12 files changed, 165 insertions, 79 deletions

diff --git a/ChangeLog b/ChangeLog
index 2fbc1f249..17c0aec65 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,8 +1,24 @@
+20000721
+ - (djm) OpenBSD CVS updates:
+   - markus@cvs.openbsd.org  2000/07/16 02:27:22
+     [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c]
+     [sshconnect1.c sshconnect2.c]
+     make ssh-add accept dsa keys (the agent does not)
+   - djm@cvs.openbsd.org     2000/07/17 19:25:02
+     [sshd.c]
+     Another closing of stdin; ok deraadt
+   - markus@cvs.openbsd.org  2000/07/19 18:33:12
+     [dsa.c]
+     missing free, reorder
+   - markus@cvs.openbsd.org  2000/07/20 16:23:14
+     [ssh-keygen.1]
+     document input and output files
+
 20000720
- - Spec file fix from Petr Novotny <Petr.Novotny@antek.cz>
+ - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz>
 
 20000716
- - Release 2.1.1p4
+ - (djm) Release 2.1.1p4
 
 20000715
  - (djm) OpenBSD CVS updates
diff --git a/authfd.c b/authfd.c
index 69fe2ae41..227c99286 100644
--- a/authfd.c
+++ b/authfd.c
@@ -14,17 +14,21 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.21 2000/06/26 09:22:29 markus Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.22 2000/07/16 08:27:20 markus Exp $");
 
 #include "ssh.h"
 #include "rsa.h"
-#include "authfd.h"
 #include "buffer.h"
 #include "bufaux.h"
 #include "xmalloc.h"
 #include "getput.h"
 
 #include <openssl/rsa.h>
+#include <openssl/dsa.h>
+#include <openssl/evp.h>
+#include "key.h"
+#include "authfd.h"
+#include "kex.h"
 
 /* helper */
 int ssh_agent_get_reply(AuthenticationConnection *auth);
@@ -138,10 +142,7 @@ ssh_get_first_identity(AuthenticationConnection *auth,
          * Send a message to the agent requesting for a list of the
          * identities it can represent.
          */
-        msg[0] = 0;
-        msg[1] = 0;
-        msg[2] = 0;
-        msg[3] = 1;
+        PUT_32BIT(msg, 1);
         msg[4] = SSH_AGENTC_REQUEST_RSA_IDENTITIES;
         if (atomicio(write, auth->fd, msg, 5) != 5) {
                 error("write auth->fd: %.100s", strerror(errno));
@@ -336,31 +337,64 @@ error_cleanup:
         return 1;
 }
 
+/* Encode key for a message to the agent. */
+
+void
+ssh_encode_identity_rsa(Buffer *b, RSA *key, const char *comment)
+{
+        buffer_clear(b);
+        buffer_put_char(b, SSH_AGENTC_ADD_RSA_IDENTITY);
+        buffer_put_int(b, BN_num_bits(key->n));
+        buffer_put_bignum(b, key->n);
+        buffer_put_bignum(b, key->e);
+        buffer_put_bignum(b, key->d);
+        /* To keep within the protocol: p < q for ssh. in SSL p > q */
+        buffer_put_bignum(b, key->iqmp);        /* ssh key->u */
+        buffer_put_bignum(b, key->q);   /* ssh key->p, SSL key->q */
+        buffer_put_bignum(b, key->p);   /* ssh key->q, SSL key->p */
+        buffer_put_string(b, comment, strlen(comment));
+}
+
+void
+ssh_encode_identity_dsa(Buffer *b, DSA *key, const char *comment)
+{
+        buffer_clear(b);
+        buffer_put_char(b, SSH2_AGENTC_ADD_IDENTITY);
+        buffer_put_cstring(b, KEX_DSS);
+        buffer_put_bignum2(b, key->p);
+        buffer_put_bignum2(b, key->q);
+        buffer_put_bignum2(b, key->g);
+        buffer_put_bignum2(b, key->pub_key);
+        buffer_put_bignum2(b, key->priv_key);
+        buffer_put_string(b, comment, strlen(comment));
+}
+
 /*
  * Adds an identity to the authentication server.  This call is not meant to
  * be used by normal applications.
  */
 
 int
-ssh_add_identity(AuthenticationConnection *auth,
-                 RSA * key, const char *comment)
+ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment)
 {
         Buffer buffer;
         unsigned char buf[8192];
         int len;
 
-        /* Format a message to the agent. */
         buffer_init(&buffer);
-        buffer_put_char(&buffer, SSH_AGENTC_ADD_RSA_IDENTITY);
-        buffer_put_int(&buffer, BN_num_bits(key->n));
-        buffer_put_bignum(&buffer, key->n);
-        buffer_put_bignum(&buffer, key->e);
-        buffer_put_bignum(&buffer, key->d);
-        /* To keep within the protocol: p < q for ssh. in SSL p > q */
-        buffer_put_bignum(&buffer, key->iqmp);  /* ssh key->u */
-        buffer_put_bignum(&buffer, key->q);     /* ssh key->p, SSL key->q */
-        buffer_put_bignum(&buffer, key->p);     /* ssh key->q, SSL key->p */
-        buffer_put_string(&buffer, comment, strlen(comment));
+
+        switch (key->type) {
+        case KEY_RSA:
+                ssh_encode_identity_rsa(&buffer, key->rsa, comment);
+                break;
+        case KEY_DSA:
+                ssh_encode_identity_dsa(&buffer, key->dsa, comment);
+                break;
+        default:
+                buffer_free(&buffer);
+                return 0;
+                break;
+        }
 
         /* Get the length of the message, and format it in the buffer. */
         len = buffer_len(&buffer);
@@ -487,6 +521,7 @@ ssh_agent_get_reply(AuthenticationConnection *auth)
         buffer_free(&buffer);
         switch (type) {
         case SSH_AGENT_FAILURE:
+log("SSH_AGENT_FAILURE");
                 return 0;
         case SSH_AGENT_SUCCESS:
                 return 1;
diff --git a/authfd.h b/authfd.h
index d7ff4be20..14b9bee94 100644
--- a/authfd.h
+++ b/authfd.h
@@ -13,7 +13,7 @@
  *
  */
 
-/* RCSID("$OpenBSD: authfd.h,v 1.8 2000/06/20 01:39:38 markus Exp $"); */
+/* RCSID("$OpenBSD: authfd.h,v 1.9 2000/07/16 08:27:21 markus Exp $"); */
 
 #ifndef AUTHFD_H
 #define AUTHFD_H
@@ -31,6 +31,16 @@
 #define SSH_AGENTC_REMOVE_RSA_IDENTITY          8
 #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES    9
 
+#define SSH2_AGENTC_REQUEST_IDENTITIES          11
+#define SSH2_AGENT_IDENTITIES_ANSWER            12
+#define SSH2_AGENTC_SIGN_REQUEST                13
+#define SSH2_AGENT_SIGN_RESPONSE                14
+#define SSH2_AGENT_FAILURE                      SSH_AGENT_FAILURE
+#define SSH2_AGENT_SUCCESS                      SSH_AGENT_SUCCESS
+#define SSH2_AGENTC_ADD_IDENTITY                17
+#define SSH2_AGENTC_REMOVE_IDENTITY             18
+#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES       19
+
 typedef struct {
         int     fd;
         Buffer  packet;
@@ -96,7 +106,7 @@ ssh_decrypt_challenge(AuthenticationConnection * auth,
  * successfully added.
  */
 int
-ssh_add_identity(AuthenticationConnection * connection, RSA * key,
+ssh_add_identity(AuthenticationConnection * connection, Key *key,
     const char *comment);
 
 /*
diff --git a/channels.c b/channels.c
index 3710b2fd4..ea395293a 100644
--- a/channels.c
+++ b/channels.c
@@ -17,13 +17,12 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.63 2000/06/25 20:17:57 provos Exp $");
+RCSID("$OpenBSD: channels.c,v 1.64 2000/07/16 08:27:21 markus Exp $");
 
 #include "ssh.h"
 #include "packet.h"
 #include "xmalloc.h"
 #include "buffer.h"
-#include "authfd.h"
 #include "uidswap.h"
 #include "readconf.h"
 #include "servconf.h"
@@ -34,6 +33,11 @@ RCSID("$OpenBSD: channels.c,v 1.63 2000/06/25 20:17:57 provos Exp $");
 
 #include "ssh2.h"
 
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
+#include "key.h"
+#include "authfd.h"
+
 /* Maximum number of fake X11 displays to try. */
 #define MAX_DISPLAYS  1000
 
diff --git a/clientloop.c b/clientloop.c
index f7ac7b3b0..67fa36d91 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -16,13 +16,12 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.28 2000/07/13 23:14:08 provos Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.29 2000/07/16 08:27:21 markus Exp $");
 
 #include "xmalloc.h"
 #include "ssh.h"
 #include "packet.h"
 #include "buffer.h"
-#include "authfd.h"
 #include "readconf.h"
 
 #include "ssh2.h"
@@ -30,7 +29,6 @@ RCSID("$OpenBSD: clientloop.c,v 1.28 2000/07/13 23:14:08 provos Exp $");
 #include "channels.h"
 #include "dispatch.h"
 
-
 /* Flag indicating that stdin should be redirected from /dev/null. */
 extern int stdin_null_flag;
 
diff --git a/dsa.c b/dsa.c
index c1c37bceb..5ce7abf70 100644
--- a/dsa.c
+++ b/dsa.c
@@ -28,7 +28,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: dsa.c,v 1.9 2000/06/20 01:39:41 markus Exp $");
+RCSID("$OpenBSD: dsa.c,v 1.10 2000/07/20 00:33:12 markus Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -53,8 +53,7 @@ RCSID("$OpenBSD: dsa.c,v 1.9 2000/06/20 01:39:41 markus Exp $");
 #define SIGBLOB_LEN     (2*INTBLOB_LEN)
 
 Key *
-dsa_key_from_blob(
-    char *blob, int blen)
+dsa_key_from_blob(char *blob, int blen)
 {
         Buffer b;
         char *ktype;
@@ -66,16 +65,17 @@ dsa_key_from_blob(
         dump_base64(stderr, blob, blen);
 #endif
         /* fetch & parse DSA/DSS pubkey */
-        key = key_new(KEY_DSA);
-        dsa = key->dsa;
         buffer_init(&b);
         buffer_append(&b, blob, blen);
         ktype = buffer_get_string(&b, NULL);
         if (strcmp(KEX_DSS, ktype) != 0) {
                 error("dsa_key_from_blob: cannot handle type %s", ktype);
-                key_free(key);
+                buffer_free(&b);
+                xfree(ktype);
                 return NULL;
         }
+        key = key_new(KEY_DSA);
+        dsa = key->dsa;
         buffer_get_bignum2(&b, dsa->p);
         buffer_get_bignum2(&b, dsa->q);
         buffer_get_bignum2(&b, dsa->g);
@@ -84,8 +84,8 @@ dsa_key_from_blob(
         if(rlen != 0)
                 error("dsa_key_from_blob: remaining bytes in key blob %d", rlen);
         buffer_free(&b);
+        xfree(ktype);
 
-        debug("keytype %s", ktype);
 #ifdef DEBUG_DSS
         DSA_print_fp(stderr, dsa, 8);
 #endif
diff --git a/ssh-add.c b/ssh-add.c
index a5d785ce7..482229c22 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -7,7 +7,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.17 2000/06/20 01:39:44 markus Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.18 2000/07/16 08:27:21 markus Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -15,9 +15,9 @@ RCSID("$OpenBSD: ssh-add.c,v 1.17 2000/06/20 01:39:44 markus Exp $");
 #include "rsa.h"
 #include "ssh.h"
 #include "xmalloc.h"
-#include "authfd.h"
 #include "fingerprint.h"
 #include "key.h"
+#include "authfd.h"
 #include "authfile.h"
 
 #ifdef HAVE___PROGNAME
@@ -102,11 +102,17 @@ add_file(AuthenticationConnection *ac, const char *filename)
         char buf[1024], msg[1024];
         int success;
         int interactive = isatty(STDIN_FILENO);
+        int type = KEY_RSA;
 
+        /*
+         * try to load the public key. right now this only works for RSA,
+         * since DSA keys are fully encrypted
+         */
         public = key_new(KEY_RSA);
         if (!load_public_key(filename, public, &saved_comment)) {
-                printf("Bad key file %s: %s\n", filename, strerror(errno));
-                return;
+                /* ok, so we will asume this is a DSA key */
+                type = KEY_DSA;
+                saved_comment = xstrdup(filename);
         }
         key_free(public);
 
@@ -118,7 +124,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
         }
 
         /* At first, try empty passphrase */
-        private = key_new(KEY_RSA);
+        private = key_new(type);
         success = load_private_key(filename, "", private, &comment);
         if (!success) {
                 printf("Need passphrase for %.200s\n", filename);
@@ -150,7 +156,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
         }
         xfree(saved_comment);
 
-        if (ssh_add_identity(ac, private->rsa, comment))
+        if (ssh_add_identity(ac, private, comment))
                 fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
         else
                 fprintf(stderr, "Could not add identity: %s\n", filename);
diff --git a/ssh-agent.c b/ssh-agent.c
index 148bcff6e..e8383b5df 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ssh-agent.c,v 1.31 2000/04/29 18:11:52 markus Exp $   */
+/*      $OpenBSD: ssh-agent.c,v 1.32 2000/07/16 08:27:21 markus Exp $   */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -9,11 +9,10 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.31 2000/04/29 18:11:52 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.32 2000/07/16 08:27:21 markus Exp $");
 
 #include "ssh.h"
 #include "rsa.h"
-#include "authfd.h"
 #include "buffer.h"
 #include "bufaux.h"
 #include "xmalloc.h"
@@ -22,6 +21,10 @@ RCSID("$OpenBSD: ssh-agent.c,v 1.31 2000/04/29 18:11:52 markus Exp $");
 #include "mpaux.h"
 
 #include <openssl/md5.h>
+#include <openssl/dsa.h>
+#include <openssl/rsa.h>
+#include "key.h"
+#include "authfd.h"
 
 typedef struct {
         int fd;
diff --git a/ssh.c b/ssh.c
index c2faf3882..58e4d7bd9 100644
--- a/ssh.c
+++ b/ssh.c
@@ -11,7 +11,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.57 2000/07/15 04:01:37 djm Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.58 2000/07/16 08:27:22 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/dsa.h>
@@ -21,7 +21,6 @@ RCSID("$OpenBSD: ssh.c,v 1.57 2000/07/15 04:01:37 djm Exp $");
 #include "ssh.h"
 #include "packet.h"
 #include "buffer.h"
-#include "authfd.h"
 #include "readconf.h"
 #include "uidswap.h"
 
@@ -29,6 +28,7 @@ RCSID("$OpenBSD: ssh.c,v 1.57 2000/07/15 04:01:37 djm Exp $");
 #include "compat.h"
 #include "channels.h"
 #include "key.h"
+#include "authfd.h"
 #include "authfile.h"
 
 #ifdef HAVE___PROGNAME
diff --git a/sshconnect1.c b/sshconnect1.c
index 4360d7283..aaebf17ff 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -9,7 +9,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.3 2000/05/08 17:12:16 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.4 2000/07/16 08:27:22 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
@@ -21,12 +21,12 @@ RCSID("$OpenBSD: sshconnect1.c,v 1.3 2000/05/08 17:12:16 markus Exp $");
 #include "ssh.h"
 #include "buffer.h"
 #include "packet.h"
-#include "authfd.h"
 #include "cipher.h"
 #include "mpaux.h"
 #include "uidswap.h"
 #include "readconf.h"
 #include "key.h"
+#include "authfd.h"
 #include "sshconnect.h"
 #include "authfile.h"
 
diff --git a/sshconnect2.c b/sshconnect2.c
index ae96d534e..22ad39e7f 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -28,7 +28,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.15 2000/06/21 16:46:10 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.16 2000/07/16 08:27:22 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
@@ -286,40 +286,20 @@ ssh2_try_passwd(const char *server_user, const char *host, const char *service)
         return 1;
 }
 
-int
-ssh2_try_pubkey(char *filename,
+typedef int sign_fn(
+    Key *key,
+    unsigned char **sigp, int *lenp,
+    unsigned char *data, int datalen);
+
+void
+ssh2_sign_and_send_pubkey(Key *k, sign_fn *do_sign,
     const char *server_user, const char *host, const char *service)
 {
         Buffer b;
-        Key *k;
         unsigned char *blob, *signature;
         int bloblen, slen;
-        struct stat st;
         int skip = 0;
 
-        if (stat(filename, &st) != 0) {
-                debug("key does not exist: %s", filename);
-                return 0;
-        }
-        debug("try pubkey: %s", filename);
-
-        k = key_new(KEY_DSA);
-        if (!load_private_key(filename, "", k, NULL)) {
-                int success = 0;
-                char *passphrase;
-                char prompt[300];
-                snprintf(prompt, sizeof prompt,
-                     "Enter passphrase for DSA key '%.100s': ",
-                     filename);
-                passphrase = read_passphrase(prompt, 0);
-                success = load_private_key(filename, passphrase, k, NULL);
-                memset(passphrase, 0, strlen(passphrase));
-                xfree(passphrase);
-                if (!success) {
-                        key_free(k);
-                        return 0;
-                }
-        }
         dsa_make_key_blob(k, &blob, &bloblen);
 
         /* data to be signed */
@@ -343,8 +323,8 @@ ssh2_try_pubkey(char *filename,
         buffer_put_string(&b, blob, bloblen);
 
         /* generate signature */
-        dsa_sign(k, &signature, &slen, buffer_ptr(&b), buffer_len(&b));
-        key_free(k);
+        do_sign(k, &signature, &slen, buffer_ptr(&b), buffer_len(&b));
+        key_free(k); /* XXX */
 #ifdef DEBUG_DSS
         buffer_dump(&b);
 #endif
@@ -377,6 +357,39 @@ ssh2_try_pubkey(char *filename,
         /* send */
         packet_send();
         packet_write_wait();
+}
+
+int
+ssh2_try_pubkey(char *filename,
+    const char *server_user, const char *host, const char *service)
+{
+        Key *k;
+        struct stat st;
+
+        if (stat(filename, &st) != 0) {
+                debug("key does not exist: %s", filename);
+                return 0;
+        }
+        debug("try pubkey: %s", filename);
+
+        k = key_new(KEY_DSA);
+        if (!load_private_key(filename, "", k, NULL)) {
+                int success = 0;
+                char *passphrase;
+                char prompt[300];
+                snprintf(prompt, sizeof prompt,
+                     "Enter passphrase for DSA key '%.100s': ",
+                     filename);
+                passphrase = read_passphrase(prompt, 0);
+                success = load_private_key(filename, passphrase, k, NULL);
+                memset(passphrase, 0, strlen(passphrase));
+                xfree(passphrase);
+                if (!success) {
+                        key_free(k);
+                        return 0;
+                }
+        }
+        ssh2_sign_and_send_pubkey(k, dsa_sign, server_user, host, service);
         return 1;
 }
 
diff --git a/sshd.c b/sshd.c
index cab0dd6f1..b6db074c8 100644
--- a/sshd.c
+++ b/sshd.c
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.122 2000/07/11 08:11:34 deraadt Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.123 2000/07/18 01:25:01 djm Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -642,6 +642,7 @@ main(int ac, char **av)
                 s2 = dup(s1);
                 sock_in = dup(0);
                 sock_out = dup(1);
+                startup_pipe = -1;
                 /*
                  * We intentionally do not close the descriptors 0, 1, and 2
                  * as our code for setting the descriptors won\'t work if