From cee85233149eb16c45132170d3f067496f17c368 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 6 Mar 2009 00:58:22 +1100 Subject: - djm@cvs.openbsd.org 2009/03/05 07:18:19 [auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c] [sshconnect2.c] refactor the (disabled) Schnorr proof code to make it a little more generally useful --- ChangeLog | 8 ++ auth2-jpake.c | 5 +- jpake.c | 181 ++-------------------------- jpake.h | 38 ++---- monitor_wrap.c | 9 +- monitor_wrap.h | 10 +- schnorr.c | 374 ++++++++++++++++++++++++++++++++++++++++++++++----------- sshconnect2.c | 3 +- 8 files changed, 351 insertions(+), 277 deletions(-) diff --git a/ChangeLog b/ChangeLog index f802c0d7f..dde0669b6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +20090306 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2009/03/05 07:18:19 + [auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c] + [sshconnect2.c] + refactor the (disabled) Schnorr proof code to make it a little more + generally useful + 20090223 - (djm) OpenBSD CVS Sync - djm@cvs.openbsd.org 2009/02/22 23:50:57 diff --git a/auth2-jpake.c b/auth2-jpake.c index efe7ff2a3..6092e31c0 100644 --- a/auth2-jpake.c +++ b/auth2-jpake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-jpake.c,v 1.2 2008/11/07 23:34:48 dtucker Exp $ */ +/* $OpenBSD: auth2-jpake.c,v 1.3 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright (c) 2008 Damien Miller. All rights reserved. * @@ -55,6 +55,7 @@ #endif #include "monitor_wrap.h" +#include "schnorr.h" #include "jpake.h" /* @@ -359,7 +360,7 @@ auth2_jpake_get_pwdata(Authctxt *authctxt, BIGNUM **s, } /* - * Being authentication attempt. + * Begin authentication attempt. * Note, sets authctxt->postponed while in subprotocol */ static int diff --git a/jpake.c b/jpake.c index 565f2e255..130661069 100644 --- a/jpake.c +++ b/jpake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: jpake.c,v 1.1 2008/11/04 08:22:12 djm Exp $ */ +/* $OpenBSD: jpake.c,v 1.2 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright (c) 2008 Damien Miller. All rights reserved. * @@ -47,6 +47,7 @@ #include "log.h" #include "jpake.h" +#include "schnorr.h" #ifdef JPAKE @@ -60,165 +61,10 @@ "98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB" \ "9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF" -struct jpake_group * +struct modp_group * jpake_default_group(void) { - struct jpake_group *ret; - - ret = xmalloc(sizeof(*ret)); - ret->p = ret->q = ret->g = NULL; - if (BN_hex2bn(&ret->p, JPAKE_GROUP_P) == 0 || - BN_hex2bn(&ret->g, JPAKE_GROUP_G) == 0) - fatal("%s: BN_hex2bn", __func__); - /* Subgroup order is p/2 (p is a safe prime) */ - if ((ret->q = BN_new()) == NULL) - fatal("%s: BN_new", __func__); - if (BN_rshift1(ret->q, ret->p) != 1) - fatal("%s: BN_rshift1", __func__); - - return ret; -} - -/* - * Generate uniformly distributed random number in range (1, high). - * Return number on success, NULL on failure. - */ -BIGNUM * -bn_rand_range_gt_one(const BIGNUM *high) -{ - BIGNUM *r, *tmp; - int success = -1; - - if ((tmp = BN_new()) == NULL) { - error("%s: BN_new", __func__); - return NULL; - } - if ((r = BN_new()) == NULL) { - error("%s: BN_new failed", __func__); - goto out; - } - if (BN_set_word(tmp, 2) != 1) { - error("%s: BN_set_word(tmp, 2)", __func__); - goto out; - } - if (BN_sub(tmp, high, tmp) == -1) { - error("%s: BN_sub failed (tmp = high - 2)", __func__); - goto out; - } - if (BN_rand_range(r, tmp) == -1) { - error("%s: BN_rand_range failed", __func__); - goto out; - } - if (BN_set_word(tmp, 2) != 1) { - error("%s: BN_set_word(tmp, 2)", __func__); - goto out; - } - if (BN_add(r, r, tmp) == -1) { - error("%s: BN_add failed (r = r + 2)", __func__); - goto out; - } - success = 0; - out: - BN_clear_free(tmp); - if (success == 0) - return r; - BN_clear_free(r); - return NULL; -} - -/* - * Hash contents of buffer 'b' with hash 'md'. Returns 0 on success, - * with digest via 'digestp' (caller to free) and length via 'lenp'. - * Returns -1 on failure. - */ -int -hash_buffer(const u_char *buf, u_int len, const EVP_MD *md, - u_char **digestp, u_int *lenp) -{ - u_char digest[EVP_MAX_MD_SIZE]; - u_int digest_len; - EVP_MD_CTX evp_md_ctx; - int success = -1; - - EVP_MD_CTX_init(&evp_md_ctx); - - if (EVP_DigestInit_ex(&evp_md_ctx, md, NULL) != 1) { - error("%s: EVP_DigestInit_ex", __func__); - goto out; - } - if (EVP_DigestUpdate(&evp_md_ctx, buf, len) != 1) { - error("%s: EVP_DigestUpdate", __func__); - goto out; - } - if (EVP_DigestFinal_ex(&evp_md_ctx, digest, &digest_len) != 1) { - error("%s: EVP_DigestFinal_ex", __func__); - goto out; - } - *digestp = xmalloc(digest_len); - *lenp = digest_len; - memcpy(*digestp, digest, *lenp); - success = 0; - out: - EVP_MD_CTX_cleanup(&evp_md_ctx); - bzero(digest, sizeof(digest)); - digest_len = 0; - return success; -} - -/* print formatted string followed by bignum */ -void -jpake_debug3_bn(const BIGNUM *n, const char *fmt, ...) -{ - char *out, *h; - va_list args; - - out = NULL; - va_start(args, fmt); - vasprintf(&out, fmt, args); - va_end(args); - if (out == NULL) - fatal("%s: vasprintf failed", __func__); - - if (n == NULL) - debug3("%s(null)", out); - else { - h = BN_bn2hex(n); - debug3("%s0x%s", out, h); - free(h); - } - free(out); -} - -/* print formatted string followed by buffer contents in hex */ -void -jpake_debug3_buf(const u_char *buf, u_int len, const char *fmt, ...) -{ - char *out, h[65]; - u_int i, j; - va_list args; - - out = NULL; - va_start(args, fmt); - vasprintf(&out, fmt, args); - va_end(args); - if (out == NULL) - fatal("%s: vasprintf failed", __func__); - - debug3("%s length %u%s", out, len, buf == NULL ? " (null)" : ""); - free(out); - if (buf == NULL) - return; - - *h = '\0'; - for (i = j = 0; i < len; i++) { - snprintf(h + j, sizeof(h) - j, "%02x", buf[i]); - j += 2; - if (j >= sizeof(h) - 1 || i == len - 1) { - debug3(" %s", h); - *h = '\0'; - j = 0; - } - } + return modp_group_from_g_and_safe_p(JPAKE_GROUP_G, JPAKE_GROUP_P); } struct jpake_ctx * @@ -243,7 +89,6 @@ jpake_new(void) return ret; } - void jpake_free(struct jpake_ctx *pctx) { @@ -344,7 +189,7 @@ jpake_dump(struct jpake_ctx *pctx, const char *fmt, ...) /* Shared parts of step 1 exchange calculation */ void -jpake_step1(struct jpake_group *grp, +jpake_step1(struct modp_group *grp, u_char **id, u_int *id_len, BIGNUM **priv1, BIGNUM **priv2, BIGNUM **g_priv1, BIGNUM **g_priv2, u_char **priv1_proof, u_int *priv1_proof_len, @@ -383,11 +228,11 @@ jpake_step1(struct jpake_group *grp, fatal("%s: BN_mod_exp", __func__); /* Generate proofs for holding x1/x3 and x2/x4 */ - if (schnorr_sign(grp->p, grp->q, grp->g, + if (schnorr_sign_buf(grp->p, grp->q, grp->g, *priv1, *g_priv1, *id, *id_len, priv1_proof, priv1_proof_len) != 0) fatal("%s: schnorr_sign", __func__); - if (schnorr_sign(grp->p, grp->q, grp->g, + if (schnorr_sign_buf(grp->p, grp->q, grp->g, *priv2, *g_priv2, *id, *id_len, priv2_proof, priv2_proof_len) != 0) fatal("%s: schnorr_sign", __func__); @@ -397,7 +242,7 @@ jpake_step1(struct jpake_group *grp, /* Shared parts of step 2 exchange calculation */ void -jpake_step2(struct jpake_group *grp, BIGNUM *s, +jpake_step2(struct modp_group *grp, BIGNUM *s, BIGNUM *mypub1, BIGNUM *theirpub1, BIGNUM *theirpub2, BIGNUM *mypriv2, const u_char *theirid, u_int theirid_len, const u_char *myid, u_int myid_len, @@ -415,10 +260,10 @@ jpake_step2(struct jpake_group *grp, BIGNUM *s, if (BN_cmp(theirpub2, BN_value_one()) <= 0) fatal("%s: theirpub2 <= 1", __func__); - if (schnorr_verify(grp->p, grp->q, grp->g, theirpub1, + if (schnorr_verify_buf(grp->p, grp->q, grp->g, theirpub1, theirid, theirid_len, theirpub1_proof, theirpub1_proof_len) != 1) fatal("%s: schnorr_verify theirpub1 failed", __func__); - if (schnorr_verify(grp->p, grp->q, grp->g, theirpub2, + if (schnorr_verify_buf(grp->p, grp->q, grp->g, theirpub2, theirid, theirid_len, theirpub2_proof, theirpub2_proof_len) != 1) fatal("%s: schnorr_verify theirpub2 failed", __func__); @@ -459,7 +304,7 @@ jpake_step2(struct jpake_group *grp, BIGNUM *s, JPAKE_DEBUG_BN((exponent, "%s: exponent = ", __func__)); /* Note the generator here is 'tmp', not g */ - if (schnorr_sign(grp->p, grp->q, tmp, exponent, *newpub, + if (schnorr_sign_buf(grp->p, grp->q, tmp, exponent, *newpub, myid, myid_len, newpub_exponent_proof, newpub_exponent_proof_len) != 0) fatal("%s: schnorr_sign newpub", __func__); @@ -496,7 +341,7 @@ jpake_confirm_hash(const BIGNUM *k, /* Shared parts of key derivation and confirmation calculation */ void -jpake_key_confirm(struct jpake_group *grp, BIGNUM *s, BIGNUM *step2_val, +jpake_key_confirm(struct modp_group *grp, BIGNUM *s, BIGNUM *step2_val, BIGNUM *mypriv2, BIGNUM *mypub1, BIGNUM *mypub2, BIGNUM *theirpub1, BIGNUM *theirpub2, const u_char *my_id, u_int my_id_len, @@ -531,7 +376,7 @@ jpake_key_confirm(struct jpake_group *grp, BIGNUM *s, BIGNUM *step2_val, JPAKE_DEBUG_BN((tmp, "%s: tmp = ", __func__)); - if (schnorr_verify(grp->p, grp->q, tmp, step2_val, + if (schnorr_verify_buf(grp->p, grp->q, tmp, step2_val, their_id, their_id_len, theirpriv2_s_proof, theirpriv2_s_proof_len) != 1) fatal("%s: schnorr_verify theirpriv2_s_proof failed", __func__); diff --git a/jpake.h b/jpake.h index a3d800cd3..a3f2cf025 100644 --- a/jpake.h +++ b/jpake.h @@ -1,4 +1,4 @@ -/* $OpenBSD: jpake.h,v 1.1 2008/11/04 08:22:13 djm Exp $ */ +/* $OpenBSD: jpake.h,v 1.2 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright (c) 2008 Damien Miller. All rights reserved. * @@ -28,20 +28,16 @@ # define JPAKE_DEBUG_BUF(a) # define JPAKE_DEBUG_CTX(a) #else -# define JPAKE_DEBUG_BN(a) jpake_debug3_bn a -# define JPAKE_DEBUG_BUF(a) jpake_debug3_buf a +# define JPAKE_DEBUG_BN(a) debug3_bn a +# define JPAKE_DEBUG_BUF(a) debug3_buf a # define JPAKE_DEBUG_CTX(a) jpake_dump a -#endif /* SCHNORR_DEBUG */ - -struct jpake_group { - BIGNUM *p, *q, *g; -}; +#endif /* JPAKE_DEBUG */ #define KZP_ID_LEN 16 /* Length of client and server IDs */ struct jpake_ctx { /* Parameters */ - struct jpake_group *grp; + struct modp_group *grp; /* Private values shared by client and server */ BIGNUM *s; /* Secret (salted, crypted password) */ @@ -83,26 +79,18 @@ struct jpake_ctx { }; /* jpake.c */ -struct jpake_group *jpake_default_group(void); -BIGNUM *bn_rand_range_gt_one(const BIGNUM *high); -int hash_buffer(const u_char *, u_int, const EVP_MD *, u_char **, u_int *); -void jpake_debug3_bn(const BIGNUM *, const char *, ...) - __attribute__((__nonnull__ (2))) - __attribute__((format(printf, 2, 3))); -void jpake_debug3_buf(const u_char *, u_int, const char *, ...) - __attribute__((__nonnull__ (3))) - __attribute__((format(printf, 3, 4))); +struct modp_group *jpake_default_group(void); void jpake_dump(struct jpake_ctx *, const char *, ...) __attribute__((__nonnull__ (2))) __attribute__((format(printf, 2, 3))); struct jpake_ctx *jpake_new(void); void jpake_free(struct jpake_ctx *); -void jpake_step1(struct jpake_group *, u_char **, u_int *, +void jpake_step1(struct modp_group *, u_char **, u_int *, BIGNUM **, BIGNUM **, BIGNUM **, BIGNUM **, u_char **, u_int *, u_char **, u_int *); -void jpake_step2(struct jpake_group *, BIGNUM *, +void jpake_step2(struct modp_group *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, @@ -113,7 +101,7 @@ void jpake_confirm_hash(const BIGNUM *, const u_char *, u_int, u_char **, u_int *); -void jpake_key_confirm(struct jpake_group *, BIGNUM *, BIGNUM *, +void jpake_key_confirm(struct modp_group *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, @@ -122,13 +110,5 @@ void jpake_key_confirm(struct jpake_group *, BIGNUM *, BIGNUM *, int jpake_check_confirm(const BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int); -/* schnorr.c */ -int schnorr_sign(const BIGNUM *, const BIGNUM *, const BIGNUM *, - const BIGNUM *, const BIGNUM *, const u_char *, u_int , - u_char **, u_int *); -int schnorr_verify(const BIGNUM *, const BIGNUM *, const BIGNUM *, - const BIGNUM *, const u_char *, u_int, - const u_char *, u_int); - #endif /* JPAKE_H */ diff --git a/monitor_wrap.c b/monitor_wrap.c index 0986fc518..db3251b93 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.64 2008/11/04 08:22:13 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.65 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -71,6 +71,7 @@ #include "atomicio.h" #include "monitor_fdpass.h" #include "misc.h" +#include "schnorr.h" #include "jpake.h" #include "channels.h" @@ -1282,7 +1283,7 @@ mm_auth2_jpake_get_pwdata(Authctxt *authctxt, BIGNUM **s, } void -mm_jpake_step1(struct jpake_group *grp, +mm_jpake_step1(struct modp_group *grp, u_char **id, u_int *id_len, BIGNUM **priv1, BIGNUM **priv2, BIGNUM **g_priv1, BIGNUM **g_priv2, u_char **priv1_proof, u_int *priv1_proof_len, @@ -1317,7 +1318,7 @@ mm_jpake_step1(struct jpake_group *grp, } void -mm_jpake_step2(struct jpake_group *grp, BIGNUM *s, +mm_jpake_step2(struct modp_group *grp, BIGNUM *s, BIGNUM *mypub1, BIGNUM *theirpub1, BIGNUM *theirpub2, BIGNUM *mypriv2, const u_char *theirid, u_int theirid_len, const u_char *myid, u_int myid_len, @@ -1357,7 +1358,7 @@ mm_jpake_step2(struct jpake_group *grp, BIGNUM *s, } void -mm_jpake_key_confirm(struct jpake_group *grp, BIGNUM *s, BIGNUM *step2_val, +mm_jpake_key_confirm(struct modp_group *grp, BIGNUM *s, BIGNUM *step2_val, BIGNUM *mypriv2, BIGNUM *mypub1, BIGNUM *mypub2, BIGNUM *theirpub1, BIGNUM *theirpub2, const u_char *my_id, u_int my_id_len, diff --git a/monitor_wrap.h b/monitor_wrap.h index 55c4b99f3..de2d16f66 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.h,v 1.21 2008/11/04 08:22:13 djm Exp $ */ +/* $OpenBSD: monitor_wrap.h,v 1.22 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -102,17 +102,17 @@ int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **); int mm_skey_respond(void *, u_int, char **); /* jpake */ -struct jpake_group; +struct modp_group; void mm_auth2_jpake_get_pwdata(struct Authctxt *, BIGNUM **, char **, char **); -void mm_jpake_step1(struct jpake_group *, u_char **, u_int *, +void mm_jpake_step1(struct modp_group *, u_char **, u_int *, BIGNUM **, BIGNUM **, BIGNUM **, BIGNUM **, u_char **, u_int *, u_char **, u_int *); -void mm_jpake_step2(struct jpake_group *, BIGNUM *, +void mm_jpake_step2(struct modp_group *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, BIGNUM **, u_char **, u_int *); -void mm_jpake_key_confirm(struct jpake_group *, BIGNUM *, BIGNUM *, +void mm_jpake_key_confirm(struct modp_group *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, diff --git a/schnorr.c b/schnorr.c index 546975072..7b97b5565 100644 --- a/schnorr.c +++ b/schnorr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: schnorr.c,v 1.2 2009/02/18 04:31:21 djm Exp $ */ +/* $OpenBSD: schnorr.c,v 1.3 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright (c) 2008 Damien Miller. All rights reserved. * @@ -40,36 +40,32 @@ #include "buffer.h" #include "log.h" -#include "jpake.h" +#include "schnorr.h" /* #define SCHNORR_DEBUG */ /* Privacy-violating debugging */ /* #define SCHNORR_MAIN */ /* Include main() selftest */ -/* XXX */ -/* Parametise signature hash? (sha256, sha1, etc.) */ -/* Signature format - include type name, hash type, group params? */ - #ifndef SCHNORR_DEBUG # define SCHNORR_DEBUG_BN(a) # define SCHNORR_DEBUG_BUF(a) #else -# define SCHNORR_DEBUG_BN(a) jpake_debug3_bn a -# define SCHNORR_DEBUG_BUF(a) jpake_debug3_buf a +# define SCHNORR_DEBUG_BN(a) debug3_bn a +# define SCHNORR_DEBUG_BUF(a) debug3_buf a #endif /* SCHNORR_DEBUG */ /* * Calculate hash component of Schnorr signature H(g || g^v || g^x || id) - * using SHA1. Returns signature as bignum or NULL on error. + * using the hash function defined by "evp_md". Returns signature as + * bignum or NULL on error. */ static BIGNUM * schnorr_hash(const BIGNUM *p, const BIGNUM *q, const BIGNUM *g, - const BIGNUM *g_v, const BIGNUM *g_x, + const EVP_MD *evp_md, const BIGNUM *g_v, const BIGNUM *g_x, const u_char *id, u_int idlen) { u_char *digest; u_int digest_len; BIGNUM *h; - EVP_MD_CTX evp_md_ctx; Buffer b; int success = -1; @@ -79,7 +75,6 @@ schnorr_hash(const BIGNUM *p, const BIGNUM *q, const BIGNUM *g, } buffer_init(&b); - EVP_MD_CTX_init(&evp_md_ctx); /* h = H(g || p || q || g^v || g^x || id) */ buffer_put_bignum2(&b, g); @@ -91,7 +86,7 @@ schnorr_hash(const BIGNUM *p, const BIGNUM *q, const BIGNUM *g, SCHNORR_DEBUG_BUF((buffer_ptr(&b), buffer_len(&b), "%s: hashblob", __func__)); - if (hash_buffer(buffer_ptr(&b), buffer_len(&b), EVP_sha256(), + if (hash_buffer(buffer_ptr(&b), buffer_len(&b), evp_md, &digest, &digest_len) != 0) { error("%s: hash_buffer", __func__); goto out; @@ -104,7 +99,6 @@ schnorr_hash(const BIGNUM *p, const BIGNUM *q, const BIGNUM *g, SCHNORR_DEBUG_BN((h, "%s: h = ", __func__)); out: buffer_free(&b); - EVP_MD_CTX_cleanup(&evp_md_ctx); bzero(digest, digest_len); xfree(digest); digest_len = 0; @@ -117,18 +111,20 @@ schnorr_hash(const BIGNUM *p, const BIGNUM *q, const BIGNUM *g, /* * Generate Schnorr signature to prove knowledge of private value 'x' used * in public exponent g^x, under group defined by 'grp_p', 'grp_q' and 'grp_g' + * using the hash function "evp_md". * 'idlen' bytes from 'id' will be included in the signature hash as an anti- * replay salt. - * On success, 0 is returned and *siglen bytes of signature are returned in - * *sig (caller to free). Returns -1 on failure. + * + * On success, 0 is returned. The signature values are returned as *e_p + * (g^v mod p) and *r_p (v - xh mod q). The caller must free these values. + * On failure, -1 is returned. */ int schnorr_sign(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, - const BIGNUM *x, const BIGNUM *g_x, const u_char *id, u_int idlen, - u_char **sig, u_int *siglen) + const EVP_MD *evp_md, const BIGNUM *x, const BIGNUM *g_x, + const u_char *id, u_int idlen, BIGNUM **r_p, BIGNUM **e_p) { int success = -1; - Buffer b; BIGNUM *h, *tmp, *v, *g_v, *r; BN_CTX *bn_ctx; @@ -171,7 +167,7 @@ schnorr_sign(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, SCHNORR_DEBUG_BN((g_v, "%s: g_v = ", __func__)); /* h = H(g || g^v || g^x || id) */ - if ((h = schnorr_hash(grp_p, grp_q, grp_g, g_v, g_x, + if ((h = schnorr_hash(grp_p, grp_q, grp_g, evp_md, g_v, g_x, id, idlen)) == NULL) { error("%s: schnorr_hash failed", __func__); goto out; @@ -186,12 +182,49 @@ schnorr_sign(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, error("%s: BN_mod_mul (r = v - tmp)", __func__); goto out; } + SCHNORR_DEBUG_BN((g_v, "%s: e = ", __func__)); SCHNORR_DEBUG_BN((r, "%s: r = ", __func__)); - /* Signature is (g_v, r) */ + *e_p = g_v; + *r_p = r; + + success = 0; + out: + BN_CTX_free(bn_ctx); + if (h != NULL) + BN_clear_free(h); + if (v != NULL) + BN_clear_free(v); + BN_clear_free(tmp); + + return success; +} + +/* + * Generate Schnorr signature to prove knowledge of private value 'x' used + * in public exponent g^x, under group defined by 'grp_p', 'grp_q' and 'grp_g' + * using a SHA256 hash. + * 'idlen' bytes from 'id' will be included in the signature hash as an anti- + * replay salt. + * On success, 0 is returned and *siglen bytes of signature are returned in + * *sig (caller to free). Returns -1 on failure. + */ +int +schnorr_sign_buf(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, + const BIGNUM *x, const BIGNUM *g_x, const u_char *id, u_int idlen, + u_char **sig, u_int *siglen) +{ + Buffer b; + BIGNUM *r, *e; + + if (schnorr_sign(grp_p, grp_q, grp_g, EVP_sha256(), + x, g_x, id, idlen, &r, &e) != 0) + return -1; + + /* Signature is (e, r) */ buffer_init(&b); /* XXX sigtype-hash as string? */ - buffer_put_bignum2(&b, g_v); + buffer_put_bignum2(&b, e); buffer_put_bignum2(&b, r); *siglen = buffer_len(&b); *sig = xmalloc(*siglen); @@ -199,36 +232,28 @@ schnorr_sign(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, SCHNORR_DEBUG_BUF((buffer_ptr(&b), buffer_len(&b), "%s: sigblob", __func__)); buffer_free(&b); - success = 0; - out: - BN_CTX_free(bn_ctx); - if (h != NULL) - BN_clear_free(h); - if (v != NULL) - BN_clear_free(v); + BN_clear_free(r); - BN_clear_free(g_v); - BN_clear_free(tmp); + BN_clear_free(e); - return success; + return 0; } /* - * Verify Schnorr signature 'sig' of length 'siglen' against public exponent - * g_x (g^x) under group defined by 'grp_p', 'grp_q' and 'grp_g'. + * Verify Schnorr signature { r (v - xh mod q), e (g^v mod p) } against + * public exponent g_x (g^x) under group defined by 'grp_p', 'grp_q' and + * 'grp_g' using hash "evp_md". * Signature hash will be salted with 'idlen' bytes from 'id'. * Returns -1 on failure, 0 on incorrect signature or 1 on matching signature. */ int schnorr_verify(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, - const BIGNUM *g_x, const u_char *id, u_int idlen, - const u_char *sig, u_int siglen) + const EVP_MD *evp_md, const BIGNUM *g_x, const u_char *id, u_int idlen, + const BIGNUM *r, const BIGNUM *e) { int success = -1; - Buffer b; - BIGNUM *g_v, *h, *r, *g_xh, *g_r, *expected; + BIGNUM *h, *g_xh, *g_r, *expected; BN_CTX *bn_ctx; - u_int rlen; SCHNORR_DEBUG_BN((g_x, "%s: g_x = ", __func__)); @@ -238,39 +263,23 @@ schnorr_verify(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, return -1; } - g_v = h = r = g_xh = g_r = expected = NULL; + h = g_xh = g_r = expected = NULL; if ((bn_ctx = BN_CTX_new()) == NULL) { error("%s: BN_CTX_new", __func__); goto out; } - if ((g_v = BN_new()) == NULL || - (r = BN_new()) == NULL || - (g_xh = BN_new()) == NULL || + if ((g_xh = BN_new()) == NULL || (g_r = BN_new()) == NULL || (expected = BN_new()) == NULL) { error("%s: BN_new", __func__); goto out; } - /* Extract g^v and r from signature blob */ - buffer_init(&b); - buffer_append(&b, sig, siglen); - SCHNORR_DEBUG_BUF((buffer_ptr(&b), buffer_len(&b), - "%s: sigblob", __func__)); - buffer_get_bignum2(&b, g_v); - buffer_get_bignum2(&b, r); - rlen = buffer_len(&b); - buffer_free(&b); - if (rlen != 0) { - error("%s: remaining bytes in signature %d", __func__, rlen); - goto out; - } - buffer_free(&b); - SCHNORR_DEBUG_BN((g_v, "%s: g_v = ", __func__)); + SCHNORR_DEBUG_BN((e, "%s: e = ", __func__)); SCHNORR_DEBUG_BN((r, "%s: r = ", __func__)); /* h = H(g || g^v || g^x || id) */ - if ((h = schnorr_hash(grp_p, grp_q, grp_g, g_v, g_x, + if ((h = schnorr_hash(grp_p, grp_q, grp_g, evp_md, e, g_x, id, idlen)) == NULL) { error("%s: schnorr_hash failed", __func__); goto out; @@ -297,20 +306,248 @@ schnorr_verify(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, } SCHNORR_DEBUG_BN((expected, "%s: expected = ", __func__)); - /* Check g_v == expected */ - success = BN_cmp(expected, g_v) == 0; + /* Check e == expected */ + success = BN_cmp(expected, e) == 0; out: BN_CTX_free(bn_ctx); if (h != NULL) BN_clear_free(h); - BN_clear_free(g_v); - BN_clear_free(r); BN_clear_free(g_xh); BN_clear_free(g_r); BN_clear_free(expected); return success; } +/* + * Verify Schnorr signature 'sig' of length 'siglen' against public exponent + * g_x (g^x) under group defined by 'grp_p', 'grp_q' and 'grp_g' using a + * SHA256 hash. + * Signature hash will be salted with 'idlen' bytes from 'id'. + * Returns -1 on failure, 0 on incorrect signature or 1 on matching signature. + */ +int +schnorr_verify_buf(const BIGNUM *grp_p, const BIGNUM *grp_q, + const BIGNUM *grp_g, + const BIGNUM *g_x, const u_char *id, u_int idlen, + const u_char *sig, u_int siglen) +{ + Buffer b; + int ret = -1; + u_int rlen; + BIGNUM *r, *e; + + e = r = NULL; + if ((e = BN_new()) == NULL || + (r = BN_new()) == NULL) { + error("%s: BN_new", __func__); + goto out; + } + + /* Extract g^v and r from signature blob */ + buffer_init(&b); + buffer_append(&b, sig, siglen); + SCHNORR_DEBUG_BUF((buffer_ptr(&b), buffer_len(&b), + "%s: sigblob", __func__)); + buffer_get_bignum2(&b, e); + buffer_get_bignum2(&b, r); + rlen = buffer_len(&b); + buffer_free(&b); + if (rlen != 0) { + error("%s: remaining bytes in signature %d", __func__, rlen); + goto out; + } + + ret = schnorr_verify(grp_p, grp_q, grp_g, EVP_sha256(), + g_x, id, idlen, r, e); + out: + BN_clear_free(e); + BN_clear_free(r); + + return ret; +} + +/* Helper functions */ + +/* + * Generate uniformly distributed random number in range (1, high). + * Return number on success, NULL on failure. + */ +BIGNUM * +bn_rand_range_gt_one(const BIGNUM *high) +{ + BIGNUM *r, *tmp; + int success = -1; + + if ((tmp = BN_new()) == NULL) { + error("%s: BN_new", __func__); + return NULL; + } + if ((r = BN_new()) == NULL) { + error("%s: BN_new failed", __func__); + goto out; + } + if (BN_set_word(tmp, 2) != 1) { + error("%s: BN_set_word(tmp, 2)", __func__); + goto out; + } + if (BN_sub(tmp, high, tmp) == -1) { + error("%s: BN_sub failed (tmp = high - 2)", __func__); + goto out; + } + if (BN_rand_range(r, tmp) == -1) { + error("%s: BN_rand_range failed", __func__); + goto out; + } + if (BN_set_word(tmp, 2) != 1) { + error("%s: BN_set_word(tmp, 2)", __func__); + goto out; + } + if (BN_add(r, r, tmp) == -1) { + error("%s: BN_add failed (r = r + 2)", __func__); + goto out; + } + success = 0; + out: + BN_clear_free(tmp); + if (success == 0) + return r; + BN_clear_free(r); + return NULL; +} + +/* + * Hash contents of buffer 'b' with hash 'md'. Returns 0 on success, + * with digest via 'digestp' (caller to free) and length via 'lenp'. + * Returns -1 on failure. + */ +int +hash_buffer(const u_char *buf, u_int len, const EVP_MD *md, + u_char **digestp, u_int *lenp) +{ + u_char digest[EVP_MAX_MD_SIZE]; + u_int digest_len; + EVP_MD_CTX evp_md_ctx; + int success = -1; + + EVP_MD_CTX_init(&evp_md_ctx); + + if (EVP_DigestInit_ex(&evp_md_ctx, md, NULL) != 1) { + error("%s: EVP_DigestInit_ex", __func__); + goto out; + } + if (EVP_DigestUpdate(&evp_md_ctx, buf, len) != 1) { + error("%s: EVP_DigestUpdate", __func__); + goto out; + } + if (EVP_DigestFinal_ex(&evp_md_ctx, digest, &digest_len) != 1) { + error("%s: EVP_DigestFinal_ex", __func__); + goto out; + } + *digestp = xmalloc(digest_len); + *lenp = digest_len; + memcpy(*digestp, digest, *lenp); + success = 0; + out: + EVP_MD_CTX_cleanup(&evp_md_ctx); + bzero(digest, sizeof(digest)); + digest_len = 0; + return success; +} + +/* print formatted string followed by bignum */ +void +debug3_bn(const BIGNUM *n, const char *fmt, ...) +{ + char *out, *h; + va_list args; + + out = NULL; + va_start(args, fmt); + vasprintf(&out, fmt, args); + va_end(args); + if (out == NULL) + fatal("%s: vasprintf failed", __func__); + + if (n == NULL) + debug3("%s(null)", out); + else { + h = BN_bn2hex(n); + debug3("%s0x%s", out, h); + free(h); + } + free(out); +} + +/* print formatted string followed by buffer contents in hex */ +void +debug3_buf(const u_char *buf, u_int len, const char *fmt, ...) +{ + char *out, h[65]; + u_int i, j; + va_list args; + + out = NULL; + va_start(args, fmt); + vasprintf(&out, fmt, args); + va_end(args); + if (out == NULL) + fatal("%s: vasprintf failed", __func__); + + debug3("%s length %u%s", out, len, buf == NULL ? " (null)" : ""); + free(out); + if (buf == NULL) + return; + + *h = '\0'; + for (i = j = 0; i < len; i++) { + snprintf(h + j, sizeof(h) - j, "%02x", buf[i]); + j += 2; + if (j >= sizeof(h) - 1 || i == len - 1) { + debug3(" %s", h); + *h = '\0'; + j = 0; + } + } +} + +/* + * Construct a MODP group from hex strings p (which must be a safe + * prime) and g, automatically calculating subgroup q as (p / 2) + */ +struct modp_group * +modp_group_from_g_and_safe_p(const char *grp_g, const char *grp_p) +{ + struct modp_group *ret; + + ret = xmalloc(sizeof(*ret)); + ret->p = ret->q = ret->g = NULL; + if (BN_hex2bn(&ret->p, grp_p) == 0 || + BN_hex2bn(&ret->g, grp_g) == 0) + fatal("%s: BN_hex2bn", __func__); + /* Subgroup order is p/2 (p is a safe prime) */ + if ((ret->q = BN_new()) == NULL) + fatal("%s: BN_new", __func__); + if (BN_rshift1(ret->q, ret->p) != 1) + fatal("%s: BN_rshift1", __func__); + + return ret; +} + +void +modp_group_free(struct modp_group *grp) +{ + if (grp->g != NULL) + BN_clear_free(grp->g); + if (grp->p != NULL) + BN_clear_free(grp->p); + if (grp->q != NULL) + BN_clear_free(grp->q); + bzero(grp, sizeof(*grp)); + xfree(grp); +} + +/* main() function for self-test */ + #ifdef SCHNORR_MAIN static void schnorr_selftest_one(const BIGNUM *grp_p, const BIGNUM *grp_q, @@ -328,16 +565,17 @@ schnorr_selftest_one(const BIGNUM *grp_p, const BIGNUM *grp_q, if (BN_mod_exp(g_x, grp_g, x, grp_p, bn_ctx) == -1) fatal("%s: g_x", __func__); - if (schnorr_sign(grp_p, grp_q, grp_g, x, g_x, "junk", 4, &sig, &siglen)) + if (schnorr_sign_buf(grp_p, grp_q, grp_g, x, g_x, "junk", 4, + &sig, &siglen)) fatal("%s: schnorr_sign", __func__); - if (schnorr_verify(grp_p, grp_q, grp_g, g_x, "junk", 4, + if (schnorr_verify_buf(grp_p, grp_q, grp_g, g_x, "junk", 4, sig, siglen) != 1) fatal("%s: verify fail", __func__); - if (schnorr_verify(grp_p, grp_q, grp_g, g_x, "JUNK", 4, + if (schnorr_verify_buf(grp_p, grp_q, grp_g, g_x, "JUNK", 4, sig, siglen) != 0) fatal("%s: verify should have failed (bad ID)", __func__); sig[4] ^= 1; - if (schnorr_verify(grp_p, grp_q, grp_g, g_x, "junk", 4, + if (schnorr_verify_buf(grp_p, grp_q, grp_g, g_x, "junk", 4, sig, siglen) != 0) fatal("%s: verify should have failed (bit error)", __func__); xfree(sig); @@ -349,7 +587,7 @@ static void schnorr_selftest(void) { BIGNUM *x; - struct jpake_group *grp; + struct modp_group *grp; u_int i; char *hh; diff --git a/sshconnect2.c b/sshconnect2.c index a762eec3b..260c6307a 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.170 2008/11/04 08:22:13 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.171 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -68,6 +68,7 @@ #include "msg.h" #include "pathnames.h" #include "uidswap.h" +#include "schnorr.h" #include "jpake.h" #ifdef GSSAPI -- cgit v1.2.3 From 447e38787229c5153c8602b4ee79e9b24345529a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 6 Mar 2009 00:58:39 +1100 Subject: - djm@cvs.openbsd.org 2009/03/05 11:30:50 [uuencode.c] document what these functions do so I don't ever have to recuse into b64_pton/ntop to remember their return values --- ChangeLog | 4 ++++ uuencode.c | 13 ++++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index dde0669b6..8c18430a9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,10 @@ [sshconnect2.c] refactor the (disabled) Schnorr proof code to make it a little more generally useful + - djm@cvs.openbsd.org 2009/03/05 11:30:50 + [uuencode.c] + document what these functions do so I don't ever have to recuse into + b64_pton/ntop to remember their return values 20090223 - (djm) OpenBSD CVS Sync diff --git a/uuencode.c b/uuencode.c index a13949585..b9e57e993 100644 --- a/uuencode.c +++ b/uuencode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uuencode.c,v 1.24 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: uuencode.c,v 1.25 2009/03/05 11:30:50 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -33,6 +33,12 @@ #include "xmalloc.h" #include "uuencode.h" +/* + * Encode binary 'src' of length 'srclength', writing base64-encoded text + * to 'target' of size 'targsize'. Will always nul-terminate 'target'. + * Returns the number of bytes stored in 'target' or -1 on error (inc. + * 'targsize' too small). + */ int uuencode(const u_char *src, u_int srclength, char *target, size_t targsize) @@ -40,6 +46,11 @@ uuencode(const u_char *src, u_int srclength, return __b64_ntop(src, srclength, target, targsize); } +/* + * Decode base64-encoded 'src' into buffer 'target' of 'targsize' bytes. + * Will skip leading and trailing whitespace. Returns the number of bytes + * stored in 'target' or -1 on error (inc. targsize too small). + */ int uudecode(const char *src, u_char *target, size_t targsize) { -- cgit v1.2.3 From 60ccbf2f2fc545dba9029e9ccfde7ce7bc0bb03b Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 6 Mar 2009 01:03:30 +1100 Subject: - djm@cvs.openbsd.org 2009/03/05 07:18:19 [auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c] [sshconnect2.c] refactor the (disabled) Schnorr proof code to make it a little more generally useful --- schnorr.h | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 schnorr.h diff --git a/schnorr.h b/schnorr.h new file mode 100644 index 000000000..9730b47ce --- /dev/null +++ b/schnorr.h @@ -0,0 +1,60 @@ +/* $OpenBSD: schnorr.h,v 1.1 2009/03/05 07:18:19 djm Exp $ */ +/* + * Copyright (c) 2009 Damien Miller. All rights reserved. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef SCHNORR_H +#define SCHNORR_H + +#include + +#include + +struct modp_group { + BIGNUM *p, *q, *g; +}; + +BIGNUM *bn_rand_range_gt_one(const BIGNUM *high); +int hash_buffer(const u_char *, u_int, const EVP_MD *, u_char **, u_int *); +void debug3_bn(const BIGNUM *, const char *, ...) + __attribute__((__nonnull__ (2))) + __attribute__((format(printf, 2, 3))); +void debug3_buf(const u_char *, u_int, const char *, ...) + __attribute__((__nonnull__ (3))) + __attribute__((format(printf, 3, 4))); +struct modp_group *modp_group_from_g_and_safe_p(const char *, const char *); +void modp_group_free(struct modp_group *); + +/* Signature and verification functions */ +int +schnorr_sign(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, + const EVP_MD *evp_md, const BIGNUM *x, const BIGNUM *g_x, + const u_char *id, u_int idlen, BIGNUM **r_p, BIGNUM **e_p); +int +schnorr_sign_buf(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, + const BIGNUM *x, const BIGNUM *g_x, const u_char *id, u_int idlen, + u_char **sig, u_int *siglen); +int +schnorr_verify(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, + const EVP_MD *evp_md, const BIGNUM *g_x, const u_char *id, u_int idlen, + const BIGNUM *r, const BIGNUM *e); +int +schnorr_verify_buf(const BIGNUM *grp_p, const BIGNUM *grp_q, + const BIGNUM *grp_g, + const BIGNUM *g_x, const u_char *id, u_int idlen, + const u_char *sig, u_int siglen); + +#endif /* JPAKE_H */ + -- cgit v1.2.3 From 558d6ca949e36811259c05bac1416b6f317beef8 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 7 Mar 2009 10:22:10 +1100 Subject: - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS has a /dev/random). --- ChangeLog | 5 +++++ contrib/aix/buildbff.sh | 11 +++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8c18430a9..6964dcffa 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20090307 + - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it + exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS + has a /dev/random). + 20090306 - (djm) OpenBSD CVS Sync - djm@cvs.openbsd.org 2009/03/05 07:18:19 diff --git a/contrib/aix/buildbff.sh b/contrib/aix/buildbff.sh index 97a7cbbba..6648e8e65 100755 --- a/contrib/aix/buildbff.sh +++ b/contrib/aix/buildbff.sh @@ -1,7 +1,7 @@ #!/bin/sh # # buildbff.sh: Create AIX SMIT-installable OpenSSH packages -# $Id: buildbff.sh,v 1.10 2006/09/10 03:24:19 dtucker Exp $ +# $Id: buildbff.sh,v 1.11 2009/03/06 23:22:10 dtucker Exp $ # # Author: Darren Tucker (dtucker at zip dot com dot au) # This file is placed in the public domain and comes with absolutely @@ -151,11 +151,18 @@ fi # Rename config files; postinstall script will copy them if necessary -for cfgfile in ssh_config sshd_config ssh_prng_cmds +for cfgfile in ssh_config sshd_config do mv $FAKE_ROOT/$sysconfdir/$cfgfile $FAKE_ROOT/$sysconfdir/$cfgfile.default done +# AIX 5.3 and newer have /dev/random and don't create ssh_prng_cmds +if [ -f $FAKE_ROOT/$sysconfdir/ssh_prng_cmds ] +then + mv FAKE_ROOT/$sysconfdir/ssh_prng_cmds \ + $FAKE_ROOT/$sysconfdir/ssh_prng_cmds.default +fi + # # Generate lpp control files. # working dir is $FAKE_ROOT but files are generated in dir above -- cgit v1.2.3 From 8aae6ff0d9e3b78204288f1db671ccd60614e10b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 7 Mar 2009 12:01:47 +1100 Subject: - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c to use them. Allows building with older OpenSSL versions. --- ChangeLog | 3 +++ openbsd-compat/openssl-compat.c | 9 ++++++++- openbsd-compat/openssl-compat.h | 3 ++- schnorr.c | 2 ++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6964dcffa..410c766af 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,9 @@ - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS has a /dev/random). + - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add + EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c + to use them. Allows building with older OpenSSL versions. 20090306 - (djm) OpenBSD CVS Sync diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c index 49238ba80..f5435784b 100644 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c @@ -1,4 +1,4 @@ -/* $Id: openssl-compat.c,v 1.6 2008/02/28 08:13:52 dtucker Exp $ */ +/* $Id: openssl-compat.c,v 1.7 2009/03/07 01:01:47 dtucker Exp $ */ /* * Copyright (c) 2005 Darren Tucker @@ -47,6 +47,13 @@ ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp) EVP_CIPHER_CTX_cleanup(evp); return 1; } + +int +ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt) +{ + EVP_DigestUpdate(ctx, d, cnt); + return 1; +} #endif #ifdef USE_OPENSSL_ENGINE diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 6a1bed5b2..945a7a300 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -1,4 +1,4 @@ -/* $Id: openssl-compat.h,v 1.12 2008/02/28 08:22:04 dtucker Exp $ */ +/* $Id: openssl-compat.h,v 1.13 2009/03/07 01:01:47 dtucker Exp $ */ /* * Copyright (c) 2005 Darren Tucker @@ -78,6 +78,7 @@ extern const EVP_CIPHER *evp_acss(void); # define EVP_CipherInit(a,b,c,d,e) ssh_EVP_CipherInit((a),(b),(c),(d),(e)) # define EVP_Cipher(a,b,c,d) ssh_EVP_Cipher((a),(b),(c),(d)) # define EVP_CIPHER_CTX_cleanup(a) ssh_EVP_CIPHER_CTX_cleanup((a)) +# define EVP_DigestUpdate(a,b,c) ssh_EVP_DigestUpdate((a),(b),(c)) # endif /* SSH_OLD_EVP */ # ifdef USE_OPENSSL_ENGINE diff --git a/schnorr.c b/schnorr.c index 7b97b5565..c17ff3241 100644 --- a/schnorr.c +++ b/schnorr.c @@ -42,6 +42,8 @@ #include "schnorr.h" +#include "openbsd-compat/openssl-compat.h" + /* #define SCHNORR_DEBUG */ /* Privacy-violating debugging */ /* #define SCHNORR_MAIN */ /* Include main() selftest */ -- cgit v1.2.3 From ccfee058820699bc6d5f5e10e8f546c1e95b4c1d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 7 Mar 2009 12:32:22 +1100 Subject: - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed. --- ChangeLog | 1 + configure.ac | 6 +++--- defines.h | 5 ++++- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 410c766af..eadd0f7d8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,7 @@ - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c to use them. Allows building with older OpenSSL versions. + - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed. 20090306 - (djm) OpenBSD CVS Sync diff --git a/configure.ac b/configure.ac index b33914dae..0ec8a1980 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.415 2009/02/16 04:37:03 djm Exp $ +# $Id: configure.ac,v 1.416 2009/03/07 01:32:22 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.415 $) +AC_REVISION($Revision: 1.416 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -2694,7 +2694,7 @@ AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[ #endif ]) -AC_CHECK_TYPES(in_addr_t,,, +AC_CHECK_TYPES([in_addr_t in_port_t],,, [#include #include ]) diff --git a/defines.h b/defines.h index 536ec4978..457b6a35e 100644 --- a/defines.h +++ b/defines.h @@ -25,7 +25,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.153 2009/02/01 11:19:54 dtucker Exp $ */ +/* $Id: defines.h,v 1.154 2009/03/07 01:32:22 dtucker Exp $ */ /* Constants */ @@ -300,6 +300,9 @@ struct sockaddr_un { #ifndef HAVE_IN_ADDR_T typedef u_int32_t in_addr_t; #endif +#ifndef HAVE_IN_PORT_T +typedef u_int16_t in_port_t; +#endif #if defined(BROKEN_SYS_TERMIO_H) && !defined(_STRUCT_WINSIZE) #define _STRUCT_WINSIZE -- cgit v1.2.3 From 30ed668de0f7755934971f2e7e80b62073091624 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 7 Mar 2009 18:06:22 +1100 Subject: - (dtucker) [configure.ac] Missing comma in type list. --- ChangeLog | 1 + configure.ac | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index eadd0f7d8..1c982f5d2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,7 @@ EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c to use them. Allows building with older OpenSSL versions. - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed. + - (dtucker) [configure.ac] Missing comma in type list. 20090306 - (djm) OpenBSD CVS Sync diff --git a/configure.ac b/configure.ac index 0ec8a1980..a2cb7a215 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.416 2009/03/07 01:32:22 dtucker Exp $ +# $Id: configure.ac,v 1.417 2009/03/07 07:06:22 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.416 $) +AC_REVISION($Revision: 1.417 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -2694,7 +2694,7 @@ AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[ #endif ]) -AC_CHECK_TYPES([in_addr_t in_port_t],,, +AC_CHECK_TYPES([in_addr_t, in_port_t],,, [#include #include ]) -- cgit v1.2.3 From 3e7e15f1bdc2ddd8fe4a389212c6b8db58e2b511 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 7 Mar 2009 22:22:35 +1100 Subject: - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg in openssl 0.9.6) so add an explicit test for it. --- ChangeLog | 3 +++ configure.ac | 21 +++++++++++++++++++-- openbsd-compat/openssl-compat.c | 4 +++- openbsd-compat/openssl-compat.h | 7 +++++-- 4 files changed, 30 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 1c982f5d2..be302d9b6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,9 @@ to use them. Allows building with older OpenSSL versions. - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed. - (dtucker) [configure.ac] Missing comma in type list. + - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] + EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg + in openssl 0.9.6) so add an explicit test for it. 20090306 - (djm) OpenBSD CVS Sync diff --git a/configure.ac b/configure.ac index a2cb7a215..51fee9e6b 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.417 2009/03/07 07:06:22 dtucker Exp $ +# $Id: configure.ac,v 1.418 2009/03/07 11:22:35 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.417 $) +AC_REVISION($Revision: 1.418 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -2076,6 +2076,23 @@ int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);} ] ) +AC_MSG_CHECKING([if EVP_DigestUpdate returns an int]) +AC_LINK_IFELSE( + [AC_LANG_SOURCE([[ +#include +#include +int main(void) { if(EVP_DigestUpdate(NULL, NULL,0)) exit(0); } + ]])], + [ + AC_MSG_RESULT(yes) + ], + [ + AC_MSG_RESULT(no) + AC_DEFINE(OPENSSL_EVP_DIGESTUPDATE_VOID, 1, + [Define if EVP_DigestUpdate returns void]) + ] +) + # Some systems want crypt() from libcrypt, *not* the version in OpenSSL, # because the system crypt() is more featureful. if test "x$check_for_libcrypt_before" = "x1"; then diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c index f5435784b..dd326c00f 100644 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c @@ -1,4 +1,4 @@ -/* $Id: openssl-compat.c,v 1.7 2009/03/07 01:01:47 dtucker Exp $ */ +/* $Id: openssl-compat.c,v 1.8 2009/03/07 11:22:35 dtucker Exp $ */ /* * Copyright (c) 2005 Darren Tucker @@ -47,7 +47,9 @@ ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp) EVP_CIPHER_CTX_cleanup(evp); return 1; } +#endif +#ifdef OPENSSL_EVP_DIGESTUPDATE_VOID int ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt) { diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 945a7a300..fcc762867 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -1,4 +1,4 @@ -/* $Id: openssl-compat.h,v 1.13 2009/03/07 01:01:47 dtucker Exp $ */ +/* $Id: openssl-compat.h,v 1.14 2009/03/07 11:22:35 dtucker Exp $ */ /* * Copyright (c) 2005 Darren Tucker @@ -78,9 +78,12 @@ extern const EVP_CIPHER *evp_acss(void); # define EVP_CipherInit(a,b,c,d,e) ssh_EVP_CipherInit((a),(b),(c),(d),(e)) # define EVP_Cipher(a,b,c,d) ssh_EVP_Cipher((a),(b),(c),(d)) # define EVP_CIPHER_CTX_cleanup(a) ssh_EVP_CIPHER_CTX_cleanup((a)) -# define EVP_DigestUpdate(a,b,c) ssh_EVP_DigestUpdate((a),(b),(c)) # endif /* SSH_OLD_EVP */ +# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID +# define EVP_DigestUpdate(a,b,c) ssh_EVP_DigestUpdate((a),(b),(c)) +# endif + # ifdef USE_OPENSSL_ENGINE # ifdef SSLeay_add_all_algorithms # undef SSLeay_add_all_algorithms -- cgit v1.2.3 From 9d86e5d5704092072822336af6d0bee468c25966 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 8 Mar 2009 11:40:27 +1100 Subject: - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h} openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old version of Cygwin. Patch from vinschen at redhat com. --- ChangeLog | 6 ++ auth-passwd.c | 2 +- auth1.c | 10 +--- auth2-kbdint.c | 4 -- auth2-none.c | 4 -- auth2-passwd.c | 4 -- auth2-pubkey.c | 4 -- openbsd-compat/bsd-cygwin_util.c | 124 --------------------------------------- openbsd-compat/bsd-cygwin_util.h | 5 +- openbsd-compat/daemon.c | 10 ---- session.c | 11 +--- 11 files changed, 12 insertions(+), 172 deletions(-) diff --git a/ChangeLog b/ChangeLog index be302d9b6..ae2cf5119 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +20090308 + - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c + auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h} + openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old + version of Cygwin. Patch from vinschen at redhat com. + 20090307 - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS diff --git a/auth-passwd.c b/auth-passwd.c index bdfced023..b1c6ce092 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -102,7 +102,7 @@ auth_password(Authctxt *authctxt, const char *password) } #endif #ifdef HAVE_CYGWIN - if (is_winnt) { + { HANDLE hToken = cygwin_logon_user(pw, password); if (hToken == INVALID_HANDLE_VALUE) diff --git a/auth1.c b/auth1.c index b8a255872..1801661fd 100644 --- a/auth1.c +++ b/auth1.c @@ -318,15 +318,7 @@ do_authloop(Authctxt *authctxt) } #endif /* _UNICOS */ -#ifdef HAVE_CYGWIN - if (authenticated && - !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, - authctxt->pw)) { - packet_disconnect("Authentication rejected for uid %d.", - authctxt->pw == NULL ? -1 : authctxt->pw->pw_uid); - authenticated = 0; - } -#else +#ifndef HAVE_CYGWIN /* Special handling for root */ if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed(meth->name)) { diff --git a/auth2-kbdint.c b/auth2-kbdint.c index a4fc9e6f7..fae67da6e 100644 --- a/auth2-kbdint.c +++ b/auth2-kbdint.c @@ -58,10 +58,6 @@ userauth_kbdint(Authctxt *authctxt) xfree(devs); xfree(lang); -#ifdef HAVE_CYGWIN - if (check_nt_auth(0, authctxt->pw) == 0) - authenticated = 0; -#endif return authenticated; } diff --git a/auth2-none.c b/auth2-none.c index 10accfe55..08f2f935f 100644 --- a/auth2-none.c +++ b/auth2-none.c @@ -61,10 +61,6 @@ userauth_none(Authctxt *authctxt) { none_enabled = 0; packet_check_eom(); -#ifdef HAVE_CYGWIN - if (check_nt_auth(1, authctxt->pw) == 0) - return (0); -#endif if (options.password_authentication) return (PRIVSEP(auth_password(authctxt, ""))); return (0); diff --git a/auth2-passwd.c b/auth2-passwd.c index 421c5c25d..5f1f3635f 100644 --- a/auth2-passwd.c +++ b/auth2-passwd.c @@ -68,10 +68,6 @@ userauth_passwd(Authctxt *authctxt) logit("password change not supported"); else if (PRIVSEP(auth_password(authctxt, password)) == 1) authenticated = 1; -#ifdef HAVE_CYGWIN - if (check_nt_auth(1, authctxt->pw) == 0) - authenticated = 0; -#endif memset(password, 0, len); xfree(password); return authenticated; diff --git a/auth2-pubkey.c b/auth2-pubkey.c index b1e38e5f5..2886f1275 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -170,10 +170,6 @@ done: key_free(key); xfree(pkalg); xfree(pkblob); -#ifdef HAVE_CYGWIN - if (check_nt_auth(0, authctxt->pw) == 0) - authenticated = 0; -#endif return authenticated; } diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index 38be7e350..e90c1597f 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c @@ -39,9 +39,6 @@ #endif #include -#include -#include -#include #include #include @@ -49,11 +46,6 @@ #include #include "xmalloc.h" -#define is_winnt (GetVersion() < 0x80000000) - -#define ntsec_on(c) ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec")) -#define ntsec_off(c) ((c) && strstr((c),"nontsec")) -#define ntea_on(c) ((c) && strstr((c),"ntea") && !strstr((c),"nontea")) int binary_open(const char *filename, int flags, ...) @@ -79,128 +71,12 @@ binary_pipe(int fd[2]) return (ret); } -#define HAS_CREATE_TOKEN 1 -#define HAS_NTSEC_BY_DEFAULT 2 -#define HAS_CREATE_TOKEN_WO_NTSEC 3 - -static int -has_capability(int what) -{ - static int inited; - static int has_create_token; - static int has_ntsec_by_default; - static int has_create_token_wo_ntsec; - - /* - * has_capability() basically calls uname() and checks if - * specific capabilities of Cygwin can be evaluated from that. - * This simplifies the calling functions which only have to ask - * for a capability using has_capability() instead of having - * to figure that out by themselves. - */ - if (!inited) { - struct utsname uts; - - if (!uname(&uts)) { - int major_high = 0, major_low = 0, minor = 0; - int api_major_version = 0, api_minor_version = 0; - char *c; - - sscanf(uts.release, "%d.%d.%d", &major_high, - &major_low, &minor); - if ((c = strchr(uts.release, '(')) != NULL) { - sscanf(c + 1, "%d.%d", &api_major_version, - &api_minor_version); - } - if (major_high > 1 || - (major_high == 1 && (major_low > 3 || - (major_low == 3 && minor >= 2)))) - has_create_token = 1; - if (api_major_version > 0 || api_minor_version >= 56) - has_ntsec_by_default = 1; - if (major_high > 1 || - (major_high == 1 && major_low >= 5)) - has_create_token_wo_ntsec = 1; - inited = 1; - } - } - switch (what) { - case HAS_CREATE_TOKEN: - return (has_create_token); - case HAS_NTSEC_BY_DEFAULT: - return (has_ntsec_by_default); - case HAS_CREATE_TOKEN_WO_NTSEC: - return (has_create_token_wo_ntsec); - } - return (0); -} - -int -check_nt_auth(int pwd_authenticated, struct passwd *pw) -{ - /* - * The only authentication which is able to change the user - * context on NT systems is the password authentication. So - * we deny all requsts for changing the user context if another - * authentication method is used. - * - * This doesn't apply to Cygwin versions >= 1.3.2 anymore which - * uses the undocumented NtCreateToken() call to create a user - * token if the process has the appropriate privileges and if - * CYGWIN ntsec setting is on. - */ - static int has_create_token = -1; - - if (pw == NULL) - return 0; - if (is_winnt) { - if (has_create_token < 0) { - char *cygwin = getenv("CYGWIN"); - - has_create_token = 0; - if (has_capability(HAS_CREATE_TOKEN) && - (ntsec_on(cygwin) || - (has_capability(HAS_NTSEC_BY_DEFAULT) && - !ntsec_off(cygwin)) || - has_capability(HAS_CREATE_TOKEN_WO_NTSEC))) - has_create_token = 1; - } - if (has_create_token < 1 && - !pwd_authenticated && geteuid() != pw->pw_uid) - return (0); - } - return (1); -} - int check_ntsec(const char *filename) { return (pathconf(filename, _PC_POSIX_PERMISSIONS)); } -void -register_9x_service(void) -{ - HINSTANCE kerneldll; - DWORD (*RegisterServiceProcess)(DWORD, DWORD); - - /* The service register mechanism in 9x/Me is pretty different from - * NT/2K/XP. In NT/2K/XP we're using a special service starter - * application to register and control sshd as service. This method - * doesn't play nicely with 9x/Me. For that reason we register here - * as service when running under 9x/Me. This function is only called - * by the child sshd when it's going to daemonize. - */ - if (is_winnt) - return; - if (!(kerneldll = LoadLibrary("KERNEL32.DLL"))) - return; - if (!(RegisterServiceProcess = (DWORD (*)(DWORD, DWORD)) - GetProcAddress(kerneldll, "RegisterServiceProcess"))) - return; - RegisterServiceProcess(0, 1); -} - #define NL(x) x, (sizeof (x) - 1) #define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0])) diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h index 6719b8a49..39b8eb788 100644 --- a/openbsd-compat/bsd-cygwin_util.h +++ b/openbsd-compat/bsd-cygwin_util.h @@ -1,4 +1,4 @@ -/* $Id: bsd-cygwin_util.h,v 1.11 2004/08/30 10:42:08 dtucker Exp $ */ +/* $Id: bsd-cygwin_util.h,v 1.12 2009/03/08 00:40:28 dtucker Exp $ */ /* * Copyright (c) 2000, 2001, Corinna Vinschen @@ -35,7 +35,6 @@ #ifdef HAVE_CYGWIN #undef ERROR -#define is_winnt (GetVersion() < 0x80000000) #include #include @@ -43,9 +42,7 @@ int binary_open(const char *, int , ...); int binary_pipe(int fd[2]); -int check_nt_auth(int, struct passwd *); int check_ntsec(const char *); -void register_9x_service(void); char **fetch_windows_environment(void); void free_windows_environment(char **); diff --git a/openbsd-compat/daemon.c b/openbsd-compat/daemon.c index e3a6886bd..3efe14c68 100644 --- a/openbsd-compat/daemon.c +++ b/openbsd-compat/daemon.c @@ -57,18 +57,8 @@ daemon(int nochdir, int noclose) case -1: return (-1); case 0: -#ifdef HAVE_CYGWIN - register_9x_service(); -#endif break; default: -#ifdef HAVE_CYGWIN - /* - * This sleep avoids a race condition which kills the - * child process if parent is started by a NT/W2K service. - */ - sleep(1); -#endif _exit(0); } diff --git a/session.c b/session.c index f2549e0cd..8e0c54faa 100644 --- a/session.c +++ b/session.c @@ -571,8 +571,7 @@ do_exec_no_pty(Session *s, const char *command) signal(WJSIGNAL, cray_job_termination_handler); #endif /* _UNICOS */ #ifdef HAVE_CYGWIN - if (is_winnt) - cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); + cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); #endif s->pid = pid; @@ -726,8 +725,7 @@ do_exec_pty(Session *s, const char *command) signal(WJSIGNAL, cray_job_termination_handler); #endif /* _UNICOS */ #ifdef HAVE_CYGWIN - if (is_winnt) - cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); + cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); #endif s->pid = pid; @@ -1116,7 +1114,7 @@ do_setup_env(Session *s, const char *shell) u_int i, envsize; char **env, *laddr; struct passwd *pw = s->pw; -#ifndef HAVE_LOGIN_CAP +#if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN) char *path = NULL; #endif @@ -1551,9 +1549,6 @@ do_setusercontext(struct passwd *pw) #endif } -#ifdef HAVE_CYGWIN - if (is_winnt) -#endif if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); -- cgit v1.2.3 From a74000eb9e04c726bee13ae8abce51386ba0dfbf Mon Sep 17 00:00:00 2001 From: Tim Rice Date: Wed, 18 Mar 2009 11:25:02 -0700 Subject: - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005. Based on patch from vinschen at redhat com. --- ChangeLog | 5 +++++ configure.ac | 9 ++++----- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index ae2cf5119..955fcef2e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20090318 + - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem + that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005. + Based on patch from vinschen at redhat com. + 20090308 - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h} diff --git a/configure.ac b/configure.ac index 51fee9e6b..835c8fa6d 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.418 2009/03/07 11:22:35 dtucker Exp $ +# $Id: configure.ac,v 1.419 2009/03/18 18:25:02 tim Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.418 $) +AC_REVISION($Revision: 1.419 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -434,8 +434,6 @@ int main(void) { exit(0); } AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()]) AC_DEFINE(DISABLE_SHADOW, 1, [Define if you want to disable shadow passwords]) - AC_DEFINE(IP_TOS_IS_BROKEN, 1, - [Define if your system choked on IP TOS setting]) AC_DEFINE(NO_X11_UNIX_SOCKETS, 1, [Define if X11 doesn't support AF_UNIX sockets on that system]) AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1, @@ -446,7 +444,8 @@ int main(void) { exit(0); } file descriptor passing]) ;; *-*-dgux*) - AC_DEFINE(IP_TOS_IS_BROKEN) + AC_DEFINE(IP_TOS_IS_BROKEN, 1, + [Define if your system choked on IP TOS setting]) AC_DEFINE(SETEUID_BREAKS_SETUID) AC_DEFINE(BROKEN_SETREUID) AC_DEFINE(BROKEN_SETREGID) -- cgit v1.2.3 From a422d9756e3fbe932db063592b5303aae7cc0b28 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 4 May 2009 12:52:47 +1000 Subject: - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include variable declarations. Should prevent unused warnings anywhere it's set (only Crays as far as I can tell) and be a no-op everywhere else. --- ChangeLog | 5 +++++ sshlogin.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 955fcef2e..79dc37701 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20090504 + - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include + variable declarations. Should prevent unused warnings anywhere it's set + (only Crays as far as I can tell) and be a no-op everywhere else. + 20090318 - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005. diff --git a/sshlogin.c b/sshlogin.c index cc35d6024..dff47b6f7 100644 --- a/sshlogin.c +++ b/sshlogin.c @@ -86,10 +86,10 @@ get_last_login_time(uid_t uid, const char *logname, static void store_lastlog_message(const char *user, uid_t uid) { +#ifndef NO_SSH_LASTLOG char *time_string, hostname[MAXHOSTNAMELEN] = "", buf[512]; time_t last_login_time; -#ifndef NO_SSH_LASTLOG if (!options.print_lastlog) return; -- cgit v1.2.3 From 3278062bf3e2e435163998feca90c13e80d53d5d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 16 Jun 2009 16:11:02 +1000 Subject: - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t is a struct with a __val member. Fixes build on, eg, Redhat 6.2. --- ChangeLog | 4 ++++ configure.ac | 40 +++++++++++++++++++++++++++++++++------- defines.h | 6 +++++- 3 files changed, 42 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 79dc37701..82d5c20ca 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20090616 + - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t + is a struct with a __val member. Fixes build on, eg, Redhat 6.2. + 20090504 - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include variable declarations. Should prevent unused warnings anywhere it's set diff --git a/configure.ac b/configure.ac index 835c8fa6d..140c62838 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.419 2009/03/18 18:25:02 tim Exp $ +# $Id: configure.ac,v 1.420 2009/06/16 06:11:02 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.419 $) +AC_REVISION($Revision: 1.420 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -3080,15 +3080,41 @@ if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then file descriptor passing]) fi -AC_MSG_CHECKING(if f_fsid has val members) +AC_MSG_CHECKING(if struct statvfs.f_fsid is integral type) AC_TRY_COMPILE([ #include +#include +#ifdef HAVE_SYS_TIME_H +# include +#endif +#ifdef HAVE_SYS_MOUNT_H +#include +#endif +#ifdef HAVE_SYS_STATVFS_H +#include +#endif +], [struct statvfs s; s.f_fsid = 0;], +[ AC_MSG_RESULT(yes) ], +[ AC_MSG_RESULT(no) + + AC_MSG_CHECKING(if fsid_t has member val) + AC_TRY_COMPILE([ +#include #include ], -[struct fsid_t t; t.val[0] = 0;], + [fsid_t t; t.val[0] = 0;], [ AC_MSG_RESULT(yes) - AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ], - [ AC_MSG_RESULT(no) ] -) + AC_DEFINE(FSID_HAS_VAL, 1, fsid_t has member val) ], + [ AC_MSG_RESULT(no) ]) + + AC_MSG_CHECKING(if f_fsid has member __val) + AC_TRY_COMPILE([ +#include +#include ], + [fsid_t t; t.__val[0] = 0;], + [ AC_MSG_RESULT(yes) + AC_DEFINE(FSID_HAS___VAL, 1, fsid_t has member __val) ], + [ AC_MSG_RESULT(no) ]) +]) AC_CACHE_CHECK([for msg_control field in struct msghdr], ac_cv_have_control_in_msghdr, [ diff --git a/defines.h b/defines.h index 457b6a35e..2ccded266 100644 --- a/defines.h +++ b/defines.h @@ -25,7 +25,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.154 2009/03/07 01:32:22 dtucker Exp $ */ +/* $Id: defines.h,v 1.155 2009/06/16 06:11:02 dtucker Exp $ */ /* Constants */ @@ -594,6 +594,10 @@ struct winsize { #define FSID_TO_ULONG(f) \ ((((u_int64_t)(f).val[0] & 0xffffffffUL) << 32) | \ ((f).val[1] & 0xffffffffUL)) +#elif defined(FSID_HAS___VAL) +#define FSID_TO_ULONG(f) \ + ((((u_int64_t)(f).__val[0] & 0xffffffffUL) << 32) | \ + ((f).__val[1] & 0xffffffffUL)) #else # define FSID_TO_ULONG(f) ((f)) #endif -- cgit v1.2.3 From 72efd74d2fd3d871210322e8a48f38e2baafc207 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:48:00 +1000 Subject: - (dtucker) OpenBSD CVS Sync - markus@cvs.openbsd.org 2009/03/17 21:37:00 [ssh.c] pass correct argv[0] to openlog(); ok djm@ --- ChangeLog | 6 ++++++ ssh.c | 9 +++++---- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 82d5c20ca..487cbe04a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +20090621 + - (dtucker) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2009/03/17 21:37:00 + [ssh.c] + pass correct argv[0] to openlog(); ok djm@ + 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t is a struct with a __val member. Fixes build on, eg, Redhat 6.2. diff --git a/ssh.c b/ssh.c index 9d43bb74f..96134680d 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.324 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.325 2009/03/17 21:37:00 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -204,7 +204,7 @@ int main(int ac, char **av) { int i, opt, exit_status, use_syslog; - char *p, *cp, *line, buf[256]; + char *p, *cp, *line, *argv0, buf[256]; struct stat st; struct passwd *pw; int dummy, timeout_ms; @@ -270,6 +270,7 @@ main(int ac, char **av) /* Parse command-line arguments. */ host = NULL; use_syslog = 0; + argv0 = av[0]; again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" @@ -600,7 +601,7 @@ main(int ac, char **av) * Initialize "log" output. Since we are the client all output * actually goes to stderr. */ - log_init(av[0], + log_init(argv0, options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level, SYSLOG_FACILITY_USER, !use_syslog); @@ -628,7 +629,7 @@ main(int ac, char **av) channel_set_af(options.address_family); /* reinit */ - log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, !use_syslog); + log_init(argv0, options.log_level, SYSLOG_FACILITY_USER, !use_syslog); seed_rng(); -- cgit v1.2.3 From 3a6a51f3874209046df3ac6ca11180b9ca31062d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:48:52 +1000 Subject: - jmc@cvs.openbsd.org 2009/03/19 15:15:09 [ssh.1] for "Ciphers", just point the reader to the keyword in ssh_config(5), just as we do for "MACs": this stops us getting out of sync when the lists change; fixes documentation/6102, submitted by Peter J. Philipp alternative fix proposed by djm ok markus --- ChangeLog | 8 ++++++++ ssh.1 | 27 +++++---------------------- 2 files changed, 13 insertions(+), 22 deletions(-) diff --git a/ChangeLog b/ChangeLog index 487cbe04a..c46c88ebf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,14 @@ - markus@cvs.openbsd.org 2009/03/17 21:37:00 [ssh.c] pass correct argv[0] to openlog(); ok djm@ + - jmc@cvs.openbsd.org 2009/03/19 15:15:09 + [ssh.1] + for "Ciphers", just point the reader to the keyword in ssh_config(5), just + as we do for "MACs": this stops us getting out of sync when the lists + change; + fixes documentation/6102, submitted by Peter J. Philipp + alternative fix proposed by djm + ok markus 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/ssh.1 b/ssh.1 index 421783be3..6c6271ee4 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.282 2009/02/12 03:44:25 djm Exp $ -.Dd $Mdocdate: February 12 2009 $ +.\" $OpenBSD: ssh.1,v 1.283 2009/03/19 15:15:09 jmc Exp $ +.Dd $Mdocdate: March 19 2009 $ .Dt SSH 1 .Os .Sh NAME @@ -191,26 +191,9 @@ For protocol version 2, .Ar cipher_spec is a comma-separated list of ciphers listed in order of preference. -The supported ciphers are: -3des-cbc, -aes128-cbc, -aes192-cbc, -aes256-cbc, -aes128-ctr, -aes192-ctr, -aes256-ctr, -arcfour128, -arcfour256, -arcfour, -blowfish-cbc, -and -cast128-cbc. -The default is: -.Bd -literal -offset indent -aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, -arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr, -aes192-ctr,aes256-ctr -.Ed +See the +.Cm Ciphers +keyword for more information. .It Fl D Xo .Sm off .Oo Ar bind_address : Oc -- cgit v1.2.3 From a0964504e19598ca5a45dbf0ed0c677e4f24c132 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:49:36 +1000 Subject: - tobias@cvs.openbsd.org 2009/03/23 08:31:19 [ssh-agent.c] Fixed a possible out-of-bounds memory access if the environment variable SHELL is shorter than 3 characters. with input by and ok dtucker --- ChangeLog | 5 +++++ ssh-agent.c | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index c46c88ebf..c851e8f77 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,11 @@ fixes documentation/6102, submitted by Peter J. Philipp alternative fix proposed by djm ok markus + - tobias@cvs.openbsd.org 2009/03/23 08:31:19 + [ssh-agent.c] + Fixed a possible out-of-bounds memory access if the environment variable + SHELL is shorter than 3 characters. + with input by and ok dtucker 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/ssh-agent.c b/ssh-agent.c index 9123cfe6b..1a54a2784 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.159 2008/06/28 14:05:15 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.160 2009/03/23 08:31:19 tobias Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1122,7 +1122,7 @@ main(int ac, char **av) if (ac == 0 && !c_flag && !s_flag) { shell = getenv("SHELL"); if (shell != NULL && - strncmp(shell + strlen(shell) - 3, "csh", 3) == 0) + strncmp(shell + MAX(strlen(shell) - 3, 0), "csh", 3) == 0) c_flag = 1; } if (k_flag) { -- cgit v1.2.3 From 9013323644d2ecd77567543479bbab2c1150af6c Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:50:15 +1000 Subject: - tobias@cvs.openbsd.org 2009/03/23 19:38:04 [ssh-agent.c] My previous commit didn't fix the problem at all, so stick at my first version of the fix presented to dtucker. Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de). ok dtucker --- ChangeLog | 6 ++++++ ssh-agent.c | 7 ++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index c851e8f77..0371cfc41 100644 --- a/ChangeLog +++ b/ChangeLog @@ -16,6 +16,12 @@ Fixed a possible out-of-bounds memory access if the environment variable SHELL is shorter than 3 characters. with input by and ok dtucker + - tobias@cvs.openbsd.org 2009/03/23 19:38:04 + [ssh-agent.c] + My previous commit didn't fix the problem at all, so stick at my first + version of the fix presented to dtucker. + Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de). + ok dtucker 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/ssh-agent.c b/ssh-agent.c index 1a54a2784..f77dea3a6 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.160 2009/03/23 08:31:19 tobias Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.161 2009/03/23 19:38:04 tobias Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1061,6 +1061,7 @@ main(int ac, char **av) pid_t pid; char pidstrbuf[1 + 3 * sizeof pid]; struct timeval *tvp = NULL; + size_t len; /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); @@ -1121,8 +1122,8 @@ main(int ac, char **av) if (ac == 0 && !c_flag && !s_flag) { shell = getenv("SHELL"); - if (shell != NULL && - strncmp(shell + MAX(strlen(shell) - 3, 0), "csh", 3) == 0) + if (shell != NULL && (len = strlen(shell)) > 2 && + strncmp(shell + len - 3, "csh", 3) == 0) c_flag = 1; } if (k_flag) { -- cgit v1.2.3 From 5837b51aecf162b1fcc87c978806e3798e005c95 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:52:27 +1000 Subject: - sobrado@cvs.openbsd.org 2009/03/26 08:38:39 [sftp-server.8 sshd.8 ssh-agent.1] fix a few typographical errors found by spell(1). ok dtucker@, jmc@ --- ChangeLog | 4 ++++ sftp-server.8 | 6 +++--- ssh-agent.1 | 6 +++--- sshd.8 | 6 +++--- 4 files changed, 13 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0371cfc41..cb93c1056 100644 --- a/ChangeLog +++ b/ChangeLog @@ -22,6 +22,10 @@ version of the fix presented to dtucker. Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de). ok dtucker + - sobrado@cvs.openbsd.org 2009/03/26 08:38:39 + [sftp-server.8 sshd.8 ssh-agent.1] + fix a few typographical errors found by spell(1). + ok dtucker@, jmc@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/sftp-server.8 b/sftp-server.8 index 74c1e4bc5..372b0770e 100644 --- a/sftp-server.8 +++ b/sftp-server.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp-server.8,v 1.14 2008/07/18 22:51:01 jmc Exp $ +.\" $OpenBSD: sftp-server.8,v 1.15 2009/03/26 08:38:39 sobrado Exp $ .\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 18 2008 $ +.Dd $Mdocdate: March 26 2009 $ .Dt SFTP-SERVER 8 .Os .Sh NAME @@ -79,7 +79,7 @@ must be able to access .Pa /dev/log . Use of .Nm -in a chroot configuation therefore requires that +in a chroot configuration therefore requires that .Xr syslogd 8 establish a logging socket inside the chroot directory. .Sh SEE ALSO diff --git a/ssh-agent.1 b/ssh-agent.1 index 6a5dc62af..533cd6f6b 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.46 2007/09/09 11:38:01 sobrado Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.47 2009/03/26 08:38:39 sobrado Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 5 2007 $ +.Dd $Mdocdate: March 26 2009 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -141,7 +141,7 @@ The second is that the agent prints the needed shell commands (either .Xr sh 1 or .Xr csh 1 -syntax can be generated) which can be evalled in the calling shell, eg +syntax can be generated) which can be evaluated in the calling shell, eg .Cm eval `ssh-agent -s` for Bourne-type shells such as .Xr sh 1 diff --git a/sshd.8 b/sshd.8 index a4b9e90c7..111d491d9 100644 --- a/sshd.8 +++ b/sshd.8 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.247 2008/10/03 13:08:12 jmc Exp $ -.Dd $Mdocdate: October 3 2008 $ +.\" $OpenBSD: sshd.8,v 1.248 2009/03/26 08:38:39 sobrado Exp $ +.Dd $Mdocdate: March 26 2009 $ .Dt SSHD 8 .Os .Sh NAME @@ -543,7 +543,7 @@ for more information on patterns. In addition to the wildcard matching that may be applied to hostnames or addresses, a .Cm from -stanza may match IP addressess using CIDR address/masklen notation. +stanza may match IP addresses using CIDR address/masklen notation. .Pp The purpose of this option is to optionally increase security: public key authentication by itself does not trust the network or name servers or -- cgit v1.2.3 From af501cfce456004e1bce8557bbb24b230442b324 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:53:04 +1000 Subject: - stevesk@cvs.openbsd.org 2009/04/13 19:07:44 [sshd_config.5] fix possessive; ok djm@ --- ChangeLog | 3 +++ sshd_config.5 | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index cb93c1056..ad4fefc31 100644 --- a/ChangeLog +++ b/ChangeLog @@ -26,6 +26,9 @@ [sftp-server.8 sshd.8 ssh-agent.1] fix a few typographical errors found by spell(1). ok dtucker@, jmc@ + - stevesk@cvs.openbsd.org 2009/04/13 19:07:44 + [sshd_config.5] + fix possessive; ok djm@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/sshd_config.5 b/sshd_config.5 index dfd07b713..684c1c25e 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.102 2009/02/22 23:59:25 djm Exp $ -.Dd $Mdocdate: February 22 2009 $ +.\" $OpenBSD: sshd_config.5,v 1.103 2009/04/13 19:07:44 stevesk Exp $ +.Dd $Mdocdate: April 13 2009 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -197,7 +197,7 @@ the connecting user has been authenticated: %% is replaced by a literal '%', The .Cm ChrootDirectory must contain the necessary files and directories to support the -users' session. +user's session. For an interactive session this requires at least a shell, typically .Xr sh 1 , and basic -- cgit v1.2.3 From b62f1a856d3dc0b6d091e013500aa65c6173e0e5 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:53:48 +1000 Subject: - stevesk@cvs.openbsd.org 2009/04/14 16:33:42 [sftp-server.c] remove unused option character from getopt() optstring; ok markus@ --- ChangeLog | 3 +++ sftp-server.c | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index ad4fefc31..b64310628 100644 --- a/ChangeLog +++ b/ChangeLog @@ -29,6 +29,9 @@ - stevesk@cvs.openbsd.org 2009/04/13 19:07:44 [sshd_config.5] fix possessive; ok djm@ + - stevesk@cvs.openbsd.org 2009/04/14 16:33:42 + [sftp-server.c] + remove unused option character from getopt() optstring; ok markus@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/sftp-server.c b/sftp-server.c index 24c4ff717..83beeadcf 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.84 2008/06/26 06:10:09 djm Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.85 2009/04/14 16:33:42 stevesk Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1341,7 +1341,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) __progname = ssh_get_progname(argv[0]); log_init(__progname, log_level, log_facility, log_stderr); - while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) { + while (!skipargs && (ch = getopt(argc, argv, "f:l:che")) != -1) { switch (ch) { case 'c': /* -- cgit v1.2.3 From 3b59dfa161b52b41e5e0cacaf3db1510cfaaa319 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:54:47 +1000 Subject: - jj@cvs.openbsd.org 2009/04/14 21:10:54 [servconf.c] Fixed a few the-the misspellings in comments. Skipped a bunch in binutils,gcc and so on. ok jmc@ --- ChangeLog | 4 ++++ servconf.c | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index b64310628..3c799fbaf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -32,6 +32,10 @@ - stevesk@cvs.openbsd.org 2009/04/14 16:33:42 [sftp-server.c] remove unused option character from getopt() optstring; ok markus@ + - jj@cvs.openbsd.org 2009/04/14 21:10:54 + [servconf.c] + Fixed a few the-the misspellings in comments. Skipped a bunch in + binutils,gcc and so on. ok jmc@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/servconf.c b/servconf.c index e7fc2a781..af940cac2 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.194 2009/01/22 10:02:34 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.195 2009/04/14 21:10:54 jj Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1376,7 +1376,7 @@ parse_server_match_config(ServerOptions *options, const char *user, /* * Copy any supported values that are set. * - * If the preauth flag is set, we do not bother copying the the string or + * If the preauth flag is set, we do not bother copying the string or * array values that are not used pre-authentication, because any that we * do use must be explictly sent in mm_getpwnamallow(). */ -- cgit v1.2.3 From ac46a915e83c6a69237d683a136bc919049b22d5 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:55:23 +1000 Subject: - stevesk@cvs.openbsd.org 2009/04/17 19:23:06 [session.c] use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server; ok djm@ markus@ --- ChangeLog | 4 ++++ session.c | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 3c799fbaf..4d6051053 100644 --- a/ChangeLog +++ b/ChangeLog @@ -36,6 +36,10 @@ [servconf.c] Fixed a few the-the misspellings in comments. Skipped a bunch in binutils,gcc and so on. ok jmc@ + - stevesk@cvs.openbsd.org 2009/04/17 19:23:06 + [session.c] + use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server; + ok djm@ markus@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/session.c b/session.c index 8e0c54faa..f04266f78 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.245 2009/01/22 09:46:01 djm Exp $ */ +/* $OpenBSD: session.c,v 1.246 2009/04/17 19:23:06 stevesk Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1789,7 +1789,7 @@ do_child(Session *s, const char *command) int i; char *p, *args; - setproctitle("%s@internal-sftp-server", s->pw->pw_name); + setproctitle("%s@%s", s->pw->pw_name, INTERNAL_SFTP_NAME); args = xstrdup(command ? command : "sftp-server"); for (i = 0, (p = strtok(args, " ")); p; (p = strtok(NULL, " "))) if (i < ARGV_MAX - 1) -- cgit v1.2.3 From 00fcd719a5877c6e02a0d6c66bd2de651fee728c Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:56:00 +1000 Subject: - stevesk@cvs.openbsd.org 2009/04/17 19:40:17 [sshd_config.5] clarify that even internal-sftp needs /dev/log for logging to work; ok markus@ --- ChangeLog | 4 ++++ sshd_config.5 | 12 +++++++++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4d6051053..7a75cdd65 100644 --- a/ChangeLog +++ b/ChangeLog @@ -40,6 +40,10 @@ [session.c] use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server; ok djm@ markus@ + - stevesk@cvs.openbsd.org 2009/04/17 19:40:17 + [sshd_config.5] + clarify that even internal-sftp needs /dev/log for logging to work; ok + markus@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/sshd_config.5 b/sshd_config.5 index 684c1c25e..5c100bdaa 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.103 2009/04/13 19:07:44 stevesk Exp $ -.Dd $Mdocdate: April 13 2009 $ +.\" $OpenBSD: sshd_config.5,v 1.104 2009/04/17 19:40:17 stevesk Exp $ +.Dd $Mdocdate: April 17 2009 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -213,11 +213,17 @@ and .Xr tty 4 devices. For file transfer sessions using -.Dq sftp , +.Dq sftp +which do not use logging, no additional configuration of the environment is necessary if the in-process sftp server is used (see .Cm Subsystem for details). +sftp sessions which do use logging require +.Pa /dev/log +inside the chroot directory (see +.Xr sftp-server 8 +for details). .Pp The default is not to .Xr chroot 2 . -- cgit v1.2.3 From f92077f05c7e1ebaf944da909e5a7ca7932443e0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:56:25 +1000 Subject: - jmc@cvs.openbsd.org 2009/04/18 18:39:10 [sshd_config.5] tweak previous; ok stevesk --- ChangeLog | 3 +++ sshd_config.5 | 13 +++++-------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 7a75cdd65..dcc9932db 100644 --- a/ChangeLog +++ b/ChangeLog @@ -44,6 +44,9 @@ [sshd_config.5] clarify that even internal-sftp needs /dev/log for logging to work; ok markus@ + - jmc@cvs.openbsd.org 2009/04/18 18:39:10 + [sshd_config.5] + tweak previous; ok stevesk 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/sshd_config.5 b/sshd_config.5 index 5c100bdaa..916e019da 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.104 2009/04/17 19:40:17 stevesk Exp $ -.Dd $Mdocdate: April 17 2009 $ +.\" $OpenBSD: sshd_config.5,v 1.105 2009/04/18 18:39:10 jmc Exp $ +.Dd $Mdocdate: April 18 2009 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -213,13 +213,10 @@ and .Xr tty 4 devices. For file transfer sessions using -.Dq sftp -which do not use logging, +.Dq sftp , no additional configuration of the environment is necessary if the -in-process sftp server is used (see -.Cm Subsystem -for details). -sftp sessions which do use logging require +in-process sftp server is used, +though sessions which use logging do require .Pa /dev/log inside the chroot directory (see .Xr sftp-server 8 -- cgit v1.2.3 From 51dbe503bf92ee38f003ffde4bb0a0d85c438ea7 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 17:56:51 +1000 Subject: - stevesk@cvs.openbsd.org 2009/04/21 15:13:17 [sshd_config.5] clarify we cd to user's home after chroot; ok markus@ on earlier version; tweaks and ok jmc@ --- ChangeLog | 4 ++++ sshd_config.5 | 7 +++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index dcc9932db..f2e6e8ccb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -47,6 +47,10 @@ - jmc@cvs.openbsd.org 2009/04/18 18:39:10 [sshd_config.5] tweak previous; ok stevesk + - stevesk@cvs.openbsd.org 2009/04/21 15:13:17 + [sshd_config.5] + clarify we cd to user's home after chroot; ok markus@ on + earlier version; tweaks and ok jmc@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/sshd_config.5 b/sshd_config.5 index 916e019da..29f4d8240 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.105 2009/04/18 18:39:10 jmc Exp $ -.Dd $Mdocdate: April 18 2009 $ +.\" $OpenBSD: sshd_config.5,v 1.106 2009/04/21 15:13:17 stevesk Exp $ +.Dd $Mdocdate: April 21 2009 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -188,6 +188,9 @@ Specifies a path to to after authentication. This path, and all its components, must be root-owned directories that are not writable by any other user or group. +After the chroot, +.Xr sshd 8 +changes the working directory to the user's home directory. .Pp The path may contain the following tokens that are expanded at runtime once the connecting user has been authenticated: %% is replaced by a literal '%', -- cgit v1.2.3 From f7288d77e4e705cbbc12c2ad55ed50f9de9a87e2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 18:12:20 +1000 Subject: - andreas@cvs.openbsd.org 2009/05/27 06:31:25 [canohost.h canohost.c] Add clear_cached_addr(), needed for upcoming changes allowing the peer address to change. ok markus@ --- ChangeLog | 11 + channels.c | 4 +- clientloop.c | 6 +- monitor.c | 12 +- monitor_wrap.c | 17 +- packet.c | 871 ++++++++++++++++++++++++++++++++------------------------- packet.h | 12 +- serverloop.c | 6 +- 8 files changed, 528 insertions(+), 411 deletions(-) diff --git a/ChangeLog b/ChangeLog index f2e6e8ccb..bd1367e7c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -51,6 +51,17 @@ [sshd_config.5] clarify we cd to user's home after chroot; ok markus@ on earlier version; tweaks and ok jmc@ + - andreas@cvs.openbsd.org 2009/05/25 06:48:01 + [channels.c packet.c clientloop.c packet.h serverloop.c monitor_wrap.c + monitor.c] + Put the globals in packet.c into a struct and don't access it directly + from other files. No functional changes. + ok markus@ djm@ + - andreas@cvs.openbsd.org 2009/05/27 06:31:25 + [canohost.h canohost.c] + Add clear_cached_addr(), needed for upcoming changes allowing the peer + address to change. + ok markus@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/channels.c b/channels.c index dea60ba24..efb04d655 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.295 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.296 2009/05/25 06:48:00 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2431,7 +2431,7 @@ channel_input_status_confirm(int type, u_int32_t seq, void *ctxt) int id; /* Reset keepalive timeout */ - keep_alive_timeouts = 0; + packet_set_alive_timeouts(0); id = packet_get_int(); packet_check_eom(); diff --git a/clientloop.c b/clientloop.c index a2d2d1d07..2cb8c3a49 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.209 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.210 2009/05/25 06:48:01 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -491,13 +491,13 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt) xfree(gc); } - keep_alive_timeouts = 0; + packet_set_alive_timeouts(0); } static void server_alive_check(void) { - if (++keep_alive_timeouts > options.server_alive_count_max) { + if (packet_inc_alive_timeouts() > options.server_alive_count_max) { logit("Timeout, server not responding."); cleanup_exit(255); } diff --git a/monitor.c b/monitor.c index f57e74ba5..61242e6d0 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.101 2009/02/12 03:26:22 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.102 2009/05/25 06:48:01 andreas Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -100,7 +100,6 @@ extern Newkeys *current_keys[]; extern z_stream incoming_stream; extern z_stream outgoing_stream; extern u_char session_id[]; -extern Buffer input, output; extern Buffer auth_debug; extern int auth_debug_init; extern Buffer loginmsg; @@ -1670,13 +1669,14 @@ monitor_apply_keystate(struct monitor *pmonitor) /* Network I/O buffers */ /* XXX inefficient for large buffers, need: buffer_init_from_string */ - buffer_clear(&input); - buffer_append(&input, child_state.input, child_state.ilen); + buffer_clear(packet_get_input()); + buffer_append(packet_get_input(), child_state.input, child_state.ilen); memset(child_state.input, 0, child_state.ilen); xfree(child_state.input); - buffer_clear(&output); - buffer_append(&output, child_state.output, child_state.olen); + buffer_clear(packet_get_output()); + buffer_append(packet_get_output(), child_state.output, + child_state.olen); memset(child_state.output, 0, child_state.olen); xfree(child_state.output); } diff --git a/monitor_wrap.c b/monitor_wrap.c index db3251b93..d71d4a8c5 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.65 2009/03/05 07:18:19 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.66 2009/05/25 06:48:01 andreas Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -80,11 +80,9 @@ /* Imports */ extern int compat20; -extern Newkeys *newkeys[]; extern z_stream incoming_stream; extern z_stream outgoing_stream; extern struct monitor *pmonitor; -extern Buffer input, output; extern Buffer loginmsg; extern ServerOptions options; @@ -509,7 +507,7 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp) Enc *enc; Mac *mac; Comp *comp; - Newkeys *newkey = newkeys[mode]; + Newkeys *newkey = (Newkeys *)packet_get_newkeys(mode); debug3("%s: converting %p", __func__, newkey); @@ -571,7 +569,7 @@ mm_send_kex(Buffer *m, Kex *kex) void mm_send_keystate(struct monitor *monitor) { - Buffer m; + Buffer m, *input, *output; u_char *blob, *p; u_int bloblen, plen; u_int32_t seqnr, packets; @@ -609,7 +607,8 @@ mm_send_keystate(struct monitor *monitor) } debug3("%s: Sending new keys: %p %p", - __func__, newkeys[MODE_OUT], newkeys[MODE_IN]); + __func__, packet_get_newkeys(MODE_OUT), + packet_get_newkeys(MODE_IN)); /* Keys from Kex */ if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen)) @@ -656,8 +655,10 @@ mm_send_keystate(struct monitor *monitor) buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); /* Network I/O buffers */ - buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); - buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); + input = (Buffer *)packet_get_input(); + output = (Buffer *)packet_get_output(); + buffer_put_string(&m, buffer_ptr(input), buffer_len(input)); + buffer_put_string(&m, buffer_ptr(output), buffer_len(output)); mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); debug3("%s: Finished sending state", __func__); diff --git a/packet.c b/packet.c index 5afc84ce0..fdc648888 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.160 2009/02/13 11:50:21 markus Exp $ */ +/* $OpenBSD: packet.c,v 1.161 2009/05/25 06:48:01 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -86,92 +86,117 @@ #define PACKET_MAX_SIZE (256 * 1024) -/* - * This variable contains the file descriptors used for communicating with - * the other side. connection_in is used for reading; connection_out for - * writing. These can be the same descriptor, in which case it is assumed to - * be a socket. - */ -static int connection_in = -1; -static int connection_out = -1; +struct packet_state { + u_int32_t seqnr; + u_int32_t packets; + u_int64_t blocks; + u_int64_t bytes; +}; -/* Protocol flags for the remote side. */ -static u_int remote_protocol_flags = 0; +struct packet { + TAILQ_ENTRY(packet) next; + u_char type; + Buffer payload; +}; -/* Encryption context for receiving data. This is only used for decryption. */ -static CipherContext receive_context; +struct session_state { + /* + * This variable contains the file descriptors used for + * communicating with the other side. connection_in is used for + * reading; connection_out for writing. These can be the same + * descriptor, in which case it is assumed to be a socket. + */ + int connection_in; + int connection_out; -/* Encryption context for sending data. This is only used for encryption. */ -static CipherContext send_context; + /* Protocol flags for the remote side. */ + u_int remote_protocol_flags; -/* Buffer for raw input data from the socket. */ -Buffer input; + /* Encryption context for receiving data. Only used for decryption. */ + CipherContext receive_context; -/* Buffer for raw output data going to the socket. */ -Buffer output; + /* Encryption context for sending data. Only used for encryption. */ + CipherContext send_context; -/* Buffer for the partial outgoing packet being constructed. */ -static Buffer outgoing_packet; + /* Buffer for raw input data from the socket. */ + Buffer input; -/* Buffer for the incoming packet currently being processed. */ -static Buffer incoming_packet; + /* Buffer for raw output data going to the socket. */ + Buffer output; -/* Scratch buffer for packet compression/decompression. */ -static Buffer compression_buffer; -static int compression_buffer_ready = 0; + /* Buffer for the partial outgoing packet being constructed. */ + Buffer outgoing_packet; -/* Flag indicating whether packet compression/decompression is enabled. */ -static int packet_compression = 0; + /* Buffer for the incoming packet currently being processed. */ + Buffer incoming_packet; -/* default maximum packet size */ -u_int max_packet_size = 32768; + /* Scratch buffer for packet compression/decompression. */ + Buffer compression_buffer; + int compression_buffer_ready; -/* Flag indicating whether this module has been initialized. */ -static int initialized = 0; + /* + * Flag indicating whether packet compression/decompression is + * enabled. + */ + int packet_compression; -/* Set to true if the connection is interactive. */ -static int interactive_mode = 0; + /* default maximum packet size */ + u_int max_packet_size; -/* Set to true if we are the server side. */ -static int server_side = 0; + /* Flag indicating whether this module has been initialized. */ + int initialized; -/* Set to true if we are authenticated. */ -static int after_authentication = 0; + /* Set to true if the connection is interactive. */ + int interactive_mode; -int keep_alive_timeouts = 0; + /* Set to true if we are the server side. */ + int server_side; -/* Set to the maximum time that we will wait to send or receive a packet */ -static int packet_timeout_ms = -1; + /* Set to true if we are authenticated. */ + int after_authentication; -/* Session key information for Encryption and MAC */ -Newkeys *newkeys[MODE_MAX]; -static struct packet_state { - u_int32_t seqnr; - u_int32_t packets; - u_int64_t blocks; - u_int64_t bytes; -} p_read, p_send; + int keep_alive_timeouts; -static u_int64_t max_blocks_in, max_blocks_out; -static u_int32_t rekey_limit; + /* The maximum time that we will wait to send or receive a packet */ + int packet_timeout_ms; -/* Session key for protocol v1 */ -static u_char ssh1_key[SSH_SESSION_KEY_LENGTH]; -static u_int ssh1_keylen; + /* Session key information for Encryption and MAC */ + Newkeys *newkeys[MODE_MAX]; + struct packet_state p_read, p_send; -/* roundup current message to extra_pad bytes */ -static u_char extra_pad = 0; + u_int64_t max_blocks_in, max_blocks_out; + u_int32_t rekey_limit; -/* XXX discard incoming data after MAC error */ -static u_int packet_discard = 0; -static Mac *packet_discard_mac = NULL; + /* Session key for protocol v1 */ + u_char ssh1_key[SSH_SESSION_KEY_LENGTH]; + u_int ssh1_keylen; -struct packet { - TAILQ_ENTRY(packet) next; - u_char type; - Buffer payload; + /* roundup current message to extra_pad bytes */ + u_char extra_pad; + + /* XXX discard incoming data after MAC error */ + u_int packet_discard; + Mac *packet_discard_mac; + + /* Used in packet_read_poll2() */ + u_int packlen; + + TAILQ_HEAD(, packet) outgoing; }; -TAILQ_HEAD(, packet) outgoing; + +static struct session_state *active_state; + +static struct session_state * +alloc_session_state() +{ + struct session_state *s = xcalloc(1, sizeof(*s)); + + s->connection_in = -1; + s->connection_out = -1; + s->max_packet_size = 32768; + s->packet_timeout_ms = -1; + return s; +} /* * Sets the descriptors used for communication. Disables encryption until @@ -184,21 +209,23 @@ packet_set_connection(int fd_in, int fd_out) if (none == NULL) fatal("packet_set_connection: cannot load cipher 'none'"); - connection_in = fd_in; - connection_out = fd_out; - cipher_init(&send_context, none, (const u_char *)"", + if (active_state == NULL) + active_state = alloc_session_state(); + active_state->connection_in = fd_in; + active_state->connection_out = fd_out; + cipher_init(&active_state->send_context, none, (const u_char *)"", 0, NULL, 0, CIPHER_ENCRYPT); - cipher_init(&receive_context, none, (const u_char *)"", + cipher_init(&active_state->receive_context, none, (const u_char *)"", 0, NULL, 0, CIPHER_DECRYPT); - newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; - if (!initialized) { - initialized = 1; - buffer_init(&input); - buffer_init(&output); - buffer_init(&outgoing_packet); - buffer_init(&incoming_packet); - TAILQ_INIT(&outgoing); - p_send.packets = p_read.packets = 0; + active_state->newkeys[MODE_IN] = active_state->newkeys[MODE_OUT] = NULL; + if (!active_state->initialized) { + active_state->initialized = 1; + buffer_init(&active_state->input); + buffer_init(&active_state->output); + buffer_init(&active_state->outgoing_packet); + buffer_init(&active_state->incoming_packet); + TAILQ_INIT(&active_state->outgoing); + active_state->p_send.packets = active_state->p_read.packets = 0; } } @@ -206,27 +233,29 @@ void packet_set_timeout(int timeout, int count) { if (timeout == 0 || count == 0) { - packet_timeout_ms = -1; + active_state->packet_timeout_ms = -1; return; } if ((INT_MAX / 1000) / count < timeout) - packet_timeout_ms = INT_MAX; + active_state->packet_timeout_ms = INT_MAX; else - packet_timeout_ms = timeout * count * 1000; + active_state->packet_timeout_ms = timeout * count * 1000; } static void packet_stop_discard(void) { - if (packet_discard_mac) { + if (active_state->packet_discard_mac) { char buf[1024]; memset(buf, 'a', sizeof(buf)); - while (buffer_len(&incoming_packet) < PACKET_MAX_SIZE) - buffer_append(&incoming_packet, buf, sizeof(buf)); - (void) mac_compute(packet_discard_mac, - p_read.seqnr, - buffer_ptr(&incoming_packet), + while (buffer_len(&active_state->incoming_packet) < + PACKET_MAX_SIZE) + buffer_append(&active_state->incoming_packet, buf, + sizeof(buf)); + (void) mac_compute(active_state->packet_discard_mac, + active_state->p_read.seqnr, + buffer_ptr(&active_state->incoming_packet), PACKET_MAX_SIZE); } logit("Finished discarding for %.200s", get_remote_ipaddr()); @@ -239,10 +268,11 @@ packet_start_discard(Enc *enc, Mac *mac, u_int packet_length, u_int discard) if (enc == NULL || !cipher_is_cbc(enc->cipher)) packet_disconnect("Packet corrupt"); if (packet_length != PACKET_MAX_SIZE && mac && mac->enabled) - packet_discard_mac = mac; - if (buffer_len(&input) >= discard) + active_state->packet_discard_mac = mac; + if (buffer_len(&active_state->input) >= discard) packet_stop_discard(); - packet_discard = discard - buffer_len(&input); + active_state->packet_discard = discard - + buffer_len(&active_state->input); } /* Returns 1 if remote host is connected via socket, 0 if not. */ @@ -254,15 +284,17 @@ packet_connection_is_on_socket(void) socklen_t fromlen, tolen; /* filedescriptors in and out are the same, so it's a socket */ - if (connection_in == connection_out) + if (active_state->connection_in == active_state->connection_out) return 1; fromlen = sizeof(from); memset(&from, 0, sizeof(from)); - if (getpeername(connection_in, (struct sockaddr *)&from, &fromlen) < 0) + if (getpeername(active_state->connection_in, (struct sockaddr *)&from, + &fromlen) < 0) return 0; tolen = sizeof(to); memset(&to, 0, sizeof(to)); - if (getpeername(connection_out, (struct sockaddr *)&to, &tolen) < 0) + if (getpeername(active_state->connection_out, (struct sockaddr *)&to, + &tolen) < 0) return 0; if (fromlen != tolen || memcmp(&from, &to, fromlen) != 0) return 0; @@ -283,9 +315,9 @@ packet_get_keyiv(int mode, u_char *iv, u_int len) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; cipher_get_keyiv(cc, iv, len); } @@ -296,9 +328,9 @@ packet_get_keycontext(int mode, u_char *dat) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; return (cipher_get_keycontext(cc, dat)); } @@ -309,9 +341,9 @@ packet_set_keycontext(int mode, u_char *dat) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; cipher_set_keycontext(cc, dat); } @@ -322,9 +354,9 @@ packet_get_keyiv_len(int mode) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; return (cipher_get_keyiv_len(cc)); } @@ -335,9 +367,9 @@ packet_set_iv(int mode, u_char *dat) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; cipher_set_keyiv(cc, dat); } @@ -345,7 +377,7 @@ packet_set_iv(int mode, u_char *dat) int packet_get_ssh1_cipher(void) { - return (cipher_get_number(receive_context.cipher)); + return (cipher_get_number(active_state->receive_context.cipher)); } void @@ -354,7 +386,8 @@ packet_get_state(int mode, u_int32_t *seqnr, u_int64_t *blocks, u_int32_t *packe { struct packet_state *state; - state = (mode == MODE_IN) ? &p_read : &p_send; + state = (mode == MODE_IN) ? + &active_state->p_read : &active_state->p_send; if (seqnr) *seqnr = state->seqnr; if (blocks) @@ -371,7 +404,8 @@ packet_set_state(int mode, u_int32_t seqnr, u_int64_t blocks, u_int32_t packets, { struct packet_state *state; - state = (mode == MODE_IN) ? &p_read : &p_send; + state = (mode == MODE_IN) ? + &active_state->p_read : &active_state->p_send; state->seqnr = seqnr; state->blocks = blocks; state->packets = packets; @@ -387,7 +421,8 @@ packet_connection_is_ipv4(void) socklen_t tolen = sizeof(to); memset(&to, 0, sizeof(to)); - if (getsockname(connection_out, (struct sockaddr *)&to, &tolen) < 0) + if (getsockname(active_state->connection_out, (struct sockaddr *)&to, + &tolen) < 0) return 0; if (to.ss_family == AF_INET) return 1; @@ -405,10 +440,10 @@ void packet_set_nonblocking(void) { /* Set the socket into non-blocking mode. */ - set_nonblock(connection_in); + set_nonblock(active_state->connection_in); - if (connection_out != connection_in) - set_nonblock(connection_out); + if (active_state->connection_out != active_state->connection_in) + set_nonblock(active_state->connection_out); } /* Returns the socket used for reading. */ @@ -416,7 +451,7 @@ packet_set_nonblocking(void) int packet_get_connection_in(void) { - return connection_in; + return active_state->connection_in; } /* Returns the descriptor used for writing. */ @@ -424,7 +459,7 @@ packet_get_connection_in(void) int packet_get_connection_out(void) { - return connection_out; + return active_state->connection_out; } /* Closes the connection and clears and frees internal data structures. */ @@ -432,26 +467,26 @@ packet_get_connection_out(void) void packet_close(void) { - if (!initialized) + if (!active_state->initialized) return; - initialized = 0; - if (connection_in == connection_out) { - shutdown(connection_out, SHUT_RDWR); - close(connection_out); + active_state->initialized = 0; + if (active_state->connection_in == active_state->connection_out) { + shutdown(active_state->connection_out, SHUT_RDWR); + close(active_state->connection_out); } else { - close(connection_in); - close(connection_out); + close(active_state->connection_in); + close(active_state->connection_out); } - buffer_free(&input); - buffer_free(&output); - buffer_free(&outgoing_packet); - buffer_free(&incoming_packet); - if (compression_buffer_ready) { - buffer_free(&compression_buffer); + buffer_free(&active_state->input); + buffer_free(&active_state->output); + buffer_free(&active_state->outgoing_packet); + buffer_free(&active_state->incoming_packet); + if (active_state->compression_buffer_ready) { + buffer_free(&active_state->compression_buffer); buffer_compress_uninit(); } - cipher_cleanup(&send_context); - cipher_cleanup(&receive_context); + cipher_cleanup(&active_state->send_context); + cipher_cleanup(&active_state->receive_context); } /* Sets remote side protocol flags. */ @@ -459,7 +494,7 @@ packet_close(void) void packet_set_protocol_flags(u_int protocol_flags) { - remote_protocol_flags = protocol_flags; + active_state->remote_protocol_flags = protocol_flags; } /* Returns the remote protocol flags set earlier by the above function. */ @@ -467,7 +502,7 @@ packet_set_protocol_flags(u_int protocol_flags) u_int packet_get_protocol_flags(void) { - return remote_protocol_flags; + return active_state->remote_protocol_flags; } /* @@ -478,18 +513,18 @@ packet_get_protocol_flags(void) static void packet_init_compression(void) { - if (compression_buffer_ready == 1) + if (active_state->compression_buffer_ready == 1) return; - compression_buffer_ready = 1; - buffer_init(&compression_buffer); + active_state->compression_buffer_ready = 1; + buffer_init(&active_state->compression_buffer); } void packet_start_compression(int level) { - if (packet_compression && !compat20) + if (active_state->packet_compression && !compat20) fatal("Compression already enabled."); - packet_compression = 1; + active_state->packet_compression = 1; packet_init_compression(); buffer_compress_init_send(level); buffer_compress_init_recv(); @@ -513,19 +548,21 @@ packet_set_encryption_key(const u_char *key, u_int keylen, fatal("packet_set_encryption_key: keylen too small: %d", keylen); if (keylen > SSH_SESSION_KEY_LENGTH) fatal("packet_set_encryption_key: keylen too big: %d", keylen); - memcpy(ssh1_key, key, keylen); - ssh1_keylen = keylen; - cipher_init(&send_context, cipher, key, keylen, NULL, 0, CIPHER_ENCRYPT); - cipher_init(&receive_context, cipher, key, keylen, NULL, 0, CIPHER_DECRYPT); + memcpy(active_state->ssh1_key, key, keylen); + active_state->ssh1_keylen = keylen; + cipher_init(&active_state->send_context, cipher, key, keylen, NULL, + 0, CIPHER_ENCRYPT); + cipher_init(&active_state->receive_context, cipher, key, keylen, NULL, + 0, CIPHER_DECRYPT); } u_int packet_get_encryption_key(u_char *key) { if (key == NULL) - return (ssh1_keylen); - memcpy(key, ssh1_key, ssh1_keylen); - return (ssh1_keylen); + return (active_state->ssh1_keylen); + memcpy(key, active_state->ssh1_key, active_state->ssh1_keylen); + return (active_state->ssh1_keylen); } /* Start constructing a packet to send. */ @@ -539,8 +576,8 @@ packet_start(u_char type) len = compat20 ? 6 : 9; memset(buf, 0, len - 1); buf[len - 1] = type; - buffer_clear(&outgoing_packet); - buffer_append(&outgoing_packet, buf, len); + buffer_clear(&active_state->outgoing_packet); + buffer_append(&active_state->outgoing_packet, buf, len); } /* Append payload. */ @@ -549,43 +586,43 @@ packet_put_char(int value) { char ch = value; - buffer_append(&outgoing_packet, &ch, 1); + buffer_append(&active_state->outgoing_packet, &ch, 1); } void packet_put_int(u_int value) { - buffer_put_int(&outgoing_packet, value); + buffer_put_int(&active_state->outgoing_packet, value); } void packet_put_string(const void *buf, u_int len) { - buffer_put_string(&outgoing_packet, buf, len); + buffer_put_string(&active_state->outgoing_packet, buf, len); } void packet_put_cstring(const char *str) { - buffer_put_cstring(&outgoing_packet, str); + buffer_put_cstring(&active_state->outgoing_packet, str); } void packet_put_raw(const void *buf, u_int len) { - buffer_append(&outgoing_packet, buf, len); + buffer_append(&active_state->outgoing_packet, buf, len); } void packet_put_bignum(BIGNUM * value) { - buffer_put_bignum(&outgoing_packet, value); + buffer_put_bignum(&active_state->outgoing_packet, value); } void packet_put_bignum2(BIGNUM * value) { - buffer_put_bignum2(&outgoing_packet, value); + buffer_put_bignum2(&active_state->outgoing_packet, value); } /* @@ -605,24 +642,27 @@ packet_send1(void) * If using packet compression, compress the payload of the outgoing * packet. */ - if (packet_compression) { - buffer_clear(&compression_buffer); + if (active_state->packet_compression) { + buffer_clear(&active_state->compression_buffer); /* Skip padding. */ - buffer_consume(&outgoing_packet, 8); + buffer_consume(&active_state->outgoing_packet, 8); /* padding */ - buffer_append(&compression_buffer, "\0\0\0\0\0\0\0\0", 8); - buffer_compress(&outgoing_packet, &compression_buffer); - buffer_clear(&outgoing_packet); - buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_append(&active_state->compression_buffer, + "\0\0\0\0\0\0\0\0", 8); + buffer_compress(&active_state->outgoing_packet, + &active_state->compression_buffer); + buffer_clear(&active_state->outgoing_packet); + buffer_append(&active_state->outgoing_packet, + buffer_ptr(&active_state->compression_buffer), + buffer_len(&active_state->compression_buffer)); } /* Compute packet length without padding (add checksum, remove padding). */ - len = buffer_len(&outgoing_packet) + 4 - 8; + len = buffer_len(&active_state->outgoing_packet) + 4 - 8; /* Insert padding. Initialized to zero in packet_start1() */ padding = 8 - len % 8; - if (!send_context.plaintext) { - cp = buffer_ptr(&outgoing_packet); + if (!active_state->send_context.plaintext) { + cp = buffer_ptr(&active_state->outgoing_packet); for (i = 0; i < padding; i++) { if (i % 4 == 0) rnd = arc4random(); @@ -630,33 +670,36 @@ packet_send1(void) rnd >>= 8; } } - buffer_consume(&outgoing_packet, 8 - padding); + buffer_consume(&active_state->outgoing_packet, 8 - padding); /* Add check bytes. */ - checksum = ssh_crc32(buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); + checksum = ssh_crc32(buffer_ptr(&active_state->outgoing_packet), + buffer_len(&active_state->outgoing_packet)); put_u32(buf, checksum); - buffer_append(&outgoing_packet, buf, 4); + buffer_append(&active_state->outgoing_packet, buf, 4); #ifdef PACKET_DEBUG fprintf(stderr, "packet_send plain: "); - buffer_dump(&outgoing_packet); + buffer_dump(&active_state->outgoing_packet); #endif /* Append to output. */ put_u32(buf, len); - buffer_append(&output, buf, 4); - cp = buffer_append_space(&output, buffer_len(&outgoing_packet)); - cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); + buffer_append(&active_state->output, buf, 4); + cp = buffer_append_space(&active_state->output, + buffer_len(&active_state->outgoing_packet)); + cipher_crypt(&active_state->send_context, cp, + buffer_ptr(&active_state->outgoing_packet), + buffer_len(&active_state->outgoing_packet)); #ifdef PACKET_DEBUG fprintf(stderr, "encrypted: "); - buffer_dump(&output); + buffer_dump(&active_state->output); #endif - p_send.packets++; - p_send.bytes += len + buffer_len(&outgoing_packet); - buffer_clear(&outgoing_packet); + active_state->p_send.packets++; + active_state->p_send.bytes += len + + buffer_len(&active_state->outgoing_packet); + buffer_clear(&active_state->outgoing_packet); /* * Note that the packet is now only buffered in output. It won't be @@ -678,22 +721,22 @@ set_newkeys(int mode) debug2("set_newkeys: mode %d", mode); if (mode == MODE_OUT) { - cc = &send_context; + cc = &active_state->send_context; crypt_type = CIPHER_ENCRYPT; - p_send.packets = p_send.blocks = 0; - max_blocks = &max_blocks_out; + active_state->p_send.packets = active_state->p_send.blocks = 0; + max_blocks = &active_state->max_blocks_out; } else { - cc = &receive_context; + cc = &active_state->receive_context; crypt_type = CIPHER_DECRYPT; - p_read.packets = p_read.blocks = 0; - max_blocks = &max_blocks_in; + active_state->p_read.packets = active_state->p_read.blocks = 0; + max_blocks = &active_state->max_blocks_in; } - if (newkeys[mode] != NULL) { + if (active_state->newkeys[mode] != NULL) { debug("set_newkeys: rekeying"); cipher_cleanup(cc); - enc = &newkeys[mode]->enc; - mac = &newkeys[mode]->mac; - comp = &newkeys[mode]->comp; + enc = &active_state->newkeys[mode]->enc; + mac = &active_state->newkeys[mode]->mac; + comp = &active_state->newkeys[mode]->comp; mac_clear(mac); xfree(enc->name); xfree(enc->iv); @@ -701,14 +744,14 @@ set_newkeys(int mode) xfree(mac->name); xfree(mac->key); xfree(comp->name); - xfree(newkeys[mode]); + xfree(active_state->newkeys[mode]); } - newkeys[mode] = kex_get_newkeys(mode); - if (newkeys[mode] == NULL) + active_state->newkeys[mode] = kex_get_newkeys(mode); + if (active_state->newkeys[mode] == NULL) fatal("newkeys: no keys for mode %d", mode); - enc = &newkeys[mode]->enc; - mac = &newkeys[mode]->mac; - comp = &newkeys[mode]->comp; + enc = &active_state->newkeys[mode]->enc; + mac = &active_state->newkeys[mode]->mac; + comp = &active_state->newkeys[mode]->comp; if (mac_init(mac) == 0) mac->enabled = 1; DBG(debug("cipher_init_context: %d", mode)); @@ -719,8 +762,8 @@ set_newkeys(int mode) memset(enc->key, 0, enc->key_len); memset(mac->key, 0, mac->key_len); */ if ((comp->type == COMP_ZLIB || - (comp->type == COMP_DELAYED && after_authentication)) && - comp->enabled == 0) { + (comp->type == COMP_DELAYED && + active_state->after_authentication)) && comp->enabled == 0) { packet_init_compression(); if (mode == MODE_OUT) buffer_compress_init_send(6); @@ -736,8 +779,9 @@ set_newkeys(int mode) *max_blocks = (u_int64_t)1 << (enc->block_size*2); else *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; - if (rekey_limit) - *max_blocks = MIN(*max_blocks, rekey_limit / enc->block_size); + if (active_state->rekey_limit) + *max_blocks = MIN(*max_blocks, + active_state->rekey_limit / enc->block_size); } /* @@ -755,12 +799,12 @@ packet_enable_delayed_compress(void) * Remember that we are past the authentication step, so rekeying * with COMP_DELAYED will turn on compression immediately. */ - after_authentication = 1; + active_state->after_authentication = 1; for (mode = 0; mode < MODE_MAX; mode++) { /* protocol error: USERAUTH_SUCCESS received before NEWKEYS */ - if (newkeys[mode] == NULL) + if (active_state->newkeys[mode] == NULL) continue; - comp = &newkeys[mode]->comp; + comp = &active_state->newkeys[mode]->comp; if (comp && !comp->enabled && comp->type == COMP_DELAYED) { packet_init_compression(); if (mode == MODE_OUT) @@ -788,37 +832,39 @@ packet_send2_wrapped(void) Comp *comp = NULL; int block_size; - if (newkeys[MODE_OUT] != NULL) { - enc = &newkeys[MODE_OUT]->enc; - mac = &newkeys[MODE_OUT]->mac; - comp = &newkeys[MODE_OUT]->comp; + if (active_state->newkeys[MODE_OUT] != NULL) { + enc = &active_state->newkeys[MODE_OUT]->enc; + mac = &active_state->newkeys[MODE_OUT]->mac; + comp = &active_state->newkeys[MODE_OUT]->comp; } block_size = enc ? enc->block_size : 8; - cp = buffer_ptr(&outgoing_packet); + cp = buffer_ptr(&active_state->outgoing_packet); type = cp[5]; #ifdef PACKET_DEBUG fprintf(stderr, "plain: "); - buffer_dump(&outgoing_packet); + buffer_dump(&active_state->outgoing_packet); #endif if (comp && comp->enabled) { - len = buffer_len(&outgoing_packet); + len = buffer_len(&active_state->outgoing_packet); /* skip header, compress only payload */ - buffer_consume(&outgoing_packet, 5); - buffer_clear(&compression_buffer); - buffer_compress(&outgoing_packet, &compression_buffer); - buffer_clear(&outgoing_packet); - buffer_append(&outgoing_packet, "\0\0\0\0\0", 5); - buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_consume(&active_state->outgoing_packet, 5); + buffer_clear(&active_state->compression_buffer); + buffer_compress(&active_state->outgoing_packet, + &active_state->compression_buffer); + buffer_clear(&active_state->outgoing_packet); + buffer_append(&active_state->outgoing_packet, "\0\0\0\0\0", 5); + buffer_append(&active_state->outgoing_packet, + buffer_ptr(&active_state->compression_buffer), + buffer_len(&active_state->compression_buffer)); DBG(debug("compression: raw %d compressed %d", len, - buffer_len(&outgoing_packet))); + buffer_len(&active_state->outgoing_packet))); } /* sizeof (packet_len + pad_len + payload) */ - len = buffer_len(&outgoing_packet); + len = buffer_len(&active_state->outgoing_packet); /* * calc size of padding, alloc space, get random data, @@ -827,17 +873,19 @@ packet_send2_wrapped(void) padlen = block_size - (len % block_size); if (padlen < 4) padlen += block_size; - if (extra_pad) { + if (active_state->extra_pad) { /* will wrap if extra_pad+padlen > 255 */ - extra_pad = roundup(extra_pad, block_size); - pad = extra_pad - ((len + padlen) % extra_pad); + active_state->extra_pad = + roundup(active_state->extra_pad, block_size); + pad = active_state->extra_pad - + ((len + padlen) % active_state->extra_pad); debug3("packet_send2: adding %d (len %d padlen %d extra_pad %d)", - pad, len, padlen, extra_pad); + pad, len, padlen, active_state->extra_pad); padlen += pad; - extra_pad = 0; + active_state->extra_pad = 0; } - cp = buffer_append_space(&outgoing_packet, padlen); - if (enc && !send_context.plaintext) { + cp = buffer_append_space(&active_state->outgoing_packet, padlen); + if (enc && !active_state->send_context.plaintext) { /* random padding */ for (i = 0; i < padlen; i++) { if (i % 4 == 0) @@ -850,43 +898,45 @@ packet_send2_wrapped(void) memset(cp, 0, padlen); } /* packet_length includes payload, padding and padding length field */ - packet_length = buffer_len(&outgoing_packet) - 4; - cp = buffer_ptr(&outgoing_packet); + packet_length = buffer_len(&active_state->outgoing_packet) - 4; + cp = buffer_ptr(&active_state->outgoing_packet); put_u32(cp, packet_length); cp[4] = padlen; DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen)); /* compute MAC over seqnr and packet(length fields, payload, padding) */ if (mac && mac->enabled) { - macbuf = mac_compute(mac, p_send.seqnr, - buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); - DBG(debug("done calc MAC out #%d", p_send.seqnr)); + macbuf = mac_compute(mac, active_state->p_send.seqnr, + buffer_ptr(&active_state->outgoing_packet), + buffer_len(&active_state->outgoing_packet)); + DBG(debug("done calc MAC out #%d", active_state->p_send.seqnr)); } /* encrypt packet and append to output buffer. */ - cp = buffer_append_space(&output, buffer_len(&outgoing_packet)); - cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); + cp = buffer_append_space(&active_state->output, + buffer_len(&active_state->outgoing_packet)); + cipher_crypt(&active_state->send_context, cp, + buffer_ptr(&active_state->outgoing_packet), + buffer_len(&active_state->outgoing_packet)); /* append unencrypted MAC */ if (mac && mac->enabled) - buffer_append(&output, macbuf, mac->mac_len); + buffer_append(&active_state->output, macbuf, mac->mac_len); #ifdef PACKET_DEBUG fprintf(stderr, "encrypted: "); - buffer_dump(&output); + buffer_dump(&active_state->output); #endif /* increment sequence number for outgoing packets */ - if (++p_send.seqnr == 0) + if (++active_state->p_send.seqnr == 0) logit("outgoing seqnr wraps around"); - if (++p_send.packets == 0) + if (++active_state->p_send.packets == 0) if (!(datafellows & SSH_BUG_NOREKEY)) fatal("XXX too many packets with same key"); - p_send.blocks += (packet_length + 4) / block_size; - p_send.bytes += packet_length + 4; - buffer_clear(&outgoing_packet); + active_state->p_send.blocks += (packet_length + 4) / block_size; + active_state->p_send.bytes += packet_length + 4; + buffer_clear(&active_state->outgoing_packet); if (type == SSH2_MSG_NEWKEYS) set_newkeys(MODE_OUT); - else if (type == SSH2_MSG_USERAUTH_SUCCESS && server_side) + else if (type == SSH2_MSG_USERAUTH_SUCCESS && active_state->server_side) packet_enable_delayed_compress(); } @@ -897,7 +947,7 @@ packet_send2(void) struct packet *p; u_char type, *cp; - cp = buffer_ptr(&outgoing_packet); + cp = buffer_ptr(&active_state->outgoing_packet); type = cp[5]; /* during rekeying we can only send key exchange messages */ @@ -907,9 +957,10 @@ packet_send2(void) debug("enqueue packet: %u", type); p = xmalloc(sizeof(*p)); p->type = type; - memcpy(&p->payload, &outgoing_packet, sizeof(Buffer)); - buffer_init(&outgoing_packet); - TAILQ_INSERT_TAIL(&outgoing, p, next); + memcpy(&p->payload, &active_state->outgoing_packet, + sizeof(Buffer)); + buffer_init(&active_state->outgoing_packet); + TAILQ_INSERT_TAIL(&active_state->outgoing, p, next); return; } } @@ -923,13 +974,13 @@ packet_send2(void) /* after a NEWKEYS message we can send the complete queue */ if (type == SSH2_MSG_NEWKEYS) { rekeying = 0; - while ((p = TAILQ_FIRST(&outgoing))) { + while ((p = TAILQ_FIRST(&active_state->outgoing))) { type = p->type; debug("dequeue packet: %u", type); - buffer_free(&outgoing_packet); - memcpy(&outgoing_packet, &p->payload, + buffer_free(&active_state->outgoing_packet); + memcpy(&active_state->outgoing_packet, &p->payload, sizeof(Buffer)); - TAILQ_REMOVE(&outgoing, p, next); + TAILQ_REMOVE(&active_state->outgoing, p, next); xfree(p); packet_send2_wrapped(); } @@ -962,8 +1013,8 @@ packet_read_seqnr(u_int32_t *seqnr_p) DBG(debug("packet_read()")); - setp = (fd_set *)xcalloc(howmany(connection_in+1, NFDBITS), - sizeof(fd_mask)); + setp = (fd_set *)xcalloc(howmany(active_state->connection_in + 1, + NFDBITS), sizeof(fd_mask)); /* Since we are blocking, ensure that all written packets have been sent. */ packet_write_wait(); @@ -987,27 +1038,27 @@ packet_read_seqnr(u_int32_t *seqnr_p) * Otherwise, wait for some data to arrive, add it to the * buffer, and try again. */ - memset(setp, 0, howmany(connection_in + 1, NFDBITS) * - sizeof(fd_mask)); - FD_SET(connection_in, setp); + memset(setp, 0, howmany(active_state->connection_in + 1, + NFDBITS) * sizeof(fd_mask)); + FD_SET(active_state->connection_in, setp); - if (packet_timeout_ms > 0) { - ms_remain = packet_timeout_ms; + if (active_state->packet_timeout_ms > 0) { + ms_remain = active_state->packet_timeout_ms; timeoutp = &timeout; } /* Wait for some data to arrive. */ for (;;) { - if (packet_timeout_ms != -1) { + if (active_state->packet_timeout_ms != -1) { ms_to_timeval(&timeout, ms_remain); gettimeofday(&start, NULL); } - if ((ret = select(connection_in + 1, setp, NULL, - NULL, timeoutp)) >= 0) + if ((ret = select(active_state->connection_in + 1, setp, + NULL, NULL, timeoutp)) >= 0) break; - if (errno != EAGAIN && errno != EINTR && + if (errno != EAGAIN && errno != EINTR && errno != EWOULDBLOCK) break; - if (packet_timeout_ms == -1) + if (active_state->packet_timeout_ms == -1) continue; ms_subtract_diff(&start, &ms_remain); if (ms_remain <= 0) { @@ -1021,7 +1072,7 @@ packet_read_seqnr(u_int32_t *seqnr_p) cleanup_exit(255); } /* Read data from the socket. */ - len = read(connection_in, buf, sizeof(buf)); + len = read(active_state->connection_in, buf, sizeof(buf)); if (len == 0) { logit("Connection closed by %.200s", get_remote_ipaddr()); cleanup_exit(255); @@ -1073,31 +1124,32 @@ packet_read_poll1(void) u_int checksum, stored_checksum; /* Check if input size is less than minimum packet size. */ - if (buffer_len(&input) < 4 + 8) + if (buffer_len(&active_state->input) < 4 + 8) return SSH_MSG_NONE; /* Get length of incoming packet. */ - cp = buffer_ptr(&input); + cp = buffer_ptr(&active_state->input); len = get_u32(cp); if (len < 1 + 2 + 2 || len > 256 * 1024) packet_disconnect("Bad packet length %u.", len); padded_len = (len + 8) & ~7; /* Check if the packet has been entirely received. */ - if (buffer_len(&input) < 4 + padded_len) + if (buffer_len(&active_state->input) < 4 + padded_len) return SSH_MSG_NONE; /* The entire packet is in buffer. */ /* Consume packet length. */ - buffer_consume(&input, 4); + buffer_consume(&active_state->input, 4); /* * Cryptographic attack detector for ssh * (C)1998 CORE-SDI, Buenos Aires Argentina * Ariel Futoransky(futo@core-sdi.com) */ - if (!receive_context.plaintext) { - switch (detect_attack(buffer_ptr(&input), padded_len)) { + if (!active_state->receive_context.plaintext) { + switch (detect_attack(buffer_ptr(&active_state->input), + padded_len)) { case DEATTACK_DETECTED: packet_disconnect("crc32 compensation attack: " "network attack detected"); @@ -1108,45 +1160,48 @@ packet_read_poll1(void) } /* Decrypt data to incoming_packet. */ - buffer_clear(&incoming_packet); - cp = buffer_append_space(&incoming_packet, padded_len); - cipher_crypt(&receive_context, cp, buffer_ptr(&input), padded_len); + buffer_clear(&active_state->incoming_packet); + cp = buffer_append_space(&active_state->incoming_packet, padded_len); + cipher_crypt(&active_state->receive_context, cp, + buffer_ptr(&active_state->input), padded_len); - buffer_consume(&input, padded_len); + buffer_consume(&active_state->input, padded_len); #ifdef PACKET_DEBUG fprintf(stderr, "read_poll plain: "); - buffer_dump(&incoming_packet); + buffer_dump(&active_state->incoming_packet); #endif /* Compute packet checksum. */ - checksum = ssh_crc32(buffer_ptr(&incoming_packet), - buffer_len(&incoming_packet) - 4); + checksum = ssh_crc32(buffer_ptr(&active_state->incoming_packet), + buffer_len(&active_state->incoming_packet) - 4); /* Skip padding. */ - buffer_consume(&incoming_packet, 8 - len % 8); + buffer_consume(&active_state->incoming_packet, 8 - len % 8); /* Test check bytes. */ - if (len != buffer_len(&incoming_packet)) + if (len != buffer_len(&active_state->incoming_packet)) packet_disconnect("packet_read_poll1: len %d != buffer_len %d.", - len, buffer_len(&incoming_packet)); + len, buffer_len(&active_state->incoming_packet)); - cp = (u_char *)buffer_ptr(&incoming_packet) + len - 4; + cp = (u_char *)buffer_ptr(&active_state->incoming_packet) + len - 4; stored_checksum = get_u32(cp); if (checksum != stored_checksum) packet_disconnect("Corrupted check bytes on input."); - buffer_consume_end(&incoming_packet, 4); - - if (packet_compression) { - buffer_clear(&compression_buffer); - buffer_uncompress(&incoming_packet, &compression_buffer); - buffer_clear(&incoming_packet); - buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_consume_end(&active_state->incoming_packet, 4); + + if (active_state->packet_compression) { + buffer_clear(&active_state->compression_buffer); + buffer_uncompress(&active_state->incoming_packet, + &active_state->compression_buffer); + buffer_clear(&active_state->incoming_packet); + buffer_append(&active_state->incoming_packet, + buffer_ptr(&active_state->compression_buffer), + buffer_len(&active_state->compression_buffer)); } - p_read.packets++; - p_read.bytes += padded_len + 4; - type = buffer_get_char(&incoming_packet); + active_state->p_read.packets++; + active_state->p_read.bytes += padded_len + 4; + type = buffer_get_char(&active_state->incoming_packet); if (type < SSH_MSG_MIN || type > SSH_MSG_MAX) packet_disconnect("Invalid ssh1 packet type: %d", type); return type; @@ -1155,7 +1210,6 @@ packet_read_poll1(void) static int packet_read_poll2(u_int32_t *seqnr_p) { - static u_int packet_length = 0; u_int padlen, need; u_char *macbuf, *cp, type; u_int maclen, block_size; @@ -1163,50 +1217,52 @@ packet_read_poll2(u_int32_t *seqnr_p) Mac *mac = NULL; Comp *comp = NULL; - if (packet_discard) + if (active_state->packet_discard) return SSH_MSG_NONE; - if (newkeys[MODE_IN] != NULL) { - enc = &newkeys[MODE_IN]->enc; - mac = &newkeys[MODE_IN]->mac; - comp = &newkeys[MODE_IN]->comp; + if (active_state->newkeys[MODE_IN] != NULL) { + enc = &active_state->newkeys[MODE_IN]->enc; + mac = &active_state->newkeys[MODE_IN]->mac; + comp = &active_state->newkeys[MODE_IN]->comp; } maclen = mac && mac->enabled ? mac->mac_len : 0; block_size = enc ? enc->block_size : 8; - if (packet_length == 0) { + if (active_state->packlen == 0) { /* * check if input size is less than the cipher block size, * decrypt first block and extract length of incoming packet */ - if (buffer_len(&input) < block_size) + if (buffer_len(&active_state->input) < block_size) return SSH_MSG_NONE; - buffer_clear(&incoming_packet); - cp = buffer_append_space(&incoming_packet, block_size); - cipher_crypt(&receive_context, cp, buffer_ptr(&input), + buffer_clear(&active_state->incoming_packet); + cp = buffer_append_space(&active_state->incoming_packet, block_size); - cp = buffer_ptr(&incoming_packet); - packet_length = get_u32(cp); - if (packet_length < 1 + 4 || packet_length > PACKET_MAX_SIZE) { + cipher_crypt(&active_state->receive_context, cp, + buffer_ptr(&active_state->input), block_size); + cp = buffer_ptr(&active_state->incoming_packet); + active_state->packlen = get_u32(cp); + if (active_state->packlen < 1 + 4 || + active_state->packlen > PACKET_MAX_SIZE) { #ifdef PACKET_DEBUG - buffer_dump(&incoming_packet); + buffer_dump(&active_state->incoming_packet); #endif - logit("Bad packet length %u.", packet_length); - packet_start_discard(enc, mac, packet_length, + logit("Bad packet length %u.", active_state->packlen); + packet_start_discard(enc, mac, active_state->packlen, PACKET_MAX_SIZE); return SSH_MSG_NONE; } - DBG(debug("input: packet len %u", packet_length+4)); - buffer_consume(&input, block_size); + DBG(debug("input: packet len %u", active_state->packlen+4)); + buffer_consume(&active_state->input, block_size); } /* we have a partial packet of block_size bytes */ - need = 4 + packet_length - block_size; + need = 4 + active_state->packlen - block_size; DBG(debug("partial packet %d, need %d, maclen %d", block_size, need, maclen)); if (need % block_size != 0) { logit("padding error: need %d block %d mod %d", need, block_size, need % block_size); - packet_start_discard(enc, mac, packet_length, + packet_start_discard(enc, mac, active_state->packlen, PACKET_MAX_SIZE - block_size); return SSH_MSG_NONE; } @@ -1214,84 +1270,90 @@ packet_read_poll2(u_int32_t *seqnr_p) * check if the entire packet has been received and * decrypt into incoming_packet */ - if (buffer_len(&input) < need + maclen) + if (buffer_len(&active_state->input) < need + maclen) return SSH_MSG_NONE; #ifdef PACKET_DEBUG fprintf(stderr, "read_poll enc/full: "); - buffer_dump(&input); + buffer_dump(&active_state->input); #endif - cp = buffer_append_space(&incoming_packet, need); - cipher_crypt(&receive_context, cp, buffer_ptr(&input), need); - buffer_consume(&input, need); + cp = buffer_append_space(&active_state->incoming_packet, need); + cipher_crypt(&active_state->receive_context, cp, + buffer_ptr(&active_state->input), need); + buffer_consume(&active_state->input, need); /* * compute MAC over seqnr and packet, * increment sequence number for incoming packet */ if (mac && mac->enabled) { - macbuf = mac_compute(mac, p_read.seqnr, - buffer_ptr(&incoming_packet), - buffer_len(&incoming_packet)); - if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0) { + macbuf = mac_compute(mac, active_state->p_read.seqnr, + buffer_ptr(&active_state->incoming_packet), + buffer_len(&active_state->incoming_packet)); + if (memcmp(macbuf, buffer_ptr(&active_state->input), + mac->mac_len) != 0) { logit("Corrupted MAC on input."); if (need > PACKET_MAX_SIZE) fatal("internal error need %d", need); - packet_start_discard(enc, mac, packet_length, + packet_start_discard(enc, mac, active_state->packlen, PACKET_MAX_SIZE - need); return SSH_MSG_NONE; } - DBG(debug("MAC #%d ok", p_read.seqnr)); - buffer_consume(&input, mac->mac_len); + DBG(debug("MAC #%d ok", active_state->p_read.seqnr)); + buffer_consume(&active_state->input, mac->mac_len); } /* XXX now it's safe to use fatal/packet_disconnect */ if (seqnr_p != NULL) - *seqnr_p = p_read.seqnr; - if (++p_read.seqnr == 0) + *seqnr_p = active_state->p_read.seqnr; + if (++active_state->p_read.seqnr == 0) logit("incoming seqnr wraps around"); - if (++p_read.packets == 0) + if (++active_state->p_read.packets == 0) if (!(datafellows & SSH_BUG_NOREKEY)) fatal("XXX too many packets with same key"); - p_read.blocks += (packet_length + 4) / block_size; - p_read.bytes += packet_length + 4; + active_state->p_read.blocks += (active_state->packlen + 4) / block_size; + active_state->p_read.bytes += active_state->packlen + 4; /* get padlen */ - cp = buffer_ptr(&incoming_packet); + cp = buffer_ptr(&active_state->incoming_packet); padlen = cp[4]; DBG(debug("input: padlen %d", padlen)); if (padlen < 4) packet_disconnect("Corrupted padlen %d on input.", padlen); /* skip packet size + padlen, discard padding */ - buffer_consume(&incoming_packet, 4 + 1); - buffer_consume_end(&incoming_packet, padlen); + buffer_consume(&active_state->incoming_packet, 4 + 1); + buffer_consume_end(&active_state->incoming_packet, padlen); - DBG(debug("input: len before de-compress %d", buffer_len(&incoming_packet))); + DBG(debug("input: len before de-compress %d", + buffer_len(&active_state->incoming_packet))); if (comp && comp->enabled) { - buffer_clear(&compression_buffer); - buffer_uncompress(&incoming_packet, &compression_buffer); - buffer_clear(&incoming_packet); - buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_clear(&active_state->compression_buffer); + buffer_uncompress(&active_state->incoming_packet, + &active_state->compression_buffer); + buffer_clear(&active_state->incoming_packet); + buffer_append(&active_state->incoming_packet, + buffer_ptr(&active_state->compression_buffer), + buffer_len(&active_state->compression_buffer)); DBG(debug("input: len after de-compress %d", - buffer_len(&incoming_packet))); + buffer_len(&active_state->incoming_packet))); } /* * get packet type, implies consume. * return length of payload (without type field) */ - type = buffer_get_char(&incoming_packet); + type = buffer_get_char(&active_state->incoming_packet); if (type < SSH2_MSG_MIN || type >= SSH2_MSG_LOCAL_MIN) packet_disconnect("Invalid ssh2 packet type: %d", type); if (type == SSH2_MSG_NEWKEYS) set_newkeys(MODE_IN); - else if (type == SSH2_MSG_USERAUTH_SUCCESS && !server_side) + else if (type == SSH2_MSG_USERAUTH_SUCCESS && + !active_state->server_side) packet_enable_delayed_compress(); #ifdef PACKET_DEBUG fprintf(stderr, "read/plain[%d]:\r\n", type); - buffer_dump(&incoming_packet); + buffer_dump(&active_state->incoming_packet); #endif /* reset for next packet */ - packet_length = 0; + active_state->packlen = 0; return type; } @@ -1306,7 +1368,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) if (compat20) { type = packet_read_poll2(seqnr_p); if (type) { - keep_alive_timeouts = 0; + active_state->keep_alive_timeouts = 0; DBG(debug("received packet type %d", type)); } switch (type) { @@ -1376,14 +1438,14 @@ packet_read_poll(void) void packet_process_incoming(const char *buf, u_int len) { - if (packet_discard) { - keep_alive_timeouts = 0; /* ?? */ - if (len >= packet_discard) + if (active_state->packet_discard) { + active_state->keep_alive_timeouts = 0; /* ?? */ + if (len >= active_state->packet_discard) packet_stop_discard(); - packet_discard -= len; + active_state->packet_discard -= len; return; } - buffer_append(&input, buf, len); + buffer_append(&active_state->input, buf, len); } /* Returns a character from the packet. */ @@ -1393,7 +1455,7 @@ packet_get_char(void) { char ch; - buffer_get(&incoming_packet, &ch, 1); + buffer_get(&active_state->incoming_packet, &ch, 1); return (u_char) ch; } @@ -1402,7 +1464,7 @@ packet_get_char(void) u_int packet_get_int(void) { - return buffer_get_int(&incoming_packet); + return buffer_get_int(&active_state->incoming_packet); } /* @@ -1413,29 +1475,29 @@ packet_get_int(void) void packet_get_bignum(BIGNUM * value) { - buffer_get_bignum(&incoming_packet, value); + buffer_get_bignum(&active_state->incoming_packet, value); } void packet_get_bignum2(BIGNUM * value) { - buffer_get_bignum2(&incoming_packet, value); + buffer_get_bignum2(&active_state->incoming_packet, value); } void * packet_get_raw(u_int *length_ptr) { - u_int bytes = buffer_len(&incoming_packet); + u_int bytes = buffer_len(&active_state->incoming_packet); if (length_ptr != NULL) *length_ptr = bytes; - return buffer_ptr(&incoming_packet); + return buffer_ptr(&active_state->incoming_packet); } int packet_remaining(void) { - return buffer_len(&incoming_packet); + return buffer_len(&active_state->incoming_packet); } /* @@ -1448,13 +1510,13 @@ packet_remaining(void) void * packet_get_string(u_int *length_ptr) { - return buffer_get_string(&incoming_packet, length_ptr); + return buffer_get_string(&active_state->incoming_packet, length_ptr); } void * packet_get_string_ptr(u_int *length_ptr) { - return buffer_get_string_ptr(&incoming_packet, length_ptr); + return buffer_get_string_ptr(&active_state->incoming_packet, length_ptr); } /* @@ -1547,10 +1609,11 @@ packet_disconnect(const char *fmt,...) void packet_write_poll(void) { - int len = buffer_len(&output); + int len = buffer_len(&active_state->output); if (len > 0) { - len = write(connection_out, buffer_ptr(&output), len); + len = write(active_state->connection_out, + buffer_ptr(&active_state->output), len); if (len == -1) { if (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK) @@ -1559,7 +1622,7 @@ packet_write_poll(void) } if (len == 0) fatal("Write connection closed"); - buffer_consume(&output, len); + buffer_consume(&active_state->output, len); } } @@ -1576,30 +1639,30 @@ packet_write_wait(void) int ret, ms_remain; struct timeval start, timeout, *timeoutp = NULL; - setp = (fd_set *)xcalloc(howmany(connection_out + 1, NFDBITS), - sizeof(fd_mask)); + setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1, + NFDBITS), sizeof(fd_mask)); packet_write_poll(); while (packet_have_data_to_write()) { - memset(setp, 0, howmany(connection_out + 1, NFDBITS) * - sizeof(fd_mask)); - FD_SET(connection_out, setp); + memset(setp, 0, howmany(active_state->connection_out + 1, + NFDBITS) * sizeof(fd_mask)); + FD_SET(active_state->connection_out, setp); - if (packet_timeout_ms > 0) { - ms_remain = packet_timeout_ms; + if (active_state->packet_timeout_ms > 0) { + ms_remain = active_state->packet_timeout_ms; timeoutp = &timeout; } for (;;) { - if (packet_timeout_ms != -1) { + if (active_state->packet_timeout_ms != -1) { ms_to_timeval(&timeout, ms_remain); gettimeofday(&start, NULL); } - if ((ret = select(connection_out + 1, NULL, setp, - NULL, timeoutp)) >= 0) + if ((ret = select(active_state->connection_out + 1, + NULL, setp, NULL, timeoutp)) >= 0) break; - if (errno != EAGAIN && errno != EINTR && + if (errno != EAGAIN && errno != EINTR && errno != EWOULDBLOCK) break; - if (packet_timeout_ms == -1) + if (active_state->packet_timeout_ms == -1) continue; ms_subtract_diff(&start, &ms_remain); if (ms_remain <= 0) { @@ -1622,7 +1685,7 @@ packet_write_wait(void) int packet_have_data_to_write(void) { - return buffer_len(&output) != 0; + return buffer_len(&active_state->output) != 0; } /* Returns true if there is not too much data to write to the connection. */ @@ -1630,10 +1693,10 @@ packet_have_data_to_write(void) int packet_not_very_much_data_to_write(void) { - if (interactive_mode) - return buffer_len(&output) < 16384; + if (active_state->interactive_mode) + return buffer_len(&active_state->output) < 16384; else - return buffer_len(&output) < 128 * 1024; + return buffer_len(&active_state->output) < 128 * 1024; } @@ -1646,7 +1709,7 @@ packet_set_tos(int interactive) if (!packet_connection_is_on_socket() || !packet_connection_is_ipv4()) return; - if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, &tos, + if (setsockopt(active_state->connection_in, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) < 0) error("setsockopt IP_TOS %d: %.100s:", tos, strerror(errno)); @@ -1665,12 +1728,12 @@ packet_set_interactive(int interactive) called = 1; /* Record that we are in interactive mode. */ - interactive_mode = interactive; + active_state->interactive_mode = interactive; /* Only set socket options if using a socket. */ if (!packet_connection_is_on_socket()) return; - set_nodelay(connection_in); + set_nodelay(active_state->connection_in); packet_set_tos(interactive); } @@ -1679,7 +1742,7 @@ packet_set_interactive(int interactive) int packet_is_interactive(void) { - return interactive_mode; + return active_state->interactive_mode; } int @@ -1689,7 +1752,7 @@ packet_set_maxsize(u_int s) if (called) { logit("packet_set_maxsize: called twice: old %d new %d", - max_packet_size, s); + active_state->max_packet_size, s); return -1; } if (s < 4 * 1024 || s > 1024 * 1024) { @@ -1698,15 +1761,33 @@ packet_set_maxsize(u_int s) } called = 1; debug("packet_set_maxsize: setting to %d", s); - max_packet_size = s; + active_state->max_packet_size = s; return s; } +int +packet_inc_alive_timeouts(void) +{ + return ++active_state->keep_alive_timeouts; +} + +void +packet_set_alive_timeouts(int ka) +{ + active_state->keep_alive_timeouts = ka; +} + +u_int +packet_get_maxsize(void) +{ + return active_state->max_packet_size; +} + /* roundup current message to pad bytes */ void packet_add_padding(u_char pad) { - extra_pad = pad; + active_state->extra_pad = pad; } /* @@ -1743,26 +1824,46 @@ packet_need_rekeying(void) if (datafellows & SSH_BUG_NOREKEY) return 0; return - (p_send.packets > MAX_PACKETS) || - (p_read.packets > MAX_PACKETS) || - (max_blocks_out && (p_send.blocks > max_blocks_out)) || - (max_blocks_in && (p_read.blocks > max_blocks_in)); + (active_state->p_send.packets > MAX_PACKETS) || + (active_state->p_read.packets > MAX_PACKETS) || + (active_state->max_blocks_out && + (active_state->p_send.blocks > active_state->max_blocks_out)) || + (active_state->max_blocks_in && + (active_state->p_read.blocks > active_state->max_blocks_in)); } void packet_set_rekey_limit(u_int32_t bytes) { - rekey_limit = bytes; + active_state->rekey_limit = bytes; } void packet_set_server(void) { - server_side = 1; + active_state->server_side = 1; } void packet_set_authenticated(void) { - after_authentication = 1; + active_state->after_authentication = 1; +} + +void * +packet_get_input(void) +{ + return (void *)&active_state->input; +} + +void * +packet_get_output(void) +{ + return (void *)&active_state->output; +} + +void * +packet_get_newkeys(int mode) +{ + return (void *)active_state->newkeys[mode]; } diff --git a/packet.h b/packet.h index 03bb87c9b..9a9c97719 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.49 2008/07/10 18:08:11 markus Exp $ */ +/* $OpenBSD: packet.h,v 1.50 2009/05/25 06:48:01 andreas Exp $ */ /* * Author: Tatu Ylonen @@ -72,6 +72,7 @@ void packet_get_state(int, u_int32_t *, u_int64_t *, u_int32_t *, u_int64_t *); void packet_set_state(int, u_int32_t, u_int64_t, u_int32_t, u_int64_t); int packet_get_ssh1_cipher(void); void packet_set_iv(int, u_char *); +void *packet_get_newkeys(int); void packet_write_poll(void); void packet_write_wait(void); @@ -87,10 +88,10 @@ void packet_add_padding(u_char); void tty_make_modes(int, struct termios *); void tty_parse_modes(int, int *); -extern u_int max_packet_size; -extern int keep_alive_timeouts; +void packet_set_alive_timeouts(int); +int packet_inc_alive_timeouts(void); int packet_set_maxsize(u_int); -#define packet_get_maxsize() max_packet_size +u_int packet_get_maxsize(void); /* don't allow remaining bytes after the end of the message */ #define packet_check_eom() \ @@ -106,4 +107,7 @@ do { \ int packet_need_rekeying(void); void packet_set_rekey_limit(u_int32_t); +void *packet_get_input(void); +void *packet_get_output(void); + #endif /* PACKET_H */ diff --git a/serverloop.c b/serverloop.c index 81cafe6ad..53cb67d7b 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.157 2009/02/12 03:16:01 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.158 2009/05/25 06:48:01 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -249,7 +249,7 @@ client_alive_check(void) int channel_id; /* timeout, check to see how many we have had */ - if (++keep_alive_timeouts > options.client_alive_count_max) { + if (packet_inc_alive_timeouts() > options.client_alive_count_max) { logit("Timeout, client not responding."); cleanup_exit(255); } @@ -890,7 +890,7 @@ server_input_keep_alive(int type, u_int32_t seq, void *ctxt) * even if this was generated by something other than * the bogus CHANNEL_REQUEST we send for keepalives. */ - keep_alive_timeouts = 0; + packet_set_alive_timeouts(0); } static void -- cgit v1.2.3 From 39c7632c1b07417fe5704b763c02d4cff147c885 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 18:13:57 +1000 Subject: - andreas@cvs.openbsd.org 2009/05/27 06:33:39 [clientloop.c] Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger change from Martin Forssen, maf at appgate dot com. ok markus@ --- ChangeLog | 5 +++++ canohost.c | 24 ++++++++++++++++-------- canohost.h | 4 ++-- 3 files changed, 23 insertions(+), 10 deletions(-) diff --git a/ChangeLog b/ChangeLog index bd1367e7c..11b75e927 100644 --- a/ChangeLog +++ b/ChangeLog @@ -62,6 +62,11 @@ Add clear_cached_addr(), needed for upcoming changes allowing the peer address to change. ok markus@ + - andreas@cvs.openbsd.org 2009/05/27 06:33:39 + [clientloop.c] + Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger + change from Martin Forssen, maf at appgate dot com. + ok markus@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/canohost.c b/canohost.c index 7138f48d0..22b19bb9f 100644 --- a/canohost.c +++ b/canohost.c @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.c,v 1.64 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: canohost.c,v 1.65 2009/05/27 06:31:25 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,6 +35,8 @@ #include "misc.h" static void check_ip_options(int, char *); +static char *canonical_host_ip = NULL; +static int cached_port = -1; /* * Return the canonical name of the host at the other end of the socket. The @@ -304,6 +306,16 @@ get_local_name(int sock) return get_socket_address(sock, 0, NI_NAMEREQD); } +void +clear_cached_addr(void) +{ + if (canonical_host_ip != NULL) { + xfree(canonical_host_ip); + canonical_host_ip = NULL; + } + cached_port = -1; +} + /* * Returns the IP-address of the remote host as a string. The returned * string must not be freed. @@ -312,8 +324,6 @@ get_local_name(int sock) const char * get_remote_ipaddr(void) { - static char *canonical_host_ip = NULL; - /* Check whether we have cached the ipaddr. */ if (canonical_host_ip == NULL) { if (packet_connection_is_on_socket()) { @@ -402,13 +412,11 @@ get_peer_port(int sock) int get_remote_port(void) { - static int port = -1; - /* Cache to avoid getpeername() on a dead connection */ - if (port == -1) - port = get_port(0); + if (cached_port == -1) + cached_port = get_port(0); - return port; + return cached_port; } int diff --git a/canohost.h b/canohost.h index d9b41ffe5..64000f5eb 100644 --- a/canohost.h +++ b/canohost.h @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.h,v 1.10 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: canohost.h,v 1.11 2009/05/27 06:31:25 andreas Exp $ */ /* * Author: Tatu Ylonen @@ -24,6 +24,6 @@ char *get_local_name(int); int get_remote_port(void); int get_local_port(void); int get_sock_port(int, int); - +void clear_cached_addr(void); void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); -- cgit v1.2.3 From 12b4a6504b3f7bad3c144761714fb429669f56d0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 18:14:48 +1000 Subject: - andreas@cvs.openbsd.org 2009/05/27 06:34:36 [kex.c kex.h] Move the KEX_COOKIE_LEN define to kex.h ok markus@ --- ChangeLog | 4 ++++ clientloop.c | 8 +++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 11b75e927..ba0cfd796 100644 --- a/ChangeLog +++ b/ChangeLog @@ -67,6 +67,10 @@ Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger change from Martin Forssen, maf at appgate dot com. ok markus@ + - andreas@cvs.openbsd.org 2009/05/27 06:34:36 + [kex.c kex.h] + Move the KEX_COOKIE_LEN define to kex.h + ok markus@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/clientloop.c b/clientloop.c index 2cb8c3a49..d5a06556a 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.210 2009/05/25 06:48:01 andreas Exp $ */ +/* $OpenBSD: clientloop.c,v 1.211 2009/05/27 06:33:39 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1476,6 +1476,12 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) /* Stop watching for window change. */ signal(SIGWINCH, SIG_DFL); + packet_start(SSH2_MSG_DISCONNECT); + packet_put_int(SSH2_DISCONNECT_BY_APPLICATION); + packet_put_cstring("disconnected by user"); + packet_send(); + packet_write_wait(); + channel_free_all(); if (have_pty) -- cgit v1.2.3 From 5b48cdd882579f60217b9aa9a0c09e61e739a917 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 18:15:25 +1000 Subject: - andreas@cvs.openbsd.org 2009/05/27 06:36:07 [packet.h packet.c] Add packet_put_int64() and packet_get_int64(), part of a larger change from Martin Forssen. --- ChangeLog | 4 ++++ kex.c | 4 +--- kex.h | 4 +++- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index ba0cfd796..d10b327a0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -71,6 +71,10 @@ [kex.c kex.h] Move the KEX_COOKIE_LEN define to kex.h ok markus@ + - andreas@cvs.openbsd.org 2009/05/27 06:36:07 + [packet.h packet.c] + Add packet_put_int64() and packet_get_int64(), part of a larger change + from Martin Forssen. 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/kex.c b/kex.c index 48b54f5f7..f4f44f095 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.80 2008/09/06 12:24:13 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.81 2009/05/27 06:34:36 andreas Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -49,8 +49,6 @@ #include "dispatch.h" #include "monitor.h" -#define KEX_COOKIE_LEN 16 - #if OPENSSL_VERSION_NUMBER >= 0x00907000L # if defined(HAVE_EVP_SHA256) # define evp_ssh_sha256 EVP_sha256 diff --git a/kex.h b/kex.h index 8e29c90e9..68c80c5a9 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.46 2007/06/07 19:37:34 pvalchev Exp $ */ +/* $OpenBSD: kex.h,v 1.47 2009/05/27 06:34:36 andreas Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -30,6 +30,8 @@ #include #include +#define KEX_COOKIE_LEN 16 + #define KEX_DH1 "diffie-hellman-group1-sha1" #define KEX_DH14 "diffie-hellman-group14-sha1" #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" -- cgit v1.2.3 From 761c38918aecbbe2df97d13aea29c6bbf9212617 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 18:16:26 +1000 Subject: - andreas@cvs.openbsd.org 2009/05/27 06:38:16 [sshconnect.h sshconnect.c] Un-static ssh_exchange_identification(), part of a larger change from Martin Forssen and needed for upcoming changes. ok markus@ --- ChangeLog | 6 ++++++ packet.c | 16 +++++++++++++++- packet.h | 4 +++- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index d10b327a0..c5f2ce6f8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -75,6 +75,12 @@ [packet.h packet.c] Add packet_put_int64() and packet_get_int64(), part of a larger change from Martin Forssen. + ok markus@ + - andreas@cvs.openbsd.org 2009/05/27 06:38:16 + [sshconnect.h sshconnect.c] + Un-static ssh_exchange_identification(), part of a larger change from + Martin Forssen and needed for upcoming changes. + ok markus@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/packet.c b/packet.c index fdc648888..cecab82e9 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.161 2009/05/25 06:48:01 andreas Exp $ */ +/* $OpenBSD: packet.c,v 1.162 2009/05/27 06:36:07 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -595,6 +595,12 @@ packet_put_int(u_int value) buffer_put_int(&active_state->outgoing_packet, value); } +void +packet_put_int64(u_int64_t value) +{ + buffer_put_int64(&active_state->outgoing_packet, value); +} + void packet_put_string(const void *buf, u_int len) { @@ -1467,6 +1473,14 @@ packet_get_int(void) return buffer_get_int(&active_state->incoming_packet); } +/* Returns an 64 bit integer from the packet data. */ + +u_int64_t +packet_get_int64(void) +{ + return buffer_get_int64(&active_state->incoming_packet); +} + /* * Returns an arbitrary precision integer from the packet data. The integer * must have been initialized before this call. diff --git a/packet.h b/packet.h index 9a9c97719..265fcf236 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.50 2009/05/25 06:48:01 andreas Exp $ */ +/* $OpenBSD: packet.h,v 1.51 2009/05/27 06:36:07 andreas Exp $ */ /* * Author: Tatu Ylonen @@ -39,6 +39,7 @@ void packet_set_authenticated(void); void packet_start(u_char); void packet_put_char(int ch); void packet_put_int(u_int value); +void packet_put_int64(u_int64_t value); void packet_put_bignum(BIGNUM * value); void packet_put_bignum2(BIGNUM * value); void packet_put_string(const void *buf, u_int len); @@ -55,6 +56,7 @@ int packet_read_poll_seqnr(u_int32_t *seqnr_p); u_int packet_get_char(void); u_int packet_get_int(void); +u_int64_t packet_get_int64(void); void packet_get_bignum(BIGNUM * value); void packet_get_bignum2(BIGNUM * value); void *packet_get_raw(u_int *length_ptr); -- cgit v1.2.3 From 1cc55d7a607455d75db0204b5acebce47667b0f8 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 18:17:19 +1000 Subject: - andreas@cvs.openbsd.org 2009/05/28 16:50:16 [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c monitor.c] Keep track of number of bytes read and written. Needed for upcoming changes. Most code from Martin Forssen, maf at appgate dot com. ok markus@ --- ChangeLog | 6 ++++++ sshconnect.c | 4 ++-- sshconnect.h | 4 +++- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index c5f2ce6f8..2f73a6bcd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -81,6 +81,12 @@ Un-static ssh_exchange_identification(), part of a larger change from Martin Forssen and needed for upcoming changes. ok markus@ + - andreas@cvs.openbsd.org 2009/05/28 16:50:16 + [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c + monitor.c] + Keep track of number of bytes read and written. Needed for upcoming + changes. Most code from Martin Forssen, maf at appgate dot com. + ok markus@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/sshconnect.c b/sshconnect.c index c04aa1057..dee3ba544 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.212 2008/10/14 18:11:33 stevesk Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.213 2009/05/27 06:38:16 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -413,7 +413,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, * Waits for the server identification string, and sends our own * identification string. */ -static void +void ssh_exchange_identification(int timeout_ms) { char buf[256], remote_version[256]; /* must be same size! */ diff --git a/sshconnect.h b/sshconnect.h index 75bde1a4d..c59a097f4 100644 --- a/sshconnect.h +++ b/sshconnect.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.h,v 1.24 2007/09/04 11:15:56 djm Exp $ */ +/* $OpenBSD: sshconnect.h,v 1.25 2009/05/27 06:38:16 andreas Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -38,6 +38,8 @@ ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, void ssh_login(Sensitive *, const char *, struct sockaddr *, struct passwd *, int); +void ssh_exchange_identification(int); + int verify_host_key(char *, struct sockaddr *, Key *); void ssh_kex(char *, struct sockaddr *); -- cgit v1.2.3 From c5564e1c4c41ae9af96973e2996e2a4285acbae8 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 18:53:53 +1000 Subject: - andreas@cvs.openbsd.org 2009/05/28 16:50:16 [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c monitor.c Added roaming.h roaming_common.c roaming_dummy.c] Keep track of number of bytes read and written. Needed for upcoming changes. Most code from Martin Forssen, maf at appgate dot com. ok markus@ Also, applied appropriate changes to Makefile.in --- ChangeLog | 3 +- Makefile.in | 16 +++++---- clientloop.c | 9 ++--- monitor.c | 14 +++++++- monitor_wrap.c | 9 ++++- packet.c | 30 +++++++++-------- roaming.h | 31 +++++++++++++++++ roaming_common.c | 100 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ roaming_dummy.c | 55 ++++++++++++++++++++++++++++++ serverloop.c | 8 +++-- sshconnect.c | 8 +++-- sshd.c | 7 ++-- 12 files changed, 254 insertions(+), 36 deletions(-) create mode 100644 roaming.h create mode 100644 roaming_common.c create mode 100644 roaming_dummy.c diff --git a/ChangeLog b/ChangeLog index 2f73a6bcd..8ed7db993 100644 --- a/ChangeLog +++ b/ChangeLog @@ -83,10 +83,11 @@ ok markus@ - andreas@cvs.openbsd.org 2009/05/28 16:50:16 [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c - monitor.c] + monitor.c Added roaming.h roaming_common.c roaming_dummy.c] Keep track of number of bytes read and written. Needed for upcoming changes. Most code from Martin Forssen, maf at appgate dot com. ok markus@ + Also, applied appropriate changes to Makefile.in 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/Makefile.in b/Makefile.in index 312b8d2b1..75eb06d6f 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.298 2008/11/05 05:20:46 djm Exp $ +# $Id: Makefile.in,v 1.299 2009/06/21 08:53:53 dtucker Exp $ # uncomment if you run a non bourne compatable shell. Ie. csh #SHELL = @SH@ @@ -74,7 +74,8 @@ LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \ entropy.o scard-opensc.o gss-genr.o umac.o jpake.o schnorr.o SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ - sshconnect.o sshconnect1.o sshconnect2.o mux.o + sshconnect.o sshconnect1.o sshconnect2.o mux.o \ + roaming_common.o SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ sshpty.o sshlogin.o servconf.o serverloop.o \ @@ -86,7 +87,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ auth-krb5.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ - audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o + audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o \ + roaming_common.o MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5 @@ -151,11 +153,11 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o - $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) +ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o roaming_dummy.o + $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o - $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) +ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o + $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) diff --git a/clientloop.c b/clientloop.c index d5a06556a..43f001bc4 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.211 2009/05/27 06:33:39 andreas Exp $ */ +/* $OpenBSD: clientloop.c,v 1.212 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -109,6 +109,7 @@ #include "misc.h" #include "match.h" #include "msg.h" +#include "roaming.h" /* import options */ extern Options options; @@ -634,7 +635,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) static void client_process_net_input(fd_set *readset) { - int len; + int len, cont = 0; char buf[8192]; /* @@ -643,8 +644,8 @@ client_process_net_input(fd_set *readset) */ if (FD_ISSET(connection_in, readset)) { /* Read as much as possible. */ - len = read(connection_in, buf, sizeof(buf)); - if (len == 0) { + len = roaming_read(connection_in, buf, sizeof(buf), &cont); + if (len == 0 && cont == 0) { /* * Received EOF. The remote host has closed the * connection. diff --git a/monitor.c b/monitor.c index 61242e6d0..36a9e1dc1 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.102 2009/05/25 06:48:01 andreas Exp $ */ +/* $OpenBSD: monitor.c,v 1.103 2009/05/28 16:50:16 andreas Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -125,6 +125,8 @@ struct { u_int ilen; u_char *output; u_int olen; + u_int64_t sent_bytes; + u_int64_t recv_bytes; } child_state; /* Functions on the monitor that answer unprivileged requests */ @@ -1679,6 +1681,10 @@ monitor_apply_keystate(struct monitor *pmonitor) child_state.olen); memset(child_state.output, 0, child_state.olen); xfree(child_state.output); + + /* Roaming */ + if (compat20) + roam_set_bytes(child_state.sent_bytes, child_state.recv_bytes); } static Kex * @@ -1794,6 +1800,12 @@ mm_get_keystate(struct monitor *pmonitor) child_state.input = buffer_get_string(&m, &child_state.ilen); child_state.output = buffer_get_string(&m, &child_state.olen); + /* Roaming */ + if (compat20) { + child_state.sent_bytes = buffer_get_int64(&m); + child_state.recv_bytes = buffer_get_int64(&m); + } + buffer_free(&m); } diff --git a/monitor_wrap.c b/monitor_wrap.c index d71d4a8c5..b696d7821 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.66 2009/05/25 06:48:01 andreas Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.67 2009/05/28 16:50:16 andreas Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -77,6 +77,7 @@ #include "channels.h" #include "session.h" #include "servconf.h" +#include "roaming.h" /* Imports */ extern int compat20; @@ -660,6 +661,12 @@ mm_send_keystate(struct monitor *monitor) buffer_put_string(&m, buffer_ptr(input), buffer_len(input)); buffer_put_string(&m, buffer_ptr(output), buffer_len(output)); + /* Roaming */ + if (compat20) { + buffer_put_int64(&m, get_sent_bytes()); + buffer_put_int64(&m, get_recv_bytes()); + } + mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); debug3("%s: Finished sending state", __func__); diff --git a/packet.c b/packet.c index cecab82e9..f3f8389a3 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.162 2009/05/27 06:36:07 andreas Exp $ */ +/* $OpenBSD: packet.c,v 1.163 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -77,6 +77,7 @@ #include "canohost.h" #include "misc.h" #include "ssh.h" +#include "roaming.h" #ifdef PACKET_DEBUG #define DBG(x) x @@ -1012,7 +1013,7 @@ packet_send(void) int packet_read_seqnr(u_int32_t *seqnr_p) { - int type, len, ret, ms_remain; + int type, len, ret, ms_remain, cont; fd_set *setp; char buf[8192]; struct timeval timeout, start, *timeoutp = NULL; @@ -1061,8 +1062,7 @@ packet_read_seqnr(u_int32_t *seqnr_p) if ((ret = select(active_state->connection_in + 1, setp, NULL, NULL, timeoutp)) >= 0) break; - if (errno != EAGAIN && errno != EINTR && - errno != EWOULDBLOCK) + if (errno != EAGAIN && errno != EINTR) break; if (active_state->packet_timeout_ms == -1) continue; @@ -1078,7 +1078,11 @@ packet_read_seqnr(u_int32_t *seqnr_p) cleanup_exit(255); } /* Read data from the socket. */ - len = read(active_state->connection_in, buf, sizeof(buf)); + do { + cont = 0; + len = roaming_read(active_state->connection_in, buf, + sizeof(buf), &cont); + } while (len == 0 && cont); if (len == 0) { logit("Connection closed by %.200s", get_remote_ipaddr()); cleanup_exit(255); @@ -1624,23 +1628,23 @@ void packet_write_poll(void) { int len = buffer_len(&active_state->output); + int cont; if (len > 0) { - len = write(active_state->connection_out, - buffer_ptr(&active_state->output), len); + cont = 0; + len = roaming_write(active_state->connection_out, + buffer_ptr(&active_state->output), len, &cont); if (len == -1) { - if (errno == EINTR || errno == EAGAIN || - errno == EWOULDBLOCK) + if (errno == EINTR || errno == EAGAIN) return; fatal("Write failed: %.100s", strerror(errno)); } - if (len == 0) + if (len == 0 && !cont) fatal("Write connection closed"); buffer_consume(&active_state->output, len); } } - /* * Calls packet_write_poll repeatedly until all pending output data has been * written. @@ -1673,8 +1677,7 @@ packet_write_wait(void) if ((ret = select(active_state->connection_out + 1, NULL, setp, NULL, timeoutp)) >= 0) break; - if (errno != EAGAIN && errno != EINTR && - errno != EWOULDBLOCK) + if (errno != EAGAIN && errno != EINTR) break; if (active_state->packet_timeout_ms == -1) continue; @@ -1713,7 +1716,6 @@ packet_not_very_much_data_to_write(void) return buffer_len(&active_state->output) < 128 * 1024; } - static void packet_set_tos(int interactive) { diff --git a/roaming.h b/roaming.h new file mode 100644 index 000000000..88193453a --- /dev/null +++ b/roaming.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2004-2009 AppGate Network Security AB + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef ROAMING_H +#define ROAMING_H + +extern int resume_in_progress; + +void add_recv_bytes(u_int64_t); +ssize_t roaming_write(int, const void *, size_t, int *); +ssize_t roaming_read(int, void *, size_t, int *); +ssize_t roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); +u_int64_t get_recv_bytes(void); +u_int64_t get_sent_bytes(void); +void roam_set_bytes(u_int64_t, u_int64_t); +int resume_kex(void); + +#endif /* ROAMING */ diff --git a/roaming_common.c b/roaming_common.c new file mode 100644 index 000000000..5a871b23e --- /dev/null +++ b/roaming_common.c @@ -0,0 +1,100 @@ +/* + * Copyright (c) 2004-2009 AppGate Network Security AB + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include + +#include +#include +#include +#include + +#include "atomicio.h" +#include "log.h" +#include "packet.h" +#include "xmalloc.h" +#include "cipher.h" +#include "buffer.h" +#include "roaming.h" + +static u_int64_t write_bytes = 0; +static u_int64_t read_bytes = 0; + +int resume_in_progress = 0; + +u_int64_t +get_recv_bytes(void) +{ + return read_bytes; +} + +void +add_recv_bytes(u_int64_t num) +{ + read_bytes += num; +} + +u_int64_t +get_sent_bytes(void) +{ + return write_bytes; +} + +void +roam_set_bytes(u_int64_t sent, u_int64_t recv) +{ + read_bytes = recv; + write_bytes = sent; +} + +ssize_t +roaming_write(int fd, const void *buf, size_t count, int *cont) +{ + ssize_t ret; + + ret = write(fd, buf, count); + if (ret > 0 && !resume_in_progress) { + write_bytes += ret; + } + debug("Wrote %d bytes for a total of %lld", ret, write_bytes); + return ret; +} + +ssize_t +roaming_read(int fd, void *buf, size_t count, int *cont) +{ + ssize_t ret = read(fd, buf, count); + if (ret > 0) { + if (!resume_in_progress) { + read_bytes += ret; + } + } + return ret; +} + +ssize_t +roaming_atomicio(ssize_t(*f)(), int fd, void *buf, size_t count) +{ + ssize_t ret = atomicio(f, fd, buf, count); + + if ((f == write || f == vwrite) && ret > 0 && !resume_in_progress) { + write_bytes += ret; + } else if (f == read && ret > 0 && !resume_in_progress) { + read_bytes += ret; + } + return ret; +} diff --git a/roaming_dummy.c b/roaming_dummy.c new file mode 100644 index 000000000..cd1d20257 --- /dev/null +++ b/roaming_dummy.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2004-2009 AppGate Network Security AB + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * This file is included in the client programs which should not + * support roaming. + */ + +#include +#include + +int resume_in_progress = 0; + +u_int64_t get_recv_bytes() +{ + return 0; +} + +ssize_t +roaming_write(int fd, const void *buf, size_t count, int *cont) +{ + return write(fd, buf, count); +} + +ssize_t +roaming_read(int fd, void *buf, size_t count, int *cont) +{ + if (cont) + *cont = 0; + return read(fd, buf, count); +} + +void +add_recv_bytes(u_int64_t num) +{ +} + +int +resume_kex() +{ + return 1; +} diff --git a/serverloop.c b/serverloop.c index 53cb67d7b..d8cb54bc7 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.158 2009/05/25 06:48:01 andreas Exp $ */ +/* $OpenBSD: serverloop.c,v 1.159 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -78,6 +78,7 @@ #include "auth-options.h" #include "serverloop.h" #include "misc.h" +#include "roaming.h" extern ServerOptions options; @@ -391,8 +392,11 @@ process_input(fd_set *readset) /* Read and buffer any input data from the client. */ if (FD_ISSET(connection_in, readset)) { - len = read(connection_in, buf, sizeof(buf)); + int cont = 0; + len = roaming_read(connection_in, buf, sizeof(buf), &cont); if (len == 0) { + if (cont) + return; verbose("Connection closed by %.100s", get_remote_ipaddr()); connection_closed = 1; diff --git a/sshconnect.c b/sshconnect.c index dee3ba544..3e57e859d 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.213 2009/05/27 06:38:16 andreas Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.214 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -56,6 +56,7 @@ #include "atomicio.h" #include "misc.h" #include "dns.h" +#include "roaming.h" #include "version.h" char *client_version_string = NULL; @@ -452,7 +453,7 @@ ssh_exchange_identification(int timeout_ms) } } - len = atomicio(read, connection_in, &buf[i], 1); + len = roaming_atomicio(read, connection_in, &buf[i], 1); if (len != 1 && errno == EPIPE) fatal("ssh_exchange_identification: " @@ -537,7 +538,8 @@ ssh_exchange_identification(int timeout_ms) compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1, compat20 ? PROTOCOL_MINOR_2 : minor1, SSH_VERSION, compat20 ? "\r\n" : "\n"); - if (atomicio(vwrite, connection_out, buf, strlen(buf)) != strlen(buf)) + if (roaming_atomicio(vwrite, connection_out, buf, strlen(buf)) + != strlen(buf)) fatal("write: %.100s", strerror(errno)); client_version_string = xstrdup(buf); chop(client_version_string); diff --git a/sshd.c b/sshd.c index 3b5cd3cfd..91831e208 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.366 2009/01/22 10:02:34 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.367 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -117,6 +117,7 @@ #include "ssh-gss.h" #endif #include "monitor_wrap.h" +#include "roaming.h" #include "version.h" #ifdef LIBWRAP @@ -419,7 +420,7 @@ sshd_exchange_identification(int sock_in, int sock_out) server_version_string = xstrdup(buf); /* Send our protocol version identification. */ - if (atomicio(vwrite, sock_out, server_version_string, + if (roaming_atomicio(vwrite, sock_out, server_version_string, strlen(server_version_string)) != strlen(server_version_string)) { logit("Could not write ident string to %s", get_remote_ipaddr()); @@ -429,7 +430,7 @@ sshd_exchange_identification(int sock_in, int sock_out) /* Read other sides version identification. */ memset(buf, 0, sizeof(buf)); for (i = 0; i < sizeof(buf) - 1; i++) { - if (atomicio(read, sock_in, &buf[i], 1) != 1) { + if (roaming_atomicio(read, sock_in, &buf[i], 1) != 1) { logit("Did not receive identification string from %s", get_remote_ipaddr()); cleanup_exit(255); -- cgit v1.2.3 From b422afa41f75229da03a90a52b0f30206b5797a1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 18:58:46 +1000 Subject: - andreas@cvs.openbsd.org 2009/06/12 20:43:22 [monitor.c packet.c] Fix warnings found by chl@ and djm@ and change roaming_atomicio's return type to match atomicio's Diff from djm@, ok markus@ --- ChangeLog | 5 +++++ monitor.c | 3 ++- packet.c | 4 ++-- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8ed7db993..7df6881d7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -88,6 +88,11 @@ changes. Most code from Martin Forssen, maf at appgate dot com. ok markus@ Also, applied appropriate changes to Makefile.in + - andreas@cvs.openbsd.org 2009/06/12 20:43:22 + [monitor.c packet.c] + Fix warnings found by chl@ and djm@ and change roaming_atomicio's + return type to match atomicio's + Diff from djm@, ok markus@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/monitor.c b/monitor.c index 36a9e1dc1..ace25c404 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.103 2009/05/28 16:50:16 andreas Exp $ */ +/* $OpenBSD: monitor.c,v 1.104 2009/06/12 20:43:22 andreas Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -88,6 +88,7 @@ #include "compat.h" #include "ssh2.h" #include "jpake.h" +#include "roaming.h" #ifdef GSSAPI static Gssctxt *gsscontext = NULL; diff --git a/packet.c b/packet.c index f3f8389a3..f74fe52e3 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.163 2009/05/28 16:50:16 andreas Exp $ */ +/* $OpenBSD: packet.c,v 1.164 2009/06/12 20:43:22 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -188,7 +188,7 @@ struct session_state { static struct session_state *active_state; static struct session_state * -alloc_session_state() +alloc_session_state(void) { struct session_state *s = xcalloc(1, sizeof(*s)); -- cgit v1.2.3 From 7b935c79f4f31da21989cc441caee247af417b3b Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 18:59:36 +1000 Subject: - andreas@cvs.openbsd.org 2009/06/12 20:58:32 [packet.c] Move some more statics into session_state ok markus@ djm@ --- ChangeLog | 4 ++++ packet.c | 30 +++++++++++++++++------------- 2 files changed, 21 insertions(+), 13 deletions(-) diff --git a/ChangeLog b/ChangeLog index 7df6881d7..862d55eaa 100644 --- a/ChangeLog +++ b/ChangeLog @@ -93,6 +93,10 @@ Fix warnings found by chl@ and djm@ and change roaming_atomicio's return type to match atomicio's Diff from djm@, ok markus@ + - andreas@cvs.openbsd.org 2009/06/12 20:58:32 + [packet.c] + Move some more statics into session_state + ok markus@ djm@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/packet.c b/packet.c index f74fe52e3..0e9993b5a 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.164 2009/06/12 20:43:22 andreas Exp $ */ +/* $OpenBSD: packet.c,v 1.165 2009/06/12 20:58:32 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -182,6 +182,15 @@ struct session_state { /* Used in packet_read_poll2() */ u_int packlen; + /* Used in packet_send2 */ + int rekeying; + + /* Used in packet_set_interactive */ + int set_interactive_called; + + /* Used in packet_set_maxsize */ + int set_maxsize_called; + TAILQ_HEAD(, packet) outgoing; }; @@ -950,7 +959,6 @@ packet_send2_wrapped(void) static void packet_send2(void) { - static int rekeying = 0; struct packet *p; u_char type, *cp; @@ -958,7 +966,7 @@ packet_send2(void) type = cp[5]; /* during rekeying we can only send key exchange messages */ - if (rekeying) { + if (active_state->rekeying) { if (!((type >= SSH2_MSG_TRANSPORT_MIN) && (type <= SSH2_MSG_TRANSPORT_MAX))) { debug("enqueue packet: %u", type); @@ -974,13 +982,13 @@ packet_send2(void) /* rekeying starts with sending KEXINIT */ if (type == SSH2_MSG_KEXINIT) - rekeying = 1; + active_state->rekeying = 1; packet_send2_wrapped(); /* after a NEWKEYS message we can send the complete queue */ if (type == SSH2_MSG_NEWKEYS) { - rekeying = 0; + active_state->rekeying = 0; while ((p = TAILQ_FIRST(&active_state->outgoing))) { type = p->type; debug("dequeue packet: %u", type); @@ -1737,11 +1745,9 @@ packet_set_tos(int interactive) void packet_set_interactive(int interactive) { - static int called = 0; - - if (called) + if (active_state->set_interactive_called) return; - called = 1; + active_state->set_interactive_called = 1; /* Record that we are in interactive mode. */ active_state->interactive_mode = interactive; @@ -1764,9 +1770,7 @@ packet_is_interactive(void) int packet_set_maxsize(u_int s) { - static int called = 0; - - if (called) { + if (active_state->set_maxsize_called) { logit("packet_set_maxsize: called twice: old %d new %d", active_state->max_packet_size, s); return -1; @@ -1775,7 +1779,7 @@ packet_set_maxsize(u_int s) logit("packet_set_maxsize: bad size %d", s); return -1; } - called = 1; + active_state->set_maxsize_called = 1; debug("packet_set_maxsize: setting to %d", s); active_state->max_packet_size = s; return s; -- cgit v1.2.3 From 6ae35ac5762b6abcbd416e7db9246e730b401f10 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 19:00:20 +1000 Subject: - dtucker@cvs.openbsd.org 2009/06/21 07:37:15 [kexdhs.c kexgexs.c] abort if key_sign fails, preventing possible null deref. Based on report from Paolo Ganci, ok markus@ djm@ --- ChangeLog | 4 ++++ kexdhs.c | 6 ++++-- kexgexs.c | 6 ++++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 862d55eaa..a10870522 100644 --- a/ChangeLog +++ b/ChangeLog @@ -97,6 +97,10 @@ [packet.c] Move some more statics into session_state ok markus@ djm@ + - dtucker@cvs.openbsd.org 2009/06/21 07:37:15 + [kexdhs.c kexgexs.c] + abort if key_sign fails, preventing possible null deref. Based on report + from Paolo Ganci, ok markus@ djm@ 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/kexdhs.c b/kexdhs.c index 861708818..a6719f672 100644 --- a/kexdhs.c +++ b/kexdhs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhs.c,v 1.9 2006/11/06 21:25:28 markus Exp $ */ +/* $OpenBSD: kexdhs.c,v 1.10 2009/06/21 07:37:15 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -137,7 +137,9 @@ kexdh_server(Kex *kex) } /* sign H */ - PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen)); + if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, + hashlen)) < 0) + fatal("kexdh_server: key_sign failed"); /* destroy_sensitive_data(); */ diff --git a/kexgexs.c b/kexgexs.c index 76a0f8ca7..8515568b3 100644 --- a/kexgexs.c +++ b/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.11 2009/01/01 21:17:36 djm Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.12 2009/06/21 07:37:15 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -179,7 +179,9 @@ kexgex_server(Kex *kex) } /* sign H */ - PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen)); + if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, + hashlen)) < 0) + fatal("kexgex_server: key_sign failed"); /* destroy_sensitive_data(); */ -- cgit v1.2.3 From e6b590e8d40e2b2ab0aab9da1b7d34cd357caf6a Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 19:08:48 +1000 Subject: - dtucker@cvs.openbsd.org 2009/06/21 09:04:03 [roaming.h roaming_common.c roaming_dummy.c] Add tags for the benefit of the sync scripts Also: pull in the changes for 1.1->1.2 missed in the previous sync. --- ChangeLog | 4 ++++ roaming.h | 3 ++- roaming_common.c | 17 ++++++++++------- roaming_dummy.c | 8 ++++++-- 4 files changed, 22 insertions(+), 10 deletions(-) diff --git a/ChangeLog b/ChangeLog index a10870522..c816276cc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -101,6 +101,10 @@ [kexdhs.c kexgexs.c] abort if key_sign fails, preventing possible null deref. Based on report from Paolo Ganci, ok markus@ djm@ + - dtucker@cvs.openbsd.org 2009/06/21 09:04:03 + [roaming.h roaming_common.c roaming_dummy.c] + Add tags for the benefit of the sync scripts + Also: pull in the changes for 1.1->1.2 missed in the previous sync. 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/roaming.h b/roaming.h index 88193453a..e99465502 100644 --- a/roaming.h +++ b/roaming.h @@ -1,3 +1,4 @@ +/* $OpenBSD: roaming.h,v 1.3 2009/06/21 09:04:03 dtucker Exp $ */ /* * Copyright (c) 2004-2009 AppGate Network Security AB * @@ -22,7 +23,7 @@ extern int resume_in_progress; void add_recv_bytes(u_int64_t); ssize_t roaming_write(int, const void *, size_t, int *); ssize_t roaming_read(int, void *, size_t, int *); -ssize_t roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); +size_t roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); u_int64_t get_recv_bytes(void); u_int64_t get_sent_bytes(void); void roam_set_bytes(u_int64_t, u_int64_t); diff --git a/roaming_common.c b/roaming_common.c index 5a871b23e..065542520 100644 --- a/roaming_common.c +++ b/roaming_common.c @@ -1,3 +1,4 @@ +/* $OpenBSD: roaming_common.c,v 1.4 2009/06/21 09:04:03 dtucker Exp $ */ /* * Copyright (c) 2004-2009 AppGate Network Security AB * @@ -55,9 +56,9 @@ get_sent_bytes(void) } void -roam_set_bytes(u_int64_t sent, u_int64_t recv) +roam_set_bytes(u_int64_t sent, u_int64_t recvd) { - read_bytes = recv; + read_bytes = recvd; write_bytes = sent; } @@ -70,7 +71,8 @@ roaming_write(int fd, const void *buf, size_t count, int *cont) if (ret > 0 && !resume_in_progress) { write_bytes += ret; } - debug("Wrote %d bytes for a total of %lld", ret, write_bytes); + debug3("Wrote %ld bytes for a total of %llu", (long)ret, + (unsigned long long)write_bytes); return ret; } @@ -86,12 +88,13 @@ roaming_read(int fd, void *buf, size_t count, int *cont) return ret; } -ssize_t -roaming_atomicio(ssize_t(*f)(), int fd, void *buf, size_t count) +size_t +roaming_atomicio(ssize_t(*f)(int, void*, size_t), int fd, void *buf, + size_t count) { - ssize_t ret = atomicio(f, fd, buf, count); + size_t ret = atomicio(f, fd, buf, count); - if ((f == write || f == vwrite) && ret > 0 && !resume_in_progress) { + if (f == vwrite && ret > 0 && !resume_in_progress) { write_bytes += ret; } else if (f == read && ret > 0 && !resume_in_progress) { read_bytes += ret; diff --git a/roaming_dummy.c b/roaming_dummy.c index cd1d20257..f081bffe9 100644 --- a/roaming_dummy.c +++ b/roaming_dummy.c @@ -1,3 +1,4 @@ +/* $OpenBSD: roaming_dummy.c,v 1.3 2009/06/21 09:04:03 dtucker Exp $ */ /* * Copyright (c) 2004-2009 AppGate Network Security AB * @@ -22,9 +23,12 @@ #include #include +#include "roaming.h" + int resume_in_progress = 0; -u_int64_t get_recv_bytes() +u_int64_t +get_recv_bytes(void) { return 0; } @@ -49,7 +53,7 @@ add_recv_bytes(u_int64_t num) } int -resume_kex() +resume_kex(void) { return 1; } -- cgit v1.2.3 From 43e7a358ff9476fb77bc1b475530ce4c6b152ccc Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 19:50:08 +1000 Subject: - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and header-order changes to reduce diff vs OpenBSD. --- ChangeLog | 2 ++ auth2-jpake.c | 2 +- auth2.c | 2 +- canohost.h | 2 +- session.c | 6 +++--- 5 files changed, 8 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index c816276cc..629c482df 100644 --- a/ChangeLog +++ b/ChangeLog @@ -105,6 +105,8 @@ [roaming.h roaming_common.c roaming_dummy.c] Add tags for the benefit of the sync scripts Also: pull in the changes for 1.1->1.2 missed in the previous sync. + - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and + header-order changes to reduce diff vs OpenBSD. 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/auth2-jpake.c b/auth2-jpake.c index 6092e31c0..5de5506a6 100644 --- a/auth2-jpake.c +++ b/auth2-jpake.c @@ -42,8 +42,8 @@ #include "ssh2.h" #include "key.h" #include "hostfile.h" -#include "buffer.h" #include "auth.h" +#include "buffer.h" #include "packet.h" #include "dispatch.h" #include "log.h" diff --git a/auth2.c b/auth2.c index ecf857052..92e6f5842 100644 --- a/auth2.c +++ b/auth2.c @@ -35,8 +35,8 @@ #include #include -#include "xmalloc.h" #include "atomicio.h" +#include "xmalloc.h" #include "ssh2.h" #include "packet.h" #include "log.h" diff --git a/canohost.h b/canohost.h index 64000f5eb..4c8636f42 100644 --- a/canohost.h +++ b/canohost.h @@ -24,6 +24,6 @@ char *get_local_name(int); int get_remote_port(void); int get_local_port(void); int get_sock_port(int, int); -void clear_cached_addr(void); +void clear_cached_addr(void); void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); diff --git a/session.c b/session.c index f04266f78..cdbf88ab7 100644 --- a/session.c +++ b/session.c @@ -715,8 +715,8 @@ do_exec_pty(Session *s, const char *command) * Do common processing for the child, such as execing * the command. */ - do_child(s, command); - /* NOTREACHED */ + do_child(s, command); + /* NOTREACHED */ default: break; } @@ -845,7 +845,7 @@ do_login(Session *s, const char *command) fromlen = sizeof(from); if (packet_connection_is_on_socket()) { if (getpeername(packet_get_connection_in(), - (struct sockaddr *) & from, &fromlen) < 0) { + (struct sockaddr *)&from, &fromlen) < 0) { debug("getpeername: %.100s", strerror(errno)); cleanup_exit(255); } -- cgit v1.2.3 From 64cee36713d8094af37e3e2e5a7d38a8d25dff80 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 20:26:17 +1000 Subject: - (dtucker) [servconf.c sshd.c] More whitespace sync. --- ChangeLog | 1 + servconf.c | 6 +++--- sshd.c | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 629c482df..5635d7aa0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -107,6 +107,7 @@ Also: pull in the changes for 1.1->1.2 missed in the previous sync. - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and header-order changes to reduce diff vs OpenBSD. + - (dtucker) [servconf.c sshd.c] More whitespace sync. 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/servconf.c b/servconf.c index af940cac2..b51b86a8f 100644 --- a/servconf.c +++ b/servconf.c @@ -343,7 +343,7 @@ static struct { { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_GLOBAL }, { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, - { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ + { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ #ifdef KRB5 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, @@ -417,10 +417,10 @@ static struct { { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_GLOBAL }, { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_GLOBAL }, - { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL }, + { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL }, { "permittunnel", sPermitTunnel, SSHCFG_GLOBAL }, - { "match", sMatch, SSHCFG_ALL }, + { "match", sMatch, SSHCFG_ALL }, { "permitopen", sPermitOpen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, diff --git a/sshd.c b/sshd.c index 91831e208..13a455d1f 100644 --- a/sshd.c +++ b/sshd.c @@ -578,7 +578,7 @@ demote_sensitive_data(void) static void privsep_preauth_child(void) { - u_int32_t rnd[256]; + u_int32_t rnd[256]; gid_t gidset[1]; /* Enable challenge-response authentication for privilege separation */ -- cgit v1.2.3 From 828c96d48fce9040a75b0e9e66ecd02c96dee11e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 21 Jun 2009 22:22:08 +1000 Subject: - (dtucker) [roaming_common.c roaming_dummy.c] Wrap #include in ifdef. --- ChangeLog | 2 ++ roaming_common.c | 4 ++++ roaming_dummy.c | 2 ++ 3 files changed, 8 insertions(+) diff --git a/ChangeLog b/ChangeLog index 5635d7aa0..c801521bc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -108,6 +108,8 @@ - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and header-order changes to reduce diff vs OpenBSD. - (dtucker) [servconf.c sshd.c] More whitespace sync. + - (dtucker) [roaming_common.c roaming_dummy.c] Wrap #include in + ifdef. 20090616 - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t diff --git a/roaming_common.c b/roaming_common.c index 065542520..14dd5808f 100644 --- a/roaming_common.c +++ b/roaming_common.c @@ -15,12 +15,16 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include "includes.h" + #include #include #include #include +#ifdef HAVE_INTTYPES_H #include +#endif #include #include diff --git a/roaming_dummy.c b/roaming_dummy.c index f081bffe9..45c4008e7 100644 --- a/roaming_dummy.c +++ b/roaming_dummy.c @@ -20,6 +20,8 @@ * support roaming. */ +#include "includes.h" + #include #include -- cgit v1.2.3 From 821d3dbe36faa1e53a269e434487d0617a0a1578 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 22 Jun 2009 16:11:06 +1000 Subject: - dtucker@cvs.openbsd.org 2009/06/22 05:39:28 [monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c] alphabetize includes; reduces diff vs portable and style(9). ok stevesk djm (Id sync only; these were already in order in -portable) --- ChangeLog | 8 ++++++++ auth2.c | 2 +- gss-genr.c | 2 +- monitor_mm.c | 2 +- monitor_wrap.c | 2 +- sftp-client.c | 2 +- ssh-keygen.c | 2 +- 7 files changed, 14 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index c801521bc..0f39fa215 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +20090622 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2009/06/22 05:39:28 + [monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c] + alphabetize includes; reduces diff vs portable and style(9). + ok stevesk djm + (Id sync only; these were already in order in -portable) + 20090621 - (dtucker) OpenBSD CVS Sync - markus@cvs.openbsd.org 2009/03/17 21:37:00 diff --git a/auth2.c b/auth2.c index 92e6f5842..5d5468559 100644 --- a/auth2.c +++ b/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.120 2008/11/04 08:22:12 djm Exp $ */ +/* $OpenBSD: auth2.c,v 1.121 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * diff --git a/gss-genr.c b/gss-genr.c index e9190575d..842f38582 100644 --- a/gss-genr.c +++ b/gss-genr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-genr.c,v 1.19 2007/06/12 11:56:15 dtucker Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.20 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. diff --git a/monitor_mm.c b/monitor_mm.c index dab747532..faf9f3dcb 100644 --- a/monitor_mm.c +++ b/monitor_mm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_mm.c,v 1.15 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: monitor_mm.c,v 1.16 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * All rights reserved. diff --git a/monitor_wrap.c b/monitor_wrap.c index b696d7821..b8e8710f7 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.67 2009/05/28 16:50:16 andreas Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.68 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl diff --git a/sftp-client.c b/sftp-client.c index 5e39aa7d2..0990b7912 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.86 2008/06/26 06:10:09 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.87 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * diff --git a/ssh-keygen.c b/ssh-keygen.c index 5765cff08..da5db9845 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.173 2009/02/21 19:32:04 tobias Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.174 2009/06/22 05:39:28 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland -- cgit v1.2.3 From e841eb065426d9c9c9e107e76d816107d68554a7 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 6 Jul 2009 07:11:13 +1000 Subject: - andreas@cvs.openbsd.org 2009/06/27 09:29:06 [packet.h packet.c] packet_bacup_state() and packet_restore_state() will be used to temporarily save the current state ren resuming a suspended connection. ok markus@ --- ChangeLog | 7 +++++++ packet.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++-- packet.h | 5 ++++- 3 files changed, 60 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0f39fa215..93f6b8a20 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ + - (dtucker) OpenBSD CVS Sync + - andreas@cvs.openbsd.org 2009/06/27 09:29:06 + [packet.h packet.c] + packet_bacup_state() and packet_restore_state() will be used to + temporarily save the current state ren resuming a suspended connection. + ok markus@ + 20090622 - (dtucker) OpenBSD CVS Sync - dtucker@cvs.openbsd.org 2009/06/22 05:39:28 diff --git a/packet.c b/packet.c index 0e9993b5a..600e015fb 100644 --- a/packet.c +++ b/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.165 2009/06/12 20:58:32 andreas Exp $ */ +/* $OpenBSD: packet.c,v 1.166 2009/06/27 09:29:06 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -194,7 +194,7 @@ struct session_state { TAILQ_HEAD(, packet) outgoing; }; -static struct session_state *active_state; +static struct session_state *active_state, *backup_state; static struct session_state * alloc_session_state(void) @@ -1887,3 +1887,50 @@ packet_get_newkeys(int mode) { return (void *)active_state->newkeys[mode]; } + +/* + * Save the state for the real connection, and use a separate state when + * resuming a suspended connection. + */ +void +packet_backup_state(void) +{ + struct session_state *tmp; + + close(active_state->connection_in); + active_state->connection_in = -1; + close(active_state->connection_out); + active_state->connection_out = -1; + if (backup_state) + tmp = backup_state; + else + tmp = alloc_session_state(); + backup_state = active_state; + active_state = tmp; +} + +/* + * Swap in the old state when resuming a connecion. + */ +void +packet_restore_state(void) +{ + struct session_state *tmp; + void *buf; + u_int len; + + tmp = backup_state; + backup_state = active_state; + active_state = tmp; + active_state->connection_in = backup_state->connection_in; + backup_state->connection_in = -1; + active_state->connection_out = backup_state->connection_out; + backup_state->connection_out = -1; + len = buffer_len(&backup_state->input); + if (len > 0) { + buf = buffer_ptr(&backup_state->input); + buffer_append(&active_state->input, buf, len); + buffer_clear(&backup_state->input); + add_recv_bytes(len); + } +} diff --git a/packet.h b/packet.h index 265fcf236..33523d750 100644 --- a/packet.h +++ b/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.51 2009/05/27 06:36:07 andreas Exp $ */ +/* $OpenBSD: packet.h,v 1.52 2009/06/27 09:29:06 andreas Exp $ */ /* * Author: Tatu Ylonen @@ -109,6 +109,9 @@ do { \ int packet_need_rekeying(void); void packet_set_rekey_limit(u_int32_t); +void packet_backup_state(void); +void packet_restore_state(void); + void *packet_get_input(void); void *packet_get_output(void); -- cgit v1.2.3 From 466df219615d72e48ff9103ec67521447f23a158 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 6 Jul 2009 07:11:52 +1000 Subject: - andreas@cvs.openbsd.org 2009/06/27 09:32:43 [roaming_common.c roaming.h] It may be necessary to retransmit some data when resuming, so add it to a buffer when roaming is enabled. Most of this code was written by Martin Forssen, maf at appgate dot com. ok markus@ --- ChangeLog | 6 ++++ roaming.h | 8 ++++- roaming_common.c | 96 +++++++++++++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 108 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 93f6b8a20..20aa4bd5c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,12 @@ packet_bacup_state() and packet_restore_state() will be used to temporarily save the current state ren resuming a suspended connection. ok markus@ + - andreas@cvs.openbsd.org 2009/06/27 09:32:43 + [roaming_common.c roaming.h] + It may be necessary to retransmit some data when resuming, so add it + to a buffer when roaming is enabled. + Most of this code was written by Martin Forssen, maf at appgate dot com. + ok markus@ 20090622 - (dtucker) OpenBSD CVS Sync diff --git a/roaming.h b/roaming.h index e99465502..e517161f6 100644 --- a/roaming.h +++ b/roaming.h @@ -1,4 +1,4 @@ -/* $OpenBSD: roaming.h,v 1.3 2009/06/21 09:04:03 dtucker Exp $ */ +/* $OpenBSD: roaming.h,v 1.4 2009/06/27 09:32:43 andreas Exp $ */ /* * Copyright (c) 2004-2009 AppGate Network Security AB * @@ -18,15 +18,21 @@ #ifndef ROAMING_H #define ROAMING_H +#define DEFAULT_ROAMBUF 65536 + extern int resume_in_progress; +int get_snd_buf_size(void); +int get_recv_buf_size(void); void add_recv_bytes(u_int64_t); +void set_out_buffer_size(size_t); ssize_t roaming_write(int, const void *, size_t, int *); ssize_t roaming_read(int, void *, size_t, int *); size_t roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); u_int64_t get_recv_bytes(void); u_int64_t get_sent_bytes(void); void roam_set_bytes(u_int64_t, u_int64_t); +void resend_bytes(int, u_int64_t *); int resume_kex(void); #endif /* ROAMING */ diff --git a/roaming_common.c b/roaming_common.c index 14dd5808f..73db09d79 100644 --- a/roaming_common.c +++ b/roaming_common.c @@ -1,4 +1,4 @@ -/* $OpenBSD: roaming_common.c,v 1.4 2009/06/21 09:04:03 dtucker Exp $ */ +/* $OpenBSD: roaming_common.c,v 1.5 2009/06/27 09:32:43 andreas Exp $ */ /* * Copyright (c) 2004-2009 AppGate Network Security AB * @@ -26,6 +26,7 @@ #include #endif #include +#include #include #include "atomicio.h" @@ -36,11 +37,56 @@ #include "buffer.h" #include "roaming.h" +static size_t out_buf_size = 0; +static char *out_buf = NULL; +static size_t out_start; +static size_t out_last; + static u_int64_t write_bytes = 0; static u_int64_t read_bytes = 0; +int roaming_enabled = 0; int resume_in_progress = 0; +int +get_snd_buf_size() +{ + int fd = packet_get_connection_out(); + int optval, optvallen; + + optvallen = sizeof(optval); + if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &optval, &optvallen) != 0) + optval = DEFAULT_ROAMBUF; + return optval; +} + +int +get_recv_buf_size() +{ + int fd = packet_get_connection_in(); + int optval, optvallen; + + optvallen = sizeof(optval); + if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &optval, &optvallen) != 0) + optval = DEFAULT_ROAMBUF; + return optval; +} + +void +set_out_buffer_size(size_t size) +{ + /* + * The buffer size can only be set once and the buffer will live + * as long as the session lives. + */ + if (out_buf == NULL) { + out_buf_size = size; + out_buf = xmalloc(size); + out_start = 0; + out_last = 0; + } +} + u_int64_t get_recv_bytes(void) { @@ -66,6 +112,28 @@ roam_set_bytes(u_int64_t sent, u_int64_t recvd) write_bytes = sent; } +static void +buf_append(const char *buf, size_t count) +{ + if (count > out_buf_size) { + buf += count - out_buf_size; + count = out_buf_size; + } + if (count < out_buf_size - out_last) { + memcpy(out_buf + out_last, buf, count); + if (out_start > out_last) + out_start += count; + out_last += count; + } else { + /* data will wrap */ + size_t chunk = out_buf_size - out_last; + memcpy(out_buf + out_last, buf, chunk); + memcpy(out_buf, buf + chunk, count - chunk); + out_last = count - chunk; + out_start = out_last + 1; + } +} + ssize_t roaming_write(int fd, const void *buf, size_t count, int *cont) { @@ -74,6 +142,8 @@ roaming_write(int fd, const void *buf, size_t count, int *cont) ret = write(fd, buf, count); if (ret > 0 && !resume_in_progress) { write_bytes += ret; + if (out_buf_size > 0) + buf_append(buf, ret); } debug3("Wrote %ld bytes for a total of %llu", (long)ret, (unsigned long long)write_bytes); @@ -105,3 +175,27 @@ roaming_atomicio(ssize_t(*f)(int, void*, size_t), int fd, void *buf, } return ret; } + +void +resend_bytes(int fd, u_int64_t *offset) +{ + size_t available, needed; + + if (out_start < out_last) + available = out_last - out_start; + else + available = out_buf_size; + needed = write_bytes - *offset; + debug3("resend_bytes: resend %lu bytes from %llu", + (unsigned long)needed, (unsigned long long)*offset); + if (needed > available) + fatal("Needed to resend more data than in the cache"); + if (out_last < needed) { + int chunkend = needed - out_last; + atomicio(vwrite, fd, out_buf + out_buf_size - chunkend, + chunkend); + atomicio(vwrite, fd, out_buf, out_last); + } else { + atomicio(vwrite, fd, out_buf + (out_last - needed), needed); + } +} -- cgit v1.2.3 From 71e4d54dc7e7868708334bea526cd3f94cd9d1d3 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 6 Jul 2009 07:12:27 +1000 Subject: - andreas@cvs.openbsd.org 2009/06/27 09:35:06 [readconf.h readconf.c] Add client option UseRoaming. It doesn't do anything yet but will control whether the client tries to use roaming if enabled on the server. From Martin Forssen. ok markus@ --- ChangeLog | 6 ++++++ readconf.c | 12 ++++++++++-- readconf.h | 4 +++- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 20aa4bd5c..d47ed659f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,12 @@ to a buffer when roaming is enabled. Most of this code was written by Martin Forssen, maf at appgate dot com. ok markus@ + - andreas@cvs.openbsd.org 2009/06/27 09:35:06 + [readconf.h readconf.c] + Add client option UseRoaming. It doesn't do anything yet but will + control whether the client tries to use roaming if enabled on the + server. From Martin Forssen. + ok markus@ 20090622 - (dtucker) OpenBSD CVS Sync diff --git a/readconf.c b/readconf.c index 53fc6c7ba..0bf5d7cb4 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.176 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.177 2009/06/27 09:35:06 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -130,7 +130,7 @@ typedef enum { oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, - oVisualHostKey, oZeroKnowledgePasswordAuthentication, + oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, oDeprecated, oUnsupported } OpCodes; @@ -228,6 +228,7 @@ static struct { { "localcommand", oLocalCommand }, { "permitlocalcommand", oPermitLocalCommand }, { "visualhostkey", oVisualHostKey }, + { "useroaming", oUseRoaming }, #ifdef JPAKE { "zeroknowledgepasswordauthentication", oZeroKnowledgePasswordAuthentication }, @@ -914,6 +915,10 @@ parse_int: intptr = &options->visual_host_key; goto parse_flag; + case oUseRoaming: + intptr = &options->use_roaming; + goto parse_flag; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -1063,6 +1068,7 @@ initialize_options(Options * options) options->tun_remote = -1; options->local_command = NULL; options->permit_local_command = -1; + options->use_roaming = -1; options->visual_host_key = -1; options->zero_knowledge_password_authentication = -1; } @@ -1199,6 +1205,8 @@ fill_default_options(Options * options) options->tun_remote = SSH_TUNID_ANY; if (options->permit_local_command == -1) options->permit_local_command = 0; + if (options->use_roaming == -1) + options->use_roaming = 1; if (options->visual_host_key == -1) options->visual_host_key = 0; if (options->zero_knowledge_password_authentication == -1) diff --git a/readconf.h b/readconf.h index 8fb3a8528..2ebfebe94 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.78 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.79 2009/06/27 09:35:06 andreas Exp $ */ /* * Author: Tatu Ylonen @@ -123,6 +123,8 @@ typedef struct { int permit_local_command; int visual_host_key; + int use_roaming; + } Options; #define SSHCTL_MASTER_NO 0 -- cgit v1.2.3 From cd6b1a27cbb9400565811f908ca536937d875b8f Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 6 Jul 2009 07:13:04 +1000 Subject: - markus@cvs.openbsd.org 2009/06/30 14:54:40 [version.h] crank version; ok deraadt --- ChangeLog | 3 +++ version.h | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index d47ed659f..38744449b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -16,6 +16,9 @@ control whether the client tries to use roaming if enabled on the server. From Martin Forssen. ok markus@ + - markus@cvs.openbsd.org 2009/06/30 14:54:40 + [version.h] + crank version; ok deraadt 20090622 - (dtucker) OpenBSD CVS Sync diff --git a/version.h b/version.h index f2f3196ab..721ebdea0 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ -/* $OpenBSD: version.h,v 1.55 2009/02/23 00:06:15 djm Exp $ */ +/* $OpenBSD: version.h,v 1.56 2009/06/30 14:54:40 markus Exp $ */ -#define SSH_VERSION "OpenSSH_5.2" +#define SSH_VERSION "OpenSSH_5.3" #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE -- cgit v1.2.3 From 199b1340a85de9f241935bc0fe56b71258839220 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 6 Jul 2009 07:16:56 +1000 Subject: - dtucker@cvs.openbsd.org 2009/07/02 02:11:47 [ssh.c] allow for long home dir paths (bz #1615). ok deraadt (based in part on a patch from jchadima at redhat) --- ChangeLog | 4 ++++ ssh.c | 16 +++++++++------- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 38744449b..c5d41a949 100644 --- a/ChangeLog +++ b/ChangeLog @@ -19,6 +19,10 @@ - markus@cvs.openbsd.org 2009/06/30 14:54:40 [version.h] crank version; ok deraadt + - dtucker@cvs.openbsd.org 2009/07/02 02:11:47 + [ssh.c] + allow for long home dir paths (bz #1615). ok deraadt + (based in part on a patch from jchadima at redhat) 20090622 - (dtucker) OpenBSD CVS Sync diff --git a/ssh.c b/ssh.c index 96134680d..adfe60e4b 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.325 2009/03/17 21:37:00 markus Exp $ */ +/* $OpenBSD: ssh.c,v 1.326 2009/07/02 02:11:47 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -48,6 +48,7 @@ #endif #include #include +#include #include #include @@ -203,8 +204,8 @@ void muxserver_listen(void); int main(int ac, char **av) { - int i, opt, exit_status, use_syslog; - char *p, *cp, *line, *argv0, buf[256]; + int i, r, opt, exit_status, use_syslog; + char *p, *cp, *line, *argv0, buf[MAXPATHLEN]; struct stat st; struct passwd *pw; int dummy, timeout_ms; @@ -614,9 +615,10 @@ main(int ac, char **av) fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); } else { - snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, + r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); - (void)read_config_file(buf, host, &options, 1); + if (r > 0 && (size_t)r < sizeof(buf)) + (void)read_config_file(buf, host, &options, 1); /* Read systemwide configuration file after use config. */ (void)read_config_file(_PATH_HOST_CONFIG_FILE, host, @@ -767,9 +769,9 @@ main(int ac, char **av) * Now that we are back to our own permissions, create ~/.ssh * directory if it doesn't already exist. */ - snprintf(buf, sizeof buf, "%.100s%s%.100s", pw->pw_dir, + r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); - if (stat(buf, &st) < 0) + if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) if (mkdir(buf, 0700) < 0) error("Could not create directory '%.200s'.", buf); -- cgit v1.2.3 From de0c025e3cfe5bfd384e759daa8b95cc245efa33 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 6 Jul 2009 07:17:35 +1000 Subject: - stevesk@cvs.openbsd.org 2009/07/05 19:28:33 [clientloop.c] only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@ ok deraadt@ markus@ --- ChangeLog | 4 ++++ clientloop.c | 14 ++++++++------ 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index c5d41a949..290d90675 100644 --- a/ChangeLog +++ b/ChangeLog @@ -23,6 +23,10 @@ [ssh.c] allow for long home dir paths (bz #1615). ok deraadt (based in part on a patch from jchadima at redhat) + - stevesk@cvs.openbsd.org 2009/07/05 19:28:33 + [clientloop.c] + only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@ + ok deraadt@ markus@ 20090622 - (dtucker) OpenBSD CVS Sync diff --git a/clientloop.c b/clientloop.c index 43f001bc4..b8352f6bf 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.212 2009/05/28 16:50:16 andreas Exp $ */ +/* $OpenBSD: clientloop.c,v 1.213 2009/07/05 19:28:33 stevesk Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1477,11 +1477,13 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) /* Stop watching for window change. */ signal(SIGWINCH, SIG_DFL); - packet_start(SSH2_MSG_DISCONNECT); - packet_put_int(SSH2_DISCONNECT_BY_APPLICATION); - packet_put_cstring("disconnected by user"); - packet_send(); - packet_write_wait(); + if (compat20) { + packet_start(SSH2_MSG_DISCONNECT); + packet_put_int(SSH2_DISCONNECT_BY_APPLICATION); + packet_put_cstring("disconnected by user"); + packet_send(); + packet_write_wait(); + } channel_free_all(); -- cgit v1.2.3 From 4d4fdc0f7dc25e081d8da2e7a525ecb2a6f871f4 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 7 Jul 2009 21:19:11 +1000 Subject: - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated scripts and fix usage of eval. Patch from Corinna Vinschen. --- ChangeLog | 5 +++++ contrib/cygwin/ssh-host-config | 31 ++++++++++++++++++++++++------- 2 files changed, 29 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 290d90675..5e77f8315 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20090707 + - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated + scripts and fix usage of eval. Patch from Corinna Vinschen. + +20090705 - (dtucker) OpenBSD CVS Sync - andreas@cvs.openbsd.org 2009/06/27 09:29:06 [packet.h packet.c] diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 57e728fbc..32cb6ba23 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config @@ -1,6 +1,6 @@ #!/bin/bash # -# ssh-host-config, Copyright 2000, 2001, 2002, 2003 Red Hat Inc. +# ssh-host-config, Copyright 2000-2009 Red Hat Inc. # # This file is part of the Cygwin port of OpenSSH. @@ -26,7 +26,9 @@ port_number=22 privsep_configured=no privsep_used=yes cygwin_value="" +user_account= password_value= +opt_force=no # ====================================================================== # Routine: create_host_keys @@ -287,6 +289,11 @@ install_service() { csih_inform "sshd requires. You need to have or to create a privileged" csih_inform "account. This script will help you do so." echo + + [ "${opt_force}" = "yes" ] && opt_f=-f + [ -n "${user_account}" ] && opt_u="-u ""${user_account}""" + csih_select_privileged_username ${opt_f} ${opt_u} sshd + if ! csih_create_privileged_user "${password_value}" then csih_error_recoverable "There was a serious problem creating a privileged user." @@ -316,12 +323,12 @@ install_service() { if [ -n "${csih_cygenv}" ] then - cygwin_env="-e CYGWIN=\"${csih_cygenv}\"" + cygwin_env=( -e "CYGWIN=${csih_cygenv}" ) fi if [ -z "${password}" ] then - if eval cygrunsrv -I sshd -d \"CYGWIN sshd\" -p /usr/sbin/sshd \ - -a "-D" -y tcpip ${cygwin_env} + if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd \ + -a "-D" -y tcpip "${cygwin_env[@]}" then echo csih_inform "The sshd service has been installed under the LocalSystem" @@ -330,8 +337,8 @@ install_service() { csih_inform "will start automatically after the next reboot." fi else - if eval cygrunsrv -I sshd -d \"CYGWIN sshd\" -p /usr/sbin/sshd \ - -a "-D" -y tcpip ${cygwin_env} \ + if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd \ + -a "-D" -y tcpip "${cygwin_env[@]}" \ -u "${run_service_as}" -w "${password}" then echo @@ -378,11 +385,13 @@ if [ "$PROGDIR" = "/etc/postinstall" ] then csih_auto_answer="no" csih_disable_color + opt_force=yes fi if [ -n "${SSH_HOST_CONFIG_AUTO_ANSWER_NO}" ] then csih_auto_answer="no" csih_disable_color + opt_force=yes fi # ====================================================================== @@ -407,10 +416,12 @@ do -y | --yes ) csih_auto_answer=yes + opt_force=yes ;; -n | --no ) csih_auto_answer=no + opt_force=yes ;; -c | --cygwin ) @@ -423,6 +434,11 @@ do shift ;; + -u | --user ) + user_account="$1" + shift + ;; + -w | --pwd ) password_value="$1" shift @@ -443,6 +459,7 @@ do echo " --no -n Answer all questions with \"no\" automatically." echo " --cygwin -c Use \"options\" as value for CYGWIN environment var." echo " --port -p sshd listens on port n." + echo " --user -u privileged user for service." echo " --pwd -w Use \"pwd\" as password for privileged user." echo " --privileged On Windows NT/2k/XP, require privileged user" echo " instead of LocalSystem for sshd service." @@ -489,7 +506,7 @@ then fi # Create /var/empty file used as chroot jail for privilege separation -csih_make_dir "${LOCALSTATEDIR}/empty" "Cannot create log directory." +csih_make_dir "${LOCALSTATEDIR}/empty" "Cannot create ${LOCALSTATEDIR}/empty directory." chmod 755 "${LOCALSTATEDIR}/empty" setfacl -m u:system:rwx "${LOCALSTATEDIR}/empty" -- cgit v1.2.3 From c4b22ca1c82f9f21add785c01fcb90001d87ddb2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 12 Jul 2009 21:56:29 +1000 Subject: - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test, prevents configure complaining on older BSDs. --- ChangeLog | 4 ++++ configure.ac | 10 +++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5e77f8315..635bbd435 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20090712 + - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test, + prevents configure complaining on older BSDs. + 20090707 - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated scripts and fix usage of eval. Patch from Corinna Vinschen. diff --git a/configure.ac b/configure.ac index 140c62838..f18199bf7 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.420 2009/06/16 06:11:02 dtucker Exp $ +# $Id: configure.ac,v 1.421 2009/07/12 11:56:29 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.420 $) +AC_REVISION($Revision: 1.421 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -279,7 +279,6 @@ AC_CHECK_HEADERS( \ sys/cdefs.h \ sys/dir.h \ sys/mman.h \ - sys/mount.h \ sys/ndir.h \ sys/poll.h \ sys/prctl.h \ @@ -326,6 +325,11 @@ AC_CHECK_HEADERS(login_cap.h, [], [], [ #include ]) +# older BSDs need sys/param.h before sys/mount.h +AC_CHECK_HEADERS(sys/mount.h, [], [], [ +#include +]) + # Messages for features tested for in target-specific section SIA_MSG="no" SPC_MSG="no" -- cgit v1.2.3 From 8fdcba5caf124bec3d17e6c6688ca2f1857329c3 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 12 Jul 2009 21:58:42 +1000 Subject: - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch from Corinna Vinschen. --- ChangeLog | 2 ++ contrib/cygwin/ssh-host-config | 12 ++++++++++++ contrib/cygwin/ssh-user-config | 14 +++++++++++++- 3 files changed, 27 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 635bbd435..c6674c495 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,8 @@ 20090712 - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test, prevents configure complaining on older BSDs. + - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch + from Corinna Vinschen. 20090707 - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 32cb6ba23..b6f9511e2 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config @@ -3,6 +3,18 @@ # ssh-host-config, Copyright 2000-2009 Red Hat Inc. # # This file is part of the Cygwin port of OpenSSH. +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +# DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR +# THE USE OR OTHER DEALINGS IN THE SOFTWARE. # ====================================================================== # Initialization diff --git a/contrib/cygwin/ssh-user-config b/contrib/cygwin/ssh-user-config index f210bd556..303aef0bb 100644 --- a/contrib/cygwin/ssh-user-config +++ b/contrib/cygwin/ssh-user-config @@ -1,8 +1,20 @@ #!/bin/bash # -# ssh-user-config, Copyright 2000, 2001, 2002, 2003, Red Hat Inc. +# ssh-user-config, Copyright 2000-2008 Red Hat Inc. # # This file is part of the Cygwin port of OpenSSH. +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +# DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR +# THE USE OR OTHER DEALINGS IN THE SOFTWARE. # ====================================================================== # Initialization -- cgit v1.2.3 From 622d5c561bf940c0c2d329d8001ca1e60b862ca2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 12 Jul 2009 22:07:21 +1000 Subject: - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on logout to after the session close. Patch from Anicka Bernathova, ok djm. --- ChangeLog | 2 ++ auth-pam.c | 10 +++++----- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index c6674c495..5615c8a19 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,8 @@ prevents configure complaining on older BSDs. - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch from Corinna Vinschen. + - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on + logout to after the session close. Patch from Anicka Bernathova, ok djm. 20090707 - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated diff --git a/auth-pam.c b/auth-pam.c index ccdb9937e..675006e6f 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -602,16 +602,16 @@ sshpam_cleanup(void) return; debug("PAM: cleanup"); pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv); - if (sshpam_cred_established) { - debug("PAM: deleting credentials"); - pam_setcred(sshpam_handle, PAM_DELETE_CRED); - sshpam_cred_established = 0; - } if (sshpam_session_open) { debug("PAM: closing session"); pam_close_session(sshpam_handle, PAM_SILENT); sshpam_session_open = 0; } + if (sshpam_cred_established) { + debug("PAM: deleting credentials"); + pam_setcred(sshpam_handle, PAM_DELETE_CRED); + sshpam_cred_established = 0; + } sshpam_authenticated = 0; pam_end(sshpam_handle, sshpam_err); sshpam_handle = NULL; -- cgit v1.2.3 From 916fdda4016781ad19aca0996feda4ef07fbbd49 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sun, 12 Jul 2009 22:12:28 +1000 Subject: add credit for bug #1534 patch --- ChangeLog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 5615c8a19..bf016dca3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,7 +4,8 @@ - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch from Corinna Vinschen. - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on - logout to after the session close. Patch from Anicka Bernathova, ok djm. + logout to after the session close. Patch from Anicka Bernathova, + originally from Andreas Schwab via Novelll ok djm. 20090707 - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated -- cgit v1.2.3 From 440089afe071817443c15d8914097a43e0485a89 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 13 Jul 2009 11:38:23 +1000 Subject: - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it fits into 16 bits to work around a bug in glibc's resolver where it masks off the buffer size at 16 bits. Patch from Hauke Lampe, ok djm jakob. --- ChangeLog | 5 +++++ openbsd-compat/getrrsetbyname.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index bf016dca3..f6067e8a0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20090713 + - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it + fits into 16 bits to work around a bug in glibc's resolver where it masks + off the buffer size at 16 bits. Patch from Hauke Lampe, ok djm jakob. + 20090712 - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test, prevents configure complaining on older BSDs. diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c index 785b22569..98876673d 100644 --- a/openbsd-compat/getrrsetbyname.c +++ b/openbsd-compat/getrrsetbyname.c @@ -143,7 +143,7 @@ u_int32_t _getlong(register const u_char *); /* ************** */ -#define ANSWER_BUFFER_SIZE 1024*64 +#define ANSWER_BUFFER_SIZE 0xffff struct dns_query { char *name; -- cgit v1.2.3 From caeb16498409fb0570e665a7400ce88c9c4d17be Mon Sep 17 00:00:00 2001 From: Tim Rice Date: Wed, 29 Jul 2009 07:21:13 -0700 Subject: - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error function. Patch from Corinna Vinschen. --- ChangeLog | 4 ++++ contrib/cygwin/ssh-user-config | 6 +++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index f6067e8a0..2c4129e3e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20090729 + - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error + function. Patch from Corinna Vinschen. + 20090713 - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it fits into 16 bits to work around a bug in glibc's resolver where it masks diff --git a/contrib/cygwin/ssh-user-config b/contrib/cygwin/ssh-user-config index 303aef0bb..f1a001a93 100644 --- a/contrib/cygwin/ssh-user-config +++ b/contrib/cygwin/ssh-user-config @@ -130,14 +130,14 @@ check_user_homedir() { pwdhome=$(awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd) if [ "X${pwdhome}" = "X" ] then - csih_error_multiline \ + csih_error_multi \ "There is no home directory set for you in ${SYSCONFDIR}/passwd." \ 'Setting $HOME is not sufficient!' fi if [ ! -d "${pwdhome}" ] then - csih_error_multiline \ + csih_error_multi \ "${pwdhome} is set in ${SYSCONFDIR}/passwd as your home directory" \ 'but it is not a valid directory. Cannot create user identity files.' fi @@ -303,7 +303,7 @@ done # Check passwd file if [ ! -f ${SYSCONFDIR}/passwd ] then - csih_error_multiline \ + csih_error_multi \ "${SYSCONFDIR}/passwd is nonexistant. Please generate an ${SYSCONFDIR}/passwd file" \ 'first using mkpasswd. Check if it contains an entry for you and' \ 'please care for the home directory in your entry as well.' -- cgit v1.2.3 From 83d8f2833611c8bb3646eeae918788e946e4e190 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 17 Aug 2009 09:35:22 +1000 Subject: - (dtucker) [configure.ac] Check for headers before libraries for openssl an zlib, which should make the errors slightly more meaningful on platforms where there's separate "-devel" packages for those. --- ChangeLog | 5 +++++ configure.ac | 8 +++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2c4129e3e..fc42b5785 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20090817 + - (dtucker) [configure.ac] Check for headers before libraries for openssl an + zlib, which should make the errors slightly more meaningful on platforms + where there's separate "-devel" packages for those. + 20090729 - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error function. Patch from Corinna Vinschen. diff --git a/configure.ac b/configure.ac index f18199bf7..cd8c27c8c 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.421 2009/07/12 11:56:29 dtucker Exp $ +# $Id: configure.ac,v 1.422 2009/08/16 23:35:22 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.421 $) +AC_REVISION($Revision: 1.422 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -982,6 +982,7 @@ AC_ARG_WITH(zlib, fi ] ) +AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) AC_CHECK_LIB(z, deflate, , [ saved_CPPFLAGS="$CPPFLAGS" @@ -1002,7 +1003,6 @@ AC_CHECK_LIB(z, deflate, , ) ] ) -AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) AC_ARG_WITH(zlib-version-check, [ --without-zlib-version-check Disable zlib version check], @@ -1895,6 +1895,8 @@ AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" fi CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" + AC_CHECK_HEADER([openssl/opensslv.h], , + AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])) AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), [ AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) -- cgit v1.2.3 From b5d5ee1ab0a2df1d5c6aea7ac8dadc4e8782bdd0 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 17 Aug 2009 09:40:00 +1000 Subject: - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: make PrintLastLog work on AIX. Based in part on a patch from Miguel Sanders. --- ChangeLog | 2 ++ openbsd-compat/port-aix.c | 19 ++++++++++++++----- openbsd-compat/port-aix.h | 4 +++- sshlogin.c | 8 ++++++++ 4 files changed, 27 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index fc42b5785..61ba1ed7b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,8 @@ - (dtucker) [configure.ac] Check for headers before libraries for openssl an zlib, which should make the errors slightly more meaningful on platforms where there's separate "-devel" packages for those. + - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: make + PrintLastLog work on AIX. Based in part on a patch from Miguel Sanders. 20090729 - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c index 5b1cb7387..d9c0876f3 100644 --- a/openbsd-compat/port-aix.c +++ b/openbsd-compat/port-aix.c @@ -57,6 +57,8 @@ #include "port-aix.h" +static char *lastlogin_msg = NULL; + # ifdef HAVE_SETAUTHDB static char old_registry[REGISTRY_SIZE] = ""; # endif @@ -276,23 +278,30 @@ sys_auth_record_login(const char *user, const char *host, const char *ttynm, Buffer *loginmsg) { char *msg = NULL; - static int msg_done = 0; int success = 0; aix_setauthdb(user); if (loginsuccess((char *)user, (char *)host, (char *)ttynm, &msg) == 0) { success = 1; - if (msg != NULL && loginmsg != NULL && !msg_done) { + if (msg != NULL) { debug("AIX/loginsuccess: msg %s", msg); - buffer_append(loginmsg, msg, strlen(msg)); - xfree(msg); - msg_done = 1; + if (lastlogin_msg == NULL) + lastlogin_msg = msg; } } aix_restoreauthdb(); return (success); } +char * +sys_auth_get_lastlogin_msg(const char *user, uid_t uid) +{ + char *msg = lastlogin_msg; + + lastlogin_msg = NULL; + return msg; +} + # ifdef CUSTOM_FAILED_LOGIN /* * record_failed_login: generic "login failed" interface function diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h index ecb9feae8..967bc7235 100644 --- a/openbsd-compat/port-aix.h +++ b/openbsd-compat/port-aix.h @@ -1,4 +1,4 @@ -/* $Id: port-aix.h,v 1.29 2008/03/09 05:36:55 dtucker Exp $ */ +/* $Id: port-aix.h,v 1.30 2009/08/16 23:40:00 dtucker Exp $ */ /* * @@ -87,6 +87,8 @@ void aix_usrinfo(struct passwd *); int sys_auth_allowed_user(struct passwd *, Buffer *); # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 int sys_auth_record_login(const char *, const char *, const char *, Buffer *); +# define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG +char *sys_auth_get_lastlogin_msg(const char *, uid_t); # define CUSTOM_FAILED_LOGIN 1 #endif diff --git a/sshlogin.c b/sshlogin.c index dff47b6f7..33bd652fb 100644 --- a/sshlogin.c +++ b/sshlogin.c @@ -93,6 +93,13 @@ store_lastlog_message(const char *user, uid_t uid) if (!options.print_lastlog) return; +# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG + time_string = sys_auth_get_lastlogin_msg(user, uid); + if (time_string != NULL) { + buffer_append(&loginmsg, time_string, strlen(time_string)); + xfree(time_string); + } +# else last_login_time = get_last_login_time(uid, user, hostname, sizeof(hostname)); @@ -107,6 +114,7 @@ store_lastlog_message(const char *user, uid_t uid) time_string, hostname); buffer_append(&loginmsg, buf, strlen(buf)); } +# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */ #endif /* NO_SSH_LASTLOG */ } -- cgit v1.2.3 From 2a5588daeb27c118a3a55a203a7be14978d96bf7 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 20 Aug 2009 16:16:01 +1000 Subject: - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not using it since the type conflicts can cause problems on FreeBSD. Patch from Jonathan Chen. --- ChangeLog | 5 +++++ includes.h | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 61ba1ed7b..056240f39 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20090820 + - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not + using it since the type conflicts can cause problems on FreeBSD. Patch + from Jonathan Chen. + 20090817 - (dtucker) [configure.ac] Check for headers before libraries for openssl an zlib, which should make the errors slightly more meaningful on platforms diff --git a/includes.h b/includes.h index f1b47f666..6bb987807 100644 --- a/includes.h +++ b/includes.h @@ -31,7 +31,8 @@ #endif #if defined(HAVE_GLOB_H) && defined(GLOB_HAS_ALTDIRFUNC) && \ defined(GLOB_HAS_GL_MATCHC) && \ - defined(HAVE_DECL_GLOB_NOMATCH) && HAVE_DECL_GLOB_NOMATCH != 0 + defined(HAVE_DECL_GLOB_NOMATCH) && HAVE_DECL_GLOB_NOMATCH != 0 && \ + !defined(BROKEN_GLOB) # include #endif #ifdef HAVE_ENDIAN_H -- cgit v1.2.3 From 82edf23fffc4accf7686da08367e9fd5b5baa487 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 20 Aug 2009 16:20:50 +1000 Subject: - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: move the setpcred call on AIX to immediately before the permanently_set_uid(). Ensures that we still have privileges when we call chroot and pam_open_sesson. Based on a patch from David Leonard. --- ChangeLog | 4 ++++ openbsd-compat/port-aix.h | 7 ++++++- session.c | 9 ++++----- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index 056240f39..58cb16454 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,10 @@ - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not using it since the type conflicts can cause problems on FreeBSD. Patch from Jonathan Chen. + - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: move + the setpcred call on AIX to immediately before the permanently_set_uid(). + Ensures that we still have privileges when we call chroot and + pam_open_sesson. Based on a patch from David Leonard. 20090817 - (dtucker) [configure.ac] Check for headers before libraries for openssl an diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h index 967bc7235..3ac76ae15 100644 --- a/openbsd-compat/port-aix.h +++ b/openbsd-compat/port-aix.h @@ -1,4 +1,4 @@ -/* $Id: port-aix.h,v 1.30 2009/08/16 23:40:00 dtucker Exp $ */ +/* $Id: port-aix.h,v 1.31 2009/08/20 06:20:50 dtucker Exp $ */ /* * @@ -71,6 +71,11 @@ int passwdexpired(char *, char **); # include #endif +/* for setpcred and friends */ +#ifdef HAVE_USERSEC_H +# include +#endif + /* * According to the setauthdb man page, AIX password registries must be 15 * chars or less plus terminating NUL. diff --git a/session.c b/session.c index cdbf88ab7..f4a363543 100644 --- a/session.c +++ b/session.c @@ -1466,11 +1466,6 @@ do_setusercontext(struct passwd *pw) if (getuid() == 0 || geteuid() == 0) #endif /* HAVE_CYGWIN */ { - -#ifdef HAVE_SETPCRED - if (setpcred(pw->pw_name, (char **)NULL) == -1) - fatal("Failed to set process credentials"); -#endif /* HAVE_SETPCRED */ #ifdef HAVE_LOGIN_CAP # ifdef __bsdi__ setpgid(0, 0); @@ -1538,6 +1533,10 @@ do_setusercontext(struct passwd *pw) free(chroot_path); } +#ifdef HAVE_SETPCRED + if (setpcred(pw->pw_name, (char **)NULL) == -1) + fatal("Failed to set process credentials"); +#endif /* HAVE_SETPCRED */ #ifdef HAVE_LOGIN_CAP if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) { perror("unable to set user context (setuser)"); -- cgit v1.2.3 From 28b973ea267e790e566da7a11bd36d5c90ed5841 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 28 Aug 2009 10:16:44 +1000 Subject: - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently causes problems in some Tru64 configurations. --- ChangeLog | 4 ++++ auth-sia.c | 53 ----------------------------------------------------- 2 files changed, 4 insertions(+), 53 deletions(-) diff --git a/ChangeLog b/ChangeLog index 58cb16454..fe2f0c5ef 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20090828 + - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently + causes problems in some Tru64 configurations. + 20090820 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not using it since the type conflicts can cause problems on FreeBSD. Patch diff --git a/auth-sia.c b/auth-sia.c index debf30201..a9e1c258c 100644 --- a/auth-sia.c +++ b/auth-sia.c @@ -34,10 +34,6 @@ #include #include #include -#include -#include -#include -#include #include "ssh.h" #include "key.h" @@ -53,52 +49,6 @@ extern ServerOptions options; extern int saved_argc; extern char **saved_argv; -static int -sia_password_change_required(const char *user) -{ - struct es_passwd *acct; - time_t pw_life; - time_t pw_date; - - set_auth_parameters(saved_argc, saved_argv); - - if ((acct = getespwnam(user)) == NULL) { - error("Couldn't access protected database entry for %s", user); - endprpwent(); - return (0); - } - - /* If forced password change flag is set, honor it */ - if (acct->uflg->fg_psw_chg_reqd && acct->ufld->fd_psw_chg_reqd) { - endprpwent(); - return (1); - } - - /* Obtain password lifetime; if none, it can't have expired */ - if (acct->uflg->fg_expire) - pw_life = acct->ufld->fd_expire; - else if (acct->sflg->fg_expire) - pw_life = acct->sfld->fd_expire; - else { - endprpwent(); - return (0); - } - - /* Offset from last change; if none, it must be expired */ - if (acct->uflg->fg_schange) - pw_date = acct->ufld->fd_schange + pw_life; - else { - endprpwent(); - return (1); - } - - endprpwent(); - - /* If expiration date is prior to now, change password */ - - return (pw_date <= time((time_t *) NULL)); -} - int sys_auth_passwd(Authctxt *authctxt, const char *pass) { @@ -126,9 +76,6 @@ sys_auth_passwd(Authctxt *authctxt, const char *pass) sia_ses_release(&ent); - authctxt->force_pwchange = sia_password_change_required( - authctxt->user); - return (1); } -- cgit v1.2.3 From 9c7bf8dfc8c54129fd3c62c4a1d678a18a9ad1f7 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 28 Aug 2009 10:27:08 +1000 Subject: downgrade mention of login.conf to be an example and mention PAM as another provider for ChallengeResponseAuthentication; bz#1408; ok dtucker@ --- sshd_config.5 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/sshd_config.5 b/sshd_config.5 index 29f4d8240..588aed56e 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -176,10 +176,9 @@ then no banner is displayed. This option is only available for protocol version 2. By default, no banner is displayed. .It Cm ChallengeResponseAuthentication -Specifies whether challenge-response authentication is allowed. -All authentication styles from -.Xr login.conf 5 -are supported. +Specifies whether challenge-response authentication is allowed (e.g. via +PAM or though authentication styles supported in +.Xr login.conf 5 ) The default is .Dq yes . .It Cm ChrootDirectory -- cgit v1.2.3 From 8aac993af6423f0989e4c5fd39acaf9e20a68f0b Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 28 Aug 2009 10:40:30 +1000 Subject: - (djm) [sshd_config.5] downgrade mention of login.conf to be an example and mention PAM as another provider for ChallengeResponseAuthentication; bz#1408; ok dtucker@ --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ChangeLog b/ChangeLog index fe2f0c5ef..461f7c888 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,9 @@ 20090828 - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently causes problems in some Tru64 configurations. + - (djm) [sshd_config.5] downgrade mention of login.conf to be an example + and mention PAM as another provider for ChallengeResponseAuthentication; + bz#1408; ok dtucker@ 20090820 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not -- cgit v1.2.3 From 0e26551f7fa8371ef067dec63ff46918bf87ad8d Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 28 Aug 2009 10:43:13 +1000 Subject: - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when attempting atomic rename(); ok dtucker@ --- ChangeLog | 2 ++ sftp-server.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 461f7c888..be206a44a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,8 @@ - (djm) [sshd_config.5] downgrade mention of login.conf to be an example and mention PAM as another provider for ChallengeResponseAuthentication; bz#1408; ok dtucker@ + - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when + attempting atomic rename(); ok dtucker@ 20090820 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not diff --git a/sftp-server.c b/sftp-server.c index 83beeadcf..d984e6049 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1041,7 +1041,7 @@ process_rename(void) else if (S_ISREG(sb.st_mode)) { /* Race-free rename of regular files */ if (link(oldpath, newpath) == -1) { - if (errno == EOPNOTSUPP + if (errno == EOPNOTSUPP || errno == ENOSYS #ifdef EXDEV || errno == EXDEV #endif -- cgit v1.2.3 From 7d4a2685f78440f09d25bf3fc7236a5f99af208a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 28 Aug 2009 10:47:38 +1000 Subject: - (djm) [Makefile.in] bz#1505: Solaris make(1) doesn't accept make variables in argv, so pass them in the environment; ok dtucker@ --- ChangeLog | 2 ++ Makefile.in | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index be206a44a..90da28c17 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,8 @@ bz#1408; ok dtucker@ - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when attempting atomic rename(); ok dtucker@ + - (djm) [Makefile.in] bz#1505: Solaris make(1) doesn't accept make variables + in argv, so pass them in the environment; ok dtucker@ 20090820 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not diff --git a/Makefile.in b/Makefile.in index 75eb06d6f..c5ecd5b39 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.299 2009/06/21 08:53:53 dtucker Exp $ +# $Id: Makefile.in,v 1.300 2009/08/28 00:47:38 djm Exp $ # uncomment if you run a non bourne compatable shell. Ie. csh #SHELL = @SH@ @@ -242,7 +242,7 @@ check-config: -$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config scard-install: - (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install) + (cd scard && env DESTDIR=$(DESTDIR) $(MAKE) DESTDIR=$(DESTDIR) install) install-files: scard-install $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) -- cgit v1.2.3 From 3980b636312516ee823e84e884dadbc86e6795d3 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 28 Aug 2009 11:02:37 +1000 Subject: - (dtucker) [channels.c configure.ac] Bug #1528: skip the tcgetattr call on the pty master on Solaris, since it never succeeds and can hang if large amounts of data is sent to the slave (eg a copy-paste). Based on a patch originally from Doke Scott, ok djm@ --- ChangeLog | 4 ++++ channels.c | 2 ++ configure.ac | 5 +++-- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 90da28c17..e24f73274 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,10 @@ attempting atomic rename(); ok dtucker@ - (djm) [Makefile.in] bz#1505: Solaris make(1) doesn't accept make variables in argv, so pass them in the environment; ok dtucker@ + - (dtucker) [channels.c configure.ac] Bug #1528: skip the tcgetattr call on + the pty master on Solaris, since it never succeeds and can hang if large + amounts of data is sent to the slave (eg a copy-paste). Based on a patch + originally from Doke Scott, ok djm@ 20090820 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not diff --git a/channels.c b/channels.c index efb04d655..e8b8aa07e 100644 --- a/channels.c +++ b/channels.c @@ -1653,6 +1653,7 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset) } return -1; } +#ifndef BROKEN_TCGETATTR_ICANON if (compat20 && c->isatty && dlen >= 1 && buf[0] != '\r') { if (tcgetattr(c->wfd, &tio) == 0 && !(tio.c_lflag & ECHO) && (tio.c_lflag & ICANON)) { @@ -1666,6 +1667,7 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset) packet_send(); } } +#endif buffer_consume(&c->output, len); if (compat20 && len > 0) { c->local_consumed += len; diff --git a/configure.ac b/configure.ac index cd8c27c8c..5f5a08a0a 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.422 2009/08/16 23:35:22 dtucker Exp $ +# $Id: configure.ac,v 1.423 2009/08/28 01:02:37 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.422 $) +AC_REVISION($Revision: 1.423 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -671,6 +671,7 @@ mips-sony-bsd|mips-sony-newsos4) after setsid()]) AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd in case the name is longer than 8 chars]) + AC_DEFINE(BROKEN_TCGETATTR_ICANON, tcgetattr with ICANON may hang) external_path_file=/etc/default/login # hardwire lastlog location (can't detect it on some versions) conf_lastlog_location="/var/adm/lastlog" -- cgit v1.2.3 From 86e30a0166f9c9e65983d2c4066873c4181d08c8 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 28 Aug 2009 11:21:06 +1000 Subject: - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer size a compile-time option and set it to 64k on Cygwin, since Corinna reports that it makes a significant difference to performance. ok djm@ --- ChangeLog | 3 +++ clientloop.c | 4 ++-- configure.ac | 5 +++-- defines.h | 6 +++++- 4 files changed, 13 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index e24f73274..89bfa66a1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,6 +12,9 @@ the pty master on Solaris, since it never succeeds and can hang if large amounts of data is sent to the slave (eg a copy-paste). Based on a patch originally from Doke Scott, ok djm@ + - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer + size a compile-time option and set it to 64k on Cygwin, since Corinna + reports that it makes a significant difference to performance. ok djm@ 20090820 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not diff --git a/clientloop.c b/clientloop.c index b8352f6bf..9a7dc0ab0 100644 --- a/clientloop.c +++ b/clientloop.c @@ -636,7 +636,7 @@ static void client_process_net_input(fd_set *readset) { int len, cont = 0; - char buf[8192]; + char buf[SSH_IOBUFSZ]; /* * Read input from the server, and add any such data to the buffer of @@ -1129,7 +1129,7 @@ static void client_process_input(fd_set *readset) { int len; - char buf[8192]; + char buf[SSH_IOBUFSZ]; /* Read input from stdin. */ if (FD_ISSET(fileno(stdin), readset)) { diff --git a/configure.ac b/configure.ac index 5f5a08a0a..ef0b0fc97 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.423 2009/08/28 01:02:37 dtucker Exp $ +# $Id: configure.ac,v 1.424 2009/08/28 01:21:07 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.423 $) +AC_REVISION($Revision: 1.424 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -446,6 +446,7 @@ int main(void) { exit(0); } AC_DEFINE(DISABLE_FD_PASSING, 1, [Define if your platform needs to skip post auth file descriptor passing]) + AC_DEFINE(SSH_IOBUFSZ, 65536, [Windows is sensitive to read buffer size]) ;; *-*-dgux*) AC_DEFINE(IP_TOS_IS_BROKEN, 1, diff --git a/defines.h b/defines.h index 2ccded266..2ddfd96d0 100644 --- a/defines.h +++ b/defines.h @@ -25,7 +25,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.155 2009/06/16 06:11:02 dtucker Exp $ */ +/* $Id: defines.h,v 1.156 2009/08/28 01:21:07 dtucker Exp $ */ /* Constants */ @@ -749,4 +749,8 @@ struct winsize { #define INET6_ADDRSTRLEN 46 #endif +#ifndef SSH_IOBUFSZ +# define SSH_IOBUFSZ 8192 +#endif + #endif /* _DEFINES_H */ -- cgit v1.2.3 From ac9f1b9b89b17c2fbe9361ecd849a1b7df2aa1ee Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 28 Aug 2009 15:01:20 +1000 Subject: - (dtucker) [configure.ac] Fix the syntax of the Solaris tcgetattr entry. --- ChangeLog | 1 + configure.ac | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 89bfa66a1..525ea8831 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,6 +15,7 @@ - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer size a compile-time option and set it to 64k on Cygwin, since Corinna reports that it makes a significant difference to performance. ok djm@ + - (dtucker) [configure.ac] Fix the syntax of the Solaris tcgetattr entry. 20090820 - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not diff --git a/configure.ac b/configure.ac index ef0b0fc97..00aefac23 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.424 2009/08/28 01:21:07 dtucker Exp $ +# $Id: configure.ac,v 1.425 2009/08/28 05:01:20 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.424 $) +AC_REVISION($Revision: 1.425 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -672,7 +672,7 @@ mips-sony-bsd|mips-sony-newsos4) after setsid()]) AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd in case the name is longer than 8 chars]) - AC_DEFINE(BROKEN_TCGETATTR_ICANON, tcgetattr with ICANON may hang) + AC_DEFINE(BROKEN_TCGETATTR_ICANON, 1, [tcgetattr with ICANON may hang]) external_path_file=/etc/default/login # hardwire lastlog location (can't detect it on some versions) conf_lastlog_location="/var/adm/lastlog" -- cgit v1.2.3 From 427adf1538d3e6e3c2ec059c52fa116942bf334a Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 29 Aug 2009 09:14:48 +1000 Subject: - (dtucker) [README.platform] Add text about development packages, based on text from Chris Pepper in bug #1631. --- ChangeLog | 4 ++++ README.platform | 14 +++++++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 525ea8831..4b0f964a5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20090829 + - (dtucker) [README.platform] Add text about development packages, based on + text from Chris Pepper in bug #1631. + 20090828 - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently causes problems in some Tru64 configurations. diff --git a/README.platform b/README.platform index 3d7db1494..d1982321e 100644 --- a/README.platform +++ b/README.platform @@ -56,6 +56,18 @@ using a third party driver. More information is available at: http://www-user.rhrk.uni-kl.de/~nissler/tuntap/ +Linux +----- + +Some Linux distributions (including Red Hat/Fedora/CentOS) include +headers and library links in the -devel RPMs rather than the main +binary RPMs. If you get an error about headers, or complaining about a +missing prerequisite then you may need to install the equivalent +development packages. On Redhat based distros these may be openssl-devel, +zlib-devel and pam-devel, on Debian based distros these may be +libssl-dev, libz-dev and libpam-dev. + + Solaris ------- If you enable BSM auditing on Solaris, you need to update audit_event(4) @@ -81,4 +93,4 @@ account stacks which will prevent authentication entirely, but will still return the output from pam_nologin to the client. -$Id: README.platform,v 1.9 2007/08/09 04:31:53 dtucker Exp $ +$Id: README.platform,v 1.10 2009/08/28 23:14:48 dtucker Exp $ -- cgit v1.2.3 From dad48e7a96385f8a1bdadd9196e00cefa2a9b702 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 1 Sep 2009 18:26:00 +1000 Subject: - (dtucker) [configure.ac] Bug #1639: use AC_PATH_PROG to search the path for krb5-config if it's not in the location specified by --with-kerberos5. Patch from jchadima at redhat. --- ChangeLog | 5 +++++ configure.ac | 13 ++++++------- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4b0f964a5..b692efad7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20090901 + - (dtucker) [configure.ac] Bug #1639: use AC_PATH_PROG to search the path for + krb5-config if it's not in the location specified by --with-kerberos5. + Patch from jchadima at redhat. + 20090829 - (dtucker) [README.platform] Add text about development packages, based on text from Chris Pepper in bug #1631. diff --git a/configure.ac b/configure.ac index 00aefac23..a0b781ee4 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.425 2009/08/28 05:01:20 dtucker Exp $ +# $Id: configure.ac,v 1.426 2009/09/01 08:26:00 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.425 $) +AC_REVISION($Revision: 1.426 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -3404,10 +3404,10 @@ AC_ARG_WITH(kerberos5, AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support]) KRB5_MSG="yes" - AC_MSG_CHECKING(for krb5-config) - if test -x $KRB5ROOT/bin/krb5-config ; then - KRB5CONF=$KRB5ROOT/bin/krb5-config - AC_MSG_RESULT($KRB5CONF) + AC_PATH_PROG([KRB5CONF],[krb5-config], + [$KRB5ROOT/bin/krb5-config], + [$KRB5ROOT/bin:$PATH]) + if test -x $KRB5CONF ; then AC_MSG_CHECKING(for gssapi support) if $KRB5CONF | grep gssapi >/dev/null ; then @@ -3433,7 +3433,6 @@ AC_ARG_WITH(kerberos5, AC_MSG_RESULT(no) ) else - AC_MSG_RESULT(no) CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" AC_MSG_CHECKING(whether we are using Heimdal) -- cgit v1.2.3 From e5d5a17fe16b5bb22259cb84ef13cd47e60d77d7 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 9 Sep 2009 11:07:28 +1000 Subject: - (djm) [serverloop.c] Fix test for server-assigned remote forwarding port (-R 0:...); bz#1578, spotted and fix by gavin AT emf.net; ok dtucker@ --- ChangeLog | 4 ++++ serverloop.c | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index b692efad7..dcb471b53 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20090908 + - (djm) [serverloop.c] Fix test for server-assigned remote forwarding port + (-R 0:...); bz#1578, spotted and fix by gavin AT emf.net; ok dtucker@ + 20090901 - (dtucker) [configure.ac] Bug #1639: use AC_PATH_PROG to search the path for krb5-config if it's not in the location specified by --with-kerberos5. diff --git a/serverloop.c b/serverloop.c index d8cb54bc7..8be01c5c3 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1124,7 +1124,8 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) no_port_forwarding_flag || (!want_reply && listen_port == 0) #ifndef NO_IPPORT_RESERVED_CONCEPT - || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0) + || (listen_port != 0 && listen_port < IPPORT_RESERVED && + pw->pw_uid != 0) #endif ) { success = 0; -- cgit v1.2.3 From e02b49a80643e8e22566c72bf39b76e89acdf312 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 11 Sep 2009 14:56:08 +1000 Subject: - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X 10.6 (which doesn't have BIND8_COMPAT and thus uses res_9_query). Patch from jbasney at ncsa uiuc edu. --- ChangeLog | 5 +++++ configure.ac | 27 ++++++++++++++++++++++----- 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index dcb471b53..83664dc3d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +20090911 + - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X + 10.6 (which doesn't have BIND8_COMPAT and thus uses res_9_query). Patch + from jbasney at ncsa uiuc edu. + 20090908 - (djm) [serverloop.c] Fix test for server-assigned remote forwarding port (-R 0:...); bz#1578, spotted and fix by gavin AT emf.net; ok dtucker@ diff --git a/configure.ac b/configure.ac index a0b781ee4..ea9f1bb56 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.426 2009/09/01 08:26:00 dtucker Exp $ +# $Id: configure.ac,v 1.427 2009/09/11 04:56:08 dtucker Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) -AC_REVISION($Revision: 1.426 $) +AC_REVISION($Revision: 1.427 $) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -3324,12 +3324,30 @@ AC_SEARCH_LIBS(getrrsetbyname, resolv, AC_SEARCH_LIBS(res_query, resolv) AC_SEARCH_LIBS(dn_expand, resolv) AC_MSG_CHECKING(if res_query will link) - AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), + AC_LINK_IFELSE([ +#include "confdefs.h" +#include +#include +#include +#include +#include +int main() +{ + res_query (0, 0, 0, 0, 0); + return 0; +} + ], + AC_MSG_RESULT(yes), [AC_MSG_RESULT(no) saved_LIBS="$LIBS" LIBS="$LIBS -lresolv" AC_MSG_CHECKING(for res_query in -lresolv) AC_LINK_IFELSE([ +#include "confdefs.h" +#include +#include +#include +#include #include int main() { @@ -3337,8 +3355,7 @@ int main() return 0; } ], - [LIBS="$LIBS -lresolv" - AC_MSG_RESULT(yes)], + [AC_MSG_RESULT(yes)], [LIBS="$saved_LIBS" AC_MSG_RESULT(no)]) ]) -- cgit v1.2.3 From bc7b306b29b982258785568f8147fb346d413a4b Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 26 Sep 2009 14:09:33 +1000 Subject: - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] [contrib/suse/openssh.spec] Update for release --- ChangeLog | 4 ++++ contrib/caldera/openssh.spec | 6 +++--- contrib/redhat/openssh.spec | 2 +- contrib/suse/openssh.spec | 2 +- 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 83664dc3d..6fa45d093 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20090926 + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update for release + 20090911 - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X 10.6 (which doesn't have BIND8_COMPAT and thus uses res_9_query). Patch diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec index 42dbcfeeb..37e1b9411 100644 --- a/contrib/caldera/openssh.spec +++ b/contrib/caldera/openssh.spec @@ -17,11 +17,11 @@ #old cvs stuff. please update before use. may be deprecated. %define use_stable 1 %if %{use_stable} - %define version 5.2p1 + %define version 5.3p1 %define cvs %{nil} %define release 1 %else - %define version 5.2p1 + %define version 5.3p1 %define cvs cvs20050315 %define release 0r1 %endif @@ -358,4 +358,4 @@ fi * Mon Jan 01 1998 ... Template Version: 1.31 -$Id: openssh.spec,v 1.66 2009/02/21 07:03:05 djm Exp $ +$Id: openssh.spec,v 1.66.4.1 2009/09/26 04:09:35 djm Exp $ diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 10bdc1989..680906cf3 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%define ver 5.2p1 +%define ver 5.3p1 %define rel 1 # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 62f43e137..12661eeae 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 5.2p1 +Version: 5.3p1 URL: http://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz -- cgit v1.2.3 From 6e0d6d64b2100fbe0ea7bb0010fe51b2224d74ee Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 26 Sep 2009 14:11:47 +1000 Subject: - (djm) [README] update relnotes URL --- ChangeLog | 1 + README | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6fa45d093..ec354c5fd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,7 @@ 20090926 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] [contrib/suse/openssh.spec] Update for release + - (djm) [README] update relnotes URL 20090911 - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X diff --git a/README b/README index 9de00c093..8538e8c9b 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-5.2 for the release notes. +See http://www.openssh.com/txt/release-5.3 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.70 2009/02/23 00:11:57 djm Exp $ +$Id: README,v 1.70.4.1 2009/09/26 04:11:47 djm Exp $ -- cgit v1.2.3 From 78e5bf0ab3e8d7f8aabf547880160cc39ae59574 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 26 Sep 2009 14:53:59 +1000 Subject: - (djm) [packet.c] Restore EWOULDBLOCK handling that got lost somewhere --- ChangeLog | 1 + packet.c | 9 ++++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index ec354c5fd..3d4a57479 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] [contrib/suse/openssh.spec] Update for release - (djm) [README] update relnotes URL + - (djm) [packet.c] Restore EWOULDBLOCK handling that got lost somewhere 20090911 - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X diff --git a/packet.c b/packet.c index 600e015fb..994e35b6d 100644 --- a/packet.c +++ b/packet.c @@ -1070,7 +1070,8 @@ packet_read_seqnr(u_int32_t *seqnr_p) if ((ret = select(active_state->connection_in + 1, setp, NULL, NULL, timeoutp)) >= 0) break; - if (errno != EAGAIN && errno != EINTR) + if (errno != EAGAIN && errno != EINTR && + errno != EWOULDBLOCK) break; if (active_state->packet_timeout_ms == -1) continue; @@ -1643,7 +1644,8 @@ packet_write_poll(void) len = roaming_write(active_state->connection_out, buffer_ptr(&active_state->output), len, &cont); if (len == -1) { - if (errno == EINTR || errno == EAGAIN) + if (errno == EINTR || errno == EAGAIN || + errno == EWOULDBLOCK) return; fatal("Write failed: %.100s", strerror(errno)); } @@ -1685,7 +1687,8 @@ packet_write_wait(void) if ((ret = select(active_state->connection_out + 1, NULL, setp, NULL, timeoutp)) >= 0) break; - if (errno != EAGAIN && errno != EINTR) + if (errno != EAGAIN && errno != EINTR && + errno != EWOULDBLOCK) break; if (active_state->packet_timeout_ms == -1) continue; -- cgit v1.2.3 From 7fe2877662d34ef04c67884cfcffce60a6444f18 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 26 Sep 2009 16:26:50 +1000 Subject: - (djm) Release 5.3p1 --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index 3d4a57479..b2df66023 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,7 @@ [contrib/suse/openssh.spec] Update for release - (djm) [README] update relnotes URL - (djm) [packet.c] Restore EWOULDBLOCK handling that got lost somewhere + - (djm) Release 5.3p1 20090911 - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X -- cgit v1.2.3