diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | acconfig.h | 2 | ||||
-rw-r--r-- | auth-chall.c | 2 | ||||
-rw-r--r-- | auth-pam.c | 60 | ||||
-rw-r--r-- | auth-passwd.c | 10 | ||||
-rw-r--r-- | auth.c | 8 | ||||
-rw-r--r-- | auth1.c | 18 | ||||
-rw-r--r-- | auth2.c | 26 | ||||
-rw-r--r-- | authfd.c | 2 | ||||
-rw-r--r-- | canohost.c | 2 | ||||
-rw-r--r-- | channels.c | 16 | ||||
-rw-r--r-- | cipher.c | 6 | ||||
-rw-r--r-- | cli.c | 10 | ||||
-rw-r--r-- | cli.h | 2 | ||||
-rw-r--r-- | defines.h | 28 | ||||
-rw-r--r-- | dispatch.c | 2 | ||||
-rw-r--r-- | entropy.c | 130 | ||||
-rw-r--r-- | includes.h | 6 | ||||
-rw-r--r-- | kex.c | 10 | ||||
-rw-r--r-- | kex.h | 2 | ||||
-rw-r--r-- | key.c | 26 | ||||
-rw-r--r-- | log.h | 2 | ||||
-rw-r--r-- | loginrec.c | 104 | ||||
-rw-r--r-- | loginrec.h | 8 | ||||
-rw-r--r-- | logintest.c | 30 | ||||
-rw-r--r-- | md5crypt.c | 12 | ||||
-rw-r--r-- | nchan.c | 2 | ||||
-rw-r--r-- | packet.c | 4 | ||||
-rw-r--r-- | pty.c | 8 | ||||
-rw-r--r-- | rijndael.c | 114 | ||||
-rw-r--r-- | rsa.c | 2 | ||||
-rw-r--r-- | scp.c | 4 | ||||
-rw-r--r-- | servconf.c | 8 | ||||
-rw-r--r-- | serverloop.c | 6 | ||||
-rw-r--r-- | session.c | 16 | ||||
-rw-r--r-- | sftp-client.c | 2 | ||||
-rw-r--r-- | sftp-int.c | 12 | ||||
-rw-r--r-- | sftp-server.c | 8 | ||||
-rw-r--r-- | sftp.c | 4 | ||||
-rw-r--r-- | ssh-add.c | 2 | ||||
-rw-r--r-- | ssh-agent.c | 2 | ||||
-rw-r--r-- | ssh-dss.c | 2 | ||||
-rw-r--r-- | ssh-keygen.c | 2 | ||||
-rw-r--r-- | ssh-keyscan.c | 2 | ||||
-rw-r--r-- | ssh.c | 4 | ||||
-rw-r--r-- | sshconnect.c | 4 | ||||
-rw-r--r-- | sshconnect2.c | 20 | ||||
-rw-r--r-- | sshd.c | 8 | ||||
-rw-r--r-- | xmalloc.c | 2 |
49 files changed, 386 insertions, 382 deletions
@@ -1,7 +1,11 @@ | |||
1 | 20010105 | 1 | 20010105 |
2 | - (bal) Disable groupaccess by setting NGROUP_MAX to 0 for platforms | 2 | - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms |
3 | that don't have NGROUPS_MAX. | 3 | that don't have NGROUPS_MAX. |
4 | - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu> | 4 | - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu> |
5 | - (stevesk) OpenBSD sync: | ||
6 | - stevesk@cvs.openbsd.org 2001/02/04 08:32:27 | ||
7 | [many files; did this manually to our top-level source dir] | ||
8 | unexpand and remove end-of-line whitespace; ok markus@ | ||
5 | 9 | ||
6 | 20010104 | 10 | 20010104 |
7 | - (bal) I think this is the last of the bsd-*.h that don't belong. | 11 | - (bal) I think this is the last of the bsd-*.h that don't belong. |
diff --git a/acconfig.h b/acconfig.h index f0242eec4..6af298285 100644 --- a/acconfig.h +++ b/acconfig.h | |||
@@ -225,7 +225,7 @@ | |||
225 | /* Define if you are using Solaris-derived PAM which passes pam_messages */ | 225 | /* Define if you are using Solaris-derived PAM which passes pam_messages */ |
226 | /* to the conversation function with an extra level of indirection */ | 226 | /* to the conversation function with an extra level of indirection */ |
227 | #undef PAM_SUN_CODEBASE | 227 | #undef PAM_SUN_CODEBASE |
228 | 228 | ||
229 | /* Set this to your mail directory if you don't have maillock.h */ | 229 | /* Set this to your mail directory if you don't have maillock.h */ |
230 | #undef MAIL_DIRECTORY | 230 | #undef MAIL_DIRECTORY |
231 | 231 | ||
diff --git a/auth-chall.c b/auth-chall.c index b8b0c5d1e..9f5a151fe 100644 --- a/auth-chall.c +++ b/auth-chall.c | |||
@@ -34,7 +34,7 @@ char * | |||
34 | get_challenge(Authctxt *authctxt, char *devs) | 34 | get_challenge(Authctxt *authctxt, char *devs) |
35 | { | 35 | { |
36 | static char challenge[1024]; | 36 | static char challenge[1024]; |
37 | struct skey skey; | 37 | struct skey skey; |
38 | if (skeychallenge(&skey, authctxt->user, challenge) == -1) | 38 | if (skeychallenge(&skey, authctxt->user, challenge) == -1) |
39 | return NULL; | 39 | return NULL; |
40 | strlcat(challenge, "\nS/Key Password: ", sizeof challenge); | 40 | strlcat(challenge, "\nS/Key Password: ", sizeof challenge); |
diff --git a/auth-pam.c b/auth-pam.c index 122896c7f..ab985d15b 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -32,7 +32,7 @@ | |||
32 | #include "canohost.h" | 32 | #include "canohost.h" |
33 | #include "readpass.h" | 33 | #include "readpass.h" |
34 | 34 | ||
35 | RCSID("$Id: auth-pam.c,v 1.23 2001/02/04 12:20:19 djm Exp $"); | 35 | RCSID("$Id: auth-pam.c,v 1.24 2001/02/05 12:42:17 stevesk Exp $"); |
36 | 36 | ||
37 | #define NEW_AUTHTOK_MSG \ | 37 | #define NEW_AUTHTOK_MSG \ |
38 | "Warning: Your password has expired, please change it now" | 38 | "Warning: Your password has expired, please change it now" |
@@ -97,7 +97,7 @@ static int pamconv(int num_msg, const struct pam_message **msg, | |||
97 | /* PAM will free this later */ | 97 | /* PAM will free this later */ |
98 | reply = malloc(num_msg * sizeof(*reply)); | 98 | reply = malloc(num_msg * sizeof(*reply)); |
99 | if (reply == NULL) | 99 | if (reply == NULL) |
100 | return PAM_CONV_ERR; | 100 | return PAM_CONV_ERR; |
101 | 101 | ||
102 | for (count = 0; count < num_msg; count++) { | 102 | for (count = 0; count < num_msg; count++) { |
103 | switch(PAM_MSG_MEMBER(msg, count, msg_style)) { | 103 | switch(PAM_MSG_MEMBER(msg, count, msg_style)) { |
@@ -120,7 +120,7 @@ static int pamconv(int num_msg, const struct pam_message **msg, | |||
120 | } | 120 | } |
121 | reply[count].resp = xstrdup(pampasswd); | 121 | reply[count].resp = xstrdup(pampasswd); |
122 | } else { | 122 | } else { |
123 | reply[count].resp = | 123 | reply[count].resp = |
124 | xstrdup(read_passphrase(PAM_MSG_MEMBER(msg, count, msg), 1)); | 124 | xstrdup(read_passphrase(PAM_MSG_MEMBER(msg, count, msg), 1)); |
125 | } | 125 | } |
126 | reply[count].resp_retcode = PAM_SUCCESS; | 126 | reply[count].resp_retcode = PAM_SUCCESS; |
@@ -158,19 +158,19 @@ void pam_cleanup_proc(void *context) | |||
158 | { | 158 | { |
159 | pam_retval = pam_close_session(pamh, 0); | 159 | pam_retval = pam_close_session(pamh, 0); |
160 | if (pam_retval != PAM_SUCCESS) { | 160 | if (pam_retval != PAM_SUCCESS) { |
161 | log("Cannot close PAM session[%d]: %.200s", | 161 | log("Cannot close PAM session[%d]: %.200s", |
162 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 162 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
163 | } | 163 | } |
164 | 164 | ||
165 | pam_retval = pam_setcred(pamh, PAM_DELETE_CRED); | 165 | pam_retval = pam_setcred(pamh, PAM_DELETE_CRED); |
166 | if (pam_retval != PAM_SUCCESS) { | 166 | if (pam_retval != PAM_SUCCESS) { |
167 | debug("Cannot delete credentials[%d]: %.200s", | 167 | debug("Cannot delete credentials[%d]: %.200s", |
168 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 168 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
169 | } | 169 | } |
170 | 170 | ||
171 | pam_retval = pam_end(pamh, pam_retval); | 171 | pam_retval = pam_end(pamh, pam_retval); |
172 | if (pam_retval != PAM_SUCCESS) { | 172 | if (pam_retval != PAM_SUCCESS) { |
173 | log("Cannot release PAM authentication[%d]: %.200s", | 173 | log("Cannot release PAM authentication[%d]: %.200s", |
174 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 174 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
175 | } | 175 | } |
176 | } | 176 | } |
@@ -193,15 +193,15 @@ int auth_pam_password(struct passwd *pw, const char *password) | |||
193 | return 0; | 193 | return 0; |
194 | 194 | ||
195 | pampasswd = password; | 195 | pampasswd = password; |
196 | 196 | ||
197 | pamstate = INITIAL_LOGIN; | 197 | pamstate = INITIAL_LOGIN; |
198 | pam_retval = do_pam_authenticate(0); | 198 | pam_retval = do_pam_authenticate(0); |
199 | if (pam_retval == PAM_SUCCESS) { | 199 | if (pam_retval == PAM_SUCCESS) { |
200 | debug("PAM Password authentication accepted for user \"%.100s\"", | 200 | debug("PAM Password authentication accepted for user \"%.100s\"", |
201 | pw->pw_name); | 201 | pw->pw_name); |
202 | return 1; | 202 | return 1; |
203 | } else { | 203 | } else { |
204 | debug("PAM Password authentication for \"%.100s\" failed[%d]: %s", | 204 | debug("PAM Password authentication for \"%.100s\" failed[%d]: %s", |
205 | pw->pw_name, pam_retval, PAM_STRERROR(pamh, pam_retval)); | 205 | pw->pw_name, pam_retval, PAM_STRERROR(pamh, pam_retval)); |
206 | return 0; | 206 | return 0; |
207 | } | 207 | } |
@@ -212,13 +212,13 @@ int do_pam_account(char *username, char *remote_user) | |||
212 | { | 212 | { |
213 | int pam_retval; | 213 | int pam_retval; |
214 | extern ServerOptions options; | 214 | extern ServerOptions options; |
215 | 215 | ||
216 | debug("PAM setting rhost to \"%.200s\"", | 216 | debug("PAM setting rhost to \"%.200s\"", |
217 | get_canonical_hostname(options.reverse_mapping_check)); | 217 | get_canonical_hostname(options.reverse_mapping_check)); |
218 | pam_retval = pam_set_item(pamh, PAM_RHOST, | 218 | pam_retval = pam_set_item(pamh, PAM_RHOST, |
219 | get_canonical_hostname(options.reverse_mapping_check)); | 219 | get_canonical_hostname(options.reverse_mapping_check)); |
220 | if (pam_retval != PAM_SUCCESS) { | 220 | if (pam_retval != PAM_SUCCESS) { |
221 | fatal("PAM set rhost failed[%d]: %.200s", | 221 | fatal("PAM set rhost failed[%d]: %.200s", |
222 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 222 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
223 | } | 223 | } |
224 | 224 | ||
@@ -226,7 +226,7 @@ int do_pam_account(char *username, char *remote_user) | |||
226 | debug("PAM setting ruser to \"%.200s\"", remote_user); | 226 | debug("PAM setting ruser to \"%.200s\"", remote_user); |
227 | pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user); | 227 | pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user); |
228 | if (pam_retval != PAM_SUCCESS) { | 228 | if (pam_retval != PAM_SUCCESS) { |
229 | fatal("PAM set ruser failed[%d]: %.200s", | 229 | fatal("PAM set ruser failed[%d]: %.200s", |
230 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 230 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
231 | } | 231 | } |
232 | } | 232 | } |
@@ -242,11 +242,11 @@ int do_pam_account(char *username, char *remote_user) | |||
242 | password_change_required = 1; | 242 | password_change_required = 1; |
243 | break; | 243 | break; |
244 | default: | 244 | default: |
245 | log("PAM rejected by account configuration[%d]: %.200s", | 245 | log("PAM rejected by account configuration[%d]: %.200s", |
246 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 246 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
247 | return(0); | 247 | return(0); |
248 | } | 248 | } |
249 | 249 | ||
250 | return(1); | 250 | return(1); |
251 | } | 251 | } |
252 | 252 | ||
@@ -259,31 +259,31 @@ void do_pam_session(char *username, const char *ttyname) | |||
259 | debug("PAM setting tty to \"%.200s\"", ttyname); | 259 | debug("PAM setting tty to \"%.200s\"", ttyname); |
260 | pam_retval = pam_set_item(pamh, PAM_TTY, ttyname); | 260 | pam_retval = pam_set_item(pamh, PAM_TTY, ttyname); |
261 | if (pam_retval != PAM_SUCCESS) { | 261 | if (pam_retval != PAM_SUCCESS) { |
262 | fatal("PAM set tty failed[%d]: %.200s", | 262 | fatal("PAM set tty failed[%d]: %.200s", |
263 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 263 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
264 | } | 264 | } |
265 | } | 265 | } |
266 | 266 | ||
267 | pam_retval = pam_open_session(pamh, 0); | 267 | pam_retval = pam_open_session(pamh, 0); |
268 | if (pam_retval != PAM_SUCCESS) { | 268 | if (pam_retval != PAM_SUCCESS) { |
269 | fatal("PAM session setup failed[%d]: %.200s", | 269 | fatal("PAM session setup failed[%d]: %.200s", |
270 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 270 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
271 | } | 271 | } |
272 | } | 272 | } |
273 | 273 | ||
274 | /* Set PAM credentials */ | 274 | /* Set PAM credentials */ |
275 | void do_pam_setcred(void) | 275 | void do_pam_setcred(void) |
276 | { | 276 | { |
277 | int pam_retval; | 277 | int pam_retval; |
278 | 278 | ||
279 | debug("PAM establishing creds"); | 279 | debug("PAM establishing creds"); |
280 | pam_retval = pam_setcred(pamh, PAM_ESTABLISH_CRED); | 280 | pam_retval = pam_setcred(pamh, PAM_ESTABLISH_CRED); |
281 | if (pam_retval != PAM_SUCCESS) { | 281 | if (pam_retval != PAM_SUCCESS) { |
282 | if(was_authenticated) { | 282 | if(was_authenticated) { |
283 | fatal("PAM setcred failed[%d]: %.200s", | 283 | fatal("PAM setcred failed[%d]: %.200s", |
284 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 284 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
285 | } else { | 285 | } else { |
286 | debug("PAM setcred failed[%d]: %.200s", | 286 | debug("PAM setcred failed[%d]: %.200s", |
287 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 287 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
288 | } | 288 | } |
289 | } | 289 | } |
@@ -295,7 +295,7 @@ int pam_password_change_required(void) | |||
295 | return password_change_required; | 295 | return password_change_required; |
296 | } | 296 | } |
297 | 297 | ||
298 | /* | 298 | /* |
299 | * Have user change authentication token if pam_acct_mgmt() indicated | 299 | * Have user change authentication token if pam_acct_mgmt() indicated |
300 | * it was expired. This needs to be called after an interactive | 300 | * it was expired. This needs to be called after an interactive |
301 | * session is established and the user's pty is connected to | 301 | * session is established and the user's pty is connected to |
@@ -313,7 +313,7 @@ void do_pam_chauthtok(void) | |||
313 | do { | 313 | do { |
314 | pam_retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); | 314 | pam_retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); |
315 | if (pam_retval != PAM_SUCCESS) { | 315 | if (pam_retval != PAM_SUCCESS) { |
316 | log("PAM pam_chauthtok failed[%d]: %.200s", | 316 | log("PAM pam_chauthtok failed[%d]: %.200s", |
317 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 317 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
318 | } | 318 | } |
319 | } while (pam_retval != PAM_SUCCESS); | 319 | } while (pam_retval != PAM_SUCCESS); |
@@ -337,21 +337,21 @@ void start_pam(const char *user) | |||
337 | pam_retval = pam_start(SSHD_PAM_SERVICE, user, &conv, &pamh); | 337 | pam_retval = pam_start(SSHD_PAM_SERVICE, user, &conv, &pamh); |
338 | 338 | ||
339 | if (pam_retval != PAM_SUCCESS) { | 339 | if (pam_retval != PAM_SUCCESS) { |
340 | fatal("PAM initialisation failed[%d]: %.200s", | 340 | fatal("PAM initialisation failed[%d]: %.200s", |
341 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 341 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
342 | } | 342 | } |
343 | 343 | ||
344 | #ifdef PAM_TTY_KLUDGE | 344 | #ifdef PAM_TTY_KLUDGE |
345 | /* | 345 | /* |
346 | * Some PAM modules (e.g. pam_time) require a TTY to operate, | 346 | * Some PAM modules (e.g. pam_time) require a TTY to operate, |
347 | * and will fail in various stupid ways if they don't get one. | 347 | * and will fail in various stupid ways if they don't get one. |
348 | * sshd doesn't set the tty until too late in the auth process and may | 348 | * sshd doesn't set the tty until too late in the auth process and may |
349 | * not even need one (for tty-less connections) | 349 | * not even need one (for tty-less connections) |
350 | * Kludge: Set a fake PAM_TTY | 350 | * Kludge: Set a fake PAM_TTY |
351 | */ | 351 | */ |
352 | pam_retval = pam_set_item(pamh, PAM_TTY, "ssh"); | 352 | pam_retval = pam_set_item(pamh, PAM_TTY, "ssh"); |
353 | if (pam_retval != PAM_SUCCESS) { | 353 | if (pam_retval != PAM_SUCCESS) { |
354 | fatal("PAM set tty failed[%d]: %.200s", | 354 | fatal("PAM set tty failed[%d]: %.200s", |
355 | pam_retval, PAM_STRERROR(pamh, pam_retval)); | 355 | pam_retval, PAM_STRERROR(pamh, pam_retval)); |
356 | } | 356 | } |
357 | #endif /* PAM_TTY_KLUDGE */ | 357 | #endif /* PAM_TTY_KLUDGE */ |
@@ -383,9 +383,9 @@ void pam_msg_cat(const char *msg) | |||
383 | char *p; | 383 | char *p; |
384 | size_t new_msg_len; | 384 | size_t new_msg_len; |
385 | size_t pam_msg_len; | 385 | size_t pam_msg_len; |
386 | 386 | ||
387 | new_msg_len = strlen(msg); | 387 | new_msg_len = strlen(msg); |
388 | 388 | ||
389 | if (pam_msg) { | 389 | if (pam_msg) { |
390 | pam_msg_len = strlen(pam_msg); | 390 | pam_msg_len = strlen(pam_msg); |
391 | pam_msg = xrealloc(pam_msg, new_msg_len + pam_msg_len + 2); | 391 | pam_msg = xrealloc(pam_msg, new_msg_len + pam_msg_len + 2); |
diff --git a/auth-passwd.c b/auth-passwd.c index 541aca607..9f763267f 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
@@ -118,7 +118,7 @@ auth_password(struct passwd * pw, const char *password) | |||
118 | * Empty password is only possible on NT if the user has _really_ | 118 | * Empty password is only possible on NT if the user has _really_ |
119 | * an empty password and authentication is done, though. | 119 | * an empty password and authentication is done, though. |
120 | */ | 120 | */ |
121 | if (!is_winnt) | 121 | if (!is_winnt) |
122 | #endif | 122 | #endif |
123 | if (*password == '\0' && options.permit_empty_passwd == 0) | 123 | if (*password == '\0' && options.permit_empty_passwd == 0) |
124 | return 0; | 124 | return 0; |
@@ -155,13 +155,13 @@ auth_password(struct passwd * pw, const char *password) | |||
155 | */ | 155 | */ |
156 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | 156 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) |
157 | spw = getspnam(pw->pw_name); | 157 | spw = getspnam(pw->pw_name); |
158 | if (spw != NULL) | 158 | if (spw != NULL) |
159 | pw_password = spw->sp_pwdp; | 159 | pw_password = spw->sp_pwdp; |
160 | #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ | 160 | #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ |
161 | 161 | ||
162 | #ifdef HAVE_SCO_PROTECTED_PW | 162 | #ifdef HAVE_SCO_PROTECTED_PW |
163 | spw = getprpwnam(pw->pw_name); | 163 | spw = getprpwnam(pw->pw_name); |
164 | if (spw != NULL) | 164 | if (spw != NULL) |
165 | pw_password = spw->ufld.fd_encrypt; | 165 | pw_password = spw->ufld.fd_encrypt; |
166 | #endif /* HAVE_SCO_PROTECTED_PW */ | 166 | #endif /* HAVE_SCO_PROTECTED_PW */ |
167 | 167 | ||
@@ -189,7 +189,7 @@ auth_password(struct passwd * pw, const char *password) | |||
189 | encrypted_password = md5_crypt(password, salt); | 189 | encrypted_password = md5_crypt(password, salt); |
190 | else | 190 | else |
191 | encrypted_password = crypt(password, salt); | 191 | encrypted_password = crypt(password, salt); |
192 | #else /* HAVE_MD5_PASSWORDS */ | 192 | #else /* HAVE_MD5_PASSWORDS */ |
193 | # ifdef __hpux | 193 | # ifdef __hpux |
194 | if (iscomsec()) | 194 | if (iscomsec()) |
195 | encrypted_password = bigcrypt(password, salt); | 195 | encrypted_password = bigcrypt(password, salt); |
@@ -198,7 +198,7 @@ auth_password(struct passwd * pw, const char *password) | |||
198 | # else | 198 | # else |
199 | encrypted_password = crypt(password, salt); | 199 | encrypted_password = crypt(password, salt); |
200 | # endif /* __hpux */ | 200 | # endif /* __hpux */ |
201 | #endif /* HAVE_MD5_PASSWORDS */ | 201 | #endif /* HAVE_MD5_PASSWORDS */ |
202 | 202 | ||
203 | /* Authentication is accepted if the encrypted passwords are identical. */ | 203 | /* Authentication is accepted if the encrypted passwords are identical. */ |
204 | return (strcmp(encrypted_password, pw_password) == 0); | 204 | return (strcmp(encrypted_password, pw_password) == 0); |
@@ -79,7 +79,7 @@ allowed_user(struct passwd * pw) | |||
79 | return 0; | 79 | return 0; |
80 | 80 | ||
81 | /* Check password expiry */ | 81 | /* Check password expiry */ |
82 | if ((spw->sp_lstchg >= 0) && (spw->sp_max >= 0) && | 82 | if ((spw->sp_lstchg >= 0) && (spw->sp_max >= 0) && |
83 | (days > (spw->sp_lstchg + spw->sp_max))) | 83 | (days > (spw->sp_lstchg + spw->sp_max))) |
84 | return 0; | 84 | return 0; |
85 | } | 85 | } |
@@ -165,9 +165,9 @@ allowed_user(struct passwd * pw) | |||
165 | Authctxt * | 165 | Authctxt * |
166 | authctxt_new(void) | 166 | authctxt_new(void) |
167 | { | 167 | { |
168 | Authctxt *authctxt = xmalloc(sizeof(*authctxt)); | 168 | Authctxt *authctxt = xmalloc(sizeof(*authctxt)); |
169 | memset(authctxt, 0, sizeof(*authctxt)); | 169 | memset(authctxt, 0, sizeof(*authctxt)); |
170 | return authctxt; | 170 | return authctxt; |
171 | } | 171 | } |
172 | 172 | ||
173 | struct passwd * | 173 | struct passwd * |
@@ -265,8 +265,8 @@ do_authloop(Authctxt *authctxt) | |||
265 | authenticated = auth_pam_password(pw, password); | 265 | authenticated = auth_pam_password(pw, password); |
266 | #elif defined(HAVE_OSF_SIA) | 266 | #elif defined(HAVE_OSF_SIA) |
267 | /* Do SIA auth with password */ | 267 | /* Do SIA auth with password */ |
268 | if (sia_validate_user(NULL, saved_argc, saved_argv, | 268 | if (sia_validate_user(NULL, saved_argc, saved_argv, |
269 | get_canonical_hostname(options.reverse_mapping_check), | 269 | get_canonical_hostname(options.reverse_mapping_check), |
270 | pw->pw_name, NULL, 0, NULL, password) == SIASUCCESS) { | 270 | pw->pw_name, NULL, 0, NULL, password) == SIASUCCESS) { |
271 | authenticated = 1; | 271 | authenticated = 1; |
272 | } | 272 | } |
@@ -317,8 +317,8 @@ do_authloop(Authctxt *authctxt) | |||
317 | fatal("INTERNAL ERROR: authenticated invalid user %s", | 317 | fatal("INTERNAL ERROR: authenticated invalid user %s", |
318 | authctxt->user); | 318 | authctxt->user); |
319 | 319 | ||
320 | #ifdef HAVE_CYGWIN | 320 | #ifdef HAVE_CYGWIN |
321 | if (authenticated && | 321 | if (authenticated && |
322 | !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,pw->pw_uid)) { | 322 | !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,pw->pw_uid)) { |
323 | packet_disconnect("Authentication rejected for uid %d.", | 323 | packet_disconnect("Authentication rejected for uid %d.", |
324 | (int)pw->pw_uid); | 324 | (int)pw->pw_uid); |
@@ -329,7 +329,7 @@ do_authloop(Authctxt *authctxt) | |||
329 | if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed()) | 329 | if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed()) |
330 | authenticated = 0; | 330 | authenticated = 0; |
331 | #endif | 331 | #endif |
332 | #ifdef USE_PAM | 332 | #ifdef USE_PAM |
333 | if (authenticated && !do_pam_account(pw->pw_name, client_user)) | 333 | if (authenticated && !do_pam_account(pw->pw_name, client_user)) |
334 | authenticated = 0; | 334 | authenticated = 0; |
335 | #endif | 335 | #endif |
@@ -346,9 +346,9 @@ do_authloop(Authctxt *authctxt) | |||
346 | return; | 346 | return; |
347 | 347 | ||
348 | if (authctxt->failures++ > AUTH_FAIL_MAX) { | 348 | if (authctxt->failures++ > AUTH_FAIL_MAX) { |
349 | #ifdef WITH_AIXAUTHENTICATE | 349 | #ifdef WITH_AIXAUTHENTICATE |
350 | loginfailed(authctxt->user, | 350 | loginfailed(authctxt->user, |
351 | get_canonical_hostname(options.reverse_mapping_check), | 351 | get_canonical_hostname(options.reverse_mapping_check), |
352 | "ssh"); | 352 | "ssh"); |
353 | #endif /* WITH_AIXAUTHENTICATE */ | 353 | #endif /* WITH_AIXAUTHENTICATE */ |
354 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); | 354 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); |
@@ -435,7 +435,7 @@ do_authentication() | |||
435 | 435 | ||
436 | #ifdef WITH_AIXAUTHENTICATE | 436 | #ifdef WITH_AIXAUTHENTICATE |
437 | /* We don't have a pty yet, so just label the line as "ssh" */ | 437 | /* We don't have a pty yet, so just label the line as "ssh" */ |
438 | if (loginsuccess(authctxt->user, | 438 | if (loginsuccess(authctxt->user, |
439 | get_canonical_hostname(options.reverse_mapping_check), | 439 | get_canonical_hostname(options.reverse_mapping_check), |
440 | "ssh", &aixloginmsg) < 0) | 440 | "ssh", &aixloginmsg) < 0) |
441 | aixloginmsg = NULL; | 441 | aixloginmsg = NULL; |
@@ -203,7 +203,7 @@ input_userauth_request(int type, int plen, void *ctxt) | |||
203 | if ((style = strchr(user, ':')) != NULL) | 203 | if ((style = strchr(user, ':')) != NULL) |
204 | *style++ = 0; | 204 | *style++ = 0; |
205 | 205 | ||
206 | if (authctxt->attempt++ == 0) { | 206 | if (authctxt->attempt++ == 0) { |
207 | /* setup auth context */ | 207 | /* setup auth context */ |
208 | struct passwd *pw = NULL; | 208 | struct passwd *pw = NULL; |
209 | setproctitle("%s", user); | 209 | setproctitle("%s", user); |
@@ -300,7 +300,7 @@ done: | |||
300 | return; | 300 | return; |
301 | } | 301 | } |
302 | 302 | ||
303 | void | 303 | void |
304 | userauth_reply(Authctxt *authctxt, int authenticated) | 304 | userauth_reply(Authctxt *authctxt, int authenticated) |
305 | { | 305 | { |
306 | char *methods; | 306 | char *methods; |
@@ -309,8 +309,8 @@ userauth_reply(Authctxt *authctxt, int authenticated) | |||
309 | if (authenticated) { | 309 | if (authenticated) { |
310 | #ifdef WITH_AIXAUTHENTICATE | 310 | #ifdef WITH_AIXAUTHENTICATE |
311 | /* We don't have a pty yet, so just label the line as "ssh" */ | 311 | /* We don't have a pty yet, so just label the line as "ssh" */ |
312 | if (loginsuccess(authctxt->user?authctxt->user:"NOUSER", | 312 | if (loginsuccess(authctxt->user?authctxt->user:"NOUSER", |
313 | get_canonical_hostname(options.reverse_mapping_check), | 313 | get_canonical_hostname(options.reverse_mapping_check), |
314 | "ssh", &aixloginmsg) < 0) | 314 | "ssh", &aixloginmsg) < 0) |
315 | aixloginmsg = NULL; | 315 | aixloginmsg = NULL; |
316 | #endif /* WITH_AIXAUTHENTICATE */ | 316 | #endif /* WITH_AIXAUTHENTICATE */ |
@@ -323,7 +323,7 @@ userauth_reply(Authctxt *authctxt, int authenticated) | |||
323 | authctxt->success = 1; | 323 | authctxt->success = 1; |
324 | } else { | 324 | } else { |
325 | if (authctxt->failures++ > AUTH_FAIL_MAX) | 325 | if (authctxt->failures++ > AUTH_FAIL_MAX) |
326 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); | 326 | packet_disconnect(AUTH_FAIL_MSG, authctxt->user); |
327 | methods = authmethods_get(); | 327 | methods = authmethods_get(); |
328 | packet_start(SSH2_MSG_USERAUTH_FAILURE); | 328 | packet_start(SSH2_MSG_USERAUTH_FAILURE); |
329 | packet_put_cstring(methods); | 329 | packet_put_cstring(methods); |
@@ -342,11 +342,11 @@ userauth_none(Authctxt *authctxt) | |||
342 | if (m != NULL) | 342 | if (m != NULL) |
343 | m->enabled = NULL; | 343 | m->enabled = NULL; |
344 | packet_done(); | 344 | packet_done(); |
345 | userauth_banner(); | 345 | userauth_banner(); |
346 | 346 | ||
347 | if (authctxt->valid == 0) | 347 | if (authctxt->valid == 0) |
348 | return(0); | 348 | return(0); |
349 | 349 | ||
350 | #ifdef HAVE_CYGWIN | 350 | #ifdef HAVE_CYGWIN |
351 | if (check_nt_auth(1, authctxt->pw->pw_uid) == 0) | 351 | if (check_nt_auth(1, authctxt->pw->pw_uid) == 0) |
352 | return(0); | 352 | return(0); |
@@ -354,9 +354,9 @@ userauth_none(Authctxt *authctxt) | |||
354 | #ifdef USE_PAM | 354 | #ifdef USE_PAM |
355 | return auth_pam_password(authctxt->pw, ""); | 355 | return auth_pam_password(authctxt->pw, ""); |
356 | #elif defined(HAVE_OSF_SIA) | 356 | #elif defined(HAVE_OSF_SIA) |
357 | return (sia_validate_user(NULL, saved_argc, saved_argv, | 357 | return (sia_validate_user(NULL, saved_argc, saved_argv, |
358 | get_canonical_hostname(options.reverse_mapping_check), | 358 | get_canonical_hostname(options.reverse_mapping_check), |
359 | authctxt->user?authctxt->user:"NOUSER", NULL, 0, | 359 | authctxt->user?authctxt->user:"NOUSER", NULL, 0, |
360 | NULL, "") == SIASUCCESS); | 360 | NULL, "") == SIASUCCESS); |
361 | #else /* !HAVE_OSF_SIA && !USE_PAM */ | 361 | #else /* !HAVE_OSF_SIA && !USE_PAM */ |
362 | return auth_password(authctxt->pw, ""); | 362 | return auth_password(authctxt->pw, ""); |
@@ -382,9 +382,9 @@ userauth_passwd(Authctxt *authctxt) | |||
382 | #ifdef USE_PAM | 382 | #ifdef USE_PAM |
383 | auth_pam_password(authctxt->pw, password) == 1) | 383 | auth_pam_password(authctxt->pw, password) == 1) |
384 | #elif defined(HAVE_OSF_SIA) | 384 | #elif defined(HAVE_OSF_SIA) |
385 | sia_validate_user(NULL, saved_argc, saved_argv, | 385 | sia_validate_user(NULL, saved_argc, saved_argv, |
386 | get_canonical_hostname(options.reverse_mapping_check), | 386 | get_canonical_hostname(options.reverse_mapping_check), |
387 | authctxt->user?authctxt->user:"NOUSER", NULL, 0, NULL, | 387 | authctxt->user?authctxt->user:"NOUSER", NULL, 0, NULL, |
388 | password) == SIASUCCESS) | 388 | password) == SIASUCCESS) |
389 | #else /* !USE_PAM && !HAVE_OSF_SIA */ | 389 | #else /* !USE_PAM && !HAVE_OSF_SIA */ |
390 | auth_password(authctxt->pw, password) == 1) | 390 | auth_password(authctxt->pw, password) == 1) |
@@ -558,7 +558,7 @@ ssh_remove_all_identities(AuthenticationConnection *auth, int version) | |||
558 | return decode_reply(type); | 558 | return decode_reply(type); |
559 | } | 559 | } |
560 | 560 | ||
561 | int | 561 | int |
562 | decode_reply(int type) | 562 | decode_reply(int type) |
563 | { | 563 | { |
564 | switch (type) { | 564 | switch (type) { |
diff --git a/canohost.c b/canohost.c index 8253e9b6e..87f56054b 100644 --- a/canohost.c +++ b/canohost.c | |||
@@ -56,7 +56,7 @@ get_remote_hostname(int socket, int reverse_mapping_check) | |||
56 | port = from6->sin6_port; | 56 | port = from6->sin6_port; |
57 | 57 | ||
58 | memset(&from, 0, sizeof(from)); | 58 | memset(&from, 0, sizeof(from)); |
59 | 59 | ||
60 | from4->sin_family = AF_INET; | 60 | from4->sin_family = AF_INET; |
61 | memcpy(&from4->sin_addr, &addr, sizeof(addr)); | 61 | memcpy(&from4->sin_addr, &addr, sizeof(addr)); |
62 | from4->sin_port = port; | 62 | from4->sin_port = port; |
diff --git a/channels.c b/channels.c index d343ac89e..d8c7e1243 100644 --- a/channels.c +++ b/channels.c | |||
@@ -704,7 +704,7 @@ channel_post_connecting(Channel *c, fd_set * readset, fd_set * writeset) | |||
704 | int err = 0; | 704 | int err = 0; |
705 | int sz = sizeof(err); | 705 | int sz = sizeof(err); |
706 | c->type = SSH_CHANNEL_OPEN; | 706 | c->type = SSH_CHANNEL_OPEN; |
707 | if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, (char *)&err, &sz) < 0) { | 707 | if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, (char *)&err, &sz) < 0) { |
708 | debug("getsockopt SO_ERROR failed"); | 708 | debug("getsockopt SO_ERROR failed"); |
709 | } else { | 709 | } else { |
710 | if (err == 0) { | 710 | if (err == 0) { |
@@ -1553,7 +1553,7 @@ channel_request_forwarding( | |||
1553 | 1553 | ||
1554 | if (remote_fwd) { | 1554 | if (remote_fwd) { |
1555 | host = listen_address; | 1555 | host = listen_address; |
1556 | ctype = SSH_CHANNEL_RPORT_LISTENER; | 1556 | ctype = SSH_CHANNEL_RPORT_LISTENER; |
1557 | } else { | 1557 | } else { |
1558 | host = host_to_connect; | 1558 | host = host_to_connect; |
1559 | ctype =SSH_CHANNEL_PORT_LISTENER; | 1559 | ctype =SSH_CHANNEL_PORT_LISTENER; |
@@ -1608,7 +1608,7 @@ channel_request_forwarding( | |||
1608 | error("bind: %.100s", strerror(errno)); | 1608 | error("bind: %.100s", strerror(errno)); |
1609 | else | 1609 | else |
1610 | verbose("bind: %.100s", strerror(errno)); | 1610 | verbose("bind: %.100s", strerror(errno)); |
1611 | 1611 | ||
1612 | close(sock); | 1612 | close(sock); |
1613 | continue; | 1613 | continue; |
1614 | } | 1614 | } |
@@ -1762,14 +1762,14 @@ channel_connect_to(const char *host, u_short host_port) | |||
1762 | error("connect %.100s port %s: %.100s", ntop, strport, | 1762 | error("connect %.100s port %s: %.100s", ntop, strport, |
1763 | strerror(errno)); | 1763 | strerror(errno)); |
1764 | close(sock); | 1764 | close(sock); |
1765 | continue; /* fail -- try next */ | 1765 | continue; /* fail -- try next */ |
1766 | } | 1766 | } |
1767 | break; /* success */ | 1767 | break; /* success */ |
1768 | 1768 | ||
1769 | } | 1769 | } |
1770 | freeaddrinfo(aitop); | 1770 | freeaddrinfo(aitop); |
1771 | if (!ai) { | 1771 | if (!ai) { |
1772 | error("connect %.100s port %d: failed.", host, host_port); | 1772 | error("connect %.100s port %d: failed.", host, host_port); |
1773 | return -1; | 1773 | return -1; |
1774 | } | 1774 | } |
1775 | /* success */ | 1775 | /* success */ |
@@ -1954,7 +1954,7 @@ x11_create_display_inet(int screen_number, int x11_display_offset) | |||
1954 | fatal("gethostname: %.100s", strerror(errno)); | 1954 | fatal("gethostname: %.100s", strerror(errno)); |
1955 | 1955 | ||
1956 | #ifdef IPADDR_IN_DISPLAY | 1956 | #ifdef IPADDR_IN_DISPLAY |
1957 | /* | 1957 | /* |
1958 | * HPUX detects the local hostname in the DISPLAY variable and tries | 1958 | * HPUX detects the local hostname in the DISPLAY variable and tries |
1959 | * to set up a shared memory connection to the server, which it | 1959 | * to set up a shared memory connection to the server, which it |
1960 | * incorrectly supposes to be local. | 1960 | * incorrectly supposes to be local. |
@@ -1983,7 +1983,7 @@ x11_create_display_inet(int screen_number, int x11_display_offset) | |||
1983 | memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr)); | 1983 | memcpy(&my_addr, he->h_addr_list[0], sizeof(struct in_addr)); |
1984 | 1984 | ||
1985 | /* Set DISPLAY to <ip address>:screen.display */ | 1985 | /* Set DISPLAY to <ip address>:screen.display */ |
1986 | snprintf(display, sizeof(display), "%.50s:%d.%d", inet_ntoa(my_addr), | 1986 | snprintf(display, sizeof(display), "%.50s:%d.%d", inet_ntoa(my_addr), |
1987 | display_number, screen_number); | 1987 | display_number, screen_number); |
1988 | } | 1988 | } |
1989 | #else /* IPADDR_IN_DISPLAY */ | 1989 | #else /* IPADDR_IN_DISPLAY */ |
@@ -2501,7 +2501,7 @@ channel_cancel_cleanup(int id) | |||
2501 | } | 2501 | } |
2502 | c->dettach_user = NULL; | 2502 | c->dettach_user = NULL; |
2503 | } | 2503 | } |
2504 | void | 2504 | void |
2505 | channel_register_filter(int id, channel_filter_fn *fn) | 2505 | channel_register_filter(int id, channel_filter_fn *fn) |
2506 | { | 2506 | { |
2507 | Channel *c = channel_lookup(id); | 2507 | Channel *c = channel_lookup(id); |
@@ -266,7 +266,7 @@ cast_setkey(CipherContext *cc, const u_char *key, u_int keylen) | |||
266 | void | 266 | void |
267 | cast_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) | 267 | cast_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) |
268 | { | 268 | { |
269 | if (iv == NULL) | 269 | if (iv == NULL) |
270 | fatal("no IV for %s.", cc->cipher->name); | 270 | fatal("no IV for %s.", cc->cipher->name); |
271 | memcpy(cc->u.cast.iv, (char *)iv, 8); | 271 | memcpy(cc->u.cast.iv, (char *)iv, 8); |
272 | } | 272 | } |
@@ -295,7 +295,7 @@ rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen) | |||
295 | void | 295 | void |
296 | rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) | 296 | rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) |
297 | { | 297 | { |
298 | if (iv == NULL) | 298 | if (iv == NULL) |
299 | fatal("no IV for %s.", cc->cipher->name); | 299 | fatal("no IV for %s.", cc->cipher->name); |
300 | memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); | 300 | memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); |
301 | } | 301 | } |
@@ -415,7 +415,7 @@ Cipher ciphers[] = { | |||
415 | SSH_CIPHER_SSH2, 16, 32, | 415 | SSH_CIPHER_SSH2, 16, 32, |
416 | rijndael_setkey, rijndael_setiv, | 416 | rijndael_setkey, rijndael_setiv, |
417 | rijndael_cbc_encrypt, rijndael_cbc_decrypt }, | 417 | rijndael_cbc_encrypt, rijndael_cbc_decrypt }, |
418 | { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL, NULL, NULL, NULL } | 418 | { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL, NULL, NULL, NULL } |
419 | }; | 419 | }; |
420 | 420 | ||
421 | /*--*/ | 421 | /*--*/ |
@@ -136,11 +136,11 @@ cli_write(const char* buf, int size) | |||
136 | 136 | ||
137 | output = xmalloc(4*size); | 137 | output = xmalloc(4*size); |
138 | for (p = output, i = 0; i < size; i++) { | 138 | for (p = output, i = 0; i < size; i++) { |
139 | if (buf[i] == '\n') | 139 | if (buf[i] == '\n') |
140 | *p++ = buf[i]; | 140 | *p++ = buf[i]; |
141 | else | 141 | else |
142 | p = vis(p, buf[i], 0, 0); | 142 | p = vis(p, buf[i], 0, 0); |
143 | } | 143 | } |
144 | len = p - output; | 144 | len = p - output; |
145 | 145 | ||
146 | for (pos = 0; pos < len; pos += ret) { | 146 | for (pos = 0; pos < len; pos += ret) { |
@@ -9,7 +9,7 @@ | |||
9 | * of response depending on arg. Tries to ensure that no other userland | 9 | * of response depending on arg. Tries to ensure that no other userland |
10 | * buffer is storing the response. | 10 | * buffer is storing the response. |
11 | */ | 11 | */ |
12 | char* cli_read_passphrase(const char* prompt, int from_stdin, | 12 | char* cli_read_passphrase(const char* prompt, int from_stdin, |
13 | int echo_enable); | 13 | int echo_enable); |
14 | char* cli_prompt(char* prompt, int echo_enable); | 14 | char* cli_prompt(char* prompt, int echo_enable); |
15 | void cli_mesg(char* mesg); | 15 | void cli_mesg(char* mesg); |
@@ -19,13 +19,13 @@ | |||
19 | #endif | 19 | #endif |
20 | #ifdef HAVE_SYS_BITYPES_H | 20 | #ifdef HAVE_SYS_BITYPES_H |
21 | # include <sys/bitypes.h> /* For u_intXX_t */ | 21 | # include <sys/bitypes.h> /* For u_intXX_t */ |
22 | #endif | 22 | #endif |
23 | #ifdef HAVE_PATHS_H | 23 | #ifdef HAVE_PATHS_H |
24 | # include <paths.h> /* For _PATH_XXX */ | 24 | # include <paths.h> /* For _PATH_XXX */ |
25 | #endif | 25 | #endif |
26 | #ifdef HAVE_LIMITS_H | 26 | #ifdef HAVE_LIMITS_H |
27 | # include <limits.h> /* For PATH_MAX */ | 27 | # include <limits.h> /* For PATH_MAX */ |
28 | #endif | 28 | #endif |
29 | #ifdef HAVE_SYS_TIME_H | 29 | #ifdef HAVE_SYS_TIME_H |
30 | # include <sys/time.h> /* For timersub */ | 30 | # include <sys/time.h> /* For timersub */ |
31 | #endif | 31 | #endif |
@@ -34,7 +34,7 @@ | |||
34 | #endif | 34 | #endif |
35 | #ifdef HAVE_SYS_CDEFS_H | 35 | #ifdef HAVE_SYS_CDEFS_H |
36 | # include <sys/cdefs.h> /* For __P() */ | 36 | # include <sys/cdefs.h> /* For __P() */ |
37 | #endif | 37 | #endif |
38 | #ifdef HAVE_SYS_SYSMACROS_H | 38 | #ifdef HAVE_SYS_SYSMACROS_H |
39 | # include <sys/sysmacros.h> /* For MIN, MAX, etc */ | 39 | # include <sys/sysmacros.h> /* For MIN, MAX, etc */ |
40 | #endif | 40 | #endif |
@@ -79,22 +79,22 @@ enum | |||
79 | # endif /* PATH_MAX */ | 79 | # endif /* PATH_MAX */ |
80 | #endif /* MAXPATHLEN */ | 80 | #endif /* MAXPATHLEN */ |
81 | 81 | ||
82 | #ifndef STDIN_FILENO | 82 | #ifndef STDIN_FILENO |
83 | # define STDIN_FILENO 0 | 83 | # define STDIN_FILENO 0 |
84 | #endif | 84 | #endif |
85 | #ifndef STDOUT_FILENO | 85 | #ifndef STDOUT_FILENO |
86 | # define STDOUT_FILENO 1 | 86 | # define STDOUT_FILENO 1 |
87 | #endif | 87 | #endif |
88 | #ifndef STDERR_FILENO | 88 | #ifndef STDERR_FILENO |
89 | # define STDERR_FILENO 2 | 89 | # define STDERR_FILENO 2 |
90 | #endif | 90 | #endif |
91 | 91 | ||
92 | #ifndef NGROUPS_MAX /* Disable groupaccess if NGROUP_MAX is not set */ | 92 | #ifndef NGROUPS_MAX /* Disable groupaccess if NGROUP_MAX is not set */ |
93 | #define NGROUPS_MAX 0 | 93 | #define NGROUPS_MAX 0 |
94 | #endif | 94 | #endif |
95 | 95 | ||
96 | #ifndef O_NONBLOCK /* Non Blocking Open */ | 96 | #ifndef O_NONBLOCK /* Non Blocking Open */ |
97 | # define O_NONBLOCK 00004 | 97 | # define O_NONBLOCK 00004 |
98 | #endif | 98 | #endif |
99 | 99 | ||
100 | #ifndef S_ISREG | 100 | #ifndef S_ISREG |
@@ -318,8 +318,8 @@ struct winsize { | |||
318 | (result)->tv_sec = (a)->tv_sec - (b)->tv_sec; \ | 318 | (result)->tv_sec = (a)->tv_sec - (b)->tv_sec; \ |
319 | (result)->tv_usec = (a)->tv_usec - (b)->tv_usec; \ | 319 | (result)->tv_usec = (a)->tv_usec - (b)->tv_usec; \ |
320 | if ((result)->tv_usec < 0) { \ | 320 | if ((result)->tv_usec < 0) { \ |
321 | --(result)->tv_sec; \ | 321 | --(result)->tv_sec; \ |
322 | (result)->tv_usec += 1000000; \ | 322 | (result)->tv_usec += 1000000; \ |
323 | } \ | 323 | } \ |
324 | } while (0) | 324 | } while (0) |
325 | #endif | 325 | #endif |
@@ -340,7 +340,7 @@ struct winsize { | |||
340 | 340 | ||
341 | #ifndef SUN_LEN | 341 | #ifndef SUN_LEN |
342 | #define SUN_LEN(su) \ | 342 | #define SUN_LEN(su) \ |
343 | (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path)) | 343 | (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path)) |
344 | #endif /* SUN_LEN */ | 344 | #endif /* SUN_LEN */ |
345 | 345 | ||
346 | /* Function replacement / compatibility hacks */ | 346 | /* Function replacement / compatibility hacks */ |
diff --git a/dispatch.c b/dispatch.c index a771094fe..bc58d6cd1 100644 --- a/dispatch.c +++ b/dispatch.c | |||
@@ -72,7 +72,7 @@ dispatch_run(int mode, int *done, void *ctxt) | |||
72 | if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL) | 72 | if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL) |
73 | (*dispatch[type])(type, plen, ctxt); | 73 | (*dispatch[type])(type, plen, ctxt); |
74 | else | 74 | else |
75 | packet_disconnect("protocol error: rcvd type %d", type); | 75 | packet_disconnect("protocol error: rcvd type %d", type); |
76 | if (done != NULL && *done) | 76 | if (done != NULL && *done) |
77 | return; | 77 | return; |
78 | } | 78 | } |
@@ -38,7 +38,7 @@ | |||
38 | #include "pathnames.h" | 38 | #include "pathnames.h" |
39 | #include "log.h" | 39 | #include "log.h" |
40 | 40 | ||
41 | RCSID("$Id: entropy.c,v 1.25 2001/01/22 21:06:20 mouring Exp $"); | 41 | RCSID("$Id: entropy.c,v 1.26 2001/02/05 12:42:17 stevesk Exp $"); |
42 | 42 | ||
43 | #ifndef offsetof | 43 | #ifndef offsetof |
44 | # define offsetof(type, member) ((size_t) &((type *)0)->member) | 44 | # define offsetof(type, member) ((size_t) &((type *)0)->member) |
@@ -83,7 +83,7 @@ int get_random_bytes(unsigned char *buf, int len) | |||
83 | addr.sun_family = AF_UNIX; | 83 | addr.sun_family = AF_UNIX; |
84 | strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path)); | 84 | strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path)); |
85 | addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET); | 85 | addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET); |
86 | 86 | ||
87 | fd = socket(AF_UNIX, SOCK_STREAM, 0); | 87 | fd = socket(AF_UNIX, SOCK_STREAM, 0); |
88 | if (fd == -1) { | 88 | if (fd == -1) { |
89 | error("Couldn't create AF_UNIX socket: %s", strerror(errno)); | 89 | error("Couldn't create AF_UNIX socket: %s", strerror(errno)); |
@@ -91,7 +91,7 @@ int get_random_bytes(unsigned char *buf, int len) | |||
91 | } | 91 | } |
92 | 92 | ||
93 | if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) { | 93 | if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) { |
94 | error("Couldn't connect to EGD socket \"%s\": %s", | 94 | error("Couldn't connect to EGD socket \"%s\": %s", |
95 | addr.sun_path, strerror(errno)); | 95 | addr.sun_path, strerror(errno)); |
96 | close(fd); | 96 | close(fd); |
97 | return(0); | 97 | return(0); |
@@ -102,21 +102,21 @@ int get_random_bytes(unsigned char *buf, int len) | |||
102 | msg[1] = len; | 102 | msg[1] = len; |
103 | 103 | ||
104 | if (atomicio(write, fd, msg, sizeof(msg)) != sizeof(msg)) { | 104 | if (atomicio(write, fd, msg, sizeof(msg)) != sizeof(msg)) { |
105 | error("Couldn't write to EGD socket \"%s\": %s", | 105 | error("Couldn't write to EGD socket \"%s\": %s", |
106 | EGD_SOCKET, strerror(errno)); | 106 | EGD_SOCKET, strerror(errno)); |
107 | close(fd); | 107 | close(fd); |
108 | return(0); | 108 | return(0); |
109 | } | 109 | } |
110 | 110 | ||
111 | if (atomicio(read, fd, buf, len) != len) { | 111 | if (atomicio(read, fd, buf, len) != len) { |
112 | error("Couldn't read from EGD socket \"%s\": %s", | 112 | error("Couldn't read from EGD socket \"%s\": %s", |
113 | EGD_SOCKET, strerror(errno)); | 113 | EGD_SOCKET, strerror(errno)); |
114 | close(fd); | 114 | close(fd); |
115 | return(0); | 115 | return(0); |
116 | } | 116 | } |
117 | 117 | ||
118 | close(fd); | 118 | close(fd); |
119 | 119 | ||
120 | return(1); | 120 | return(1); |
121 | } | 121 | } |
122 | #else /* !EGD_SOCKET */ | 122 | #else /* !EGD_SOCKET */ |
@@ -128,20 +128,20 @@ int get_random_bytes(unsigned char *buf, int len) | |||
128 | 128 | ||
129 | random_pool = open(RANDOM_POOL, O_RDONLY); | 129 | random_pool = open(RANDOM_POOL, O_RDONLY); |
130 | if (random_pool == -1) { | 130 | if (random_pool == -1) { |
131 | error("Couldn't open random pool \"%s\": %s", | 131 | error("Couldn't open random pool \"%s\": %s", |
132 | RANDOM_POOL, strerror(errno)); | 132 | RANDOM_POOL, strerror(errno)); |
133 | return(0); | 133 | return(0); |
134 | } | 134 | } |
135 | 135 | ||
136 | if (atomicio(read, random_pool, buf, len) != len) { | 136 | if (atomicio(read, random_pool, buf, len) != len) { |
137 | error("Couldn't read from random pool \"%s\": %s", | 137 | error("Couldn't read from random pool \"%s\": %s", |
138 | RANDOM_POOL, strerror(errno)); | 138 | RANDOM_POOL, strerror(errno)); |
139 | close(random_pool); | 139 | close(random_pool); |
140 | return(0); | 140 | return(0); |
141 | } | 141 | } |
142 | 142 | ||
143 | close(random_pool); | 143 | close(random_pool); |
144 | 144 | ||
145 | return(1); | 145 | return(1); |
146 | } | 146 | } |
147 | #endif /* RANDOM_POOL */ | 147 | #endif /* RANDOM_POOL */ |
@@ -155,7 +155,7 @@ void | |||
155 | seed_rng(void) | 155 | seed_rng(void) |
156 | { | 156 | { |
157 | char buf[32]; | 157 | char buf[32]; |
158 | 158 | ||
159 | debug("Seeding random number generator"); | 159 | debug("Seeding random number generator"); |
160 | 160 | ||
161 | if (!get_random_bytes(buf, sizeof(buf))) { | 161 | if (!get_random_bytes(buf, sizeof(buf))) { |
@@ -164,7 +164,7 @@ seed_rng(void) | |||
164 | } else { | 164 | } else { |
165 | RAND_add(buf, sizeof(buf), sizeof(buf)); | 165 | RAND_add(buf, sizeof(buf), sizeof(buf)); |
166 | } | 166 | } |
167 | 167 | ||
168 | memset(buf, '\0', sizeof(buf)); | 168 | memset(buf, '\0', sizeof(buf)); |
169 | } | 169 | } |
170 | 170 | ||
@@ -173,7 +173,7 @@ void init_rng(void) {} | |||
173 | 173 | ||
174 | #else /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */ | 174 | #else /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */ |
175 | 175 | ||
176 | /* | 176 | /* |
177 | * FIXME: proper entropy estimations. All current values are guesses | 177 | * FIXME: proper entropy estimations. All current values are guesses |
178 | * FIXME: (ATL) do estimates at compile time? | 178 | * FIXME: (ATL) do estimates at compile time? |
179 | * FIXME: More entropy sources | 179 | * FIXME: More entropy sources |
@@ -213,18 +213,18 @@ double hash_output_from_command(entropy_source_t *src, char *hash); | |||
213 | /* this is initialised from a file, by prng_read_commands() */ | 213 | /* this is initialised from a file, by prng_read_commands() */ |
214 | entropy_source_t *entropy_sources = NULL; | 214 | entropy_source_t *entropy_sources = NULL; |
215 | 215 | ||
216 | double | 216 | double |
217 | stir_from_system(void) | 217 | stir_from_system(void) |
218 | { | 218 | { |
219 | double total_entropy_estimate; | 219 | double total_entropy_estimate; |
220 | long int i; | 220 | long int i; |
221 | 221 | ||
222 | total_entropy_estimate = 0; | 222 | total_entropy_estimate = 0; |
223 | 223 | ||
224 | i = getpid(); | 224 | i = getpid(); |
225 | RAND_add(&i, sizeof(i), 0.5); | 225 | RAND_add(&i, sizeof(i), 0.5); |
226 | total_entropy_estimate += 0.1; | 226 | total_entropy_estimate += 0.1; |
227 | 227 | ||
228 | i = getppid(); | 228 | i = getppid(); |
229 | RAND_add(&i, sizeof(i), 0.5); | 229 | RAND_add(&i, sizeof(i), 0.5); |
230 | total_entropy_estimate += 0.1; | 230 | total_entropy_estimate += 0.1; |
@@ -241,7 +241,7 @@ stir_from_system(void) | |||
241 | return(total_entropy_estimate); | 241 | return(total_entropy_estimate); |
242 | } | 242 | } |
243 | 243 | ||
244 | double | 244 | double |
245 | stir_from_programs(void) | 245 | stir_from_programs(void) |
246 | { | 246 | { |
247 | int i; | 247 | int i; |
@@ -261,18 +261,18 @@ stir_from_programs(void) | |||
261 | 261 | ||
262 | /* Scale back entropy estimate according to command's rate */ | 262 | /* Scale back entropy estimate according to command's rate */ |
263 | entropy_estimate *= entropy_sources[c].rate; | 263 | entropy_estimate *= entropy_sources[c].rate; |
264 | 264 | ||
265 | /* Upper bound of entropy estimate is SHA_DIGEST_LENGTH */ | 265 | /* Upper bound of entropy estimate is SHA_DIGEST_LENGTH */ |
266 | if (entropy_estimate > SHA_DIGEST_LENGTH) | 266 | if (entropy_estimate > SHA_DIGEST_LENGTH) |
267 | entropy_estimate = SHA_DIGEST_LENGTH; | 267 | entropy_estimate = SHA_DIGEST_LENGTH; |
268 | 268 | ||
269 | /* Scale back estimates for subsequent passes through list */ | 269 | /* Scale back estimates for subsequent passes through list */ |
270 | entropy_estimate /= SCALE_PER_RUN * (i + 1.0); | 270 | entropy_estimate /= SCALE_PER_RUN * (i + 1.0); |
271 | 271 | ||
272 | /* Stir it in */ | 272 | /* Stir it in */ |
273 | RAND_add(hash, sizeof(hash), entropy_estimate); | 273 | RAND_add(hash, sizeof(hash), entropy_estimate); |
274 | 274 | ||
275 | debug3("Got %0.2f bytes of entropy from '%s'", entropy_estimate, | 275 | debug3("Got %0.2f bytes of entropy from '%s'", entropy_estimate, |
276 | entropy_sources[c].cmdstring); | 276 | entropy_sources[c].cmdstring); |
277 | 277 | ||
278 | total_entropy_estimate += entropy_estimate; | 278 | total_entropy_estimate += entropy_estimate; |
@@ -293,7 +293,7 @@ stir_from_programs(void) | |||
293 | c++; | 293 | c++; |
294 | } | 294 | } |
295 | } | 295 | } |
296 | 296 | ||
297 | return(total_entropy_estimate); | 297 | return(total_entropy_estimate); |
298 | } | 298 | } |
299 | 299 | ||
@@ -301,12 +301,12 @@ double | |||
301 | stir_gettimeofday(double entropy_estimate) | 301 | stir_gettimeofday(double entropy_estimate) |
302 | { | 302 | { |
303 | struct timeval tv; | 303 | struct timeval tv; |
304 | 304 | ||
305 | if (gettimeofday(&tv, NULL) == -1) | 305 | if (gettimeofday(&tv, NULL) == -1) |
306 | fatal("Couldn't gettimeofday: %s", strerror(errno)); | 306 | fatal("Couldn't gettimeofday: %s", strerror(errno)); |
307 | 307 | ||
308 | RAND_add(&tv, sizeof(tv), entropy_estimate); | 308 | RAND_add(&tv, sizeof(tv), entropy_estimate); |
309 | 309 | ||
310 | return(entropy_estimate); | 310 | return(entropy_estimate); |
311 | } | 311 | } |
312 | 312 | ||
@@ -315,10 +315,10 @@ stir_clock(double entropy_estimate) | |||
315 | { | 315 | { |
316 | #ifdef HAVE_CLOCK | 316 | #ifdef HAVE_CLOCK |
317 | clock_t c; | 317 | clock_t c; |
318 | 318 | ||
319 | c = clock(); | 319 | c = clock(); |
320 | RAND_add(&c, sizeof(c), entropy_estimate); | 320 | RAND_add(&c, sizeof(c), entropy_estimate); |
321 | 321 | ||
322 | return(entropy_estimate); | 322 | return(entropy_estimate); |
323 | #else /* _HAVE_CLOCK */ | 323 | #else /* _HAVE_CLOCK */ |
324 | return(0); | 324 | return(0); |
@@ -330,7 +330,7 @@ stir_rusage(int who, double entropy_estimate) | |||
330 | { | 330 | { |
331 | #ifdef HAVE_GETRUSAGE | 331 | #ifdef HAVE_GETRUSAGE |
332 | struct rusage ru; | 332 | struct rusage ru; |
333 | 333 | ||
334 | if (getrusage(who, &ru) == -1) | 334 | if (getrusage(who, &ru) == -1) |
335 | return(0); | 335 | return(0); |
336 | 336 | ||
@@ -368,7 +368,7 @@ hash_output_from_command(entropy_source_t *src, char *hash) | |||
368 | int bytes_read; | 368 | int bytes_read; |
369 | int total_bytes_read; | 369 | int total_bytes_read; |
370 | SHA_CTX sha; | 370 | SHA_CTX sha; |
371 | 371 | ||
372 | debug3("Reading output from \'%s\'", src->cmdstring); | 372 | debug3("Reading output from \'%s\'", src->cmdstring); |
373 | 373 | ||
374 | if (devnull == -1) { | 374 | if (devnull == -1) { |
@@ -376,7 +376,7 @@ hash_output_from_command(entropy_source_t *src, char *hash) | |||
376 | if (devnull == -1) | 376 | if (devnull == -1) |
377 | fatal("Couldn't open /dev/null: %s", strerror(errno)); | 377 | fatal("Couldn't open /dev/null: %s", strerror(errno)); |
378 | } | 378 | } |
379 | 379 | ||
380 | if (pipe(p) == -1) | 380 | if (pipe(p) == -1) |
381 | fatal("Couldn't open pipe: %s", strerror(errno)); | 381 | fatal("Couldn't open pipe: %s", strerror(errno)); |
382 | 382 | ||
@@ -469,7 +469,7 @@ hash_output_from_command(entropy_source_t *src, char *hash) | |||
469 | close(p[0]); | 469 | close(p[0]); |
470 | 470 | ||
471 | debug3("Time elapsed: %d msec", msec_elapsed); | 471 | debug3("Time elapsed: %d msec", msec_elapsed); |
472 | 472 | ||
473 | if (waitpid(pid, &status, 0) == -1) { | 473 | if (waitpid(pid, &status, 0) == -1) { |
474 | error("Couldn't wait for child '%s' completion: %s", src->cmdstring, | 474 | error("Couldn't wait for child '%s' completion: %s", src->cmdstring, |
475 | strerror(errno)); | 475 | strerror(errno)); |
@@ -492,13 +492,13 @@ hash_output_from_command(entropy_source_t *src, char *hash) | |||
492 | if (WEXITSTATUS(status)==0) { | 492 | if (WEXITSTATUS(status)==0) { |
493 | return(total_bytes_read); | 493 | return(total_bytes_read); |
494 | } else { | 494 | } else { |
495 | debug2("Command '%s' exit status was %d", src->cmdstring, | 495 | debug2("Command '%s' exit status was %d", src->cmdstring, |
496 | WEXITSTATUS(status)); | 496 | WEXITSTATUS(status)); |
497 | src->badness = src->sticky_badness = 128; | 497 | src->badness = src->sticky_badness = 128; |
498 | return (0.0); | 498 | return (0.0); |
499 | } | 499 | } |
500 | } else if (WIFSIGNALED(status)) { | 500 | } else if (WIFSIGNALED(status)) { |
501 | debug2("Command '%s' returned on uncaught signal %d !", src->cmdstring, | 501 | debug2("Command '%s' returned on uncaught signal %d !", src->cmdstring, |
502 | status); | 502 | status); |
503 | src->badness = src->sticky_badness = 128; | 503 | src->badness = src->sticky_badness = 128; |
504 | return(0.0); | 504 | return(0.0); |
@@ -519,7 +519,7 @@ prng_check_seedfile(char *filename) { | |||
519 | if (lstat(filename, &st) == -1) { | 519 | if (lstat(filename, &st) == -1) { |
520 | /* Give up on hard errors */ | 520 | /* Give up on hard errors */ |
521 | if (errno != ENOENT) | 521 | if (errno != ENOENT) |
522 | debug("WARNING: Couldn't stat random seed file \"%s\": %s", | 522 | debug("WARNING: Couldn't stat random seed file \"%s\": %s", |
523 | filename, strerror(errno)); | 523 | filename, strerror(errno)); |
524 | 524 | ||
525 | return(0); | 525 | return(0); |
@@ -535,7 +535,7 @@ prng_check_seedfile(char *filename) { | |||
535 | filename, getuid()); | 535 | filename, getuid()); |
536 | return(0); | 536 | return(0); |
537 | } | 537 | } |
538 | 538 | ||
539 | return(1); | 539 | return(1); |
540 | } | 540 | } |
541 | 541 | ||
@@ -549,22 +549,22 @@ prng_write_seedfile(void) { | |||
549 | /* Don't bother if we have already saved a seed */ | 549 | /* Don't bother if we have already saved a seed */ |
550 | if (prng_seed_saved) | 550 | if (prng_seed_saved) |
551 | return; | 551 | return; |
552 | 552 | ||
553 | setuid(original_uid); | 553 | setuid(original_uid); |
554 | 554 | ||
555 | prng_seed_saved = 1; | 555 | prng_seed_saved = 1; |
556 | 556 | ||
557 | pw = getpwuid(original_uid); | 557 | pw = getpwuid(original_uid); |
558 | if (pw == NULL) | 558 | if (pw == NULL) |
559 | fatal("Couldn't get password entry for current user (%i): %s", | 559 | fatal("Couldn't get password entry for current user (%i): %s", |
560 | original_uid, strerror(errno)); | 560 | original_uid, strerror(errno)); |
561 | 561 | ||
562 | /* Try to ensure that the parent directory is there */ | 562 | /* Try to ensure that the parent directory is there */ |
563 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, | 563 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, |
564 | _PATH_SSH_USER_DIR); | 564 | _PATH_SSH_USER_DIR); |
565 | mkdir(filename, 0700); | 565 | mkdir(filename, 0700); |
566 | 566 | ||
567 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, | 567 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, |
568 | SSH_PRNG_SEED_FILE); | 568 | SSH_PRNG_SEED_FILE); |
569 | 569 | ||
570 | debug("writing PRNG seed to file %.100s", filename); | 570 | debug("writing PRNG seed to file %.100s", filename); |
@@ -573,13 +573,13 @@ prng_write_seedfile(void) { | |||
573 | 573 | ||
574 | /* Don't care if the seed doesn't exist */ | 574 | /* Don't care if the seed doesn't exist */ |
575 | prng_check_seedfile(filename); | 575 | prng_check_seedfile(filename); |
576 | 576 | ||
577 | if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) { | 577 | if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) { |
578 | debug("WARNING: couldn't access PRNG seedfile %.100s (%.100s)", | 578 | debug("WARNING: couldn't access PRNG seedfile %.100s (%.100s)", |
579 | filename, strerror(errno)); | 579 | filename, strerror(errno)); |
580 | } else { | 580 | } else { |
581 | if (atomicio(write, fd, &seed, sizeof(seed)) != sizeof(seed)) | 581 | if (atomicio(write, fd, &seed, sizeof(seed)) != sizeof(seed)) |
582 | fatal("problem writing PRNG seedfile %.100s (%.100s)", filename, | 582 | fatal("problem writing PRNG seedfile %.100s (%.100s)", filename, |
583 | strerror(errno)); | 583 | strerror(errno)); |
584 | 584 | ||
585 | close(fd); | 585 | close(fd); |
@@ -592,13 +592,13 @@ prng_read_seedfile(void) { | |||
592 | char seed[1024]; | 592 | char seed[1024]; |
593 | char filename[1024]; | 593 | char filename[1024]; |
594 | struct passwd *pw; | 594 | struct passwd *pw; |
595 | 595 | ||
596 | pw = getpwuid(original_uid); | 596 | pw = getpwuid(original_uid); |
597 | if (pw == NULL) | 597 | if (pw == NULL) |
598 | fatal("Couldn't get password entry for current user (%i): %s", | 598 | fatal("Couldn't get password entry for current user (%i): %s", |
599 | original_uid, strerror(errno)); | 599 | original_uid, strerror(errno)); |
600 | 600 | ||
601 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, | 601 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, |
602 | SSH_PRNG_SEED_FILE); | 602 | SSH_PRNG_SEED_FILE); |
603 | 603 | ||
604 | debug("loading PRNG seed from file %.100s", filename); | 604 | debug("loading PRNG seed from file %.100s", filename); |
@@ -611,7 +611,7 @@ prng_read_seedfile(void) { | |||
611 | /* open the file and read in the seed */ | 611 | /* open the file and read in the seed */ |
612 | fd = open(filename, O_RDONLY); | 612 | fd = open(filename, O_RDONLY); |
613 | if (fd == -1) | 613 | if (fd == -1) |
614 | fatal("could not open PRNG seedfile %.100s (%.100s)", filename, | 614 | fatal("could not open PRNG seedfile %.100s (%.100s)", filename, |
615 | strerror(errno)); | 615 | strerror(errno)); |
616 | 616 | ||
617 | if (atomicio(read, fd, &seed, sizeof(seed)) != sizeof(seed)) { | 617 | if (atomicio(read, fd, &seed, sizeof(seed)) != sizeof(seed)) { |
@@ -671,7 +671,7 @@ prng_read_commands(char *cmdfilename) | |||
671 | error("bad entropy command, %.100s line %d", cmdfilename, | 671 | error("bad entropy command, %.100s line %d", cmdfilename, |
672 | linenum); | 672 | linenum); |
673 | continue; | 673 | continue; |
674 | } | 674 | } |
675 | 675 | ||
676 | /* first token, command args (incl. argv[0]) in double quotes */ | 676 | /* first token, command args (incl. argv[0]) in double quotes */ |
677 | cp = strtok(cp, "\""); | 677 | cp = strtok(cp, "\""); |
@@ -681,7 +681,7 @@ prng_read_commands(char *cmdfilename) | |||
681 | continue; | 681 | continue; |
682 | } | 682 | } |
683 | strlcpy(cmd, cp, sizeof(cmd)); | 683 | strlcpy(cmd, cp, sizeof(cmd)); |
684 | 684 | ||
685 | /* second token, full command path */ | 685 | /* second token, full command path */ |
686 | if ((cp = strtok(NULL, WHITESPACE)) == NULL) { | 686 | if ((cp = strtok(NULL, WHITESPACE)) == NULL) { |
687 | error("missing command path, %.100s line %d -- ignored", | 687 | error("missing command path, %.100s line %d -- ignored", |
@@ -693,7 +693,7 @@ prng_read_commands(char *cmdfilename) | |||
693 | if (strncmp("undef", cp, 5) == 0) | 693 | if (strncmp("undef", cp, 5) == 0) |
694 | continue; | 694 | continue; |
695 | 695 | ||
696 | strlcpy(path, cp, sizeof(path)); | 696 | strlcpy(path, cp, sizeof(path)); |
697 | 697 | ||
698 | /* third token, entropy rate estimate for this command */ | 698 | /* third token, entropy rate estimate for this command */ |
699 | if ((cp = strtok(NULL, WHITESPACE)) == NULL) { | 699 | if ((cp = strtok(NULL, WHITESPACE)) == NULL) { |
@@ -705,14 +705,14 @@ prng_read_commands(char *cmdfilename) | |||
705 | 705 | ||
706 | /* end of line */ | 706 | /* end of line */ |
707 | if ((cp = strtok(NULL, WHITESPACE)) != NULL) { | 707 | if ((cp = strtok(NULL, WHITESPACE)) != NULL) { |
708 | error("garbage at end of line %d in %.100s -- ignored", linenum, | 708 | error("garbage at end of line %d in %.100s -- ignored", linenum, |
709 | cmdfilename); | 709 | cmdfilename); |
710 | continue; | 710 | continue; |
711 | } | 711 | } |
712 | 712 | ||
713 | /* save the command for debug messages */ | 713 | /* save the command for debug messages */ |
714 | entcmd[cur_cmd].cmdstring = xstrdup(cmd); | 714 | entcmd[cur_cmd].cmdstring = xstrdup(cmd); |
715 | 715 | ||
716 | /* split the command args */ | 716 | /* split the command args */ |
717 | cp = strtok(cmd, WHITESPACE); | 717 | cp = strtok(cmd, WHITESPACE); |
718 | arg = 0; | 718 | arg = 0; |
@@ -723,7 +723,7 @@ prng_read_commands(char *cmdfilename) | |||
723 | entcmd[cur_cmd].args[arg] = s; | 723 | entcmd[cur_cmd].args[arg] = s; |
724 | arg++; | 724 | arg++; |
725 | } while ((arg < 5) && (cp = strtok(NULL, WHITESPACE))); | 725 | } while ((arg < 5) && (cp = strtok(NULL, WHITESPACE))); |
726 | 726 | ||
727 | if (strtok(NULL, WHITESPACE)) | 727 | if (strtok(NULL, WHITESPACE)) |
728 | error("ignored extra command elements (max 5), %.100s line %d", | 728 | error("ignored extra command elements (max 5), %.100s line %d", |
729 | cmdfilename, linenum); | 729 | cmdfilename, linenum); |
@@ -759,7 +759,7 @@ prng_read_commands(char *cmdfilename) | |||
759 | 759 | ||
760 | /* | 760 | /* |
761 | * Write a keyfile at exit | 761 | * Write a keyfile at exit |
762 | */ | 762 | */ |
763 | void | 763 | void |
764 | prng_seed_cleanup(void *junk) | 764 | prng_seed_cleanup(void *junk) |
765 | { | 765 | { |
@@ -777,7 +777,7 @@ seed_rng(void) | |||
777 | 777 | ||
778 | if (!prng_initialised) | 778 | if (!prng_initialised) |
779 | fatal("RNG not initialised"); | 779 | fatal("RNG not initialised"); |
780 | 780 | ||
781 | /* Make sure some other sigchld handler doesn't reap our entropy */ | 781 | /* Make sure some other sigchld handler doesn't reap our entropy */ |
782 | /* commands */ | 782 | /* commands */ |
783 | old_sigchld_handler = signal(SIGCHLD, SIG_DFL); | 783 | old_sigchld_handler = signal(SIGCHLD, SIG_DFL); |
@@ -794,10 +794,10 @@ seed_rng(void) | |||
794 | fatal("Couldn't initialise builtin random number generator -- exiting."); | 794 | fatal("Couldn't initialise builtin random number generator -- exiting."); |
795 | } | 795 | } |
796 | 796 | ||
797 | void init_rng(void) | 797 | void init_rng(void) |
798 | { | 798 | { |
799 | int original_euid; | 799 | int original_euid; |
800 | 800 | ||
801 | original_uid = getuid(); | 801 | original_uid = getuid(); |
802 | original_euid = geteuid(); | 802 | original_euid = geteuid(); |
803 | 803 | ||
@@ -806,12 +806,12 @@ void init_rng(void) | |||
806 | fatal("PRNG initialisation failed -- exiting."); | 806 | fatal("PRNG initialisation failed -- exiting."); |
807 | 807 | ||
808 | /* Set ourselves up to save a seed upon exit */ | 808 | /* Set ourselves up to save a seed upon exit */ |
809 | prng_seed_saved = 0; | 809 | prng_seed_saved = 0; |
810 | 810 | ||
811 | /* Give up privs while reading seed file */ | 811 | /* Give up privs while reading seed file */ |
812 | if ((original_uid != original_euid) && (seteuid(original_uid) == -1)) | 812 | if ((original_uid != original_euid) && (seteuid(original_uid) == -1)) |
813 | fatal("Couldn't give up privileges"); | 813 | fatal("Couldn't give up privileges"); |
814 | 814 | ||
815 | prng_read_seedfile(); | 815 | prng_read_seedfile(); |
816 | 816 | ||
817 | if ((original_uid != original_euid) && (seteuid(original_euid) == -1)) | 817 | if ((original_uid != original_euid) && (seteuid(original_euid) == -1)) |
diff --git a/includes.h b/includes.h index f3cdae3c2..92013aa87 100644 --- a/includes.h +++ b/includes.h | |||
@@ -50,13 +50,13 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } | |||
50 | #endif | 50 | #endif |
51 | #ifdef HAVE_BSTRING_H | 51 | #ifdef HAVE_BSTRING_H |
52 | # include <bstring.h> | 52 | # include <bstring.h> |
53 | #endif | 53 | #endif |
54 | #ifdef HAVE_NETGROUP_H | 54 | #ifdef HAVE_NETGROUP_H |
55 | # include <netgroup.h> | 55 | # include <netgroup.h> |
56 | #endif | 56 | #endif |
57 | #if defined(HAVE_NETDB_H) | 57 | #if defined(HAVE_NETDB_H) |
58 | # include <netdb.h> | 58 | # include <netdb.h> |
59 | #endif | 59 | #endif |
60 | #ifdef HAVE_ENDIAN_H | 60 | #ifdef HAVE_ENDIAN_H |
61 | # include <endian.h> | 61 | # include <endian.h> |
62 | #endif | 62 | #endif |
@@ -79,7 +79,7 @@ kex_exchange_kexinit( | |||
79 | 79 | ||
80 | debug("send KEXINIT"); | 80 | debug("send KEXINIT"); |
81 | packet_start(SSH2_MSG_KEXINIT); | 81 | packet_start(SSH2_MSG_KEXINIT); |
82 | packet_put_raw(buffer_ptr(my_kexinit), buffer_len(my_kexinit)); | 82 | packet_put_raw(buffer_ptr(my_kexinit), buffer_len(my_kexinit)); |
83 | packet_send(); | 83 | packet_send(); |
84 | packet_write_wait(); | 84 | packet_write_wait(); |
85 | debug("done"); | 85 | debug("done"); |
@@ -244,7 +244,7 @@ kex_hash( | |||
244 | buffer_put_bignum2(&b, client_dh_pub); | 244 | buffer_put_bignum2(&b, client_dh_pub); |
245 | buffer_put_bignum2(&b, server_dh_pub); | 245 | buffer_put_bignum2(&b, server_dh_pub); |
246 | buffer_put_bignum2(&b, shared_secret); | 246 | buffer_put_bignum2(&b, shared_secret); |
247 | 247 | ||
248 | #ifdef DEBUG_KEX | 248 | #ifdef DEBUG_KEX |
249 | buffer_dump(&b); | 249 | buffer_dump(&b); |
250 | #endif | 250 | #endif |
@@ -297,7 +297,7 @@ kex_hash_gex( | |||
297 | buffer_put_bignum2(&b, client_dh_pub); | 297 | buffer_put_bignum2(&b, client_dh_pub); |
298 | buffer_put_bignum2(&b, server_dh_pub); | 298 | buffer_put_bignum2(&b, server_dh_pub); |
299 | buffer_put_bignum2(&b, shared_secret); | 299 | buffer_put_bignum2(&b, shared_secret); |
300 | 300 | ||
301 | #ifdef DEBUG_KEX | 301 | #ifdef DEBUG_KEX |
302 | buffer_dump(&b); | 302 | buffer_dump(&b); |
303 | #endif | 303 | #endif |
@@ -366,7 +366,7 @@ get_match(char *client, char *server) | |||
366 | c = cp = xstrdup(client); | 366 | c = cp = xstrdup(client); |
367 | s = sp = xstrdup(server); | 367 | s = sp = xstrdup(server); |
368 | 368 | ||
369 | for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0'; | 369 | for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0'; |
370 | (p = strsep(&sp, SEP)), i++) { | 370 | (p = strsep(&sp, SEP)), i++) { |
371 | if (i < MAX_PROP) | 371 | if (i < MAX_PROP) |
372 | sproposals[i] = p; | 372 | sproposals[i] = p; |
@@ -375,7 +375,7 @@ get_match(char *client, char *server) | |||
375 | } | 375 | } |
376 | nproposals = i; | 376 | nproposals = i; |
377 | 377 | ||
378 | for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0'; | 378 | for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0'; |
379 | (p = strsep(&cp, SEP)), i++) { | 379 | (p = strsep(&cp, SEP)), i++) { |
380 | for (j = 0; j < nproposals; j++) { | 380 | for (j = 0; j < nproposals; j++) { |
381 | if (strcmp(p, sproposals[j]) == 0) { | 381 | if (strcmp(p, sproposals[j]) == 0) { |
@@ -54,7 +54,7 @@ enum kex_exchange { | |||
54 | DH_GRP1_SHA1, | 54 | DH_GRP1_SHA1, |
55 | DH_GEX_SHA1 | 55 | DH_GEX_SHA1 |
56 | }; | 56 | }; |
57 | 57 | ||
58 | typedef struct Kex Kex; | 58 | typedef struct Kex Kex; |
59 | typedef struct Mac Mac; | 59 | typedef struct Mac Mac; |
60 | typedef struct Comp Comp; | 60 | typedef struct Comp Comp; |
@@ -452,11 +452,11 @@ key_size(Key *k){ | |||
452 | RSA * | 452 | RSA * |
453 | rsa_generate_private_key(u_int bits) | 453 | rsa_generate_private_key(u_int bits) |
454 | { | 454 | { |
455 | RSA *private; | 455 | RSA *private; |
456 | private = RSA_generate_key(bits, 35, NULL, NULL); | 456 | private = RSA_generate_key(bits, 35, NULL, NULL); |
457 | if (private == NULL) | 457 | if (private == NULL) |
458 | fatal("rsa_generate_private_key: key generation failed."); | 458 | fatal("rsa_generate_private_key: key generation failed."); |
459 | return private; | 459 | return private; |
460 | } | 460 | } |
461 | 461 | ||
462 | DSA* | 462 | DSA* |
@@ -466,9 +466,9 @@ dsa_generate_private_key(u_int bits) | |||
466 | if (private == NULL) | 466 | if (private == NULL) |
467 | fatal("dsa_generate_private_key: DSA_generate_parameters failed"); | 467 | fatal("dsa_generate_private_key: DSA_generate_parameters failed"); |
468 | if (!DSA_generate_key(private)) | 468 | if (!DSA_generate_key(private)) |
469 | fatal("dsa_generate_private_key: DSA_generate_key failed."); | 469 | fatal("dsa_generate_private_key: DSA_generate_key failed."); |
470 | if (private == NULL) | 470 | if (private == NULL) |
471 | fatal("dsa_generate_private_key: NULL."); | 471 | fatal("dsa_generate_private_key: NULL."); |
472 | return private; | 472 | return private; |
473 | } | 473 | } |
474 | 474 | ||
@@ -477,7 +477,7 @@ key_generate(int type, u_int bits) | |||
477 | { | 477 | { |
478 | Key *k = key_new(KEY_UNSPEC); | 478 | Key *k = key_new(KEY_UNSPEC); |
479 | switch (type) { | 479 | switch (type) { |
480 | case KEY_DSA: | 480 | case KEY_DSA: |
481 | k->dsa = dsa_generate_private_key(bits); | 481 | k->dsa = dsa_generate_private_key(bits); |
482 | break; | 482 | break; |
483 | case KEY_RSA: | 483 | case KEY_RSA: |
@@ -485,9 +485,9 @@ key_generate(int type, u_int bits) | |||
485 | k->rsa = rsa_generate_private_key(bits); | 485 | k->rsa = rsa_generate_private_key(bits); |
486 | break; | 486 | break; |
487 | default: | 487 | default: |
488 | fatal("key_generate: unknown type %d", type); | 488 | fatal("key_generate: unknown type %d", type); |
489 | } | 489 | } |
490 | k->type = type; | 490 | k->type = type; |
491 | return k; | 491 | return k; |
492 | } | 492 | } |
493 | 493 | ||
@@ -496,7 +496,7 @@ key_from_private(Key *k) | |||
496 | { | 496 | { |
497 | Key *n = NULL; | 497 | Key *n = NULL; |
498 | switch (k->type) { | 498 | switch (k->type) { |
499 | case KEY_DSA: | 499 | case KEY_DSA: |
500 | n = key_new(k->type); | 500 | n = key_new(k->type); |
501 | BN_copy(n->dsa->p, k->dsa->p); | 501 | BN_copy(n->dsa->p, k->dsa->p); |
502 | BN_copy(n->dsa->q, k->dsa->q); | 502 | BN_copy(n->dsa->q, k->dsa->q); |
@@ -510,7 +510,7 @@ key_from_private(Key *k) | |||
510 | BN_copy(n->rsa->e, k->rsa->e); | 510 | BN_copy(n->rsa->e, k->rsa->e); |
511 | break; | 511 | break; |
512 | default: | 512 | default: |
513 | fatal("key_from_private: unknown type %d", k->type); | 513 | fatal("key_from_private: unknown type %d", k->type); |
514 | break; | 514 | break; |
515 | } | 515 | } |
516 | return n; | 516 | return n; |
@@ -21,7 +21,7 @@ typedef enum { | |||
21 | SYSLOG_FACILITY_USER, | 21 | SYSLOG_FACILITY_USER, |
22 | SYSLOG_FACILITY_AUTH, | 22 | SYSLOG_FACILITY_AUTH, |
23 | #ifdef LOG_AUTHPRIV | 23 | #ifdef LOG_AUTHPRIV |
24 | SYSLOG_FACILITY_AUTHPRIV, | 24 | SYSLOG_FACILITY_AUTHPRIV, |
25 | #endif | 25 | #endif |
26 | SYSLOG_FACILITY_LOCAL0, | 26 | SYSLOG_FACILITY_LOCAL0, |
27 | SYSLOG_FACILITY_LOCAL1, | 27 | SYSLOG_FACILITY_LOCAL1, |
diff --git a/loginrec.c b/loginrec.c index dc723f742..d74833224 100644 --- a/loginrec.c +++ b/loginrec.c | |||
@@ -30,7 +30,7 @@ | |||
30 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 30 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
31 | */ | 31 | */ |
32 | 32 | ||
33 | /** | 33 | /** |
34 | ** loginrec.c: platform-independent login recording and lastlog retrieval | 34 | ** loginrec.c: platform-independent login recording and lastlog retrieval |
35 | **/ | 35 | **/ |
36 | 36 | ||
@@ -63,7 +63,7 @@ | |||
63 | requires very thorough testing so we do not corrupt local auditing | 63 | requires very thorough testing so we do not corrupt local auditing |
64 | information. These files and their access methods are very system | 64 | information. These files and their access methods are very system |
65 | specific indeed. | 65 | specific indeed. |
66 | 66 | ||
67 | For utmpx systems, the corresponding library functions are | 67 | For utmpx systems, the corresponding library functions are |
68 | setutxent() etc. To the author's knowledge, all utmpx systems have | 68 | setutxent() etc. To the author's knowledge, all utmpx systems have |
69 | these library functions and so no direct write is attempted. If such | 69 | these library functions and so no direct write is attempted. If such |
@@ -82,14 +82,14 @@ | |||
82 | 82 | ||
83 | Calling the new code | 83 | Calling the new code |
84 | -------------------- | 84 | -------------------- |
85 | 85 | ||
86 | In OpenSSH all login recording and retrieval is performed in | 86 | In OpenSSH all login recording and retrieval is performed in |
87 | login.c. Here you'll find working examples. Also, in the logintest.c | 87 | login.c. Here you'll find working examples. Also, in the logintest.c |
88 | program there are more examples. | 88 | program there are more examples. |
89 | 89 | ||
90 | Internal handler calling method | 90 | Internal handler calling method |
91 | ------------------------------- | 91 | ------------------------------- |
92 | 92 | ||
93 | When a call is made to login_login() or login_logout(), both | 93 | When a call is made to login_login() or login_logout(), both |
94 | routines set a struct logininfo flag defining which action (log in, | 94 | routines set a struct logininfo flag defining which action (log in, |
95 | or log out) is to be taken. They both then call login_write(), which | 95 | or log out) is to be taken. They both then call login_write(), which |
@@ -127,7 +127,7 @@ | |||
127 | with 'make logintest' as it's not built by default.) | 127 | with 'make logintest' as it's not built by default.) |
128 | 128 | ||
129 | Otherwise, patches to the specific method(s) are very helpful! | 129 | Otherwise, patches to the specific method(s) are very helpful! |
130 | 130 | ||
131 | */ | 131 | */ |
132 | 132 | ||
133 | /** | 133 | /** |
@@ -163,7 +163,7 @@ | |||
163 | #include "log.h" | 163 | #include "log.h" |
164 | #include "atomicio.h" | 164 | #include "atomicio.h" |
165 | 165 | ||
166 | RCSID("$Id: loginrec.c,v 1.30 2001/01/22 05:34:42 mouring Exp $"); | 166 | RCSID("$Id: loginrec.c,v 1.31 2001/02/05 12:42:17 stevesk Exp $"); |
167 | 167 | ||
168 | #ifdef HAVE_UTIL_H | 168 | #ifdef HAVE_UTIL_H |
169 | # include <util.h> | 169 | # include <util.h> |
@@ -207,7 +207,7 @@ int wtmpx_get_entry(struct logininfo *li); | |||
207 | **/ | 207 | **/ |
208 | 208 | ||
209 | /* login_login(struct logininfo *) -Record a login | 209 | /* login_login(struct logininfo *) -Record a login |
210 | * | 210 | * |
211 | * Call with a pointer to a struct logininfo initialised with | 211 | * Call with a pointer to a struct logininfo initialised with |
212 | * login_init_entry() or login_alloc_entry() | 212 | * login_init_entry() or login_alloc_entry() |
213 | * | 213 | * |
@@ -287,17 +287,17 @@ login_get_lastlog(struct logininfo *li, const int uid) | |||
287 | memset(li, '\0', sizeof(*li)); | 287 | memset(li, '\0', sizeof(*li)); |
288 | li->uid = uid; | 288 | li->uid = uid; |
289 | 289 | ||
290 | /* | 290 | /* |
291 | * If we don't have a 'real' lastlog, we need the username to | 291 | * If we don't have a 'real' lastlog, we need the username to |
292 | * reliably search wtmp(x) for the last login (see | 292 | * reliably search wtmp(x) for the last login (see |
293 | * wtmp_get_entry().) | 293 | * wtmp_get_entry().) |
294 | */ | 294 | */ |
295 | pw = getpwuid(uid); | 295 | pw = getpwuid(uid); |
296 | if (pw == NULL) | 296 | if (pw == NULL) |
297 | fatal("login_get_lastlog: Cannot find account for uid %i", uid); | 297 | fatal("login_get_lastlog: Cannot find account for uid %i", uid); |
298 | 298 | ||
299 | /* No MIN_SIZEOF here - we absolutely *must not* truncate the | 299 | /* No MIN_SIZEOF here - we absolutely *must not* truncate the |
300 | * username */ | 300 | * username */ |
301 | strlcpy(li->username, pw->pw_name, sizeof(li->username)); | 301 | strlcpy(li->username, pw->pw_name, sizeof(li->username)); |
302 | 302 | ||
303 | if (getlast_entry(li)) | 303 | if (getlast_entry(li)) |
@@ -308,8 +308,8 @@ login_get_lastlog(struct logininfo *li, const int uid) | |||
308 | 308 | ||
309 | 309 | ||
310 | /* login_alloc_entry(int, char*, char*, char*) - Allocate and initialise | 310 | /* login_alloc_entry(int, char*, char*, char*) - Allocate and initialise |
311 | * a logininfo structure | 311 | * a logininfo structure |
312 | * | 312 | * |
313 | * This function creates a new struct logininfo, a data structure | 313 | * This function creates a new struct logininfo, a data structure |
314 | * meant to carry the information required to portably record login info. | 314 | * meant to carry the information required to portably record login info. |
315 | * | 315 | * |
@@ -338,20 +338,20 @@ login_free_entry(struct logininfo *li) | |||
338 | 338 | ||
339 | /* login_init_entry(struct logininfo *, int, char*, char*, char*) | 339 | /* login_init_entry(struct logininfo *, int, char*, char*, char*) |
340 | * - initialise a struct logininfo | 340 | * - initialise a struct logininfo |
341 | * | 341 | * |
342 | * Populates a new struct logininfo, a data structure meant to carry | 342 | * Populates a new struct logininfo, a data structure meant to carry |
343 | * the information required to portably record login info. | 343 | * the information required to portably record login info. |
344 | * | 344 | * |
345 | * Returns: 1 | 345 | * Returns: 1 |
346 | */ | 346 | */ |
347 | int | 347 | int |
348 | login_init_entry(struct logininfo *li, int pid, const char *username, | 348 | login_init_entry(struct logininfo *li, int pid, const char *username, |
349 | const char *hostname, const char *line) | 349 | const char *hostname, const char *line) |
350 | { | 350 | { |
351 | struct passwd *pw; | 351 | struct passwd *pw; |
352 | 352 | ||
353 | memset(li, 0, sizeof(*li)); | 353 | memset(li, 0, sizeof(*li)); |
354 | 354 | ||
355 | li->pid = pid; | 355 | li->pid = pid; |
356 | 356 | ||
357 | /* set the line information */ | 357 | /* set the line information */ |
@@ -384,7 +384,7 @@ login_set_current_time(struct logininfo *li) | |||
384 | struct timeval tv; | 384 | struct timeval tv; |
385 | 385 | ||
386 | gettimeofday(&tv, NULL); | 386 | gettimeofday(&tv, NULL); |
387 | 387 | ||
388 | li->tv_sec = tv.tv_sec; | 388 | li->tv_sec = tv.tv_sec; |
389 | li->tv_usec = tv.tv_usec; | 389 | li->tv_usec = tv.tv_usec; |
390 | } | 390 | } |
@@ -457,7 +457,7 @@ getlast_entry(struct logininfo *li) | |||
457 | #else /* !USE_LASTLOG */ | 457 | #else /* !USE_LASTLOG */ |
458 | 458 | ||
459 | #ifdef DISABLE_LASTLOG | 459 | #ifdef DISABLE_LASTLOG |
460 | /* On some systems we shouldn't even try to obtain last login | 460 | /* On some systems we shouldn't even try to obtain last login |
461 | * time, e.g. AIX */ | 461 | * time, e.g. AIX */ |
462 | return 0; | 462 | return 0; |
463 | # else /* DISABLE_LASTLOG */ | 463 | # else /* DISABLE_LASTLOG */ |
@@ -475,7 +475,7 @@ getlast_entry(struct logininfo *li) | |||
475 | return 0; | 475 | return 0; |
476 | # endif /* USE_WTMPX && (HAVE_TIME_IN_UTMPX || HAVE_TV_IN_UTMPX) */ | 476 | # endif /* USE_WTMPX && (HAVE_TIME_IN_UTMPX || HAVE_TV_IN_UTMPX) */ |
477 | # endif /* USE_WTMP && (HAVE_TIME_IN_UTMP || HAVE_TV_IN_UTMP) */ | 477 | # endif /* USE_WTMP && (HAVE_TIME_IN_UTMP || HAVE_TV_IN_UTMP) */ |
478 | # endif /* DISABLE_LASTLOG */ | 478 | # endif /* DISABLE_LASTLOG */ |
479 | #endif /* USE_LASTLOG */ | 479 | #endif /* USE_LASTLOG */ |
480 | } | 480 | } |
481 | 481 | ||
@@ -532,12 +532,12 @@ line_stripname(char *dst, const char *src, int dstsize) | |||
532 | * NOTE: use strncpy because we do NOT necessarily want zero | 532 | * NOTE: use strncpy because we do NOT necessarily want zero |
533 | * termination */ | 533 | * termination */ |
534 | char * | 534 | char * |
535 | line_abbrevname(char *dst, const char *src, int dstsize) | 535 | line_abbrevname(char *dst, const char *src, int dstsize) |
536 | { | 536 | { |
537 | size_t len; | 537 | size_t len; |
538 | 538 | ||
539 | memset(dst, '\0', dstsize); | 539 | memset(dst, '\0', dstsize); |
540 | 540 | ||
541 | /* Always skip prefix if present */ | 541 | /* Always skip prefix if present */ |
542 | #ifdef sgi | 542 | #ifdef sgi |
543 | if (strncmp(src, "/dev/tty", 8) == 0) | 543 | if (strncmp(src, "/dev/tty", 8) == 0) |
@@ -546,7 +546,7 @@ line_abbrevname(char *dst, const char *src, int dstsize) | |||
546 | if (strncmp(src, "/dev/", 5) == 0) | 546 | if (strncmp(src, "/dev/", 5) == 0) |
547 | src += 5; | 547 | src += 5; |
548 | #endif | 548 | #endif |
549 | 549 | ||
550 | len = strlen(src); | 550 | len = strlen(src); |
551 | 551 | ||
552 | if (len > 0) { | 552 | if (len > 0) { |
@@ -554,9 +554,9 @@ line_abbrevname(char *dst, const char *src, int dstsize) | |||
554 | src += ((int)len - dstsize); | 554 | src += ((int)len - dstsize); |
555 | 555 | ||
556 | /* note: _don't_ change this to strlcpy */ | 556 | /* note: _don't_ change this to strlcpy */ |
557 | strncpy(dst, src, (size_t)dstsize); | 557 | strncpy(dst, src, (size_t)dstsize); |
558 | } | 558 | } |
559 | 559 | ||
560 | return dst; | 560 | return dst; |
561 | } | 561 | } |
562 | 562 | ||
@@ -620,7 +620,7 @@ construct_utmp(struct logininfo *li, | |||
620 | 620 | ||
621 | /* | 621 | /* |
622 | * These fields are only used when logging in, and are blank | 622 | * These fields are only used when logging in, and are blank |
623 | * for logouts. | 623 | * for logouts. |
624 | */ | 624 | */ |
625 | 625 | ||
626 | /* Use strncpy because we don't necessarily want null termination */ | 626 | /* Use strncpy because we don't necessarily want null termination */ |
@@ -632,7 +632,7 @@ construct_utmp(struct logininfo *li, | |||
632 | /* this is just a 32-bit IP address */ | 632 | /* this is just a 32-bit IP address */ |
633 | if (li->hostaddr.sa.sa_family == AF_INET) | 633 | if (li->hostaddr.sa.sa_family == AF_INET) |
634 | ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr; | 634 | ut->ut_addr = li->hostaddr.sa_in.sin_addr.s_addr; |
635 | # endif | 635 | # endif |
636 | } | 636 | } |
637 | #endif /* USE_UTMP || USE_WTMP || USE_LOGIN */ | 637 | #endif /* USE_UTMP || USE_WTMP || USE_LOGIN */ |
638 | 638 | ||
@@ -684,7 +684,7 @@ construct_utmpx(struct logininfo *li, struct utmpx *utx) | |||
684 | 684 | ||
685 | /* | 685 | /* |
686 | * These fields are only used when logging in, and are blank | 686 | * These fields are only used when logging in, and are blank |
687 | * for logouts. | 687 | * for logouts. |
688 | */ | 688 | */ |
689 | 689 | ||
690 | /* strncpy(): Don't necessarily want null termination */ | 690 | /* strncpy(): Don't necessarily want null termination */ |
@@ -774,18 +774,18 @@ utmp_write_direct(struct logininfo *li, struct utmp *ut) | |||
774 | * If the new ut_line is empty but the old one is not | 774 | * If the new ut_line is empty but the old one is not |
775 | * and ut_line and ut_name match, preserve the old ut_line. | 775 | * and ut_line and ut_name match, preserve the old ut_line. |
776 | */ | 776 | */ |
777 | if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) && | 777 | if (atomicio(read, fd, &old_ut, sizeof(old_ut)) == sizeof(old_ut) && |
778 | (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') && | 778 | (ut->ut_host[0] == '\0') && (old_ut.ut_host[0] != '\0') && |
779 | (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) && | 779 | (strncmp(old_ut.ut_line, ut->ut_line, sizeof(ut->ut_line)) == 0) && |
780 | (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0)) { | 780 | (strncmp(old_ut.ut_name, ut->ut_name, sizeof(ut->ut_name)) == 0)) { |
781 | (void)memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host)); | 781 | (void)memcpy(ut->ut_host, old_ut.ut_host, sizeof(ut->ut_host)); |
782 | } | 782 | } |
783 | 783 | ||
784 | (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET); | 784 | (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), SEEK_SET); |
785 | if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) | 785 | if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) |
786 | log("utmp_write_direct: error writing %s: %s", | 786 | log("utmp_write_direct: error writing %s: %s", |
787 | UTMP_FILE, strerror(errno)); | 787 | UTMP_FILE, strerror(errno)); |
788 | 788 | ||
789 | (void)close(fd); | 789 | (void)close(fd); |
790 | return 1; | 790 | return 1; |
791 | } else { | 791 | } else { |
@@ -887,7 +887,7 @@ utmpx_write_library(struct logininfo *li, struct utmpx *utx) | |||
887 | /* write a utmp entry direct to the file */ | 887 | /* write a utmp entry direct to the file */ |
888 | static int | 888 | static int |
889 | utmpx_write_direct(struct logininfo *li, struct utmpx *utx) | 889 | utmpx_write_direct(struct logininfo *li, struct utmpx *utx) |
890 | { | 890 | { |
891 | log("utmpx_write_direct: not implemented!"); | 891 | log("utmpx_write_direct: not implemented!"); |
892 | return 0; | 892 | return 0; |
893 | } | 893 | } |
@@ -957,7 +957,7 @@ utmpx_write_entry(struct logininfo *li) | |||
957 | ** Low-level wtmp functions | 957 | ** Low-level wtmp functions |
958 | **/ | 958 | **/ |
959 | 959 | ||
960 | #ifdef USE_WTMP | 960 | #ifdef USE_WTMP |
961 | 961 | ||
962 | /* write a wtmp entry direct to the end of the file */ | 962 | /* write a wtmp entry direct to the end of the file */ |
963 | /* This is a slight modification of code in OpenBSD's logwtmp.c */ | 963 | /* This is a slight modification of code in OpenBSD's logwtmp.c */ |
@@ -972,7 +972,7 @@ wtmp_write(struct logininfo *li, struct utmp *ut) | |||
972 | WTMP_FILE, strerror(errno)); | 972 | WTMP_FILE, strerror(errno)); |
973 | return 0; | 973 | return 0; |
974 | } | 974 | } |
975 | if (fstat(fd, &buf) == 0) | 975 | if (fstat(fd, &buf) == 0) |
976 | if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) { | 976 | if (atomicio(write, fd, ut, sizeof(*ut)) != sizeof(*ut)) { |
977 | ftruncate(fd, buf.st_size); | 977 | ftruncate(fd, buf.st_size); |
978 | log("wtmp_write: problem writing %s: %s", | 978 | log("wtmp_write: problem writing %s: %s", |
@@ -1019,7 +1019,7 @@ wtmp_write_entry(struct logininfo *li) | |||
1019 | 1019 | ||
1020 | 1020 | ||
1021 | /* Notes on fetching login data from wtmp/wtmpx | 1021 | /* Notes on fetching login data from wtmp/wtmpx |
1022 | * | 1022 | * |
1023 | * Logouts are usually recorded with (amongst other things) a blank | 1023 | * Logouts are usually recorded with (amongst other things) a blank |
1024 | * username on a given tty line. However, some systems (HP-UX is one) | 1024 | * username on a given tty line. However, some systems (HP-UX is one) |
1025 | * leave all fields set, but change the ut_type field to DEAD_PROCESS. | 1025 | * leave all fields set, but change the ut_type field to DEAD_PROCESS. |
@@ -1038,7 +1038,7 @@ wtmp_write_entry(struct logininfo *li) | |||
1038 | static int | 1038 | static int |
1039 | wtmp_islogin(struct logininfo *li, struct utmp *ut) | 1039 | wtmp_islogin(struct logininfo *li, struct utmp *ut) |
1040 | { | 1040 | { |
1041 | if (strncmp(li->username, ut->ut_name, | 1041 | if (strncmp(li->username, ut->ut_name, |
1042 | MIN_SIZEOF(li->username, ut->ut_name)) == 0) { | 1042 | MIN_SIZEOF(li->username, ut->ut_name)) == 0) { |
1043 | # ifdef HAVE_TYPE_IN_UTMP | 1043 | # ifdef HAVE_TYPE_IN_UTMP |
1044 | if (ut->ut_type & USER_PROCESS) | 1044 | if (ut->ut_type & USER_PROCESS) |
@@ -1065,7 +1065,7 @@ wtmp_get_entry(struct logininfo *li) | |||
1065 | WTMP_FILE, strerror(errno)); | 1065 | WTMP_FILE, strerror(errno)); |
1066 | return 0; | 1066 | return 0; |
1067 | } | 1067 | } |
1068 | if (fstat(fd, &st) != 0) { | 1068 | if (fstat(fd, &st) != 0) { |
1069 | log("wtmp_get_entry: couldn't stat %s: %s", | 1069 | log("wtmp_get_entry: couldn't stat %s: %s", |
1070 | WTMP_FILE, strerror(errno)); | 1070 | WTMP_FILE, strerror(errno)); |
1071 | close(fd); | 1071 | close(fd); |
@@ -1139,7 +1139,7 @@ wtmpx_write(struct logininfo *li, struct utmpx *utx) | |||
1139 | return 0; | 1139 | return 0; |
1140 | } | 1140 | } |
1141 | 1141 | ||
1142 | if (fstat(fd, &buf) == 0) | 1142 | if (fstat(fd, &buf) == 0) |
1143 | if (atomicio(write, fd, utx, sizeof(*utx)) != sizeof(*utx)) { | 1143 | if (atomicio(write, fd, utx, sizeof(*utx)) != sizeof(*utx)) { |
1144 | ftruncate(fd, buf.st_size); | 1144 | ftruncate(fd, buf.st_size); |
1145 | log("wtmpx_write: problem writing %s: %s", | 1145 | log("wtmpx_write: problem writing %s: %s", |
@@ -1221,13 +1221,13 @@ wtmpx_get_entry(struct logininfo *li) | |||
1221 | WTMPX_FILE, strerror(errno)); | 1221 | WTMPX_FILE, strerror(errno)); |
1222 | return 0; | 1222 | return 0; |
1223 | } | 1223 | } |
1224 | if (fstat(fd, &st) != 0) { | 1224 | if (fstat(fd, &st) != 0) { |
1225 | log("wtmpx_get_entry: couldn't stat %s: %s", | 1225 | log("wtmpx_get_entry: couldn't stat %s: %s", |
1226 | WTMP_FILE, strerror(errno)); | 1226 | WTMP_FILE, strerror(errno)); |
1227 | close(fd); | 1227 | close(fd); |
1228 | return 0; | 1228 | return 0; |
1229 | } | 1229 | } |
1230 | 1230 | ||
1231 | /* Seek to the start of the last struct utmpx */ | 1231 | /* Seek to the start of the last struct utmpx */ |
1232 | if (lseek(fd, (off_t)(0-sizeof(struct utmpx)), SEEK_END) == -1 ) { | 1232 | if (lseek(fd, (off_t)(0-sizeof(struct utmpx)), SEEK_END) == -1 ) { |
1233 | /* probably a newly rotated wtmpx file */ | 1233 | /* probably a newly rotated wtmpx file */ |
@@ -1295,7 +1295,7 @@ syslogin_perform_logout(struct logininfo *li) | |||
1295 | { | 1295 | { |
1296 | # ifdef HAVE_LOGOUT | 1296 | # ifdef HAVE_LOGOUT |
1297 | char line[8]; | 1297 | char line[8]; |
1298 | 1298 | ||
1299 | (void)line_stripname(line, li->line, sizeof(line)); | 1299 | (void)line_stripname(line, li->line, sizeof(line)); |
1300 | 1300 | ||
1301 | if (!logout(line)) { | 1301 | if (!logout(line)) { |
@@ -1344,7 +1344,7 @@ lastlog_construct(struct logininfo *li, struct lastlog *last) | |||
1344 | { | 1344 | { |
1345 | /* clear the structure */ | 1345 | /* clear the structure */ |
1346 | memset(last, '\0', sizeof(*last)); | 1346 | memset(last, '\0', sizeof(*last)); |
1347 | 1347 | ||
1348 | (void)line_stripname(last->ll_line, li->line, sizeof(last->ll_line)); | 1348 | (void)line_stripname(last->ll_line, li->line, sizeof(last->ll_line)); |
1349 | strlcpy(last->ll_host, li->hostname, | 1349 | strlcpy(last->ll_host, li->hostname, |
1350 | MIN_SIZEOF(last->ll_host, li->hostname)); | 1350 | MIN_SIZEOF(last->ll_host, li->hostname)); |
@@ -1357,7 +1357,7 @@ lastlog_filetype(char *filename) | |||
1357 | struct stat st; | 1357 | struct stat st; |
1358 | 1358 | ||
1359 | if (stat(LASTLOG_FILE, &st) != 0) { | 1359 | if (stat(LASTLOG_FILE, &st) != 0) { |
1360 | log("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE, | 1360 | log("lastlog_perform_login: Couldn't stat %s: %s", LASTLOG_FILE, |
1361 | strerror(errno)); | 1361 | strerror(errno)); |
1362 | return 0; | 1362 | return 0; |
1363 | } | 1363 | } |
@@ -1399,18 +1399,18 @@ lastlog_openseek(struct logininfo *li, int *fd, int filemode) | |||
1399 | lastlog_file, strerror(errno)); | 1399 | lastlog_file, strerror(errno)); |
1400 | return 0; | 1400 | return 0; |
1401 | } | 1401 | } |
1402 | 1402 | ||
1403 | if (type == LL_FILE) { | 1403 | if (type == LL_FILE) { |
1404 | /* find this uid's offset in the lastlog file */ | 1404 | /* find this uid's offset in the lastlog file */ |
1405 | offset = (off_t) ( (long)li->uid * sizeof(struct lastlog)); | 1405 | offset = (off_t) ( (long)li->uid * sizeof(struct lastlog)); |
1406 | 1406 | ||
1407 | if ( lseek(*fd, offset, SEEK_SET) != offset ) { | 1407 | if ( lseek(*fd, offset, SEEK_SET) != offset ) { |
1408 | log("lastlog_openseek: %s->lseek(): %s", | 1408 | log("lastlog_openseek: %s->lseek(): %s", |
1409 | lastlog_file, strerror(errno)); | 1409 | lastlog_file, strerror(errno)); |
1410 | return 0; | 1410 | return 0; |
1411 | } | 1411 | } |
1412 | } | 1412 | } |
1413 | 1413 | ||
1414 | return 1; | 1414 | return 1; |
1415 | } | 1415 | } |
1416 | 1416 | ||
@@ -1425,7 +1425,7 @@ lastlog_perform_login(struct logininfo *li) | |||
1425 | 1425 | ||
1426 | if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT)) | 1426 | if (!lastlog_openseek(li, &fd, O_RDWR|O_CREAT)) |
1427 | return(0); | 1427 | return(0); |
1428 | 1428 | ||
1429 | /* write the entry */ | 1429 | /* write the entry */ |
1430 | if (atomicio(write, fd, &last, sizeof(last)) != sizeof(last)) { | 1430 | if (atomicio(write, fd, &last, sizeof(last)) != sizeof(last)) { |
1431 | close(fd); | 1431 | close(fd); |
@@ -1454,7 +1454,7 @@ static void | |||
1454 | lastlog_populate_entry(struct logininfo *li, struct lastlog *last) | 1454 | lastlog_populate_entry(struct logininfo *li, struct lastlog *last) |
1455 | { | 1455 | { |
1456 | line_fullname(li->line, last->ll_line, sizeof(li->line)); | 1456 | line_fullname(li->line, last->ll_line, sizeof(li->line)); |
1457 | strlcpy(li->hostname, last->ll_host, | 1457 | strlcpy(li->hostname, last->ll_host, |
1458 | MIN_SIZEOF(li->hostname, last->ll_host)); | 1458 | MIN_SIZEOF(li->hostname, last->ll_host)); |
1459 | li->tv_sec = last->ll_time; | 1459 | li->tv_sec = last->ll_time; |
1460 | } | 1460 | } |
@@ -1475,7 +1475,7 @@ lastlog_get_entry(struct logininfo *li) | |||
1475 | return 1; | 1475 | return 1; |
1476 | } | 1476 | } |
1477 | } else { | 1477 | } else { |
1478 | return 0; | 1478 | return 0; |
1479 | } | 1479 | } |
1480 | } | 1480 | } |
1481 | #endif /* USE_LASTLOG */ | 1481 | #endif /* USE_LASTLOG */ |
diff --git a/loginrec.h b/loginrec.h index b3dbb43df..ecb430d50 100644 --- a/loginrec.h +++ b/loginrec.h | |||
@@ -30,7 +30,7 @@ | |||
30 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 30 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
31 | */ | 31 | */ |
32 | 32 | ||
33 | /** | 33 | /** |
34 | ** loginrec.h: platform-independent login recording and lastlog retrieval | 34 | ** loginrec.h: platform-independent login recording and lastlog retrieval |
35 | **/ | 35 | **/ |
36 | 36 | ||
@@ -40,7 +40,7 @@ | |||
40 | #include <netinet/in.h> | 40 | #include <netinet/in.h> |
41 | #include <sys/socket.h> | 41 | #include <sys/socket.h> |
42 | 42 | ||
43 | /* RCSID("$Id: loginrec.h,v 1.4 2000/06/27 01:18:27 djm Exp $"); */ | 43 | /* RCSID("$Id: loginrec.h,v 1.5 2001/02/05 12:42:18 stevesk Exp $"); */ |
44 | 44 | ||
45 | /** | 45 | /** |
46 | ** you should use the login_* calls to work around platform dependencies | 46 | ** you should use the login_* calls to work around platform dependencies |
@@ -86,7 +86,7 @@ struct logininfo { | |||
86 | * use time_t's value as tv_sec and set tv_usec to 0 | 86 | * use time_t's value as tv_sec and set tv_usec to 0 |
87 | */ | 87 | */ |
88 | unsigned int tv_sec; | 88 | unsigned int tv_sec; |
89 | unsigned int tv_usec; | 89 | unsigned int tv_usec; |
90 | union login_netinfo hostaddr; /* caller's host address(es) */ | 90 | union login_netinfo hostaddr; /* caller's host address(es) */ |
91 | }; /* struct logininfo */ | 91 | }; /* struct logininfo */ |
92 | 92 | ||
@@ -102,7 +102,7 @@ struct logininfo *login_alloc_entry(int pid, const char *username, | |||
102 | /* free a structure */ | 102 | /* free a structure */ |
103 | void login_free_entry(struct logininfo *li); | 103 | void login_free_entry(struct logininfo *li); |
104 | /* fill out a pre-allocated structure with useful information */ | 104 | /* fill out a pre-allocated structure with useful information */ |
105 | int login_init_entry(struct logininfo *li, int pid, const char *username, | 105 | int login_init_entry(struct logininfo *li, int pid, const char *username, |
106 | const char *hostname, const char *line); | 106 | const char *hostname, const char *line); |
107 | /* place the current time in a logininfo struct */ | 107 | /* place the current time in a logininfo struct */ |
108 | void login_set_current_time(struct logininfo *li); | 108 | void login_set_current_time(struct logininfo *li); |
diff --git a/logintest.c b/logintest.c index 886052313..302034da0 100644 --- a/logintest.c +++ b/logintest.c | |||
@@ -27,7 +27,7 @@ | |||
27 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 27 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
28 | */ | 28 | */ |
29 | 29 | ||
30 | /** | 30 | /** |
31 | ** logintest.c: simple test driver for platform-independent login recording | 31 | ** logintest.c: simple test driver for platform-independent login recording |
32 | ** and lastlog retrieval | 32 | ** and lastlog retrieval |
33 | **/ | 33 | **/ |
@@ -48,7 +48,7 @@ | |||
48 | 48 | ||
49 | #include "loginrec.h" | 49 | #include "loginrec.h" |
50 | 50 | ||
51 | RCSID("$Id: logintest.c,v 1.6 2000/06/19 08:25:36 andre Exp $"); | 51 | RCSID("$Id: logintest.c,v 1.7 2001/02/05 12:42:18 stevesk Exp $"); |
52 | 52 | ||
53 | 53 | ||
54 | #define PAUSE_BEFORE_LOGOUT 3 | 54 | #define PAUSE_BEFORE_LOGOUT 3 |
@@ -74,10 +74,10 @@ dump_logininfo(struct logininfo *li, char *descname) | |||
74 | "\t\t\tfamily\t%d\n\t\t}\n" | 74 | "\t\t\tfamily\t%d\n\t\t}\n" |
75 | "\t}\n" | 75 | "\t}\n" |
76 | "}\n", | 76 | "}\n", |
77 | descname, li->progname, li->type, | 77 | descname, li->progname, li->type, |
78 | li->pid, li->uid, li->line, | 78 | li->pid, li->uid, li->line, |
79 | li->username, li->hostname, li->exit, | 79 | li->username, li->hostname, li->exit, |
80 | li->termination, li->tv_sec, li->tv_usec, | 80 | li->termination, li->tv_sec, li->tv_usec, |
81 | li->hostaddr.sa.sa_family); | 81 | li->hostaddr.sa.sa_family); |
82 | } | 82 | } |
83 | 83 | ||
@@ -134,7 +134,7 @@ testAPI() | |||
134 | 134 | ||
135 | if (nologtest) | 135 | if (nologtest) |
136 | return 1; | 136 | return 1; |
137 | 137 | ||
138 | line_stripname(stripline, li1->line, sizeof(stripline)); | 138 | line_stripname(stripline, li1->line, sizeof(stripline)); |
139 | 139 | ||
140 | printf("Performing an invalid login attempt (no type field)\n--\n"); | 140 | printf("Performing an invalid login attempt (no type field)\n--\n"); |
@@ -159,11 +159,11 @@ testAPI() | |||
159 | #endif | 159 | #endif |
160 | printf("--\n"); | 160 | printf("--\n"); |
161 | login_login(li1); | 161 | login_login(li1); |
162 | 162 | ||
163 | snprintf(cmdstring, sizeof(cmdstring), "who | grep '%s '", | 163 | snprintf(cmdstring, sizeof(cmdstring), "who | grep '%s '", |
164 | stripline); | 164 | stripline); |
165 | system(cmdstring); | 165 | system(cmdstring); |
166 | 166 | ||
167 | printf("--\nPausing for %d second(s)...\n", PAUSE_BEFORE_LOGOUT); | 167 | printf("--\nPausing for %d second(s)...\n", PAUSE_BEFORE_LOGOUT); |
168 | sleep(PAUSE_BEFORE_LOGOUT); | 168 | sleep(PAUSE_BEFORE_LOGOUT); |
169 | 169 | ||
@@ -205,12 +205,12 @@ testAPI() | |||
205 | #endif | 205 | #endif |
206 | 206 | ||
207 | printf("--\nThe output of 'last' shown next should have " | 207 | printf("--\nThe output of 'last' shown next should have " |
208 | "an entry for root \n on %s for the time shown above:\n--\n", | 208 | "an entry for root \n on %s for the time shown above:\n--\n", |
209 | stripline); | 209 | stripline); |
210 | snprintf(cmdstring, sizeof(cmdstring), "last | grep '%s ' | head -3", | 210 | snprintf(cmdstring, sizeof(cmdstring), "last | grep '%s ' | head -3", |
211 | stripline); | 211 | stripline); |
212 | system(cmdstring); | 212 | system(cmdstring); |
213 | 213 | ||
214 | printf("--\nEnd of login test.\n"); | 214 | printf("--\nEnd of login test.\n"); |
215 | 215 | ||
216 | login_free_entry(li1); | 216 | login_free_entry(li1); |
@@ -255,9 +255,9 @@ testOutput() | |||
255 | /* show which options got compiled in */ | 255 | /* show which options got compiled in */ |
256 | void | 256 | void |
257 | showOptions(void) | 257 | showOptions(void) |
258 | { | 258 | { |
259 | printf("**\n** Compile-time options\n**\n"); | 259 | printf("**\n** Compile-time options\n**\n"); |
260 | 260 | ||
261 | printf("login recording methods selected:\n"); | 261 | printf("login recording methods selected:\n"); |
262 | #ifdef USE_LOGIN | 262 | #ifdef USE_LOGIN |
263 | printf("\tUSE_LOGIN\n"); | 263 | printf("\tUSE_LOGIN\n"); |
@@ -293,17 +293,17 @@ main(int argc, char *argv[]) | |||
293 | else if (strncmp(argv[1], "-v", 3) == 0) | 293 | else if (strncmp(argv[1], "-v", 3) == 0) |
294 | be_verbose=1; | 294 | be_verbose=1; |
295 | } | 295 | } |
296 | 296 | ||
297 | if (!compile_opts_only) { | 297 | if (!compile_opts_only) { |
298 | if (be_verbose && !testOutput()) | 298 | if (be_verbose && !testOutput()) |
299 | return 1; | 299 | return 1; |
300 | 300 | ||
301 | if (!testAPI()) | 301 | if (!testAPI()) |
302 | return 1; | 302 | return 1; |
303 | } | 303 | } |
304 | 304 | ||
305 | showOptions(); | 305 | showOptions(); |
306 | 306 | ||
307 | return 0; | 307 | return 0; |
308 | } /* main() */ | 308 | } /* main() */ |
309 | 309 | ||
diff --git a/md5crypt.c b/md5crypt.c index a9f0f26dd..26007831a 100644 --- a/md5crypt.c +++ b/md5crypt.c | |||
@@ -27,11 +27,11 @@ static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ | |||
27 | "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; | 27 | "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; |
28 | 28 | ||
29 | static char *magic = "$1$"; /* | 29 | static char *magic = "$1$"; /* |
30 | * This string is magic for | 30 | * This string is magic for |
31 | * this algorithm. Having | 31 | * this algorithm. Having |
32 | * it this way, we can get | 32 | * it this way, we can get |
33 | * get better later on | 33 | * get better later on |
34 | */ | 34 | */ |
35 | 35 | ||
36 | static void | 36 | static void |
37 | to64(char *s, unsigned long v, int n) | 37 | to64(char *s, unsigned long v, int n) |
@@ -45,7 +45,7 @@ to64(char *s, unsigned long v, int n) | |||
45 | int | 45 | int |
46 | is_md5_salt(const char *salt) | 46 | is_md5_salt(const char *salt) |
47 | { | 47 | { |
48 | return (!strncmp(salt, magic, strlen(magic))); | 48 | return (!strncmp(salt, magic, strlen(magic))); |
49 | } | 49 | } |
50 | 50 | ||
51 | /* | 51 | /* |
@@ -481,7 +481,7 @@ chan_shutdown_read(Channel *c) | |||
481 | return; | 481 | return; |
482 | debug("channel %d: close_read", c->self); | 482 | debug("channel %d: close_read", c->self); |
483 | if (c->sock != -1) { | 483 | if (c->sock != -1) { |
484 | /* | 484 | /* |
485 | * shutdown(sock, SHUT_READ) may return ENOTCONN if the | 485 | * shutdown(sock, SHUT_READ) may return ENOTCONN if the |
486 | * write side has been closed already. (bug on Linux) | 486 | * write side has been closed already. (bug on Linux) |
487 | */ | 487 | */ |
@@ -989,7 +989,7 @@ packet_read_poll(int *payload_len_ptr) | |||
989 | default: | 989 | default: |
990 | return type; | 990 | return type; |
991 | break; | 991 | break; |
992 | } | 992 | } |
993 | } else { | 993 | } else { |
994 | switch(type) { | 994 | switch(type) { |
995 | case SSH_MSG_IGNORE: | 995 | case SSH_MSG_IGNORE: |
@@ -1011,7 +1011,7 @@ packet_read_poll(int *payload_len_ptr) | |||
1011 | DBG(debug("received packet type %d", type)); | 1011 | DBG(debug("received packet type %d", type)); |
1012 | return type; | 1012 | return type; |
1013 | break; | 1013 | break; |
1014 | } | 1014 | } |
1015 | } | 1015 | } |
1016 | } | 1016 | } |
1017 | } | 1017 | } |
@@ -176,8 +176,8 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) | |||
176 | *ptyfd = open(buf, O_RDWR | O_NOCTTY); | 176 | *ptyfd = open(buf, O_RDWR | O_NOCTTY); |
177 | if (*ptyfd < 0) | 177 | if (*ptyfd < 0) |
178 | continue; | 178 | continue; |
179 | } | 179 | } |
180 | 180 | ||
181 | /* Open the slave side. */ | 181 | /* Open the slave side. */ |
182 | *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); | 182 | *ttyfd = open(namebuf, O_RDWR | O_NOCTTY); |
183 | if (*ttyfd < 0) { | 183 | if (*ttyfd < 0) { |
@@ -315,11 +315,11 @@ pty_setowner(struct passwd *pw, const char *ttyname) | |||
315 | if (chown(ttyname, pw->pw_uid, gid) < 0) { | 315 | if (chown(ttyname, pw->pw_uid, gid) < 0) { |
316 | if (errno == EROFS && st.st_uid == pw->pw_uid) | 316 | if (errno == EROFS && st.st_uid == pw->pw_uid) |
317 | error("chown(%.100s, %d, %d) failed: %.100s", | 317 | error("chown(%.100s, %d, %d) failed: %.100s", |
318 | ttyname, pw->pw_uid, gid, | 318 | ttyname, pw->pw_uid, gid, |
319 | strerror(errno)); | 319 | strerror(errno)); |
320 | else | 320 | else |
321 | fatal("chown(%.100s, %d, %d) failed: %.100s", | 321 | fatal("chown(%.100s, %d, %d) failed: %.100s", |
322 | ttyname, pw->pw_uid, gid, | 322 | ttyname, pw->pw_uid, gid, |
323 | strerror(errno)); | 323 | strerror(errno)); |
324 | } | 324 | } |
325 | } | 325 | } |
diff --git a/rijndael.c b/rijndael.c index 10c779b4c..aa32be514 100644 --- a/rijndael.c +++ b/rijndael.c | |||
@@ -54,7 +54,7 @@ void gen_tabs __P((void)); | |||
54 | 54 | ||
55 | #define bswap(x) ((rotl(x, 8) & 0x00ff00ff) | (rotr(x, 8) & 0xff00ff00)) | 55 | #define bswap(x) ((rotl(x, 8) & 0x00ff00ff) | (rotr(x, 8) & 0xff00ff00)) |
56 | 56 | ||
57 | /* Extract byte from a 32 bit quantity (little endian notation) */ | 57 | /* Extract byte from a 32 bit quantity (little endian notation) */ |
58 | 58 | ||
59 | #define byte(x,n) ((u1byte)((x) >> (8 * n))) | 59 | #define byte(x,n) ((u1byte)((x) >> (8 * n))) |
60 | 60 | ||
@@ -89,15 +89,15 @@ u4byte tab_gen = 0; | |||
89 | 89 | ||
90 | #define f_rn(bo, bi, n, k) \ | 90 | #define f_rn(bo, bi, n, k) \ |
91 | bo[n] = ft_tab[0][byte(bi[n],0)] ^ \ | 91 | bo[n] = ft_tab[0][byte(bi[n],0)] ^ \ |
92 | ft_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ | 92 | ft_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ |
93 | ft_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | 93 | ft_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ |
94 | ft_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) | 94 | ft_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) |
95 | 95 | ||
96 | #define i_rn(bo, bi, n, k) \ | 96 | #define i_rn(bo, bi, n, k) \ |
97 | bo[n] = it_tab[0][byte(bi[n],0)] ^ \ | 97 | bo[n] = it_tab[0][byte(bi[n],0)] ^ \ |
98 | it_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ | 98 | it_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ |
99 | it_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | 99 | it_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ |
100 | it_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) | 100 | it_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) |
101 | 101 | ||
102 | #ifdef LARGE_TABLES | 102 | #ifdef LARGE_TABLES |
103 | 103 | ||
@@ -109,15 +109,15 @@ u4byte tab_gen = 0; | |||
109 | 109 | ||
110 | #define f_rl(bo, bi, n, k) \ | 110 | #define f_rl(bo, bi, n, k) \ |
111 | bo[n] = fl_tab[0][byte(bi[n],0)] ^ \ | 111 | bo[n] = fl_tab[0][byte(bi[n],0)] ^ \ |
112 | fl_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ | 112 | fl_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ |
113 | fl_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | 113 | fl_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ |
114 | fl_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) | 114 | fl_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) |
115 | 115 | ||
116 | #define i_rl(bo, bi, n, k) \ | 116 | #define i_rl(bo, bi, n, k) \ |
117 | bo[n] = il_tab[0][byte(bi[n],0)] ^ \ | 117 | bo[n] = il_tab[0][byte(bi[n],0)] ^ \ |
118 | il_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ | 118 | il_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ |
119 | il_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | 119 | il_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ |
120 | il_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) | 120 | il_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) |
121 | 121 | ||
122 | #else | 122 | #else |
123 | 123 | ||
@@ -129,15 +129,15 @@ u4byte tab_gen = 0; | |||
129 | 129 | ||
130 | #define f_rl(bo, bi, n, k) \ | 130 | #define f_rl(bo, bi, n, k) \ |
131 | bo[n] = (u4byte)sbx_tab[byte(bi[n],0)] ^ \ | 131 | bo[n] = (u4byte)sbx_tab[byte(bi[n],0)] ^ \ |
132 | rotl(((u4byte)sbx_tab[byte(bi[(n + 1) & 3],1)]), 8) ^ \ | 132 | rotl(((u4byte)sbx_tab[byte(bi[(n + 1) & 3],1)]), 8) ^ \ |
133 | rotl(((u4byte)sbx_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \ | 133 | rotl(((u4byte)sbx_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \ |
134 | rotl(((u4byte)sbx_tab[byte(bi[(n + 3) & 3],3)]), 24) ^ *(k + n) | 134 | rotl(((u4byte)sbx_tab[byte(bi[(n + 3) & 3],3)]), 24) ^ *(k + n) |
135 | 135 | ||
136 | #define i_rl(bo, bi, n, k) \ | 136 | #define i_rl(bo, bi, n, k) \ |
137 | bo[n] = (u4byte)isb_tab[byte(bi[n],0)] ^ \ | 137 | bo[n] = (u4byte)isb_tab[byte(bi[n],0)] ^ \ |
138 | rotl(((u4byte)isb_tab[byte(bi[(n + 3) & 3],1)]), 8) ^ \ | 138 | rotl(((u4byte)isb_tab[byte(bi[(n + 3) & 3],1)]), 8) ^ \ |
139 | rotl(((u4byte)isb_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \ | 139 | rotl(((u4byte)isb_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \ |
140 | rotl(((u4byte)isb_tab[byte(bi[(n + 1) & 3],3)]), 24) ^ *(k + n) | 140 | rotl(((u4byte)isb_tab[byte(bi[(n + 1) & 3],3)]), 24) ^ *(k + n) |
141 | 141 | ||
142 | #endif | 142 | #endif |
143 | 143 | ||
@@ -160,7 +160,7 @@ gen_tabs(void) | |||
160 | log_tab[1] = 0; p = 1; | 160 | log_tab[1] = 0; p = 1; |
161 | 161 | ||
162 | for(i = 0; i < 10; ++i) { | 162 | for(i = 0; i < 10; ++i) { |
163 | rco_tab[i] = p; | 163 | rco_tab[i] = p; |
164 | 164 | ||
165 | p = (p << 1) ^ (p & 0x80 ? 0x1b : 0); | 165 | p = (p << 1) ^ (p & 0x80 ? 0x1b : 0); |
166 | } | 166 | } |
@@ -172,19 +172,19 @@ gen_tabs(void) | |||
172 | /* least significant end of a byte. */ | 172 | /* least significant end of a byte. */ |
173 | 173 | ||
174 | for(i = 0; i < 256; ++i) { | 174 | for(i = 0; i < 256; ++i) { |
175 | p = (i ? pow_tab[255 - log_tab[i]] : 0); q = p; | 175 | p = (i ? pow_tab[255 - log_tab[i]] : 0); q = p; |
176 | q = (q >> 7) | (q << 1); p ^= q; | 176 | q = (q >> 7) | (q << 1); p ^= q; |
177 | q = (q >> 7) | (q << 1); p ^= q; | 177 | q = (q >> 7) | (q << 1); p ^= q; |
178 | q = (q >> 7) | (q << 1); p ^= q; | 178 | q = (q >> 7) | (q << 1); p ^= q; |
179 | q = (q >> 7) | (q << 1); p ^= q ^ 0x63; | 179 | q = (q >> 7) | (q << 1); p ^= q ^ 0x63; |
180 | sbx_tab[i] = (u1byte)p; isb_tab[p] = (u1byte)i; | 180 | sbx_tab[i] = (u1byte)p; isb_tab[p] = (u1byte)i; |
181 | } | 181 | } |
182 | 182 | ||
183 | for(i = 0; i < 256; ++i) { | 183 | for(i = 0; i < 256; ++i) { |
184 | p = sbx_tab[i]; | 184 | p = sbx_tab[i]; |
185 | |||
186 | #ifdef LARGE_TABLES | ||
185 | 187 | ||
186 | #ifdef LARGE_TABLES | ||
187 | |||
188 | t = p; fl_tab[0][i] = t; | 188 | t = p; fl_tab[0][i] = t; |
189 | fl_tab[1][i] = rotl(t, 8); | 189 | fl_tab[1][i] = rotl(t, 8); |
190 | fl_tab[2][i] = rotl(t, 16); | 190 | fl_tab[2][i] = rotl(t, 16); |
@@ -194,30 +194,30 @@ gen_tabs(void) | |||
194 | ((u4byte)p << 8) | | 194 | ((u4byte)p << 8) | |
195 | ((u4byte)p << 16) | | 195 | ((u4byte)p << 16) | |
196 | ((u4byte)ff_mult(3, p) << 24); | 196 | ((u4byte)ff_mult(3, p) << 24); |
197 | 197 | ||
198 | ft_tab[0][i] = t; | 198 | ft_tab[0][i] = t; |
199 | ft_tab[1][i] = rotl(t, 8); | 199 | ft_tab[1][i] = rotl(t, 8); |
200 | ft_tab[2][i] = rotl(t, 16); | 200 | ft_tab[2][i] = rotl(t, 16); |
201 | ft_tab[3][i] = rotl(t, 24); | 201 | ft_tab[3][i] = rotl(t, 24); |
202 | 202 | ||
203 | p = isb_tab[i]; | 203 | p = isb_tab[i]; |
204 | 204 | ||
205 | #ifdef LARGE_TABLES | 205 | #ifdef LARGE_TABLES |
206 | 206 | ||
207 | t = p; il_tab[0][i] = t; | 207 | t = p; il_tab[0][i] = t; |
208 | il_tab[1][i] = rotl(t, 8); | 208 | il_tab[1][i] = rotl(t, 8); |
209 | il_tab[2][i] = rotl(t, 16); | 209 | il_tab[2][i] = rotl(t, 16); |
210 | il_tab[3][i] = rotl(t, 24); | 210 | il_tab[3][i] = rotl(t, 24); |
211 | #endif | 211 | #endif |
212 | t = ((u4byte)ff_mult(14, p)) | | 212 | t = ((u4byte)ff_mult(14, p)) | |
213 | ((u4byte)ff_mult( 9, p) << 8) | | 213 | ((u4byte)ff_mult( 9, p) << 8) | |
214 | ((u4byte)ff_mult(13, p) << 16) | | 214 | ((u4byte)ff_mult(13, p) << 16) | |
215 | ((u4byte)ff_mult(11, p) << 24); | 215 | ((u4byte)ff_mult(11, p) << 24); |
216 | 216 | ||
217 | it_tab[0][i] = t; | 217 | it_tab[0][i] = t; |
218 | it_tab[1][i] = rotl(t, 8); | 218 | it_tab[1][i] = rotl(t, 8); |
219 | it_tab[2][i] = rotl(t, 16); | 219 | it_tab[2][i] = rotl(t, 16); |
220 | it_tab[3][i] = rotl(t, 24); | 220 | it_tab[3][i] = rotl(t, 24); |
221 | } | 221 | } |
222 | 222 | ||
223 | tab_gen = 1; | 223 | tab_gen = 1; |
@@ -232,8 +232,8 @@ gen_tabs(void) | |||
232 | t = w ^ (x); \ | 232 | t = w ^ (x); \ |
233 | (y) = u ^ v ^ w; \ | 233 | (y) = u ^ v ^ w; \ |
234 | (y) ^= rotr(u ^ t, 8) ^ \ | 234 | (y) ^= rotr(u ^ t, 8) ^ \ |
235 | rotr(v ^ t, 16) ^ \ | 235 | rotr(v ^ t, 16) ^ \ |
236 | rotr(t,24) | 236 | rotr(t,24) |
237 | 237 | ||
238 | /* initialise the key schedule from the user supplied key */ | 238 | /* initialise the key schedule from the user supplied key */ |
239 | 239 | ||
@@ -271,7 +271,7 @@ gen_tabs(void) | |||
271 | rijndael_ctx * | 271 | rijndael_ctx * |
272 | rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len, | 272 | rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len, |
273 | int encrypt) | 273 | int encrypt) |
274 | { | 274 | { |
275 | u4byte i, t, u, v, w; | 275 | u4byte i, t, u, v, w; |
276 | u4byte *e_key = ctx->e_key; | 276 | u4byte *e_key = ctx->e_key; |
277 | u4byte *d_key = ctx->d_key; | 277 | u4byte *d_key = ctx->d_key; |
@@ -285,23 +285,23 @@ rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len, | |||
285 | 285 | ||
286 | e_key[0] = io_swap(in_key[0]); e_key[1] = io_swap(in_key[1]); | 286 | e_key[0] = io_swap(in_key[0]); e_key[1] = io_swap(in_key[1]); |
287 | e_key[2] = io_swap(in_key[2]); e_key[3] = io_swap(in_key[3]); | 287 | e_key[2] = io_swap(in_key[2]); e_key[3] = io_swap(in_key[3]); |
288 | 288 | ||
289 | switch(ctx->k_len) { | 289 | switch(ctx->k_len) { |
290 | case 4: t = e_key[3]; | 290 | case 4: t = e_key[3]; |
291 | for(i = 0; i < 10; ++i) | 291 | for(i = 0; i < 10; ++i) |
292 | loop4(i); | 292 | loop4(i); |
293 | break; | 293 | break; |
294 | 294 | ||
295 | case 6: e_key[4] = io_swap(in_key[4]); t = e_key[5] = io_swap(in_key[5]); | 295 | case 6: e_key[4] = io_swap(in_key[4]); t = e_key[5] = io_swap(in_key[5]); |
296 | for(i = 0; i < 8; ++i) | 296 | for(i = 0; i < 8; ++i) |
297 | loop6(i); | 297 | loop6(i); |
298 | break; | 298 | break; |
299 | 299 | ||
300 | case 8: e_key[4] = io_swap(in_key[4]); e_key[5] = io_swap(in_key[5]); | 300 | case 8: e_key[4] = io_swap(in_key[4]); e_key[5] = io_swap(in_key[5]); |
301 | e_key[6] = io_swap(in_key[6]); t = e_key[7] = io_swap(in_key[7]); | 301 | e_key[6] = io_swap(in_key[6]); t = e_key[7] = io_swap(in_key[7]); |
302 | for(i = 0; i < 7; ++i) | 302 | for(i = 0; i < 7; ++i) |
303 | loop8(i); | 303 | loop8(i); |
304 | break; | 304 | break; |
305 | } | 305 | } |
306 | 306 | ||
307 | if (!encrypt) { | 307 | if (!encrypt) { |
@@ -333,7 +333,7 @@ rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len, | |||
333 | 333 | ||
334 | void | 334 | void |
335 | rijndael_encrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) | 335 | rijndael_encrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) |
336 | { | 336 | { |
337 | u4byte k_len = ctx->k_len; | 337 | u4byte k_len = ctx->k_len; |
338 | u4byte *e_key = ctx->e_key; | 338 | u4byte *e_key = ctx->e_key; |
339 | u4byte b0[4], b1[4], *kp; | 339 | u4byte b0[4], b1[4], *kp; |
@@ -380,7 +380,7 @@ rijndael_encrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) | |||
380 | 380 | ||
381 | void | 381 | void |
382 | rijndael_decrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) | 382 | rijndael_decrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) |
383 | { | 383 | { |
384 | u4byte b0[4], b1[4], *kp; | 384 | u4byte b0[4], b1[4], *kp; |
385 | u4byte k_len = ctx->k_len; | 385 | u4byte k_len = ctx->k_len; |
386 | u4byte *e_key = ctx->e_key; | 386 | u4byte *e_key = ctx->e_key; |
@@ -8,7 +8,7 @@ | |||
8 | * software must be clearly marked as such, and if the derived work is | 8 | * software must be clearly marked as such, and if the derived work is |
9 | * incompatible with the protocol description in the RFC file, it must be | 9 | * incompatible with the protocol description in the RFC file, it must be |
10 | * called by a name other than "ssh" or "Secure Shell". | 10 | * called by a name other than "ssh" or "Secure Shell". |
11 | * | 11 | * |
12 | * | 12 | * |
13 | * Copyright (c) 1999 Niels Provos. All rights reserved. | 13 | * Copyright (c) 1999 Niels Provos. All rights reserved. |
14 | * | 14 | * |
@@ -308,7 +308,7 @@ main(argc, argv) | |||
308 | remin = STDIN_FILENO; | 308 | remin = STDIN_FILENO; |
309 | remout = STDOUT_FILENO; | 309 | remout = STDOUT_FILENO; |
310 | 310 | ||
311 | if (fflag) { | 311 | if (fflag) { |
312 | /* Follow "protocol", send data. */ | 312 | /* Follow "protocol", send data. */ |
313 | (void) response(); | 313 | (void) response(); |
314 | source(argc, argv); | 314 | source(argc, argv); |
@@ -1060,7 +1060,7 @@ allocbuf(bp, fd, blksize) | |||
1060 | size = blksize + (stb.st_blksize - blksize % stb.st_blksize) % | 1060 | size = blksize + (stb.st_blksize - blksize % stb.st_blksize) % |
1061 | stb.st_blksize; | 1061 | stb.st_blksize; |
1062 | #else /* HAVE_ST_BLKSIZE */ | 1062 | #else /* HAVE_ST_BLKSIZE */ |
1063 | size = blksize; | 1063 | size = blksize; |
1064 | #endif /* HAVE_ST_BLKSIZE */ | 1064 | #endif /* HAVE_ST_BLKSIZE */ |
1065 | if (bp->cnt >= size) | 1065 | if (bp->cnt >= size) |
1066 | return (bp); | 1066 | return (bp); |
diff --git a/servconf.c b/servconf.c index 5fa41e028..916215061 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -222,7 +222,7 @@ static struct { | |||
222 | { "port", sPort }, | 222 | { "port", sPort }, |
223 | { "hostkey", sHostKeyFile }, | 223 | { "hostkey", sHostKeyFile }, |
224 | { "hostdsakey", sHostKeyFile }, /* alias */ | 224 | { "hostdsakey", sHostKeyFile }, /* alias */ |
225 | { "pidfile", sPidFile }, | 225 | { "pidfile", sPidFile }, |
226 | { "serverkeybits", sServerKeyBits }, | 226 | { "serverkeybits", sServerKeyBits }, |
227 | { "logingracetime", sLoginGraceTime }, | 227 | { "logingracetime", sLoginGraceTime }, |
228 | { "keyregenerationinterval", sKeyRegenerationTime }, | 228 | { "keyregenerationinterval", sKeyRegenerationTime }, |
@@ -560,7 +560,7 @@ parse_flag: | |||
560 | case sXAuthLocation: | 560 | case sXAuthLocation: |
561 | charptr = &options->xauth_location; | 561 | charptr = &options->xauth_location; |
562 | goto parse_filename; | 562 | goto parse_filename; |
563 | 563 | ||
564 | case sStrictModes: | 564 | case sStrictModes: |
565 | intptr = &options->strict_modes; | 565 | intptr = &options->strict_modes; |
566 | goto parse_flag; | 566 | goto parse_flag; |
@@ -716,14 +716,14 @@ parse_flag: | |||
716 | case sBanner: | 716 | case sBanner: |
717 | charptr = &options->banner; | 717 | charptr = &options->banner; |
718 | goto parse_filename; | 718 | goto parse_filename; |
719 | 719 | ||
720 | default: | 720 | default: |
721 | fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n", | 721 | fprintf(stderr, "%s line %d: Missing handler for opcode %s (%d)\n", |
722 | filename, linenum, arg, opcode); | 722 | filename, linenum, arg, opcode); |
723 | exit(1); | 723 | exit(1); |
724 | } | 724 | } |
725 | if ((arg = strdelim(&cp)) != NULL && *arg != '\0') { | 725 | if ((arg = strdelim(&cp)) != NULL && *arg != '\0') { |
726 | fprintf(stderr, | 726 | fprintf(stderr, |
727 | "%s line %d: garbage at end of line; \"%.200s\".\n", | 727 | "%s line %d: garbage at end of line; \"%.200s\".\n", |
728 | filename, linenum, arg); | 728 | filename, linenum, arg); |
729 | exit(1); | 729 | exit(1); |
diff --git a/serverloop.c b/serverloop.c index 353733d31..5a567a252 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -162,7 +162,7 @@ make_packets_from_stdout_data() | |||
162 | } else { | 162 | } else { |
163 | /* Keep the packets at reasonable size. */ | 163 | /* Keep the packets at reasonable size. */ |
164 | if (len > packet_get_maxsize()) | 164 | if (len > packet_get_maxsize()) |
165 | len = packet_get_maxsize(); | 165 | len = packet_get_maxsize(); |
166 | } | 166 | } |
167 | packet_start(SSH_SMSG_STDOUT_DATA); | 167 | packet_start(SSH_SMSG_STDOUT_DATA); |
168 | packet_put_string(buffer_ptr(&stdout_buffer), len); | 168 | packet_put_string(buffer_ptr(&stdout_buffer), len); |
@@ -832,7 +832,7 @@ server_input_channel_open(int type, int plen, void *ctxt) | |||
832 | xfree(ctype); | 832 | xfree(ctype); |
833 | } | 833 | } |
834 | 834 | ||
835 | void | 835 | void |
836 | server_input_global_request(int type, int plen, void *ctxt) | 836 | server_input_global_request(int type, int plen, void *ctxt) |
837 | { | 837 | { |
838 | char *rtype; | 838 | char *rtype; |
@@ -842,7 +842,7 @@ server_input_global_request(int type, int plen, void *ctxt) | |||
842 | rtype = packet_get_string(NULL); | 842 | rtype = packet_get_string(NULL); |
843 | want_reply = packet_get_char(); | 843 | want_reply = packet_get_char(); |
844 | debug("server_input_global_request: rtype %s want_reply %d", rtype, want_reply); | 844 | debug("server_input_global_request: rtype %s want_reply %d", rtype, want_reply); |
845 | 845 | ||
846 | if (strcmp(rtype, "tcpip-forward") == 0) { | 846 | if (strcmp(rtype, "tcpip-forward") == 0) { |
847 | struct passwd *pw; | 847 | struct passwd *pw; |
848 | char *listen_address; | 848 | char *listen_address; |
@@ -62,7 +62,7 @@ RCSID("$OpenBSD: session.c,v 1.52 2001/02/03 10:08:37 markus Exp $"); | |||
62 | #endif /* WITH_IRIX_PROJECT */ | 62 | #endif /* WITH_IRIX_PROJECT */ |
63 | #ifdef WITH_IRIX_JOBS | 63 | #ifdef WITH_IRIX_JOBS |
64 | #include <sys/resource.h> | 64 | #include <sys/resource.h> |
65 | #endif | 65 | #endif |
66 | #ifdef WITH_IRIX_AUDIT | 66 | #ifdef WITH_IRIX_AUDIT |
67 | #include <sat.h> | 67 | #include <sat.h> |
68 | #endif /* WITH_IRIX_AUDIT */ | 68 | #endif /* WITH_IRIX_AUDIT */ |
@@ -150,7 +150,7 @@ extern int startup_pipe; | |||
150 | static char *xauthfile; | 150 | static char *xauthfile; |
151 | 151 | ||
152 | /* original command from peer. */ | 152 | /* original command from peer. */ |
153 | char *original_command = NULL; | 153 | char *original_command = NULL; |
154 | 154 | ||
155 | /* data */ | 155 | /* data */ |
156 | #define MAX_SESSIONS 10 | 156 | #define MAX_SESSIONS 10 |
@@ -874,11 +874,11 @@ void do_pam_environment(char ***env, int *envsize) | |||
874 | 874 | ||
875 | if ((pam_env = fetch_pam_environment()) == NULL) | 875 | if ((pam_env = fetch_pam_environment()) == NULL) |
876 | return; | 876 | return; |
877 | 877 | ||
878 | for(i = 0; pam_env[i] != NULL; i++) { | 878 | for(i = 0; pam_env[i] != NULL; i++) { |
879 | if ((equals = strstr(pam_env[i], "=")) == NULL) | 879 | if ((equals = strstr(pam_env[i], "=")) == NULL) |
880 | continue; | 880 | continue; |
881 | 881 | ||
882 | if (strlen(pam_env[i]) < (sizeof(var_name) - 1)) { | 882 | if (strlen(pam_env[i]) < (sizeof(var_name) - 1)) { |
883 | memset(var_name, '\0', sizeof(var_name)); | 883 | memset(var_name, '\0', sizeof(var_name)); |
884 | memset(var_val, '\0', sizeof(var_val)); | 884 | memset(var_val, '\0', sizeof(var_val)); |
@@ -904,7 +904,7 @@ void copy_environment(char ***env, int *envsize) | |||
904 | for(i = 0; environ[i] != NULL; i++) { | 904 | for(i = 0; environ[i] != NULL; i++) { |
905 | if ((equals = strstr(environ[i], "=")) == NULL) | 905 | if ((equals = strstr(environ[i], "=")) == NULL) |
906 | continue; | 906 | continue; |
907 | 907 | ||
908 | if (strlen(environ[i]) < (sizeof(var_name) - 1)) { | 908 | if (strlen(environ[i]) < (sizeof(var_name) - 1)) { |
909 | memset(var_name, '\0', sizeof(var_name)); | 909 | memset(var_name, '\0', sizeof(var_name)); |
910 | memset(var_val, '\0', sizeof(var_val)); | 910 | memset(var_val, '\0', sizeof(var_val)); |
@@ -1106,7 +1106,7 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
1106 | if (jid == -1) { | 1106 | if (jid == -1) { |
1107 | fatal("Failed to create job container: %.100s", | 1107 | fatal("Failed to create job container: %.100s", |
1108 | strerror(errno)); | 1108 | strerror(errno)); |
1109 | } | 1109 | } |
1110 | # endif /* WITH_IRIX_JOBS */ | 1110 | # endif /* WITH_IRIX_JOBS */ |
1111 | # ifdef WITH_IRIX_ARRAY | 1111 | # ifdef WITH_IRIX_ARRAY |
1112 | /* initialize array session */ | 1112 | /* initialize array session */ |
@@ -1384,7 +1384,7 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
1384 | fprintf(f, "add %s %s %s\n", display, | 1384 | fprintf(f, "add %s %s %s\n", display, |
1385 | auth_proto, auth_data); | 1385 | auth_proto, auth_data); |
1386 | #ifndef HAVE_CYGWIN /* Unix sockets are not supported */ | 1386 | #ifndef HAVE_CYGWIN /* Unix sockets are not supported */ |
1387 | if (screen != NULL) | 1387 | if (screen != NULL) |
1388 | fprintf(f, "add %.*s/unix%s %s %s\n", | 1388 | fprintf(f, "add %.*s/unix%s %s %s\n", |
1389 | (int)(screen-display), display, | 1389 | (int)(screen-display), display, |
1390 | screen, auth_proto, auth_data); | 1390 | screen, auth_proto, auth_data); |
@@ -1968,7 +1968,7 @@ session_close_by_channel(int id, void *arg) | |||
1968 | session_close(s); | 1968 | session_close(s); |
1969 | } else { | 1969 | } else { |
1970 | /* notify child, delay session cleanup */ | 1970 | /* notify child, delay session cleanup */ |
1971 | if (s->pid <= 1) | 1971 | if (s->pid <= 1) |
1972 | fatal("session_close_by_channel: Unsafe s->pid = %d", s->pid); | 1972 | fatal("session_close_by_channel: Unsafe s->pid = %d", s->pid); |
1973 | if (kill(s->pid, (s->ttyfd == -1) ? SIGTERM : SIGHUP) < 0) | 1973 | if (kill(s->pid, (s->ttyfd == -1) ? SIGTERM : SIGHUP) < 0) |
1974 | error("session_close_by_channel: kill %d: %s", | 1974 | error("session_close_by_channel: kill %d: %s", |
diff --git a/sftp-client.c b/sftp-client.c index 458d7364a..c64a43f7a 100644 --- a/sftp-client.c +++ b/sftp-client.c | |||
@@ -222,7 +222,7 @@ do_init(int fd_in, int fd_out) | |||
222 | 222 | ||
223 | get_msg(fd_in, &msg); | 223 | get_msg(fd_in, &msg); |
224 | 224 | ||
225 | /* Expecting a VERSION reply */ | 225 | /* Expecting a VERSION reply */ |
226 | if ((type = buffer_get_char(&msg)) != SSH2_FXP_VERSION) { | 226 | if ((type = buffer_get_char(&msg)) != SSH2_FXP_VERSION) { |
227 | error("Invalid packet back from SSH2_FXP_INIT (type %d)", | 227 | error("Invalid packet back from SSH2_FXP_INIT (type %d)", |
228 | type); | 228 | type); |
diff --git a/sftp-int.c b/sftp-int.c index bdb470b1c..9ec5b9712 100644 --- a/sftp-int.c +++ b/sftp-int.c | |||
@@ -130,10 +130,10 @@ local_do_shell(const char *args) | |||
130 | int ret, status; | 130 | int ret, status; |
131 | char *shell; | 131 | char *shell; |
132 | pid_t pid; | 132 | pid_t pid; |
133 | 133 | ||
134 | if (!*args) | 134 | if (!*args) |
135 | args = NULL; | 135 | args = NULL; |
136 | 136 | ||
137 | if ((shell = getenv("SHELL")) == NULL) | 137 | if ((shell = getenv("SHELL")) == NULL) |
138 | shell = _PATH_BSHELL; | 138 | shell = _PATH_BSHELL; |
139 | 139 | ||
@@ -149,7 +149,7 @@ local_do_shell(const char *args) | |||
149 | debug3("Executing %s", shell); | 149 | debug3("Executing %s", shell); |
150 | ret = execl(shell, shell, NULL); | 150 | ret = execl(shell, shell, NULL); |
151 | } | 151 | } |
152 | fprintf(stderr, "Couldn't execute \"%s\": %s\n", shell, | 152 | fprintf(stderr, "Couldn't execute \"%s\": %s\n", shell, |
153 | strerror(errno)); | 153 | strerror(errno)); |
154 | _exit(1); | 154 | _exit(1); |
155 | } | 155 | } |
@@ -161,7 +161,7 @@ local_do_shell(const char *args) | |||
161 | error("Shell exited with status %d", WEXITSTATUS(status)); | 161 | error("Shell exited with status %d", WEXITSTATUS(status)); |
162 | } | 162 | } |
163 | 163 | ||
164 | void | 164 | void |
165 | local_do_ls(const char *args) | 165 | local_do_ls(const char *args) |
166 | { | 166 | { |
167 | if (!args || !*args) | 167 | if (!args || !*args) |
@@ -367,7 +367,7 @@ parse_args(const char **cpp, int *pflag, unsigned long *n_arg, | |||
367 | if (get_pathname(&cp, path1)) | 367 | if (get_pathname(&cp, path1)) |
368 | return(-1); | 368 | return(-1); |
369 | if (*path1 == NULL) { | 369 | if (*path1 == NULL) { |
370 | error("You must specify a path after a %s command.", | 370 | error("You must specify a path after a %s command.", |
371 | cmd); | 371 | cmd); |
372 | return(-1); | 372 | return(-1); |
373 | } | 373 | } |
@@ -403,7 +403,7 @@ parse_args(const char **cpp, int *pflag, unsigned long *n_arg, | |||
403 | if (get_pathname(&cp, path1)) | 403 | if (get_pathname(&cp, path1)) |
404 | return(-1); | 404 | return(-1); |
405 | if (*path1 == NULL) { | 405 | if (*path1 == NULL) { |
406 | error("You must specify a path after a %s command.", | 406 | error("You must specify a path after a %s command.", |
407 | cmd); | 407 | cmd); |
408 | return(-1); | 408 | return(-1); |
409 | } | 409 | } |
diff --git a/sftp-server.c b/sftp-server.c index 0e0040094..51026de4e 100644 --- a/sftp-server.c +++ b/sftp-server.c | |||
@@ -207,7 +207,7 @@ handle_to_dir(int handle) | |||
207 | int | 207 | int |
208 | handle_to_fd(int handle) | 208 | handle_to_fd(int handle) |
209 | { | 209 | { |
210 | if (handle_is_ok(handle, HANDLE_FILE)) | 210 | if (handle_is_ok(handle, HANDLE_FILE)) |
211 | return handles[handle].fd; | 211 | return handles[handle].fd; |
212 | return -1; | 212 | return -1; |
213 | } | 213 | } |
@@ -616,7 +616,7 @@ process_opendir(void) | |||
616 | id = get_int(); | 616 | id = get_int(); |
617 | path = get_string(NULL); | 617 | path = get_string(NULL); |
618 | TRACE("opendir id %d path %s", id, path); | 618 | TRACE("opendir id %d path %s", id, path); |
619 | dirp = opendir(path); | 619 | dirp = opendir(path); |
620 | if (dirp == NULL) { | 620 | if (dirp == NULL) { |
621 | status = errno_to_portable(errno); | 621 | status = errno_to_portable(errno); |
622 | } else { | 622 | } else { |
@@ -627,7 +627,7 @@ process_opendir(void) | |||
627 | send_handle(id, handle); | 627 | send_handle(id, handle); |
628 | status = SSH2_FX_OK; | 628 | status = SSH2_FX_OK; |
629 | } | 629 | } |
630 | 630 | ||
631 | } | 631 | } |
632 | if (status != SSH2_FX_OK) | 632 | if (status != SSH2_FX_OK) |
633 | send_status(id, status); | 633 | send_status(id, status); |
@@ -932,7 +932,7 @@ main(int ac, char **av) | |||
932 | handle_init(); | 932 | handle_init(); |
933 | 933 | ||
934 | #ifdef DEBUG_SFTP_SERVER | 934 | #ifdef DEBUG_SFTP_SERVER |
935 | log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); | 935 | log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0); |
936 | #endif | 936 | #endif |
937 | 937 | ||
938 | in = dup(STDIN_FILENO); | 938 | in = dup(STDIN_FILENO); |
@@ -125,14 +125,14 @@ make_ssh_args(char *add_arg) | |||
125 | return(args); | 125 | return(args); |
126 | } | 126 | } |
127 | 127 | ||
128 | void | 128 | void |
129 | usage(void) | 129 | usage(void) |
130 | { | 130 | { |
131 | fprintf(stderr, "usage: sftp [-vC] [-osshopt=value] [user@]host\n"); | 131 | fprintf(stderr, "usage: sftp [-vC] [-osshopt=value] [user@]host\n"); |
132 | exit(1); | 132 | exit(1); |
133 | } | 133 | } |
134 | 134 | ||
135 | int | 135 | int |
136 | main(int argc, char **argv) | 136 | main(int argc, char **argv) |
137 | { | 137 | { |
138 | int in, out, i, debug_level, compress_flag; | 138 | int in, out, i, debug_level, compress_flag; |
@@ -253,7 +253,7 @@ main(int argc, char **argv) | |||
253 | __progname = get_progname(argv[0]); | 253 | __progname = get_progname(argv[0]); |
254 | init_rng(); | 254 | init_rng(); |
255 | 255 | ||
256 | SSLeay_add_all_algorithms(); | 256 | SSLeay_add_all_algorithms(); |
257 | 257 | ||
258 | /* At first, get a connection to the authentication agent. */ | 258 | /* At first, get a connection to the authentication agent. */ |
259 | ac = ssh_get_authentication_connection(); | 259 | ac = ssh_get_authentication_connection(); |
diff --git a/ssh-agent.c b/ssh-agent.c index deed3ecae..c23d73b7e 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -728,7 +728,7 @@ main(int ac, char **av) | |||
728 | 728 | ||
729 | __progname = get_progname(av[0]); | 729 | __progname = get_progname(av[0]); |
730 | init_rng(); | 730 | init_rng(); |
731 | 731 | ||
732 | #ifdef __GNU_LIBRARY__ | 732 | #ifdef __GNU_LIBRARY__ |
733 | while ((ch = getopt(ac, av, "+cks")) != -1) { | 733 | while ((ch = getopt(ac, av, "+cks")) != -1) { |
734 | #else /* __GNU_LIBRARY__ */ | 734 | #else /* __GNU_LIBRARY__ */ |
@@ -185,7 +185,7 @@ ssh_dss_verify( | |||
185 | memset(sigblob, 0, len); | 185 | memset(sigblob, 0, len); |
186 | xfree(sigblob); | 186 | xfree(sigblob); |
187 | } | 187 | } |
188 | 188 | ||
189 | /* sha1 the data */ | 189 | /* sha1 the data */ |
190 | dlen = evp_md->md_size; | 190 | dlen = evp_md->md_size; |
191 | digest = xmalloc(dlen); | 191 | digest = xmalloc(dlen); |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 9f519e596..1f7e96766 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -128,7 +128,7 @@ try_load_key(char *filename, Key *k) | |||
128 | #define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----" | 128 | #define SSH_COM_PUBLIC_BEGIN "---- BEGIN SSH2 PUBLIC KEY ----" |
129 | #define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----" | 129 | #define SSH_COM_PUBLIC_END "---- END SSH2 PUBLIC KEY ----" |
130 | #define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----" | 130 | #define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----" |
131 | #define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb | 131 | #define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb |
132 | 132 | ||
133 | void | 133 | void |
134 | do_convert_to_ssh2(struct passwd *pw) | 134 | do_convert_to_ssh2(struct passwd *pw) |
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index f753ce821..4c8fcc051 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
@@ -509,7 +509,7 @@ conloop(void) | |||
509 | c = tq.tqh_first; | 509 | c = tq.tqh_first; |
510 | while (c && | 510 | while (c && |
511 | (c->c_tv.tv_sec < now.tv_sec || | 511 | (c->c_tv.tv_sec < now.tv_sec || |
512 | (c->c_tv.tv_sec == now.tv_sec && c->c_tv.tv_usec < now.tv_usec))) { | 512 | (c->c_tv.tv_sec == now.tv_sec && c->c_tv.tv_usec < now.tv_usec))) { |
513 | int s = c->c_fd; | 513 | int s = c->c_fd; |
514 | c = c->c_link.tqe_next; | 514 | c = c->c_link.tqe_next; |
515 | conrecycle(s); | 515 | conrecycle(s); |
@@ -156,7 +156,7 @@ usage() | |||
156 | #ifdef AFS | 156 | #ifdef AFS |
157 | fprintf(stderr, " -k Disable Kerberos ticket and AFS token forwarding.\n"); | 157 | fprintf(stderr, " -k Disable Kerberos ticket and AFS token forwarding.\n"); |
158 | #endif /* AFS */ | 158 | #endif /* AFS */ |
159 | fprintf(stderr, " -X Enable X11 connection forwarding.\n"); | 159 | fprintf(stderr, " -X Enable X11 connection forwarding.\n"); |
160 | fprintf(stderr, " -x Disable X11 connection forwarding.\n"); | 160 | fprintf(stderr, " -x Disable X11 connection forwarding.\n"); |
161 | fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n"); | 161 | fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n"); |
162 | fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); | 162 | fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); |
@@ -1035,7 +1035,7 @@ ssh_session2(void) | |||
1035 | 1035 | ||
1036 | /* XXX should be pre-session */ | 1036 | /* XXX should be pre-session */ |
1037 | ssh_init_forwarding(); | 1037 | ssh_init_forwarding(); |
1038 | 1038 | ||
1039 | /* If requested, let ssh continue in the background. */ | 1039 | /* If requested, let ssh continue in the background. */ |
1040 | if (fork_after_authentication_flag) | 1040 | if (fork_after_authentication_flag) |
1041 | if (daemon(1, 1) < 0) | 1041 | if (daemon(1, 1) < 0) |
diff --git a/sshconnect.c b/sshconnect.c index 2a2aa98e7..a10a689df 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -328,7 +328,7 @@ ssh_exchange_identification() | |||
328 | int remote_major, remote_minor, i, mismatch; | 328 | int remote_major, remote_minor, i, mismatch; |
329 | int connection_in = packet_get_connection_in(); | 329 | int connection_in = packet_get_connection_in(); |
330 | int connection_out = packet_get_connection_out(); | 330 | int connection_out = packet_get_connection_out(); |
331 | int minor1 = PROTOCOL_MINOR_1; | 331 | int minor1 = PROTOCOL_MINOR_1; |
332 | 332 | ||
333 | /* Read other side\'s version identification. */ | 333 | /* Read other side\'s version identification. */ |
334 | for (;;) { | 334 | for (;;) { |
@@ -688,7 +688,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
688 | error("X11 forwarding is disabled to avoid trojan horses."); | 688 | error("X11 forwarding is disabled to avoid trojan horses."); |
689 | options.forward_x11 = 0; | 689 | options.forward_x11 = 0; |
690 | } | 690 | } |
691 | if (options.num_local_forwards > 0 || options.num_remote_forwards > 0) { | 691 | if (options.num_local_forwards > 0 || options.num_remote_forwards > 0) { |
692 | error("Port forwarding is disabled to avoid trojan horses."); | 692 | error("Port forwarding is disabled to avoid trojan horses."); |
693 | options.num_local_forwards = options.num_remote_forwards = 0; | 693 | options.num_local_forwards = options.num_remote_forwards = 0; |
694 | } | 694 | } |
diff --git a/sshconnect2.c b/sshconnect2.c index 1d911b9bb..6bd524e0b 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -145,7 +145,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) | |||
145 | /* diffie-hellman-group1-sha1 */ | 145 | /* diffie-hellman-group1-sha1 */ |
146 | 146 | ||
147 | void | 147 | void |
148 | ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr, | 148 | ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr, |
149 | Buffer *client_kexinit, Buffer *server_kexinit) | 149 | Buffer *client_kexinit, Buffer *server_kexinit) |
150 | { | 150 | { |
151 | #ifdef DEBUG_KEXDH | 151 | #ifdef DEBUG_KEXDH |
@@ -281,7 +281,7 @@ ssh_dh1_client(Kex *kex, char *host, struct sockaddr *hostaddr, | |||
281 | int | 281 | int |
282 | dh_estimate(int bits) | 282 | dh_estimate(int bits) |
283 | { | 283 | { |
284 | 284 | ||
285 | if (bits < 64) | 285 | if (bits < 64) |
286 | return (512); /* O(2**63) */ | 286 | return (512); /* O(2**63) */ |
287 | if (bits < 128) | 287 | if (bits < 128) |
@@ -416,7 +416,7 @@ ssh_dhgex_client(Kex *kex, char *host, struct sockaddr *hostaddr, | |||
416 | buffer_ptr(client_kexinit), buffer_len(client_kexinit), | 416 | buffer_ptr(client_kexinit), buffer_len(client_kexinit), |
417 | buffer_ptr(server_kexinit), buffer_len(server_kexinit), | 417 | buffer_ptr(server_kexinit), buffer_len(server_kexinit), |
418 | server_host_key_blob, sbloblen, | 418 | server_host_key_blob, sbloblen, |
419 | nbits, dh->p, dh->g, | 419 | nbits, dh->p, dh->g, |
420 | dh->pub_key, | 420 | dh->pub_key, |
421 | dh_server_pub, | 421 | dh_server_pub, |
422 | shared_secret | 422 | shared_secret |
@@ -608,7 +608,7 @@ input_userauth_failure(int type, int plen, void *ctxt) | |||
608 | for (;;) { | 608 | for (;;) { |
609 | method = authmethod_get(authlist); | 609 | method = authmethod_get(authlist); |
610 | if (method == NULL) | 610 | if (method == NULL) |
611 | fatal("Unable to find an authentication method"); | 611 | fatal("Unable to find an authentication method"); |
612 | authctxt->method = method; | 612 | authctxt->method = method; |
613 | if (method->userauth(authctxt) != 0) { | 613 | if (method->userauth(authctxt) != 0) { |
614 | debug2("we sent a %s packet, wait for reply", method->name); | 614 | debug2("we sent a %s packet, wait for reply", method->name); |
@@ -617,7 +617,7 @@ input_userauth_failure(int type, int plen, void *ctxt) | |||
617 | debug2("we did not send a packet, disable method"); | 617 | debug2("we did not send a packet, disable method"); |
618 | method->enabled = NULL; | 618 | method->enabled = NULL; |
619 | } | 619 | } |
620 | } | 620 | } |
621 | xfree(authlist); | 621 | xfree(authlist); |
622 | } | 622 | } |
623 | 623 | ||
@@ -683,7 +683,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback) | |||
683 | buffer_init(&b); | 683 | buffer_init(&b); |
684 | if (datafellows & SSH_OLD_SESSIONID) { | 684 | if (datafellows & SSH_OLD_SESSIONID) { |
685 | buffer_append(&b, session_id2, session_id2_len); | 685 | buffer_append(&b, session_id2, session_id2_len); |
686 | skip = session_id2_len; | 686 | skip = session_id2_len; |
687 | } else { | 687 | } else { |
688 | buffer_put_string(&b, session_id2, session_id2_len); | 688 | buffer_put_string(&b, session_id2, session_id2_len); |
689 | skip = buffer_len(&b); | 689 | skip = buffer_len(&b); |
@@ -699,7 +699,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback) | |||
699 | } else { | 699 | } else { |
700 | buffer_put_cstring(&b, authctxt->method->name); | 700 | buffer_put_cstring(&b, authctxt->method->name); |
701 | buffer_put_char(&b, have_sig); | 701 | buffer_put_char(&b, have_sig); |
702 | buffer_put_cstring(&b, key_ssh_name(k)); | 702 | buffer_put_cstring(&b, key_ssh_name(k)); |
703 | } | 703 | } |
704 | buffer_put_string(&b, blob, bloblen); | 704 | buffer_put_string(&b, blob, bloblen); |
705 | 705 | ||
@@ -722,7 +722,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback) | |||
722 | buffer_put_cstring(&b, authctxt->method->name); | 722 | buffer_put_cstring(&b, authctxt->method->name); |
723 | buffer_put_char(&b, have_sig); | 723 | buffer_put_char(&b, have_sig); |
724 | if (!(datafellows & SSH_BUG_PKAUTH)) | 724 | if (!(datafellows & SSH_BUG_PKAUTH)) |
725 | buffer_put_cstring(&b, key_ssh_name(k)); | 725 | buffer_put_cstring(&b, key_ssh_name(k)); |
726 | buffer_put_string(&b, blob, bloblen); | 726 | buffer_put_string(&b, blob, bloblen); |
727 | } | 727 | } |
728 | xfree(blob); | 728 | xfree(blob); |
@@ -1011,14 +1011,14 @@ authmethod_lookup(const char *name) | |||
1011 | * use a built-in default list. If the server sends a nil list after | 1011 | * use a built-in default list. If the server sends a nil list after |
1012 | * previously sending a valid list, continue using the list originally | 1012 | * previously sending a valid list, continue using the list originally |
1013 | * sent. | 1013 | * sent. |
1014 | */ | 1014 | */ |
1015 | 1015 | ||
1016 | Authmethod * | 1016 | Authmethod * |
1017 | authmethod_get(char *authlist) | 1017 | authmethod_get(char *authlist) |
1018 | { | 1018 | { |
1019 | char *name = NULL, *authname_old; | 1019 | char *name = NULL, *authname_old; |
1020 | Authmethod *method = NULL; | 1020 | Authmethod *method = NULL; |
1021 | 1021 | ||
1022 | /* Use a suitable default if we're passed a nil list. */ | 1022 | /* Use a suitable default if we're passed a nil list. */ |
1023 | if (authlist == NULL || strlen(authlist) == 0) | 1023 | if (authlist == NULL || strlen(authlist) == 0) |
1024 | authlist = def_authlist; | 1024 | authlist = def_authlist; |
@@ -429,7 +429,7 @@ destroy_sensitive_data(void) | |||
429 | key_free(sensitive_data.server_key); | 429 | key_free(sensitive_data.server_key); |
430 | sensitive_data.server_key = NULL; | 430 | sensitive_data.server_key = NULL; |
431 | } | 431 | } |
432 | for(i = 0; i < options.num_host_key_files; i++) { | 432 | for(i = 0; i < options.num_host_key_files; i++) { |
433 | if (sensitive_data.host_keys[i]) { | 433 | if (sensitive_data.host_keys[i]) { |
434 | key_free(sensitive_data.host_keys[i]); | 434 | key_free(sensitive_data.host_keys[i]); |
435 | sensitive_data.host_keys[i] = NULL; | 435 | sensitive_data.host_keys[i] = NULL; |
@@ -983,7 +983,7 @@ main(int ac, char **av) | |||
983 | startups++; | 983 | startups++; |
984 | break; | 984 | break; |
985 | } | 985 | } |
986 | 986 | ||
987 | /* | 987 | /* |
988 | * Got connection. Fork a child to handle it, unless | 988 | * Got connection. Fork a child to handle it, unless |
989 | * we are in debugging mode. | 989 | * we are in debugging mode. |
@@ -1507,7 +1507,7 @@ ssh_dh1_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit) | |||
1507 | fprintf(stderr, "\npub= "); | 1507 | fprintf(stderr, "\npub= "); |
1508 | BN_print_fp(stderr, dh->pub_key); | 1508 | BN_print_fp(stderr, dh->pub_key); |
1509 | fprintf(stderr, "\n"); | 1509 | fprintf(stderr, "\n"); |
1510 | DHparams_print_fp(stderr, dh); | 1510 | DHparams_print_fp(stderr, dh); |
1511 | #endif | 1511 | #endif |
1512 | if (!dh_pub_is_valid(dh, dh_client_pub)) | 1512 | if (!dh_pub_is_valid(dh, dh_client_pub)) |
1513 | packet_disconnect("bad client public DH value"); | 1513 | packet_disconnect("bad client public DH value"); |
@@ -1650,7 +1650,7 @@ ssh_dhgex_server(Kex *kex, Buffer *client_kexinit, Buffer *server_kexinit) | |||
1650 | fprintf(stderr, "\npub= "); | 1650 | fprintf(stderr, "\npub= "); |
1651 | BN_print_fp(stderr, dh->pub_key); | 1651 | BN_print_fp(stderr, dh->pub_key); |
1652 | fprintf(stderr, "\n"); | 1652 | fprintf(stderr, "\n"); |
1653 | DHparams_print_fp(stderr, dh); | 1653 | DHparams_print_fp(stderr, dh); |
1654 | #endif | 1654 | #endif |
1655 | if (!dh_pub_is_valid(dh, dh_client_pub)) | 1655 | if (!dh_pub_is_valid(dh, dh_client_pub)) |
1656 | packet_disconnect("bad client public DH value"); | 1656 | packet_disconnect("bad client public DH value"); |
@@ -4,7 +4,7 @@ | |||
4 | * All rights reserved | 4 | * All rights reserved |
5 | * Versions of malloc and friends that check their results, and never return | 5 | * Versions of malloc and friends that check their results, and never return |
6 | * failure (they call fatal if they encounter an error). | 6 | * failure (they call fatal if they encounter an error). |
7 | * | 7 | * |
8 | * As far as I am concerned, the code I have written for this software | 8 | * As far as I am concerned, the code I have written for this software |
9 | * can be used freely for any purpose. Any derived versions of this | 9 | * can be used freely for any purpose. Any derived versions of this |
10 | * software must be clearly marked as such, and if the derived work is | 10 | * software must be clearly marked as such, and if the derived work is |