diff options
-rw-r--r-- | clientloop.c | 4 | ||||
-rw-r--r-- | kex.h | 5 | ||||
-rw-r--r-- | opacket.h | 8 | ||||
-rw-r--r-- | packet.c | 21 | ||||
-rw-r--r-- | packet.h | 3 | ||||
-rw-r--r-- | pathnames.h | 3 | ||||
-rw-r--r-- | ssh.h | 4 | ||||
-rw-r--r-- | ssh_config.5 | 9 | ||||
-rw-r--r-- | sshkey.h | 4 |
9 files changed, 12 insertions, 49 deletions
diff --git a/clientloop.c b/clientloop.c index dbc2c85c6..367b682ff 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: clientloop.c,v 1.295 2017/04/30 23:28:41 djm Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.296 2017/05/03 21:08:09 naddy Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -942,7 +942,7 @@ print_escape_help(Buffer *b, int escape_char, int mux_client, int using_stderr) | |||
942 | } | 942 | } |
943 | 943 | ||
944 | /* | 944 | /* |
945 | * Process the characters one by one, call with c==NULL for proto1 case. | 945 | * Process the characters one by one. |
946 | */ | 946 | */ |
947 | static int | 947 | static int |
948 | process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr, | 948 | process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr, |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.81 2016/09/28 21:44:52 djm Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.82 2017/05/03 21:08:09 naddy Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -225,9 +225,6 @@ int kexc25519_shared_key(const u_char key[CURVE25519_SIZE], | |||
225 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | 225 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
226 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); | 226 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
227 | 227 | ||
228 | int | ||
229 | derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); | ||
230 | |||
231 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) | 228 | #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH) |
232 | void dump_digest(char *, u_char *, int); | 229 | void dump_digest(char *, u_char *, int); |
233 | #endif | 230 | #endif |
@@ -6,7 +6,6 @@ void ssh_packet_start(struct ssh *, u_char); | |||
6 | void ssh_packet_put_char(struct ssh *, int ch); | 6 | void ssh_packet_put_char(struct ssh *, int ch); |
7 | void ssh_packet_put_int(struct ssh *, u_int value); | 7 | void ssh_packet_put_int(struct ssh *, u_int value); |
8 | void ssh_packet_put_int64(struct ssh *, u_int64_t value); | 8 | void ssh_packet_put_int64(struct ssh *, u_int64_t value); |
9 | void ssh_packet_put_bignum(struct ssh *, BIGNUM * value); | ||
10 | void ssh_packet_put_bignum2(struct ssh *, BIGNUM * value); | 9 | void ssh_packet_put_bignum2(struct ssh *, BIGNUM * value); |
11 | void ssh_packet_put_ecpoint(struct ssh *, const EC_GROUP *, const EC_POINT *); | 10 | void ssh_packet_put_ecpoint(struct ssh *, const EC_GROUP *, const EC_POINT *); |
12 | void ssh_packet_put_string(struct ssh *, const void *buf, u_int len); | 11 | void ssh_packet_put_string(struct ssh *, const void *buf, u_int len); |
@@ -17,7 +16,6 @@ void ssh_packet_send(struct ssh *); | |||
17 | u_int ssh_packet_get_char(struct ssh *); | 16 | u_int ssh_packet_get_char(struct ssh *); |
18 | u_int ssh_packet_get_int(struct ssh *); | 17 | u_int ssh_packet_get_int(struct ssh *); |
19 | u_int64_t ssh_packet_get_int64(struct ssh *); | 18 | u_int64_t ssh_packet_get_int64(struct ssh *); |
20 | void ssh_packet_get_bignum(struct ssh *, BIGNUM * value); | ||
21 | void ssh_packet_get_bignum2(struct ssh *, BIGNUM * value); | 19 | void ssh_packet_get_bignum2(struct ssh *, BIGNUM * value); |
22 | void ssh_packet_get_ecpoint(struct ssh *, const EC_GROUP *, EC_POINT *); | 20 | void ssh_packet_get_ecpoint(struct ssh *, const EC_GROUP *, EC_POINT *); |
23 | void *ssh_packet_get_string(struct ssh *, u_int *length_ptr); | 21 | void *ssh_packet_get_string(struct ssh *, u_int *length_ptr); |
@@ -62,8 +60,6 @@ void packet_read_expect(int expected_type); | |||
62 | ssh_packet_get_protocol_flags(active_state) | 60 | ssh_packet_get_protocol_flags(active_state) |
63 | #define packet_start_compression(level) \ | 61 | #define packet_start_compression(level) \ |
64 | ssh_packet_start_compression(active_state, (level)) | 62 | ssh_packet_start_compression(active_state, (level)) |
65 | #define packet_set_encryption_key(key, keylen, number) \ | ||
66 | ssh_packet_set_encryption_key(active_state, (key), (keylen), (number)) | ||
67 | #define packet_start(type) \ | 63 | #define packet_start(type) \ |
68 | ssh_packet_start(active_state, (type)) | 64 | ssh_packet_start(active_state, (type)) |
69 | #define packet_put_char(value) \ | 65 | #define packet_put_char(value) \ |
@@ -78,8 +74,6 @@ void packet_read_expect(int expected_type); | |||
78 | ssh_packet_put_cstring(active_state, (str)) | 74 | ssh_packet_put_cstring(active_state, (str)) |
79 | #define packet_put_raw(buf, len) \ | 75 | #define packet_put_raw(buf, len) \ |
80 | ssh_packet_put_raw(active_state, (buf), (len)) | 76 | ssh_packet_put_raw(active_state, (buf), (len)) |
81 | #define packet_put_bignum(value) \ | ||
82 | ssh_packet_put_bignum(active_state, (value)) | ||
83 | #define packet_put_bignum2(value) \ | 77 | #define packet_put_bignum2(value) \ |
84 | ssh_packet_put_bignum2(active_state, (value)) | 78 | ssh_packet_put_bignum2(active_state, (value)) |
85 | #define packet_send() \ | 79 | #define packet_send() \ |
@@ -88,8 +82,6 @@ void packet_read_expect(int expected_type); | |||
88 | ssh_packet_read(active_state) | 82 | ssh_packet_read(active_state) |
89 | #define packet_get_int64() \ | 83 | #define packet_get_int64() \ |
90 | ssh_packet_get_int64(active_state) | 84 | ssh_packet_get_int64(active_state) |
91 | #define packet_get_bignum(value) \ | ||
92 | ssh_packet_get_bignum(active_state, (value)) | ||
93 | #define packet_get_bignum2(value) \ | 85 | #define packet_get_bignum2(value) \ |
94 | ssh_packet_get_bignum2(active_state, (value)) | 86 | ssh_packet_get_bignum2(active_state, (value)) |
95 | #define packet_remaining() \ | 87 | #define packet_remaining() \ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.c,v 1.252 2017/04/30 23:28:42 djm Exp $ */ | 1 | /* $OpenBSD: packet.c,v 1.253 2017/05/03 21:08:09 naddy Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -184,10 +184,6 @@ struct session_state { | |||
184 | u_int32_t rekey_interval; /* how often in seconds */ | 184 | u_int32_t rekey_interval; /* how often in seconds */ |
185 | time_t rekey_time; /* time of last rekeying */ | 185 | time_t rekey_time; /* time of last rekeying */ |
186 | 186 | ||
187 | /* Session key for protocol v1 */ | ||
188 | u_char ssh1_key[SSH_SESSION_KEY_LENGTH]; | ||
189 | u_int ssh1_keylen; | ||
190 | |||
191 | /* roundup current message to extra_pad bytes */ | 187 | /* roundup current message to extra_pad bytes */ |
192 | u_char extra_pad; | 188 | u_char extra_pad; |
193 | 189 | ||
@@ -278,8 +274,7 @@ ssh_packet_is_rekeying(struct ssh *ssh) | |||
278 | } | 274 | } |
279 | 275 | ||
280 | /* | 276 | /* |
281 | * Sets the descriptors used for communication. Disables encryption until | 277 | * Sets the descriptors used for communication. |
282 | * packet_set_encryption_key is called. | ||
283 | */ | 278 | */ |
284 | struct ssh * | 279 | struct ssh * |
285 | ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out) | 280 | ssh_packet_set_connection(struct ssh *ssh, int fd_in, int fd_out) |
@@ -796,18 +791,6 @@ uncompress_buffer(struct ssh *ssh, struct sshbuf *in, struct sshbuf *out) | |||
796 | /* NOTREACHED */ | 791 | /* NOTREACHED */ |
797 | } | 792 | } |
798 | 793 | ||
799 | /* | ||
800 | * Causes any further packets to be encrypted using the given key. The same | ||
801 | * key is used for both sending and reception. However, both directions are | ||
802 | * encrypted independently of each other. | ||
803 | */ | ||
804 | |||
805 | void | ||
806 | ssh_packet_set_encryption_key(struct ssh *ssh, const u_char *key, u_int keylen, int number) | ||
807 | { | ||
808 | fatal("no SSH protocol 1 support"); | ||
809 | } | ||
810 | |||
811 | int | 794 | int |
812 | ssh_set_newkeys(struct ssh *ssh, int mode) | 795 | ssh_set_newkeys(struct ssh *ssh, int mode) |
813 | { | 796 | { |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: packet.h,v 1.78 2017/04/30 23:23:54 djm Exp $ */ | 1 | /* $OpenBSD: packet.h,v 1.79 2017/05/03 21:08:09 naddy Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -93,7 +93,6 @@ void ssh_packet_set_nonblocking(struct ssh *); | |||
93 | int ssh_packet_get_connection_in(struct ssh *); | 93 | int ssh_packet_get_connection_in(struct ssh *); |
94 | int ssh_packet_get_connection_out(struct ssh *); | 94 | int ssh_packet_get_connection_out(struct ssh *); |
95 | void ssh_packet_close(struct ssh *); | 95 | void ssh_packet_close(struct ssh *); |
96 | void ssh_packet_set_encryption_key(struct ssh *, const u_char *, u_int, int); | ||
97 | void ssh_packet_set_input_hook(struct ssh *, ssh_packet_hook_fn *, void *); | 96 | void ssh_packet_set_input_hook(struct ssh *, ssh_packet_hook_fn *, void *); |
98 | 97 | ||
99 | int ssh_packet_is_rekeying(struct ssh *); | 98 | int ssh_packet_is_rekeying(struct ssh *); |
diff --git a/pathnames.h b/pathnames.h index a8deb9fc6..cff672e2f 100644 --- a/pathnames.h +++ b/pathnames.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: pathnames.h,v 1.25 2016/03/31 05:24:06 dtucker Exp $ */ | 1 | /* $OpenBSD: pathnames.h,v 1.26 2017/05/03 21:08:09 naddy Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -36,7 +36,6 @@ | |||
36 | */ | 36 | */ |
37 | #define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config" | 37 | #define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config" |
38 | #define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config" | 38 | #define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config" |
39 | #define _PATH_HOST_KEY_FILE SSHDIR "/ssh_host_key" | ||
40 | #define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" | 39 | #define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" |
41 | #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" | 40 | #define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key" |
42 | #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" | 41 | #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.h,v 1.85 2017/04/30 23:28:12 djm Exp $ */ | 1 | /* $OpenBSD: ssh.h,v 1.86 2017/05/03 21:08:09 naddy Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -47,7 +47,7 @@ | |||
47 | #define PROTOCOL_MAJOR_1 1 | 47 | #define PROTOCOL_MAJOR_1 1 |
48 | #define PROTOCOL_MINOR_1 5 | 48 | #define PROTOCOL_MINOR_1 5 |
49 | 49 | ||
50 | /* We support both SSH2 */ | 50 | /* We support only SSH2 */ |
51 | #define PROTOCOL_MAJOR_2 2 | 51 | #define PROTOCOL_MAJOR_2 2 |
52 | #define PROTOCOL_MINOR_2 0 | 52 | #define PROTOCOL_MINOR_2 0 |
53 | 53 | ||
diff --git a/ssh_config.5 b/ssh_config.5 index a565f330d..e8e51d2cb 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.245 2017/04/30 23:18:22 djm Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.246 2017/05/03 21:08:09 naddy Exp $ |
37 | .Dd $Mdocdate: April 30 2017 $ | 37 | .Dd $Mdocdate: May 3 2017 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -1564,11 +1564,6 @@ If set to | |||
1564 | .Cm yes , | 1564 | .Cm yes , |
1565 | .Xr ssh 1 | 1565 | .Xr ssh 1 |
1566 | must be setuid root. | 1566 | must be setuid root. |
1567 | Note that this option must be set to | ||
1568 | .Cm yes | ||
1569 | for | ||
1570 | .Cm RhostsRSAAuthentication | ||
1571 | with older servers. | ||
1572 | .It Cm User | 1567 | .It Cm User |
1573 | Specifies the user to log in as. | 1568 | Specifies the user to log in as. |
1574 | This can be useful when a different user name is used on different machines. | 1569 | This can be useful when a different user name is used on different machines. |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.h,v 1.16 2017/04/30 23:18:44 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.h,v 1.17 2017/05/03 21:08:09 naddy Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -184,8 +184,6 @@ int sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **keyp); | |||
184 | int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, | 184 | int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, |
185 | const char *passphrase, const char *comment, | 185 | const char *passphrase, const char *comment, |
186 | int force_new_format, const char *new_format_cipher, int new_format_rounds); | 186 | int force_new_format, const char *new_format_cipher, int new_format_rounds); |
187 | int sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, | ||
188 | struct sshkey **keyp, char **commentp); | ||
189 | int sshkey_parse_private_fileblob(struct sshbuf *buffer, | 187 | int sshkey_parse_private_fileblob(struct sshbuf *buffer, |
190 | const char *passphrase, struct sshkey **keyp, char **commentp); | 188 | const char *passphrase, struct sshkey **keyp, char **commentp); |
191 | int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, | 189 | int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, |