diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | dns.c | 7 | ||||
-rw-r--r-- | dns.h | 4 | ||||
-rw-r--r-- | readconf.c | 6 | ||||
-rw-r--r-- | ssh-keygen.c | 12 | ||||
-rw-r--r-- | sshconnect.c | 10 |
6 files changed, 10 insertions, 34 deletions
@@ -30,6 +30,9 @@ | |||
30 | - markus@cvs.openbsd.org 2003/10/13 08:22:25 | 30 | - markus@cvs.openbsd.org 2003/10/13 08:22:25 |
31 | [scp.1 sftp.1] | 31 | [scp.1 sftp.1] |
32 | don't refer to options related to forwarding; ok jmc@ | 32 | don't refer to options related to forwarding; ok jmc@ |
33 | - jakob@cvs.openbsd.org 2003/10/14 19:42:10 | ||
34 | [dns.c dns.h readconf.c ssh-keygen.c sshconnect.c] | ||
35 | include SSHFP lookup code (not enabled by default). ok markus@ | ||
33 | 36 | ||
34 | 20031009 | 37 | 20031009 |
35 | - (dtucker) [sshd_config.5] UsePAM defaults to "no". ok djm@ | 38 | - (dtucker) [sshd_config.5] UsePAM defaults to "no". ok djm@ |
@@ -1347,4 +1350,4 @@ | |||
1347 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. | 1350 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. |
1348 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au | 1351 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au |
1349 | 1352 | ||
1350 | $Id: ChangeLog,v 1.3076 2003/10/15 05:59:26 dtucker Exp $ | 1353 | $Id: ChangeLog,v 1.3077 2003/10/15 06:00:47 dtucker Exp $ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dns.c,v 1.6 2003/06/11 10:18:47 jakob Exp $ */ | 1 | /* $OpenBSD: dns.c,v 1.7 2003/10/14 19:42:10 jakob Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. | 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. |
@@ -28,7 +28,6 @@ | |||
28 | 28 | ||
29 | #include "includes.h" | 29 | #include "includes.h" |
30 | 30 | ||
31 | #ifdef DNS | ||
32 | #include <openssl/bn.h> | 31 | #include <openssl/bn.h> |
33 | #ifdef LWRES | 32 | #ifdef LWRES |
34 | #include <lwres/netdb.h> | 33 | #include <lwres/netdb.h> |
@@ -44,7 +43,7 @@ | |||
44 | #include "uuencode.h" | 43 | #include "uuencode.h" |
45 | 44 | ||
46 | extern char *__progname; | 45 | extern char *__progname; |
47 | RCSID("$OpenBSD: dns.c,v 1.6 2003/06/11 10:18:47 jakob Exp $"); | 46 | RCSID("$OpenBSD: dns.c,v 1.7 2003/10/14 19:42:10 jakob Exp $"); |
48 | 47 | ||
49 | #ifndef LWRES | 48 | #ifndef LWRES |
50 | static const char *errset_text[] = { | 49 | static const char *errset_text[] = { |
@@ -286,5 +285,3 @@ export_dns_rr(const char *hostname, Key *key, FILE *f, int generic) | |||
286 | 285 | ||
287 | return success; | 286 | return success; |
288 | } | 287 | } |
289 | |||
290 | #endif /* DNS */ | ||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dns.h,v 1.3 2003/05/14 22:56:51 jakob Exp $ */ | 1 | /* $OpenBSD: dns.h,v 1.4 2003/10/14 19:42:10 jakob Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. | 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. |
@@ -28,7 +28,6 @@ | |||
28 | 28 | ||
29 | #include "includes.h" | 29 | #include "includes.h" |
30 | 30 | ||
31 | #ifdef DNS | ||
32 | #ifndef DNS_H | 31 | #ifndef DNS_H |
33 | #define DNS_H | 32 | #define DNS_H |
34 | 33 | ||
@@ -54,4 +53,3 @@ int verify_host_key_dns(const char *, struct sockaddr *, Key *); | |||
54 | int export_dns_rr(const char *, Key *, FILE *, int); | 53 | int export_dns_rr(const char *, Key *, FILE *, int); |
55 | 54 | ||
56 | #endif /* DNS_H */ | 55 | #endif /* DNS_H */ |
57 | #endif /* DNS */ | ||
diff --git a/readconf.c b/readconf.c index e5f2620a7..86d28bc8d 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: readconf.c,v 1.123 2003/10/11 08:24:07 markus Exp $"); | 15 | RCSID("$OpenBSD: readconf.c,v 1.124 2003/10/14 19:42:10 jakob Exp $"); |
16 | 16 | ||
17 | #include "ssh.h" | 17 | #include "ssh.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -183,11 +183,7 @@ static struct { | |||
183 | #endif | 183 | #endif |
184 | { "clearallforwardings", oClearAllForwardings }, | 184 | { "clearallforwardings", oClearAllForwardings }, |
185 | { "enablesshkeysign", oEnableSSHKeysign }, | 185 | { "enablesshkeysign", oEnableSSHKeysign }, |
186 | #ifdef DNS | ||
187 | { "verifyhostkeydns", oVerifyHostKeyDNS }, | 186 | { "verifyhostkeydns", oVerifyHostKeyDNS }, |
188 | #else | ||
189 | { "verifyhostkeydns", oUnsupported }, | ||
190 | #endif | ||
191 | { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, | 187 | { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, |
192 | { "rekeylimit", oRekeyLimit }, | 188 | { "rekeylimit", oRekeyLimit }, |
193 | { "connecttimeout", oConnectTimeout }, | 189 | { "connecttimeout", oConnectTimeout }, |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 5b7bc400a..4a3cf241a 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.109 2003/09/18 13:02:21 miod Exp $"); | 15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.110 2003/10/14 19:42:10 jakob Exp $"); |
16 | 16 | ||
17 | #include <openssl/evp.h> | 17 | #include <openssl/evp.h> |
18 | #include <openssl/pem.h> | 18 | #include <openssl/pem.h> |
@@ -32,9 +32,7 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.109 2003/09/18 13:02:21 miod Exp $"); | |||
32 | #ifdef SMARTCARD | 32 | #ifdef SMARTCARD |
33 | #include "scard.h" | 33 | #include "scard.h" |
34 | #endif | 34 | #endif |
35 | #ifdef DNS | ||
36 | #include "dns.h" | 35 | #include "dns.h" |
37 | #endif | ||
38 | 36 | ||
39 | /* Number of bits in the RSA/DSA key. This value can be changed on the command line. */ | 37 | /* Number of bits in the RSA/DSA key. This value can be changed on the command line. */ |
40 | int bits = 1024; | 38 | int bits = 1024; |
@@ -625,7 +623,6 @@ do_change_passphrase(struct passwd *pw) | |||
625 | exit(0); | 623 | exit(0); |
626 | } | 624 | } |
627 | 625 | ||
628 | #ifdef DNS | ||
629 | /* | 626 | /* |
630 | * Print the SSHFP RR. | 627 | * Print the SSHFP RR. |
631 | */ | 628 | */ |
@@ -655,7 +652,6 @@ do_print_resource_record(struct passwd *pw, char *hostname) | |||
655 | printf("failed to read v2 public key from %s.\n", identity_file); | 652 | printf("failed to read v2 public key from %s.\n", identity_file); |
656 | exit(1); | 653 | exit(1); |
657 | } | 654 | } |
658 | #endif /* DNS */ | ||
659 | 655 | ||
660 | /* | 656 | /* |
661 | * Change the comment of a private key file. | 657 | * Change the comment of a private key file. |
@@ -774,9 +770,7 @@ usage(void) | |||
774 | fprintf(stderr, " -C comment Provide new comment.\n"); | 770 | fprintf(stderr, " -C comment Provide new comment.\n"); |
775 | fprintf(stderr, " -N phrase Provide new passphrase.\n"); | 771 | fprintf(stderr, " -N phrase Provide new passphrase.\n"); |
776 | fprintf(stderr, " -P phrase Provide old passphrase.\n"); | 772 | fprintf(stderr, " -P phrase Provide old passphrase.\n"); |
777 | #ifdef DNS | ||
778 | fprintf(stderr, " -r hostname Print DNS resource record.\n"); | 773 | fprintf(stderr, " -r hostname Print DNS resource record.\n"); |
779 | #endif /* DNS */ | ||
780 | #ifdef SMARTCARD | 774 | #ifdef SMARTCARD |
781 | fprintf(stderr, " -D reader Download public key from smartcard.\n"); | 775 | fprintf(stderr, " -D reader Download public key from smartcard.\n"); |
782 | fprintf(stderr, " -U reader Upload private key to smartcard.\n"); | 776 | fprintf(stderr, " -U reader Upload private key to smartcard.\n"); |
@@ -959,11 +953,7 @@ main(int ac, char **av) | |||
959 | if (print_public) | 953 | if (print_public) |
960 | do_print_public(pw); | 954 | do_print_public(pw); |
961 | if (resource_record_hostname != NULL) { | 955 | if (resource_record_hostname != NULL) { |
962 | #ifdef DNS | ||
963 | do_print_resource_record(pw, resource_record_hostname); | 956 | do_print_resource_record(pw, resource_record_hostname); |
964 | #else /* DNS */ | ||
965 | fatal("no DNS support."); | ||
966 | #endif /* DNS */ | ||
967 | } | 957 | } |
968 | if (reader_id != NULL) { | 958 | if (reader_id != NULL) { |
969 | #ifdef SMARTCARD | 959 | #ifdef SMARTCARD |
diff --git a/sshconnect.c b/sshconnect.c index f29ac8088..2c028f3a6 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect.c,v 1.148 2003/09/18 07:52:54 markus Exp $"); | 16 | RCSID("$OpenBSD: sshconnect.c,v 1.149 2003/10/14 19:42:10 jakob Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | 19 | ||
@@ -33,16 +33,12 @@ RCSID("$OpenBSD: sshconnect.c,v 1.148 2003/09/18 07:52:54 markus Exp $"); | |||
33 | #include "misc.h" | 33 | #include "misc.h" |
34 | #include "readpass.h" | 34 | #include "readpass.h" |
35 | 35 | ||
36 | #ifdef DNS | ||
37 | #include "dns.h" | 36 | #include "dns.h" |
38 | #endif | ||
39 | 37 | ||
40 | char *client_version_string = NULL; | 38 | char *client_version_string = NULL; |
41 | char *server_version_string = NULL; | 39 | char *server_version_string = NULL; |
42 | 40 | ||
43 | #ifdef DNS | ||
44 | int verified_host_key_dns = 0; | 41 | int verified_host_key_dns = 0; |
45 | #endif | ||
46 | 42 | ||
47 | /* import */ | 43 | /* import */ |
48 | extern Options options; | 44 | extern Options options; |
@@ -730,7 +726,6 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
730 | /* The default */ | 726 | /* The default */ |
731 | fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); | 727 | fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); |
732 | msg2[0] = '\0'; | 728 | msg2[0] = '\0'; |
733 | #ifdef DNS | ||
734 | if (options.verify_host_key_dns) { | 729 | if (options.verify_host_key_dns) { |
735 | if (verified_host_key_dns) | 730 | if (verified_host_key_dns) |
736 | snprintf(msg2, sizeof(msg2), | 731 | snprintf(msg2, sizeof(msg2), |
@@ -741,7 +736,6 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
741 | "No matching host key fingerprint" | 736 | "No matching host key fingerprint" |
742 | " found in DNS.\n"); | 737 | " found in DNS.\n"); |
743 | } | 738 | } |
744 | #endif | ||
745 | snprintf(msg, sizeof(msg), | 739 | snprintf(msg, sizeof(msg), |
746 | "The authenticity of host '%.200s (%s)' can't be " | 740 | "The authenticity of host '%.200s (%s)' can't be " |
747 | "established%s\n" | 741 | "established%s\n" |
@@ -908,7 +902,6 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) | |||
908 | { | 902 | { |
909 | struct stat st; | 903 | struct stat st; |
910 | 904 | ||
911 | #ifdef DNS | ||
912 | if (options.verify_host_key_dns) { | 905 | if (options.verify_host_key_dns) { |
913 | switch(verify_host_key_dns(host, hostaddr, host_key)) { | 906 | switch(verify_host_key_dns(host, hostaddr, host_key)) { |
914 | case DNS_VERIFY_OK: | 907 | case DNS_VERIFY_OK: |
@@ -927,7 +920,6 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) | |||
927 | break; | 920 | break; |
928 | } | 921 | } |
929 | } | 922 | } |
930 | #endif /* DNS */ | ||
931 | 923 | ||
932 | /* return ok if the key can be found in an old keyfile */ | 924 | /* return ok if the key can be found in an old keyfile */ |
933 | if (stat(options.system_hostfile2, &st) == 0 || | 925 | if (stat(options.system_hostfile2, &st) == 0 || |