summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog13
-rw-r--r--channels.c26
-rw-r--r--channels.h3
-rw-r--r--misc.c51
-rw-r--r--misc.h5
-rw-r--r--readconf.c22
-rw-r--r--readconf.h4
-rw-r--r--scp.15
-rw-r--r--servconf.c20
-rw-r--r--servconf.h4
-rw-r--r--sftp.15
-rw-r--r--ssh-keyscan.17
-rw-r--r--ssh-keyscan.c19
-rw-r--r--ssh.15
-rw-r--r--ssh.c3
-rw-r--r--ssh_config.57
-rw-r--r--sshconnect.c5
-rw-r--r--sshd.c9
-rw-r--r--sshd_config.57
19 files changed, 53 insertions, 167 deletions
diff --git a/ChangeLog b/ChangeLog
index e38cd5108..ca189f943 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,19 @@
120091210 120091210
2 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] 2 - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]
3 Remove hacks add for RoutingDomain in preparation for its removal. 3 Remove hacks add for RoutingDomain in preparation for its removal.
4 - dtucker@cvs.openbsd.org 2010/01/09 23:04:13
5 [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h
6 ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c
7 readconf.h scp.1 sftp.1 ssh_config.5 misc.h]
8 Remove RoutingDomain from ssh since it's now not needed. It can be
9 replaced with "route exec" or "nc -V" as a proxycommand. "route exec"
10 also ensures that trafic such as DNS lookups stays withing the specified
11 routingdomain. For example (from reyk):
12 # route -T 2 exec /usr/sbin/sshd
13 or inherited from the parent process
14 $ route -T 2 exec sh
15 $ ssh 10.1.2.3
16 ok deraadt@ markus@ stevesk@ reyk@
4 17
520091209 1820091209
6 - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't 19 - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't
diff --git a/channels.c b/channels.c
index 949392390..87dbe96d3 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: channels.c,v 1.299 2009/11/11 21:37:03 markus Exp $ */ 1/* $OpenBSD: channels.c,v 1.300 2010/01/09 23:04:13 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -163,9 +163,6 @@ static u_int x11_fake_data_len;
163/* AF_UNSPEC or AF_INET or AF_INET6 */ 163/* AF_UNSPEC or AF_INET or AF_INET6 */
164static int IPv4or6 = AF_UNSPEC; 164static int IPv4or6 = AF_UNSPEC;
165 165
166/* Set the routing domain a.k.a. VRF */
167static int channel_rdomain = -1;
168
169/* helper */ 166/* helper */
170static void port_open_helper(Channel *c, char *rtype); 167static void port_open_helper(Channel *c, char *rtype);
171 168
@@ -2466,12 +2463,6 @@ channel_set_af(int af)
2466 IPv4or6 = af; 2463 IPv4or6 = af;
2467} 2464}
2468 2465
2469void
2470channel_set_rdomain(int rdomain)
2471{
2472 channel_rdomain = rdomain;
2473}
2474
2475static int 2466static int
2476channel_setup_fwd_listener(int type, const char *listen_addr, 2467channel_setup_fwd_listener(int type, const char *listen_addr,
2477 u_short listen_port, int *allocated_listen_port, 2468 u_short listen_port, int *allocated_listen_port,
@@ -2580,8 +2571,7 @@ channel_setup_fwd_listener(int type, const char *listen_addr,
2580 continue; 2571 continue;
2581 } 2572 }
2582 /* Create a port to listen for the host. */ 2573 /* Create a port to listen for the host. */
2583 sock = socket_rdomain(ai->ai_family, ai->ai_socktype, 2574 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
2584 ai->ai_protocol, channel_rdomain);
2585 if (sock < 0) { 2575 if (sock < 0) {
2586 /* this is no error since kernel may not support ipv6 */ 2576 /* this is no error since kernel may not support ipv6 */
2587 verbose("socket: %.100s", strerror(errno)); 2577 verbose("socket: %.100s", strerror(errno));
@@ -2922,9 +2912,8 @@ connect_next(struct channel_connect *cctx)
2922 error("connect_next: getnameinfo failed"); 2912 error("connect_next: getnameinfo failed");
2923 continue; 2913 continue;
2924 } 2914 }
2925 if ((sock = socket_rdomain(cctx->ai->ai_family, 2915 if ((sock = socket(cctx->ai->ai_family, cctx->ai->ai_socktype,
2926 cctx->ai->ai_socktype, cctx->ai->ai_protocol, 2916 cctx->ai->ai_protocol)) == -1) {
2927 channel_rdomain)) == -1) {
2928 if (cctx->ai->ai_next == NULL) 2917 if (cctx->ai->ai_next == NULL)
2929 error("socket: %.100s", strerror(errno)); 2918 error("socket: %.100s", strerror(errno));
2930 else 2919 else
@@ -3110,8 +3099,8 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
3110 for (ai = aitop; ai; ai = ai->ai_next) { 3099 for (ai = aitop; ai; ai = ai->ai_next) {
3111 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 3100 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
3112 continue; 3101 continue;
3113 sock = socket_rdomain(ai->ai_family, ai->ai_socktype, 3102 sock = socket(ai->ai_family, ai->ai_socktype,
3114 ai->ai_protocol, channel_rdomain); 3103 ai->ai_protocol);
3115 if (sock < 0) { 3104 if (sock < 0) {
3116 if ((errno != EINVAL) && (errno != EAFNOSUPPORT)) { 3105 if ((errno != EINVAL) && (errno != EAFNOSUPPORT)) {
3117 error("socket: %.100s", strerror(errno)); 3106 error("socket: %.100s", strerror(errno));
@@ -3286,8 +3275,7 @@ x11_connect_display(void)
3286 } 3275 }
3287 for (ai = aitop; ai; ai = ai->ai_next) { 3276 for (ai = aitop; ai; ai = ai->ai_next) {
3288 /* Create a socket. */ 3277 /* Create a socket. */
3289 sock = socket_rdomain(ai->ai_family, ai->ai_socktype, 3278 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
3290 ai->ai_protocol, channel_rdomain);
3291 if (sock < 0) { 3279 if (sock < 0) {
3292 debug2("socket: %.100s", strerror(errno)); 3280 debug2("socket: %.100s", strerror(errno));
3293 continue; 3281 continue;
diff --git a/channels.h b/channels.h
index 4dbeeb6e1..f65a311dc 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: channels.h,v 1.100 2009/11/11 21:37:03 markus Exp $ */ 1/* $OpenBSD: channels.h,v 1.101 2010/01/09 23:04:13 dtucker Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -235,7 +235,6 @@ int channel_find_open(void);
235 235
236/* tcp forwarding */ 236/* tcp forwarding */
237void channel_set_af(int af); 237void channel_set_af(int af);
238void channel_set_rdomain(int);
239void channel_permit_all_opens(void); 238void channel_permit_all_opens(void);
240void channel_add_permitted_opens(char *, int); 239void channel_add_permitted_opens(char *, int);
241int channel_add_adm_permitted_opens(char *, int); 240int channel_add_adm_permitted_opens(char *, int);
diff --git a/misc.c b/misc.c
index 550b03cad..e1f723123 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: misc.c,v 1.74 2009/12/25 19:40:21 stevesk Exp $ */ 1/* $OpenBSD: misc.c,v 1.75 2010/01/09 23:04:13 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved. 4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@@ -151,43 +151,6 @@ set_nodelay(int fd)
151 error("setsockopt TCP_NODELAY: %.100s", strerror(errno)); 151 error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
152} 152}
153 153
154/* open a socket in the specified routing domain */
155int
156socket_rdomain(int domain, int type, int protocol, int rdomain)
157{
158 int sock, ipproto = IPPROTO_IP;
159
160 if ((sock = socket(domain, type, protocol)) == -1)
161 return (-1);
162
163 if (rdomain == -1)
164 return (sock);
165
166 switch (domain) {
167 case AF_INET6:
168 ipproto = IPPROTO_IPV6;
169 /* FALLTHROUGH */
170 case AF_INET:
171 debug2("socket %d af %d setting rdomain %d",
172 sock, domain, rdomain);
173 if (setsockopt(sock, ipproto, SO_RDOMAIN, &rdomain,
174 sizeof(rdomain)) == -1) {
175 debug("setsockopt SO_RDOMAIN: %.100s",
176 strerror(errno));
177 close(sock);
178 return (-1);
179 }
180 break;
181 default:
182 debug("socket %d af %d does not support rdomain %d",
183 sock, domain, rdomain);
184 close(sock);
185 return (-1);
186 }
187
188 return (sock);
189}
190
191/* Characters considered whitespace in strsep calls. */ 154/* Characters considered whitespace in strsep calls. */
192#define WHITESPACE " \t\r\n" 155#define WHITESPACE " \t\r\n"
193#define QUOTE "\"" 156#define QUOTE "\""
@@ -274,18 +237,6 @@ a2port(const char *s)
274} 237}
275 238
276int 239int
277a2rdomain(const char *s)
278{
279 long long rdomain;
280 const char *errstr;
281
282 rdomain = strtonum(s, 0, RT_TABLEID_MAX, &errstr);
283 if (errstr != NULL)
284 return -1;
285 return (int)rdomain;
286}
287
288int
289a2tun(const char *s, int *remote) 240a2tun(const char *s, int *remote)
290{ 241{
291 const char *errstr = NULL; 242 const char *errstr = NULL;
diff --git a/misc.h b/misc.h
index 1e859e255..32073acd4 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: misc.h,v 1.40 2009/12/25 19:40:21 stevesk Exp $ */ 1/* $OpenBSD: misc.h,v 1.41 2010/01/09 23:04:13 dtucker Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -23,7 +23,6 @@ int set_nonblock(int);
23int unset_nonblock(int); 23int unset_nonblock(int);
24void set_nodelay(int); 24void set_nodelay(int);
25int a2port(const char *); 25int a2port(const char *);
26int a2rdomain(const char *);
27int a2tun(const char *, int *); 26int a2tun(const char *, int *);
28char *put_host_port(const char *, u_short); 27char *put_host_port(const char *, u_short);
29char *hpdelim(char **); 28char *hpdelim(char **);
@@ -55,8 +54,6 @@ void freeargs(arglist *);
55 54
56int tun_open(int, int); 55int tun_open(int, int);
57 56
58int socket_rdomain(int, int, int, int);
59
60/* Common definitions for ssh tunnel device forwarding */ 57/* Common definitions for ssh tunnel device forwarding */
61#define SSH_TUNMODE_NO 0x00 58#define SSH_TUNMODE_NO 0x00
62#define SSH_TUNMODE_POINTOPOINT 0x01 59#define SSH_TUNMODE_POINTOPOINT 0x01
diff --git a/readconf.c b/readconf.c
index 40fe8f694..d424c1697 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.c,v 1.181 2009/12/29 16:38:41 stevesk Exp $ */ 1/* $OpenBSD: readconf.c,v 1.182 2010/01/09 23:04:13 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -130,8 +130,8 @@ typedef enum {
130 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, 130 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
131 oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, 131 oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
132 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, 132 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
133 oVisualHostKey, oUseRoaming, oRDomain, 133 oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
134 oZeroKnowledgePasswordAuthentication, oDeprecated, oUnsupported 134 oDeprecated, oUnsupported
135} OpCodes; 135} OpCodes;
136 136
137/* Textual representations of the tokens. */ 137/* Textual representations of the tokens. */
@@ -229,7 +229,6 @@ static struct {
229 { "permitlocalcommand", oPermitLocalCommand }, 229 { "permitlocalcommand", oPermitLocalCommand },
230 { "visualhostkey", oVisualHostKey }, 230 { "visualhostkey", oVisualHostKey },
231 { "useroaming", oUseRoaming }, 231 { "useroaming", oUseRoaming },
232 { "routingdomain", oRDomain },
233#ifdef JPAKE 232#ifdef JPAKE
234 { "zeroknowledgepasswordauthentication", 233 { "zeroknowledgepasswordauthentication",
235 oZeroKnowledgePasswordAuthentication }, 234 oZeroKnowledgePasswordAuthentication },
@@ -920,19 +919,6 @@ parse_int:
920 intptr = &options->use_roaming; 919 intptr = &options->use_roaming;
921 goto parse_flag; 920 goto parse_flag;
922 921
923 case oRDomain:
924 arg = strdelim(&s);
925 if (!arg || *arg == '\0')
926 fatal("%.200s line %d: Missing argument.",
927 filename, linenum);
928 value = a2rdomain(arg);
929 if (value == -1)
930 fatal("%.200s line %d: Bad rdomain.",
931 filename, linenum);
932 if (*activep)
933 options->rdomain = value;
934 break;
935
936 case oDeprecated: 922 case oDeprecated:
937 debug("%s line %d: Deprecated option \"%s\"", 923 debug("%s line %d: Deprecated option \"%s\"",
938 filename, linenum, keyword); 924 filename, linenum, keyword);
@@ -1083,7 +1069,6 @@ initialize_options(Options * options)
1083 options->local_command = NULL; 1069 options->local_command = NULL;
1084 options->permit_local_command = -1; 1070 options->permit_local_command = -1;
1085 options->use_roaming = -1; 1071 options->use_roaming = -1;
1086 options->rdomain = -1;
1087 options->visual_host_key = -1; 1072 options->visual_host_key = -1;
1088 options->zero_knowledge_password_authentication = -1; 1073 options->zero_knowledge_password_authentication = -1;
1089} 1074}
@@ -1232,7 +1217,6 @@ fill_default_options(Options * options)
1232 /* options->hostname will be set in the main program if appropriate */ 1217 /* options->hostname will be set in the main program if appropriate */
1233 /* options->host_key_alias should not be set by default */ 1218 /* options->host_key_alias should not be set by default */
1234 /* options->preferred_authentications will be set in ssh */ 1219 /* options->preferred_authentications will be set in ssh */
1235 /* options->rdomain should not be set by default */
1236} 1220}
1237 1221
1238/* 1222/*
diff --git a/readconf.h b/readconf.h
index 6edc2eeda..f7c0b9c6d 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.h,v 1.80 2009/10/28 16:38:18 reyk Exp $ */ 1/* $OpenBSD: readconf.h,v 1.81 2010/01/09 23:04:13 dtucker Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -125,8 +125,6 @@ typedef struct {
125 125
126 int use_roaming; 126 int use_roaming;
127 127
128 int rdomain; /* routing domain a.k.a. VRF */
129
130} Options; 128} Options;
131 129
132#define SSHCTL_MASTER_NO 0 130#define SSHCTL_MASTER_NO 0
diff --git a/scp.1 b/scp.1
index 1d1cad0b0..74ee5db13 100644
--- a/scp.1
+++ b/scp.1
@@ -9,9 +9,9 @@
9.\" 9.\"
10.\" Created: Sun May 7 00:14:37 1995 ylo 10.\" Created: Sun May 7 00:14:37 1995 ylo
11.\" 11.\"
12.\" $OpenBSD: scp.1,v 1.48 2009/12/29 16:38:41 stevesk Exp $ 12.\" $OpenBSD: scp.1,v 1.49 2010/01/09 23:04:13 dtucker Exp $
13.\" 13.\"
14.Dd $Mdocdate: December 29 2009 $ 14.Dd $Mdocdate: January 9 2010 $
15.Dt SCP 1 15.Dt SCP 1
16.Os 16.Os
17.Sh NAME 17.Sh NAME
@@ -160,7 +160,6 @@ For full details of the options listed below, and their possible values, see
160.It PubkeyAuthentication 160.It PubkeyAuthentication
161.It RekeyLimit 161.It RekeyLimit
162.It RhostsRSAAuthentication 162.It RhostsRSAAuthentication
163.It RoutingDomain
164.It RSAAuthentication 163.It RSAAuthentication
165.It SendEnv 164.It SendEnv
166.It ServerAliveInterval 165.It ServerAliveInterval
diff --git a/servconf.c b/servconf.c
index 2cdc480e6..fc3e479bd 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.c,v 1.199 2009/12/29 16:38:41 stevesk Exp $ */ 1/* $OpenBSD: servconf.c,v 1.200 2010/01/09 23:04:13 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -128,7 +128,6 @@ initialize_server_options(ServerOptions *options)
128 options->adm_forced_command = NULL; 128 options->adm_forced_command = NULL;
129 options->chroot_directory = NULL; 129 options->chroot_directory = NULL;
130 options->zero_knowledge_password_authentication = -1; 130 options->zero_knowledge_password_authentication = -1;
131 options->rdomain = -1;
132} 131}
133 132
134void 133void
@@ -305,7 +304,7 @@ typedef enum {
305 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 304 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
306 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, 305 sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
307 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 306 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
308 sUsePrivilegeSeparation, sAllowAgentForwarding, sRDomain, 307 sUsePrivilegeSeparation, sAllowAgentForwarding,
309 sZeroKnowledgePasswordAuthentication, 308 sZeroKnowledgePasswordAuthentication,
310 sDeprecated, sUnsupported 309 sDeprecated, sUnsupported
311} ServerOpCodes; 310} ServerOpCodes;
@@ -424,7 +423,6 @@ static struct {
424 { "match", sMatch, SSHCFG_ALL }, 423 { "match", sMatch, SSHCFG_ALL },
425 { "permitopen", sPermitOpen, SSHCFG_ALL }, 424 { "permitopen", sPermitOpen, SSHCFG_ALL },
426 { "forcecommand", sForceCommand, SSHCFG_ALL }, 425 { "forcecommand", sForceCommand, SSHCFG_ALL },
427 { "routingdomain", sRDomain, SSHCFG_GLOBAL },
428 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, 426 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
429 { NULL, sBadOption, 0 } 427 { NULL, sBadOption, 0 }
430}; 428};
@@ -1296,19 +1294,6 @@ process_server_config_line(ServerOptions *options, char *line,
1296 *charptr = xstrdup(arg); 1294 *charptr = xstrdup(arg);
1297 break; 1295 break;
1298 1296
1299 case sRDomain:
1300 intptr = &options->rdomain;
1301 arg = strdelim(&cp);
1302 if (!arg || *arg == '\0')
1303 fatal("%s line %d: missing rdomain value.",
1304 filename, linenum);
1305 if ((value = a2rdomain(arg)) == -1)
1306 fatal("%s line %d: invalid rdomain value.",
1307 filename, linenum);
1308 if (*intptr == -1)
1309 *intptr = value;
1310 break;
1311
1312 case sDeprecated: 1297 case sDeprecated:
1313 logit("%s line %d: Deprecated option %s", 1298 logit("%s line %d: Deprecated option %s",
1314 filename, linenum, arg); 1299 filename, linenum, arg);
@@ -1585,7 +1570,6 @@ dump_config(ServerOptions *o)
1585 dump_cfg_int(sMaxSessions, o->max_sessions); 1570 dump_cfg_int(sMaxSessions, o->max_sessions);
1586 dump_cfg_int(sClientAliveInterval, o->client_alive_interval); 1571 dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
1587 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max); 1572 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
1588 dump_cfg_int(sRDomain, o->rdomain);
1589 1573
1590 /* formatted integer arguments */ 1574 /* formatted integer arguments */
1591 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login); 1575 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
diff --git a/servconf.h b/servconf.h
index 19c7ae609..25a3f1b21 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.h,v 1.88 2009/10/28 16:38:18 reyk Exp $ */ 1/* $OpenBSD: servconf.h,v 1.89 2010/01/09 23:04:13 dtucker Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -150,8 +150,6 @@ typedef struct {
150 150
151 int num_permitted_opens; 151 int num_permitted_opens;
152 152
153 int rdomain;
154
155 char *chroot_directory; 153 char *chroot_directory;
156} ServerOptions; 154} ServerOptions;
157 155
diff --git a/sftp.1 b/sftp.1
index 81d87680d..3ec7a0234 100644
--- a/sftp.1
+++ b/sftp.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: sftp.1,v 1.79 2009/12/29 16:38:41 stevesk Exp $ 1.\" $OpenBSD: sftp.1,v 1.80 2010/01/09 23:04:13 dtucker Exp $
2.\" 2.\"
3.\" Copyright (c) 2001 Damien Miller. All rights reserved. 3.\" Copyright (c) 2001 Damien Miller. All rights reserved.
4.\" 4.\"
@@ -22,7 +22,7 @@
22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24.\" 24.\"
25.Dd $Mdocdate: December 29 2009 $ 25.Dd $Mdocdate: January 9 2010 $
26.Dt SFTP 1 26.Dt SFTP 1
27.Os 27.Os
28.Sh NAME 28.Sh NAME
@@ -209,7 +209,6 @@ For full details of the options listed below, and their possible values, see
209.It PubkeyAuthentication 209.It PubkeyAuthentication
210.It RekeyLimit 210.It RekeyLimit
211.It RhostsRSAAuthentication 211.It RhostsRSAAuthentication
212.It RoutingDomain
213.It RSAAuthentication 212.It RSAAuthentication
214.It SendEnv 213.It SendEnv
215.It ServerAliveInterval 214.It ServerAliveInterval
diff --git a/ssh-keyscan.1 b/ssh-keyscan.1
index c9fb597ed..78255ff79 100644
--- a/ssh-keyscan.1
+++ b/ssh-keyscan.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keyscan.1,v 1.27 2009/10/28 16:38:18 reyk Exp $ 1.\" $OpenBSD: ssh-keyscan.1,v 1.28 2010/01/09 23:04:13 dtucker Exp $
2.\" 2.\"
3.\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3.\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4.\" 4.\"
@@ -6,7 +6,7 @@
6.\" permitted provided that due credit is given to the author and the 6.\" permitted provided that due credit is given to the author and the
7.\" OpenBSD project by leaving this copyright notice intact. 7.\" OpenBSD project by leaving this copyright notice intact.
8.\" 8.\"
9.Dd $Mdocdate: October 28 2009 $ 9.Dd $Mdocdate: January 9 2010 $
10.Dt SSH-KEYSCAN 1 10.Dt SSH-KEYSCAN 1
11.Os 11.Os
12.Sh NAME 12.Sh NAME
@@ -20,7 +20,6 @@
20.Op Fl p Ar port 20.Op Fl p Ar port
21.Op Fl T Ar timeout 21.Op Fl T Ar timeout
22.Op Fl t Ar type 22.Op Fl t Ar type
23.Op Fl V Ar rdomain
24.Op Ar host | addrlist namelist 23.Op Ar host | addrlist namelist
25.Ar ... 24.Ar ...
26.Ek 25.Ek
@@ -96,8 +95,6 @@ for protocol version 2.
96Multiple values may be specified by separating them with commas. 95Multiple values may be specified by separating them with commas.
97The default is 96The default is
98.Dq rsa . 97.Dq rsa .
99.It Fl V Ar rdomain
100Set the routing domain.
101.It Fl v 98.It Fl v
102Verbose mode. 99Verbose mode.
103Causes 100Causes
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index faeb9e13e..7afe446ae 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keyscan.c,v 1.80 2009/12/25 19:40:21 stevesk Exp $ */ 1/* $OpenBSD: ssh-keyscan.c,v 1.81 2010/01/09 23:04:13 dtucker Exp $ */
2/* 2/*
3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4 * 4 *
@@ -68,9 +68,6 @@ int timeout = 5;
68int maxfd; 68int maxfd;
69#define MAXCON (maxfd - 10) 69#define MAXCON (maxfd - 10)
70 70
71/* The default routing domain */
72int scan_rdomain = -1;
73
74extern char *__progname; 71extern char *__progname;
75fd_set *read_wait; 72fd_set *read_wait;
76size_t read_wait_nfdset; 73size_t read_wait_nfdset;
@@ -415,8 +412,7 @@ tcpconnect(char *host)
415 if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) 412 if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
416 fatal("getaddrinfo %s: %s", host, ssh_gai_strerror(gaierr)); 413 fatal("getaddrinfo %s: %s", host, ssh_gai_strerror(gaierr));
417 for (ai = aitop; ai; ai = ai->ai_next) { 414 for (ai = aitop; ai; ai = ai->ai_next) {
418 s = socket_rdomain(ai->ai_family, ai->ai_socktype, 415 s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
419 ai->ai_protocol, scan_rdomain);
420 if (s < 0) { 416 if (s < 0) {
421 error("socket: %s", strerror(errno)); 417 error("socket: %s", strerror(errno));
422 continue; 418 continue;
@@ -719,7 +715,7 @@ usage(void)
719{ 715{
720 fprintf(stderr, 716 fprintf(stderr,
721 "usage: %s [-46Hv] [-f file] [-p port] [-T timeout] [-t type]\n" 717 "usage: %s [-46Hv] [-f file] [-p port] [-T timeout] [-t type]\n"
722 "\t\t [-V rdomain] [host | addrlist namelist] ...\n", 718 "\t\t [host | addrlist namelist] ...\n",
723 __progname); 719 __progname);
724 exit(1); 720 exit(1);
725} 721}
@@ -745,7 +741,7 @@ main(int argc, char **argv)
745 if (argc <= 1) 741 if (argc <= 1)
746 usage(); 742 usage();
747 743
748 while ((opt = getopt(argc, argv, "Hv46p:T:t:f:V:")) != -1) { 744 while ((opt = getopt(argc, argv, "Hv46p:T:t:f:")) != -1) {
749 switch (opt) { 745 switch (opt) {
750 case 'H': 746 case 'H':
751 hash_hosts = 1; 747 hash_hosts = 1;
@@ -806,13 +802,6 @@ main(int argc, char **argv)
806 case '6': 802 case '6':
807 IPv4or6 = AF_INET6; 803 IPv4or6 = AF_INET6;
808 break; 804 break;
809 case 'V':
810 scan_rdomain = a2rdomain(optarg);
811 if (scan_rdomain == -1) {
812 fprintf(stderr, "Bad rdomain '%s'\n", optarg);
813 exit(1);
814 }
815 break;
816 case '?': 805 case '?':
817 default: 806 default:
818 usage(); 807 usage();
diff --git a/ssh.1 b/ssh.1
index 2f6ef5fff..8b228fcdf 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,8 +34,8 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh.1,v 1.288 2009/12/29 16:38:41 stevesk Exp $ 37.\" $OpenBSD: ssh.1,v 1.289 2010/01/09 23:04:13 dtucker Exp $
38.Dd $Mdocdate: December 29 2009 $ 38.Dd $Mdocdate: January 9 2010 $
39.Dt SSH 1 39.Dt SSH 1
40.Os 40.Os
41.Sh NAME 41.Sh NAME
@@ -478,7 +478,6 @@ For full details of the options listed below, and their possible values, see
478.It RekeyLimit 478.It RekeyLimit
479.It RemoteForward 479.It RemoteForward
480.It RhostsRSAAuthentication 480.It RhostsRSAAuthentication
481.It RoutingDomain
482.It RSAAuthentication 481.It RSAAuthentication
483.It SendEnv 482.It SendEnv
484.It ServerAliveInterval 483.It ServerAliveInterval
diff --git a/ssh.c b/ssh.c
index 6abf31b52..ee30e2b27 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.329 2009/12/20 07:28:36 guenther Exp $ */ 1/* $OpenBSD: ssh.c,v 1.330 2010/01/09 23:04:13 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -630,7 +630,6 @@ main(int ac, char **av)
630 fill_default_options(&options); 630 fill_default_options(&options);
631 631
632 channel_set_af(options.address_family); 632 channel_set_af(options.address_family);
633 channel_set_rdomain(options.rdomain);
634 633
635 /* reinit */ 634 /* reinit */
636 log_init(argv0, options.log_level, SYSLOG_FACILITY_USER, !use_syslog); 635 log_init(argv0, options.log_level, SYSLOG_FACILITY_USER, !use_syslog);
diff --git a/ssh_config.5 b/ssh_config.5
index 3ffc469c2..01f5f4304 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,8 +34,8 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh_config.5,v 1.125 2009/12/29 18:03:32 jmc Exp $ 37.\" $OpenBSD: ssh_config.5,v 1.126 2010/01/09 23:04:13 dtucker Exp $
38.Dd $Mdocdate: December 29 2009 $ 38.Dd $Mdocdate: January 9 2010 $
39.Dt SSH_CONFIG 5 39.Dt SSH_CONFIG 5
40.Os 40.Os
41.Sh NAME 41.Sh NAME
@@ -857,9 +857,6 @@ The default is
857This option applies to protocol version 1 only and requires 857This option applies to protocol version 1 only and requires
858.Xr ssh 1 858.Xr ssh 1
859to be setuid root. 859to be setuid root.
860.It Cm RoutingDomain
861Set the routing domain number.
862The default routing domain is set by the system.
863.It Cm RSAAuthentication 860.It Cm RSAAuthentication
864Specifies whether to try RSA authentication. 861Specifies whether to try RSA authentication.
865The argument to this keyword must be 862The argument to this keyword must be
diff --git a/sshconnect.c b/sshconnect.c
index 3c8308ffb..5cfc3c16a 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect.c,v 1.216 2009/11/10 04:30:45 dtucker Exp $ */ 1/* $OpenBSD: sshconnect.c,v 1.217 2010/01/09 23:04:13 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -191,8 +191,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai)
191 debug("Allocated local port %d.", p); 191 debug("Allocated local port %d.", p);
192 return sock; 192 return sock;
193 } 193 }
194 sock = socket_rdomain(ai->ai_family, ai->ai_socktype, ai->ai_protocol, 194 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
195 options.rdomain);
196 if (sock < 0) { 195 if (sock < 0) {
197 error("socket: %.100s", strerror(errno)); 196 error("socket: %.100s", strerror(errno));
198 return -1; 197 return -1;
diff --git a/sshd.c b/sshd.c
index bdaf1574a..4e34f2439 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshd.c,v 1.369 2010/01/09 11:17:56 dtucker Exp $ */ 1/* $OpenBSD: sshd.c,v 1.370 2010/01/09 23:04:13 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -961,8 +961,8 @@ server_listen(void)
961 continue; 961 continue;
962 } 962 }
963 /* Create socket for listening. */ 963 /* Create socket for listening. */
964 listen_sock = socket_rdomain(ai->ai_family, ai->ai_socktype, 964 listen_sock = socket(ai->ai_family, ai->ai_socktype,
965 ai->ai_protocol, options.rdomain); 965 ai->ai_protocol);
966 if (listen_sock < 0) { 966 if (listen_sock < 0) {
967 /* kernel may not support ipv6 */ 967 /* kernel may not support ipv6 */
968 verbose("socket: %.100s", strerror(errno)); 968 verbose("socket: %.100s", strerror(errno));
@@ -1470,9 +1470,8 @@ main(int ac, char **av)
1470 if (options.challenge_response_authentication) 1470 if (options.challenge_response_authentication)
1471 options.kbd_interactive_authentication = 1; 1471 options.kbd_interactive_authentication = 1;
1472 1472
1473 /* set default channel AF and routing domain */ 1473 /* set default channel AF */
1474 channel_set_af(options.address_family); 1474 channel_set_af(options.address_family);
1475 channel_set_rdomain(options.rdomain);
1476 1475
1477 /* Check that there are no remaining arguments. */ 1476 /* Check that there are no remaining arguments. */
1478 if (optind < ac) { 1477 if (optind < ac) {
diff --git a/sshd_config.5 b/sshd_config.5
index a3326447f..bf3319c4d 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,8 +34,8 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd_config.5,v 1.115 2009/12/29 18:03:32 jmc Exp $ 37.\" $OpenBSD: sshd_config.5,v 1.116 2010/01/09 23:04:13 dtucker Exp $
38.Dd $Mdocdate: December 29 2009 $ 38.Dd $Mdocdate: January 9 2010 $
39.Dt SSHD_CONFIG 5 39.Dt SSHD_CONFIG 5
40.Os 40.Os
41.Sh NAME 41.Sh NAME
@@ -812,9 +812,6 @@ with successful RSA host authentication is allowed.
812The default is 812The default is
813.Dq no . 813.Dq no .
814This option applies to protocol version 1 only. 814This option applies to protocol version 1 only.
815.It Cm RoutingDomain
816Set the routing domain number.
817The default routing domain is set by the system.
818.It Cm RSAAuthentication 815.It Cm RSAAuthentication
819Specifies whether pure RSA authentication is allowed. 816Specifies whether pure RSA authentication is allowed.
820The default is 817The default is