth_respond(void *ctx, u_int numresponses, char **responses) | |||
83 | Authctxt *authctxt = ctx; | 83 | Authctxt *authctxt = ctx; |
84 | int authok; | 84 | int authok; |
85 | 85 | ||
86 | if (!authctxt->valid) | ||
87 | return -1; | ||
88 | |||
86 | if (authctxt->as == 0) | 89 | if (authctxt->as == 0) |
87 | error("bsdauth_respond: no bsd auth session"); | 90 | error("bsdauth_respond: no bsd auth session"); |
88 | 91 | ||
diff --git a/auth-chall.c b/auth-chall.c index a9d314dd2..e4f783096 100644 --- a/auth-chall.c +++ b/auth-chall.c | |||
@@ -28,11 +28,13 @@ RCSID("$OpenBSD: auth-chall.c,v 1.9 2003/11/03 09:03:37 djm Exp $"); | |||
28 | #include "auth.h" | 28 | #include "auth.h" |
29 | #include "log.h" | 29 | #include "log.h" |
30 | #include "xmalloc.h" | 30 | #include "xmalloc.h" |
31 | #include "servconf.h" | ||
31 | 32 | ||
32 | /* limited protocol v1 interface to kbd-interactive authentication */ | 33 | /* limited protocol v1 interface to kbd-interactive authentication */ |
33 | 34 | ||
34 | extern KbdintDevice *devices[]; | 35 | extern KbdintDevice *devices[]; |
35 | static KbdintDevice *device; | 36 | static KbdintDevice *device; |
37 | extern ServerOptions options; | ||
36 | 38 | ||
37 | char * | 39 | char * |
38 | get_challenge(Authctxt *authctxt) | 40 | get_challenge(Authctxt *authctxt) |
@@ -41,6 +43,11 @@ get_challenge(Authctxt *authctxt) | |||
41 | u_int i, numprompts; | 43 | u_int i, numprompts; |
42 | u_int *echo_on; | 44 | u_int *echo_on; |
43 | 45 | ||
46 | #ifdef USE_PAM | ||
47 | if (!options.use_pam) | ||
48 | remove_kbdint_device("pam"); | ||
49 | #endif | ||
50 | |||
44 | device = devices[0]; /* we always use the 1st device for protocol 1 */ | 51 | device = devices[0]; /* we always use the 1st device for protocol 1 */ |
45 | if (device == NULL) | 52 | if (device == NULL) |
46 | return NULL; | 53 | return NULL; |
diff --git a/auth-krb5.c b/auth-krb5.c index a324ff15c..2f742534a 100644 --- a/auth-krb5.c +++ b/auth-krb5.c | |||
@@ -187,6 +187,11 @@ auth_krb5_password(Authctxt *authctxt, const char *password) | |||
187 | snprintf(authctxt->krb5_ccname, len, "FILE:%s", | 187 | snprintf(authctxt->krb5_ccname, len, "FILE:%s", |
188 | authctxt->krb5_ticket_file); | 188 | authctxt->krb5_ticket_file); |
189 | 189 | ||
190 | #ifdef USE_PAM | ||
191 | if (options.use_pam) | ||
192 | do_pam_putenv("KRB5CCNAME", authctxt->krb5_ccname); | ||
193 | #endif | ||
194 | |||
190 | out: | 195 | out: |
191 | restore_uid(); | 196 | restore_uid(); |
192 | 197 | ||
diff --git a/auth-options.c b/auth-options.c index 0e146ab15..04d12d66e 100644 --- a/auth-options.c +++ b/auth-options.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: auth-options.c,v 1.28 2003/06/02 09:17:34 markus Exp $"); | 13 | RCSID("$OpenBSD: auth-options.c,v 1.29 2005/03/01 10:09:52 djm Exp $"); |
14 | 14 | ||
15 | #include "xmalloc.h" | 15 | #include "xmalloc.h" |
16 | #include "match.h" | 16 | #include "match.h" |
@@ -217,7 +217,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
217 | } | 217 | } |
218 | cp = "permitopen=\""; | 218 | cp = "permitopen=\""; |
219 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { | 219 | if (strncasecmp(opts, cp, strlen(cp)) == 0) { |
220 | char host[256], sport[6]; | 220 | char *host, *p; |
221 | u_short port; | 221 | u_short port; |
222 | char *patterns = xmalloc(strlen(opts) + 1); | 222 | char *patterns = xmalloc(strlen(opts) + 1); |
223 | 223 | ||
@@ -236,25 +236,29 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) | |||
236 | if (!*opts) { | 236 | if (!*opts) { |
237 | debug("%.100s, line %lu: missing end quote", | 237 | debug("%.100s, line %lu: missing end quote", |
238 | file, linenum); | 238 | file, linenum); |
239 | auth_debug_add("%.100s, line %lu: missing end quote", | 239 | auth_debug_add("%.100s, line %lu: missing " |
240 | file, linenum); | 240 | "end quote", file, linenum); |
241 | xfree(patterns); | 241 | xfree(patterns); |
242 | goto bad_option; | 242 | goto bad_option; |
243 | } | 243 | } |
244 | patterns[i] = 0; | 244 | patterns[i] = 0; |
245 | opts++; | 245 | opts++; |
246 | if (sscanf(patterns, "%255[^:]:%5[0-9]", host, sport) != 2 && | 246 | p = patterns; |
247 | sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) { | 247 | host = hpdelim(&p); |
248 | debug("%.100s, line %lu: Bad permitopen specification " | 248 | if (host == NULL || strlen(host) >= NI_MAXHOST) { |
249 | "<%.100s>", file, linenum, patterns); | 249 | debug("%.100s, line %lu: Bad permitopen " |
250 | "specification <%.100s>", file, linenum, | ||
251 | patterns); | ||
250 | auth_debug_add("%.100s, line %lu: " | 252 | auth_debug_add("%.100s, line %lu: " |
251 | "Bad permitopen specification", file, linenum); | 253 | "Bad permitopen specification", file, |
254 | linenum); | ||
252 | xfree(patterns); | 255 | xfree(patterns); |
253 | goto bad_option; | 256 | goto bad_option; |
254 | } | 257 | } |
255 | if ((port = a2port(sport)) == 0) { | 258 | host = cleanhostname(host); |
256 | debug("%.100s, line %lu: Bad permitopen port <%.100s>", | 259 | if (p == NULL || (port = a2port(p)) == 0) { |
257 | file, linenum, sport); | 260 | debug("%.100s, line %lu: Bad permitopen port " |
261 | "<%.100s>", file, linenum, p ? p : ""); | ||
258 | auth_debug_add("%.100s, line %lu: " | 262 | auth_debug_add("%.100s, line %lu: " |
259 | "Bad permitopen port", file, linenum); | 263 | "Bad permitopen port", file, linenum); |
260 | xfree(patterns); | 264 | xfree(patterns); |
diff --git a/auth-pam.c b/auth-pam.c index 147f4f8bb..6ce8c429b 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -47,7 +47,7 @@ | |||
47 | 47 | ||
48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
49 | #include "includes.h" | 49 | #include "includes.h" |
50 | RCSID("$Id: auth-pam.c,v 1.114 2004/08/16 13:12:06 dtucker Exp $"); | 50 | RCSID("$Id: auth-pam.c,v 1.121 2005/01/20 02:29:51 dtucker Exp $"); |
51 | 51 | ||
52 | #ifdef USE_PAM | 52 | #ifdef USE_PAM |
53 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
@@ -185,8 +185,8 @@ static int sshpam_cred_established = 0; | |||
185 | static int sshpam_account_status = -1; | 185 | static int sshpam_account_status = -1; |
186 | static char **sshpam_env = NULL; | 186 | static char **sshpam_env = NULL; |
187 | static Authctxt *sshpam_authctxt = NULL; | 187 | static Authctxt *sshpam_authctxt = NULL; |
188 | static char badpw[] = "\b\n\r\177INCORRECT"; | ||
189 | static const char *sshpam_password = NULL; | 188 | static const char *sshpam_password = NULL; |
189 | static char badpw[] = "\b\n\r\177INCORRECT"; | ||
190 | 190 | ||
191 | /* Some PAM implementations don't implement this */ | 191 | /* Some PAM implementations don't implement this */ |
192 | #ifndef HAVE_PAM_GETENVLIST | 192 | #ifndef HAVE_PAM_GETENVLIST |
@@ -491,6 +491,51 @@ sshpam_null_conv(int n, struct pam_message **msg, | |||
491 | 491 | ||
492 | static struct pam_conv null_conv = { sshpam_null_conv, NULL }; | 492 | static struct pam_conv null_conv = { sshpam_null_conv, NULL }; |
493 | 493 | ||
494 | static int | ||
495 | sshpam_store_conv(int n, struct pam_message **msg, | ||
496 | struct pam_response **resp, void *data) | ||
497 | { | ||
498 | struct pam_response *reply; | ||
499 | int i; | ||
500 | size_t len; | ||
501 | |||
502 | debug3("PAM: %s called with %d messages", __func__, n); | ||
503 | *resp = NULL; | ||
504 | |||
505 | if (n <= 0 || n > PAM_MAX_NUM_MSG) | ||
506 | return (PAM_CONV_ERR); | ||
507 | |||
508 | if ((reply = malloc(n * sizeof(*reply))) == NULL) | ||
509 | return (PAM_CONV_ERR); | ||
510 | memset(reply, 0, n * sizeof(*reply)); | ||
511 | |||
512 | for (i = 0; i < n; ++i) { | ||
513 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { | ||
514 | case PAM_ERROR_MSG: | ||
515 | case PAM_TEXT_INFO: | ||
516 | len = strlen(PAM_MSG_MEMBER(msg, i, msg)); | ||
517 | buffer_append(&loginmsg, PAM_MSG_MEMBER(msg, i, msg), len); | ||
518 | buffer_append(&loginmsg, "\n", 1 ); | ||
519 | reply[i].resp_retcode = PAM_SUCCESS; | ||
520 | break; | ||
521 | default: | ||
522 | goto fail; | ||
523 | } | ||
524 | } | ||
525 | *resp = reply; | ||
526 | return (PAM_SUCCESS); | ||
527 | |||
528 | fail: | ||
529 | for(i = 0; i < n; i++) { | ||
530 | if (reply[i].resp != NULL) | ||
531 | xfree(reply[i].resp); | ||
532 | } | ||
533 | xfree(reply); | ||
534 | return (PAM_CONV_ERR); | ||
535 | } | ||
536 | |||
537 | static struct pam_conv store_conv = { sshpam_store_conv, NULL }; | ||
538 | |||
494 | void | 539 | void |
495 | sshpam_cleanup(void) | 540 | sshpam_cleanup(void) |
496 | { | 541 | { |
@@ -528,7 +573,7 @@ sshpam_init(Authctxt *authctxt) | |||
528 | } | 573 | } |
529 | debug("PAM: initializing for \"%s\"", user); | 574 | debug("PAM: initializing for \"%s\"", user); |
530 | sshpam_err = | 575 | sshpam_err = |
531 | pam_start(SSHD_PAM_SERVICE, user, &null_conv, &sshpam_handle); | 576 | pam_start(SSHD_PAM_SERVICE, user, &store_conv, &sshpam_handle); |
532 | sshpam_authctxt = authctxt; | 577 | sshpam_authctxt = authctxt; |
533 | 578 | ||
534 | if (sshpam_err != PAM_SUCCESS) { | 579 | if (sshpam_err != PAM_SUCCESS) { |
@@ -610,7 +655,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
610 | size_t plen; | 655 | size_t plen; |
611 | u_char type; | 656 | u_char type; |
612 | char *msg; | 657 | char *msg; |
613 | size_t len; | 658 | size_t len, mlen; |
614 | 659 | ||
615 | debug3("PAM: %s entering", __func__); | 660 | debug3("PAM: %s entering", __func__); |
616 | buffer_init(&buffer); | 661 | buffer_init(&buffer); |
@@ -623,22 +668,27 @@ sshpam_query(void *ctx, char **name, char **info, | |||
623 | while (ssh_msg_recv(ctxt->pam_psock, &buffer) == 0) { | 668 | while (ssh_msg_recv(ctxt->pam_psock, &buffer) == 0) { |
624 | type = buffer_get_char(&buffer); | 669 | type = buffer_get_char(&buffer); |
625 | msg = buffer_get_string(&buffer, NULL); | 670 | msg = buffer_get_string(&buffer, NULL); |
671 | mlen = strlen(msg); | ||
626 | switch (type) { | 672 | switch (type) { |
627 | case PAM_PROMPT_ECHO_ON: | 673 | case PAM_PROMPT_ECHO_ON: |
628 | case PAM_PROMPT_ECHO_OFF: | 674 | case PAM_PROMPT_ECHO_OFF: |
629 | *num = 1; | 675 | *num = 1; |
630 | len = plen + strlen(msg) + 1; | 676 | len = plen + mlen + 1; |
631 | **prompts = xrealloc(**prompts, len); | 677 | **prompts = xrealloc(**prompts, len); |
632 | plen += snprintf(**prompts + plen, len, "%s", msg); | 678 | strlcpy(**prompts + plen, msg, len - plen); |
679 | plen += mlen; | ||
633 | **echo_on = (type == PAM_PROMPT_ECHO_ON); | 680 | **echo_on = (type == PAM_PROMPT_ECHO_ON); |
634 | xfree(msg); | 681 | xfree(msg); |
635 | return (0); | 682 | return (0); |
636 | case PAM_ERROR_MSG: | 683 | case PAM_ERROR_MSG: |
637 | case PAM_TEXT_INFO: | 684 | case PAM_TEXT_INFO: |
638 | /* accumulate messages */ | 685 | /* accumulate messages */ |
639 | len = plen + strlen(msg) + 2; | 686 | len = plen + mlen + 2; |
640 | **prompts = xrealloc(**prompts, len); | 687 | **prompts = xrealloc(**prompts, len); |
641 | plen += snprintf(**prompts + plen, len, "%s\n", msg); | 688 | strlcpy(**prompts + plen, msg, len - plen); |
689 | plen += mlen; | ||
690 | strlcat(**prompts + plen, "\n", len - plen); | ||
691 | plen++; | ||
642 | xfree(msg); | 692 | xfree(msg); |
643 | break; | 693 | break; |
644 | case PAM_SUCCESS: | 694 | case PAM_SUCCESS: |
@@ -652,6 +702,12 @@ sshpam_query(void *ctx, char **name, char **info, | |||
652 | **prompts = NULL; | 702 | **prompts = NULL; |
653 | } | 703 | } |
654 | if (type == PAM_SUCCESS) { | 704 | if (type == PAM_SUCCESS) { |
705 | if (!sshpam_authctxt->valid || | ||
706 | (sshpam_authctxt->pw->pw_uid == 0 && | ||
707 | options.permit_root_login != PERMIT_YES)) | ||
708 | fatal("Internal error: PAM auth " | ||
709 | "succeeded when it should have " | ||
710 | "failed"); | ||
655 | import_environments(&buffer); | 711 | import_environments(&buffer); |
656 | *num = 0; | 712 | *num = 0; |
657 | **echo_on = 0; | 713 | **echo_on = 0; |
@@ -765,11 +821,13 @@ finish_pam(void) | |||
765 | u_int | 821 | u_int |
766 | do_pam_account(void) | 822 | do_pam_account(void) |
767 | { | 823 | { |
824 | debug("%s: called", __func__); | ||
768 | if (sshpam_account_status != -1) | 825 | if (sshpam_account_status != -1) |
769 | return (sshpam_account_status); | 826 | return (sshpam_account_status); |
770 | 827 | ||
771 | sshpam_err = pam_acct_mgmt(sshpam_handle, 0); | 828 | sshpam_err = pam_acct_mgmt(sshpam_handle, 0); |
772 | debug3("PAM: %s pam_acct_mgmt = %d", __func__, sshpam_err); | 829 | debug3("PAM: %s pam_acct_mgmt = %d (%s)", __func__, sshpam_err, |
830 | pam_strerror(sshpam_handle, sshpam_err)); | ||
773 | 831 | ||
774 | if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) { | 832 | if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) { |
775 | sshpam_account_status = 0; | 833 | sshpam_account_status = 0; |
@@ -799,7 +857,7 @@ void | |||
799 | do_pam_setcred(int init) | 857 | do_pam_setcred(int init) |
800 | { | 858 | { |
801 | sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, | 859 | sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, |
802 | (const void *)&null_conv); | 860 | (const void *)&store_conv); |
803 | if (sshpam_err != PAM_SUCCESS) | 861 | if (sshpam_err != PAM_SUCCESS) |
804 | fatal("PAM: failed to set PAM_CONV: %s", | 862 | fatal("PAM: failed to set PAM_CONV: %s", |
805 | pam_strerror(sshpam_handle, sshpam_err)); | 863 | pam_strerror(sshpam_handle, sshpam_err)); |
@@ -900,51 +958,6 @@ do_pam_chauthtok(void) | |||
900 | pam_strerror(sshpam_handle, sshpam_err)); | 958 | pam_strerror(sshpam_handle, sshpam_err)); |
901 | } | 959 | } |
902 | 960 | ||
903 | static int | ||
904 | sshpam_store_conv(int n, struct pam_message **msg, | ||
905 | struct pam_response **resp, void *data) | ||
906 | { | ||
907 | struct pam_response *reply; | ||
908 | int i; | ||
909 | size_t len; | ||
910 | |||
911 | debug3("PAM: %s called with %d messages", __func__, n); | ||
912 | *resp = NULL; | ||
913 | |||
914 | if (n <= 0 || n > PAM_MAX_NUM_MSG) | ||
915 | return (PAM_CONV_ERR); | ||
916 | |||
917 | if ((reply = malloc(n * sizeof(*reply))) == NULL) | ||
918 | return (PAM_CONV_ERR); | ||
919 | memset(reply, 0, n * sizeof(*reply)); | ||
920 | |||
921 | for (i = 0; i < n; ++i) { | ||
922 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { | ||
923 | case PAM_ERROR_MSG: | ||
924 | case PAM_TEXT_INFO: | ||
925 | len = strlen(PAM_MSG_MEMBER(msg, i, msg)); | ||
926 | buffer_append(&loginmsg, PAM_MSG_MEMBER(msg, i, msg), len); | ||
927 | buffer_append(&loginmsg, "\n", 1 ); | ||
928 | reply[i].resp_retcode = PAM_SUCCESS; | ||
929 | break; | ||
930 | default: | ||
931 | goto fail; | ||
932 | } | ||
933 | } | ||
934 | *resp = reply; | ||
935 | return (PAM_SUCCESS); | ||
936 | |||
937 | fail: | ||
938 | for(i = 0; i < n; i++) { | ||
939 | if (reply[i].resp != NULL) | ||
940 | xfree(reply[i].resp); | ||
941 | } | ||
942 | xfree(reply); | ||
943 | return (PAM_CONV_ERR); | ||
944 | } | ||
945 | |||
946 | static struct pam_conv store_conv = { sshpam_store_conv, NULL }; | ||
947 | |||
948 | void | 961 | void |
949 | do_pam_session(void) | 962 | do_pam_session(void) |
950 | { | 963 | { |
@@ -955,10 +968,21 @@ do_pam_session(void) | |||
955 | fatal("PAM: failed to set PAM_CONV: %s", | 968 | fatal("PAM: failed to set PAM_CONV: %s", |
956 | pam_strerror(sshpam_handle, sshpam_err)); | 969 | pam_strerror(sshpam_handle, sshpam_err)); |
957 | sshpam_err = pam_open_session(sshpam_handle, 0); | 970 | sshpam_err = pam_open_session(sshpam_handle, 0); |
958 | if (sshpam_err != PAM_SUCCESS) | 971 | if (sshpam_err == PAM_SUCCESS) |
959 | fatal("PAM: pam_open_session(): %s", | 972 | sshpam_session_open = 1; |
973 | else { | ||
974 | sshpam_session_open = 0; | ||
975 | disable_forwarding(); | ||
976 | error("PAM: pam_open_session(): %s", | ||
960 | pam_strerror(sshpam_handle, sshpam_err)); | 977 | pam_strerror(sshpam_handle, sshpam_err)); |
961 | sshpam_session_open = 1; | 978 | } |
979 | |||
980 | } | ||
981 | |||
982 | int | ||
983 | is_pam_session_open(void) | ||
984 | { | ||
985 | return sshpam_session_open; | ||
962 | } | 986 | } |
963 | 987 | ||
964 | /* | 988 | /* |
diff --git a/auth-pam.h b/auth-pam.h index f479413d7..a1a2b52d8 100644 --- a/auth-pam.h +++ b/auth-pam.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: auth-pam.h,v 1.26 2004/05/30 10:43:59 dtucker Exp $ */ | 1 | /* $Id: auth-pam.h,v 1.27 2004/09/11 12:17:26 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2000 Damien Miller. All rights reserved. |
@@ -45,5 +45,6 @@ void free_pam_environment(char **); | |||
45 | void sshpam_thread_cleanup(void); | 45 | void sshpam_thread_cleanup(void); |
46 | void sshpam_cleanup(void); | 46 | void sshpam_cleanup(void); |
47 | int sshpam_auth_passwd(Authctxt *, const char *); | 47 | int sshpam_auth_passwd(Authctxt *, const char *); |
48 | int is_pam_session_open(void); | ||
48 | 49 | ||
49 | #endif /* USE_PAM */ | 50 | #endif /* USE_PAM */ |
diff --git a/auth-passwd.c b/auth-passwd.c index 7a68e0562..27ece3f72 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
@@ -36,17 +36,27 @@ | |||
36 | */ | 36 | */ |
37 | 37 | ||
38 | #include "includes.h" | 38 | #include "includes.h" |
39 | RCSID("$OpenBSD: auth-passwd.c,v 1.31 2004/01/30 09:48:57 markus Exp $"); | 39 | RCSID("$OpenBSD: auth-passwd.c,v 1.33 2005/01/24 11:47:13 dtucker Exp $"); |
40 | 40 | ||
41 | #include "packet.h" | 41 | #include "packet.h" |
42 | #include "buffer.h" | ||
42 | #include "log.h" | 43 | #include "log.h" |
43 | #include "servconf.h" | 44 | #include "servconf.h" |
44 | #include "auth.h" | 45 | #include "auth.h" |
45 | #include "auth-options.h" | 46 | #include "auth-options.h" |
46 | 47 | ||
48 | extern Buffer loginmsg; | ||
47 | extern ServerOptions options; | 49 | extern ServerOptions options; |
48 | int sys_auth_passwd(Authctxt *, const char *); | 50 | int sys_auth_passwd(Authctxt *, const char *); |
49 | 51 | ||
52 | #ifdef HAVE_LOGIN_CAP | ||
53 | extern login_cap_t *lc; | ||
54 | #endif | ||
55 | |||
56 | |||
57 | #define DAY (24L * 60 * 60) /* 1 day in seconds */ | ||
58 | #define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */ | ||
59 | |||
50 | void | 60 | void |
51 | disable_forwarding(void) | 61 | disable_forwarding(void) |
52 | { | 62 | { |
@@ -63,7 +73,7 @@ int | |||
63 | auth_password(Authctxt *authctxt, const char *password) | 73 | auth_password(Authctxt *authctxt, const char *password) |
64 | { | 74 | { |
65 | struct passwd * pw = authctxt->pw; | 75 | struct passwd * pw = authctxt->pw; |
66 | int ok = authctxt->valid; | 76 | int result, ok = authctxt->valid; |
67 | #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) | 77 | #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) |
68 | static int expire_checked = 0; | 78 | static int expire_checked = 0; |
69 | #endif | 79 | #endif |
@@ -100,22 +110,57 @@ auth_password(Authctxt *authctxt, const char *password) | |||
100 | #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) | 110 | #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) |
101 | if (!expire_checked) { | 111 | if (!expire_checked) { |
102 | expire_checked = 1; | 112 | expire_checked = 1; |
103 | if (auth_shadow_pwexpired(authctxt)) { | 113 | if (auth_shadow_pwexpired(authctxt)) |
104 | disable_forwarding(); | ||
105 | authctxt->force_pwchange = 1; | 114 | authctxt->force_pwchange = 1; |
106 | } | ||
107 | } | 115 | } |
108 | #endif | 116 | #endif |
109 | 117 | result = sys_auth_passwd(authctxt, password); | |
110 | return (sys_auth_passwd(authctxt, password) && ok); | 118 | if (authctxt->force_pwchange) |
119 | disable_forwarding(); | ||
120 | return (result && ok); | ||
111 | } | 121 | } |
112 | 122 | ||
113 | #ifdef BSD_AUTH | 123 | #ifdef BSD_AUTH |
124 | static void | ||
125 | warn_expiry(Authctxt *authctxt, auth_session_t *as) | ||
126 | { | ||
127 | char buf[256]; | ||
128 | quad_t pwtimeleft, actimeleft, daysleft, pwwarntime, acwarntime; | ||
129 | |||
130 | pwwarntime = acwarntime = TWO_WEEKS; | ||
131 | |||
132 | pwtimeleft = auth_check_change(as); | ||
133 | actimeleft = auth_check_expire(as); | ||
134 | #ifdef HAVE_LOGIN_CAP | ||
135 | if (authctxt->valid) { | ||
136 | pwwarntime = login_getcaptime(lc, "password-warn", TWO_WEEKS, | ||
137 | TWO_WEEKS); | ||
138 | acwarntime = login_getcaptime(lc, "expire-warn", TWO_WEEKS, | ||
139 | TWO_WEEKS); | ||
140 | } | ||
141 | #endif | ||
142 | if (pwtimeleft != 0 && pwtimeleft < pwwarntime) { | ||
143 | daysleft = pwtimeleft / DAY + 1; | ||
144 | snprintf(buf, sizeof(buf), | ||
145 | "Your password will expire in %lld day%s.\n", | ||
146 | daysleft, daysleft == 1 ? "" : "s"); | ||
147 | buffer_append(&loginmsg, buf, strlen(buf)); | ||
148 | } | ||
149 | if (actimeleft != 0 && actimeleft < acwarntime) { | ||
150 | daysleft = actimeleft / DAY + 1; | ||
151 | snprintf(buf, sizeof(buf), | ||
152 | "Your account will expire in %lld day%s.\n", | ||
153 | daysleft, daysleft == 1 ? "" : "s"); | ||
154 | buffer_append(&loginmsg, buf, strlen(buf)); | ||
155 | } | ||
156 | } | ||
157 | |||
114 | int | 158 | int |
115 | sys_auth_passwd(Authctxt *authctxt, const char *password) | 159 | sys_auth_passwd(Authctxt *authctxt, const char *password) |
116 | { | 160 | { |
117 | struct passwd *pw = authctxt->pw; | 161 | struct passwd *pw = authctxt->pw; |
118 | auth_session_t *as; | 162 | auth_session_t *as; |
163 | static int expire_checked = 0; | ||
119 | 164 | ||
120 | as = auth_usercheck(pw->pw_name, authctxt->style, "auth-ssh", | 165 | as = auth_usercheck(pw->pw_name, authctxt->style, "auth-ssh", |
121 | (char *)password); | 166 | (char *)password); |
@@ -125,6 +170,10 @@ sys_auth_passwd(Authctxt *authctxt, const char *password) | |||
125 | authctxt->force_pwchange = 1; | 170 | authctxt->force_pwchange = 1; |
126 | return (1); | 171 | return (1); |
127 | } else { | 172 | } else { |
173 | if (!expire_checked) { | ||
174 | expire_checked = 1; | ||
175 | warn_expiry(authctxt, as); | ||
176 | } | ||
128 | return (auth_close(as)); | 177 | return (auth_close(as)); |
129 | } | 178 | } |
130 | } | 179 | } |
diff --git a/auth-rsa.c b/auth-rsa.c index 16369d47c..4378008d3 100644 --- a/auth-rsa.c +++ b/auth-rsa.c | |||
@@ -14,7 +14,7 @@ | |||
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$OpenBSD: auth-rsa.c,v 1.60 2004/06/21 17:36:31 avsm Exp $"); | 17 | RCSID("$OpenBSD: auth-rsa.c,v 1.62 2004/12/11 01:48:56 dtucker Exp $"); |
18 | 18 | ||
19 | #include <openssl/rsa.h> | 19 | #include <openssl/rsa.h> |
20 | #include <openssl/md5.h> | 20 | #include <openssl/md5.h> |
@@ -33,6 +33,7 @@ RCSID("$OpenBSD: auth-rsa.c,v 1.60 2004/06/21 17:36:31 avsm Exp $"); | |||
33 | #include "hostfile.h" | 33 | #include "hostfile.h" |
34 | #include "monitor_wrap.h" | 34 | #include "monitor_wrap.h" |
35 | #include "ssh.h" | 35 | #include "ssh.h" |
36 | #include "misc.h" | ||
36 | 37 | ||
37 | /* import */ | 38 | /* import */ |
38 | extern ServerOptions options; | 39 | extern ServerOptions options; |
@@ -49,7 +50,7 @@ extern u_char session_id[16]; | |||
49 | * options bits e n comment | 50 | * options bits e n comment |
50 | * where bits, e and n are decimal numbers, | 51 | * where bits, e and n are decimal numbers, |
51 | * and comment is any string of characters up to newline. The maximum | 52 | * and comment is any string of characters up to newline. The maximum |
52 | * length of a line is 8000 characters. See the documentation for a | 53 | * length of a line is SSH_MAX_PUBKEY_BYTES characters. See sshd(8) for a |
53 | * description of the options. | 54 | * description of the options. |
54 | */ | 55 | */ |
55 | 56 | ||
@@ -152,7 +153,7 @@ auth_rsa_challenge_dialog(Key *key) | |||
152 | int | 153 | int |
153 | auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | 154 | auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) |
154 | { | 155 | { |
155 | char line[8192], *file; | 156 | char line[SSH_MAX_PUBKEY_BYTES], *file; |
156 | int allowed = 0; | 157 | int allowed = 0; |
157 | u_int bits; | 158 | u_int bits; |
158 | FILE *f; | 159 | FILE *f; |
@@ -201,12 +202,10 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) | |||
201 | * found, perform a challenge-response dialog to verify that the | 202 | * found, perform a challenge-response dialog to verify that the |
202 | * user really has the corresponding private key. | 203 | * user really has the corresponding private key. |
203 | */ | 204 | */ |
204 | while (fgets(line, sizeof(line), f)) { | 205 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
205 | char *cp; | 206 | char *cp; |
206 | char *key_options; | 207 | char *key_options; |
207 | 208 | ||
208 | linenum++; | ||
209 | |||
210 | /* Skip leading whitespace, empty and comment lines. */ | 209 | /* Skip leading whitespace, empty and comment lines. */ |
211 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) | 210 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) |
212 | ; | 211 | ; |
diff --git a/auth-shadow.c b/auth-shadow.c index a85442d72..f6004f68f 100644 --- a/auth-shadow.c +++ b/auth-shadow.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$Id: auth-shadow.c,v 1.5 2004/02/21 23:22:05 dtucker Exp $"); | 26 | RCSID("$Id: auth-shadow.c,v 1.6 2005/02/16 03:20:06 dtucker Exp $"); |
27 | 27 | ||
28 | #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) | 28 | #if defined(USE_SHADOW) && defined(HAS_SHADOW_EXPIRE) |
29 | #include <shadow.h> | 29 | #include <shadow.h> |
@@ -32,6 +32,9 @@ RCSID("$Id: auth-shadow.c,v 1.5 2004/02/21 23:22:05 dtucker Exp $"); | |||
32 | #include "buffer.h" | 32 | #include "buffer.h" |
33 | #include "log.h" | 33 | #include "log.h" |
34 | 34 | ||
35 | #ifdef DAY | ||
36 | # undef DAY | ||
37 | #endif | ||
35 | #define DAY (24L * 60 * 60) /* 1 day in seconds */ | 38 | #define DAY (24L * 60 * 60) /* 1 day in seconds */ |
36 | 39 | ||
37 | extern Buffer loginmsg; | 40 | extern Buffer loginmsg; |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth.c,v 1.56 2004/07/28 09:40:29 markus Exp $"); | 26 | RCSID("$OpenBSD: auth.c,v 1.57 2005/01/22 08:17:59 dtucker Exp $"); |
27 | 27 | ||
28 | #ifdef HAVE_LOGIN_H | 28 | #ifdef HAVE_LOGIN_H |
29 | #include <login.h> | 29 | #include <login.h> |
@@ -50,6 +50,8 @@ RCSID("$OpenBSD: auth.c,v 1.56 2004/07/28 09:40:29 markus Exp $"); | |||
50 | #include "misc.h" | 50 | #include "misc.h" |
51 | #include "bufaux.h" | 51 | #include "bufaux.h" |
52 | #include "packet.h" | 52 | #include "packet.h" |
53 | #include "loginrec.h" | ||
54 | #include "monitor_wrap.h" | ||
53 | 55 | ||
54 | /* import */ | 56 | /* import */ |
55 | extern ServerOptions options; | 57 | extern ServerOptions options; |
@@ -153,8 +155,9 @@ allowed_user(struct passwd * pw) | |||
153 | for (i = 0; i < options.num_deny_users; i++) | 155 | for (i = 0; i < options.num_deny_users; i++) |
154 | if (match_user(pw->pw_name, hostname, ipaddr, | 156 | if (match_user(pw->pw_name, hostname, ipaddr, |
155 | options.deny_users[i])) { | 157 | options.deny_users[i])) { |
156 | logit("User %.100s not allowed because listed in DenyUsers", | 158 | logit("User %.100s from %.100s not allowed " |
157 | pw->pw_name); | 159 | "because listed in DenyUsers", |
160 | pw->pw_name, hostname); | ||
158 | return 0; | 161 | return 0; |
159 | } | 162 | } |
160 | } | 163 | } |
@@ -166,16 +169,16 @@ allowed_user(struct passwd * pw) | |||
166 | break; | 169 | break; |
167 | /* i < options.num_allow_users iff we break for loop */ | 170 | /* i < options.num_allow_users iff we break for loop */ |
168 | if (i >= options.num_allow_users) { | 171 | if (i >= options.num_allow_users) { |
169 | logit("User %.100s not allowed because not listed in AllowUsers", | 172 | logit("User %.100s from %.100s not allowed because " |
170 | pw->pw_name); | 173 | "not listed in AllowUsers", pw->pw_name, hostname); |
171 | return 0; | 174 | return 0; |
172 | } | 175 | } |
173 | } | 176 | } |
174 | if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { | 177 | if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { |
175 | /* Get the user's group access list (primary and supplementary) */ | 178 | /* Get the user's group access list (primary and supplementary) */ |
176 | if (ga_init(pw->pw_name, pw->pw_gid) == 0) { | 179 | if (ga_init(pw->pw_name, pw->pw_gid) == 0) { |
177 | logit("User %.100s not allowed because not in any group", | 180 | logit("User %.100s from %.100s not allowed because " |
178 | pw->pw_name); | 181 | "not in any group", pw->pw_name, hostname); |
179 | return 0; | 182 | return 0; |
180 | } | 183 | } |
181 | 184 | ||
@@ -184,8 +187,9 @@ allowed_user(struct passwd * pw) | |||
184 | if (ga_match(options.deny_groups, | 187 | if (ga_match(options.deny_groups, |
185 | options.num_deny_groups)) { | 188 | options.num_deny_groups)) { |
186 | ga_free(); | 189 | ga_free(); |
187 | logit("User %.100s not allowed because a group is listed in DenyGroups", | 190 | logit("User %.100s from %.100s not allowed " |
188 | pw->pw_name); | 191 | "because a group is listed in DenyGroups", |
192 | pw->pw_name, hostname); | ||
189 | return 0; | 193 | return 0; |
190 | } | 194 | } |
191 | /* | 195 | /* |
@@ -196,15 +200,16 @@ allowed_user(struct passwd * pw) | |||
196 | if (!ga_match(options.allow_groups, | 200 | if (!ga_match(options.allow_groups, |
197 | options.num_allow_groups)) { | 201 | options.num_allow_groups)) { |
198 | ga_free(); | 202 | ga_free(); |
199 | logit("User %.100s not allowed because none of user's groups are listed in AllowGroups", | 203 | logit("User %.100s from %.100s not allowed " |
200 | pw->pw_name); | 204 | "because none of user's groups are listed " |
205 | "in AllowGroups", pw->pw_name, hostname); | ||
201 | return 0; | 206 | return 0; |
202 | } | 207 | } |
203 | ga_free(); | 208 | ga_free(); |
204 | } | 209 | } |
205 | 210 | ||
206 | #ifdef CUSTOM_SYS_AUTH_ALLOWED_USER | 211 | #ifdef CUSTOM_SYS_AUTH_ALLOWED_USER |
207 | if (!sys_auth_allowed_user(pw)) | 212 | if (!sys_auth_allowed_user(pw, &loginmsg)) |
208 | return 0; | 213 | return 0; |
209 | #endif | 214 | #endif |
210 | 215 | ||
@@ -240,8 +245,50 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info) | |||
240 | info); | 245 | info); |
241 | 246 | ||
242 | #ifdef CUSTOM_FAILED_LOGIN | 247 | #ifdef CUSTOM_FAILED_LOGIN |
243 | if (authenticated == 0 && strcmp(method, "password") == 0) | 248 | if (authenticated == 0 && !authctxt->postponed && |
244 | record_failed_login(authctxt->user, "ssh"); | 249 | (strcmp(method, "password") == 0 || |
250 | strncmp(method, "keyboard-interactive", 20) == 0 || | ||
251 | strcmp(method, "challenge-response") == 0)) | ||
252 | record_failed_login(authctxt->user, | ||
253 | get_canonical_hostname(options.use_dns), "ssh"); | ||
254 | #endif | ||
255 | #ifdef SSH_AUDIT_EVENTS | ||
256 | if (authenticated == 0 && !authctxt->postponed) { | ||
257 | ssh_audit_event_t event; | ||
258 | |||
259 | debug3("audit failed auth attempt, method %s euid %d", | ||
260 | method, (int)geteuid()); | ||
261 | /* | ||
262 | * Because the auth loop is used in both monitor and slave, | ||
263 | * we must be careful to send each event only once and with | ||
264 | * enough privs to write the event. | ||
265 | */ | ||
266 | event = audit_classify_auth(method); | ||
267 | switch(event) { | ||
268 | case SSH_AUTH_FAIL_NONE: | ||
269 | case SSH_AUTH_FAIL_PASSWD: | ||
270 | case SSH_AUTH_FAIL_KBDINT: | ||
271 | if (geteuid() == 0) | ||
272 | audit_event(event); | ||
273 | break; | ||
274 | case SSH_AUTH_FAIL_PUBKEY: | ||
275 | case SSH_AUTH_FAIL_HOSTBASED: | ||
276 | case SSH_AUTH_FAIL_GSSAPI: | ||
277 | /* | ||
278 | * This is required to handle the case where privsep | ||
279 | * is enabled but it's root logging in, since | ||
280 | * use_privsep won't be cleared until after a | ||
281 | * successful login. | ||
282 | */ | ||
283 | if (geteuid() == 0) | ||
284 | audit_event(event); | ||
285 | else | ||
286 | PRIVSEP(audit_event(event)); | ||
287 | break; | ||
288 | default: | ||
289 | error("unknown authentication audit event %d", event); | ||
290 | } | ||
291 | } | ||
245 | #endif | 292 | #endif |
246 | } | 293 | } |
247 | 294 | ||
@@ -465,8 +512,12 @@ getpwnamallow(const char *user) | |||
465 | logit("Invalid user %.100s from %.100s", | 512 | logit("Invalid user %.100s from %.100s", |
466 | user, get_remote_ipaddr()); | 513 | user, get_remote_ipaddr()); |
467 | #ifdef CUSTOM_FAILED_LOGIN | 514 | #ifdef CUSTOM_FAILED_LOGIN |
468 | record_failed_login(user, "ssh"); | 515 | record_failed_login(user, |
516 | get_canonical_hostname(options.use_dns), "ssh"); | ||
469 | #endif | 517 | #endif |
518 | #ifdef SSH_AUDIT_EVENTS | ||
519 | audit_event(SSH_INVALID_USER); | ||
520 | #endif /* SSH_AUDIT_EVENTS */ | ||
470 | return (NULL); | 521 | return (NULL); |
471 | } | 522 | } |
472 | if (!allowed_user(pw)) | 523 | if (!allowed_user(pw)) |
@@ -130,6 +130,9 @@ int auth_shadow_pwexpired(Authctxt *); | |||
130 | #endif | 130 | #endif |
131 | 131 | ||
132 | #include "auth-pam.h" | 132 | #include "auth-pam.h" |
133 | #include "audit.h" | ||
134 | void remove_kbdint_device(const char *); | ||
135 | |||
133 | void disable_forwarding(void); | 136 | void disable_forwarding(void); |
134 | 137 | ||
135 | void do_authentication(Authctxt *); | 138 | void do_authentication(Authctxt *); |
@@ -137,6 +140,7 @@ void do_authentication2(Authctxt *); | |||
137 | 140 | ||
138 | void auth_log(Authctxt *, int, char *, char *); | 141 | void auth_log(Authctxt *, int, char *, char *); |
139 | void userauth_finish(Authctxt *, int, char *); | 142 | void userauth_finish(Authctxt *, int, char *); |
143 | void userauth_send_banner(const char *); | ||
140 | int auth_root_allowed(char *); | 144 | int auth_root_allowed(char *); |
141 | 145 | ||
142 | char *auth2_read_banner(void); | 146 | char *auth2_read_banner(void); |
@@ -25,9 +25,11 @@ RCSID("$OpenBSD: auth1.c,v 1.59 2004/07/28 09:40:29 markus Exp $"); | |||
25 | #include "session.h" | 25 | #include "session.h" |
26 | #include "uidswap.h" | 26 | #include "uidswap.h" |
27 | #include "monitor_wrap.h" | 27 | #include "monitor_wrap.h" |
28 | #include "buffer.h" | ||
28 | 29 | ||
29 | /* import */ | 30 | /* import */ |
30 | extern ServerOptions options; | 31 | extern ServerOptions options; |
32 | extern Buffer loginmsg; | ||
31 | 33 | ||
32 | /* | 34 | /* |
33 | * convert ssh auth msg type into description | 35 | * convert ssh auth msg type into description |
@@ -245,14 +247,33 @@ do_authloop(Authctxt *authctxt) | |||
245 | #else | 247 | #else |
246 | /* Special handling for root */ | 248 | /* Special handling for root */ |
247 | if (authenticated && authctxt->pw->pw_uid == 0 && | 249 | if (authenticated && authctxt->pw->pw_uid == 0 && |
248 | !auth_root_allowed(get_authname(type))) | 250 | !auth_root_allowed(get_authname(type))) { |
249 | authenticated = 0; | 251 | authenticated = 0; |
252 | # ifdef SSH_AUDIT_EVENTS | ||
253 | PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); | ||
254 | # endif | ||
255 | } | ||
250 | #endif | 256 | #endif |
251 | 257 | ||
252 | #ifdef USE_PAM | 258 | #ifdef USE_PAM |
253 | if (options.use_pam && authenticated && | 259 | if (options.use_pam && authenticated && |
254 | !PRIVSEP(do_pam_account())) | 260 | !PRIVSEP(do_pam_account())) { |
255 | authenticated = 0; | 261 | char *msg; |
262 | size_t len; | ||
263 | |||
264 | error("Access denied for user %s by PAM account " | ||
265 | "configuration", authctxt->user); | ||
266 | len = buffer_len(&loginmsg); | ||
267 | buffer_append(&loginmsg, "\0", 1); | ||
268 | msg = buffer_ptr(&loginmsg); | ||
269 | /* strip trailing newlines */ | ||
270 | if (len > 0) | ||
271 | while (len > 0 && msg[--len] == '\n') | ||
272 | msg[len] = '\0'; | ||
273 | else | ||
274 | msg = "Access denied."; | ||
275 | packet_disconnect(msg); | ||
276 | } | ||
256 | #endif | 277 | #endif |
257 | 278 | ||
258 | /* Log before sending the reply */ | 279 | /* Log before sending the reply */ |
@@ -266,8 +287,12 @@ do_authloop(Authctxt *authctxt) | |||
266 | if (authenticated) | 287 | if (authenticated) |
267 | return; | 288 | return; |
268 | 289 | ||
269 | if (authctxt->failures++ > options.max_authtries) | 290 | if (authctxt->failures++ > options.max_authtries) { |
291 | #ifdef SSH_AUDIT_EVENTS | ||
292 | PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); | ||
293 | #endif | ||
270 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); | 294 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); |
295 | } | ||
271 | 296 | ||
272 | packet_start(SSH_SMSG_FAILURE); | 297 | packet_start(SSH_SMSG_FAILURE); |
273 | packet_send(); | 298 | packet_send(); |
diff --git a/auth2-chall.c b/auth2-chall.c index f5f2f1477..4e2b1e856 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
@@ -23,7 +23,7 @@ | |||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | */ | 24 | */ |
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2-chall.c,v 1.21 2004/06/01 14:20:45 dtucker Exp $"); | 26 | RCSID("$OpenBSD: auth2-chall.c,v 1.22 2005/01/19 13:11:47 dtucker Exp $"); |
27 | 27 | ||
28 | #include "ssh2.h" | 28 | #include "ssh2.h" |
29 | #include "auth.h" | 29 | #include "auth.h" |
@@ -32,6 +32,10 @@ RCSID("$OpenBSD: auth2-chall.c,v 1.21 2004/06/01 14:20:45 dtucker Exp $"); | |||
32 | #include "xmalloc.h" | 32 | #include "xmalloc.h" |
33 | #include "dispatch.h" | 33 | #include "dispatch.h" |
34 | #include "log.h" | 34 | #include "log.h" |
35 | #include "servconf.h" | ||
36 | |||
37 | /* import */ | ||
38 | extern ServerOptions options; | ||
35 | 39 | ||
36 | static int auth2_challenge_start(Authctxt *); | 40 | static int auth2_challenge_start(Authctxt *); |
37 | static int send_userauth_info_request(Authctxt *); | 41 | static int send_userauth_info_request(Authctxt *); |
@@ -71,6 +75,21 @@ struct KbdintAuthctxt | |||
71 | u_int nreq; | 75 | u_int nreq; |
72 | }; | 76 | }; |
73 | 77 | ||
78 | #ifdef USE_PAM | ||
79 | void | ||
80 | remove_kbdint_device(const char *devname) | ||
81 | { | ||
82 | int i, j; | ||
83 | |||
84 | for (i = 0; devices[i] != NULL; i++) | ||
85 | if (strcmp(devices[i]->name, devname) == 0) { | ||
86 | for (j = i; devices[j] != NULL; j++) | ||
87 | devices[j] = devices[j+1]; | ||
88 | i--; | ||
89 | } | ||
90 | } | ||
91 | #endif | ||
92 | |||
74 | static KbdintAuthctxt * | 93 | static KbdintAuthctxt * |
75 | kbdint_alloc(const char *devs) | 94 | kbdint_alloc(const char *devs) |
76 | { | 95 | { |
@@ -78,6 +97,11 @@ kbdint_alloc(const char *devs) | |||
78 | Buffer b; | 97 | Buffer b; |
79 | int i; | 98 | int i; |
80 | 99 | ||
100 | #ifdef USE_PAM | ||
101 | if (!options.use_pam) | ||
102 | remove_kbdint_device("pam"); | ||
103 | #endif | ||
104 | |||
81 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); | 105 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); |
82 | if (strcmp(devs, "") == 0) { | 106 | if (strcmp(devs, "") == 0) { |
83 | buffer_init(&b); | 107 | buffer_init(&b); |
diff --git a/auth2-kbdint.c b/auth2-kbdint.c index 1696ef4d3..fa8364975 100644 --- a/auth2-kbdint.c +++ b/auth2-kbdint.c | |||
@@ -53,7 +53,7 @@ userauth_kbdint(Authctxt *authctxt) | |||
53 | xfree(lang); | 53 | xfree(lang); |
54 | #ifdef HAVE_CYGWIN | 54 | #ifdef HAVE_CYGWIN |
55 | if (check_nt_auth(0, authctxt->pw) == 0) | 55 | if (check_nt_auth(0, authctxt->pw) == 0) |
56 | return(0); | 56 | authenticated = 0; |
57 | #endif | 57 | #endif |
58 | return authenticated; | 58 | return authenticated; |
59 | } | 59 | } |
diff --git a/auth2-none.c b/auth2-none.c index 2bf5b5c80..1c30a3203 100644 --- a/auth2-none.c +++ b/auth2-none.c | |||
@@ -74,6 +74,19 @@ auth2_read_banner(void) | |||
74 | return (banner); | 74 | return (banner); |
75 | } | 75 | } |
76 | 76 | ||
77 | void | ||
78 | userauth_send_banner(const char *msg) | ||
79 | { | ||
80 | if (datafellows & SSH_BUG_BANNER) | ||
81 | return; | ||
82 | |||
83 | packet_start(SSH2_MSG_USERAUTH_BANNER); | ||
84 | packet_put_cstring(msg); | ||
85 | packet_put_cstring(""); /* language, unused */ | ||
86 | packet_send(); | ||
87 | debug("%s: sent", __func__); | ||
88 | } | ||
89 | |||
77 | static void | 90 | static void |
78 | userauth_banner(void) | 91 | userauth_banner(void) |
79 | { | 92 | { |
@@ -84,12 +97,8 @@ userauth_banner(void) | |||
84 | 97 | ||
85 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) | 98 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) |
86 | goto done; | 99 | goto done; |
100 | userauth_send_banner(banner); | ||
87 | 101 | ||
88 | packet_start(SSH2_MSG_USERAUTH_BANNER); | ||
89 | packet_put_cstring(banner); | ||
90 | packet_put_cstring(""); /* language, unused */ | ||
91 | packet_send(); | ||
92 | debug("userauth_banner: sent"); | ||
93 | done: | 102 | done: |
94 | if (banner) | 103 | if (banner) |
95 | xfree(banner); | 104 | xfree(banner); |
@@ -103,7 +112,7 @@ userauth_none(Authctxt *authctxt) | |||
103 | userauth_banner(); | 112 | userauth_banner(); |
104 | #ifdef HAVE_CYGWIN | 113 | #ifdef HAVE_CYGWIN |
105 | if (check_nt_auth(1, authctxt->pw) == 0) | 114 | if (check_nt_auth(1, authctxt->pw) == 0) |
106 | return(0); | 115 | return (0); |
107 | #endif | 116 | #endif |
108 | if (options.password_authentication) | 117 | if (options.password_authentication) |
109 | return (PRIVSEP(auth_password(authctxt, ""))); | 118 | return (PRIVSEP(auth_password(authctxt, ""))); |
diff --git a/auth2-passwd.c b/auth2-passwd.c index a4f482d2e..2321ef47b 100644 --- a/auth2-passwd.c +++ b/auth2-passwd.c | |||
@@ -55,12 +55,12 @@ userauth_passwd(Authctxt *authctxt) | |||
55 | 55 | ||
56 | if (change) | 56 | if (change) |
57 | logit("password change not supported"); | 57 | logit("password change not supported"); |
58 | else if (PRIVSEP(auth_password(authctxt, password)) == 1 | 58 | else if (PRIVSEP(auth_password(authctxt, password)) == 1) |
59 | authenticated = 1; | ||
59 | #ifdef HAVE_CYGWIN | 60 | #ifdef HAVE_CYGWIN |
60 | && check_nt_auth(1, authctxt->pw) | 61 | if (check_nt_auth(1, authctxt->pw) == 0) |
62 | authenticated = 0; | ||
61 | #endif | 63 | #endif |
62 | ) | ||
63 | authenticated = 1; | ||
64 | memset(password, 0, len); | 64 | memset(password, 0, len); |
65 | xfree(password); | 65 | xfree(password); |
66 | return authenticated; | 66 | return authenticated; |
diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 9898d4a63..a97d0f430 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c | |||
@@ -23,8 +23,9 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2-pubkey.c,v 1.7 2004/06/21 17:36:31 avsm Exp $"); | 26 | RCSID("$OpenBSD: auth2-pubkey.c,v 1.9 2004/12/11 01:48:56 dtucker Exp $"); |
27 | 27 | ||
28 | #include "ssh.h" | ||
28 | #include "ssh2.h" | 29 | #include "ssh2.h" |
29 | #include "xmalloc.h" | 30 | #include "xmalloc.h" |
30 | #include "packet.h" | 31 | #include "packet.h" |
@@ -40,6 +41,7 @@ RCSID("$OpenBSD: auth2-pubkey.c,v 1.7 2004/06/21 17:36:31 avsm Exp $"); | |||
40 | #include "auth-options.h" | 41 | #include "auth-options.h" |
41 | #include "canohost.h" | 42 | #include "canohost.h" |
42 | #include "monitor_wrap.h" | 43 | #include "monitor_wrap.h" |
44 | #include "misc.h" | ||
43 | 45 | ||
44 | /* import */ | 46 | /* import */ |
45 | extern ServerOptions options; | 47 | extern ServerOptions options; |
@@ -158,7 +160,7 @@ done: | |||
158 | xfree(pkblob); | 160 | xfree(pkblob); |
159 | #ifdef HAVE_CYGWIN | 161 | #ifdef HAVE_CYGWIN |
160 | if (check_nt_auth(0, authctxt->pw) == 0) | 162 | if (check_nt_auth(0, authctxt->pw) == 0) |
161 | return(0); | 163 | authenticated = 0; |
162 | #endif | 164 | #endif |
163 | return authenticated; | 165 | return authenticated; |
164 | } | 166 | } |
@@ -167,7 +169,7 @@ done: | |||
167 | static int | 169 | static int |
168 | user_key_allowed2(struct passwd *pw, Key *key, char *file) | 170 | user_key_allowed2(struct passwd *pw, Key *key, char *file) |
169 | { | 171 | { |
170 | char line[8192]; | 172 | char line[SSH_MAX_PUBKEY_BYTES]; |
171 | int found_key = 0; | 173 | int found_key = 0; |
172 | FILE *f; | 174 | FILE *f; |
173 | u_long linenum = 0; | 175 | u_long linenum = 0; |
@@ -204,9 +206,9 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) | |||
204 | found_key = 0; | 206 | found_key = 0; |
205 | found = key_new(key->type); | 207 | found = key_new(key->type); |
206 | 208 | ||
207 | while (fgets(line, sizeof(line), f)) { | 209 | while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { |
208 | char *cp, *key_options = NULL; | 210 | char *cp, *key_options = NULL; |
209 | linenum++; | 211 | |
210 | /* Skip leading whitespace, empty and comment lines. */ | 212 | /* Skip leading whitespace, empty and comment lines. */ |
211 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) | 213 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) |
212 | ; | 214 | ; |
@@ -35,6 +35,7 @@ RCSID("$OpenBSD: auth2.c,v 1.107 2004/07/28 09:40:29 markus Exp $"); | |||
35 | #include "dispatch.h" | 35 | #include "dispatch.h" |
36 | #include "pathnames.h" | 36 | #include "pathnames.h" |
37 | #include "monitor_wrap.h" | 37 | #include "monitor_wrap.h" |
38 | #include "buffer.h" | ||
38 | 39 | ||
39 | #ifdef GSSAPI | 40 | #ifdef GSSAPI |
40 | #include "ssh-gss.h" | 41 | #include "ssh-gss.h" |
@@ -44,6 +45,7 @@ RCSID("$OpenBSD: auth2.c,v 1.107 2004/07/28 09:40:29 markus Exp $"); | |||
44 | extern ServerOptions options; | 45 | extern ServerOptions options; |
45 | extern u_char *session_id2; | 46 | extern u_char *session_id2; |
46 | extern u_int session_id2_len; | 47 | extern u_int session_id2_len; |
48 | extern Buffer loginmsg; | ||
47 | 49 | ||
48 | /* methods */ | 50 | /* methods */ |
49 | 51 | ||
@@ -165,6 +167,9 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) | |||
165 | if (options.use_pam) | 167 | if (options.use_pam) |
166 | PRIVSEP(start_pam(authctxt)); | 168 | PRIVSEP(start_pam(authctxt)); |
167 | #endif | 169 | #endif |
170 | #ifdef SSH_AUDIT_EVENTS | ||
171 | PRIVSEP(audit_event(SSH_INVALID_USER)); | ||
172 | #endif | ||
168 | } | 173 | } |
169 | setproctitle("%s%s", authctxt->valid ? user : "unknown", | 174 | setproctitle("%s%s", authctxt->valid ? user : "unknown", |
170 | use_privsep ? " [net]" : ""); | 175 | use_privsep ? " [net]" : ""); |
@@ -212,12 +217,26 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) | |||
212 | 217 | ||
213 | /* Special handling for root */ | 218 | /* Special handling for root */ |
214 | if (authenticated && authctxt->pw->pw_uid == 0 && | 219 | if (authenticated && authctxt->pw->pw_uid == 0 && |
215 | !auth_root_allowed(method)) | 220 | !auth_root_allowed(method)) { |
216 | authenticated = 0; | 221 | authenticated = 0; |
222 | #ifdef SSH_AUDIT_EVENTS | ||
223 | PRIVSEP(audit_event(SSH_LOGIN_ROOT_DENIED)); | ||
224 | #endif | ||
225 | } | ||
217 | 226 | ||
218 | #ifdef USE_PAM | 227 | #ifdef USE_PAM |
219 | if (options.use_pam && authenticated && !PRIVSEP(do_pam_account())) | 228 | if (options.use_pam && authenticated) { |
220 | authenticated = 0; | 229 | if (!PRIVSEP(do_pam_account())) { |
230 | /* if PAM returned a message, send it to the user */ | ||
231 | if (buffer_len(&loginmsg) > 0) { | ||
232 | buffer_append(&loginmsg, "\0", 1); | ||
233 | userauth_send_banner(buffer_ptr(&loginmsg)); | ||
234 | packet_write_wait(); | ||
235 | } | ||
236 | fatal("Access denied for user %s by PAM account " | ||
237 | "configuration", authctxt->user); | ||
238 | } | ||
239 | } | ||
221 | #endif | 240 | #endif |
222 | 241 | ||
223 | #ifdef _UNICOS | 242 | #ifdef _UNICOS |
@@ -243,8 +262,12 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) | |||
243 | /* now we can break out */ | 262 | /* now we can break out */ |
244 | authctxt->success = 1; | 263 | authctxt->success = 1; |
245 | } else { | 264 | } else { |
246 | if (authctxt->failures++ > options.max_authtries) | 265 | if (authctxt->failures++ > options.max_authtries) { |
266 | #ifdef SSH_AUDIT_EVENTS | ||
267 | PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); | ||
268 | #endif | ||
247 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); | 269 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); |
270 | } | ||
248 | methods = authmethods_get(); | 271 | methods = authmethods_get(); |
249 | packet_start(SSH2_MSG_USERAUTH_FAILURE); | 272 | packet_start(SSH2_MSG_USERAUTH_FAILURE); |
250 | packet_put_cstring(methods); | 273 | packet_put_cstring(methods); |
diff --git a/authfile.c b/authfile.c index 76a60d020..6a04cd7a9 100644 --- a/authfile.c +++ b/authfile.c | |||
@@ -36,7 +36,7 @@ | |||
36 | */ | 36 | */ |
37 | 37 | ||
38 | #include "includes.h" | 38 | #include "includes.h" |
39 | RCSID("$OpenBSD: authfile.c,v 1.57 2004/06/21 17:36:31 avsm Exp $"); | 39 | RCSID("$OpenBSD: authfile.c,v 1.60 2004/12/11 01:48:56 dtucker Exp $"); |
40 | 40 | ||
41 | #include <openssl/err.h> | 41 | #include <openssl/err.h> |
42 | #include <openssl/evp.h> | 42 | #include <openssl/evp.h> |
@@ -51,6 +51,7 @@ RCSID("$OpenBSD: authfile.c,v 1.57 2004/06/21 17:36:31 avsm Exp $"); | |||
51 | #include "log.h" | 51 | #include "log.h" |
52 | #include "authfile.h" | 52 | #include "authfile.h" |
53 | #include "rsa.h" | 53 | #include "rsa.h" |
54 | #include "misc.h" | ||
54 | 55 | ||
55 | /* Version identification string for SSH v1 identity files. */ | 56 | /* Version identification string for SSH v1 identity files. */ |
56 | static const char authfile_id_string[] = | 57 | static const char authfile_id_string[] = |
@@ -243,8 +244,10 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) | |||
243 | filename, strerror(errno)); | 244 | filename, strerror(errno)); |
244 | return NULL; | 245 | return NULL; |
245 | } | 246 | } |
246 | if (st.st_size > 1*1024*1024) | 247 | if (st.st_size > 1*1024*1024) { |
247 | close(fd); | 248 | error("key file %.200s too large", filename); |
249 | return NULL; | ||
250 | } | ||
248 | len = (size_t)st.st_size; /* truncated */ | 251 | len = (size_t)st.st_size; /* truncated */ |
249 | 252 | ||
250 | buffer_init(&buffer); | 253 | buffer_init(&buffer); |
@@ -335,6 +338,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, | |||
335 | return NULL; | 338 | return NULL; |
336 | } | 339 | } |
337 | if (st.st_size > 1*1024*1024) { | 340 | if (st.st_size > 1*1024*1024) { |
341 | error("key file %.200s too large", filename); | ||
338 | close(fd); | 342 | close(fd); |
339 | return (NULL); | 343 | return (NULL); |
340 | } | 344 | } |
@@ -598,13 +602,14 @@ static int | |||
598 | key_try_load_public(Key *k, const char *filename, char **commentp) | 602 | key_try_load_public(Key *k, const char *filename, char **commentp) |
599 | { | 603 | { |
600 | FILE *f; | 604 | FILE *f; |
601 | char line[4096]; | 605 | char line[SSH_MAX_PUBKEY_BYTES]; |
602 | char *cp; | 606 | char *cp; |
607 | u_long linenum = 0; | ||
603 | 608 | ||
604 | f = fopen(filename, "r"); | 609 | f = fopen(filename, "r"); |
605 | if (f != NULL) { | 610 | if (f != NULL) { |
606 | while (fgets(line, sizeof(line), f)) { | 611 | while (read_keyfile_line(f, filename, line, sizeof(line), |
607 | line[sizeof(line)-1] = '\0'; | 612 | &linenum) != -1) { |
608 | cp = line; | 613 | cp = line; |
609 | switch (*cp) { | 614 | switch (*cp) { |
610 | case '#': | 615 | case '#': |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: bufaux.c,v 1.32 2004/02/23 15:12:46 markus Exp $"); | 40 | RCSID("$OpenBSD: bufaux.c,v 1.34 2004/12/06 16:00:43 markus Exp $"); |
41 | 41 | ||
42 | #include <openssl/bn.h> | 42 | #include <openssl/bn.h> |
43 | #include "bufaux.h" | 43 | #include "bufaux.h" |
@@ -49,8 +49,8 @@ RCSID("$OpenBSD: bufaux.c,v 1.32 2004/02/23 15:12:46 markus Exp $"); | |||
49 | * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed | 49 | * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed |
50 | * by (bits+7)/8 bytes of binary data, msb first. | 50 | * by (bits+7)/8 bytes of binary data, msb first. |
51 | */ | 51 | */ |
52 | void | 52 | int |
53 | buffer_put_bignum(Buffer *buffer, const BIGNUM *value) | 53 | buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value) |
54 | { | 54 | { |
55 | int bits = BN_num_bits(value); | 55 | int bits = BN_num_bits(value); |
56 | int bin_size = (bits + 7) / 8; | 56 | int bin_size = (bits + 7) / 8; |
@@ -60,9 +60,11 @@ buffer_put_bignum(Buffer *buffer, const BIGNUM *value) | |||
60 | 60 | ||
61 | /* Get the value of in binary */ | 61 | /* Get the value of in binary */ |
62 | oi = BN_bn2bin(value, buf); | 62 | oi = BN_bn2bin(value, buf); |
63 | if (oi != bin_size) | 63 | if (oi != bin_size) { |
64 | fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", | 64 | error("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d", |
65 | oi, bin_size); | 65 | oi, bin_size); |
66 | return (-1); | ||
67 | } | ||
66 | 68 | ||
67 | /* Store the number of bits in the buffer in two bytes, msb first. */ | 69 | /* Store the number of bits in the buffer in two bytes, msb first. */ |
68 | PUT_16BIT(msg, bits); | 70 | PUT_16BIT(msg, bits); |
@@ -72,36 +74,63 @@ buffer_put_bignum(Buffer *buffer, const BIGNUM *value) | |||
72 | 74 | ||
73 | memset(buf, 0, bin_size); | 75 | memset(buf, 0, bin_size); |
74 | xfree(buf); | 76 | xfree(buf); |
77 | |||
78 | return (0); | ||
79 | } | ||
80 | |||
81 | void | ||
82 | buffer_put_bignum(Buffer *buffer, const BIGNUM *value) | ||
83 | { | ||
84 | if (buffer_put_bignum_ret(buffer, value) == -1) | ||
85 | fatal("buffer_put_bignum: buffer error"); | ||
75 | } | 86 | } |
76 | 87 | ||
77 | /* | 88 | /* |
78 | * Retrieves an BIGNUM from the buffer. | 89 | * Retrieves an BIGNUM from the buffer. |
79 | */ | 90 | */ |
80 | void | 91 | int |
81 | buffer_get_bignum(Buffer *buffer, BIGNUM *value) | 92 | buffer_get_bignum_ret(Buffer *buffer, BIGNUM *value) |
82 | { | 93 | { |
83 | u_int bits, bytes; | 94 | u_int bits, bytes; |
84 | u_char buf[2], *bin; | 95 | u_char buf[2], *bin; |
85 | 96 | ||
86 | /* Get the number for bits. */ | 97 | /* Get the number for bits. */ |
87 | buffer_get(buffer, (char *) buf, 2); | 98 | if (buffer_get_ret(buffer, (char *) buf, 2) == -1) { |
99 | error("buffer_get_bignum_ret: invalid length"); | ||
100 | return (-1); | ||
101 | } | ||
88 | bits = GET_16BIT(buf); | 102 | bits = GET_16BIT(buf); |
89 | /* Compute the number of binary bytes that follow. */ | 103 | /* Compute the number of binary bytes that follow. */ |
90 | bytes = (bits + 7) / 8; | 104 | bytes = (bits + 7) / 8; |
91 | if (bytes > 8 * 1024) | 105 | if (bytes > 8 * 1024) { |
92 | fatal("buffer_get_bignum: cannot handle BN of size %d", bytes); | 106 | error("buffer_get_bignum_ret: cannot handle BN of size %d", bytes); |
93 | if (buffer_len(buffer) < bytes) | 107 | return (-1); |
94 | fatal("buffer_get_bignum: input buffer too small"); | 108 | } |
109 | if (buffer_len(buffer) < bytes) { | ||
110 | error("buffer_get_bignum_ret: input buffer too small"); | ||
111 | return (-1); | ||
112 | } | ||
95 | bin = buffer_ptr(buffer); | 113 | bin = buffer_ptr(buffer); |
96 | BN_bin2bn(bin, bytes, value); | 114 | BN_bin2bn(bin, bytes, value); |
97 | buffer_consume(buffer, bytes); | 115 | if (buffer_consume_ret(buffer, bytes) == -1) { |
116 | error("buffer_get_bignum_ret: buffer_consume failed"); | ||
117 | return (-1); | ||
118 | } | ||
119 | return (0); | ||
120 | } | ||
121 | |||
122 | void | ||
123 | buffer_get_bignum(Buffer *buffer, BIGNUM *value) | ||
124 | { | ||
125 | if (buffer_get_bignum_ret(buffer, value) == -1) | ||
126 | fatal("buffer_get_bignum: buffer error"); | ||
98 | } | 127 | } |
99 | 128 | ||
100 | /* | 129 | /* |
101 | * Stores an BIGNUM in the buffer in SSH2 format. | 130 | * Stores an BIGNUM in the buffer in SSH2 format. |
102 | */ | 131 | */ |
103 | void | 132 | int |
104 | buffer_put_bignum2(Buffer *buffer, const BIGNUM *value) | 133 | buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value) |
105 | { | 134 | { |
106 | u_int bytes; | 135 | u_int bytes; |
107 | u_char *buf; | 136 | u_char *buf; |
@@ -110,69 +139,140 @@ buffer_put_bignum2(Buffer *buffer, const BIGNUM *value) | |||
110 | 139 | ||
111 | if (BN_is_zero(value)) { | 140 | if (BN_is_zero(value)) { |
112 | buffer_put_int(buffer, 0); | 141 | buffer_put_int(buffer, 0); |
113 | return; | 142 | return 0; |
143 | } | ||
144 | if (value->neg) { | ||
145 | error("buffer_put_bignum2_ret: negative numbers not supported"); | ||
146 | return (-1); | ||
114 | } | 147 | } |
115 | if (value->neg) | ||
116 | fatal("buffer_put_bignum2: negative numbers not supported"); | ||
117 | bytes = BN_num_bytes(value) + 1; /* extra padding byte */ | 148 | bytes = BN_num_bytes(value) + 1; /* extra padding byte */ |
118 | if (bytes < 2) | 149 | if (bytes < 2) { |
119 | fatal("buffer_put_bignum2: BN too small"); | 150 | error("buffer_put_bignum2_ret: BN too small"); |
151 | return (-1); | ||
152 | } | ||
120 | buf = xmalloc(bytes); | 153 | buf = xmalloc(bytes); |
121 | buf[0] = '\0'; | 154 | buf[0] = 0x00; |
122 | /* Get the value of in binary */ | 155 | /* Get the value of in binary */ |
123 | oi = BN_bn2bin(value, buf+1); | 156 | oi = BN_bn2bin(value, buf+1); |
124 | if (oi != bytes-1) | 157 | if (oi != bytes-1) { |
125 | fatal("buffer_put_bignum2: BN_bn2bin() failed: " | 158 | error("buffer_put_bignum2_ret: BN_bn2bin() failed: " |
126 | "oi %d != bin_size %d", oi, bytes); | 159 | "oi %d != bin_size %d", oi, bytes); |
160 | xfree(buf); | ||
161 | return (-1); | ||
162 | } | ||
127 | hasnohigh = (buf[1] & 0x80) ? 0 : 1; | 163 | hasnohigh = (buf[1] & 0x80) ? 0 : 1; |
128 | buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh); | 164 | buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh); |
129 | memset(buf, 0, bytes); | 165 | memset(buf, 0, bytes); |
130 | xfree(buf); | 166 | xfree(buf); |
167 | return (0); | ||
131 | } | 168 | } |
132 | 169 | ||
133 | void | 170 | void |
134 | buffer_get_bignum2(Buffer *buffer, BIGNUM *value) | 171 | buffer_put_bignum2(Buffer *buffer, const BIGNUM *value) |
172 | { | ||
173 | if (buffer_put_bignum2_ret(buffer, value) == -1) | ||
174 | fatal("buffer_put_bignum2: buffer error"); | ||
175 | } | ||
176 | |||
177 | int | ||
178 | buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value) | ||
135 | { | 179 | { |
136 | u_int len; | 180 | u_int len; |
137 | u_char *bin = buffer_get_string(buffer, &len); | 181 | u_char *bin; |
182 | |||
183 | if ((bin = buffer_get_string_ret(buffer, &len)) == NULL) { | ||
184 | error("buffer_get_bignum2_ret: invalid bignum"); | ||
185 | return (-1); | ||
186 | } | ||
138 | 187 | ||
139 | if (len > 0 && (bin[0] & 0x80)) | 188 | if (len > 0 && (bin[0] & 0x80)) { |
140 | fatal("buffer_get_bignum2: negative numbers not supported"); | 189 | error("buffer_get_bignum2_ret: negative numbers not supported"); |
141 | if (len > 8 * 1024) | 190 | return (-1); |
142 | fatal("buffer_get_bignum2: cannot handle BN of size %d", len); | 191 | } |
192 | if (len > 8 * 1024) { | ||
193 | error("buffer_get_bignum2_ret: cannot handle BN of size %d", len); | ||
194 | return (-1); | ||
195 | } | ||
143 | BN_bin2bn(bin, len, value); | 196 | BN_bin2bn(bin, len, value); |
144 | xfree(bin); | 197 | xfree(bin); |
198 | return (0); | ||
199 | } | ||
200 | |||
201 | void | ||
202 | buffer_get_bignum2(Buffer *buffer, BIGNUM *value) | ||
203 | { | ||
204 | if (buffer_get_bignum2_ret(buffer, value) == -1) | ||
205 | fatal("buffer_get_bignum2: buffer error"); | ||
145 | } | 206 | } |
146 | 207 | ||
147 | /* | 208 | /* |
148 | * Returns integers from the buffer (msb first). | 209 | * Returns integers from the buffer (msb first). |
149 | */ | 210 | */ |
150 | 211 | ||
212 | int | ||
213 | buffer_get_short_ret(u_short *ret, Buffer *buffer) | ||
214 | { | ||
215 | u_char buf[2]; | ||
216 | |||
217 | if (buffer_get_ret(buffer, (char *) buf, 2) == -1) | ||
218 | return (-1); | ||
219 | *ret = GET_16BIT(buf); | ||
220 | return (0); | ||
221 | } | ||
222 | |||
151 | u_short | 223 | u_short |
152 | buffer_get_short(Buffer *buffer) | 224 | buffer_get_short(Buffer *buffer) |
153 | { | 225 | { |
154 | u_char buf[2]; | 226 | u_short ret; |
227 | |||
228 | if (buffer_get_short_ret(&ret, buffer) == -1) | ||
229 | fatal("buffer_get_short: buffer error"); | ||
155 | 230 | ||
156 | buffer_get(buffer, (char *) buf, 2); | 231 | return (ret); |
157 | return GET_16BIT(buf); | 232 | } |
233 | |||
234 | int | ||
235 | buffer_get_int_ret(u_int *ret, Buffer *buffer) | ||
236 | { | ||
237 | u_char buf[4]; | ||
238 | |||
239 | if (buffer_get_ret(buffer, (char *) buf, 4) == -1) | ||
240 | return (-1); | ||
241 | *ret = GET_32BIT(buf); | ||
242 | return (0); | ||
158 | } | 243 | } |
159 | 244 | ||
160 | u_int | 245 | u_int |
161 | buffer_get_int(Buffer *buffer) | 246 | buffer_get_int(Buffer *buffer) |
162 | { | 247 | { |
163 | u_char buf[4]; | 248 | u_int ret; |
249 | |||
250 | if (buffer_get_int_ret(&ret, buffer) == -1) | ||
251 | fatal("buffer_get_int: buffer error"); | ||
252 | |||
253 | return (ret); | ||
254 | } | ||
164 | 255 | ||
165 | buffer_get(buffer, (char *) buf, 4); | 256 | int |
166 | return GET_32BIT(buf); | 257 | buffer_get_int64_ret(u_int64_t *ret, Buffer *buffer) |
258 | { | ||
259 | u_char buf[8]; | ||
260 | |||
261 | if (buffer_get_ret(buffer, (char *) buf, 8) == -1) | ||
262 | return (-1); | ||
263 | *ret = GET_64BIT(buf); | ||
264 | return (0); | ||
167 | } | 265 | } |
168 | 266 | ||
169 | u_int64_t | 267 | u_int64_t |
170 | buffer_get_int64(Buffer *buffer) | 268 | buffer_get_int64(Buffer *buffer) |
171 | { | 269 | { |
172 | u_char buf[8]; | 270 | u_int64_t ret; |
173 | 271 | ||
174 | buffer_get(buffer, (char *) buf, 8); | 272 | if (buffer_get_int64_ret(&ret, buffer) == -1) |
175 | return GET_64BIT(buf); | 273 | fatal("buffer_get_int: buffer error"); |
274 | |||
275 | return (ret); | ||
176 | } | 276 | } |
177 | 277 | ||
178 | /* | 278 | /* |
@@ -214,25 +314,41 @@ buffer_put_int64(Buffer *buffer, u_int64_t value) | |||
214 | * to the returned string, and is not counted in length. | 314 | * to the returned string, and is not counted in length. |
215 | */ | 315 | */ |
216 | void * | 316 | void * |
217 | buffer_get_string(Buffer *buffer, u_int *length_ptr) | 317 | buffer_get_string_ret(Buffer *buffer, u_int *length_ptr) |
218 | { | 318 | { |
219 | u_char *value; | 319 | u_char *value; |
220 | u_int len; | 320 | u_int len; |
221 | 321 | ||
222 | /* Get the length. */ | 322 | /* Get the length. */ |
223 | len = buffer_get_int(buffer); | 323 | len = buffer_get_int(buffer); |
224 | if (len > 256 * 1024) | 324 | if (len > 256 * 1024) { |
225 | fatal("buffer_get_string: bad string length %u", len); | 325 | error("buffer_get_string_ret: bad string length %u", len); |
326 | return (NULL); | ||
327 | } | ||
226 | /* Allocate space for the string. Add one byte for a null character. */ | 328 | /* Allocate space for the string. Add one byte for a null character. */ |
227 | value = xmalloc(len + 1); | 329 | value = xmalloc(len + 1); |
228 | /* Get the string. */ | 330 | /* Get the string. */ |
229 | buffer_get(buffer, value, len); | 331 | if (buffer_get_ret(buffer, value, len) == -1) { |
332 | error("buffer_get_string_ret: buffer_get failed"); | ||
333 | xfree(value); | ||
334 | return (NULL); | ||
335 | } | ||
230 | /* Append a null character to make processing easier. */ | 336 | /* Append a null character to make processing easier. */ |
231 | value[len] = 0; | 337 | value[len] = 0; |
232 | /* Optionally return the length of the string. */ | 338 | /* Optionally return the length of the string. */ |
233 | if (length_ptr) | 339 | if (length_ptr) |
234 | *length_ptr = len; | 340 | *length_ptr = len; |
235 | return value; | 341 | return (value); |
342 | } | ||
343 | |||
344 | void * | ||
345 | buffer_get_string(Buffer *buffer, u_int *length_ptr) | ||
346 | { | ||
347 | void *ret; | ||
348 | |||
349 | if ((ret = buffer_get_string_ret(buffer, length_ptr)) == NULL) | ||
350 | fatal("buffer_get_string: buffer error"); | ||
351 | return (ret); | ||
236 | } | 352 | } |
237 | 353 | ||
238 | /* | 354 | /* |
@@ -256,11 +372,22 @@ buffer_put_cstring(Buffer *buffer, const char *s) | |||
256 | * Returns a character from the buffer (0 - 255). | 372 | * Returns a character from the buffer (0 - 255). |
257 | */ | 373 | */ |
258 | int | 374 | int |
375 | buffer_get_char_ret(char *ret, Buffer *buffer) | ||
376 | { | ||
377 | if (buffer_get_ret(buffer, ret, 1) == -1) { | ||
378 | error("buffer_get_char_ret: buffer_get_ret failed"); | ||
379 | return (-1); | ||
380 | } | ||
381 | return (0); | ||
382 | } | ||
383 | |||
384 | int | ||
259 | buffer_get_char(Buffer *buffer) | 385 | buffer_get_char(Buffer *buffer) |
260 | { | 386 | { |
261 | char ch; | 387 | char ch; |
262 | 388 | ||
263 | buffer_get(buffer, &ch, 1); | 389 | if (buffer_get_char_ret(&ch, buffer) == -1) |
390 | fatal("buffer_get_char: buffer error"); | ||
264 | return (u_char) ch; | 391 | return (u_char) ch; |
265 | } | 392 | } |
266 | 393 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: bufaux.h,v 1.19 2003/11/10 16:23:41 jakob Exp $ */ | 1 | /* $OpenBSD: bufaux.h,v 1.20 2004/10/29 23:56:17 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -42,4 +42,14 @@ void buffer_put_cstring(Buffer *, const char *); | |||
42 | #define buffer_skip_string(b) \ | 42 | #define buffer_skip_string(b) \ |
43 | do { u_int l = buffer_get_int(b); buffer_consume(b, l); } while(0) | 43 | do { u_int l = buffer_get_int(b); buffer_consume(b, l); } while(0) |
44 | 44 | ||
45 | int buffer_put_bignum_ret(Buffer *, const BIGNUM *); | ||
46 | int buffer_get_bignum_ret(Buffer *, BIGNUM *); | ||
47 | int buffer_put_bignum2_ret(Buffer *, const BIGNUM *); | ||
48 | int buffer_get_bignum2_ret(Buffer *, BIGNUM *); | ||
49 | int buffer_get_short_ret(u_short *, Buffer *); | ||
50 | int buffer_get_int_ret(u_int *, Buffer *); | ||
51 | int buffer_get_int64_ret(u_int64_t *, Buffer *); | ||
52 | void *buffer_get_string_ret(Buffer *, u_int *); | ||
53 | int buffer_get_char_ret(char *, Buffer *); | ||
54 | |||
45 | #endif /* BUFAUX_H */ | 55 | #endif /* BUFAUX_H */ |
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: buffer.c,v 1.21 2003/11/21 11:57:03 djm Exp $"); | 15 | RCSID("$OpenBSD: buffer.c,v 1.22 2004/10/29 23:56:17 djm Exp $"); |
16 | 16 | ||
17 | #include "xmalloc.h" | 17 | #include "xmalloc.h" |
18 | #include "buffer.h" | 18 | #include "buffer.h" |
@@ -126,34 +126,62 @@ buffer_len(Buffer *buffer) | |||
126 | 126 | ||
127 | /* Gets data from the beginning of the buffer. */ | 127 | /* Gets data from the beginning of the buffer. */ |
128 | 128 | ||
129 | void | 129 | int |
130 | buffer_get(Buffer *buffer, void *buf, u_int len) | 130 | buffer_get_ret(Buffer *buffer, void *buf, u_int len) |
131 | { | 131 | { |
132 | if (len > buffer->end - buffer->offset) | 132 | if (len > buffer->end - buffer->offset) { |
133 | fatal("buffer_get: trying to get more bytes %d than in buffer %d", | 133 | error("buffer_get_ret: trying to get more bytes %d than in buffer %d", |
134 | len, buffer->end - buffer->offset); | 134 | len, buffer->end - buffer->offset); |
135 | return (-1); | ||
136 | } | ||
135 | memcpy(buf, buffer->buf + buffer->offset, len); | 137 | memcpy(buf, buffer->buf + buffer->offset, len); |
136 | buffer->offset += len; | 138 | buffer->offset += len; |
139 | return (0); | ||
140 | } | ||
141 | |||
142 | void | ||
143 | buffer_get(Buffer *buffer, void *buf, u_int len) | ||
144 | { | ||
145 | if (buffer_get_ret(buffer, buf, len) == -1) | ||
146 | fatal("buffer_get: buffer error"); | ||
137 | } | 147 | } |
138 | 148 | ||
139 | /* Consumes the given number of bytes from the beginning of the buffer. */ | 149 | /* Consumes the given number of bytes from the beginning of the buffer. */ |
140 | 150 | ||
151 | int | ||
152 | buffer_consume_ret(Buffer *buffer, u_int bytes) | ||
153 | { | ||
154 | if (bytes > buffer->end - buffer->offset) { | ||
155 | error("buffer_consume_ret: trying to get more bytes than in buffer"); | ||
156 | return (-1); | ||
157 | } | ||
158 | buffer->offset += bytes; | ||
159 | return (0); | ||
160 | } | ||
161 | |||
141 | void | 162 | void |
142 | buffer_consume(Buffer *buffer, u_int bytes) | 163 | buffer_consume(Buffer *buffer, u_int bytes) |
143 | { | 164 | { |
144 | if (bytes > buffer->end - buffer->offset) | 165 | if (buffer_consume_ret(buffer, bytes) == -1) |
145 | fatal("buffer_consume: trying to get more bytes than in buffer"); | 166 | fatal("buffer_consume: buffer error"); |
146 | buffer->offset += bytes; | ||
147 | } | 167 | } |
148 | 168 | ||
149 | /* Consumes the given number of bytes from the end of the buffer. */ | 169 | /* Consumes the given number of bytes from the end of the buffer. */ |
150 | 170 | ||
171 | int | ||
172 | buffer_consume_end_ret(Buffer *buffer, u_int bytes) | ||
173 | { | ||
174 | if (bytes > buffer->end - buffer->offset) | ||
175 | return (-1); | ||
176 | buffer->end -= bytes; | ||
177 | return (0); | ||
178 | } | ||
179 | |||
151 | void | 180 | void |
152 | buffer_consume_end(Buffer *buffer, u_int bytes) | 181 | buffer_consume_end(Buffer *buffer, u_int bytes) |
153 | { | 182 | { |
154 | if (bytes > buffer->end - buffer->offset) | 183 | if (buffer_consume_end_ret(buffer, bytes) == -1) |
155 | fatal("buffer_consume_end: trying to get more bytes than in buffer"); | 184 | fatal("buffer_consume_end: trying to get more bytes than in buffer"); |
156 | buffer->end -= bytes; | ||
157 | } | 185 | } |
158 | 186 | ||
159 | /* Returns a pointer to the first used byte in the buffer. */ | 187 | /* Returns a pointer to the first used byte in the buffer. */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: buffer.h,v 1.11 2002/03/04 17:27:39 stevesk Exp $ */ | 1 | /* $OpenBSD: buffer.h,v 1.12 2004/10/29 23:56:17 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -40,4 +40,8 @@ void buffer_consume_end(Buffer *, u_int); | |||
40 | 40 | ||
41 | void buffer_dump(Buffer *); | 41 | void buffer_dump(Buffer *); |
42 | 42 | ||
43 | int buffer_get_ret(Buffer *, void *, u_int); | ||
44 | int buffer_consume_ret(Buffer *, u_int); | ||
45 | int buffer_consume_end_ret(Buffer *, u_int); | ||
46 | |||
43 | #endif /* BUFFER_H */ | 47 | #endif /* BUFFER_H */ |
diff --git a/canohost.c b/canohost.c index 8ad684d6c..1c22d4770 100644 --- a/canohost.c +++ b/canohost.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: canohost.c,v 1.41 2004/07/21 11:51:29 djm Exp $"); | 15 | RCSID("$OpenBSD: canohost.c,v 1.42 2005/02/18 03:05:53 djm Exp $"); |
16 | 16 | ||
17 | #include "packet.h" | 17 | #include "packet.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -20,7 +20,6 @@ RCSID("$OpenBSD: canohost.c,v 1.41 2004/07/21 11:51:29 djm Exp $"); | |||
20 | #include "canohost.h" | 20 | #include "canohost.h" |
21 | 21 | ||
22 | static void check_ip_options(int, char *); | 22 | static void check_ip_options(int, char *); |
23 | static void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); | ||
24 | 23 | ||
25 | /* | 24 | /* |
26 | * Return the canonical name of the host at the other end of the socket. The | 25 | * Return the canonical name of the host at the other end of the socket. The |
@@ -166,7 +165,7 @@ check_ip_options(int sock, char *ipaddr) | |||
166 | #endif /* IP_OPTIONS */ | 165 | #endif /* IP_OPTIONS */ |
167 | } | 166 | } |
168 | 167 | ||
169 | static void | 168 | void |
170 | ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) | 169 | ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) |
171 | { | 170 | { |
172 | struct sockaddr_in6 *a6 = (struct sockaddr_in6 *)addr; | 171 | struct sockaddr_in6 *a6 = (struct sockaddr_in6 *)addr; |
@@ -232,6 +231,7 @@ get_socket_address(int sock, int remote, int flags) | |||
232 | struct sockaddr_storage addr; | 231 | struct sockaddr_storage addr; |
233 | socklen_t addrlen; | 232 | socklen_t addrlen; |
234 | char ntop[NI_MAXHOST]; | 233 | char ntop[NI_MAXHOST]; |
234 | int r; | ||
235 | 235 | ||
236 | /* Get IP address of client. */ | 236 | /* Get IP address of client. */ |
237 | addrlen = sizeof(addr); | 237 | addrlen = sizeof(addr); |
@@ -252,9 +252,10 @@ get_socket_address(int sock, int remote, int flags) | |||
252 | addrlen = sizeof(struct sockaddr_in6); | 252 | addrlen = sizeof(struct sockaddr_in6); |
253 | 253 | ||
254 | /* Get the address in ascii. */ | 254 | /* Get the address in ascii. */ |
255 | if (getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop), | 255 | if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop, |
256 | NULL, 0, flags) != 0) { | 256 | sizeof(ntop), NULL, 0, flags)) != 0) { |
257 | error("get_socket_address: getnameinfo %d failed", flags); | 257 | error("get_socket_address: getnameinfo %d failed: %s", flags, |
258 | r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r)); | ||
258 | return NULL; | 259 | return NULL; |
259 | } | 260 | } |
260 | return xstrdup(ntop); | 261 | return xstrdup(ntop); |
@@ -330,6 +331,7 @@ get_sock_port(int sock, int local) | |||
330 | struct sockaddr_storage from; | 331 | struct sockaddr_storage from; |
331 | socklen_t fromlen; | 332 | socklen_t fromlen; |
332 | char strport[NI_MAXSERV]; | 333 | char strport[NI_MAXSERV]; |
334 | int r; | ||
333 | 335 | ||
334 | /* Get IP address of client. */ | 336 | /* Get IP address of client. */ |
335 | fromlen = sizeof(from); | 337 | fromlen = sizeof(from); |
@@ -351,9 +353,10 @@ get_sock_port(int sock, int local) | |||
351 | fromlen = sizeof(struct sockaddr_in6); | 353 | fromlen = sizeof(struct sockaddr_in6); |
352 | 354 | ||
353 | /* Return port number. */ | 355 | /* Return port number. */ |
354 | if (getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0, | 356 | if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0, |
355 | strport, sizeof(strport), NI_NUMERICSERV) != 0) | 357 | strport, sizeof(strport), NI_NUMERICSERV)) != 0) |
356 | fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed"); | 358 | fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed: %s", |
359 | r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r)); | ||
357 | return atoi(strport); | 360 | return atoi(strport); |
358 | } | 361 | } |
359 | 362 | ||
diff --git a/canohost.h b/canohost.h index 4347b488a..df1f125e5 100644 --- a/canohost.h +++ b/canohost.h | |||
@@ -23,3 +23,5 @@ char *get_local_name(int); | |||
23 | 23 | ||
24 | int get_remote_port(void); | 24 | int get_remote_port(void); |
25 | int get_local_port(void); | 25 | int get_local_port(void); |
26 | |||
27 | void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); | ||
diff --git a/channels.c b/channels.c index 1f6984aa7..1be213bce 100644 --- a/channels.c +++ b/channels.c | |||
@@ -39,7 +39,7 @@ | |||
39 | */ | 39 | */ |
40 | 40 | ||
41 | #include "includes.h" | 41 | #include "includes.h" |
42 | RCSID("$OpenBSD: channels.c,v 1.209 2004/08/11 21:43:04 avsm Exp $"); | 42 | RCSID("$OpenBSD: channels.c,v 1.212 2005/03/01 10:09:52 djm Exp $"); |
43 | 43 | ||
44 | #include "ssh.h" | 44 | #include "ssh.h" |
45 | #include "ssh1.h" | 45 | #include "ssh1.h" |
@@ -2179,14 +2179,14 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por | |||
2179 | const char *host_to_connect, u_short port_to_connect, int gateway_ports) | 2179 | const char *host_to_connect, u_short port_to_connect, int gateway_ports) |
2180 | { | 2180 | { |
2181 | Channel *c; | 2181 | Channel *c; |
2182 | int success, sock, on = 1; | 2182 | int sock, r, success = 0, on = 1, wildcard = 0, is_client; |
2183 | struct addrinfo hints, *ai, *aitop; | 2183 | struct addrinfo hints, *ai, *aitop; |
2184 | const char *host; | 2184 | const char *host, *addr; |
2185 | char ntop[NI_MAXHOST], strport[NI_MAXSERV]; | 2185 | char ntop[NI_MAXHOST], strport[NI_MAXSERV]; |
2186 | 2186 | ||
2187 | success = 0; | ||
2188 | host = (type == SSH_CHANNEL_RPORT_LISTENER) ? | 2187 | host = (type == SSH_CHANNEL_RPORT_LISTENER) ? |
2189 | listen_addr : host_to_connect; | 2188 | listen_addr : host_to_connect; |
2189 | is_client = (type == SSH_CHANNEL_PORT_LISTENER); | ||
2190 | 2190 | ||
2191 | if (host == NULL) { | 2191 | if (host == NULL) { |
2192 | error("No forward host name."); | 2192 | error("No forward host name."); |
@@ -2198,16 +2198,60 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por | |||
2198 | } | 2198 | } |
2199 | 2199 | ||
2200 | /* | 2200 | /* |
2201 | * Determine whether or not a port forward listens to loopback, | ||
2202 | * specified address or wildcard. On the client, a specified bind | ||
2203 | * address will always override gateway_ports. On the server, a | ||
2204 | * gateway_ports of 1 (``yes'') will override the client's | ||
2205 | * specification and force a wildcard bind, whereas a value of 2 | ||
2206 | * (``clientspecified'') will bind to whatever address the client | ||
2207 | * asked for. | ||
2208 | * | ||
2209 | * Special-case listen_addrs are: | ||
2210 | * | ||
2211 | * "0.0.0.0" -> wildcard v4/v6 if SSH_OLD_FORWARD_ADDR | ||
2212 | * "" (empty string), "*" -> wildcard v4/v6 | ||
2213 | * "localhost" -> loopback v4/v6 | ||
2214 | */ | ||
2215 | addr = NULL; | ||
2216 | if (listen_addr == NULL) { | ||
2217 | /* No address specified: default to gateway_ports setting */ | ||
2218 | if (gateway_ports) | ||
2219 | wildcard = 1; | ||
2220 | } else if (gateway_ports || is_client) { | ||
2221 | if (((datafellows & SSH_OLD_FORWARD_ADDR) && | ||
2222 | strcmp(listen_addr, "0.0.0.0") == 0) || | ||
2223 | *listen_addr == '\0' || strcmp(listen_addr, "*") == 0 || | ||
2224 | (!is_client && gateway_ports == 1)) | ||
2225 | wildcard = 1; | ||
2226 | else if (strcmp(listen_addr, "localhost") != 0) | ||
2227 | addr = listen_addr; | ||
2228 | } | ||
2229 | |||
2230 | debug3("channel_setup_fwd_listener: type %d wildcard %d addr %s", | ||
2231 | type, wildcard, (addr == NULL) ? "NULL" : addr); | ||
2232 | |||
2233 | /* | ||
2201 | * getaddrinfo returns a loopback address if the hostname is | 2234 | * getaddrinfo returns a loopback address if the hostname is |
2202 | * set to NULL and hints.ai_flags is not AI_PASSIVE | 2235 | * set to NULL and hints.ai_flags is not AI_PASSIVE |
2203 | */ | 2236 | */ |
2204 | memset(&hints, 0, sizeof(hints)); | 2237 | memset(&hints, 0, sizeof(hints)); |
2205 | hints.ai_family = IPv4or6; | 2238 | hints.ai_family = IPv4or6; |
2206 | hints.ai_flags = gateway_ports ? AI_PASSIVE : 0; | 2239 | hints.ai_flags = wildcard ? AI_PASSIVE : 0; |
2207 | hints.ai_socktype = SOCK_STREAM; | 2240 | hints.ai_socktype = SOCK_STREAM; |
2208 | snprintf(strport, sizeof strport, "%d", listen_port); | 2241 | snprintf(strport, sizeof strport, "%d", listen_port); |
2209 | if (getaddrinfo(NULL, strport, &hints, &aitop) != 0) | 2242 | if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) { |
2210 | packet_disconnect("getaddrinfo: fatal error"); | 2243 | if (addr == NULL) { |
2244 | /* This really shouldn't happen */ | ||
2245 | packet_disconnect("getaddrinfo: fatal error: %s", | ||
2246 | gai_strerror(r)); | ||
2247 | } else { | ||
2248 | verbose("channel_setup_fwd_listener: " | ||
2249 | "getaddrinfo(%.64s): %s", addr, gai_strerror(r)); | ||
2250 | packet_send_debug("channel_setup_fwd_listener: " | ||
2251 | "getaddrinfo(%.64s): %s", addr, gai_strerror(r)); | ||
2252 | } | ||
2253 | aitop = NULL; | ||
2254 | } | ||
2211 | 2255 | ||
2212 | for (ai = aitop; ai; ai = ai->ai_next) { | 2256 | for (ai = aitop; ai; ai = ai->ai_next) { |
2213 | if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) | 2257 | if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) |
@@ -2279,7 +2323,7 @@ channel_cancel_rport_listener(const char *host, u_short port) | |||
2279 | if (c != NULL && c->type == SSH_CHANNEL_RPORT_LISTENER && | 2323 | if (c != NULL && c->type == SSH_CHANNEL_RPORT_LISTENER && |
2280 | strncmp(c->path, host, sizeof(c->path)) == 0 && | 2324 | strncmp(c->path, host, sizeof(c->path)) == 0 && |
2281 | c->listening_port == port) { | 2325 | c->listening_port == port) { |
2282 | debug2("%s: close clannel %d", __func__, i); | 2326 | debug2("%s: close channel %d", __func__, i); |
2283 | channel_free(c); | 2327 | channel_free(c); |
2284 | found = 1; | 2328 | found = 1; |
2285 | } | 2329 | } |
@@ -2290,11 +2334,12 @@ channel_cancel_rport_listener(const char *host, u_short port) | |||
2290 | 2334 | ||
2291 | /* protocol local port fwd, used by ssh (and sshd in v1) */ | 2335 | /* protocol local port fwd, used by ssh (and sshd in v1) */ |
2292 | int | 2336 | int |
2293 | channel_setup_local_fwd_listener(u_short listen_port, | 2337 | channel_setup_local_fwd_listener(const char *listen_host, u_short listen_port, |
2294 | const char *host_to_connect, u_short port_to_connect, int gateway_ports) | 2338 | const char *host_to_connect, u_short port_to_connect, int gateway_ports) |
2295 | { | 2339 | { |
2296 | return channel_setup_fwd_listener(SSH_CHANNEL_PORT_LISTENER, | 2340 | return channel_setup_fwd_listener(SSH_CHANNEL_PORT_LISTENER, |
2297 | NULL, listen_port, host_to_connect, port_to_connect, gateway_ports); | 2341 | listen_host, listen_port, host_to_connect, port_to_connect, |
2342 | gateway_ports); | ||
2298 | } | 2343 | } |
2299 | 2344 | ||
2300 | /* protocol v2 remote port fwd, used by sshd */ | 2345 | /* protocol v2 remote port fwd, used by sshd */ |
@@ -2312,7 +2357,7 @@ channel_setup_remote_fwd_listener(const char *listen_address, | |||
2312 | */ | 2357 | */ |
2313 | 2358 | ||
2314 | void | 2359 | void |
2315 | channel_request_remote_forwarding(u_short listen_port, | 2360 | channel_request_remote_forwarding(const char *listen_host, u_short listen_port, |
2316 | const char *host_to_connect, u_short port_to_connect) | 2361 | const char *host_to_connect, u_short port_to_connect) |
2317 | { | 2362 | { |
2318 | int type, success = 0; | 2363 | int type, success = 0; |
@@ -2323,7 +2368,14 @@ channel_request_remote_forwarding(u_short listen_port, | |||
2323 | 2368 | ||
2324 | /* Send the forward request to the remote side. */ | 2369 | /* Send the forward request to the remote side. */ |
2325 | if (compat20) { | 2370 | if (compat20) { |
2326 | const char *address_to_bind = "0.0.0.0"; | 2371 | const char *address_to_bind; |
2372 | if (listen_host == NULL) | ||
2373 | address_to_bind = "localhost"; | ||
2374 | else if (*listen_host == '\0' || strcmp(listen_host, "*") == 0) | ||
2375 | address_to_bind = ""; | ||
2376 | else | ||
2377 | address_to_bind = listen_host; | ||
2378 | |||
2327 | packet_start(SSH2_MSG_GLOBAL_REQUEST); | 2379 | packet_start(SSH2_MSG_GLOBAL_REQUEST); |
2328 | packet_put_cstring("tcpip-forward"); | 2380 | packet_put_cstring("tcpip-forward"); |
2329 | packet_put_char(1); /* boolean: want reply */ | 2381 | packet_put_char(1); /* boolean: want reply */ |
@@ -2369,10 +2421,9 @@ channel_request_remote_forwarding(u_short listen_port, | |||
2369 | * local side. | 2421 | * local side. |
2370 | */ | 2422 | */ |
2371 | void | 2423 | void |
2372 | channel_request_rforward_cancel(u_short port) | 2424 | channel_request_rforward_cancel(const char *host, u_short port) |
2373 | { | 2425 | { |
2374 | int i; | 2426 | int i; |
2375 | const char *address_to_bind = "0.0.0.0"; | ||
2376 | 2427 | ||
2377 | if (!compat20) | 2428 | if (!compat20) |
2378 | return; | 2429 | return; |
@@ -2389,7 +2440,7 @@ channel_request_rforward_cancel(u_short port) | |||
2389 | packet_start(SSH2_MSG_GLOBAL_REQUEST); | 2440 | packet_start(SSH2_MSG_GLOBAL_REQUEST); |
2390 | packet_put_cstring("cancel-tcpip-forward"); | 2441 | packet_put_cstring("cancel-tcpip-forward"); |
2391 | packet_put_char(0); | 2442 | packet_put_char(0); |
2392 | packet_put_cstring(address_to_bind); | 2443 | packet_put_cstring(host == NULL ? "" : host); |
2393 | packet_put_int(port); | 2444 | packet_put_int(port); |
2394 | packet_send(); | 2445 | packet_send(); |
2395 | 2446 | ||
@@ -2430,7 +2481,8 @@ channel_input_port_forward_request(int is_root, int gateway_ports) | |||
2430 | #endif | 2481 | #endif |
2431 | 2482 | ||
2432 | /* Initiate forwarding */ | 2483 | /* Initiate forwarding */ |
2433 | channel_setup_local_fwd_listener(port, hostname, host_port, gateway_ports); | 2484 | channel_setup_local_fwd_listener(NULL, port, hostname, |
2485 | host_port, gateway_ports); | ||
2434 | 2486 | ||
2435 | /* Free the argument string. */ | 2487 | /* Free the argument string. */ |
2436 | xfree(hostname); | 2488 | xfree(hostname); |
@@ -2577,7 +2629,7 @@ channel_send_window_changes(void) | |||
2577 | struct winsize ws; | 2629 | struct winsize ws; |
2578 | 2630 | ||
2579 | for (i = 0; i < channels_alloc; i++) { | 2631 | for (i = 0; i < channels_alloc; i++) { |
2580 | if (channels[i] == NULL || | 2632 | if (channels[i] == NULL || !channels[i]->client_tty || |
2581 | channels[i]->type != SSH_CHANNEL_OPEN) | 2633 | channels[i]->type != SSH_CHANNEL_OPEN) |
2582 | continue; | 2634 | continue; |
2583 | if (ioctl(channels[i]->rfd, TIOCGWINSZ, &ws) < 0) | 2635 | if (ioctl(channels[i]->rfd, TIOCGWINSZ, &ws) < 0) |
diff --git a/channels.h b/channels.h index f8dc8249c..fc20fb2c3 100644 --- a/channels.h +++ b/channels.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: channels.h,v 1.74 2004/08/11 21:43:04 avsm Exp $ */ | 1 | /* $OpenBSD: channels.h,v 1.76 2005/03/01 10:09:52 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -79,6 +79,7 @@ struct Channel { | |||
79 | int ctl_fd; /* control fd (client sharing) */ | 79 | int ctl_fd; /* control fd (client sharing) */ |
80 | int isatty; /* rfd is a tty */ | 80 | int isatty; /* rfd is a tty */ |
81 | int wfd_isatty; /* wfd is a tty */ | 81 | int wfd_isatty; /* wfd is a tty */ |
82 | int client_tty; /* (client) TTY has been requested */ | ||
82 | int force_drain; /* force close on iEOF */ | 83 | int force_drain; /* force close on iEOF */ |
83 | int delayed; /* fdset hack */ | 84 | int delayed; /* fdset hack */ |
84 | Buffer input; /* data read from socket, to be sent over | 85 | Buffer input; /* data read from socket, to be sent over |
@@ -202,9 +203,11 @@ void channel_clear_permitted_opens(void); | |||
202 | void channel_input_port_forward_request(int, int); | 203 | void channel_input_port_forward_request(int, int); |
203 | int channel_connect_to(const char *, u_short); | 204 | int channel_connect_to(const char *, u_short); |
204 | int channel_connect_by_listen_address(u_short); | 205 | int channel_connect_by_listen_address(u_short); |
205 | void channel_request_remote_forwarding(u_short, const char *, u_short); | 206 | void channel_request_remote_forwarding(const char *, u_short, |
206 | void channel_request_rforward_cancel(u_short port); | 207 | const char *, u_short); |
207 | int channel_setup_local_fwd_listener(u_short, const char *, u_short, int); | 208 | int channel_setup_local_fwd_listener(const char *, u_short, |
209 | const char *, u_short, int); | ||
210 | void channel_request_rforward_cancel(const char *host, u_short port); | ||
208 | int channel_setup_remote_fwd_listener(const char *, u_short, int); | 211 | int channel_setup_remote_fwd_listener(const char *, u_short, int); |
209 | int channel_cancel_rport_listener(const char *, u_short); | 212 | int channel_cancel_rport_listener(const char *, u_short); |
210 | 213 | ||
diff --git a/cipher-ctr.c b/cipher-ctr.c index 395dabedd..43f1ede57 100644 --- a/cipher-ctr.c +++ b/cipher-ctr.c | |||
@@ -14,7 +14,7 @@ | |||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
15 | */ | 15 | */ |
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$OpenBSD: cipher-ctr.c,v 1.4 2004/02/06 23:41:13 dtucker Exp $"); | 17 | RCSID("$OpenBSD: cipher-ctr.c,v 1.5 2004/12/22 02:13:19 djm Exp $"); |
18 | 18 | ||
19 | #include <openssl/evp.h> | 19 | #include <openssl/evp.h> |
20 | 20 | ||
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: cipher.c,v 1.71 2004/07/28 09:40:29 markus Exp $"); | 38 | RCSID("$OpenBSD: cipher.c,v 1.73 2005/01/23 10:18:12 djm Exp $"); |
39 | 39 | ||
40 | #include "xmalloc.h" | 40 | #include "xmalloc.h" |
41 | #include "log.h" | 41 | #include "log.h" |
@@ -146,7 +146,7 @@ cipher_by_name(const char *name) | |||
146 | { | 146 | { |
147 | Cipher *c; | 147 | Cipher *c; |
148 | for (c = ciphers; c->name != NULL; c++) | 148 | for (c = ciphers; c->name != NULL; c++) |
149 | if (strcasecmp(c->name, name) == 0) | 149 | if (strcmp(c->name, name) == 0) |
150 | return c; | 150 | return c; |
151 | return NULL; | 151 | return NULL; |
152 | } | 152 | } |
@@ -199,8 +199,10 @@ cipher_number(const char *name) | |||
199 | Cipher *c; | 199 | Cipher *c; |
200 | if (name == NULL) | 200 | if (name == NULL) |
201 | return -1; | 201 | return -1; |
202 | c = cipher_by_name(name); | 202 | for (c = ciphers; c->name != NULL; c++) |
203 | return (c==NULL) ? -1 : c->number; | 203 | if (strcasecmp(c->name, name) == 0) |
204 | return c->number; | ||
205 | return -1; | ||
204 | } | 206 | } |
205 | 207 | ||
206 | char * | 208 | char * |
diff --git a/clientloop.c b/clientloop.c index 1bcf4392f..90bdcbc39 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -59,7 +59,7 @@ | |||
59 | */ | 59 | */ |
60 | 60 | ||
61 | #include "includes.h" | 61 | #include "includes.h" |
62 | RCSID("$OpenBSD: clientloop.c,v 1.130 2004/08/11 21:43:04 avsm Exp $"); | 62 | RCSID("$OpenBSD: clientloop.c,v 1.135 2005/03/01 10:09:52 djm Exp $"); |
63 | 63 | ||
64 | #include "ssh.h" | 64 | #include "ssh.h" |
65 | #include "ssh1.h" | 65 | #include "ssh1.h" |
@@ -437,8 +437,6 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, | |||
437 | static void | 437 | static void |
438 | client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) | 438 | client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) |
439 | { | 439 | { |
440 | struct winsize oldws, newws; | ||
441 | |||
442 | /* Flush stdout and stderr buffers. */ | 440 | /* Flush stdout and stderr buffers. */ |
443 | if (buffer_len(bout) > 0) | 441 | if (buffer_len(bout) > 0) |
444 | atomicio(vwrite, fileno(stdout), buffer_ptr(bout), buffer_len(bout)); | 442 | atomicio(vwrite, fileno(stdout), buffer_ptr(bout), buffer_len(bout)); |
@@ -455,19 +453,11 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) | |||
455 | buffer_free(bout); | 453 | buffer_free(bout); |
456 | buffer_free(berr); | 454 | buffer_free(berr); |
457 | 455 | ||
458 | /* Save old window size. */ | ||
459 | ioctl(fileno(stdin), TIOCGWINSZ, &oldws); | ||
460 | |||
461 | /* Send the suspend signal to the program itself. */ | 456 | /* Send the suspend signal to the program itself. */ |
462 | kill(getpid(), SIGTSTP); | 457 | kill(getpid(), SIGTSTP); |
463 | 458 | ||
464 | /* Check if the window size has changed. */ | 459 | /* Reset window sizes in case they have changed */ |
465 | if (ioctl(fileno(stdin), TIOCGWINSZ, &newws) >= 0 && | 460 | received_window_change_signal = 1; |
466 | (oldws.ws_row != newws.ws_row || | ||
467 | oldws.ws_col != newws.ws_col || | ||
468 | oldws.ws_xpixel != newws.ws_xpixel || | ||
469 | oldws.ws_ypixel != newws.ws_ypixel)) | ||
470 | received_window_change_signal = 1; | ||
471 | 461 | ||
472 | /* OK, we have been continued by the user. Reinitialize buffers. */ | 462 | /* OK, we have been continued by the user. Reinitialize buffers. */ |
473 | buffer_init(bin); | 463 | buffer_init(bin); |
@@ -576,7 +566,7 @@ client_process_control(fd_set * readset) | |||
576 | struct sockaddr_storage addr; | 566 | struct sockaddr_storage addr; |
577 | struct confirm_ctx *cctx; | 567 | struct confirm_ctx *cctx; |
578 | char *cmd; | 568 | char *cmd; |
579 | u_int len, env_len; | 569 | u_int len, env_len, command, flags; |
580 | uid_t euid; | 570 | uid_t euid; |
581 | gid_t egid; | 571 | gid_t egid; |
582 | 572 | ||
@@ -606,39 +596,74 @@ client_process_control(fd_set * readset) | |||
606 | return; | 596 | return; |
607 | } | 597 | } |
608 | 598 | ||
609 | allowed = 1; | ||
610 | if (options.control_master == 2) { | ||
611 | char *p, prompt[1024]; | ||
612 | |||
613 | allowed = 0; | ||
614 | snprintf(prompt, sizeof(prompt), | ||
615 | "Allow shared connection to %s? ", host); | ||
616 | p = read_passphrase(prompt, RP_USE_ASKPASS|RP_ALLOW_EOF); | ||
617 | if (p != NULL) { | ||
618 | /* | ||
619 | * Accept empty responses and responses consisting | ||
620 | * of the word "yes" as affirmative. | ||
621 | */ | ||
622 | if (*p == '\0' || *p == '\n' || | ||
623 | strcasecmp(p, "yes") == 0) | ||
624 | allowed = 1; | ||
625 | xfree(p); | ||
626 | } | ||
627 | } | ||
628 | |||
629 | unset_nonblock(client_fd); | 599 | unset_nonblock(client_fd); |
630 | 600 | ||
601 | /* Read command */ | ||
631 | buffer_init(&m); | 602 | buffer_init(&m); |
603 | if (ssh_msg_recv(client_fd, &m) == -1) { | ||
604 | error("%s: client msg_recv failed", __func__); | ||
605 | close(client_fd); | ||
606 | buffer_free(&m); | ||
607 | return; | ||
608 | } | ||
609 | if ((ver = buffer_get_char(&m)) != 1) { | ||
610 | error("%s: wrong client version %d", __func__, ver); | ||
611 | buffer_free(&m); | ||
612 | close(client_fd); | ||
613 | return; | ||
614 | } | ||
615 | |||
616 | allowed = 1; | ||
617 | command = buffer_get_int(&m); | ||
618 | flags = buffer_get_int(&m); | ||
619 | |||
620 | buffer_clear(&m); | ||
632 | 621 | ||
622 | switch (command) { | ||
623 | case SSHMUX_COMMAND_OPEN: | ||
624 | if (options.control_master == 2) | ||
625 | allowed = ask_permission("Allow shared connection " | ||
626 | "to %s? ", host); | ||
627 | /* continue below */ | ||
628 | break; | ||
629 | case SSHMUX_COMMAND_TERMINATE: | ||
630 | if (options.control_master == 2) | ||
631 | allowed = ask_permission("Terminate shared connection " | ||
632 | "to %s? ", host); | ||
633 | if (allowed) | ||
634 | quit_pending = 1; | ||
635 | /* FALLTHROUGH */ | ||
636 | case SSHMUX_COMMAND_ALIVE_CHECK: | ||
637 | /* Reply for SSHMUX_COMMAND_TERMINATE and ALIVE_CHECK */ | ||
638 | buffer_clear(&m); | ||
639 | buffer_put_int(&m, allowed); | ||
640 | buffer_put_int(&m, getpid()); | ||
641 | if (ssh_msg_send(client_fd, /* version */1, &m) == -1) { | ||
642 | error("%s: client msg_send failed", __func__); | ||
643 | close(client_fd); | ||
644 | buffer_free(&m); | ||
645 | return; | ||
646 | } | ||
647 | buffer_free(&m); | ||
648 | close(client_fd); | ||
649 | return; | ||
650 | default: | ||
651 | error("Unsupported command %d", command); | ||
652 | buffer_free(&m); | ||
653 | close(client_fd); | ||
654 | return; | ||
655 | } | ||
656 | |||
657 | /* Reply for SSHMUX_COMMAND_OPEN */ | ||
658 | buffer_clear(&m); | ||
633 | buffer_put_int(&m, allowed); | 659 | buffer_put_int(&m, allowed); |
634 | buffer_put_int(&m, getpid()); | 660 | buffer_put_int(&m, getpid()); |
635 | if (ssh_msg_send(client_fd, /* version */0, &m) == -1) { | 661 | if (ssh_msg_send(client_fd, /* version */1, &m) == -1) { |
636 | error("%s: client msg_send failed", __func__); | 662 | error("%s: client msg_send failed", __func__); |
637 | close(client_fd); | 663 | close(client_fd); |
638 | buffer_free(&m); | 664 | buffer_free(&m); |
639 | return; | 665 | return; |
640 | } | 666 | } |
641 | buffer_clear(&m); | ||
642 | 667 | ||
643 | if (!allowed) { | 668 | if (!allowed) { |
644 | error("Refused control connection"); | 669 | error("Refused control connection"); |
@@ -647,14 +672,14 @@ client_process_control(fd_set * readset) | |||
647 | return; | 672 | return; |
648 | } | 673 | } |
649 | 674 | ||
675 | buffer_clear(&m); | ||
650 | if (ssh_msg_recv(client_fd, &m) == -1) { | 676 | if (ssh_msg_recv(client_fd, &m) == -1) { |
651 | error("%s: client msg_recv failed", __func__); | 677 | error("%s: client msg_recv failed", __func__); |
652 | close(client_fd); | 678 | close(client_fd); |
653 | buffer_free(&m); | 679 | buffer_free(&m); |
654 | return; | 680 | return; |
655 | } | 681 | } |
656 | 682 | if ((ver = buffer_get_char(&m)) != 1) { | |
657 | if ((ver = buffer_get_char(&m)) != 0) { | ||
658 | error("%s: wrong client version %d", __func__, ver); | 683 | error("%s: wrong client version %d", __func__, ver); |
659 | buffer_free(&m); | 684 | buffer_free(&m); |
660 | close(client_fd); | 685 | close(client_fd); |
@@ -663,9 +688,8 @@ client_process_control(fd_set * readset) | |||
663 | 688 | ||
664 | cctx = xmalloc(sizeof(*cctx)); | 689 | cctx = xmalloc(sizeof(*cctx)); |
665 | memset(cctx, 0, sizeof(*cctx)); | 690 | memset(cctx, 0, sizeof(*cctx)); |
666 | 691 | cctx->want_tty = (flags & SSHMUX_FLAG_TTY) != 0; | |
667 | cctx->want_tty = buffer_get_int(&m); | 692 | cctx->want_subsys = (flags & SSHMUX_FLAG_SUBSYS) != 0; |
668 | cctx->want_subsys = buffer_get_int(&m); | ||
669 | cctx->term = buffer_get_string(&m, &len); | 693 | cctx->term = buffer_get_string(&m, &len); |
670 | 694 | ||
671 | cmd = buffer_get_string(&m, &len); | 695 | cmd = buffer_get_string(&m, &len); |
@@ -697,14 +721,21 @@ client_process_control(fd_set * readset) | |||
697 | if (cctx->want_tty && tcgetattr(new_fd[0], &cctx->tio) == -1) | 721 | if (cctx->want_tty && tcgetattr(new_fd[0], &cctx->tio) == -1) |
698 | error("%s: tcgetattr: %s", __func__, strerror(errno)); | 722 | error("%s: tcgetattr: %s", __func__, strerror(errno)); |
699 | 723 | ||
724 | /* This roundtrip is just for synchronisation of ttymodes */ | ||
700 | buffer_clear(&m); | 725 | buffer_clear(&m); |
701 | if (ssh_msg_send(client_fd, /* version */0, &m) == -1) { | 726 | if (ssh_msg_send(client_fd, /* version */1, &m) == -1) { |
702 | error("%s: client msg_send failed", __func__); | 727 | error("%s: client msg_send failed", __func__); |
703 | close(client_fd); | 728 | close(client_fd); |
704 | close(new_fd[0]); | 729 | close(new_fd[0]); |
705 | close(new_fd[1]); | 730 | close(new_fd[1]); |
706 | close(new_fd[2]); | 731 | close(new_fd[2]); |
707 | buffer_free(&m); | 732 | buffer_free(&m); |
733 | xfree(cctx->term); | ||
734 | if (env_len != 0) { | ||
735 | for (i = 0; i < env_len; i++) | ||
736 | xfree(cctx->env[i]); | ||
737 | xfree(cctx->env); | ||
738 | } | ||
708 | return; | 739 | return; |
709 | } | 740 | } |
710 | buffer_free(&m); | 741 | buffer_free(&m); |
@@ -737,11 +768,11 @@ static void | |||
737 | process_cmdline(void) | 768 | process_cmdline(void) |
738 | { | 769 | { |
739 | void (*handler)(int); | 770 | void (*handler)(int); |
740 | char *s, *cmd; | 771 | char *s, *cmd, *cancel_host; |
741 | u_short fwd_port, fwd_host_port; | ||
742 | char buf[1024], sfwd_port[6], sfwd_host_port[6]; | ||
743 | int delete = 0; | 772 | int delete = 0; |
744 | int local = 0; | 773 | int local = 0; |
774 | u_short cancel_port; | ||
775 | Forward fwd; | ||
745 | 776 | ||
746 | leave_raw_mode(); | 777 | leave_raw_mode(); |
747 | handler = signal(SIGINT, SIG_IGN); | 778 | handler = signal(SIGINT, SIG_IGN); |
@@ -787,37 +818,38 @@ process_cmdline(void) | |||
787 | s++; | 818 | s++; |
788 | 819 | ||
789 | if (delete) { | 820 | if (delete) { |
790 | if (sscanf(s, "%5[0-9]", sfwd_host_port) != 1) { | 821 | cancel_port = 0; |
791 | logit("Bad forwarding specification."); | 822 | cancel_host = hpdelim(&s); /* may be NULL */ |
792 | goto out; | 823 | if (s != NULL) { |
824 | cancel_port = a2port(s); | ||
825 | cancel_host = cleanhostname(cancel_host); | ||
826 | } else { | ||
827 | cancel_port = a2port(cancel_host); | ||
828 | cancel_host = NULL; | ||
793 | } | 829 | } |
794 | if ((fwd_host_port = a2port(sfwd_host_port)) == 0) { | 830 | if (cancel_port == 0) { |
795 | logit("Bad forwarding port(s)."); | 831 | logit("Bad forwarding close port"); |
796 | goto out; | 832 | goto out; |
797 | } | 833 | } |
798 | channel_request_rforward_cancel(fwd_host_port); | 834 | channel_request_rforward_cancel(cancel_host, cancel_port); |
799 | } else { | 835 | } else { |
800 | if (sscanf(s, "%5[0-9]:%255[^:]:%5[0-9]", | 836 | if (!parse_forward(&fwd, s)) { |
801 | sfwd_port, buf, sfwd_host_port) != 3 && | ||
802 | sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]", | ||
803 | sfwd_port, buf, sfwd_host_port) != 3) { | ||
804 | logit("Bad forwarding specification."); | 837 | logit("Bad forwarding specification."); |
805 | goto out; | 838 | goto out; |
806 | } | 839 | } |
807 | if ((fwd_port = a2port(sfwd_port)) == 0 || | ||
808 | (fwd_host_port = a2port(sfwd_host_port)) == 0) { | ||
809 | logit("Bad forwarding port(s)."); | ||
810 | goto out; | ||
811 | } | ||
812 | if (local) { | 840 | if (local) { |
813 | if (channel_setup_local_fwd_listener(fwd_port, buf, | 841 | if (channel_setup_local_fwd_listener(fwd.listen_host, |
814 | fwd_host_port, options.gateway_ports) < 0) { | 842 | fwd.listen_port, fwd.connect_host, |
843 | fwd.connect_port, options.gateway_ports) < 0) { | ||
815 | logit("Port forwarding failed."); | 844 | logit("Port forwarding failed."); |
816 | goto out; | 845 | goto out; |
817 | } | 846 | } |
818 | } else | 847 | } else { |
819 | channel_request_remote_forwarding(fwd_port, buf, | 848 | channel_request_remote_forwarding(fwd.listen_host, |
820 | fwd_host_port); | 849 | fwd.listen_port, fwd.connect_host, |
850 | fwd.connect_port); | ||
851 | } | ||
852 | |||
821 | logit("Forwarding port."); | 853 | logit("Forwarding port."); |
822 | } | 854 | } |
823 | 855 | ||
@@ -1201,14 +1233,15 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) | |||
1201 | * Set signal handlers, (e.g. to restore non-blocking mode) | 1233 | * Set signal handlers, (e.g. to restore non-blocking mode) |
1202 | * but don't overwrite SIG_IGN, matches behaviour from rsh(1) | 1234 | * but don't overwrite SIG_IGN, matches behaviour from rsh(1) |
1203 | */ | 1235 | */ |
1236 | if (signal(SIGHUP, SIG_IGN) != SIG_IGN) | ||
1237 | signal(SIGHUP, signal_handler); | ||
1204 | if (signal(SIGINT, SIG_IGN) != SIG_IGN) | 1238 | if (signal(SIGINT, SIG_IGN) != SIG_IGN) |
1205 | signal(SIGINT, signal_handler); | 1239 | signal(SIGINT, signal_handler); |
1206 | if (signal(SIGQUIT, SIG_IGN) != SIG_IGN) | 1240 | if (signal(SIGQUIT, SIG_IGN) != SIG_IGN) |
1207 | signal(SIGQUIT, signal_handler); | 1241 | signal(SIGQUIT, signal_handler); |
1208 | if (signal(SIGTERM, SIG_IGN) != SIG_IGN) | 1242 | if (signal(SIGTERM, SIG_IGN) != SIG_IGN) |
1209 | signal(SIGTERM, signal_handler); | 1243 | signal(SIGTERM, signal_handler); |
1210 | if (have_pty) | 1244 | signal(SIGWINCH, window_change_handler); |
1211 | signal(SIGWINCH, window_change_handler); | ||
1212 | 1245 | ||
1213 | if (have_pty) | 1246 | if (have_pty) |
1214 | enter_raw_mode(); | 1247 | enter_raw_mode(); |
@@ -1316,8 +1349,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) | |||
1316 | /* Terminate the session. */ | 1349 | /* Terminate the session. */ |
1317 | 1350 | ||
1318 | /* Stop watching for window change. */ | 1351 | /* Stop watching for window change. */ |
1319 | if (have_pty) | 1352 | signal(SIGWINCH, SIG_DFL); |
1320 | signal(SIGWINCH, SIG_DFL); | ||
1321 | 1353 | ||
1322 | channel_free_all(); | 1354 | channel_free_all(); |
1323 | 1355 | ||
@@ -1684,9 +1716,13 @@ client_session2_setup(int id, int want_tty, int want_subsystem, | |||
1684 | dispatch_fn *subsys_repl) | 1716 | dispatch_fn *subsys_repl) |
1685 | { | 1717 | { |
1686 | int len; | 1718 | int len; |
1719 | Channel *c = NULL; | ||
1687 | 1720 | ||
1688 | debug2("%s: id %d", __func__, id); | 1721 | debug2("%s: id %d", __func__, id); |
1689 | 1722 | ||
1723 | if ((c = channel_lookup(id)) == NULL) | ||
1724 | fatal("client_session2_setup: channel %d: unknown channel", id); | ||
1725 | |||
1690 | if (want_tty) { | 1726 | if (want_tty) { |
1691 | struct winsize ws; | 1727 | struct winsize ws; |
1692 | struct termios tio; | 1728 | struct termios tio; |
@@ -1705,6 +1741,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem, | |||
1705 | tty_make_modes(-1, tiop != NULL ? tiop : &tio); | 1741 | tty_make_modes(-1, tiop != NULL ? tiop : &tio); |
1706 | packet_send(); | 1742 | packet_send(); |
1707 | /* XXX wait for reply */ | 1743 | /* XXX wait for reply */ |
1744 | c->client_tty = 1; | ||
1708 | } | 1745 | } |
1709 | 1746 | ||
1710 | /* Transfer any environment variables from client to server */ | 1747 | /* Transfer any environment variables from client to server */ |
diff --git a/clientloop.h b/clientloop.h index 9992d5938..b23c111cb 100644 --- a/clientloop.h +++ b/clientloop.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: clientloop.h,v 1.11 2004/07/11 17:48:47 deraadt Exp $ */ | 1 | /* $OpenBSD: clientloop.h,v 1.12 2004/11/07 00:01:46 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -40,3 +40,11 @@ int client_loop(int, int, int); | |||
40 | void client_global_request_reply_fwd(int, u_int32_t, void *); | 40 | void client_global_request_reply_fwd(int, u_int32_t, void *); |
41 | void client_session2_setup(int, int, int, const char *, struct termios *, | 41 | void client_session2_setup(int, int, int, const char *, struct termios *, |
42 | int, Buffer *, char **, dispatch_fn *); | 42 | int, Buffer *, char **, dispatch_fn *); |
43 | |||
44 | /* Multiplexing control protocol flags */ | ||
45 | #define SSHMUX_COMMAND_OPEN 1 /* Open new connection */ | ||
46 | #define SSHMUX_COMMAND_ALIVE_CHECK 2 /* Check master is alive */ | ||
47 | #define SSHMUX_COMMAND_TERMINATE 3 /* Ask master to exit */ | ||
48 | |||
49 | #define SSHMUX_FLAG_TTY (1) /* Request tty on open */ | ||
50 | #define SSHMUX_FLAG_SUBSYS (1<<1) /* Subsystem request on open */ | ||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: compat.c,v 1.70 2003/11/02 11:01:03 markus Exp $"); | 26 | RCSID("$OpenBSD: compat.c,v 1.71 2005/03/01 10:09:52 djm Exp $"); |
27 | 27 | ||
28 | #include "buffer.h" | 28 | #include "buffer.h" |
29 | #include "packet.h" | 29 | #include "packet.h" |
@@ -62,24 +62,28 @@ compat_datafellows(const char *version) | |||
62 | "OpenSSH_2.1*," | 62 | "OpenSSH_2.1*," |
63 | "OpenSSH_2.2*", SSH_OLD_SESSIONID|SSH_BUG_BANNER| | 63 | "OpenSSH_2.2*", SSH_OLD_SESSIONID|SSH_BUG_BANNER| |
64 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY| | 64 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY| |
65 | SSH_BUG_EXTEOF}, | 65 | SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, |
66 | { "OpenSSH_2.3.0*", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| | 66 | { "OpenSSH_2.3.0*", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| |
67 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY| | 67 | SSH_OLD_DHGEX|SSH_BUG_NOREKEY| |
68 | SSH_BUG_EXTEOF}, | 68 | SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, |
69 | { "OpenSSH_2.3.*", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| | 69 | { "OpenSSH_2.3.*", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| |
70 | SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, | 70 | SSH_BUG_NOREKEY|SSH_BUG_EXTEOF| |
71 | SSH_OLD_FORWARD_ADDR}, | ||
71 | { "OpenSSH_2.5.0p1*," | 72 | { "OpenSSH_2.5.0p1*," |
72 | "OpenSSH_2.5.1p1*", | 73 | "OpenSSH_2.5.1p1*", |
73 | SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| | 74 | SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| |
74 | SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, | 75 | SSH_BUG_NOREKEY|SSH_BUG_EXTEOF| |
76 | SSH_OLD_FORWARD_ADDR}, | ||
75 | { "OpenSSH_2.5.0*," | 77 | { "OpenSSH_2.5.0*," |
76 | "OpenSSH_2.5.1*," | 78 | "OpenSSH_2.5.1*," |
77 | "OpenSSH_2.5.2*", SSH_OLD_DHGEX|SSH_BUG_NOREKEY| | 79 | "OpenSSH_2.5.2*", SSH_OLD_DHGEX|SSH_BUG_NOREKEY| |
78 | SSH_BUG_EXTEOF}, | 80 | SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, |
79 | { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, | 81 | { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF| |
82 | SSH_OLD_FORWARD_ADDR}, | ||
80 | { "OpenSSH_2.*," | 83 | { "OpenSSH_2.*," |
81 | "OpenSSH_3.0*," | 84 | "OpenSSH_3.0*," |
82 | "OpenSSH_3.1*", SSH_BUG_EXTEOF}, | 85 | "OpenSSH_3.1*", SSH_BUG_EXTEOF|SSH_OLD_FORWARD_ADDR}, |
86 | { "OpenSSH_3.*", SSH_OLD_FORWARD_ADDR }, | ||
83 | { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, | 87 | { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, |
84 | { "OpenSSH*", 0 }, | 88 | { "OpenSSH*", 0 }, |
85 | { "*MindTerm*", 0 }, | 89 | { "*MindTerm*", 0 }, |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: compat.h,v 1.38 2004/07/11 17:48:47 deraadt Exp $ */ | 1 | /* $OpenBSD: compat.h,v 1.39 2005/03/01 10:09:52 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. |
@@ -55,6 +55,7 @@ | |||
55 | #define SSH_BUG_EXTEOF 0x00200000 | 55 | #define SSH_BUG_EXTEOF 0x00200000 |
56 | #define SSH_BUG_PROBE 0x00400000 | 56 | #define SSH_BUG_PROBE 0x00400000 |
57 | #define SSH_BUG_FIRSTKEX 0x00800000 | 57 | #define SSH_BUG_FIRSTKEX 0x00800000 |
58 | #define SSH_OLD_FORWARD_ADDR 0x01000000 | ||
58 | 59 | ||
59 | void enable_compat13(void); | 60 | void enable_compat13(void); |
60 | void enable_compat20(void); | 61 | void enable_compat20(void); |
diff --git a/config.h.in b/config.h.in index 803aac4de..70f997323 100644 --- a/config.h.in +++ b/config.h.in | |||
@@ -1,5 +1,5 @@ | |||
1 | /* config.h.in. Generated from configure.ac by autoheader. */ | 1 | /* config.h.in. Generated from configure.ac by autoheader. */ |
2 | /* $Id: acconfig.h,v 1.180 2004/08/16 13:12:06 dtucker Exp $ */ | 2 | /* $Id: acconfig.h,v 1.181 2005/02/25 23:07:38 dtucker Exp $ */ |
3 | 3 | ||
4 | /* | 4 | /* |
5 | * Copyright (c) 1999-2003 Damien Miller. All rights reserved. | 5 | * Copyright (c) 1999-2003 Damien Miller. All rights reserved. |
@@ -52,9 +52,6 @@ | |||
52 | #undef SPT_TYPE | 52 | #undef SPT_TYPE |
53 | #undef SPT_PADCHAR | 53 | #undef SPT_PADCHAR |
54 | 54 | ||
55 | /* setgroups() NOOP allowed */ | ||
56 | #undef SETGROUPS_NOOP | ||
57 | |||
58 | /* SCO workaround */ | 55 | /* SCO workaround */ |
59 | #undef BROKEN_SYS_TERMIO_H | 56 | #undef BROKEN_SYS_TERMIO_H |
60 | 57 | ||
@@ -461,9 +458,16 @@ | |||
461 | #undef HAVE_PROC_PID | 458 | #undef HAVE_PROC_PID |
462 | 459 | ||
463 | 460 | ||
461 | /* Define if you have a getaddrinfo that fails for the all-zeros IPv6 address | ||
462 | */ | ||
463 | #undef AIX_GETNAMEINFO_HACK | ||
464 | |||
464 | /* Define to 1 if the `getpgrp' function requires zero arguments. */ | 465 | /* Define to 1 if the `getpgrp' function requires zero arguments. */ |
465 | #undef GETPGRP_VOID | 466 | #undef GETPGRP_VOID |
466 | 467 | ||
468 | /* Conflicting defs for getspnam */ | ||
469 | #undef GETSPNAM_CONFLICTING_DEFS | ||
470 | |||
467 | /* Define to 1 if you have the `arc4random' function. */ | 471 | /* Define to 1 if you have the `arc4random' function. */ |
468 | #undef HAVE_ARC4RANDOM | 472 | #undef HAVE_ARC4RANDOM |
469 | 473 | ||
@@ -479,6 +483,9 @@ | |||
479 | /* Define to 1 if you have the `bindresvport_sa' function. */ | 483 | /* Define to 1 if you have the `bindresvport_sa' function. */ |
480 | #undef HAVE_BINDRESVPORT_SA | 484 | #undef HAVE_BINDRESVPORT_SA |
481 | 485 | ||
486 | /* Define to 1 if you have the <bsm/audit.h> header file. */ | ||
487 | #undef HAVE_BSM_AUDIT_H | ||
488 | |||
482 | /* Define to 1 if you have the <bstring.h> header file. */ | 489 | /* Define to 1 if you have the <bstring.h> header file. */ |
483 | #undef HAVE_BSTRING_H | 490 | #undef HAVE_BSTRING_H |
484 | 491 | ||
@@ -494,10 +501,30 @@ | |||
494 | /* Define to 1 if you have the <crypt.h> header file. */ | 501 | /* Define to 1 if you have the <crypt.h> header file. */ |
495 | #undef HAVE_CRYPT_H | 502 | #undef HAVE_CRYPT_H |
496 | 503 | ||
504 | /* Define to 1 if you have the declaration of `authenticate', and to 0 if you | ||
505 | don't. */ | ||
506 | #undef HAVE_DECL_AUTHENTICATE | ||
507 | |||
497 | /* Define to 1 if you have the declaration of `h_errno', and to 0 if you | 508 | /* Define to 1 if you have the declaration of `h_errno', and to 0 if you |
498 | don't. */ | 509 | don't. */ |
499 | #undef HAVE_DECL_H_ERRNO | 510 | #undef HAVE_DECL_H_ERRNO |
500 | 511 | ||
512 | /* Define to 1 if you have the declaration of `loginfailed', and to 0 if you | ||
513 | don't. */ | ||
514 | #undef HAVE_DECL_LOGINFAILED | ||
515 | |||
516 | /* Define to 1 if you have the declaration of `loginrestrictions', and to 0 if | ||
517 | you don't. */ | ||
518 | #undef HAVE_DECL_LOGINRESTRICTIONS | ||
519 | |||
520 | /* Define to 1 if you have the declaration of `loginsuccess', and to 0 if you | ||
521 | don't. */ | ||
522 | #undef HAVE_DECL_LOGINSUCCESS | ||
523 | |||
524 | /* Define to 1 if you have the declaration of `passwdexpired', and to 0 if you | ||
525 | don't. */ | ||
526 | #undef HAVE_DECL_PASSWDEXPIRED | ||
527 | |||
501 | /* Define to 1 if you have the <dirent.h> header file. */ | 528 | /* Define to 1 if you have the <dirent.h> header file. */ |
502 | #undef HAVE_DIRENT_H | 529 | #undef HAVE_DIRENT_H |
503 | 530 | ||
@@ -516,6 +543,9 @@ | |||
516 | /* Define to 1 if you have the `endutxent' function. */ | 543 | /* Define to 1 if you have the `endutxent' function. */ |
517 | #undef HAVE_ENDUTXENT | 544 | #undef HAVE_ENDUTXENT |
518 | 545 | ||
546 | /* Define to 1 if you have the `fchdir' function. */ | ||
547 | #undef HAVE_FCHDIR | ||
548 | |||
519 | /* Define to 1 if you have the `fchmod' function. */ | 549 | /* Define to 1 if you have the `fchmod' function. */ |
520 | #undef HAVE_FCHMOD | 550 | #undef HAVE_FCHMOD |
521 | 551 | ||
@@ -540,6 +570,12 @@ | |||
540 | /* Define to 1 if you have the `getaddrinfo' function. */ | 570 | /* Define to 1 if you have the `getaddrinfo' function. */ |
541 | #undef HAVE_GETADDRINFO | 571 | #undef HAVE_GETADDRINFO |
542 | 572 | ||
573 | /* Define to 1 if you have the `getaudit' function. */ | ||
574 | #undef HAVE_GETAUDIT | ||
575 | |||
576 | /* Define to 1 if you have the `getaudit_addr' function. */ | ||
577 | #undef HAVE_GETAUDIT_ADDR | ||
578 | |||
543 | /* Define to 1 if you have the `getcwd' function. */ | 579 | /* Define to 1 if you have the `getcwd' function. */ |
544 | #undef HAVE_GETCWD | 580 | #undef HAVE_GETCWD |
545 | 581 | ||
@@ -636,9 +672,15 @@ | |||
636 | /* Define to 1 if you have the <inttypes.h> header file. */ | 672 | /* Define to 1 if you have the <inttypes.h> header file. */ |
637 | #undef HAVE_INTTYPES_H | 673 | #undef HAVE_INTTYPES_H |
638 | 674 | ||
675 | /* Define to 1 if the system has the type `in_addr_t'. */ | ||
676 | #undef HAVE_IN_ADDR_T | ||
677 | |||
639 | /* Define to 1 if you have the <lastlog.h> header file. */ | 678 | /* Define to 1 if you have the <lastlog.h> header file. */ |
640 | #undef HAVE_LASTLOG_H | 679 | #undef HAVE_LASTLOG_H |
641 | 680 | ||
681 | /* Define to 1 if you have the `bsm' library (-lbsm). */ | ||
682 | #undef HAVE_LIBBSM | ||
683 | |||
642 | /* Define to 1 if you have the `crypt' library (-lcrypt). */ | 684 | /* Define to 1 if you have the `crypt' library (-lcrypt). */ |
643 | #undef HAVE_LIBCRYPT | 685 | #undef HAVE_LIBCRYPT |
644 | 686 | ||
@@ -1068,6 +1110,9 @@ | |||
1068 | /* Define to the version of this package. */ | 1110 | /* Define to the version of this package. */ |
1069 | #undef PACKAGE_VERSION | 1111 | #undef PACKAGE_VERSION |
1070 | 1112 | ||
1113 | /* must supply username to passwd */ | ||
1114 | #undef PASSWD_NEEDS_USERNAME | ||
1115 | |||
1071 | /* The size of a `char', as computed by sizeof. */ | 1116 | /* The size of a `char', as computed by sizeof. */ |
1072 | #undef SIZEOF_CHAR | 1117 | #undef SIZEOF_CHAR |
1073 | 1118 | ||
@@ -1083,9 +1128,21 @@ | |||
1083 | /* The size of a `short int', as computed by sizeof. */ | 1128 | /* The size of a `short int', as computed by sizeof. */ |
1084 | #undef SIZEOF_SHORT_INT | 1129 | #undef SIZEOF_SHORT_INT |
1085 | 1130 | ||
1131 | /* Use audit debugging module */ | ||
1132 | #undef SSH_AUDIT_EVENTS | ||
1133 | |||
1086 | /* Define to 1 if you have the ANSI C header files. */ | 1134 | /* Define to 1 if you have the ANSI C header files. */ |
1087 | #undef STDC_HEADERS | 1135 | #undef STDC_HEADERS |
1088 | 1136 | ||
1137 | /* Use BSM audit module */ | ||
1138 | #undef USE_BSM_AUDIT | ||
1139 | |||
1140 | /* Use btmp to log bad logins */ | ||
1141 | #undef USE_BTMP | ||
1142 | |||
1143 | /* Use libedit for sftp */ | ||
1144 | #undef USE_LIBEDIT | ||
1145 | |||
1089 | /* Define to 1 if your processor stores words with the most significant byte | 1146 | /* Define to 1 if your processor stores words with the most significant byte |
1090 | first (like Motorola and SPARC, unlike Intel and VAX). */ | 1147 | first (like Motorola and SPARC, unlike Intel and VAX). */ |
1091 | #undef WORDS_BIGENDIAN | 1148 | #undef WORDS_BIGENDIAN |
@@ -1096,6 +1153,9 @@ | |||
1096 | /* Define for large files, on AIX-style hosts. */ | 1153 | /* Define for large files, on AIX-style hosts. */ |
1097 | #undef _LARGE_FILES | 1154 | #undef _LARGE_FILES |
1098 | 1155 | ||
1156 | /* log for bad login attempts */ | ||
1157 | #undef _PATH_BTMP | ||
1158 | |||
1099 | /* Define to `__inline__' or `__inline' if that's what the C compiler | 1159 | /* Define to `__inline__' or `__inline' if that's what the C compiler |
1100 | calls it, or to nothing if 'inline' is not supported under any name. */ | 1160 | calls it, or to nothing if 'inline' is not supported under any name. */ |
1101 | #ifndef __cplusplus | 1161 | #ifndef __cplusplus |
@@ -1,6 +1,6 @@ | |||
1 | #! /bin/sh | 1 | #! /bin/sh |
2 | # Guess values for system-dependent variables and create Makefiles. | 2 | # Guess values for system-dependent variables and create Makefiles. |
3 | # Generated by GNU Autoconf 2.59. | 3 | # Generated by GNU Autoconf 2.59 for OpenSSH Portable. |
4 | # | 4 | # |
5 | # Copyright (C) 2003 Free Software Foundation, Inc. | 5 | # Copyright (C) 2003 Free Software Foundation, Inc. |
6 | # This configure script is free software; the Free Software Foundation | 6 | # This configure script is free software; the Free Software Foundation |
@@ -265,11 +265,11 @@ SHELL=${CONFIG_SHELL-/bin/sh} | |||
265 | : ${ac_max_here_lines=38} | 265 | : ${ac_max_here_lines=38} |
266 | 266 | ||
267 | # Identity of this package. | 267 | # Identity of this package. |
268 | PACKAGE_NAME= | 268 | PACKAGE_NAME='OpenSSH' |
269 | PACKAGE_TARNAME= | 269 | PACKAGE_TARNAME='openssh' |
270 | PACKAGE_VERSION= | 270 | PACKAGE_VERSION='Portable' |
271 | PACKAGE_STRING= | 271 | PACKAGE_STRING='OpenSSH Portable' |
272 | PACKAGE_BUGREPORT= | 272 | PACKAGE_BUGREPORT='' |
273 | 273 | ||
274 | ac_unique_file="ssh.c" | 274 | ac_unique_file="ssh.c" |
275 | # Factoring default headers for most tests. | 275 | # Factoring default headers for most tests. |
@@ -309,7 +309,7 @@ ac_includes_default="\ | |||
309 | # include <unistd.h> | 309 | # include <unistd.h> |
310 | #endif" | 310 | #endif" |
311 | 311 | ||
312 | ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT build build_cpu build_vendor build_os host host_cpu host_vendor host_os AWK CPP RANLIB ac_ct_RANLIB INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA AR CAT KILL PERL SED ENT TEST_MINUS_S_SH SH TEST_SHELL PATH_GROUPADD_PROG PATH_USERADD_PROG MAKE_PACKAGE_SUPPORTED LOGIN_PROGRAM_FALLBACK PATH_PASSWD_PROG LD EGREP LIBWRAP LIBPAM INSTALL_SSH_RAND_HELPER SSH_PRIVSEP_USER PROG_LS PROG_NETSTAT PROG_ARP PROG_IFCONFIG PROG_JSTAT PROG_PS PROG_SAR PROG_W PROG_WHO PROG_LAST PROG_LASTLOG PROG_DF PROG_VMSTAT PROG_UPTIME PROG_IPCS PROG_TAIL INSTALL_SSH_PRNG_CMDS OPENSC_CONFIG PRIVSEP_PATH xauth_path STRIP_OPT XAUTH_PATH NROFF MANTYPE mansubdir user_path piddir LIBOBJS LTLIBOBJS' | 312 | ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT build build_cpu build_vendor build_os host host_cpu host_vendor host_os AWK CPP RANLIB ac_ct_RANLIB INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA AR CAT KILL PERL SED ENT TEST_MINUS_S_SH SH TEST_SHELL PATH_GROUPADD_PROG PATH_USERADD_PROG MAKE_PACKAGE_SUPPORTED LOGIN_PROGRAM_FALLBACK PATH_PASSWD_PROG LD EGREP LIBWRAP LIBEDIT LIBPAM INSTALL_SSH_RAND_HELPER SSH_PRIVSEP_USER PROG_LS PROG_NETSTAT PROG_ARP PROG_IFCONFIG PROG_JSTAT PROG_PS PROG_SAR PROG_W PROG_WHO PROG_LAST PROG_LASTLOG PROG_DF PROG_VMSTAT PROG_UPTIME PROG_IPCS PROG_TAIL INSTALL_SSH_PRNG_CMDS OPENSC_CONFIG PRIVSEP_PATH xauth_path STRIP_OPT XAUTH_PATH NROFF MANTYPE mansubdir user_path piddir LIBOBJS LTLIBOBJS' |
313 | ac_subst_files='' | 313 | ac_subst_files='' |
314 | 314 | ||
315 | # Initialize some variables set by options. | 315 | # Initialize some variables set by options. |
@@ -778,7 +778,7 @@ if test "$ac_init_help" = "long"; then | |||
778 | # Omit some internal or obsolete options to make the list less imposing. | 778 | # Omit some internal or obsolete options to make the list less imposing. |
779 | # This message is too long to be a string in the A/UX 3.1 sh. | 779 | # This message is too long to be a string in the A/UX 3.1 sh. |
780 | cat <<_ACEOF | 780 | cat <<_ACEOF |
781 | \`configure' configures this package to adapt to many kinds of systems. | 781 | \`configure' configures OpenSSH Portable to adapt to many kinds of systems. |
782 | 782 | ||
783 | Usage: $0 [OPTION]... [VAR=VALUE]... | 783 | Usage: $0 [OPTION]... [VAR=VALUE]... |
784 | 784 | ||
@@ -838,7 +838,9 @@ _ACEOF | |||
838 | fi | 838 | fi |
839 | 839 | ||
840 | if test -n "$ac_init_help"; then | 840 | if test -n "$ac_init_help"; then |
841 | 841 | case $ac_init_help in | |
842 | short | recursive ) echo "Configuration of OpenSSH Portable:";; | ||
843 | esac | ||
842 | cat <<\_ACEOF | 844 | cat <<\_ACEOF |
843 | 845 | ||
844 | Optional Features: | 846 | Optional Features: |
@@ -846,7 +848,7 @@ Optional Features: | |||
846 | --enable-FEATURE[=ARG] include FEATURE [ARG=yes] | 848 | --enable-FEATURE[=ARG] include FEATURE [ARG=yes] |
847 | --disable-largefile omit support for large files | 849 | --disable-largefile omit support for large files |
848 | --disable-strip Disable calling strip(1) on install | 850 | --disable-strip Disable calling strip(1) on install |
849 | --disable-etc-default-login Disable using PATH from /etc/default/login no | 851 | --disable-etc-default-login Disable using PATH from /etc/default/login no |
850 | --disable-lastlog disable use of lastlog even if detected no | 852 | --disable-lastlog disable use of lastlog even if detected no |
851 | --disable-utmp disable use of utmp even if detected no | 853 | --disable-utmp disable use of utmp even if detected no |
852 | --disable-utmpx disable use of utmpx even if detected no | 854 | --disable-utmpx disable use of utmpx even if detected no |
@@ -867,10 +869,10 @@ Optional Packages: | |||
867 | --with-libs Specify additional libraries to link with | 869 | --with-libs Specify additional libraries to link with |
868 | --with-zlib=PATH Use zlib in PATH | 870 | --with-zlib=PATH Use zlib in PATH |
869 | --without-zlib-version-check Disable zlib version check | 871 | --without-zlib-version-check Disable zlib version check |
870 | --with-skey[=PATH] Enable S/Key support | 872 | --with-skey[=PATH] Enable S/Key support (optionally in PATH) |
871 | (optionally in PATH) | 873 | --with-tcp-wrappers[=PATH] Enable tcpwrappers support (optionally in PATH) |
872 | --with-tcp-wrappers[=PATH] Enable tcpwrappers support | 874 | --with-libedit[=PATH] Enable libedit support for sftp |
873 | (optionally in PATH) | 875 | --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm) |
874 | --with-pam Enable PAM support | 876 | --with-pam Enable PAM support |
875 | --with-ssl-dir=PATH Specify path to OpenSSL installation | 877 | --with-ssl-dir=PATH Specify path to OpenSSL installation |
876 | --with-rand-helper Use subprocess to gather strong randomness | 878 | --with-rand-helper Use subprocess to gather strong randomness |
@@ -1001,6 +1003,8 @@ fi | |||
1001 | test -n "$ac_init_help" && exit 0 | 1003 | test -n "$ac_init_help" && exit 0 |
1002 | if $ac_init_version; then | 1004 | if $ac_init_version; then |
1003 | cat <<\_ACEOF | 1005 | cat <<\_ACEOF |
1006 | OpenSSH configure Portable | ||
1007 | generated by GNU Autoconf 2.59 | ||
1004 | 1008 | ||
1005 | Copyright (C) 2003 Free Software Foundation, Inc. | 1009 | Copyright (C) 2003 Free Software Foundation, Inc. |
1006 | This configure script is free software; the Free Software Foundation | 1010 | This configure script is free software; the Free Software Foundation |
@@ -1013,7 +1017,7 @@ cat >&5 <<_ACEOF | |||
1013 | This file contains any messages produced by compilers while | 1017 | This file contains any messages produced by compilers while |
1014 | running configure, to aid debugging if configure makes a mistake. | 1018 | running configure, to aid debugging if configure makes a mistake. |
1015 | 1019 | ||
1016 | It was created by $as_me, which was | 1020 | It was created by OpenSSH $as_me Portable, which was |
1017 | generated by GNU Autoconf 2.59. Invocation command line was | 1021 | generated by GNU Autoconf 2.59. Invocation command line was |
1018 | 1022 | ||
1019 | $ $0 $@ | 1023 | $ $0 $@ |
@@ -1343,6 +1347,14 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu | |||
1343 | 1347 | ||
1344 | 1348 | ||
1345 | 1349 | ||
1350 | |||
1351 | |||
1352 | |||
1353 | |||
1354 | |||
1355 | |||
1356 | |||
1357 | |||
1346 | ac_config_headers="$ac_config_headers config.h" | 1358 | ac_config_headers="$ac_config_headers config.h" |
1347 | 1359 | ||
1348 | ac_ext=c | 1360 | ac_ext=c |
@@ -4347,6 +4359,292 @@ fi | |||
4347 | 4359 | ||
4348 | fi | 4360 | fi |
4349 | 4361 | ||
4362 | echo "$as_me:$LINENO: checking whether authenticate is declared" >&5 | ||
4363 | echo $ECHO_N "checking whether authenticate is declared... $ECHO_C" >&6 | ||
4364 | if test "${ac_cv_have_decl_authenticate+set}" = set; then | ||
4365 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
4366 | else | ||
4367 | cat >conftest.$ac_ext <<_ACEOF | ||
4368 | /* confdefs.h. */ | ||
4369 | _ACEOF | ||
4370 | cat confdefs.h >>conftest.$ac_ext | ||
4371 | cat >>conftest.$ac_ext <<_ACEOF | ||
4372 | /* end confdefs.h. */ | ||
4373 | #include <usersec.h> | ||
4374 | |||
4375 | int | ||
4376 | main () | ||
4377 | { | ||
4378 | #ifndef authenticate | ||
4379 | char *p = (char *) authenticate; | ||
4380 | #endif | ||
4381 | |||
4382 | ; | ||
4383 | return 0; | ||
4384 | } | ||
4385 | _ACEOF | ||
4386 | rm -f conftest.$ac_objext | ||
4387 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 | ||
4388 | (eval $ac_compile) 2>conftest.er1 | ||
4389 | ac_status=$? | ||
4390 | grep -v '^ *+' conftest.er1 >conftest.err | ||
4391 | rm -f conftest.er1 | ||
4392 | cat conftest.err >&5 | ||
4393 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4394 | (exit $ac_status); } && | ||
4395 | { ac_try='test -z "$ac_c_werror_flag" | ||
4396 | || test ! -s conftest.err' | ||
4397 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
4398 | (eval $ac_try) 2>&5 | ||
4399 | ac_status=$? | ||
4400 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4401 | (exit $ac_status); }; } && | ||
4402 | { ac_try='test -s conftest.$ac_objext' | ||
4403 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
4404 | (eval $ac_try) 2>&5 | ||
4405 | ac_status=$? | ||
4406 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4407 | (exit $ac_status); }; }; then | ||
4408 | ac_cv_have_decl_authenticate=yes | ||
4409 | else | ||
4410 | echo "$as_me: failed program was:" >&5 | ||
4411 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
4412 | |||
4413 | ac_cv_have_decl_authenticate=no | ||
4414 | fi | ||
4415 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext | ||
4416 | fi | ||
4417 | echo "$as_me:$LINENO: result: $ac_cv_have_decl_authenticate" >&5 | ||
4418 | echo "${ECHO_T}$ac_cv_have_decl_authenticate" >&6 | ||
4419 | if test $ac_cv_have_decl_authenticate = yes; then | ||
4420 | |||
4421 | cat >>confdefs.h <<_ACEOF | ||
4422 | #define HAVE_DECL_AUTHENTICATE 1 | ||
4423 | _ACEOF | ||
4424 | |||
4425 | |||
4426 | else | ||
4427 | cat >>confdefs.h <<_ACEOF | ||
4428 | #define HAVE_DECL_AUTHENTICATE 0 | ||
4429 | _ACEOF | ||
4430 | |||
4431 | |||
4432 | fi | ||
4433 | echo "$as_me:$LINENO: checking whether loginrestrictions is declared" >&5 | ||
4434 | echo $ECHO_N "checking whether loginrestrictions is declared... $ECHO_C" >&6 | ||
4435 | if test "${ac_cv_have_decl_loginrestrictions+set}" = set; then | ||
4436 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
4437 | else | ||
4438 | cat >conftest.$ac_ext <<_ACEOF | ||
4439 | /* confdefs.h. */ | ||
4440 | _ACEOF | ||
4441 | cat confdefs.h >>conftest.$ac_ext | ||
4442 | cat >>conftest.$ac_ext <<_ACEOF | ||
4443 | /* end confdefs.h. */ | ||
4444 | #include <usersec.h> | ||
4445 | |||
4446 | int | ||
4447 | main () | ||
4448 | { | ||
4449 | #ifndef loginrestrictions | ||
4450 | char *p = (char *) loginrestrictions; | ||
4451 | #endif | ||
4452 | |||
4453 | ; | ||
4454 | return 0; | ||
4455 | } | ||
4456 | _ACEOF | ||
4457 | rm -f conftest.$ac_objext | ||
4458 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 | ||
4459 | (eval $ac_compile) 2>conftest.er1 | ||
4460 | ac_status=$? | ||
4461 | grep -v '^ *+' conftest.er1 >conftest.err | ||
4462 | rm -f conftest.er1 | ||
4463 | cat conftest.err >&5 | ||
4464 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4465 | (exit $ac_status); } && | ||
4466 | { ac_try='test -z "$ac_c_werror_flag" | ||
4467 | || test ! -s conftest.err' | ||
4468 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
4469 | (eval $ac_try) 2>&5 | ||
4470 | ac_status=$? | ||
4471 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4472 | (exit $ac_status); }; } && | ||
4473 | { ac_try='test -s conftest.$ac_objext' | ||
4474 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
4475 | (eval $ac_try) 2>&5 | ||
4476 | ac_status=$? | ||
4477 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4478 | (exit $ac_status); }; }; then | ||
4479 | ac_cv_have_decl_loginrestrictions=yes | ||
4480 | else | ||
4481 | echo "$as_me: failed program was:" >&5 | ||
4482 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
4483 | |||
4484 | ac_cv_have_decl_loginrestrictions=no | ||
4485 | fi | ||
4486 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext | ||
4487 | fi | ||
4488 | echo "$as_me:$LINENO: result: $ac_cv_have_decl_loginrestrictions" >&5 | ||
4489 | echo "${ECHO_T}$ac_cv_have_decl_loginrestrictions" >&6 | ||
4490 | if test $ac_cv_have_decl_loginrestrictions = yes; then | ||
4491 | |||
4492 | cat >>confdefs.h <<_ACEOF | ||
4493 | #define HAVE_DECL_LOGINRESTRICTIONS 1 | ||
4494 | _ACEOF | ||
4495 | |||
4496 | |||
4497 | else | ||
4498 | cat >>confdefs.h <<_ACEOF | ||
4499 | #define HAVE_DECL_LOGINRESTRICTIONS 0 | ||
4500 | _ACEOF | ||
4501 | |||
4502 | |||
4503 | fi | ||
4504 | echo "$as_me:$LINENO: checking whether loginsuccess is declared" >&5 | ||
4505 | echo $ECHO_N "checking whether loginsuccess is declared... $ECHO_C" >&6 | ||
4506 | if test "${ac_cv_have_decl_loginsuccess+set}" = set; then | ||
4507 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
4508 | else | ||
4509 | cat >conftest.$ac_ext <<_ACEOF | ||
4510 | /* confdefs.h. */ | ||
4511 | _ACEOF | ||
4512 | cat confdefs.h >>conftest.$ac_ext | ||
4513 | cat >>conftest.$ac_ext <<_ACEOF | ||
4514 | /* end confdefs.h. */ | ||
4515 | #include <usersec.h> | ||
4516 | |||
4517 | int | ||
4518 | main () | ||
4519 | { | ||
4520 | #ifndef loginsuccess | ||
4521 | char *p = (char *) loginsuccess; | ||
4522 | #endif | ||
4523 | |||
4524 | ; | ||
4525 | return 0; | ||
4526 | } | ||
4527 | _ACEOF | ||
4528 | rm -f conftest.$ac_objext | ||
4529 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 | ||
4530 | (eval $ac_compile) 2>conftest.er1 | ||
4531 | ac_status=$? | ||
4532 | grep -v '^ *+' conftest.er1 >conftest.err | ||
4533 | rm -f conftest.er1 | ||
4534 | cat conftest.err >&5 | ||
4535 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4536 | (exit $ac_status); } && | ||
4537 | { ac_try='test -z "$ac_c_werror_flag" | ||
4538 | || test ! -s conftest.err' | ||
4539 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
4540 | (eval $ac_try) 2>&5 | ||
4541 | ac_status=$? | ||
4542 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4543 | (exit $ac_status); }; } && | ||
4544 | { ac_try='test -s conftest.$ac_objext' | ||
4545 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
4546 | (eval $ac_try) 2>&5 | ||
4547 | ac_status=$? | ||
4548 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4549 | (exit $ac_status); }; }; then | ||
4550 | ac_cv_have_decl_loginsuccess=yes | ||
4551 | else | ||
4552 | echo "$as_me: failed program was:" >&5 | ||
4553 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
4554 | |||
4555 | ac_cv_have_decl_loginsuccess=no | ||
4556 | fi | ||
4557 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext | ||
4558 | fi | ||
4559 | echo "$as_me:$LINENO: result: $ac_cv_have_decl_loginsuccess" >&5 | ||
4560 | echo "${ECHO_T}$ac_cv_have_decl_loginsuccess" >&6 | ||
4561 | if test $ac_cv_have_decl_loginsuccess = yes; then | ||
4562 | |||
4563 | cat >>confdefs.h <<_ACEOF | ||
4564 | #define HAVE_DECL_LOGINSUCCESS 1 | ||
4565 | _ACEOF | ||
4566 | |||
4567 | |||
4568 | else | ||
4569 | cat >>confdefs.h <<_ACEOF | ||
4570 | #define HAVE_DECL_LOGINSUCCESS 0 | ||
4571 | _ACEOF | ||
4572 | |||
4573 | |||
4574 | fi | ||
4575 | echo "$as_me:$LINENO: checking whether passwdexpired is declared" >&5 | ||
4576 | echo $ECHO_N "checking whether passwdexpired is declared... $ECHO_C" >&6 | ||
4577 | if test "${ac_cv_have_decl_passwdexpired+set}" = set; then | ||
4578 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
4579 | else | ||
4580 | cat >conftest.$ac_ext <<_ACEOF | ||
4581 | /* confdefs.h. */ | ||
4582 | _ACEOF | ||
4583 | cat confdefs.h >>conftest.$ac_ext | ||
4584 | cat >>conftest.$ac_ext <<_ACEOF | ||
4585 | /* end confdefs.h. */ | ||
4586 | #include <usersec.h> | ||
4587 | |||
4588 | int | ||
4589 | main () | ||
4590 | { | ||
4591 | #ifndef passwdexpired | ||
4592 | char *p = (char *) passwdexpired; | ||
4593 | #endif | ||
4594 | |||
4595 | ; | ||
4596 | return 0; | ||
4597 | } | ||
4598 | _ACEOF | ||
4599 | rm -f conftest.$ac_objext | ||
4600 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 | ||
4601 | (eval $ac_compile) 2>conftest.er1 | ||
4602 | ac_status=$? | ||
4603 | grep -v '^ *+' conftest.er1 >conftest.err | ||
4604 | rm -f conftest.er1 | ||
4605 | cat conftest.err >&5 | ||
4606 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4607 | (exit $ac_status); } && | ||
4608 | { ac_try='test -z "$ac_c_werror_flag" | ||
4609 | || test ! -s conftest.err' | ||
4610 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
4611 | (eval $ac_try) 2>&5 | ||
4612 | ac_status=$? | ||
4613 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4614 | (exit $ac_status); }; } && | ||
4615 | { ac_try='test -s conftest.$ac_objext' | ||
4616 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
4617 | (eval $ac_try) 2>&5 | ||
4618 | ac_status=$? | ||
4619 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
4620 | (exit $ac_status); }; }; then | ||
4621 | ac_cv_have_decl_passwdexpired=yes | ||
4622 | else | ||
4623 | echo "$as_me: failed program was:" >&5 | ||
4624 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
4625 | |||
4626 | ac_cv_have_decl_passwdexpired=no | ||
4627 | fi | ||
4628 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext | ||
4629 | fi | ||
4630 | echo "$as_me:$LINENO: result: $ac_cv_have_decl_passwdexpired" >&5 | ||
4631 | echo "${ECHO_T}$ac_cv_have_decl_passwdexpired" >&6 | ||
4632 | if test $ac_cv_have_decl_passwdexpired = yes; then | ||
4633 | |||
4634 | cat >>confdefs.h <<_ACEOF | ||
4635 | #define HAVE_DECL_PASSWDEXPIRED 1 | ||
4636 | _ACEOF | ||
4637 | |||
4638 | |||
4639 | else | ||
4640 | cat >>confdefs.h <<_ACEOF | ||
4641 | #define HAVE_DECL_PASSWDEXPIRED 0 | ||
4642 | _ACEOF | ||
4643 | |||
4644 | |||
4645 | fi | ||
4646 | |||
4647 | |||
4350 | echo "$as_me:$LINENO: checking whether loginfailed is declared" >&5 | 4648 | echo "$as_me:$LINENO: checking whether loginfailed is declared" >&5 |
4351 | echo $ECHO_N "checking whether loginfailed is declared... $ECHO_C" >&6 | 4649 | echo $ECHO_N "checking whether loginfailed is declared... $ECHO_C" >&6 |
4352 | if test "${ac_cv_have_decl_loginfailed+set}" = set; then | 4650 | if test "${ac_cv_have_decl_loginfailed+set}" = set; then |
@@ -4406,7 +4704,12 @@ fi | |||
4406 | echo "$as_me:$LINENO: result: $ac_cv_have_decl_loginfailed" >&5 | 4704 | echo "$as_me:$LINENO: result: $ac_cv_have_decl_loginfailed" >&5 |
4407 | echo "${ECHO_T}$ac_cv_have_decl_loginfailed" >&6 | 4705 | echo "${ECHO_T}$ac_cv_have_decl_loginfailed" >&6 |
4408 | if test $ac_cv_have_decl_loginfailed = yes; then | 4706 | if test $ac_cv_have_decl_loginfailed = yes; then |
4409 | echo "$as_me:$LINENO: checking if loginfailed takes 4 arguments" >&5 | 4707 | |
4708 | cat >>confdefs.h <<_ACEOF | ||
4709 | #define HAVE_DECL_LOGINFAILED 1 | ||
4710 | _ACEOF | ||
4711 | |||
4712 | echo "$as_me:$LINENO: checking if loginfailed takes 4 arguments" >&5 | ||
4410 | echo $ECHO_N "checking if loginfailed takes 4 arguments... $ECHO_C" >&6 | 4713 | echo $ECHO_N "checking if loginfailed takes 4 arguments... $ECHO_C" >&6 |
4411 | cat >conftest.$ac_ext <<_ACEOF | 4714 | cat >conftest.$ac_ext <<_ACEOF |
4412 | /* confdefs.h. */ | 4715 | /* confdefs.h. */ |
@@ -4460,9 +4763,16 @@ echo "${ECHO_T}no" >&6 | |||
4460 | 4763 | ||
4461 | fi | 4764 | fi |
4462 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext | 4765 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext |
4766 | else | ||
4767 | cat >>confdefs.h <<_ACEOF | ||
4768 | #define HAVE_DECL_LOGINFAILED 0 | ||
4769 | _ACEOF | ||
4770 | |||
4771 | |||
4463 | fi | 4772 | fi |
4464 | 4773 | ||
4465 | 4774 | ||
4775 | |||
4466 | for ac_func in setauthdb | 4776 | for ac_func in setauthdb |
4467 | do | 4777 | do |
4468 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` | 4778 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` |
@@ -4564,10 +4874,7 @@ _ACEOF | |||
4564 | fi | 4874 | fi |
4565 | done | 4875 | done |
4566 | 4876 | ||
4567 | cat >>confdefs.h <<\_ACEOF | 4877 | check_for_aix_broken_getaddrinfo=1 |
4568 | #define BROKEN_GETADDRINFO 1 | ||
4569 | _ACEOF | ||
4570 | |||
4571 | cat >>confdefs.h <<\_ACEOF | 4878 | cat >>confdefs.h <<\_ACEOF |
4572 | #define BROKEN_REALPATH 1 | 4879 | #define BROKEN_REALPATH 1 |
4573 | _ACEOF | 4880 | _ACEOF |
@@ -4628,10 +4935,6 @@ _ACEOF | |||
4628 | #define DISABLE_FD_PASSING 1 | 4935 | #define DISABLE_FD_PASSING 1 |
4629 | _ACEOF | 4936 | _ACEOF |
4630 | 4937 | ||
4631 | cat >>confdefs.h <<\_ACEOF | ||
4632 | #define SETGROUPS_NOOP 1 | ||
4633 | _ACEOF | ||
4634 | |||
4635 | ;; | 4938 | ;; |
4636 | *-*-dgux*) | 4939 | *-*-dgux*) |
4637 | cat >>confdefs.h <<\_ACEOF | 4940 | cat >>confdefs.h <<\_ACEOF |
@@ -4964,7 +5267,13 @@ _ACEOF | |||
4964 | #define SPT_TYPE SPT_PSTAT | 5267 | #define SPT_TYPE SPT_PSTAT |
4965 | _ACEOF | 5268 | _ACEOF |
4966 | 5269 | ||
5270 | |||
5271 | cat >>confdefs.h <<\_ACEOF | ||
5272 | #define USE_BTMP 1 | ||
5273 | _ACEOF | ||
5274 | |||
4967 | check_for_hpux_broken_getaddrinfo=1 | 5275 | check_for_hpux_broken_getaddrinfo=1 |
5276 | check_for_conflicting_getspnam=1 | ||
4968 | LIBS="$LIBS -lsec" | 5277 | LIBS="$LIBS -lsec" |
4969 | 5278 | ||
4970 | echo "$as_me:$LINENO: checking for t_error in -lxnet" >&5 | 5279 | echo "$as_me:$LINENO: checking for t_error in -lxnet" >&5 |
@@ -5236,6 +5545,16 @@ _ACEOF | |||
5236 | #define LINK_OPNOTSUPP_ERRNO EPERM | 5545 | #define LINK_OPNOTSUPP_ERRNO EPERM |
5237 | _ACEOF | 5546 | _ACEOF |
5238 | 5547 | ||
5548 | |||
5549 | cat >>confdefs.h <<\_ACEOF | ||
5550 | #define _PATH_BTMP "/var/log/btmp" | ||
5551 | _ACEOF | ||
5552 | |||
5553 | |||
5554 | cat >>confdefs.h <<\_ACEOF | ||
5555 | #define USE_BTMP 1 | ||
5556 | _ACEOF | ||
5557 | |||
5239 | inet6_default_4in6=yes | 5558 | inet6_default_4in6=yes |
5240 | case `uname -r` in | 5559 | case `uname -r` in |
5241 | 1.*|2.0.*) | 5560 | 1.*|2.0.*) |
@@ -5568,6 +5887,75 @@ _ACEOF | |||
5568 | 5887 | ||
5569 | fi | 5888 | fi |
5570 | 5889 | ||
5890 | # -lresolv needs to be at then end of LIBS or DNS lookups break | ||
5891 | echo "$as_me:$LINENO: checking for resolv in -lres_query" >&5 | ||
5892 | echo $ECHO_N "checking for resolv in -lres_query... $ECHO_C" >&6 | ||
5893 | if test "${ac_cv_lib_res_query_resolv+set}" = set; then | ||
5894 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
5895 | else | ||
5896 | ac_check_lib_save_LIBS=$LIBS | ||
5897 | LIBS="-lres_query $LIBS" | ||
5898 | cat >conftest.$ac_ext <<_ACEOF | ||
5899 | /* confdefs.h. */ | ||
5900 | _ACEOF | ||
5901 | cat confdefs.h >>conftest.$ac_ext | ||
5902 | cat >>conftest.$ac_ext <<_ACEOF | ||
5903 | /* end confdefs.h. */ | ||
5904 | |||
5905 | /* Override any gcc2 internal prototype to avoid an error. */ | ||
5906 | #ifdef __cplusplus | ||
5907 | extern "C" | ||
5908 | #endif | ||
5909 | /* We use char because int might match the return type of a gcc2 | ||
5910 | builtin and then its argument prototype would still apply. */ | ||
5911 | char resolv (); | ||
5912 | int | ||
5913 | main () | ||
5914 | { | ||
5915 | resolv (); | ||
5916 | ; | ||
5917 | return 0; | ||
5918 | } | ||
5919 | _ACEOF | ||
5920 | rm -f conftest.$ac_objext conftest$ac_exeext | ||
5921 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | ||
5922 | (eval $ac_link) 2>conftest.er1 | ||
5923 | ac_status=$? | ||
5924 | grep -v '^ *+' conftest.er1 >conftest.err | ||
5925 | rm -f conftest.er1 | ||
5926 | cat conftest.err >&5 | ||
5927 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
5928 | (exit $ac_status); } && | ||
5929 | { ac_try='test -z "$ac_c_werror_flag" | ||
5930 | || test ! -s conftest.err' | ||
5931 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
5932 | (eval $ac_try) 2>&5 | ||
5933 | ac_status=$? | ||
5934 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
5935 | (exit $ac_status); }; } && | ||
5936 | { ac_try='test -s conftest$ac_exeext' | ||
5937 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
5938 | (eval $ac_try) 2>&5 | ||
5939 | ac_status=$? | ||
5940 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
5941 | (exit $ac_status); }; }; then | ||
5942 | ac_cv_lib_res_query_resolv=yes | ||
5943 | else | ||
5944 | echo "$as_me: failed program was:" >&5 | ||
5945 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
5946 | |||
5947 | ac_cv_lib_res_query_resolv=no | ||
5948 | fi | ||
5949 | rm -f conftest.err conftest.$ac_objext \ | ||
5950 | conftest$ac_exeext conftest.$ac_ext | ||
5951 | LIBS=$ac_check_lib_save_LIBS | ||
5952 | fi | ||
5953 | echo "$as_me:$LINENO: result: $ac_cv_lib_res_query_resolv" >&5 | ||
5954 | echo "${ECHO_T}$ac_cv_lib_res_query_resolv" >&6 | ||
5955 | if test $ac_cv_lib_res_query_resolv = yes; then | ||
5956 | LIBS="$LIBS -lresolv" | ||
5957 | fi | ||
5958 | |||
5571 | IPADDR_IN_DISPLAY=yes | 5959 | IPADDR_IN_DISPLAY=yes |
5572 | cat >>confdefs.h <<\_ACEOF | 5960 | cat >>confdefs.h <<\_ACEOF |
5573 | #define USE_PIPES 1 | 5961 | #define USE_PIPES 1 |
@@ -5598,6 +5986,7 @@ _ACEOF | |||
5598 | # Attention: always take care to bind libsocket and libnsl before libc, | 5986 | # Attention: always take care to bind libsocket and libnsl before libc, |
5599 | # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog | 5987 | # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog |
5600 | ;; | 5988 | ;; |
5989 | # UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. | ||
5601 | *-*-sysv4.2*) | 5990 | *-*-sysv4.2*) |
5602 | cat >>confdefs.h <<\_ACEOF | 5991 | cat >>confdefs.h <<\_ACEOF |
5603 | #define USE_PIPES 1 | 5992 | #define USE_PIPES 1 |
@@ -5616,6 +6005,7 @@ _ACEOF | |||
5616 | _ACEOF | 6005 | _ACEOF |
5617 | 6006 | ||
5618 | ;; | 6007 | ;; |
6008 | # UnixWare 7.x, OpenUNIX 8 | ||
5619 | *-*-sysv5*) | 6009 | *-*-sysv5*) |
5620 | cat >>confdefs.h <<\_ACEOF | 6010 | cat >>confdefs.h <<\_ACEOF |
5621 | #define USE_PIPES 1 | 6011 | #define USE_PIPES 1 |
@@ -5636,154 +6026,13 @@ _ACEOF | |||
5636 | ;; | 6026 | ;; |
5637 | *-*-sysv*) | 6027 | *-*-sysv*) |
5638 | ;; | 6028 | ;; |
6029 | # SCO UNIX and OEM versions of SCO UNIX | ||
5639 | *-*-sco3.2v4*) | 6030 | *-*-sco3.2v4*) |
5640 | CPPFLAGS="$CPPFLAGS -Dftruncate=chsize" | 6031 | { { echo "$as_me:$LINENO: error: \"This Platform is no longer supported.\"" >&5 |
5641 | LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm" | 6032 | echo "$as_me: error: \"This Platform is no longer supported.\"" >&2;} |
5642 | RANLIB=true | 6033 | { (exit 1); exit 1; }; } |
5643 | no_dev_ptmx=1 | ||
5644 | cat >>confdefs.h <<\_ACEOF | ||
5645 | #define BROKEN_SYS_TERMIO_H 1 | ||
5646 | _ACEOF | ||
5647 | |||
5648 | cat >>confdefs.h <<\_ACEOF | ||
5649 | #define USE_PIPES 1 | ||
5650 | _ACEOF | ||
5651 | |||
5652 | cat >>confdefs.h <<\_ACEOF | ||
5653 | #define HAVE_SECUREWARE 1 | ||
5654 | _ACEOF | ||
5655 | |||
5656 | cat >>confdefs.h <<\_ACEOF | ||
5657 | #define DISABLE_SHADOW 1 | ||
5658 | _ACEOF | ||
5659 | |||
5660 | cat >>confdefs.h <<\_ACEOF | ||
5661 | #define BROKEN_SAVED_UIDS 1 | ||
5662 | _ACEOF | ||
5663 | |||
5664 | cat >>confdefs.h <<\_ACEOF | ||
5665 | #define SETEUID_BREAKS_SETUID 1 | ||
5666 | _ACEOF | ||
5667 | |||
5668 | cat >>confdefs.h <<\_ACEOF | ||
5669 | #define BROKEN_SETREUID 1 | ||
5670 | _ACEOF | ||
5671 | |||
5672 | cat >>confdefs.h <<\_ACEOF | ||
5673 | #define BROKEN_SETREGID 1 | ||
5674 | _ACEOF | ||
5675 | |||
5676 | cat >>confdefs.h <<\_ACEOF | ||
5677 | #define WITH_ABBREV_NO_TTY 1 | ||
5678 | _ACEOF | ||
5679 | |||
5680 | |||
5681 | |||
5682 | for ac_func in getluid setluid | ||
5683 | do | ||
5684 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` | ||
5685 | echo "$as_me:$LINENO: checking for $ac_func" >&5 | ||
5686 | echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 | ||
5687 | if eval "test \"\${$as_ac_var+set}\" = set"; then | ||
5688 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
5689 | else | ||
5690 | cat >conftest.$ac_ext <<_ACEOF | ||
5691 | /* confdefs.h. */ | ||
5692 | _ACEOF | ||
5693 | cat confdefs.h >>conftest.$ac_ext | ||
5694 | cat >>conftest.$ac_ext <<_ACEOF | ||
5695 | /* end confdefs.h. */ | ||
5696 | /* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func. | ||
5697 | For example, HP-UX 11i <limits.h> declares gettimeofday. */ | ||
5698 | #define $ac_func innocuous_$ac_func | ||
5699 | |||
5700 | /* System header to define __stub macros and hopefully few prototypes, | ||
5701 | which can conflict with char $ac_func (); below. | ||
5702 | Prefer <limits.h> to <assert.h> if __STDC__ is defined, since | ||
5703 | <limits.h> exists even on freestanding compilers. */ | ||
5704 | |||
5705 | #ifdef __STDC__ | ||
5706 | # include <limits.h> | ||
5707 | #else | ||
5708 | # include <assert.h> | ||
5709 | #endif | ||
5710 | |||
5711 | #undef $ac_func | ||
5712 | |||
5713 | /* Override any gcc2 internal prototype to avoid an error. */ | ||
5714 | #ifdef __cplusplus | ||
5715 | extern "C" | ||
5716 | { | ||
5717 | #endif | ||
5718 | /* We use char because int might match the return type of a gcc2 | ||
5719 | builtin and then its argument prototype would still apply. */ | ||
5720 | char $ac_func (); | ||
5721 | /* The GNU C library defines this for functions which it implements | ||
5722 | to always fail with ENOSYS. Some functions are actually named | ||
5723 | something starting with __ and the normal name is an alias. */ | ||
5724 | #if defined (__stub_$ac_func) || defined (__stub___$ac_func) | ||
5725 | choke me | ||
5726 | #else | ||
5727 | char (*f) () = $ac_func; | ||
5728 | #endif | ||
5729 | #ifdef __cplusplus | ||
5730 | } | ||
5731 | #endif | ||
5732 | |||
5733 | int | ||
5734 | main () | ||
5735 | { | ||
5736 | return f != $ac_func; | ||
5737 | ; | ||
5738 | return 0; | ||
5739 | } | ||
5740 | _ACEOF | ||
5741 | rm -f conftest.$ac_objext conftest$ac_exeext | ||
5742 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | ||
5743 | (eval $ac_link) 2>conftest.er1 | ||
5744 | ac_status=$? | ||
5745 | grep -v '^ *+' conftest.er1 >conftest.err | ||
5746 | rm -f conftest.er1 | ||
5747 | cat conftest.err >&5 | ||
5748 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
5749 | (exit $ac_status); } && | ||
5750 | { ac_try='test -z "$ac_c_werror_flag" | ||
5751 | || test ! -s conftest.err' | ||
5752 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
5753 | (eval $ac_try) 2>&5 | ||
5754 | ac_status=$? | ||
5755 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
5756 | (exit $ac_status); }; } && | ||
5757 | { ac_try='test -s conftest$ac_exeext' | ||
5758 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
5759 | (eval $ac_try) 2>&5 | ||
5760 | ac_status=$? | ||
5761 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
5762 | (exit $ac_status); }; }; then | ||
5763 | eval "$as_ac_var=yes" | ||
5764 | else | ||
5765 | echo "$as_me: failed program was:" >&5 | ||
5766 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
5767 | |||
5768 | eval "$as_ac_var=no" | ||
5769 | fi | ||
5770 | rm -f conftest.err conftest.$ac_objext \ | ||
5771 | conftest$ac_exeext conftest.$ac_ext | ||
5772 | fi | ||
5773 | echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 | ||
5774 | echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 | ||
5775 | if test `eval echo '${'$as_ac_var'}'` = yes; then | ||
5776 | cat >>confdefs.h <<_ACEOF | ||
5777 | #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 | ||
5778 | _ACEOF | ||
5779 | |||
5780 | fi | ||
5781 | done | ||
5782 | |||
5783 | MANTYPE=man | ||
5784 | do_sco3_extra_lib_check=yes | ||
5785 | TEST_SHELL=ksh | ||
5786 | ;; | 6034 | ;; |
6035 | # SCO OpenServer 5.x | ||
5787 | *-*-sco3.2v5*) | 6036 | *-*-sco3.2v5*) |
5788 | if test -z "$GCC"; then | 6037 | if test -z "$GCC"; then |
5789 | CFLAGS="$CFLAGS -belf" | 6038 | CFLAGS="$CFLAGS -belf" |
@@ -5827,6 +6076,11 @@ _ACEOF | |||
5827 | _ACEOF | 6076 | _ACEOF |
5828 | 6077 | ||
5829 | 6078 | ||
6079 | cat >>confdefs.h <<\_ACEOF | ||
6080 | #define PASSWD_NEEDS_USERNAME 1 | ||
6081 | _ACEOF | ||
6082 | |||
6083 | |||
5830 | 6084 | ||
5831 | for ac_func in getluid setluid | 6085 | for ac_func in getluid setluid |
5832 | do | 6086 | do |
@@ -6152,11 +6406,9 @@ fi; | |||
6152 | echo "$as_me:$LINENO: checking compiler and flags for sanity" >&5 | 6406 | echo "$as_me:$LINENO: checking compiler and flags for sanity" >&5 |
6153 | echo $ECHO_N "checking compiler and flags for sanity... $ECHO_C" >&6 | 6407 | echo $ECHO_N "checking compiler and flags for sanity... $ECHO_C" >&6 |
6154 | if test "$cross_compiling" = yes; then | 6408 | if test "$cross_compiling" = yes; then |
6155 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 6409 | { echo "$as_me:$LINENO: WARNING: cross compiling: not checking compiler sanity" >&5 |
6156 | See \`config.log' for more details." >&5 | 6410 | echo "$as_me: WARNING: cross compiling: not checking compiler sanity" >&2;} |
6157 | echo "$as_me: error: cannot run test program while cross compiling | 6411 | |
6158 | See \`config.log' for more details." >&2;} | ||
6159 | { (exit 1); exit 1; }; } | ||
6160 | else | 6412 | else |
6161 | cat >conftest.$ac_ext <<_ACEOF | 6413 | cat >conftest.$ac_ext <<_ACEOF |
6162 | /* confdefs.h. */ | 6414 | /* confdefs.h. */ |
@@ -6195,7 +6447,6 @@ echo "${ECHO_T}no" >&6 | |||
6195 | echo "$as_me: error: *** compiler cannot create working executables, check config.log ***" >&2;} | 6447 | echo "$as_me: error: *** compiler cannot create working executables, check config.log ***" >&2;} |
6196 | { (exit 1); exit 1; }; } | 6448 | { (exit 1); exit 1; }; } |
6197 | 6449 | ||
6198 | |||
6199 | fi | 6450 | fi |
6200 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 6451 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
6201 | fi | 6452 | fi |
@@ -6510,7 +6761,6 @@ done | |||
6510 | 6761 | ||
6511 | 6762 | ||
6512 | 6763 | ||
6513 | |||
6514 | for ac_header in bstring.h crypt.h dirent.h endian.h features.h \ | 6764 | for ac_header in bstring.h crypt.h dirent.h endian.h features.h \ |
6515 | floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \ | 6765 | floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \ |
6516 | login_cap.h maillock.h ndir.h netdb.h netgroup.h \ | 6766 | login_cap.h maillock.h ndir.h netdb.h netgroup.h \ |
@@ -6518,7 +6768,7 @@ for ac_header in bstring.h crypt.h dirent.h endian.h features.h \ | |||
6518 | rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ | 6768 | rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ |
6519 | strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \ | 6769 | strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \ |
6520 | sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \ | 6770 | sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \ |
6521 | sys/pstat.h sys/ptms.h sys/select.h sys/stat.h sys/stream.h \ | 6771 | sys/pstat.h sys/select.h sys/stat.h sys/stream.h \ |
6522 | sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \ | 6772 | sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \ |
6523 | time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h | 6773 | time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h |
6524 | do | 6774 | do |
@@ -6641,9 +6891,9 @@ echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >& | |||
6641 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | 6891 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} |
6642 | ( | 6892 | ( |
6643 | cat <<\_ASBOX | 6893 | cat <<\_ASBOX |
6644 | ## ------------------------------------------ ## | 6894 | ## ---------------------------------- ## |
6645 | ## Report this to the AC_PACKAGE_NAME lists. ## | 6895 | ## Report this to the OpenSSH lists. ## |
6646 | ## ------------------------------------------ ## | 6896 | ## ---------------------------------- ## |
6647 | _ASBOX | 6897 | _ASBOX |
6648 | ) | | 6898 | ) | |
6649 | sed "s/^/$as_me: WARNING: /" >&2 | 6899 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -6670,6 +6920,73 @@ fi | |||
6670 | done | 6920 | done |
6671 | 6921 | ||
6672 | 6922 | ||
6923 | # sys/ptms.h requires sys/stream.h to be included first on Solaris | ||
6924 | |||
6925 | for ac_header in sys/ptms.h | ||
6926 | do | ||
6927 | as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` | ||
6928 | echo "$as_me:$LINENO: checking for $ac_header" >&5 | ||
6929 | echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 | ||
6930 | if eval "test \"\${$as_ac_Header+set}\" = set"; then | ||
6931 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
6932 | else | ||
6933 | cat >conftest.$ac_ext <<_ACEOF | ||
6934 | /* confdefs.h. */ | ||
6935 | _ACEOF | ||
6936 | cat confdefs.h >>conftest.$ac_ext | ||
6937 | cat >>conftest.$ac_ext <<_ACEOF | ||
6938 | /* end confdefs.h. */ | ||
6939 | |||
6940 | #ifdef HAVE_SYS_STREAM_H | ||
6941 | # include <sys/stream.h> | ||
6942 | #endif | ||
6943 | |||
6944 | |||
6945 | #include <$ac_header> | ||
6946 | _ACEOF | ||
6947 | rm -f conftest.$ac_objext | ||
6948 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 | ||
6949 | (eval $ac_compile) 2>conftest.er1 | ||
6950 | ac_status=$? | ||
6951 | grep -v '^ *+' conftest.er1 >conftest.err | ||
6952 | rm -f conftest.er1 | ||
6953 | cat conftest.err >&5 | ||
6954 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
6955 | (exit $ac_status); } && | ||
6956 | { ac_try='test -z "$ac_c_werror_flag" | ||
6957 | || test ! -s conftest.err' | ||
6958 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
6959 | (eval $ac_try) 2>&5 | ||
6960 | ac_status=$? | ||
6961 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
6962 | (exit $ac_status); }; } && | ||
6963 | { ac_try='test -s conftest.$ac_objext' | ||
6964 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
6965 | (eval $ac_try) 2>&5 | ||
6966 | ac_status=$? | ||
6967 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
6968 | (exit $ac_status); }; }; then | ||
6969 | eval "$as_ac_Header=yes" | ||
6970 | else | ||
6971 | echo "$as_me: failed program was:" >&5 | ||
6972 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
6973 | |||
6974 | eval "$as_ac_Header=no" | ||
6975 | fi | ||
6976 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext | ||
6977 | fi | ||
6978 | echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 | ||
6979 | echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 | ||
6980 | if test `eval echo '${'$as_ac_Header'}'` = yes; then | ||
6981 | cat >>confdefs.h <<_ACEOF | ||
6982 | #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 | ||
6983 | _ACEOF | ||
6984 | |||
6985 | fi | ||
6986 | |||
6987 | done | ||
6988 | |||
6989 | |||
6673 | # Checks for libraries. | 6990 | # Checks for libraries. |
6674 | echo "$as_me:$LINENO: checking for yp_match" >&5 | 6991 | echo "$as_me:$LINENO: checking for yp_match" >&5 |
6675 | echo $ECHO_N "checking for yp_match... $ECHO_C" >&6 | 6992 | echo $ECHO_N "checking for yp_match... $ECHO_C" >&6 |
@@ -7010,79 +7327,6 @@ fi | |||
7010 | fi | 7327 | fi |
7011 | 7328 | ||
7012 | 7329 | ||
7013 | if test "x$with_tcp_wrappers" != "xno" ; then | ||
7014 | if test "x$do_sco3_extra_lib_check" = "xyes" ; then | ||
7015 | echo "$as_me:$LINENO: checking for innetgr in -lrpc" >&5 | ||
7016 | echo $ECHO_N "checking for innetgr in -lrpc... $ECHO_C" >&6 | ||
7017 | if test "${ac_cv_lib_rpc_innetgr+set}" = set; then | ||
7018 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
7019 | else | ||
7020 | ac_check_lib_save_LIBS=$LIBS | ||
7021 | LIBS="-lrpc -lyp -lrpc $LIBS" | ||
7022 | cat >conftest.$ac_ext <<_ACEOF | ||
7023 | /* confdefs.h. */ | ||
7024 | _ACEOF | ||
7025 | cat confdefs.h >>conftest.$ac_ext | ||
7026 | cat >>conftest.$ac_ext <<_ACEOF | ||
7027 | /* end confdefs.h. */ | ||
7028 | |||
7029 | /* Override any gcc2 internal prototype to avoid an error. */ | ||
7030 | #ifdef __cplusplus | ||
7031 | extern "C" | ||
7032 | #endif | ||
7033 | /* We use char because int might match the return type of a gcc2 | ||
7034 | builtin and then its argument prototype would still apply. */ | ||
7035 | char innetgr (); | ||
7036 | int | ||
7037 | main () | ||
7038 | { | ||
7039 | innetgr (); | ||
7040 | ; | ||
7041 | return 0; | ||
7042 | } | ||
7043 | _ACEOF | ||
7044 | rm -f conftest.$ac_objext conftest$ac_exeext | ||
7045 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | ||
7046 | (eval $ac_link) 2>conftest.er1 | ||
7047 | ac_status=$? | ||
7048 | grep -v '^ *+' conftest.er1 >conftest.err | ||
7049 | rm -f conftest.er1 | ||
7050 | cat conftest.err >&5 | ||
7051 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
7052 | (exit $ac_status); } && | ||
7053 | { ac_try='test -z "$ac_c_werror_flag" | ||
7054 | || test ! -s conftest.err' | ||
7055 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
7056 | (eval $ac_try) 2>&5 | ||
7057 | ac_status=$? | ||
7058 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
7059 | (exit $ac_status); }; } && | ||
7060 | { ac_try='test -s conftest$ac_exeext' | ||
7061 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
7062 | (eval $ac_try) 2>&5 | ||
7063 | ac_status=$? | ||
7064 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
7065 | (exit $ac_status); }; }; then | ||
7066 | ac_cv_lib_rpc_innetgr=yes | ||
7067 | else | ||
7068 | echo "$as_me: failed program was:" >&5 | ||
7069 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
7070 | |||
7071 | ac_cv_lib_rpc_innetgr=no | ||
7072 | fi | ||
7073 | rm -f conftest.err conftest.$ac_objext \ | ||
7074 | conftest$ac_exeext conftest.$ac_ext | ||
7075 | LIBS=$ac_check_lib_save_LIBS | ||
7076 | fi | ||
7077 | echo "$as_me:$LINENO: result: $ac_cv_lib_rpc_innetgr" >&5 | ||
7078 | echo "${ECHO_T}$ac_cv_lib_rpc_innetgr" >&6 | ||
7079 | if test $ac_cv_lib_rpc_innetgr = yes; then | ||
7080 | LIBS="-lrpc -lyp -lrpc $LIBS" | ||
7081 | fi | ||
7082 | |||
7083 | fi | ||
7084 | fi | ||
7085 | |||
7086 | 7330 | ||
7087 | for ac_func in dirname | 7331 | for ac_func in dirname |
7088 | do | 7332 | do |
@@ -7303,9 +7547,9 @@ echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >& | |||
7303 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | 7547 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} |
7304 | ( | 7548 | ( |
7305 | cat <<\_ASBOX | 7549 | cat <<\_ASBOX |
7306 | ## ------------------------------------------ ## | 7550 | ## ---------------------------------- ## |
7307 | ## Report this to the AC_PACKAGE_NAME lists. ## | 7551 | ## Report this to the OpenSSH lists. ## |
7308 | ## ------------------------------------------ ## | 7552 | ## ---------------------------------- ## |
7309 | _ASBOX | 7553 | _ASBOX |
7310 | ) | | 7554 | ) | |
7311 | sed "s/^/$as_me: WARNING: /" >&2 | 7555 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -7593,9 +7837,9 @@ echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >& | |||
7593 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | 7837 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} |
7594 | ( | 7838 | ( |
7595 | cat <<\_ASBOX | 7839 | cat <<\_ASBOX |
7596 | ## ------------------------------------------ ## | 7840 | ## ---------------------------------- ## |
7597 | ## Report this to the AC_PACKAGE_NAME lists. ## | 7841 | ## Report this to the OpenSSH lists. ## |
7598 | ## ------------------------------------------ ## | 7842 | ## ---------------------------------- ## |
7599 | _ASBOX | 7843 | _ASBOX |
7600 | ) | | 7844 | ) | |
7601 | sed "s/^/$as_me: WARNING: /" >&2 | 7845 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -8222,9 +8466,9 @@ echo "$as_me: WARNING: zlib.h: proceeding with the preprocessor's result" >&2;} | |||
8222 | echo "$as_me: WARNING: zlib.h: in the future, the compiler will take precedence" >&2;} | 8466 | echo "$as_me: WARNING: zlib.h: in the future, the compiler will take precedence" >&2;} |
8223 | ( | 8467 | ( |
8224 | cat <<\_ASBOX | 8468 | cat <<\_ASBOX |
8225 | ## ------------------------------------------ ## | 8469 | ## ---------------------------------- ## |
8226 | ## Report this to the AC_PACKAGE_NAME lists. ## | 8470 | ## Report this to the OpenSSH lists. ## |
8227 | ## ------------------------------------------ ## | 8471 | ## ---------------------------------- ## |
8228 | _ASBOX | 8472 | _ASBOX |
8229 | ) | | 8473 | ) | |
8230 | sed "s/^/$as_me: WARNING: /" >&2 | 8474 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -8265,11 +8509,9 @@ fi; | |||
8265 | echo "$as_me:$LINENO: checking for zlib 1.1.4 or greater" >&5 | 8509 | echo "$as_me:$LINENO: checking for zlib 1.1.4 or greater" >&5 |
8266 | echo $ECHO_N "checking for zlib 1.1.4 or greater... $ECHO_C" >&6 | 8510 | echo $ECHO_N "checking for zlib 1.1.4 or greater... $ECHO_C" >&6 |
8267 | if test "$cross_compiling" = yes; then | 8511 | if test "$cross_compiling" = yes; then |
8268 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 8512 | { echo "$as_me:$LINENO: WARNING: cross compiling: not checking zlib version" >&5 |
8269 | See \`config.log' for more details." >&5 | 8513 | echo "$as_me: WARNING: cross compiling: not checking zlib version" >&2;} |
8270 | echo "$as_me: error: cannot run test program while cross compiling | 8514 | |
8271 | See \`config.log' for more details." >&2;} | ||
8272 | { (exit 1); exit 1; }; } | ||
8273 | else | 8515 | else |
8274 | cat >conftest.$ac_ext <<_ACEOF | 8516 | cat >conftest.$ac_ext <<_ACEOF |
8275 | /* confdefs.h. */ | 8517 | /* confdefs.h. */ |
@@ -8331,7 +8573,6 @@ If you are in doubt, upgrade zlib to version 1.1.4 or greater." >&2;} | |||
8331 | echo "$as_me: WARNING: zlib version may have security problems" >&2;} | 8573 | echo "$as_me: WARNING: zlib version may have security problems" >&2;} |
8332 | fi | 8574 | fi |
8333 | 8575 | ||
8334 | |||
8335 | fi | 8576 | fi |
8336 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 8577 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
8337 | fi | 8578 | fi |
@@ -8791,9 +9032,9 @@ echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >& | |||
8791 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | 9032 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} |
8792 | ( | 9033 | ( |
8793 | cat <<\_ASBOX | 9034 | cat <<\_ASBOX |
8794 | ## ------------------------------------------ ## | 9035 | ## ---------------------------------- ## |
8795 | ## Report this to the AC_PACKAGE_NAME lists. ## | 9036 | ## Report this to the OpenSSH lists. ## |
8796 | ## ------------------------------------------ ## | 9037 | ## ---------------------------------- ## |
8797 | _ASBOX | 9038 | _ASBOX |
8798 | ) | | 9039 | ) | |
8799 | sed "s/^/$as_me: WARNING: /" >&2 | 9040 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -9303,11 +9544,15 @@ rm -f conftest* | |||
9303 | echo "$as_me:$LINENO: checking whether struct dirent allocates space for d_name" >&5 | 9544 | echo "$as_me:$LINENO: checking whether struct dirent allocates space for d_name" >&5 |
9304 | echo $ECHO_N "checking whether struct dirent allocates space for d_name... $ECHO_C" >&6 | 9545 | echo $ECHO_N "checking whether struct dirent allocates space for d_name... $ECHO_C" >&6 |
9305 | if test "$cross_compiling" = yes; then | 9546 | if test "$cross_compiling" = yes; then |
9306 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 9547 | |
9307 | See \`config.log' for more details." >&5 | 9548 | { echo "$as_me:$LINENO: WARNING: cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME" >&5 |
9308 | echo "$as_me: error: cannot run test program while cross compiling | 9549 | echo "$as_me: WARNING: cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME" >&2;} |
9309 | See \`config.log' for more details." >&2;} | 9550 | cat >>confdefs.h <<\_ACEOF |
9310 | { (exit 1); exit 1; }; } | 9551 | #define BROKEN_ONE_BYTE_DIRENT_D_NAME 1 |
9552 | _ACEOF | ||
9553 | |||
9554 | |||
9555 | |||
9311 | else | 9556 | else |
9312 | cat >conftest.$ac_ext <<_ACEOF | 9557 | cat >conftest.$ac_ext <<_ACEOF |
9313 | /* confdefs.h. */ | 9558 | /* confdefs.h. */ |
@@ -9348,7 +9593,6 @@ echo "${ECHO_T}no" >&6 | |||
9348 | _ACEOF | 9593 | _ACEOF |
9349 | 9594 | ||
9350 | 9595 | ||
9351 | |||
9352 | fi | 9596 | fi |
9353 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 9597 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
9354 | fi | 9598 | fi |
@@ -9605,6 +9849,574 @@ rm -f conftest.err conftest.$ac_objext \ | |||
9605 | 9849 | ||
9606 | fi; | 9850 | fi; |
9607 | 9851 | ||
9852 | # Check whether user wants libedit support | ||
9853 | LIBEDIT_MSG="no" | ||
9854 | |||
9855 | # Check whether --with-libedit or --without-libedit was given. | ||
9856 | if test "${with_libedit+set}" = set; then | ||
9857 | withval="$with_libedit" | ||
9858 | if test "x$withval" != "xno" ; then | ||
9859 | echo "$as_me:$LINENO: checking for el_init in -ledit" >&5 | ||
9860 | echo $ECHO_N "checking for el_init in -ledit... $ECHO_C" >&6 | ||
9861 | if test "${ac_cv_lib_edit_el_init+set}" = set; then | ||
9862 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
9863 | else | ||
9864 | ac_check_lib_save_LIBS=$LIBS | ||
9865 | LIBS="-ledit -lcurses | ||
9866 | $LIBS" | ||
9867 | cat >conftest.$ac_ext <<_ACEOF | ||
9868 | /* confdefs.h. */ | ||
9869 | _ACEOF | ||
9870 | cat confdefs.h >>conftest.$ac_ext | ||
9871 | cat >>conftest.$ac_ext <<_ACEOF | ||
9872 | /* end confdefs.h. */ | ||
9873 | |||
9874 | /* Override any gcc2 internal prototype to avoid an error. */ | ||
9875 | #ifdef __cplusplus | ||
9876 | extern "C" | ||
9877 | #endif | ||
9878 | /* We use char because int might match the return type of a gcc2 | ||
9879 | builtin and then its argument prototype would still apply. */ | ||
9880 | char el_init (); | ||
9881 | int | ||
9882 | main () | ||
9883 | { | ||
9884 | el_init (); | ||
9885 | ; | ||
9886 | return 0; | ||
9887 | } | ||
9888 | _ACEOF | ||
9889 | rm -f conftest.$ac_objext conftest$ac_exeext | ||
9890 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | ||
9891 | (eval $ac_link) 2>conftest.er1 | ||
9892 | ac_status=$? | ||
9893 | grep -v '^ *+' conftest.er1 >conftest.err | ||
9894 | rm -f conftest.er1 | ||
9895 | cat conftest.err >&5 | ||
9896 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
9897 | (exit $ac_status); } && | ||
9898 | { ac_try='test -z "$ac_c_werror_flag" | ||
9899 | || test ! -s conftest.err' | ||
9900 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
9901 | (eval $ac_try) 2>&5 | ||
9902 | ac_status=$? | ||
9903 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
9904 | (exit $ac_status); }; } && | ||
9905 | { ac_try='test -s conftest$ac_exeext' | ||
9906 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
9907 | (eval $ac_try) 2>&5 | ||
9908 | ac_status=$? | ||
9909 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
9910 | (exit $ac_status); }; }; then | ||
9911 | ac_cv_lib_edit_el_init=yes | ||
9912 | else | ||
9913 | echo "$as_me: failed program was:" >&5 | ||
9914 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
9915 | |||
9916 | ac_cv_lib_edit_el_init=no | ||
9917 | fi | ||
9918 | rm -f conftest.err conftest.$ac_objext \ | ||
9919 | conftest$ac_exeext conftest.$ac_ext | ||
9920 | LIBS=$ac_check_lib_save_LIBS | ||
9921 | fi | ||
9922 | echo "$as_me:$LINENO: result: $ac_cv_lib_edit_el_init" >&5 | ||
9923 | echo "${ECHO_T}$ac_cv_lib_edit_el_init" >&6 | ||
9924 | if test $ac_cv_lib_edit_el_init = yes; then | ||
9925 | |||
9926 | cat >>confdefs.h <<\_ACEOF | ||
9927 | #define USE_LIBEDIT | ||
9928 | _ACEOF | ||
9929 | |||
9930 | LIBEDIT="-ledit -lcurses" | ||
9931 | LIBEDIT_MSG="yes" | ||
9932 | |||
9933 | |||
9934 | fi | ||
9935 | |||
9936 | fi | ||
9937 | |||
9938 | fi; | ||
9939 | |||
9940 | AUDIT_MODULE=none | ||
9941 | |||
9942 | # Check whether --with-audit or --without-audit was given. | ||
9943 | if test "${with_audit+set}" = set; then | ||
9944 | withval="$with_audit" | ||
9945 | |||
9946 | echo "$as_me:$LINENO: checking for supported audit module" >&5 | ||
9947 | echo $ECHO_N "checking for supported audit module... $ECHO_C" >&6 | ||
9948 | case "$withval" in | ||
9949 | bsm) | ||
9950 | echo "$as_me:$LINENO: result: bsm" >&5 | ||
9951 | echo "${ECHO_T}bsm" >&6 | ||
9952 | AUDIT_MODULE=bsm | ||
9953 | |||
9954 | for ac_header in bsm/audit.h | ||
9955 | do | ||
9956 | as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` | ||
9957 | if eval "test \"\${$as_ac_Header+set}\" = set"; then | ||
9958 | echo "$as_me:$LINENO: checking for $ac_header" >&5 | ||
9959 | echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 | ||
9960 | if eval "test \"\${$as_ac_Header+set}\" = set"; then | ||
9961 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
9962 | fi | ||
9963 | echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 | ||
9964 | echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 | ||
9965 | else | ||
9966 | # Is the header compilable? | ||
9967 | echo "$as_me:$LINENO: checking $ac_header usability" >&5 | ||
9968 | echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 | ||
9969 | cat >conftest.$ac_ext <<_ACEOF | ||
9970 | /* confdefs.h. */ | ||
9971 | _ACEOF | ||
9972 | cat confdefs.h >>conftest.$ac_ext | ||
9973 | cat >>conftest.$ac_ext <<_ACEOF | ||
9974 | /* end confdefs.h. */ | ||
9975 | $ac_includes_default | ||
9976 | #include <$ac_header> | ||
9977 | _ACEOF | ||
9978 | rm -f conftest.$ac_objext | ||
9979 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 | ||
9980 | (eval $ac_compile) 2>conftest.er1 | ||
9981 | ac_status=$? | ||
9982 | grep -v '^ *+' conftest.er1 >conftest.err | ||
9983 | rm -f conftest.er1 | ||
9984 | cat conftest.err >&5 | ||
9985 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
9986 | (exit $ac_status); } && | ||
9987 | { ac_try='test -z "$ac_c_werror_flag" | ||
9988 | || test ! -s conftest.err' | ||
9989 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
9990 | (eval $ac_try) 2>&5 | ||
9991 | ac_status=$? | ||
9992 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
9993 | (exit $ac_status); }; } && | ||
9994 | { ac_try='test -s conftest.$ac_objext' | ||
9995 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
9996 | (eval $ac_try) 2>&5 | ||
9997 | ac_status=$? | ||
9998 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
9999 | (exit $ac_status); }; }; then | ||
10000 | ac_header_compiler=yes | ||
10001 | else | ||
10002 | echo "$as_me: failed program was:" >&5 | ||
10003 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
10004 | |||
10005 | ac_header_compiler=no | ||
10006 | fi | ||
10007 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext | ||
10008 | echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 | ||
10009 | echo "${ECHO_T}$ac_header_compiler" >&6 | ||
10010 | |||
10011 | # Is the header present? | ||
10012 | echo "$as_me:$LINENO: checking $ac_header presence" >&5 | ||
10013 | echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 | ||
10014 | cat >conftest.$ac_ext <<_ACEOF | ||
10015 | /* confdefs.h. */ | ||
10016 | _ACEOF | ||
10017 | cat confdefs.h >>conftest.$ac_ext | ||
10018 | cat >>conftest.$ac_ext <<_ACEOF | ||
10019 | /* end confdefs.h. */ | ||
10020 | #include <$ac_header> | ||
10021 | _ACEOF | ||
10022 | if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 | ||
10023 | (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 | ||
10024 | ac_status=$? | ||
10025 | grep -v '^ *+' conftest.er1 >conftest.err | ||
10026 | rm -f conftest.er1 | ||
10027 | cat conftest.err >&5 | ||
10028 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10029 | (exit $ac_status); } >/dev/null; then | ||
10030 | if test -s conftest.err; then | ||
10031 | ac_cpp_err=$ac_c_preproc_warn_flag | ||
10032 | ac_cpp_err=$ac_cpp_err$ac_c_werror_flag | ||
10033 | else | ||
10034 | ac_cpp_err= | ||
10035 | fi | ||
10036 | else | ||
10037 | ac_cpp_err=yes | ||
10038 | fi | ||
10039 | if test -z "$ac_cpp_err"; then | ||
10040 | ac_header_preproc=yes | ||
10041 | else | ||
10042 | echo "$as_me: failed program was:" >&5 | ||
10043 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
10044 | |||
10045 | ac_header_preproc=no | ||
10046 | fi | ||
10047 | rm -f conftest.err conftest.$ac_ext | ||
10048 | echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 | ||
10049 | echo "${ECHO_T}$ac_header_preproc" >&6 | ||
10050 | |||
10051 | # So? What about this header? | ||
10052 | case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in | ||
10053 | yes:no: ) | ||
10054 | { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 | ||
10055 | echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} | ||
10056 | { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 | ||
10057 | echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} | ||
10058 | ac_header_preproc=yes | ||
10059 | ;; | ||
10060 | no:yes:* ) | ||
10061 | { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 | ||
10062 | echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} | ||
10063 | { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 | ||
10064 | echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} | ||
10065 | { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 | ||
10066 | echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} | ||
10067 | { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 | ||
10068 | echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} | ||
10069 | { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 | ||
10070 | echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} | ||
10071 | { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 | ||
10072 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | ||
10073 | ( | ||
10074 | cat <<\_ASBOX | ||
10075 | ## ---------------------------------- ## | ||
10076 | ## Report this to the OpenSSH lists. ## | ||
10077 | ## ---------------------------------- ## | ||
10078 | _ASBOX | ||
10079 | ) | | ||
10080 | sed "s/^/$as_me: WARNING: /" >&2 | ||
10081 | ;; | ||
10082 | esac | ||
10083 | echo "$as_me:$LINENO: checking for $ac_header" >&5 | ||
10084 | echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 | ||
10085 | if eval "test \"\${$as_ac_Header+set}\" = set"; then | ||
10086 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
10087 | else | ||
10088 | eval "$as_ac_Header=\$ac_header_preproc" | ||
10089 | fi | ||
10090 | echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 | ||
10091 | echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 | ||
10092 | |||
10093 | fi | ||
10094 | if test `eval echo '${'$as_ac_Header'}'` = yes; then | ||
10095 | cat >>confdefs.h <<_ACEOF | ||
10096 | #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 | ||
10097 | _ACEOF | ||
10098 | |||
10099 | else | ||
10100 | { { echo "$as_me:$LINENO: error: BSM enabled and bsm/audit.h not found" >&5 | ||
10101 | echo "$as_me: error: BSM enabled and bsm/audit.h not found" >&2;} | ||
10102 | { (exit 1); exit 1; }; } | ||
10103 | fi | ||
10104 | |||
10105 | done | ||
10106 | |||
10107 | |||
10108 | echo "$as_me:$LINENO: checking for getaudit in -lbsm" >&5 | ||
10109 | echo $ECHO_N "checking for getaudit in -lbsm... $ECHO_C" >&6 | ||
10110 | if test "${ac_cv_lib_bsm_getaudit+set}" = set; then | ||
10111 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
10112 | else | ||
10113 | ac_check_lib_save_LIBS=$LIBS | ||
10114 | LIBS="-lbsm $LIBS" | ||
10115 | cat >conftest.$ac_ext <<_ACEOF | ||
10116 | /* confdefs.h. */ | ||
10117 | _ACEOF | ||
10118 | cat confdefs.h >>conftest.$ac_ext | ||
10119 | cat >>conftest.$ac_ext <<_ACEOF | ||
10120 | /* end confdefs.h. */ | ||
10121 | |||
10122 | /* Override any gcc2 internal prototype to avoid an error. */ | ||
10123 | #ifdef __cplusplus | ||
10124 | extern "C" | ||
10125 | #endif | ||
10126 | /* We use char because int might match the return type of a gcc2 | ||
10127 | builtin and then its argument prototype would still apply. */ | ||
10128 | char getaudit (); | ||
10129 | int | ||
10130 | main () | ||
10131 | { | ||
10132 | getaudit (); | ||
10133 | ; | ||
10134 | return 0; | ||
10135 | } | ||
10136 | _ACEOF | ||
10137 | rm -f conftest.$ac_objext conftest$ac_exeext | ||
10138 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | ||
10139 | (eval $ac_link) 2>conftest.er1 | ||
10140 | ac_status=$? | ||
10141 | grep -v '^ *+' conftest.er1 >conftest.err | ||
10142 | rm -f conftest.er1 | ||
10143 | cat conftest.err >&5 | ||
10144 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10145 | (exit $ac_status); } && | ||
10146 | { ac_try='test -z "$ac_c_werror_flag" | ||
10147 | || test ! -s conftest.err' | ||
10148 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
10149 | (eval $ac_try) 2>&5 | ||
10150 | ac_status=$? | ||
10151 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10152 | (exit $ac_status); }; } && | ||
10153 | { ac_try='test -s conftest$ac_exeext' | ||
10154 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
10155 | (eval $ac_try) 2>&5 | ||
10156 | ac_status=$? | ||
10157 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10158 | (exit $ac_status); }; }; then | ||
10159 | ac_cv_lib_bsm_getaudit=yes | ||
10160 | else | ||
10161 | echo "$as_me: failed program was:" >&5 | ||
10162 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
10163 | |||
10164 | ac_cv_lib_bsm_getaudit=no | ||
10165 | fi | ||
10166 | rm -f conftest.err conftest.$ac_objext \ | ||
10167 | conftest$ac_exeext conftest.$ac_ext | ||
10168 | LIBS=$ac_check_lib_save_LIBS | ||
10169 | fi | ||
10170 | echo "$as_me:$LINENO: result: $ac_cv_lib_bsm_getaudit" >&5 | ||
10171 | echo "${ECHO_T}$ac_cv_lib_bsm_getaudit" >&6 | ||
10172 | if test $ac_cv_lib_bsm_getaudit = yes; then | ||
10173 | cat >>confdefs.h <<_ACEOF | ||
10174 | #define HAVE_LIBBSM 1 | ||
10175 | _ACEOF | ||
10176 | |||
10177 | LIBS="-lbsm $LIBS" | ||
10178 | |||
10179 | else | ||
10180 | { { echo "$as_me:$LINENO: error: BSM enabled and required library not found" >&5 | ||
10181 | echo "$as_me: error: BSM enabled and required library not found" >&2;} | ||
10182 | { (exit 1); exit 1; }; } | ||
10183 | fi | ||
10184 | |||
10185 | |||
10186 | for ac_func in getaudit | ||
10187 | do | ||
10188 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` | ||
10189 | echo "$as_me:$LINENO: checking for $ac_func" >&5 | ||
10190 | echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 | ||
10191 | if eval "test \"\${$as_ac_var+set}\" = set"; then | ||
10192 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
10193 | else | ||
10194 | cat >conftest.$ac_ext <<_ACEOF | ||
10195 | /* confdefs.h. */ | ||
10196 | _ACEOF | ||
10197 | cat confdefs.h >>conftest.$ac_ext | ||
10198 | cat >>conftest.$ac_ext <<_ACEOF | ||
10199 | /* end confdefs.h. */ | ||
10200 | /* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func. | ||
10201 | For example, HP-UX 11i <limits.h> declares gettimeofday. */ | ||
10202 | #define $ac_func innocuous_$ac_func | ||
10203 | |||
10204 | /* System header to define __stub macros and hopefully few prototypes, | ||
10205 | which can conflict with char $ac_func (); below. | ||
10206 | Prefer <limits.h> to <assert.h> if __STDC__ is defined, since | ||
10207 | <limits.h> exists even on freestanding compilers. */ | ||
10208 | |||
10209 | #ifdef __STDC__ | ||
10210 | # include <limits.h> | ||
10211 | #else | ||
10212 | # include <assert.h> | ||
10213 | #endif | ||
10214 | |||
10215 | #undef $ac_func | ||
10216 | |||
10217 | /* Override any gcc2 internal prototype to avoid an error. */ | ||
10218 | #ifdef __cplusplus | ||
10219 | extern "C" | ||
10220 | { | ||
10221 | #endif | ||
10222 | /* We use char because int might match the return type of a gcc2 | ||
10223 | builtin and then its argument prototype would still apply. */ | ||
10224 | char $ac_func (); | ||
10225 | /* The GNU C library defines this for functions which it implements | ||
10226 | to always fail with ENOSYS. Some functions are actually named | ||
10227 | something starting with __ and the normal name is an alias. */ | ||
10228 | #if defined (__stub_$ac_func) || defined (__stub___$ac_func) | ||
10229 | choke me | ||
10230 | #else | ||
10231 | char (*f) () = $ac_func; | ||
10232 | #endif | ||
10233 | #ifdef __cplusplus | ||
10234 | } | ||
10235 | #endif | ||
10236 | |||
10237 | int | ||
10238 | main () | ||
10239 | { | ||
10240 | return f != $ac_func; | ||
10241 | ; | ||
10242 | return 0; | ||
10243 | } | ||
10244 | _ACEOF | ||
10245 | rm -f conftest.$ac_objext conftest$ac_exeext | ||
10246 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | ||
10247 | (eval $ac_link) 2>conftest.er1 | ||
10248 | ac_status=$? | ||
10249 | grep -v '^ *+' conftest.er1 >conftest.err | ||
10250 | rm -f conftest.er1 | ||
10251 | cat conftest.err >&5 | ||
10252 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10253 | (exit $ac_status); } && | ||
10254 | { ac_try='test -z "$ac_c_werror_flag" | ||
10255 | || test ! -s conftest.err' | ||
10256 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
10257 | (eval $ac_try) 2>&5 | ||
10258 | ac_status=$? | ||
10259 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10260 | (exit $ac_status); }; } && | ||
10261 | { ac_try='test -s conftest$ac_exeext' | ||
10262 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
10263 | (eval $ac_try) 2>&5 | ||
10264 | ac_status=$? | ||
10265 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10266 | (exit $ac_status); }; }; then | ||
10267 | eval "$as_ac_var=yes" | ||
10268 | else | ||
10269 | echo "$as_me: failed program was:" >&5 | ||
10270 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
10271 | |||
10272 | eval "$as_ac_var=no" | ||
10273 | fi | ||
10274 | rm -f conftest.err conftest.$ac_objext \ | ||
10275 | conftest$ac_exeext conftest.$ac_ext | ||
10276 | fi | ||
10277 | echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 | ||
10278 | echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 | ||
10279 | if test `eval echo '${'$as_ac_var'}'` = yes; then | ||
10280 | cat >>confdefs.h <<_ACEOF | ||
10281 | #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 | ||
10282 | _ACEOF | ||
10283 | |||
10284 | else | ||
10285 | { { echo "$as_me:$LINENO: error: BSM enabled and required function not found" >&5 | ||
10286 | echo "$as_me: error: BSM enabled and required function not found" >&2;} | ||
10287 | { (exit 1); exit 1; }; } | ||
10288 | fi | ||
10289 | done | ||
10290 | |||
10291 | # These are optional | ||
10292 | |||
10293 | for ac_func in getaudit_addr | ||
10294 | do | ||
10295 | as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` | ||
10296 | echo "$as_me:$LINENO: checking for $ac_func" >&5 | ||
10297 | echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 | ||
10298 | if eval "test \"\${$as_ac_var+set}\" = set"; then | ||
10299 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
10300 | else | ||
10301 | cat >conftest.$ac_ext <<_ACEOF | ||
10302 | /* confdefs.h. */ | ||
10303 | _ACEOF | ||
10304 | cat confdefs.h >>conftest.$ac_ext | ||
10305 | cat >>conftest.$ac_ext <<_ACEOF | ||
10306 | /* end confdefs.h. */ | ||
10307 | /* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func. | ||
10308 | For example, HP-UX 11i <limits.h> declares gettimeofday. */ | ||
10309 | #define $ac_func innocuous_$ac_func | ||
10310 | |||
10311 | /* System header to define __stub macros and hopefully few prototypes, | ||
10312 | which can conflict with char $ac_func (); below. | ||
10313 | Prefer <limits.h> to <assert.h> if __STDC__ is defined, since | ||
10314 | <limits.h> exists even on freestanding compilers. */ | ||
10315 | |||
10316 | #ifdef __STDC__ | ||
10317 | # include <limits.h> | ||
10318 | #else | ||
10319 | # include <assert.h> | ||
10320 | #endif | ||
10321 | |||
10322 | #undef $ac_func | ||
10323 | |||
10324 | /* Override any gcc2 internal prototype to avoid an error. */ | ||
10325 | #ifdef __cplusplus | ||
10326 | extern "C" | ||
10327 | { | ||
10328 | #endif | ||
10329 | /* We use char because int might match the return type of a gcc2 | ||
10330 | builtin and then its argument prototype would still apply. */ | ||
10331 | char $ac_func (); | ||
10332 | /* The GNU C library defines this for functions which it implements | ||
10333 | to always fail with ENOSYS. Some functions are actually named | ||
10334 | something starting with __ and the normal name is an alias. */ | ||
10335 | #if defined (__stub_$ac_func) || defined (__stub___$ac_func) | ||
10336 | choke me | ||
10337 | #else | ||
10338 | char (*f) () = $ac_func; | ||
10339 | #endif | ||
10340 | #ifdef __cplusplus | ||
10341 | } | ||
10342 | #endif | ||
10343 | |||
10344 | int | ||
10345 | main () | ||
10346 | { | ||
10347 | return f != $ac_func; | ||
10348 | ; | ||
10349 | return 0; | ||
10350 | } | ||
10351 | _ACEOF | ||
10352 | rm -f conftest.$ac_objext conftest$ac_exeext | ||
10353 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | ||
10354 | (eval $ac_link) 2>conftest.er1 | ||
10355 | ac_status=$? | ||
10356 | grep -v '^ *+' conftest.er1 >conftest.err | ||
10357 | rm -f conftest.er1 | ||
10358 | cat conftest.err >&5 | ||
10359 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10360 | (exit $ac_status); } && | ||
10361 | { ac_try='test -z "$ac_c_werror_flag" | ||
10362 | || test ! -s conftest.err' | ||
10363 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
10364 | (eval $ac_try) 2>&5 | ||
10365 | ac_status=$? | ||
10366 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10367 | (exit $ac_status); }; } && | ||
10368 | { ac_try='test -s conftest$ac_exeext' | ||
10369 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
10370 | (eval $ac_try) 2>&5 | ||
10371 | ac_status=$? | ||
10372 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
10373 | (exit $ac_status); }; }; then | ||
10374 | eval "$as_ac_var=yes" | ||
10375 | else | ||
10376 | echo "$as_me: failed program was:" >&5 | ||
10377 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
10378 | |||
10379 | eval "$as_ac_var=no" | ||
10380 | fi | ||
10381 | rm -f conftest.err conftest.$ac_objext \ | ||
10382 | conftest$ac_exeext conftest.$ac_ext | ||
10383 | fi | ||
10384 | echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 | ||
10385 | echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 | ||
10386 | if test `eval echo '${'$as_ac_var'}'` = yes; then | ||
10387 | cat >>confdefs.h <<_ACEOF | ||
10388 | #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 | ||
10389 | _ACEOF | ||
10390 | |||
10391 | fi | ||
10392 | done | ||
10393 | |||
10394 | |||
10395 | cat >>confdefs.h <<\_ACEOF | ||
10396 | #define USE_BSM_AUDIT | ||
10397 | _ACEOF | ||
10398 | |||
10399 | ;; | ||
10400 | debug) | ||
10401 | AUDIT_MODULE=debug | ||
10402 | echo "$as_me:$LINENO: result: debug" >&5 | ||
10403 | echo "${ECHO_T}debug" >&6 | ||
10404 | |||
10405 | cat >>confdefs.h <<\_ACEOF | ||
10406 | #define SSH_AUDIT_EVENTS | ||
10407 | _ACEOF | ||
10408 | |||
10409 | ;; | ||
10410 | *) | ||
10411 | { { echo "$as_me:$LINENO: error: Unknown audit module $withval" >&5 | ||
10412 | echo "$as_me: error: Unknown audit module $withval" >&2;} | ||
10413 | { (exit 1); exit 1; }; } | ||
10414 | ;; | ||
10415 | esac | ||
10416 | |||
10417 | fi; | ||
10418 | |||
10419 | |||
9608 | 10420 | ||
9609 | 10421 | ||
9610 | 10422 | ||
@@ -9684,9 +10496,9 @@ fi; | |||
9684 | 10496 | ||
9685 | for ac_func in \ | 10497 | for ac_func in \ |
9686 | arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \ | 10498 | arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \ |
9687 | bindresvport_sa clock closefrom dirfd fchmod fchown freeaddrinfo \ | 10499 | bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \ |
9688 | futimes getaddrinfo getcwd getgrouplist getnameinfo getopt \ | 10500 | freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \ |
9689 | getpeereid _getpty getrlimit getttyent glob inet_aton \ | 10501 | getopt getpeereid _getpty getrlimit getttyent glob inet_aton \ |
9690 | inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ | 10502 | inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ |
9691 | mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ | 10503 | mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ |
9692 | pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \ | 10504 | pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \ |
@@ -10760,11 +11572,9 @@ _ACEOF | |||
10760 | echo "$as_me:$LINENO: checking if setresuid seems to work" >&5 | 11572 | echo "$as_me:$LINENO: checking if setresuid seems to work" >&5 |
10761 | echo $ECHO_N "checking if setresuid seems to work... $ECHO_C" >&6 | 11573 | echo $ECHO_N "checking if setresuid seems to work... $ECHO_C" >&6 |
10762 | if test "$cross_compiling" = yes; then | 11574 | if test "$cross_compiling" = yes; then |
10763 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 11575 | { echo "$as_me:$LINENO: WARNING: cross compiling: not checking setresuid" >&5 |
10764 | See \`config.log' for more details." >&5 | 11576 | echo "$as_me: WARNING: cross compiling: not checking setresuid" >&2;} |
10765 | echo "$as_me: error: cannot run test program while cross compiling | 11577 | |
10766 | See \`config.log' for more details." >&2;} | ||
10767 | { (exit 1); exit 1; }; } | ||
10768 | else | 11578 | else |
10769 | cat >conftest.$ac_ext <<_ACEOF | 11579 | cat >conftest.$ac_ext <<_ACEOF |
10770 | /* confdefs.h. */ | 11580 | /* confdefs.h. */ |
@@ -10803,7 +11613,6 @@ _ACEOF | |||
10803 | 11613 | ||
10804 | echo "$as_me:$LINENO: result: not implemented" >&5 | 11614 | echo "$as_me:$LINENO: result: not implemented" >&5 |
10805 | echo "${ECHO_T}not implemented" >&6 | 11615 | echo "${ECHO_T}not implemented" >&6 |
10806 | |||
10807 | fi | 11616 | fi |
10808 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 11617 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
10809 | fi | 11618 | fi |
@@ -10914,11 +11723,9 @@ _ACEOF | |||
10914 | echo "$as_me:$LINENO: checking if setresgid seems to work" >&5 | 11723 | echo "$as_me:$LINENO: checking if setresgid seems to work" >&5 |
10915 | echo $ECHO_N "checking if setresgid seems to work... $ECHO_C" >&6 | 11724 | echo $ECHO_N "checking if setresgid seems to work... $ECHO_C" >&6 |
10916 | if test "$cross_compiling" = yes; then | 11725 | if test "$cross_compiling" = yes; then |
10917 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 11726 | { echo "$as_me:$LINENO: WARNING: cross compiling: not checking setresuid" >&5 |
10918 | See \`config.log' for more details." >&5 | 11727 | echo "$as_me: WARNING: cross compiling: not checking setresuid" >&2;} |
10919 | echo "$as_me: error: cannot run test program while cross compiling | 11728 | |
10920 | See \`config.log' for more details." >&2;} | ||
10921 | { (exit 1); exit 1; }; } | ||
10922 | else | 11729 | else |
10923 | cat >conftest.$ac_ext <<_ACEOF | 11730 | cat >conftest.$ac_ext <<_ACEOF |
10924 | /* confdefs.h. */ | 11731 | /* confdefs.h. */ |
@@ -10957,7 +11764,6 @@ _ACEOF | |||
10957 | 11764 | ||
10958 | echo "$as_me:$LINENO: result: not implemented" >&5 | 11765 | echo "$as_me:$LINENO: result: not implemented" >&5 |
10959 | echo "${ECHO_T}not implemented" >&6 | 11766 | echo "${ECHO_T}not implemented" >&6 |
10960 | |||
10961 | fi | 11767 | fi |
10962 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 11768 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
10963 | fi | 11769 | fi |
@@ -11835,11 +12641,9 @@ if test "x$ac_cv_func_snprintf" = "xyes" ; then | |||
11835 | echo "$as_me:$LINENO: checking whether snprintf correctly terminates long strings" >&5 | 12641 | echo "$as_me:$LINENO: checking whether snprintf correctly terminates long strings" >&5 |
11836 | echo $ECHO_N "checking whether snprintf correctly terminates long strings... $ECHO_C" >&6 | 12642 | echo $ECHO_N "checking whether snprintf correctly terminates long strings... $ECHO_C" >&6 |
11837 | if test "$cross_compiling" = yes; then | 12643 | if test "$cross_compiling" = yes; then |
11838 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 12644 | { echo "$as_me:$LINENO: WARNING: cross compiling: Assuming working snprintf()" >&5 |
11839 | See \`config.log' for more details." >&5 | 12645 | echo "$as_me: WARNING: cross compiling: Assuming working snprintf()" >&2;} |
11840 | echo "$as_me: error: cannot run test program while cross compiling | 12646 | |
11841 | See \`config.log' for more details." >&2;} | ||
11842 | { (exit 1); exit 1; }; } | ||
11843 | else | 12647 | else |
11844 | cat >conftest.$ac_ext <<_ACEOF | 12648 | cat >conftest.$ac_ext <<_ACEOF |
11845 | /* confdefs.h. */ | 12649 | /* confdefs.h. */ |
@@ -11881,7 +12685,6 @@ _ACEOF | |||
11881 | { echo "$as_me:$LINENO: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&5 | 12685 | { echo "$as_me:$LINENO: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&5 |
11882 | echo "$as_me: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&2;} | 12686 | echo "$as_me: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&2;} |
11883 | 12687 | ||
11884 | |||
11885 | fi | 12688 | fi |
11886 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 12689 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
11887 | fi | 12690 | fi |
@@ -12199,6 +13002,159 @@ rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftes | |||
12199 | fi | 13002 | fi |
12200 | fi | 13003 | fi |
12201 | 13004 | ||
13005 | if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_aix_broken_getaddrinfo" = "x1"; then | ||
13006 | echo "$as_me:$LINENO: checking if getaddrinfo seems to work" >&5 | ||
13007 | echo $ECHO_N "checking if getaddrinfo seems to work... $ECHO_C" >&6 | ||
13008 | if test "$cross_compiling" = yes; then | ||
13009 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | ||
13010 | See \`config.log' for more details." >&5 | ||
13011 | echo "$as_me: error: cannot run test program while cross compiling | ||
13012 | See \`config.log' for more details." >&2;} | ||
13013 | { (exit 1); exit 1; }; } | ||
13014 | else | ||
13015 | cat >conftest.$ac_ext <<_ACEOF | ||
13016 | /* confdefs.h. */ | ||
13017 | _ACEOF | ||
13018 | cat confdefs.h >>conftest.$ac_ext | ||
13019 | cat >>conftest.$ac_ext <<_ACEOF | ||
13020 | /* end confdefs.h. */ | ||
13021 | |||
13022 | #include <stdio.h> | ||
13023 | #include <sys/socket.h> | ||
13024 | #include <netdb.h> | ||
13025 | #include <errno.h> | ||
13026 | #include <netinet/in.h> | ||
13027 | |||
13028 | #define TEST_PORT "2222" | ||
13029 | |||
13030 | int | ||
13031 | main(void) | ||
13032 | { | ||
13033 | int err, sock; | ||
13034 | struct addrinfo *gai_ai, *ai, hints; | ||
13035 | char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; | ||
13036 | |||
13037 | memset(&hints, 0, sizeof(hints)); | ||
13038 | hints.ai_family = PF_UNSPEC; | ||
13039 | hints.ai_socktype = SOCK_STREAM; | ||
13040 | hints.ai_flags = AI_PASSIVE; | ||
13041 | |||
13042 | err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); | ||
13043 | if (err != 0) { | ||
13044 | fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); | ||
13045 | exit(1); | ||
13046 | } | ||
13047 | |||
13048 | for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { | ||
13049 | if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) | ||
13050 | continue; | ||
13051 | |||
13052 | err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, | ||
13053 | sizeof(ntop), strport, sizeof(strport), | ||
13054 | NI_NUMERICHOST|NI_NUMERICSERV); | ||
13055 | |||
13056 | if (ai->ai_family == AF_INET && err != 0) { | ||
13057 | perror("getnameinfo"); | ||
13058 | exit(2); | ||
13059 | } | ||
13060 | } | ||
13061 | exit(0); | ||
13062 | } | ||
13063 | |||
13064 | _ACEOF | ||
13065 | rm -f conftest$ac_exeext | ||
13066 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | ||
13067 | (eval $ac_link) 2>&5 | ||
13068 | ac_status=$? | ||
13069 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
13070 | (exit $ac_status); } && { ac_try='./conftest$ac_exeext' | ||
13071 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
13072 | (eval $ac_try) 2>&5 | ||
13073 | ac_status=$? | ||
13074 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
13075 | (exit $ac_status); }; }; then | ||
13076 | |||
13077 | echo "$as_me:$LINENO: result: yes" >&5 | ||
13078 | echo "${ECHO_T}yes" >&6 | ||
13079 | |||
13080 | cat >>confdefs.h <<\_ACEOF | ||
13081 | #define AIX_GETNAMEINFO_HACK | ||
13082 | _ACEOF | ||
13083 | |||
13084 | |||
13085 | else | ||
13086 | echo "$as_me: program exited with status $ac_status" >&5 | ||
13087 | echo "$as_me: failed program was:" >&5 | ||
13088 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
13089 | |||
13090 | ( exit $ac_status ) | ||
13091 | |||
13092 | echo "$as_me:$LINENO: result: no" >&5 | ||
13093 | echo "${ECHO_T}no" >&6 | ||
13094 | cat >>confdefs.h <<\_ACEOF | ||
13095 | #define BROKEN_GETADDRINFO 1 | ||
13096 | _ACEOF | ||
13097 | |||
13098 | |||
13099 | |||
13100 | fi | ||
13101 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | ||
13102 | fi | ||
13103 | fi | ||
13104 | |||
13105 | if test "x$check_for_conflicting_getspnam" = "x1"; then | ||
13106 | echo "$as_me:$LINENO: checking for conflicting getspnam in shadow.h" >&5 | ||
13107 | echo $ECHO_N "checking for conflicting getspnam in shadow.h... $ECHO_C" >&6 | ||
13108 | cat >conftest.$ac_ext <<_ACEOF | ||
13109 | |||
13110 | #include <shadow.h> | ||
13111 | int main(void) {exit(0);} | ||
13112 | |||
13113 | _ACEOF | ||
13114 | rm -f conftest.$ac_objext | ||
13115 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 | ||
13116 | (eval $ac_compile) 2>conftest.er1 | ||
13117 | ac_status=$? | ||
13118 | grep -v '^ *+' conftest.er1 >conftest.err | ||
13119 | rm -f conftest.er1 | ||
13120 | cat conftest.err >&5 | ||
13121 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
13122 | (exit $ac_status); } && | ||
13123 | { ac_try='test -z "$ac_c_werror_flag" | ||
13124 | || test ! -s conftest.err' | ||
13125 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
13126 | (eval $ac_try) 2>&5 | ||
13127 | ac_status=$? | ||
13128 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
13129 | (exit $ac_status); }; } && | ||
13130 | { ac_try='test -s conftest.$ac_objext' | ||
13131 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
13132 | (eval $ac_try) 2>&5 | ||
13133 | ac_status=$? | ||
13134 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
13135 | (exit $ac_status); }; }; then | ||
13136 | |||
13137 | echo "$as_me:$LINENO: result: no" >&5 | ||
13138 | echo "${ECHO_T}no" >&6 | ||
13139 | |||
13140 | else | ||
13141 | echo "$as_me: failed program was:" >&5 | ||
13142 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
13143 | |||
13144 | |||
13145 | echo "$as_me:$LINENO: result: yes" >&5 | ||
13146 | echo "${ECHO_T}yes" >&6 | ||
13147 | |||
13148 | cat >>confdefs.h <<\_ACEOF | ||
13149 | #define GETSPNAM_CONFLICTING_DEFS 1 | ||
13150 | _ACEOF | ||
13151 | |||
13152 | |||
13153 | |||
13154 | fi | ||
13155 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext | ||
13156 | fi | ||
13157 | |||
12202 | echo "$as_me:$LINENO: checking whether getpgrp requires zero arguments" >&5 | 13158 | echo "$as_me:$LINENO: checking whether getpgrp requires zero arguments" >&5 |
12203 | echo $ECHO_N "checking whether getpgrp requires zero arguments... $ECHO_C" >&6 | 13159 | echo $ECHO_N "checking whether getpgrp requires zero arguments... $ECHO_C" >&6 |
12204 | if test "${ac_cv_func_getpgrp_void+set}" = set; then | 13160 | if test "${ac_cv_func_getpgrp_void+set}" = set; then |
@@ -12730,6 +13686,10 @@ if test "${with_ssl_dir+set}" = set; then | |||
12730 | withval="$with_ssl_dir" | 13686 | withval="$with_ssl_dir" |
12731 | 13687 | ||
12732 | if test "x$withval" != "xno" ; then | 13688 | if test "x$withval" != "xno" ; then |
13689 | case "$withval" in | ||
13690 | # Relative paths | ||
13691 | ./*|../*) withval="`pwd`/$withval" | ||
13692 | esac | ||
12733 | if test -d "$withval/lib"; then | 13693 | if test -d "$withval/lib"; then |
12734 | if test -n "${need_dash_r}"; then | 13694 | if test -n "${need_dash_r}"; then |
12735 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" | 13695 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" |
@@ -12883,11 +13843,11 @@ rm -f conftest.err conftest.$ac_objext \ | |||
12883 | echo "$as_me:$LINENO: checking OpenSSL header version" >&5 | 13843 | echo "$as_me:$LINENO: checking OpenSSL header version" >&5 |
12884 | echo $ECHO_N "checking OpenSSL header version... $ECHO_C" >&6 | 13844 | echo $ECHO_N "checking OpenSSL header version... $ECHO_C" >&6 |
12885 | if test "$cross_compiling" = yes; then | 13845 | if test "$cross_compiling" = yes; then |
12886 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 13846 | |
12887 | See \`config.log' for more details." >&5 | 13847 | { echo "$as_me:$LINENO: WARNING: cross compiling: not checking" >&5 |
12888 | echo "$as_me: error: cannot run test program while cross compiling | 13848 | echo "$as_me: WARNING: cross compiling: not checking" >&2;} |
12889 | See \`config.log' for more details." >&2;} | 13849 | |
12890 | { (exit 1); exit 1; }; } | 13850 | |
12891 | else | 13851 | else |
12892 | cat >conftest.$ac_ext <<_ACEOF | 13852 | cat >conftest.$ac_ext <<_ACEOF |
12893 | /* confdefs.h. */ | 13853 | /* confdefs.h. */ |
@@ -12944,7 +13904,6 @@ echo "${ECHO_T}not found" >&6 | |||
12944 | echo "$as_me: error: OpenSSL version header not found." >&2;} | 13904 | echo "$as_me: error: OpenSSL version header not found." >&2;} |
12945 | { (exit 1); exit 1; }; } | 13905 | { (exit 1); exit 1; }; } |
12946 | 13906 | ||
12947 | |||
12948 | fi | 13907 | fi |
12949 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 13908 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
12950 | fi | 13909 | fi |
@@ -12953,11 +13912,11 @@ fi | |||
12953 | echo "$as_me:$LINENO: checking OpenSSL library version" >&5 | 13912 | echo "$as_me:$LINENO: checking OpenSSL library version" >&5 |
12954 | echo $ECHO_N "checking OpenSSL library version... $ECHO_C" >&6 | 13913 | echo $ECHO_N "checking OpenSSL library version... $ECHO_C" >&6 |
12955 | if test "$cross_compiling" = yes; then | 13914 | if test "$cross_compiling" = yes; then |
12956 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 13915 | |
12957 | See \`config.log' for more details." >&5 | 13916 | { echo "$as_me:$LINENO: WARNING: cross compiling: not checking" >&5 |
12958 | echo "$as_me: error: cannot run test program while cross compiling | 13917 | echo "$as_me: WARNING: cross compiling: not checking" >&2;} |
12959 | See \`config.log' for more details." >&2;} | 13918 | |
12960 | { (exit 1); exit 1; }; } | 13919 | |
12961 | else | 13920 | else |
12962 | cat >conftest.$ac_ext <<_ACEOF | 13921 | cat >conftest.$ac_ext <<_ACEOF |
12963 | /* confdefs.h. */ | 13922 | /* confdefs.h. */ |
@@ -13015,7 +13974,6 @@ echo "${ECHO_T}not found" >&6 | |||
13015 | echo "$as_me: error: OpenSSL library not found." >&2;} | 13974 | echo "$as_me: error: OpenSSL library not found." >&2;} |
13016 | { (exit 1); exit 1; }; } | 13975 | { (exit 1); exit 1; }; } |
13017 | 13976 | ||
13018 | |||
13019 | fi | 13977 | fi |
13020 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 13978 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
13021 | fi | 13979 | fi |
@@ -13024,11 +13982,11 @@ fi | |||
13024 | echo "$as_me:$LINENO: checking whether OpenSSL's headers match the library" >&5 | 13982 | echo "$as_me:$LINENO: checking whether OpenSSL's headers match the library" >&5 |
13025 | echo $ECHO_N "checking whether OpenSSL's headers match the library... $ECHO_C" >&6 | 13983 | echo $ECHO_N "checking whether OpenSSL's headers match the library... $ECHO_C" >&6 |
13026 | if test "$cross_compiling" = yes; then | 13984 | if test "$cross_compiling" = yes; then |
13027 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 13985 | |
13028 | See \`config.log' for more details." >&5 | 13986 | { echo "$as_me:$LINENO: WARNING: cross compiling: not checking" >&5 |
13029 | echo "$as_me: error: cannot run test program while cross compiling | 13987 | echo "$as_me: WARNING: cross compiling: not checking" >&2;} |
13030 | See \`config.log' for more details." >&2;} | 13988 | |
13031 | { (exit 1); exit 1; }; } | 13989 | |
13032 | else | 13990 | else |
13033 | cat >conftest.$ac_ext <<_ACEOF | 13991 | cat >conftest.$ac_ext <<_ACEOF |
13034 | /* confdefs.h. */ | 13992 | /* confdefs.h. */ |
@@ -13074,7 +14032,6 @@ Check config.log for details. | |||
13074 | Also see contrib/findssl.sh for help identifying header/library mismatches." >&2;} | 14032 | Also see contrib/findssl.sh for help identifying header/library mismatches." >&2;} |
13075 | { (exit 1); exit 1; }; } | 14033 | { (exit 1); exit 1; }; } |
13076 | 14034 | ||
13077 | |||
13078 | fi | 14035 | fi |
13079 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 14036 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
13080 | fi | 14037 | fi |
@@ -13238,11 +14195,14 @@ fi | |||
13238 | echo "$as_me:$LINENO: checking whether OpenSSL's PRNG is internally seeded" >&5 | 14195 | echo "$as_me:$LINENO: checking whether OpenSSL's PRNG is internally seeded" >&5 |
13239 | echo $ECHO_N "checking whether OpenSSL's PRNG is internally seeded... $ECHO_C" >&6 | 14196 | echo $ECHO_N "checking whether OpenSSL's PRNG is internally seeded... $ECHO_C" >&6 |
13240 | if test "$cross_compiling" = yes; then | 14197 | if test "$cross_compiling" = yes; then |
13241 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 14198 | |
13242 | See \`config.log' for more details." >&5 | 14199 | { echo "$as_me:$LINENO: WARNING: cross compiling: assuming yes" >&5 |
13243 | echo "$as_me: error: cannot run test program while cross compiling | 14200 | echo "$as_me: WARNING: cross compiling: assuming yes" >&2;} |
13244 | See \`config.log' for more details." >&2;} | 14201 | # This is safe, since all recent OpenSSL versions will |
13245 | { (exit 1); exit 1; }; } | 14202 | # complain at runtime if not seeded correctly. |
14203 | OPENSSL_SEEDS_ITSELF=yes | ||
14204 | |||
14205 | |||
13246 | else | 14206 | else |
13247 | cat >conftest.$ac_ext <<_ACEOF | 14207 | cat >conftest.$ac_ext <<_ACEOF |
13248 | /* confdefs.h. */ | 14208 | /* confdefs.h. */ |
@@ -13285,7 +14245,6 @@ echo "${ECHO_T}no" >&6 | |||
13285 | # seed itself | 14245 | # seed itself |
13286 | USE_RAND_HELPER=yes | 14246 | USE_RAND_HELPER=yes |
13287 | 14247 | ||
13288 | |||
13289 | fi | 14248 | fi |
13290 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 14249 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
13291 | fi | 14250 | fi |
@@ -17288,6 +18247,74 @@ _ACEOF | |||
17288 | fi | 18247 | fi |
17289 | 18248 | ||
17290 | 18249 | ||
18250 | echo "$as_me:$LINENO: checking for in_addr_t" >&5 | ||
18251 | echo $ECHO_N "checking for in_addr_t... $ECHO_C" >&6 | ||
18252 | if test "${ac_cv_type_in_addr_t+set}" = set; then | ||
18253 | echo $ECHO_N "(cached) $ECHO_C" >&6 | ||
18254 | else | ||
18255 | cat >conftest.$ac_ext <<_ACEOF | ||
18256 | /* confdefs.h. */ | ||
18257 | _ACEOF | ||
18258 | cat confdefs.h >>conftest.$ac_ext | ||
18259 | cat >>conftest.$ac_ext <<_ACEOF | ||
18260 | /* end confdefs.h. */ | ||
18261 | #include <sys/types.h> | ||
18262 | #include <netinet/in.h> | ||
18263 | |||
18264 | int | ||
18265 | main () | ||
18266 | { | ||
18267 | if ((in_addr_t *) 0) | ||
18268 | return 0; | ||
18269 | if (sizeof (in_addr_t)) | ||
18270 | return 0; | ||
18271 | ; | ||
18272 | return 0; | ||
18273 | } | ||
18274 | _ACEOF | ||
18275 | rm -f conftest.$ac_objext | ||
18276 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 | ||
18277 | (eval $ac_compile) 2>conftest.er1 | ||
18278 | ac_status=$? | ||
18279 | grep -v '^ *+' conftest.er1 >conftest.err | ||
18280 | rm -f conftest.er1 | ||
18281 | cat conftest.err >&5 | ||
18282 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
18283 | (exit $ac_status); } && | ||
18284 | { ac_try='test -z "$ac_c_werror_flag" | ||
18285 | || test ! -s conftest.err' | ||
18286 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
18287 | (eval $ac_try) 2>&5 | ||
18288 | ac_status=$? | ||
18289 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
18290 | (exit $ac_status); }; } && | ||
18291 | { ac_try='test -s conftest.$ac_objext' | ||
18292 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
18293 | (eval $ac_try) 2>&5 | ||
18294 | ac_status=$? | ||
18295 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
18296 | (exit $ac_status); }; }; then | ||
18297 | ac_cv_type_in_addr_t=yes | ||
18298 | else | ||
18299 | echo "$as_me: failed program was:" >&5 | ||
18300 | sed 's/^/| /' conftest.$ac_ext >&5 | ||
18301 | |||
18302 | ac_cv_type_in_addr_t=no | ||
18303 | fi | ||
18304 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext | ||
18305 | fi | ||
18306 | echo "$as_me:$LINENO: result: $ac_cv_type_in_addr_t" >&5 | ||
18307 | echo "${ECHO_T}$ac_cv_type_in_addr_t" >&6 | ||
18308 | if test $ac_cv_type_in_addr_t = yes; then | ||
18309 | |||
18310 | cat >>confdefs.h <<_ACEOF | ||
18311 | #define HAVE_IN_ADDR_T 1 | ||
18312 | _ACEOF | ||
18313 | |||
18314 | |||
18315 | fi | ||
18316 | |||
18317 | |||
17291 | echo "$as_me:$LINENO: checking for size_t" >&5 | 18318 | echo "$as_me:$LINENO: checking for size_t" >&5 |
17292 | echo $ECHO_N "checking for size_t... $ECHO_C" >&6 | 18319 | echo $ECHO_N "checking for size_t... $ECHO_C" >&6 |
17293 | if test "${ac_cv_have_size_t+set}" = set; then | 18320 | if test "${ac_cv_have_size_t+set}" = set; then |
@@ -18134,11 +19161,9 @@ if test "x$ac_cv_have_int64_t" = "xno" -a \ | |||
18134 | exit 1; | 19161 | exit 1; |
18135 | else | 19162 | else |
18136 | if test "$cross_compiling" = yes; then | 19163 | if test "$cross_compiling" = yes; then |
18137 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | 19164 | { echo "$as_me:$LINENO: WARNING: cross compiling: Assuming working snprintf()" >&5 |
18138 | See \`config.log' for more details." >&5 | 19165 | echo "$as_me: WARNING: cross compiling: Assuming working snprintf()" >&2;} |
18139 | echo "$as_me: error: cannot run test program while cross compiling | 19166 | |
18140 | See \`config.log' for more details." >&2;} | ||
18141 | { (exit 1); exit 1; }; } | ||
18142 | else | 19167 | else |
18143 | cat >conftest.$ac_ext <<_ACEOF | 19168 | cat >conftest.$ac_ext <<_ACEOF |
18144 | /* confdefs.h. */ | 19169 | /* confdefs.h. */ |
@@ -18193,7 +19218,6 @@ sed 's/^/| /' conftest.$ac_ext >&5 | |||
18193 | #define BROKEN_SNPRINTF 1 | 19218 | #define BROKEN_SNPRINTF 1 |
18194 | _ACEOF | 19219 | _ACEOF |
18195 | 19220 | ||
18196 | |||
18197 | fi | 19221 | fi |
18198 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 19222 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext |
18199 | fi | 19223 | fi |
@@ -19391,25 +20415,14 @@ if test "${ac_cv_have_accrights_in_msghdr+set}" = set; then | |||
19391 | echo $ECHO_N "(cached) $ECHO_C" >&6 | 20415 | echo $ECHO_N "(cached) $ECHO_C" >&6 |
19392 | else | 20416 | else |
19393 | 20417 | ||
19394 | if test "$cross_compiling" = yes; then | 20418 | cat >conftest.$ac_ext <<_ACEOF |
19395 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | ||
19396 | See \`config.log' for more details." >&5 | ||
19397 | echo "$as_me: error: cannot run test program while cross compiling | ||
19398 | See \`config.log' for more details." >&2;} | ||
19399 | { (exit 1); exit 1; }; } | ||
19400 | else | ||
19401 | cat >conftest.$ac_ext <<_ACEOF | ||
19402 | /* confdefs.h. */ | ||
19403 | _ACEOF | ||
19404 | cat confdefs.h >>conftest.$ac_ext | ||
19405 | cat >>conftest.$ac_ext <<_ACEOF | ||
19406 | /* end confdefs.h. */ | ||
19407 | 20419 | ||
19408 | #include <sys/types.h> | 20420 | #include <sys/types.h> |
19409 | #include <sys/socket.h> | 20421 | #include <sys/socket.h> |
19410 | #include <sys/uio.h> | 20422 | #include <sys/uio.h> |
19411 | int main() { | 20423 | int main() { |
19412 | #ifdef msg_accrights | 20424 | #ifdef msg_accrights |
20425 | #error "msg_accrights is a macro" | ||
19413 | exit(1); | 20426 | exit(1); |
19414 | #endif | 20427 | #endif |
19415 | struct msghdr m; | 20428 | struct msghdr m; |
@@ -19418,12 +20431,23 @@ exit(0); | |||
19418 | } | 20431 | } |
19419 | 20432 | ||
19420 | _ACEOF | 20433 | _ACEOF |
19421 | rm -f conftest$ac_exeext | 20434 | rm -f conftest.$ac_objext |
19422 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | 20435 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 |
19423 | (eval $ac_link) 2>&5 | 20436 | (eval $ac_compile) 2>conftest.er1 |
19424 | ac_status=$? | 20437 | ac_status=$? |
20438 | grep -v '^ *+' conftest.er1 >conftest.err | ||
20439 | rm -f conftest.er1 | ||
20440 | cat conftest.err >&5 | ||
19425 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | 20441 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 |
19426 | (exit $ac_status); } && { ac_try='./conftest$ac_exeext' | 20442 | (exit $ac_status); } && |
20443 | { ac_try='test -z "$ac_c_werror_flag" | ||
20444 | || test ! -s conftest.err' | ||
20445 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
20446 | (eval $ac_try) 2>&5 | ||
20447 | ac_status=$? | ||
20448 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
20449 | (exit $ac_status); }; } && | ||
20450 | { ac_try='test -s conftest.$ac_objext' | ||
19427 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | 20451 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 |
19428 | (eval $ac_try) 2>&5 | 20452 | (eval $ac_try) 2>&5 |
19429 | ac_status=$? | 20453 | ac_status=$? |
@@ -19431,16 +20455,13 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | |||
19431 | (exit $ac_status); }; }; then | 20455 | (exit $ac_status); }; }; then |
19432 | ac_cv_have_accrights_in_msghdr="yes" | 20456 | ac_cv_have_accrights_in_msghdr="yes" |
19433 | else | 20457 | else |
19434 | echo "$as_me: program exited with status $ac_status" >&5 | 20458 | echo "$as_me: failed program was:" >&5 |
19435 | echo "$as_me: failed program was:" >&5 | ||
19436 | sed 's/^/| /' conftest.$ac_ext >&5 | 20459 | sed 's/^/| /' conftest.$ac_ext >&5 |
19437 | 20460 | ||
19438 | ( exit $ac_status ) | ||
19439 | ac_cv_have_accrights_in_msghdr="no" | 20461 | ac_cv_have_accrights_in_msghdr="no" |
19440 | 20462 | ||
19441 | fi | 20463 | fi |
19442 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 20464 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext |
19443 | fi | ||
19444 | 20465 | ||
19445 | fi | 20466 | fi |
19446 | echo "$as_me:$LINENO: result: $ac_cv_have_accrights_in_msghdr" >&5 | 20467 | echo "$as_me:$LINENO: result: $ac_cv_have_accrights_in_msghdr" >&5 |
@@ -19458,25 +20479,14 @@ if test "${ac_cv_have_control_in_msghdr+set}" = set; then | |||
19458 | echo $ECHO_N "(cached) $ECHO_C" >&6 | 20479 | echo $ECHO_N "(cached) $ECHO_C" >&6 |
19459 | else | 20480 | else |
19460 | 20481 | ||
19461 | if test "$cross_compiling" = yes; then | 20482 | cat >conftest.$ac_ext <<_ACEOF |
19462 | { { echo "$as_me:$LINENO: error: cannot run test program while cross compiling | ||
19463 | See \`config.log' for more details." >&5 | ||
19464 | echo "$as_me: error: cannot run test program while cross compiling | ||
19465 | See \`config.log' for more details." >&2;} | ||
19466 | { (exit 1); exit 1; }; } | ||
19467 | else | ||
19468 | cat >conftest.$ac_ext <<_ACEOF | ||
19469 | /* confdefs.h. */ | ||
19470 | _ACEOF | ||
19471 | cat confdefs.h >>conftest.$ac_ext | ||
19472 | cat >>conftest.$ac_ext <<_ACEOF | ||
19473 | /* end confdefs.h. */ | ||
19474 | 20483 | ||
19475 | #include <sys/types.h> | 20484 | #include <sys/types.h> |
19476 | #include <sys/socket.h> | 20485 | #include <sys/socket.h> |
19477 | #include <sys/uio.h> | 20486 | #include <sys/uio.h> |
19478 | int main() { | 20487 | int main() { |
19479 | #ifdef msg_control | 20488 | #ifdef msg_control |
20489 | #error "msg_control is a macro" | ||
19480 | exit(1); | 20490 | exit(1); |
19481 | #endif | 20491 | #endif |
19482 | struct msghdr m; | 20492 | struct msghdr m; |
@@ -19485,12 +20495,23 @@ exit(0); | |||
19485 | } | 20495 | } |
19486 | 20496 | ||
19487 | _ACEOF | 20497 | _ACEOF |
19488 | rm -f conftest$ac_exeext | 20498 | rm -f conftest.$ac_objext |
19489 | if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | 20499 | if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 |
19490 | (eval $ac_link) 2>&5 | 20500 | (eval $ac_compile) 2>conftest.er1 |
19491 | ac_status=$? | 20501 | ac_status=$? |
20502 | grep -v '^ *+' conftest.er1 >conftest.err | ||
20503 | rm -f conftest.er1 | ||
20504 | cat conftest.err >&5 | ||
19492 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | 20505 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 |
19493 | (exit $ac_status); } && { ac_try='./conftest$ac_exeext' | 20506 | (exit $ac_status); } && |
20507 | { ac_try='test -z "$ac_c_werror_flag" | ||
20508 | || test ! -s conftest.err' | ||
20509 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | ||
20510 | (eval $ac_try) 2>&5 | ||
20511 | ac_status=$? | ||
20512 | echo "$as_me:$LINENO: \$? = $ac_status" >&5 | ||
20513 | (exit $ac_status); }; } && | ||
20514 | { ac_try='test -s conftest.$ac_objext' | ||
19494 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 | 20515 | { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 |
19495 | (eval $ac_try) 2>&5 | 20516 | (eval $ac_try) 2>&5 |
19496 | ac_status=$? | 20517 | ac_status=$? |
@@ -19498,16 +20519,13 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 | |||
19498 | (exit $ac_status); }; }; then | 20519 | (exit $ac_status); }; }; then |
19499 | ac_cv_have_control_in_msghdr="yes" | 20520 | ac_cv_have_control_in_msghdr="yes" |
19500 | else | 20521 | else |
19501 | echo "$as_me: program exited with status $ac_status" >&5 | 20522 | echo "$as_me: failed program was:" >&5 |
19502 | echo "$as_me: failed program was:" >&5 | ||
19503 | sed 's/^/| /' conftest.$ac_ext >&5 | 20523 | sed 's/^/| /' conftest.$ac_ext >&5 |
19504 | 20524 | ||
19505 | ( exit $ac_status ) | ||
19506 | ac_cv_have_control_in_msghdr="no" | 20525 | ac_cv_have_control_in_msghdr="no" |
19507 | 20526 | ||
19508 | fi | 20527 | fi |
19509 | rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext | 20528 | rm -f conftest.err conftest.$ac_objext conftest.$ac_ext |
19510 | fi | ||
19511 | 20529 | ||
19512 | fi | 20530 | fi |
19513 | echo "$as_me:$LINENO: result: $ac_cv_have_control_in_msghdr" >&5 | 20531 | echo "$as_me:$LINENO: result: $ac_cv_have_control_in_msghdr" >&5 |
@@ -20050,9 +21068,9 @@ echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >& | |||
20050 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | 21068 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} |
20051 | ( | 21069 | ( |
20052 | cat <<\_ASBOX | 21070 | cat <<\_ASBOX |
20053 | ## ------------------------------------------ ## | 21071 | ## ---------------------------------- ## |
20054 | ## Report this to the AC_PACKAGE_NAME lists. ## | 21072 | ## Report this to the OpenSSH lists. ## |
20055 | ## ------------------------------------------ ## | 21073 | ## ---------------------------------- ## |
20056 | _ASBOX | 21074 | _ASBOX |
20057 | ) | | 21075 | ) | |
20058 | sed "s/^/$as_me: WARNING: /" >&2 | 21076 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -21576,9 +22594,9 @@ echo "$as_me: WARNING: gssapi.h: proceeding with the preprocessor's result" >&2; | |||
21576 | echo "$as_me: WARNING: gssapi.h: in the future, the compiler will take precedence" >&2;} | 22594 | echo "$as_me: WARNING: gssapi.h: in the future, the compiler will take precedence" >&2;} |
21577 | ( | 22595 | ( |
21578 | cat <<\_ASBOX | 22596 | cat <<\_ASBOX |
21579 | ## ------------------------------------------ ## | 22597 | ## ---------------------------------- ## |
21580 | ## Report this to the AC_PACKAGE_NAME lists. ## | 22598 | ## Report this to the OpenSSH lists. ## |
21581 | ## ------------------------------------------ ## | 22599 | ## ---------------------------------- ## |
21582 | _ASBOX | 22600 | _ASBOX |
21583 | ) | | 22601 | ) | |
21584 | sed "s/^/$as_me: WARNING: /" >&2 | 22602 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -21722,9 +22740,9 @@ echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >& | |||
21722 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | 22740 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} |
21723 | ( | 22741 | ( |
21724 | cat <<\_ASBOX | 22742 | cat <<\_ASBOX |
21725 | ## ------------------------------------------ ## | 22743 | ## ---------------------------------- ## |
21726 | ## Report this to the AC_PACKAGE_NAME lists. ## | 22744 | ## Report this to the OpenSSH lists. ## |
21727 | ## ------------------------------------------ ## | 22745 | ## ---------------------------------- ## |
21728 | _ASBOX | 22746 | _ASBOX |
21729 | ) | | 22747 | ) | |
21730 | sed "s/^/$as_me: WARNING: /" >&2 | 22748 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -21880,9 +22898,9 @@ echo "$as_me: WARNING: gssapi_krb5.h: proceeding with the preprocessor's result" | |||
21880 | echo "$as_me: WARNING: gssapi_krb5.h: in the future, the compiler will take precedence" >&2;} | 22898 | echo "$as_me: WARNING: gssapi_krb5.h: in the future, the compiler will take precedence" >&2;} |
21881 | ( | 22899 | ( |
21882 | cat <<\_ASBOX | 22900 | cat <<\_ASBOX |
21883 | ## ------------------------------------------ ## | 22901 | ## ---------------------------------- ## |
21884 | ## Report this to the AC_PACKAGE_NAME lists. ## | 22902 | ## Report this to the OpenSSH lists. ## |
21885 | ## ------------------------------------------ ## | 22903 | ## ---------------------------------- ## |
21886 | _ASBOX | 22904 | _ASBOX |
21887 | ) | | 22905 | ) | |
21888 | sed "s/^/$as_me: WARNING: /" >&2 | 22906 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -22039,9 +23057,9 @@ echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >& | |||
22039 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | 23057 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} |
22040 | ( | 23058 | ( |
22041 | cat <<\_ASBOX | 23059 | cat <<\_ASBOX |
22042 | ## ------------------------------------------ ## | 23060 | ## ---------------------------------- ## |
22043 | ## Report this to the AC_PACKAGE_NAME lists. ## | 23061 | ## Report this to the OpenSSH lists. ## |
22044 | ## ------------------------------------------ ## | 23062 | ## ---------------------------------- ## |
22045 | _ASBOX | 23063 | _ASBOX |
22046 | ) | | 23064 | ) | |
22047 | sed "s/^/$as_me: WARNING: /" >&2 | 23065 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -22190,9 +23208,9 @@ echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >& | |||
22190 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | 23208 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} |
22191 | ( | 23209 | ( |
22192 | cat <<\_ASBOX | 23210 | cat <<\_ASBOX |
22193 | ## ------------------------------------------ ## | 23211 | ## ---------------------------------- ## |
22194 | ## Report this to the AC_PACKAGE_NAME lists. ## | 23212 | ## Report this to the OpenSSH lists. ## |
22195 | ## ------------------------------------------ ## | 23213 | ## ---------------------------------- ## |
22196 | _ASBOX | 23214 | _ASBOX |
22197 | ) | | 23215 | ) | |
22198 | sed "s/^/$as_me: WARNING: /" >&2 | 23216 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -22341,9 +23359,9 @@ echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >& | |||
22341 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} | 23359 | echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} |
22342 | ( | 23360 | ( |
22343 | cat <<\_ASBOX | 23361 | cat <<\_ASBOX |
22344 | ## ------------------------------------------ ## | 23362 | ## ---------------------------------- ## |
22345 | ## Report this to the AC_PACKAGE_NAME lists. ## | 23363 | ## Report this to the OpenSSH lists. ## |
22346 | ## ------------------------------------------ ## | 23364 | ## ---------------------------------- ## |
22347 | _ASBOX | 23365 | _ASBOX |
22348 | ) | | 23366 | ) | |
22349 | sed "s/^/$as_me: WARNING: /" >&2 | 23367 | sed "s/^/$as_me: WARNING: /" >&2 |
@@ -22745,6 +23763,11 @@ _ACEOF | |||
22745 | 23763 | ||
22746 | fi | 23764 | fi |
22747 | 23765 | ||
23766 | if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then | ||
23767 | { echo "$as_me:$LINENO: WARNING: cross compiling: Disabling /dev/ptmx test" >&5 | ||
23768 | echo "$as_me: WARNING: cross compiling: Disabling /dev/ptmx test" >&2;} | ||
23769 | disable_ptmx_check=yes | ||
23770 | fi | ||
22748 | if test -z "$no_dev_ptmx" ; then | 23771 | if test -z "$no_dev_ptmx" ; then |
22749 | if test "x$disable_ptmx_check" != "xyes" ; then | 23772 | if test "x$disable_ptmx_check" != "xyes" ; then |
22750 | echo "$as_me:$LINENO: checking for \"/dev/ptmx\"" >&5 | 23773 | echo "$as_me:$LINENO: checking for \"/dev/ptmx\"" >&5 |
@@ -22777,7 +23800,9 @@ fi | |||
22777 | 23800 | ||
22778 | fi | 23801 | fi |
22779 | fi | 23802 | fi |
22780 | echo "$as_me:$LINENO: checking for \"/dev/ptc\"" >&5 | 23803 | |
23804 | if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then | ||
23805 | echo "$as_me:$LINENO: checking for \"/dev/ptc\"" >&5 | ||
22781 | echo $ECHO_N "checking for \"/dev/ptc\"... $ECHO_C" >&6 | 23806 | echo $ECHO_N "checking for \"/dev/ptc\"... $ECHO_C" >&6 |
22782 | if test "${ac_cv_file___dev_ptc_+set}" = set; then | 23807 | if test "${ac_cv_file___dev_ptc_+set}" = set; then |
22783 | echo $ECHO_N "(cached) $ECHO_C" >&6 | 23808 | echo $ECHO_N "(cached) $ECHO_C" >&6 |
@@ -22796,15 +23821,19 @@ echo "$as_me:$LINENO: result: $ac_cv_file___dev_ptc_" >&5 | |||
22796 | echo "${ECHO_T}$ac_cv_file___dev_ptc_" >&6 | 23821 | echo "${ECHO_T}$ac_cv_file___dev_ptc_" >&6 |
22797 | if test $ac_cv_file___dev_ptc_ = yes; then | 23822 | if test $ac_cv_file___dev_ptc_ = yes; then |
22798 | 23823 | ||
22799 | cat >>confdefs.h <<_ACEOF | 23824 | cat >>confdefs.h <<_ACEOF |
22800 | #define HAVE_DEV_PTS_AND_PTC 1 | 23825 | #define HAVE_DEV_PTS_AND_PTC 1 |
22801 | _ACEOF | 23826 | _ACEOF |
22802 | 23827 | ||
22803 | have_dev_ptc=1 | 23828 | have_dev_ptc=1 |
22804 | 23829 | ||
22805 | 23830 | ||
22806 | fi | 23831 | fi |
22807 | 23832 | ||
23833 | else | ||
23834 | { echo "$as_me:$LINENO: WARNING: cross compiling: Disabling /dev/ptc test" >&5 | ||
23835 | echo "$as_me: WARNING: cross compiling: Disabling /dev/ptc test" >&2;} | ||
23836 | fi | ||
22808 | 23837 | ||
22809 | # Options from here on. Some of these are preset by platform above | 23838 | # Options from here on. Some of these are preset by platform above |
22810 | 23839 | ||
@@ -23020,10 +24049,20 @@ fi | |||
23020 | # Check whether --enable-etc-default-login or --disable-etc-default-login was given. | 24049 | # Check whether --enable-etc-default-login or --disable-etc-default-login was given. |
23021 | if test "${enable_etc_default_login+set}" = set; then | 24050 | if test "${enable_etc_default_login+set}" = set; then |
23022 | enableval="$enable_etc_default_login" | 24051 | enableval="$enable_etc_default_login" |
23023 | 24052 | if test "x$enableval" = "xno"; then | |
24053 | { echo "$as_me:$LINENO: /etc/default/login handling disabled" >&5 | ||
24054 | echo "$as_me: /etc/default/login handling disabled" >&6;} | ||
24055 | etc_default_login=no | ||
24056 | else | ||
24057 | etc_default_login=yes | ||
24058 | fi | ||
23024 | else | 24059 | else |
24060 | etc_default_login=yes | ||
24061 | |||
24062 | fi; | ||
23025 | 24063 | ||
23026 | echo "$as_me:$LINENO: checking for \"/etc/default/login\"" >&5 | 24064 | if test "x$etc_default_login" != "xno"; then |
24065 | echo "$as_me:$LINENO: checking for \"/etc/default/login\"" >&5 | ||
23027 | echo $ECHO_N "checking for \"/etc/default/login\"... $ECHO_C" >&6 | 24066 | echo $ECHO_N "checking for \"/etc/default/login\"... $ECHO_C" >&6 |
23028 | if test "${ac_cv_file___etc_default_login_+set}" = set; then | 24067 | if test "${ac_cv_file___etc_default_login_+set}" = set; then |
23029 | echo $ECHO_N "(cached) $ECHO_C" >&6 | 24068 | echo $ECHO_N "(cached) $ECHO_C" >&6 |
@@ -23044,16 +24083,18 @@ if test $ac_cv_file___etc_default_login_ = yes; then | |||
23044 | external_path_file=/etc/default/login | 24083 | external_path_file=/etc/default/login |
23045 | fi | 24084 | fi |
23046 | 24085 | ||
23047 | 24086 | if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; | |
23048 | if test "x$external_path_file" = "x/etc/default/login"; then | 24087 | then |
23049 | cat >>confdefs.h <<\_ACEOF | 24088 | { echo "$as_me:$LINENO: WARNING: cross compiling: Disabling /etc/default/login test" >&5 |
24089 | echo "$as_me: WARNING: cross compiling: Disabling /etc/default/login test" >&2;} | ||
24090 | elif test "x$external_path_file" = "x/etc/default/login"; then | ||
24091 | cat >>confdefs.h <<\_ACEOF | ||
23050 | #define HAVE_ETC_DEFAULT_LOGIN 1 | 24092 | #define HAVE_ETC_DEFAULT_LOGIN 1 |
23051 | _ACEOF | 24093 | _ACEOF |
23052 | 24094 | ||
24095 | fi | ||
23053 | fi | 24096 | fi |
23054 | 24097 | ||
23055 | fi; | ||
23056 | |||
23057 | if test $ac_cv_func_login_getcapbool = "yes" -a \ | 24098 | if test $ac_cv_func_login_getcapbool = "yes" -a \ |
23058 | $ac_cv_header_login_cap_h = "yes" ; then | 24099 | $ac_cv_header_login_cap_h = "yes" ; then |
23059 | external_path_file=/etc/login.conf | 24100 | external_path_file=/etc/login.conf |
@@ -23891,7 +24932,7 @@ if test "$ac_cv_lib_pam_pam_set_item" = yes ; then | |||
23891 | fi | 24932 | fi |
23892 | 24933 | ||
23893 | 24934 | ||
23894 | ac_config_files="$ac_config_files Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile scard/Makefile ssh_prng_cmds" | 24935 | ac_config_files="$ac_config_files Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile scard/Makefile ssh_prng_cmds survey.sh" |
23895 | 24936 | ||
23896 | cat >confcache <<\_ACEOF | 24937 | cat >confcache <<\_ACEOF |
23897 | # This file is a shell script that caches the results of configure | 24938 | # This file is a shell script that caches the results of configure |
@@ -24255,7 +25296,7 @@ BOXI_EOF | |||
24255 | } >&5 | 25296 | } >&5 |
24256 | cat >&5 <<_CSEOF | 25297 | cat >&5 <<_CSEOF |
24257 | 25298 | ||
24258 | This file was extended by $as_me, which was | 25299 | This file was extended by OpenSSH $as_me Portable, which was |
24259 | generated by GNU Autoconf 2.59. Invocation command line was | 25300 | generated by GNU Autoconf 2.59. Invocation command line was |
24260 | 25301 | ||
24261 | CONFIG_FILES = $CONFIG_FILES | 25302 | CONFIG_FILES = $CONFIG_FILES |
@@ -24315,7 +25356,7 @@ _ACEOF | |||
24315 | 25356 | ||
24316 | cat >>$CONFIG_STATUS <<_ACEOF | 25357 | cat >>$CONFIG_STATUS <<_ACEOF |
24317 | ac_cs_version="\\ | 25358 | ac_cs_version="\\ |
24318 | config.status | 25359 | OpenSSH config.status Portable |
24319 | configured by $0, generated by GNU Autoconf 2.59, | 25360 | configured by $0, generated by GNU Autoconf 2.59, |
24320 | with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" | 25361 | with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" |
24321 | 25362 | ||
@@ -24424,6 +25465,7 @@ do | |||
24424 | "openbsd-compat/Makefile" ) CONFIG_FILES="$CONFIG_FILES openbsd-compat/Makefile" ;; | 25465 | "openbsd-compat/Makefile" ) CONFIG_FILES="$CONFIG_FILES openbsd-compat/Makefile" ;; |
24425 | "scard/Makefile" ) CONFIG_FILES="$CONFIG_FILES scard/Makefile" ;; | 25466 | "scard/Makefile" ) CONFIG_FILES="$CONFIG_FILES scard/Makefile" ;; |
24426 | "ssh_prng_cmds" ) CONFIG_FILES="$CONFIG_FILES ssh_prng_cmds" ;; | 25467 | "ssh_prng_cmds" ) CONFIG_FILES="$CONFIG_FILES ssh_prng_cmds" ;; |
25468 | "survey.sh" ) CONFIG_FILES="$CONFIG_FILES survey.sh" ;; | ||
24427 | "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; | 25469 | "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; |
24428 | *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 | 25470 | *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 |
24429 | echo "$as_me: error: invalid argument: $ac_config_target" >&2;} | 25471 | echo "$as_me: error: invalid argument: $ac_config_target" >&2;} |
@@ -24548,6 +25590,7 @@ s,@PATH_PASSWD_PROG@,$PATH_PASSWD_PROG,;t t | |||
24548 | s,@LD@,$LD,;t t | 25590 | s,@LD@,$LD,;t t |
24549 | s,@EGREP@,$EGREP,;t t | 25591 | s,@EGREP@,$EGREP,;t t |
24550 | s,@LIBWRAP@,$LIBWRAP,;t t | 25592 | s,@LIBWRAP@,$LIBWRAP,;t t |
25593 | s,@LIBEDIT@,$LIBEDIT,;t t | ||
24551 | s,@LIBPAM@,$LIBPAM,;t t | 25594 | s,@LIBPAM@,$LIBPAM,;t t |
24552 | s,@INSTALL_SSH_RAND_HELPER@,$INSTALL_SSH_RAND_HELPER,;t t | 25595 | s,@INSTALL_SSH_RAND_HELPER@,$INSTALL_SSH_RAND_HELPER,;t t |
24553 | s,@SSH_PRIVSEP_USER@,$SSH_PRIVSEP_USER,;t t | 25596 | s,@SSH_PRIVSEP_USER@,$SSH_PRIVSEP_USER,;t t |
@@ -25115,6 +26158,7 @@ echo " Smartcard support: $SCARD_MSG" | |||
25115 | echo " S/KEY support: $SKEY_MSG" | 26158 | echo " S/KEY support: $SKEY_MSG" |
25116 | echo " TCP Wrappers support: $TCPW_MSG" | 26159 | echo " TCP Wrappers support: $TCPW_MSG" |
25117 | echo " MD5 password support: $MD5_MSG" | 26160 | echo " MD5 password support: $MD5_MSG" |
26161 | echo " libedit support: $LIBEDIT_MSG" | ||
25118 | echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" | 26162 | echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" |
25119 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" | 26163 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" |
25120 | echo " BSD Auth support: $BSD_AUTH_MSG" | 26164 | echo " BSD Auth support: $BSD_AUTH_MSG" |
@@ -25135,7 +26179,8 @@ echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" | |||
25135 | echo "" | 26179 | echo "" |
25136 | 26180 | ||
25137 | if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then | 26181 | if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then |
25138 | echo "SVR4 style packages are supported with \"make package\"\n" | 26182 | echo "SVR4 style packages are supported with \"make package\"" |
26183 | echo "" | ||
25139 | fi | 26184 | fi |
25140 | 26185 | ||
25141 | if test "x$PAM_MSG" = "xyes" ; then | 26186 | if test "x$PAM_MSG" = "xyes" ; then |
@@ -25164,3 +26209,7 @@ if test ! -z "$NO_PEERCHECK" ; then | |||
25164 | echo "" | 26209 | echo "" |
25165 | fi | 26210 | fi |
25166 | 26211 | ||
26212 | if test "$AUDIT_MODULE" = "bsm" ; then | ||
26213 | echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." | ||
26214 | echo "See the Solaris section in README.platform for details." | ||
26215 | fi | ||
diff --git a/configure.ac b/configure.ac index 36c457728..e48028b7b 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.226 2004/08/16 13:12:06 dtucker Exp $ | 1 | # $Id: configure.ac,v 1.250 2005/03/07 09:21:37 tim Exp $ |
2 | # | 2 | # |
3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
4 | # | 4 | # |
@@ -14,7 +14,7 @@ | |||
14 | # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | 16 | ||
17 | AC_INIT | 17 | AC_INIT(OpenSSH, Portable) |
18 | AC_CONFIG_SRCDIR([ssh.c]) | 18 | AC_CONFIG_SRCDIR([ssh.c]) |
19 | 19 | ||
20 | AC_CONFIG_HEADER(config.h) | 20 | AC_CONFIG_HEADER(config.h) |
@@ -121,8 +121,11 @@ case "$host" in | |||
121 | LIBS="$LIBS -ls" | 121 | LIBS="$LIBS -ls" |
122 | ]) | 122 | ]) |
123 | ]) | 123 | ]) |
124 | dnl Check for various auth function declarations in headers. | ||
125 | AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, | ||
126 | passwdexpired], , , [#include <usersec.h>]) | ||
124 | dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) | 127 | dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) |
125 | AC_CHECK_DECL(loginfailed, | 128 | AC_CHECK_DECLS(loginfailed, |
126 | [AC_MSG_CHECKING(if loginfailed takes 4 arguments) | 129 | [AC_MSG_CHECKING(if loginfailed takes 4 arguments) |
127 | AC_TRY_COMPILE( | 130 | AC_TRY_COMPILE( |
128 | [#include <usersec.h>], | 131 | [#include <usersec.h>], |
@@ -135,7 +138,7 @@ case "$host" in | |||
135 | [#include <usersec.h>] | 138 | [#include <usersec.h>] |
136 | ) | 139 | ) |
137 | AC_CHECK_FUNCS(setauthdb) | 140 | AC_CHECK_FUNCS(setauthdb) |
138 | AC_DEFINE(BROKEN_GETADDRINFO) | 141 | check_for_aix_broken_getaddrinfo=1 |
139 | AC_DEFINE(BROKEN_REALPATH) | 142 | AC_DEFINE(BROKEN_REALPATH) |
140 | AC_DEFINE(SETEUID_BREAKS_SETUID) | 143 | AC_DEFINE(SETEUID_BREAKS_SETUID) |
141 | AC_DEFINE(BROKEN_SETREUID) | 144 | AC_DEFINE(BROKEN_SETREUID) |
@@ -155,7 +158,6 @@ case "$host" in | |||
155 | AC_DEFINE(NO_X11_UNIX_SOCKETS) | 158 | AC_DEFINE(NO_X11_UNIX_SOCKETS) |
156 | AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) | 159 | AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) |
157 | AC_DEFINE(DISABLE_FD_PASSING) | 160 | AC_DEFINE(DISABLE_FD_PASSING) |
158 | AC_DEFINE(SETGROUPS_NOOP) | ||
159 | ;; | 161 | ;; |
160 | *-*-dgux*) | 162 | *-*-dgux*) |
161 | AC_DEFINE(IP_TOS_IS_BROKEN) | 163 | AC_DEFINE(IP_TOS_IS_BROKEN) |
@@ -219,7 +221,9 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) | |||
219 | AC_DEFINE(DISABLE_UTMP) | 221 | AC_DEFINE(DISABLE_UTMP) |
220 | AC_DEFINE(LOCKED_PASSWD_STRING, "*") | 222 | AC_DEFINE(LOCKED_PASSWD_STRING, "*") |
221 | AC_DEFINE(SPT_TYPE,SPT_PSTAT) | 223 | AC_DEFINE(SPT_TYPE,SPT_PSTAT) |
224 | AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) | ||
222 | check_for_hpux_broken_getaddrinfo=1 | 225 | check_for_hpux_broken_getaddrinfo=1 |
226 | check_for_conflicting_getspnam=1 | ||
223 | LIBS="$LIBS -lsec" | 227 | LIBS="$LIBS -lsec" |
224 | AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) | 228 | AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) |
225 | ;; | 229 | ;; |
@@ -255,6 +259,8 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) | |||
255 | AC_DEFINE(LOCKED_PASSWD_PREFIX, "!") | 259 | AC_DEFINE(LOCKED_PASSWD_PREFIX, "!") |
256 | AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) | 260 | AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) |
257 | AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM) | 261 | AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM) |
262 | AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) | ||
263 | AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) | ||
258 | inet6_default_4in6=yes | 264 | inet6_default_4in6=yes |
259 | case `uname -r` in | 265 | case `uname -r` in |
260 | 1.*|2.0.*) | 266 | 1.*|2.0.*) |
@@ -335,6 +341,8 @@ mips-sony-bsd|mips-sony-newsos4) | |||
335 | *-sni-sysv*) | 341 | *-sni-sysv*) |
336 | # /usr/ucblib MUST NOT be searched on ReliantUNIX | 342 | # /usr/ucblib MUST NOT be searched on ReliantUNIX |
337 | AC_CHECK_LIB(dl, dlsym, ,) | 343 | AC_CHECK_LIB(dl, dlsym, ,) |
344 | # -lresolv needs to be at then end of LIBS or DNS lookups break | ||
345 | AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ]) | ||
338 | IPADDR_IN_DISPLAY=yes | 346 | IPADDR_IN_DISPLAY=yes |
339 | AC_DEFINE(USE_PIPES) | 347 | AC_DEFINE(USE_PIPES) |
340 | AC_DEFINE(IP_TOS_IS_BROKEN) | 348 | AC_DEFINE(IP_TOS_IS_BROKEN) |
@@ -347,12 +355,14 @@ mips-sony-bsd|mips-sony-newsos4) | |||
347 | # Attention: always take care to bind libsocket and libnsl before libc, | 355 | # Attention: always take care to bind libsocket and libnsl before libc, |
348 | # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog | 356 | # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog |
349 | ;; | 357 | ;; |
358 | # UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. | ||
350 | *-*-sysv4.2*) | 359 | *-*-sysv4.2*) |
351 | AC_DEFINE(USE_PIPES) | 360 | AC_DEFINE(USE_PIPES) |
352 | AC_DEFINE(SETEUID_BREAKS_SETUID) | 361 | AC_DEFINE(SETEUID_BREAKS_SETUID) |
353 | AC_DEFINE(BROKEN_SETREUID) | 362 | AC_DEFINE(BROKEN_SETREUID) |
354 | AC_DEFINE(BROKEN_SETREGID) | 363 | AC_DEFINE(BROKEN_SETREGID) |
355 | ;; | 364 | ;; |
365 | # UnixWare 7.x, OpenUNIX 8 | ||
356 | *-*-sysv5*) | 366 | *-*-sysv5*) |
357 | AC_DEFINE(USE_PIPES) | 367 | AC_DEFINE(USE_PIPES) |
358 | AC_DEFINE(SETEUID_BREAKS_SETUID) | 368 | AC_DEFINE(SETEUID_BREAKS_SETUID) |
@@ -361,25 +371,11 @@ mips-sony-bsd|mips-sony-newsos4) | |||
361 | ;; | 371 | ;; |
362 | *-*-sysv*) | 372 | *-*-sysv*) |
363 | ;; | 373 | ;; |
374 | # SCO UNIX and OEM versions of SCO UNIX | ||
364 | *-*-sco3.2v4*) | 375 | *-*-sco3.2v4*) |
365 | CPPFLAGS="$CPPFLAGS -Dftruncate=chsize" | 376 | AC_MSG_ERROR("This Platform is no longer supported.") |
366 | LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm" | ||
367 | RANLIB=true | ||
368 | no_dev_ptmx=1 | ||
369 | AC_DEFINE(BROKEN_SYS_TERMIO_H) | ||
370 | AC_DEFINE(USE_PIPES) | ||
371 | AC_DEFINE(HAVE_SECUREWARE) | ||
372 | AC_DEFINE(DISABLE_SHADOW) | ||
373 | AC_DEFINE(BROKEN_SAVED_UIDS) | ||
374 | AC_DEFINE(SETEUID_BREAKS_SETUID) | ||
375 | AC_DEFINE(BROKEN_SETREUID) | ||
376 | AC_DEFINE(BROKEN_SETREGID) | ||
377 | AC_DEFINE(WITH_ABBREV_NO_TTY) | ||
378 | AC_CHECK_FUNCS(getluid setluid) | ||
379 | MANTYPE=man | ||
380 | do_sco3_extra_lib_check=yes | ||
381 | TEST_SHELL=ksh | ||
382 | ;; | 377 | ;; |
378 | # SCO OpenServer 5.x | ||
383 | *-*-sco3.2v5*) | 379 | *-*-sco3.2v5*) |
384 | if test -z "$GCC"; then | 380 | if test -z "$GCC"; then |
385 | CFLAGS="$CFLAGS -belf" | 381 | CFLAGS="$CFLAGS -belf" |
@@ -395,6 +391,7 @@ mips-sony-bsd|mips-sony-newsos4) | |||
395 | AC_DEFINE(BROKEN_SETREGID) | 391 | AC_DEFINE(BROKEN_SETREGID) |
396 | AC_DEFINE(WITH_ABBREV_NO_TTY) | 392 | AC_DEFINE(WITH_ABBREV_NO_TTY) |
397 | AC_DEFINE(BROKEN_UPDWTMPX) | 393 | AC_DEFINE(BROKEN_UPDWTMPX) |
394 | AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) | ||
398 | AC_CHECK_FUNCS(getluid setluid) | 395 | AC_CHECK_FUNCS(getluid setluid) |
399 | MANTYPE=man | 396 | MANTYPE=man |
400 | TEST_SHELL=ksh | 397 | TEST_SHELL=ksh |
@@ -506,15 +503,17 @@ AC_ARG_WITH(libs, | |||
506 | ) | 503 | ) |
507 | 504 | ||
508 | AC_MSG_CHECKING(compiler and flags for sanity) | 505 | AC_MSG_CHECKING(compiler and flags for sanity) |
509 | AC_TRY_RUN([ | 506 | AC_RUN_IFELSE( |
507 | [AC_LANG_SOURCE([ | ||
510 | #include <stdio.h> | 508 | #include <stdio.h> |
511 | int main(){exit(0);} | 509 | int main(){exit(0);} |
512 | ], | 510 | ])], |
513 | [ AC_MSG_RESULT(yes) ], | 511 | [ AC_MSG_RESULT(yes) ], |
514 | [ | 512 | [ |
515 | AC_MSG_RESULT(no) | 513 | AC_MSG_RESULT(no) |
516 | AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) | 514 | AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) |
517 | ] | 515 | ], |
516 | [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] | ||
518 | ) | 517 | ) |
519 | 518 | ||
520 | # Checks for header files. | 519 | # Checks for header files. |
@@ -525,21 +524,21 @@ AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \ | |||
525 | rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ | 524 | rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ |
526 | strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \ | 525 | strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \ |
527 | sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \ | 526 | sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \ |
528 | sys/pstat.h sys/ptms.h sys/select.h sys/stat.h sys/stream.h \ | 527 | sys/pstat.h sys/select.h sys/stat.h sys/stream.h \ |
529 | sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \ | 528 | sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \ |
530 | time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h) | 529 | time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h) |
531 | 530 | ||
531 | # sys/ptms.h requires sys/stream.h to be included first on Solaris | ||
532 | AC_CHECK_HEADERS(sys/ptms.h, [], [], [ | ||
533 | #ifdef HAVE_SYS_STREAM_H | ||
534 | # include <sys/stream.h> | ||
535 | #endif | ||
536 | ]) | ||
537 | |||
532 | # Checks for libraries. | 538 | # Checks for libraries. |
533 | AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) | 539 | AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) |
534 | AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) | 540 | AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) |
535 | 541 | ||
536 | dnl SCO OS3 needs this for libwrap | ||
537 | if test "x$with_tcp_wrappers" != "xno" ; then | ||
538 | if test "x$do_sco3_extra_lib_check" = "xyes" ; then | ||
539 | AC_CHECK_LIB(rpc, innetgr, LIBS="-lrpc -lyp -lrpc $LIBS" , , -lyp -lrpc) | ||
540 | fi | ||
541 | fi | ||
542 | |||
543 | dnl IRIX and Solaris 2.5.1 have dirname() in libgen | 542 | dnl IRIX and Solaris 2.5.1 have dirname() in libgen |
544 | AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ | 543 | AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ |
545 | AC_CHECK_LIB(gen, dirname,[ | 544 | AC_CHECK_LIB(gen, dirname,[ |
@@ -640,7 +639,7 @@ AC_ARG_WITH(zlib-version-check, | |||
640 | ) | 639 | ) |
641 | 640 | ||
642 | AC_MSG_CHECKING(for zlib 1.1.4 or greater) | 641 | AC_MSG_CHECKING(for zlib 1.1.4 or greater) |
643 | AC_TRY_RUN([ | 642 | AC_RUN_IFELSE([AC_LANG_SOURCE([[ |
644 | #include <zlib.h> | 643 | #include <zlib.h> |
645 | int main() | 644 | int main() |
646 | { | 645 | { |
@@ -652,7 +651,7 @@ int main() | |||
652 | exit(0); | 651 | exit(0); |
653 | exit(2); | 652 | exit(2); |
654 | } | 653 | } |
655 | ], | 654 | ]])], |
656 | AC_MSG_RESULT(yes), | 655 | AC_MSG_RESULT(yes), |
657 | [ AC_MSG_RESULT(no) | 656 | [ AC_MSG_RESULT(no) |
658 | if test -z "$zlib_check_nonfatal" ; then | 657 | if test -z "$zlib_check_nonfatal" ; then |
@@ -665,7 +664,8 @@ If you are in doubt, upgrade zlib to version 1.1.4 or greater.]) | |||
665 | else | 664 | else |
666 | AC_MSG_WARN([zlib version may have security problems]) | 665 | AC_MSG_WARN([zlib version may have security problems]) |
667 | fi | 666 | fi |
668 | ] | 667 | ], |
668 | [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] | ||
669 | ) | 669 | ) |
670 | 670 | ||
671 | dnl UnixWare 2.x | 671 | dnl UnixWare 2.x |
@@ -719,16 +719,20 @@ AC_EGREP_CPP(FOUNDIT, | |||
719 | ) | 719 | ) |
720 | 720 | ||
721 | AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) | 721 | AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) |
722 | AC_TRY_RUN( | 722 | AC_RUN_IFELSE( |
723 | [ | 723 | [AC_LANG_SOURCE([[ |
724 | #include <sys/types.h> | 724 | #include <sys/types.h> |
725 | #include <dirent.h> | 725 | #include <dirent.h> |
726 | int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} | 726 | int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} |
727 | ], | 727 | ]])], |
728 | [AC_MSG_RESULT(yes)], | 728 | [AC_MSG_RESULT(yes)], |
729 | [ | 729 | [ |
730 | AC_MSG_RESULT(no) | 730 | AC_MSG_RESULT(no) |
731 | AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) | 731 | AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) |
732 | ], | ||
733 | [ | ||
734 | AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) | ||
735 | AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) | ||
732 | ] | 736 | ] |
733 | ) | 737 | ) |
734 | 738 | ||
@@ -743,8 +747,7 @@ fi | |||
743 | # Check whether user wants S/Key support | 747 | # Check whether user wants S/Key support |
744 | SKEY_MSG="no" | 748 | SKEY_MSG="no" |
745 | AC_ARG_WITH(skey, | 749 | AC_ARG_WITH(skey, |
746 | [ --with-skey[[=PATH]] Enable S/Key support | 750 | [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], |
747 | (optionally in PATH)], | ||
748 | [ | 751 | [ |
749 | if test "x$withval" != "xno" ; then | 752 | if test "x$withval" != "xno" ; then |
750 | 753 | ||
@@ -785,8 +788,7 @@ int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } | |||
785 | # Check whether user wants TCP wrappers support | 788 | # Check whether user wants TCP wrappers support |
786 | TCPW_MSG="no" | 789 | TCPW_MSG="no" |
787 | AC_ARG_WITH(tcp-wrappers, | 790 | AC_ARG_WITH(tcp-wrappers, |
788 | [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support | 791 | [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], |
789 | (optionally in PATH)], | ||
790 | [ | 792 | [ |
791 | if test "x$withval" != "xno" ; then | 793 | if test "x$withval" != "xno" ; then |
792 | saved_LIBS="$LIBS" | 794 | saved_LIBS="$LIBS" |
@@ -839,12 +841,59 @@ AC_ARG_WITH(tcp-wrappers, | |||
839 | ] | 841 | ] |
840 | ) | 842 | ) |
841 | 843 | ||
844 | # Check whether user wants libedit support | ||
845 | LIBEDIT_MSG="no" | ||
846 | AC_ARG_WITH(libedit, | ||
847 | [ --with-libedit[[=PATH]] Enable libedit support for sftp], | ||
848 | [ if test "x$withval" != "xno" ; then | ||
849 | AC_CHECK_LIB(edit, el_init, | ||
850 | [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp]) | ||
851 | LIBEDIT="-ledit -lcurses" | ||
852 | LIBEDIT_MSG="yes" | ||
853 | AC_SUBST(LIBEDIT) | ||
854 | ], | ||
855 | [], [-lcurses] | ||
856 | ) | ||
857 | fi ] | ||
858 | ) | ||
859 | |||
860 | AUDIT_MODULE=none | ||
861 | AC_ARG_WITH(audit, | ||
862 | [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], | ||
863 | [ | ||
864 | AC_MSG_CHECKING(for supported audit module) | ||
865 | case "$withval" in | ||
866 | bsm) | ||
867 | AC_MSG_RESULT(bsm) | ||
868 | AUDIT_MODULE=bsm | ||
869 | dnl Checks for headers, libs and functions | ||
870 | AC_CHECK_HEADERS(bsm/audit.h, [], | ||
871 | [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)]) | ||
872 | AC_CHECK_LIB(bsm, getaudit, [], | ||
873 | [AC_MSG_ERROR(BSM enabled and required library not found)]) | ||
874 | AC_CHECK_FUNCS(getaudit, [], | ||
875 | [AC_MSG_ERROR(BSM enabled and required function not found)]) | ||
876 | # These are optional | ||
877 | AC_CHECK_FUNCS(getaudit_addr) | ||
878 | AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module]) | ||
879 | ;; | ||
880 | debug) | ||
881 | AUDIT_MODULE=debug | ||
882 | AC_MSG_RESULT(debug) | ||
883 | AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module) | ||
884 | ;; | ||
885 | *) | ||
886 | AC_MSG_ERROR([Unknown audit module $withval]) | ||
887 | ;; | ||
888 | esac ] | ||
889 | ) | ||
890 | |||
842 | dnl Checks for library functions. Please keep in alphabetical order | 891 | dnl Checks for library functions. Please keep in alphabetical order |
843 | AC_CHECK_FUNCS(\ | 892 | AC_CHECK_FUNCS(\ |
844 | arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \ | 893 | arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \ |
845 | bindresvport_sa clock closefrom dirfd fchmod fchown freeaddrinfo \ | 894 | bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \ |
846 | futimes getaddrinfo getcwd getgrouplist getnameinfo getopt \ | 895 | freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \ |
847 | getpeereid _getpty getrlimit getttyent glob inet_aton \ | 896 | getopt getpeereid _getpty getrlimit getttyent glob inet_aton \ |
848 | inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ | 897 | inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ |
849 | mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ | 898 | mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ |
850 | pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \ | 899 | pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \ |
@@ -888,28 +937,32 @@ AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) | |||
888 | AC_CHECK_FUNCS(setresuid, [ | 937 | AC_CHECK_FUNCS(setresuid, [ |
889 | dnl Some platorms have setresuid that isn't implemented, test for this | 938 | dnl Some platorms have setresuid that isn't implemented, test for this |
890 | AC_MSG_CHECKING(if setresuid seems to work) | 939 | AC_MSG_CHECKING(if setresuid seems to work) |
891 | AC_TRY_RUN([ | 940 | AC_RUN_IFELSE( |
941 | [AC_LANG_SOURCE([[ | ||
892 | #include <stdlib.h> | 942 | #include <stdlib.h> |
893 | #include <errno.h> | 943 | #include <errno.h> |
894 | int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} | 944 | int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} |
895 | ], | 945 | ]])], |
896 | [AC_MSG_RESULT(yes)], | 946 | [AC_MSG_RESULT(yes)], |
897 | [AC_DEFINE(BROKEN_SETRESUID) | 947 | [AC_DEFINE(BROKEN_SETRESUID) |
898 | AC_MSG_RESULT(not implemented)] | 948 | AC_MSG_RESULT(not implemented)], |
949 | [AC_MSG_WARN([cross compiling: not checking setresuid])] | ||
899 | ) | 950 | ) |
900 | ]) | 951 | ]) |
901 | 952 | ||
902 | AC_CHECK_FUNCS(setresgid, [ | 953 | AC_CHECK_FUNCS(setresgid, [ |
903 | dnl Some platorms have setresgid that isn't implemented, test for this | 954 | dnl Some platorms have setresgid that isn't implemented, test for this |
904 | AC_MSG_CHECKING(if setresgid seems to work) | 955 | AC_MSG_CHECKING(if setresgid seems to work) |
905 | AC_TRY_RUN([ | 956 | AC_RUN_IFELSE( |
957 | [AC_LANG_SOURCE([[ | ||
906 | #include <stdlib.h> | 958 | #include <stdlib.h> |
907 | #include <errno.h> | 959 | #include <errno.h> |
908 | int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} | 960 | int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} |
909 | ], | 961 | ]])], |
910 | [AC_MSG_RESULT(yes)], | 962 | [AC_MSG_RESULT(yes)], |
911 | [AC_DEFINE(BROKEN_SETRESGID) | 963 | [AC_DEFINE(BROKEN_SETRESGID) |
912 | AC_MSG_RESULT(not implemented)] | 964 | AC_MSG_RESULT(not implemented)], |
965 | [AC_MSG_WARN([cross compiling: not checking setresuid])] | ||
913 | ) | 966 | ) |
914 | ]) | 967 | ]) |
915 | 968 | ||
@@ -935,17 +988,18 @@ AC_CHECK_FUNC(getpagesize, | |||
935 | # Check for broken snprintf | 988 | # Check for broken snprintf |
936 | if test "x$ac_cv_func_snprintf" = "xyes" ; then | 989 | if test "x$ac_cv_func_snprintf" = "xyes" ; then |
937 | AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) | 990 | AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) |
938 | AC_TRY_RUN( | 991 | AC_RUN_IFELSE( |
939 | [ | 992 | [AC_LANG_SOURCE([[ |
940 | #include <stdio.h> | 993 | #include <stdio.h> |
941 | int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} | 994 | int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} |
942 | ], | 995 | ]])], |
943 | [AC_MSG_RESULT(yes)], | 996 | [AC_MSG_RESULT(yes)], |
944 | [ | 997 | [ |
945 | AC_MSG_RESULT(no) | 998 | AC_MSG_RESULT(no) |
946 | AC_DEFINE(BROKEN_SNPRINTF) | 999 | AC_DEFINE(BROKEN_SNPRINTF) |
947 | AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) | 1000 | AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) |
948 | ] | 1001 | ], |
1002 | [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] | ||
949 | ) | 1003 | ) |
950 | fi | 1004 | fi |
951 | 1005 | ||
@@ -1104,6 +1158,82 @@ main(void) | |||
1104 | ) | 1158 | ) |
1105 | fi | 1159 | fi |
1106 | 1160 | ||
1161 | if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_aix_broken_getaddrinfo" = "x1"; then | ||
1162 | AC_MSG_CHECKING(if getaddrinfo seems to work) | ||
1163 | AC_TRY_RUN( | ||
1164 | [ | ||
1165 | #include <stdio.h> | ||
1166 | #include <sys/socket.h> | ||
1167 | #include <netdb.h> | ||
1168 | #include <errno.h> | ||
1169 | #include <netinet/in.h> | ||
1170 | |||
1171 | #define TEST_PORT "2222" | ||
1172 | |||
1173 | int | ||
1174 | main(void) | ||
1175 | { | ||
1176 | int err, sock; | ||
1177 | struct addrinfo *gai_ai, *ai, hints; | ||
1178 | char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; | ||
1179 | |||
1180 | memset(&hints, 0, sizeof(hints)); | ||
1181 | hints.ai_family = PF_UNSPEC; | ||
1182 | hints.ai_socktype = SOCK_STREAM; | ||
1183 | hints.ai_flags = AI_PASSIVE; | ||
1184 | |||
1185 | err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); | ||
1186 | if (err != 0) { | ||
1187 | fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); | ||
1188 | exit(1); | ||
1189 | } | ||
1190 | |||
1191 | for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { | ||
1192 | if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) | ||
1193 | continue; | ||
1194 | |||
1195 | err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, | ||
1196 | sizeof(ntop), strport, sizeof(strport), | ||
1197 | NI_NUMERICHOST|NI_NUMERICSERV); | ||
1198 | |||
1199 | if (ai->ai_family == AF_INET && err != 0) { | ||
1200 | perror("getnameinfo"); | ||
1201 | exit(2); | ||
1202 | } | ||
1203 | } | ||
1204 | exit(0); | ||
1205 | } | ||
1206 | ], | ||
1207 | [ | ||
1208 | AC_MSG_RESULT(yes) | ||
1209 | AC_DEFINE(AIX_GETNAMEINFO_HACK, [], | ||
1210 | [Define if you have a getaddrinfo that fails for the all-zeros IPv6 address]) | ||
1211 | ], | ||
1212 | [ | ||
1213 | AC_MSG_RESULT(no) | ||
1214 | AC_DEFINE(BROKEN_GETADDRINFO) | ||
1215 | ] | ||
1216 | ) | ||
1217 | fi | ||
1218 | |||
1219 | if test "x$check_for_conflicting_getspnam" = "x1"; then | ||
1220 | AC_MSG_CHECKING(for conflicting getspnam in shadow.h) | ||
1221 | AC_COMPILE_IFELSE( | ||
1222 | [ | ||
1223 | #include <shadow.h> | ||
1224 | int main(void) {exit(0);} | ||
1225 | ], | ||
1226 | [ | ||
1227 | AC_MSG_RESULT(no) | ||
1228 | ], | ||
1229 | [ | ||
1230 | AC_MSG_RESULT(yes) | ||
1231 | AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, | ||
1232 | [Conflicting defs for getspnam]) | ||
1233 | ] | ||
1234 | ) | ||
1235 | fi | ||
1236 | |||
1107 | AC_FUNC_GETPGRP | 1237 | AC_FUNC_GETPGRP |
1108 | 1238 | ||
1109 | # Check for PAM libs | 1239 | # Check for PAM libs |
@@ -1165,6 +1295,10 @@ AC_ARG_WITH(ssl-dir, | |||
1165 | [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], | 1295 | [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], |
1166 | [ | 1296 | [ |
1167 | if test "x$withval" != "xno" ; then | 1297 | if test "x$withval" != "xno" ; then |
1298 | case "$withval" in | ||
1299 | # Relative paths | ||
1300 | ./*|../*) withval="`pwd`/$withval" | ||
1301 | esac | ||
1168 | if test -d "$withval/lib"; then | 1302 | if test -d "$withval/lib"; then |
1169 | if test -n "${need_dash_r}"; then | 1303 | if test -n "${need_dash_r}"; then |
1170 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" | 1304 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" |
@@ -1206,8 +1340,8 @@ AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), | |||
1206 | 1340 | ||
1207 | # Determine OpenSSL header version | 1341 | # Determine OpenSSL header version |
1208 | AC_MSG_CHECKING([OpenSSL header version]) | 1342 | AC_MSG_CHECKING([OpenSSL header version]) |
1209 | AC_TRY_RUN( | 1343 | AC_RUN_IFELSE( |
1210 | [ | 1344 | [AC_LANG_SOURCE([[ |
1211 | #include <stdio.h> | 1345 | #include <stdio.h> |
1212 | #include <string.h> | 1346 | #include <string.h> |
1213 | #include <openssl/opensslv.h> | 1347 | #include <openssl/opensslv.h> |
@@ -1225,7 +1359,7 @@ int main(void) { | |||
1225 | 1359 | ||
1226 | exit(0); | 1360 | exit(0); |
1227 | } | 1361 | } |
1228 | ], | 1362 | ]])], |
1229 | [ | 1363 | [ |
1230 | ssl_header_ver=`cat conftest.sslincver` | 1364 | ssl_header_ver=`cat conftest.sslincver` |
1231 | AC_MSG_RESULT($ssl_header_ver) | 1365 | AC_MSG_RESULT($ssl_header_ver) |
@@ -1233,13 +1367,16 @@ int main(void) { | |||
1233 | [ | 1367 | [ |
1234 | AC_MSG_RESULT(not found) | 1368 | AC_MSG_RESULT(not found) |
1235 | AC_MSG_ERROR(OpenSSL version header not found.) | 1369 | AC_MSG_ERROR(OpenSSL version header not found.) |
1370 | ], | ||
1371 | [ | ||
1372 | AC_MSG_WARN([cross compiling: not checking]) | ||
1236 | ] | 1373 | ] |
1237 | ) | 1374 | ) |
1238 | 1375 | ||
1239 | # Determine OpenSSL library version | 1376 | # Determine OpenSSL library version |
1240 | AC_MSG_CHECKING([OpenSSL library version]) | 1377 | AC_MSG_CHECKING([OpenSSL library version]) |
1241 | AC_TRY_RUN( | 1378 | AC_RUN_IFELSE( |
1242 | [ | 1379 | [AC_LANG_SOURCE([[ |
1243 | #include <stdio.h> | 1380 | #include <stdio.h> |
1244 | #include <string.h> | 1381 | #include <string.h> |
1245 | #include <openssl/opensslv.h> | 1382 | #include <openssl/opensslv.h> |
@@ -1258,7 +1395,7 @@ int main(void) { | |||
1258 | 1395 | ||
1259 | exit(0); | 1396 | exit(0); |
1260 | } | 1397 | } |
1261 | ], | 1398 | ]])], |
1262 | [ | 1399 | [ |
1263 | ssl_library_ver=`cat conftest.ssllibver` | 1400 | ssl_library_ver=`cat conftest.ssllibver` |
1264 | AC_MSG_RESULT($ssl_library_ver) | 1401 | AC_MSG_RESULT($ssl_library_ver) |
@@ -1266,17 +1403,20 @@ int main(void) { | |||
1266 | [ | 1403 | [ |
1267 | AC_MSG_RESULT(not found) | 1404 | AC_MSG_RESULT(not found) |
1268 | AC_MSG_ERROR(OpenSSL library not found.) | 1405 | AC_MSG_ERROR(OpenSSL library not found.) |
1406 | ], | ||
1407 | [ | ||
1408 | AC_MSG_WARN([cross compiling: not checking]) | ||
1269 | ] | 1409 | ] |
1270 | ) | 1410 | ) |
1271 | 1411 | ||
1272 | # Sanity check OpenSSL headers | 1412 | # Sanity check OpenSSL headers |
1273 | AC_MSG_CHECKING([whether OpenSSL's headers match the library]) | 1413 | AC_MSG_CHECKING([whether OpenSSL's headers match the library]) |
1274 | AC_TRY_RUN( | 1414 | AC_RUN_IFELSE( |
1275 | [ | 1415 | [AC_LANG_SOURCE([[ |
1276 | #include <string.h> | 1416 | #include <string.h> |
1277 | #include <openssl/opensslv.h> | 1417 | #include <openssl/opensslv.h> |
1278 | int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } | 1418 | int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } |
1279 | ], | 1419 | ]])], |
1280 | [ | 1420 | [ |
1281 | AC_MSG_RESULT(yes) | 1421 | AC_MSG_RESULT(yes) |
1282 | ], | 1422 | ], |
@@ -1285,6 +1425,9 @@ int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } | |||
1285 | AC_MSG_ERROR([Your OpenSSL headers do not match your library. | 1425 | AC_MSG_ERROR([Your OpenSSL headers do not match your library. |
1286 | Check config.log for details. | 1426 | Check config.log for details. |
1287 | Also see contrib/findssl.sh for help identifying header/library mismatches.]) | 1427 | Also see contrib/findssl.sh for help identifying header/library mismatches.]) |
1428 | ], | ||
1429 | [ | ||
1430 | AC_MSG_WARN([cross compiling: not checking]) | ||
1288 | ] | 1431 | ] |
1289 | ) | 1432 | ) |
1290 | 1433 | ||
@@ -1305,12 +1448,12 @@ fi | |||
1305 | 1448 | ||
1306 | # Check wheter OpenSSL seeds itself | 1449 | # Check wheter OpenSSL seeds itself |
1307 | AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) | 1450 | AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) |
1308 | AC_TRY_RUN( | 1451 | AC_RUN_IFELSE( |
1309 | [ | 1452 | [AC_LANG_SOURCE([[ |
1310 | #include <string.h> | 1453 | #include <string.h> |
1311 | #include <openssl/rand.h> | 1454 | #include <openssl/rand.h> |
1312 | int main(void) { exit(RAND_status() == 1 ? 0 : 1); } | 1455 | int main(void) { exit(RAND_status() == 1 ? 0 : 1); } |
1313 | ], | 1456 | ]])], |
1314 | [ | 1457 | [ |
1315 | OPENSSL_SEEDS_ITSELF=yes | 1458 | OPENSSL_SEEDS_ITSELF=yes |
1316 | AC_MSG_RESULT(yes) | 1459 | AC_MSG_RESULT(yes) |
@@ -1320,6 +1463,12 @@ int main(void) { exit(RAND_status() == 1 ? 0 : 1); } | |||
1320 | # Default to use of the rand helper if OpenSSL doesn't | 1463 | # Default to use of the rand helper if OpenSSL doesn't |
1321 | # seed itself | 1464 | # seed itself |
1322 | USE_RAND_HELPER=yes | 1465 | USE_RAND_HELPER=yes |
1466 | ], | ||
1467 | [ | ||
1468 | AC_MSG_WARN([cross compiling: assuming yes]) | ||
1469 | # This is safe, since all recent OpenSSL versions will | ||
1470 | # complain at runtime if not seeded correctly. | ||
1471 | OPENSSL_SEEDS_ITSELF=yes | ||
1323 | ] | 1472 | ] |
1324 | ) | 1473 | ) |
1325 | 1474 | ||
@@ -1704,6 +1853,10 @@ TYPE_SOCKLEN_T | |||
1704 | 1853 | ||
1705 | AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) | 1854 | AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) |
1706 | 1855 | ||
1856 | AC_CHECK_TYPES(in_addr_t,,, | ||
1857 | [#include <sys/types.h> | ||
1858 | #include <netinet/in.h>]) | ||
1859 | |||
1707 | AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ | 1860 | AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ |
1708 | AC_TRY_COMPILE( | 1861 | AC_TRY_COMPILE( |
1709 | [ | 1862 | [ |
@@ -1886,8 +2039,8 @@ if test "x$ac_cv_have_int64_t" = "xno" -a \ | |||
1886 | exit 1; | 2039 | exit 1; |
1887 | else | 2040 | else |
1888 | dnl test snprintf (broken on SCO w/gcc) | 2041 | dnl test snprintf (broken on SCO w/gcc) |
1889 | AC_TRY_RUN( | 2042 | AC_RUN_IFELSE( |
1890 | [ | 2043 | [AC_LANG_SOURCE([[ |
1891 | #include <stdio.h> | 2044 | #include <stdio.h> |
1892 | #include <string.h> | 2045 | #include <string.h> |
1893 | #ifdef HAVE_SNPRINTF | 2046 | #ifdef HAVE_SNPRINTF |
@@ -1910,7 +2063,8 @@ main() | |||
1910 | #else | 2063 | #else |
1911 | main() { exit(0); } | 2064 | main() { exit(0); } |
1912 | #endif | 2065 | #endif |
1913 | ], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ] | 2066 | ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], |
2067 | AC_MSG_WARN([cross compiling: Assuming working snprintf()]) | ||
1914 | ) | 2068 | ) |
1915 | fi | 2069 | fi |
1916 | 2070 | ||
@@ -2015,13 +2169,14 @@ fi | |||
2015 | dnl make sure we're using the real structure members and not defines | 2169 | dnl make sure we're using the real structure members and not defines |
2016 | AC_CACHE_CHECK([for msg_accrights field in struct msghdr], | 2170 | AC_CACHE_CHECK([for msg_accrights field in struct msghdr], |
2017 | ac_cv_have_accrights_in_msghdr, [ | 2171 | ac_cv_have_accrights_in_msghdr, [ |
2018 | AC_TRY_RUN( | 2172 | AC_COMPILE_IFELSE( |
2019 | [ | 2173 | [ |
2020 | #include <sys/types.h> | 2174 | #include <sys/types.h> |
2021 | #include <sys/socket.h> | 2175 | #include <sys/socket.h> |
2022 | #include <sys/uio.h> | 2176 | #include <sys/uio.h> |
2023 | int main() { | 2177 | int main() { |
2024 | #ifdef msg_accrights | 2178 | #ifdef msg_accrights |
2179 | #error "msg_accrights is a macro" | ||
2025 | exit(1); | 2180 | exit(1); |
2026 | #endif | 2181 | #endif |
2027 | struct msghdr m; | 2182 | struct msghdr m; |
@@ -2039,13 +2194,14 @@ fi | |||
2039 | 2194 | ||
2040 | AC_CACHE_CHECK([for msg_control field in struct msghdr], | 2195 | AC_CACHE_CHECK([for msg_control field in struct msghdr], |
2041 | ac_cv_have_control_in_msghdr, [ | 2196 | ac_cv_have_control_in_msghdr, [ |
2042 | AC_TRY_RUN( | 2197 | AC_COMPILE_IFELSE( |
2043 | [ | 2198 | [ |
2044 | #include <sys/types.h> | 2199 | #include <sys/types.h> |
2045 | #include <sys/socket.h> | 2200 | #include <sys/socket.h> |
2046 | #include <sys/uio.h> | 2201 | #include <sys/uio.h> |
2047 | int main() { | 2202 | int main() { |
2048 | #ifdef msg_control | 2203 | #ifdef msg_control |
2204 | #error "msg_control is a macro" | ||
2049 | exit(1); | 2205 | exit(1); |
2050 | #endif | 2206 | #endif |
2051 | struct msghdr m; | 2207 | struct msghdr m; |
@@ -2379,6 +2535,10 @@ if test ! -z "$MAIL" ; then | |||
2379 | AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir") | 2535 | AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir") |
2380 | fi | 2536 | fi |
2381 | 2537 | ||
2538 | if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then | ||
2539 | AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) | ||
2540 | disable_ptmx_check=yes | ||
2541 | fi | ||
2382 | if test -z "$no_dev_ptmx" ; then | 2542 | if test -z "$no_dev_ptmx" ; then |
2383 | if test "x$disable_ptmx_check" != "xyes" ; then | 2543 | if test "x$disable_ptmx_check" != "xyes" ; then |
2384 | AC_CHECK_FILE("/dev/ptmx", | 2544 | AC_CHECK_FILE("/dev/ptmx", |
@@ -2389,12 +2549,17 @@ if test -z "$no_dev_ptmx" ; then | |||
2389 | ) | 2549 | ) |
2390 | fi | 2550 | fi |
2391 | fi | 2551 | fi |
2392 | AC_CHECK_FILE("/dev/ptc", | 2552 | |
2393 | [ | 2553 | if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then |
2394 | AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) | 2554 | AC_CHECK_FILE("/dev/ptc", |
2395 | have_dev_ptc=1 | 2555 | [ |
2396 | ] | 2556 | AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) |
2397 | ) | 2557 | have_dev_ptc=1 |
2558 | ] | ||
2559 | ) | ||
2560 | else | ||
2561 | AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) | ||
2562 | fi | ||
2398 | 2563 | ||
2399 | # Options from here on. Some of these are preset by platform above | 2564 | # Options from here on. Some of these are preset by platform above |
2400 | AC_ARG_WITH(mantype, | 2565 | AC_ARG_WITH(mantype, |
@@ -2490,14 +2655,26 @@ fi | |||
2490 | 2655 | ||
2491 | # check for /etc/default/login and use it if present. | 2656 | # check for /etc/default/login and use it if present. |
2492 | AC_ARG_ENABLE(etc-default-login, | 2657 | AC_ARG_ENABLE(etc-default-login, |
2493 | [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],, | 2658 | [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], |
2494 | [ | 2659 | [ if test "x$enableval" = "xno"; then |
2495 | AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ]) | 2660 | AC_MSG_NOTICE([/etc/default/login handling disabled]) |
2661 | etc_default_login=no | ||
2662 | else | ||
2663 | etc_default_login=yes | ||
2664 | fi ], | ||
2665 | [ etc_default_login=yes ] | ||
2666 | ) | ||
2496 | 2667 | ||
2497 | if test "x$external_path_file" = "x/etc/default/login"; then | 2668 | if test "x$etc_default_login" != "xno"; then |
2498 | AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) | 2669 | AC_CHECK_FILE("/etc/default/login", |
2670 | [ external_path_file=/etc/default/login ]) | ||
2671 | if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; | ||
2672 | then | ||
2673 | AC_MSG_WARN([cross compiling: Disabling /etc/default/login test]) | ||
2674 | elif test "x$external_path_file" = "x/etc/default/login"; then | ||
2675 | AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) | ||
2676 | fi | ||
2499 | fi | 2677 | fi |
2500 | ]) | ||
2501 | 2678 | ||
2502 | dnl BSD systems use /etc/login.conf so --with-default-path= has no effect | 2679 | dnl BSD systems use /etc/login.conf so --with-default-path= has no effect |
2503 | if test $ac_cv_func_login_getcapbool = "yes" -a \ | 2680 | if test $ac_cv_func_login_getcapbool = "yes" -a \ |
@@ -2931,7 +3108,8 @@ if test "$ac_cv_lib_pam_pam_set_item" = yes ; then | |||
2931 | fi | 3108 | fi |
2932 | 3109 | ||
2933 | AC_EXEEXT | 3110 | AC_EXEEXT |
2934 | AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile scard/Makefile ssh_prng_cmds]) | 3111 | AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \ |
3112 | scard/Makefile ssh_prng_cmds survey.sh]) | ||
2935 | AC_OUTPUT | 3113 | AC_OUTPUT |
2936 | 3114 | ||
2937 | # Print summary of options | 3115 | # Print summary of options |
@@ -2977,6 +3155,7 @@ echo " Smartcard support: $SCARD_MSG" | |||
2977 | echo " S/KEY support: $SKEY_MSG" | 3155 | echo " S/KEY support: $SKEY_MSG" |
2978 | echo " TCP Wrappers support: $TCPW_MSG" | 3156 | echo " TCP Wrappers support: $TCPW_MSG" |
2979 | echo " MD5 password support: $MD5_MSG" | 3157 | echo " MD5 password support: $MD5_MSG" |
3158 | echo " libedit support: $LIBEDIT_MSG" | ||
2980 | echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" | 3159 | echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" |
2981 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" | 3160 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" |
2982 | echo " BSD Auth support: $BSD_AUTH_MSG" | 3161 | echo " BSD Auth support: $BSD_AUTH_MSG" |
@@ -2997,7 +3176,8 @@ echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" | |||
2997 | echo "" | 3176 | echo "" |
2998 | 3177 | ||
2999 | if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then | 3178 | if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then |
3000 | echo "SVR4 style packages are supported with \"make package\"\n" | 3179 | echo "SVR4 style packages are supported with \"make package\"" |
3180 | echo "" | ||
3001 | fi | 3181 | fi |
3002 | 3182 | ||
3003 | if test "x$PAM_MSG" = "xyes" ; then | 3183 | if test "x$PAM_MSG" = "xyes" ; then |
@@ -3026,3 +3206,7 @@ if test ! -z "$NO_PEERCHECK" ; then | |||
3026 | echo "" | 3206 | echo "" |
3027 | fi | 3207 | fi |
3028 | 3208 | ||
3209 | if test "$AUDIT_MODULE" = "bsm" ; then | ||
3210 | echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." | ||
3211 | echo "See the Solaris section in README.platform for details." | ||
3212 | fi | ||
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec index 53b16455e..67d8e6ff4 100644 --- a/contrib/caldera/openssh.spec +++ b/contrib/caldera/openssh.spec | |||
@@ -17,7 +17,7 @@ | |||
17 | #old cvs stuff. please update before use. may be deprecated. | 17 | #old cvs stuff. please update before use. may be deprecated. |
18 | %define use_stable 1 | 18 | %define use_stable 1 |
19 | %if %{use_stable} | 19 | %if %{use_stable} |
20 | %define version 3.9p1 | 20 | %define version 4.0p1 |
21 | %define cvs %{nil} | 21 | %define cvs %{nil} |
22 | %define release 1 | 22 | %define release 1 |
23 | %else | 23 | %else |
@@ -363,4 +363,4 @@ fi | |||
363 | * Mon Jan 01 1998 ... | 363 | * Mon Jan 01 1998 ... |
364 | Template Version: 1.31 | 364 | Template Version: 1.31 |
365 | 365 | ||
366 | $Id: openssh.spec,v 1.51 2004/08/17 12:49:12 djm Exp $ | 366 | $Id: openssh.spec,v 1.52 2005/03/09 00:02:42 djm Exp $ |
diff --git a/contrib/cygwin/README b/contrib/cygwin/README index 5a9b1ce0c..3dd45014a 100644 --- a/contrib/cygwin/README +++ b/contrib/cygwin/README | |||
@@ -195,28 +195,37 @@ configure are used for the Cygwin binary distribution: | |||
195 | 195 | ||
196 | --prefix=/usr \ | 196 | --prefix=/usr \ |
197 | --sysconfdir=/etc \ | 197 | --sysconfdir=/etc \ |
198 | --libexecdir='$(sbindir)' \ | 198 | --libexecdir='${sbindir}' \ |
199 | --localstatedir=/var \ | 199 | --localstatedir=/var \ |
200 | --datadir='$(prefix)/share' \ | 200 | --datadir='${prefix}/share' \ |
201 | --mandir='$(datadir)/man' \ | 201 | --mandir='${datadir}/man' \ |
202 | --infodir='${datadir}/info' | ||
202 | --with-tcp-wrappers | 203 | --with-tcp-wrappers |
203 | 204 | ||
204 | If you want to create a Cygwin package, equivalent to the one | 205 | If you want to create a Cygwin package, equivalent to the one |
205 | in the Cygwin binary distribution, install like this: | 206 | in the Cygwin binary distribution, install like this: |
206 | 207 | ||
207 | mkdir /tmp/cygwin-ssh | 208 | mkdir /tmp/cygwin-ssh |
208 | cd $(builddir) | 209 | cd ${builddir} |
209 | make install DESTDIR=/tmp/cygwin-ssh | 210 | make install DESTDIR=/tmp/cygwin-ssh |
210 | cd $(srcdir)/contrib/cygwin | 211 | cd ${srcdir}/contrib/cygwin |
211 | make cygwin-postinstall DESTDIR=/tmp/cygwin-ssh | 212 | make cygwin-postinstall DESTDIR=/tmp/cygwin-ssh |
212 | cd /tmp/cygwin-ssh | 213 | cd /tmp/cygwin-ssh |
213 | find * \! -type d | tar cvjfT my-openssh.tar.bz2 - | 214 | find * \! -type d | tar cvjfT my-openssh.tar.bz2 - |
214 | 215 | ||
215 | You must have installed the zlib, the openssl-devel and the minires-devel | 216 | You must have installed the following packages to be able to build OpenSSH: |
216 | packages to be able to build OpenSSH! | 217 | |
218 | - zlib | ||
219 | - openssl-devel | ||
220 | - minires-devel | ||
221 | |||
222 | If you want to build with --with-tcp-wrappers, you also need the package | ||
223 | |||
224 | - tcp_wrappers | ||
217 | 225 | ||
218 | Please send requests, error reports etc. to cygwin@cygwin.com. | 226 | Please send requests, error reports etc. to cygwin@cygwin.com. |
219 | 227 | ||
228 | |||
220 | Have fun, | 229 | Have fun, |
221 | 230 | ||
222 | Corinna Vinschen | 231 | Corinna Vinschen |
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 9c0dabf41..c7164f610 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config | |||
@@ -449,7 +449,7 @@ then | |||
449 | echo "Should this script create a new local account 'sshd_server' which has" | 449 | echo "Should this script create a new local account 'sshd_server' which has" |
450 | if request "the required privileges?" | 450 | if request "the required privileges?" |
451 | then | 451 | then |
452 | _admingroup=`awk -F: '{if ( $2 == "S-1-5-32-544" ) print $1;}' ${SYSCONFDIR}/group` | 452 | _admingroup=`awk -F: '{if ( $1 != "root" && $2 == "S-1-5-32-544" ) print $1;}' ${SYSCONFDIR}/group` |
453 | if [ -z "${_admingroup}" ] | 453 | if [ -z "${_admingroup}" ] |
454 | then | 454 | then |
455 | echo "There's no group with SID S-1-5-32-544 (Local administrators group) in" | 455 | echo "There's no group with SID S-1-5-32-544 (Local administrators group) in" |
diff --git a/contrib/findssl.sh b/contrib/findssl.sh index 0c08d4a18..716abced5 100644 --- a/contrib/findssl.sh +++ b/contrib/findssl.sh | |||
@@ -1,5 +1,7 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # | 2 | # |
3 | # $Id: findssl.sh,v 1.3 2004/12/13 07:08:33 dtucker Exp $ | ||
4 | # | ||
3 | # findssl.sh | 5 | # findssl.sh |
4 | # Search for all instances of OpenSSL headers and libraries | 6 | # Search for all instances of OpenSSL headers and libraries |
5 | # and print their versions. | 7 | # and print their versions. |
@@ -9,10 +11,11 @@ | |||
9 | # Written by Darren Tucker (dtucker at zip dot com dot au) | 11 | # Written by Darren Tucker (dtucker at zip dot com dot au) |
10 | # This file is placed in the public domain. | 12 | # This file is placed in the public domain. |
11 | # | 13 | # |
12 | # $Id: findssl.sh,v 1.2 2003/11/21 12:48:56 djm Exp $ | 14 | # Release history: |
13 | # 2002-07-27: Initial release. | 15 | # 2002-07-27: Initial release. |
14 | # 2002-08-04: Added public domain notice. | 16 | # 2002-08-04: Added public domain notice. |
15 | # 2003-06-24: Incorporated readme, set library paths. First cvs version. | 17 | # 2003-06-24: Incorporated readme, set library paths. First cvs version. |
18 | # 2004-12-13: Add traps to cleanup temp files, from Amarendra Godbole. | ||
16 | # | 19 | # |
17 | # "OpenSSL headers do not match your library" are usually caused by | 20 | # "OpenSSL headers do not match your library" are usually caused by |
18 | # OpenSSH's configure picking up an older version of OpenSSL headers | 21 | # OpenSSH's configure picking up an older version of OpenSSL headers |
@@ -64,6 +67,11 @@ CC=gcc | |||
64 | STATIC=-static | 67 | STATIC=-static |
65 | 68 | ||
66 | # | 69 | # |
70 | # Cleanup on interrupt | ||
71 | # | ||
72 | trap 'rm -f conftest.c' INT HUP TERM | ||
73 | |||
74 | # | ||
67 | # Set up conftest C source | 75 | # Set up conftest C source |
68 | # | 76 | # |
69 | rm -f findssl.log | 77 | rm -f findssl.log |
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index f8a91f2c2..8fbc4c02a 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec | |||
@@ -1,4 +1,4 @@ | |||
1 | %define ver 3.9p1 | 1 | %define ver 4.0p1 |
2 | %define rel 1 | 2 | %define rel 1 |
3 | 3 | ||
4 | # OpenSSH privilege separation requires a user & group ID | 4 | # OpenSSH privilege separation requires a user & group ID |
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 3f4a0189b..449613db6 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec | |||
@@ -1,6 +1,6 @@ | |||
1 | Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation | 1 | Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation |
2 | Name: openssh | 2 | Name: openssh |
3 | Version: 3.9p1 | 3 | Version: 4.0p1 |
4 | URL: http://www.openssh.com/ | 4 | URL: http://www.openssh.com/ |
5 | Release: 1 | 5 | Release: 1 |
6 | Source0: openssh-%{version}.tar.gz | 6 | Source0: openssh-%{version}.tar.gz |
diff --git a/debian/changelog b/debian/changelog index 754a70287..ecef13b50 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,5 +1,6 @@ | |||
1 | openssh (1:3.9p1-4) UNRELEASED; urgency=low | 1 | openssh (1:4.0p1-1) UNRELEASED; urgency=low |
2 | 2 | ||
3 | * New upstream release. | ||
3 | * Make gnome-ssh-askpass stay above other windows (thanks, Liyang HU; | 4 | * Make gnome-ssh-askpass stay above other windows (thanks, Liyang HU; |
4 | closes: #296487). | 5 | closes: #296487). |
5 | * Remove obsolete and unnecessary ssh/forward_warning debconf note. | 6 | * Remove obsolete and unnecessary ssh/forward_warning debconf note. |
diff --git a/debian/rules b/debian/rules index bcb28f87f..6a3f31420 100755 --- a/debian/rules +++ b/debian/rules | |||
@@ -50,7 +50,7 @@ FORCE_LIBS = LIBS=-lresolv | |||
50 | endif | 50 | endif |
51 | 51 | ||
52 | # Change the version string to include the Debian version | 52 | # Change the version string to include the Debian version |
53 | SSH_VERSION := $(shell sed -e '/define/!d; s/.*\"\(.*\)\".*/\1/; q' <version.h) Debian-$(shell dpkg-parsechangelog | sed -n -e '/^Version:/s/Version: //p' | sed -e 's/[^-]*-//') | 53 | SSH_EXTRAVERSION := Debian-$(shell dpkg-parsechangelog | sed -n -e '/^Version:/s/Version: //p' | sed -e 's/[^-]*-//') |
54 | 54 | ||
55 | build: build-deb build-udeb | 55 | build: build-deb build-udeb |
56 | 56 | ||
@@ -65,7 +65,7 @@ build-deb-stamp: | |||
65 | # Supply pthread linkage for just those binaries linked to PAM. | 65 | # Supply pthread linkage for just those binaries linked to PAM. |
66 | perl -pi -e 's/^(LIBPAM=.*)/$$1 -pthread/' build-deb/Makefile | 66 | perl -pi -e 's/^(LIBPAM=.*)/$$1 -pthread/' build-deb/Makefile |
67 | 67 | ||
68 | $(MAKE) -C build-deb -j 2 ASKPASS_PROGRAM='/usr/bin/ssh-askpass' CFLAGS='$(OPTFLAGS) -g -Wall -DUSE_POSIX_THREADS -DLOGIN_PROGRAM=\"/bin/login\" -DLOGIN_NO_ENDOPT -DSSHD_PAM_SERVICE=\"ssh\" -DSSH_VERSION="\"$(SSH_VERSION)\""' SSH_KEYSIGN='/usr/lib/ssh-keysign' | 68 | $(MAKE) -C build-deb -j 2 ASKPASS_PROGRAM='/usr/bin/ssh-askpass' CFLAGS='$(OPTFLAGS) -g -Wall -DUSE_POSIX_THREADS -DLOGIN_PROGRAM=\"/bin/login\" -DLOGIN_NO_ENDOPT -DSSHD_PAM_SERVICE=\"ssh\" -DSSH_EXTRAVERSION="\" $(SSH_EXTRAVERSION)\""' SSH_KEYSIGN='/usr/lib/ssh-keysign' |
69 | # Support building on Debian 3.0 (with GNOME 1.4) and later. | 69 | # Support building on Debian 3.0 (with GNOME 1.4) and later. |
70 | if [ -f /usr/include/libgnomeui-2.0/gnome.h ]; then \ | 70 | if [ -f /usr/include/libgnomeui-2.0/gnome.h ]; then \ |
71 | $(MAKE) -C contrib gnome-ssh-askpass2 CC='gcc $(OPTFLAGS) -g -Wall'; \ | 71 | $(MAKE) -C contrib gnome-ssh-askpass2 CC='gcc $(OPTFLAGS) -g -Wall'; \ |
@@ -83,7 +83,7 @@ build-udeb-stamp: | |||
83 | # Avoid libnsl linkage. Ugh. | 83 | # Avoid libnsl linkage. Ugh. |
84 | perl -pi -e 's/ +-lnsl//' build-udeb/config.status | 84 | perl -pi -e 's/ +-lnsl//' build-udeb/config.status |
85 | cd build-udeb && ./config.status | 85 | cd build-udeb && ./config.status |
86 | $(MAKE) -C build-udeb -j 2 ASKPASS_PROGRAM='/usr/bin/ssh-askpass' CFLAGS='-Os -g -Wall -DSSH_VERSION="\"$(SSH_VERSION)\""' SSH_KEYSIGN='/usr/lib/ssh-keysign' ssh scp sftp sshd ssh-keygen | 86 | $(MAKE) -C build-udeb -j 2 ASKPASS_PROGRAM='/usr/bin/ssh-askpass' CFLAGS='-Os -g -Wall -DSSH_EXTRAVERSION="\" $(SSH_EXTRAVERSION)\""' SSH_KEYSIGN='/usr/lib/ssh-keysign' ssh scp sftp sshd ssh-keygen |
87 | touch build-udeb-stamp | 87 | touch build-udeb-stamp |
88 | 88 | ||
89 | clean: | 89 | clean: |
@@ -25,7 +25,7 @@ | |||
25 | #ifndef _DEFINES_H | 25 | #ifndef _DEFINES_H |
26 | #define _DEFINES_H | 26 | #define _DEFINES_H |
27 | 27 | ||
28 | /* $Id: defines.h,v 1.117 2004/06/22 03:27:16 dtucker Exp $ */ | 28 | /* $Id: defines.h,v 1.119 2005/02/20 10:01:49 dtucker Exp $ */ |
29 | 29 | ||
30 | 30 | ||
31 | /* Constants */ | 31 | /* Constants */ |
@@ -288,6 +288,10 @@ struct sockaddr_un { | |||
288 | }; | 288 | }; |
289 | #endif /* HAVE_SYS_UN_H */ | 289 | #endif /* HAVE_SYS_UN_H */ |
290 | 290 | ||
291 | #ifndef HAVE_IN_ADDR_T | ||
292 | typedef u_int32_t in_addr_t; | ||
293 | #endif | ||
294 | |||
291 | #if defined(BROKEN_SYS_TERMIO_H) && !defined(_STRUCT_WINSIZE) | 295 | #if defined(BROKEN_SYS_TERMIO_H) && !defined(_STRUCT_WINSIZE) |
292 | #define _STRUCT_WINSIZE | 296 | #define _STRUCT_WINSIZE |
293 | struct winsize { | 297 | struct winsize { |
@@ -530,6 +534,11 @@ struct winsize { | |||
530 | # define getpgrp() getpgrp(0) | 534 | # define getpgrp() getpgrp(0) |
531 | #endif | 535 | #endif |
532 | 536 | ||
537 | #ifdef USE_BSM_AUDIT | ||
538 | # define SSH_AUDIT_EVENTS | ||
539 | # define CUSTOM_SSH_AUDIT_EVENTS | ||
540 | #endif | ||
541 | |||
533 | /* OPENSSL_free() is Free() in versions before OpenSSL 0.9.6 */ | 542 | /* OPENSSL_free() is Free() in versions before OpenSSL 0.9.6 */ |
534 | #if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090600f) | 543 | #if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090600f) |
535 | # define OPENSSL_free(x) Free(x) | 544 | # define OPENSSL_free(x) Free(x) |
@@ -644,6 +653,15 @@ struct winsize { | |||
644 | # define CUSTOM_SYS_AUTH_PASSWD 1 | 653 | # define CUSTOM_SYS_AUTH_PASSWD 1 |
645 | #endif | 654 | #endif |
646 | 655 | ||
656 | /* HP-UX 11.11 */ | ||
657 | #ifdef BTMP_FILE | ||
658 | # define _PATH_BTMP BTMP_FILE | ||
659 | #endif | ||
660 | |||
661 | #if defined(USE_BTMP) && defined(_PATH_BTMP) | ||
662 | # define CUSTOM_FAILED_LOGIN | ||
663 | #endif | ||
664 | |||
647 | /** end of login recorder definitions */ | 665 | /** end of login recorder definitions */ |
648 | 666 | ||
649 | #endif /* _DEFINES_H */ | 667 | #endif /* _DEFINES_H */ |
diff --git a/hostfile.c b/hostfile.c index 88c054912..2e1c8bcd0 100644 --- a/hostfile.c +++ b/hostfile.c | |||
@@ -36,13 +36,102 @@ | |||
36 | */ | 36 | */ |
37 | 37 | ||
38 | #include "includes.h" | 38 | #include "includes.h" |
39 | RCSID("$OpenBSD: hostfile.c,v 1.32 2003/11/10 16:23:41 jakob Exp $"); | 39 | RCSID("$OpenBSD: hostfile.c,v 1.33 2005/03/01 10:40:26 djm Exp $"); |
40 | |||
41 | #include <resolv.h> | ||
42 | #include <openssl/hmac.h> | ||
43 | #include <openssl/sha.h> | ||
40 | 44 | ||
41 | #include "packet.h" | 45 | #include "packet.h" |
42 | #include "match.h" | 46 | #include "match.h" |
43 | #include "key.h" | 47 | #include "key.h" |
44 | #include "hostfile.h" | 48 | #include "hostfile.h" |
45 | #include "log.h" | 49 | #include "log.h" |
50 | #include "xmalloc.h" | ||
51 | |||
52 | static int | ||
53 | extract_salt(const char *s, u_int l, char *salt, size_t salt_len) | ||
54 | { | ||
55 | char *p, *b64salt; | ||
56 | u_int b64len; | ||
57 | int ret; | ||
58 | |||
59 | if (l < sizeof(HASH_MAGIC) - 1) { | ||
60 | debug2("extract_salt: string too short"); | ||
61 | return (-1); | ||
62 | } | ||
63 | if (strncmp(s, HASH_MAGIC, sizeof(HASH_MAGIC) - 1) != 0) { | ||
64 | debug2("extract_salt: invalid magic identifier"); | ||
65 | return (-1); | ||
66 | } | ||
67 | s += sizeof(HASH_MAGIC) - 1; | ||
68 | l -= sizeof(HASH_MAGIC) - 1; | ||
69 | if ((p = memchr(s, HASH_DELIM, l)) == NULL) { | ||
70 | debug2("extract_salt: missing salt termination character"); | ||
71 | return (-1); | ||
72 | } | ||
73 | |||
74 | b64len = p - s; | ||
75 | /* Sanity check */ | ||
76 | if (b64len == 0 || b64len > 1024) { | ||
77 | debug2("extract_salt: bad encoded salt length %u", b64len); | ||
78 | return (-1); | ||
79 | } | ||
80 | b64salt = xmalloc(1 + b64len); | ||
81 | memcpy(b64salt, s, b64len); | ||
82 | b64salt[b64len] = '\0'; | ||
83 | |||
84 | ret = __b64_pton(b64salt, salt, salt_len); | ||
85 | xfree(b64salt); | ||
86 | if (ret == -1) { | ||
87 | debug2("extract_salt: salt decode error"); | ||
88 | return (-1); | ||
89 | } | ||
90 | if (ret != SHA_DIGEST_LENGTH) { | ||
91 | debug2("extract_salt: expected salt len %u, got %u", | ||
92 | salt_len, ret); | ||
93 | return (-1); | ||
94 | } | ||
95 | |||
96 | return (0); | ||
97 | } | ||
98 | |||
99 | char * | ||
100 | host_hash(const char *host, const char *name_from_hostfile, u_int src_len) | ||
101 | { | ||
102 | const EVP_MD *md = EVP_sha1(); | ||
103 | HMAC_CTX mac_ctx; | ||
104 | char salt[256], result[256], uu_salt[512], uu_result[512]; | ||
105 | static char encoded[1024]; | ||
106 | u_int i, len; | ||
107 | |||
108 | len = EVP_MD_size(md); | ||
109 | |||
110 | if (name_from_hostfile == NULL) { | ||
111 | /* Create new salt */ | ||
112 | for (i = 0; i < len; i++) | ||
113 | salt[i] = arc4random(); | ||
114 | } else { | ||
115 | /* Extract salt from known host entry */ | ||
116 | if (extract_salt(name_from_hostfile, src_len, salt, | ||
117 | sizeof(salt)) == -1) | ||
118 | return (NULL); | ||
119 | } | ||
120 | |||
121 | HMAC_Init(&mac_ctx, salt, len, md); | ||
122 | HMAC_Update(&mac_ctx, host, strlen(host)); | ||
123 | HMAC_Final(&mac_ctx, result, NULL); | ||
124 | HMAC_cleanup(&mac_ctx); | ||
125 | |||
126 | if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 || | ||
127 | __b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1) | ||
128 | fatal("host_hash: __b64_ntop failed"); | ||
129 | |||
130 | snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt, | ||
131 | HASH_DELIM, uu_result); | ||
132 | |||
133 | return (encoded); | ||
134 | } | ||
46 | 135 | ||
47 | /* | 136 | /* |
48 | * Parses an RSA (number of bits, e, n) or DSA key from a string. Moves the | 137 | * Parses an RSA (number of bits, e, n) or DSA key from a string. Moves the |
@@ -104,7 +193,7 @@ check_host_in_hostfile_by_key_or_type(const char *filename, | |||
104 | char line[8192]; | 193 | char line[8192]; |
105 | int linenum = 0; | 194 | int linenum = 0; |
106 | u_int kbits; | 195 | u_int kbits; |
107 | char *cp, *cp2; | 196 | char *cp, *cp2, *hashed_host; |
108 | HostStatus end_return; | 197 | HostStatus end_return; |
109 | 198 | ||
110 | debug3("check_host_in_hostfile: filename %s", filename); | 199 | debug3("check_host_in_hostfile: filename %s", filename); |
@@ -137,8 +226,18 @@ check_host_in_hostfile_by_key_or_type(const char *filename, | |||
137 | ; | 226 | ; |
138 | 227 | ||
139 | /* Check if the host name matches. */ | 228 | /* Check if the host name matches. */ |
140 | if (match_hostname(host, cp, (u_int) (cp2 - cp)) != 1) | 229 | if (match_hostname(host, cp, (u_int) (cp2 - cp)) != 1) { |
141 | continue; | 230 | if (*cp != HASH_DELIM) |
231 | continue; | ||
232 | hashed_host = host_hash(host, cp, (u_int) (cp2 - cp)); | ||
233 | if (hashed_host == NULL) { | ||
234 | debug("Invalid hashed host line %d of %s", | ||
235 | linenum, filename); | ||
236 | continue; | ||
237 | } | ||
238 | if (strncmp(hashed_host, cp, (u_int) (cp2 - cp)) != 0) | ||
239 | continue; | ||
240 | } | ||
142 | 241 | ||
143 | /* Got a match. Skip host name. */ | 242 | /* Got a match. Skip host name. */ |
144 | cp = cp2; | 243 | cp = cp2; |
@@ -211,16 +310,28 @@ lookup_key_in_hostfile_by_type(const char *filename, const char *host, | |||
211 | */ | 310 | */ |
212 | 311 | ||
213 | int | 312 | int |
214 | add_host_to_hostfile(const char *filename, const char *host, const Key *key) | 313 | add_host_to_hostfile(const char *filename, const char *host, const Key *key, |
314 | int store_hash) | ||
215 | { | 315 | { |
216 | FILE *f; | 316 | FILE *f; |
217 | int success = 0; | 317 | int success = 0; |
318 | char *hashed_host; | ||
319 | |||
218 | if (key == NULL) | 320 | if (key == NULL) |
219 | return 1; /* XXX ? */ | 321 | return 1; /* XXX ? */ |
220 | f = fopen(filename, "a"); | 322 | f = fopen(filename, "a"); |
221 | if (!f) | 323 | if (!f) |
222 | return 0; | 324 | return 0; |
223 | fprintf(f, "%s ", host); | 325 | |
326 | if (store_hash) { | ||
327 | if ((hashed_host = host_hash(host, NULL, 0)) == NULL) { | ||
328 | error("add_host_to_hostfile: host_hash failed"); | ||
329 | fclose(f); | ||
330 | return 0; | ||
331 | } | ||
332 | } | ||
333 | fprintf(f, "%s ", store_hash ? hashed_host : host); | ||
334 | |||
224 | if (key_write(key, f)) { | 335 | if (key_write(key, f)) { |
225 | success = 1; | 336 | success = 1; |
226 | } else { | 337 | } else { |
diff --git a/hostfile.h b/hostfile.h index efcddc9f9..d6330752e 100644 --- a/hostfile.h +++ b/hostfile.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: hostfile.h,v 1.14 2003/11/10 16:23:41 jakob Exp $ */ | 1 | /* $OpenBSD: hostfile.h,v 1.15 2005/03/01 10:40:26 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -21,8 +21,13 @@ typedef enum { | |||
21 | int hostfile_read_key(char **, u_int *, Key *); | 21 | int hostfile_read_key(char **, u_int *, Key *); |
22 | HostStatus check_host_in_hostfile(const char *, const char *, | 22 | HostStatus check_host_in_hostfile(const char *, const char *, |
23 | const Key *, Key *, int *); | 23 | const Key *, Key *, int *); |
24 | int add_host_to_hostfile(const char *, const char *, const Key *); | 24 | int add_host_to_hostfile(const char *, const char *, const Key *, int); |
25 | int lookup_key_in_hostfile_by_type(const char *, const char *, | 25 | int lookup_key_in_hostfile_by_type(const char *, const char *, |
26 | int, Key *, int *); | 26 | int, Key *, int *); |
27 | 27 | ||
28 | #define HASH_MAGIC "|1|" | ||
29 | #define HASH_DELIM '|' | ||
30 | |||
31 | char *host_hash(const char *, const char *, u_int); | ||
32 | |||
28 | #endif | 33 | #endif |
diff --git a/includes.h b/includes.h index 3a6b4c32b..3d3aa3b21 100644 --- a/includes.h +++ b/includes.h | |||
@@ -185,7 +185,7 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } | |||
185 | * On HP-UX 11.11, shadow.h and prot.h provide conflicting declarations | 185 | * On HP-UX 11.11, shadow.h and prot.h provide conflicting declarations |
186 | * of getspnam when _INCLUDE__STDC__ is defined, so we unset it here. | 186 | * of getspnam when _INCLUDE__STDC__ is defined, so we unset it here. |
187 | */ | 187 | */ |
188 | #ifdef __hpux | 188 | #ifdef GETSPNAM_CONFLICTING_DEFS |
189 | # ifdef _INCLUDE__STDC__ | 189 | # ifdef _INCLUDE__STDC__ |
190 | # undef _INCLUDE__STDC__ | 190 | # undef _INCLUDE__STDC__ |
191 | # endif | 191 | # endif |
@@ -32,7 +32,7 @@ | |||
32 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 32 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
33 | */ | 33 | */ |
34 | #include "includes.h" | 34 | #include "includes.h" |
35 | RCSID("$OpenBSD: key.c,v 1.56 2004/07/28 09:40:29 markus Exp $"); | 35 | RCSID("$OpenBSD: key.c,v 1.57 2004/10/29 23:57:05 djm Exp $"); |
36 | 36 | ||
37 | #include <openssl/evp.h> | 37 | #include <openssl/evp.h> |
38 | 38 | ||
@@ -681,8 +681,8 @@ Key * | |||
681 | key_from_blob(const u_char *blob, u_int blen) | 681 | key_from_blob(const u_char *blob, u_int blen) |
682 | { | 682 | { |
683 | Buffer b; | 683 | Buffer b; |
684 | char *ktype; | ||
685 | int rlen, type; | 684 | int rlen, type; |
685 | char *ktype = NULL; | ||
686 | Key *key = NULL; | 686 | Key *key = NULL; |
687 | 687 | ||
688 | #ifdef DEBUG_PK | 688 | #ifdef DEBUG_PK |
@@ -690,24 +690,38 @@ key_from_blob(const u_char *blob, u_int blen) | |||
690 | #endif | 690 | #endif |
691 | buffer_init(&b); | 691 | buffer_init(&b); |
692 | buffer_append(&b, blob, blen); | 692 | buffer_append(&b, blob, blen); |
693 | ktype = buffer_get_string(&b, NULL); | 693 | if ((ktype = buffer_get_string_ret(&b, NULL)) == NULL) { |
694 | error("key_from_blob: can't read key type"); | ||
695 | goto out; | ||
696 | } | ||
697 | |||
694 | type = key_type_from_name(ktype); | 698 | type = key_type_from_name(ktype); |
695 | 699 | ||
696 | switch (type) { | 700 | switch (type) { |
697 | case KEY_RSA: | 701 | case KEY_RSA: |
698 | key = key_new(type); | 702 | key = key_new(type); |
699 | buffer_get_bignum2(&b, key->rsa->e); | 703 | if (buffer_get_bignum2_ret(&b, key->rsa->e) == -1 || |
700 | buffer_get_bignum2(&b, key->rsa->n); | 704 | buffer_get_bignum2_ret(&b, key->rsa->n) == -1) { |
705 | error("key_from_blob: can't read rsa key"); | ||
706 | key_free(key); | ||
707 | key = NULL; | ||
708 | goto out; | ||
709 | } | ||
701 | #ifdef DEBUG_PK | 710 | #ifdef DEBUG_PK |
702 | RSA_print_fp(stderr, key->rsa, 8); | 711 | RSA_print_fp(stderr, key->rsa, 8); |
703 | #endif | 712 | #endif |
704 | break; | 713 | break; |
705 | case KEY_DSA: | 714 | case KEY_DSA: |
706 | key = key_new(type); | 715 | key = key_new(type); |
707 | buffer_get_bignum2(&b, key->dsa->p); | 716 | if (buffer_get_bignum2_ret(&b, key->dsa->p) == -1 || |
708 | buffer_get_bignum2(&b, key->dsa->q); | 717 | buffer_get_bignum2_ret(&b, key->dsa->q) == -1 || |
709 | buffer_get_bignum2(&b, key->dsa->g); | 718 | buffer_get_bignum2_ret(&b, key->dsa->g) == -1 || |
710 | buffer_get_bignum2(&b, key->dsa->pub_key); | 719 | buffer_get_bignum2_ret(&b, key->dsa->pub_key) == -1) { |
720 | error("key_from_blob: can't read dsa key"); | ||
721 | key_free(key); | ||
722 | key = NULL; | ||
723 | goto out; | ||
724 | } | ||
711 | #ifdef DEBUG_PK | 725 | #ifdef DEBUG_PK |
712 | DSA_print_fp(stderr, key->dsa, 8); | 726 | DSA_print_fp(stderr, key->dsa, 8); |
713 | #endif | 727 | #endif |
@@ -717,12 +731,14 @@ key_from_blob(const u_char *blob, u_int blen) | |||
717 | break; | 731 | break; |
718 | default: | 732 | default: |
719 | error("key_from_blob: cannot handle type %s", ktype); | 733 | error("key_from_blob: cannot handle type %s", ktype); |
720 | break; | 734 | goto out; |
721 | } | 735 | } |
722 | rlen = buffer_len(&b); | 736 | rlen = buffer_len(&b); |
723 | if (key != NULL && rlen != 0) | 737 | if (key != NULL && rlen != 0) |
724 | error("key_from_blob: remaining bytes in key blob %d", rlen); | 738 | error("key_from_blob: remaining bytes in key blob %d", rlen); |
725 | xfree(ktype); | 739 | out: |
740 | if (ktype != NULL) | ||
741 | xfree(ktype); | ||
726 | buffer_free(&b); | 742 | buffer_free(&b); |
727 | return key; | 743 | return key; |
728 | } | 744 | } |
@@ -194,6 +194,9 @@ debug3(const char *fmt,...) | |||
194 | void | 194 | void |
195 | log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) | 195 | log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) |
196 | { | 196 | { |
197 | #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) | ||
198 | struct syslog_data sdata = SYSLOG_DATA_INIT; | ||
199 | #endif | ||
197 | argv0 = av0; | 200 | argv0 = av0; |
198 | 201 | ||
199 | switch (level) { | 202 | switch (level) { |
@@ -263,6 +266,19 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) | |||
263 | (int) facility); | 266 | (int) facility); |
264 | exit(1); | 267 | exit(1); |
265 | } | 268 | } |
269 | |||
270 | /* | ||
271 | * If an external library (eg libwrap) attempts to use syslog | ||
272 | * immediately after reexec, syslog may be pointing to the wrong | ||
273 | * facility, so we force an open/close of syslog here. | ||
274 | */ | ||
275 | #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) | ||
276 | openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata); | ||
277 | closelog_r(&sdata); | ||
278 | #else | ||
279 | openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility); | ||
280 | closelog(); | ||
281 | #endif | ||
266 | } | 282 | } |
267 | 283 | ||
268 | #define MSGBUFSIZ 1024 | 284 | #define MSGBUFSIZ 1024 |
diff --git a/loginrec.c b/loginrec.c index f07f65fce..361ac4cb7 100644 --- a/loginrec.c +++ b/loginrec.c | |||
@@ -25,130 +25,125 @@ | |||
25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
26 | */ | 26 | */ |
27 | 27 | ||
28 | /* | ||
29 | * The btmp logging code is derived from login.c from util-linux and is under | ||
30 | * the the following license: | ||
31 | * | ||
32 | * Copyright (c) 1980, 1987, 1988 The Regents of the University of California. | ||
33 | * All rights reserved. | ||
34 | * | ||
35 | * Redistribution and use in source and binary forms are permitted | ||
36 | * provided that the above copyright notice and this paragraph are | ||
37 | * duplicated in all such forms and that any documentation, | ||
38 | * advertising materials, and other materials related to such | ||
39 | * distribution and use acknowledge that the software was developed | ||
40 | * by the University of California, Berkeley. The name of the | ||
41 | * University may not be used to endorse or promote products derived | ||
42 | * from this software without specific prior written permission. | ||
43 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR | ||
44 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED | ||
45 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | ||
46 | */ | ||
47 | |||
48 | |||
28 | /** | 49 | /** |
29 | ** loginrec.c: platform-independent login recording and lastlog retrieval | 50 | ** loginrec.c: platform-independent login recording and lastlog retrieval |
30 | **/ | 51 | **/ |
31 | 52 | ||
32 | /* | 53 | /* |
33 | The new login code explained | 54 | * The new login code explained |
34 | ============================ | 55 | * ============================ |
35 | 56 | * | |
36 | This code attempts to provide a common interface to login recording | 57 | * This code attempts to provide a common interface to login recording |
37 | (utmp and friends) and last login time retrieval. | 58 | * (utmp and friends) and last login time retrieval. |
38 | 59 | * | |
39 | Its primary means of achieving this is to use 'struct logininfo', a | 60 | * Its primary means of achieving this is to use 'struct logininfo', a |
40 | union of all the useful fields in the various different types of | 61 | * union of all the useful fields in the various different types of |
41 | system login record structures one finds on UNIX variants. | 62 | * system login record structures one finds on UNIX variants. |
42 | 63 | * | |
43 | We depend on autoconf to define which recording methods are to be | 64 | * We depend on autoconf to define which recording methods are to be |
44 | used, and which fields are contained in the relevant data structures | 65 | * used, and which fields are contained in the relevant data structures |
45 | on the local system. Many C preprocessor symbols affect which code | 66 | * on the local system. Many C preprocessor symbols affect which code |
46 | gets compiled here. | 67 | * gets compiled here. |
47 | 68 | * | |
48 | The code is designed to make it easy to modify a particular | 69 | * The code is designed to make it easy to modify a particular |
49 | recording method, without affecting other methods nor requiring so | 70 | * recording method, without affecting other methods nor requiring so |
50 | many nested conditional compilation blocks as were commonplace in | 71 | * many nested conditional compilation blocks as were commonplace in |
51 | the old code. | 72 | * the old code. |
52 | 73 | * | |
53 | For login recording, we try to use the local system's libraries as | 74 | * For login recording, we try to use the local system's libraries as |
54 | these are clearly most likely to work correctly. For utmp systems | 75 | * these are clearly most likely to work correctly. For utmp systems |
55 | this usually means login() and logout() or setutent() etc., probably | 76 | * this usually means login() and logout() or setutent() etc., probably |
56 | in libutil, along with logwtmp() etc. On these systems, we fall back | 77 | * in libutil, along with logwtmp() etc. On these systems, we fall back |
57 | to writing the files directly if we have to, though this method | 78 | * to writing the files directly if we have to, though this method |
58 | requires very thorough testing so we do not corrupt local auditing | 79 | * requires very thorough testing so we do not corrupt local auditing |
59 | information. These files and their access methods are very system | 80 | * information. These files and their access methods are very system |
60 | specific indeed. | 81 | * specific indeed. |
61 | 82 | * | |
62 | For utmpx systems, the corresponding library functions are | 83 | * For utmpx systems, the corresponding library functions are |
63 | setutxent() etc. To the author's knowledge, all utmpx systems have | 84 | * setutxent() etc. To the author's knowledge, all utmpx systems have |
64 | these library functions and so no direct write is attempted. If such | 85 | * these library functions and so no direct write is attempted. If such |
65 | a system exists and needs support, direct analogues of the [uw]tmp | 86 | * a system exists and needs support, direct analogues of the [uw]tmp |
66 | code should suffice. | 87 | * code should suffice. |
67 | 88 | * | |
68 | Retrieving the time of last login ('lastlog') is in some ways even | 89 | * Retrieving the time of last login ('lastlog') is in some ways even |
69 | more problemmatic than login recording. Some systems provide a | 90 | * more problemmatic than login recording. Some systems provide a |
70 | simple table of all users which we seek based on uid and retrieve a | 91 | * simple table of all users which we seek based on uid and retrieve a |
71 | relatively standard structure. Others record the same information in | 92 | * relatively standard structure. Others record the same information in |
72 | a directory with a separate file, and others don't record the | 93 | * a directory with a separate file, and others don't record the |
73 | information separately at all. For systems in the latter category, | 94 | * information separately at all. For systems in the latter category, |
74 | we look backwards in the wtmp or wtmpx file for the last login entry | 95 | * we look backwards in the wtmp or wtmpx file for the last login entry |
75 | for our user. Naturally this is slower and on busy systems could | 96 | * for our user. Naturally this is slower and on busy systems could |
76 | incur a significant performance penalty. | 97 | * incur a significant performance penalty. |
77 | 98 | * | |
78 | Calling the new code | 99 | * Calling the new code |
79 | -------------------- | 100 | * -------------------- |
80 | 101 | * | |
81 | In OpenSSH all login recording and retrieval is performed in | 102 | * In OpenSSH all login recording and retrieval is performed in |
82 | login.c. Here you'll find working examples. Also, in the logintest.c | 103 | * login.c. Here you'll find working examples. Also, in the logintest.c |
83 | program there are more examples. | 104 | * program there are more examples. |
84 | 105 | * | |
85 | Internal handler calling method | 106 | * Internal handler calling method |
86 | ------------------------------- | 107 | * ------------------------------- |
87 | 108 | * | |
88 | When a call is made to login_login() or login_logout(), both | 109 | * When a call is made to login_login() or login_logout(), both |
89 | routines set a struct logininfo flag defining which action (log in, | 110 | * routines set a struct logininfo flag defining which action (log in, |
90 | or log out) is to be taken. They both then call login_write(), which | 111 | * or log out) is to be taken. They both then call login_write(), which |
91 | calls whichever of the many structure-specific handlers autoconf | 112 | * calls whichever of the many structure-specific handlers autoconf |
92 | selects for the local system. | 113 | * selects for the local system. |
93 | 114 | * | |
94 | The handlers themselves handle system data structure specifics. Both | 115 | * The handlers themselves handle system data structure specifics. Both |
95 | struct utmp and struct utmpx have utility functions (see | 116 | * struct utmp and struct utmpx have utility functions (see |
96 | construct_utmp*()) to try to make it simpler to add extra systems | 117 | * construct_utmp*()) to try to make it simpler to add extra systems |
97 | that introduce new features to either structure. | 118 | * that introduce new features to either structure. |
98 | 119 | * | |
99 | While it may seem terribly wasteful to replicate so much similar | 120 | * While it may seem terribly wasteful to replicate so much similar |
100 | code for each method, experience has shown that maintaining code to | 121 | * code for each method, experience has shown that maintaining code to |
101 | write both struct utmp and utmpx in one function, whilst maintaining | 122 | * write both struct utmp and utmpx in one function, whilst maintaining |
102 | support for all systems whether they have library support or not, is | 123 | * support for all systems whether they have library support or not, is |
103 | a difficult and time-consuming task. | 124 | * a difficult and time-consuming task. |
104 | 125 | * | |
105 | Lastlog support proceeds similarly. Functions login_get_lastlog() | 126 | * Lastlog support proceeds similarly. Functions login_get_lastlog() |
106 | (and its OpenSSH-tuned friend login_get_lastlog_time()) call | 127 | * (and its OpenSSH-tuned friend login_get_lastlog_time()) call |
107 | getlast_entry(), which tries one of three methods to find the last | 128 | * getlast_entry(), which tries one of three methods to find the last |
108 | login time. It uses local system lastlog support if it can, | 129 | * login time. It uses local system lastlog support if it can, |
109 | otherwise it tries wtmp or wtmpx before giving up and returning 0, | 130 | * otherwise it tries wtmp or wtmpx before giving up and returning 0, |
110 | meaning "tilt". | 131 | * meaning "tilt". |
111 | 132 | * | |
112 | Maintenance | 133 | * Maintenance |
113 | ----------- | 134 | * ----------- |
114 | 135 | * | |
115 | In many cases it's possible to tweak autoconf to select the correct | 136 | * In many cases it's possible to tweak autoconf to select the correct |
116 | methods for a particular platform, either by improving the detection | 137 | * methods for a particular platform, either by improving the detection |
117 | code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE | 138 | * code (best), or by presetting DISABLE_<method> or CONF_<method>_FILE |
118 | symbols for the platform. | 139 | * symbols for the platform. |
119 | 140 | * | |
120 | Use logintest to check which symbols are defined before modifying | 141 | * Use logintest to check which symbols are defined before modifying |
121 | configure.ac and loginrec.c. (You have to build logintest yourself | 142 | * configure.ac and loginrec.c. (You have to build logintest yourself |
122 | with 'make logintest' as it's not built by default.) | 143 | * with 'make logintest' as it's not built by default.) |
123 | 144 | * | |
124 | Otherwise, patches to the specific method(s) are very helpful! | 145 | * Otherwise, patches to the specific method(s) are very helpful! |
125 | 146 | */ | |
126 | */ | ||
127 | |||
128 | /** | ||
129 | ** TODO: | ||
130 | ** homegrown ttyslot() | ||
131 | ** test, test, test | ||
132 | ** | ||
133 | ** Platform status: | ||
134 | ** ---------------- | ||
135 | ** | ||
136 | ** Known good: | ||
137 | ** Linux (Redhat 6.2, Debian) | ||
138 | ** Solaris | ||
139 | ** HP-UX 10.20 (gcc only) | ||
140 | ** IRIX | ||
141 | ** NeXT - M68k/HPPA/Sparc (4.2/3.3) | ||
142 | ** | ||
143 | ** Testing required: Please send reports! | ||
144 | ** NetBSD | ||
145 | ** HP-UX 11 | ||
146 | ** AIX | ||
147 | ** | ||
148 | ** Platforms with known problems: | ||
149 | ** Some variants of Slackware Linux | ||
150 | ** | ||
151 | **/ | ||
152 | 147 | ||
153 | #include "includes.h" | 148 | #include "includes.h" |
154 | 149 | ||
@@ -157,17 +152,21 @@ | |||
157 | #include "loginrec.h" | 152 | #include "loginrec.h" |
158 | #include "log.h" | 153 | #include "log.h" |
159 | #include "atomicio.h" | 154 | #include "atomicio.h" |
160 | 155 | #include "packet.h" | |
161 | RCSID("$Id: loginrec.c,v 1.58 2004/08/15 09:12:52 djm Exp $"); | 156 | #include "canohost.h" |
157 | #include "auth.h" | ||
158 | #include "buffer.h" | ||
162 | 159 | ||
163 | #ifdef HAVE_UTIL_H | 160 | #ifdef HAVE_UTIL_H |
164 | # include <util.h> | 161 | # include <util.h> |
165 | #endif | 162 | #endif |
166 | 163 | ||
167 | #ifdef HAVE_LIBUTIL_H | 164 | #ifdef HAVE_LIBUTIL_H |
168 | # include <libutil.h> | 165 | # include <libutil.h> |
169 | #endif | 166 | #endif |
170 | 167 | ||
168 | RCSID("$Id: loginrec.c,v 1.67 2005/02/15 11:19:28 dtucker Exp $"); | ||
169 | |||
171 | /** | 170 | /** |
172 | ** prototypes for helper functions in this file | 171 | ** prototypes for helper functions in this file |
173 | **/ | 172 | **/ |
@@ -194,14 +193,17 @@ int lastlog_get_entry(struct logininfo *li); | |||
194 | int wtmp_get_entry(struct logininfo *li); | 193 | int wtmp_get_entry(struct logininfo *li); |
195 | int wtmpx_get_entry(struct logininfo *li); | 194 | int wtmpx_get_entry(struct logininfo *li); |
196 | 195 | ||
196 | extern Buffer loginmsg; | ||
197 | |||
197 | /* pick the shortest string */ | 198 | /* pick the shortest string */ |
198 | #define MIN_SIZEOF(s1,s2) ( sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2) ) | 199 | #define MIN_SIZEOF(s1,s2) (sizeof(s1) < sizeof(s2) ? sizeof(s1) : sizeof(s2)) |
199 | 200 | ||
200 | /** | 201 | /** |
201 | ** platform-independent login functions | 202 | ** platform-independent login functions |
202 | **/ | 203 | **/ |
203 | 204 | ||
204 | /* login_login(struct logininfo *) -Record a login | 205 | /* |
206 | * login_login(struct logininfo *) - Record a login | ||
205 | * | 207 | * |
206 | * Call with a pointer to a struct logininfo initialised with | 208 | * Call with a pointer to a struct logininfo initialised with |
207 | * login_init_entry() or login_alloc_entry() | 209 | * login_init_entry() or login_alloc_entry() |
@@ -211,14 +213,15 @@ int wtmpx_get_entry(struct logininfo *li); | |||
211 | * 0 on failure (will use OpenSSH's logging facilities for diagnostics) | 213 | * 0 on failure (will use OpenSSH's logging facilities for diagnostics) |
212 | */ | 214 | */ |
213 | int | 215 | int |
214 | login_login (struct logininfo *li) | 216 | login_login(struct logininfo *li) |
215 | { | 217 | { |
216 | li->type = LTYPE_LOGIN; | 218 | li->type = LTYPE_LOGIN; |
217 | return login_write(li); | 219 | return (login_write(li)); |
218 | } | 220 | } |
219 | 221 | ||
220 | 222 | ||
221 | /* login_logout(struct logininfo *) - Record a logout | 223 | /* |
224 | * login_logout(struct logininfo *) - Record a logout | ||
222 | * | 225 | * |
223 | * Call as with login_login() | 226 | * Call as with login_login() |
224 | * | 227 | * |
@@ -230,10 +233,11 @@ int | |||
230 | login_logout(struct logininfo *li) | 233 | login_logout(struct logininfo *li) |
231 | { | 234 | { |
232 | li->type = LTYPE_LOGOUT; | 235 | li->type = LTYPE_LOGOUT; |
233 | return login_write(li); | 236 | return (login_write(li)); |
234 | } | 237 | } |
235 | 238 | ||
236 | /* login_get_lastlog_time(int) - Retrieve the last login time | 239 | /* |
240 | * login_get_lastlog_time(int) - Retrieve the last login time | ||
237 | * | 241 | * |
238 | * Retrieve the last login time for the given uid. Will try to use the | 242 | * Retrieve the last login time for the given uid. Will try to use the |
239 | * system lastlog facilities if they are available, but will fall back | 243 | * system lastlog facilities if they are available, but will fall back |
@@ -256,12 +260,13 @@ login_get_lastlog_time(const int uid) | |||
256 | struct logininfo li; | 260 | struct logininfo li; |
257 | 261 | ||
258 | if (login_get_lastlog(&li, uid)) | 262 | if (login_get_lastlog(&li, uid)) |
259 | return li.tv_sec; | 263 | return (li.tv_sec); |
260 | else | 264 | else |
261 | return 0; | 265 | return (0); |
262 | } | 266 | } |
263 | 267 | ||
264 | /* login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry | 268 | /* |
269 | * login_get_lastlog(struct logininfo *, int) - Retrieve a lastlog entry | ||
265 | * | 270 | * |
266 | * Retrieve a logininfo structure populated (only partially) with | 271 | * Retrieve a logininfo structure populated (only partially) with |
267 | * information from the system lastlog data, or from wtmp/wtmpx if no | 272 | * information from the system lastlog data, or from wtmp/wtmpx if no |
@@ -272,7 +277,6 @@ login_get_lastlog_time(const int uid) | |||
272 | * Returns: | 277 | * Returns: |
273 | * >0: A pointer to your struct logininfo if successful | 278 | * >0: A pointer to your struct logininfo if successful |
274 | * 0 on failure (will use OpenSSH's logging facilities for diagnostics) | 279 | * 0 on failure (will use OpenSSH's logging facilities for diagnostics) |
275 | * | ||
276 | */ | 280 | */ |
277 | struct logininfo * | 281 | struct logininfo * |
278 | login_get_lastlog(struct logininfo *li, const int uid) | 282 | login_get_lastlog(struct logininfo *li, const int uid) |
@@ -289,20 +293,21 @@ login_get_lastlog(struct logininfo *li, const int uid) | |||
289 | */ | 293 | */ |
290 | pw = getpwuid(uid); | 294 | pw = getpwuid(uid); |
291 | if (pw == NULL) | 295 | if (pw == NULL) |
292 | fatal("login_get_lastlog: Cannot find account for uid %i", uid); | 296 | fatal("%s: Cannot find account for uid %i", __func__, uid); |
293 | 297 | ||
294 | /* No MIN_SIZEOF here - we absolutely *must not* truncate the | 298 | /* No MIN_SIZEOF here - we absolutely *must not* truncate the |
295 | * username */ | 299 | * username (XXX - so check for trunc!) */ |
296 | strlcpy(li->username, pw->pw_name, sizeof(li->username)); | 300 | strlcpy(li->username, pw->pw_name, sizeof(li->username)); |
297 | 301 | ||
298 | if (getlast_entry(li)) | 302 | if (getlast_entry(li)) |
299 | return li; | 303 | return (li); |
300 | else | 304 | else |
301 | return NULL; | 305 | return (NULL); |
302 | } | 306 | } |
303 | 307 | ||
304 | 308 | ||
305 | /* login_alloc_entry(int, char*, char*, char*) - Allocate and initialise | 309 | /* |
310 | * login_alloc_entry(int, char*, char*, char*) - Allocate and initialise | ||
306 | * a logininfo structure | 311 | * a logininfo structure |
307 | * | 312 | * |
308 | * This function creates a new struct logininfo, a data structure | 313 | * This function creates a new struct logininfo, a data structure |
@@ -313,13 +318,13 @@ login_get_lastlog(struct logininfo *li, const int uid) | |||
313 | */ | 318 | */ |
314 | struct | 319 | struct |
315 | logininfo *login_alloc_entry(int pid, const char *username, | 320 | logininfo *login_alloc_entry(int pid, const char *username, |
316 | const char *hostname, const char *line) | 321 | const char *hostname, const char *line) |
317 | { | 322 | { |
318 | struct logininfo *newli; | 323 | struct logininfo *newli; |
319 | 324 | ||
320 | newli = (struct logininfo *) xmalloc (sizeof(*newli)); | 325 | newli = xmalloc(sizeof(*newli)); |
321 | (void)login_init_entry(newli, pid, username, hostname, line); | 326 | login_init_entry(newli, pid, username, hostname, line); |
322 | return newli; | 327 | return (newli); |
323 | } | 328 | } |
324 | 329 | ||
325 | 330 | ||
@@ -341,7 +346,7 @@ login_free_entry(struct logininfo *li) | |||
341 | */ | 346 | */ |
342 | int | 347 | int |
343 | login_init_entry(struct logininfo *li, int pid, const char *username, | 348 | login_init_entry(struct logininfo *li, int pid, const char *username, |
344 | const char *hostname, const char *line) | 349 | const char *hostname, const char *line) |
345 | { | 350 | { |
346 | struct passwd *pw; | 351 | struct passwd *pw; |
347 | 352 | ||
@@ -356,18 +361,21 @@ login_init_entry(struct logininfo *li, int pid, const char *username, | |||
356 | if (username) { | 361 | if (username) { |
357 | strlcpy(li->username, username, sizeof(li->username)); | 362 | strlcpy(li->username, username, sizeof(li->username)); |
358 | pw = getpwnam(li->username); | 363 | pw = getpwnam(li->username); |
359 | if (pw == NULL) | 364 | if (pw == NULL) { |
360 | fatal("login_init_entry: Cannot find user \"%s\"", li->username); | 365 | fatal("%s: Cannot find user \"%s\"", __func__, |
366 | li->username); | ||
367 | } | ||
361 | li->uid = pw->pw_uid; | 368 | li->uid = pw->pw_uid; |
362 | } | 369 | } |
363 | 370 | ||
364 | if (hostname) | 371 | if (hostname) |
365 | strlcpy(li->hostname, hostname, sizeof(li->hostname)); | 372 | strlcpy(li->hostname, hostname, sizeof(li->hostname)); |
366 | 373 | ||
367 | return 1; | 374 | return (1); |
368 | } | 375 | } |
369 | 376 | ||
370 | /* login_set_current_time(struct logininfo *) - set the current time | 377 | /* |
378 | * login_set_current_time(struct logininfo *) - set the current time | ||
371 | * | 379 | * |
372 | * Set the current time in a logininfo structure. This function is | 380 | * Set the current time in a logininfo structure. This function is |
373 | * meant to eliminate the need to deal with system dependencies for | 381 | * meant to eliminate the need to deal with system dependencies for |
@@ -387,7 +395,7 @@ login_set_current_time(struct logininfo *li) | |||
387 | /* copy a sockaddr_* into our logininfo */ | 395 | /* copy a sockaddr_* into our logininfo */ |
388 | void | 396 | void |
389 | login_set_addr(struct logininfo *li, const struct sockaddr *sa, | 397 | login_set_addr(struct logininfo *li, const struct sockaddr *sa, |
390 | const unsigned int sa_size) | 398 | const unsigned int sa_size) |
391 | { | 399 | { |
392 | unsigned int bufsize = sa_size; | 400 | unsigned int bufsize = sa_size; |
393 | 401 | ||
@@ -395,7 +403,7 @@ login_set_addr(struct logininfo *li, const struct sockaddr *sa, | |||
395 | if (sizeof(li->hostaddr) < sa_size) | 403 | if (sizeof(li->hostaddr) < sa_size) |
396 | bufsize = sizeof(li->hostaddr); | 404 | bufsize = sizeof(li->hostaddr); |
397 | 405 | ||
398 | memcpy((void *)&(li->hostaddr.sa), (const void *)sa, bufsize); | 406 | memcpy(&li->hostaddr.sa, sa, bufsize); |
399 | } | 407 | } |
400 | 408 | ||
401 | 409 | ||
@@ -404,12 +412,12 @@ login_set_addr(struct logininfo *li, const struct sockaddr *sa, | |||
404 | ** results | 412 | ** results |
405 | **/ | 413 | **/ |
406 | int | 414 | int |
407 | login_write (struct logininfo *li) | 415 | login_write(struct logininfo *li) |
408 | { | 416 | { |
409 | #ifndef HAVE_CYGWIN | 417 | #ifndef HAVE_CYGWIN |
410 | if ((int)geteuid() != 0) { | 418 | if (geteuid() != 0) { |
411 | logit("Attempt to write login records by non-root user (aborting)"); | 419 | logit("Attempt to write login records by non-root user (aborting)"); |
412 | return 1; | 420 | return (1); |
413 | } | 421 | } |
414 | #endif | 422 | #endif |
415 | 423 | ||
@@ -419,9 +427,8 @@ login_write (struct logininfo *li) | |||
419 | syslogin_write_entry(li); | 427 | syslogin_write_entry(li); |
420 | #endif | 428 | #endif |
421 | #ifdef USE_LASTLOG | 429 | #ifdef USE_LASTLOG |
422 | if (li->type == LTYPE_LOGIN) { | 430 | if (li->type == LTYPE_LOGIN) |
423 | lastlog_write_entry(li); | 431 | lastlog_write_entry(li); |
424 | } | ||
425 | #endif | 432 | #endif |
426 | #ifdef USE_UTMP | 433 | #ifdef USE_UTMP |
427 | utmp_write_entry(li); | 434 | utmp_write_entry(li); |
@@ -437,10 +444,16 @@ login_write (struct logininfo *li) | |||
437 | #endif | 444 | #endif |
438 | #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN | 445 | #ifdef CUSTOM_SYS_AUTH_RECORD_LOGIN |
439 | if (li->type == LTYPE_LOGIN && | 446 | if (li->type == LTYPE_LOGIN && |
440 | !sys_auth_record_login(li->username,li->hostname,li->line)) | 447 | !sys_auth_record_login(li->username,li->hostname,li->line, &loginmsg)) |
441 | logit("Writing login record failed for %s", li->username); | 448 | logit("Writing login record failed for %s", li->username); |
442 | #endif | 449 | #endif |
443 | return 0; | 450 | #ifdef SSH_AUDIT_EVENTS |
451 | if (li->type == LTYPE_LOGIN) | ||
452 | audit_session_open(li->line); | ||
453 | else if (li->type == LTYPE_LOGOUT) | ||
454 | audit_session_close(li->line); | ||
455 | #endif | ||
456 | return (0); | ||
444 | } | 457 | } |
445 | 458 | ||
446 | #ifdef LOGIN_NEEDS_UTMPX | 459 | #ifdef LOGIN_NEEDS_UTMPX |
@@ -461,7 +474,7 @@ login_utmp_only(struct logininfo *li) | |||
461 | # ifdef USE_WTMPX | 474 | # ifdef USE_WTMPX |
462 | wtmpx_write_entry(li); | 475 | wtmpx_write_entry(li); |
463 | # endif | 476 | # endif |
464 | return 0; | 477 | return (0); |
465 | } | 478 | } |
466 | #endif | 479 | #endif |
467 | 480 | ||
@@ -478,25 +491,21 @@ getlast_entry(struct logininfo *li) | |||
478 | return(lastlog_get_entry(li)); | 491 | return(lastlog_get_entry(li)); |
479 | #else /* !USE_LASTLOG */ | 492 | #else /* !USE_LASTLOG */ |
480 | 493 | ||
481 | #ifdef DISABLE_LASTLOG | 494 | #if defined(DISABLE_LASTLOG) |
482 | /* On some systems we shouldn't even try to obtain last login | 495 | /* On some systems we shouldn't even try to obtain last login |
483 | * time, e.g. AIX */ | 496 | * time, e.g. AIX */ |
484 | return 0; | 497 | return (0); |
485 | # else /* DISABLE_LASTLOG */ | 498 | # elif defined(USE_WTMP) && \ |
486 | /* Try to retrieve the last login time from wtmp */ | 499 | (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP)) |
487 | # if defined(USE_WTMP) && (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP)) | ||
488 | /* retrieve last login time from utmp */ | 500 | /* retrieve last login time from utmp */ |
489 | return (wtmp_get_entry(li)); | 501 | return (wtmp_get_entry(li)); |
490 | # else /* defined(USE_WTMP) && (defined(HAVE_TIME_IN_UTMP) || defined(HAVE_TV_IN_UTMP)) */ | 502 | # elif defined(USE_WTMPX) && \ |
503 | (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX)) | ||
491 | /* If wtmp isn't available, try wtmpx */ | 504 | /* If wtmp isn't available, try wtmpx */ |
492 | # if defined(USE_WTMPX) && (defined(HAVE_TIME_IN_UTMPX) || defined(HAVE_TV_IN_UTMPX)) | ||
493 | /* retrieve last login time from utmpx */ | ||
494 | return (wtmpx_get_entry(li)); | 505 | return (wtmpx_get_entry(li)); |
495 | # else | 506 | # else |
496 | /* Give up: No means of retrieving last login time */ | 507 | /* Give up: No means of retrieving last login time */ |
497 | return 0; | 508 | return (0); |
498 | # endif /* USE_WTMPX && (HAVE_TIME_IN_UTMPX || HAVE_TV_IN_UTMPX) */ | ||
499 | # endif /* USE_WTMP && (HAVE_TIME_IN_UTMP || HAVE_TV_IN_UTMP) */ | ||
500 | # endif /* DISABLE_LASTLOG */ | 509 | # endif /* DISABLE_LASTLOG */ |
501 | #endif /* USE_LASTLOG */ | 510 | #endif /* USE_LASTLOG */ |
502 | } | 511 | } |
@@ -520,19 +529,21 @@ getlast_entry(struct logininfo *li) | |||
520 | */ | 529 | */ |
521 | 530 | ||
522 | 531 | ||
523 | /* line_fullname(): add the leading '/dev/' if it doesn't exist make | 532 | /* |
524 | * sure dst has enough space, if not just copy src (ugh) */ | 533 | * line_fullname(): add the leading '/dev/' if it doesn't exist make |
534 | * sure dst has enough space, if not just copy src (ugh) | ||
535 | */ | ||
525 | char * | 536 | char * |
526 | line_fullname(char *dst, const char *src, int dstsize) | 537 | line_fullname(char *dst, const char *src, int dstsize) |
527 | { | 538 | { |
528 | memset(dst, '\0', dstsize); | 539 | memset(dst, '\0', dstsize); |
529 | if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5))) { | 540 | if ((strncmp(src, "/dev/", 5) == 0) || (dstsize < (strlen(src) + 5))) |
530 | strlcpy(dst, src, dstsize); | 541 | strlcpy(dst, src, dstsize); |
531 | } else { | 542 | else { |
532 | strlcpy(dst, "/dev/", dstsize); | 543 | strlcpy(dst, "/dev/", dstsize); |
533 | strlcat(dst, src, dstsize); | 544 | strlcat(dst, src, dstsize); |
534 | } | 545 | } |
535 | return dst; | 546 | return (dst); |
536 | } | 547 | } |
537 | 548 | ||
538 | /* line_stripname(): strip the leading '/dev' if it exists, return dst */ | 549 | /* line_stripname(): strip the leading '/dev' if it exists, return dst */ |
@@ -544,15 +555,17 @@ line_stripname(char *dst, const char *src, int dstsize) | |||
544 | strlcpy(dst, src + 5, dstsize); | 555 | strlcpy(dst, src + 5, dstsize); |
545 | else | 556 | else |
546 | strlcpy(dst, src, dstsize); | 557 | strlcpy(dst, src, dstsize); |
547 | return dst; | 558 | return (dst); |
548 | } | 559 | } |
549 | 560 | ||
550 | /* line_abbrevname(): Return the abbreviated (usually four-character) | 561 | /* |
562 | * line_abbrevname(): Return the abbreviated (usually four-character) | ||
551 | * form of the line (Just use the last <dstsize> characters of the | 563 | * form of the line (Just use the last <dstsize> characters of the |
552 | * full name.) | 564 | * full name.) |
553 | * | 565 | * |
554 | * NOTE: use strncpy because we do NOT necessarily want zero | 566 | * NOTE: use strncpy because we do NOT necessarily want zero |
555 | * termination */ | 567 | * termination |
568 | */ | ||
556 | char * | 569 | char * |
557 | line_abbrevname(char *dst, const char *src, int dstsize) | 570 | line_abbrevname(char *dst, const char *src, int dstsize) |
558 | { | 571 | { |
@@ -579,7 +592,7 @@ line_abbrevname(char *dst, const char *src, int dstsize) | |||
579 | strncpy(dst, src, (size_t)dstsize); | 592 | strncpy(dst, src, (size_t)dstsize); |
580 | } | 593 | } |
581 | 594 | ||
582 | return dst; | 595 | return (dst); |
583 | } | 596 | } |
584 | 597 | ||
585 | /** | 598 | /** |
@@ -595,13 +608,11 @@ line_abbrevname(char *dst, const char *src, int dstsize) | |||
595 | void | 608 | void |
596 | set_utmp_time(struct logininfo *li, struct utmp *ut) | 609 | set_utmp_time(struct logininfo *li, struct utmp *ut) |
597 | { | 610 | { |
598 | # ifdef HAVE_TV_IN_UTMP | 611 | # if defined(HAVE_TV_IN_UTMP) |
599 | ut->ut_tv.tv_sec = li->tv_sec; | 612 | ut->ut_tv.tv_sec = li->tv_sec; |
600 | ut->ut_tv.tv_usec = li->tv_usec; | 613 | ut->ut_tv.tv_usec = li->tv_usec; |
601 | # else | 614 | # elif defined(HAVE_TIME_IN_UTMP) |
602 | # ifdef HAVE_TIME_IN_UTMP | ||
603 | ut->ut_time = li->tv_sec; | 615 | ut->ut_time = li->tv_sec; |
604 | # endif | ||
605 | # endif | 616 | # endif |
606 | } | 617 | } |
607 | 618 | ||
@@ -611,7 +622,8 @@ construct_utmp(struct logininfo *li, | |||
611 | { | 622 | { |
612 | # ifdef HAVE_ADDR_V6_IN_UTMP | 623 | # ifdef HAVE_ADDR_V6_IN_UTMP |
613 | struct sockaddr_in6 *sa6; | 624 | struct sockaddr_in6 *sa6; |
614 | # endif | 625 | # endif |
626 | |||
615 | memset(ut, '\0', sizeof(*ut)); | 627 | memset(ut, '\0', sizeof(*ut)); |
616 | 628 | ||
617 | /* First fill out fields used for both logins and logouts */ | 629 | /* First fill out fields used for both logins and logouts */ |
@@ -647,7 +659,7 @@ construct_utmp(struct logininfo *li, | |||
647 | 659 | ||
648 | /* If we're logging out, leave all other fields blank */ | 660 | /* If we're logging out, leave all other fields blank */ |
649 | if (li->type == LTYPE_LOGOUT) | 661 | if (li->type == LTYPE_LOGOUT) |
650 | return; | 662 | return; |
651 | 663 | ||
652 | /* | 664 | /* |
653 | * These fields are only used when logging in, and are blank | 665 | * These fields are only used when logging in, and are blank |
@@ -655,9 +667,11 @@ construct_utmp(struct logininfo *li, | |||
655 | */ | 667 | */ |
656 | 668 | ||
657 | /* Use strncpy because we don't necessarily want null termination */ | 669 | /* Use strncpy because we don't necessarily want null termination */ |
658 | strncpy(ut->ut_name, li->username, MIN_SIZEOF(ut->ut_name, li->username)); | 670 | strncpy(ut->ut_name, li->username, |
671 | MIN_SIZEOF(ut->ut_name, li->username)); | ||
659 | # ifdef HAVE_HOST_IN_UTMP | 672 | # ifdef HAVE_HOST_IN_UTMP |
660 | strncpy(ut->ut_host, li->hostname, MIN_SIZEOF(ut->ut_host, li->hostname)); | 673 | strncpy(ut->ut_host, li->hostname, |
674 | MIN_SIZEOF(ut->ut_host, li->hostname)); | ||
661 | # endif | 675 | # endif |
662 | # ifdef HAVE_ADDR_IN_UTMP | 676 | # ifdef HAVE_ADDR_IN_UTMP |
663 | /* this is just a 32-bit IP address */ | 677 | /* this is just a 32-bit IP address */ |
@@ -692,14 +706,12 @@ construct_utmp(struct logininfo *li, | |||
692 | void | 706 | void |
693 | set_utmpx_time(struct logininfo *li, struct utmpx *utx) | 707 | set_utmpx_time(struct logininfo *li, struct utmpx *utx) |
694 | { | 708 | { |
695 | # ifdef HAVE_TV_IN_UTMPX | 709 | # if defined(HAVE_TV_IN_UTMPX) |
696 | utx->ut_tv.tv_sec = li->tv_sec; | 710 | utx->ut_tv.tv_sec = li->tv_sec; |
697 | utx->ut_tv.tv_usec = li->tv_usec; | 711 | utx->ut_tv.tv_usec = li->tv_usec; |
698 | # else /* HAVE_TV_IN_UTMPX */ | 712 | # elif defined(HAVE_TIME_IN_UTMPX) |
699 | # ifdef HAVE_TIME_IN_UTMPX | ||
700 | utx->ut_time = li->tv_sec; | 713 | utx->ut_time = li->tv_sec; |
701 | # endif /* HAVE_TIME_IN_UTMPX */ | 714 | # endif |
702 | # endif /* HAVE_TV_IN_UTMPX */ | ||
703 | } | 715 | } |
704 | 716 | ||
705 | void | 717 | void |
@@ -709,6 +721,7 @@ construct_utmpx(struct logininfo *li, struct utmpx *utx) | |||
709 | struct sockaddr_in6 *sa6; | 721 | struct sockaddr_in6 *sa6; |
710 | # endif | 722 | # endif |
711 | memset(utx, '\0', sizeof(*utx)); | 723 | memset(utx, '\0', sizeof(*utx)); |
724 | |||
712 | # ifdef HAVE_ID_IN_UTMPX | 725 | # ifdef HAVE_ID_IN_UTMPX |
713 | line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id)); | 726 | line_abbrevname(utx->ut_id, li->line, sizeof(utx->ut_id)); |
714 | # endif | 727 | # endif |
@@ -725,8 +738,10 @@ construct_utmpx(struct logininfo *li, struct utmpx *utx) | |||
725 | line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line)); | 738 | line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line)); |
726 | set_utmpx_time(li, utx); | 739 | set_utmpx_time(li, utx); |
727 | utx->ut_pid = li->pid; | 740 | utx->ut_pid = li->pid; |
741 | |||
728 | /* strncpy(): Don't necessarily want null termination */ | 742 | /* strncpy(): Don't necessarily want null termination */ |
729 | strncpy(utx->ut_name, li->username, MIN_SIZEOF(utx->ut_name, li->username)); | 743 | strncpy(utx->ut_name, li->username, |
744 | MIN_SIZEOF(utx->ut_name, li->username)); | ||
730 | 745 | ||
731 | if (li->type == LTYPE_LOGOUT) | 746 | if (li->type == LTYPE_LOGOUT) |
732 | return; | 747 | return; |
@@ -737,7 +752,8 @@ construct_utmpx(struct logininfo *li, struct utmpx *utx) | |||
737 | */ | 752 | */ |
738 | 753 | ||
739 | # ifdef HAVE_HOST_IN_UTMPX | 754 | # ifdef HAVE_HOST_IN_UTMPX |
740 | strncpy(utx->ut_host, li->hostname, MIN_SIZEOF(utx->ut_host, li->hostname)); | 755 | strncpy(utx->ut_host, li->hostname, |
756 | MIN_SIZEOF(utx->ut_host, li->hostname)); | ||
741 | # endif | 757 | # endif |
742 | # ifdef HAVE_ADDR_IN_UTMPX | 758 | # ifdef HAVE_ADDR_IN_UTMPX |
743 | /* this is just a 32-bit IP address */ | 759 | /* this is just a 32-bit IP address */ |
@@ -785,16 +801,17 @@ utmp_write_library(struct logininfo *li, struct utmp *ut) | |||
785 | { | 801 | { |
786 | setutent(); | 802 | setutent(); |
787 | pututline(ut); | 803 | pututline(ut); |
788 | |||
789 | # ifdef HAVE_ENDUTENT | 804 | # ifdef HAVE_ENDUTENT |
790 | endutent(); | 805 | endutent(); |
791 | # endif | 806 | # endif |
792 | return 1; | 807 | return (1); |
793 | } | 808 | } |
794 | # else /* UTMP_USE_LIBRARY */ | 809 | # else /* UTMP_USE_LIBRARY */ |
795 | 810 | ||
796 | /* write a utmp entry direct to the file */ | 811 | /* |
797 | /* This is a slightly modification of code in OpenBSD's login.c */ | 812 | * Write a utmp entry direct to the file |
813 | * This is a slightly modification of code in OpenBSD's login.c | ||
814 | */ | ||
798 | static int | 815 | static int |
799 | utmp_write_direct(struct logininfo *li, struct utmp *ut) | 816 | utmp_write_direct(struct logininfo *li, struct utmp *ut) |
800 | { | 817 | { |
@@ -805,19 +822,18 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) | |||
805 | /* FIXME: (ATL) ttyslot() needs local implementation */ | 822 | /* FIXME: (ATL) ttyslot() needs local implementation */ |
806 | 823 | ||
807 | #if defined(HAVE_GETTTYENT) | 824 | #if defined(HAVE_GETTTYENT) |
808 | register struct ttyent *ty; | 825 | struct ttyent *ty; |
809 | 826 | ||
810 | tty=0; | 827 | tty=0; |
811 | |||
812 | setttyent(); | 828 | setttyent(); |
813 | while ((struct ttyent *)0 != (ty = getttyent())) { | 829 | while (NULL != (ty = getttyent())) { |
814 | tty++; | 830 | tty++; |
815 | if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line))) | 831 | if (!strncmp(ty->ty_name, ut->ut_line, sizeof(ut->ut_line))) |
816 | break; | 832 | break; |
817 | } | 833 | } |
818 | endttyent(); | 834 | endttyent(); |
819 | 835 | ||
820 | if((struct ttyent *)0 == ty) { | 836 | if (NULL == ty) { |
821 | logit("%s: tty not found", __func__); | 837 | logit("%s: tty not found", __func__); |
822 | return (0); | 838 | return (0); |
823 | } | 839 | } |
@@ -832,12 +848,12 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) | |||
832 | 848 | ||
833 | pos = (off_t)tty * sizeof(struct utmp); | 849 | pos = (off_t)tty * sizeof(struct utmp); |
834 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { | 850 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { |
835 | logit("%s: llseek: %s", strerror(errno)); | 851 | logit("%s: lseek: %s", __func__, strerror(errno)); |
836 | return (0); | 852 | return (0); |
837 | } | 853 | } |
838 | if (ret != pos) { | 854 | if (ret != pos) { |
839 | logit("%s: Couldn't seek to tty %s slot in %s", tty, | 855 | logit("%s: Couldn't seek to tty %d slot in %s", |
840 | UTMP_FILE); | 856 | __func__, tty, UTMP_FILE); |
841 | return (0); | 857 | return (0); |
842 | } | 858 | } |
843 | /* | 859 | /* |
@@ -846,29 +862,29 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) | |||
846 | * and ut_line and ut_name match, preserve the old ut_line. | 862 | * and ut_line and ut_name match, preserve the old ut_line. |
847 | */ | 863 | */ |
848 | if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) && | 864 | if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) && |
849 | (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') && | 865 | (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') && |
850 | (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) && | 866 | (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) && |
851 | (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0)) { | 867 | (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0)) |
852 | (void)memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host)); | 868 | memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host)); |
853 | } | ||
854 | 869 | ||
855 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { | 870 | if ((ret = lseek(fd, pos, SEEK_SET)) == -1) { |
856 | logit("%s: llseek: %s", __func__, strerror(errno)); | 871 | logit("%s: lseek: %s", __func__, strerror(errno)); |
857 | return (0); | 872 | return (0); |
858 | } | 873 | } |
859 | if (ret != pos) { | 874 | if (ret != pos) { |
860 | logit("%s: Couldn't seek to tty %s slot in %s", | 875 | logit("%s: Couldn't seek to tty %d slot in %s", |
861 | __func__, tty, UTMP_FILE); | 876 | __func__, tty, UTMP_FILE); |
862 | return (0); | 877 | return (0); |
863 | } | 878 | } |
864 | if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) | 879 | if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) { |
865 | logit("%s: error writing %s: %s", __func__, | 880 | logit("%s: error writing %s: %s", __func__, |
866 | UTMP_FILE, strerror(errno)); | 881 | UTMP_FILE, strerror(errno)); |
882 | } | ||
867 | 883 | ||
868 | (void)close(fd); | 884 | close(fd); |
869 | return 1; | 885 | return (1); |
870 | } else { | 886 | } else { |
871 | return 0; | 887 | return (0); |
872 | } | 888 | } |
873 | } | 889 | } |
874 | # endif /* UTMP_USE_LIBRARY */ | 890 | # endif /* UTMP_USE_LIBRARY */ |
@@ -881,16 +897,16 @@ utmp_perform_login(struct logininfo *li) | |||
881 | construct_utmp(li, &ut); | 897 | construct_utmp(li, &ut); |
882 | # ifdef UTMP_USE_LIBRARY | 898 | # ifdef UTMP_USE_LIBRARY |
883 | if (!utmp_write_library(li, &ut)) { | 899 | if (!utmp_write_library(li, &ut)) { |
884 | logit("utmp_perform_login: utmp_write_library() failed"); | 900 | logit("%s: utmp_write_library() failed", __func__); |
885 | return 0; | 901 | return (0); |
886 | } | 902 | } |
887 | # else | 903 | # else |
888 | if (!utmp_write_direct(li, &ut)) { | 904 | if (!utmp_write_direct(li, &ut)) { |
889 | logit("utmp_perform_login: utmp_write_direct() failed"); | 905 | logit("%s: utmp_write_direct() failed", __func__); |
890 | return 0; | 906 | return (0); |
891 | } | 907 | } |
892 | # endif | 908 | # endif |
893 | return 1; | 909 | return (1); |
894 | } | 910 | } |
895 | 911 | ||
896 | 912 | ||
@@ -902,16 +918,16 @@ utmp_perform_logout(struct logininfo *li) | |||
902 | construct_utmp(li, &ut); | 918 | construct_utmp(li, &ut); |
903 | # ifdef UTMP_USE_LIBRARY | 919 | # ifdef UTMP_USE_LIBRARY |
904 | if (!utmp_write_library(li, &ut)) { | 920 | if (!utmp_write_library(li, &ut)) { |
905 | logit("utmp_perform_logout: utmp_write_library() failed"); | 921 | logit("%s: utmp_write_library() failed", __func__); |
906 | return 0; | 922 | return (0); |
907 | } | 923 | } |
908 | # else | 924 | # else |
909 | if (!utmp_write_direct(li, &ut)) { | 925 | if (!utmp_write_direct(li, &ut)) { |
910 | logit("utmp_perform_logout: utmp_write_direct() failed"); | 926 | logit("%s: utmp_write_direct() failed", __func__); |
911 | return 0; | 927 | return (0); |
912 | } | 928 | } |
913 | # endif | 929 | # endif |
914 | return 1; | 930 | return (1); |
915 | } | 931 | } |
916 | 932 | ||
917 | 933 | ||
@@ -920,14 +936,14 @@ utmp_write_entry(struct logininfo *li) | |||
920 | { | 936 | { |
921 | switch(li->type) { | 937 | switch(li->type) { |
922 | case LTYPE_LOGIN: | 938 | case LTYPE_LOGIN: |
923 | return utmp_perform_login(li); | 939 | return (utmp_perform_login(li)); |
924 | 940 | ||
925 | case LTYPE_LOGOUT: | 941 | case LTYPE_LOGOUT: |
926 | return utmp_perform_logout(li); | 942 | return (utmp_perform_logout(li)); |
927 | 943 | ||
928 | default: | 944 | default: |
929 | logit("utmp_write_entry: invalid type field"); | 945 | logit("%s: invalid type field", __func__); |
930 | return 0; | 946 | return (0); |
931 | } | 947 | } |
932 | } | 948 | } |
933 | #endif /* USE_UTMP */ | 949 | #endif /* USE_UTMP */ |
@@ -958,7 +974,7 @@ utmpx_write_library(struct logininfo *li, struct utmpx *utx) | |||
958 | # ifdef HAVE_ENDUTXENT | 974 | # ifdef HAVE_ENDUTXENT |
959 | endutxent(); | 975 | endutxent(); |
960 | # endif | 976 | # endif |
961 | return 1; | 977 | return (1); |
962 | } | 978 | } |
963 | 979 | ||
964 | # else /* UTMPX_USE_LIBRARY */ | 980 | # else /* UTMPX_USE_LIBRARY */ |
@@ -967,8 +983,8 @@ utmpx_write_library(struct logininfo *li, struct utmpx *utx) | |||
967 | static int | 983 | static int |
968 | utmpx_write_direct(struct logininfo *li, struct utmpx *utx) | 984 | utmpx_write_direct(struct logininfo *li, struct utmpx *utx) |
969 | { | 985 | { |
970 | logit("utmpx_write_direct: not implemented!"); | 986 | logit("%s: not implemented!", __func__); |
971 | return 0; | 987 | return (0); |
972 | } | 988 | } |
973 | # endif /* UTMPX_USE_LIBRARY */ | 989 | # endif /* UTMPX_USE_LIBRARY */ |
974 | 990 | ||
@@ -980,16 +996,16 @@ utmpx_perform_login(struct logininfo *li) | |||
980 | construct_utmpx(li, &utx); | 996 | construct_utmpx(li, &utx); |
981 | # ifdef UTMPX_USE_LIBRARY | 997 | # ifdef UTMPX_USE_LIBRARY |
982 | if (!utmpx_write_library(li, &utx)) { | 998 | if (!utmpx_write_library(li, &utx)) { |
983 | logit("utmpx_perform_login: utmp_write_library() failed"); | 999 | logit("%s: utmp_write_library() failed", __func__); |
984 | return 0; | 1000 | return (0); |
985 | } | 1001 | } |
986 | # else | 1002 | # else |
987 | if (!utmpx_write_direct(li, &ut)) { | 1003 | if (!utmpx_write_direct(li, &ut)) { |
988 | logit("utmpx_perform_login: utmp_write_direct() failed"); | 1004 | logit("%s: utmp_write_direct() failed", __func__); |
989 | return 0; | 1005 | return (0); |
990 | } | 1006 | } |
991 | # endif | 1007 | # endif |
992 | return 1; | 1008 | return (1); |
993 | } | 1009 | } |
994 | 1010 | ||
995 | 1011 | ||
@@ -1011,7 +1027,7 @@ utmpx_perform_logout(struct logininfo *li) | |||
1011 | # else | 1027 | # else |
1012 | utmpx_write_direct(li, &utx); | 1028 | utmpx_write_direct(li, &utx); |
1013 | # endif | 1029 | # endif |
1014 | return 1; | 1030 | return (1); |
1015 | } | 1031 | } |
1016 | 1032 | ||
1017 | int | 1033 | int |
@@ -1019,12 +1035,12 @@ utmpx_write_entry(struct logininfo *li) | |||
1019 | { | 1035 | { |
1020 | switch(li->type) { | 1036 | switch(li->type) { |
1021 | case LTYPE_LOGIN: | 1037 | case LTYPE_LOGIN: |
1022 | return utmpx_perform_login(li); | 1038 | return (utmpx_perform_login(li)); |
1023 | case LTYPE_LOGOUT: | 1039 | case LTYPE_LOGOUT: |
1024 | return utmpx_perform_logout(li); | 1040 | return (utmpx_perform_logout(li)); |
1025 | default: | 1041 | default: |
1026 | logit("utmpx_write_entry: invalid type field"); | 1042 | logit("%s: invalid type field", __func__); |
1027 | return 0; | 1043 | return (0); |
1028 | } | 1044 | } |
1029 | } | 1045 | } |
1030 | #endif /* USE_UTMPX */ | 1046 | #endif /* USE_UTMPX */ |
@@ -1036,8 +1052,10 @@ utmpx_write_entry(struct logininfo *li) | |||
1036 | 1052 | ||
1037 | #ifdef USE_WTMP | 1053 | #ifdef USE_WTMP |
1038 | 1054 | ||
1039 | /* write a wtmp entry direct to the end of the file */ | 1055 | /* |
1040 | /* This is a slight modification of code in OpenBSD's logwtmp.c */ | 1056 | * Write a wtmp entry direct to the end of the file |
1057 | * This is a slight modification of code in OpenBSD's logwtmp.c | ||
1058 | */ | ||
1041 | static int | 1059 | static int |
1042 | wtmp_write(struct logininfo *li, struct utmp *ut) | 1060 | wtmp_write(struct logininfo *li, struct utmp *ut) |
1043 | { | 1061 | { |
@@ -1045,19 +1063,19 @@ wtmp_write(struct logininfo *li, struct utmp *ut) | |||
1045 | int fd, ret = 1; | 1063 | int fd, ret = 1; |
1046 | 1064 | ||
1047 | if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) { | 1065 | if ((fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0) { |
1048 | logit("wtmp_write: problem writing %s: %s", | 1066 | logit("%s: problem writing %s: %s", __func__, |
1049 | WTMP_FILE, strerror(errno)); | 1067 | WTMP_FILE, strerror(errno)); |
1050 | return 0; | 1068 | return (0); |
1051 | } | 1069 | } |
1052 | if (fstat(fd, &buf) == 0) | 1070 | if (fstat(fd, &buf) == 0) |
1053 | if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) { | 1071 | if (atomicio(vwrite, fd, ut, sizeof(*ut)) != sizeof(*ut)) { |
1054 | ftruncate(fd, buf.st_size); | 1072 | ftruncate(fd, buf.st_size); |
1055 | logit("wtmp_write: problem writing %s: %s", | 1073 | logit("%s: problem writing %s: %s", __func__, |
1056 | WTMP_FILE, strerror(errno)); | 1074 | WTMP_FILE, strerror(errno)); |
1057 | ret = 0; | 1075 | ret = 0; |
1058 | } | 1076 | } |
1059 | (void)close(fd); | 1077 | close(fd); |
1060 | return ret; | 1078 | return (ret); |
1061 | } | 1079 | } |
1062 | 1080 | ||
1063 | static int | 1081 | static int |
@@ -1066,7 +1084,7 @@ wtmp_perform_login(struct logininfo *li) | |||
1066 | struct utmp ut; | 1084 | struct utmp ut; |
1067 | 1085 | ||
1068 | construct_utmp(li, &ut); | 1086 | construct_utmp(li, &ut); |
1069 | return wtmp_write(li, &ut); | 1087 | return (wtmp_write(li, &ut)); |
1070 | } | 1088 | } |
1071 | 1089 | ||
1072 | 1090 | ||
@@ -1076,7 +1094,7 @@ wtmp_perform_logout(struct logininfo *li) | |||
1076 | struct utmp ut; | 1094 | struct utmp ut; |
1077 | 1095 | ||
1078 | construct_utmp(li, &ut); | 1096 | construct_utmp(li, &ut); |
1079 | return wtmp_write(li, &ut); | 1097 | return (wtmp_write(li, &ut)); |
1080 | } | 1098 | } |
1081 | 1099 | ||
1082 | 1100 | ||
@@ -1085,17 +1103,18 @@ wtmp_write_entry(struct logininfo *li) | |||
1085 | { | 1103 | { |
1086 | switch(li->type) { | 1104 | switch(li->type) { |
1087 | case LTYPE_LOGIN: | 1105 | case LTYPE_LOGIN: |
1088 | return wtmp_perform_login(li); | 1106 | return (wtmp_perform_login(li)); |
1089 | case LTYPE_LOGOUT: | 1107 | case LTYPE_LOGOUT: |
1090 | return wtmp_perform_logout(li); | 1108 | return (wtmp_perform_logout(li)); |
1091 | default: | 1109 | default: |
1092 | logit("wtmp_write_entry: invalid type field"); | 1110 | logit("%s: invalid type field", __func__); |
1093 | return 0; | 1111 | return (0); |
1094 | } | 1112 | } |
1095 | } | 1113 | } |
1096 | 1114 | ||
1097 | 1115 | ||
1098 | /* Notes on fetching login data from wtmp/wtmpx | 1116 | /* |
1117 | * Notes on fetching login data from wtmp/wtmpx | ||
1099 | * | 1118 | * |
1100 | * Logouts are usually recorded with (amongst other things) a blank | 1119 | * Logouts are usually recorded with (amongst other things) a blank |
1101 | * username on a given tty line. However, some systems (HP-UX is one) | 1120 | * username on a given tty line. However, some systems (HP-UX is one) |
@@ -1116,15 +1135,15 @@ static int | |||
1116 | wtmp_islogin(struct logininfo *li, struct utmp *ut) | 1135 | wtmp_islogin(struct logininfo *li, struct utmp *ut) |
1117 | { | 1136 | { |
1118 | if (strncmp(li->username, ut->ut_name, | 1137 | if (strncmp(li->username, ut->ut_name, |
1119 | MIN_SIZEOF(li->username, ut->ut_name)) == 0) { | 1138 | MIN_SIZEOF(li->username, ut->ut_name)) == 0) { |
1120 | # ifdef HAVE_TYPE_IN_UTMP | 1139 | # ifdef HAVE_TYPE_IN_UTMP |
1121 | if (ut->ut_type & USER_PROCESS) | 1140 | if (ut->ut_type & USER_PROCESS) |
1122 | return 1; | 1141 | return (1); |
1123 | # else | 1142 | # else |
1124 | return 1; | 1143 | return (1); |
1125 | # endif | 1144 | # endif |
1126 | } | 1145 | } |
1127 | return 0; | 1146 | return (0); |
1128 | } | 1147 | } |
1129 | 1148 | ||
1130 | int | 1149 | int |
@@ -1132,41 +1151,43 @@ wtmp_get_entry(struct logininfo *li) | |||
1132 | { | 1151 | { |
1133 | struct stat st; | 1152 | struct stat st; |
1134 | struct utmp ut; | 1153 | struct utmp ut; |
1135 | int fd, found=0; | 1154 | int fd, found = 0; |
1136 | 1155 | ||
1137 | /* Clear the time entries in our logininfo */ | 1156 | /* Clear the time entries in our logininfo */ |
1138 | li->tv_sec = li->tv_usec = 0; | 1157 | li->tv_sec = li->tv_usec = 0; |
1139 | 1158 | ||
1140 | if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) { | 1159 | if ((fd = open(WTMP_FILE, O_RDONLY)) < 0) { |
1141 | logit("wtmp_get_entry: problem opening %s: %s", | 1160 | logit("%s: problem opening %s: %s", __func__, |
1142 | WTMP_FILE, strerror(errno)); | 1161 | WTMP_FILE, strerror(errno)); |
1143 | return 0; | 1162 | return (0); |
1144 | } | 1163 | } |
1145 | if (fstat(fd, &st) != 0) { | 1164 | if (fstat(fd, &st) != 0) { |
1146 | logit("wtmp_get_entry: couldn't stat %s: %s", | 1165 | logit("%s: couldn't stat %s: %s", __func__, |
1147 | WTMP_FILE, strerror(errno)); | 1166 | WTMP_FILE, strerror(errno)); |
1148 | close(fd); | 1167 | close(fd); |
1149 | return 0; | 1168 | return (0); |
1150 | } | 1169 | } |
1151 | 1170 | ||
1152 | /* Seek to the start of the last struct utmp */ | 1171 | /* Seek to the start of the last struct utmp */ |
1153 | if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) { | 1172 | if (lseek(fd, -(off_t)sizeof(struct utmp), SEEK_END) == -1) { |
1154 | /* Looks like we've got a fresh wtmp file */ | 1173 | /* Looks like we've got a fresh wtmp file */ |
1155 | close(fd); | 1174 | close(fd); |
1156 | return 0; | 1175 | return (0); |
1157 | } | 1176 | } |
1158 | 1177 | ||
1159 | while (!found) { | 1178 | while (!found) { |
1160 | if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) { | 1179 | if (atomicio(read, fd, &ut, sizeof(ut)) != sizeof(ut)) { |
1161 | logit("wtmp_get_entry: read of %s failed: %s", | 1180 | logit("%s: read of %s failed: %s", __func__, |
1162 | WTMP_FILE, strerror(errno)); | 1181 | WTMP_FILE, strerror(errno)); |
1163 | close (fd); | 1182 | close (fd); |
1164 | return 0; | 1183 | return (0); |
1165 | } | 1184 | } |
1166 | if ( wtmp_islogin(li, &ut) ) { | 1185 | if ( wtmp_islogin(li, &ut) ) { |
1167 | found = 1; | 1186 | found = 1; |
1168 | /* We've already checked for a time in struct | 1187 | /* |
1169 | * utmp, in login_getlast(). */ | 1188 | * We've already checked for a time in struct |
1189 | * utmp, in login_getlast() | ||
1190 | */ | ||
1170 | # ifdef HAVE_TIME_IN_UTMP | 1191 | # ifdef HAVE_TIME_IN_UTMP |
1171 | li->tv_sec = ut.ut_time; | 1192 | li->tv_sec = ut.ut_time; |
1172 | # else | 1193 | # else |
@@ -1175,24 +1196,24 @@ wtmp_get_entry(struct logininfo *li) | |||
1175 | # endif | 1196 | # endif |
1176 | # endif | 1197 | # endif |
1177 | line_fullname(li->line, ut.ut_line, | 1198 | line_fullname(li->line, ut.ut_line, |
1178 | MIN_SIZEOF(li->line, ut.ut_line)); | 1199 | MIN_SIZEOF(li->line, ut.ut_line)); |
1179 | # ifdef HAVE_HOST_IN_UTMP | 1200 | # ifdef HAVE_HOST_IN_UTMP |
1180 | strlcpy(li->hostname, ut.ut_host, | 1201 | strlcpy(li->hostname, ut.ut_host, |
1181 | MIN_SIZEOF(li->hostname, ut.ut_host)); | 1202 | MIN_SIZEOF(li->hostname, ut.ut_host)); |
1182 | # endif | 1203 | # endif |
1183 | continue; | 1204 | continue; |
1184 | } | 1205 | } |
1185 | /* Seek back 2 x struct utmp */ | 1206 | /* Seek back 2 x struct utmp */ |
1186 | if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) { | 1207 | if (lseek(fd, -(off_t)(2 * sizeof(struct utmp)), SEEK_CUR) == -1) { |
1187 | /* We've found the start of the file, so quit */ | 1208 | /* We've found the start of the file, so quit */ |
1188 | close (fd); | 1209 | close(fd); |
1189 | return 0; | 1210 | return (0); |
1190 | } | 1211 | } |
1191 | } | 1212 | } |
1192 | 1213 | ||
1193 | /* We found an entry. Tidy up and return */ | 1214 | /* We found an entry. Tidy up and return */ |
1194 | close(fd); | 1215 | close(fd); |
1195 | return 1; | 1216 | return (1); |
1196 | } | 1217 | } |
1197 | # endif /* USE_WTMP */ | 1218 | # endif /* USE_WTMP */ |
1198 | 1219 | ||
@@ -1202,8 +1223,10 @@ wtmp_get_entry(struct logininfo *li) | |||
1202 | **/ | 1223 | **/ |
1203 | 1224 | ||
1204 | #ifdef USE_WTMPX | 1225 | #ifdef USE_WTMPX |
1205 | /* write a wtmpx entry direct to the end of the file */ | 1226 | /* |
1206 | /* This is a slight modification of code in OpenBSD's logwtmp.c */ | 1227 | * Write a wtmpx entry direct to the end of the file |
1228 | * This is a slight modification of code in OpenBSD's logwtmp.c | ||
1229 | */ | ||
1207 | static int | 1230 | static int |
1208 | wtmpx_write(struct logininfo *li, struct utmpx *utx) | 1231 | wtmpx_write(struct logininfo *li, struct utmpx *utx) |
1209 | { | 1232 | { |
@@ -1212,24 +1235,24 @@ wtmpx_write(struct logininfo *li, struct utmpx *utx) | |||
1212 | int fd, ret = 1; | 1235 | int fd, ret = 1; |
1213 | 1236 | ||
1214 | if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) { | 1237 | if ((fd = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0)) < 0) { |
1215 | logit("wtmpx_write: problem opening %s: %s", | 1238 | logit("%s: problem opening %s: %s", __func__, |
1216 | WTMPX_FILE, strerror(errno)); | 1239 | WTMPX_FILE, strerror(errno)); |
1217 | return 0; | 1240 | return (0); |
1218 | } | 1241 | } |
1219 | 1242 | ||
1220 | if (fstat(fd, &buf) == 0) | 1243 | if (fstat(fd, &buf) == 0) |
1221 | if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) { | 1244 | if (atomicio(vwrite, fd, utx, sizeof(*utx)) != sizeof(*utx)) { |
1222 | ftruncate(fd, buf.st_size); | 1245 | ftruncate(fd, buf.st_size); |
1223 | logit("wtmpx_write: problem writing %s: %s", | 1246 | logit("%s: problem writing %s: %s", __func__, |
1224 | WTMPX_FILE, strerror(errno)); | 1247 | WTMPX_FILE, strerror(errno)); |
1225 | ret = 0; | 1248 | ret = 0; |
1226 | } | 1249 | } |
1227 | (void)close(fd); | 1250 | close(fd); |
1228 | 1251 | ||
1229 | return ret; | 1252 | return (ret); |
1230 | #else | 1253 | #else |
1231 | updwtmpx(WTMPX_FILE, utx); | 1254 | updwtmpx(WTMPX_FILE, utx); |
1232 | return 1; | 1255 | return (1); |
1233 | #endif | 1256 | #endif |
1234 | } | 1257 | } |
1235 | 1258 | ||
@@ -1240,7 +1263,7 @@ wtmpx_perform_login(struct logininfo *li) | |||
1240 | struct utmpx utx; | 1263 | struct utmpx utx; |
1241 | 1264 | ||
1242 | construct_utmpx(li, &utx); | 1265 | construct_utmpx(li, &utx); |
1243 | return wtmpx_write(li, &utx); | 1266 | return (wtmpx_write(li, &utx)); |
1244 | } | 1267 | } |
1245 | 1268 | ||
1246 | 1269 | ||
@@ -1250,7 +1273,7 @@ wtmpx_perform_logout(struct logininfo *li) | |||
1250 | struct utmpx utx; | 1273 | struct utmpx utx; |
1251 | 1274 | ||
1252 | construct_utmpx(li, &utx); | 1275 | construct_utmpx(li, &utx); |
1253 | return wtmpx_write(li, &utx); | 1276 | return (wtmpx_write(li, &utx)); |
1254 | } | 1277 | } |
1255 | 1278 | ||
1256 | 1279 | ||
@@ -1259,12 +1282,12 @@ wtmpx_write_entry(struct logininfo *li) | |||
1259 | { | 1282 | { |
1260 | switch(li->type) { | 1283 | switch(li->type) { |
1261 | case LTYPE_LOGIN: | 1284 | case LTYPE_LOGIN: |
1262 | return wtmpx_perform_login(li); | 1285 | return (wtmpx_perform_login(li)); |
1263 | case LTYPE_LOGOUT: | 1286 | case LTYPE_LOGOUT: |
1264 | return wtmpx_perform_logout(li); | 1287 | return (wtmpx_perform_logout(li)); |
1265 | default: | 1288 | default: |
1266 | logit("wtmpx_write_entry: invalid type field"); | 1289 | logit("%s: invalid type field", __func__); |
1267 | return 0; | 1290 | return (0); |
1268 | } | 1291 | } |
1269 | } | 1292 | } |
1270 | 1293 | ||
@@ -1275,16 +1298,16 @@ wtmpx_write_entry(struct logininfo *li) | |||
1275 | static int | 1298 | static int |
1276 | wtmpx_islogin(struct logininfo *li, struct utmpx *utx) | 1299 | wtmpx_islogin(struct logininfo *li, struct utmpx *utx) |
1277 | { | 1300 | { |
1278 | if ( strncmp(li->username, utx->ut_name, | 1301 | if (strncmp(li->username, utx->ut_name, |
1279 | MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) { | 1302 | MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) { |
1280 | # ifdef HAVE_TYPE_IN_UTMPX | 1303 | # ifdef HAVE_TYPE_IN_UTMPX |
1281 | if (utx->ut_type == USER_PROCESS) | 1304 | if (utx->ut_type == USER_PROCESS) |
1282 | return 1; | 1305 | return (1); |
1283 | # else | 1306 | # else |
1284 | return 1; | 1307 | return (1); |
1285 | # endif | 1308 | # endif |
1286 | } | 1309 | } |
1287 | return 0; | 1310 | return (0); |
1288 | } | 1311 | } |
1289 | 1312 | ||
1290 | 1313 | ||
@@ -1299,57 +1322,57 @@ wtmpx_get_entry(struct logininfo *li) | |||
1299 | li->tv_sec = li->tv_usec = 0; | 1322 | li->tv_sec = li->tv_usec = 0; |
1300 | 1323 | ||
1301 | if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) { | 1324 | if ((fd = open(WTMPX_FILE, O_RDONLY)) < 0) { |
1302 | logit("wtmpx_get_entry: problem opening %s: %s", | 1325 | logit("%s: problem opening %s: %s", __func__, |
1303 | WTMPX_FILE, strerror(errno)); | 1326 | WTMPX_FILE, strerror(errno)); |
1304 | return 0; | 1327 | return (0); |
1305 | } | 1328 | } |
1306 | if (fstat(fd, &st) != 0) { | 1329 | if (fstat(fd, &st) != 0) { |
1307 | logit("wtmpx_get_entry: couldn't stat %s: %s", | 1330 | logit("%s: couldn't stat %s: %s", __func__, |
1308 | WTMPX_FILE, strerror(errno)); | 1331 | WTMPX_FILE, strerror(errno)); |
1309 | close(fd); | 1332 | close(fd); |
1310 | return 0; | 1333 | return (0); |
1311 | } | 1334 | } |
1312 | 1335 | ||
1313 | /* Seek to the start of the last struct utmpx */ | 1336 | /* Seek to the start of the last struct utmpx */ |
1314 | if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) { | 1337 | if (lseek(fd, -(off_t)sizeof(struct utmpx), SEEK_END) == -1 ) { |
1315 | /* probably a newly rotated wtmpx file */ | 1338 | /* probably a newly rotated wtmpx file */ |
1316 | close(fd); | 1339 | close(fd); |
1317 | return 0; | 1340 | return (0); |
1318 | } | 1341 | } |
1319 | 1342 | ||
1320 | while (!found) { | 1343 | while (!found) { |
1321 | if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) { | 1344 | if (atomicio(read, fd, &utx, sizeof(utx)) != sizeof(utx)) { |
1322 | logit("wtmpx_get_entry: read of %s failed: %s", | 1345 | logit("%s: read of %s failed: %s", __func__, |
1323 | WTMPX_FILE, strerror(errno)); | 1346 | WTMPX_FILE, strerror(errno)); |
1324 | close (fd); | 1347 | close (fd); |
1325 | return 0; | 1348 | return (0); |
1326 | } | 1349 | } |
1327 | /* Logouts are recorded as a blank username on a particular line. | 1350 | /* |
1328 | * So, we just need to find the username in struct utmpx */ | 1351 | * Logouts are recorded as a blank username on a particular |
1329 | if ( wtmpx_islogin(li, &utx) ) { | 1352 | * line. So, we just need to find the username in struct utmpx |
1353 | */ | ||
1354 | if (wtmpx_islogin(li, &utx)) { | ||
1330 | found = 1; | 1355 | found = 1; |
1331 | # ifdef HAVE_TV_IN_UTMPX | 1356 | # if defined(HAVE_TV_IN_UTMPX) |
1332 | li->tv_sec = utx.ut_tv.tv_sec; | 1357 | li->tv_sec = utx.ut_tv.tv_sec; |
1333 | # else | 1358 | # elif defined(HAVE_TIME_IN_UTMPX) |
1334 | # ifdef HAVE_TIME_IN_UTMPX | ||
1335 | li->tv_sec = utx.ut_time; | 1359 | li->tv_sec = utx.ut_time; |
1336 | # endif | ||
1337 | # endif | 1360 | # endif |
1338 | line_fullname(li->line, utx.ut_line, sizeof(li->line)); | 1361 | line_fullname(li->line, utx.ut_line, sizeof(li->line)); |
1339 | # ifdef HAVE_HOST_IN_UTMPX | 1362 | # if defined(HAVE_HOST_IN_UTMPX) |
1340 | strlcpy(li->hostname, utx.ut_host, | 1363 | strlcpy(li->hostname, utx.ut_host, |
1341 | MIN_SIZEOF(li->hostname, utx.ut_host)); | 1364 | MIN_SIZEOF(li->hostname, utx.ut_host)); |
1342 | # endif | 1365 | # endif |
1343 | continue; | 1366 | continue; |
1344 | } | 1367 | } |
1345 | if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) { | 1368 | if (lseek(fd, -(off_t)(2 * sizeof(struct utmpx)), SEEK_CUR) == -1) { |
1346 | close (fd); | 1369 | close(fd); |
1347 | return 0; | 1370 | return (0); |
1348 | } | 1371 | } |
1349 | } | 1372 | } |
1350 | 1373 | ||
1351 | close(fd); | 1374 | close(fd); |
1352 | return 1; | 1375 | return (1); |
1353 | } | 1376 | } |
1354 | #endif /* USE_WTMPX */ | 1377 | #endif /* USE_WTMPX */ |
1355 | 1378 | ||
@@ -1363,15 +1386,12 @@ syslogin_perform_login(struct logininfo *li) | |||
1363 | { | 1386 | { |
1364 | struct utmp *ut; | 1387 | struct utmp *ut; |
1365 | 1388 | ||
1366 | if (! (ut = (struct utmp *)malloc(sizeof(*ut)))) { | 1389 | ut = xmalloc(sizeof(*ut)); |
1367 | logit("syslogin_perform_login: couldn't malloc()"); | ||
1368 | return 0; | ||
1369 | } | ||
1370 | construct_utmp(li, ut); | 1390 | construct_utmp(li, ut); |
1371 | login(ut); | 1391 | login(ut); |
1372 | free(ut); | 1392 | free(ut); |
1373 | 1393 | ||
1374 | return 1; | 1394 | return (1); |
1375 | } | 1395 | } |
1376 | 1396 | ||
1377 | static int | 1397 | static int |
@@ -1382,19 +1402,18 @@ syslogin_perform_logout(struct logininfo *li) | |||
1382 | 1402 | ||
1383 | (void)line_stripname(line, li->line, sizeof(line)); | 1403 | (void)line_stripname(line, li->line, sizeof(line)); |
1384 | 1404 | ||
1385 | if (!logout(line)) { | 1405 | if (!logout(line)) |
1386 | logit("syslogin_perform_logout: logout() returned an error"); | 1406 | logit("%s: logout() returned an error", __func__); |
1387 | # ifdef HAVE_LOGWTMP | 1407 | # ifdef HAVE_LOGWTMP |
1388 | } else { | 1408 | else |
1389 | logwtmp(line, "", ""); | 1409 | logwtmp(line, "", ""); |
1390 | # endif | 1410 | # endif |
1391 | } | ||
1392 | /* FIXME: (ATL - if the need arises) What to do if we have | 1411 | /* FIXME: (ATL - if the need arises) What to do if we have |
1393 | * login, but no logout? what if logout but no logwtmp? All | 1412 | * login, but no logout? what if logout but no logwtmp? All |
1394 | * routines are in libutil so they should all be there, | 1413 | * routines are in libutil so they should all be there, |
1395 | * but... */ | 1414 | * but... */ |
1396 | # endif | 1415 | # endif |
1397 | return 1; | 1416 | return (1); |
1398 | } | 1417 | } |
1399 | 1418 | ||
1400 | int | 1419 | int |
@@ -1402,12 +1421,12 @@ syslogin_write_entry(struct logininfo *li) | |||
1402 | { | 1421 | { |
1403 | switch (li->type) { | 1422 | switch (li->type) { |
1404 | case LTYPE_LOGIN: | 1423 | case LTYPE_LOGIN: |
1405 | return syslogin_perform_login(li); | 1424 | return (syslogin_perform_login(li)); |
1406 | case LTYPE_LOGOUT: | 1425 | case LTYPE_LOGOUT: |
1407 | return syslogin_perform_logout(li); | 1426 | return (syslogin_perform_logout(li)); |
1408 | default: | 1427 | default: |
1409 | logit("syslogin_write_entry: Invalid type field"); | 1428 | logit("%s: Invalid type field", __func__); |
1410 | return 0; | 1429 | return (0); |
1411 | } | 1430 | } |
1412 | } | 1431 | } |
1413 | #endif /* USE_LOGIN */ | 1432 | #endif /* USE_LOGIN */ |
@@ -1429,7 +1448,7 @@ lastlog_construct(struct logininfo *li, struct lastlog *last) | |||
1429 | /* clear the structure */ | 1448 | /* clear the structure */ |
1430 | memset(last, '\0', sizeof(*last)); | 1449 | memset(last, '\0', sizeof(*last)); |
1431 | 1450 | ||
1432 | (void)line_stripname(last->ll_line, li->line, sizeof(last->ll_line)); | 1451 | line_stripname(last->ll_line, li->line, sizeof(last->ll_line)); |
1433 | strlcpy(last->ll_host, li->hostname, | 1452 | strlcpy(last->ll_host, li->hostname, |
1434 | MIN_SIZEOF(last->ll_host, li->hostname)); | 1453 | MIN_SIZEOF(last->ll_host, li->hostname)); |
1435 | last->ll_time = li->tv_sec; | 1454 | last->ll_time = li->tv_sec; |
@@ -1441,16 +1460,16 @@ lastlog_filetype(char *filename) | |||
1441 | struct stat st; | 1460 | struct stat st; |
1442 | 1461 | ||
1443 | if (stat(LASTLOG_FILE, &st) != 0) { | 1462 | if (stat(LASTLOG_FILE, &st) != 0) { |
1444 | logit("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE, | 1463 | logit("%s: Couldn't stat %s: %s", __func__, |
1445 | strerror(errno)); | 1464 | LASTLOG_FILE, strerror(errno)); |
1446 | return 0; | 1465 | return (0); |
1447 | } | 1466 | } |
1448 | if (S_ISDIR(st.st_mode)) | 1467 | if (S_ISDIR(st.st_mode)) |
1449 | return LL_DIR; | 1468 | return (LL_DIR); |
1450 | else if (S_ISREG(st.st_mode)) | 1469 | else if (S_ISREG(st.st_mode)) |
1451 | return LL_FILE; | 1470 | return (LL_FILE); |
1452 | else | 1471 | else |
1453 | return LL_OTHER; | 1472 | return (LL_OTHER); |
1454 | } | 1473 | } |
1455 | 1474 | ||
1456 | 1475 | ||
@@ -1464,38 +1483,39 @@ lastlog_openseek(struct logininfo *li, int *fd, int filemode) | |||
1464 | 1483 | ||
1465 | type = lastlog_filetype(LASTLOG_FILE); | 1484 | type = lastlog_filetype(LASTLOG_FILE); |
1466 | switch (type) { | 1485 | switch (type) { |
1467 | case LL_FILE: | 1486 | case LL_FILE: |
1468 | strlcpy(lastlog_file, LASTLOG_FILE, sizeof(lastlog_file)); | 1487 | strlcpy(lastlog_file, LASTLOG_FILE, |
1469 | break; | 1488 | sizeof(lastlog_file)); |
1470 | case LL_DIR: | 1489 | break; |
1471 | snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s", | 1490 | case LL_DIR: |
1472 | LASTLOG_FILE, li->username); | 1491 | snprintf(lastlog_file, sizeof(lastlog_file), "%s/%s", |
1473 | break; | 1492 | LASTLOG_FILE, li->username); |
1474 | default: | 1493 | break; |
1475 | logit("lastlog_openseek: %.100s is not a file or directory!", | 1494 | default: |
1476 | LASTLOG_FILE); | 1495 | logit("%s: %.100s is not a file or directory!", __func__, |
1477 | return 0; | 1496 | LASTLOG_FILE); |
1497 | return (0); | ||
1478 | } | 1498 | } |
1479 | 1499 | ||
1480 | *fd = open(lastlog_file, filemode, 0600); | 1500 | *fd = open(lastlog_file, filemode, 0600); |
1481 | if ( *fd < 0) { | 1501 | if (*fd < 0) { |
1482 | debug("lastlog_openseek: Couldn't open %s: %s", | 1502 | debug("%s: Couldn't open %s: %s", __func__, |
1483 | lastlog_file, strerror(errno)); | 1503 | lastlog_file, strerror(errno)); |
1484 | return 0; | 1504 | return (0); |
1485 | } | 1505 | } |
1486 | 1506 | ||
1487 | if (type == LL_FILE) { | 1507 | if (type == LL_FILE) { |
1488 | /* find this uid's offset in the lastlog file */ | 1508 | /* find this uid's offset in the lastlog file */ |
1489 | offset = (off_t) ((long)li->uid * sizeof(struct lastlog)); | 1509 | offset = (off_t) ((long)li->uid * sizeof(struct lastlog)); |
1490 | 1510 | ||
1491 | if ( lseek(*fd, offset, SEEK_SET) != offset ) { | 1511 | if (lseek(*fd, offset, SEEK_SET) != offset) { |
1492 | logit("lastlog_openseek: %s->lseek(): %s", | 1512 | logit("%s: %s->lseek(): %s", __func__, |
1493 | lastlog_file, strerror(errno)); | 1513 | lastlog_file, strerror(errno)); |
1494 | return 0; | 1514 | return (0); |
1495 | } | 1515 | } |
1496 | } | 1516 | } |
1497 | 1517 | ||
1498 | return 1; | 1518 | return (1); |
1499 | } | 1519 | } |
1500 | 1520 | ||
1501 | static int | 1521 | static int |
@@ -1508,18 +1528,18 @@ lastlog_perform_login(struct logininfo *li) | |||
1508 | lastlog_construct(li, &last); | 1528 | lastlog_construct(li, &last); |
1509 | 1529 | ||
1510 | if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT)) | 1530 | if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT)) |
1511 | return(0); | 1531 | return (0); |
1512 | 1532 | ||
1513 | /* write the entry */ | 1533 | /* write the entry */ |
1514 | if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) { | 1534 | if (atomicio(vwrite, fd, &last, sizeof(last)) != sizeof(last)) { |
1515 | close(fd); | 1535 | close(fd); |
1516 | logit("lastlog_write_filemode: Error writing to %s: %s", | 1536 | logit("%s: Error writing to %s: %s", __func__, |
1517 | LASTLOG_FILE, strerror(errno)); | 1537 | LASTLOG_FILE, strerror(errno)); |
1518 | return 0; | 1538 | return (0); |
1519 | } | 1539 | } |
1520 | 1540 | ||
1521 | close(fd); | 1541 | close(fd); |
1522 | return 1; | 1542 | return (1); |
1523 | } | 1543 | } |
1524 | 1544 | ||
1525 | int | 1545 | int |
@@ -1527,10 +1547,10 @@ lastlog_write_entry(struct logininfo *li) | |||
1527 | { | 1547 | { |
1528 | switch(li->type) { | 1548 | switch(li->type) { |
1529 | case LTYPE_LOGIN: | 1549 | case LTYPE_LOGIN: |
1530 | return lastlog_perform_login(li); | 1550 | return (lastlog_perform_login(li)); |
1531 | default: | 1551 | default: |
1532 | logit("lastlog_write_entry: Invalid type field"); | 1552 | logit("%s: Invalid type field", __func__); |
1533 | return 0; | 1553 | return (0); |
1534 | } | 1554 | } |
1535 | } | 1555 | } |
1536 | 1556 | ||
@@ -1539,7 +1559,7 @@ lastlog_populate_entry(struct logininfo *li, struct lastlog *last) | |||
1539 | { | 1559 | { |
1540 | line_fullname(li->line, last->ll_line, sizeof(li->line)); | 1560 | line_fullname(li->line, last->ll_line, sizeof(li->line)); |
1541 | strlcpy(li->hostname, last->ll_host, | 1561 | strlcpy(li->hostname, last->ll_host, |
1542 | MIN_SIZEOF(li->hostname, last->ll_host)); | 1562 | MIN_SIZEOF(li->hostname, last->ll_host)); |
1543 | li->tv_sec = last->ll_time; | 1563 | li->tv_sec = last->ll_time; |
1544 | } | 1564 | } |
1545 | 1565 | ||
@@ -1576,3 +1596,82 @@ lastlog_get_entry(struct logininfo *li) | |||
1576 | return (0); | 1596 | return (0); |
1577 | } | 1597 | } |
1578 | #endif /* USE_LASTLOG */ | 1598 | #endif /* USE_LASTLOG */ |
1599 | |||
1600 | #ifdef USE_BTMP | ||
1601 | /* | ||
1602 | * Logs failed login attempts in _PATH_BTMP if that exists. | ||
1603 | * The most common login failure is to give password instead of username. | ||
1604 | * So the _PATH_BTMP file checked for the correct permission, so that | ||
1605 | * only root can read it. | ||
1606 | */ | ||
1607 | |||
1608 | void | ||
1609 | record_failed_login(const char *username, const char *hostname, | ||
1610 | const char *ttyn) | ||
1611 | { | ||
1612 | int fd; | ||
1613 | struct utmp ut; | ||
1614 | struct sockaddr_storage from; | ||
1615 | size_t fromlen = sizeof(from); | ||
1616 | struct sockaddr_in *a4; | ||
1617 | struct sockaddr_in6 *a6; | ||
1618 | time_t t; | ||
1619 | struct stat fst; | ||
1620 | |||
1621 | if (geteuid() != 0) | ||
1622 | return; | ||
1623 | if ((fd = open(_PATH_BTMP, O_WRONLY | O_APPEND)) < 0) { | ||
1624 | debug("Unable to open the btmp file %s: %s", _PATH_BTMP, | ||
1625 | strerror(errno)); | ||
1626 | return; | ||
1627 | } | ||
1628 | if (fstat(fd, &fst) < 0) { | ||
1629 | logit("%s: fstat of %s failed: %s", __func__, _PATH_BTMP, | ||
1630 | strerror(errno)); | ||
1631 | goto out; | ||
1632 | } | ||
1633 | if((fst.st_mode & (S_IRWXG | S_IRWXO)) || (fst.st_uid != 0)){ | ||
1634 | logit("Excess permission or bad ownership on file %s", | ||
1635 | _PATH_BTMP); | ||
1636 | goto out; | ||
1637 | } | ||
1638 | |||
1639 | memset(&ut, 0, sizeof(ut)); | ||
1640 | /* strncpy because we don't necessarily want nul termination */ | ||
1641 | strncpy(ut.ut_user, username, sizeof(ut.ut_user)); | ||
1642 | strlcpy(ut.ut_line, "ssh:notty", sizeof(ut.ut_line)); | ||
1643 | |||
1644 | time(&t); | ||
1645 | ut.ut_time = t; /* ut_time is not always a time_t */ | ||
1646 | ut.ut_type = LOGIN_PROCESS; | ||
1647 | ut.ut_pid = getpid(); | ||
1648 | |||
1649 | /* strncpy because we don't necessarily want nul termination */ | ||
1650 | strncpy(ut.ut_host, hostname, sizeof(ut.ut_host)); | ||
1651 | |||
1652 | if (packet_connection_is_on_socket() && | ||
1653 | getpeername(packet_get_connection_in(), | ||
1654 | (struct sockaddr *)&from, &fromlen) == 0) { | ||
1655 | ipv64_normalise_mapped(&from, &fromlen); | ||
1656 | if (from.ss_family == AF_INET) { | ||
1657 | a4 = (struct sockaddr_in *)&from; | ||
1658 | memcpy(&ut.ut_addr, &(a4->sin_addr), | ||
1659 | MIN_SIZEOF(ut.ut_addr, a4->sin_addr)); | ||
1660 | } | ||
1661 | #ifdef HAVE_ADDR_V6_IN_UTMP | ||
1662 | if (from.ss_family == AF_INET6) { | ||
1663 | a6 = (struct sockaddr_in6 *)&from; | ||
1664 | memcpy(&ut.ut_addr_v6, &(a6->sin6_addr), | ||
1665 | MIN_SIZEOF(ut.ut_addr_v6, a6->sin6_addr)); | ||
1666 | } | ||
1667 | #endif | ||
1668 | } | ||
1669 | |||
1670 | if (atomicio(vwrite, fd, &ut, sizeof(ut)) != sizeof(ut)) | ||
1671 | error("Failed to write to %s: %s", _PATH_BTMP, | ||
1672 | strerror(errno)); | ||
1673 | |||
1674 | out: | ||
1675 | close(fd); | ||
1676 | } | ||
1677 | #endif /* USE_BTMP */ | ||
diff --git a/loginrec.h b/loginrec.h index 7f932c296..d1a12a853 100644 --- a/loginrec.h +++ b/loginrec.h | |||
@@ -35,7 +35,7 @@ | |||
35 | #include <netinet/in.h> | 35 | #include <netinet/in.h> |
36 | #include <sys/socket.h> | 36 | #include <sys/socket.h> |
37 | 37 | ||
38 | /* RCSID("$Id: loginrec.h,v 1.7 2003/06/03 02:18:50 djm Exp $"); */ | 38 | /* RCSID("$Id: loginrec.h,v 1.9 2005/02/02 06:10:11 dtucker Exp $"); */ |
39 | 39 | ||
40 | /** | 40 | /** |
41 | ** you should use the login_* calls to work around platform dependencies | 41 | ** you should use the login_* calls to work around platform dependencies |
@@ -62,7 +62,7 @@ union login_netinfo { | |||
62 | /* string lengths - set very long */ | 62 | /* string lengths - set very long */ |
63 | #define LINFO_PROGSIZE 64 | 63 | #define LINFO_PROGSIZE 64 |
64 | #define LINFO_LINESIZE 64 | 64 | #define LINFO_LINESIZE 64 |
65 | #define LINFO_NAMESIZE 64 | 65 | #define LINFO_NAMESIZE 128 |
66 | #define LINFO_HOSTSIZE 256 | 66 | #define LINFO_HOSTSIZE 256 |
67 | 67 | ||
68 | struct logininfo { | 68 | struct logininfo { |
@@ -132,4 +132,6 @@ char *line_fullname(char *dst, const char *src, int dstsize); | |||
132 | char *line_stripname(char *dst, const char *src, int dstsize); | 132 | char *line_stripname(char *dst, const char *src, int dstsize); |
133 | char *line_abbrevname(char *dst, const char *src, int dstsize); | 133 | char *line_abbrevname(char *dst, const char *src, int dstsize); |
134 | 134 | ||
135 | void record_failed_login(const char *, const char *, const char *); | ||
136 | |||
135 | #endif /* _HAVE_LOGINREC_H_ */ | 137 | #endif /* _HAVE_LOGINREC_H_ */ |
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: misc.c,v 1.25 2004/08/11 21:43:05 avsm Exp $"); | 26 | RCSID("$OpenBSD: misc.c,v 1.28 2005/03/01 10:09:52 djm Exp $"); |
27 | 27 | ||
28 | #include "misc.h" | 28 | #include "misc.h" |
29 | #include "log.h" | 29 | #include "log.h" |
@@ -275,6 +275,48 @@ convtime(const char *s) | |||
275 | return total; | 275 | return total; |
276 | } | 276 | } |
277 | 277 | ||
278 | /* | ||
279 | * Search for next delimiter between hostnames/addresses and ports. | ||
280 | * Argument may be modified (for termination). | ||
281 | * Returns *cp if parsing succeeds. | ||
282 | * *cp is set to the start of the next delimiter, if one was found. | ||
283 | * If this is the last field, *cp is set to NULL. | ||
284 | */ | ||
285 | char * | ||
286 | hpdelim(char **cp) | ||
287 | { | ||
288 | char *s, *old; | ||
289 | |||
290 | if (cp == NULL || *cp == NULL) | ||
291 | return NULL; | ||
292 | |||
293 | old = s = *cp; | ||
294 | if (*s == '[') { | ||
295 | if ((s = strchr(s, ']')) == NULL) | ||
296 | return NULL; | ||
297 | else | ||
298 | s++; | ||
299 | } else if ((s = strpbrk(s, ":/")) == NULL) | ||
300 | s = *cp + strlen(*cp); /* skip to end (see first case below) */ | ||
301 | |||
302 | switch (*s) { | ||
303 | case '\0': | ||
304 | *cp = NULL; /* no more fields*/ | ||
305 | break; | ||
306 | |||
307 | case ':': | ||
308 | case '/': | ||
309 | *s = '\0'; /* terminate */ | ||
310 | *cp = s + 1; | ||
311 | break; | ||
312 | |||
313 | default: | ||
314 | return NULL; | ||
315 | } | ||
316 | |||
317 | return old; | ||
318 | } | ||
319 | |||
278 | char * | 320 | char * |
279 | cleanhostname(char *host) | 321 | cleanhostname(char *host) |
280 | { | 322 | { |
@@ -332,3 +374,26 @@ addargs(arglist *args, char *fmt, ...) | |||
332 | args->list[args->num++] = xstrdup(buf); | 374 | args->list[args->num++] = xstrdup(buf); |
333 | args->list[args->num] = NULL; | 375 | args->list[args->num] = NULL; |
334 | } | 376 | } |
377 | |||
378 | /* | ||
379 | * Read an entire line from a public key file into a static buffer, discarding | ||
380 | * lines that exceed the buffer size. Returns 0 on success, -1 on failure. | ||
381 | */ | ||
382 | int | ||
383 | read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, | ||
384 | u_long *lineno) | ||
385 | { | ||
386 | while (fgets(buf, bufsz, f) != NULL) { | ||
387 | (*lineno)++; | ||
388 | if (buf[strlen(buf) - 1] == '\n' || feof(f)) { | ||
389 | return 0; | ||
390 | } else { | ||
391 | debug("%s: %s line %lu exceeds size limit", __func__, | ||
392 | filename, *lineno); | ||
393 | /* discard remainder of line */ | ||
394 | while(fgetc(f) != '\n' && !feof(f)) | ||
395 | ; /* nothing */ | ||
396 | } | ||
397 | } | ||
398 | return -1; | ||
399 | } | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.h,v 1.17 2004/08/11 21:43:05 avsm Exp $ */ | 1 | /* $OpenBSD: misc.h,v 1.21 2005/03/01 10:09:52 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -20,6 +20,7 @@ int set_nonblock(int); | |||
20 | int unset_nonblock(int); | 20 | int unset_nonblock(int); |
21 | void set_nodelay(int); | 21 | void set_nodelay(int); |
22 | int a2port(const char *); | 22 | int a2port(const char *); |
23 | char *hpdelim(char **); | ||
23 | char *cleanhostname(char *); | 24 | char *cleanhostname(char *); |
24 | char *colon(char *); | 25 | char *colon(char *); |
25 | long convtime(const char *); | 26 | long convtime(const char *); |
@@ -46,3 +47,5 @@ char *tilde_expand_filename(const char *, uid_t); | |||
46 | #define RP_USE_ASKPASS 0x0008 | 47 | #define RP_USE_ASKPASS 0x0008 |
47 | 48 | ||
48 | char *read_passphrase(const char *, int); | 49 | char *read_passphrase(const char *, int); |
50 | int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); | ||
51 | int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); | ||
@@ -1,186 +1,200 @@ | |||
1 | # $OpenBSD: moduli,v 1.2 2004/01/28 04:44:00 dtucker Exp $ | 1 | # $OpenBSD: moduli,v 1.3 2005/01/24 10:29:06 dtucker Exp $ |
2 | |||
3 | # Time Type Tests Tries Size Generator Modulus | 2 | # Time Type Tests Tries Size Generator Modulus |
4 | 20031210004503 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22C583AB | 3 | 20040225025212 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7AFFE86A7 |
5 | 20031210004553 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22D0A0D7 | 4 | 20040225025304 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B01F83CB |
6 | 20031210004628 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22D6CB97 | 5 | 20040225025357 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B03F2B73 |
7 | 20031210004801 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22F2D1B7 | 6 | 20040225025411 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B041C8C7 |
8 | 20031210004827 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB22F5615B | 7 | 20040225025444 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0546E93 |
9 | 20031210004919 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB230138C3 | 8 | 20040225025458 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0573767 |
10 | 20031210004952 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2305F6A3 | 9 | 20040225025522 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0629E73 |
11 | 20031210005018 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB230801DB | 10 | 20040225025545 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B06CD95B |
12 | 20031210005043 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB230A0383 | 11 | 20040225025616 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B07C93A3 |
13 | 20031210005147 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB231C3A7F | 12 | 20040225025655 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B093C72B |
14 | 20031210005230 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23249C1B | 13 | 20040225025710 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B096450B |
15 | 20031210005301 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23288F0F | 14 | 20040225025750 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0AF2C83 |
16 | 20031210005438 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2344EC9B | 15 | 20040225025830 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0C7F1FF |
17 | 20031210005548 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB235892F3 | 16 | 20040225025845 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0CB565B |
18 | 20031210005700 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB236C3F03 | 17 | 20040225025858 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0CD8557 |
19 | 20031210005841 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB238BC713 | 18 | 20040225025915 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0D20473 |
20 | 20031210010040 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23B466C3 | 19 | 20040225025934 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0D924F7 |
21 | 20031210010119 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23BB1F8B | 20 | 20040225025952 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0DFD8BB |
22 | 20031210010313 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23E03DDB | 21 | 20040225030015 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0E8E59F |
23 | 20031210010335 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23E130AB | 22 | 20040225030039 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0F43B0B |
24 | 20031210010422 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23EA20A3 | 23 | 20040225030104 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0FEB103 |
25 | 20031210010500 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB23F1807B | 24 | 20040225030130 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B10AC3DB |
26 | 20031210010628 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2409DC07 | 25 | 20040225030149 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1122527 |
27 | 20031210010759 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2425487F | 26 | 20040225030214 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B11E494B |
28 | 20031210010906 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB24397A3F | 27 | 20040225030245 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B12E727B |
29 | 20031210010945 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2440ABF7 | 28 | 20040225030319 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1416743 |
30 | 20031210011017 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2445C00B | 29 | 20040225030347 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1507F2B |
31 | 20031210011059 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB244E4EBF | 30 | 20040225030404 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1560FE3 |
32 | 20031210011158 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB245E056B | 31 | 20040225030418 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1591CF7 |
33 | 20031210011340 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB24808F43 | 32 | 20040225030432 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B15B57FF |
34 | 20031210011408 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB24834C0B | 33 | 20040225030455 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B165D0AF |
35 | 20031210011517 2 6 100 1023 2 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB2495148B | 34 | 20040225030511 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B169C97F |
36 | 20031210011632 2 6 100 1023 5 DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA74B1448BFDFAF18828EFD2519F14E45E3826634AF1949E5B535CC829A483B8A76223E5D490A257F05BDFF16F2FB24A89B27 | 35 | 20040225030551 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B182715B |
37 | 20031210014802 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D3B9DD3 | 36 | 20040225030621 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1920737 |
38 | 20031210015017 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D463D83 | 37 | 20040225030648 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B19FB54B |
39 | 20031210015524 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D68288B | 38 | 20040225030718 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1AFAE87 |
40 | 20031210015701 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D6C64C3 | 39 | 20040225030736 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1B5A7AF |
41 | 20031210020258 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772D94316B | 40 | 20040225030753 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1BC3C47 |
42 | 20031210022106 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E1F8453 | 41 | 20040225030815 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1C6AF33 |
43 | 20031210022738 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E4BDAC7 | 42 | 20040225030831 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1CAD9FB |
44 | 20031210022948 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E5541E7 | 43 | 20040225030902 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1DC6A8F |
45 | 20031210023056 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E56464B | 44 | 20040225035226 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844800C47CAB |
46 | 20031210023414 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E695C8B | 45 | 20040225035359 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844800D3866B |
47 | 20031210024039 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772E939ABF | 46 | 20040225035635 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844800F43DFF |
48 | 20031210024457 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772EAE295B | 47 | 20040225035846 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448010B4D93 |
49 | 20031210024630 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772EB2BDFB | 48 | 20040225040147 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448013094F3 |
50 | 20031210025118 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772ED059DB | 49 | 20040225040301 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448013AA0FB |
51 | 20031210025540 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772EECB4D3 | 50 | 20040225040619 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480163EC83 |
52 | 20031210025956 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F043973 | 51 | 20040225040718 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448016AEB8F |
53 | 20031210030256 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F134903 | 52 | 20040225041023 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480190871F |
54 | 20031210030415 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F15B5EB | 53 | 20040225041328 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844801B5F1B3 |
55 | 20031210030717 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F25BF3B | 54 | 20040225041740 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844801ED6FBB |
56 | 20031210030826 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F2670D7 | 55 | 20040225041921 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844801FEC44F |
57 | 20031210031055 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F31E5F3 | 56 | 20040225042229 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802245FF7 |
58 | 20031210031311 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F3BFE2B | 57 | 20040225042513 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480246F93B |
59 | 20031210032243 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F83082B | 58 | 20040225042547 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802473F4F |
60 | 20031210032437 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F898187 | 59 | 20040225042707 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480253B03B |
61 | 20031210032703 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772F95718B | 60 | 20040225043111 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480287CD9B |
62 | 20031210032953 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FA3F5CB | 61 | 20040225043513 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802BC32FB |
63 | 20031210033059 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FA48FEB | 62 | 20040225043609 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802C2125B |
64 | 20031210033247 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FAA6267 | 63 | 20040225043847 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802E1B733 |
65 | 20031210033633 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FC1BE7B | 64 | 20040225043925 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802E2E963 |
66 | 20031210034313 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FF18FA7 | 65 | 20040225044335 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448031AC423 |
67 | 20031210034507 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A772FF84977 | 66 | 20040225045303 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803A10E07 |
68 | 20031210035121 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730233FBF | 67 | 20040225045443 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803B0EF43 |
69 | 20031210035813 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A773054E8F3 | 68 | 20040225045518 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803B15033 |
70 | 20031210035955 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730597847 | 69 | 20040225045923 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803E58317 |
71 | 20031210040259 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A77306A1B57 | 70 | 20040225050120 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803F9EB4F |
72 | 20031210040704 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A77308258FB | 71 | 20040225050333 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448041304B3 |
73 | 20031210040913 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A77308A63F7 | 72 | 20040225050524 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804279B2F |
74 | 20031210042047 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730DEEF8F | 73 | 20040225050559 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804281047 |
75 | 20031210042156 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730DFE787 | 74 | 20040225050810 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448043F454F |
76 | 20031210042511 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7730F1D3CB | 75 | 20040225051113 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804672F1F |
77 | 20031210042907 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A773107039B | 76 | 20040225051335 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804809CB3 |
78 | 20031210043815 2 6 100 1535 5 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7731492E37 | 77 | 20040225051442 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480489545F |
79 | 20031210045243 2 6 100 1535 2 FB54DC620BB7A5C2A28520E9FFC81958D7A76156412B647E9FCC729F84553FFB4428705868631244E0F804376D5F434C76608B93626D3AA169360C9DD40DFA3429F2E53AA4014730B49FFB6CCBC7FF9D0C391341610280598F7F8EE4E4F956683C59A740C7AB17A5C628694D4C36E6D6A54629822059ACD4C7C8C860262E7CBD04196BB41E7D194C91CFAB58353072EA09390E795733510D69D1267376B2FFA7BA2C88028820012DC84F6F250D88D1B6B44E22FCCDCDD3A3EC654A7731AB1953 | 78 | 20040225052303 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804FE918B |
80 | 20031210054833 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1C0B0F8B | 79 | 20040225062215 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6B9F68B3E7 |
81 | 20031210055609 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1C1CF773 | 80 | 20040225063823 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6B9FD47307 |
82 | 20031210065401 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1CDD973F | 81 | 20040225064402 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6B9FF43C0F |
83 | 20031210071146 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D11D9FB | 82 | 20040225065646 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA04740DB |
84 | 20031210071754 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D1ED47B | 83 | 20040225065825 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA04B01BF |
85 | 20031210072552 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D32CE4F | 84 | 20040225070116 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA056DD47 |
86 | 20031210073644 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D4EC983 | 85 | 20040225074027 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA172E1B3 |
87 | 20031210074309 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D5D4F07 | 86 | 20040225080343 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA217422F |
88 | 20031210075517 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1D7DE133 | 87 | 20040225081159 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA24927DB |
89 | 20031210081718 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1DC395C3 | 88 | 20040225081331 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA24C058B |
90 | 20031210084322 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1E1A5567 | 89 | 20040225082528 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA2993EBF |
91 | 20031210085218 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1E3127AB | 90 | 20040225084537 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA3242BE3 |
92 | 20031210090542 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1E586AD7 | 91 | 20040225085012 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA33EF643 |
93 | 20031210093920 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1EC6C9D3 | 92 | 20040225085829 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA3729D77 |
94 | 20031210100616 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1F19C713 | 93 | 20040225090710 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA3AC0143 |
95 | 20031210103627 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1F7B82B3 | 94 | 20040225091002 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA3B8AE6B |
96 | 20031210104559 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1F95C2EF | 95 | 20040225092648 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA42B65D7 |
97 | 20031210104836 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1F969EAF | 96 | 20040225093120 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA4442793 |
98 | 20031210110201 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1FBEA0DF | 97 | 20040225093517 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA459441F |
99 | 20031210111610 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1FE4C70B | 98 | 20040225094409 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA491BE4B |
100 | 20031210111837 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1FE50DBB | 99 | 20040225095209 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA4C4E437 |
101 | 20031210112215 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F1FE964FF | 100 | 20040225095548 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA4D5D7AB |
102 | 20031210124102 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F20F33023 | 101 | 20040225100531 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA51404EB |
103 | 20031210125610 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F21208AFB | 102 | 20040225100644 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5145C87 |
104 | 20031210130630 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F213CBA8B | 103 | 20040225101834 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5609CBB |
105 | 20031210132517 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F21754843 | 104 | 20040225102317 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA57AC86F |
106 | 20031210132855 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F2179D39B | 105 | 20040225103220 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5B631A3 |
107 | 20031210140211 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F21E6E73B | 106 | 20040225103355 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5B98D2F |
108 | 20031210141340 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F22068817 | 107 | 20040225103756 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5CEBAFB |
109 | 20031210143133 2 6 100 2047 5 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F223D6017 | 108 | 20040225104020 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5D77CDF |
110 | 20031210143812 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F224A70F3 | 109 | 20040225104557 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5F6FD9F |
111 | 20031210150410 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F22A24CFB | 110 | 20040225110302 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA66A70DF |
112 | 20031210153131 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F22FAA253 | 111 | 20040225110515 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA6721A43 |
113 | 20031210153718 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F23071C7B | 112 | 20040225110913 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA6879A53 |
114 | 20031210154203 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F230FFC0B | 113 | 20040225111338 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA69FE2FB |
115 | 20031210161808 2 6 100 2047 2 EEFD0DF9B60CBF61DDBA3364F8B6254256FC2DF3211B1D80F4556816C5D629B0A40228861BEE7B4497444DD9375EF7E8997BB7294C6AA097A1E5AD47DB72C14956898FD11CA292ED76215E09D8067835150928D5F09267B29214159C0CB695EECC90E05C0E21374ED6F04759B3F0E162EE2CFBC8259BC1A1F28C809700E1F3ECBA24A99A78BCCC6E776348705837F86A2B4A34DB592753468905179802788F52C337E0187F69C30D52C99546290D09154EAFEE72F9CA32A989AA45AD68220539A6AA302AEA4DCCCE7E6FCF6DEE57440A4511B4BAF5B4832D27247FDED231168413B12A0E1147A5706C56238788A7707463452E1254F2503BA197756F2383B65B | 114 | 20040225111911 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA6C04F47 |
116 | 20031210185714 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061924F36F3 | 115 | 20040225112902 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA7007CD3 |
117 | 20031210204537 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306192C04AB3 | 116 | 20040225143208 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8968A91B |
118 | 20031210205604 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306192C3734B | 117 | 20040225144922 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8987DF6B |
119 | 20031210210523 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306192C58A0B | 118 | 20040225150309 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD899E0F8B |
120 | 20031210233701 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306193680D03 | 119 | 20040225161716 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8A3A91CF |
121 | 20031211013125 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306193E1DD73 | 120 | 20040225163012 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8A4CED2B |
122 | 20031211052015 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306194DA94E3 | 121 | 20040225175457 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8B02C5DB |
123 | 20031211064439 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619531A017 | 122 | 20040225182539 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8B3E9D13 |
124 | 20031211074935 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306195731BAB | 123 | 20040225194030 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8BDE269B |
125 | 20031211081053 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306195830BAB | 124 | 20040225201420 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8C203553 |
126 | 20031211123240 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306196A4C097 | 125 | 20040225203219 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8C40B747 |
127 | 20031211160831 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061978B740B | 126 | 20040225203908 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8C46ED83 |
128 | 20031211195847 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619889E1B3 | 127 | 20040225210230 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8C72586B |
129 | 20031211201456 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619892ED83 | 128 | 20040225212746 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8CA15F2F |
130 | 20031211221441 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619910A74B | 129 | 20040225214624 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8CC34833 |
131 | 20031211223303 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061991D35CB | 130 | 20040225223007 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8D1B23AB |
132 | 20031211235558 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306199712CCB | 131 | 20040225234913 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8DC36C9B |
133 | 20031212005818 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A306199AE96DB | 132 | 20040226001353 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8DF174B3 |
134 | 20031212033251 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619A50DDD3 | 133 | 20040226004101 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8E24518B |
135 | 20031212053332 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619AB31B57 | 134 | 20040226010652 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8E543397 |
136 | 20031212084926 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619B8949F7 | 135 | 20040226015415 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8EB6152F |
137 | 20031212130319 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619C84A1A3 | 136 | 20040226022931 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8EFD1773 |
138 | 20031212192346 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619E1B24BB | 137 | 20040226025740 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8F3376D7 |
139 | 20031212210042 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619E7F37FB | 138 | 20040226053010 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD90786CE3 |
140 | 20031213002102 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A30619F59BABB | 139 | 20040226054156 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD908AC36B |
141 | 20031213061439 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A0D9208F | 140 | 20040226081600 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD91D61A43 |
142 | 20031213071620 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A115D66F | 141 | 20040226083039 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD91ED4AE3 |
143 | 20031213072644 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A1186097 | 142 | 20040226092910 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD9265F7DB |
144 | 20031213090613 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A17DACC7 | 143 | 20040226112913 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD93696533 |
145 | 20031213110037 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A1F577E7 | 144 | 20040226115826 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD93A210A3 |
146 | 20031213113226 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A2113AC3 | 145 | 20040226135326 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD949596D7 |
147 | 20031213120232 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A22A232B | 146 | 20040226145128 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD95096CCF |
148 | 20031213121926 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A23443D3 | 147 | 20040226153142 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD95582C7B |
149 | 20031213130353 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A25D51E7 | 148 | 20040226164905 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD95FACE7B |
150 | 20031213143149 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A2B63CBB | 149 | 20040226171921 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD9633F443 |
151 | 20031213153322 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A2F05FC7 | 150 | 20040226182347 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD96BAC3A7 |
152 | 20031213180906 2 6 100 3071 2 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A39439A3 | 151 | 20040226200555 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD97972EFB |
153 | 20031213183520 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A3A7705F | 152 | 20040226202801 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD97C0B5C3 |
154 | 20031213192228 2 6 100 3071 5 DBB2151A52F948EE950BE096B2B7C2A260C5BBE57C02EC432FA6E2025306FE486F77352C63622A8F40A65ECD815737C9837C7803980D25CBFAA3438A1BA8A7D41F214A836AB31A067B5813967059AE75B73358FE33930E7B9BEE4149CD71A9234F9E7C35C5097456E2BF17F748E70FB2AB12BC9D75C1BB024CCEA7556384034A22840352DA1CF6EB9E09FA6C5B6317A74DF67318935850079364F06665282743B45E0ABE6866867FB13BE2A082F604E0BA399215A072CE818104A53F37D08F0373CE7DBBF4EBCEFF05349A025A7DD06D5E79205CD74919862E06BFD15990391BBBA75BD27A36C422165AA6CA14F6A1AA5CEB6D862456C7BDA91982DF12D159B859248A9159B935635199498628871815BF0C9F0706265988F9ABB278CBBB941A07E46A713D8F2C10E174C3E4138C3C125BF582359E4D6C3773609C9D6293C22C620AAAE50EF3BDFA3B97D802993BFE0E7BE01FAB3F3E8CE4A2454E5A01E2C08DE17D9D5B9F76D8466FBA22A14C11CA5C7E678514FD72B3DF3D0A3061A3D2DEA7 | 153 | 20040226214755 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD9868011B |
155 | 20031213125532 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923E8050C3B | 154 | 20040226215843 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD9876E7FB |
156 | 20031213125653 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923E8EB2F2B | 155 | 20040226220422 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD987B4983 |
157 | 20031213125813 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EAB66F4B | 156 | 20040226222346 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD989D61D3 |
158 | 20031213125934 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EAFE508B | 157 | 20040227091438 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC5737ECF |
159 | 20031213130055 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EB96812B | 158 | 20040227101541 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC5AE7363 |
160 | 20031213130217 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EBB738CB | 159 | 20040227160657 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC7295F4F |
161 | 20031213130337 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EBDB337F | 160 | 20040227180410 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC7A46573 |
162 | 20031213130458 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923ECA8B62B | 161 | 20040227225950 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC8E6D5E3 |
163 | 20031213130619 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923ECBCE443 | 162 | 20040227233727 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC9079B33 |
164 | 20031213130740 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923ED1637DB | 163 | 20040228032633 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFCA006227 |
165 | 20031213130901 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923ED3EA08F | 164 | 20040228060859 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFCAAE6E63 |
166 | 20031213131021 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EDC96C6B | 165 | 20040228101703 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFCBBC54FB |
167 | 20031213131142 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923EEB92FCF | 166 | 20040228192850 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFCE191D13 |
168 | 20031213131303 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F2D2CCF3 | 167 | 20040229084451 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD1804AF3 |
169 | 20031213131424 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F6C89BBB | 168 | 20040229164933 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD3887E07 |
170 | 20031213131545 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F7962EDB | 169 | 20040229210220 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD49457B7 |
171 | 20031213131706 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F85A4767 | 170 | 20040229222958 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD4EA3223 |
172 | 20031213131827 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F8A196C7 | 171 | 20040301003324 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD566C79B |
173 | 20031213131947 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923F94500EF | 172 | 20040301030228 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD6032D8F |
174 | 20031213132108 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FAF467BF | 173 | 20040301040042 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD63B1113 |
175 | 20031213132229 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FB5A7803 | 174 | 20040301073501 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD71C4A67 |
176 | 20031213132350 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FB7D5467 | 175 | 20040301133631 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD8A0BBD3 |
177 | 20031213132511 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FC4A16D7 | 176 | 20040301165652 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD96E4053 |
178 | 20031213132632 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FEEDC36F | 177 | 20040301184021 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD9D662FB |
179 | 20031213132752 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9923FFA077EF | 178 | 20040302045553 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDC5FE8E3 |
180 | 20031213132913 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA992400725B7B | 179 | 20040302112648 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDDFE9D13 |
181 | 20031213133034 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA992400728FFB | 180 | 20040302120026 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDE1A5AD3 |
182 | 20031213133155 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9924011CFA13 | 181 | 20040302130757 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDE5E4073 |
183 | 20031213133316 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA99240165703F | 182 | 20040302142004 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDEA4AA9B |
184 | 20031213133436 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA99240166BA7B | 183 | 20040302145603 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDEC2C32B |
185 | 20031213133557 2 6 200 4095 5 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA9924018E41B7 | 184 | 20040302212946 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFE0652EC7 |
186 | 20031213133718 2 6 200 4095 2 CE96240B0B5684D9E281FDA07D5B6C316E14C7AE83913F86D13CAD2546F93B533D15629D4B3E2C76753C5ABCC29A8FB610CA1C3EB1014B0FD8209C330FFF6EB8A562474B7D387E3F8074FA29D0B58BAD5E6967A0AD667C41D41E1241669431F865C57E9EEB00E69BEB1D18C3B940810324B394FAB8F75B27A9B4E7972F07B4916A6A3D50F0445024697155382BF1AD14F90F8BAB7E9D3CCBAE6CD84E488A98770A8C64943582C6D2BB529511945ABA146115273EB6BD718B62FEBFCD503FB56E8D4262E17DC5CE1A9B1D3E8FFA5CE0B825498BC6254DA9CC69DDF7AD9BA582AB8F812C4DE3228C88C5640BAEF5F62B7C039588D6CD7F694F039507AA3AAF4FB368A3712230FFC05B66A14C7003E2AD6A938D544B8B9908C4536F945AC4BDB1CA623F2826A25CA16B39730C9FE940A8642EB35088ED341BE768C10B152C8A65D32E4DBE68764E6B2ABDE6824088B6BE258D7E3AEA155CB919E1C500CDCEE435515CF09575F75551C16FBA0F3AEDE0AABA544E89A58E4C34E255EAAFD8F65340DAA55E3ED8AB903FE188416340ACE15D36F9CEDE379CC3586E6D320F72AA310A1B0A781D06B7418A50525105FA749306AC59A788D6866B7DDD0F4C059BA6CEE43FAD5AD2A362B9DE1C57324ADE8B5B46C6B1DDABD82F0670F7A4DA869F204EFB27EA7E049BC7D6CFD2071682C894161922A99108EB3BB8922113BA992402C07A93 | 185 | 20040303003544 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFE127CF63 |
186 | 20040303072925 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFE2D793F3 | ||
187 | 20040305011518 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080E4CE974B | ||
188 | 20040305043124 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080E5050933 | ||
189 | 20040305084728 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080E54C7783 | ||
190 | 20040306205350 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080E809C413 | ||
191 | 20040309221333 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080ED7F9CFB | ||
192 | 20040311222059 2 6 100 6143 5 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080F103209F | ||
193 | 20040312160304 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080F247861B | ||
194 | 20040312210904 2 6 100 6143 5 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080F29D939F | ||
195 | 20040316074005 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080F8B1F7DB | ||
196 | 20040317113309 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080FAAE1F73 | ||
197 | 20040317195246 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080FB3F2B93 | ||
198 | 20040319025848 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080FD81741B | ||
199 | 20040323194658 2 6 100 6143 5 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C708105AF04AF | ||
200 | 20040324041535 2 6 100 6143 5 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C70810643E737 | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: moduli.c,v 1.9 2004/07/11 17:48:47 deraadt Exp $ */ | 1 | /* $OpenBSD: moduli.c,v 1.10 2005/01/17 03:25:46 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> | 3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> |
4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> | 4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> |
@@ -56,7 +56,7 @@ | |||
56 | #define QTYPE_UNKNOWN (0) | 56 | #define QTYPE_UNKNOWN (0) |
57 | #define QTYPE_UNSTRUCTURED (1) | 57 | #define QTYPE_UNSTRUCTURED (1) |
58 | #define QTYPE_SAFE (2) | 58 | #define QTYPE_SAFE (2) |
59 | #define QTYPE_SCHNOOR (3) | 59 | #define QTYPE_SCHNORR (3) |
60 | #define QTYPE_SOPHIE_GERMAIN (4) | 60 | #define QTYPE_SOPHIE_GERMAIN (4) |
61 | #define QTYPE_STRONG (5) | 61 | #define QTYPE_STRONG (5) |
62 | 62 | ||
@@ -530,7 +530,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted) | |||
530 | break; | 530 | break; |
531 | case QTYPE_UNSTRUCTURED: | 531 | case QTYPE_UNSTRUCTURED: |
532 | case QTYPE_SAFE: | 532 | case QTYPE_SAFE: |
533 | case QTYPE_SCHNOOR: | 533 | case QTYPE_SCHNORR: |
534 | case QTYPE_STRONG: | 534 | case QTYPE_STRONG: |
535 | case QTYPE_UNKNOWN: | 535 | case QTYPE_UNKNOWN: |
536 | debug2("%10u: (%u)", count_in, in_type); | 536 | debug2("%10u: (%u)", count_in, in_type); |
@@ -25,7 +25,7 @@ | |||
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "includes.h" | 27 | #include "includes.h" |
28 | RCSID("$OpenBSD: monitor.c,v 1.61 2004/07/17 05:31:41 dtucker Exp $"); | 28 | RCSID("$OpenBSD: monitor.c,v 1.62 2005/01/30 11:18:08 dtucker Exp $"); |
29 | 29 | ||
30 | #include <openssl/dh.h> | 30 | #include <openssl/dh.h> |
31 | 31 | ||
@@ -143,6 +143,11 @@ int mm_answer_gss_userok(int, Buffer *); | |||
143 | int mm_answer_gss_checkmic(int, Buffer *); | 143 | int mm_answer_gss_checkmic(int, Buffer *); |
144 | #endif | 144 | #endif |
145 | 145 | ||
146 | #ifdef SSH_AUDIT_EVENTS | ||
147 | int mm_answer_audit_event(int, Buffer *); | ||
148 | int mm_answer_audit_command(int, Buffer *); | ||
149 | #endif | ||
150 | |||
146 | static Authctxt *authctxt; | 151 | static Authctxt *authctxt; |
147 | static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */ | 152 | static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */ |
148 | 153 | ||
@@ -186,6 +191,9 @@ struct mon_table mon_dispatch_proto20[] = { | |||
186 | {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, | 191 | {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, |
187 | {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, | 192 | {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, |
188 | #endif | 193 | #endif |
194 | #ifdef SSH_AUDIT_EVENTS | ||
195 | {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, | ||
196 | #endif | ||
189 | #ifdef BSD_AUTH | 197 | #ifdef BSD_AUTH |
190 | {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, | 198 | {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, |
191 | {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond}, | 199 | {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond}, |
@@ -211,6 +219,10 @@ struct mon_table mon_dispatch_postauth20[] = { | |||
211 | {MONITOR_REQ_PTY, 0, mm_answer_pty}, | 219 | {MONITOR_REQ_PTY, 0, mm_answer_pty}, |
212 | {MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup}, | 220 | {MONITOR_REQ_PTYCLEANUP, 0, mm_answer_pty_cleanup}, |
213 | {MONITOR_REQ_TERM, 0, mm_answer_term}, | 221 | {MONITOR_REQ_TERM, 0, mm_answer_term}, |
222 | #ifdef SSH_AUDIT_EVENTS | ||
223 | {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, | ||
224 | {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, | ||
225 | #endif | ||
214 | {0, 0, NULL} | 226 | {0, 0, NULL} |
215 | }; | 227 | }; |
216 | 228 | ||
@@ -239,6 +251,9 @@ struct mon_table mon_dispatch_proto15[] = { | |||
239 | {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, | 251 | {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, |
240 | {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, | 252 | {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, |
241 | #endif | 253 | #endif |
254 | #ifdef SSH_AUDIT_EVENTS | ||
255 | {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, | ||
256 | #endif | ||
242 | {0, 0, NULL} | 257 | {0, 0, NULL} |
243 | }; | 258 | }; |
244 | 259 | ||
@@ -246,6 +261,10 @@ struct mon_table mon_dispatch_postauth15[] = { | |||
246 | {MONITOR_REQ_PTY, MON_ONCE, mm_answer_pty}, | 261 | {MONITOR_REQ_PTY, MON_ONCE, mm_answer_pty}, |
247 | {MONITOR_REQ_PTYCLEANUP, MON_ONCE, mm_answer_pty_cleanup}, | 262 | {MONITOR_REQ_PTYCLEANUP, MON_ONCE, mm_answer_pty_cleanup}, |
248 | {MONITOR_REQ_TERM, 0, mm_answer_term}, | 263 | {MONITOR_REQ_TERM, 0, mm_answer_term}, |
264 | #ifdef SSH_AUDIT_EVENTS | ||
265 | {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, | ||
266 | {MONITOR_REQ_AUDIT_COMMAND, MON_ONCE, mm_answer_audit_command}, | ||
267 | #endif | ||
249 | {0, 0, NULL} | 268 | {0, 0, NULL} |
250 | }; | 269 | }; |
251 | 270 | ||
@@ -609,6 +628,9 @@ mm_answer_pwnamallow(int sock, Buffer *m) | |||
609 | if (options.use_pam) | 628 | if (options.use_pam) |
610 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1); | 629 | monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1); |
611 | #endif | 630 | #endif |
631 | #ifdef SSH_AUDIT_EVENTS | ||
632 | monitor_permit(mon_dispatch, MONITOR_REQ_AUDIT_COMMAND, 1); | ||
633 | #endif | ||
612 | 634 | ||
613 | return (0); | 635 | return (0); |
614 | } | 636 | } |
@@ -810,6 +832,9 @@ mm_answer_pam_account(int sock, Buffer *m) | |||
810 | ret = do_pam_account(); | 832 | ret = do_pam_account(); |
811 | 833 | ||
812 | buffer_put_int(m, ret); | 834 | buffer_put_int(m, ret); |
835 | buffer_append(&loginmsg, "\0", 1); | ||
836 | buffer_put_cstring(m, buffer_ptr(&loginmsg)); | ||
837 | buffer_clear(&loginmsg); | ||
813 | 838 | ||
814 | mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m); | 839 | mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m); |
815 | 840 | ||
@@ -1297,7 +1322,7 @@ mm_answer_sesskey(int sock, Buffer *m) | |||
1297 | int rsafail; | 1322 | int rsafail; |
1298 | 1323 | ||
1299 | /* Turn off permissions */ | 1324 | /* Turn off permissions */ |
1300 | monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 1); | 1325 | monitor_permit(mon_dispatch, MONITOR_REQ_SESSKEY, 0); |
1301 | 1326 | ||
1302 | if ((p = BN_new()) == NULL) | 1327 | if ((p = BN_new()) == NULL) |
1303 | fatal("%s: BN_new", __func__); | 1328 | fatal("%s: BN_new", __func__); |
@@ -1488,6 +1513,50 @@ mm_answer_term(int sock, Buffer *req) | |||
1488 | exit(res); | 1513 | exit(res); |
1489 | } | 1514 | } |
1490 | 1515 | ||
1516 | #ifdef SSH_AUDIT_EVENTS | ||
1517 | /* Report that an audit event occurred */ | ||
1518 | int | ||
1519 | mm_answer_audit_event(int socket, Buffer *m) | ||
1520 | { | ||
1521 | ssh_audit_event_t event; | ||
1522 | |||
1523 | debug3("%s entering", __func__); | ||
1524 | |||
1525 | event = buffer_get_int(m); | ||
1526 | buffer_free(m); | ||
1527 | switch(event) { | ||
1528 | case SSH_AUTH_FAIL_PUBKEY: | ||
1529 | case SSH_AUTH_FAIL_HOSTBASED: | ||
1530 | case SSH_AUTH_FAIL_GSSAPI: | ||
1531 | case SSH_LOGIN_EXCEED_MAXTRIES: | ||
1532 | case SSH_LOGIN_ROOT_DENIED: | ||
1533 | case SSH_CONNECTION_CLOSE: | ||
1534 | case SSH_INVALID_USER: | ||
1535 | audit_event(event); | ||
1536 | break; | ||
1537 | default: | ||
1538 | fatal("Audit event type %d not permitted", event); | ||
1539 | } | ||
1540 | |||
1541 | return (0); | ||
1542 | } | ||
1543 | |||
1544 | int | ||
1545 | mm_answer_audit_command(int socket, Buffer *m) | ||
1546 | { | ||
1547 | u_int len; | ||
1548 | char *cmd; | ||
1549 | |||
1550 | debug3("%s entering", __func__); | ||
1551 | cmd = buffer_get_string(m, &len); | ||
1552 | /* sanity check command, if so how? */ | ||
1553 | audit_run_command(cmd); | ||
1554 | xfree(cmd); | ||
1555 | buffer_free(m); | ||
1556 | return (0); | ||
1557 | } | ||
1558 | #endif /* SSH_AUDIT_EVENTS */ | ||
1559 | |||
1491 | void | 1560 | void |
1492 | monitor_apply_keystate(struct monitor *pmonitor) | 1561 | monitor_apply_keystate(struct monitor *pmonitor) |
1493 | { | 1562 | { |
@@ -59,6 +59,7 @@ enum monitor_reqtype { | |||
59 | MONITOR_REQ_PAM_QUERY, MONITOR_ANS_PAM_QUERY, | 59 | MONITOR_REQ_PAM_QUERY, MONITOR_ANS_PAM_QUERY, |
60 | MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND, | 60 | MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND, |
61 | MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX, | 61 | MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX, |
62 | MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND, | ||
62 | MONITOR_REQ_TERM | 63 | MONITOR_REQ_TERM |
63 | }; | 64 | }; |
64 | 65 | ||
diff --git a/monitor_mm.c b/monitor_mm.c index ff523a5b1..b0ec37cff 100644 --- a/monitor_mm.c +++ b/monitor_mm.c | |||
@@ -92,7 +92,7 @@ mm_create(struct mm_master *mmalloc, size_t size) | |||
92 | mm->mmalloc = mmalloc; | 92 | mm->mmalloc = mmalloc; |
93 | 93 | ||
94 | address = xmmap(size); | 94 | address = xmmap(size); |
95 | if (address == MAP_FAILED) | 95 | if (address == (void *)MAP_FAILED) |
96 | fatal("mmap(%lu): %s", (u_long)size, strerror(errno)); | 96 | fatal("mmap(%lu): %s", (u_long)size, strerror(errno)); |
97 | 97 | ||
98 | mm->address = address; | 98 | mm->address = address; |
diff --git a/monitor_wrap.c b/monitor_wrap.c index 0d7a0e3bd..e1b6512b4 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c | |||
@@ -72,6 +72,7 @@ extern struct monitor *pmonitor; | |||
72 | extern Buffer input, output; | 72 | extern Buffer input, output; |
73 | extern Buffer loginmsg; | 73 | extern Buffer loginmsg; |
74 | extern ServerOptions options; | 74 | extern ServerOptions options; |
75 | extern Buffer loginmsg; | ||
75 | 76 | ||
76 | int | 77 | int |
77 | mm_is_monitor(void) | 78 | mm_is_monitor(void) |
@@ -716,6 +717,7 @@ mm_do_pam_account(void) | |||
716 | { | 717 | { |
717 | Buffer m; | 718 | Buffer m; |
718 | u_int ret; | 719 | u_int ret; |
720 | char *msg; | ||
719 | 721 | ||
720 | debug3("%s entering", __func__); | 722 | debug3("%s entering", __func__); |
721 | if (!options.use_pam) | 723 | if (!options.use_pam) |
@@ -727,6 +729,9 @@ mm_do_pam_account(void) | |||
727 | mm_request_receive_expect(pmonitor->m_recvfd, | 729 | mm_request_receive_expect(pmonitor->m_recvfd, |
728 | MONITOR_ANS_PAM_ACCOUNT, &m); | 730 | MONITOR_ANS_PAM_ACCOUNT, &m); |
729 | ret = buffer_get_int(&m); | 731 | ret = buffer_get_int(&m); |
732 | msg = buffer_get_string(&m, NULL); | ||
733 | buffer_append(&loginmsg, msg, strlen(msg)); | ||
734 | xfree(msg); | ||
730 | 735 | ||
731 | buffer_free(&m); | 736 | buffer_free(&m); |
732 | 737 | ||
@@ -1098,6 +1103,36 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16]) | |||
1098 | return (success); | 1103 | return (success); |
1099 | } | 1104 | } |
1100 | 1105 | ||
1106 | #ifdef SSH_AUDIT_EVENTS | ||
1107 | void | ||
1108 | mm_audit_event(ssh_audit_event_t event) | ||
1109 | { | ||
1110 | Buffer m; | ||
1111 | |||
1112 | debug3("%s entering", __func__); | ||
1113 | |||
1114 | buffer_init(&m); | ||
1115 | buffer_put_int(&m, event); | ||
1116 | |||
1117 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_EVENT, &m); | ||
1118 | buffer_free(&m); | ||
1119 | } | ||
1120 | |||
1121 | void | ||
1122 | mm_audit_run_command(const char *command) | ||
1123 | { | ||
1124 | Buffer m; | ||
1125 | |||
1126 | debug3("%s entering command %s", __func__, command); | ||
1127 | |||
1128 | buffer_init(&m); | ||
1129 | buffer_put_cstring(&m, command); | ||
1130 | |||
1131 | mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, &m); | ||
1132 | buffer_free(&m); | ||
1133 | } | ||
1134 | #endif /* SSH_AUDIT_EVENTS */ | ||
1135 | |||
1101 | #ifdef GSSAPI | 1136 | #ifdef GSSAPI |
1102 | OM_uint32 | 1137 | OM_uint32 |
1103 | mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid) | 1138 | mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid) |
diff --git a/monitor_wrap.h b/monitor_wrap.h index e5cf5718c..310b42513 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h | |||
@@ -74,6 +74,12 @@ int mm_sshpam_respond(void *, u_int, char **); | |||
74 | void mm_sshpam_free_ctx(void *); | 74 | void mm_sshpam_free_ctx(void *); |
75 | #endif | 75 | #endif |
76 | 76 | ||
77 | #ifdef SSH_AUDIT_EVENTS | ||
78 | #include "audit.h" | ||
79 | void mm_audit_event(ssh_audit_event_t); | ||
80 | void mm_audit_run_command(const char *); | ||
81 | #endif | ||
82 | |||
77 | struct Session; | 83 | struct Session; |
78 | void mm_terminate(void); | 84 | void mm_terminate(void); |
79 | int mm_pty_allocate(int *, int *, char *, int); | 85 | int mm_pty_allocate(int *, int *, char *, int); |
diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c index 5284e1af8..1eeb6953b 100644 --- a/openbsd-compat/bsd-arc4random.c +++ b/openbsd-compat/bsd-arc4random.c | |||
@@ -17,7 +17,7 @@ | |||
17 | #include "includes.h" | 17 | #include "includes.h" |
18 | #include "log.h" | 18 | #include "log.h" |
19 | 19 | ||
20 | RCSID("$Id: bsd-arc4random.c,v 1.9 2004/07/18 23:30:40 djm Exp $"); | 20 | RCSID("$Id: bsd-arc4random.c,v 1.10 2005/02/16 02:01:28 djm Exp $"); |
21 | 21 | ||
22 | #ifndef HAVE_ARC4RANDOM | 22 | #ifndef HAVE_ARC4RANDOM |
23 | 23 | ||
@@ -34,7 +34,8 @@ RCSID("$Id: bsd-arc4random.c,v 1.9 2004/07/18 23:30:40 djm Exp $"); | |||
34 | static int rc4_ready = 0; | 34 | static int rc4_ready = 0; |
35 | static RC4_KEY rc4; | 35 | static RC4_KEY rc4; |
36 | 36 | ||
37 | unsigned int arc4random(void) | 37 | unsigned int |
38 | arc4random(void) | ||
38 | { | 39 | { |
39 | unsigned int r = 0; | 40 | unsigned int r = 0; |
40 | static int first_time = 1; | 41 | static int first_time = 1; |
@@ -53,7 +54,8 @@ unsigned int arc4random(void) | |||
53 | return(r); | 54 | return(r); |
54 | } | 55 | } |
55 | 56 | ||
56 | void arc4random_stir(void) | 57 | void |
58 | arc4random_stir(void) | ||
57 | { | 59 | { |
58 | unsigned char rand_buf[SEED_SIZE]; | 60 | unsigned char rand_buf[SEED_SIZE]; |
59 | int i; | 61 | int i; |
diff --git a/openbsd-compat/bsd-cray.c b/openbsd-compat/bsd-cray.c index f630366be..d1f1c059c 100644 --- a/openbsd-compat/bsd-cray.c +++ b/openbsd-compat/bsd-cray.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * $Id: bsd-cray.c,v 1.13 2004/01/30 03:34:22 dtucker Exp $ | 2 | * $Id: bsd-cray.c,v 1.14 2005/02/02 06:10:11 dtucker Exp $ |
3 | * | 3 | * |
4 | * bsd-cray.c | 4 | * bsd-cray.c |
5 | * | 5 | * |
@@ -171,7 +171,7 @@ cray_access_denied(char *username) | |||
171 | * record_failed_login: generic "login failed" interface function | 171 | * record_failed_login: generic "login failed" interface function |
172 | */ | 172 | */ |
173 | void | 173 | void |
174 | record_failed_login(const char *user, const char *ttyname) | 174 | record_failed_login(const char *user, const char *hostname, const char *ttyname) |
175 | { | 175 | { |
176 | cray_login_failure((char *)user, IA_UDBERR); | 176 | cray_login_failure((char *)user, IA_UDBERR); |
177 | } | 177 | } |
diff --git a/openbsd-compat/bsd-cray.h b/openbsd-compat/bsd-cray.h index de6ba1a8d..774eceb5a 100644 --- a/openbsd-compat/bsd-cray.h +++ b/openbsd-compat/bsd-cray.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: bsd-cray.h,v 1.11 2004/01/30 03:34:22 dtucker Exp $ */ | 1 | /* $Id: bsd-cray.h,v 1.12 2005/02/02 06:10:11 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2002, Cray Inc. (Wendy Palm <wendyp@cray.com>) | 4 | * Copyright (c) 2002, Cray Inc. (Wendy Palm <wendyp@cray.com>) |
@@ -42,10 +42,10 @@ void cray_init_job(struct passwd *); | |||
42 | void cray_job_termination_handler(int); | 42 | void cray_job_termination_handler(int); |
43 | void cray_login_failure(char *, int ); | 43 | void cray_login_failure(char *, int ); |
44 | int cray_access_denied(char *); | 44 | int cray_access_denied(char *); |
45 | #define CUSTOM_FAILED_LOGIN 1 | ||
46 | void record_failed_login(const char *, const char *); | ||
47 | extern char cray_tmpdir[]; | 45 | extern char cray_tmpdir[]; |
48 | 46 | ||
47 | #define CUSTOM_FAILED_LOGIN 1 | ||
48 | |||
49 | #ifndef IA_SSHD | 49 | #ifndef IA_SSHD |
50 | # define IA_SSHD IA_LOGIN | 50 | # define IA_SSHD IA_LOGIN |
51 | #endif | 51 | #endif |
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index 92cdba6e0..f53abb6e2 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c | |||
@@ -29,7 +29,7 @@ | |||
29 | 29 | ||
30 | #include "includes.h" | 30 | #include "includes.h" |
31 | 31 | ||
32 | RCSID("$Id: bsd-cygwin_util.c,v 1.12 2004/04/18 11:15:45 djm Exp $"); | 32 | RCSID("$Id: bsd-cygwin_util.c,v 1.13 2004/08/30 10:42:08 dtucker Exp $"); |
33 | 33 | ||
34 | #ifdef HAVE_CYGWIN | 34 | #ifdef HAVE_CYGWIN |
35 | 35 | ||
@@ -38,6 +38,7 @@ RCSID("$Id: bsd-cygwin_util.c,v 1.12 2004/04/18 11:15:45 djm Exp $"); | |||
38 | #include <sys/utsname.h> | 38 | #include <sys/utsname.h> |
39 | #include <sys/vfs.h> | 39 | #include <sys/vfs.h> |
40 | #include <windows.h> | 40 | #include <windows.h> |
41 | #include "xmalloc.h" | ||
41 | #define is_winnt (GetVersion() < 0x80000000) | 42 | #define is_winnt (GetVersion() < 0x80000000) |
42 | 43 | ||
43 | #define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec")) | 44 | #define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec")) |
@@ -96,7 +97,6 @@ has_capability(int what) | |||
96 | */ | 97 | */ |
97 | if (!inited) { | 98 | if (!inited) { |
98 | struct utsname uts; | 99 | struct utsname uts; |
99 | char *c; | ||
100 | 100 | ||
101 | if (!uname(&uts)) { | 101 | if (!uname(&uts)) { |
102 | int major_high = 0, major_low = 0, minor = 0; | 102 | int major_high = 0, major_low = 0, minor = 0; |
@@ -236,4 +236,54 @@ register_9x_service(void) | |||
236 | RegisterServiceProcess(0, 1); | 236 | RegisterServiceProcess(0, 1); |
237 | } | 237 | } |
238 | 238 | ||
239 | #define NL(x) x, (sizeof (x) - 1) | ||
240 | #define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0])) | ||
241 | |||
242 | static struct wenv { | ||
243 | const char *name; | ||
244 | size_t namelen; | ||
245 | } wenv_arr[] = { | ||
246 | { NL("ALLUSERSPROFILE=") }, | ||
247 | { NL("COMMONPROGRAMFILES=") }, | ||
248 | { NL("COMPUTERNAME=") }, | ||
249 | { NL("COMSPEC=") }, | ||
250 | { NL("NUMBER_OF_PROCESSORS=") }, | ||
251 | { NL("OS=") }, | ||
252 | { NL("PATH=") }, | ||
253 | { NL("PATHEXT=") }, | ||
254 | { NL("PROCESSOR_ARCHITECTURE=") }, | ||
255 | { NL("PROCESSOR_IDENTIFIER=") }, | ||
256 | { NL("PROCESSOR_LEVEL=") }, | ||
257 | { NL("PROCESSOR_REVISION=") }, | ||
258 | { NL("PROGRAMFILES=") }, | ||
259 | { NL("SYSTEMDRIVE=") }, | ||
260 | { NL("SYSTEMROOT=") }, | ||
261 | { NL("TMP=") }, | ||
262 | { NL("TEMP=") }, | ||
263 | { NL("WINDIR=") }, | ||
264 | }; | ||
265 | |||
266 | char ** | ||
267 | fetch_windows_environment(void) | ||
268 | { | ||
269 | char **e, **p; | ||
270 | int i, idx = 0; | ||
271 | |||
272 | p = xmalloc(WENV_SIZ * sizeof(char *)); | ||
273 | for (e = environ; *e != NULL; ++e) { | ||
274 | for (i = 0; i < WENV_SIZ; ++i) { | ||
275 | if (!strncmp(*e, wenv_arr[i].name, wenv_arr[i].namelen)) | ||
276 | p[idx++] = *e; | ||
277 | } | ||
278 | } | ||
279 | p[idx] = NULL; | ||
280 | return p; | ||
281 | } | ||
282 | |||
283 | void | ||
284 | free_windows_environment(char **p) | ||
285 | { | ||
286 | xfree(p); | ||
287 | } | ||
288 | |||
239 | #endif /* HAVE_CYGWIN */ | 289 | #endif /* HAVE_CYGWIN */ |
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h index 5ccb0fba2..6719b8a49 100644 --- a/openbsd-compat/bsd-cygwin_util.h +++ b/openbsd-compat/bsd-cygwin_util.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: bsd-cygwin_util.h,v 1.10 2003/08/07 06:28:16 dtucker Exp $ */ | 1 | /* $Id: bsd-cygwin_util.h,v 1.11 2004/08/30 10:42:08 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> | 4 | * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> |
@@ -46,6 +46,8 @@ int binary_pipe(int fd[2]); | |||
46 | int check_nt_auth(int, struct passwd *); | 46 | int check_nt_auth(int, struct passwd *); |
47 | int check_ntsec(const char *); | 47 | int check_ntsec(const char *); |
48 | void register_9x_service(void); | 48 | void register_9x_service(void); |
49 | char **fetch_windows_environment(void); | ||
50 | void free_windows_environment(char **); | ||
49 | 51 | ||
50 | #define open binary_open | 52 | #define open binary_open |
51 | #define pipe binary_pipe | 53 | #define pipe binary_pipe |
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c index 1b276b4f4..41f92cce9 100644 --- a/openbsd-compat/bsd-misc.c +++ b/openbsd-compat/bsd-misc.c | |||
@@ -18,7 +18,7 @@ | |||
18 | #include "includes.h" | 18 | #include "includes.h" |
19 | #include "xmalloc.h" | 19 | #include "xmalloc.h" |
20 | 20 | ||
21 | RCSID("$Id: bsd-misc.c,v 1.25 2004/08/15 08:41:00 djm Exp $"); | 21 | RCSID("$Id: bsd-misc.c,v 1.26 2005/02/25 23:07:38 dtucker Exp $"); |
22 | 22 | ||
23 | #ifndef HAVE___PROGNAME | 23 | #ifndef HAVE___PROGNAME |
24 | char *__progname; | 24 | char *__progname; |
@@ -122,17 +122,6 @@ int truncate(const char *path, off_t length) | |||
122 | } | 122 | } |
123 | #endif /* HAVE_TRUNCATE */ | 123 | #endif /* HAVE_TRUNCATE */ |
124 | 124 | ||
125 | #if !defined(HAVE_SETGROUPS) && defined(SETGROUPS_NOOP) | ||
126 | /* | ||
127 | * Cygwin setgroups should be a noop. | ||
128 | */ | ||
129 | int | ||
130 | setgroups(size_t size, const gid_t *list) | ||
131 | { | ||
132 | return (0); | ||
133 | } | ||
134 | #endif | ||
135 | |||
136 | #if !defined(HAVE_NANOSLEEP) && !defined(HAVE_NSLEEP) | 125 | #if !defined(HAVE_NANOSLEEP) && !defined(HAVE_NSLEEP) |
137 | int nanosleep(const struct timespec *req, struct timespec *rem) | 126 | int nanosleep(const struct timespec *req, struct timespec *rem) |
138 | { | 127 | { |
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h index 33a1d707f..b61ec4244 100644 --- a/openbsd-compat/bsd-misc.h +++ b/openbsd-compat/bsd-misc.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: bsd-misc.h,v 1.17 2004/08/15 08:41:00 djm Exp $ */ | 1 | /* $Id: bsd-misc.h,v 1.18 2005/02/25 23:07:38 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org> | 4 | * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org> |
@@ -67,10 +67,6 @@ int utimes(char *, struct timeval *); | |||
67 | int truncate (const char *, off_t); | 67 | int truncate (const char *, off_t); |
68 | #endif /* HAVE_TRUNCATE */ | 68 | #endif /* HAVE_TRUNCATE */ |
69 | 69 | ||
70 | #if !defined(HAVE_SETGROUPS) && defined(SETGROUPS_NOOP) | ||
71 | int setgroups(size_t, const gid_t *); | ||
72 | #endif | ||
73 | |||
74 | #if !defined(HAVE_NANOSLEEP) && !defined(HAVE_NSLEEP) | 70 | #if !defined(HAVE_NANOSLEEP) && !defined(HAVE_NSLEEP) |
75 | #ifndef HAVE_STRUCT_TIMESPEC | 71 | #ifndef HAVE_STRUCT_TIMESPEC |
76 | struct timespec { | 72 | struct timespec { |
diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c index daf5f8b81..8eb62b7a8 100644 --- a/openbsd-compat/bsd-openpty.c +++ b/openbsd-compat/bsd-openpty.c | |||
@@ -102,7 +102,6 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp, | |||
102 | return (-1); | 102 | return (-1); |
103 | } | 103 | } |
104 | 104 | ||
105 | #ifndef HAVE_CYGWIN | ||
106 | /* | 105 | /* |
107 | * Try to push the appropriate streams modules, as described | 106 | * Try to push the appropriate streams modules, as described |
108 | * in Solaris pts(7). | 107 | * in Solaris pts(7). |
@@ -112,7 +111,6 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp, | |||
112 | # ifndef __hpux | 111 | # ifndef __hpux |
113 | ioctl(*aslave, I_PUSH, "ttcompat"); | 112 | ioctl(*aslave, I_PUSH, "ttcompat"); |
114 | # endif /* __hpux */ | 113 | # endif /* __hpux */ |
115 | #endif /* HAVE_CYGWIN */ | ||
116 | 114 | ||
117 | return (0); | 115 | return (0); |
118 | 116 | ||
diff --git a/openbsd-compat/bsd-snprintf.c b/openbsd-compat/bsd-snprintf.c index e4d8a439a..b5a7ef7a0 100644 --- a/openbsd-compat/bsd-snprintf.c +++ b/openbsd-compat/bsd-snprintf.c | |||
@@ -58,7 +58,7 @@ | |||
58 | 58 | ||
59 | #include "includes.h" | 59 | #include "includes.h" |
60 | 60 | ||
61 | RCSID("$Id: bsd-snprintf.c,v 1.7 2003/05/18 14:13:39 djm Exp $"); | 61 | RCSID("$Id: bsd-snprintf.c,v 1.9 2004/09/23 11:35:09 dtucker Exp $"); |
62 | 62 | ||
63 | #if defined(BROKEN_SNPRINTF) /* For those with broken snprintf() */ | 63 | #if defined(BROKEN_SNPRINTF) /* For those with broken snprintf() */ |
64 | # undef HAVE_SNPRINTF | 64 | # undef HAVE_SNPRINTF |
@@ -369,7 +369,7 @@ fmtstr(char *buffer, size_t *currlen, size_t maxlen, | |||
369 | if (value == 0) | 369 | if (value == 0) |
370 | value = "<NULL>"; | 370 | value = "<NULL>"; |
371 | 371 | ||
372 | for (strln = 0; value[strln]; ++strln); /* strlen */ | 372 | for (strln = 0; strln < max && value[strln]; ++strln); /* strlen */ |
373 | padlen = min - strln; | 373 | padlen = min - strln; |
374 | if (padlen < 0) | 374 | if (padlen < 0) |
375 | padlen = 0; | 375 | padlen = 0; |
diff --git a/openbsd-compat/fake-rfc2553.h b/openbsd-compat/fake-rfc2553.h index baea07038..636792ed7 100644 --- a/openbsd-compat/fake-rfc2553.h +++ b/openbsd-compat/fake-rfc2553.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: fake-rfc2553.h,v 1.9 2004/03/10 10:06:33 dtucker Exp $ */ | 1 | /* $Id: fake-rfc2553.h,v 1.10 2005/02/11 07:32:13 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (C) 2000-2003 Damien Miller. All rights reserved. | 4 | * Copyright (C) 2000-2003 Damien Miller. All rights reserved. |
@@ -117,6 +117,7 @@ struct sockaddr_in6 { | |||
117 | # define EAI_NODATA 1 | 117 | # define EAI_NODATA 1 |
118 | # define EAI_MEMORY 2 | 118 | # define EAI_MEMORY 2 |
119 | # define EAI_NONAME 3 | 119 | # define EAI_NONAME 3 |
120 | # define EAI_SYSTEM 4 | ||
120 | #endif | 121 | #endif |
121 | 122 | ||
122 | #ifndef HAVE_STRUCT_ADDRINFO | 123 | #ifndef HAVE_STRUCT_ADDRINFO |
diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c index 660427c1f..4e869c4df 100644 --- a/openbsd-compat/getrrsetbyname.c +++ b/openbsd-compat/getrrsetbyname.c | |||
@@ -277,7 +277,7 @@ getrrsetbyname(const char *hostname, unsigned int rdclass, | |||
277 | 277 | ||
278 | /* allocate memory for signatures */ | 278 | /* allocate memory for signatures */ |
279 | rrset->rri_sigs = calloc(rrset->rri_nsigs, sizeof(struct rdatainfo)); | 279 | rrset->rri_sigs = calloc(rrset->rri_nsigs, sizeof(struct rdatainfo)); |
280 | if (rrset->rri_sigs == NULL) { | 280 | if (rrset->rri_nsigs > 0 && rrset->rri_sigs == NULL) { |
281 | result = ERRSET_NOMEMORY; | 281 | result = ERRSET_NOMEMORY; |
282 | goto fail; | 282 | goto fail; |
283 | } | 283 | } |
diff --git a/openbsd-compat/inet_ntop.c b/openbsd-compat/inet_ntop.c index 7031625b4..47796c370 100644 --- a/openbsd-compat/inet_ntop.c +++ b/openbsd-compat/inet_ntop.c | |||
@@ -35,9 +35,7 @@ static char rcsid[] = "$OpenBSD: inet_ntop.c,v 1.5 2002/08/23 16:27:31 itojun Ex | |||
35 | #include <sys/socket.h> | 35 | #include <sys/socket.h> |
36 | #include <netinet/in.h> | 36 | #include <netinet/in.h> |
37 | #include <arpa/inet.h> | 37 | #include <arpa/inet.h> |
38 | #ifndef HAVE_CYGWIN | ||
39 | #include <arpa/nameser.h> | 38 | #include <arpa/nameser.h> |
40 | #endif | ||
41 | #include <string.h> | 39 | #include <string.h> |
42 | #include <errno.h> | 40 | #include <errno.h> |
43 | #include <stdio.h> | 41 | #include <stdio.h> |
diff --git a/openbsd-compat/mktemp.c b/openbsd-compat/mktemp.c index aff8d2005..969f69580 100644 --- a/openbsd-compat/mktemp.c +++ b/openbsd-compat/mktemp.c | |||
@@ -40,11 +40,6 @@ | |||
40 | static char rcsid[] = "$OpenBSD: mktemp.c,v 1.17 2003/06/02 20:18:37 millert Exp $"; | 40 | static char rcsid[] = "$OpenBSD: mktemp.c,v 1.17 2003/06/02 20:18:37 millert Exp $"; |
41 | #endif /* LIBC_SCCS and not lint */ | 41 | #endif /* LIBC_SCCS and not lint */ |
42 | 42 | ||
43 | #ifdef HAVE_CYGWIN | ||
44 | #define open binary_open | ||
45 | extern int binary_open(); | ||
46 | #endif | ||
47 | |||
48 | static int _gettemp(char *, int *, int, int); | 43 | static int _gettemp(char *, int *, int, int); |
49 | 44 | ||
50 | int | 45 | int |
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 78f4faea3..fa6a4ff7b 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c | |||
@@ -1,6 +1,7 @@ | |||
1 | /* | 1 | /* |
2 | * | 2 | * |
3 | * Copyright (c) 2001 Gert Doering. All rights reserved. | 3 | * Copyright (c) 2001 Gert Doering. All rights reserved. |
4 | * Copyright (c) 2003,2004 Darren Tucker. All rights reserved. | ||
4 | * | 5 | * |
5 | * Redistribution and use in source and binary forms, with or without | 6 | * Redistribution and use in source and binary forms, with or without |
6 | * modification, are permitted provided that the following conditions | 7 | * modification, are permitted provided that the following conditions |
@@ -27,19 +28,15 @@ | |||
27 | #include "auth.h" | 28 | #include "auth.h" |
28 | #include "ssh.h" | 29 | #include "ssh.h" |
29 | #include "log.h" | 30 | #include "log.h" |
30 | #include "servconf.h" | ||
31 | #include "canohost.h" | ||
32 | #include "xmalloc.h" | 31 | #include "xmalloc.h" |
33 | #include "buffer.h" | 32 | #include "buffer.h" |
34 | 33 | ||
35 | #ifdef _AIX | 34 | #ifdef _AIX |
36 | 35 | ||
37 | #include <uinfo.h> | 36 | #include <uinfo.h> |
37 | #include <sys/socket.h> | ||
38 | #include "port-aix.h" | 38 | #include "port-aix.h" |
39 | 39 | ||
40 | extern ServerOptions options; | ||
41 | extern Buffer loginmsg; | ||
42 | |||
43 | # ifdef HAVE_SETAUTHDB | 40 | # ifdef HAVE_SETAUTHDB |
44 | static char old_registry[REGISTRY_SIZE] = ""; | 41 | static char old_registry[REGISTRY_SIZE] = ""; |
45 | # endif | 42 | # endif |
@@ -51,6 +48,8 @@ static char old_registry[REGISTRY_SIZE] = ""; | |||
51 | * NOTE: TTY= should be set, but since no one uses it and it's hard to | 48 | * NOTE: TTY= should be set, but since no one uses it and it's hard to |
52 | * acquire due to privsep code. We will just drop support. | 49 | * acquire due to privsep code. We will just drop support. |
53 | */ | 50 | */ |
51 | |||
52 | |||
54 | void | 53 | void |
55 | aix_usrinfo(struct passwd *pw) | 54 | aix_usrinfo(struct passwd *pw) |
56 | { | 55 | { |
@@ -92,6 +91,59 @@ aix_remove_embedded_newlines(char *p) | |||
92 | } | 91 | } |
93 | 92 | ||
94 | /* | 93 | /* |
94 | * Test specifically for the case where SYSTEM == NONE and AUTH1 contains | ||
95 | * anything other than NONE or SYSTEM, which indicates that the admin has | ||
96 | * configured the account for purely AUTH1-type authentication. | ||
97 | * | ||
98 | * Since authenticate() doesn't check AUTH1, and sshd can't sanely support | ||
99 | * AUTH1 itself, in such a case authenticate() will allow access without | ||
100 | * authentation, which is almost certainly not what the admin intends. | ||
101 | * | ||
102 | * (The native tools, eg login, will process the AUTH1 list in addition to | ||
103 | * the SYSTEM list by using ckuserID(), however ckuserID() and AUTH1 methods | ||
104 | * have been deprecated since AIX 4.2.x and would be very difficult for sshd | ||
105 | * to support. | ||
106 | * | ||
107 | * Returns 0 if an unsupportable combination is found, 1 otherwise. | ||
108 | */ | ||
109 | static int | ||
110 | aix_valid_authentications(const char *user) | ||
111 | { | ||
112 | char *auth1, *sys, *p; | ||
113 | int valid = 1; | ||
114 | |||
115 | if (getuserattr((char *)user, S_AUTHSYSTEM, &sys, SEC_CHAR) != 0) { | ||
116 | logit("Can't retrieve attribute SYSTEM for %s: %.100s", | ||
117 | user, strerror(errno)); | ||
118 | return 0; | ||
119 | } | ||
120 | |||
121 | debug3("AIX SYSTEM attribute %s", sys); | ||
122 | if (strcmp(sys, "NONE") != 0) | ||
123 | return 1; /* not "NONE", so is OK */ | ||
124 | |||
125 | if (getuserattr((char *)user, S_AUTH1, &auth1, SEC_LIST) != 0) { | ||
126 | logit("Can't retrieve attribute auth1 for %s: %.100s", | ||
127 | user, strerror(errno)); | ||
128 | return 0; | ||
129 | } | ||
130 | |||
131 | p = auth1; | ||
132 | /* A SEC_LIST is concatenated strings, ending with two NULs. */ | ||
133 | while (p[0] != '\0' && p[1] != '\0') { | ||
134 | debug3("AIX auth1 attribute list member %s", p); | ||
135 | if (strcmp(p, "NONE") != 0 && strcmp(p, "SYSTEM")) { | ||
136 | logit("Account %s has unsupported auth1 value '%s'", | ||
137 | user, p); | ||
138 | valid = 0; | ||
139 | } | ||
140 | p += strlen(p) + 1; | ||
141 | } | ||
142 | |||
143 | return (valid); | ||
144 | } | ||
145 | |||
146 | /* | ||
95 | * Do authentication via AIX's authenticate routine. We loop until the | 147 | * Do authentication via AIX's authenticate routine. We loop until the |
96 | * reenter parameter is 0, but normally authenticate is called only once. | 148 | * reenter parameter is 0, but normally authenticate is called only once. |
97 | * | 149 | * |
@@ -99,7 +151,7 @@ aix_remove_embedded_newlines(char *p) | |||
99 | * returns 0. | 151 | * returns 0. |
100 | */ | 152 | */ |
101 | int | 153 | int |
102 | sys_auth_passwd(Authctxt *ctxt, const char *password) | 154 | sys_auth_passwd(Authctxt *ctxt, const char *password, Buffer *loginmsg) |
103 | { | 155 | { |
104 | char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name; | 156 | char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name; |
105 | int authsuccess = 0, expired, reenter, result; | 157 | int authsuccess = 0, expired, reenter, result; |
@@ -112,6 +164,9 @@ sys_auth_passwd(Authctxt *ctxt, const char *password) | |||
112 | authmsg); | 164 | authmsg); |
113 | } while (reenter); | 165 | } while (reenter); |
114 | 166 | ||
167 | if (!aix_valid_authentications(name)) | ||
168 | result = -1; | ||
169 | |||
115 | if (result == 0) { | 170 | if (result == 0) { |
116 | authsuccess = 1; | 171 | authsuccess = 1; |
117 | 172 | ||
@@ -126,7 +181,7 @@ sys_auth_passwd(Authctxt *ctxt, const char *password) | |||
126 | */ | 181 | */ |
127 | expired = passwdexpired(name, &msg); | 182 | expired = passwdexpired(name, &msg); |
128 | if (msg && *msg) { | 183 | if (msg && *msg) { |
129 | buffer_append(&loginmsg, msg, strlen(msg)); | 184 | buffer_append(loginmsg, msg, strlen(msg)); |
130 | aix_remove_embedded_newlines(msg); | 185 | aix_remove_embedded_newlines(msg); |
131 | } | 186 | } |
132 | debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg); | 187 | debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg); |
@@ -136,7 +191,6 @@ sys_auth_passwd(Authctxt *ctxt, const char *password) | |||
136 | break; | 191 | break; |
137 | case 1: /* expired, password change required */ | 192 | case 1: /* expired, password change required */ |
138 | ctxt->force_pwchange = 1; | 193 | ctxt->force_pwchange = 1; |
139 | disable_forwarding(); | ||
140 | break; | 194 | break; |
141 | default: /* user can't change(2) or other error (-1) */ | 195 | default: /* user can't change(2) or other error (-1) */ |
142 | logit("Password can't be changed for user %s: %.100s", | 196 | logit("Password can't be changed for user %s: %.100s", |
@@ -160,7 +214,7 @@ sys_auth_passwd(Authctxt *ctxt, const char *password) | |||
160 | * Returns 1 if login is allowed, 0 if not allowed. | 214 | * Returns 1 if login is allowed, 0 if not allowed. |
161 | */ | 215 | */ |
162 | int | 216 | int |
163 | sys_auth_allowed_user(struct passwd *pw) | 217 | sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg) |
164 | { | 218 | { |
165 | char *msg = NULL; | 219 | char *msg = NULL; |
166 | int result, permitted = 0; | 220 | int result, permitted = 0; |
@@ -187,7 +241,7 @@ sys_auth_allowed_user(struct passwd *pw) | |||
187 | if (result == -1 && errno == EPERM && stat(_PATH_NOLOGIN, &st) == 0) | 241 | if (result == -1 && errno == EPERM && stat(_PATH_NOLOGIN, &st) == 0) |
188 | permitted = 1; | 242 | permitted = 1; |
189 | else if (msg != NULL) | 243 | else if (msg != NULL) |
190 | buffer_append(&loginmsg, msg, strlen(msg)); | 244 | buffer_append(loginmsg, msg, strlen(msg)); |
191 | if (msg == NULL) | 245 | if (msg == NULL) |
192 | msg = xstrdup("(none)"); | 246 | msg = xstrdup("(none)"); |
193 | aix_remove_embedded_newlines(msg); | 247 | aix_remove_embedded_newlines(msg); |
@@ -200,17 +254,18 @@ sys_auth_allowed_user(struct passwd *pw) | |||
200 | } | 254 | } |
201 | 255 | ||
202 | int | 256 | int |
203 | sys_auth_record_login(const char *user, const char *host, const char *ttynm) | 257 | sys_auth_record_login(const char *user, const char *host, const char *ttynm, |
258 | Buffer *loginmsg) | ||
204 | { | 259 | { |
205 | char *msg; | 260 | char *msg; |
206 | int success = 0; | 261 | int success = 0; |
207 | 262 | ||
208 | aix_setauthdb(user); | 263 | aix_setauthdb(user); |
209 | if (loginsuccess((char *)user, host, ttynm, &msg) == 0) { | 264 | if (loginsuccess((char *)user, (char *)host, (char *)ttynm, &msg) == 0) { |
210 | success = 1; | 265 | success = 1; |
211 | if (msg != NULL) { | 266 | if (msg != NULL) { |
212 | debug("AIX/loginsuccess: msg %s", __func__, msg); | 267 | debug("AIX/loginsuccess: msg %s", msg); |
213 | buffer_append(&loginmsg, msg, strlen(msg)); | 268 | buffer_append(loginmsg, msg, strlen(msg)); |
214 | xfree(msg); | 269 | xfree(msg); |
215 | } | 270 | } |
216 | } | 271 | } |
@@ -223,18 +278,17 @@ sys_auth_record_login(const char *user, const char *host, const char *ttynm) | |||
223 | * record_failed_login: generic "login failed" interface function | 278 | * record_failed_login: generic "login failed" interface function |
224 | */ | 279 | */ |
225 | void | 280 | void |
226 | record_failed_login(const char *user, const char *ttyname) | 281 | record_failed_login(const char *user, const char *hostname, const char *ttyname) |
227 | { | 282 | { |
228 | char *hostname = (char *)get_canonical_hostname(options.use_dns); | ||
229 | |||
230 | if (geteuid() != 0) | 283 | if (geteuid() != 0) |
231 | return; | 284 | return; |
232 | 285 | ||
233 | aix_setauthdb(user); | 286 | aix_setauthdb(user); |
234 | # ifdef AIX_LOGINFAILED_4ARG | 287 | # ifdef AIX_LOGINFAILED_4ARG |
235 | loginfailed((char *)user, hostname, (char *)ttyname, AUDIT_FAIL_AUTH); | 288 | loginfailed((char *)user, (char *)hostname, (char *)ttyname, |
289 | AUDIT_FAIL_AUTH); | ||
236 | # else | 290 | # else |
237 | loginfailed((char *)user, hostname, (char *)ttyname); | 291 | loginfailed((char *)user, (char *)hostname, (char *)ttyname); |
238 | # endif | 292 | # endif |
239 | aix_restoreauthdb(); | 293 | aix_restoreauthdb(); |
240 | } | 294 | } |
@@ -291,4 +345,33 @@ aix_restoreauthdb(void) | |||
291 | 345 | ||
292 | # endif /* WITH_AIXAUTHENTICATE */ | 346 | # endif /* WITH_AIXAUTHENTICATE */ |
293 | 347 | ||
348 | # if defined(AIX_GETNAMEINFO_HACK) && !defined(BROKEN_ADDRINFO) | ||
349 | # undef getnameinfo | ||
350 | /* | ||
351 | * For some reason, AIX's getnameinfo will refuse to resolve the all-zeros | ||
352 | * IPv6 address into its textual representation ("::"), so we wrap it | ||
353 | * with a function that will. | ||
354 | */ | ||
355 | int | ||
356 | sshaix_getnameinfo(const struct sockaddr *sa, size_t salen, char *host, | ||
357 | size_t hostlen, char *serv, size_t servlen, int flags) | ||
358 | { | ||
359 | struct sockaddr_in6 *sa6; | ||
360 | u_int32_t *a6; | ||
361 | |||
362 | if (flags & (NI_NUMERICHOST|NI_NUMERICSERV) && | ||
363 | sa->sa_family == AF_INET6) { | ||
364 | sa6 = (struct sockaddr_in6 *)sa; | ||
365 | a6 = sa6->sin6_addr.u6_addr.u6_addr32; | ||
366 | |||
367 | if (a6[0] == 0 && a6[1] == 0 && a6[2] == 0 && a6[3] == 0) { | ||
368 | strlcpy(host, "::", hostlen); | ||
369 | snprintf(serv, servlen, "%d", sa6->sin6_port); | ||
370 | return 0; | ||
371 | } | ||
372 | } | ||
373 | return getnameinfo(sa, salen, host, hostlen, serv, servlen, flags); | ||
374 | } | ||
375 | # endif /* AIX_GETNAMEINFO_HACK */ | ||
376 | |||
294 | #endif /* _AIX */ | 377 | #endif /* _AIX */ |
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h index 29e9751ce..a05ce9703 100644 --- a/openbsd-compat/port-aix.h +++ b/openbsd-compat/port-aix.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: port-aix.h,v 1.21 2004/08/14 14:09:12 dtucker Exp $ */ | 1 | /* $Id: port-aix.h,v 1.24 2005/02/16 11:49:31 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * | 4 | * |
@@ -27,6 +27,13 @@ | |||
27 | 27 | ||
28 | #ifdef _AIX | 28 | #ifdef _AIX |
29 | 29 | ||
30 | #ifdef HAVE_SYS_SOCKET_H | ||
31 | # include <sys/socket.h> | ||
32 | #endif | ||
33 | #ifdef HAVE_UNISTD_H | ||
34 | # include <unistd.h> /* for seteuid() */ | ||
35 | #endif | ||
36 | |||
30 | #ifdef WITH_AIXAUTHENTICATE | 37 | #ifdef WITH_AIXAUTHENTICATE |
31 | # include <login.h> | 38 | # include <login.h> |
32 | # include <userpw.h> | 39 | # include <userpw.h> |
@@ -36,6 +43,28 @@ | |||
36 | # include <usersec.h> | 43 | # include <usersec.h> |
37 | #endif | 44 | #endif |
38 | 45 | ||
46 | #include "buffer.h" | ||
47 | |||
48 | /* These should be in the system headers but are not. */ | ||
49 | int usrinfo(int, char *, int); | ||
50 | int setauthdb(const char *, char *); | ||
51 | /* these may or may not be in the headers depending on the version */ | ||
52 | #if (HAVE_DECL_AUTHENTICATE == 0) | ||
53 | int authenticate(char *, char *, int *, char **); | ||
54 | #endif | ||
55 | #if (HAVE_DECL_LOGINFAILED == 0) | ||
56 | int loginfailed(char *, char *, char *); | ||
57 | #endif | ||
58 | #if (HAVE_DECL_LOGINRESTRICTIONS == 0) | ||
59 | int loginrestrictions(char *, int, char *, char **); | ||
60 | #endif | ||
61 | #if (HAVE_DECL_LOGINSUCCESS == 0) | ||
62 | int loginsuccess(char *, char *, char *, char **); | ||
63 | #endif | ||
64 | #if (HAVE_DECL_PASSWDEXPIRED == 0) | ||
65 | int passwdexpired(char *, char **); | ||
66 | #endif | ||
67 | |||
39 | /* Some versions define r_type in the above headers, which causes a conflict */ | 68 | /* Some versions define r_type in the above headers, which causes a conflict */ |
40 | #ifdef r_type | 69 | #ifdef r_type |
41 | # undef r_type | 70 | # undef r_type |
@@ -64,14 +93,23 @@ void aix_usrinfo(struct passwd *); | |||
64 | #ifdef WITH_AIXAUTHENTICATE | 93 | #ifdef WITH_AIXAUTHENTICATE |
65 | # define CUSTOM_SYS_AUTH_PASSWD 1 | 94 | # define CUSTOM_SYS_AUTH_PASSWD 1 |
66 | # define CUSTOM_SYS_AUTH_ALLOWED_USER 1 | 95 | # define CUSTOM_SYS_AUTH_ALLOWED_USER 1 |
67 | int sys_auth_allowed_user(struct passwd *); | 96 | int sys_auth_allowed_user(struct passwd *, Buffer *); |
68 | # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 | 97 | # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 |
69 | int sys_auth_record_login(const char *, const char *, const char *); | 98 | int sys_auth_record_login(const char *, const char *, const char *, Buffer *); |
70 | # define CUSTOM_FAILED_LOGIN 1 | 99 | # define CUSTOM_FAILED_LOGIN 1 |
71 | void record_failed_login(const char *, const char *); | ||
72 | #endif | 100 | #endif |
73 | 101 | ||
74 | void aix_setauthdb(const char *); | 102 | void aix_setauthdb(const char *); |
75 | void aix_restoreauthdb(void); | 103 | void aix_restoreauthdb(void); |
76 | void aix_remove_embedded_newlines(char *); | 104 | void aix_remove_embedded_newlines(char *); |
105 | |||
106 | #if defined(AIX_GETNAMEINFO_HACK) && !defined(BROKEN_GETADDRINFO) | ||
107 | # ifdef getnameinfo | ||
108 | # undef getnameinfo | ||
109 | # endif | ||
110 | int sshaix_getnameinfo(const struct sockaddr *, size_t, char *, size_t, | ||
111 | char *, size_t, int); | ||
112 | # define getnameinfo(a,b,c,d,e,f,g) (sshaix_getnameinfo(a,b,c,d,e,f,g)) | ||
113 | #endif | ||
114 | |||
77 | #endif /* _AIX */ | 115 | #endif /* _AIX */ |
diff --git a/openbsd-compat/realpath.c b/openbsd-compat/realpath.c index 218fbecb2..7f73bd998 100644 --- a/openbsd-compat/realpath.c +++ b/openbsd-compat/realpath.c | |||
@@ -37,7 +37,7 @@ | |||
37 | #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) | 37 | #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) |
38 | 38 | ||
39 | #if defined(LIBC_SCCS) && !defined(lint) | 39 | #if defined(LIBC_SCCS) && !defined(lint) |
40 | static char *rcsid = "$OpenBSD: realpath.c,v 1.10 2003/08/01 21:04:59 millert Exp $"; | 40 | static char *rcsid = "$OpenBSD: realpath.c,v 1.11 2004/11/30 15:12:59 millert Exp $"; |
41 | #endif /* LIBC_SCCS and not lint */ | 41 | #endif /* LIBC_SCCS and not lint */ |
42 | 42 | ||
43 | #include <sys/param.h> | 43 | #include <sys/param.h> |
@@ -67,17 +67,25 @@ char * | |||
67 | realpath(const char *path, char *resolved) | 67 | realpath(const char *path, char *resolved) |
68 | { | 68 | { |
69 | struct stat sb; | 69 | struct stat sb; |
70 | int fd, n, needslash, serrno = 0; | 70 | int fd, n, needslash, serrno; |
71 | char *p, *q, wbuf[MAXPATHLEN], start[MAXPATHLEN]; | 71 | char *p, *q, wbuf[MAXPATHLEN]; |
72 | int symlinks = 0; | 72 | int symlinks = 0; |
73 | 73 | ||
74 | /* Save the starting point. */ | 74 | /* Save the starting point. */ |
75 | getcwd(start,MAXPATHLEN); | 75 | #ifndef HAVE_FCHDIR |
76 | char start[MAXPATHLEN]; | ||
77 | /* this is potentially racy but without fchdir we have no option */ | ||
78 | if (getcwd(start, sizeof(start)) == NULL) { | ||
79 | resolved[0] = '.'; | ||
80 | resolved[1] = '\0'; | ||
81 | return (NULL); | ||
82 | } | ||
83 | #endif | ||
76 | if ((fd = open(".", O_RDONLY)) < 0) { | 84 | if ((fd = open(".", O_RDONLY)) < 0) { |
77 | (void)strlcpy(resolved, ".", MAXPATHLEN); | 85 | resolved[0] = '.'; |
86 | resolved[1] = '\0'; | ||
78 | return (NULL); | 87 | return (NULL); |
79 | } | 88 | } |
80 | close(fd); | ||
81 | 89 | ||
82 | /* Convert "." -> "" to optimize away a needless lstat() and chdir() */ | 90 | /* Convert "." -> "" to optimize away a needless lstat() and chdir() */ |
83 | if (path[0] == '.' && path[1] == '\0') | 91 | if (path[0] == '.' && path[1] == '\0') |
@@ -91,7 +99,10 @@ realpath(const char *path, char *resolved) | |||
91 | * if it is a directory, then change to that directory. | 99 | * if it is a directory, then change to that directory. |
92 | * get the current directory name and append the basename. | 100 | * get the current directory name and append the basename. |
93 | */ | 101 | */ |
94 | strlcpy(resolved, path, MAXPATHLEN); | 102 | if (strlcpy(resolved, path, MAXPATHLEN) >= MAXPATHLEN) { |
103 | serrno = ENAMETOOLONG; | ||
104 | goto err2; | ||
105 | } | ||
95 | loop: | 106 | loop: |
96 | q = strrchr(resolved, '/'); | 107 | q = strrchr(resolved, '/'); |
97 | if (q != NULL) { | 108 | if (q != NULL) { |
@@ -114,11 +125,10 @@ loop: | |||
114 | if (*p != '\0' && lstat(p, &sb) == 0) { | 125 | if (*p != '\0' && lstat(p, &sb) == 0) { |
115 | if (S_ISLNK(sb.st_mode)) { | 126 | if (S_ISLNK(sb.st_mode)) { |
116 | if (++symlinks > MAXSYMLINKS) { | 127 | if (++symlinks > MAXSYMLINKS) { |
117 | serrno = ELOOP; | 128 | errno = ELOOP; |
118 | goto err1; | 129 | goto err1; |
119 | } | 130 | } |
120 | n = readlink(p, resolved, MAXPATHLEN-1); | 131 | if ((n = readlink(p, resolved, MAXPATHLEN-1)) < 0) |
121 | if (n < 0) | ||
122 | goto err1; | 132 | goto err1; |
123 | resolved[n] = '\0'; | 133 | resolved[n] = '\0'; |
124 | goto loop; | 134 | goto loop; |
@@ -134,8 +144,11 @@ loop: | |||
134 | * Save the last component name and get the full pathname of | 144 | * Save the last component name and get the full pathname of |
135 | * the current directory. | 145 | * the current directory. |
136 | */ | 146 | */ |
137 | (void)strlcpy(wbuf, p, sizeof wbuf); | 147 | if (strlcpy(wbuf, p, sizeof(wbuf)) >= sizeof(wbuf)) { |
138 | if (getcwd(resolved, MAXPATHLEN) == 0) | 148 | errno = ENAMETOOLONG; |
149 | goto err1; | ||
150 | } | ||
151 | if (getcwd(resolved, MAXPATHLEN) == NULL) | ||
139 | goto err1; | 152 | goto err1; |
140 | 153 | ||
141 | /* | 154 | /* |
@@ -149,23 +162,43 @@ loop: | |||
149 | 162 | ||
150 | if (*wbuf) { | 163 | if (*wbuf) { |
151 | if (strlen(resolved) + strlen(wbuf) + needslash >= MAXPATHLEN) { | 164 | if (strlen(resolved) + strlen(wbuf) + needslash >= MAXPATHLEN) { |
152 | serrno = ENAMETOOLONG; | 165 | errno = ENAMETOOLONG; |
166 | goto err1; | ||
167 | } | ||
168 | if (needslash) { | ||
169 | if (strlcat(resolved, "/", MAXPATHLEN) >= MAXPATHLEN) { | ||
170 | errno = ENAMETOOLONG; | ||
171 | goto err1; | ||
172 | } | ||
173 | } | ||
174 | if (strlcat(resolved, wbuf, MAXPATHLEN) >= MAXPATHLEN) { | ||
175 | errno = ENAMETOOLONG; | ||
153 | goto err1; | 176 | goto err1; |
154 | } | 177 | } |
155 | if (needslash) | ||
156 | strlcat(resolved, "/", MAXPATHLEN); | ||
157 | strlcat(resolved, wbuf, MAXPATHLEN); | ||
158 | } | 178 | } |
159 | 179 | ||
160 | /* Go back to where we came from. */ | 180 | /* Go back to where we came from. */ |
181 | #ifdef HAVE_FCHDIR | ||
182 | if (fchdir(fd) < 0) { | ||
183 | #else | ||
161 | if (chdir(start) < 0) { | 184 | if (chdir(start) < 0) { |
185 | #endif | ||
162 | serrno = errno; | 186 | serrno = errno; |
163 | goto err2; | 187 | goto err2; |
164 | } | 188 | } |
189 | |||
190 | /* It's okay if the close fails, what's an fd more or less? */ | ||
191 | (void)close(fd); | ||
165 | return (resolved); | 192 | return (resolved); |
166 | 193 | ||
167 | err1: chdir(start); | 194 | err1: serrno = errno; |
168 | err2: errno = serrno; | 195 | #ifdef HAVE_FCHDIR |
196 | (void)fchdir(fd); | ||
197 | #else | ||
198 | chdir(start); | ||
199 | #endif | ||
200 | err2: (void)close(fd); | ||
201 | errno = serrno; | ||
169 | return (NULL); | 202 | return (NULL); |
170 | } | 203 | } |
171 | #endif /* !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) */ | 204 | #endif /* !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) */ |
diff --git a/openbsd-compat/xmmap.c b/openbsd-compat/xmmap.c index c8d59dee0..74e8a8b13 100644 --- a/openbsd-compat/xmmap.c +++ b/openbsd-compat/xmmap.c | |||
@@ -23,7 +23,7 @@ | |||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | */ | 24 | */ |
25 | 25 | ||
26 | /* $Id: xmmap.c,v 1.5 2004/08/14 13:55:38 dtucker Exp $ */ | 26 | /* $Id: xmmap.c,v 1.6 2004/10/06 13:15:44 dtucker Exp $ */ |
27 | 27 | ||
28 | #include "includes.h" | 28 | #include "includes.h" |
29 | 29 | ||
@@ -47,7 +47,7 @@ void *xmmap(size_t size) | |||
47 | # endif | 47 | # endif |
48 | 48 | ||
49 | #define MM_SWAP_TEMPLATE "/var/run/sshd.mm.XXXXXXXX" | 49 | #define MM_SWAP_TEMPLATE "/var/run/sshd.mm.XXXXXXXX" |
50 | if (address == MAP_FAILED) { | 50 | if (address == (void *)MAP_FAILED) { |
51 | char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE; | 51 | char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE; |
52 | int tmpfd; | 52 | int tmpfd; |
53 | mode_t old_umask; | 53 | mode_t old_umask; |
@@ -37,7 +37,7 @@ | |||
37 | */ | 37 | */ |
38 | 38 | ||
39 | #include "includes.h" | 39 | #include "includes.h" |
40 | RCSID("$OpenBSD: packet.c,v 1.115 2004/06/21 17:36:31 avsm Exp $"); | 40 | RCSID("$OpenBSD: packet.c,v 1.116 2004/10/20 11:48:53 markus Exp $"); |
41 | 41 | ||
42 | #include "openbsd-compat/sys-queue.h" | 42 | #include "openbsd-compat/sys-queue.h" |
43 | 43 | ||
@@ -995,6 +995,8 @@ packet_read_poll1(void) | |||
995 | buffer_len(&compression_buffer)); | 995 | buffer_len(&compression_buffer)); |
996 | } | 996 | } |
997 | type = buffer_get_char(&incoming_packet); | 997 | type = buffer_get_char(&incoming_packet); |
998 | if (type < SSH_MSG_MIN || type > SSH_MSG_MAX) | ||
999 | packet_disconnect("Invalid ssh1 packet type: %d", type); | ||
998 | return type; | 1000 | return type; |
999 | } | 1001 | } |
1000 | 1002 | ||
@@ -1107,6 +1109,8 @@ packet_read_poll2(u_int32_t *seqnr_p) | |||
1107 | * return length of payload (without type field) | 1109 | * return length of payload (without type field) |
1108 | */ | 1110 | */ |
1109 | type = buffer_get_char(&incoming_packet); | 1111 | type = buffer_get_char(&incoming_packet); |
1112 | if (type < SSH2_MSG_MIN || type >= SSH2_MSG_LOCAL_MIN) | ||
1113 | packet_disconnect("Invalid ssh2 packet type: %d", type); | ||
1110 | if (type == SSH2_MSG_NEWKEYS) | 1114 | if (type == SSH2_MSG_NEWKEYS) |
1111 | set_newkeys(MODE_IN); | 1115 | set_newkeys(MODE_IN); |
1112 | #ifdef PACKET_DEBUG | 1116 | #ifdef PACKET_DEBUG |
diff --git a/readconf.c b/readconf.c index aca5b8eff..963b706aa 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: readconf.c,v 1.134 2004/07/11 17:48:47 deraadt Exp $"); | 15 | RCSID("$OpenBSD: readconf.c,v 1.137 2005/03/04 08:48:06 djm Exp $"); |
16 | 16 | ||
17 | #include "ssh.h" | 17 | #include "ssh.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -106,7 +106,7 @@ typedef enum { | |||
106 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, | 106 | oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, |
107 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, | 107 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
108 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, | 108 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
109 | oSendEnv, oControlPath, oControlMaster, | 109 | oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, |
110 | oProtocolKeepAlives, oSetupTimeOut, | 110 | oProtocolKeepAlives, oSetupTimeOut, |
111 | oDeprecated, oUnsupported | 111 | oDeprecated, oUnsupported |
112 | } OpCodes; | 112 | } OpCodes; |
@@ -198,6 +198,7 @@ static struct { | |||
198 | { "sendenv", oSendEnv }, | 198 | { "sendenv", oSendEnv }, |
199 | { "controlpath", oControlPath }, | 199 | { "controlpath", oControlPath }, |
200 | { "controlmaster", oControlMaster }, | 200 | { "controlmaster", oControlMaster }, |
201 | { "hashknownhosts", oHashKnownHosts }, | ||
201 | { "protocolkeepalives", oProtocolKeepAlives }, | 202 | { "protocolkeepalives", oProtocolKeepAlives }, |
202 | { "setuptimeout", oSetupTimeOut }, | 203 | { "setuptimeout", oSetupTimeOut }, |
203 | { NULL, oBadOption } | 204 | { NULL, oBadOption } |
@@ -209,21 +210,23 @@ static struct { | |||
209 | */ | 210 | */ |
210 | 211 | ||
211 | void | 212 | void |
212 | add_local_forward(Options *options, u_short port, const char *host, | 213 | add_local_forward(Options *options, const Forward *newfwd) |
213 | u_short host_port) | ||
214 | { | 214 | { |
215 | Forward *fwd; | 215 | Forward *fwd; |
216 | #ifndef NO_IPPORT_RESERVED_CONCEPT | 216 | #ifndef NO_IPPORT_RESERVED_CONCEPT |
217 | extern uid_t original_real_uid; | 217 | extern uid_t original_real_uid; |
218 | if (port < IPPORT_RESERVED && original_real_uid != 0) | 218 | if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) |
219 | fatal("Privileged ports can only be forwarded by root."); | 219 | fatal("Privileged ports can only be forwarded by root."); |
220 | #endif | 220 | #endif |
221 | if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) | 221 | if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
222 | fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); | 222 | fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); |
223 | fwd = &options->local_forwards[options->num_local_forwards++]; | 223 | fwd = &options->local_forwards[options->num_local_forwards++]; |
224 | fwd->port = port; | 224 | |
225 | fwd->host = xstrdup(host); | 225 | fwd->listen_host = (newfwd->listen_host == NULL) ? |
226 | fwd->host_port = host_port; | 226 | NULL : xstrdup(newfwd->listen_host); |
227 | fwd->listen_port = newfwd->listen_port; | ||
228 | fwd->connect_host = xstrdup(newfwd->connect_host); | ||
229 | fwd->connect_port = newfwd->connect_port; | ||
227 | } | 230 | } |
228 | 231 | ||
229 | /* | 232 | /* |
@@ -232,17 +235,19 @@ add_local_forward(Options *options, u_short port, const char *host, | |||
232 | */ | 235 | */ |
233 | 236 | ||
234 | void | 237 | void |
235 | add_remote_forward(Options *options, u_short port, const char *host, | 238 | add_remote_forward(Options *options, const Forward *newfwd) |
236 | u_short host_port) | ||
237 | { | 239 | { |
238 | Forward *fwd; | 240 | Forward *fwd; |
239 | if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) | 241 | if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) |
240 | fatal("Too many remote forwards (max %d).", | 242 | fatal("Too many remote forwards (max %d).", |
241 | SSH_MAX_FORWARDS_PER_DIRECTION); | 243 | SSH_MAX_FORWARDS_PER_DIRECTION); |
242 | fwd = &options->remote_forwards[options->num_remote_forwards++]; | 244 | fwd = &options->remote_forwards[options->num_remote_forwards++]; |
243 | fwd->port = port; | 245 | |
244 | fwd->host = xstrdup(host); | 246 | fwd->listen_host = (newfwd->listen_host == NULL) ? |
245 | fwd->host_port = host_port; | 247 | NULL : xstrdup(newfwd->listen_host); |
248 | fwd->listen_port = newfwd->listen_port; | ||
249 | fwd->connect_host = xstrdup(newfwd->connect_host); | ||
250 | fwd->connect_port = newfwd->connect_port; | ||
246 | } | 251 | } |
247 | 252 | ||
248 | static void | 253 | static void |
@@ -250,11 +255,15 @@ clear_forwardings(Options *options) | |||
250 | { | 255 | { |
251 | int i; | 256 | int i; |
252 | 257 | ||
253 | for (i = 0; i < options->num_local_forwards; i++) | 258 | for (i = 0; i < options->num_local_forwards; i++) { |
254 | xfree(options->local_forwards[i].host); | 259 | xfree(options->local_forwards[i].listen_host); |
260 | xfree(options->local_forwards[i].connect_host); | ||
261 | } | ||
255 | options->num_local_forwards = 0; | 262 | options->num_local_forwards = 0; |
256 | for (i = 0; i < options->num_remote_forwards; i++) | 263 | for (i = 0; i < options->num_remote_forwards; i++) { |
257 | xfree(options->remote_forwards[i].host); | 264 | xfree(options->remote_forwards[i].listen_host); |
265 | xfree(options->remote_forwards[i].connect_host); | ||
266 | } | ||
258 | options->num_remote_forwards = 0; | 267 | options->num_remote_forwards = 0; |
259 | } | 268 | } |
260 | 269 | ||
@@ -287,11 +296,10 @@ process_config_line(Options *options, const char *host, | |||
287 | char *line, const char *filename, int linenum, | 296 | char *line, const char *filename, int linenum, |
288 | int *activep) | 297 | int *activep) |
289 | { | 298 | { |
290 | char buf[256], *s, **charptr, *endofnumber, *keyword, *arg; | 299 | char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256]; |
291 | int opcode, *intptr, value; | 300 | int opcode, *intptr, value; |
292 | size_t len; | 301 | size_t len; |
293 | u_short fwd_port, fwd_host_port; | 302 | Forward fwd; |
294 | char sfwd_host_port[6]; | ||
295 | 303 | ||
296 | /* Strip trailing whitespace */ | 304 | /* Strip trailing whitespace */ |
297 | for(len = strlen(line) - 1; len > 0; len--) { | 305 | for(len = strlen(line) - 1; len > 0; len--) { |
@@ -648,30 +656,26 @@ parse_int: | |||
648 | case oLocalForward: | 656 | case oLocalForward: |
649 | case oRemoteForward: | 657 | case oRemoteForward: |
650 | arg = strdelim(&s); | 658 | arg = strdelim(&s); |
651 | if (!arg || *arg == '\0') | 659 | if (arg == NULL || *arg == '\0') |
652 | fatal("%.200s line %d: Missing port argument.", | 660 | fatal("%.200s line %d: Missing port argument.", |
653 | filename, linenum); | 661 | filename, linenum); |
654 | if ((fwd_port = a2port(arg)) == 0) | 662 | arg2 = strdelim(&s); |
655 | fatal("%.200s line %d: Bad listen port.", | 663 | if (arg2 == NULL || *arg2 == '\0') |
664 | fatal("%.200s line %d: Missing target argument.", | ||
656 | filename, linenum); | 665 | filename, linenum); |
657 | arg = strdelim(&s); | 666 | |
658 | if (!arg || *arg == '\0') | 667 | /* construct a string for parse_forward */ |
659 | fatal("%.200s line %d: Missing second argument.", | 668 | snprintf(fwdarg, sizeof(fwdarg), "%s:%s", arg, arg2); |
660 | filename, linenum); | 669 | |
661 | if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 && | 670 | if (parse_forward(&fwd, fwdarg) == 0) |
662 | sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2) | ||
663 | fatal("%.200s line %d: Bad forwarding specification.", | 671 | fatal("%.200s line %d: Bad forwarding specification.", |
664 | filename, linenum); | 672 | filename, linenum); |
665 | if ((fwd_host_port = a2port(sfwd_host_port)) == 0) | 673 | |
666 | fatal("%.200s line %d: Bad forwarding port.", | ||
667 | filename, linenum); | ||
668 | if (*activep) { | 674 | if (*activep) { |
669 | if (opcode == oLocalForward) | 675 | if (opcode == oLocalForward) |
670 | add_local_forward(options, fwd_port, buf, | 676 | add_local_forward(options, &fwd); |
671 | fwd_host_port); | ||
672 | else if (opcode == oRemoteForward) | 677 | else if (opcode == oRemoteForward) |
673 | add_remote_forward(options, fwd_port, buf, | 678 | add_remote_forward(options, &fwd); |
674 | fwd_host_port); | ||
675 | } | 679 | } |
676 | break; | 680 | break; |
677 | 681 | ||
@@ -680,12 +684,25 @@ parse_int: | |||
680 | if (!arg || *arg == '\0') | 684 | if (!arg || *arg == '\0') |
681 | fatal("%.200s line %d: Missing port argument.", | 685 | fatal("%.200s line %d: Missing port argument.", |
682 | filename, linenum); | 686 | filename, linenum); |
683 | fwd_port = a2port(arg); | 687 | memset(&fwd, '\0', sizeof(fwd)); |
684 | if (fwd_port == 0) | 688 | fwd.connect_host = "socks"; |
689 | fwd.listen_host = hpdelim(&arg); | ||
690 | if (fwd.listen_host == NULL || | ||
691 | strlen(fwd.listen_host) >= NI_MAXHOST) | ||
692 | fatal("%.200s line %d: Bad forwarding specification.", | ||
693 | filename, linenum); | ||
694 | if (arg) { | ||
695 | fwd.listen_port = a2port(arg); | ||
696 | fwd.listen_host = cleanhostname(fwd.listen_host); | ||
697 | } else { | ||
698 | fwd.listen_port = a2port(fwd.listen_host); | ||
699 | fwd.listen_host = ""; | ||
700 | } | ||
701 | if (fwd.listen_port == 0) | ||
685 | fatal("%.200s line %d: Badly formatted port number.", | 702 | fatal("%.200s line %d: Badly formatted port number.", |
686 | filename, linenum); | 703 | filename, linenum); |
687 | if (*activep) | 704 | if (*activep) |
688 | add_local_forward(options, fwd_port, "socks", 0); | 705 | add_local_forward(options, &fwd); |
689 | break; | 706 | break; |
690 | 707 | ||
691 | case oClearAllForwardings: | 708 | case oClearAllForwardings: |
@@ -762,6 +779,8 @@ parse_int: | |||
762 | if (strchr(arg, '=') != NULL) | 779 | if (strchr(arg, '=') != NULL) |
763 | fatal("%s line %d: Invalid environment name.", | 780 | fatal("%s line %d: Invalid environment name.", |
764 | filename, linenum); | 781 | filename, linenum); |
782 | if (!*activep) | ||
783 | continue; | ||
765 | if (options->num_send_env >= MAX_SEND_ENV) | 784 | if (options->num_send_env >= MAX_SEND_ENV) |
766 | fatal("%s line %d: too many send env.", | 785 | fatal("%s line %d: too many send env.", |
767 | filename, linenum); | 786 | filename, linenum); |
@@ -778,6 +797,10 @@ parse_int: | |||
778 | intptr = &options->control_master; | 797 | intptr = &options->control_master; |
779 | goto parse_yesnoask; | 798 | goto parse_yesnoask; |
780 | 799 | ||
800 | case oHashKnownHosts: | ||
801 | intptr = &options->hash_known_hosts; | ||
802 | goto parse_flag; | ||
803 | |||
781 | case oSetupTimeOut: | 804 | case oSetupTimeOut: |
782 | intptr = &options->setuptimeout; | 805 | intptr = &options->setuptimeout; |
783 | goto parse_int; | 806 | goto parse_int; |
@@ -926,6 +949,7 @@ initialize_options(Options * options) | |||
926 | options->num_send_env = 0; | 949 | options->num_send_env = 0; |
927 | options->control_path = NULL; | 950 | options->control_path = NULL; |
928 | options->control_master = -1; | 951 | options->control_master = -1; |
952 | options->hash_known_hosts = -1; | ||
929 | } | 953 | } |
930 | 954 | ||
931 | /* | 955 | /* |
@@ -1053,6 +1077,8 @@ fill_default_options(Options * options) | |||
1053 | options->server_alive_count_max = 3; | 1077 | options->server_alive_count_max = 3; |
1054 | if (options->control_master == -1) | 1078 | if (options->control_master == -1) |
1055 | options->control_master = 0; | 1079 | options->control_master = 0; |
1080 | if (options->hash_known_hosts == -1) | ||
1081 | options->hash_known_hosts = 0; | ||
1056 | if (options->setuptimeout == -1) { | 1082 | if (options->setuptimeout == -1) { |
1057 | /* in batch mode, default is 5mins */ | 1083 | /* in batch mode, default is 5mins */ |
1058 | if (options->batch_mode == 1) | 1084 | if (options->batch_mode == 1) |
@@ -1066,3 +1092,68 @@ fill_default_options(Options * options) | |||
1066 | /* options->host_key_alias should not be set by default */ | 1092 | /* options->host_key_alias should not be set by default */ |
1067 | /* options->preferred_authentications will be set in ssh */ | 1093 | /* options->preferred_authentications will be set in ssh */ |
1068 | } | 1094 | } |
1095 | |||
1096 | /* | ||
1097 | * parse_forward | ||
1098 | * parses a string containing a port forwarding specification of the form: | ||
1099 | * [listenhost:]listenport:connecthost:connectport | ||
1100 | * returns number of arguments parsed or zero on error | ||
1101 | */ | ||
1102 | int | ||
1103 | parse_forward(Forward *fwd, const char *fwdspec) | ||
1104 | { | ||
1105 | int i; | ||
1106 | char *p, *cp, *fwdarg[4]; | ||
1107 | |||
1108 | memset(fwd, '\0', sizeof(*fwd)); | ||
1109 | |||
1110 | cp = p = xstrdup(fwdspec); | ||
1111 | |||
1112 | /* skip leading spaces */ | ||
1113 | while (*cp && isspace(*cp)) | ||
1114 | cp++; | ||
1115 | |||
1116 | for (i = 0; i < 4; ++i) | ||
1117 | if ((fwdarg[i] = hpdelim(&cp)) == NULL) | ||
1118 | break; | ||
1119 | |||
1120 | /* Check for trailing garbage in 4-arg case*/ | ||
1121 | if (cp != NULL) | ||
1122 | i = 0; /* failure */ | ||
1123 | |||
1124 | switch (i) { | ||
1125 | case 3: | ||
1126 | fwd->listen_host = NULL; | ||
1127 | fwd->listen_port = a2port(fwdarg[0]); | ||
1128 | fwd->connect_host = xstrdup(cleanhostname(fwdarg[1])); | ||
1129 | fwd->connect_port = a2port(fwdarg[2]); | ||
1130 | break; | ||
1131 | |||
1132 | case 4: | ||
1133 | fwd->listen_host = xstrdup(cleanhostname(fwdarg[0])); | ||
1134 | fwd->listen_port = a2port(fwdarg[1]); | ||
1135 | fwd->connect_host = xstrdup(cleanhostname(fwdarg[2])); | ||
1136 | fwd->connect_port = a2port(fwdarg[3]); | ||
1137 | break; | ||
1138 | default: | ||
1139 | i = 0; /* failure */ | ||
1140 | } | ||
1141 | |||
1142 | xfree(p); | ||
1143 | |||
1144 | if (fwd->listen_port == 0 && fwd->connect_port == 0) | ||
1145 | goto fail_free; | ||
1146 | |||
1147 | if (fwd->connect_host != NULL && | ||
1148 | strlen(fwd->connect_host) >= NI_MAXHOST) | ||
1149 | goto fail_free; | ||
1150 | |||
1151 | return (i); | ||
1152 | |||
1153 | fail_free: | ||
1154 | if (fwd->connect_host != NULL) | ||
1155 | xfree(fwd->connect_host); | ||
1156 | if (fwd->listen_host != NULL) | ||
1157 | xfree(fwd->listen_host); | ||
1158 | return (0); | ||
1159 | } | ||
diff --git a/readconf.h b/readconf.h index 2f4908f4e..d26063a0b 100644 --- a/readconf.h +++ b/readconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.h,v 1.64 2004/07/11 17:48:47 deraadt Exp $ */ | 1 | /* $OpenBSD: readconf.h,v 1.66 2005/03/01 10:40:27 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -21,9 +21,10 @@ | |||
21 | /* Data structure for representing a forwarding request. */ | 21 | /* Data structure for representing a forwarding request. */ |
22 | 22 | ||
23 | typedef struct { | 23 | typedef struct { |
24 | u_short port; /* Port to forward. */ | 24 | char *listen_host; /* Host (address) to listen on. */ |
25 | char *host; /* Host to connect. */ | 25 | u_short listen_port; /* Port to forward. */ |
26 | u_short host_port; /* Port to connect on host. */ | 26 | char *connect_host; /* Host to connect. */ |
27 | u_short connect_port; /* Port to connect on connect_host. */ | ||
27 | } Forward; | 28 | } Forward; |
28 | /* Data structure for representing option data. */ | 29 | /* Data structure for representing option data. */ |
29 | 30 | ||
@@ -112,17 +113,20 @@ typedef struct { | |||
112 | 113 | ||
113 | char *control_path; | 114 | char *control_path; |
114 | int control_master; | 115 | int control_master; |
116 | |||
117 | int hash_known_hosts; | ||
115 | } Options; | 118 | } Options; |
116 | 119 | ||
117 | 120 | ||
118 | void initialize_options(Options *); | 121 | void initialize_options(Options *); |
119 | void fill_default_options(Options *); | 122 | void fill_default_options(Options *); |
120 | int read_config_file(const char *, const char *, Options *, int); | 123 | int read_config_file(const char *, const char *, Options *, int); |
124 | int parse_forward(Forward *, const char *); | ||
121 | 125 | ||
122 | int | 126 | int |
123 | process_config_line(Options *, const char *, char *, const char *, int, int *); | 127 | process_config_line(Options *, const char *, char *, const char *, int, int *); |
124 | 128 | ||
125 | void add_local_forward(Options *, u_short, const char *, u_short); | 129 | void add_local_forward(Options *, const Forward *); |
126 | void add_remote_forward(Options *, u_short, const char *, u_short); | 130 | void add_remote_forward(Options *, const Forward *); |
127 | 131 | ||
128 | #endif /* READCONF_H */ | 132 | #endif /* READCONF_H */ |
diff --git a/readpass.c b/readpass.c index eb4f6fdb6..c2bacdcd4 100644 --- a/readpass.c +++ b/readpass.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: readpass.c,v 1.30 2004/06/17 15:10:14 djm Exp $"); | 26 | RCSID("$OpenBSD: readpass.c,v 1.31 2004/10/29 22:53:56 djm Exp $"); |
27 | 27 | ||
28 | #include "xmalloc.h" | 28 | #include "xmalloc.h" |
29 | #include "misc.h" | 29 | #include "misc.h" |
@@ -141,3 +141,29 @@ read_passphrase(const char *prompt, int flags) | |||
141 | memset(buf, 'x', sizeof buf); | 141 | memset(buf, 'x', sizeof buf); |
142 | return ret; | 142 | return ret; |
143 | } | 143 | } |
144 | |||
145 | int | ||
146 | ask_permission(const char *fmt, ...) | ||
147 | { | ||
148 | va_list args; | ||
149 | char *p, prompt[1024]; | ||
150 | int allowed = 0; | ||
151 | |||
152 | va_start(args, fmt); | ||
153 | vsnprintf(prompt, sizeof(prompt), fmt, args); | ||
154 | va_end(args); | ||
155 | |||
156 | p = read_passphrase(prompt, RP_USE_ASKPASS|RP_ALLOW_EOF); | ||
157 | if (p != NULL) { | ||
158 | /* | ||
159 | * Accept empty responses and responses consisting | ||
160 | * of the word "yes" as affirmative. | ||
161 | */ | ||
162 | if (*p == '\0' || *p == '\n' || | ||
163 | strcasecmp(p, "yes") == 0) | ||
164 | allowed = 1; | ||
165 | xfree(p); | ||
166 | } | ||
167 | |||
168 | return (allowed); | ||
169 | } | ||
diff --git a/regress/Makefile b/regress/Makefile index 9e98e5880..4f47bc3fd 100644 --- a/regress/Makefile +++ b/regress/Makefile | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: Makefile,v 1.31 2004/06/24 19:32:00 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.36 2005/03/04 08:48:46 djm Exp $ |
2 | 2 | ||
3 | REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec | 3 | REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec |
4 | tests: $(REGRESS_TARGETS) | 4 | tests: $(REGRESS_TARGETS) |
@@ -34,20 +34,22 @@ LTESTS= connect \ | |||
34 | sftp-cmds \ | 34 | sftp-cmds \ |
35 | sftp-badcmds \ | 35 | sftp-badcmds \ |
36 | sftp-batch \ | 36 | sftp-batch \ |
37 | sftp-glob \ | ||
37 | reconfigure \ | 38 | reconfigure \ |
38 | dynamic-forward \ | 39 | dynamic-forward \ |
39 | forwarding \ | 40 | forwarding \ |
40 | multiplex \ | 41 | multiplex \ |
41 | reexec | 42 | reexec \ |
43 | brokenkeys | ||
42 | 44 | ||
43 | USER!= id -un | 45 | USER!= id -un |
44 | CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ | 46 | CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ |
45 | authorized_keys_${USER} known_hosts pidfile \ | 47 | authorized_keys_${USER} known_hosts pidfile \ |
46 | ssh_config ssh_proxy sshd_config sshd_proxy \ | 48 | ssh_config sshd_config.orig ssh_proxy sshd_config sshd_proxy \ |
47 | rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ | 49 | rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ |
48 | rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \ | 50 | rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \ |
49 | ls.copy banner.in banner.out empty.in \ | 51 | ls.copy banner.in banner.out empty.in \ |
50 | scp-ssh-wrapper.exe \ | 52 | scp-ssh-wrapper.scp ssh_proxy_envpass \ |
51 | remote_pid | 53 | remote_pid |
52 | 54 | ||
53 | #LTESTS += ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp | 55 | #LTESTS += ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp |
@@ -90,5 +92,5 @@ t-exec: ${LTESTS:=.sh} | |||
90 | @if [ "x$?" = "x" ]; then exit 0; fi; \ | 92 | @if [ "x$?" = "x" ]; then exit 0; fi; \ |
91 | for TEST in ""$?; do \ | 93 | for TEST in ""$?; do \ |
92 | echo "run test $${TEST}" ... 1>&2; \ | 94 | echo "run test $${TEST}" ... 1>&2; \ |
93 | (sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ | 95 | (env SUDO=${SUDO} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ |
94 | done | 96 | done |
diff --git a/regress/agent-ptrace.sh b/regress/agent-ptrace.sh index bd79d7cb8..4de2638e4 100644 --- a/regress/agent-ptrace.sh +++ b/regress/agent-ptrace.sh | |||
@@ -5,7 +5,7 @@ tid="disallow agent ptrace attach" | |||
5 | 5 | ||
6 | if have_prog uname ; then | 6 | if have_prog uname ; then |
7 | case `uname` in | 7 | case `uname` in |
8 | AIX|CYGWIN*) | 8 | AIX|CYGWIN*|OSF1) |
9 | echo "skipped (not supported on this platform)" | 9 | echo "skipped (not supported on this platform)" |
10 | exit 0 | 10 | exit 0 |
11 | ;; | 11 | ;; |
@@ -41,7 +41,7 @@ EOF | |||
41 | if [ $? -ne 0 ]; then | 41 | if [ $? -ne 0 ]; then |
42 | fail "gdb failed: exit code $?" | 42 | fail "gdb failed: exit code $?" |
43 | fi | 43 | fi |
44 | egrep 'ptrace: Operation not permitted.|procfs:.*Permission denied.|ttrace attach: Permission denied.' >/dev/null ${OBJ}/gdb.out | 44 | egrep 'ptrace: Operation not permitted.|procfs:.*Permission denied.|ttrace attach: Permission denied.|procfs:.*: Invalid argument.' >/dev/null ${OBJ}/gdb.out |
45 | r=$? | 45 | r=$? |
46 | rm -f ${OBJ}/gdb.out | 46 | rm -f ${OBJ}/gdb.out |
47 | if [ $r -ne 0 ]; then | 47 | if [ $r -ne 0 ]; then |
diff --git a/regress/brokenkeys.sh b/regress/brokenkeys.sh new file mode 100644 index 000000000..3e70c348a --- /dev/null +++ b/regress/brokenkeys.sh | |||
@@ -0,0 +1,23 @@ | |||
1 | # $OpenBSD: brokenkeys.sh,v 1.1 2004/10/29 23:59:22 djm Exp $ | ||
2 | # Placed in the Public Domain. | ||
3 | |||
4 | tid="broken keys" | ||
5 | |||
6 | KEYS="$OBJ/authorized_keys_${USER}" | ||
7 | |||
8 | start_sshd | ||
9 | |||
10 | mv ${KEYS} ${KEYS}.bak | ||
11 | |||
12 | # Truncated key | ||
13 | echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEABTM= bad key" > $KEYS | ||
14 | cat ${KEYS}.bak >> ${KEYS} | ||
15 | cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER | ||
16 | |||
17 | ${SSH} -2 -F $OBJ/ssh_config somehost true | ||
18 | if [ $? -ne 0 ]; then | ||
19 | fail "ssh connect with protocol $p failed" | ||
20 | fi | ||
21 | |||
22 | mv ${KEYS}.bak ${KEYS} | ||
23 | |||
diff --git a/regress/dynamic-forward.sh b/regress/dynamic-forward.sh index 392fc1978..4674a7baf 100644 --- a/regress/dynamic-forward.sh +++ b/regress/dynamic-forward.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: dynamic-forward.sh,v 1.3 2004/02/28 12:16:57 dtucker Exp $ | 1 | # $OpenBSD: dynamic-forward.sh,v 1.4 2004/06/22 22:55:56 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="dynamic forwarding" | 4 | tid="dynamic forwarding" |
@@ -44,4 +44,7 @@ for p in 1 2; do | |||
44 | else | 44 | else |
45 | fail "no pid file: $OBJ/remote_pid" | 45 | fail "no pid file: $OBJ/remote_pid" |
46 | fi | 46 | fi |
47 | |||
48 | # Must allow time for connection tear-down | ||
49 | sleep 2 | ||
47 | done | 50 | done |
diff --git a/regress/envpass.sh b/regress/envpass.sh index 5a7e178d8..af7eafe3d 100644 --- a/regress/envpass.sh +++ b/regress/envpass.sh | |||
@@ -1,13 +1,20 @@ | |||
1 | # $OpenBSD: envpass.sh,v 1.3 2004/06/22 22:42:02 dtucker Exp $ | 1 | # $OpenBSD: envpass.sh,v 1.4 2005/03/04 08:48:46 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="environment passing" | 4 | tid="environment passing" |
5 | 5 | ||
6 | # NB accepted env vars are in test-exec.sh (_XXX_TEST_* and _XXX_TEST) | 6 | # NB accepted env vars are in test-exec.sh (_XXX_TEST_* and _XXX_TEST) |
7 | 7 | ||
8 | # Prepare a custom config to test for a configuration parsing bug fixed in 4.0 | ||
9 | cat << EOF > $OBJ/ssh_proxy_envpass | ||
10 | Host test-sendenv-confparse-bug | ||
11 | SendEnv * | ||
12 | EOF | ||
13 | cat $OBJ/ssh_proxy >> $OBJ/ssh_proxy_envpass | ||
14 | |||
8 | trace "pass env, don't accept" | 15 | trace "pass env, don't accept" |
9 | verbose "test $tid: pass env, don't accept" | 16 | verbose "test $tid: pass env, don't accept" |
10 | _TEST_ENV=blah ${SSH} -oSendEnv="*" -F $OBJ/ssh_proxy otherhost \ | 17 | _TEST_ENV=blah ${SSH} -oSendEnv="*" -F $OBJ/ssh_proxy_envpass otherhost \ |
11 | sh << 'EOF' | 18 | sh << 'EOF' |
12 | test -z "$_TEST_ENV" | 19 | test -z "$_TEST_ENV" |
13 | EOF | 20 | EOF |
@@ -18,7 +25,7 @@ fi | |||
18 | 25 | ||
19 | trace "don't pass env, accept" | 26 | trace "don't pass env, accept" |
20 | verbose "test $tid: don't pass env, accept" | 27 | verbose "test $tid: don't pass env, accept" |
21 | ${SSH} -F $OBJ/ssh_proxy otherhost \ | 28 | _XXX_TEST_A=1 _XXX_TEST_B=2 ${SSH} -F $OBJ/ssh_proxy_envpass otherhost \ |
22 | sh << 'EOF' | 29 | sh << 'EOF' |
23 | test -z "$_XXX_TEST_A" && test -z "$_XXX_TEST_B" | 30 | test -z "$_XXX_TEST_A" && test -z "$_XXX_TEST_B" |
24 | EOF | 31 | EOF |
@@ -29,8 +36,8 @@ fi | |||
29 | 36 | ||
30 | trace "pass single env, accept single env" | 37 | trace "pass single env, accept single env" |
31 | verbose "test $tid: pass single env, accept single env" | 38 | verbose "test $tid: pass single env, accept single env" |
32 | _XXX_TEST=blah ${SSH} -oSendEnv="_XXX_TEST" -F $OBJ/ssh_proxy otherhost \ | 39 | _XXX_TEST=blah ${SSH} -oSendEnv="_XXX_TEST" -F $OBJ/ssh_proxy_envpass \ |
33 | sh << 'EOF' | 40 | otherhost sh << 'EOF' |
34 | test X"$_XXX_TEST" = X"blah" | 41 | test X"$_XXX_TEST" = X"blah" |
35 | EOF | 42 | EOF |
36 | r=$? | 43 | r=$? |
@@ -41,7 +48,7 @@ fi | |||
41 | trace "pass multiple env, accept multiple env" | 48 | trace "pass multiple env, accept multiple env" |
42 | verbose "test $tid: pass multiple env, accept multiple env" | 49 | verbose "test $tid: pass multiple env, accept multiple env" |
43 | _XXX_TEST_A=1 _XXX_TEST_B=2 ${SSH} -oSendEnv="_XXX_TEST_*" \ | 50 | _XXX_TEST_A=1 _XXX_TEST_B=2 ${SSH} -oSendEnv="_XXX_TEST_*" \ |
44 | -F $OBJ/ssh_proxy otherhost \ | 51 | -F $OBJ/ssh_proxy_envpass otherhost \ |
45 | sh << 'EOF' | 52 | sh << 'EOF' |
46 | test X"$_XXX_TEST_A" = X"1" -a X"$_XXX_TEST_B" = X"2" | 53 | test X"$_XXX_TEST_A" = X"1" -a X"$_XXX_TEST_B" = X"2" |
47 | EOF | 54 | EOF |
@@ -49,3 +56,5 @@ r=$? | |||
49 | if [ $r -ne 0 ]; then | 56 | if [ $r -ne 0 ]; then |
50 | fail "environment not found" | 57 | fail "environment not found" |
51 | fi | 58 | fi |
59 | |||
60 | rm -f $OBJ/ssh_proxy_envpass | ||
diff --git a/regress/login-timeout.sh b/regress/login-timeout.sh index ce6edade5..15a887f74 100644 --- a/regress/login-timeout.sh +++ b/regress/login-timeout.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: login-timeout.sh,v 1.3 2004/03/08 10:17:12 dtucker Exp $ | 1 | # $OpenBSD: login-timeout.sh,v 1.4 2005/02/27 23:13:36 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="connect after login grace timeout" | 4 | tid="connect after login grace timeout" |
@@ -8,7 +8,7 @@ echo "LoginGraceTime 10s" >> $OBJ/sshd_config | |||
8 | echo "MaxStartups 1" >> $OBJ/sshd_config | 8 | echo "MaxStartups 1" >> $OBJ/sshd_config |
9 | start_sshd | 9 | start_sshd |
10 | 10 | ||
11 | (echo SSH-2.0-fake; sleep 60) | telnet localhost ${PORT} >/dev/null 2>&1 & | 11 | (echo SSH-2.0-fake; sleep 60) | telnet 127.0.0.1 ${PORT} >/dev/null 2>&1 & |
12 | sleep 15 | 12 | sleep 15 |
13 | ${SSH} -F $OBJ/ssh_config somehost true | 13 | ${SSH} -F $OBJ/ssh_config somehost true |
14 | if [ $? -ne 0 ]; then | 14 | if [ $? -ne 0 ]; then |
@@ -21,7 +21,7 @@ trace "test login grace without privsep" | |||
21 | echo "UsePrivilegeSeparation no" >> $OBJ/sshd_config | 21 | echo "UsePrivilegeSeparation no" >> $OBJ/sshd_config |
22 | start_sshd | 22 | start_sshd |
23 | 23 | ||
24 | (echo SSH-2.0-fake; sleep 60) | telnet localhost ${PORT} >/dev/null 2>&1 & | 24 | (echo SSH-2.0-fake; sleep 60) | telnet 127.0.0.1 ${PORT} >/dev/null 2>&1 & |
25 | sleep 15 | 25 | sleep 15 |
26 | ${SSH} -F $OBJ/ssh_config somehost true | 26 | ${SSH} -F $OBJ/ssh_config somehost true |
27 | if [ $? -ne 0 ]; then | 27 | if [ $? -ne 0 ]; then |
diff --git a/regress/multiplex.sh b/regress/multiplex.sh index dbf2025be..e8cc1ac53 100644 --- a/regress/multiplex.sh +++ b/regress/multiplex.sh | |||
@@ -1,17 +1,28 @@ | |||
1 | # $OpenBSD: multiplex.sh,v 1.8 2004/06/22 03:12:13 markus Exp $ | 1 | # $OpenBSD: multiplex.sh,v 1.10 2005/02/27 11:33:30 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | CTL=$OBJ/ctl-sock | 4 | CTL=$OBJ/ctl-sock |
5 | 5 | ||
6 | tid="connection multiplexing" | 6 | tid="connection multiplexing" |
7 | 7 | ||
8 | if grep "#define.*DISABLE_FD_PASSING" ${BUILDDIR}/config.h >/dev/null 2>&1 | ||
9 | then | ||
10 | echo "skipped (not supported on this platform)" | ||
11 | exit 0 | ||
12 | fi | ||
13 | |||
8 | DATA=/bin/ls${EXEEXT} | 14 | DATA=/bin/ls${EXEEXT} |
9 | COPY=$OBJ/ls.copy | 15 | COPY=$OBJ/ls.copy |
16 | LOG=$TEST_SSH_LOGFILE | ||
10 | 17 | ||
11 | start_sshd | 18 | start_sshd |
12 | 19 | ||
13 | trace "start master, fork to background" | 20 | trace "start master, fork to background" |
14 | ${SSH} -2 -MS$CTL -F $OBJ/ssh_config -oSendEnv="_XXX_TEST" -f somehost sleep 120 | 21 | ${SSH} -Nn2 -MS$CTL -F $OBJ/ssh_config -oSendEnv="_XXX_TEST" somehost & |
22 | MASTER_PID=$! | ||
23 | |||
24 | # Wait for master to start and authenticate | ||
25 | sleep 5 | ||
15 | 26 | ||
16 | verbose "test $tid: envpass" | 27 | verbose "test $tid: envpass" |
17 | trace "env passing over multiplexed connection" | 28 | trace "env passing over multiplexed connection" |
@@ -38,13 +49,13 @@ cmp ${DATA} ${COPY} || fail "ssh -S ctl: corrupted copy of ${DATA}" | |||
38 | rm -f ${COPY} | 49 | rm -f ${COPY} |
39 | trace "sftp transfer over multiplexed connection and check result" | 50 | trace "sftp transfer over multiplexed connection and check result" |
40 | echo "get ${DATA} ${COPY}" | \ | 51 | echo "get ${DATA} ${COPY}" | \ |
41 | ${SFTP} -S ${SSH} -oControlPath=$CTL otherhost >/dev/null 2>&1 | 52 | ${SFTP} -S ${SSH} -oControlPath=$CTL otherhost >$LOG 2>&1 |
42 | test -f ${COPY} || fail "sftp: failed copy ${DATA}" | 53 | test -f ${COPY} || fail "sftp: failed copy ${DATA}" |
43 | cmp ${DATA} ${COPY} || fail "sftp: corrupted copy of ${DATA}" | 54 | cmp ${DATA} ${COPY} || fail "sftp: corrupted copy of ${DATA}" |
44 | 55 | ||
45 | rm -f ${COPY} | 56 | rm -f ${COPY} |
46 | trace "scp transfer over multiplexed connection and check result" | 57 | trace "scp transfer over multiplexed connection and check result" |
47 | ${SCP} -S ${SSH} -oControlPath=$CTL otherhost:${DATA} ${COPY} >/dev/null 2>&1 | 58 | ${SCP} -S ${SSH} -oControlPath=$CTL otherhost:${DATA} ${COPY} >$LOG 2>&1 |
48 | test -f ${COPY} || fail "scp: failed copy ${DATA}" | 59 | test -f ${COPY} || fail "scp: failed copy ${DATA}" |
49 | cmp ${DATA} ${COPY} || fail "scp: corrupted copy of ${DATA}" | 60 | cmp ${DATA} ${COPY} || fail "scp: corrupted copy of ${DATA}" |
50 | 61 | ||
@@ -69,6 +80,15 @@ for s in 0 1 4 5 44; do | |||
69 | fi | 80 | fi |
70 | done | 81 | done |
71 | 82 | ||
72 | # kill master, remove control socket. ssh -MS will exit when sleep exits | 83 | trace "test check command" |
73 | $SUDO kill `cat $PIDFILE` | 84 | ${SSH} -S $CTL -Ocheck otherhost || fail "check command failed" |
74 | rm -f $CTL | 85 | |
86 | trace "test exit command" | ||
87 | ${SSH} -S $CTL -Oexit otherhost || fail "send exit command failed" | ||
88 | |||
89 | # Wait for master to exit | ||
90 | sleep 2 | ||
91 | |||
92 | ps -p $MASTER_PID >/dev/null && fail "exit command failed" | ||
93 | |||
94 | cleanup | ||
diff --git a/regress/reexec.sh b/regress/reexec.sh index 39fffefbc..d69b8c577 100644 --- a/regress/reexec.sh +++ b/regress/reexec.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: reexec.sh,v 1.3 2004/06/25 01:32:44 djm Exp $ | 1 | # $OpenBSD: reexec.sh,v 1.5 2004/10/08 02:01:50 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="reexec tests" | 4 | tid="reexec tests" |
@@ -6,36 +6,40 @@ tid="reexec tests" | |||
6 | DATA=/bin/ls | 6 | DATA=/bin/ls |
7 | COPY=${OBJ}/copy | 7 | COPY=${OBJ}/copy |
8 | SSHD_ORIG=$SSHD | 8 | SSHD_ORIG=$SSHD |
9 | SSHD_COPY=$OBJ/sshd.copy | 9 | SSHD_COPY=$OBJ/sshd |
10 | 10 | ||
11 | # Start a sshd and then delete it | 11 | # Start a sshd and then delete it |
12 | start_sshd_copy_zap () | 12 | start_sshd_copy () |
13 | { | 13 | { |
14 | cp $SSHD_ORIG $SSHD_COPY | 14 | cp $SSHD_ORIG $SSHD_COPY |
15 | SSHD=$SSHD_COPY | 15 | SSHD=$SSHD_COPY |
16 | start_sshd | 16 | start_sshd |
17 | rm -f $SSHD_COPY | ||
18 | SSHD=$SSHD_ORIG | 17 | SSHD=$SSHD_ORIG |
19 | } | 18 | } |
20 | 19 | ||
20 | # Do basic copy tests | ||
21 | copy_tests () | ||
22 | { | ||
23 | rm -f ${COPY} | ||
24 | for p in 1 2; do | ||
25 | verbose "$tid: proto $p" | ||
26 | ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ | ||
27 | cat ${DATA} > ${COPY} | ||
28 | if [ $? -ne 0 ]; then | ||
29 | fail "ssh cat $DATA failed" | ||
30 | fi | ||
31 | cmp ${DATA} ${COPY} || fail "corrupted copy" | ||
32 | rm -f ${COPY} | ||
33 | done | ||
34 | } | ||
35 | |||
21 | verbose "test config passing" | 36 | verbose "test config passing" |
22 | cp $OBJ/sshd_config $OBJ/sshd_config.orig | ||
23 | 37 | ||
38 | cp $OBJ/sshd_config $OBJ/sshd_config.orig | ||
24 | start_sshd | 39 | start_sshd |
25 | |||
26 | echo "InvalidXXX=no" >> $OBJ/sshd_config | 40 | echo "InvalidXXX=no" >> $OBJ/sshd_config |
27 | 41 | ||
28 | rm -f ${COPY} | 42 | copy_tests |
29 | for p in 1 2; do | ||
30 | verbose "$tid: proto $p" | ||
31 | ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ | ||
32 | cat ${DATA} > ${COPY} | ||
33 | if [ $? -ne 0 ]; then | ||
34 | fail "ssh cat $DATA failed" | ||
35 | fi | ||
36 | cmp ${DATA} ${COPY} || fail "corrupted copy" | ||
37 | rm -f ${COPY} | ||
38 | done | ||
39 | 43 | ||
40 | $SUDO kill `cat $PIDFILE` | 44 | $SUDO kill `cat $PIDFILE` |
41 | rm -f $PIDFILE | 45 | rm -f $PIDFILE |
@@ -44,19 +48,10 @@ cp $OBJ/sshd_config.orig $OBJ/sshd_config | |||
44 | 48 | ||
45 | verbose "test reexec fallback" | 49 | verbose "test reexec fallback" |
46 | 50 | ||
47 | start_sshd_copy_zap | 51 | start_sshd_copy |
48 | 52 | rm -f $SSHD_COPY | |
49 | rm -f ${COPY} | 53 | |
50 | for p in 1 2; do | 54 | copy_tests |
51 | verbose "$tid: proto $p" | ||
52 | ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ | ||
53 | cat ${DATA} > ${COPY} | ||
54 | if [ $? -ne 0 ]; then | ||
55 | fail "ssh cat $DATA failed" | ||
56 | fi | ||
57 | cmp ${DATA} ${COPY} || fail "corrupted copy" | ||
58 | rm -f ${COPY} | ||
59 | done | ||
60 | 55 | ||
61 | $SUDO kill `cat $PIDFILE` | 56 | $SUDO kill `cat $PIDFILE` |
62 | rm -f $PIDFILE | 57 | rm -f $PIDFILE |
@@ -66,22 +61,12 @@ verbose "test reexec fallback without privsep" | |||
66 | cp $OBJ/sshd_config.orig $OBJ/sshd_config | 61 | cp $OBJ/sshd_config.orig $OBJ/sshd_config |
67 | echo "UsePrivilegeSeparation=no" >> $OBJ/sshd_config | 62 | echo "UsePrivilegeSeparation=no" >> $OBJ/sshd_config |
68 | 63 | ||
69 | start_sshd_copy_zap | 64 | start_sshd_copy |
70 | 65 | rm -f $SSHD_COPY | |
71 | rm -f ${COPY} | 66 | |
72 | for p in 1 2; do | 67 | copy_tests |
73 | verbose "$tid: proto $p" | ||
74 | ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ | ||
75 | cat ${DATA} > ${COPY} | ||
76 | if [ $? -ne 0 ]; then | ||
77 | fail "ssh cat $DATA failed" | ||
78 | fi | ||
79 | cmp ${DATA} ${COPY} || fail "corrupted copy" | ||
80 | rm -f ${COPY} | ||
81 | done | ||
82 | 68 | ||
83 | $SUDO kill `cat $PIDFILE` | 69 | $SUDO kill `cat $PIDFILE` |
84 | rm -f $PIDFILE | 70 | rm -f $PIDFILE |
85 | 71 | ||
86 | cp $OBJ/sshd_config.orig $OBJ/sshd_config | ||
87 | 72 | ||
diff --git a/regress/rekey.sh b/regress/rekey.sh index 6b7e845ec..3c5f266fc 100644 --- a/regress/rekey.sh +++ b/regress/rekey.sh | |||
@@ -8,6 +8,7 @@ COPY=${OBJ}/copy | |||
8 | LOG=${OBJ}/log | 8 | LOG=${OBJ}/log |
9 | 9 | ||
10 | rm -f ${COPY} ${LOG} ${DATA} | 10 | rm -f ${COPY} ${LOG} ${DATA} |
11 | touch ${DATA} | ||
11 | dd if=/bin/ls${EXEEXT} of=${DATA} bs=1k seek=511 count=1 > /dev/null 2>&1 | 12 | dd if=/bin/ls${EXEEXT} of=${DATA} bs=1k seek=511 count=1 > /dev/null 2>&1 |
12 | 13 | ||
13 | for s in 16 1k 128k 256k; do | 14 | for s in 16 1k 128k 256k; do |
diff --git a/regress/scp.sh b/regress/scp.sh index 703cc0893..c3034b6e7 100644 --- a/regress/scp.sh +++ b/regress/scp.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: scp.sh,v 1.2 2004/06/16 13:15:09 dtucker Exp $ | 1 | # $OpenBSD: scp.sh,v 1.3 2004/07/08 12:59:35 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | tid="scp" | 4 | tid="scp" |
@@ -12,16 +12,16 @@ else | |||
12 | DIFFOPT="-r" | 12 | DIFFOPT="-r" |
13 | fi | 13 | fi |
14 | 14 | ||
15 | DATA=/bin/ls | 15 | DATA=/bin/ls${EXEEXT} |
16 | COPY=${OBJ}/copy | 16 | COPY=${OBJ}/copy |
17 | COPY2=${OBJ}/copy2 | 17 | COPY2=${OBJ}/copy2 |
18 | DIR=${COPY}.dd | 18 | DIR=${COPY}.dd |
19 | DIR2=${COPY}.dd2 | 19 | DIR2=${COPY}.dd2 |
20 | 20 | ||
21 | SRC=`dirname ${SCRIPT}` | 21 | SRC=`dirname ${SCRIPT}` |
22 | cp ${SRC}/scp-ssh-wrapper.sh ${OBJ}/scp-ssh-wrapper.exe | 22 | cp ${SRC}/scp-ssh-wrapper.sh ${OBJ}/scp-ssh-wrapper.scp |
23 | chmod 755 ${OBJ}/scp-ssh-wrapper.exe | 23 | chmod 755 ${OBJ}/scp-ssh-wrapper.scp |
24 | scpopts="-q -S ${OBJ}/scp-ssh-wrapper.exe" | 24 | scpopts="-q -S ${OBJ}/scp-ssh-wrapper.scp" |
25 | 25 | ||
26 | scpclean() { | 26 | scpclean() { |
27 | rm -rf ${COPY} ${COPY2} ${DIR} ${DIR2} | 27 | rm -rf ${COPY} ${COPY2} ${DIR} ${DIR2} |
@@ -64,6 +64,19 @@ cp ${DATA} ${DIR}/copy | |||
64 | $SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed" | 64 | $SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed" |
65 | diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" | 65 | diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" |
66 | 66 | ||
67 | if [ ! -z "$SUDO" ]; then | ||
68 | verbose "$tid: skipped file after scp -p with failed chown+utimes" | ||
69 | scpclean | ||
70 | cp -p ${DATA} ${DIR}/copy | ||
71 | cp -p ${DATA} ${DIR}/copy2 | ||
72 | cp ${DATA} ${DIR2}/copy | ||
73 | chmod 660 ${DIR2}/copy | ||
74 | $SUDO chown root ${DIR2}/copy | ||
75 | $SCP -p $scpopts somehost:${DIR}/\* ${DIR2} >/dev/null 2>&1 | ||
76 | diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" | ||
77 | $SUDO rm ${DIR2}/copy | ||
78 | fi | ||
79 | |||
67 | for i in 0 1 2 3 4; do | 80 | for i in 0 1 2 3 4; do |
68 | verbose "$tid: disallow bad server #$i" | 81 | verbose "$tid: disallow bad server #$i" |
69 | SCPTESTMODE=badserver_$i | 82 | SCPTESTMODE=badserver_$i |
@@ -79,4 +92,4 @@ for i in 0 1 2 3 4; do | |||
79 | done | 92 | done |
80 | 93 | ||
81 | scpclean | 94 | scpclean |
82 | rm -f ${OBJ}/scp-ssh-wrapper.exe | 95 | rm -f ${OBJ}/scp-ssh-wrapper.scp |
diff --git a/regress/sftp-glob.sh b/regress/sftp-glob.sh new file mode 100644 index 000000000..e238356a2 --- /dev/null +++ b/regress/sftp-glob.sh | |||
@@ -0,0 +1,28 @@ | |||
1 | # $OpenBSD: sftp-glob.sh,v 1.1 2004/12/10 01:31:30 fgsch Exp $ | ||
2 | # Placed in the Public Domain. | ||
3 | |||
4 | tid="sftp glob" | ||
5 | |||
6 | BASE=${OBJ}/glob | ||
7 | DIR=${BASE}/dir | ||
8 | DATA=${DIR}/file | ||
9 | |||
10 | rm -rf ${BASE} | ||
11 | mkdir -p ${DIR} | ||
12 | touch ${DATA} | ||
13 | |||
14 | verbose "$tid: ls file" | ||
15 | echo "ls -l ${DIR}/fil*" | ${SFTP} -P ${SFTPSERVER} 2>/dev/null | \ | ||
16 | grep ${DATA} >/dev/null 2>&1 | ||
17 | if [ $? -ne 0 ]; then | ||
18 | fail "globbed ls file failed" | ||
19 | fi | ||
20 | |||
21 | verbose "$tid: ls dir" | ||
22 | echo "ls -l ${BASE}/d*" | ${SFTP} -P ${SFTPSERVER} 2>/dev/null | \ | ||
23 | grep file >/dev/null 2>&1 | ||
24 | if [ $? -ne 0 ]; then | ||
25 | fail "globbed ls dir failed" | ||
26 | fi | ||
27 | |||
28 | rm -rf ${BASE} | ||
diff --git a/regress/sshd-log-wrapper.sh b/regress/sshd-log-wrapper.sh new file mode 100644 index 000000000..c7a5ef3a6 --- /dev/null +++ b/regress/sshd-log-wrapper.sh | |||
@@ -0,0 +1,13 @@ | |||
1 | #!/bin/sh | ||
2 | # $OpenBSD: sshd-log-wrapper.sh,v 1.2 2005/02/27 11:40:30 dtucker Exp $ | ||
3 | # Placed in the Public Domain. | ||
4 | # | ||
5 | # simple wrapper for sshd proxy mode to catch stderr output | ||
6 | # sh sshd-log-wrapper.sh /path/to/sshd /path/to/logfile | ||
7 | |||
8 | sshd=$1 | ||
9 | log=$2 | ||
10 | shift | ||
11 | shift | ||
12 | |||
13 | exec $sshd $@ -e 2>>$log | ||
diff --git a/regress/test-exec.sh b/regress/test-exec.sh index 70250acd7..4e53449be 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh | |||
@@ -1,8 +1,19 @@ | |||
1 | # $OpenBSD: test-exec.sh,v 1.23 2004/06/25 01:25:12 djm Exp $ | 1 | # $OpenBSD: test-exec.sh,v 1.27 2005/02/27 11:33:30 dtucker Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | #SUDO=sudo | 4 | #SUDO=sudo |
5 | 5 | ||
6 | # Unbreak GNU head(1) | ||
7 | _POSIX2_VERSION=199209 | ||
8 | export _POSIX2_VERSION | ||
9 | |||
10 | case `uname -s 2>/dev/null` in | ||
11 | OSF1*) | ||
12 | BIN_SH=xpg4 | ||
13 | export BIN_SH | ||
14 | ;; | ||
15 | esac | ||
16 | |||
6 | if [ ! -z "$TEST_SSH_PORT" ]; then | 17 | if [ ! -z "$TEST_SSH_PORT" ]; then |
7 | PORT="$TEST_SSH_PORT" | 18 | PORT="$TEST_SSH_PORT" |
8 | else | 19 | else |
@@ -43,6 +54,8 @@ else | |||
43 | fi | 54 | fi |
44 | unset SSH_AUTH_SOCK | 55 | unset SSH_AUTH_SOCK |
45 | 56 | ||
57 | SRC=`dirname ${SCRIPT}` | ||
58 | |||
46 | # defaults | 59 | # defaults |
47 | SSH=ssh | 60 | SSH=ssh |
48 | SSHD=sshd | 61 | SSHD=sshd |
@@ -83,7 +96,13 @@ if [ "x$TEST_SSH_SCP" != "x" ]; then | |||
83 | fi | 96 | fi |
84 | 97 | ||
85 | # Path to sshd must be absolute for rexec | 98 | # Path to sshd must be absolute for rexec |
86 | SSHD=`which sshd` | 99 | if [ ! -x /$SSHD ]; then |
100 | SSHD=`which sshd` | ||
101 | fi | ||
102 | |||
103 | if [ "x$TEST_SSH_LOGFILE" = "x" ]; then | ||
104 | TEST_SSH_LOGFILE=/dev/null | ||
105 | fi | ||
87 | 106 | ||
88 | # these should be used in tests | 107 | # these should be used in tests |
89 | export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP | 108 | export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP |
@@ -134,6 +153,7 @@ cleanup () | |||
134 | 153 | ||
135 | trace () | 154 | trace () |
136 | { | 155 | { |
156 | echo "trace: $@" >>$TEST_SSH_LOGFILE | ||
137 | if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then | 157 | if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then |
138 | echo "$@" | 158 | echo "$@" |
139 | fi | 159 | fi |
@@ -141,6 +161,7 @@ trace () | |||
141 | 161 | ||
142 | verbose () | 162 | verbose () |
143 | { | 163 | { |
164 | echo "verbose: $@" >>$TEST_SSH_LOGFILE | ||
144 | if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then | 165 | if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then |
145 | echo "$@" | 166 | echo "$@" |
146 | fi | 167 | fi |
@@ -149,12 +170,14 @@ verbose () | |||
149 | 170 | ||
150 | fail () | 171 | fail () |
151 | { | 172 | { |
173 | echo "FAIL: $@" >>$TEST_SSH_LOGFILE | ||
152 | RESULT=1 | 174 | RESULT=1 |
153 | echo "$@" | 175 | echo "$@" |
154 | } | 176 | } |
155 | 177 | ||
156 | fatal () | 178 | fatal () |
157 | { | 179 | { |
180 | echo "FATAL: $@" >>$TEST_SSH_LOGFILE | ||
158 | echon "FATAL: " | 181 | echon "FATAL: " |
159 | fail "$@" | 182 | fail "$@" |
160 | cleanup | 183 | cleanup |
@@ -174,7 +197,7 @@ cat << EOF > $OBJ/sshd_config | |||
174 | #ListenAddress ::1 | 197 | #ListenAddress ::1 |
175 | PidFile $PIDFILE | 198 | PidFile $PIDFILE |
176 | AuthorizedKeysFile $OBJ/authorized_keys_%u | 199 | AuthorizedKeysFile $OBJ/authorized_keys_%u |
177 | LogLevel QUIET | 200 | LogLevel DEBUG |
178 | AcceptEnv _XXX_TEST_* | 201 | AcceptEnv _XXX_TEST_* |
179 | AcceptEnv _XXX_TEST | 202 | AcceptEnv _XXX_TEST |
180 | Subsystem sftp $SFTPSERVER | 203 | Subsystem sftp $SFTPSERVER |
@@ -205,7 +228,6 @@ Host * | |||
205 | ChallengeResponseAuthentication no | 228 | ChallengeResponseAuthentication no |
206 | HostbasedAuthentication no | 229 | HostbasedAuthentication no |
207 | PasswordAuthentication no | 230 | PasswordAuthentication no |
208 | RhostsRSAAuthentication no | ||
209 | BatchMode yes | 231 | BatchMode yes |
210 | StrictHostKeyChecking yes | 232 | StrictHostKeyChecking yes |
211 | EOF | 233 | EOF |
@@ -246,7 +268,7 @@ chmod 644 $OBJ/authorized_keys_$USER | |||
246 | # create a proxy version of the client config | 268 | # create a proxy version of the client config |
247 | ( | 269 | ( |
248 | cat $OBJ/ssh_config | 270 | cat $OBJ/ssh_config |
249 | echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy | 271 | echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy |
250 | ) > $OBJ/ssh_proxy | 272 | ) > $OBJ/ssh_proxy |
251 | 273 | ||
252 | # check proxy config | 274 | # check proxy config |
@@ -256,7 +278,7 @@ start_sshd () | |||
256 | { | 278 | { |
257 | # start sshd | 279 | # start sshd |
258 | $SUDO ${SSHD} -f $OBJ/sshd_config -t || fatal "sshd_config broken" | 280 | $SUDO ${SSHD} -f $OBJ/sshd_config -t || fatal "sshd_config broken" |
259 | $SUDO ${SSHD} -f $OBJ/sshd_config | 281 | $SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1 |
260 | 282 | ||
261 | trace "wait for sshd" | 283 | trace "wait for sshd" |
262 | i=0; | 284 | i=0; |
@@ -73,6 +73,7 @@ DESCRIPTION | |||
73 | GlobalKnownHostsFile | 73 | GlobalKnownHostsFile |
74 | GSSAPIAuthentication | 74 | GSSAPIAuthentication |
75 | GSSAPIDelegateCredentials | 75 | GSSAPIDelegateCredentials |
76 | HashKnownHosts | ||
76 | Host | 77 | Host |
77 | HostbasedAuthentication | 78 | HostbasedAuthentication |
78 | HostKeyAlgorithms | 79 | HostKeyAlgorithms |
@@ -80,6 +81,7 @@ DESCRIPTION | |||
80 | HostName | 81 | HostName |
81 | IdentityFile | 82 | IdentityFile |
82 | IdentitiesOnly | 83 | IdentitiesOnly |
84 | KbdInteractiveDevices | ||
83 | LogLevel | 85 | LogLevel |
84 | MACs | 86 | MACs |
85 | NoHostAuthenticationForLocalhost | 87 | NoHostAuthenticationForLocalhost |
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sun May 7 00:14:37 1995 ylo | 10 | .\" Created: Sun May 7 00:14:37 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $OpenBSD: scp.1,v 1.36 2004/06/13 15:03:02 djm Exp $ | 12 | .\" $OpenBSD: scp.1,v 1.38 2005/03/01 17:19:35 jmc Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SCP 1 | 15 | .Dt SCP 1 |
@@ -133,6 +133,7 @@ For full details of the options listed below, and their possible values, see | |||
133 | .It GlobalKnownHostsFile | 133 | .It GlobalKnownHostsFile |
134 | .It GSSAPIAuthentication | 134 | .It GSSAPIAuthentication |
135 | .It GSSAPIDelegateCredentials | 135 | .It GSSAPIDelegateCredentials |
136 | .It HashKnownHosts | ||
136 | .It Host | 137 | .It Host |
137 | .It HostbasedAuthentication | 138 | .It HostbasedAuthentication |
138 | .It HostKeyAlgorithms | 139 | .It HostKeyAlgorithms |
@@ -140,6 +141,7 @@ For full details of the options listed below, and their possible values, see | |||
140 | .It HostName | 141 | .It HostName |
141 | .It IdentityFile | 142 | .It IdentityFile |
142 | .It IdentitiesOnly | 143 | .It IdentitiesOnly |
144 | .It KbdInteractiveDevices | ||
143 | .It LogLevel | 145 | .It LogLevel |
144 | .It MACs | 146 | .It MACs |
145 | .It NoHostAuthenticationForLocalhost | 147 | .It NoHostAuthenticationForLocalhost |
@@ -71,7 +71,7 @@ | |||
71 | */ | 71 | */ |
72 | 72 | ||
73 | #include "includes.h" | 73 | #include "includes.h" |
74 | RCSID("$OpenBSD: scp.c,v 1.117 2004/08/11 21:44:32 avsm Exp $"); | 74 | RCSID("$OpenBSD: scp.c,v 1.119 2005/01/24 10:22:06 dtucker Exp $"); |
75 | 75 | ||
76 | #include "xmalloc.h" | 76 | #include "xmalloc.h" |
77 | #include "atomicio.h" | 77 | #include "atomicio.h" |
@@ -108,8 +108,10 @@ pid_t do_cmd_pid = -1; | |||
108 | static void | 108 | static void |
109 | killchild(int signo) | 109 | killchild(int signo) |
110 | { | 110 | { |
111 | if (do_cmd_pid > 1) | 111 | if (do_cmd_pid > 1) { |
112 | kill(do_cmd_pid, signo); | 112 | kill(do_cmd_pid, signo); |
113 | waitpid(do_cmd_pid, NULL, 0); | ||
114 | } | ||
113 | 115 | ||
114 | _exit(1); | 116 | _exit(1); |
115 | } | 117 | } |
@@ -726,7 +728,7 @@ sink(int argc, char **argv) | |||
726 | 728 | ||
727 | #define atime tv[0] | 729 | #define atime tv[0] |
728 | #define mtime tv[1] | 730 | #define mtime tv[1] |
729 | #define SCREWUP(str) do { why = str; goto screwup; } while (0) | 731 | #define SCREWUP(str) { why = str; goto screwup; } |
730 | 732 | ||
731 | setimes = targisdir = 0; | 733 | setimes = targisdir = 0; |
732 | mask = umask(0); | 734 | mask = umask(0); |
diff --git a/servconf.c b/servconf.c index fae3c658e..2d1a0c362 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -10,7 +10,7 @@ | |||
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include "includes.h" | 12 | #include "includes.h" |
13 | RCSID("$OpenBSD: servconf.c,v 1.137 2004/08/13 11:09:24 dtucker Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.139 2005/03/01 10:09:52 djm Exp $"); |
14 | 14 | ||
15 | #include "ssh.h" | 15 | #include "ssh.h" |
16 | #include "log.h" | 16 | #include "log.h" |
@@ -26,8 +26,6 @@ RCSID("$OpenBSD: servconf.c,v 1.137 2004/08/13 11:09:24 dtucker Exp $"); | |||
26 | static void add_listen_addr(ServerOptions *, char *, u_short); | 26 | static void add_listen_addr(ServerOptions *, char *, u_short); |
27 | static void add_one_listen_addr(ServerOptions *, char *, u_short); | 27 | static void add_one_listen_addr(ServerOptions *, char *, u_short); |
28 | 28 | ||
29 | /* AF_UNSPEC or AF_INET or AF_INET6 */ | ||
30 | extern int IPv4or6; | ||
31 | /* Use of privilege separation or not */ | 29 | /* Use of privilege separation or not */ |
32 | extern int use_privsep; | 30 | extern int use_privsep; |
33 | 31 | ||
@@ -45,6 +43,7 @@ initialize_server_options(ServerOptions *options) | |||
45 | options->num_ports = 0; | 43 | options->num_ports = 0; |
46 | options->ports_from_cmdline = 0; | 44 | options->ports_from_cmdline = 0; |
47 | options->listen_addrs = NULL; | 45 | options->listen_addrs = NULL; |
46 | options->address_family = -1; | ||
48 | options->num_host_key_files = 0; | 47 | options->num_host_key_files = 0; |
49 | options->pid_file = NULL; | 48 | options->pid_file = NULL; |
50 | options->server_key_bits = -1; | 49 | options->server_key_bits = -1; |
@@ -258,7 +257,8 @@ typedef enum { | |||
258 | sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, | 257 | sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, |
259 | sKerberosGetAFSToken, | 258 | sKerberosGetAFSToken, |
260 | sKerberosTgtPassing, sChallengeResponseAuthentication, | 259 | sKerberosTgtPassing, sChallengeResponseAuthentication, |
261 | sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, | 260 | sPasswordAuthentication, sKbdInteractiveAuthentication, |
261 | sListenAddress, sAddressFamily, | ||
262 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, | 262 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
263 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, | 263 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
264 | sStrictModes, sEmptyPasswd, sTCPKeepAlive, | 264 | sStrictModes, sEmptyPasswd, sTCPKeepAlive, |
@@ -335,6 +335,7 @@ static struct { | |||
335 | { "skeyauthentication", sChallengeResponseAuthentication }, /* alias */ | 335 | { "skeyauthentication", sChallengeResponseAuthentication }, /* alias */ |
336 | { "checkmail", sDeprecated }, | 336 | { "checkmail", sDeprecated }, |
337 | { "listenaddress", sListenAddress }, | 337 | { "listenaddress", sListenAddress }, |
338 | { "addressfamily", sAddressFamily }, | ||
338 | { "printmotd", sPrintMotd }, | 339 | { "printmotd", sPrintMotd }, |
339 | { "printlastlog", sPrintLastLog }, | 340 | { "printlastlog", sPrintLastLog }, |
340 | { "ignorerhosts", sIgnoreRhosts }, | 341 | { "ignorerhosts", sIgnoreRhosts }, |
@@ -401,6 +402,8 @@ add_listen_addr(ServerOptions *options, char *addr, u_short port) | |||
401 | 402 | ||
402 | if (options->num_ports == 0) | 403 | if (options->num_ports == 0) |
403 | options->ports[options->num_ports++] = SSH_DEFAULT_PORT; | 404 | options->ports[options->num_ports++] = SSH_DEFAULT_PORT; |
405 | if (options->address_family == -1) | ||
406 | options->address_family = AF_UNSPEC; | ||
404 | if (port == 0) | 407 | if (port == 0) |
405 | for (i = 0; i < options->num_ports; i++) | 408 | for (i = 0; i < options->num_ports; i++) |
406 | add_one_listen_addr(options, addr, options->ports[i]); | 409 | add_one_listen_addr(options, addr, options->ports[i]); |
@@ -416,7 +419,7 @@ add_one_listen_addr(ServerOptions *options, char *addr, u_short port) | |||
416 | int gaierr; | 419 | int gaierr; |
417 | 420 | ||
418 | memset(&hints, 0, sizeof(hints)); | 421 | memset(&hints, 0, sizeof(hints)); |
419 | hints.ai_family = IPv4or6; | 422 | hints.ai_family = options->address_family; |
420 | hints.ai_socktype = SOCK_STREAM; | 423 | hints.ai_socktype = SOCK_STREAM; |
421 | hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; | 424 | hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0; |
422 | snprintf(strport, sizeof strport, "%u", port); | 425 | snprintf(strport, sizeof strport, "%u", port); |
@@ -437,6 +440,7 @@ process_server_config_line(ServerOptions *options, char *line, | |||
437 | char *cp, **charptr, *arg, *p; | 440 | char *cp, **charptr, *arg, *p; |
438 | int *intptr, value, i, n; | 441 | int *intptr, value, i, n; |
439 | ServerOpCodes opcode; | 442 | ServerOpCodes opcode; |
443 | u_short port; | ||
440 | 444 | ||
441 | cp = line; | 445 | cp = line; |
442 | arg = strdelim(&cp); | 446 | arg = strdelim(&cp); |
@@ -509,39 +513,40 @@ parse_time: | |||
509 | 513 | ||
510 | case sListenAddress: | 514 | case sListenAddress: |
511 | arg = strdelim(&cp); | 515 | arg = strdelim(&cp); |
512 | if (!arg || *arg == '\0' || strncmp(arg, "[]", 2) == 0) | 516 | if (arg == NULL || *arg == '\0') |
513 | fatal("%s line %d: missing inet addr.", | 517 | fatal("%s line %d: missing address", |
514 | filename, linenum); | 518 | filename, linenum); |
515 | if (*arg == '[') { | 519 | p = hpdelim(&arg); |
516 | if ((p = strchr(arg, ']')) == NULL) | 520 | if (p == NULL) |
517 | fatal("%s line %d: bad ipv6 inet addr usage.", | 521 | fatal("%s line %d: bad address:port usage", |
518 | filename, linenum); | 522 | filename, linenum); |
519 | arg++; | 523 | p = cleanhostname(p); |
520 | memmove(p, p+1, strlen(p+1)+1); | 524 | if (arg == NULL) |
521 | } else if (((p = strchr(arg, ':')) == NULL) || | 525 | port = 0; |
522 | (strchr(p+1, ':') != NULL)) { | 526 | else if ((port = a2port(arg)) == 0) |
523 | add_listen_addr(options, arg, 0); | 527 | fatal("%s line %d: bad port number", filename, linenum); |
524 | break; | ||
525 | } | ||
526 | if (*p == ':') { | ||
527 | u_short port; | ||
528 | 528 | ||
529 | p++; | 529 | add_listen_addr(options, p, port); |
530 | if (*p == '\0') | 530 | |
531 | fatal("%s line %d: bad inet addr:port usage.", | 531 | break; |
532 | filename, linenum); | 532 | |
533 | else { | 533 | case sAddressFamily: |
534 | *(p-1) = '\0'; | 534 | arg = strdelim(&cp); |
535 | if ((port = a2port(p)) == 0) | 535 | intptr = &options->address_family; |
536 | fatal("%s line %d: bad port number.", | 536 | if (options->listen_addrs != NULL) |
537 | filename, linenum); | 537 | fatal("%s line %d: address family must be specified before " |
538 | add_listen_addr(options, arg, port); | 538 | "ListenAddress.", filename, linenum); |
539 | } | 539 | if (strcasecmp(arg, "inet") == 0) |
540 | } else if (*p == '\0') | 540 | value = AF_INET; |
541 | add_listen_addr(options, arg, 0); | 541 | else if (strcasecmp(arg, "inet6") == 0) |
542 | value = AF_INET6; | ||
543 | else if (strcasecmp(arg, "any") == 0) | ||
544 | value = AF_UNSPEC; | ||
542 | else | 545 | else |
543 | fatal("%s line %d: bad inet addr usage.", | 546 | fatal("%s line %d: unsupported address family \"%s\".", |
544 | filename, linenum); | 547 | filename, linenum, arg); |
548 | if (*intptr == -1) | ||
549 | *intptr = value; | ||
545 | break; | 550 | break; |
546 | 551 | ||
547 | case sHostKeyFile: | 552 | case sHostKeyFile: |
@@ -720,7 +725,23 @@ parse_flag: | |||
720 | 725 | ||
721 | case sGatewayPorts: | 726 | case sGatewayPorts: |
722 | intptr = &options->gateway_ports; | 727 | intptr = &options->gateway_ports; |
723 | goto parse_flag; | 728 | arg = strdelim(&cp); |
729 | if (!arg || *arg == '\0') | ||
730 | fatal("%s line %d: missing yes/no/clientspecified " | ||
731 | "argument.", filename, linenum); | ||
732 | value = 0; /* silence compiler */ | ||
733 | if (strcmp(arg, "clientspecified") == 0) | ||
734 | value = 2; | ||
735 | else if (strcmp(arg, "yes") == 0) | ||
736 | value = 1; | ||
737 | else if (strcmp(arg, "no") == 0) | ||
738 | value = 0; | ||
739 | else | ||
740 | fatal("%s line %d: Bad yes/no/clientspecified " | ||
741 | "argument: %s", filename, linenum, arg); | ||
742 | if (*intptr == -1) | ||
743 | *intptr = value; | ||
744 | break; | ||
724 | 745 | ||
725 | case sUseDNS: | 746 | case sUseDNS: |
726 | intptr = &options->use_dns; | 747 | intptr = &options->use_dns; |
diff --git a/servconf.h b/servconf.h index ebd056814..f7e56d521 100644 --- a/servconf.h +++ b/servconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: servconf.h,v 1.70 2004/06/24 19:30:54 djm Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.71 2004/12/23 23:11:00 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -43,6 +43,7 @@ typedef struct { | |||
43 | u_short ports[MAX_PORTS]; /* Port number to listen on. */ | 43 | u_short ports[MAX_PORTS]; /* Port number to listen on. */ |
44 | char *listen_addr; /* Address on which the server listens. */ | 44 | char *listen_addr; /* Address on which the server listens. */ |
45 | struct addrinfo *listen_addrs; /* Addresses on which the server listens. */ | 45 | struct addrinfo *listen_addrs; /* Addresses on which the server listens. */ |
46 | int address_family; /* Address family used by the server. */ | ||
46 | char *host_key_files[MAX_HOSTKEYS]; /* Files containing host keys. */ | 47 | char *host_key_files[MAX_HOSTKEYS]; /* Files containing host keys. */ |
47 | int num_host_key_files; /* Number of files for host keys. */ | 48 | int num_host_key_files; /* Number of files for host keys. */ |
48 | char *pid_file; /* Where to put our pid */ | 49 | char *pid_file; /* Where to put our pid */ |
@@ -33,7 +33,7 @@ | |||
33 | */ | 33 | */ |
34 | 34 | ||
35 | #include "includes.h" | 35 | #include "includes.h" |
36 | RCSID("$OpenBSD: session.c,v 1.180 2004/07/28 09:40:29 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.181 2004/12/23 17:35:48 markus Exp $"); |
37 | 37 | ||
38 | #include "ssh.h" | 38 | #include "ssh.h" |
39 | #include "ssh1.h" | 39 | #include "ssh1.h" |
@@ -245,6 +245,10 @@ do_authenticated1(Authctxt *authctxt) | |||
245 | u_int proto_len, data_len, dlen, compression_level = 0; | 245 | u_int proto_len, data_len, dlen, compression_level = 0; |
246 | 246 | ||
247 | s = session_new(); | 247 | s = session_new(); |
248 | if (s == NULL) { | ||
249 | error("no more sessions"); | ||
250 | return; | ||
251 | } | ||
248 | s->authctxt = authctxt; | 252 | s->authctxt = authctxt; |
249 | s->pw = authctxt->pw; | 253 | s->pw = authctxt->pw; |
250 | 254 | ||
@@ -661,11 +665,15 @@ do_exec(Session *s, const char *command) | |||
661 | debug("Forced command '%.900s'", command); | 665 | debug("Forced command '%.900s'", command); |
662 | } | 666 | } |
663 | 667 | ||
664 | #ifdef GSSAPI | 668 | #ifdef SSH_AUDIT_EVENTS |
665 | if (options.gss_authentication) { | 669 | if (command != NULL) |
666 | temporarily_use_uid(s->pw); | 670 | PRIVSEP(audit_run_command(command)); |
667 | ssh_gssapi_storecreds(); | 671 | else if (s->ttyfd == -1) { |
668 | restore_uid(); | 672 | char *shell = s->pw->pw_shell; |
673 | |||
674 | if (shell[0] == '\0') /* empty shell means /bin/sh */ | ||
675 | shell =_PATH_BSHELL; | ||
676 | PRIVSEP(audit_run_command(shell)); | ||
669 | } | 677 | } |
670 | #endif | 678 | #endif |
671 | 679 | ||
@@ -979,7 +987,13 @@ do_setup_env(Session *s, const char *shell) | |||
979 | * The Windows environment contains some setting which are | 987 | * The Windows environment contains some setting which are |
980 | * important for a running system. They must not be dropped. | 988 | * important for a running system. They must not be dropped. |
981 | */ | 989 | */ |
982 | copy_environment(environ, &env, &envsize); | 990 | { |
991 | char **p; | ||
992 | |||
993 | p = fetch_windows_environment(); | ||
994 | copy_environment(p, &env, &envsize); | ||
995 | free_windows_environment(p); | ||
996 | } | ||
983 | #endif | 997 | #endif |
984 | 998 | ||
985 | #ifdef GSSAPI | 999 | #ifdef GSSAPI |
@@ -1080,14 +1094,24 @@ do_setup_env(Session *s, const char *shell) | |||
1080 | child_set_env(&env, &envsize, "TMPDIR", cray_tmpdir); | 1094 | child_set_env(&env, &envsize, "TMPDIR", cray_tmpdir); |
1081 | #endif /* _UNICOS */ | 1095 | #endif /* _UNICOS */ |
1082 | 1096 | ||
1097 | /* | ||
1098 | * Since we clear KRB5CCNAME at startup, if it's set now then it | ||
1099 | * must have been set by a native authentication method (eg AIX or | ||
1100 | * SIA), so copy it to the child. | ||
1101 | */ | ||
1102 | { | ||
1103 | char *cp; | ||
1104 | |||
1105 | if ((cp = getenv("KRB5CCNAME")) != NULL) | ||
1106 | child_set_env(&env, &envsize, "KRB5CCNAME", cp); | ||
1107 | } | ||
1108 | |||
1083 | #ifdef _AIX | 1109 | #ifdef _AIX |
1084 | { | 1110 | { |
1085 | char *cp; | 1111 | char *cp; |
1086 | 1112 | ||
1087 | if ((cp = getenv("AUTHSTATE")) != NULL) | 1113 | if ((cp = getenv("AUTHSTATE")) != NULL) |
1088 | child_set_env(&env, &envsize, "AUTHSTATE", cp); | 1114 | child_set_env(&env, &envsize, "AUTHSTATE", cp); |
1089 | if ((cp = getenv("KRB5CCNAME")) != NULL) | ||
1090 | child_set_env(&env, &envsize, "KRB5CCNAME", cp); | ||
1091 | read_environment_file(&env, &envsize, "/etc/environment"); | 1115 | read_environment_file(&env, &envsize, "/etc/environment"); |
1092 | } | 1116 | } |
1093 | #endif | 1117 | #endif |
@@ -1247,6 +1271,13 @@ do_setusercontext(struct passwd *pw) | |||
1247 | # ifdef __bsdi__ | 1271 | # ifdef __bsdi__ |
1248 | setpgid(0, 0); | 1272 | setpgid(0, 0); |
1249 | # endif | 1273 | # endif |
1274 | #ifdef GSSAPI | ||
1275 | if (options.gss_authentication) { | ||
1276 | temporarily_use_uid(pw); | ||
1277 | ssh_gssapi_storecreds(); | ||
1278 | restore_uid(); | ||
1279 | } | ||
1280 | #endif | ||
1250 | # ifdef USE_PAM | 1281 | # ifdef USE_PAM |
1251 | if (options.use_pam) { | 1282 | if (options.use_pam) { |
1252 | do_pam_session(); | 1283 | do_pam_session(); |
@@ -1277,6 +1308,13 @@ do_setusercontext(struct passwd *pw) | |||
1277 | exit(1); | 1308 | exit(1); |
1278 | } | 1309 | } |
1279 | endgrent(); | 1310 | endgrent(); |
1311 | #ifdef GSSAPI | ||
1312 | if (options.gss_authentication) { | ||
1313 | temporarily_use_uid(pw); | ||
1314 | ssh_gssapi_storecreds(); | ||
1315 | restore_uid(); | ||
1316 | } | ||
1317 | #endif | ||
1280 | # ifdef USE_PAM | 1318 | # ifdef USE_PAM |
1281 | /* | 1319 | /* |
1282 | * PAM credentials may take the form of supplementary groups. | 1320 | * PAM credentials may take the form of supplementary groups. |
@@ -1314,7 +1352,12 @@ do_pwchange(Session *s) | |||
1314 | if (s->ttyfd != -1) { | 1352 | if (s->ttyfd != -1) { |
1315 | fprintf(stderr, | 1353 | fprintf(stderr, |
1316 | "You must change your password now and login again!\n"); | 1354 | "You must change your password now and login again!\n"); |
1355 | #ifdef PASSWD_NEEDS_USERNAME | ||
1356 | execl(_PATH_PASSWD_PROG, "passwd", s->pw->pw_name, | ||
1357 | (char *)NULL); | ||
1358 | #else | ||
1317 | execl(_PATH_PASSWD_PROG, "passwd", (char *)NULL); | 1359 | execl(_PATH_PASSWD_PROG, "passwd", (char *)NULL); |
1360 | #endif | ||
1318 | perror("passwd"); | 1361 | perror("passwd"); |
1319 | } else { | 1362 | } else { |
1320 | fprintf(stderr, | 1363 | fprintf(stderr, |
@@ -1428,11 +1471,18 @@ do_child(Session *s, const char *command) | |||
1428 | * generated messages, so if this in an interactive | 1471 | * generated messages, so if this in an interactive |
1429 | * login then display them too. | 1472 | * login then display them too. |
1430 | */ | 1473 | */ |
1431 | if (command == NULL) | 1474 | if (!check_quietlogin(s, command)) |
1432 | display_loginmsg(); | 1475 | display_loginmsg(); |
1433 | #endif /* HAVE_OSF_SIA */ | 1476 | #endif /* HAVE_OSF_SIA */ |
1434 | } | 1477 | } |
1435 | 1478 | ||
1479 | #ifdef USE_PAM | ||
1480 | if (options.use_pam && !is_pam_session_open()) { | ||
1481 | display_loginmsg(); | ||
1482 | exit(254); | ||
1483 | } | ||
1484 | #endif | ||
1485 | |||
1436 | /* | 1486 | /* |
1437 | * Get the shell from the password data. An empty shell field is | 1487 | * Get the shell from the password data. An empty shell field is |
1438 | * legal, and means /bin/sh. | 1488 | * legal, and means /bin/sh. |
diff --git a/sftp-client.c b/sftp-client.c index 0ffacbccc..d894a11f2 100644 --- a/sftp-client.c +++ b/sftp-client.c | |||
@@ -20,7 +20,7 @@ | |||
20 | /* XXX: copy between two remote sites */ | 20 | /* XXX: copy between two remote sites */ |
21 | 21 | ||
22 | #include "includes.h" | 22 | #include "includes.h" |
23 | RCSID("$OpenBSD: sftp-client.c,v 1.51 2004/07/11 17:48:47 deraadt Exp $"); | 23 | RCSID("$OpenBSD: sftp-client.c,v 1.52 2004/11/25 22:22:14 markus Exp $"); |
24 | 24 | ||
25 | #include "openbsd-compat/sys-queue.h" | 25 | #include "openbsd-compat/sys-queue.h" |
26 | 26 | ||
@@ -172,6 +172,7 @@ get_handle(int fd, u_int expected_id, u_int *len) | |||
172 | int status = buffer_get_int(&msg); | 172 | int status = buffer_get_int(&msg); |
173 | 173 | ||
174 | error("Couldn't get handle: %s", fx2txt(status)); | 174 | error("Couldn't get handle: %s", fx2txt(status)); |
175 | buffer_free(&msg); | ||
175 | return(NULL); | 176 | return(NULL); |
176 | } else if (type != SSH2_FXP_HANDLE) | 177 | } else if (type != SSH2_FXP_HANDLE) |
177 | fatal("Expected SSH2_FXP_HANDLE(%u) packet, got %u", | 178 | fatal("Expected SSH2_FXP_HANDLE(%u) packet, got %u", |
@@ -206,6 +207,7 @@ get_decode_stat(int fd, u_int expected_id, int quiet) | |||
206 | debug("Couldn't stat remote file: %s", fx2txt(status)); | 207 | debug("Couldn't stat remote file: %s", fx2txt(status)); |
207 | else | 208 | else |
208 | error("Couldn't stat remote file: %s", fx2txt(status)); | 209 | error("Couldn't stat remote file: %s", fx2txt(status)); |
210 | buffer_free(&msg); | ||
209 | return(NULL); | 211 | return(NULL); |
210 | } else if (type != SSH2_FXP_ATTRS) { | 212 | } else if (type != SSH2_FXP_ATTRS) { |
211 | fatal("Expected SSH2_FXP_ATTRS(%u) packet, got %u", | 213 | fatal("Expected SSH2_FXP_ATTRS(%u) packet, got %u", |
diff --git a/sftp-client.h b/sftp-client.h index a0e8e44b3..991e05d33 100644 --- a/sftp-client.h +++ b/sftp-client.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp-client.h,v 1.12 2004/02/17 05:39:51 djm Exp $ */ | 1 | /* $OpenBSD: sftp-client.h,v 1.13 2004/11/29 07:41:24 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> | 4 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> |
@@ -30,8 +30,8 @@ struct SFTP_DIRENT { | |||
30 | }; | 30 | }; |
31 | 31 | ||
32 | /* | 32 | /* |
33 | * Initialiase a SSH filexfer connection. Returns -1 on error or | 33 | * Initialiase a SSH filexfer connection. Returns NULL on error or |
34 | * protocol version on success. | 34 | * a pointer to a initialized sftp_conn struct on success. |
35 | */ | 35 | */ |
36 | struct sftp_conn *do_init(int, int, u_int, u_int); | 36 | struct sftp_conn *do_init(int, int, u_int, u_int); |
37 | 37 | ||
@@ -22,8 +22,7 @@ DESCRIPTION | |||
22 | active authentication method is used; otherwise it will do so after suc- | 22 | active authentication method is used; otherwise it will do so after suc- |
23 | cessful interactive authentication. | 23 | cessful interactive authentication. |
24 | 24 | ||
25 | The third usage format allows the sftp client to start in a remote direc- | 25 | The third usage format allows sftp to start in a remote directory. |
26 | tory. | ||
27 | 26 | ||
28 | The final usage format allows for automated sessions using the -b option. | 27 | The final usage format allows for automated sessions using the -b option. |
29 | In such cases, it is usually necessary to configure public key authenti- | 28 | In such cases, it is usually necessary to configure public key authenti- |
@@ -78,6 +77,7 @@ DESCRIPTION | |||
78 | GlobalKnownHostsFile | 77 | GlobalKnownHostsFile |
79 | GSSAPIAuthentication | 78 | GSSAPIAuthentication |
80 | GSSAPIDelegateCredentials | 79 | GSSAPIDelegateCredentials |
80 | HashKnownHosts | ||
81 | Host | 81 | Host |
82 | HostbasedAuthentication | 82 | HostbasedAuthentication |
83 | HostKeyAlgorithms | 83 | HostKeyAlgorithms |
@@ -85,6 +85,7 @@ DESCRIPTION | |||
85 | HostName | 85 | HostName |
86 | IdentityFile | 86 | IdentityFile |
87 | IdentitiesOnly | 87 | IdentitiesOnly |
88 | KbdInteractiveDevices | ||
88 | LogLevel | 89 | LogLevel |
89 | MACs | 90 | MACs |
90 | NoHostAuthenticationForLocalhost | 91 | NoHostAuthenticationForLocalhost |
@@ -109,7 +110,7 @@ DESCRIPTION | |||
109 | VerifyHostKeyDNS | 110 | VerifyHostKeyDNS |
110 | 111 | ||
111 | -P sftp_server_path | 112 | -P sftp_server_path |
112 | Connect directly to a local sftp server (rather than via ssh(1)) | 113 | Connect directly to a local sftp server (rather than via ssh(1)). |
113 | This option may be useful in debugging the client and server. | 114 | This option may be useful in debugging the client and server. |
114 | 115 | ||
115 | -R num_requests | 116 | -R num_requests |
@@ -131,100 +132,132 @@ DESCRIPTION | |||
131 | 132 | ||
132 | INTERACTIVE COMMANDS | 133 | INTERACTIVE COMMANDS |
133 | Once in interactive mode, sftp understands a set of commands similar to | 134 | Once in interactive mode, sftp understands a set of commands similar to |
134 | those of ftp(1). Commands are case insensitive and pathnames may be en- | 135 | those of ftp(1). Commands are case insensitive. Pathnames that contain |
135 | closed in quotes if they contain spaces. | 136 | spaces must be enclosed in quotes. Any special characters contained |
137 | within pathnames that are recognized by glob(3) must be escaped with | ||
138 | backslashes (`\'). | ||
136 | 139 | ||
137 | bye Quit sftp. | 140 | bye Quit sftp. |
138 | 141 | ||
139 | cd path Change remote directory to path. | 142 | cd path |
143 | Change remote directory to path. | ||
140 | 144 | ||
141 | chgrp grp path | 145 | chgrp grp path |
142 | Change group of file path to grp. grp must be a numeric GID. | 146 | Change group of file path to grp. path may contain glob(3) char- |
147 | acters and may match multiple files. grp must be a numeric GID. | ||
143 | 148 | ||
144 | chmod mode path | 149 | chmod mode path |
145 | Change permissions of file path to mode. | 150 | Change permissions of file path to mode. path may contain |
151 | glob(3) characters and may match multiple files. | ||
146 | 152 | ||
147 | chown own path | 153 | chown own path |
148 | Change owner of file path to own. own must be a numeric UID. | 154 | Change owner of file path to own. path may contain glob(3) char- |
155 | acters and may match multiple files. own must be a numeric UID. | ||
149 | 156 | ||
150 | exit Quit sftp. | 157 | exit Quit sftp. |
151 | 158 | ||
152 | get [flags] remote-path [local-path] | 159 | get [-P] remote-path [local-path] |
153 | Retrieve the remote-path and store it on the local machine. | 160 | Retrieve the remote-path and store it on the local machine. If |
154 | If the local path name is not specified, it is given the same | 161 | the local path name is not specified, it is given the same name |
155 | name it has on the remote machine. If the -P flag is speci- | 162 | it has on the remote machine. remote-path may contain glob(3) |
156 | fied, then the file's full permission and access time are | 163 | characters and may match multiple files. If it does and local- |
157 | copied too. | 164 | path is specified, then local-path must specify a directory. If |
165 | the -P flag is specified, then full file permissions and access | ||
166 | times are copied too. | ||
158 | 167 | ||
159 | help Display help text. | 168 | help Display help text. |
160 | 169 | ||
161 | lcd path Change local directory to path. | 170 | lcd path |
171 | Change local directory to path. | ||
162 | 172 | ||
163 | lls [ls-options [path]] | 173 | lls [ls-options [path]] |
164 | Display local directory listing of either path or current di- | 174 | Display local directory listing of either path or current direc- |
165 | rectory if path is not specified. | 175 | tory if path is not specified. ls-options may contain any flags |
176 | supported by the local system's ls(1) command. path may contain | ||
177 | glob(3) characters and may match multiple files. | ||
166 | 178 | ||
167 | lmkdir path | 179 | lmkdir path |
168 | Create local directory specified by path. | 180 | Create local directory specified by path. |
169 | 181 | ||
170 | ln oldpath newpath | 182 | ln oldpath newpath |
171 | Create a symbolic link from oldpath to newpath. | 183 | Create a symbolic link from oldpath to newpath. |
172 | 184 | ||
173 | lpwd Print local working directory. | 185 | lpwd Print local working directory. |
174 | 186 | ||
175 | ls [flags] [path] | 187 | ls [-1aflnrSt] [path] |
176 | Display remote directory listing of either path or current | 188 | Display a remote directory listing of either path or the current |
177 | directory if path is not specified. If the -l flag is speci- | 189 | directory if path is not specified. path may contain glob(3) |
178 | fied, then display additional details including permissions | 190 | characters and may match multiple files. |
179 | and ownership information. The -n flag will produce a long | ||
180 | listing with user and group information presented numerical- | ||
181 | ly. | ||
182 | 191 | ||
183 | By default, ls listings are sorted in lexicographical order. | 192 | The following flags are recognized and alter the behaviour of ls |
184 | This may be changed by specifying the -S (sort by file size), | 193 | accordingly: |
185 | -t (sort by last modification time), or -f (don't sort at | 194 | |
186 | all) flags. Additionally, the sort order may be reversed us- | 195 | -1 Produce single columnar output. |
187 | ing the -r flag. | 196 | |
197 | -a List files beginning with a dot (`.'). | ||
198 | |||
199 | -f Do not sort the listing. The default sort order is lexi- | ||
200 | cographical. | ||
201 | |||
202 | -l Display additional details including permissions and own- | ||
203 | ership information. | ||
204 | |||
205 | -n Produce a long listing with user and group information | ||
206 | presented numerically. | ||
207 | |||
208 | -r Reverse the sort order of the listing. | ||
209 | |||
210 | -S Sort the listing by file size. | ||
211 | |||
212 | -t Sort the listing by last modification time. | ||
188 | 213 | ||
189 | lumask umask | 214 | lumask umask |
190 | Set local umask to umask. | 215 | Set local umask to umask. |
191 | 216 | ||
192 | mkdir path Create remote directory specified by path. | 217 | mkdir path |
218 | Create remote directory specified by path. | ||
193 | 219 | ||
194 | progress Toggle display of progress meter. | 220 | progress |
221 | Toggle display of progress meter. | ||
195 | 222 | ||
196 | put [flags] local-path [remote-path] | 223 | put [-P] local-path [remote-path] |
197 | Upload local-path and store it on the remote machine. If the | 224 | Upload local-path and store it on the remote machine. If the re- |
198 | remote path name is not specified, it is given the same name | 225 | mote path name is not specified, it is given the same name it has |
199 | it has on the local machine. If the -P flag is specified, | 226 | on the local machine. local-path may contain glob(3) characters |
200 | then the file's full permission and access time are copied | 227 | and may match multiple files. If it does and remote-path is |
201 | too. | 228 | specified, then remote-path must specify a directory. If the -P |
229 | flag is specified, then the file's full permission and access | ||
230 | time are copied too. | ||
202 | 231 | ||
203 | pwd Display remote working directory. | 232 | pwd Display remote working directory. |
204 | 233 | ||
205 | quit Quit sftp. | 234 | quit Quit sftp. |
206 | 235 | ||
207 | rename oldpath newpath | 236 | rename oldpath newpath |
208 | Rename remote file from oldpath to newpath. | 237 | Rename remote file from oldpath to newpath. |
209 | 238 | ||
210 | rm path Delete remote file specified by path. | 239 | rm path |
240 | Delete remote file specified by path. | ||
211 | 241 | ||
212 | rmdir path Remove remote directory specified by path. | 242 | rmdir path |
243 | Remove remote directory specified by path. | ||
213 | 244 | ||
214 | symlink oldpath newpath | 245 | symlink oldpath newpath |
215 | Create a symbolic link from oldpath to newpath. | 246 | Create a symbolic link from oldpath to newpath. |
216 | 247 | ||
217 | version Display the sftp protocol version. | 248 | version |
249 | Display the sftp protocol version. | ||
218 | 250 | ||
219 | ! command Execute command in local shell. | 251 | ! command |
252 | Execute command in local shell. | ||
220 | 253 | ||
221 | ! Escape to local shell. | 254 | ! Escape to local shell. |
222 | 255 | ||
223 | ? Synonym for help. | 256 | ? Synonym for help. |
224 | 257 | ||
225 | SEE ALSO | 258 | SEE ALSO |
226 | ftp(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), ssh_config(5), | 259 | ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3), |
227 | sftp-server(8), sshd(8) | 260 | ssh_config(5), sftp-server(8), sshd(8) |
228 | 261 | ||
229 | T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- | 262 | T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- |
230 | filexfer-00.txt, January 2001, work in progress material. | 263 | filexfer-00.txt, January 2001, work in progress material. |
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: sftp.1,v 1.57 2004/06/21 22:41:31 djm Exp $ | 1 | .\" $OpenBSD: sftp.1,v 1.61 2005/03/01 17:19:35 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2001 Damien Miller. All rights reserved. | 3 | .\" Copyright (c) 2001 Damien Miller. All rights reserved. |
4 | .\" | 4 | .\" |
@@ -71,7 +71,9 @@ The second usage format will retrieve files automatically if a non-interactive | |||
71 | authentication method is used; otherwise it will do so after | 71 | authentication method is used; otherwise it will do so after |
72 | successful interactive authentication. | 72 | successful interactive authentication. |
73 | .Pp | 73 | .Pp |
74 | The third usage format allows the sftp client to start in a remote directory. | 74 | The third usage format allows |
75 | .Nm | ||
76 | to start in a remote directory. | ||
75 | .Pp | 77 | .Pp |
76 | The final usage format allows for automated sessions using the | 78 | The final usage format allows for automated sessions using the |
77 | .Fl b | 79 | .Fl b |
@@ -159,6 +161,7 @@ For full details of the options listed below, and their possible values, see | |||
159 | .It GlobalKnownHostsFile | 161 | .It GlobalKnownHostsFile |
160 | .It GSSAPIAuthentication | 162 | .It GSSAPIAuthentication |
161 | .It GSSAPIDelegateCredentials | 163 | .It GSSAPIDelegateCredentials |
164 | .It HashKnownHosts | ||
162 | .It Host | 165 | .It Host |
163 | .It HostbasedAuthentication | 166 | .It HostbasedAuthentication |
164 | .It HostKeyAlgorithms | 167 | .It HostKeyAlgorithms |
@@ -166,6 +169,7 @@ For full details of the options listed below, and their possible values, see | |||
166 | .It HostName | 169 | .It HostName |
167 | .It IdentityFile | 170 | .It IdentityFile |
168 | .It IdentitiesOnly | 171 | .It IdentitiesOnly |
172 | .It KbdInteractiveDevices | ||
169 | .It LogLevel | 173 | .It LogLevel |
170 | .It MACs | 174 | .It MACs |
171 | .It NoHostAuthenticationForLocalhost | 175 | .It NoHostAuthenticationForLocalhost |
@@ -192,7 +196,7 @@ For full details of the options listed below, and their possible values, see | |||
192 | .It Fl P Ar sftp_server_path | 196 | .It Fl P Ar sftp_server_path |
193 | Connect directly to a local sftp server | 197 | Connect directly to a local sftp server |
194 | (rather than via | 198 | (rather than via |
195 | .Xr ssh 1 ) | 199 | .Xr ssh 1 ) . |
196 | This option may be useful in debugging the client and server. | 200 | This option may be useful in debugging the client and server. |
197 | .It Fl R Ar num_requests | 201 | .It Fl R Ar num_requests |
198 | Specify how many requests may be outstanding at any one time. | 202 | Specify how many requests may be outstanding at any one time. |
@@ -223,9 +227,13 @@ Once in interactive mode, | |||
223 | .Nm | 227 | .Nm |
224 | understands a set of commands similar to those of | 228 | understands a set of commands similar to those of |
225 | .Xr ftp 1 . | 229 | .Xr ftp 1 . |
226 | Commands are case insensitive and pathnames may be enclosed in quotes if they | 230 | Commands are case insensitive. |
227 | contain spaces. | 231 | Pathnames that contain spaces must be enclosed in quotes. |
228 | .Bl -tag -width "lmdir path" | 232 | Any special characters contained within pathnames that are recognized by |
233 | .Xr glob 3 | ||
234 | must be escaped with backslashes | ||
235 | .Pq Sq \e . | ||
236 | .Bl -tag -width Ds | ||
229 | .It Ic bye | 237 | .It Ic bye |
230 | Quit | 238 | Quit |
231 | .Nm sftp . | 239 | .Nm sftp . |
@@ -237,6 +245,10 @@ Change group of file | |||
237 | .Ar path | 245 | .Ar path |
238 | to | 246 | to |
239 | .Ar grp . | 247 | .Ar grp . |
248 | .Ar path | ||
249 | may contain | ||
250 | .Xr glob 3 | ||
251 | characters and may match multiple files. | ||
240 | .Ar grp | 252 | .Ar grp |
241 | must be a numeric GID. | 253 | must be a numeric GID. |
242 | .It Ic chmod Ar mode Ar path | 254 | .It Ic chmod Ar mode Ar path |
@@ -244,18 +256,26 @@ Change permissions of file | |||
244 | .Ar path | 256 | .Ar path |
245 | to | 257 | to |
246 | .Ar mode . | 258 | .Ar mode . |
259 | .Ar path | ||
260 | may contain | ||
261 | .Xr glob 3 | ||
262 | characters and may match multiple files. | ||
247 | .It Ic chown Ar own Ar path | 263 | .It Ic chown Ar own Ar path |
248 | Change owner of file | 264 | Change owner of file |
249 | .Ar path | 265 | .Ar path |
250 | to | 266 | to |
251 | .Ar own . | 267 | .Ar own . |
268 | .Ar path | ||
269 | may contain | ||
270 | .Xr glob 3 | ||
271 | characters and may match multiple files. | ||
252 | .Ar own | 272 | .Ar own |
253 | must be a numeric UID. | 273 | must be a numeric UID. |
254 | .It Ic exit | 274 | .It Ic exit |
255 | Quit | 275 | Quit |
256 | .Nm sftp . | 276 | .Nm sftp . |
257 | .It Xo Ic get | 277 | .It Xo Ic get |
258 | .Op Ar flags | 278 | .Op Fl P |
259 | .Ar remote-path | 279 | .Ar remote-path |
260 | .Op Ar local-path | 280 | .Op Ar local-path |
261 | .Xc | 281 | .Xc |
@@ -265,9 +285,18 @@ and store it on the local machine. | |||
265 | If the local | 285 | If the local |
266 | path name is not specified, it is given the same name it has on the | 286 | path name is not specified, it is given the same name it has on the |
267 | remote machine. | 287 | remote machine. |
288 | .Ar remote-path | ||
289 | may contain | ||
290 | .Xr glob 3 | ||
291 | characters and may match multiple files. | ||
292 | If it does and | ||
293 | .Ar local-path | ||
294 | is specified, then | ||
295 | .Ar local-path | ||
296 | must specify a directory. | ||
268 | If the | 297 | If the |
269 | .Fl P | 298 | .Fl P |
270 | flag is specified, then the file's full permission and access time are | 299 | flag is specified, then full file permissions and access times are |
271 | copied too. | 300 | copied too. |
272 | .It Ic help | 301 | .It Ic help |
273 | Display help text. | 302 | Display help text. |
@@ -280,6 +309,14 @@ Display local directory listing of either | |||
280 | or current directory if | 309 | or current directory if |
281 | .Ar path | 310 | .Ar path |
282 | is not specified. | 311 | is not specified. |
312 | .Ar ls-options | ||
313 | may contain any flags supported by the local system's | ||
314 | .Xr ls 1 | ||
315 | command. | ||
316 | .Ar path | ||
317 | may contain | ||
318 | .Xr glob 3 | ||
319 | characters and may match multiple files. | ||
283 | .It Ic lmkdir Ar path | 320 | .It Ic lmkdir Ar path |
284 | Create local directory specified by | 321 | Create local directory specified by |
285 | .Ar path . | 322 | .Ar path . |
@@ -291,36 +328,44 @@ to | |||
291 | .It Ic lpwd | 328 | .It Ic lpwd |
292 | Print local working directory. | 329 | Print local working directory. |
293 | .It Xo Ic ls | 330 | .It Xo Ic ls |
294 | .Op Ar flags | 331 | .Op Fl 1aflnrSt |
295 | .Op Ar path | 332 | .Op Ar path |
296 | .Xc | 333 | .Xc |
297 | Display remote directory listing of either | 334 | Display a remote directory listing of either |
298 | .Ar path | 335 | .Ar path |
299 | or current directory if | 336 | or the current directory if |
300 | .Ar path | 337 | .Ar path |
301 | is not specified. | 338 | is not specified. |
302 | If the | 339 | .Ar path |
303 | .Fl l | 340 | may contain |
304 | flag is specified, then display additional details including permissions | 341 | .Xr glob 3 |
305 | and ownership information. | 342 | characters and may match multiple files. |
306 | The | ||
307 | .Fl n | ||
308 | flag will produce a long listing with user and group information presented | ||
309 | numerically. | ||
310 | .Pp | 343 | .Pp |
311 | By default, | 344 | The following flags are recognized and alter the behaviour of |
312 | .Ic ls | 345 | .Ic ls |
313 | listings are sorted in lexicographical order. | 346 | accordingly: |
314 | This may be changed by specifying the | 347 | .Bl -tag -width Ds |
315 | .Fl S | 348 | .It Fl 1 |
316 | (sort by file size), | 349 | Produce single columnar output. |
317 | .Fl t | 350 | .It Fl a |
318 | (sort by last modification time), or | 351 | List files beginning with a dot |
319 | .Fl f | 352 | .Pq Sq \&. . |
320 | (don't sort at all) flags. | 353 | .It Fl f |
321 | Additionally, the sort order may be reversed using the | 354 | Do not sort the listing. |
322 | .Fl r | 355 | The default sort order is lexicographical. |
323 | flag. | 356 | .It Fl l |
357 | Display additional details including permissions | ||
358 | and ownership information. | ||
359 | .It Fl n | ||
360 | Produce a long listing with user and group information presented | ||
361 | numerically. | ||
362 | .It Fl r | ||
363 | Reverse the sort order of the listing. | ||
364 | .It Fl S | ||
365 | Sort the listing by file size. | ||
366 | .It Fl t | ||
367 | Sort the listing by last modification time. | ||
368 | .El | ||
324 | .It Ic lumask Ar umask | 369 | .It Ic lumask Ar umask |
325 | Set local umask to | 370 | Set local umask to |
326 | .Ar umask . | 371 | .Ar umask . |
@@ -330,7 +375,7 @@ Create remote directory specified by | |||
330 | .It Ic progress | 375 | .It Ic progress |
331 | Toggle display of progress meter. | 376 | Toggle display of progress meter. |
332 | .It Xo Ic put | 377 | .It Xo Ic put |
333 | .Op Ar flags | 378 | .Op Fl P |
334 | .Ar local-path | 379 | .Ar local-path |
335 | .Op Ar remote-path | 380 | .Op Ar remote-path |
336 | .Xc | 381 | .Xc |
@@ -339,6 +384,15 @@ Upload | |||
339 | and store it on the remote machine. | 384 | and store it on the remote machine. |
340 | If the remote path name is not specified, it is given the same name it has | 385 | If the remote path name is not specified, it is given the same name it has |
341 | on the local machine. | 386 | on the local machine. |
387 | .Ar local-path | ||
388 | may contain | ||
389 | .Xr glob 3 | ||
390 | characters and may match multiple files. | ||
391 | If it does and | ||
392 | .Ar remote-path | ||
393 | is specified, then | ||
394 | .Ar remote-path | ||
395 | must specify a directory. | ||
342 | If the | 396 | If the |
343 | .Fl P | 397 | .Fl P |
344 | flag is specified, then the file's full permission and access time are | 398 | flag is specified, then the file's full permission and access time are |
@@ -379,10 +433,12 @@ Synonym for help. | |||
379 | .El | 433 | .El |
380 | .Sh SEE ALSO | 434 | .Sh SEE ALSO |
381 | .Xr ftp 1 , | 435 | .Xr ftp 1 , |
436 | .Xr ls 1 , | ||
382 | .Xr scp 1 , | 437 | .Xr scp 1 , |
383 | .Xr ssh 1 , | 438 | .Xr ssh 1 , |
384 | .Xr ssh-add 1 , | 439 | .Xr ssh-add 1 , |
385 | .Xr ssh-keygen 1 , | 440 | .Xr ssh-keygen 1 , |
441 | .Xr glob 3 , | ||
386 | .Xr ssh_config 5 , | 442 | .Xr ssh_config 5 , |
387 | .Xr sftp-server 8 , | 443 | .Xr sftp-server 8 , |
388 | .Xr sshd 8 | 444 | .Xr sshd 8 |
@@ -16,7 +16,13 @@ | |||
16 | 16 | ||
17 | #include "includes.h" | 17 | #include "includes.h" |
18 | 18 | ||
19 | RCSID("$OpenBSD: sftp.c,v 1.56 2004/07/11 17:48:47 deraadt Exp $"); | 19 | RCSID("$OpenBSD: sftp.c,v 1.62 2005/02/20 22:59:06 djm Exp $"); |
20 | |||
21 | #ifdef USE_LIBEDIT | ||
22 | #include <histedit.h> | ||
23 | #else | ||
24 | typedef void EditLine; | ||
25 | #endif | ||
20 | 26 | ||
21 | #include "buffer.h" | 27 | #include "buffer.h" |
22 | #include "xmalloc.h" | 28 | #include "xmalloc.h" |
@@ -144,8 +150,10 @@ int interactive_loop(int fd_in, int fd_out, char *file1, char *file2); | |||
144 | static void | 150 | static void |
145 | killchild(int signo) | 151 | killchild(int signo) |
146 | { | 152 | { |
147 | if (sshpid > 1) | 153 | if (sshpid > 1) { |
148 | kill(sshpid, SIGTERM); | 154 | kill(sshpid, SIGTERM); |
155 | waitpid(sshpid, NULL, 0); | ||
156 | } | ||
149 | 157 | ||
150 | _exit(1); | 158 | _exit(1); |
151 | } | 159 | } |
@@ -154,9 +162,11 @@ static void | |||
154 | cmd_interrupt(int signo) | 162 | cmd_interrupt(int signo) |
155 | { | 163 | { |
156 | const char msg[] = "\rInterrupt \n"; | 164 | const char msg[] = "\rInterrupt \n"; |
165 | int olderrno = errno; | ||
157 | 166 | ||
158 | write(STDERR_FILENO, msg, sizeof(msg) - 1); | 167 | write(STDERR_FILENO, msg, sizeof(msg) - 1); |
159 | interrupted = 1; | 168 | interrupted = 1; |
169 | errno = olderrno; | ||
160 | } | 170 | } |
161 | 171 | ||
162 | static void | 172 | static void |
@@ -256,7 +266,7 @@ path_strip(char *path, char *strip) | |||
256 | return (xstrdup(path)); | 266 | return (xstrdup(path)); |
257 | 267 | ||
258 | len = strlen(strip); | 268 | len = strlen(strip); |
259 | if (strip != NULL && strncmp(path, strip, len) == 0) { | 269 | if (strncmp(path, strip, len) == 0) { |
260 | if (strip[len - 1] != '/' && path[len] == '/') | 270 | if (strip[len - 1] != '/' && path[len] == '/') |
261 | len++; | 271 | len++; |
262 | return (xstrdup(path + len)); | 272 | return (xstrdup(path + len)); |
@@ -738,12 +748,14 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
738 | { | 748 | { |
739 | glob_t g; | 749 | glob_t g; |
740 | int i, c = 1, colspace = 0, columns = 1; | 750 | int i, c = 1, colspace = 0, columns = 1; |
741 | Attrib *a; | 751 | Attrib *a = NULL; |
742 | 752 | ||
743 | memset(&g, 0, sizeof(g)); | 753 | memset(&g, 0, sizeof(g)); |
744 | 754 | ||
745 | if (remote_glob(conn, path, GLOB_MARK|GLOB_NOCHECK|GLOB_BRACE, | 755 | if (remote_glob(conn, path, GLOB_MARK|GLOB_NOCHECK|GLOB_BRACE, |
746 | NULL, &g)) { | 756 | NULL, &g) || (g.gl_pathc && !g.gl_matchc)) { |
757 | if (g.gl_pathc) | ||
758 | globfree(&g); | ||
747 | error("Can't ls: \"%s\" not found", path); | 759 | error("Can't ls: \"%s\" not found", path); |
748 | return (-1); | 760 | return (-1); |
749 | } | 761 | } |
@@ -752,19 +764,21 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
752 | goto out; | 764 | goto out; |
753 | 765 | ||
754 | /* | 766 | /* |
755 | * If the glob returns a single match, which is the same as the | 767 | * If the glob returns a single match and it is a directory, |
756 | * input glob, and it is a directory, then just list its contents | 768 | * then just list its contents. |
757 | */ | 769 | */ |
758 | if (g.gl_pathc == 1 && | 770 | if (g.gl_matchc == 1) { |
759 | strncmp(path, g.gl_pathv[0], strlen(g.gl_pathv[0]) - 1) == 0) { | 771 | if ((a = do_lstat(conn, g.gl_pathv[0], 1)) == NULL) { |
760 | if ((a = do_lstat(conn, path, 1)) == NULL) { | ||
761 | globfree(&g); | 772 | globfree(&g); |
762 | return (-1); | 773 | return (-1); |
763 | } | 774 | } |
764 | if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && | 775 | if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && |
765 | S_ISDIR(a->perm)) { | 776 | S_ISDIR(a->perm)) { |
777 | int err; | ||
778 | |||
779 | err = do_ls_dir(conn, g.gl_pathv[0], strip_path, lflag); | ||
766 | globfree(&g); | 780 | globfree(&g); |
767 | return (do_ls_dir(conn, path, strip_path, lflag)); | 781 | return (err); |
768 | } | 782 | } |
769 | } | 783 | } |
770 | 784 | ||
@@ -784,7 +798,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
784 | colspace = width / columns; | 798 | colspace = width / columns; |
785 | } | 799 | } |
786 | 800 | ||
787 | for (i = 0; g.gl_pathv[i] && !interrupted; i++) { | 801 | for (i = 0; g.gl_pathv[i] && !interrupted; i++, a = NULL) { |
788 | char *fname; | 802 | char *fname; |
789 | 803 | ||
790 | fname = path_strip(g.gl_pathv[i], strip_path); | 804 | fname = path_strip(g.gl_pathv[i], strip_path); |
@@ -801,7 +815,8 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, | |||
801 | * that the server returns as well as the filenames. | 815 | * that the server returns as well as the filenames. |
802 | */ | 816 | */ |
803 | memset(&sb, 0, sizeof(sb)); | 817 | memset(&sb, 0, sizeof(sb)); |
804 | a = do_lstat(conn, g.gl_pathv[i], 1); | 818 | if (a == NULL) |
819 | a = do_lstat(conn, g.gl_pathv[i], 1); | ||
805 | if (a != NULL) | 820 | if (a != NULL) |
806 | attrib_to_stat(a, &sb); | 821 | attrib_to_stat(a, &sb); |
807 | lname = ls_file(fname, &sb, 1); | 822 | lname = ls_file(fname, &sb, 1); |
@@ -1206,6 +1221,14 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, | |||
1206 | return (0); | 1221 | return (0); |
1207 | } | 1222 | } |
1208 | 1223 | ||
1224 | #ifdef USE_LIBEDIT | ||
1225 | static char * | ||
1226 | prompt(EditLine *el) | ||
1227 | { | ||
1228 | return ("sftp> "); | ||
1229 | } | ||
1230 | #endif | ||
1231 | |||
1209 | int | 1232 | int |
1210 | interactive_loop(int fd_in, int fd_out, char *file1, char *file2) | 1233 | interactive_loop(int fd_in, int fd_out, char *file1, char *file2) |
1211 | { | 1234 | { |
@@ -1214,6 +1237,27 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) | |||
1214 | char cmd[2048]; | 1237 | char cmd[2048]; |
1215 | struct sftp_conn *conn; | 1238 | struct sftp_conn *conn; |
1216 | int err; | 1239 | int err; |
1240 | EditLine *el = NULL; | ||
1241 | #ifdef USE_LIBEDIT | ||
1242 | History *hl = NULL; | ||
1243 | HistEvent hev; | ||
1244 | extern char *__progname; | ||
1245 | |||
1246 | if (!batchmode && isatty(STDIN_FILENO)) { | ||
1247 | if ((el = el_init(__progname, stdin, stdout, stderr)) == NULL) | ||
1248 | fatal("Couldn't initialise editline"); | ||
1249 | if ((hl = history_init()) == NULL) | ||
1250 | fatal("Couldn't initialise editline history"); | ||
1251 | history(hl, &hev, H_SETSIZE, 100); | ||
1252 | el_set(el, EL_HIST, history, hl); | ||
1253 | |||
1254 | el_set(el, EL_PROMPT, prompt); | ||
1255 | el_set(el, EL_EDITOR, "emacs"); | ||
1256 | el_set(el, EL_TERMINAL, NULL); | ||
1257 | el_set(el, EL_SIGNAL, 1); | ||
1258 | el_source(el, NULL); | ||
1259 | } | ||
1260 | #endif /* USE_LIBEDIT */ | ||
1217 | 1261 | ||
1218 | conn = do_init(fd_in, fd_out, copy_buffer_len, num_requests); | 1262 | conn = do_init(fd_in, fd_out, copy_buffer_len, num_requests); |
1219 | if (conn == NULL) | 1263 | if (conn == NULL) |
@@ -1230,8 +1274,11 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) | |||
1230 | if (remote_is_dir(conn, dir) && file2 == NULL) { | 1274 | if (remote_is_dir(conn, dir) && file2 == NULL) { |
1231 | printf("Changing to: %s\n", dir); | 1275 | printf("Changing to: %s\n", dir); |
1232 | snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); | 1276 | snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); |
1233 | if (parse_dispatch_command(conn, cmd, &pwd, 1) != 0) | 1277 | if (parse_dispatch_command(conn, cmd, &pwd, 1) != 0) { |
1278 | xfree(dir); | ||
1279 | xfree(pwd); | ||
1234 | return (-1); | 1280 | return (-1); |
1281 | } | ||
1235 | } else { | 1282 | } else { |
1236 | if (file2 == NULL) | 1283 | if (file2 == NULL) |
1237 | snprintf(cmd, sizeof cmd, "get %s", dir); | 1284 | snprintf(cmd, sizeof cmd, "get %s", dir); |
@@ -1261,17 +1308,29 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) | |||
1261 | 1308 | ||
1262 | signal(SIGINT, SIG_IGN); | 1309 | signal(SIGINT, SIG_IGN); |
1263 | 1310 | ||
1264 | printf("sftp> "); | 1311 | if (el == NULL) { |
1312 | printf("sftp> "); | ||
1313 | if (fgets(cmd, sizeof(cmd), infile) == NULL) { | ||
1314 | printf("\n"); | ||
1315 | break; | ||
1316 | } | ||
1317 | if (batchmode) /* Echo command */ | ||
1318 | printf("%s", cmd); | ||
1319 | } else { | ||
1320 | #ifdef USE_LIBEDIT | ||
1321 | const char *line; | ||
1322 | int count = 0; | ||
1265 | 1323 | ||
1266 | /* XXX: use libedit */ | 1324 | if ((line = el_gets(el, &count)) == NULL || count <= 0) |
1267 | if (fgets(cmd, sizeof(cmd), infile) == NULL) { | 1325 | break; |
1268 | printf("\n"); | 1326 | history(hl, &hev, H_ENTER, line); |
1269 | break; | 1327 | if (strlcpy(cmd, line, sizeof(cmd)) >= sizeof(cmd)) { |
1328 | fprintf(stderr, "Error: input line too long\n"); | ||
1329 | continue; | ||
1330 | } | ||
1331 | #endif /* USE_LIBEDIT */ | ||
1270 | } | 1332 | } |
1271 | 1333 | ||
1272 | if (batchmode) /* Echo command */ | ||
1273 | printf("%s", cmd); | ||
1274 | |||
1275 | cp = strrchr(cmd, '\n'); | 1334 | cp = strrchr(cmd, '\n'); |
1276 | if (cp) | 1335 | if (cp) |
1277 | *cp = '\0'; | 1336 | *cp = '\0'; |
@@ -1420,6 +1479,7 @@ main(int argc, char **argv) | |||
1420 | fatal("%s (%s).", strerror(errno), optarg); | 1479 | fatal("%s (%s).", strerror(errno), optarg); |
1421 | showprogress = 0; | 1480 | showprogress = 0; |
1422 | batchmode = 1; | 1481 | batchmode = 1; |
1482 | addargs(&args, "-obatchmode yes"); | ||
1423 | break; | 1483 | break; |
1424 | case 'P': | 1484 | case 'P': |
1425 | sftp_direct = optarg; | 1485 | sftp_direct = optarg; |
@@ -4,7 +4,7 @@ NAME | |||
4 | ssh-add - adds RSA or DSA identities to the authentication agent | 4 | ssh-add - adds RSA or DSA identities to the authentication agent |
5 | 5 | ||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | ssh-add [-lLdDxXc] [-t life] [file ...] | 7 | ssh-add [-cDdLlXx] [-t life] [file ...] |
8 | ssh-add -s reader | 8 | ssh-add -s reader |
9 | ssh-add -e reader | 9 | ssh-add -e reader |
10 | 10 | ||
@@ -22,37 +22,37 @@ DESCRIPTION | |||
22 | 22 | ||
23 | The options are as follows: | 23 | The options are as follows: |
24 | 24 | ||
25 | -l Lists fingerprints of all identities currently represented by the | 25 | -c Indicates that added identities should be subject to confirmation |
26 | agent. | 26 | before being used for authentication. Confirmation is performed |
27 | by the SSH_ASKPASS program mentioned below. Successful confirma- | ||
28 | tion is signaled by a zero exit status from the SSH_ASKPASS pro- | ||
29 | gram, rather than text entered into the requester. | ||
27 | 30 | ||
28 | -L Lists public key parameters of all identities currently repre- | 31 | -D Deletes all identities from the agent. |
29 | sented by the agent. | ||
30 | 32 | ||
31 | -d Instead of adding the identity, removes the identity from the | 33 | -d Instead of adding the identity, removes the identity from the |
32 | agent. | 34 | agent. |
33 | 35 | ||
34 | -D Deletes all identities from the agent. | 36 | -e reader |
37 | Remove key in smartcard reader. | ||
35 | 38 | ||
36 | -x Lock the agent with a password. | 39 | -L Lists public key parameters of all identities currently repre- |
40 | sented by the agent. | ||
37 | 41 | ||
38 | -X Unlock the agent. | 42 | -l Lists fingerprints of all identities currently represented by the |
43 | agent. | ||
44 | |||
45 | -s reader | ||
46 | Add key in smartcard reader. | ||
39 | 47 | ||
40 | -t life | 48 | -t life |
41 | Set a maximum lifetime when adding identities to an agent. The | 49 | Set a maximum lifetime when adding identities to an agent. The |
42 | lifetime may be specified in seconds or in a time format speci- | 50 | lifetime may be specified in seconds or in a time format speci- |
43 | fied in sshd_config(5). | 51 | fied in sshd_config(5). |
44 | 52 | ||
45 | -c Indicates that added identities should be subject to confirmation | 53 | -X Unlock the agent. |
46 | before being used for authentication. Confirmation is performed | ||
47 | by the SSH_ASKPASS program mentioned below. Successful confirma- | ||
48 | tion is signaled by a zero exit status from the SSH_ASKPASS pro- | ||
49 | gram, rather than text entered into the requester. | ||
50 | |||
51 | -s reader | ||
52 | Add key in smartcard reader. | ||
53 | 54 | ||
54 | -e reader | 55 | -x Lock the agent with a password. |
55 | Remove key in smartcard reader. | ||
56 | 56 | ||
57 | ENVIRONMENT | 57 | ENVIRONMENT |
58 | DISPLAY and SSH_ASKPASS | 58 | DISPLAY and SSH_ASKPASS |
@@ -61,7 +61,7 @@ ENVIRONMENT | |||
61 | does not have a terminal associated with it but DISPLAY and | 61 | does not have a terminal associated with it but DISPLAY and |
62 | SSH_ASKPASS are set, it will execute the program specified by | 62 | SSH_ASKPASS are set, it will execute the program specified by |
63 | SSH_ASKPASS and open an X11 window to read the passphrase. This | 63 | SSH_ASKPASS and open an X11 window to read the passphrase. This |
64 | is particularly useful when calling ssh-add from a .Xsession or | 64 | is particularly useful when calling ssh-add from a .xsession or |
65 | related script. (Note that on some machines it may be necessary | 65 | related script. (Note that on some machines it may be necessary |
66 | to redirect the input from /dev/null to make this work.) | 66 | to redirect the input from /dev/null to make this work.) |
67 | 67 | ||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-add.1,v 1.40 2003/11/25 23:10:08 matthieu Exp $ | 1 | .\" $OpenBSD: ssh-add.1,v 1.42 2005/03/01 17:32:19 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" -*- nroff -*- | 3 | .\" -*- nroff -*- |
4 | .\" | 4 | .\" |
@@ -45,7 +45,7 @@ | |||
45 | .Nd adds RSA or DSA identities to the authentication agent | 45 | .Nd adds RSA or DSA identities to the authentication agent |
46 | .Sh SYNOPSIS | 46 | .Sh SYNOPSIS |
47 | .Nm ssh-add | 47 | .Nm ssh-add |
48 | .Op Fl lLdDxXc | 48 | .Op Fl cDdLlXx |
49 | .Op Fl t Ar life | 49 | .Op Fl t Ar life |
50 | .Op Ar | 50 | .Op Ar |
51 | .Nm ssh-add | 51 | .Nm ssh-add |
@@ -77,23 +77,6 @@ to work. | |||
77 | .Pp | 77 | .Pp |
78 | The options are as follows: | 78 | The options are as follows: |
79 | .Bl -tag -width Ds | 79 | .Bl -tag -width Ds |
80 | .It Fl l | ||
81 | Lists fingerprints of all identities currently represented by the agent. | ||
82 | .It Fl L | ||
83 | Lists public key parameters of all identities currently represented by the agent. | ||
84 | .It Fl d | ||
85 | Instead of adding the identity, removes the identity from the agent. | ||
86 | .It Fl D | ||
87 | Deletes all identities from the agent. | ||
88 | .It Fl x | ||
89 | Lock the agent with a password. | ||
90 | .It Fl X | ||
91 | Unlock the agent. | ||
92 | .It Fl t Ar life | ||
93 | Set a maximum lifetime when adding identities to an agent. | ||
94 | The lifetime may be specified in seconds or in a time format | ||
95 | specified in | ||
96 | .Xr sshd_config 5 . | ||
97 | .It Fl c | 80 | .It Fl c |
98 | Indicates that added identities should be subject to confirmation before | 81 | Indicates that added identities should be subject to confirmation before |
99 | being used for authentication. | 82 | being used for authentication. |
@@ -103,12 +86,30 @@ program mentioned below. | |||
103 | Successful confirmation is signaled by a zero exit status from the | 86 | Successful confirmation is signaled by a zero exit status from the |
104 | .Ev SSH_ASKPASS | 87 | .Ev SSH_ASKPASS |
105 | program, rather than text entered into the requester. | 88 | program, rather than text entered into the requester. |
106 | .It Fl s Ar reader | 89 | .It Fl D |
107 | Add key in smartcard | 90 | Deletes all identities from the agent. |
108 | .Ar reader . | 91 | .It Fl d |
92 | Instead of adding the identity, removes the identity from the agent. | ||
109 | .It Fl e Ar reader | 93 | .It Fl e Ar reader |
110 | Remove key in smartcard | 94 | Remove key in smartcard |
111 | .Ar reader . | 95 | .Ar reader . |
96 | .It Fl L | ||
97 | Lists public key parameters of all identities currently represented | ||
98 | by the agent. | ||
99 | .It Fl l | ||
100 | Lists fingerprints of all identities currently represented by the agent. | ||
101 | .It Fl s Ar reader | ||
102 | Add key in smartcard | ||
103 | .Ar reader . | ||
104 | .It Fl t Ar life | ||
105 | Set a maximum lifetime when adding identities to an agent. | ||
106 | The lifetime may be specified in seconds or in a time format | ||
107 | specified in | ||
108 | .Xr sshd_config 5 . | ||
109 | .It Fl X | ||
110 | Unlock the agent. | ||
111 | .It Fl x | ||
112 | Lock the agent with a password. | ||
112 | .El | 113 | .El |
113 | .Sh ENVIRONMENT | 114 | .Sh ENVIRONMENT |
114 | .Bl -tag -width Ds | 115 | .Bl -tag -width Ds |
@@ -129,7 +130,7 @@ and open an X11 window to read the passphrase. | |||
129 | This is particularly useful when calling | 130 | This is particularly useful when calling |
130 | .Nm | 131 | .Nm |
131 | from a | 132 | from a |
132 | .Pa .Xsession | 133 | .Pa .xsession |
133 | or related script. | 134 | or related script. |
134 | (Note that on some machines it | 135 | (Note that on some machines it |
135 | may be necessary to redirect the input from | 136 | may be necessary to redirect the input from |
diff --git a/ssh-agent.c b/ssh-agent.c index bc4d8d33a..dd7e22ad5 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -35,7 +35,7 @@ | |||
35 | 35 | ||
36 | #include "includes.h" | 36 | #include "includes.h" |
37 | #include "openbsd-compat/sys-queue.h" | 37 | #include "openbsd-compat/sys-queue.h" |
38 | RCSID("$OpenBSD: ssh-agent.c,v 1.120 2004/08/11 21:43:05 avsm Exp $"); | 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.122 2004/10/29 22:53:56 djm Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | #include <openssl/md5.h> | 41 | #include <openssl/md5.h> |
@@ -168,23 +168,15 @@ lookup_identity(Key *key, int version) | |||
168 | static int | 168 | static int |
169 | confirm_key(Identity *id) | 169 | confirm_key(Identity *id) |
170 | { | 170 | { |
171 | char *p, prompt[1024]; | 171 | char *p; |
172 | int ret = -1; | 172 | int ret = -1; |
173 | 173 | ||
174 | p = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX); | 174 | p = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX); |
175 | snprintf(prompt, sizeof(prompt), "Allow use of key %s?\n" | 175 | if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", |
176 | "Key fingerprint %s.", id->comment, p); | 176 | id->comment, p)) |
177 | ret = 0; | ||
177 | xfree(p); | 178 | xfree(p); |
178 | p = read_passphrase(prompt, RP_ALLOW_EOF); | 179 | |
179 | if (p != NULL) { | ||
180 | /* | ||
181 | * Accept empty responses and responses consisting | ||
182 | * of the word "yes" as affirmative. | ||
183 | */ | ||
184 | if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0) | ||
185 | ret = 0; | ||
186 | xfree(p); | ||
187 | } | ||
188 | return (ret); | 180 | return (ret); |
189 | } | 181 | } |
190 | 182 | ||
@@ -1010,9 +1002,7 @@ main(int ac, char **av) | |||
1010 | #ifdef HAVE_SETRLIMIT | 1002 | #ifdef HAVE_SETRLIMIT |
1011 | struct rlimit rlim; | 1003 | struct rlimit rlim; |
1012 | #endif | 1004 | #endif |
1013 | #ifdef HAVE_CYGWIN | ||
1014 | int prev_mask; | 1005 | int prev_mask; |
1015 | #endif | ||
1016 | extern int optind; | 1006 | extern int optind; |
1017 | extern char *optarg; | 1007 | extern char *optarg; |
1018 | pid_t pid; | 1008 | pid_t pid; |
@@ -1124,24 +1114,20 @@ main(int ac, char **av) | |||
1124 | sock = socket(AF_UNIX, SOCK_STREAM, 0); | 1114 | sock = socket(AF_UNIX, SOCK_STREAM, 0); |
1125 | if (sock < 0) { | 1115 | if (sock < 0) { |
1126 | perror("socket"); | 1116 | perror("socket"); |
1117 | *socket_name = '\0'; /* Don't unlink any existing file */ | ||
1127 | cleanup_exit(1); | 1118 | cleanup_exit(1); |
1128 | } | 1119 | } |
1129 | memset(&sunaddr, 0, sizeof(sunaddr)); | 1120 | memset(&sunaddr, 0, sizeof(sunaddr)); |
1130 | sunaddr.sun_family = AF_UNIX; | 1121 | sunaddr.sun_family = AF_UNIX; |
1131 | strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path)); | 1122 | strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path)); |
1132 | #ifdef HAVE_CYGWIN | ||
1133 | prev_mask = umask(0177); | 1123 | prev_mask = umask(0177); |
1134 | #endif | ||
1135 | if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) { | 1124 | if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) { |
1136 | perror("bind"); | 1125 | perror("bind"); |
1137 | #ifdef HAVE_CYGWIN | 1126 | *socket_name = '\0'; /* Don't unlink any existing file */ |
1138 | umask(prev_mask); | 1127 | umask(prev_mask); |
1139 | #endif | ||
1140 | cleanup_exit(1); | 1128 | cleanup_exit(1); |
1141 | } | 1129 | } |
1142 | #ifdef HAVE_CYGWIN | ||
1143 | umask(prev_mask); | 1130 | umask(prev_mask); |
1144 | #endif | ||
1145 | if (listen(sock, SSH_LISTEN_BACKLOG) < 0) { | 1131 | if (listen(sock, SSH_LISTEN_BACKLOG) < 0) { |
1146 | perror("listen"); | 1132 | perror("listen"); |
1147 | cleanup_exit(1); | 1133 | cleanup_exit(1); |
diff --git a/ssh-keygen.0 b/ssh-keygen.0 index 38e50b121..998b6f1e0 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 | |||
@@ -14,6 +14,9 @@ SYNOPSIS | |||
14 | ssh-keygen -l [-f input_keyfile] | 14 | ssh-keygen -l [-f input_keyfile] |
15 | ssh-keygen -B [-f input_keyfile] | 15 | ssh-keygen -B [-f input_keyfile] |
16 | ssh-keygen -D reader | 16 | ssh-keygen -D reader |
17 | ssh-keygen -F hostname [-f known_hosts_file] | ||
18 | ssh-keygen -H [-f known_hosts_file] | ||
19 | ssh-keygen -R hostname [-f known_hosts_file] | ||
17 | ssh-keygen -U reader [-f input_keyfile] | 20 | ssh-keygen -U reader [-f input_keyfile] |
18 | ssh-keygen -r hostname [-f input_keyfile] [-g] | 21 | ssh-keygen -r hostname [-f input_keyfile] [-g] |
19 | ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point] | 22 | ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point] |
@@ -67,27 +70,54 @@ DESCRIPTION | |||
67 | Specifies the number of primality tests to perform when screening | 70 | Specifies the number of primality tests to perform when screening |
68 | DH-GEX candidates using the -T command. | 71 | DH-GEX candidates using the -T command. |
69 | 72 | ||
73 | -B Show the bubblebabble digest of specified private or public key | ||
74 | file. | ||
75 | |||
70 | -b bits | 76 | -b bits |
71 | Specifies the number of bits in the key to create. Minimum is | 77 | Specifies the number of bits in the key to create. Minimum is |
72 | 512 bits. Generally, 1024 bits is considered sufficient. The | 78 | 512 bits. Generally, 1024 bits is considered sufficient. The |
73 | default is 1024 bits. | 79 | default is 1024 bits. |
74 | 80 | ||
81 | -C comment | ||
82 | Provides a new comment. | ||
83 | |||
75 | -c Requests changing the comment in the private and public key | 84 | -c Requests changing the comment in the private and public key |
76 | files. This operation is only supported for RSA1 keys. The pro- | 85 | files. This operation is only supported for RSA1 keys. The pro- |
77 | gram will prompt for the file containing the private keys, for | 86 | gram will prompt for the file containing the private keys, for |
78 | the passphrase if the key has one, and for the new comment. | 87 | the passphrase if the key has one, and for the new comment. |
79 | 88 | ||
89 | -D reader | ||
90 | Download the RSA public key stored in the smartcard in reader. | ||
91 | |||
80 | -e This option will read a private or public OpenSSH key file and | 92 | -e This option will read a private or public OpenSSH key file and |
81 | print the key in a `SECSH Public Key File Format' to stdout. | 93 | print the key in a `SECSH Public Key File Format' to stdout. |
82 | This option allows exporting keys for use by several commercial | 94 | This option allows exporting keys for use by several commercial |
83 | SSH implementations. | 95 | SSH implementations. |
84 | 96 | ||
85 | -g Use generic DNS format when printing fingerprint resource records | 97 | -F hostname |
86 | using the -r command. | 98 | Search for the specified hostname in a known_hosts file, listing |
99 | any occurrences found. This option is useful to find hashed host | ||
100 | names or addresses and may also be used in conjunction with the | ||
101 | -H option to print found keys in a hashed format. | ||
87 | 102 | ||
88 | -f filename | 103 | -f filename |
89 | Specifies the filename of the key file. | 104 | Specifies the filename of the key file. |
90 | 105 | ||
106 | -G output_file | ||
107 | Generate candidate primes for DH-GEX. These primes must be | ||
108 | screened for safety (using the -T option) before use. | ||
109 | |||
110 | -g Use generic DNS format when printing fingerprint resource records | ||
111 | using the -r command. | ||
112 | |||
113 | -H Hash a known_hosts file, printing the result to standard output. | ||
114 | This replaces all hostnames and addresses with hashed representa- | ||
115 | tions. These hashes may be used normally by ssh and sshd, but | ||
116 | they do not reveal identifying information should the file's con- | ||
117 | tents be disclosed. This option will not modify existing hashed | ||
118 | hostnames and is therefore safe to use on files that mix hashed | ||
119 | and non-hashed names. | ||
120 | |||
91 | -i This option will read an unencrypted private (or public) key file | 121 | -i This option will read an unencrypted private (or public) key file |
92 | in SSH2-compatible format and print an OpenSSH compatible private | 122 | in SSH2-compatible format and print an OpenSSH compatible private |
93 | (or public) key to stdout. ssh-keygen also reads the `SECSH | 123 | (or public) key to stdout. ssh-keygen also reads the `SECSH |
@@ -98,34 +128,6 @@ DESCRIPTION | |||
98 | are also supported. For RSA and DSA keys ssh-keygen tries to | 128 | are also supported. For RSA and DSA keys ssh-keygen tries to |
99 | find the matching public key file and prints its fingerprint. | 129 | find the matching public key file and prints its fingerprint. |
100 | 130 | ||
101 | -p Requests changing the passphrase of a private key file instead of | ||
102 | creating a new private key. The program will prompt for the file | ||
103 | containing the private key, for the old passphrase, and twice for | ||
104 | the new passphrase. | ||
105 | |||
106 | -q Silence ssh-keygen. Used by /etc/rc when creating a new key. | ||
107 | |||
108 | -y This option will read a private OpenSSH format file and print an | ||
109 | OpenSSH public key to stdout. | ||
110 | |||
111 | -t type | ||
112 | Specifies the type of the key to create. The possible values are | ||
113 | ``rsa1'' for protocol version 1 and ``rsa'' or ``dsa'' for proto- | ||
114 | col version 2. | ||
115 | |||
116 | -B Show the bubblebabble digest of specified private or public key | ||
117 | file. | ||
118 | |||
119 | -C comment | ||
120 | Provides the new comment. | ||
121 | |||
122 | -D reader | ||
123 | Download the RSA public key stored in the smartcard in reader. | ||
124 | |||
125 | -G output_file | ||
126 | Generate candidate primes for DH-GEX. These primes must be | ||
127 | screened for safety (using the -T option) before use. | ||
128 | |||
129 | -M memory | 131 | -M memory |
130 | Specify the amount of memory to use (in megabytes) when generat- | 132 | Specify the amount of memory to use (in megabytes) when generat- |
131 | ing candidate moduli for DH-GEX. | 133 | ing candidate moduli for DH-GEX. |
@@ -136,6 +138,22 @@ DESCRIPTION | |||
136 | -P passphrase | 138 | -P passphrase |
137 | Provides the (old) passphrase. | 139 | Provides the (old) passphrase. |
138 | 140 | ||
141 | -p Requests changing the passphrase of a private key file instead of | ||
142 | creating a new private key. The program will prompt for the file | ||
143 | containing the private key, for the old passphrase, and twice for | ||
144 | the new passphrase. | ||
145 | |||
146 | -q Silence ssh-keygen. Used by /etc/rc when creating a new key. | ||
147 | |||
148 | -R hostname | ||
149 | Removes all keys belonging to hostname from a known_hosts file. | ||
150 | This option is useful to delete hashed hosts (see the -H option | ||
151 | above). | ||
152 | |||
153 | -r hostname | ||
154 | Print the SSHFP fingerprint resource record named hostname for | ||
155 | the specified public key file. | ||
156 | |||
139 | -S start | 157 | -S start |
140 | Specify start point (in hex) when generating candidate moduli for | 158 | Specify start point (in hex) when generating candidate moduli for |
141 | DH-GEX. | 159 | DH-GEX. |
@@ -144,9 +162,10 @@ DESCRIPTION | |||
144 | Test DH group exchange candidate primes (generated using the -G | 162 | Test DH group exchange candidate primes (generated using the -G |
145 | option) for safety. | 163 | option) for safety. |
146 | 164 | ||
147 | -W generator | 165 | -t type |
148 | Specify desired generator when testing candidate moduli for DH- | 166 | Specifies the type of key to create. The possible values are |
149 | GEX. | 167 | ``rsa1'' for protocol version 1 and ``rsa'' or ``dsa'' for proto- |
168 | col version 2. | ||
150 | 169 | ||
151 | -U reader | 170 | -U reader |
152 | Upload an existing RSA private key into the smartcard in reader. | 171 | Upload an existing RSA private key into the smartcard in reader. |
@@ -156,9 +175,12 @@ DESCRIPTION | |||
156 | tion. Multiple -v options increase the verbosity. The maximum | 175 | tion. Multiple -v options increase the verbosity. The maximum |
157 | is 3. | 176 | is 3. |
158 | 177 | ||
159 | -r hostname | 178 | -W generator |
160 | Print the SSHFP fingerprint resource record named hostname for | 179 | Specify desired generator when testing candidate moduli for DH- |
161 | the specified public key file. | 180 | GEX. |
181 | |||
182 | -y This option will read a private OpenSSH format file and print an | ||
183 | OpenSSH public key to stdout. | ||
162 | 184 | ||
163 | MODULI GENERATION | 185 | MODULI GENERATION |
164 | ssh-keygen may be used to generate groups for the Diffie-Hellman Group | 186 | ssh-keygen may be used to generate groups for the Diffie-Hellman Group |
@@ -170,7 +192,7 @@ MODULI GENERATION | |||
170 | Generation of primes is performed using the -G option. The desired | 192 | Generation of primes is performed using the -G option. The desired |
171 | length of the primes may be specified by the -b option. For example: | 193 | length of the primes may be specified by the -b option. For example: |
172 | 194 | ||
173 | ssh-keygen -G moduli-2048.candidates -b 2048 | 195 | # ssh-keygen -G moduli-2048.candidates -b 2048 |
174 | 196 | ||
175 | By default, the search for primes begins at a random point in the desired | 197 | By default, the search for primes begins at a random point in the desired |
176 | length range. This may be overridden using the -S option, which speci- | 198 | length range. This may be overridden using the -S option, which speci- |
@@ -181,13 +203,13 @@ MODULI GENERATION | |||
181 | ssh-keygen will read candidates from standard input (or a file specified | 203 | ssh-keygen will read candidates from standard input (or a file specified |
182 | using the -f option). For example: | 204 | using the -f option). For example: |
183 | 205 | ||
184 | ssh-keygen -T moduli-2048 -f moduli-2048.candidates | 206 | # ssh-keygen -T moduli-2048 -f moduli-2048.candidates |
185 | 207 | ||
186 | By default, each candidate will be subjected to 100 primality tests. | 208 | By default, each candidate will be subjected to 100 primality tests. |
187 | This may be overridden using the -a option. The DH generator value will | 209 | This may be overridden using the -a option. The DH generator value will |
188 | be chosen automatically for the prime under consideration. If a specific | 210 | be chosen automatically for the prime under consideration. If a specific |
189 | generator is desired, it may be requested using the -W option. Valid | 211 | generator is desired, it may be requested using the -W option. Valid |
190 | generator values are 2, 3 and 5. | 212 | generator values are 2, 3, and 5. |
191 | 213 | ||
192 | Screened DH groups may be installed in /etc/moduli. It is important that | 214 | Screened DH groups may be installed in /etc/moduli. It is important that |
193 | this file contains moduli of a range of bit lengths and that both ends of | 215 | this file contains moduli of a range of bit lengths and that both ends of |
@@ -259,4 +281,4 @@ AUTHORS | |||
259 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 281 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
260 | versions 1.5 and 2.0. | 282 | versions 1.5 and 2.0. |
261 | 283 | ||
262 | OpenBSD 3.6 September 25, 1999 4 | 284 | OpenBSD 3.6 September 25, 1999 5 |
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index c0f24dcd0..3987b1e66 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.63 2004/08/13 00:01:43 jmc Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.66 2005/03/01 18:15:56 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" -*- nroff -*- | 3 | .\" -*- nroff -*- |
4 | .\" | 4 | .\" |
@@ -81,6 +81,15 @@ | |||
81 | .Nm ssh-keygen | 81 | .Nm ssh-keygen |
82 | .Fl D Ar reader | 82 | .Fl D Ar reader |
83 | .Nm ssh-keygen | 83 | .Nm ssh-keygen |
84 | .Fl F Ar hostname | ||
85 | .Op Fl f Ar known_hosts_file | ||
86 | .Nm ssh-keygen | ||
87 | .Fl H | ||
88 | .Op Fl f Ar known_hosts_file | ||
89 | .Nm ssh-keygen | ||
90 | .Fl R Ar hostname | ||
91 | .Op Fl f Ar known_hosts_file | ||
92 | .Nm ssh-keygen | ||
84 | .Fl U Ar reader | 93 | .Fl U Ar reader |
85 | .Op Fl f Ar input_keyfile | 94 | .Op Fl f Ar input_keyfile |
86 | .Nm ssh-keygen | 95 | .Nm ssh-keygen |
@@ -174,16 +183,23 @@ Specifies the number of primality tests to perform when screening DH-GEX | |||
174 | candidates using the | 183 | candidates using the |
175 | .Fl T | 184 | .Fl T |
176 | command. | 185 | command. |
186 | .It Fl B | ||
187 | Show the bubblebabble digest of specified private or public key file. | ||
177 | .It Fl b Ar bits | 188 | .It Fl b Ar bits |
178 | Specifies the number of bits in the key to create. | 189 | Specifies the number of bits in the key to create. |
179 | Minimum is 512 bits. | 190 | Minimum is 512 bits. |
180 | Generally, 1024 bits is considered sufficient. | 191 | Generally, 1024 bits is considered sufficient. |
181 | The default is 1024 bits. | 192 | The default is 1024 bits. |
193 | .It Fl C Ar comment | ||
194 | Provides a new comment. | ||
182 | .It Fl c | 195 | .It Fl c |
183 | Requests changing the comment in the private and public key files. | 196 | Requests changing the comment in the private and public key files. |
184 | This operation is only supported for RSA1 keys. | 197 | This operation is only supported for RSA1 keys. |
185 | The program will prompt for the file containing the private keys, for | 198 | The program will prompt for the file containing the private keys, for |
186 | the passphrase if the key has one, and for the new comment. | 199 | the passphrase if the key has one, and for the new comment. |
200 | .It Fl D Ar reader | ||
201 | Download the RSA public key stored in the smartcard in | ||
202 | .Ar reader . | ||
187 | .It Fl e | 203 | .It Fl e |
188 | This option will read a private or public OpenSSH key file and | 204 | This option will read a private or public OpenSSH key file and |
189 | print the key in a | 205 | print the key in a |
@@ -191,12 +207,41 @@ print the key in a | |||
191 | to stdout. | 207 | to stdout. |
192 | This option allows exporting keys for use by several commercial | 208 | This option allows exporting keys for use by several commercial |
193 | SSH implementations. | 209 | SSH implementations. |
210 | .It Fl F Ar hostname | ||
211 | Search for the specified | ||
212 | .Ar hostname | ||
213 | in a | ||
214 | .Pa known_hosts | ||
215 | file, listing any occurrences found. | ||
216 | This option is useful to find hashed host names or addresses and may also be | ||
217 | used in conjunction with the | ||
218 | .Fl H | ||
219 | option to print found keys in a hashed format. | ||
220 | .It Fl f Ar filename | ||
221 | Specifies the filename of the key file. | ||
222 | .It Fl G Ar output_file | ||
223 | Generate candidate primes for DH-GEX. | ||
224 | These primes must be screened for | ||
225 | safety (using the | ||
226 | .Fl T | ||
227 | option) before use. | ||
194 | .It Fl g | 228 | .It Fl g |
195 | Use generic DNS format when printing fingerprint resource records using the | 229 | Use generic DNS format when printing fingerprint resource records using the |
196 | .Fl r | 230 | .Fl r |
197 | command. | 231 | command. |
198 | .It Fl f Ar filename | 232 | .It Fl H |
199 | Specifies the filename of the key file. | 233 | Hash a |
234 | .Pa known_hosts | ||
235 | file, printing the result to standard output. | ||
236 | This replaces all hostnames and addresses with hashed representations. | ||
237 | These hashes may be used normally by | ||
238 | .Nm ssh | ||
239 | and | ||
240 | .Nm sshd , | ||
241 | but they do not reveal identifying information should the file's contents | ||
242 | be disclosed. | ||
243 | This option will not modify existing hashed hostnames and is therefore safe | ||
244 | to use on files that mix hashed and non-hashed names. | ||
200 | .It Fl i | 245 | .It Fl i |
201 | This option will read an unencrypted private (or public) key file | 246 | This option will read an unencrypted private (or public) key file |
202 | in SSH2-compatible format and print an OpenSSH compatible private | 247 | in SSH2-compatible format and print an OpenSSH compatible private |
@@ -212,6 +257,13 @@ Private RSA1 keys are also supported. | |||
212 | For RSA and DSA keys | 257 | For RSA and DSA keys |
213 | .Nm | 258 | .Nm |
214 | tries to find the matching public key file and prints its fingerprint. | 259 | tries to find the matching public key file and prints its fingerprint. |
260 | .It Fl M Ar memory | ||
261 | Specify the amount of memory to use (in megabytes) when generating | ||
262 | candidate moduli for DH-GEX. | ||
263 | .It Fl N Ar new_passphrase | ||
264 | Provides the new passphrase. | ||
265 | .It Fl P Ar passphrase | ||
266 | Provides the (old) passphrase. | ||
215 | .It Fl p | 267 | .It Fl p |
216 | Requests changing the passphrase of a private key file instead of | 268 | Requests changing the passphrase of a private key file instead of |
217 | creating a new private key. | 269 | creating a new private key. |
@@ -224,11 +276,27 @@ Silence | |||
224 | Used by | 276 | Used by |
225 | .Pa /etc/rc | 277 | .Pa /etc/rc |
226 | when creating a new key. | 278 | when creating a new key. |
227 | .It Fl y | 279 | .It Fl R Ar hostname |
228 | This option will read a private | 280 | Removes all keys belonging to |
229 | OpenSSH format file and print an OpenSSH public key to stdout. | 281 | .Ar hostname |
282 | from a | ||
283 | .Pa known_hosts | ||
284 | file. | ||
285 | This option is useful to delete hashed hosts (see the | ||
286 | .Fl H | ||
287 | option above). | ||
288 | .It Fl r Ar hostname | ||
289 | Print the SSHFP fingerprint resource record named | ||
290 | .Ar hostname | ||
291 | for the specified public key file. | ||
292 | .It Fl S Ar start | ||
293 | Specify start point (in hex) when generating candidate moduli for DH-GEX. | ||
294 | .It Fl T Ar output_file | ||
295 | Test DH group exchange candidate primes (generated using the | ||
296 | .Fl G | ||
297 | option) for safety. | ||
230 | .It Fl t Ar type | 298 | .It Fl t Ar type |
231 | Specifies the type of the key to create. | 299 | Specifies the type of key to create. |
232 | The possible values are | 300 | The possible values are |
233 | .Dq rsa1 | 301 | .Dq rsa1 |
234 | for protocol version 1 and | 302 | for protocol version 1 and |
@@ -236,34 +304,6 @@ for protocol version 1 and | |||
236 | or | 304 | or |
237 | .Dq dsa | 305 | .Dq dsa |
238 | for protocol version 2. | 306 | for protocol version 2. |
239 | .It Fl B | ||
240 | Show the bubblebabble digest of specified private or public key file. | ||
241 | .It Fl C Ar comment | ||
242 | Provides the new comment. | ||
243 | .It Fl D Ar reader | ||
244 | Download the RSA public key stored in the smartcard in | ||
245 | .Ar reader . | ||
246 | .It Fl G Ar output_file | ||
247 | Generate candidate primes for DH-GEX. | ||
248 | These primes must be screened for | ||
249 | safety (using the | ||
250 | .Fl T | ||
251 | option) before use. | ||
252 | .It Fl M Ar memory | ||
253 | Specify the amount of memory to use (in megabytes) when generating | ||
254 | candidate moduli for DH-GEX. | ||
255 | .It Fl N Ar new_passphrase | ||
256 | Provides the new passphrase. | ||
257 | .It Fl P Ar passphrase | ||
258 | Provides the (old) passphrase. | ||
259 | .It Fl S Ar start | ||
260 | Specify start point (in hex) when generating candidate moduli for DH-GEX. | ||
261 | .It Fl T Ar output_file | ||
262 | Test DH group exchange candidate primes (generated using the | ||
263 | .Fl G | ||
264 | option) for safety. | ||
265 | .It Fl W Ar generator | ||
266 | Specify desired generator when testing candidate moduli for DH-GEX. | ||
267 | .It Fl U Ar reader | 307 | .It Fl U Ar reader |
268 | Upload an existing RSA private key into the smartcard in | 308 | Upload an existing RSA private key into the smartcard in |
269 | .Ar reader . | 309 | .Ar reader . |
@@ -277,10 +317,11 @@ Multiple | |||
277 | .Fl v | 317 | .Fl v |
278 | options increase the verbosity. | 318 | options increase the verbosity. |
279 | The maximum is 3. | 319 | The maximum is 3. |
280 | .It Fl r Ar hostname | 320 | .It Fl W Ar generator |
281 | Print the SSHFP fingerprint resource record named | 321 | Specify desired generator when testing candidate moduli for DH-GEX. |
282 | .Ar hostname | 322 | .It Fl y |
283 | for the specified public key file. | 323 | This option will read a private |
324 | OpenSSH format file and print an OpenSSH public key to stdout. | ||
284 | .El | 325 | .El |
285 | .Sh MODULI GENERATION | 326 | .Sh MODULI GENERATION |
286 | .Nm | 327 | .Nm |
@@ -299,7 +340,7 @@ The desired length of the primes may be specified by the | |||
299 | option. | 340 | option. |
300 | For example: | 341 | For example: |
301 | .Pp | 342 | .Pp |
302 | .Dl ssh-keygen -G moduli-2048.candidates -b 2048 | 343 | .Dl # ssh-keygen -G moduli-2048.candidates -b 2048 |
303 | .Pp | 344 | .Pp |
304 | By default, the search for primes begins at a random point in the | 345 | By default, the search for primes begins at a random point in the |
305 | desired length range. | 346 | desired length range. |
@@ -319,7 +360,7 @@ will read candidates from standard input (or a file specified using the | |||
319 | option). | 360 | option). |
320 | For example: | 361 | For example: |
321 | .Pp | 362 | .Pp |
322 | .Dl ssh-keygen -T moduli-2048 -f moduli-2048.candidates | 363 | .Dl # ssh-keygen -T moduli-2048 -f moduli-2048.candidates |
323 | .Pp | 364 | .Pp |
324 | By default, each candidate will be subjected to 100 primality tests. | 365 | By default, each candidate will be subjected to 100 primality tests. |
325 | This may be overridden using the | 366 | This may be overridden using the |
@@ -330,7 +371,7 @@ prime under consideration. | |||
330 | If a specific generator is desired, it may be requested using the | 371 | If a specific generator is desired, it may be requested using the |
331 | .Fl W | 372 | .Fl W |
332 | option. | 373 | option. |
333 | Valid generator values are 2, 3 and 5. | 374 | Valid generator values are 2, 3, and 5. |
334 | .Pp | 375 | .Pp |
335 | Screened DH groups may be installed in | 376 | Screened DH groups may be installed in |
336 | .Pa /etc/moduli . | 377 | .Pa /etc/moduli . |
diff --git a/ssh-keygen.c b/ssh-keygen.c index d39e7d881..a9931d4d8 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.117 2004/07/11 17:48:47 deraadt Exp $"); | 15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.120 2005/03/02 01:27:41 djm Exp $"); |
16 | 16 | ||
17 | #include <openssl/evp.h> | 17 | #include <openssl/evp.h> |
18 | #include <openssl/pem.h> | 18 | #include <openssl/pem.h> |
@@ -27,6 +27,8 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.117 2004/07/11 17:48:47 deraadt Exp $"); | |||
27 | #include "pathnames.h" | 27 | #include "pathnames.h" |
28 | #include "log.h" | 28 | #include "log.h" |
29 | #include "misc.h" | 29 | #include "misc.h" |
30 | #include "match.h" | ||
31 | #include "hostfile.h" | ||
30 | 32 | ||
31 | #ifdef SMARTCARD | 33 | #ifdef SMARTCARD |
32 | #include "scard.h" | 34 | #include "scard.h" |
@@ -50,6 +52,13 @@ int change_comment = 0; | |||
50 | 52 | ||
51 | int quiet = 0; | 53 | int quiet = 0; |
52 | 54 | ||
55 | /* Flag indicating that we want to hash a known_hosts file */ | ||
56 | int hash_hosts = 0; | ||
57 | /* Flag indicating that we want lookup a host in known_hosts file */ | ||
58 | int find_host = 0; | ||
59 | /* Flag indicating that we want to delete a host from a known_hosts file */ | ||
60 | int delete_host = 0; | ||
61 | |||
53 | /* Flag indicating that we just want to see the key fingerprint */ | 62 | /* Flag indicating that we just want to see the key fingerprint */ |
54 | int print_fingerprint = 0; | 63 | int print_fingerprint = 0; |
55 | int print_bubblebabble = 0; | 64 | int print_bubblebabble = 0; |
@@ -239,6 +248,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) | |||
239 | } else if (strstr(type, "rsa")) { | 248 | } else if (strstr(type, "rsa")) { |
240 | ktype = KEY_RSA; | 249 | ktype = KEY_RSA; |
241 | } else { | 250 | } else { |
251 | buffer_free(&b); | ||
242 | xfree(type); | 252 | xfree(type); |
243 | return NULL; | 253 | return NULL; |
244 | } | 254 | } |
@@ -540,6 +550,201 @@ do_fingerprint(struct passwd *pw) | |||
540 | exit(0); | 550 | exit(0); |
541 | } | 551 | } |
542 | 552 | ||
553 | static void | ||
554 | print_host(FILE *f, char *name, Key *public, int hash) | ||
555 | { | ||
556 | if (hash && (name = host_hash(name, NULL, 0)) == NULL) | ||
557 | fatal("hash_host failed"); | ||
558 | fprintf(f, "%s ", name); | ||
559 | if (!key_write(public, f)) | ||
560 | fatal("key_write failed"); | ||
561 | fprintf(f, "\n"); | ||
562 | } | ||
563 | |||
564 | static void | ||
565 | do_known_hosts(struct passwd *pw, const char *name) | ||
566 | { | ||
567 | FILE *in, *out = stdout; | ||
568 | Key *public; | ||
569 | char *cp, *cp2, *kp, *kp2; | ||
570 | char line[16*1024], tmp[MAXPATHLEN], old[MAXPATHLEN]; | ||
571 | int c, i, skip = 0, inplace = 0, num = 0, invalid = 0, has_unhashed = 0; | ||
572 | |||
573 | if (!have_identity) { | ||
574 | cp = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE, pw->pw_uid); | ||
575 | if (strlcpy(identity_file, cp, sizeof(identity_file)) >= | ||
576 | sizeof(identity_file)) | ||
577 | fatal("Specified known hosts path too long"); | ||
578 | xfree(cp); | ||
579 | have_identity = 1; | ||
580 | } | ||
581 | if ((in = fopen(identity_file, "r")) == NULL) | ||
582 | fatal("fopen: %s", strerror(errno)); | ||
583 | |||
584 | /* | ||
585 | * Find hosts goes to stdout, hash and deletions happen in-place | ||
586 | * A corner case is ssh-keygen -HF foo, which should go to stdout | ||
587 | */ | ||
588 | if (!find_host && (hash_hosts || delete_host)) { | ||
589 | if (strlcpy(tmp, identity_file, sizeof(tmp)) >= sizeof(tmp) || | ||
590 | strlcat(tmp, ".XXXXXXXXXX", sizeof(tmp)) >= sizeof(tmp) || | ||
591 | strlcpy(old, identity_file, sizeof(old)) >= sizeof(old) || | ||
592 | strlcat(old, ".old", sizeof(old)) >= sizeof(old)) | ||
593 | fatal("known_hosts path too long"); | ||
594 | umask(077); | ||
595 | if ((c = mkstemp(tmp)) == -1) | ||
596 | fatal("mkstemp: %s", strerror(errno)); | ||
597 | if ((out = fdopen(c, "w")) == NULL) { | ||
598 | c = errno; | ||
599 | unlink(tmp); | ||
600 | fatal("fdopen: %s", strerror(c)); | ||
601 | } | ||
602 | inplace = 1; | ||
603 | } | ||
604 | |||
605 | while (fgets(line, sizeof(line), in)) { | ||
606 | num++; | ||
607 | i = strlen(line) - 1; | ||
608 | if (line[i] != '\n') { | ||
609 | error("line %d too long: %.40s...", num, line); | ||
610 | skip = 1; | ||
611 | invalid = 1; | ||
612 | continue; | ||
613 | } | ||
614 | if (skip) { | ||
615 | skip = 0; | ||
616 | continue; | ||
617 | } | ||
618 | line[i] = '\0'; | ||
619 | |||
620 | /* Skip leading whitespace, empty and comment lines. */ | ||
621 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) | ||
622 | ; | ||
623 | if (!*cp || *cp == '\n' || *cp == '#') { | ||
624 | if (inplace) | ||
625 | fprintf(out, "%s\n", cp); | ||
626 | continue; | ||
627 | } | ||
628 | /* Find the end of the host name portion. */ | ||
629 | for (kp = cp; *kp && *kp != ' ' && *kp != '\t'; kp++) | ||
630 | ; | ||
631 | if (*kp == '\0' || *(kp + 1) == '\0') { | ||
632 | error("line %d missing key: %.40s...", | ||
633 | num, line); | ||
634 | invalid = 1; | ||
635 | continue; | ||
636 | } | ||
637 | *kp++ = '\0'; | ||
638 | kp2 = kp; | ||
639 | |||
640 | public = key_new(KEY_RSA1); | ||
641 | if (key_read(public, &kp) != 1) { | ||
642 | kp = kp2; | ||
643 | key_free(public); | ||
644 | public = key_new(KEY_UNSPEC); | ||
645 | if (key_read(public, &kp) != 1) { | ||
646 | error("line %d invalid key: %.40s...", | ||
647 | num, line); | ||
648 | key_free(public); | ||
649 | invalid = 1; | ||
650 | continue; | ||
651 | } | ||
652 | } | ||
653 | |||
654 | if (*cp == HASH_DELIM) { | ||
655 | if (find_host || delete_host) { | ||
656 | cp2 = host_hash(name, cp, strlen(cp)); | ||
657 | if (cp2 == NULL) { | ||
658 | error("line %d: invalid hashed " | ||
659 | "name: %.64s...", num, line); | ||
660 | invalid = 1; | ||
661 | continue; | ||
662 | } | ||
663 | c = (strcmp(cp2, cp) == 0); | ||
664 | if (find_host && c) { | ||
665 | printf("# Host %s found: " | ||
666 | "line %d type %s\n", name, | ||
667 | num, key_type(public)); | ||
668 | print_host(out, cp, public, 0); | ||
669 | } | ||
670 | if (delete_host && !c) | ||
671 | print_host(out, cp, public, 0); | ||
672 | } else if (hash_hosts) | ||
673 | print_host(out, cp, public, 0); | ||
674 | } else { | ||
675 | if (find_host || delete_host) { | ||
676 | c = (match_hostname(name, cp, | ||
677 | strlen(cp)) == 1); | ||
678 | if (find_host && c) { | ||
679 | printf("# Host %s found: " | ||
680 | "line %d type %s\n", name, | ||
681 | num, key_type(public)); | ||
682 | print_host(out, cp, public, hash_hosts); | ||
683 | } | ||
684 | if (delete_host && !c) | ||
685 | print_host(out, cp, public, 0); | ||
686 | } else if (hash_hosts) { | ||
687 | for(cp2 = strsep(&cp, ","); | ||
688 | cp2 != NULL && *cp2 != '\0'; | ||
689 | cp2 = strsep(&cp, ",")) { | ||
690 | if (strcspn(cp2, "*?!") != strlen(cp2)) | ||
691 | fprintf(stderr, "Warning: " | ||
692 | "ignoring host name with " | ||
693 | "metacharacters: %.64s\n", | ||
694 | cp2); | ||
695 | else | ||
696 | print_host(out, cp2, public, 1); | ||
697 | } | ||
698 | has_unhashed = 1; | ||
699 | } | ||
700 | } | ||
701 | key_free(public); | ||
702 | } | ||
703 | fclose(in); | ||
704 | |||
705 | if (invalid) { | ||
706 | fprintf(stderr, "%s is not a valid known_host file.\n", | ||
707 | identity_file); | ||
708 | if (inplace) { | ||
709 | fprintf(stderr, "Not replacing existing known_hosts " | ||
710 | "file beacuse of errors"); | ||
711 | fclose(out); | ||
712 | unlink(tmp); | ||
713 | } | ||
714 | exit(1); | ||
715 | } | ||
716 | |||
717 | if (inplace) { | ||
718 | fclose(out); | ||
719 | |||
720 | /* Backup existing file */ | ||
721 | if (unlink(old) == -1 && errno != ENOENT) | ||
722 | fatal("unlink %.100s: %s", old, strerror(errno)); | ||
723 | if (link(identity_file, old) == -1) | ||
724 | fatal("link %.100s to %.100s: %s", identity_file, old, | ||
725 | strerror(errno)); | ||
726 | /* Move new one into place */ | ||
727 | if (rename(tmp, identity_file) == -1) { | ||
728 | error("rename\"%s\" to \"%s\": %s", tmp, identity_file, | ||
729 | strerror(errno)); | ||
730 | unlink(tmp); | ||
731 | unlink(old); | ||
732 | exit(1); | ||
733 | } | ||
734 | |||
735 | fprintf(stderr, "%s updated.\n", identity_file); | ||
736 | fprintf(stderr, "Original contents retained as %s\n", old); | ||
737 | if (has_unhashed) { | ||
738 | fprintf(stderr, "WARNING: %s contains unhashed " | ||
739 | "entries\n", old); | ||
740 | fprintf(stderr, "Delete this file to ensure privacy " | ||
741 | "of hostnames\n"); | ||
742 | } | ||
743 | } | ||
744 | |||
745 | exit(0); | ||
746 | } | ||
747 | |||
543 | /* | 748 | /* |
544 | * Perform changing a passphrase. The argument is the passwd structure | 749 | * Perform changing a passphrase. The argument is the passwd structure |
545 | * for the current user. | 750 | * for the current user. |
@@ -766,6 +971,8 @@ usage(void) | |||
766 | fprintf(stderr, " -y Read private key file and print public key.\n"); | 971 | fprintf(stderr, " -y Read private key file and print public key.\n"); |
767 | fprintf(stderr, " -t type Specify type of key to create.\n"); | 972 | fprintf(stderr, " -t type Specify type of key to create.\n"); |
768 | fprintf(stderr, " -B Show bubblebabble digest of key file.\n"); | 973 | fprintf(stderr, " -B Show bubblebabble digest of key file.\n"); |
974 | fprintf(stderr, " -H Hash names in known_hosts file\n"); | ||
975 | fprintf(stderr, " -F hostname Find hostname in known hosts file\n"); | ||
769 | fprintf(stderr, " -C comment Provide new comment.\n"); | 976 | fprintf(stderr, " -C comment Provide new comment.\n"); |
770 | fprintf(stderr, " -N phrase Provide new passphrase.\n"); | 977 | fprintf(stderr, " -N phrase Provide new passphrase.\n"); |
771 | fprintf(stderr, " -P phrase Provide old passphrase.\n"); | 978 | fprintf(stderr, " -P phrase Provide old passphrase.\n"); |
@@ -789,7 +996,7 @@ main(int ac, char **av) | |||
789 | { | 996 | { |
790 | char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; | 997 | char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; |
791 | char out_file[MAXPATHLEN], *reader_id = NULL; | 998 | char out_file[MAXPATHLEN], *reader_id = NULL; |
792 | char *resource_record_hostname = NULL; | 999 | char *rr_hostname = NULL; |
793 | Key *private, *public; | 1000 | Key *private, *public; |
794 | struct passwd *pw; | 1001 | struct passwd *pw; |
795 | struct stat st; | 1002 | struct stat st; |
@@ -823,7 +1030,7 @@ main(int ac, char **av) | |||
823 | } | 1030 | } |
824 | 1031 | ||
825 | while ((opt = getopt(ac, av, | 1032 | while ((opt = getopt(ac, av, |
826 | "degiqpclBRvxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) { | 1033 | "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) { |
827 | switch (opt) { | 1034 | switch (opt) { |
828 | case 'b': | 1035 | case 'b': |
829 | bits = atoi(optarg); | 1036 | bits = atoi(optarg); |
@@ -832,6 +1039,17 @@ main(int ac, char **av) | |||
832 | exit(1); | 1039 | exit(1); |
833 | } | 1040 | } |
834 | break; | 1041 | break; |
1042 | case 'F': | ||
1043 | find_host = 1; | ||
1044 | rr_hostname = optarg; | ||
1045 | break; | ||
1046 | case 'H': | ||
1047 | hash_hosts = 1; | ||
1048 | break; | ||
1049 | case 'R': | ||
1050 | delete_host = 1; | ||
1051 | rr_hostname = optarg; | ||
1052 | break; | ||
835 | case 'l': | 1053 | case 'l': |
836 | print_fingerprint = 1; | 1054 | print_fingerprint = 1; |
837 | break; | 1055 | break; |
@@ -863,10 +1081,6 @@ main(int ac, char **av) | |||
863 | case 'q': | 1081 | case 'q': |
864 | quiet = 1; | 1082 | quiet = 1; |
865 | break; | 1083 | break; |
866 | case 'R': | ||
867 | /* unused */ | ||
868 | exit(0); | ||
869 | break; | ||
870 | case 'e': | 1084 | case 'e': |
871 | case 'x': | 1085 | case 'x': |
872 | /* export key */ | 1086 | /* export key */ |
@@ -901,7 +1115,7 @@ main(int ac, char **av) | |||
901 | } | 1115 | } |
902 | break; | 1116 | break; |
903 | case 'r': | 1117 | case 'r': |
904 | resource_record_hostname = optarg; | 1118 | rr_hostname = optarg; |
905 | break; | 1119 | break; |
906 | case 'W': | 1120 | case 'W': |
907 | generator_wanted = atoi(optarg); | 1121 | generator_wanted = atoi(optarg); |
@@ -944,6 +1158,8 @@ main(int ac, char **av) | |||
944 | printf("Can only have one of -p and -c.\n"); | 1158 | printf("Can only have one of -p and -c.\n"); |
945 | usage(); | 1159 | usage(); |
946 | } | 1160 | } |
1161 | if (delete_host || hash_hosts || find_host) | ||
1162 | do_known_hosts(pw, rr_hostname); | ||
947 | if (print_fingerprint || print_bubblebabble) | 1163 | if (print_fingerprint || print_bubblebabble) |
948 | do_fingerprint(pw); | 1164 | do_fingerprint(pw); |
949 | if (change_passphrase) | 1165 | if (change_passphrase) |
@@ -956,8 +1172,8 @@ main(int ac, char **av) | |||
956 | do_convert_from_ssh2(pw); | 1172 | do_convert_from_ssh2(pw); |
957 | if (print_public) | 1173 | if (print_public) |
958 | do_print_public(pw); | 1174 | do_print_public(pw); |
959 | if (resource_record_hostname != NULL) { | 1175 | if (rr_hostname != NULL) { |
960 | do_print_resource_record(pw, resource_record_hostname); | 1176 | do_print_resource_record(pw, rr_hostname); |
961 | } | 1177 | } |
962 | if (reader_id != NULL) { | 1178 | if (reader_id != NULL) { |
963 | #ifdef SMARTCARD | 1179 | #ifdef SMARTCARD |
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0 index a218fbf2b..4bbfd1483 100644 --- a/ssh-keyscan.0 +++ b/ssh-keyscan.0 | |||
@@ -4,7 +4,7 @@ NAME | |||
4 | ssh-keyscan - gather ssh public keys | 4 | ssh-keyscan - gather ssh public keys |
5 | 5 | ||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | ssh-keyscan [-v46] [-p port] [-T timeout] [-t type] [-f file] | 7 | ssh-keyscan [-46Hv] [-f file] [-p port] [-T timeout] [-t type] |
8 | [host | addrlist namelist] [...] | 8 | [host | addrlist namelist] [...] |
9 | 9 | ||
10 | DESCRIPTION | 10 | DESCRIPTION |
@@ -22,6 +22,19 @@ DESCRIPTION | |||
22 | 22 | ||
23 | The options are as follows: | 23 | The options are as follows: |
24 | 24 | ||
25 | -4 Forces ssh-keyscan to use IPv4 addresses only. | ||
26 | |||
27 | -6 Forces ssh-keyscan to use IPv6 addresses only. | ||
28 | |||
29 | -f file | ||
30 | Read hosts or addrlist namelist pairs from this file, one per | ||
31 | line. If - is supplied instead of a filename, ssh-keyscan will | ||
32 | read hosts or addrlist namelist pairs from the standard input. | ||
33 | |||
34 | -H Hash all hostnames and addresses in the output. Hashed names may | ||
35 | be used normally by ssh and sshd, but they do not reveal identi- | ||
36 | fying information should the file's contents be disclosed. | ||
37 | |||
25 | -p port | 38 | -p port |
26 | Port to connect to on the remote host. | 39 | Port to connect to on the remote host. |
27 | 40 | ||
@@ -39,18 +52,9 @@ DESCRIPTION | |||
39 | be specified by separating them with commas. The default is | 52 | be specified by separating them with commas. The default is |
40 | ``rsa1''. | 53 | ``rsa1''. |
41 | 54 | ||
42 | -f filename | ||
43 | Read hosts or addrlist namelist pairs from this file, one per | ||
44 | line. If - is supplied instead of a filename, ssh-keyscan will | ||
45 | read hosts or addrlist namelist pairs from the standard input. | ||
46 | |||
47 | -v Verbose mode. Causes ssh-keyscan to print debugging messages | 55 | -v Verbose mode. Causes ssh-keyscan to print debugging messages |
48 | about its progress. | 56 | about its progress. |
49 | 57 | ||
50 | -4 Forces ssh-keyscan to use IPv4 addresses only. | ||
51 | |||
52 | -6 Forces ssh-keyscan to use IPv6 addresses only. | ||
53 | |||
54 | SECURITY | 58 | SECURITY |
55 | If a ssh_known_hosts file is constructed using ssh-keyscan without veri- | 59 | If a ssh_known_hosts file is constructed using ssh-keyscan without veri- |
56 | fying the keys, users will be vulnerable to man in the middle attacks. | 60 | fying the keys, users will be vulnerable to man in the middle attacks. |
diff --git a/ssh-keyscan.1 b/ssh-keyscan.1 index 9efcf5213..7e846f77c 100644 --- a/ssh-keyscan.1 +++ b/ssh-keyscan.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keyscan.1,v 1.18 2004/07/12 23:34:25 brad Exp $ | 1 | .\" $OpenBSD: ssh-keyscan.1,v 1.20 2005/03/01 15:47:14 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | .\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
4 | .\" | 4 | .\" |
@@ -15,11 +15,11 @@ | |||
15 | .Sh SYNOPSIS | 15 | .Sh SYNOPSIS |
16 | .Nm ssh-keyscan | 16 | .Nm ssh-keyscan |
17 | .Bk -words | 17 | .Bk -words |
18 | .Op Fl v46 | 18 | .Op Fl 46Hv |
19 | .Op Fl f Ar file | ||
19 | .Op Fl p Ar port | 20 | .Op Fl p Ar port |
20 | .Op Fl T Ar timeout | 21 | .Op Fl T Ar timeout |
21 | .Op Fl t Ar type | 22 | .Op Fl t Ar type |
22 | .Op Fl f Ar file | ||
23 | .Op Ar host | addrlist namelist | 23 | .Op Ar host | addrlist namelist |
24 | .Op Ar ... | 24 | .Op Ar ... |
25 | .Ek | 25 | .Ek |
@@ -46,6 +46,33 @@ scanning process involve any encryption. | |||
46 | .Pp | 46 | .Pp |
47 | The options are as follows: | 47 | The options are as follows: |
48 | .Bl -tag -width Ds | 48 | .Bl -tag -width Ds |
49 | .It Fl 4 | ||
50 | Forces | ||
51 | .Nm | ||
52 | to use IPv4 addresses only. | ||
53 | .It Fl 6 | ||
54 | Forces | ||
55 | .Nm | ||
56 | to use IPv6 addresses only. | ||
57 | .It Fl f Ar file | ||
58 | Read hosts or | ||
59 | .Pa addrlist namelist | ||
60 | pairs from this file, one per line. | ||
61 | If | ||
62 | .Pa - | ||
63 | is supplied instead of a filename, | ||
64 | .Nm | ||
65 | will read hosts or | ||
66 | .Pa addrlist namelist | ||
67 | pairs from the standard input. | ||
68 | .It Fl H | ||
69 | Hash all hostnames and addresses in the output. | ||
70 | Hashed names may be used normally by | ||
71 | .Nm ssh | ||
72 | and | ||
73 | .Nm sshd , | ||
74 | but they do not reveal identifying information should the file's contents | ||
75 | be disclosed. | ||
49 | .It Fl p Ar port | 76 | .It Fl p Ar port |
50 | Port to connect to on the remote host. | 77 | Port to connect to on the remote host. |
51 | .It Fl T Ar timeout | 78 | .It Fl T Ar timeout |
@@ -68,30 +95,11 @@ for protocol version 2. | |||
68 | Multiple values may be specified by separating them with commas. | 95 | Multiple values may be specified by separating them with commas. |
69 | The default is | 96 | The default is |
70 | .Dq rsa1 . | 97 | .Dq rsa1 . |
71 | .It Fl f Ar filename | ||
72 | Read hosts or | ||
73 | .Pa addrlist namelist | ||
74 | pairs from this file, one per line. | ||
75 | If | ||
76 | .Pa - | ||
77 | is supplied instead of a filename, | ||
78 | .Nm | ||
79 | will read hosts or | ||
80 | .Pa addrlist namelist | ||
81 | pairs from the standard input. | ||
82 | .It Fl v | 98 | .It Fl v |
83 | Verbose mode. | 99 | Verbose mode. |
84 | Causes | 100 | Causes |
85 | .Nm | 101 | .Nm |
86 | to print debugging messages about its progress. | 102 | to print debugging messages about its progress. |
87 | .It Fl 4 | ||
88 | Forces | ||
89 | .Nm | ||
90 | to use IPv4 addresses only. | ||
91 | .It Fl 6 | ||
92 | Forces | ||
93 | .Nm | ||
94 | to use IPv6 addresses only. | ||
95 | .El | 103 | .El |
96 | .Sh SECURITY | 104 | .Sh SECURITY |
97 | If a ssh_known_hosts file is constructed using | 105 | If a ssh_known_hosts file is constructed using |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 2f9221605..7d10c6c3e 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -7,7 +7,7 @@ | |||
7 | */ | 7 | */ |
8 | 8 | ||
9 | #include "includes.h" | 9 | #include "includes.h" |
10 | RCSID("$OpenBSD: ssh-keyscan.c,v 1.50 2004/08/11 21:44:32 avsm Exp $"); | 10 | RCSID("$OpenBSD: ssh-keyscan.c,v 1.52 2005/03/01 15:47:14 jmc Exp $"); |
11 | 11 | ||
12 | #include "openbsd-compat/sys-queue.h" | 12 | #include "openbsd-compat/sys-queue.h" |
13 | 13 | ||
@@ -28,6 +28,7 @@ RCSID("$OpenBSD: ssh-keyscan.c,v 1.50 2004/08/11 21:44:32 avsm Exp $"); | |||
28 | #include "log.h" | 28 | #include "log.h" |
29 | #include "atomicio.h" | 29 | #include "atomicio.h" |
30 | #include "misc.h" | 30 | #include "misc.h" |
31 | #include "hostfile.h" | ||
31 | 32 | ||
32 | /* Flag indicating whether IPv4 or IPv6. This can be set on the command line. | 33 | /* Flag indicating whether IPv4 or IPv6. This can be set on the command line. |
33 | Default value is AF_UNSPEC means both IPv4 and IPv6. */ | 34 | Default value is AF_UNSPEC means both IPv4 and IPv6. */ |
@@ -41,6 +42,8 @@ int ssh_port = SSH_DEFAULT_PORT; | |||
41 | 42 | ||
42 | int get_keytypes = KT_RSA1; /* Get only RSA1 keys by default */ | 43 | int get_keytypes = KT_RSA1; /* Get only RSA1 keys by default */ |
43 | 44 | ||
45 | int hash_hosts = 0; /* Hash hostname on output */ | ||
46 | |||
44 | #define MAXMAXFD 256 | 47 | #define MAXMAXFD 256 |
45 | 48 | ||
46 | /* The number of seconds after which to give up on a TCP connection */ | 49 | /* The number of seconds after which to give up on a TCP connection */ |
@@ -366,10 +369,14 @@ keygrab_ssh2(con *c) | |||
366 | static void | 369 | static void |
367 | keyprint(con *c, Key *key) | 370 | keyprint(con *c, Key *key) |
368 | { | 371 | { |
372 | char *host = c->c_output_name ? c->c_output_name : c->c_name; | ||
373 | |||
369 | if (!key) | 374 | if (!key) |
370 | return; | 375 | return; |
376 | if (hash_hosts && (host = host_hash(host, NULL, 0)) == NULL) | ||
377 | fatal("host_hash failed"); | ||
371 | 378 | ||
372 | fprintf(stdout, "%s ", c->c_output_name ? c->c_output_name : c->c_name); | 379 | fprintf(stdout, "%s ", host); |
373 | key_write(key, stdout); | 380 | key_write(key, stdout); |
374 | fputs("\n", stdout); | 381 | fputs("\n", stdout); |
375 | } | 382 | } |
@@ -676,7 +683,7 @@ fatal(const char *fmt,...) | |||
676 | static void | 683 | static void |
677 | usage(void) | 684 | usage(void) |
678 | { | 685 | { |
679 | fprintf(stderr, "usage: %s [-v46] [-p port] [-T timeout] [-t type] [-f file]\n" | 686 | fprintf(stderr, "usage: %s [-46Hv] [-f file] [-p port] [-T timeout] [-t type]\n" |
680 | "\t\t [host | addrlist namelist] [...]\n", | 687 | "\t\t [host | addrlist namelist] [...]\n", |
681 | __progname); | 688 | __progname); |
682 | exit(1); | 689 | exit(1); |
@@ -700,8 +707,11 @@ main(int argc, char **argv) | |||
700 | if (argc <= 1) | 707 | if (argc <= 1) |
701 | usage(); | 708 | usage(); |
702 | 709 | ||
703 | while ((opt = getopt(argc, argv, "v46p:T:t:f:")) != -1) { | 710 | while ((opt = getopt(argc, argv, "Hv46p:T:t:f:")) != -1) { |
704 | switch (opt) { | 711 | switch (opt) { |
712 | case 'H': | ||
713 | hash_hosts = 1; | ||
714 | break; | ||
705 | case 'p': | 715 | case 'p': |
706 | ssh_port = a2port(optarg); | 716 | ssh_port = a2port(optarg); |
707 | if (ssh_port == 0) { | 717 | if (ssh_port == 0) { |
diff --git a/ssh-keysign.c b/ssh-keysign.c index 517655790..04597a91d 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c | |||
@@ -22,7 +22,7 @@ | |||
22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 22 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | */ | 23 | */ |
24 | #include "includes.h" | 24 | #include "includes.h" |
25 | RCSID("$OpenBSD: ssh-keysign.c,v 1.16 2004/04/18 23:10:26 djm Exp $"); | 25 | RCSID("$OpenBSD: ssh-keysign.c,v 1.18 2004/08/23 14:29:23 dtucker Exp $"); |
26 | 26 | ||
27 | #include <openssl/evp.h> | 27 | #include <openssl/evp.h> |
28 | #include <openssl/rand.h> | 28 | #include <openssl/rand.h> |
@@ -151,7 +151,8 @@ main(int argc, char **argv) | |||
151 | key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); | 151 | key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); |
152 | key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); | 152 | key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); |
153 | 153 | ||
154 | if ((pw = getpwuid(getuid())) == NULL) | 154 | original_real_uid = getuid(); /* XXX readconf.c needs this */ |
155 | if ((pw = getpwuid(original_real_uid)) == NULL) | ||
155 | fatal("getpwuid failed"); | 156 | fatal("getpwuid failed"); |
156 | pw = pwcopy(pw); | 157 | pw = pwcopy(pw); |
157 | 158 | ||
@@ -166,7 +167,6 @@ main(int argc, char **argv) | |||
166 | #endif | 167 | #endif |
167 | 168 | ||
168 | /* verify that ssh-keysign is enabled by the admin */ | 169 | /* verify that ssh-keysign is enabled by the admin */ |
169 | original_real_uid = getuid(); /* XXX readconf.c needs this */ | ||
170 | initialize_options(&options); | 170 | initialize_options(&options); |
171 | (void)read_config_file(_PATH_HOST_CONFIG_FILE, "", &options, 0); | 171 | (void)read_config_file(_PATH_HOST_CONFIG_FILE, "", &options, 0); |
172 | fill_default_options(&options); | 172 | fill_default_options(&options); |
diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c index 86af3893d..d7d8d0f3b 100644 --- a/ssh-rand-helper.c +++ b/ssh-rand-helper.c | |||
@@ -39,7 +39,7 @@ | |||
39 | #include "pathnames.h" | 39 | #include "pathnames.h" |
40 | #include "log.h" | 40 | #include "log.h" |
41 | 41 | ||
42 | RCSID("$Id: ssh-rand-helper.c,v 1.18 2004/07/17 04:07:42 dtucker Exp $"); | 42 | RCSID("$Id: ssh-rand-helper.c,v 1.23 2005/02/16 02:32:30 dtucker Exp $"); |
43 | 43 | ||
44 | /* Number of bytes we write out */ | 44 | /* Number of bytes we write out */ |
45 | #define OUTPUT_SEED_SIZE 48 | 45 | #define OUTPUT_SEED_SIZE 48 |
@@ -209,6 +209,22 @@ done: | |||
209 | return rval; | 209 | return rval; |
210 | } | 210 | } |
211 | 211 | ||
212 | static int | ||
213 | seed_from_prngd(unsigned char *buf, size_t bytes) | ||
214 | { | ||
215 | #ifdef PRNGD_PORT | ||
216 | debug("trying egd/prngd port %d", PRNGD_PORT); | ||
217 | if (get_random_bytes_prngd(buf, bytes, PRNGD_PORT, NULL) == 0) | ||
218 | return 0; | ||
219 | #endif | ||
220 | #ifdef PRNGD_SOCKET | ||
221 | debug("trying egd/prngd socket %s", PRNGD_SOCKET); | ||
222 | if (get_random_bytes_prngd(buf, bytes, 0, PRNGD_SOCKET) == 0) | ||
223 | return 0; | ||
224 | #endif | ||
225 | return -1; | ||
226 | } | ||
227 | |||
212 | double | 228 | double |
213 | stir_gettimeofday(double entropy_estimate) | 229 | stir_gettimeofday(double entropy_estimate) |
214 | { | 230 | { |
@@ -534,10 +550,11 @@ prng_check_seedfile(char *filename) | |||
534 | void | 550 | void |
535 | prng_write_seedfile(void) | 551 | prng_write_seedfile(void) |
536 | { | 552 | { |
537 | int fd; | 553 | int fd, save_errno; |
538 | unsigned char seed[SEED_FILE_SIZE]; | 554 | unsigned char seed[SEED_FILE_SIZE]; |
539 | char filename[MAXPATHLEN]; | 555 | char filename[MAXPATHLEN], tmpseed[MAXPATHLEN]; |
540 | struct passwd *pw; | 556 | struct passwd *pw; |
557 | mode_t old_umask; | ||
541 | 558 | ||
542 | pw = getpwuid(getuid()); | 559 | pw = getpwuid(getuid()); |
543 | if (pw == NULL) | 560 | if (pw == NULL) |
@@ -552,7 +569,10 @@ prng_write_seedfile(void) | |||
552 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, | 569 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, |
553 | SSH_PRNG_SEED_FILE); | 570 | SSH_PRNG_SEED_FILE); |
554 | 571 | ||
555 | debug("writing PRNG seed to file %.100s", filename); | 572 | strlcpy(tmpseed, filename, sizeof(tmpseed)); |
573 | if (strlcat(tmpseed, ".XXXXXXXXXX", sizeof(tmpseed)) >= | ||
574 | sizeof(tmpseed)) | ||
575 | fatal("PRNG seed filename too long"); | ||
556 | 576 | ||
557 | if (RAND_bytes(seed, sizeof(seed)) <= 0) | 577 | if (RAND_bytes(seed, sizeof(seed)) <= 0) |
558 | fatal("PRNG seed extraction failed"); | 578 | fatal("PRNG seed extraction failed"); |
@@ -560,15 +580,31 @@ prng_write_seedfile(void) | |||
560 | /* Don't care if the seed doesn't exist */ | 580 | /* Don't care if the seed doesn't exist */ |
561 | prng_check_seedfile(filename); | 581 | prng_check_seedfile(filename); |
562 | 582 | ||
563 | if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) { | 583 | old_umask = umask(0177); |
564 | debug("WARNING: couldn't access PRNG seedfile %.100s " | 584 | |
565 | "(%.100s)", filename, strerror(errno)); | 585 | if ((fd = mkstemp(tmpseed)) == -1) { |
586 | debug("WARNING: couldn't make temporary PRNG seedfile %.100s " | ||
587 | "(%.100s)", tmpseed, strerror(errno)); | ||
566 | } else { | 588 | } else { |
567 | if (atomicio(vwrite, fd, &seed, sizeof(seed)) < sizeof(seed)) | 589 | debug("writing PRNG seed to file %.100s", tmpseed); |
590 | if (atomicio(vwrite, fd, &seed, sizeof(seed)) < sizeof(seed)) { | ||
591 | save_errno = errno; | ||
592 | close(fd); | ||
593 | unlink(tmpseed); | ||
568 | fatal("problem writing PRNG seedfile %.100s " | 594 | fatal("problem writing PRNG seedfile %.100s " |
569 | "(%.100s)", filename, strerror(errno)); | 595 | "(%.100s)", filename, strerror(save_errno)); |
596 | } | ||
570 | close(fd); | 597 | close(fd); |
598 | debug("moving temporary PRNG seed to file %.100s", filename); | ||
599 | if (rename(tmpseed, filename) == -1) { | ||
600 | save_errno = errno; | ||
601 | unlink(tmpseed); | ||
602 | fatal("problem renaming PRNG seedfile from %.100s " | ||
603 | "to %.100s (%.100s)", tmpseed, filename, | ||
604 | strerror(save_errno)); | ||
605 | } | ||
571 | } | 606 | } |
607 | umask(old_umask); | ||
572 | } | 608 | } |
573 | 609 | ||
574 | void | 610 | void |
@@ -747,7 +783,7 @@ usage(void) | |||
747 | fprintf(stderr, "Usage: %s [options]\n", __progname); | 783 | fprintf(stderr, "Usage: %s [options]\n", __progname); |
748 | fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); | 784 | fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); |
749 | fprintf(stderr, " Multiple -v increases verbosity.\n"); | 785 | fprintf(stderr, " Multiple -v increases verbosity.\n"); |
750 | fprintf(stderr, " -x Force output in hexidecimal (for debugging)\n"); | 786 | fprintf(stderr, " -x Force output in hexadecimal (for debugging)\n"); |
751 | fprintf(stderr, " -X Force output in binary\n"); | 787 | fprintf(stderr, " -X Force output in binary\n"); |
752 | fprintf(stderr, " -b bytes Number of bytes to output (default %d)\n", | 788 | fprintf(stderr, " -b bytes Number of bytes to output (default %d)\n", |
753 | OUTPUT_SEED_SIZE); | 789 | OUTPUT_SEED_SIZE); |
@@ -815,21 +851,16 @@ main(int argc, char **argv) | |||
815 | debug("Seeded RNG with %i bytes from system calls", | 851 | debug("Seeded RNG with %i bytes from system calls", |
816 | (int)stir_from_system()); | 852 | (int)stir_from_system()); |
817 | 853 | ||
818 | #ifdef PRNGD_PORT | 854 | /* try prngd, fall back to commands if prngd fails or not configured */ |
819 | if (get_random_bytes_prngd(buf, bytes, PRNGD_PORT, NULL) == -1) | 855 | if (seed_from_prngd(buf, bytes) == 0) { |
820 | fatal("Entropy collection failed"); | 856 | RAND_add(buf, bytes, bytes); |
821 | RAND_add(buf, bytes, bytes); | 857 | } else { |
822 | #elif defined(PRNGD_SOCKET) | 858 | /* Read in collection commands */ |
823 | if (get_random_bytes_prngd(buf, bytes, 0, PRNGD_SOCKET) == -1) | 859 | if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1) |
824 | fatal("Entropy collection failed"); | 860 | fatal("PRNG initialisation failed -- exiting."); |
825 | RAND_add(buf, bytes, bytes); | 861 | debug("Seeded RNG with %i bytes from programs", |
826 | #else | 862 | (int)stir_from_programs()); |
827 | /* Read in collection commands */ | 863 | } |
828 | if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1) | ||
829 | fatal("PRNG initialisation failed -- exiting."); | ||
830 | debug("Seeded RNG with %i bytes from programs", | ||
831 | (int)stir_from_programs()); | ||
832 | #endif | ||
833 | 864 | ||
834 | #ifdef USE_SEED_FILES | 865 | #ifdef USE_SEED_FILES |
835 | prng_write_seedfile(); | 866 | prng_write_seedfile(); |
@@ -857,3 +888,15 @@ main(int argc, char **argv) | |||
857 | 888 | ||
858 | return ret == bytes ? 0 : 1; | 889 | return ret == bytes ? 0 : 1; |
859 | } | 890 | } |
891 | |||
892 | /* | ||
893 | * We may attempt to re-seed during mkstemp if we are using the one in the | ||
894 | * compat library (via mkstemp -> _gettemp -> arc4random -> seed_rng) so we | ||
895 | * need our own seed_rng(). We must also check that we have enough entropy. | ||
896 | */ | ||
897 | void | ||
898 | seed_rng(void) | ||
899 | { | ||
900 | if (!RAND_status()) | ||
901 | fatal("Not enough entropy in RNG"); | ||
902 | } | ||
@@ -6,8 +6,10 @@ NAME | |||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec] | 7 | ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec] |
8 | [-D port] [-e escape_char] [-F configfile] [-i identity_file] | 8 | [-D port] [-e escape_char] [-F configfile] [-i identity_file] |
9 | [-L port:host:hostport] [-l login_name] [-m mac_spec] [-o option] | 9 | [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec] |
10 | [-p port] [-R port:host:hostport] [-S ctl] [user@]hostname [command] | 10 | [-O ctl_cmd] [-o option] [-p port] |
11 | [-R [bind_address:]port:host:hostport] [-S ctl_path] [user@]hostname | ||
12 | [command] | ||
11 | 13 | ||
12 | DESCRIPTION | 14 | DESCRIPTION |
13 | ssh (SSH client) is a program for logging into a remote machine and for | 15 | ssh (SSH client) is a program for logging into a remote machine and for |
@@ -24,27 +26,22 @@ DESCRIPTION | |||
24 | of a login shell. | 26 | of a login shell. |
25 | 27 | ||
26 | SSH protocol version 1 | 28 | SSH protocol version 1 |
27 | First, if the machine the user logs in from is listed in /etc/hosts.equiv | 29 | The first authentication method is the rhosts or hosts.equiv method com- |
28 | or /etc/shosts.equiv on the remote machine, and the user names are the | 30 | bined with RSA-based host authentication. If the machine the user logs |
29 | same on both sides, the user is immediately permitted to log in. Second, | 31 | in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote |
30 | if .rhosts or .shosts exists in the user's home directory on the remote | 32 | machine, and the user names are the same on both sides, or if the files |
31 | machine and contains a line containing the name of the client machine and | 33 | $HOME/.rhosts or $HOME/.shosts exist in the user's home directory on the |
32 | the name of the user on that machine, the user is permitted to log in. | 34 | remote machine and contain a line containing the name of the client ma- |
33 | This form of authentication alone is normally not allowed by the server | 35 | chine and the name of the user on that machine, the user is considered |
34 | because it is not secure. | 36 | for log in. Additionally, if the server can verify the client's host key |
35 | 37 | (see /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts in the FILES | |
36 | The second authentication method is the rhosts or hosts.equiv method com- | 38 | section), only then is login permitted. This authentication method clos- |
37 | bined with RSA-based host authentication. It means that if the login | 39 | es security holes due to IP spoofing, DNS spoofing and routing spoofing. |
38 | would be permitted by $HOME/.rhosts, $HOME/.shosts, /etc/hosts.equiv, or | 40 | [Note to the administrator: /etc/hosts.equiv, $HOME/.rhosts, and the |
39 | /etc/shosts.equiv, and if additionally the server can verify the client's | 41 | rlogin/rsh protocol in general, are inherently insecure and should be |
40 | host key (see /etc/ssh/ssh_known_hosts and $HOME/.ssh/known_hosts in the | ||
41 | FILES section), only then is login permitted. This authentication method | ||
42 | closes security holes due to IP spoofing, DNS spoofing and routing spoof- | ||
43 | ing. [Note to the administrator: /etc/hosts.equiv, $HOME/.rhosts, and | ||
44 | the rlogin/rsh protocol in general, are inherently insecure and should be | ||
45 | disabled if security is desired.] | 42 | disabled if security is desired.] |
46 | 43 | ||
47 | As a third authentication method, ssh supports RSA based authentication. | 44 | As a second authentication method, ssh supports RSA based authentication. |
48 | The scheme is based on public-key cryptography: there are cryptosystems | 45 | The scheme is based on public-key cryptography: there are cryptosystems |
49 | where encryption and decryption are done using separate keys, and it is | 46 | where encryption and decryption are done using separate keys, and it is |
50 | not possible to derive the decryption key from the encryption key. RSA | 47 | not possible to derive the decryption key from the encryption key. RSA |
@@ -70,8 +67,7 @@ DESCRIPTION | |||
70 | directory on the remote machine (the authorized_keys file corresponds to | 67 | directory on the remote machine (the authorized_keys file corresponds to |
71 | the conventional $HOME/.rhosts file, and has one key per line, though the | 68 | the conventional $HOME/.rhosts file, and has one key per line, though the |
72 | lines can be very long). After this, the user can log in without giving | 69 | lines can be very long). After this, the user can log in without giving |
73 | the password. RSA authentication is much more secure than rhosts authen- | 70 | the password. |
74 | tication. | ||
75 | 71 | ||
76 | The most convenient way to use RSA authentication may be with an authen- | 72 | The most convenient way to use RSA authentication may be with an authen- |
77 | tication agent. See ssh-agent(1) for more information. | 73 | tication agent. See ssh-agent(1) for more information. |
@@ -323,16 +319,24 @@ DESCRIPTION | |||
323 | -k Disables forwarding (delegation) of GSSAPI credentials to the | 319 | -k Disables forwarding (delegation) of GSSAPI credentials to the |
324 | server. | 320 | server. |
325 | 321 | ||
326 | -L port:host:hostport | 322 | -L [bind_address:]port:host:hostport |
327 | Specifies that the given port on the local (client) host is to be | 323 | Specifies that the given port on the local (client) host is to be |
328 | forwarded to the given host and port on the remote side. This | 324 | forwarded to the given host and port on the remote side. This |
329 | works by allocating a socket to listen to port on the local side, | 325 | works by allocating a socket to listen to port on the local side, |
330 | and whenever a connection is made to this port, the connection is | 326 | optionally bound to the specified bind_address. Whenever a con- |
331 | forwarded over the secure channel, and a connection is made to | 327 | nection is made to this port, the connection is forwarded over |
332 | host port hostport from the remote machine. Port forwardings can | 328 | the secure channel, and a connection is made to host port |
333 | also be specified in the configuration file. Only root can for- | 329 | hostport from the remote machine. Port forwardings can also be |
334 | ward privileged ports. IPv6 addresses can be specified with an | 330 | specified in the configuration file. IPv6 addresses can be spec- |
335 | alternative syntax: port/host/hostport. | 331 | ified with an alternative syntax: [bind_address/]port/host/host- |
332 | port or by enclosing the address in square brackets. Only the | ||
333 | superuser can forward privileged ports. By default, the local | ||
334 | port is bound in accordance with the GatewayPorts setting. How- | ||
335 | ever, an explicit bind_address may be used to bind the connection | ||
336 | to a specific address. The bind_address of ``localhost'' indi- | ||
337 | cates that the listening port be bound for local use only, while | ||
338 | an empty address or `*' indicates that the port should be avail- | ||
339 | able from all interfaces. | ||
336 | 340 | ||
337 | -l login_name | 341 | -l login_name |
338 | Specifies the user to log in as on the remote machine. This also | 342 | Specifies the user to log in as on the remote machine. This also |
@@ -359,6 +363,13 @@ DESCRIPTION | |||
359 | will be put in the background. (This does not work if ssh needs | 363 | will be put in the background. (This does not work if ssh needs |
360 | to ask for a password or passphrase; see also the -f option.) | 364 | to ask for a password or passphrase; see also the -f option.) |
361 | 365 | ||
366 | -O ctl_cmd | ||
367 | Control an active connection multiplexing master process. When | ||
368 | the -O option is specified, the ctl_cmd argument is interpreted | ||
369 | and passed to the master process. Valid commands are: ``check'' | ||
370 | (check that the master process is running) and ``exit'' (request | ||
371 | the master to exit). | ||
372 | |||
362 | -o option | 373 | -o option |
363 | Can be used to give options in the format used in the configura- | 374 | Can be used to give options in the format used in the configura- |
364 | tion file. This is useful for specifying options for which there | 375 | tion file. This is useful for specifying options for which there |
@@ -388,6 +399,7 @@ DESCRIPTION | |||
388 | GlobalKnownHostsFile | 399 | GlobalKnownHostsFile |
389 | GSSAPIAuthentication | 400 | GSSAPIAuthentication |
390 | GSSAPIDelegateCredentials | 401 | GSSAPIDelegateCredentials |
402 | HashKnownHosts | ||
391 | Host | 403 | Host |
392 | HostbasedAuthentication | 404 | HostbasedAuthentication |
393 | HostKeyAlgorithms | 405 | HostKeyAlgorithms |
@@ -395,6 +407,7 @@ DESCRIPTION | |||
395 | HostName | 407 | HostName |
396 | IdentityFile | 408 | IdentityFile |
397 | IdentitiesOnly | 409 | IdentitiesOnly |
410 | KbdInteractiveDevices | ||
398 | LocalForward | 411 | LocalForward |
399 | LogLevel | 412 | LogLevel |
400 | MACs | 413 | MACs |
@@ -428,19 +441,29 @@ DESCRIPTION | |||
428 | -q Quiet mode. Causes all warning and diagnostic messages to be | 441 | -q Quiet mode. Causes all warning and diagnostic messages to be |
429 | suppressed. | 442 | suppressed. |
430 | 443 | ||
431 | -R port:host:hostport | 444 | -R [bind_address:]port:host:hostport |
432 | Specifies that the given port on the remote (server) host is to | 445 | Specifies that the given port on the remote (server) host is to |
433 | be forwarded to the given host and port on the local side. This | 446 | be forwarded to the given host and port on the local side. This |
434 | works by allocating a socket to listen to port on the remote | 447 | works by allocating a socket to listen to port on the remote |
435 | side, and whenever a connection is made to this port, the connec- | 448 | side, and whenever a connection is made to this port, the connec- |
436 | tion is forwarded over the secure channel, and a connection is | 449 | tion is forwarded over the secure channel, and a connection is |
437 | made to host port hostport from the local machine. Port forward- | 450 | made to host port hostport from the local machine. |
438 | ings can also be specified in the configuration file. Privileged | 451 | |
439 | ports can be forwarded only when logging in as root on the remote | 452 | Port forwardings can also be specified in the configuration file. |
440 | machine. IPv6 addresses can be specified with an alternative | 453 | Privileged ports can be forwarded only when logging in as root on |
441 | syntax: port/host/hostport. | 454 | the remote machine. IPv6 addresses can be specified by enclosing |
442 | 455 | the address in square braces or using an alternative syntax: | |
443 | -S ctl Specifies the location of a control socket for connection shar- | 456 | [bind_address/]host/port/hostport. |
457 | |||
458 | By default, the listening socket on the server will be bound to | ||
459 | the loopback interface only. This may be overriden by specifying | ||
460 | a bind_address. An empty bind_address, or the address `*', indi- | ||
461 | cates that the remote socket should listen on all interfaces. | ||
462 | Specifying a remote bind_address will only succeed if the serv- | ||
463 | er's GatewayPorts option is enabled (see sshd_config(5)). | ||
464 | |||
465 | -S ctl_path | ||
466 | Specifies the location of a control socket for connection shar- | ||
444 | ing. Refer to the description of ControlPath and ControlMaster | 467 | ing. Refer to the description of ControlPath and ControlMaster |
445 | in ssh_config(5) for details. | 468 | in ssh_config(5) for details. |
446 | 469 | ||
@@ -473,9 +496,15 @@ DESCRIPTION | |||
473 | through the forwarded connection. An attacker may then be able | 496 | through the forwarded connection. An attacker may then be able |
474 | to perform activities such as keystroke monitoring. | 497 | to perform activities such as keystroke monitoring. |
475 | 498 | ||
499 | For this reason, X11 forwarding is subjected to X11 SECURITY ex- | ||
500 | tension restrictions by default. Please refer to the ssh -Y op- | ||
501 | tion and the ForwardX11Trusted directive in ssh_config(5) for | ||
502 | more information. | ||
503 | |||
476 | -x Disables X11 forwarding. | 504 | -x Disables X11 forwarding. |
477 | 505 | ||
478 | -Y Enables trusted X11 forwarding. | 506 | -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not |
507 | subjected to the X11 SECURITY extension controls. | ||
479 | 508 | ||
480 | CONFIGURATION FILES | 509 | CONFIGURATION FILES |
481 | ssh may additionally obtain configuration data from a per-user configura- | 510 | ssh may additionally obtain configuration data from a per-user configura- |
@@ -509,7 +538,7 @@ ENVIRONMENT | |||
509 | have a terminal associated with it but DISPLAY and SSH_ASKPASS | 538 | have a terminal associated with it but DISPLAY and SSH_ASKPASS |
510 | are set, it will execute the program specified by SSH_ASKPASS | 539 | are set, it will execute the program specified by SSH_ASKPASS |
511 | and open an X11 window to read the passphrase. This is particu- | 540 | and open an X11 window to read the passphrase. This is particu- |
512 | larly useful when calling ssh from a .Xsession or related | 541 | larly useful when calling ssh from a .xsession or related |
513 | script. (Note that on some machines it may be necessary to | 542 | script. (Note that on some machines it may be necessary to |
514 | redirect the input from /dev/null to make this work.) | 543 | redirect the input from /dev/null to make this work.) |
515 | 544 | ||
@@ -620,7 +649,8 @@ FILES | |||
620 | method is used. By default ssh is not setuid root. | 649 | method is used. By default ssh is not setuid root. |
621 | 650 | ||
622 | $HOME/.rhosts | 651 | $HOME/.rhosts |
623 | This file is used in rhosts authentication to list the host/user | 652 | This file is used in RhostsRSAAuthentication and |
653 | HostbasedAuthentication authentication to list the host/user | ||
624 | pairs that are permitted to log in. (Note that this file is also | 654 | pairs that are permitted to log in. (Note that this file is also |
625 | used by rlogin and rsh, which makes using this file insecure.) | 655 | used by rlogin and rsh, which makes using this file insecure.) |
626 | Each line of the file contains a host name (in the canonical form | 656 | Each line of the file contains a host name (in the canonical form |
@@ -632,27 +662,29 @@ FILES | |||
632 | for anyone else. The recommended permission for most machines is | 662 | for anyone else. The recommended permission for most machines is |
633 | read/write for the user, and not accessible by others. | 663 | read/write for the user, and not accessible by others. |
634 | 664 | ||
635 | Note that by default sshd(8) will be installed so that it re- | 665 | Note that sshd(8) allows authentication only in combination with |
636 | quires successful RSA host authentication before permitting | 666 | client host key authentication before permitting log in. If the |
637 | rhosts authentication. If the server machine does not have the | 667 | server machine does not have the client's host key in |
638 | client's host key in /etc/ssh/ssh_known_hosts, it can be stored | 668 | /etc/ssh/ssh_known_hosts, it can be stored in |
639 | in $HOME/.ssh/known_hosts. The easiest way to do this is to con- | 669 | $HOME/.ssh/known_hosts. The easiest way to do this is to connect |
640 | nect back to the client from the server machine using ssh; this | 670 | back to the client from the server machine using ssh; this will |
641 | will automatically add the host key to $HOME/.ssh/known_hosts. | 671 | automatically add the host key to $HOME/.ssh/known_hosts. |
642 | 672 | ||
643 | $HOME/.shosts | 673 | $HOME/.shosts |
644 | This file is used exactly the same way as .rhosts. The purpose | 674 | This file is used exactly the same way as .rhosts. The purpose |
645 | for having this file is to be able to use rhosts authentication | 675 | for having this file is to be able to use RhostsRSAAuthentication |
646 | with ssh without permitting login with rlogin or rsh(1). | 676 | and HostbasedAuthentication authentication without permitting lo- |
677 | gin with rlogin or rsh(1). | ||
647 | 678 | ||
648 | /etc/hosts.equiv | 679 | /etc/hosts.equiv |
649 | This file is used during rhosts authentication. It contains | 680 | This file is used during RhostsRSAAuthentication and |
650 | canonical hosts names, one per line (the full format is described | 681 | HostbasedAuthentication authentication. It contains canonical |
651 | in the sshd(8) manual page). If the client host is found in this | 682 | hosts names, one per line (the full format is described in the |
652 | file, login is automatically permitted provided client and server | 683 | sshd(8) manual page). If the client host is found in this file, |
653 | user names are the same. Additionally, successful RSA host au- | 684 | login is automatically permitted provided client and server user |
654 | thentication is normally required. This file should only be | 685 | names are the same. Additionally, successful client host key au- |
655 | writable by root. | 686 | thentication is required. This file should only be writable by |
687 | root. | ||
656 | 688 | ||
657 | /etc/shosts.equiv | 689 | /etc/shosts.equiv |
658 | This file is processed exactly as /etc/hosts.equiv. This file | 690 | This file is processed exactly as /etc/hosts.equiv. This file |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: ssh.1,v 1.194 2004/08/12 21:41:13 jakob Exp $ | 37 | .\" $OpenBSD: ssh.1,v 1.205 2005/03/07 23:41:54 jmc Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSH 1 | 39 | .Dt SSH 1 |
40 | .Os | 40 | .Os |
@@ -43,40 +43,35 @@ | |||
43 | .Nd OpenSSH SSH client (remote login program) | 43 | .Nd OpenSSH SSH client (remote login program) |
44 | .Sh SYNOPSIS | 44 | .Sh SYNOPSIS |
45 | .Nm ssh | 45 | .Nm ssh |
46 | .Bk -words | ||
46 | .Op Fl 1246AaCfgkMNnqsTtVvXxY | 47 | .Op Fl 1246AaCfgkMNnqsTtVvXxY |
47 | .Op Fl b Ar bind_address | 48 | .Op Fl b Ar bind_address |
48 | .Op Fl c Ar cipher_spec | 49 | .Op Fl c Ar cipher_spec |
49 | .Bk -words | ||
50 | .Op Fl D Ar port | 50 | .Op Fl D Ar port |
51 | .Op Fl e Ar escape_char | 51 | .Op Fl e Ar escape_char |
52 | .Op Fl F Ar configfile | 52 | .Op Fl F Ar configfile |
53 | .Op Fl i Ar identity_file | 53 | .Op Fl i Ar identity_file |
54 | .Oo Fl L Xo | 54 | .Oo Fl L\ \& |
55 | .Sm off | 55 | .Sm off |
56 | .Ar port : | 56 | .Oo Ar bind_address : Oc |
57 | .Ar host : | 57 | .Ar port : host : hostport |
58 | .Ar hostport | ||
59 | .Sm on | 58 | .Sm on |
60 | .Xc | ||
61 | .Oc | 59 | .Oc |
62 | .Ek | ||
63 | .Op Fl l Ar login_name | 60 | .Op Fl l Ar login_name |
64 | .Op Fl m Ar mac_spec | 61 | .Op Fl m Ar mac_spec |
62 | .Op Fl O Ar ctl_cmd | ||
65 | .Op Fl o Ar option | 63 | .Op Fl o Ar option |
66 | .Bk -words | ||
67 | .Op Fl p Ar port | 64 | .Op Fl p Ar port |
68 | .Ek | 65 | .Oo Fl R\ \& |
69 | .Oo Fl R Xo | ||
70 | .Sm off | 66 | .Sm off |
71 | .Ar port : | 67 | .Oo Ar bind_address : Oc |
72 | .Ar host : | 68 | .Ar port : host : hostport |
73 | .Ar hostport | ||
74 | .Sm on | 69 | .Sm on |
75 | .Xc | ||
76 | .Oc | 70 | .Oc |
77 | .Op Fl S Ar ctl | 71 | .Op Fl S Ar ctl_path |
78 | .Oo Ar user Ns @ Oc Ns Ar hostname | 72 | .Oo Ar user Ns @ Oc Ns Ar hostname |
79 | .Op Ar command | 73 | .Op Ar command |
74 | .Ek | ||
80 | .Sh DESCRIPTION | 75 | .Sh DESCRIPTION |
81 | .Nm | 76 | .Nm |
82 | (SSH client) is a program for logging into a remote machine and for | 77 | (SSH client) is a program for logging into a remote machine and for |
@@ -103,35 +98,25 @@ is specified, | |||
103 | .Ar command | 98 | .Ar command |
104 | is executed on the remote host instead of a login shell. | 99 | is executed on the remote host instead of a login shell. |
105 | .Ss SSH protocol version 1 | 100 | .Ss SSH protocol version 1 |
106 | First, if the machine the user logs in from is listed in | 101 | The first authentication method is the |
102 | .Em rhosts | ||
103 | or | ||
104 | .Em hosts.equiv | ||
105 | method combined with RSA-based host authentication. | ||
106 | If the machine the user logs in from is listed in | ||
107 | .Pa /etc/hosts.equiv | 107 | .Pa /etc/hosts.equiv |
108 | or | 108 | or |
109 | .Pa /etc/shosts.equiv | 109 | .Pa /etc/shosts.equiv |
110 | on the remote machine, and the user names are | 110 | on the remote machine, and the user names are |
111 | the same on both sides, the user is immediately permitted to log in. | 111 | the same on both sides, or if the files |
112 | Second, if | 112 | .Pa $HOME/.rhosts |
113 | .Pa .rhosts | ||
114 | or | 113 | or |
115 | .Pa .shosts | 114 | .Pa $HOME/.shosts |
116 | exists in the user's home directory on the | 115 | exist in the user's home directory on the |
117 | remote machine and contains a line containing the name of the client | 116 | remote machine and contain a line containing the name of the client |
118 | machine and the name of the user on that machine, the user is | 117 | machine and the name of the user on that machine, the user is |
119 | permitted to log in. | 118 | considered for log in. |
120 | This form of authentication alone is normally not | 119 | Additionally, if the server can verify the client's |
121 | allowed by the server because it is not secure. | ||
122 | .Pp | ||
123 | The second authentication method is the | ||
124 | .Em rhosts | ||
125 | or | ||
126 | .Em hosts.equiv | ||
127 | method combined with RSA-based host authentication. | ||
128 | It means that if the login would be permitted by | ||
129 | .Pa $HOME/.rhosts , | ||
130 | .Pa $HOME/.shosts , | ||
131 | .Pa /etc/hosts.equiv , | ||
132 | or | ||
133 | .Pa /etc/shosts.equiv , | ||
134 | and if additionally the server can verify the client's | ||
135 | host key (see | 120 | host key (see |
136 | .Pa /etc/ssh/ssh_known_hosts | 121 | .Pa /etc/ssh/ssh_known_hosts |
137 | and | 122 | and |
@@ -147,7 +132,7 @@ spoofing, DNS spoofing and routing spoofing. | |||
147 | and the rlogin/rsh protocol in general, are inherently insecure and should be | 132 | and the rlogin/rsh protocol in general, are inherently insecure and should be |
148 | disabled if security is desired.] | 133 | disabled if security is desired.] |
149 | .Pp | 134 | .Pp |
150 | As a third authentication method, | 135 | As a second authentication method, |
151 | .Nm | 136 | .Nm |
152 | supports RSA based authentication. | 137 | supports RSA based authentication. |
153 | The scheme is based on public-key cryptography: there are cryptosystems | 138 | The scheme is based on public-key cryptography: there are cryptosystems |
@@ -195,9 +180,6 @@ file corresponds to the conventional | |||
195 | file, and has one key | 180 | file, and has one key |
196 | per line, though the lines can be very long). | 181 | per line, though the lines can be very long). |
197 | After this, the user can log in without giving the password. | 182 | After this, the user can log in without giving the password. |
198 | RSA authentication is much more secure than | ||
199 | .Em rhosts | ||
200 | authentication. | ||
201 | .Pp | 183 | .Pp |
202 | The most convenient way to use RSA authentication may be with an | 184 | The most convenient way to use RSA authentication may be with an |
203 | authentication agent. | 185 | authentication agent. |
@@ -582,6 +564,7 @@ configuration files). | |||
582 | Disables forwarding (delegation) of GSSAPI credentials to the server. | 564 | Disables forwarding (delegation) of GSSAPI credentials to the server. |
583 | .It Fl L Xo | 565 | .It Fl L Xo |
584 | .Sm off | 566 | .Sm off |
567 | .Oo Ar bind_address : Oc | ||
585 | .Ar port : host : hostport | 568 | .Ar port : host : hostport |
586 | .Sm on | 569 | .Sm on |
587 | .Xc | 570 | .Xc |
@@ -589,7 +572,9 @@ Specifies that the given port on the local (client) host is to be | |||
589 | forwarded to the given host and port on the remote side. | 572 | forwarded to the given host and port on the remote side. |
590 | This works by allocating a socket to listen to | 573 | This works by allocating a socket to listen to |
591 | .Ar port | 574 | .Ar port |
592 | on the local side, and whenever a connection is made to this port, the | 575 | on the local side, optionally bound to the specified |
576 | .Ar bind_address . | ||
577 | Whenever a connection is made to this port, the | ||
593 | connection is forwarded over the secure channel, and a connection is | 578 | connection is forwarded over the secure channel, and a connection is |
594 | made to | 579 | made to |
595 | .Ar host | 580 | .Ar host |
@@ -597,14 +582,30 @@ port | |||
597 | .Ar hostport | 582 | .Ar hostport |
598 | from the remote machine. | 583 | from the remote machine. |
599 | Port forwardings can also be specified in the configuration file. | 584 | Port forwardings can also be specified in the configuration file. |
600 | Only root can forward privileged ports. | ||
601 | IPv6 addresses can be specified with an alternative syntax: | 585 | IPv6 addresses can be specified with an alternative syntax: |
602 | .Sm off | 586 | .Sm off |
603 | .Xo | 587 | .Xo |
588 | .Op Ar bind_address No / | ||
604 | .Ar port No / Ar host No / | 589 | .Ar port No / Ar host No / |
605 | .Ar hostport . | 590 | .Ar hostport |
606 | .Xc | 591 | .Xc |
607 | .Sm on | 592 | .Sm on |
593 | or by enclosing the address in square brackets. | ||
594 | Only the superuser can forward privileged ports. | ||
595 | By default, the local port is bound in accordance with the | ||
596 | .Cm GatewayPorts | ||
597 | setting. | ||
598 | However, an explicit | ||
599 | .Ar bind_address | ||
600 | may be used to bind the connection to a specific address. | ||
601 | The | ||
602 | .Ar bind_address | ||
603 | of | ||
604 | .Dq localhost | ||
605 | indicates that the listening port be bound for local use only, while an | ||
606 | empty address or | ||
607 | .Sq * | ||
608 | indicates that the port should be available from all interfaces. | ||
608 | .It Fl l Ar login_name | 609 | .It Fl l Ar login_name |
609 | Specifies the user to log in as on the remote machine. | 610 | Specifies the user to log in as on the remote machine. |
610 | This also may be specified on a per-host basis in the configuration file. | 611 | This also may be specified on a per-host basis in the configuration file. |
@@ -650,6 +651,18 @@ program will be put in the background. | |||
650 | needs to ask for a password or passphrase; see also the | 651 | needs to ask for a password or passphrase; see also the |
651 | .Fl f | 652 | .Fl f |
652 | option.) | 653 | option.) |
654 | .It Fl O Ar ctl_cmd | ||
655 | Control an active connection multiplexing master process. | ||
656 | When the | ||
657 | .Fl O | ||
658 | option is specified, the | ||
659 | .Ar ctl_cmd | ||
660 | argument is interpreted and passed to the master process. | ||
661 | Valid commands are: | ||
662 | .Dq check | ||
663 | (check that the master process is running) and | ||
664 | .Dq exit | ||
665 | (request the master to exit). | ||
653 | .It Fl o Ar option | 666 | .It Fl o Ar option |
654 | Can be used to give options in the format used in the configuration file. | 667 | Can be used to give options in the format used in the configuration file. |
655 | This is useful for specifying options for which there is no separate | 668 | This is useful for specifying options for which there is no separate |
@@ -681,6 +694,7 @@ For full details of the options listed below, and their possible values, see | |||
681 | .It GlobalKnownHostsFile | 694 | .It GlobalKnownHostsFile |
682 | .It GSSAPIAuthentication | 695 | .It GSSAPIAuthentication |
683 | .It GSSAPIDelegateCredentials | 696 | .It GSSAPIDelegateCredentials |
697 | .It HashKnownHosts | ||
684 | .It Host | 698 | .It Host |
685 | .It HostbasedAuthentication | 699 | .It HostbasedAuthentication |
686 | .It HostKeyAlgorithms | 700 | .It HostKeyAlgorithms |
@@ -688,6 +702,7 @@ For full details of the options listed below, and their possible values, see | |||
688 | .It HostName | 702 | .It HostName |
689 | .It IdentityFile | 703 | .It IdentityFile |
690 | .It IdentitiesOnly | 704 | .It IdentitiesOnly |
705 | .It KbdInteractiveDevices | ||
691 | .It LocalForward | 706 | .It LocalForward |
692 | .It LogLevel | 707 | .It LogLevel |
693 | .It MACs | 708 | .It MACs |
@@ -727,6 +742,7 @@ If a second | |||
727 | is given then even fatal errors are suppressed. | 742 | is given then even fatal errors are suppressed. |
728 | .It Fl R Xo | 743 | .It Fl R Xo |
729 | .Sm off | 744 | .Sm off |
745 | .Oo Ar bind_address : Oc | ||
730 | .Ar port : host : hostport | 746 | .Ar port : host : hostport |
731 | .Sm on | 747 | .Sm on |
732 | .Xc | 748 | .Xc |
@@ -741,17 +757,36 @@ made to | |||
741 | port | 757 | port |
742 | .Ar hostport | 758 | .Ar hostport |
743 | from the local machine. | 759 | from the local machine. |
760 | .Pp | ||
744 | Port forwardings can also be specified in the configuration file. | 761 | Port forwardings can also be specified in the configuration file. |
745 | Privileged ports can be forwarded only when | 762 | Privileged ports can be forwarded only when |
746 | logging in as root on the remote machine. | 763 | logging in as root on the remote machine. |
747 | IPv6 addresses can be specified with an alternative syntax: | 764 | IPv6 addresses can be specified by enclosing the address in square braces or |
765 | using an alternative syntax: | ||
748 | .Sm off | 766 | .Sm off |
749 | .Xo | 767 | .Xo |
750 | .Ar port No / Ar host No / | 768 | .Op Ar bind_address No / |
751 | .Ar hostport . | 769 | .Ar host No / Ar port No / |
752 | .Xc | 770 | .Ar hostport |
771 | .Xc . | ||
753 | .Sm on | 772 | .Sm on |
754 | .It Fl S Ar ctl | 773 | .Pp |
774 | By default, the listening socket on the server will be bound to the loopback | ||
775 | interface only. | ||
776 | This may be overriden by specifying a | ||
777 | .Ar bind_address . | ||
778 | An empty | ||
779 | .Ar bind_address , | ||
780 | or the address | ||
781 | .Ql * , | ||
782 | indicates that the remote socket should listen on all interfaces. | ||
783 | Specifying a remote | ||
784 | .Ar bind_address | ||
785 | will only succeed if the server's | ||
786 | .Cm GatewayPorts | ||
787 | option is enabled (see | ||
788 | .Xr sshd_config 5 ) . | ||
789 | .It Fl S Ar ctl_path | ||
755 | Specifies the location of a control socket for connection sharing. | 790 | Specifies the location of a control socket for connection sharing. |
756 | Refer to the description of | 791 | Refer to the description of |
757 | .Cm ControlPath | 792 | .Cm ControlPath |
@@ -800,10 +835,23 @@ Users with the ability to bypass file permissions on the remote host | |||
800 | (for the user's X authorization database) | 835 | (for the user's X authorization database) |
801 | can access the local X11 display through the forwarded connection. | 836 | can access the local X11 display through the forwarded connection. |
802 | An attacker may then be able to perform activities such as keystroke monitoring. | 837 | An attacker may then be able to perform activities such as keystroke monitoring. |
838 | .Pp | ||
839 | For this reason, X11 forwarding is subjected to X11 SECURITY extension | ||
840 | restrictions by default. | ||
841 | Please refer to the | ||
842 | .Nm | ||
843 | .Fl Y | ||
844 | option and the | ||
845 | .Cm ForwardX11Trusted | ||
846 | directive in | ||
847 | .Xr ssh_config 5 | ||
848 | for more information. | ||
803 | .It Fl x | 849 | .It Fl x |
804 | Disables X11 forwarding. | 850 | Disables X11 forwarding. |
805 | .It Fl Y | 851 | .It Fl Y |
806 | Enables trusted X11 forwarding. | 852 | Enables trusted X11 forwarding. |
853 | Trusted X11 forwardings are not subjected to the X11 SECURITY extension | ||
854 | controls. | ||
807 | .El | 855 | .El |
808 | .Sh CONFIGURATION FILES | 856 | .Sh CONFIGURATION FILES |
809 | .Nm | 857 | .Nm |
@@ -863,7 +911,7 @@ and open an X11 window to read the passphrase. | |||
863 | This is particularly useful when calling | 911 | This is particularly useful when calling |
864 | .Nm | 912 | .Nm |
865 | from a | 913 | from a |
866 | .Pa .Xsession | 914 | .Pa .xsession |
867 | or related script. | 915 | or related script. |
868 | (Note that on some machines it | 916 | (Note that on some machines it |
869 | may be necessary to redirect the input from | 917 | may be necessary to redirect the input from |
@@ -1016,7 +1064,9 @@ By default | |||
1016 | is not setuid root. | 1064 | is not setuid root. |
1017 | .It Pa $HOME/.rhosts | 1065 | .It Pa $HOME/.rhosts |
1018 | This file is used in | 1066 | This file is used in |
1019 | .Em rhosts | 1067 | .Cm RhostsRSAAuthentication |
1068 | and | ||
1069 | .Cm HostbasedAuthentication | ||
1020 | authentication to list the | 1070 | authentication to list the |
1021 | host/user pairs that are permitted to log in. | 1071 | host/user pairs that are permitted to log in. |
1022 | (Note that this file is | 1072 | (Note that this file is |
@@ -1035,12 +1085,10 @@ The recommended | |||
1035 | permission for most machines is read/write for the user, and not | 1085 | permission for most machines is read/write for the user, and not |
1036 | accessible by others. | 1086 | accessible by others. |
1037 | .Pp | 1087 | .Pp |
1038 | Note that by default | 1088 | Note that |
1039 | .Xr sshd 8 | 1089 | .Xr sshd 8 |
1040 | will be installed so that it requires successful RSA host | 1090 | allows authentication only in combination with client host key |
1041 | authentication before permitting | 1091 | authentication before permitting log in. |
1042 | .Em rhosts | ||
1043 | authentication. | ||
1044 | If the server machine does not have the client's host key in | 1092 | If the server machine does not have the client's host key in |
1045 | .Pa /etc/ssh/ssh_known_hosts , | 1093 | .Pa /etc/ssh/ssh_known_hosts , |
1046 | it can be stored in | 1094 | it can be stored in |
@@ -1053,15 +1101,19 @@ will automatically add the host key to | |||
1053 | This file is used exactly the same way as | 1101 | This file is used exactly the same way as |
1054 | .Pa .rhosts . | 1102 | .Pa .rhosts . |
1055 | The purpose for | 1103 | The purpose for |
1056 | having this file is to be able to use rhosts authentication with | 1104 | having this file is to be able to use |
1057 | .Nm | 1105 | .Cm RhostsRSAAuthentication |
1058 | without permitting login with | 1106 | and |
1107 | .Cm HostbasedAuthentication | ||
1108 | authentication without permitting login with | ||
1059 | .Xr rlogin | 1109 | .Xr rlogin |
1060 | or | 1110 | or |
1061 | .Xr rsh 1 . | 1111 | .Xr rsh 1 . |
1062 | .It Pa /etc/hosts.equiv | 1112 | .It Pa /etc/hosts.equiv |
1063 | This file is used during | 1113 | This file is used during |
1064 | .Em rhosts | 1114 | .Cm RhostsRSAAuthentication |
1115 | and | ||
1116 | .Cm HostbasedAuthentication | ||
1065 | authentication. | 1117 | authentication. |
1066 | It contains | 1118 | It contains |
1067 | canonical hosts names, one per line (the full format is described in the | 1119 | canonical hosts names, one per line (the full format is described in the |
@@ -1070,8 +1122,7 @@ manual page). | |||
1070 | If the client host is found in this file, login is | 1122 | If the client host is found in this file, login is |
1071 | automatically permitted provided client and server user names are the | 1123 | automatically permitted provided client and server user names are the |
1072 | same. | 1124 | same. |
1073 | Additionally, successful RSA host authentication is normally | 1125 | Additionally, successful client host key authentication is required. |
1074 | required. | ||
1075 | This file should only be writable by root. | 1126 | This file should only be writable by root. |
1076 | .It Pa /etc/shosts.equiv | 1127 | .It Pa /etc/shosts.equiv |
1077 | This file is processed exactly as | 1128 | This file is processed exactly as |
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: ssh.c,v 1.224 2004/07/28 09:40:29 markus Exp $"); | 43 | RCSID("$OpenBSD: ssh.c,v 1.233 2005/03/01 17:22:06 jmc Exp $"); |
44 | 44 | ||
45 | #include <openssl/evp.h> | 45 | #include <openssl/evp.h> |
46 | #include <openssl/err.h> | 46 | #include <openssl/err.h> |
@@ -144,6 +144,9 @@ pid_t proxy_command_pid = 0; | |||
144 | /* fd to control socket */ | 144 | /* fd to control socket */ |
145 | int control_fd = -1; | 145 | int control_fd = -1; |
146 | 146 | ||
147 | /* Multiplexing control command */ | ||
148 | static u_int mux_command = SSHMUX_COMMAND_OPEN; | ||
149 | |||
147 | /* Only used in control client mode */ | 150 | /* Only used in control client mode */ |
148 | volatile sig_atomic_t control_client_terminate = 0; | 151 | volatile sig_atomic_t control_client_terminate = 0; |
149 | u_int control_server_pid = 0; | 152 | u_int control_server_pid = 0; |
@@ -154,10 +157,12 @@ static void | |||
154 | usage(void) | 157 | usage(void) |
155 | { | 158 | { |
156 | fprintf(stderr, | 159 | fprintf(stderr, |
157 | "usage: ssh [-1246AaCfghkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]\n" | 160 | "usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]\n" |
158 | " [-D port] [-e escape_char] [-F configfile] [-i identity_file]\n" | 161 | " [-D port] [-e escape_char] [-F configfile]\n" |
159 | " [-L port:host:hostport] [-l login_name] [-m mac_spec] [-o option]\n" | 162 | " [-i identity_file] [-L [bind_address:]port:host:hostport]\n" |
160 | " [-p port] [-R port:host:hostport] [-S ctl] [user@]hostname [command]\n" | 163 | " [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" |
164 | " [-R [bind_address:]port:host:hostport] [-S ctl_path]\n" | ||
165 | " [user@]hostname [command]\n" | ||
161 | ); | 166 | ); |
162 | exit(1); | 167 | exit(1); |
163 | } | 168 | } |
@@ -174,14 +179,13 @@ int | |||
174 | main(int ac, char **av) | 179 | main(int ac, char **av) |
175 | { | 180 | { |
176 | int i, opt, exit_status; | 181 | int i, opt, exit_status; |
177 | u_short fwd_port, fwd_host_port; | ||
178 | char sfwd_port[6], sfwd_host_port[6]; | ||
179 | char *p, *cp, *line, buf[256]; | 182 | char *p, *cp, *line, buf[256]; |
180 | struct stat st; | 183 | struct stat st; |
181 | struct passwd *pw; | 184 | struct passwd *pw; |
182 | int dummy; | 185 | int dummy; |
183 | extern int optind, optreset; | 186 | extern int optind, optreset; |
184 | extern char *optarg; | 187 | extern char *optarg; |
188 | Forward fwd; | ||
185 | 189 | ||
186 | __progname = ssh_get_progname(av[0]); | 190 | __progname = ssh_get_progname(av[0]); |
187 | init_rng(); | 191 | init_rng(); |
@@ -236,7 +240,7 @@ main(int ac, char **av) | |||
236 | 240 | ||
237 | again: | 241 | again: |
238 | while ((opt = getopt(ac, av, | 242 | while ((opt = getopt(ac, av, |
239 | "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNPR:S:TVXY")) != -1) { | 243 | "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S:TVXY")) != -1) { |
240 | switch (opt) { | 244 | switch (opt) { |
241 | case '1': | 245 | case '1': |
242 | options.protocol = SSH_PROTO_1; | 246 | options.protocol = SSH_PROTO_1; |
@@ -270,6 +274,14 @@ again: | |||
270 | case 'g': | 274 | case 'g': |
271 | options.gateway_ports = 1; | 275 | options.gateway_ports = 1; |
272 | break; | 276 | break; |
277 | case 'O': | ||
278 | if (strcmp(optarg, "check") == 0) | ||
279 | mux_command = SSHMUX_COMMAND_ALIVE_CHECK; | ||
280 | else if (strcmp(optarg, "exit") == 0) | ||
281 | mux_command = SSHMUX_COMMAND_TERMINATE; | ||
282 | else | ||
283 | fatal("Invalid multiplex command."); | ||
284 | break; | ||
273 | case 'P': /* deprecated */ | 285 | case 'P': /* deprecated */ |
274 | options.use_privileged_port = 0; | 286 | options.use_privileged_port = 0; |
275 | break; | 287 | break; |
@@ -285,7 +297,8 @@ again: | |||
285 | case 'i': | 297 | case 'i': |
286 | if (stat(optarg, &st) < 0) { | 298 | if (stat(optarg, &st) < 0) { |
287 | fprintf(stderr, "Warning: Identity file %s " | 299 | fprintf(stderr, "Warning: Identity file %s " |
288 | "does not exist.\n", optarg); | 300 | "not accessible: %s.\n", optarg, |
301 | strerror(errno)); | ||
289 | break; | 302 | break; |
290 | } | 303 | } |
291 | if (options.num_identity_files >= | 304 | if (options.num_identity_files >= |
@@ -316,10 +329,10 @@ again: | |||
316 | options.log_level++; | 329 | options.log_level++; |
317 | break; | 330 | break; |
318 | } | 331 | } |
319 | /* fallthrough */ | 332 | /* FALLTHROUGH */ |
320 | case 'V': | 333 | case 'V': |
321 | fprintf(stderr, "%s, %s\n", | 334 | fprintf(stderr, "%s, %s\n", |
322 | SSH_VERSION, SSLeay_version(SSLEAY_VERSION)); | 335 | SSH_RELEASE, SSLeay_version(SSLEAY_VERSION)); |
323 | if (opt == 'V') | 336 | if (opt == 'V') |
324 | exit(0); | 337 | exit(0); |
325 | break; | 338 | break; |
@@ -393,39 +406,51 @@ again: | |||
393 | break; | 406 | break; |
394 | 407 | ||
395 | case 'L': | 408 | case 'L': |
396 | case 'R': | 409 | if (parse_forward(&fwd, optarg)) |
397 | if (sscanf(optarg, "%5[0123456789]:%255[^:]:%5[0123456789]", | 410 | add_local_forward(&options, &fwd); |
398 | sfwd_port, buf, sfwd_host_port) != 3 && | 411 | else { |
399 | sscanf(optarg, "%5[0123456789]/%255[^/]/%5[0123456789]", | ||
400 | sfwd_port, buf, sfwd_host_port) != 3) { | ||
401 | fprintf(stderr, | 412 | fprintf(stderr, |
402 | "Bad forwarding specification '%s'\n", | 413 | "Bad local forwarding specification '%s'\n", |
403 | optarg); | 414 | optarg); |
404 | usage(); | 415 | exit(1); |
405 | /* NOTREACHED */ | ||
406 | } | 416 | } |
407 | if ((fwd_port = a2port(sfwd_port)) == 0 || | 417 | break; |
408 | (fwd_host_port = a2port(sfwd_host_port)) == 0) { | 418 | |
419 | case 'R': | ||
420 | if (parse_forward(&fwd, optarg)) { | ||
421 | add_remote_forward(&options, &fwd); | ||
422 | } else { | ||
409 | fprintf(stderr, | 423 | fprintf(stderr, |
410 | "Bad forwarding port(s) '%s'\n", optarg); | 424 | "Bad remote forwarding specification " |
425 | "'%s'\n", optarg); | ||
411 | exit(1); | 426 | exit(1); |
412 | } | 427 | } |
413 | if (opt == 'L') | ||
414 | add_local_forward(&options, fwd_port, buf, | ||
415 | fwd_host_port); | ||
416 | else if (opt == 'R') | ||
417 | add_remote_forward(&options, fwd_port, buf, | ||
418 | fwd_host_port); | ||
419 | break; | 428 | break; |
420 | 429 | ||
421 | case 'D': | 430 | case 'D': |
422 | fwd_port = a2port(optarg); | 431 | cp = p = xstrdup(optarg); |
423 | if (fwd_port == 0) { | 432 | memset(&fwd, '\0', sizeof(fwd)); |
433 | fwd.connect_host = "socks"; | ||
434 | if ((fwd.listen_host = hpdelim(&cp)) == NULL) { | ||
435 | fprintf(stderr, "Bad dynamic forwarding " | ||
436 | "specification '%.100s'\n", optarg); | ||
437 | exit(1); | ||
438 | } | ||
439 | if (cp != NULL) { | ||
440 | fwd.listen_port = a2port(cp); | ||
441 | fwd.listen_host = cleanhostname(fwd.listen_host); | ||
442 | } else { | ||
443 | fwd.listen_port = a2port(fwd.listen_host); | ||
444 | fwd.listen_host = ""; | ||
445 | } | ||
446 | |||
447 | if (fwd.listen_port == 0) { | ||
424 | fprintf(stderr, "Bad dynamic port '%s'\n", | 448 | fprintf(stderr, "Bad dynamic port '%s'\n", |
425 | optarg); | 449 | optarg); |
426 | exit(1); | 450 | exit(1); |
427 | } | 451 | } |
428 | add_local_forward(&options, fwd_port, "socks", 0); | 452 | add_local_forward(&options, &fwd); |
453 | xfree(p); | ||
429 | break; | 454 | break; |
430 | 455 | ||
431 | case 'C': | 456 | case 'C': |
@@ -834,14 +859,19 @@ ssh_init_forwarding(void) | |||
834 | 859 | ||
835 | /* Initiate local TCP/IP port forwardings. */ | 860 | /* Initiate local TCP/IP port forwardings. */ |
836 | for (i = 0; i < options.num_local_forwards; i++) { | 861 | for (i = 0; i < options.num_local_forwards; i++) { |
837 | debug("Connections to local port %d forwarded to remote address %.200s:%d", | 862 | debug("Local connections to %.200s:%d forwarded to remote " |
838 | options.local_forwards[i].port, | 863 | "address %.200s:%d", |
839 | options.local_forwards[i].host, | 864 | (options.local_forwards[i].listen_host == NULL) ? |
840 | options.local_forwards[i].host_port); | 865 | (options.gateway_ports ? "*" : "LOCALHOST") : |
866 | options.local_forwards[i].listen_host, | ||
867 | options.local_forwards[i].listen_port, | ||
868 | options.local_forwards[i].connect_host, | ||
869 | options.local_forwards[i].connect_port); | ||
841 | success += channel_setup_local_fwd_listener( | 870 | success += channel_setup_local_fwd_listener( |
842 | options.local_forwards[i].port, | 871 | options.local_forwards[i].listen_host, |
843 | options.local_forwards[i].host, | 872 | options.local_forwards[i].listen_port, |
844 | options.local_forwards[i].host_port, | 873 | options.local_forwards[i].connect_host, |
874 | options.local_forwards[i].connect_port, | ||
845 | options.gateway_ports); | 875 | options.gateway_ports); |
846 | } | 876 | } |
847 | if (i > 0 && success == 0) | 877 | if (i > 0 && success == 0) |
@@ -849,14 +879,17 @@ ssh_init_forwarding(void) | |||
849 | 879 | ||
850 | /* Initiate remote TCP/IP port forwardings. */ | 880 | /* Initiate remote TCP/IP port forwardings. */ |
851 | for (i = 0; i < options.num_remote_forwards; i++) { | 881 | for (i = 0; i < options.num_remote_forwards; i++) { |
852 | debug("Connections to remote port %d forwarded to local address %.200s:%d", | 882 | debug("Remote connections from %.200s:%d forwarded to " |
853 | options.remote_forwards[i].port, | 883 | "local address %.200s:%d", |
854 | options.remote_forwards[i].host, | 884 | options.remote_forwards[i].listen_host, |
855 | options.remote_forwards[i].host_port); | 885 | options.remote_forwards[i].listen_port, |
886 | options.remote_forwards[i].connect_host, | ||
887 | options.remote_forwards[i].connect_port); | ||
856 | channel_request_remote_forwarding( | 888 | channel_request_remote_forwarding( |
857 | options.remote_forwards[i].port, | 889 | options.remote_forwards[i].listen_host, |
858 | options.remote_forwards[i].host, | 890 | options.remote_forwards[i].listen_port, |
859 | options.remote_forwards[i].host_port); | 891 | options.remote_forwards[i].connect_host, |
892 | options.remote_forwards[i].connect_port); | ||
860 | } | 893 | } |
861 | } | 894 | } |
862 | 895 | ||
@@ -1032,12 +1065,12 @@ client_global_request_reply_fwd(int type, u_int32_t seq, void *ctxt) | |||
1032 | return; | 1065 | return; |
1033 | debug("remote forward %s for: listen %d, connect %s:%d", | 1066 | debug("remote forward %s for: listen %d, connect %s:%d", |
1034 | type == SSH2_MSG_REQUEST_SUCCESS ? "success" : "failure", | 1067 | type == SSH2_MSG_REQUEST_SUCCESS ? "success" : "failure", |
1035 | options.remote_forwards[i].port, | 1068 | options.remote_forwards[i].listen_port, |
1036 | options.remote_forwards[i].host, | 1069 | options.remote_forwards[i].connect_host, |
1037 | options.remote_forwards[i].host_port); | 1070 | options.remote_forwards[i].connect_port); |
1038 | if (type == SSH2_MSG_REQUEST_FAILURE) | 1071 | if (type == SSH2_MSG_REQUEST_FAILURE) |
1039 | logit("Warning: remote port forwarding failed for listen port %d", | 1072 | logit("Warning: remote port forwarding failed for listen " |
1040 | options.remote_forwards[i].port); | 1073 | "port %d", options.remote_forwards[i].listen_port); |
1041 | } | 1074 | } |
1042 | 1075 | ||
1043 | static void | 1076 | static void |
@@ -1254,10 +1287,20 @@ static void | |||
1254 | control_client(const char *path) | 1287 | control_client(const char *path) |
1255 | { | 1288 | { |
1256 | struct sockaddr_un addr; | 1289 | struct sockaddr_un addr; |
1257 | int i, r, sock, exitval, num_env, addr_len; | 1290 | int i, r, fd, sock, exitval, num_env, addr_len; |
1258 | Buffer m; | 1291 | Buffer m; |
1259 | char *cp; | 1292 | char *term; |
1260 | extern char **environ; | 1293 | extern char **environ; |
1294 | u_int flags; | ||
1295 | |||
1296 | if (stdin_null_flag) { | ||
1297 | if ((fd = open(_PATH_DEVNULL, O_RDONLY)) == -1) | ||
1298 | fatal("open(/dev/null): %s", strerror(errno)); | ||
1299 | if (dup2(fd, STDIN_FILENO) == -1) | ||
1300 | fatal("dup2: %s", strerror(errno)); | ||
1301 | if (fd > STDERR_FILENO) | ||
1302 | close(fd); | ||
1303 | } | ||
1261 | 1304 | ||
1262 | memset(&addr, '\0', sizeof(addr)); | 1305 | memset(&addr, '\0', sizeof(addr)); |
1263 | addr.sun_family = AF_UNIX; | 1306 | addr.sun_family = AF_UNIX; |
@@ -1274,26 +1317,52 @@ control_client(const char *path) | |||
1274 | if (connect(sock, (struct sockaddr*)&addr, addr_len) == -1) | 1317 | if (connect(sock, (struct sockaddr*)&addr, addr_len) == -1) |
1275 | fatal("Couldn't connect to %s: %s", path, strerror(errno)); | 1318 | fatal("Couldn't connect to %s: %s", path, strerror(errno)); |
1276 | 1319 | ||
1277 | if ((cp = getenv("TERM")) == NULL) | 1320 | if ((term = getenv("TERM")) == NULL) |
1278 | cp = ""; | 1321 | term = ""; |
1322 | |||
1323 | flags = 0; | ||
1324 | if (tty_flag) | ||
1325 | flags |= SSHMUX_FLAG_TTY; | ||
1326 | if (subsystem_flag) | ||
1327 | flags |= SSHMUX_FLAG_SUBSYS; | ||
1279 | 1328 | ||
1280 | buffer_init(&m); | 1329 | buffer_init(&m); |
1281 | 1330 | ||
1282 | /* Get PID of controlee */ | 1331 | /* Send our command to server */ |
1332 | buffer_put_int(&m, mux_command); | ||
1333 | buffer_put_int(&m, flags); | ||
1334 | if (ssh_msg_send(sock, /* version */1, &m) == -1) | ||
1335 | fatal("%s: msg_send", __func__); | ||
1336 | buffer_clear(&m); | ||
1337 | |||
1338 | /* Get authorisation status and PID of controlee */ | ||
1283 | if (ssh_msg_recv(sock, &m) == -1) | 1339 | if (ssh_msg_recv(sock, &m) == -1) |
1284 | fatal("%s: msg_recv", __func__); | 1340 | fatal("%s: msg_recv", __func__); |
1285 | if (buffer_get_char(&m) != 0) | 1341 | if (buffer_get_char(&m) != 1) |
1286 | fatal("%s: wrong version", __func__); | 1342 | fatal("%s: wrong version", __func__); |
1287 | /* Connection allowed? */ | ||
1288 | if (buffer_get_int(&m) != 1) | 1343 | if (buffer_get_int(&m) != 1) |
1289 | fatal("Connection to master denied"); | 1344 | fatal("Connection to master denied"); |
1290 | control_server_pid = buffer_get_int(&m); | 1345 | control_server_pid = buffer_get_int(&m); |
1291 | 1346 | ||
1292 | buffer_clear(&m); | 1347 | buffer_clear(&m); |
1293 | buffer_put_int(&m, tty_flag); | ||
1294 | buffer_put_int(&m, subsystem_flag); | ||
1295 | buffer_put_cstring(&m, cp); | ||
1296 | 1348 | ||
1349 | switch (mux_command) { | ||
1350 | case SSHMUX_COMMAND_ALIVE_CHECK: | ||
1351 | fprintf(stderr, "Master running (pid=%d)\r\n", | ||
1352 | control_server_pid); | ||
1353 | exit(0); | ||
1354 | case SSHMUX_COMMAND_TERMINATE: | ||
1355 | fprintf(stderr, "Exit request sent.\r\n"); | ||
1356 | exit(0); | ||
1357 | case SSHMUX_COMMAND_OPEN: | ||
1358 | /* continue below */ | ||
1359 | break; | ||
1360 | default: | ||
1361 | fatal("silly mux_command %d", mux_command); | ||
1362 | } | ||
1363 | |||
1364 | /* SSHMUX_COMMAND_OPEN */ | ||
1365 | buffer_put_cstring(&m, term); | ||
1297 | buffer_append(&command, "\0", 1); | 1366 | buffer_append(&command, "\0", 1); |
1298 | buffer_put_cstring(&m, buffer_ptr(&command)); | 1367 | buffer_put_cstring(&m, buffer_ptr(&command)); |
1299 | 1368 | ||
@@ -1315,7 +1384,7 @@ control_client(const char *path) | |||
1315 | } | 1384 | } |
1316 | } | 1385 | } |
1317 | 1386 | ||
1318 | if (ssh_msg_send(sock, /* version */0, &m) == -1) | 1387 | if (ssh_msg_send(sock, /* version */1, &m) == -1) |
1319 | fatal("%s: msg_send", __func__); | 1388 | fatal("%s: msg_send", __func__); |
1320 | 1389 | ||
1321 | mm_send_fd(sock, STDIN_FILENO); | 1390 | mm_send_fd(sock, STDIN_FILENO); |
@@ -1326,10 +1395,11 @@ control_client(const char *path) | |||
1326 | buffer_clear(&m); | 1395 | buffer_clear(&m); |
1327 | if (ssh_msg_recv(sock, &m) == -1) | 1396 | if (ssh_msg_recv(sock, &m) == -1) |
1328 | fatal("%s: msg_recv", __func__); | 1397 | fatal("%s: msg_recv", __func__); |
1329 | if (buffer_get_char(&m) != 0) | 1398 | if (buffer_get_char(&m) != 1) |
1330 | fatal("%s: master returned error", __func__); | 1399 | fatal("%s: wrong version", __func__); |
1331 | buffer_free(&m); | 1400 | buffer_free(&m); |
1332 | 1401 | ||
1402 | signal(SIGHUP, control_client_sighandler); | ||
1333 | signal(SIGINT, control_client_sighandler); | 1403 | signal(SIGINT, control_client_sighandler); |
1334 | signal(SIGTERM, control_client_sighandler); | 1404 | signal(SIGTERM, control_client_sighandler); |
1335 | signal(SIGWINCH, control_client_sigrelay); | 1405 | signal(SIGWINCH, control_client_sigrelay); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.h,v 1.75 2003/12/02 17:01:15 markus Exp $ */ | 1 | /* $OpenBSD: ssh.h,v 1.76 2004/12/06 11:41:03 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -40,6 +40,13 @@ | |||
40 | #define SSH_MAX_IDENTITY_FILES 100 | 40 | #define SSH_MAX_IDENTITY_FILES 100 |
41 | 41 | ||
42 | /* | 42 | /* |
43 | * Maximum length of lines in authorized_keys file. | ||
44 | * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with | ||
45 | * some room for options and comments. | ||
46 | */ | ||
47 | #define SSH_MAX_PUBKEY_BYTES 8192 | ||
48 | |||
49 | /* | ||
43 | * Major protocol version. Different version indicates major incompatibility | 50 | * Major protocol version. Different version indicates major incompatibility |
44 | * that prevents communication. | 51 | * that prevents communication. |
45 | * | 52 | * |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh1.h,v 1.4 2004/07/11 17:48:47 deraadt Exp $ */ | 1 | /* $OpenBSD: ssh1.h,v 1.5 2004/10/20 11:48:53 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -18,6 +18,9 @@ | |||
18 | * for compatibility. The maximum value is 254; value 255 is reserved for | 18 | * for compatibility. The maximum value is 254; value 255 is reserved for |
19 | * future extension. | 19 | * future extension. |
20 | */ | 20 | */ |
21 | /* Ranges */ | ||
22 | #define SSH_MSG_MIN 1 | ||
23 | #define SSH_MSG_MAX 254 | ||
21 | /* Message name */ /* msg code */ /* arguments */ | 24 | /* Message name */ /* msg code */ /* arguments */ |
22 | #define SSH_MSG_NONE 0 /* no message */ | 25 | #define SSH_MSG_NONE 0 /* no message */ |
23 | #define SSH_MSG_DISCONNECT 1 /* cause (string) */ | 26 | #define SSH_MSG_DISCONNECT 1 /* cause (string) */ |
diff --git a/ssh_config b/ssh_config index acd5db21a..67dde0769 100644 --- a/ssh_config +++ b/ssh_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: ssh_config,v 1.19 2003/08/13 08:46:31 markus Exp $ | 1 | # $OpenBSD: ssh_config,v 1.20 2005/01/28 09:45:53 dtucker Exp $ |
2 | 2 | ||
3 | # This is the ssh client system-wide configuration file. See | 3 | # This is the ssh client system-wide configuration file. See |
4 | # ssh_config(5) for more information. This file provides defaults for | 4 | # ssh_config(5) for more information. This file provides defaults for |
@@ -13,7 +13,9 @@ | |||
13 | # Thus, host-specific definitions should be at the beginning of the | 13 | # Thus, host-specific definitions should be at the beginning of the |
14 | # configuration file, and defaults at the end. | 14 | # configuration file, and defaults at the end. |
15 | 15 | ||
16 | # Site-wide defaults for various options | 16 | # Site-wide defaults for some commonly used options. For a comprehensive |
17 | # list of available options, their meanings and defaults, please see the | ||
18 | # ssh_config(5) man page. | ||
17 | 19 | ||
18 | Host * | 20 | Host * |
19 | # ForwardAgent no | 21 | # ForwardAgent no |
diff --git a/ssh_config.0 b/ssh_config.0 index d1a6ab364..9577abc48 100644 --- a/ssh_config.0 +++ b/ssh_config.0 | |||
@@ -15,7 +15,7 @@ DESCRIPTION | |||
15 | 3. system-wide configuration file (/etc/ssh/ssh_config) | 15 | 3. system-wide configuration file (/etc/ssh/ssh_config) |
16 | 16 | ||
17 | For each parameter, the first obtained value will be used. The configu- | 17 | For each parameter, the first obtained value will be used. The configu- |
18 | ration files contain sections bracketed by ``Host'' specifications, and | 18 | ration files contain sections separated by ``Host'' specifications, and |
19 | that section is only applied for hosts that match one of the patterns | 19 | that section is only applied for hosts that match one of the patterns |
20 | given in the specification. The matched host name is the one given on | 20 | given in the specification. The matched host name is the one given on |
21 | the command line. | 21 | the command line. |
@@ -47,8 +47,8 @@ DESCRIPTION | |||
47 | 47 | ||
48 | AddressFamily | 48 | AddressFamily |
49 | Specifies which address family to use when connecting. Valid ar- | 49 | Specifies which address family to use when connecting. Valid ar- |
50 | guments are ``any'', ``inet'' (Use IPv4 only) or ``inet6'' (Use | 50 | guments are ``any'', ``inet'' (use IPv4 only) or ``inet6'' (use |
51 | IPv6 only.) | 51 | IPv6 only). |
52 | 52 | ||
53 | BatchMode | 53 | BatchMode |
54 | If set to ``yes'', passphrase/password querying will be disabled. | 54 | If set to ``yes'', passphrase/password querying will be disabled. |
@@ -189,10 +189,14 @@ DESCRIPTION | |||
189 | 189 | ||
190 | ForwardX11Trusted | 190 | ForwardX11Trusted |
191 | If this option is set to ``yes'' then remote X11 clients will | 191 | If this option is set to ``yes'' then remote X11 clients will |
192 | have full access to the original X11 display. If this option is | 192 | have full access to the original X11 display. |
193 | set to ``no'' then remote X11 clients will be considered untrust- | 193 | |
194 | ed and prevented from stealing or tampering with data belonging | 194 | If this option is set to ``no'' then remote X11 clients will be |
195 | to trusted X11 clients. | 195 | considered untrusted and prevented from stealing or tampering |
196 | with data belonging to trusted X11 clients. Furthermore, the | ||
197 | xauth(1) token used for the session will be set to expire after | ||
198 | 20 minutes. Remote clients will be refused access after this | ||
199 | time. | ||
196 | 200 | ||
197 | The default is ``no''. | 201 | The default is ``no''. |
198 | 202 | ||
@@ -222,6 +226,15 @@ DESCRIPTION | |||
222 | ``no''. Note that this option applies to protocol version 2 on- | 226 | ``no''. Note that this option applies to protocol version 2 on- |
223 | ly. | 227 | ly. |
224 | 228 | ||
229 | HashKnownHosts | ||
230 | Indicates that ssh should hash host names and addresses when they | ||
231 | are added to $HOME/.ssh/known_hosts. These hashed names may be | ||
232 | used normally by ssh and sshd, but they do not reveal identifying | ||
233 | information should the file's contents be disclosed. The default | ||
234 | is ``no''. Note that hashing of names and addresses will not be | ||
235 | retrospectively applied to existing known hosts files, but these | ||
236 | may be manually hashed using ssh-keygen(1). | ||
237 | |||
225 | HostbasedAuthentication | 238 | HostbasedAuthentication |
226 | Specifies whether to try rhosts based authentication with public | 239 | Specifies whether to try rhosts based authentication with public |
227 | key authentication. The argument must be ``yes'' or ``no''. The | 240 | key authentication. The argument must be ``yes'' or ``no''. The |
@@ -265,14 +278,26 @@ DESCRIPTION | |||
265 | ssh-agent offers many different identities. The default is | 278 | ssh-agent offers many different identities. The default is |
266 | ``no''. | 279 | ``no''. |
267 | 280 | ||
281 | KbdInteractiveDevices | ||
282 | Specifies the list of methods to use in keyboard-interactive au- | ||
283 | thentication. Multiple method names must be comma-separated. | ||
284 | The default is to use the server specified list. | ||
285 | |||
268 | LocalForward | 286 | LocalForward |
269 | Specifies that a TCP/IP port on the local machine be forwarded | 287 | Specifies that a TCP/IP port on the local machine be forwarded |
270 | over the secure channel to the specified host and port from the | 288 | over the secure channel to the specified host and port from the |
271 | remote machine. The first argument must be a port number, and | 289 | remote machine. The first argument must be a port number, and |
272 | the second must be host:port. IPv6 addresses can be specified | 290 | the second must be [bind_address:]host:port. IPv6 addresses can |
273 | with an alternative syntax: host/port. Multiple forwardings may | 291 | be specified by enclosing addresses in square brackets or by us- |
274 | be specified, and additional forwardings can be given on the com- | 292 | ing an alternative syntax: [bind_address/]host/port. Multiple |
275 | mand line. Only the superuser can forward privileged ports. | 293 | forwardings may be specified, and additional forwardings can be |
294 | given on the command line. Only the superuser can forward privi- | ||
295 | leged ports. By default, the local port is bound in accordance | ||
296 | with the GatewayPorts setting. However, an explicit bind_address | ||
297 | may be used to bind the connection to a specific address. The | ||
298 | bind_address of ``localhost'' indicates that the listening port | ||
299 | be bound for local use only, while an empty address or `*' indi- | ||
300 | cates that the port should be available from all interfaces. | ||
276 | 301 | ||
277 | LogLevel | 302 | LogLevel |
278 | Gives the verbosity level that is used when logging messages from | 303 | Gives the verbosity level that is used when logging messages from |
@@ -345,10 +370,18 @@ DESCRIPTION | |||
345 | Specifies that a TCP/IP port on the remote machine be forwarded | 370 | Specifies that a TCP/IP port on the remote machine be forwarded |
346 | over the secure channel to the specified host and port from the | 371 | over the secure channel to the specified host and port from the |
347 | local machine. The first argument must be a port number, and the | 372 | local machine. The first argument must be a port number, and the |
348 | second must be host:port. IPv6 addresses can be specified with | 373 | second must be [bind_address:]host:port. IPv6 addresses can be |
349 | an alternative syntax: host/port. Multiple forwardings may be | 374 | specified by enclosing any addresses in square brackets or by us- |
350 | specified, and additional forwardings can be given on the command | 375 | ing the alternative syntax: [bind_address/]host/port. Multiple |
351 | line. Only the superuser can forward privileged ports. | 376 | forwardings may be specified, and additional forwardings can be |
377 | given on the command line. Only the superuser can forward privi- | ||
378 | leged ports. | ||
379 | |||
380 | If the bind_address is not specified, the default is to only bind | ||
381 | to loopback addresses. If the bind_address is `*' or an empty | ||
382 | string, then the forwarding is requested to listen on all inter- | ||
383 | faces. Specifying a remote bind_address will only succeed if the | ||
384 | server's GatewayPorts option is enabled (see sshd_config(5)). | ||
352 | 385 | ||
353 | RhostsRSAAuthentication | 386 | RhostsRSAAuthentication |
354 | Specifies whether to try rhosts based authentication with RSA | 387 | Specifies whether to try rhosts based authentication with RSA |
diff --git a/ssh_config.5 b/ssh_config.5 index a8767b493..e41b34b15 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: ssh_config.5,v 1.38 2004/06/26 09:11:14 jmc Exp $ | 37 | .\" $OpenBSD: ssh_config.5,v 1.47 2005/03/07 23:41:54 jmc Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSH_CONFIG 5 | 39 | .Dt SSH_CONFIG 5 |
40 | .Os | 40 | .Os |
@@ -63,7 +63,7 @@ system-wide configuration file | |||
63 | .Pp | 63 | .Pp |
64 | For each parameter, the first obtained value | 64 | For each parameter, the first obtained value |
65 | will be used. | 65 | will be used. |
66 | The configuration files contain sections bracketed by | 66 | The configuration files contain sections separated by |
67 | .Dq Host | 67 | .Dq Host |
68 | specifications, and that section is only applied for hosts that | 68 | specifications, and that section is only applied for hosts that |
69 | match one of the patterns given in the specification. | 69 | match one of the patterns given in the specification. |
@@ -120,9 +120,9 @@ Specifies which address family to use when connecting. | |||
120 | Valid arguments are | 120 | Valid arguments are |
121 | .Dq any , | 121 | .Dq any , |
122 | .Dq inet | 122 | .Dq inet |
123 | (Use IPv4 only) or | 123 | (use IPv4 only) or |
124 | .Dq inet6 | 124 | .Dq inet6 |
125 | (Use IPv6 only.) | 125 | (use IPv6 only). |
126 | .It Cm BatchMode | 126 | .It Cm BatchMode |
127 | If set to | 127 | If set to |
128 | .Dq yes , | 128 | .Dq yes , |
@@ -366,11 +366,16 @@ option is also enabled. | |||
366 | If this option is set to | 366 | If this option is set to |
367 | .Dq yes | 367 | .Dq yes |
368 | then remote X11 clients will have full access to the original X11 display. | 368 | then remote X11 clients will have full access to the original X11 display. |
369 | .Pp | ||
369 | If this option is set to | 370 | If this option is set to |
370 | .Dq no | 371 | .Dq no |
371 | then remote X11 clients will be considered untrusted and prevented | 372 | then remote X11 clients will be considered untrusted and prevented |
372 | from stealing or tampering with data belonging to trusted X11 | 373 | from stealing or tampering with data belonging to trusted X11 |
373 | clients. | 374 | clients. |
375 | Furthermore, the | ||
376 | .Xr xauth 1 | ||
377 | token used for the session will be set to expire after 20 minutes. | ||
378 | Remote clients will be refused access after this time. | ||
374 | .Pp | 379 | .Pp |
375 | The default is | 380 | The default is |
376 | .Dq yes | 381 | .Dq yes |
@@ -410,6 +415,22 @@ Forward (delegate) credentials to the server. | |||
410 | The default is | 415 | The default is |
411 | .Dq no . | 416 | .Dq no . |
412 | Note that this option applies to protocol version 2 only. | 417 | Note that this option applies to protocol version 2 only. |
418 | .It Cm HashKnownHosts | ||
419 | Indicates that | ||
420 | .Nm ssh | ||
421 | should hash host names and addresses when they are added to | ||
422 | .Pa $HOME/.ssh/known_hosts . | ||
423 | These hashed names may be used normally by | ||
424 | .Nm ssh | ||
425 | and | ||
426 | .Nm sshd , | ||
427 | but they do not reveal identifying information should the file's contents | ||
428 | be disclosed. | ||
429 | The default is | ||
430 | .Dq no . | ||
431 | Note that hashing of names and addresses will not be retrospectively applied | ||
432 | to existing known hosts files, but these may be manually hashed using | ||
433 | .Xr ssh-keygen 1 . | ||
413 | .It Cm HostbasedAuthentication | 434 | .It Cm HostbasedAuthentication |
414 | Specifies whether to try rhosts based authentication with public key | 435 | Specifies whether to try rhosts based authentication with public key |
415 | authentication. | 436 | authentication. |
@@ -475,16 +496,45 @@ This option is intented for situations where | |||
475 | offers many different identities. | 496 | offers many different identities. |
476 | The default is | 497 | The default is |
477 | .Dq no . | 498 | .Dq no . |
499 | .It Cm KbdInteractiveDevices | ||
500 | Specifies the list of methods to use in keyboard-interactive authentication. | ||
501 | Multiple method names must be comma-separated. | ||
502 | The default is to use the server specified list. | ||
478 | .It Cm LocalForward | 503 | .It Cm LocalForward |
479 | Specifies that a TCP/IP port on the local machine be forwarded over | 504 | Specifies that a TCP/IP port on the local machine be forwarded over |
480 | the secure channel to the specified host and port from the remote machine. | 505 | the secure channel to the specified host and port from the remote machine. |
481 | The first argument must be a port number, and the second must be | 506 | The first argument must be a port number, and the second must be |
482 | .Ar host:port . | 507 | .Xo |
483 | IPv6 addresses can be specified with an alternative syntax: | 508 | .Sm off |
484 | .Ar host/port . | 509 | .Oo Ar bind_address : Oc |
485 | Multiple forwardings may be specified, and additional | 510 | .Ar host : port |
486 | forwardings can be given on the command line. | 511 | .Sm on |
512 | .Xc . | ||
513 | IPv6 addresses can be specified by enclosing addresses in square brackets or | ||
514 | by using an alternative syntax: | ||
515 | .Sm off | ||
516 | .Xo | ||
517 | .Op Ar bind_address No / | ||
518 | .Ar host No / Ar port | ||
519 | .Xc . | ||
520 | .Sm on | ||
521 | Multiple forwardings may be specified, and additional forwardings can be | ||
522 | given on the command line. | ||
487 | Only the superuser can forward privileged ports. | 523 | Only the superuser can forward privileged ports. |
524 | By default, the local port is bound in accordance with the | ||
525 | .Cm GatewayPorts | ||
526 | setting. | ||
527 | However, an explicit | ||
528 | .Ar bind_address | ||
529 | may be used to bind the connection to a specific address. | ||
530 | The | ||
531 | .Ar bind_address | ||
532 | of | ||
533 | .Dq localhost | ||
534 | indicates that the listening port be bound for local use only, while an | ||
535 | empty address or | ||
536 | .Sq * | ||
537 | indicates that the port should be available from all interfaces. | ||
488 | .It Cm LogLevel | 538 | .It Cm LogLevel |
489 | Gives the verbosity level that is used when logging messages from | 539 | Gives the verbosity level that is used when logging messages from |
490 | .Nm ssh . | 540 | .Nm ssh . |
@@ -591,12 +641,39 @@ This option applies to protocol version 2 only. | |||
591 | Specifies that a TCP/IP port on the remote machine be forwarded over | 641 | Specifies that a TCP/IP port on the remote machine be forwarded over |
592 | the secure channel to the specified host and port from the local machine. | 642 | the secure channel to the specified host and port from the local machine. |
593 | The first argument must be a port number, and the second must be | 643 | The first argument must be a port number, and the second must be |
594 | .Ar host:port . | 644 | .Xo |
595 | IPv6 addresses can be specified with an alternative syntax: | 645 | .Sm off |
596 | .Ar host/port . | 646 | .Oo Ar bind_address : Oc |
647 | .Ar host : port | ||
648 | .Sm on | ||
649 | .Xc . | ||
650 | IPv6 addresses can be specified by enclosing any addresses in square brackets | ||
651 | or by using the alternative syntax: | ||
652 | .Sm off | ||
653 | .Xo | ||
654 | .Op Ar bind_address No / | ||
655 | .Ar host No / Ar port | ||
656 | .Xc . | ||
657 | .Sm on | ||
597 | Multiple forwardings may be specified, and additional | 658 | Multiple forwardings may be specified, and additional |
598 | forwardings can be given on the command line. | 659 | forwardings can be given on the command line. |
599 | Only the superuser can forward privileged ports. | 660 | Only the superuser can forward privileged ports. |
661 | .Pp | ||
662 | If the | ||
663 | .Ar bind_address | ||
664 | is not specified, the default is to only bind to loopback addresses. | ||
665 | If the | ||
666 | .Ar bind_address | ||
667 | is | ||
668 | .Ql * | ||
669 | or an empty string, then the forwarding is requested to listen on all | ||
670 | interfaces. | ||
671 | Specifying a remote | ||
672 | .Ar bind_address | ||
673 | will only succeed if the server's | ||
674 | .Cm GatewayPorts | ||
675 | option is enabled (see | ||
676 | .Xr sshd_config 5 ) . | ||
600 | .It Cm RhostsRSAAuthentication | 677 | .It Cm RhostsRSAAuthentication |
601 | Specifies whether to try rhosts based authentication with RSA host | 678 | Specifies whether to try rhosts based authentication with RSA host |
602 | authentication. | 679 | authentication. |
diff --git a/sshconnect.c b/sshconnect.c index 5158416f0..f8ebd9875 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect.c,v 1.158 2004/06/21 17:36:31 avsm Exp $"); | 16 | RCSID("$OpenBSD: sshconnect.c,v 1.161 2005/03/02 01:00:06 djm Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | 19 | ||
@@ -304,12 +304,6 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr, | |||
304 | * second). If proxy_command is non-NULL, it specifies the command (with %h | 304 | * second). If proxy_command is non-NULL, it specifies the command (with %h |
305 | * and %p substituted for host and port, respectively) to use to contact | 305 | * and %p substituted for host and port, respectively) to use to contact |
306 | * the daemon. | 306 | * the daemon. |
307 | * Return values: | ||
308 | * 0 for OK | ||
309 | * ECONNREFUSED if we got a "Connection Refused" by the peer on any address | ||
310 | * ECONNABORTED if we failed without a "Connection refused" | ||
311 | * Suitable error messages for the connection failure will already have been | ||
312 | * printed. | ||
313 | */ | 307 | */ |
314 | int | 308 | int |
315 | ssh_connect(const char *host, struct sockaddr_storage * hostaddr, | 309 | ssh_connect(const char *host, struct sockaddr_storage * hostaddr, |
@@ -322,12 +316,6 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, | |||
322 | char ntop[NI_MAXHOST], strport[NI_MAXSERV]; | 316 | char ntop[NI_MAXHOST], strport[NI_MAXSERV]; |
323 | struct addrinfo hints, *ai, *aitop; | 317 | struct addrinfo hints, *ai, *aitop; |
324 | struct servent *sp; | 318 | struct servent *sp; |
325 | /* | ||
326 | * Did we get only other errors than "Connection refused" (which | ||
327 | * should block fallback to rsh and similar), or did we get at least | ||
328 | * one "Connection refused"? | ||
329 | */ | ||
330 | int full_failure = 1; | ||
331 | 319 | ||
332 | debug2("ssh_connect: needpriv %d", needpriv); | 320 | debug2("ssh_connect: needpriv %d", needpriv); |
333 | 321 | ||
@@ -388,8 +376,6 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, | |||
388 | memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen); | 376 | memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen); |
389 | break; | 377 | break; |
390 | } else { | 378 | } else { |
391 | if (errno == ECONNREFUSED) | ||
392 | full_failure = 0; | ||
393 | debug("connect to address %s port %s: %s", | 379 | debug("connect to address %s port %s: %s", |
394 | ntop, strport, strerror(errno)); | 380 | ntop, strport, strerror(errno)); |
395 | /* | 381 | /* |
@@ -415,9 +401,9 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, | |||
415 | 401 | ||
416 | /* Return failure if we didn't get a successful connection. */ | 402 | /* Return failure if we didn't get a successful connection. */ |
417 | if (attempt >= connection_attempts) { | 403 | if (attempt >= connection_attempts) { |
418 | logit("ssh: connect to host %s port %s: %s", | 404 | error("ssh: connect to host %s port %s: %s", |
419 | host, strport, strerror(errno)); | 405 | host, strport, strerror(errno)); |
420 | return full_failure ? ECONNABORTED : ECONNREFUSED; | 406 | return (-1); |
421 | } | 407 | } |
422 | 408 | ||
423 | debug("Connection established."); | 409 | debug("Connection established."); |
@@ -600,7 +586,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
600 | char hostline[1000], *hostp, *fp; | 586 | char hostline[1000], *hostp, *fp; |
601 | HostStatus host_status; | 587 | HostStatus host_status; |
602 | HostStatus ip_status; | 588 | HostStatus ip_status; |
603 | int local = 0, host_ip_differ = 0; | 589 | int r, local = 0, host_ip_differ = 0; |
604 | int salen; | 590 | int salen; |
605 | char ntop[NI_MAXHOST]; | 591 | char ntop[NI_MAXHOST]; |
606 | char msg[1024]; | 592 | char msg[1024]; |
@@ -724,7 +710,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
724 | "'%.128s' not in list of known hosts.", | 710 | "'%.128s' not in list of known hosts.", |
725 | type, ip); | 711 | type, ip); |
726 | else if (!add_host_to_hostfile(user_hostfile, ip, | 712 | else if (!add_host_to_hostfile(user_hostfile, ip, |
727 | host_key)) | 713 | host_key, options.hash_known_hosts)) |
728 | logit("Failed to add the %s host key for IP " | 714 | logit("Failed to add the %s host key for IP " |
729 | "address '%.128s' to the list of known " | 715 | "address '%.128s' to the list of known " |
730 | "hosts (%.30s).", type, ip, user_hostfile); | 716 | "hosts (%.30s).", type, ip, user_hostfile); |
@@ -780,17 +766,33 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
780 | if (!confirm(msg)) | 766 | if (!confirm(msg)) |
781 | goto fail; | 767 | goto fail; |
782 | } | 768 | } |
783 | if (options.check_host_ip && ip_status == HOST_NEW) { | ||
784 | snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); | ||
785 | hostp = hostline; | ||
786 | } else | ||
787 | hostp = host; | ||
788 | |||
789 | /* | 769 | /* |
790 | * If not in strict mode, add the key automatically to the | 770 | * If not in strict mode, add the key automatically to the |
791 | * local known_hosts file. | 771 | * local known_hosts file. |
792 | */ | 772 | */ |
793 | if (!add_host_to_hostfile(user_hostfile, hostp, host_key)) | 773 | if (options.check_host_ip && ip_status == HOST_NEW) { |
774 | snprintf(hostline, sizeof(hostline), "%s,%s", | ||
775 | host, ip); | ||
776 | hostp = hostline; | ||
777 | if (options.hash_known_hosts) { | ||
778 | /* Add hash of host and IP separately */ | ||
779 | r = add_host_to_hostfile(user_hostfile, host, | ||
780 | host_key, options.hash_known_hosts) && | ||
781 | add_host_to_hostfile(user_hostfile, ip, | ||
782 | host_key, options.hash_known_hosts); | ||
783 | } else { | ||
784 | /* Add unhashed "host,ip" */ | ||
785 | r = add_host_to_hostfile(user_hostfile, | ||
786 | hostline, host_key, | ||
787 | options.hash_known_hosts); | ||
788 | } | ||
789 | } else { | ||
790 | r = add_host_to_hostfile(user_hostfile, host, host_key, | ||
791 | options.hash_known_hosts); | ||
792 | hostp = host; | ||
793 | } | ||
794 | |||
795 | if (!r) | ||
794 | logit("Failed to add the host to the list of known " | 796 | logit("Failed to add the host to the list of known " |
795 | "hosts (%.500s).", user_hostfile); | 797 | "hosts (%.500s).", user_hostfile); |
796 | else | 798 | else |
@@ -38,9 +38,9 @@ DESCRIPTION | |||
38 | tion algorithm to use from those offered by the server. | 38 | tion algorithm to use from those offered by the server. |
39 | 39 | ||
40 | Next, the server and the client enter an authentication dialog. The | 40 | Next, the server and the client enter an authentication dialog. The |
41 | client tries to authenticate itself using .rhosts authentication, .rhosts | 41 | client tries to authenticate itself using .rhosts authentication combined |
42 | authentication combined with RSA host authentication, RSA challenge-re- | 42 | with RSA host authentication, RSA challenge-response authentication, or |
43 | sponse authentication, or password based authentication. | 43 | password based authentication. |
44 | 44 | ||
45 | Regardless of the authentication type, the account is checked to ensure | 45 | Regardless of the authentication type, the account is checked to ensure |
46 | that it is accessible. An account is not accessible if it is locked, | 46 | that it is accessible. An account is not accessible if it is locked, |
@@ -53,10 +53,8 @@ DESCRIPTION | |||
53 | field should be set to something other than these values (eg `NP' or | 53 | field should be set to something other than these values (eg `NP' or |
54 | `*NP*' ). | 54 | `*NP*' ). |
55 | 55 | ||
56 | rhosts authentication is normally disabled because it is fundamentally | 56 | rshd, rlogind, and rexecd are disabled (thus completely disabling rlogin |
57 | insecure, but can be enabled in the server configuration file if desired. | 57 | and rsh into the machine). |
58 | System security is not improved unless rshd, rlogind, and rexecd are dis- | ||
59 | abled (thus completely disabling rlogin and rsh into the machine). | ||
60 | 58 | ||
61 | SSH protocol version 2 | 59 | SSH protocol version 2 |
62 | Version 2 works similarly: Each host has a host-specific key (RSA or DSA) | 60 | Version 2 works similarly: Each host has a host-specific key (RSA or DSA) |
@@ -246,9 +244,10 @@ AUTHORIZED_KEYS FILE FORMAT | |||
246 | or ``ssh-rsa''. | 244 | or ``ssh-rsa''. |
247 | 245 | ||
248 | Note that lines in this file are usually several hundred bytes long (be- | 246 | Note that lines in this file are usually several hundred bytes long (be- |
249 | cause of the size of the public key encoding). You don't want to type | 247 | cause of the size of the public key encoding) up to a limit of 8 kilo- |
250 | them in; instead, copy the identity.pub, id_dsa.pub or the id_rsa.pub | 248 | bytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16 |
251 | file and edit it. | 249 | kilobits. You don't want to type them in; instead, copy the |
250 | identity.pub, id_dsa.pub or the id_rsa.pub file and edit it. | ||
252 | 251 | ||
253 | sshd enforces a minimum RSA key modulus size for protocol 1 and protocol | 252 | sshd enforces a minimum RSA key modulus size for protocol 1 and protocol |
254 | 2 keys of 768 bits. | 253 | 2 keys of 768 bits. |
@@ -346,6 +345,12 @@ SSH_KNOWN_HOSTS FILE FORMAT | |||
346 | cate negation: if the host name matches a negated pattern, it is not ac- | 345 | cate negation: if the host name matches a negated pattern, it is not ac- |
347 | cepted (by that line) even if it matched another pattern on the line. | 346 | cepted (by that line) even if it matched another pattern on the line. |
348 | 347 | ||
348 | Alternately, hostnames may be stored in a hashed form which hides host | ||
349 | names and addresses should the file's contents be disclosed. Hashed | ||
350 | hostnames start with a `|' character. Only one hashed hostname may ap- | ||
351 | pear on a single line and none of the above negation or wildcard opera- | ||
352 | tors may be applied. | ||
353 | |||
349 | Bits, exponent, and modulus are taken directly from the RSA host key; | 354 | Bits, exponent, and modulus are taken directly from the RSA host key; |
350 | they can be obtained, e.g., from /etc/ssh/ssh_host_key.pub. The optional | 355 | they can be obtained, e.g., from /etc/ssh/ssh_host_key.pub. The optional |
351 | comment field continues to the end of the line, and is not used. | 356 | comment field continues to the end of the line, and is not used. |
@@ -370,6 +375,10 @@ SSH_KNOWN_HOSTS FILE FORMAT | |||
370 | closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi | 375 | closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi |
371 | cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= | 376 | cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= |
372 | 377 | ||
378 | # A hashed hostname | ||
379 | |1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa | ||
380 | AAAA1234.....= | ||
381 | |||
373 | FILES | 382 | FILES |
374 | /etc/ssh/sshd_config | 383 | /etc/ssh/sshd_config |
375 | Contains configuration data for sshd. The file format and con- | 384 | Contains configuration data for sshd. The file format and con- |
@@ -428,6 +437,15 @@ FILES | |||
428 | /etc/ssh/ssh_known_hosts should be world-readable, and | 437 | /etc/ssh/ssh_known_hosts should be world-readable, and |
429 | $HOME/.ssh/known_hosts can, but need not be, world-readable. | 438 | $HOME/.ssh/known_hosts can, but need not be, world-readable. |
430 | 439 | ||
440 | /etc/motd | ||
441 | See motd(5). | ||
442 | |||
443 | $HOME/.hushlogin | ||
444 | This file is used to suppress printing the last login time and | ||
445 | /etc/motd, if PrintLastLog and PrintMotd, respectively, are en- | ||
446 | abled. It does not suppress printing of the banner specified by | ||
447 | Banner. | ||
448 | |||
431 | /etc/nologin | 449 | /etc/nologin |
432 | If this file exists, sshd refuses to let anyone except root log | 450 | If this file exists, sshd refuses to let anyone except root log |
433 | in. The contents of the file are displayed to anyone trying to | 451 | in. The contents of the file are displayed to anyone trying to |
@@ -439,11 +457,13 @@ FILES | |||
439 | fined here. Further details are described in hosts_access(5). | 457 | fined here. Further details are described in hosts_access(5). |
440 | 458 | ||
441 | $HOME/.rhosts | 459 | $HOME/.rhosts |
442 | This file contains host-username pairs, separated by a space, one | 460 | This file is used during RhostsRSAAuthentication and |
443 | per line. The given user on the corresponding host is permitted | 461 | HostbasedAuthentication and contains host-username pairs, sepa- |
444 | to log in without a password. The same file is used by rlogind | 462 | rated by a space, one per line. The given user on the corre- |
445 | and rshd. The file must be writable only by the user; it is rec- | 463 | sponding host is permitted to log in without a password. The |
446 | ommended that it not be accessible by others. | 464 | same file is used by rlogind and rshd. The file must be writable |
465 | only by the user; it is recommended that it not be accessible by | ||
466 | others. | ||
447 | 467 | ||
448 | It is also possible to use netgroups in the file. Either host or | 468 | It is also possible to use netgroups in the file. Either host or |
449 | user name may be of the form +@groupname to specify all hosts or | 469 | user name may be of the form +@groupname to specify all hosts or |
@@ -455,20 +475,21 @@ FILES | |||
455 | access using SSH only. | 475 | access using SSH only. |
456 | 476 | ||
457 | /etc/hosts.equiv | 477 | /etc/hosts.equiv |
458 | This file is used during rhosts authentication. In the simplest | 478 | This file is used during RhostsRSAAuthentication and |
459 | form, this file contains host names, one per line. Users on | 479 | HostbasedAuthentication authentication. In the simplest form, |
460 | those hosts are permitted to log in without a password, provided | 480 | this file contains host names, one per line. Users on those |
461 | they have the same user name on both machines. The host name may | 481 | hosts are permitted to log in without a password, provided they |
462 | also be followed by a user name; such users are permitted to log | 482 | have the same user name on both machines. The host name may also |
463 | in as any user on this machine (except root). Additionally, the | 483 | be followed by a user name; such users are permitted to log in as |
464 | syntax ``+@group'' can be used to specify netgroups. Negated en- | 484 | any user on this machine (except root). Additionally, the syntax |
465 | tries start with `-'. | 485 | ``+@group'' can be used to specify netgroups. Negated entries |
486 | start with `-'. | ||
466 | 487 | ||
467 | If the client host/user is successfully matched in this file, lo- | 488 | If the client host/user is successfully matched in this file, lo- |
468 | gin is automatically permitted provided the client and server us- | 489 | gin is automatically permitted provided the client and server us- |
469 | er names are the same. Additionally, successful RSA host authen- | 490 | er names are the same. Additionally, successful client host key |
470 | tication is normally required. This file must be writable only | 491 | authentication is required. This file must be writable only by |
471 | by root; it is recommended that it be world-readable. | 492 | root; it is recommended that it be world-readable. |
472 | 493 | ||
473 | Warning: It is almost never a good idea to use user names in | 494 | Warning: It is almost never a good idea to use user names in |
474 | hosts.equiv. Beware that it really means that the named user(s) | 495 | hosts.equiv. Beware that it really means that the named user(s) |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.201 2004/05/02 11:54:31 dtucker Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.206 2005/03/01 14:59:49 jmc Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -106,8 +106,6 @@ to use from those offered by the server. | |||
106 | Next, the server and the client enter an authentication dialog. | 106 | Next, the server and the client enter an authentication dialog. |
107 | The client tries to authenticate itself using | 107 | The client tries to authenticate itself using |
108 | .Em .rhosts | 108 | .Em .rhosts |
109 | authentication, | ||
110 | .Em .rhosts | ||
111 | authentication combined with RSA host | 109 | authentication combined with RSA host |
112 | authentication, RSA challenge-response authentication, or password | 110 | authentication, RSA challenge-response authentication, or password |
113 | based authentication. | 111 | based authentication. |
@@ -135,11 +133,6 @@ or | |||
135 | .Ql \&*NP\&* | 133 | .Ql \&*NP\&* |
136 | ). | 134 | ). |
137 | .Pp | 135 | .Pp |
138 | .Em rhosts | ||
139 | authentication is normally disabled | ||
140 | because it is fundamentally insecure, but can be enabled in the server | ||
141 | configuration file if desired. | ||
142 | System security is not improved unless | ||
143 | .Nm rshd , | 136 | .Nm rshd , |
144 | .Nm rlogind , | 137 | .Nm rlogind , |
145 | and | 138 | and |
@@ -430,7 +423,9 @@ or | |||
430 | .Dq ssh-rsa . | 423 | .Dq ssh-rsa . |
431 | .Pp | 424 | .Pp |
432 | Note that lines in this file are usually several hundred bytes long | 425 | Note that lines in this file are usually several hundred bytes long |
433 | (because of the size of the public key encoding). | 426 | (because of the size of the public key encoding) up to a limit of |
427 | 8 kilobytes, which permits DSA keys up to 8 kilobits and RSA | ||
428 | keys up to 16 kilobits. | ||
434 | You don't want to type them in; instead, copy the | 429 | You don't want to type them in; instead, copy the |
435 | .Pa identity.pub , | 430 | .Pa identity.pub , |
436 | .Pa id_dsa.pub | 431 | .Pa id_dsa.pub |
@@ -561,6 +556,14 @@ to indicate negation: if the host name matches a negated | |||
561 | pattern, it is not accepted (by that line) even if it matched another | 556 | pattern, it is not accepted (by that line) even if it matched another |
562 | pattern on the line. | 557 | pattern on the line. |
563 | .Pp | 558 | .Pp |
559 | Alternately, hostnames may be stored in a hashed form which hides host names | ||
560 | and addresses should the file's contents be disclosed. | ||
561 | Hashed hostnames start with a | ||
562 | .Ql | | ||
563 | character. | ||
564 | Only one hashed hostname may appear on a single line and none of the above | ||
565 | negation or wildcard operators may be applied. | ||
566 | .Pp | ||
564 | Bits, exponent, and modulus are taken directly from the RSA host key; they | 567 | Bits, exponent, and modulus are taken directly from the RSA host key; they |
565 | can be obtained, e.g., from | 568 | can be obtained, e.g., from |
566 | .Pa /etc/ssh/ssh_host_key.pub . | 569 | .Pa /etc/ssh/ssh_host_key.pub . |
@@ -592,6 +595,11 @@ and adding the host names at the front. | |||
592 | closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi | 595 | closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi |
593 | cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= | 596 | cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= |
594 | .Ed | 597 | .Ed |
598 | .Bd -literal | ||
599 | # A hashed hostname | ||
600 | |1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa | ||
601 | AAAA1234.....= | ||
602 | .Ed | ||
595 | .Sh FILES | 603 | .Sh FILES |
596 | .Bl -tag -width Ds | 604 | .Bl -tag -width Ds |
597 | .It Pa /etc/ssh/sshd_config | 605 | .It Pa /etc/ssh/sshd_config |
@@ -660,6 +668,20 @@ These files should be writable only by root/the owner. | |||
660 | should be world-readable, and | 668 | should be world-readable, and |
661 | .Pa $HOME/.ssh/known_hosts | 669 | .Pa $HOME/.ssh/known_hosts |
662 | can, but need not be, world-readable. | 670 | can, but need not be, world-readable. |
671 | .It Pa /etc/motd | ||
672 | See | ||
673 | .Xr motd 5 . | ||
674 | .It Pa $HOME/.hushlogin | ||
675 | This file is used to suppress printing the last login time and | ||
676 | .Pa /etc/motd , | ||
677 | if | ||
678 | .Cm PrintLastLog | ||
679 | and | ||
680 | .Cm PrintMotd , | ||
681 | respectively, | ||
682 | are enabled. | ||
683 | It does not suppress printing of the banner specified by | ||
684 | .Cm Banner . | ||
663 | .It Pa /etc/nologin | 685 | .It Pa /etc/nologin |
664 | If this file exists, | 686 | If this file exists, |
665 | .Nm | 687 | .Nm |
@@ -673,7 +695,11 @@ Access controls that should be enforced by tcp-wrappers are defined here. | |||
673 | Further details are described in | 695 | Further details are described in |
674 | .Xr hosts_access 5 . | 696 | .Xr hosts_access 5 . |
675 | .It Pa $HOME/.rhosts | 697 | .It Pa $HOME/.rhosts |
676 | This file contains host-username pairs, separated by a space, one per | 698 | This file is used during |
699 | .Cm RhostsRSAAuthentication | ||
700 | and | ||
701 | .Cm HostbasedAuthentication | ||
702 | and contains host-username pairs, separated by a space, one per | ||
677 | line. | 703 | line. |
678 | The given user on the corresponding host is permitted to log in | 704 | The given user on the corresponding host is permitted to log in |
679 | without a password. | 705 | without a password. |
@@ -694,7 +720,9 @@ However, this file is | |||
694 | not used by rlogin and rshd, so using this permits access using SSH only. | 720 | not used by rlogin and rshd, so using this permits access using SSH only. |
695 | .It Pa /etc/hosts.equiv | 721 | .It Pa /etc/hosts.equiv |
696 | This file is used during | 722 | This file is used during |
697 | .Em rhosts | 723 | .Cm RhostsRSAAuthentication |
724 | and | ||
725 | .Cm HostbasedAuthentication | ||
698 | authentication. | 726 | authentication. |
699 | In the simplest form, this file contains host names, one per line. | 727 | In the simplest form, this file contains host names, one per line. |
700 | Users on | 728 | Users on |
@@ -713,7 +741,7 @@ Negated entries start with | |||
713 | If the client host/user is successfully matched in this file, login is | 741 | If the client host/user is successfully matched in this file, login is |
714 | automatically permitted provided the client and server user names are the | 742 | automatically permitted provided the client and server user names are the |
715 | same. | 743 | same. |
716 | Additionally, successful RSA host authentication is normally required. | 744 | Additionally, successful client host key authentication is required. |
717 | This file must be writable only by root; it is recommended | 745 | This file must be writable only by root; it is recommended |
718 | that it be world-readable. | 746 | that it be world-readable. |
719 | .Pp | 747 | .Pp |
@@ -42,7 +42,7 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #include "includes.h" | 44 | #include "includes.h" |
45 | RCSID("$OpenBSD: sshd.c,v 1.301 2004/08/11 11:50:09 dtucker Exp $"); | 45 | RCSID("$OpenBSD: sshd.c,v 1.308 2005/02/08 22:24:57 dtucker Exp $"); |
46 | 46 | ||
47 | #include <openssl/dh.h> | 47 | #include <openssl/dh.h> |
48 | #include <openssl/bn.h> | 48 | #include <openssl/bn.h> |
@@ -112,12 +112,6 @@ ServerOptions options; | |||
112 | char *config_file_name = _PATH_SERVER_CONFIG_FILE; | 112 | char *config_file_name = _PATH_SERVER_CONFIG_FILE; |
113 | 113 | ||
114 | /* | 114 | /* |
115 | * Flag indicating whether IPv4 or IPv6. This can be set on the command line. | ||
116 | * Default value is AF_UNSPEC means both IPv4 and IPv6. | ||
117 | */ | ||
118 | int IPv4or6 = AF_UNSPEC; | ||
119 | |||
120 | /* | ||
121 | * Debug mode flag. This can be set on the command line. If debug | 115 | * Debug mode flag. This can be set on the command line. If debug |
122 | * mode is enabled, extra debugging output will be sent to the system | 116 | * mode is enabled, extra debugging output will be sent to the system |
123 | * log, the daemon will not go to background, and will exit after processing | 117 | * log, the daemon will not go to background, and will exit after processing |
@@ -750,7 +744,7 @@ get_hostkey_index(Key *key) | |||
750 | static int | 744 | static int |
751 | drop_connection(int startups) | 745 | drop_connection(int startups) |
752 | { | 746 | { |
753 | double p, r; | 747 | int p, r; |
754 | 748 | ||
755 | if (startups < options.max_startups_begin) | 749 | if (startups < options.max_startups_begin) |
756 | return 0; | 750 | return 0; |
@@ -761,12 +755,11 @@ drop_connection(int startups) | |||
761 | 755 | ||
762 | p = 100 - options.max_startups_rate; | 756 | p = 100 - options.max_startups_rate; |
763 | p *= startups - options.max_startups_begin; | 757 | p *= startups - options.max_startups_begin; |
764 | p /= (double) (options.max_startups - options.max_startups_begin); | 758 | p /= options.max_startups - options.max_startups_begin; |
765 | p += options.max_startups_rate; | 759 | p += options.max_startups_rate; |
766 | p /= 100.0; | 760 | r = arc4random() % 100; |
767 | r = arc4random() / (double) UINT_MAX; | ||
768 | 761 | ||
769 | debug("drop_connection: p %g, r %g", p, r); | 762 | debug("drop_connection: p %d, r %d", p, r); |
770 | return (r < p) ? 1 : 0; | 763 | return (r < p) ? 1 : 0; |
771 | } | 764 | } |
772 | 765 | ||
@@ -774,7 +767,7 @@ static void | |||
774 | usage(void) | 767 | usage(void) |
775 | { | 768 | { |
776 | fprintf(stderr, "%s, %s\n", | 769 | fprintf(stderr, "%s, %s\n", |
777 | SSH_VERSION, SSLeay_version(SSLEAY_VERSION)); | 770 | SSH_RELEASE, SSLeay_version(SSLEAY_VERSION)); |
778 | fprintf(stderr, | 771 | fprintf(stderr, |
779 | "usage: sshd [-46Ddeiqt] [-b bits] [-f config_file] [-g login_grace_time]\n" | 772 | "usage: sshd [-46Ddeiqt] [-b bits] [-f config_file] [-g login_grace_time]\n" |
780 | " [-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len]\n" | 773 | " [-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len]\n" |
@@ -884,7 +877,7 @@ main(int ac, char **av) | |||
884 | char ntop[NI_MAXHOST], strport[NI_MAXSERV]; | 877 | char ntop[NI_MAXHOST], strport[NI_MAXSERV]; |
885 | char *line; | 878 | char *line; |
886 | int listen_sock, maxfd; | 879 | int listen_sock, maxfd; |
887 | int startup_p[2], config_s[2]; | 880 | int startup_p[2] = { -1 , -1 }, config_s[2] = { -1 , -1 }; |
888 | int startups = 0; | 881 | int startups = 0; |
889 | Key *key; | 882 | Key *key; |
890 | Authctxt *authctxt; | 883 | Authctxt *authctxt; |
@@ -921,10 +914,10 @@ main(int ac, char **av) | |||
921 | while ((opt = getopt(ac, av, "f:p:b:k:h:g:u:o:dDeiqrtQR46")) != -1) { | 914 | while ((opt = getopt(ac, av, "f:p:b:k:h:g:u:o:dDeiqrtQR46")) != -1) { |
922 | switch (opt) { | 915 | switch (opt) { |
923 | case '4': | 916 | case '4': |
924 | IPv4or6 = AF_INET; | 917 | options.address_family = AF_INET; |
925 | break; | 918 | break; |
926 | case '6': | 919 | case '6': |
927 | IPv4or6 = AF_INET6; | 920 | options.address_family = AF_INET6; |
928 | break; | 921 | break; |
929 | case 'f': | 922 | case 'f': |
930 | config_file_name = optarg; | 923 | config_file_name = optarg; |
@@ -1030,7 +1023,6 @@ main(int ac, char **av) | |||
1030 | closefrom(REEXEC_DEVCRYPTO_RESERVED_FD); | 1023 | closefrom(REEXEC_DEVCRYPTO_RESERVED_FD); |
1031 | 1024 | ||
1032 | SSLeay_add_all_algorithms(); | 1025 | SSLeay_add_all_algorithms(); |
1033 | channel_set_af(IPv4or6); | ||
1034 | 1026 | ||
1035 | /* | 1027 | /* |
1036 | * Force logging to stderr until we have loaded the private host | 1028 | * Force logging to stderr until we have loaded the private host |
@@ -1043,13 +1035,13 @@ main(int ac, char **av) | |||
1043 | SYSLOG_FACILITY_AUTH : options.log_facility, | 1035 | SYSLOG_FACILITY_AUTH : options.log_facility, |
1044 | log_stderr || !inetd_flag); | 1036 | log_stderr || !inetd_flag); |
1045 | 1037 | ||
1046 | #ifdef _AIX | ||
1047 | /* | 1038 | /* |
1048 | * Unset KRB5CCNAME, otherwise the user's session may inherit it from | 1039 | * Unset KRB5CCNAME, otherwise the user's session may inherit it from |
1049 | * root's environment | 1040 | * root's environment |
1050 | */ | 1041 | */ |
1051 | unsetenv("KRB5CCNAME"); | 1042 | if (getenv("KRB5CCNAME") != NULL) |
1052 | #endif /* _AIX */ | 1043 | unsetenv("KRB5CCNAME"); |
1044 | |||
1053 | #ifdef _UNICOS | 1045 | #ifdef _UNICOS |
1054 | /* Cray can define user privs drop all privs now! | 1046 | /* Cray can define user privs drop all privs now! |
1055 | * Not needed on PRIV_SU systems! | 1047 | * Not needed on PRIV_SU systems! |
@@ -1080,13 +1072,16 @@ main(int ac, char **av) | |||
1080 | /* Fill in default values for those options not explicitly set. */ | 1072 | /* Fill in default values for those options not explicitly set. */ |
1081 | fill_default_server_options(&options); | 1073 | fill_default_server_options(&options); |
1082 | 1074 | ||
1075 | /* set default channel AF */ | ||
1076 | channel_set_af(options.address_family); | ||
1077 | |||
1083 | /* Check that there are no remaining arguments. */ | 1078 | /* Check that there are no remaining arguments. */ |
1084 | if (optind < ac) { | 1079 | if (optind < ac) { |
1085 | fprintf(stderr, "Extra argument %s.\n", av[optind]); | 1080 | fprintf(stderr, "Extra argument %s.\n", av[optind]); |
1086 | exit(1); | 1081 | exit(1); |
1087 | } | 1082 | } |
1088 | 1083 | ||
1089 | debug("sshd version %.100s", SSH_VERSION); | 1084 | debug("sshd version %.100s", SSH_RELEASE); |
1090 | 1085 | ||
1091 | /* load private host keys */ | 1086 | /* load private host keys */ |
1092 | sensitive_data.host_keys = xmalloc(options.num_host_key_files * | 1087 | sensitive_data.host_keys = xmalloc(options.num_host_key_files * |
@@ -1202,7 +1197,7 @@ main(int ac, char **av) | |||
1202 | } | 1197 | } |
1203 | 1198 | ||
1204 | /* Initialize the log (it is reinitialized below in case we forked). */ | 1199 | /* Initialize the log (it is reinitialized below in case we forked). */ |
1205 | if (debug_flag && !inetd_flag) | 1200 | if (debug_flag && (!inetd_flag || rexeced_flag)) |
1206 | log_stderr = 1; | 1201 | log_stderr = 1; |
1207 | log_init(__progname, options.log_level, options.log_facility, log_stderr); | 1202 | log_init(__progname, options.log_level, options.log_facility, log_stderr); |
1208 | 1203 | ||
@@ -1278,10 +1273,12 @@ main(int ac, char **av) | |||
1278 | if (num_listen_socks >= MAX_LISTEN_SOCKS) | 1273 | if (num_listen_socks >= MAX_LISTEN_SOCKS) |
1279 | fatal("Too many listen sockets. " | 1274 | fatal("Too many listen sockets. " |
1280 | "Enlarge MAX_LISTEN_SOCKS"); | 1275 | "Enlarge MAX_LISTEN_SOCKS"); |
1281 | if (getnameinfo(ai->ai_addr, ai->ai_addrlen, | 1276 | if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, |
1282 | ntop, sizeof(ntop), strport, sizeof(strport), | 1277 | ntop, sizeof(ntop), strport, sizeof(strport), |
1283 | NI_NUMERICHOST|NI_NUMERICSERV) != 0) { | 1278 | NI_NUMERICHOST|NI_NUMERICSERV)) != 0) { |
1284 | error("getnameinfo failed"); | 1279 | error("getnameinfo failed: %.100s", |
1280 | (ret != EAI_SYSTEM) ? gai_strerror(ret) : | ||
1281 | strerror(errno)); | ||
1285 | continue; | 1282 | continue; |
1286 | } | 1283 | } |
1287 | /* Create socket for listening. */ | 1284 | /* Create socket for listening. */ |
@@ -1512,7 +1509,8 @@ main(int ac, char **av) | |||
1512 | sock_in = newsock; | 1509 | sock_in = newsock; |
1513 | sock_out = newsock; | 1510 | sock_out = newsock; |
1514 | log_init(__progname, options.log_level, options.log_facility, log_stderr); | 1511 | log_init(__progname, options.log_level, options.log_facility, log_stderr); |
1515 | close(config_s[0]); | 1512 | if (rexec_flag) |
1513 | close(config_s[0]); | ||
1516 | break; | 1514 | break; |
1517 | } | 1515 | } |
1518 | } | 1516 | } |
@@ -1637,6 +1635,9 @@ main(int ac, char **av) | |||
1637 | remote_port = get_remote_port(); | 1635 | remote_port = get_remote_port(); |
1638 | remote_ip = get_remote_ipaddr(); | 1636 | remote_ip = get_remote_ipaddr(); |
1639 | 1637 | ||
1638 | #ifdef SSH_AUDIT_EVENTS | ||
1639 | audit_connection_from(remote_ip, remote_port); | ||
1640 | #endif | ||
1640 | #ifdef LIBWRAP | 1641 | #ifdef LIBWRAP |
1641 | /* Check whether logins are denied from this host. */ | 1642 | /* Check whether logins are denied from this host. */ |
1642 | if (packet_connection_is_on_socket()) { | 1643 | if (packet_connection_is_on_socket()) { |
@@ -1673,9 +1674,6 @@ main(int ac, char **av) | |||
1673 | 1674 | ||
1674 | packet_set_nonblocking(); | 1675 | packet_set_nonblocking(); |
1675 | 1676 | ||
1676 | /* prepare buffers to collect authentication messages */ | ||
1677 | buffer_init(&loginmsg); | ||
1678 | |||
1679 | /* allocate authentication context */ | 1677 | /* allocate authentication context */ |
1680 | authctxt = xmalloc(sizeof(*authctxt)); | 1678 | authctxt = xmalloc(sizeof(*authctxt)); |
1681 | memset(authctxt, 0, sizeof(*authctxt)); | 1679 | memset(authctxt, 0, sizeof(*authctxt)); |
@@ -1683,13 +1681,13 @@ main(int ac, char **av) | |||
1683 | /* XXX global for cleanup, access from other modules */ | 1681 | /* XXX global for cleanup, access from other modules */ |
1684 | the_authctxt = authctxt; | 1682 | the_authctxt = authctxt; |
1685 | 1683 | ||
1684 | /* prepare buffer to collect messages to display to user after login */ | ||
1685 | buffer_init(&loginmsg); | ||
1686 | |||
1686 | if (use_privsep) | 1687 | if (use_privsep) |
1687 | if (privsep_preauth(authctxt) == 1) | 1688 | if (privsep_preauth(authctxt) == 1) |
1688 | goto authenticated; | 1689 | goto authenticated; |
1689 | 1690 | ||
1690 | /* prepare buffer to collect messages to display to user after login */ | ||
1691 | buffer_init(&loginmsg); | ||
1692 | |||
1693 | /* perform the key exchange */ | 1691 | /* perform the key exchange */ |
1694 | /* authenticate user and start session */ | 1692 | /* authenticate user and start session */ |
1695 | if (compat20) { | 1693 | if (compat20) { |
@@ -1709,6 +1707,10 @@ main(int ac, char **av) | |||
1709 | } | 1707 | } |
1710 | 1708 | ||
1711 | authenticated: | 1709 | authenticated: |
1710 | #ifdef SSH_AUDIT_EVENTS | ||
1711 | audit_event(SSH_AUTH_SUCCESS); | ||
1712 | #endif | ||
1713 | |||
1712 | /* | 1714 | /* |
1713 | * In privilege separation, we fork another child and prepare | 1715 | * In privilege separation, we fork another child and prepare |
1714 | * file descriptor passing. | 1716 | * file descriptor passing. |
@@ -1731,6 +1733,10 @@ main(int ac, char **av) | |||
1731 | finish_pam(); | 1733 | finish_pam(); |
1732 | #endif /* USE_PAM */ | 1734 | #endif /* USE_PAM */ |
1733 | 1735 | ||
1736 | #ifdef SSH_AUDIT_EVENTS | ||
1737 | PRIVSEP(audit_event(SSH_CONNECTION_CLOSE)); | ||
1738 | #endif | ||
1739 | |||
1734 | packet_close(); | 1740 | packet_close(); |
1735 | 1741 | ||
1736 | if (use_privsep) | 1742 | if (use_privsep) |
@@ -2022,5 +2028,10 @@ cleanup_exit(int i) | |||
2022 | { | 2028 | { |
2023 | if (the_authctxt) | 2029 | if (the_authctxt) |
2024 | do_cleanup(the_authctxt); | 2030 | do_cleanup(the_authctxt); |
2031 | #ifdef SSH_AUDIT_EVENTS | ||
2032 | /* done after do_cleanup so it can cancel the PAM auth 'thread' */ | ||
2033 | if (!use_privsep || mm_is_monitor()) | ||
2034 | audit_event(SSH_CONNECTION_ABANDON); | ||
2035 | #endif | ||
2025 | _exit(i); | 2036 | _exit(i); |
2026 | } | 2037 | } |
diff --git a/sshd_config b/sshd_config index 65e6f1c32..53ae9942e 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.69 2004/05/23 23:59:53 dtucker Exp $ | 1 | # $OpenBSD: sshd_config,v 1.70 2004/12/23 23:11:00 djm Exp $ |
2 | 2 | ||
3 | # This is the sshd server system-wide configuration file. See | 3 | # This is the sshd server system-wide configuration file. See |
4 | # sshd_config(5) for more information. | 4 | # sshd_config(5) for more information. |
@@ -12,6 +12,7 @@ | |||
12 | 12 | ||
13 | #Port 22 | 13 | #Port 22 |
14 | #Protocol 2,1 | 14 | #Protocol 2,1 |
15 | #AddressFamily any | ||
15 | #ListenAddress 0.0.0.0 | 16 | #ListenAddress 0.0.0.0 |
16 | #ListenAddress :: | 17 | #ListenAddress :: |
17 | 18 | ||
diff --git a/sshd_config.0 b/sshd_config.0 index 0528a8c44..1f8763faf 100644 --- a/sshd_config.0 +++ b/sshd_config.0 | |||
@@ -28,6 +28,11 @@ DESCRIPTION | |||
28 | taken in the use of this directive. The default is not to accept | 28 | taken in the use of this directive. The default is not to accept |
29 | any environment variables. | 29 | any environment variables. |
30 | 30 | ||
31 | AddressFamily | ||
32 | Specifies which address family should be used by sshd. Valid ar- | ||
33 | guments are ``any'', ``inet'' (use IPv4 only) or ``inet6'' (use | ||
34 | IPv6 only). The default is ``any''. | ||
35 | |||
31 | AllowGroups | 36 | AllowGroups |
32 | This keyword can be followed by a list of group name patterns, | 37 | This keyword can be followed by a list of group name patterns, |
33 | separated by spaces. If specified, login is allowed only for | 38 | separated by spaces. If specified, login is allowed only for |
@@ -135,10 +140,13 @@ DESCRIPTION | |||
135 | forwarded for the client. By default, sshd binds remote port | 140 | forwarded for the client. By default, sshd binds remote port |
136 | forwardings to the loopback address. This prevents other remote | 141 | forwardings to the loopback address. This prevents other remote |
137 | hosts from connecting to forwarded ports. GatewayPorts can be | 142 | hosts from connecting to forwarded ports. GatewayPorts can be |
138 | used to specify that sshd should bind remote port forwardings to | 143 | used to specify that sshd should allow remote port forwardings to |
139 | the wildcard address, thus allowing remote hosts to connect to | 144 | bind to non-loopback addresses, thus allowing other hosts to con- |
140 | forwarded ports. The argument must be ``yes'' or ``no''. The | 145 | nect. The argument may be ``no'' to force remote port forward- |
141 | default is ``no''. | 146 | ings to be available to the local host only, ``yes'' to force re- |
147 | mote port forwardings to bind to the wildcard address, or | ||
148 | ``clientspecified'' to allow the client to select the address to | ||
149 | which the forwarding is bound. The default is ``no''. | ||
142 | 150 | ||
143 | GSSAPIAuthentication | 151 | GSSAPIAuthentication |
144 | Specifies whether user authentication based on GSSAPI is allowed. | 152 | Specifies whether user authentication based on GSSAPI is allowed. |
@@ -269,14 +277,12 @@ DESCRIPTION | |||
269 | default is ``no''. | 277 | default is ``no''. |
270 | 278 | ||
271 | PermitRootLogin | 279 | PermitRootLogin |
272 | Specifies whether root can login using ssh(1). The argument must | 280 | Specifies whether root can log in using ssh(1). The argument |
273 | be ``yes'', ``without-password'', ``forced-commands-only'' or | 281 | must be ``yes'', ``without-password'', ``forced-commands-only'' |
274 | ``no''. The default is ``yes''. | 282 | or ``no''. The default is ``yes''. |
275 | 283 | ||
276 | If this option is set to ``without-password'' password authenti- | 284 | If this option is set to ``without-password'' password authenti- |
277 | cation is disabled for root. Note that other authentication | 285 | cation is disabled for root. |
278 | methods (e.g., keyboard-interactive/PAM) may still allow root to | ||
279 | login using a password. | ||
280 | 286 | ||
281 | If this option is set to ``forced-commands-only'' root login with | 287 | If this option is set to ``forced-commands-only'' root login with |
282 | public key authentication will be allowed, but only if the | 288 | public key authentication will be allowed, but only if the |
@@ -284,7 +290,7 @@ DESCRIPTION | |||
284 | remote backups even if root login is normally not allowed). All | 290 | remote backups even if root login is normally not allowed). All |
285 | other authentication methods are disabled for root. | 291 | other authentication methods are disabled for root. |
286 | 292 | ||
287 | If this option is set to ``no'' root is not allowed to login. | 293 | If this option is set to ``no'' root is not allowed to log in. |
288 | 294 | ||
289 | PermitUserEnvironment | 295 | PermitUserEnvironment |
290 | Specifies whether ~/.ssh/environment and environment= options in | 296 | Specifies whether ~/.ssh/environment and environment= options in |
@@ -302,8 +308,9 @@ DESCRIPTION | |||
302 | ListenAddress. | 308 | ListenAddress. |
303 | 309 | ||
304 | PrintLastLog | 310 | PrintLastLog |
305 | Specifies whether sshd should print the date and time when the | 311 | Specifies whether sshd should print the date and time of the last |
306 | user last logged in. The default is ``yes''. | 312 | user login when a user logs in interactively. The default is |
313 | ``yes''. | ||
307 | 314 | ||
308 | PrintMotd | 315 | PrintMotd |
309 | Specifies whether sshd should print /etc/motd when a user logs in | 316 | Specifies whether sshd should print /etc/motd when a user logs in |
diff --git a/sshd_config.5 b/sshd_config.5 index 09532fb8d..8d291e61d 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd_config.5,v 1.35 2004/06/26 09:14:40 jmc Exp $ | 37 | .\" $OpenBSD: sshd_config.5,v 1.39 2005/03/01 10:09:52 djm Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD_CONFIG 5 | 39 | .Dt SSHD_CONFIG 5 |
40 | .Os | 40 | .Os |
@@ -83,6 +83,17 @@ Be warned that some environment variables could be used to bypass restricted | |||
83 | user environments. | 83 | user environments. |
84 | For this reason, care should be taken in the use of this directive. | 84 | For this reason, care should be taken in the use of this directive. |
85 | The default is not to accept any environment variables. | 85 | The default is not to accept any environment variables. |
86 | .It Cm AddressFamily | ||
87 | Specifies which address family should be used by | ||
88 | .Nm sshd . | ||
89 | Valid arguments are | ||
90 | .Dq any , | ||
91 | .Dq inet | ||
92 | (use IPv4 only) or | ||
93 | .Dq inet6 | ||
94 | (use IPv6 only). | ||
95 | The default is | ||
96 | .Dq any . | ||
86 | .It Cm AllowGroups | 97 | .It Cm AllowGroups |
87 | This keyword can be followed by a list of group name patterns, separated | 98 | This keyword can be followed by a list of group name patterns, separated |
88 | by spaces. | 99 | by spaces. |
@@ -245,12 +256,15 @@ This prevents other remote hosts from connecting to forwarded ports. | |||
245 | .Cm GatewayPorts | 256 | .Cm GatewayPorts |
246 | can be used to specify that | 257 | can be used to specify that |
247 | .Nm sshd | 258 | .Nm sshd |
248 | should bind remote port forwardings to the wildcard address, | 259 | should allow remote port forwardings to bind to non-loopback addresses, thus |
249 | thus allowing remote hosts to connect to forwarded ports. | 260 | allowing other hosts to connect. |
250 | The argument must be | 261 | The argument may be |
262 | .Dq no | ||
263 | to force remote port forwardings to be available to the local host only, | ||
251 | .Dq yes | 264 | .Dq yes |
252 | or | 265 | to force remote port forwardings to bind to the wildcard address, or |
253 | .Dq no . | 266 | .Dq clientspecified |
267 | to allow the client to select the address to which the forwarding is bound. | ||
254 | The default is | 268 | The default is |
255 | .Dq no . | 269 | .Dq no . |
256 | .It Cm GSSAPIAuthentication | 270 | .It Cm GSSAPIAuthentication |
@@ -455,7 +469,7 @@ server allows login to accounts with empty password strings. | |||
455 | The default is | 469 | The default is |
456 | .Dq no . | 470 | .Dq no . |
457 | .It Cm PermitRootLogin | 471 | .It Cm PermitRootLogin |
458 | Specifies whether root can login using | 472 | Specifies whether root can log in using |
459 | .Xr ssh 1 . | 473 | .Xr ssh 1 . |
460 | The argument must be | 474 | The argument must be |
461 | .Dq yes , | 475 | .Dq yes , |
@@ -468,9 +482,7 @@ The default is | |||
468 | .Pp | 482 | .Pp |
469 | If this option is set to | 483 | If this option is set to |
470 | .Dq without-password | 484 | .Dq without-password |
471 | password authentication is disabled for root. Note that other authentication | 485 | password authentication is disabled for root. |
472 | methods (e.g., keyboard-interactive/PAM) may still allow root to login using | ||
473 | a password. | ||
474 | .Pp | 486 | .Pp |
475 | If this option is set to | 487 | If this option is set to |
476 | .Dq forced-commands-only | 488 | .Dq forced-commands-only |
@@ -484,7 +496,7 @@ All other authentication methods are disabled for root. | |||
484 | .Pp | 496 | .Pp |
485 | If this option is set to | 497 | If this option is set to |
486 | .Dq no | 498 | .Dq no |
487 | root is not allowed to login. | 499 | root is not allowed to log in. |
488 | .It Cm PermitUserEnvironment | 500 | .It Cm PermitUserEnvironment |
489 | Specifies whether | 501 | Specifies whether |
490 | .Pa ~/.ssh/environment | 502 | .Pa ~/.ssh/environment |
@@ -516,7 +528,8 @@ See also | |||
516 | .It Cm PrintLastLog | 528 | .It Cm PrintLastLog |
517 | Specifies whether | 529 | Specifies whether |
518 | .Nm sshd | 530 | .Nm sshd |
519 | should print the date and time when the user last logged in. | 531 | should print the date and time of the last user login when a user logs |
532 | in interactively. | ||
520 | The default is | 533 | The default is |
521 | .Dq yes . | 534 | .Dq yes . |
522 | .It Cm PrintMotd | 535 | .It Cm PrintMotd |
diff --git a/survey.sh.in b/survey.sh.in new file mode 100644 index 000000000..d6075a6b3 --- /dev/null +++ b/survey.sh.in | |||
@@ -0,0 +1,69 @@ | |||
1 | #!/bin/sh | ||
2 | # | ||
3 | # Copyright (c) 2004, 2005 Darren Tucker | ||
4 | # | ||
5 | # Permission to use, copy, modify, and distribute this software for any | ||
6 | # purpose with or without fee is hereby granted, provided that the above | ||
7 | # copyright notice and this permission notice appear in all copies. | ||
8 | # | ||
9 | # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
10 | # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
11 | # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
12 | # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
13 | # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
14 | # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
16 | |||
17 | host="@host@" | ||
18 | AWK="@AWK@" | ||
19 | CC="@CC@" | ||
20 | CPP="@CPP@" | ||
21 | CFLAGS="@CFLAGS@" | ||
22 | CPPFLAGS="@CPPFLAGS@" | ||
23 | LDFLAGS="@LDFLAGS@" | ||
24 | LIBS="@LIBS@" | ||
25 | |||
26 | # Note format: | ||
27 | # identifier: [data] CRCR | ||
28 | |||
29 | echo "openssh-survey-version: 1" | ||
30 | echo | ||
31 | echo "openssh-version: `./ssh -V 2>&1`" | ||
32 | echo | ||
33 | configinv=`$AWK '/^ \\\$.*configure/' config.log | sed 's/^ \\\$ //g'` | ||
34 | echo "configure-invocation: $configinv" | ||
35 | echo | ||
36 | echo "host: $host" | ||
37 | echo | ||
38 | echo "uname: `uname`" | ||
39 | echo | ||
40 | echo "uname-r: `uname -r`" | ||
41 | echo | ||
42 | echo "uname-m: `uname -m`" | ||
43 | echo | ||
44 | echo "uname-p: `uname -p`" | ||
45 | echo | ||
46 | echo "oslevel: `oslevel 2>/dev/null`" | ||
47 | echo | ||
48 | echo "oslevel-r: `oslevel -r 2>/dev/null`" | ||
49 | echo | ||
50 | echo "cc: $CC" | ||
51 | echo | ||
52 | echo "cflags: $CFLAGS" | ||
53 | echo | ||
54 | echo "cppflags: $CPPFLAGS" | ||
55 | echo | ||
56 | echo "ldflags: $LDFLAGS" | ||
57 | echo | ||
58 | echo "libs: $LIBS" | ||
59 | echo | ||
60 | echo "ccver-v: `$CC -v 2>&1 | sed '/^[ \t]*$/d'`" | ||
61 | echo | ||
62 | echo "ccver-V: `$CC -V 2>&1 | sed '/^[ \t]*$/d'`" | ||
63 | echo | ||
64 | echo "cppdefines:" | ||
65 | ${CPP} -dM - </dev/null | ||
66 | echo | ||
67 | echo "config.h:" | ||
68 | egrep '#define|#undef' config.h | ||
69 | echo | ||
@@ -56,10 +56,12 @@ temporarily_use_uid(struct passwd *pw) | |||
56 | debug("temporarily_use_uid: %u/%u (e=%u/%u)", | 56 | debug("temporarily_use_uid: %u/%u (e=%u/%u)", |
57 | (u_int)pw->pw_uid, (u_int)pw->pw_gid, | 57 | (u_int)pw->pw_uid, (u_int)pw->pw_gid, |
58 | (u_int)saved_euid, (u_int)saved_egid); | 58 | (u_int)saved_euid, (u_int)saved_egid); |
59 | #ifndef HAVE_CYGWIN | ||
59 | if (saved_euid != 0) { | 60 | if (saved_euid != 0) { |
60 | privileged = 0; | 61 | privileged = 0; |
61 | return; | 62 | return; |
62 | } | 63 | } |
64 | #endif | ||
63 | #else | 65 | #else |
64 | if (geteuid() != 0) { | 66 | if (geteuid() != 0) { |
65 | privileged = 0; | 67 | privileged = 0; |
@@ -200,10 +202,12 @@ permanently_set_uid(struct passwd *pw) | |||
200 | fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); | 202 | fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); |
201 | #endif | 203 | #endif |
202 | 204 | ||
205 | #ifndef HAVE_CYGWIN | ||
203 | /* Try restoration of GID if changed (test clearing of saved gid) */ | 206 | /* Try restoration of GID if changed (test clearing of saved gid) */ |
204 | if (old_gid != pw->pw_gid && | 207 | if (old_gid != pw->pw_gid && pw->pw_uid != 0 && |
205 | (setgid(old_gid) != -1 || setegid(old_gid) != -1)) | 208 | (setgid(old_gid) != -1 || setegid(old_gid) != -1)) |
206 | fatal("%s: was able to restore old [e]gid", __func__); | 209 | fatal("%s: was able to restore old [e]gid", __func__); |
210 | #endif | ||
207 | 211 | ||
208 | /* Verify GID drop was successful */ | 212 | /* Verify GID drop was successful */ |
209 | if (getgid() != pw->pw_gid || getegid() != pw->pw_gid) { | 213 | if (getgid() != pw->pw_gid || getegid() != pw->pw_gid) { |
@@ -1,5 +1,9 @@ | |||
1 | /* $OpenBSD: version.h,v 1.42 2004/08/16 08:17:01 markus Exp $ */ | 1 | /* $OpenBSD: version.h,v 1.43 2005/03/08 23:49:48 djm Exp $ */ |
2 | 2 | ||
3 | #ifndef SSH_VERSION | 3 | #define SSH_VERSION "OpenSSH_4.0" |
4 | #define SSH_VERSION "OpenSSH_3.9p1" | 4 | |
5 | #endif /* SSH_VERSION */ | 5 | #define SSH_PORTABLE "p1" |
6 | #ifndef SSH_EXTRAVERSION | ||
7 | #define SSH_EXTRAVERSION | ||
8 | #endif | ||
9 | #define SSH_RELEASE SSH_VERSION SSH_PORTABLE SSH_EXTRAVERSION | ||