9 files changed, 89 insertions, 46 deletions
diff --git a/ChangeLog b/ChangeLog
index b2876463a..a3b829515 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,35 @@
+20001203
+- (bal) OpenBSD CVS updates:
+  - markus@cvs.openbsd.org 2000/11/30 22:54:31
+    [channels.c]
+    debug->warn if tried to do -R style fwd w/o client requesting this; 
+    ok neils@
+  - markus@cvs.openbsd.org 2000/11/29 20:39:17
+    [cipher.c]
+    des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
+  - markus@cvs.openbsd.org 2000/11/30 18:33:05
+    [ssh-agent.c]
+    agents must not dump core, ok niels@
+  - markus@cvs.openbsd.org 2000/11/30 07:04:02 
+    [ssh.1]
+    T is for both protocols
+  - markus@cvs.openbsd.org 2000/12/01 00:00:51
+    [ssh.1]
+    typo; from green@FreeBSD.org
+  - markus@cvs.openbsd.org 2000/11/30 07:02:35
+    [ssh.c]
+    check -T before isatty()
+  - provos@cvs.openbsd.org 2000/11/29 13:51:27
+    [sshconnect.c]
+    show IP address and hostname when new key is encountered. okay markus@ 
+  - markus@cvs.openbsd.org 2000/11/30 22:53:35
+    [sshconnect.c]
+    disable agent/x11/port fwding if hostkey has changed; ok niels@
+  - marksu@cvs.openbsd.org 2000/11/29 21:11:59
+    [sshd.c]
+    sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
+    from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
 20001202
 - (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
 - (bal) Irix need some sort of mansubdir, patch by Michael Stone 
diff --git a/TODO b/TODO
index c7135806b..de51b3b07 100644
--- a/TODO
+++ b/TODO
@@ -2,6 +2,8 @@ Programming:
 - Replacement for setproctitle() - HP/UX support only currently
 - Improve PAM support (a pam_lastlog module will cause sshd to exit)
+  and maybe support alternate forms of authenications like OPIE via
+  pam?
 - Complete Tru64 SIA support
diff --git a/channels.c b/channels.c
index 0886a91ef..91a1b50c3 100644
--- a/channels.c
+++ b/channels.c
@@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.73 2000/11/06 23:04:55 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.74 2000/11/30 22:54:31 markus Exp $");
 #include "ssh.h"
 #include "packet.h"
@@ -1729,7 +1729,8 @@ channel_connect_by_listen_adress(u_short listen_port)
                        return channel_connect_to(
                            permitted_opens[i].host_to_connect,
                            permitted_opens[i].port_to_connect);
-        debug("channel_connect_by_listen_adress: unknown listen_port %d", listen_port);
+        error("WARNING: Server requests forwarding for unknown listen_port %d",
+            listen_port);
        return -1;
 }
diff --git a/cipher.c b/cipher.c
index 65cde4732..f9091453e 100644
--- a/cipher.c
+++ b/cipher.c
@@ -35,7 +35,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.37 2000/10/23 19:31:54 markus Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.38 2000/11/29 20:39:17 markus Exp $");
 #include "ssh.h"
 #include "xmalloc.h"
@@ -154,14 +154,9 @@ des3_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
        memcpy(&iv1, iv2, 8);
-        des_cbc_encrypt(src, dest, len, cc->u.des3.key1, &iv1, DES_ENCRYPT);
+        des_ncbc_encrypt(src,  dest, len, cc->u.des3.key1, &iv1, DES_ENCRYPT);
-        memcpy(&iv1, dest + len - 8, 8);
+        des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_DECRYPT);
+        des_ncbc_encrypt(dest, dest, len, cc->u.des3.key3, iv3, DES_ENCRYPT);
-        des_cbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_DECRYPT);
-        memcpy(iv2, &iv1, 8);   /* Note how iv1 == iv2 on entry and exit. */
-        des_cbc_encrypt(dest, dest, len, cc->u.des3.key3, iv3, DES_ENCRYPT);
-        memcpy(iv3, dest + len - 8, 8);
 }
 void
 des3_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
@@ -173,15 +168,9 @@ des3_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
        memcpy(&iv1, iv2, 8);
-        des_cbc_encrypt(src, dest, len, cc->u.des3.key3, iv3, DES_DECRYPT);
+        des_ncbc_encrypt(src,  dest, len, cc->u.des3.key3, iv3, DES_DECRYPT);
-        memcpy(iv3, src + len - 8, 8);
+        des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_ENCRYPT);
+        des_ncbc_encrypt(dest, dest, len, cc->u.des3.key1, &iv1, DES_DECRYPT);
-        des_cbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_ENCRYPT);
-        memcpy(iv2, dest + len - 8, 8);
-        des_cbc_encrypt(dest, dest, len, cc->u.des3.key1, &iv1, DES_DECRYPT);
-        /* memcpy(&iv1, iv2, 8); */
-        /* Note how iv1 == iv2 on entry and exit. */
 }
 /* Blowfish */
diff --git a/ssh-agent.c b/ssh-agent.c
index 6f89dd5ca..821ee26f4 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ssh-agent.c,v 1.40 2000/11/14 23:48:55 markus Exp $   */
+/*      $OpenBSD: ssh-agent.c,v 1.41 2000/11/30 18:33:05 markus Exp $   */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -37,7 +37,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.40 2000/11/14 23:48:55 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.41 2000/11/30 18:33:05 markus Exp $");
 #include "ssh.h"
 #include "rsa.h"
@@ -674,6 +674,7 @@ main(int ac, char **av)
        fd_set readset, writeset;
        int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch;
        struct sockaddr_un sunaddr;
+        struct rlimit rlim;
        pid_t pid;
        char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
        extern int optind;
@@ -804,6 +805,12 @@ main(int ac, char **av)
        close(1);
        close(2);
+        /* deny core dumps, since memory contains unencrypted private keys */
+        rlim.rlim_cur = rlim.rlim_max = 0;
+        if (setrlimit(RLIMIT_CORE, &rlim) < 0) {
+                perror("setrlimit rlimit_core failed");
+                cleanup_exit(1);
+        }
        if (setsid() == -1) {
                perror("setsid");
                cleanup_exit(1);
diff --git a/ssh.1 b/ssh.1
index 4bbfe34c0..8f3be1749 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.68 2000/11/12 19:50:38 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.70 2000/12/01 00:00:51 markus Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -446,7 +446,7 @@ needs to ask for a password or passphrase; see also the
 option.)
 .It Fl N
 Do not execute a remote command.
-This is usefull if you just want to forward ports
+This is useful if you just want to forward ports
 (protocol version 2 only).
 .It Fl o Ar option
 Can be used to give options in the format used in the config file.
@@ -475,7 +475,7 @@ This can be used to execute arbitrary
 screen-based programs on a remote machine, which can be very useful,
 e.g., when implementing menu services.
 .It Fl T
-Disable pseudo-tty allocation (protocol version 2 only).
+Disable pseudo-tty allocation.
 .It Fl v
 Verbose mode.
 Causes
@@ -1236,7 +1236,7 @@ This version of OpenSSH
 .Bl -bullet
 .It
 has all components of a restrictive nature (i.e., patents, see
-.Xr crypto 3 )
+.Xr ssl 8 )
 directly removed from the source code; any licensed or patented components
 are chosen from
 external libraries.
@@ -1265,4 +1265,4 @@ The support for SSH protocol 2 was written by Markus Friedl.
 .Xr ssh-keygen 1 ,
 .Xr telnet 1 ,
 .Xr sshd 8 ,
-.Xr crypto 3
+.Xr ssl 8
diff --git a/ssh.c b/ssh.c
index 3af5e0378..d95f22140 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.74 2000/11/23 21:03:47 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.75 2000/11/30 07:02:35 markus Exp $");
 #include <openssl/evp.h>
 #include <openssl/dsa.h>
@@ -526,15 +526,15 @@ main(int ac, char **av)
        if (buffer_len(&command) == 0)
                tty_flag = 1;
+        /* Force no tty*/
+        if (no_tty_flag)
+                tty_flag = 0;
        /* Do not allocate a tty if stdin is not a tty. */
        if (!isatty(fileno(stdin))) {
                if (tty_flag)
                        fprintf(stderr, "Pseudo-terminal will not be allocated because stdin is not a terminal.\n");
                tty_flag = 0;
        }
-        /* force */
-        if (no_tty_flag)
-                tty_flag = 0;
        /* Get user data. */
        pw = getpwuid(original_real_uid);
diff --git a/sshconnect.c b/sshconnect.c
index b33f20958..b54e75a8a 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -13,7 +13,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.81 2000/11/06 23:16:35 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.83 2000/11/30 22:53:35 markus Exp $");
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
@@ -508,13 +508,11 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
        if (options.proxy_command != NULL && options.check_host_ip)
                options.check_host_ip = 0;
-        if (options.check_host_ip) {
+        if (getnameinfo(hostaddr, salen, ntop, sizeof(ntop),
-                if (getnameinfo(hostaddr, salen, ntop, sizeof(ntop),
+                        NULL, 0, NI_NUMERICHOST) != 0)
-                    NULL, 0, NI_NUMERICHOST) != 0)
+                fatal("check_host_key: getnameinfo failed");
-                        fatal("check_host_key: getnameinfo failed");
+        ip = xstrdup(ntop);
-                ip = xstrdup(ntop);
+  
-        }
        /*
         * Store the host key from the known host file in here so that we can
         * compare it with the key for the IP address.
@@ -577,10 +575,10 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
                        char prompt[1024];
                        char *fp = key_fingerprint(host_key);
                        snprintf(prompt, sizeof(prompt),
-                            "The authenticity of host '%.200s' can't be established.\n"
+                            "The authenticity of host '%.200s (%s)' can't be established.\n"
                            "%s key fingerprint is %s.\n"
                            "Are you sure you want to continue connecting (yes/no)? ",
-                            host, type, fp);
+                            host, ip, type, fp);
                        if (!read_yes_or_no(prompt, -1))
                                fatal("Aborted by user!\n");
                }
@@ -647,6 +645,14 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
                        error("Agent forwarding is disabled to avoid trojan horses.");
                        options.forward_agent = 0;
                }
+                if (options.forward_x11) {
+                        error("X11 forwarding is disabled to avoid trojan horses.");
+                        options.forward_x11 = 0;
+                }
+                if (options.num_local_forwards > 0 || options.num_remote_forwards > 0) {
+                        error("Port forwarding is disabled to avoid trojan horses.");
+                        options.num_local_forwards = options.num_remote_forwards = 0;
+                }
                /*
                 * XXX Should permit the user to change to use the new id.
                 * This could be done by converting the host key to an
@@ -656,8 +662,8 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
                 */
                break;
        }
-        if (options.check_host_ip)
-                xfree(ip);
+        xfree(ip);
 }
 /*
diff --git a/sshd.c b/sshd.c
index 4a5f66278..4a01ebec7 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.134 2000/11/12 19:50:38 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.135 2000/11/29 21:11:59 markus Exp $");
 #include "xmalloc.h"
 #include "rsa.h"
@@ -111,6 +111,9 @@ int debug_flag = 0;
 /* Flag indicating that the daemon is being started from inetd. */
 int inetd_flag = 0;
+/* Flag indicating that sshd should not detach and become a daemon. */
+int no_daemon_flag = 0;
 /* debug goes to stderr unless inetd_flag is set */
 int log_stderr = 0;
@@ -583,7 +586,7 @@ main(int ac, char **av)
        initialize_server_options(&options);
        /* Parse command-line arguments. */
-        while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:diqQ46")) != EOF) {
+        while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:dDiqQ46")) != EOF) {
                switch (opt) {
                case '4':
                        IPv4or6 = AF_INET;
@@ -605,6 +608,9 @@ main(int ac, char **av)
                                exit(1);
                        }
                        break;
+                case 'D':
+                        no_daemon_flag = 1;
+                        break;
                case 'i':
                        inetd_flag = 1;
                        break;
@@ -769,7 +775,7 @@ main(int ac, char **av)
         * from the controlling terminal, and fork.  The original process
         * exits.
         */
-        if (!debug_flag && !inetd_flag) {
+        if (!(debug_flag || inetd_flag || no_daemon_flag)) {
 #ifdef TIOCNOTTY
                int fd;
 #endif /* TIOCNOTTY */

diff --git a/ChangeLog b/ChangeLog index b2876463a..a3b829515 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -1,3 +1,35 @@
		1	20001203
		2	- (bal) OpenBSD CVS updates:
		3	- markus@cvs.openbsd.org 2000/11/30 22:54:31
		4	[channels.c]
		5	debug->warn if tried to do -R style fwd w/o client requesting this;
		6	ok neils@
		7	- markus@cvs.openbsd.org 2000/11/29 20:39:17
		8	[cipher.c]
		9	des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
		10	- markus@cvs.openbsd.org 2000/11/30 18:33:05
		11	[ssh-agent.c]
		12	agents must not dump core, ok niels@
		13	- markus@cvs.openbsd.org 2000/11/30 07:04:02
		14	[ssh.1]
		15	T is for both protocols
		16	- markus@cvs.openbsd.org 2000/12/01 00:00:51
		17	[ssh.1]
		18	typo; from green@FreeBSD.org
		19	- markus@cvs.openbsd.org 2000/11/30 07:02:35
		20	[ssh.c]
		21	check -T before isatty()
		22	- provos@cvs.openbsd.org 2000/11/29 13:51:27
		23	[sshconnect.c]
		24	show IP address and hostname when new key is encountered. okay markus@
		25	- markus@cvs.openbsd.org 2000/11/30 22:53:35
		26	[sshconnect.c]
		27	disable agent/x11/port fwding if hostkey has changed; ok niels@
		28	- marksu@cvs.openbsd.org 2000/11/29 21:11:59
		29	[sshd.c]
		30	sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
		31	from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
		32
1	20001202	33	20001202
2	- (bal) Backed out of part of Alain St-Denis' loginrec.c patch.	34	- (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
3	- (bal) Irix need some sort of mansubdir, patch by Michael Stone	35	- (bal) Irix need some sort of mansubdir, patch by Michael Stone


diff --git a/TODO b/TODO index c7135806b..de51b3b07 100644 --- a/TODO +++ b/TODO
@@ -2,6 +2,8 @@ Programming:
2	- Replacement for setproctitle() - HP/UX support only currently	2	- Replacement for setproctitle() - HP/UX support only currently
3		3
4	- Improve PAM support (a pam_lastlog module will cause sshd to exit)	4	- Improve PAM support (a pam_lastlog module will cause sshd to exit)
		5	and maybe support alternate forms of authenications like OPIE via
		6	pam?
5		7
6	- Complete Tru64 SIA support	8	- Complete Tru64 SIA support
7		9


diff --git a/channels.c b/channels.c index 0886a91ef..91a1b50c3 100644 --- a/channels.c +++ b/channels.c
@@ -40,7 +40,7 @@
40	*/	40	*/
41		41
42	#include "includes.h"	42	#include "includes.h"
43	RCSID("$OpenBSD: channels.c,v 1.73 2000/11/06 23:04:55 markus Exp $");	43	RCSID("$OpenBSD: channels.c,v 1.74 2000/11/30 22:54:31 markus Exp $");
44		44
45	#include "ssh.h"	45	#include "ssh.h"
46	#include "packet.h"	46	#include "packet.h"
@@ -1729,7 +1729,8 @@ channel_connect_by_listen_adress(u_short listen_port)
1729	return channel_connect_to(	1729	return channel_connect_to(
1730	permitted_opens[i].host_to_connect,	1730	permitted_opens[i].host_to_connect,
1731	permitted_opens[i].port_to_connect);	1731	permitted_opens[i].port_to_connect);
1732	debug("channel_connect_by_listen_adress: unknown listen_port %d", listen_port);	1732	error("WARNING: Server requests forwarding for unknown listen_port %d",
		1733	listen_port);
1733	return -1;	1734	return -1;
1734	}	1735	}
1735		1736


diff --git a/cipher.c b/cipher.c index 65cde4732..f9091453e 100644 --- a/cipher.c +++ b/cipher.c
@@ -35,7 +35,7 @@
35	*/	35	*/
36		36
37	#include "includes.h"	37	#include "includes.h"
38	RCSID("$OpenBSD: cipher.c,v 1.37 2000/10/23 19:31:54 markus Exp $");	38	RCSID("$OpenBSD: cipher.c,v 1.38 2000/11/29 20:39:17 markus Exp $");
39		39
40	#include "ssh.h"	40	#include "ssh.h"
41	#include "xmalloc.h"	41	#include "xmalloc.h"
@@ -154,14 +154,9 @@ des3_ssh1_encrypt(CipherContext cc, u_char dest, const u_char *src,
154		154
155	memcpy(&iv1, iv2, 8);	155	memcpy(&iv1, iv2, 8);
156		156
157	des_cbc_encrypt(src, dest, len, cc->u.des3.key1, &iv1, DES_ENCRYPT);	157	des_ncbc_encrypt(src, dest, len, cc->u.des3.key1, &iv1, DES_ENCRYPT);
158	memcpy(&iv1, dest + len - 8, 8);	158	des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_DECRYPT);
159		159	des_ncbc_encrypt(dest, dest, len, cc->u.des3.key3, iv3, DES_ENCRYPT);
160	des_cbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_DECRYPT);
161	memcpy(iv2, &iv1, 8); /* Note how iv1 == iv2 on entry and exit. */
162
163	des_cbc_encrypt(dest, dest, len, cc->u.des3.key3, iv3, DES_ENCRYPT);
164	memcpy(iv3, dest + len - 8, 8);
165	}	160	}
166	void	161	void
167	des3_ssh1_decrypt(CipherContext cc, u_char dest, const u_char *src,	162	des3_ssh1_decrypt(CipherContext cc, u_char dest, const u_char *src,
@@ -173,15 +168,9 @@ des3_ssh1_decrypt(CipherContext cc, u_char dest, const u_char *src,
173		168
174	memcpy(&iv1, iv2, 8);	169	memcpy(&iv1, iv2, 8);
175		170
176	des_cbc_encrypt(src, dest, len, cc->u.des3.key3, iv3, DES_DECRYPT);	171	des_ncbc_encrypt(src, dest, len, cc->u.des3.key3, iv3, DES_DECRYPT);
177	memcpy(iv3, src + len - 8, 8);	172	des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_ENCRYPT);
178		173	des_ncbc_encrypt(dest, dest, len, cc->u.des3.key1, &iv1, DES_DECRYPT);
179	des_cbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_ENCRYPT);
180	memcpy(iv2, dest + len - 8, 8);
181
182	des_cbc_encrypt(dest, dest, len, cc->u.des3.key1, &iv1, DES_DECRYPT);
183	/* memcpy(&iv1, iv2, 8); */
184	/* Note how iv1 == iv2 on entry and exit. */
185	}	174	}
186		175
187	/* Blowfish */	176	/* Blowfish */


diff --git a/ssh-agent.c b/ssh-agent.c index 6f89dd5ca..821ee26f4 100644 --- a/ssh-agent.c +++ b/ssh-agent.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-agent.c,v 1.40 2000/11/14 23:48:55 markus Exp $ */	1	/* $OpenBSD: ssh-agent.c,v 1.41 2000/11/30 18:33:05 markus Exp $ */
2		2
3	/*	3	/*
4	* Author: Tatu Ylonen <ylo@cs.hut.fi>	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -37,7 +37,7 @@
37	*/	37	*/
38		38
39	#include "includes.h"	39	#include "includes.h"
40	RCSID("$OpenBSD: ssh-agent.c,v 1.40 2000/11/14 23:48:55 markus Exp $");	40	RCSID("$OpenBSD: ssh-agent.c,v 1.41 2000/11/30 18:33:05 markus Exp $");
41		41
42	#include "ssh.h"	42	#include "ssh.h"
43	#include "rsa.h"	43	#include "rsa.h"
@@ -674,6 +674,7 @@ main(int ac, char **av)
674	fd_set readset, writeset;	674	fd_set readset, writeset;
675	int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch;	675	int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch;
676	struct sockaddr_un sunaddr;	676	struct sockaddr_un sunaddr;
		677	struct rlimit rlim;
677	pid_t pid;	678	pid_t pid;
678	char shell, format, pidstr, pidstrbuf[1 + 3 sizeof pid];	679	char shell, format, pidstr, pidstrbuf[1 + 3 sizeof pid];
679	extern int optind;	680	extern int optind;
@@ -804,6 +805,12 @@ main(int ac, char **av)
804	close(1);	805	close(1);
805	close(2);	806	close(2);
806		807
		808	/* deny core dumps, since memory contains unencrypted private keys */
		809	rlim.rlim_cur = rlim.rlim_max = 0;
		810	if (setrlimit(RLIMIT_CORE, &rlim) < 0) {
		811	perror("setrlimit rlimit_core failed");
		812	cleanup_exit(1);
		813	}
807	if (setsid() == -1) {	814	if (setsid() == -1) {
808	perror("setsid");	815	perror("setsid");
809	cleanup_exit(1);	816	cleanup_exit(1);


diff --git a/ssh.1 b/ssh.1 index 4bbfe34c0..8f3be1749 100644 --- a/ssh.1 +++ b/ssh.1
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: ssh.1,v 1.68 2000/11/12 19:50:38 markus Exp $	37	.\" $OpenBSD: ssh.1,v 1.70 2000/12/01 00:00:51 markus Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSH 1	39	.Dt SSH 1
40	.Os	40	.Os
@@ -446,7 +446,7 @@ needs to ask for a password or passphrase; see also the
446	option.)	446	option.)
447	.It Fl N	447	.It Fl N
448	Do not execute a remote command.	448	Do not execute a remote command.
449	This is usefull if you just want to forward ports	449	This is useful if you just want to forward ports
450	(protocol version 2 only).	450	(protocol version 2 only).
451	.It Fl o Ar option	451	.It Fl o Ar option
452	Can be used to give options in the format used in the config file.	452	Can be used to give options in the format used in the config file.
@@ -475,7 +475,7 @@ This can be used to execute arbitrary
475	screen-based programs on a remote machine, which can be very useful,	475	screen-based programs on a remote machine, which can be very useful,
476	e.g., when implementing menu services.	476	e.g., when implementing menu services.
477	.It Fl T	477	.It Fl T
478	Disable pseudo-tty allocation (protocol version 2 only).	478	Disable pseudo-tty allocation.
479	.It Fl v	479	.It Fl v
480	Verbose mode.	480	Verbose mode.
481	Causes	481	Causes
@@ -1236,7 +1236,7 @@ This version of OpenSSH
1236	.Bl -bullet	1236	.Bl -bullet
1237	.It	1237	.It
1238	has all components of a restrictive nature (i.e., patents, see	1238	has all components of a restrictive nature (i.e., patents, see
1239	.Xr crypto 3 )	1239	.Xr ssl 8 )
1240	directly removed from the source code; any licensed or patented components	1240	directly removed from the source code; any licensed or patented components
1241	are chosen from	1241	are chosen from
1242	external libraries.	1242	external libraries.
@@ -1265,4 +1265,4 @@ The support for SSH protocol 2 was written by Markus Friedl.
1265	.Xr ssh-keygen 1 ,	1265	.Xr ssh-keygen 1 ,
1266	.Xr telnet 1 ,	1266	.Xr telnet 1 ,
1267	.Xr sshd 8 ,	1267	.Xr sshd 8 ,
1268	.Xr crypto 3	1268	.Xr ssl 8


diff --git a/ssh.c b/ssh.c index 3af5e0378..d95f22140 100644 --- a/ssh.c +++ b/ssh.c
@@ -39,7 +39,7 @@
39	*/	39	*/
40		40
41	#include "includes.h"	41	#include "includes.h"
42	RCSID("$OpenBSD: ssh.c,v 1.74 2000/11/23 21:03:47 markus Exp $");	42	RCSID("$OpenBSD: ssh.c,v 1.75 2000/11/30 07:02:35 markus Exp $");
43		43
44	#include <openssl/evp.h>	44	#include <openssl/evp.h>
45	#include <openssl/dsa.h>	45	#include <openssl/dsa.h>
@@ -526,15 +526,15 @@ main(int ac, char **av)
526	if (buffer_len(&command) == 0)	526	if (buffer_len(&command) == 0)
527	tty_flag = 1;	527	tty_flag = 1;
528		528
		529	/* Force no tty*/
		530	if (no_tty_flag)
		531	tty_flag = 0;
529	/* Do not allocate a tty if stdin is not a tty. */	532	/* Do not allocate a tty if stdin is not a tty. */
530	if (!isatty(fileno(stdin))) {	533	if (!isatty(fileno(stdin))) {
531	if (tty_flag)	534	if (tty_flag)
532	fprintf(stderr, "Pseudo-terminal will not be allocated because stdin is not a terminal.\n");	535	fprintf(stderr, "Pseudo-terminal will not be allocated because stdin is not a terminal.\n");
533	tty_flag = 0;	536	tty_flag = 0;
534	}	537	}
535	/* force */
536	if (no_tty_flag)
537	tty_flag = 0;
538		538
539	/* Get user data. */	539	/* Get user data. */
540	pw = getpwuid(original_real_uid);	540	pw = getpwuid(original_real_uid);


diff --git a/sshconnect.c b/sshconnect.c index b33f20958..b54e75a8a 100644 --- a/sshconnect.c +++ b/sshconnect.c
@@ -13,7 +13,7 @@
13	*/	13	*/
14		14
15	#include "includes.h"	15	#include "includes.h"
16	RCSID("$OpenBSD: sshconnect.c,v 1.81 2000/11/06 23:16:35 markus Exp $");	16	RCSID("$OpenBSD: sshconnect.c,v 1.83 2000/11/30 22:53:35 markus Exp $");
17		17
18	#include <openssl/bn.h>	18	#include <openssl/bn.h>
19	#include <openssl/dsa.h>	19	#include <openssl/dsa.h>
@@ -508,13 +508,11 @@ check_host_key(char host, struct sockaddr hostaddr, Key *host_key,
508	if (options.proxy_command != NULL && options.check_host_ip)	508	if (options.proxy_command != NULL && options.check_host_ip)
509	options.check_host_ip = 0;	509	options.check_host_ip = 0;
510		510
511	if (options.check_host_ip) {	511	if (getnameinfo(hostaddr, salen, ntop, sizeof(ntop),
512	if (getnameinfo(hostaddr, salen, ntop, sizeof(ntop),	512	NULL, 0, NI_NUMERICHOST) != 0)
513	NULL, 0, NI_NUMERICHOST) != 0)	513	fatal("check_host_key: getnameinfo failed");
514	fatal("check_host_key: getnameinfo failed");	514	ip = xstrdup(ntop);
515	ip = xstrdup(ntop);	515
516	}
517
518	/*	516	/*
519	* Store the host key from the known host file in here so that we can	517	* Store the host key from the known host file in here so that we can
520	* compare it with the key for the IP address.	518	* compare it with the key for the IP address.
@@ -577,10 +575,10 @@ check_host_key(char host, struct sockaddr hostaddr, Key *host_key,
577	char prompt[1024];	575	char prompt[1024];
578	char *fp = key_fingerprint(host_key);	576	char *fp = key_fingerprint(host_key);
579	snprintf(prompt, sizeof(prompt),	577	snprintf(prompt, sizeof(prompt),
580	"The authenticity of host '%.200s' can't be established.\n"	578	"The authenticity of host '%.200s (%s)' can't be established.\n"
581	"%s key fingerprint is %s.\n"	579	"%s key fingerprint is %s.\n"
582	"Are you sure you want to continue connecting (yes/no)? ",	580	"Are you sure you want to continue connecting (yes/no)? ",
583	host, type, fp);	581	host, ip, type, fp);
584	if (!read_yes_or_no(prompt, -1))	582	if (!read_yes_or_no(prompt, -1))
585	fatal("Aborted by user!\n");	583	fatal("Aborted by user!\n");
586	}	584	}
@@ -647,6 +645,14 @@ check_host_key(char host, struct sockaddr hostaddr, Key *host_key,
647	error("Agent forwarding is disabled to avoid trojan horses.");	645	error("Agent forwarding is disabled to avoid trojan horses.");
648	options.forward_agent = 0;	646	options.forward_agent = 0;
649	}	647	}
		648	if (options.forward_x11) {
		649	error("X11 forwarding is disabled to avoid trojan horses.");
		650	options.forward_x11 = 0;
		651	}
		652	if (options.num_local_forwards > 0 \|\| options.num_remote_forwards > 0) {
		653	error("Port forwarding is disabled to avoid trojan horses.");
		654	options.num_local_forwards = options.num_remote_forwards = 0;
		655	}
650	/*	656	/*
651	* XXX Should permit the user to change to use the new id.	657	* XXX Should permit the user to change to use the new id.
652	* This could be done by converting the host key to an	658	* This could be done by converting the host key to an
@@ -656,8 +662,8 @@ check_host_key(char host, struct sockaddr hostaddr, Key *host_key,
656	*/	662	*/
657	break;	663	break;
658	}	664	}
659	if (options.check_host_ip)	665
660	xfree(ip);	666	xfree(ip);
661	}	667	}
662		668
663	/*	669	/*


diff --git a/sshd.c b/sshd.c index 4a5f66278..4a01ebec7 100644 --- a/sshd.c +++ b/sshd.c
@@ -40,7 +40,7 @@
40	*/	40	*/
41		41
42	#include "includes.h"	42	#include "includes.h"
43	RCSID("$OpenBSD: sshd.c,v 1.134 2000/11/12 19:50:38 markus Exp $");	43	RCSID("$OpenBSD: sshd.c,v 1.135 2000/11/29 21:11:59 markus Exp $");
44		44
45	#include "xmalloc.h"	45	#include "xmalloc.h"
46	#include "rsa.h"	46	#include "rsa.h"
@@ -111,6 +111,9 @@ int debug_flag = 0;
111	/* Flag indicating that the daemon is being started from inetd. */	111	/* Flag indicating that the daemon is being started from inetd. */
112	int inetd_flag = 0;	112	int inetd_flag = 0;
113		113
		114	/* Flag indicating that sshd should not detach and become a daemon. */
		115	int no_daemon_flag = 0;
		116
114	/* debug goes to stderr unless inetd_flag is set */	117	/* debug goes to stderr unless inetd_flag is set */
115	int log_stderr = 0;	118	int log_stderr = 0;
116		119
@@ -583,7 +586,7 @@ main(int ac, char **av)
583	initialize_server_options(&options);	586	initialize_server_options(&options);
584		587
585	/* Parse command-line arguments. */	588	/* Parse command-line arguments. */
586	while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:diqQ46")) != EOF) {	589	while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:dDiqQ46")) != EOF) {
587	switch (opt) {	590	switch (opt) {
588	case '4':	591	case '4':
589	IPv4or6 = AF_INET;	592	IPv4or6 = AF_INET;
@@ -605,6 +608,9 @@ main(int ac, char **av)
605	exit(1);	608	exit(1);
606	}	609	}
607	break;	610	break;
		611	case 'D':
		612	no_daemon_flag = 1;
		613	break;
608	case 'i':	614	case 'i':
609	inetd_flag = 1;	615	inetd_flag = 1;
610	break;	616	break;
@@ -769,7 +775,7 @@ main(int ac, char **av)
769	* from the controlling terminal, and fork. The original process	775	* from the controlling terminal, and fork. The original process
770	* exits.	776	* exits.
771	*/	777	*/
772	if (!debug_flag && !inetd_flag) {	778	if (!(debug_flag \|\| inetd_flag \|\| no_daemon_flag)) {
773	#ifdef TIOCNOTTY	779	#ifdef TIOCNOTTY
774	int fd;	780	int fd;
775	#endif /* TIOCNOTTY */	781	#endif /* TIOCNOTTY */