From 1f8311c836a20ce4923e2142d206f8d8073d0ca4 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 13 May 2004 16:39:33 +1000 Subject: - deraadt@cvs.openbsd.org 2004/05/11 19:01:43 [auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c] improve some code lint did not like; djm millert ok --- channels.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'channels.c') diff --git a/channels.c b/channels.c index e663c2159..55dc67342 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.200 2004/01/19 09:24:21 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.201 2004/05/11 19:01:43 deraadt Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1031,7 +1031,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset) buffer_get(&c->input, (char *)&dest_port, 2); dest_addr[addrlen] = '\0'; if (s5_req.atyp == SSH_SOCKS5_DOMAIN) - strlcpy(c->path, dest_addr, sizeof(c->path)); + strlcpy(c->path, (char *)dest_addr, sizeof(c->path)); else if (inet_ntop(af, dest_addr, c->path, sizeof(c->path)) == NULL) return -1; c->host_port = ntohs(dest_port); -- cgit v1.2.3 From e7066dfde3d4ac36038050b6027a742356f7b1f1 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 24 May 2004 10:18:05 +1000 Subject: - djm@cvs.openbsd.org 2004/05/21 11:33:11 [channels.c channels.h clientloop.c serverloop.c ssh.1] bz #756: add support for the cancel-tcpip-forward request for the server and the client (through the ~C commandline). reported by z3p AT twistedmatrix.com; ok markus@ --- ChangeLog | 7 ++++- channels.c | 67 +++++++++++++++++++++++++++++++++++++++++++++--- channels.h | 4 ++- clientloop.c | 84 ++++++++++++++++++++++++++++++++++++++++++------------------ serverloop.c | 13 +++++++++- ssh.1 | 13 +++++++--- 6 files changed, 153 insertions(+), 35 deletions(-) (limited to 'channels.c') diff --git a/ChangeLog b/ChangeLog index 91c9ce5ec..0e8f4a556 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,11 @@ - markus@cvs.openbsd.org 2004/05/21 08:43:03 [kex.h moduli.c tildexpand.c] add prototypes for -Wall; ok djm + - djm@cvs.openbsd.org 2004/05/21 11:33:11 + [channels.c channels.h clientloop.c serverloop.c ssh.1] + bz #756: add support for the cancel-tcpip-forward request for the server and + the client (through the ~C commandline). reported by z3p AT twistedmatrix.com; + ok markus@ 20040523 - (djm) [sshd_config] Explain consequences of UsePAM=yes a little better in @@ -1139,4 +1144,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3361 2004/05/24 00:14:24 dtucker Exp $ +$Id: ChangeLog,v 1.3362 2004/05/24 00:18:05 dtucker Exp $ diff --git a/channels.c b/channels.c index 55dc67342..2b1ce0e5c 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.201 2004/05/11 19:01:43 deraadt Exp $"); +RCSID("$OpenBSD: channels.c,v 1.202 2004/05/21 11:33:11 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -2228,6 +2228,26 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por return success; } +int +channel_cancel_rport_listener(const char *host, u_short port) +{ + int i, found = 0; + + for(i = 0; i < channels_alloc; i++) { + Channel *c = channels[i]; + + if (c != NULL && c->type == SSH_CHANNEL_RPORT_LISTENER && + strncmp(c->path, host, sizeof(c->path)) == 0 && + c->listening_port == port) { + debug2("%s: close clannel %d", __func__, i); + channel_free(c); + found = 1; + } + } + + return (found); +} + /* protocol local port fwd, used by ssh (and sshd in v1) */ int channel_setup_local_fwd_listener(u_short listen_port, @@ -2304,6 +2324,42 @@ channel_request_remote_forwarding(u_short listen_port, } } +/* + * Request cancellation of remote forwarding of connection host:port from + * local side. + */ + +void +channel_request_rforward_cancel(u_short port) +{ + int i; + const char *address_to_bind = "0.0.0.0"; + + if (!compat20) + return; + + for (i = 0; i < num_permitted_opens; i++) { + if (permitted_opens[i].host_to_connect != NULL && + permitted_opens[i].listen_port == port) + break; + } + if (i >= num_permitted_opens) { + debug("%s: requested forward not found", __func__); + return; + } + packet_start(SSH2_MSG_GLOBAL_REQUEST); + packet_put_cstring("cancel-tcpip-forward"); + packet_put_char(0); + packet_put_cstring(address_to_bind); + packet_put_int(port); + packet_send(); + + permitted_opens[i].listen_port = 0; + permitted_opens[i].port_to_connect = 0; + free(permitted_opens[i].host_to_connect); + permitted_opens[i].host_to_connect = NULL; +} + /* * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates * listening for the port, and sends back a success reply (or disconnect @@ -2373,7 +2429,8 @@ channel_clear_permitted_opens(void) int i; for (i = 0; i < num_permitted_opens; i++) - xfree(permitted_opens[i].host_to_connect); + if (permitted_opens[i].host_to_connect != NULL) + xfree(permitted_opens[i].host_to_connect); num_permitted_opens = 0; } @@ -2441,7 +2498,8 @@ channel_connect_by_listen_address(u_short listen_port) int i; for (i = 0; i < num_permitted_opens; i++) - if (permitted_opens[i].listen_port == listen_port) + if (permitted_opens[i].host_to_connect != NULL && + permitted_opens[i].listen_port == listen_port) return connect_to( permitted_opens[i].host_to_connect, permitted_opens[i].port_to_connect); @@ -2459,7 +2517,8 @@ channel_connect_to(const char *host, u_short port) permit = all_opens_permitted; if (!permit) { for (i = 0; i < num_permitted_opens; i++) - if (permitted_opens[i].port_to_connect == port && + if (permitted_opens[i].host_to_connect != NULL && + permitted_opens[i].port_to_connect == port && strcmp(permitted_opens[i].host_to_connect, host) == 0) permit = 1; diff --git a/channels.h b/channels.h index 7d981479b..0a49c55ea 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.71 2003/09/23 20:41:11 markus Exp $ */ +/* $OpenBSD: channels.h,v 1.72 2004/05/21 11:33:11 djm Exp $ */ /* * Author: Tatu Ylonen @@ -200,8 +200,10 @@ void channel_input_port_forward_request(int, int); int channel_connect_to(const char *, u_short); int channel_connect_by_listen_address(u_short); void channel_request_remote_forwarding(u_short, const char *, u_short); +void channel_request_rforward_cancel(u_short port); int channel_setup_local_fwd_listener(u_short, const char *, u_short, int); int channel_setup_remote_fwd_listener(const char *, u_short, int); +int channel_cancel_rport_listener(const char *, u_short); /* x11 forwarding */ diff --git a/clientloop.c b/clientloop.c index 9cbc1b0ce..ce627e8b8 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.120 2004/05/20 10:58:05 dtucker Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.121 2004/05/21 11:33:11 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -506,6 +506,7 @@ process_cmdline(void) char *s, *cmd; u_short fwd_port, fwd_host_port; char buf[1024], sfwd_port[6], sfwd_host_port[6]; + int delete = 0; int local = 0; leave_raw_mode(); @@ -515,44 +516,77 @@ process_cmdline(void) goto out; while (*s && isspace(*s)) s++; + if (*s == '-') + s++; /* Skip cmdline '-', if any */ if (*s == '\0') goto out; - if (strlen(s) < 2 || s[0] != '-' || !(s[1] == 'L' || s[1] == 'R')) { + + if (*s == '?') { + logit("Commands:"); + logit(" -Lport:host:hostport Request local forward"); + logit(" -Rport:host:hostport Request remote forward"); + logit(" -KRhostport Cancel remote forward"); + goto out; + } + + if (*s == 'K') { + delete = 1; + s++; + } + if (*s != 'L' && *s != 'R') { logit("Invalid command."); goto out; } - if (s[1] == 'L') + if (*s == 'L') local = 1; - if (!local && !compat20) { + if (local && delete) { + logit("Not supported."); + goto out; + } + if ((!local || delete) && !compat20) { logit("Not supported for SSH protocol version 1."); goto out; } - s += 2; + + s++; while (*s && isspace(*s)) s++; - if (sscanf(s, "%5[0-9]:%255[^:]:%5[0-9]", - sfwd_port, buf, sfwd_host_port) != 3 && - sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]", - sfwd_port, buf, sfwd_host_port) != 3) { - logit("Bad forwarding specification."); - goto out; - } - if ((fwd_port = a2port(sfwd_port)) == 0 || - (fwd_host_port = a2port(sfwd_host_port)) == 0) { - logit("Bad forwarding port(s)."); - goto out; - } - if (local) { - if (channel_setup_local_fwd_listener(fwd_port, buf, - fwd_host_port, options.gateway_ports) < 0) { - logit("Port forwarding failed."); + if (delete) { + if (sscanf(s, "%5[0-9]", sfwd_host_port) != 1) { + logit("Bad forwarding specification."); + goto out; + } + if ((fwd_host_port = a2port(sfwd_host_port)) == 0) { + logit("Bad forwarding port(s)."); + goto out; + } + channel_request_rforward_cancel(fwd_host_port); + } else { + if (sscanf(s, "%5[0-9]:%255[^:]:%5[0-9]", + sfwd_port, buf, sfwd_host_port) != 3 && + sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]", + sfwd_port, buf, sfwd_host_port) != 3) { + logit("Bad forwarding specification."); goto out; } - } else - channel_request_remote_forwarding(fwd_port, buf, - fwd_host_port); - logit("Forwarding port."); + if ((fwd_port = a2port(sfwd_port)) == 0 || + (fwd_host_port = a2port(sfwd_host_port)) == 0) { + logit("Bad forwarding port(s)."); + goto out; + } + if (local) { + if (channel_setup_local_fwd_listener(fwd_port, buf, + fwd_host_port, options.gateway_ports) < 0) { + logit("Port forwarding failed."); + goto out; + } + } else + channel_request_remote_forwarding(fwd_port, buf, + fwd_host_port); + logit("Forwarding port."); + } + out: signal(SIGINT, handler); enter_raw_mode(); diff --git a/serverloop.c b/serverloop.c index a777a048d..8d2642d5b 100644 --- a/serverloop.c +++ b/serverloop.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.115 2004/01/19 21:25:15 markus Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.116 2004/05/21 11:33:11 djm Exp $"); #include "xmalloc.h" #include "packet.h" @@ -991,6 +991,17 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) listen_address, listen_port, options.gateway_ports); } xfree(listen_address); + } else if (strcmp(rtype, "cancel-tcpip-forward") == 0) { + char *cancel_address; + u_short cancel_port; + + cancel_address = packet_get_string(NULL); + cancel_port = (u_short)packet_get_int(); + debug("%s: cancel-tcpip-forward addr %s port %d", __func__, + cancel_address, cancel_port); + + success = channel_cancel_rport_listener(cancel_address, + cancel_port); } if (want_reply) { packet_start(success ? diff --git a/ssh.1 b/ssh.1 index b7b126440..7da143b19 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.185 2004/05/02 11:57:52 dtucker Exp $ +.\" $OpenBSD: ssh.1,v 1.186 2004/05/21 11:33:11 djm Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -302,11 +302,18 @@ Display a list of escape characters. Send a BREAK to the remote system (only useful for SSH protocol version 2 and if the peer supports it). .It Cm ~C -Open command line (only useful for adding port forwardings using the +Open command line. +Currently this allows the addition of port forwardings using the .Fl L and .Fl R -options). +options (see below). +It also allows the cancellation of existing remote port-forwardings +using +.Fl KR Ar hostport . +Basic help is available, using the +.Fl ? +option. .It Cm ~R Request rekeying of the connection (only useful for SSH protocol version 2 and if the peer supports it). -- cgit v1.2.3 From 3e4dffb140d3eb6eafddf2318baa8e4c33d4531e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 15 Jun 2004 10:27:15 +1000 Subject: - markus@cvs.openbsd.org 2004/05/26 23:02:39 [channels.c] missing freeaddrinfo; Andrey Matveev --- ChangeLog | 5 ++++- channels.c | 3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'channels.c') diff --git a/ChangeLog b/ChangeLog index c58f63cd3..7a92e6541 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,9 @@ - djm@cvs.openbsd.org 2004/05/26 08:59:57 [sftp.c] exit -> _exit in forked child on error; from andrushock AT korovino.net + - markus@cvs.openbsd.org 2004/05/26 23:02:39 + [channels.c] + missing freeaddrinfo; Andrey Matveev 20040603 - (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions. @@ -1187,4 +1190,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3375 2004/06/15 00:24:13 djm Exp $ +$Id: ChangeLog,v 1.3376 2004/06/15 00:27:15 djm Exp $ diff --git a/channels.c b/channels.c index 2b1ce0e5c..437befa34 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.202 2004/05/21 11:33:11 djm Exp $"); +RCSID("$OpenBSD: channels.c,v 1.203 2004/05/26 23:02:39 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -2570,6 +2570,7 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost, if (sock < 0) { if ((errno != EINVAL) && (errno != EAFNOSUPPORT)) { error("socket: %.100s", strerror(errno)); + freeaddrinfo(aitop); return -1; } else { debug("x11_create_display_inet: Socket family %d not supported", -- cgit v1.2.3 From 0e220dbfbcc9fe252e8f1f4890dbfa415aad35db Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 15 Jun 2004 10:34:08 +1000 Subject: - djm@cvs.openbsd.org 2004/06/13 15:03:02 [channels.c channels.h clientloop.c clientloop.h includes.h readconf.c] [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5] implement session multiplexing in the client (the server has supported this since 2.0); ok markus@ --- ChangeLog | 7 +- channels.c | 76 +++++++++++-- channels.h | 7 +- clientloop.c | 327 ++++++++++++++++++++++++++++++++++++++++++++++++++---- clientloop.h | 4 +- defines.h | 5 +- includes.h | 3 +- readconf.c | 18 ++- readconf.h | 5 +- scp.1 | 4 +- sftp.1 | 4 +- ssh-rand-helper.c | 6 +- ssh.1 | 26 ++++- ssh.c | 276 ++++++++++++++++++++++++++++++--------------- ssh_config.5 | 24 +++- 15 files changed, 650 insertions(+), 142 deletions(-) (limited to 'channels.c') diff --git a/ChangeLog b/ChangeLog index 3edf2d19b..36aeb85bb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -24,6 +24,11 @@ [ssh.1 ssh_config.5 sshd_config.5] List supported ciphers in man pages, tidy up ssh -c; "looks fine" jmc@, ok markus@ + - djm@cvs.openbsd.org 2004/06/13 15:03:02 + [channels.c channels.h clientloop.c clientloop.h includes.h readconf.c] + [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5] + implement session multiplexing in the client (the server has supported + this since 2.0); ok markus@ 20040603 - (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions. @@ -1208,4 +1213,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3381 2004/06/15 00:30:39 djm Exp $ +$Id: ChangeLog,v 1.3382 2004/06/15 00:34:08 djm Exp $ diff --git a/channels.c b/channels.c index 437befa34..1fb1092c8 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.203 2004/05/26 23:02:39 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.204 2004/06/13 15:03:02 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -172,6 +172,7 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd, c->rfd = rfd; c->wfd = wfd; c->sock = (rfd == wfd) ? rfd : -1; + c->ctl_fd = -1; /* XXX: set elsewhere */ c->efd = efd; c->extended_usage = extusage; @@ -263,6 +264,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, c->single_connection = 0; c->detach_user = NULL; c->confirm = NULL; + c->confirm_ctx = NULL; c->input_filter = NULL; debug("channel %d: new [%s]", found, remote_name); return c; @@ -304,10 +306,11 @@ channel_close_fd(int *fdp) static void channel_close_fds(Channel *c) { - debug3("channel %d: close_fds r %d w %d e %d", - c->self, c->rfd, c->wfd, c->efd); + debug3("channel %d: close_fds r %d w %d e %d c %d", + c->self, c->rfd, c->wfd, c->efd, c->ctl_fd); channel_close_fd(&c->sock); + channel_close_fd(&c->ctl_fd); channel_close_fd(&c->rfd); channel_close_fd(&c->wfd); channel_close_fd(&c->efd); @@ -333,6 +336,8 @@ channel_free(Channel *c) if (c->sock != -1) shutdown(c->sock, SHUT_RDWR); + if (c->ctl_fd != -1) + shutdown(c->ctl_fd, SHUT_RDWR); channel_close_fds(c); buffer_free(&c->input); buffer_free(&c->output); @@ -550,12 +555,13 @@ channel_open_message(void) case SSH_CHANNEL_X11_OPEN: case SSH_CHANNEL_INPUT_DRAINING: case SSH_CHANNEL_OUTPUT_DRAINING: - snprintf(buf, sizeof buf, " #%d %.300s (t%d r%d i%d/%d o%d/%d fd %d/%d)\r\n", + snprintf(buf, sizeof buf, + " #%d %.300s (t%d r%d i%d/%d o%d/%d fd %d/%d cfd %d)\r\n", c->self, c->remote_name, c->type, c->remote_id, c->istate, buffer_len(&c->input), c->ostate, buffer_len(&c->output), - c->rfd, c->wfd); + c->rfd, c->wfd, c->ctl_fd); buffer_append(&buffer, buf, strlen(buf)); continue; default: @@ -596,14 +602,14 @@ channel_request_start(int id, char *service, int wantconfirm) logit("channel_request_start: %d: unknown channel id", id); return; } - debug2("channel %d: request %s", id, service) ; + debug2("channel %d: request %s confirm %d", id, service, wantconfirm); packet_start(SSH2_MSG_CHANNEL_REQUEST); packet_put_int(c->remote_id); packet_put_cstring(service); packet_put_char(wantconfirm); } void -channel_register_confirm(int id, channel_callback_fn *fn) +channel_register_confirm(int id, channel_callback_fn *fn, void *ctx) { Channel *c = channel_lookup(id); @@ -612,6 +618,7 @@ channel_register_confirm(int id, channel_callback_fn *fn) return; } c->confirm = fn; + c->confirm_ctx = ctx; } void channel_register_cleanup(int id, channel_callback_fn *fn) @@ -729,6 +736,10 @@ channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset) buffer_len(&c->extended) < c->remote_window) FD_SET(c->efd, readset); } + /* XXX: What about efd? races? */ + if (compat20 && c->ctl_fd != -1 && + c->istate == CHAN_INPUT_OPEN && c->ostate == CHAN_OUTPUT_OPEN) + FD_SET(c->ctl_fd, readset); } static void @@ -1482,6 +1493,33 @@ channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset) return 1; } static int +channel_handle_ctl(Channel *c, fd_set * readset, fd_set * writeset) +{ + char buf[16]; + int len; + + /* Monitor control fd to detect if the slave client exits */ + if (c->ctl_fd != -1 && FD_ISSET(c->ctl_fd, readset)) { + len = read(c->ctl_fd, buf, sizeof(buf)); + if (len < 0 && (errno == EINTR || errno == EAGAIN)) + return 1; + if (len <= 0) { + debug2("channel %d: ctl read<=0", c->self); + if (c->type != SSH_CHANNEL_OPEN) { + debug2("channel %d: not open", c->self); + chan_mark_dead(c); + return -1; + } else { + chan_read_failed(c); + chan_write_failed(c); + } + return -1; + } else + fatal("%s: unexpected data on ctl fd", __func__); + } + return 1; +} +static int channel_check_window(Channel *c) { if (c->type == SSH_CHANNEL_OPEN && @@ -1511,6 +1549,7 @@ channel_post_open(Channel *c, fd_set * readset, fd_set * writeset) if (!compat20) return; channel_handle_efd(c, readset, writeset); + channel_handle_ctl(c, readset, writeset); channel_check_window(c); } @@ -2011,7 +2050,7 @@ channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt) c->remote_maxpacket = packet_get_int(); if (c->confirm) { debug2("callback start"); - c->confirm(c->self, NULL); + c->confirm(c->self, c->confirm_ctx); debug2("callback done"); } debug2("channel %d: open confirm rwindow %u rmax %u", c->self, @@ -2531,6 +2570,27 @@ channel_connect_to(const char *host, u_short port) return connect_to(host, port); } +void +channel_send_window_changes(void) +{ + int i; + struct winsize ws; + + for (i = 0; i < channels_alloc; i++) { + if (channels[i] == NULL || + channels[i]->type != SSH_CHANNEL_OPEN) + continue; + if (ioctl(channels[i]->rfd, TIOCGWINSZ, &ws) < 0) + continue; + channel_request_start(i, "window-change", 0); + packet_put_int(ws.ws_col); + packet_put_int(ws.ws_row); + packet_put_int(ws.ws_xpixel); + packet_put_int(ws.ws_ypixel); + packet_send(); + } +} + /* -- X11 forwarding */ /* diff --git a/channels.h b/channels.h index 0a49c55ea..41f3cedd3 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.72 2004/05/21 11:33:11 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.73 2004/06/13 15:03:02 djm Exp $ */ /* * Author: Tatu Ylonen @@ -76,6 +76,7 @@ struct Channel { int wfd; /* write fd */ int efd; /* extended fd */ int sock; /* sock fd */ + int ctl_fd; /* control fd (client sharing) */ int isatty; /* rfd is a tty */ int wfd_isatty; /* wfd is a tty */ int force_drain; /* force close on iEOF */ @@ -105,6 +106,7 @@ struct Channel { /* callback */ channel_callback_fn *confirm; channel_callback_fn *detach_user; + void *confirm_ctx; /* filter */ channel_filter_fn *input_filter; @@ -161,10 +163,11 @@ void channel_stop_listening(void); void channel_send_open(int); void channel_request_start(int, char *, int); void channel_register_cleanup(int, channel_callback_fn *); -void channel_register_confirm(int, channel_callback_fn *); +void channel_register_confirm(int, channel_callback_fn *, void *); void channel_register_filter(int, channel_filter_fn *); void channel_cancel_cleanup(int); int channel_close_fd(int *); +void channel_send_window_changes(void); /* protocol handler */ diff --git a/clientloop.c b/clientloop.c index 31e604180..6401588a9 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.122 2004/05/22 06:32:12 djm Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.123 2004/06/13 15:03:02 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -81,6 +81,9 @@ RCSID("$OpenBSD: clientloop.c,v 1.122 2004/05/22 06:32:12 djm Exp $"); #include "atomicio.h" #include "sshpty.h" #include "misc.h" +#include "monitor_fdpass.h" +#include "match.h" +#include "msg.h" /* import options */ extern Options options; @@ -91,6 +94,9 @@ extern int stdin_null_flag; /* Flag indicating that no shell has been requested */ extern int no_shell_flag; +/* Control socket */ +extern int control_fd; + /* * Name of the host we are connecting to. This is the name given on the * command line, or the HostName specified for the user-supplied name in a @@ -131,9 +137,19 @@ static int server_alive_timeouts = 0; static void client_init_dispatch(void); int session_ident = -1; +struct confirm_ctx { + int want_tty; + int want_subsys; + Buffer cmd; + char *term; + struct termios tio; +}; + /*XXX*/ extern Kex *xxx_kex; +void ssh_process_session2_setup(int, int, int, Buffer *); + /* Restores stdin to blocking mode. */ static void @@ -291,19 +307,13 @@ client_check_window_change(void) /** XXX race */ received_window_change_signal = 0; - if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0) - return; - debug2("client_check_window_change: changed"); if (compat20) { - channel_request_start(session_ident, "window-change", 0); - packet_put_int(ws.ws_col); - packet_put_int(ws.ws_row); - packet_put_int(ws.ws_xpixel); - packet_put_int(ws.ws_ypixel); - packet_send(); + channel_send_window_changes(); } else { + if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0) + return; packet_start(SSH_CMSG_WINDOW_SIZE); packet_put_int(ws.ws_row); packet_put_int(ws.ws_col); @@ -335,7 +345,6 @@ server_alive_check(void) * Waits until the client can do something (some data becomes available on * one of the file descriptors). */ - static void client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, int *nallocp, int rekeying) @@ -381,6 +390,9 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, if (packet_have_data_to_write()) FD_SET(connection_out, *writesetp); + if (control_fd != -1) + FD_SET(control_fd, *readsetp); + /* * Wait for something to happen. This will suspend the process until * some selected descriptor can be read, written, or has some other @@ -499,6 +511,176 @@ client_process_net_input(fd_set * readset) } } +static void +client_subsystem_reply(int type, u_int32_t seq, void *ctxt) +{ + int id; + Channel *c; + + id = packet_get_int(); + packet_check_eom(); + + if ((c = channel_lookup(id)) == NULL) { + error("%s: no channel for id %d", __func__, id); + return; + } + + if (type == SSH2_MSG_CHANNEL_SUCCESS) + debug2("Request suceeded on channel %d", id); + else if (type == SSH2_MSG_CHANNEL_FAILURE) { + error("Request failed on channel %d", id); + channel_free(c); + } +} + +static void +client_extra_session2_setup(int id, void *arg) +{ + struct confirm_ctx *cctx = arg; + Channel *c; + + if (cctx == NULL) + fatal("%s: cctx == NULL", __func__); + if ((c = channel_lookup(id)) == NULL) + fatal("%s: no channel for id %d", __func__, id); + + client_session2_setup(id, cctx->want_tty, cctx->want_subsys, + cctx->term, &cctx->tio, c->rfd, &cctx->cmd, + client_subsystem_reply); + + c->confirm_ctx = NULL; + buffer_free(&cctx->cmd); + free(cctx->term); + free(cctx); +} + +static void +client_process_control(fd_set * readset) +{ + Buffer m; + Channel *c; + int client_fd, new_fd[3], ver; + socklen_t addrlen; + struct sockaddr_storage addr; + struct confirm_ctx *cctx; + char *cmd; + u_int len; + uid_t euid; + gid_t egid; + + /* + * Accept connection on control socket + */ + if (control_fd == -1 || !FD_ISSET(control_fd, readset)) + return; + + memset(&addr, 0, sizeof(addr)); + addrlen = sizeof(addr); + if ((client_fd = accept(control_fd, + (struct sockaddr*)&addr, &addrlen)) == -1) { + error("%s accept: %s", __func__, strerror(errno)); + return; + } + + if (getpeereid(client_fd, &euid, &egid) < 0) { + error("%s getpeereid failed: %s", __func__, strerror(errno)); + close(client_fd); + return; + } + if ((euid != 0) && (getuid() != euid)) { + error("control mode uid mismatch: peer euid %u != uid %u", + (u_int) euid, (u_int) getuid()); + close(client_fd); + return; + } + /* XXX: implement use of ssh-askpass to confirm additional channels */ + + unset_nonblock(client_fd); + + buffer_init(&m); + + buffer_put_int(&m, getpid()); + if (ssh_msg_send(client_fd, /* version */0, &m) == -1) { + error("%s: client msg_send failed", __func__); + close(client_fd); + return; + } + buffer_clear(&m); + + if (ssh_msg_recv(client_fd, &m) == -1) { + error("%s: client msg_recv failed", __func__); + close(client_fd); + return; + } + + if ((ver = buffer_get_char(&m)) != 0) { + error("%s: wrong client version %d", __func__, ver); + buffer_free(&m); + close(client_fd); + return; + } + + cctx = xmalloc(sizeof(*cctx)); + memset(cctx, 0, sizeof(*cctx)); + + cctx->want_tty = buffer_get_int(&m); + cctx->want_subsys = buffer_get_int(&m); + cctx->term = buffer_get_string(&m, &len); + + cmd = buffer_get_string(&m, &len); + buffer_init(&cctx->cmd); + buffer_append(&cctx->cmd, cmd, strlen(cmd)); + + debug2("%s: accepted tty %d, subsys %d, cmd %s", __func__, + cctx->want_tty, cctx->want_subsys, cmd); + + /* Gather fds from client */ + new_fd[0] = mm_receive_fd(client_fd); + new_fd[1] = mm_receive_fd(client_fd); + new_fd[2] = mm_receive_fd(client_fd); + + debug2("%s: got fds stdin %d, stdout %d, stderr %d", __func__, + new_fd[0], new_fd[1], new_fd[2]); + + /* Try to pick up ttymodes from client before it goes raw */ + if (cctx->want_tty && tcgetattr(new_fd[0], &cctx->tio) == -1) + error("%s: tcgetattr: %s", __func__, strerror(errno)); + + buffer_clear(&m); + if (ssh_msg_send(client_fd, /* version */0, &m) == -1) { + error("%s: client msg_send failed", __func__); + close(client_fd); + close(new_fd[0]); + close(new_fd[1]); + close(new_fd[2]); + return; + } + buffer_free(&m); + + /* enable nonblocking unless tty */ + if (!isatty(new_fd[0])) + set_nonblock(new_fd[0]); + if (!isatty(new_fd[1])) + set_nonblock(new_fd[1]); + if (!isatty(new_fd[2])) + set_nonblock(new_fd[2]); + + set_nonblock(client_fd); + + c = channel_new("session", SSH_CHANNEL_OPENING, + new_fd[0], new_fd[1], new_fd[2], + CHAN_SES_WINDOW_DEFAULT, CHAN_SES_PACKET_DEFAULT, + CHAN_EXTENDED_WRITE, "client-session", /*nonblock*/0); + + /* XXX */ + c->ctl_fd = client_fd; + + debug3("%s: channel_new: %d", __func__, c->self); + + channel_send_open(c->self); + channel_register_confirm(c->self, client_extra_session2_setup, cctx); +} + static void process_cmdline(void) { @@ -901,9 +1083,6 @@ simple_escape_filter(Channel *c, char *buf, int len) static void client_channel_closed(int id, void *arg) { - if (id != session_ident) - error("client_channel_closed: id %d != session_ident %d", - id, session_ident); channel_cancel_cleanup(id); session_closed = 1; leave_raw_mode(); @@ -937,6 +1116,8 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) connection_in = packet_get_connection_in(); connection_out = packet_get_connection_out(); max_fd = MAX(connection_in, connection_out); + if (control_fd != -1) + max_fd = MAX(max_fd, control_fd); if (!compat20) { /* enable nonblocking unless tty */ @@ -1054,6 +1235,9 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) /* Buffer input from the connection. */ client_process_net_input(readset); + /* Accept control connections. */ + client_process_control(readset); + if (quit_pending) break; @@ -1385,7 +1569,7 @@ static void client_input_channel_req(int type, u_int32_t seq, void *ctxt) { Channel *c = NULL; - int id, reply, success = 0; + int exitval, id, reply, success = 0; char *rtype; id = packet_get_int(); @@ -1395,18 +1579,21 @@ client_input_channel_req(int type, u_int32_t seq, void *ctxt) debug("client_input_channel_req: channel %d rtype %s reply %d", id, rtype, reply); - if (session_ident == -1) { - error("client_input_channel_req: no channel %d", session_ident); - } else if (id != session_ident) { - error("client_input_channel_req: channel %d: wrong channel: %d", - session_ident, id); - } c = channel_lookup(id); if (c == NULL) { error("client_input_channel_req: channel %d: unknown channel", id); } else if (strcmp(rtype, "exit-status") == 0) { - success = 1; - exit_status = packet_get_int(); + exitval = packet_get_int(); + if (id == session_ident) { + success = 1; + exit_status = exitval; + } else if (c->ctl_fd == -1) { + error("client_input_channel_req: unexpected channel %d", + session_ident); + } else { + atomicio(vwrite, c->ctl_fd, &exitval, sizeof(exitval)); + success = 1; + } packet_check_eom(); } if (reply) { @@ -1437,6 +1624,98 @@ client_input_global_request(int type, u_int32_t seq, void *ctxt) xfree(rtype); } +void +client_session2_setup(int id, int want_tty, int want_subsystem, + const char *term, struct termios *tiop, int in_fd, Buffer *cmd, + dispatch_fn *subsys_repl) +{ + int len; + + debug2("%s: id %d", __func__, id); + + if (want_tty) { + struct winsize ws; + struct termios tio; + + /* Store window size in the packet. */ + if (ioctl(in_fd, TIOCGWINSZ, &ws) < 0) + memset(&ws, 0, sizeof(ws)); + + channel_request_start(id, "pty-req", 0); + packet_put_cstring(term != NULL ? term : ""); + packet_put_int(ws.ws_col); + packet_put_int(ws.ws_row); + packet_put_int(ws.ws_xpixel); + packet_put_int(ws.ws_ypixel); + tio = get_saved_tio(); + tty_make_modes(-1, tiop != NULL ? tiop : &tio); + packet_send(); + /* XXX wait for reply */ + } + + /* Transfer any environment variables from client to server */ + if (options.num_send_env != 0) { + int i, j, matched; + extern char **environ; + char *name, *val; + + debug("Sending environment."); + for (i = 0; environ && environ[i] != NULL; i++) { + /* Split */ + name = xstrdup(environ[i]); + if ((val = strchr(name, '=')) == NULL) { + free(name); + continue; + } + *val++ = '\0'; + + matched = 0; + for (j = 0; j < options.num_send_env; j++) { + if (match_pattern(name, options.send_env[j])) { + matched = 1; + break; + } + } + if (!matched) { + debug3("Ignored env %s", name); + free(name); + continue; + } + + debug("Sending env %s = %s", name, val); + channel_request_start(id, "env", 0); + packet_put_cstring(name); + packet_put_cstring(val); + packet_send(); + free(name); + } + } + + len = buffer_len(cmd); + if (len > 0) { + if (len > 900) + len = 900; + if (want_subsystem) { + debug("Sending subsystem: %.*s", len, (u_char*)buffer_ptr(cmd)); + channel_request_start(id, "subsystem", subsys_repl != NULL); + if (subsys_repl != NULL) { + /* register callback for reply */ + /* XXX we assume that client_loop has already been called */ + dispatch_set(SSH2_MSG_CHANNEL_FAILURE, subsys_repl); + dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, subsys_repl); + } + } else { + debug("Sending command: %.*s", len, (u_char*)buffer_ptr(cmd)); + channel_request_start(id, "exec", 0); + } + packet_put_string(buffer_ptr(cmd), buffer_len(cmd)); + packet_send(); + } else { + channel_request_start(id, "shell", 0); + packet_send(); + } +} + static void client_init_dispatch_20(void) { @@ -1503,5 +1782,7 @@ cleanup_exit(int i) { leave_raw_mode(); leave_non_blocking(); + if (options.control_path != NULL && control_fd != -1) + unlink(options.control_path); _exit(i); } diff --git a/clientloop.h b/clientloop.h index 56af06bc1..f1e13ac3a 100644 --- a/clientloop.h +++ b/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.8 2003/12/16 15:49:51 markus Exp $ */ +/* $OpenBSD: clientloop.h,v 1.9 2004/06/13 15:03:02 djm Exp $ */ /* * Author: Tatu Ylonen @@ -38,3 +38,5 @@ /* Client side main loop for the interactive session. */ int client_loop(int, int, int); void client_global_request_reply_fwd(int, u_int32_t, void *); +void client_session2_setup(int, int, int, const char *, struct termios *, + int, Buffer *, dispatch_fn *); diff --git a/defines.h b/defines.h index 9b72afecb..73a45fe44 100644 --- a/defines.h +++ b/defines.h @@ -25,7 +25,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.115 2004/04/14 07:24:30 dtucker Exp $ */ +/* $Id: defines.h,v 1.116 2004/06/15 00:34:08 djm Exp $ */ /* Constants */ @@ -462,6 +462,9 @@ struct winsize { (struct cmsghdr *)NULL) #endif /* CMSG_FIRSTHDR */ +#ifndef offsetof +# define offsetof(type, member) ((size_t) &((type *)0)->member) +#endif /* Function replacement / compatibility hacks */ diff --git a/includes.h b/includes.h index ca943c7e6..99b70502c 100644 --- a/includes.h +++ b/includes.h @@ -1,4 +1,4 @@ -/* $OpenBSD: includes.h,v 1.17 2002/01/26 16:44:22 stevesk Exp $ */ +/* $OpenBSD: includes.h,v 1.18 2004/06/13 15:03:02 djm Exp $ */ /* * Author: Tatu Ylonen @@ -33,6 +33,7 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } #include #include #include +#include #ifdef HAVE_LIMITS_H # include /* For PATH_MAX */ diff --git a/readconf.c b/readconf.c index 5aa371ed9..2b1d7cc46 100644 --- a/readconf.c +++ b/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.131 2004/05/27 00:50:13 dtucker Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.132 2004/06/13 15:03:02 djm Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -106,7 +106,7 @@ typedef enum { oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, - oSendEnv, + oSendEnv, oControlPath, oControlMaster, oDeprecated, oUnsupported } OpCodes; @@ -195,6 +195,8 @@ static struct { { "serveraliveinterval", oServerAliveInterval }, { "serveralivecountmax", oServerAliveCountMax }, { "sendenv", oSendEnv }, + { "controlpath", oControlPath }, + { "controlmaster", oControlMaster }, { NULL, oBadOption } }; @@ -764,6 +766,14 @@ parse_int: } break; + case oControlPath: + charptr = &options->control_path; + goto parse_string; + + case oControlMaster: + intptr = &options->control_master; + goto parse_flag; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -905,6 +915,8 @@ initialize_options(Options * options) options->server_alive_interval = -1; options->server_alive_count_max = -1; options->num_send_env = 0; + options->control_path = NULL; + options->control_master = -1; } /* @@ -1025,6 +1037,8 @@ fill_default_options(Options * options) options->server_alive_interval = 0; if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; + if (options->control_master == -1) + options->control_master = 0; /* options->proxy_command should not be set by default */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ diff --git a/readconf.h b/readconf.h index 668055943..5e504bece 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.62 2004/04/27 09:46:37 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.63 2004/06/13 15:03:02 djm Exp $ */ /* * Author: Tatu Ylonen @@ -108,6 +108,9 @@ typedef struct { int num_send_env; char *send_env[MAX_SEND_ENV]; + + char *control_path; + int control_master; } Options; diff --git a/scp.1 b/scp.1 index 202ebaadb..f346b2ae9 100644 --- a/scp.1 +++ b/scp.1 @@ -9,7 +9,7 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.35 2004/05/04 18:36:07 jmc Exp $ +.\" $OpenBSD: scp.1,v 1.36 2004/06/13 15:03:02 djm Exp $ .\" .Dd September 25, 1999 .Dt SCP 1 @@ -128,6 +128,8 @@ For full details of the options listed below, and their possible values, see .It CompressionLevel .It ConnectionAttempts .It ConnectTimeout +.It ControlMaster +.It ControlPath .It GlobalKnownHostsFile .It GSSAPIAuthentication .It GSSAPIDelegateCredentials diff --git a/sftp.1 b/sftp.1 index 795a0342f..7f0ef1121 100644 --- a/sftp.1 +++ b/sftp.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp.1,v 1.54 2004/05/02 23:02:17 dtucker Exp $ +.\" $OpenBSD: sftp.1,v 1.55 2004/06/13 15:03:02 djm Exp $ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. .\" @@ -154,6 +154,8 @@ For full details of the options listed below, and their possible values, see .It CompressionLevel .It ConnectionAttempts .It ConnectTimeout +.It ControlMaster +.It ControlPath .It GlobalKnownHostsFile .It GSSAPIAuthentication .It GSSAPIDelegateCredentials diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c index 8a320a71e..471e7295b 100644 --- a/ssh-rand-helper.c +++ b/ssh-rand-helper.c @@ -39,7 +39,7 @@ #include "pathnames.h" #include "log.h" -RCSID("$Id: ssh-rand-helper.c,v 1.16 2003/11/21 12:56:47 djm Exp $"); +RCSID("$Id: ssh-rand-helper.c,v 1.17 2004/06/15 00:34:08 djm Exp $"); /* Number of bytes we write out */ #define OUTPUT_SEED_SIZE 48 @@ -69,10 +69,6 @@ extern char *__progname; char *__progname; #endif -#ifndef offsetof -# define offsetof(type, member) ((size_t) &((type *)0)->member) -#endif - #define WHITESPACE " \t\n" #ifndef RUSAGE_SELF diff --git a/ssh.1 b/ssh.1 index 6cef0851d..b70102be5 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.189 2004/06/13 14:01:42 dtucker Exp $ +.\" $OpenBSD: ssh.1,v 1.190 2004/06/13 15:03:02 djm Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -43,7 +43,7 @@ .Nd OpenSSH SSH client (remote login program) .Sh SYNOPSIS .Nm ssh -.Op Fl 1246AaCfgkNnqsTtVvXxY +.Op Fl 1246AaCfgkMNnqSsTtVvXxY .Op Fl b Ar bind_address .Op Fl c Ar cipher_spec .Op Fl D Ar port @@ -605,6 +605,17 @@ be specified in order of preference. See the .Cm MACs keyword for more information. +.It Fl M +Places the +.Nm +client into +.Dq master +mode for connection sharing. +Refer to the description of +.Cm ControlMaster +in +.Xr ssh_config 5 +for details. .It Fl N Do not execute a remote command. This is useful for just forwarding ports @@ -649,6 +660,8 @@ For full details of the options listed below, and their possible values, see .It CompressionLevel .It ConnectionAttempts .It ConnectTimeout +.It ControlMaster +.It ControlPath .It DynamicForward .It EscapeChar .It ForwardAgent @@ -724,6 +737,15 @@ IPv6 addresses can be specified with an alternative syntax: .Ar hostport . .Xc .Sm on +.It Fl S +Places the +.Nm +client into slave mode for connection sharing. +Refer to the description of +.Cm ControlMaster +in +.Xr ssh_config 5 +for details. .It Fl s May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which facilitate the use diff --git a/ssh.c b/ssh.c index 3c21fa37d..1c6ec8b6a 100644 --- a/ssh.c +++ b/ssh.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.213 2004/05/08 00:01:37 deraadt Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.214 2004/06/13 15:03:02 djm Exp $"); #include #include @@ -53,21 +53,24 @@ RCSID("$OpenBSD: ssh.c,v 1.213 2004/05/08 00:01:37 deraadt Exp $"); #include "xmalloc.h" #include "packet.h" #include "buffer.h" +#include "bufaux.h" #include "channels.h" #include "key.h" #include "authfd.h" #include "authfile.h" #include "pathnames.h" +#include "dispatch.h" #include "clientloop.h" #include "log.h" #include "readconf.h" #include "sshconnect.h" -#include "dispatch.h" #include "misc.h" #include "kex.h" #include "mac.h" #include "sshpty.h" #include "match.h" +#include "msg.h" +#include "monitor_fdpass.h" #ifdef SMARTCARD #include "scard.h" @@ -141,6 +144,13 @@ static int client_global_request_id = 0; /* pid of proxycommand child process */ pid_t proxy_command_pid = 0; +/* fd to control socket */ +int control_fd = -1; + +/* Only used in control client mode */ +volatile sig_atomic_t control_client_terminate = 0; +u_int control_server_pid = 0; + /* Prints a help message to the user. This function never returns. */ static void @@ -158,6 +168,7 @@ usage(void) static int ssh_session(void); static int ssh_session2(void); static void load_public_identity_files(void); +static void control_client(const char *path); /* * Main program for the ssh client. @@ -228,7 +239,7 @@ main(int ac, char **av) again: while ((opt = getopt(ac, av, - "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVXY")) != -1) { + "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNPR:S:TVXY")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -364,6 +375,9 @@ again: exit(1); } break; + case 'M': + options.control_master = 1; + break; case 'p': options.port = a2port(optarg); if (options.port == 0) { @@ -432,6 +446,13 @@ again: case 's': subsystem_flag = 1; break; + case 'S': + if (options.control_path != NULL) + free(options.control_path); + options.control_path = xstrdup(optarg); + if (options.control_master == -1) + options.control_master = 0; + break; case 'b': options.bind_address = optarg; break; @@ -566,6 +587,13 @@ again: strcmp(options.proxy_command, "none") == 0) options.proxy_command = NULL; + if (options.control_path != NULL) { + options.control_path = tilde_expand_filename( + options.control_path, original_real_uid); + } + if (options.control_path != NULL && options.control_master == 0) + control_client(options.control_path); /* This doesn't return */ + /* Open a connection to the remote host. */ if (ssh_connect(host, &hostaddr, options.port, options.address_family, options.connection_attempts, @@ -678,6 +706,9 @@ again: exit_status = compat20 ? ssh_session2() : ssh_session(); packet_close(); + if (options.control_path != NULL && control_fd != -1) + unlink(options.control_path); + /* * Send SIGHUP to proxy command if used. We don't wait() in * case it hangs and instead rely on init to reap the child @@ -974,7 +1005,7 @@ ssh_session(void) } static void -client_subsystem_reply(int type, u_int32_t seq, void *ctxt) +ssh_subsystem_reply(int type, u_int32_t seq, void *ctxt) { int id, len; @@ -1006,40 +1037,50 @@ client_global_request_reply_fwd(int type, u_int32_t seq, void *ctxt) options.remote_forwards[i].port); } -/* request pty/x11/agent/tcpfwd/shell for channel */ static void -ssh_session2_setup(int id, void *arg) +ssh_control_listener(void) { - int len; - int interactive = 0; - struct termios tio; + struct sockaddr_un addr; + mode_t old_umask; + + if (options.control_path == NULL || options.control_master != 1) + return; - debug2("ssh_session2_setup: id %d", id); + memset(&addr, '\0', sizeof(addr)); + addr.sun_family = AF_UNIX; + addr.sun_len = offsetof(struct sockaddr_un, sun_path) + + strlen(options.control_path) + 1; - if (tty_flag) { - struct winsize ws; - char *cp; - cp = getenv("TERM"); - if (!cp) - cp = ""; - /* Store window size in the packet. */ - if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0) - memset(&ws, 0, sizeof(ws)); + if (strlcpy(addr.sun_path, options.control_path, + sizeof(addr.sun_path)) >= sizeof(addr.sun_path)) + fatal("ControlPath too long"); - channel_request_start(id, "pty-req", 0); - packet_put_cstring(cp); - packet_put_int(ws.ws_col); - packet_put_int(ws.ws_row); - packet_put_int(ws.ws_xpixel); - packet_put_int(ws.ws_ypixel); - tio = get_saved_tio(); - tty_make_modes(/*ignored*/ 0, &tio); - packet_send(); - interactive = 1; - /* XXX wait for reply */ + if ((control_fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) + fatal("%s socket(): %s\n", __func__, strerror(errno)); + + old_umask = umask(0177); + if (bind(control_fd, (struct sockaddr*)&addr, addr.sun_len) == -1) { + control_fd = -1; + if (errno == EINVAL) + fatal("ControlSocket %s already exists", + options.control_path); + else + fatal("%s bind(): %s\n", __func__, strerror(errno)); } - if (options.forward_x11 && - getenv("DISPLAY") != NULL) { + umask(old_umask); + + if (listen(control_fd, 64) == -1) + fatal("%s listen(): %s\n", __func__, strerror(errno)); + + set_nonblock(control_fd); +} + +/* request pty/x11/agent/tcpfwd/shell for channel */ +static void +ssh_session2_setup(int id, void *arg) +{ + int interactive = tty_flag; + if (options.forward_x11 && getenv("DISPLAY") != NULL) { char *proto, *data; /* Get reasonable local authentication information. */ x11_get_proto(&proto, &data); @@ -1057,65 +1098,8 @@ ssh_session2_setup(int id, void *arg) packet_send(); } - /* Transfer any environment variables from client to server */ - if (options.num_send_env != 0) { - int i, j, matched; - extern char **environ; - char *name, *val; - - debug("Sending environment."); - for (i = 0; environ && environ[i] != NULL; i++) { - /* Split */ - name = xstrdup(environ[i]); - if ((val = strchr(name, '=')) == NULL) { - free(name); - continue; - } - *val++ = '\0'; - - matched = 0; - for (j = 0; j < options.num_send_env; j++) { - if (match_pattern(name, options.send_env[j])) { - matched = 1; - break; - } - } - if (!matched) { - debug3("Ignored env %s", name); - free(name); - continue; - } - - debug("Sending env %s = %s", name, val); - channel_request_start(id, "env", 0); - packet_put_cstring(name); - packet_put_cstring(val); - packet_send(); - free(name); - } - } - - len = buffer_len(&command); - if (len > 0) { - if (len > 900) - len = 900; - if (subsystem_flag) { - debug("Sending subsystem: %.*s", len, (u_char *)buffer_ptr(&command)); - channel_request_start(id, "subsystem", /*want reply*/ 1); - /* register callback for reply */ - /* XXX we assume that client_loop has already been called */ - dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &client_subsystem_reply); - dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, &client_subsystem_reply); - } else { - debug("Sending command: %.*s", len, (u_char *)buffer_ptr(&command)); - channel_request_start(id, "exec", 0); - } - packet_put_string(buffer_ptr(&command), buffer_len(&command)); - packet_send(); - } else { - channel_request_start(id, "shell", 0); - packet_send(); - } + client_session2_setup(id, tty_flag, subsystem_flag, getenv("TERM"), + NULL, fileno(stdin), &command, &ssh_subsystem_reply); packet_set_interactive(interactive); } @@ -1161,7 +1145,7 @@ ssh_session2_open(void) channel_send_open(c->self); if (!no_shell_flag) - channel_register_confirm(c->self, ssh_session2_setup); + channel_register_confirm(c->self, ssh_session2_setup, NULL); return c->self; } @@ -1173,6 +1157,7 @@ ssh_session2(void) /* XXX should be pre-session */ ssh_init_forwarding(); + ssh_control_listener(); if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN)) id = ssh_session2_open(); @@ -1226,3 +1211,110 @@ load_public_identity_files(void) options.identity_keys[i] = public; } } + +static void +control_client_sighandler(int signo) +{ + control_client_terminate = signo; +} + +static void +control_client_sigrelay(int signo) +{ + if (control_server_pid > 1) + kill(control_server_pid, signo); +} + +static void +control_client(const char *path) +{ + struct sockaddr_un addr; + int r, sock, exitval; + Buffer m; + char *cp; + + memset(&addr, '\0', sizeof(addr)); + addr.sun_family = AF_UNIX; + addr.sun_len = offsetof(struct sockaddr_un, sun_path) + + strlen(path) + 1; + + if (strlcpy(addr.sun_path, path, + sizeof(addr.sun_path)) >= sizeof(addr.sun_path)) + fatal("ControlPath too long"); + + if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) + fatal("%s socket(): %s", __func__, strerror(errno)); + + if (connect(sock, (struct sockaddr*)&addr, addr.sun_len) == -1) + fatal("Couldn't connect to %s: %s", path, strerror(errno)); + + if ((cp = getenv("TERM")) == NULL) + cp = ""; + + signal(SIGINT, control_client_sighandler); + signal(SIGTERM, control_client_sighandler); + signal(SIGWINCH, control_client_sigrelay); + + buffer_init(&m); + + /* Get PID of controlee */ + if (ssh_msg_recv(sock, &m) == -1) + fatal("%s: msg_recv", __func__); + if (buffer_get_char(&m) != 0) + fatal("%s: wrong version", __func__); + control_server_pid = buffer_get_int(&m); + + /* XXX: env passing */ + + buffer_clear(&m); + buffer_put_int(&m, tty_flag); + buffer_put_int(&m, subsystem_flag); + buffer_put_cstring(&m, cp); + + buffer_append(&command, "\0", 1); + buffer_put_cstring(&m, buffer_ptr(&command)); + + if (ssh_msg_send(sock, /* version */0, &m) == -1) + fatal("%s: msg_send", __func__); + + mm_send_fd(sock, STDIN_FILENO); + mm_send_fd(sock, STDOUT_FILENO); + mm_send_fd(sock, STDERR_FILENO); + + /* Wait for reply, so master has a chance to gather ttymodes */ + buffer_clear(&m); + if (ssh_msg_recv(sock, &m) == -1) + fatal("%s: msg_recv", __func__); + if (buffer_get_char(&m) != 0) + fatal("%s: master returned error", __func__); + buffer_free(&m); + + if (tty_flag) + enter_raw_mode(); + + /* Stick around until the controlee closes the client_fd */ + exitval = 0; + for (;!control_client_terminate;) { + r = read(sock, &exitval, sizeof(exitval)); + if (r == 0) { + debug2("Received EOF from master"); + break; + } + if (r > 0) + debug2("Received exit status from master %d", exitval); + if (r == -1 && errno != EINTR) + fatal("%s: read %s", __func__, strerror(errno)); + } + + if (control_client_terminate) + debug2("Exiting on signal %d", control_client_terminate); + + close(sock); + + leave_raw_mode(); + + if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) + fprintf(stderr, "Connection to master closed.\r\n"); + + exit(exitval); +} diff --git a/ssh_config.5 b/ssh_config.5 index 46d3012c8..bab11d313 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.35 2004/06/13 14:01:42 dtucker Exp $ +.\" $OpenBSD: ssh_config.5,v 1.36 2004/06/13 15:03:02 djm Exp $ .Dd September 25, 1999 .Dt SSH_CONFIG 5 .Os @@ -256,6 +256,28 @@ will act as a SOCKS server. Multiple forwardings may be specified, and additional forwardings can be given on the command line. Only the superuser can forward privileged ports. +.It Cm ControlMaster +Enables the sharing of multiple sessions over a single network connection. +When set to +.Dq yes +.Nm ssh +will listen for connections on a control socket specified using the +.Cm ControlPath +argument. +Additional sessions can connect to this socket using the same +.Cm ControlPath +with +.Cm ControlMaster +set to +.Dq no +(the default.) +These sessions will reuse the master instance's network connection rather +than initiating new ones. +.It Cm ControlPath +Specify a the path to the control socket used for connection sharing. +See +.Cm ControlMaster +above. .It Cm EnableSSHKeysign Setting this option to .Dq yes -- cgit v1.2.3 From 232711f6dbc107711b3957bfa2fd798aec702241 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 15 Jun 2004 10:35:30 +1000 Subject: - djm@cvs.openbsd.org 2004/06/14 01:44:39 [channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c] [sshd.c] set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@ --- ChangeLog | 6 +++++- channels.c | 6 +++--- clientloop.c | 4 ++-- misc.c | 34 ++++++++++++++++++++-------------- misc.h | 6 +++--- packet.c | 11 ++++------- ssh-agent.c | 5 ++--- ssh-keyscan.c | 6 +++--- sshd.c | 8 +++----- 9 files changed, 45 insertions(+), 41 deletions(-) (limited to 'channels.c') diff --git a/ChangeLog b/ChangeLog index 36aeb85bb..d1d45db79 100644 --- a/ChangeLog +++ b/ChangeLog @@ -29,6 +29,10 @@ [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5] implement session multiplexing in the client (the server has supported this since 2.0); ok markus@ + - djm@cvs.openbsd.org 2004/06/14 01:44:39 + [channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c] + [sshd.c] + set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@ 20040603 - (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions. @@ -1213,4 +1217,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3382 2004/06/15 00:34:08 djm Exp $ +$Id: ChangeLog,v 1.3383 2004/06/15 00:35:30 djm Exp $ diff --git a/channels.c b/channels.c index 1fb1092c8..97c1fd31b 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.204 2004/06/13 15:03:02 djm Exp $"); +RCSID("$OpenBSD: channels.c,v 1.205 2004/06/14 01:44:38 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -2509,8 +2509,8 @@ connect_to(const char *host, u_short port) verbose("socket: %.100s", strerror(errno)); continue; } - if (fcntl(sock, F_SETFL, O_NONBLOCK) < 0) - fatal("connect_to: F_SETFL: %s", strerror(errno)); + if (set_nonblock(sock) == -1) + fatal("%s: set_nonblock(%d)", __func__, sock); if (connect(sock, ai->ai_addr, ai->ai_addrlen) < 0 && errno != EINPROGRESS) { error("connect_to %.100s port %s: %.100s", ntop, strport, diff --git a/clientloop.c b/clientloop.c index 6401588a9..eada56033 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.123 2004/06/13 15:03:02 djm Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.124 2004/06/14 01:44:38 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -167,7 +167,7 @@ static void enter_non_blocking(void) { in_non_blocking_mode = 1; - (void) fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); + set_nonblock(fileno(stdin)); } /* diff --git a/misc.c b/misc.c index 1f320353e..1c43bc007 100644 --- a/misc.c +++ b/misc.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.23 2003/10/28 09:08:06 markus Exp $"); +RCSID("$OpenBSD: misc.c,v 1.24 2004/06/14 01:44:39 djm Exp $"); #include "misc.h" #include "log.h" @@ -46,7 +46,7 @@ chop(char *s) } /* set/unset filedescriptor to non-blocking */ -void +int set_nonblock(int fd) { int val; @@ -54,20 +54,23 @@ set_nonblock(int fd) val = fcntl(fd, F_GETFL, 0); if (val < 0) { error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno)); - return; + return (-1); } if (val & O_NONBLOCK) { - debug2("fd %d is O_NONBLOCK", fd); - return; + debug3("fd %d is O_NONBLOCK", fd); + return (0); } debug2("fd %d setting O_NONBLOCK", fd); val |= O_NONBLOCK; - if (fcntl(fd, F_SETFL, val) == -1) - debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", - fd, strerror(errno)); + if (fcntl(fd, F_SETFL, val) == -1) { + debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd, + strerror(errno)); + return (-1); + } + return (0); } -void +int unset_nonblock(int fd) { int val; @@ -75,17 +78,20 @@ unset_nonblock(int fd) val = fcntl(fd, F_GETFL, 0); if (val < 0) { error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno)); - return; + return (-1); } if (!(val & O_NONBLOCK)) { - debug2("fd %d is not O_NONBLOCK", fd); - return; + debug3("fd %d is not O_NONBLOCK", fd); + return (0); } debug("fd %d clearing O_NONBLOCK", fd); val &= ~O_NONBLOCK; - if (fcntl(fd, F_SETFL, val) == -1) - debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", + if (fcntl(fd, F_SETFL, val) == -1) { + debug("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s", fd, strerror(errno)); + return (-1); + } + return (0); } /* disable nagle on socket */ diff --git a/misc.h b/misc.h index d4a23cba3..6a4eff136 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.14 2004/05/08 00:21:31 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.15 2004/06/14 01:44:39 djm Exp $ */ /* * Author: Tatu Ylonen @@ -16,8 +16,8 @@ char *chop(char *); char *strdelim(char **); -void set_nonblock(int); -void unset_nonblock(int); +int set_nonblock(int); +int unset_nonblock(int); void set_nodelay(int); int a2port(const char *); char *cleanhostname(char *); diff --git a/packet.c b/packet.c index fe3eea094..fca0075e7 100644 --- a/packet.c +++ b/packet.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.113 2004/05/11 19:01:43 deraadt Exp $"); +RCSID("$OpenBSD: packet.c,v 1.114 2004/06/14 01:44:39 djm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -319,13 +319,10 @@ void packet_set_nonblocking(void) { /* Set the socket into non-blocking mode. */ - if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0) - error("fcntl O_NONBLOCK: %.100s", strerror(errno)); + set_nonblock(connection_in); - if (connection_out != connection_in) { - if (fcntl(connection_out, F_SETFL, O_NONBLOCK) < 0) - error("fcntl O_NONBLOCK: %.100s", strerror(errno)); - } + if (connection_out != connection_in) + set_nonblock(connection_out); } /* Returns the socket used for reading. */ diff --git a/ssh-agent.c b/ssh-agent.c index a38322160..ea84f2196 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include "openbsd-compat/sys-queue.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.118 2004/05/08 00:21:31 djm Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.119 2004/06/14 01:44:39 djm Exp $"); #include #include @@ -789,8 +789,7 @@ new_socket(sock_type type, int fd) { u_int i, old_alloc, new_alloc; - if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) - error("fcntl O_NONBLOCK: %s", strerror(errno)); + set_nonblock(fd); if (fd > max_fd) max_fd = fd; diff --git a/ssh-keyscan.c b/ssh-keyscan.c index c4a2414b1..01615b5c3 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -7,7 +7,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keyscan.c,v 1.48 2004/06/13 12:53:24 djm Exp $"); +RCSID("$OpenBSD: ssh-keyscan.c,v 1.49 2004/06/14 01:44:39 djm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -397,8 +397,8 @@ tcpconnect(char *host) error("socket: %s", strerror(errno)); continue; } - if (fcntl(s, F_SETFL, O_NONBLOCK) < 0) - fatal("F_SETFL: %s", strerror(errno)); + if (set_nonblock(s) == -1) + fatal("%s: set_nonblock(%d)", __func__, s); if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0 && errno != EINPROGRESS) error("connect (`%s'): %s", host, strerror(errno)); diff --git a/sshd.c b/sshd.c index 5f3878119..34379172f 100644 --- a/sshd.c +++ b/sshd.c @@ -42,7 +42,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.292 2004/06/13 12:53:24 djm Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.293 2004/06/14 01:44:39 djm Exp $"); #include #include @@ -1140,8 +1140,7 @@ main(int ac, char **av) verbose("socket: %.100s", strerror(errno)); continue; } - if (fcntl(listen_sock, F_SETFL, O_NONBLOCK) < 0) { - error("listen_sock O_NONBLOCK: %s", strerror(errno)); + if (set_nonblock(listen_sock) == -1) { close(listen_sock); continue; } @@ -1284,8 +1283,7 @@ main(int ac, char **av) error("accept: %.100s", strerror(errno)); continue; } - if (fcntl(newsock, F_SETFL, 0) < 0) { - error("newsock del O_NONBLOCK: %s", strerror(errno)); + if (unset_nonblock(newsock) == -1) { close(newsock); continue; } -- cgit v1.2.3 From 3bbd878c2ec2b337b9e5b9455e0a2bd1902a0824 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 18 Jun 2004 22:23:22 +1000 Subject: - djm@cvs.openbsd.org 2004/06/18 11:11:54 [channels.c clientloop.c] Don't explode in clientloop when we receive a bogus channel id, but also don't generate them to begin with; ok markus@ --- ChangeLog | 6 +++++- channels.c | 4 ++-- clientloop.c | 9 +++++---- 3 files changed, 12 insertions(+), 7 deletions(-) (limited to 'channels.c') diff --git a/ChangeLog b/ChangeLog index adbb925ec..57dc1693a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -32,6 +32,10 @@ [ssh.1 ssh.c] trim synopsis for -S, allow -S and -oControlMaster, -MM means 'ask'; ok djm + - djm@cvs.openbsd.org 2004/06/18 11:11:54 + [channels.c clientloop.c] + Don't explode in clientloop when we receive a bogus channel id, but + also don't generate them to begin with; ok markus@ 20040617 - (dtucker) [regress/scp.sh] diff -N is not portable (but needed for some @@ -1305,4 +1309,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3413 2004/06/18 12:21:55 djm Exp $ +$Id: ChangeLog,v 1.3414 2004/06/18 12:23:22 djm Exp $ diff --git a/channels.c b/channels.c index 97c1fd31b..68d854388 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.205 2004/06/14 01:44:38 djm Exp $"); +RCSID("$OpenBSD: channels.c,v 1.206 2004/06/18 11:11:54 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -487,7 +487,7 @@ channel_find_open(void) for (i = 0; i < channels_alloc; i++) { c = channels[i]; - if (c == NULL) + if (c == NULL || c->remote_id < 0) continue; switch (c->type) { case SSH_CHANNEL_CLOSED: diff --git a/clientloop.c b/clientloop.c index 8f2f270d7..79aabbe06 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.127 2004/06/17 15:10:13 djm Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.128 2004/06/18 11:11:54 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1626,8 +1626,9 @@ client_input_channel_req(int type, u_int32_t seq, void *ctxt) debug("client_input_channel_req: channel %d rtype %s reply %d", id, rtype, reply); - c = channel_lookup(id); - if (c == NULL) { + if (id == -1) { + error("client_input_channel_req: request for channel -1"); + } else if ((c = channel_lookup(id)) == NULL) { error("client_input_channel_req: channel %d: unknown channel", id); } else if (strcmp(rtype, "exit-status") == 0) { exitval = packet_get_int(); @@ -1646,7 +1647,7 @@ client_input_channel_req(int type, u_int32_t seq, void *ctxt) if (reply) { packet_start(success ? SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE); - packet_put_int(c->remote_id); + packet_put_int(id); packet_send(); } xfree(rtype); -- cgit v1.2.3 From 3f9fdc71219d498a996c4e4ca8330df7f598fb5d Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 22 Jun 2004 12:56:01 +1000 Subject: - avsm@cvs.openbsd.org 2004/06/21 17:36:31 [auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c sshpty.c] make ssh -Wshadow clean, no functional changes markus@ ok There are also some portable-specific -Wshadow warnings to be fixed in monitor.c and montior_wrap.c. --- ChangeLog | 10 ++++- auth-rsa.c | 10 ++--- auth2-gss.c | 12 +++--- auth2-pubkey.c | 8 ++-- authfile.c | 10 ++--- canohost.c | 30 +++++++-------- channels.c | 10 ++--- cipher.c | 18 ++++----- dns.c | 8 ++-- kex.c | 10 ++--- monitor.c | 110 +++++++++++++++++++++++++++---------------------------- monitor_fdpass.c | 10 ++--- monitor_wrap.c | 28 +++++++------- monitor_wrap.h | 8 ++-- nchan.c | 6 +-- packet.c | 34 ++++++++--------- progressmeter.c | 6 +-- scp.c | 10 ++--- sftp-server.c | 18 ++++----- sftp.c | 8 ++-- ssh-gss.h | 40 ++++++++++---------- ssh-keygen.c | 10 ++--- ssh.c | 10 ++--- sshconnect.c | 12 +++--- sshconnect1.c | 10 ++--- sshlogin.c | 10 ++--- sshpty.c | 40 ++++++++++---------- 27 files changed, 252 insertions(+), 244 deletions(-) (limited to 'channels.c') diff --git a/ChangeLog b/ChangeLog index 21dd96798..fae8d6c6d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,14 @@ - djm@cvs.openbsd.org 2004/06/20 19:28:12 [sftp.1] mention new -n flag + - avsm@cvs.openbsd.org 2004/06/21 17:36:31 + [auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c + cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c + monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c + ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c + sshpty.c] + make ssh -Wshadow clean, no functional changes + markus@ ok 20040620 - (tim) [configure.ac Makefile.in] Only change TEST_SHELL on broken platforms. @@ -1332,4 +1340,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3420 2004/06/22 02:31:23 dtucker Exp $ +$Id: ChangeLog,v 1.3421 2004/06/22 02:56:01 dtucker Exp $ diff --git a/auth-rsa.c b/auth-rsa.c index 8a02b8a8f..16369d47c 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.59 2004/05/09 01:19:27 djm Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.60 2004/06/21 17:36:31 avsm Exp $"); #include #include @@ -203,7 +203,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) */ while (fgets(line, sizeof(line), f)) { char *cp; - char *options; + char *key_options; linenum++; @@ -221,7 +221,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) */ if (*cp < '0' || *cp > '9') { int quoted = 0; - options = cp; + key_options = cp; for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { if (*cp == '\\' && cp[1] == '"') cp++; /* Skip both */ @@ -229,7 +229,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) quoted = !quoted; } } else - options = NULL; + key_options = NULL; /* Parse the key from the line. */ if (hostfile_read_key(&cp, &bits, key) == 0) { @@ -254,7 +254,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey) * If our options do not allow this key to be used, * do not send challenge. */ - if (!auth_parse_options(pw, options, file, linenum)) + if (!auth_parse_options(pw, key_options, file, linenum)) continue; /* break out, this key is allowed */ diff --git a/auth2-gss.c b/auth2-gss.c index 9249988d3..3289ba18e 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.7 2003/11/21 11:57:03 djm Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.8 2004/06/21 17:36:31 avsm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -54,7 +54,7 @@ static void input_gssapi_errtok(int, u_int32_t, void *); static int userauth_gssapi(Authctxt *authctxt) { - gss_OID_desc oid = {0, NULL}; + gss_OID_desc goid = {0, NULL}; Gssctxt *ctxt = NULL; int mechs; gss_OID_set supported; @@ -85,9 +85,9 @@ userauth_gssapi(Authctxt *authctxt) if (len > 2 && doid[0] == SSH_GSS_OIDTYPE && doid[1] == len - 2) { - oid.elements = doid + 2; - oid.length = len - 2; - gss_test_oid_set_member(&ms, &oid, supported, + goid.elements = doid + 2; + goid.length = len - 2; + gss_test_oid_set_member(&ms, &goid, supported, &present); } else { logit("Badly formed OID received"); @@ -101,7 +101,7 @@ userauth_gssapi(Authctxt *authctxt) return (0); } - if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &oid)))) { + if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) { xfree(doid); return (0); } diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 3063eecc3..9898d4a63 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-pubkey.c,v 1.6 2004/01/19 21:25:15 markus Exp $"); +RCSID("$OpenBSD: auth2-pubkey.c,v 1.7 2004/06/21 17:36:31 avsm Exp $"); #include "ssh2.h" #include "xmalloc.h" @@ -205,7 +205,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) found = key_new(key->type); while (fgets(line, sizeof(line), f)) { - char *cp, *options = NULL; + char *cp, *key_options = NULL; linenum++; /* Skip leading whitespace, empty and comment lines. */ for (cp = line; *cp == ' ' || *cp == '\t'; cp++) @@ -217,7 +217,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) /* no key? check if there are options for this key */ int quoted = 0; debug2("user_key_allowed: check options: '%s'", cp); - options = cp; + key_options = cp; for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) { if (*cp == '\\' && cp[1] == '"') cp++; /* Skip both */ @@ -234,7 +234,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file) } } if (key_equal(found, key) && - auth_parse_options(pw, options, file, linenum) == 1) { + auth_parse_options(pw, key_options, file, linenum) == 1) { found_key = 1; debug("matching key found: file %s, line %lu", file, linenum); diff --git a/authfile.c b/authfile.c index 305e9473b..76a60d020 100644 --- a/authfile.c +++ b/authfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.56 2004/05/11 19:01:43 deraadt Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.57 2004/06/21 17:36:31 avsm Exp $"); #include #include @@ -72,7 +72,7 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, int fd, i, cipher_num; CipherContext ciphercontext; Cipher *cipher; - u_int32_t rand; + u_int32_t rnd; /* * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting @@ -87,9 +87,9 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, buffer_init(&buffer); /* Put checkbytes for checking passphrase validity. */ - rand = arc4random(); - buf[0] = rand & 0xff; - buf[1] = (rand >> 8) & 0xff; + rnd = arc4random(); + buf[0] = rnd & 0xff; + buf[1] = (rnd >> 8) & 0xff; buf[2] = buf[0]; buf[3] = buf[1]; buffer_append(&buffer, buf, 4); diff --git a/canohost.c b/canohost.c index 54369d49b..057f061b6 100644 --- a/canohost.c +++ b/canohost.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: canohost.c,v 1.39 2004/03/31 21:58:47 djm Exp $"); +RCSID("$OpenBSD: canohost.c,v 1.40 2004/06/21 17:36:31 avsm Exp $"); #include "packet.h" #include "xmalloc.h" @@ -28,7 +28,7 @@ static void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); */ static char * -get_remote_hostname(int socket, int use_dns) +get_remote_hostname(int sock, int use_dns) { struct sockaddr_storage from; int i; @@ -39,13 +39,13 @@ get_remote_hostname(int socket, int use_dns) /* Get IP address of client. */ fromlen = sizeof(from); memset(&from, 0, sizeof(from)); - if (getpeername(socket, (struct sockaddr *)&from, &fromlen) < 0) { + if (getpeername(sock, (struct sockaddr *)&from, &fromlen) < 0) { debug("getpeername failed: %.100s", strerror(errno)); cleanup_exit(255); } if (from.ss_family == AF_INET) - check_ip_options(socket, ntop); + check_ip_options(sock, ntop); ipv64_normalise_mapped(&from, &fromlen); @@ -138,7 +138,7 @@ get_remote_hostname(int socket, int use_dns) */ /* IPv4 only */ static void -check_ip_options(int socket, char *ipaddr) +check_ip_options(int sock, char *ipaddr) { #ifdef IP_OPTIONS u_char options[200]; @@ -152,7 +152,7 @@ check_ip_options(int socket, char *ipaddr) else ipproto = IPPROTO_IP; option_size = sizeof(options); - if (getsockopt(socket, ipproto, IP_OPTIONS, options, + if (getsockopt(sock, ipproto, IP_OPTIONS, options, &option_size) >= 0 && option_size != 0) { text[0] = '\0'; for (i = 0; i < option_size; i++) @@ -227,7 +227,7 @@ get_canonical_hostname(int use_dns) * The returned string must be freed. */ static char * -get_socket_address(int socket, int remote, int flags) +get_socket_address(int sock, int remote, int flags) { struct sockaddr_storage addr; socklen_t addrlen; @@ -238,11 +238,11 @@ get_socket_address(int socket, int remote, int flags) memset(&addr, 0, sizeof(addr)); if (remote) { - if (getpeername(socket, (struct sockaddr *)&addr, &addrlen) + if (getpeername(sock, (struct sockaddr *)&addr, &addrlen) < 0) return NULL; } else { - if (getsockname(socket, (struct sockaddr *)&addr, &addrlen) + if (getsockname(sock, (struct sockaddr *)&addr, &addrlen) < 0) return NULL; } @@ -261,29 +261,29 @@ get_socket_address(int socket, int remote, int flags) } char * -get_peer_ipaddr(int socket) +get_peer_ipaddr(int sock) { char *p; - if ((p = get_socket_address(socket, 1, NI_NUMERICHOST)) != NULL) + if ((p = get_socket_address(sock, 1, NI_NUMERICHOST)) != NULL) return p; return xstrdup("UNKNOWN"); } char * -get_local_ipaddr(int socket) +get_local_ipaddr(int sock) { char *p; - if ((p = get_socket_address(socket, 0, NI_NUMERICHOST)) != NULL) + if ((p = get_socket_address(sock, 0, NI_NUMERICHOST)) != NULL) return p; return xstrdup("UNKNOWN"); } char * -get_local_name(int socket) +get_local_name(int sock) { - return get_socket_address(socket, 0, NI_NAMEREQD); + return get_socket_address(sock, 0, NI_NAMEREQD); } /* diff --git a/channels.c b/channels.c index 68d854388..a72d9b93d 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.206 2004/06/18 11:11:54 djm Exp $"); +RCSID("$OpenBSD: channels.c,v 1.207 2004/06/21 17:36:31 avsm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -2903,7 +2903,7 @@ x11_request_forwarding_with_spoofing(int client_session_id, char *new_data; int screen_number; const char *cp; - u_int32_t rand = 0; + u_int32_t rnd = 0; cp = getenv("DISPLAY"); if (cp) @@ -2928,10 +2928,10 @@ x11_request_forwarding_with_spoofing(int client_session_id, if (sscanf(data + 2 * i, "%2x", &value) != 1) fatal("x11_request_forwarding: bad authentication data: %.100s", data); if (i % 4 == 0) - rand = arc4random(); + rnd = arc4random(); x11_saved_data[i] = value; - x11_fake_data[i] = rand & 0xff; - rand >>= 8; + x11_fake_data[i] = rnd & 0xff; + rnd >>= 8; } x11_saved_data_len = data_len; x11_fake_data_len = data_len; diff --git a/cipher.c b/cipher.c index c13ff5862..255f840a3 100644 --- a/cipher.c +++ b/cipher.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.68 2004/01/23 19:26:33 hshoexer Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.69 2004/06/21 17:36:31 avsm Exp $"); #include "xmalloc.h" #include "log.h" @@ -166,25 +166,25 @@ int ciphers_valid(const char *names) { Cipher *c; - char *ciphers, *cp; + char *cipher_list, *cp; char *p; if (names == NULL || strcmp(names, "") == 0) return 0; - ciphers = cp = xstrdup(names); + cipher_list = cp = xstrdup(names); for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; (p = strsep(&cp, CIPHER_SEP))) { c = cipher_by_name(p); if (c == NULL || c->number != SSH_CIPHER_SSH2) { debug("bad cipher %s [%s]", p, names); - xfree(ciphers); + xfree(cipher_list); return 0; } else { debug3("cipher ok: %s [%s]", p, names); } } debug3("ciphers ok: [%s]", names); - xfree(ciphers); + xfree(cipher_list); return 1; } @@ -213,7 +213,7 @@ cipher_name(int id) void cipher_init(CipherContext *cc, Cipher *cipher, const u_char *key, u_int keylen, const u_char *iv, u_int ivlen, - int encrypt) + int do_encrypt) { static int dowarn = 1; #ifdef SSH_OLD_EVP @@ -255,7 +255,7 @@ cipher_init(CipherContext *cc, Cipher *cipher, (encrypt == CIPHER_ENCRYPT)); #else if (EVP_CipherInit(&cc->evp, type, NULL, (u_char *)iv, - (encrypt == CIPHER_ENCRYPT)) == 0) + (do_encrypt == CIPHER_ENCRYPT)) == 0) fatal("cipher_init: EVP_CipherInit failed for %s", cipher->name); klen = EVP_CIPHER_CTX_key_length(&cc->evp); @@ -302,7 +302,7 @@ cipher_cleanup(CipherContext *cc) void cipher_set_key_string(CipherContext *cc, Cipher *cipher, - const char *passphrase, int encrypt) + const char *passphrase, int do_encrypt) { MD5_CTX md; u_char digest[16]; @@ -311,7 +311,7 @@ cipher_set_key_string(CipherContext *cc, Cipher *cipher, MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase)); MD5_Final(digest, &md); - cipher_init(cc, cipher, digest, 16, NULL, 0, encrypt); + cipher_init(cc, cipher, digest, 16, NULL, 0, do_encrypt); memset(digest, 0, sizeof(digest)); memset(&md, 0, sizeof(md)); diff --git a/dns.c b/dns.c index ad634f1f7..140ab6042 100644 --- a/dns.c +++ b/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $ */ +/* $OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -43,7 +43,7 @@ #include "uuencode.h" extern char *__progname; -RCSID("$OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $"); +RCSID("$OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $"); #ifndef LWRES static const char *errset_text[] = { @@ -56,9 +56,9 @@ static const char *errset_text[] = { }; static const char * -dns_result_totext(unsigned int error) +dns_result_totext(unsigned int res) { - switch (error) { + switch (res) { case ERRSET_SUCCESS: return errset_text[ERRSET_SUCCESS]; case ERRSET_NOMEMORY: diff --git a/kex.c b/kex.c index cda8bf9b7..a668346c3 100644 --- a/kex.c +++ b/kex.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.59 2004/06/13 12:53:24 djm Exp $"); +RCSID("$OpenBSD: kex.c,v 1.60 2004/06/21 17:36:31 avsm Exp $"); #include @@ -148,7 +148,7 @@ kex_finish(Kex *kex) void kex_send_kexinit(Kex *kex) { - u_int32_t rand = 0; + u_int32_t rnd = 0; u_char *cookie; int i; @@ -168,9 +168,9 @@ kex_send_kexinit(Kex *kex) cookie = buffer_ptr(&kex->my); for (i = 0; i < KEX_COOKIE_LEN; i++) { if (i % 4 == 0) - rand = arc4random(); - cookie[i] = rand; - rand >>= 8; + rnd = arc4random(); + cookie[i] = rnd; + rnd >>= 8; } packet_start(SSH2_MSG_KEXINIT); packet_put_raw(buffer_ptr(&kex->my), buffer_len(&kex->my)); diff --git a/monitor.c b/monitor.c index c287a2da1..288727554 100644 --- a/monitor.c +++ b/monitor.c @@ -25,7 +25,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor.c,v 1.58 2004/06/13 12:53:24 djm Exp $"); +RCSID("$OpenBSD: monitor.c,v 1.59 2004/06/21 17:36:31 avsm Exp $"); #include @@ -350,9 +350,9 @@ monitor_set_child_handler(pid_t pid) } static void -monitor_child_handler(int signal) +monitor_child_handler(int sig) { - kill(monitor_child_pid, signal); + kill(monitor_child_pid, sig); } void @@ -467,7 +467,7 @@ monitor_reset_key_state(void) } int -mm_answer_moduli(int socket, Buffer *m) +mm_answer_moduli(int sock, Buffer *m) { DH *dh; int min, want, max; @@ -497,12 +497,12 @@ mm_answer_moduli(int socket, Buffer *m) DH_free(dh); } - mm_request_send(socket, MONITOR_ANS_MODULI, m); + mm_request_send(sock, MONITOR_ANS_MODULI, m); return (0); } int -mm_answer_sign(int socket, Buffer *m) +mm_answer_sign(int sock, Buffer *m) { Key *key; u_char *p; @@ -538,7 +538,7 @@ mm_answer_sign(int socket, Buffer *m) xfree(p); xfree(signature); - mm_request_send(socket, MONITOR_ANS_SIGN, m); + mm_request_send(sock, MONITOR_ANS_SIGN, m); /* Turn on permissions for getpwnam */ monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); @@ -549,7 +549,7 @@ mm_answer_sign(int socket, Buffer *m) /* Retrieves the password entry and also checks if the user is permitted */ int -mm_answer_pwnamallow(int socket, Buffer *m) +mm_answer_pwnamallow(int sock, Buffer *m) { char *login; struct passwd *pwent; @@ -593,7 +593,7 @@ mm_answer_pwnamallow(int socket, Buffer *m) out: debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed); - mm_request_send(socket, MONITOR_ANS_PWNAM, m); + mm_request_send(sock, MONITOR_ANS_PWNAM, m); /* For SSHv1 allow authentication now */ if (!compat20) @@ -612,14 +612,14 @@ mm_answer_pwnamallow(int socket, Buffer *m) return (0); } -int mm_answer_auth2_read_banner(int socket, Buffer *m) +int mm_answer_auth2_read_banner(int sock, Buffer *m) { char *banner; buffer_clear(m); banner = auth2_read_banner(); buffer_put_cstring(m, banner != NULL ? banner : ""); - mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m); + mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m); if (banner != NULL) xfree(banner); @@ -628,7 +628,7 @@ int mm_answer_auth2_read_banner(int socket, Buffer *m) } int -mm_answer_authserv(int socket, Buffer *m) +mm_answer_authserv(int sock, Buffer *m) { monitor_permit_authentications(1); @@ -646,7 +646,7 @@ mm_answer_authserv(int socket, Buffer *m) } int -mm_answer_authpassword(int socket, Buffer *m) +mm_answer_authpassword(int sock, Buffer *m) { static int call_count; char *passwd; @@ -664,7 +664,7 @@ mm_answer_authpassword(int socket, Buffer *m) buffer_put_int(m, authenticated); debug3("%s: sending result %d", __func__, authenticated); - mm_request_send(socket, MONITOR_ANS_AUTHPASSWORD, m); + mm_request_send(sock, MONITOR_ANS_AUTHPASSWORD, m); call_count++; if (plen == 0 && call_count == 1) @@ -678,7 +678,7 @@ mm_answer_authpassword(int socket, Buffer *m) #ifdef BSD_AUTH int -mm_answer_bsdauthquery(int socket, Buffer *m) +mm_answer_bsdauthquery(int sock, Buffer *m) { char *name, *infotxt; u_int numprompts; @@ -695,7 +695,7 @@ mm_answer_bsdauthquery(int socket, Buffer *m) buffer_put_cstring(m, prompts[0]); debug3("%s: sending challenge success: %u", __func__, success); - mm_request_send(socket, MONITOR_ANS_BSDAUTHQUERY, m); + mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m); if (success) { xfree(name); @@ -708,7 +708,7 @@ mm_answer_bsdauthquery(int socket, Buffer *m) } int -mm_answer_bsdauthrespond(int socket, Buffer *m) +mm_answer_bsdauthrespond(int sock, Buffer *m) { char *response; int authok; @@ -727,7 +727,7 @@ mm_answer_bsdauthrespond(int socket, Buffer *m) buffer_put_int(m, authok); debug3("%s: sending authenticated: %d", __func__, authok); - mm_request_send(socket, MONITOR_ANS_BSDAUTHRESPOND, m); + mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m); auth_method = "bsdauth"; @@ -737,7 +737,7 @@ mm_answer_bsdauthrespond(int socket, Buffer *m) #ifdef SKEY int -mm_answer_skeyquery(int socket, Buffer *m) +mm_answer_skeyquery(int sock, Buffer *m) { struct skey skey; char challenge[1024]; @@ -752,13 +752,13 @@ mm_answer_skeyquery(int socket, Buffer *m) buffer_put_cstring(m, challenge); debug3("%s: sending challenge success: %u", __func__, success); - mm_request_send(socket, MONITOR_ANS_SKEYQUERY, m); + mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m); return (0); } int -mm_answer_skeyrespond(int socket, Buffer *m) +mm_answer_skeyrespond(int sock, Buffer *m) { char *response; int authok; @@ -776,7 +776,7 @@ mm_answer_skeyrespond(int socket, Buffer *m) buffer_put_int(m, authok); debug3("%s: sending authenticated: %d", __func__, authok); - mm_request_send(socket, MONITOR_ANS_SKEYRESPOND, m); + mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m); auth_method = "skey"; @@ -925,7 +925,7 @@ mm_append_debug(Buffer *m) } int -mm_answer_keyallowed(int socket, Buffer *m) +mm_answer_keyallowed(int sock, Buffer *m) { Key *key; char *cuser, *chost; @@ -995,7 +995,7 @@ mm_answer_keyallowed(int socket, Buffer *m) mm_append_debug(m); - mm_request_send(socket, MONITOR_ANS_KEYALLOWED, m); + mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m); if (type == MM_RSAHOSTKEY) monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed); @@ -1116,7 +1116,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser, } int -mm_answer_keyverify(int socket, Buffer *m) +mm_answer_keyverify(int sock, Buffer *m) { Key *key; u_char *signature, *data, *blob; @@ -1166,7 +1166,7 @@ mm_answer_keyverify(int socket, Buffer *m) buffer_clear(m); buffer_put_int(m, verified); - mm_request_send(socket, MONITOR_ANS_KEYVERIFY, m); + mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m); return (verified); } @@ -1208,7 +1208,7 @@ mm_session_close(Session *s) } int -mm_answer_pty(int socket, Buffer *m) +mm_answer_pty(int sock, Buffer *m) { extern struct monitor *pmonitor; Session *s; @@ -1230,10 +1230,10 @@ mm_answer_pty(int socket, Buffer *m) buffer_put_int(m, 1); buffer_put_cstring(m, s->tty); - mm_request_send(socket, MONITOR_ANS_PTY, m); + mm_request_send(sock, MONITOR_ANS_PTY, m); - mm_send_fd(socket, s->ptyfd); - mm_send_fd(socket, s->ttyfd); + mm_send_fd(sock, s->ptyfd); + mm_send_fd(sock, s->ttyfd); /* We need to trick ttyslot */ if (dup2(s->ttyfd, 0) == -1) @@ -1264,12 +1264,12 @@ mm_answer_pty(int socket, Buffer *m) if (s != NULL) mm_session_close(s); buffer_put_int(m, 0); - mm_request_send(socket, MONITOR_ANS_PTY, m); + mm_request_send(sock, MONITOR_ANS_PTY, m); return (0); } int -mm_answer_pty_cleanup(int socket, Buffer *m) +mm_answer_pty_cleanup(int sock, Buffer *m) { Session *s; char *tty; @@ -1285,7 +1285,7 @@ mm_answer_pty_cleanup(int socket, Buffer *m) } int -mm_answer_sesskey(int socket, Buffer *m) +mm_answer_sesskey(int sock, Buffer *m) { BIGNUM *p; int rsafail; @@ -1306,7 +1306,7 @@ mm_answer_sesskey(int socket, Buffer *m) BN_clear_free(p); - mm_request_send(socket, MONITOR_ANS_SESSKEY, m); + mm_request_send(sock, MONITOR_ANS_SESSKEY, m); /* Turn on permissions for sessid passing */ monitor_permit(mon_dispatch, MONITOR_REQ_SESSID, 1); @@ -1315,7 +1315,7 @@ mm_answer_sesskey(int socket, Buffer *m) } int -mm_answer_sessid(int socket, Buffer *m) +mm_answer_sessid(int sock, Buffer *m) { int i; @@ -1333,7 +1333,7 @@ mm_answer_sessid(int socket, Buffer *m) } int -mm_answer_rsa_keyallowed(int socket, Buffer *m) +mm_answer_rsa_keyallowed(int sock, Buffer *m) { BIGNUM *client_n; Key *key = NULL; @@ -1373,7 +1373,7 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m) mm_append_debug(m); - mm_request_send(socket, MONITOR_ANS_RSAKEYALLOWED, m); + mm_request_send(sock, MONITOR_ANS_RSAKEYALLOWED, m); monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed); monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 0); @@ -1381,7 +1381,7 @@ mm_answer_rsa_keyallowed(int socket, Buffer *m) } int -mm_answer_rsa_challenge(int socket, Buffer *m) +mm_answer_rsa_challenge(int sock, Buffer *m) { Key *key = NULL; u_char *blob; @@ -1407,7 +1407,7 @@ mm_answer_rsa_challenge(int socket, Buffer *m) buffer_put_bignum2(m, ssh1_challenge); debug3("%s sending reply", __func__); - mm_request_send(socket, MONITOR_ANS_RSACHALLENGE, m); + mm_request_send(sock, MONITOR_ANS_RSACHALLENGE, m); monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1); @@ -1417,7 +1417,7 @@ mm_answer_rsa_challenge(int socket, Buffer *m) } int -mm_answer_rsa_response(int socket, Buffer *m) +mm_answer_rsa_response(int sock, Buffer *m) { Key *key = NULL; u_char *blob, *response; @@ -1456,13 +1456,13 @@ mm_answer_rsa_response(int socket, Buffer *m) buffer_clear(m); buffer_put_int(m, success); - mm_request_send(socket, MONITOR_ANS_RSARESPONSE, m); + mm_request_send(sock, MONITOR_ANS_RSARESPONSE, m); return (success); } int -mm_answer_term(int socket, Buffer *req) +mm_answer_term(int sock, Buffer *req) { extern struct monitor *pmonitor; int res, status; @@ -1740,23 +1740,23 @@ monitor_reinit(struct monitor *mon) #ifdef GSSAPI int -mm_answer_gss_setup_ctx(int socket, Buffer *m) +mm_answer_gss_setup_ctx(int sock, Buffer *m) { - gss_OID_desc oid; + gss_OID_desc goid; OM_uint32 major; u_int len; - oid.elements = buffer_get_string(m, &len); - oid.length = len; + goid.elements = buffer_get_string(m, &len); + goid.length = len; - major = ssh_gssapi_server_ctx(&gsscontext, &oid); + major = ssh_gssapi_server_ctx(&gsscontext, &goid); - xfree(oid.elements); + xfree(goid.elements); buffer_clear(m); buffer_put_int(m, major); - mm_request_send(socket,MONITOR_ANS_GSSSETUP, m); + mm_request_send(sock,MONITOR_ANS_GSSSETUP, m); /* Now we have a context, enable the step */ monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1); @@ -1765,7 +1765,7 @@ mm_answer_gss_setup_ctx(int socket, Buffer *m) } int -mm_answer_gss_accept_ctx(int socket, Buffer *m) +mm_answer_gss_accept_ctx(int sock, Buffer *m) { gss_buffer_desc in; gss_buffer_desc out = GSS_C_EMPTY_BUFFER; @@ -1782,7 +1782,7 @@ mm_answer_gss_accept_ctx(int socket, Buffer *m) buffer_put_int(m, major); buffer_put_string(m, out.value, out.length); buffer_put_int(m, flags); - mm_request_send(socket, MONITOR_ANS_GSSSTEP, m); + mm_request_send(sock, MONITOR_ANS_GSSSTEP, m); gss_release_buffer(&minor, &out); @@ -1795,7 +1795,7 @@ mm_answer_gss_accept_ctx(int socket, Buffer *m) } int -mm_answer_gss_checkmic(int socket, Buffer *m) +mm_answer_gss_checkmic(int sock, Buffer *m) { gss_buffer_desc gssbuf, mic; OM_uint32 ret; @@ -1814,7 +1814,7 @@ mm_answer_gss_checkmic(int socket, Buffer *m) buffer_clear(m); buffer_put_int(m, ret); - mm_request_send(socket, MONITOR_ANS_GSSCHECKMIC, m); + mm_request_send(sock, MONITOR_ANS_GSSCHECKMIC, m); if (!GSS_ERROR(ret)) monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); @@ -1823,7 +1823,7 @@ mm_answer_gss_checkmic(int socket, Buffer *m) } int -mm_answer_gss_userok(int socket, Buffer *m) +mm_answer_gss_userok(int sock, Buffer *m) { int authenticated; @@ -1833,7 +1833,7 @@ mm_answer_gss_userok(int socket, Buffer *m) buffer_put_int(m, authenticated); debug3("%s: sending result %d", __func__, authenticated); - mm_request_send(socket, MONITOR_ANS_GSSUSEROK, m); + mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m); auth_method="gssapi-with-mic"; diff --git a/monitor_fdpass.c b/monitor_fdpass.c index 22b7882bd..f0dd88e7e 100644 --- a/monitor_fdpass.c +++ b/monitor_fdpass.c @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor_fdpass.c,v 1.4 2002/06/26 14:50:04 deraadt Exp $"); +RCSID("$OpenBSD: monitor_fdpass.c,v 1.5 2004/06/21 17:36:31 avsm Exp $"); #include @@ -32,7 +32,7 @@ RCSID("$OpenBSD: monitor_fdpass.c,v 1.4 2002/06/26 14:50:04 deraadt Exp $"); #include "monitor_fdpass.h" void -mm_send_fd(int socket, int fd) +mm_send_fd(int sock, int fd) { #if defined(HAVE_SENDMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) struct msghdr msg; @@ -63,7 +63,7 @@ mm_send_fd(int socket, int fd) msg.msg_iov = &vec; msg.msg_iovlen = 1; - if ((n = sendmsg(socket, &msg, 0)) == -1) + if ((n = sendmsg(sock, &msg, 0)) == -1) fatal("%s: sendmsg(%d): %s", __func__, fd, strerror(errno)); if (n != 1) @@ -76,7 +76,7 @@ mm_send_fd(int socket, int fd) } int -mm_receive_fd(int socket) +mm_receive_fd(int sock) { #if defined(HAVE_RECVMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) struct msghdr msg; @@ -102,7 +102,7 @@ mm_receive_fd(int socket) msg.msg_controllen = sizeof(tmp); #endif - if ((n = recvmsg(socket, &msg, 0)) == -1) + if ((n = recvmsg(sock, &msg, 0)) == -1) fatal("%s: recvmsg: %s", __func__, strerror(errno)); if (n != 1) fatal("%s: recvmsg: expected received 1 got %ld", diff --git a/monitor_wrap.c b/monitor_wrap.c index ee2dc2027..d9cbd9e32 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -25,7 +25,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor_wrap.c,v 1.35 2003/11/17 11:06:07 markus Exp $"); +RCSID("$OpenBSD: monitor_wrap.c,v 1.36 2004/06/21 17:36:31 avsm Exp $"); #include #include @@ -83,7 +83,7 @@ mm_is_monitor(void) } void -mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) +mm_request_send(int sock, enum monitor_reqtype type, Buffer *m) { u_int mlen = buffer_len(m); u_char buf[5]; @@ -92,14 +92,14 @@ mm_request_send(int socket, enum monitor_reqtype type, Buffer *m) PUT_32BIT(buf, mlen + 1); buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */ - if (atomicio(vwrite, socket, buf, sizeof(buf)) != sizeof(buf)) + if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf)) fatal("%s: write", __func__); - if (atomicio(vwrite, socket, buffer_ptr(m), mlen) != mlen) + if (atomicio(vwrite, sock, buffer_ptr(m), mlen) != mlen) fatal("%s: write", __func__); } void -mm_request_receive(int socket, Buffer *m) +mm_request_receive(int sock, Buffer *m) { u_char buf[4]; u_int msg_len; @@ -107,7 +107,7 @@ mm_request_receive(int socket, Buffer *m) debug3("%s entering", __func__); - res = atomicio(read, socket, buf, sizeof(buf)); + res = atomicio(read, sock, buf, sizeof(buf)); if (res != sizeof(buf)) { if (res == 0) cleanup_exit(255); @@ -118,19 +118,19 @@ mm_request_receive(int socket, Buffer *m) fatal("%s: read: bad msg_len %d", __func__, msg_len); buffer_clear(m); buffer_append_space(m, msg_len); - res = atomicio(read, socket, buffer_ptr(m), msg_len); + res = atomicio(read, sock, buffer_ptr(m), msg_len); if (res != msg_len) fatal("%s: read: %ld != msg_len", __func__, (long)res); } void -mm_request_receive_expect(int socket, enum monitor_reqtype type, Buffer *m) +mm_request_receive_expect(int sock, enum monitor_reqtype type, Buffer *m) { u_char rtype; debug3("%s entering: type %d", __func__, type); - mm_request_receive(socket, m); + mm_request_receive(sock, m); rtype = buffer_get_char(m); if (rtype != type) fatal("%s: read: rtype %d != type %d", __func__, @@ -544,7 +544,7 @@ mm_send_kex(Buffer *m, Kex *kex) } void -mm_send_keystate(struct monitor *pmonitor) +mm_send_keystate(struct monitor *monitor) { Buffer m; u_char *blob, *p; @@ -580,7 +580,7 @@ mm_send_keystate(struct monitor *pmonitor) goto skip; } else { /* Kex for rekeying */ - mm_send_kex(&m, *pmonitor->m_pkex); + mm_send_kex(&m, *monitor->m_pkex); } debug3("%s: Sending new keys: %p %p", @@ -632,7 +632,7 @@ mm_send_keystate(struct monitor *pmonitor) buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); - mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); + mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); debug3("%s: Finished sending state", __func__); buffer_free(&m); @@ -1093,7 +1093,7 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16]) #ifdef GSSAPI OM_uint32 -mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) +mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID goid) { Buffer m; OM_uint32 major; @@ -1102,7 +1102,7 @@ mm_ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) *ctx = NULL; buffer_init(&m); - buffer_put_string(&m, oid->elements, oid->length); + buffer_put_string(&m, goid->elements, goid->length); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSETUP, &m); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSETUP, &m); diff --git a/monitor_wrap.h b/monitor_wrap.h index 2170b1324..e5cf5718c 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.h,v 1.13 2003/11/17 11:06:07 markus Exp $ */ +/* $OpenBSD: monitor_wrap.h,v 1.14 2004/06/21 17:36:31 avsm Exp $ */ /* * Copyright 2002 Niels Provos @@ -58,9 +58,9 @@ BIGNUM *mm_auth_rsa_generate_challenge(Key *); #ifdef GSSAPI #include "ssh-gss.h" -OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **ctxt, gss_OID oid); -OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *ctxt, - gss_buffer_desc *recv, gss_buffer_desc *send, OM_uint32 *flags); +OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); +OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, + gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); int mm_ssh_gssapi_userok(char *user); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); #endif diff --git a/nchan.c b/nchan.c index 3138cdd19..ecf59c5db 100644 --- a/nchan.c +++ b/nchan.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: nchan.c,v 1.49 2003/08/29 10:04:36 markus Exp $"); +RCSID("$OpenBSD: nchan.c,v 1.50 2004/06/21 17:36:31 avsm Exp $"); #include "ssh1.h" #include "ssh2.h" @@ -395,7 +395,7 @@ chan_mark_dead(Channel *c) } int -chan_is_dead(Channel *c, int send) +chan_is_dead(Channel *c, int do_send) { if (c->type == SSH_CHANNEL_ZOMBIE) { debug2("channel %d: zombie", c->self); @@ -416,7 +416,7 @@ chan_is_dead(Channel *c, int send) return 0; } if (!(c->flags & CHAN_CLOSE_SENT)) { - if (send) { + if (do_send) { chan_send_close2(c); } else { /* channel would be dead if we sent a close */ diff --git a/packet.c b/packet.c index fca0075e7..82a569404 100644 --- a/packet.c +++ b/packet.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.114 2004/06/14 01:44:39 djm Exp $"); +RCSID("$OpenBSD: packet.c,v 1.115 2004/06/21 17:36:31 avsm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -507,7 +507,7 @@ packet_send1(void) u_char buf[8], *cp; int i, padding, len; u_int checksum; - u_int32_t rand = 0; + u_int32_t rnd = 0; /* * If using packet compression, compress the payload of the outgoing @@ -533,9 +533,9 @@ packet_send1(void) cp = buffer_ptr(&outgoing_packet); for (i = 0; i < padding; i++) { if (i % 4 == 0) - rand = arc4random(); - cp[7 - i] = rand & 0xff; - rand >>= 8; + rnd = arc4random(); + cp[7 - i] = rnd & 0xff; + rnd >>= 8; } } buffer_consume(&outgoing_packet, 8 - padding); @@ -580,18 +580,18 @@ set_newkeys(int mode) Comp *comp; CipherContext *cc; u_int64_t *max_blocks; - int encrypt; + int crypt_type; debug2("set_newkeys: mode %d", mode); if (mode == MODE_OUT) { cc = &send_context; - encrypt = CIPHER_ENCRYPT; + crypt_type = CIPHER_ENCRYPT; p_send.packets = p_send.blocks = 0; max_blocks = &max_blocks_out; } else { cc = &receive_context; - encrypt = CIPHER_DECRYPT; + crypt_type = CIPHER_DECRYPT; p_read.packets = p_read.blocks = 0; max_blocks = &max_blocks_in; } @@ -620,7 +620,7 @@ set_newkeys(int mode) mac->enabled = 1; DBG(debug("cipher_init_context: %d", mode)); cipher_init(cc, enc->cipher, enc->key, enc->key_len, - enc->iv, enc->block_size, encrypt); + enc->iv, enc->block_size, crypt_type); /* Deleting the keys does not gain extra security */ /* memset(enc->iv, 0, enc->block_size); memset(enc->key, 0, enc->key_len); */ @@ -654,7 +654,7 @@ packet_send2_wrapped(void) u_char padlen, pad; u_int packet_length = 0; u_int i, len; - u_int32_t rand = 0; + u_int32_t rnd = 0; Enc *enc = NULL; Mac *mac = NULL; Comp *comp = NULL; @@ -713,9 +713,9 @@ packet_send2_wrapped(void) /* random padding */ for (i = 0; i < padlen; i++) { if (i % 4 == 0) - rand = arc4random(); - cp[i] = rand & 0xff; - rand >>= 8; + rnd = arc4random(); + cp[i] = rnd & 0xff; + rnd >>= 8; } } else { /* clear padding */ @@ -1489,16 +1489,16 @@ packet_add_padding(u_char pad) void packet_send_ignore(int nbytes) { - u_int32_t rand = 0; + u_int32_t rnd = 0; int i; packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); packet_put_int(nbytes); for (i = 0; i < nbytes; i++) { if (i % 4 == 0) - rand = arc4random(); - packet_put_char(rand & 0xff); - rand >>= 8; + rnd = arc4random(); + packet_put_char(rnd & 0xff); + rnd >>= 8; } } diff --git a/progressmeter.c b/progressmeter.c index e74f4785f..629a536b2 100644 --- a/progressmeter.c +++ b/progressmeter.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: progressmeter.c,v 1.20 2004/05/11 19:01:43 deraadt Exp $"); +RCSID("$OpenBSD: progressmeter.c,v 1.21 2004/06/21 17:36:31 avsm Exp $"); #include "progressmeter.h" #include "atomicio.h" @@ -224,7 +224,7 @@ update_progress_meter(int ignore) } void -start_progress_meter(char *f, off_t filesize, off_t *stat) +start_progress_meter(char *f, off_t filesize, off_t *ctr) { struct winsize winsize; @@ -232,7 +232,7 @@ start_progress_meter(char *f, off_t filesize, off_t *stat) file = f; end_pos = filesize; cur_pos = 0; - counter = stat; + counter = ctr; stalled = 0; bytes_per_second = 0; diff --git a/scp.c b/scp.c index 8621a4409..3ae17c9ac 100644 --- a/scp.c +++ b/scp.c @@ -71,7 +71,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: scp.c,v 1.114 2004/04/01 12:19:57 markus Exp $"); +RCSID("$OpenBSD: scp.c,v 1.115 2004/06/21 17:36:31 avsm Exp $"); #include "xmalloc.h" #include "atomicio.h" @@ -663,7 +663,7 @@ bwlimit(int amount) { static struct timeval bwstart, bwend; static int lamt, thresh = 16384; - u_int64_t wait; + u_int64_t waitlen; struct timespec ts, rm; if (!timerisset(&bwstart)) { @@ -681,10 +681,10 @@ bwlimit(int amount) return; lamt *= 8; - wait = (double)1000000L * lamt / limit_rate; + waitlen = (double)1000000L * lamt / limit_rate; - bwstart.tv_sec = wait / 1000000L; - bwstart.tv_usec = wait % 1000000L; + bwstart.tv_sec = waitlen / 1000000L; + bwstart.tv_usec = waitlen % 1000000L; if (timercmp(&bwstart, &bwend, >)) { timersub(&bwstart, &bwend, &bwend); diff --git a/sftp-server.c b/sftp-server.c index 1d13e97b2..8349c1763 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "includes.h" -RCSID("$OpenBSD: sftp-server.c,v 1.45 2004/02/19 21:15:04 markus Exp $"); +RCSID("$OpenBSD: sftp-server.c,v 1.46 2004/06/21 17:36:31 avsm Exp $"); #include "buffer.h" #include "bufaux.h" @@ -260,7 +260,7 @@ send_msg(Buffer *m) } static void -send_status(u_int32_t id, u_int32_t error) +send_status(u_int32_t id, u_int32_t status) { Buffer msg; const char *status_messages[] = { @@ -276,14 +276,14 @@ send_status(u_int32_t id, u_int32_t error) "Unknown error" /* Others */ }; - TRACE("sent status id %u error %u", id, error); + TRACE("sent status id %u error %u", id, status); buffer_init(&msg); buffer_put_char(&msg, SSH2_FXP_STATUS); buffer_put_int(&msg, id); - buffer_put_int(&msg, error); + buffer_put_int(&msg, status); if (version >= 3) { buffer_put_cstring(&msg, - status_messages[MIN(error,SSH2_FX_MAX)]); + status_messages[MIN(status,SSH2_FX_MAX)]); buffer_put_cstring(&msg, ""); } send_msg(&msg); @@ -863,20 +863,20 @@ process_readlink(void) { u_int32_t id; int len; - char link[MAXPATHLEN]; + char buf[MAXPATHLEN]; char *path; id = get_int(); path = get_string(NULL); TRACE("readlink id %u path %s", id, path); - if ((len = readlink(path, link, sizeof(link) - 1)) == -1) + if ((len = readlink(path, buf, sizeof(buf) - 1)) == -1) send_status(id, errno_to_portable(errno)); else { Stat s; - link[len] = '\0'; + buf[len] = '\0'; attrib_clear(&s.attrib); - s.name = s.long_name = link; + s.name = s.long_name = buf; send_names(id, 1, &s); } xfree(path); diff --git a/sftp.c b/sftp.c index df2aff657..d818ef84e 100644 --- a/sftp.c +++ b/sftp.c @@ -16,7 +16,7 @@ #include "includes.h" -RCSID("$OpenBSD: sftp.c,v 1.50 2004/06/20 18:53:39 djm Exp $"); +RCSID("$OpenBSD: sftp.c,v 1.51 2004/06/21 17:36:31 avsm Exp $"); #include "buffer.h" #include "xmalloc.h" @@ -277,13 +277,13 @@ path_append(char *p1, char *p2) static char * make_absolute(char *p, char *pwd) { - char *abs; + char *abs_str; /* Derelativise */ if (p && p[0] != '/') { - abs = path_append(pwd, p); + abs_str = path_append(pwd, p); xfree(p); - return(abs); + return(abs_str); } else return(p); } diff --git a/ssh-gss.h b/ssh-gss.h index 4f032aa8f..52fb49a6f 100644 --- a/ssh-gss.h +++ b/ssh-gss.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-gss.h,v 1.4 2003/11/17 11:06:07 markus Exp $ */ +/* $OpenBSD: ssh-gss.h,v 1.5 2004/06/21 17:36:31 avsm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. * @@ -100,31 +100,31 @@ typedef struct { extern ssh_gssapi_mech *supported_mechs[]; -int ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len); -void ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len); -void ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid); -void ssh_gssapi_supported_oids(gss_OID_set *oidset); -ssh_gssapi_mech *ssh_gssapi_get_ctype(Gssctxt *ctxt); - -OM_uint32 ssh_gssapi_import_name(Gssctxt *ctx, const char *host); -OM_uint32 ssh_gssapi_acquire_cred(Gssctxt *ctx); -OM_uint32 ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, - gss_buffer_desc *recv_tok, gss_buffer_desc *send_tok, OM_uint32 *flags); -OM_uint32 ssh_gssapi_accept_ctx(Gssctxt *ctx, - gss_buffer_desc *recv_tok, gss_buffer_desc *send_tok, OM_uint32 *flags); -OM_uint32 ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *); -void ssh_gssapi_error(Gssctxt *ctx); -char *ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *maj, OM_uint32 *min); -void ssh_gssapi_build_ctx(Gssctxt **ctx); -void ssh_gssapi_delete_ctx(Gssctxt **ctx); +int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); +void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); +void ssh_gssapi_set_oid(Gssctxt *, gss_OID); +void ssh_gssapi_supported_oids(gss_OID_set *); +ssh_gssapi_mech *ssh_gssapi_get_ctype(Gssctxt *); + +OM_uint32 ssh_gssapi_import_name(Gssctxt *, const char *); +OM_uint32 ssh_gssapi_acquire_cred(Gssctxt *); +OM_uint32 ssh_gssapi_init_ctx(Gssctxt *, int, + gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); +OM_uint32 ssh_gssapi_accept_ctx(Gssctxt *, + gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); +OM_uint32 ssh_gssapi_getclient(Gssctxt *, ssh_gssapi_client *); +void ssh_gssapi_error(Gssctxt *); +char *ssh_gssapi_last_error(Gssctxt *, OM_uint32 *, OM_uint32 *); +void ssh_gssapi_build_ctx(Gssctxt **); +void ssh_gssapi_delete_ctx(Gssctxt **); OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); -OM_uint32 ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid); +OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *); /* In the server */ int ssh_gssapi_userok(char *name); OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); -void ssh_gssapi_do_child(char ***envp, u_int *envsizep); +void ssh_gssapi_do_child(char ***, u_int *); void ssh_gssapi_cleanup_creds(void); void ssh_gssapi_storecreds(void); diff --git a/ssh-keygen.c b/ssh-keygen.c index 5539fe17a..d4d19d3a1 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.115 2004/05/09 00:06:47 djm Exp $"); +RCSID("$OpenBSD: ssh-keygen.c,v 1.116 2004/06/21 17:36:31 avsm Exp $"); #include #include @@ -192,8 +192,8 @@ do_convert_to_ssh2(struct passwd *pw) static void buffer_get_bignum_bits(Buffer *b, BIGNUM *value) { - u_int bits = buffer_get_int(b); - u_int bytes = (bits + 7) / 8; + u_int bignum_bits = buffer_get_int(b); + u_int bytes = (bignum_bits + 7) / 8; if (buffer_len(b) < bytes) fatal("buffer_get_bignum_bits: input buffer too small: " @@ -630,7 +630,7 @@ do_change_passphrase(struct passwd *pw) * Print the SSHFP RR. */ static void -do_print_resource_record(struct passwd *pw, char *hostname) +do_print_resource_record(struct passwd *pw, char *hname) { Key *public; char *comment = NULL; @@ -644,7 +644,7 @@ do_print_resource_record(struct passwd *pw, char *hostname) } public = key_load_public(identity_file, &comment); if (public != NULL) { - export_dns_rr(hostname, public, stdout, print_generic); + export_dns_rr(hname, public, stdout, print_generic); key_free(public); xfree(comment); exit(0); diff --git a/ssh.c b/ssh.c index b9bd8c0d1..9e3f73555 100644 --- a/ssh.c +++ b/ssh.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.220 2004/06/20 17:36:59 djm Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.221 2004/06/21 17:36:31 avsm Exp $"); #include #include @@ -807,17 +807,17 @@ x11_get_proto(char **_proto, char **_data) * for the local connection. */ if (!got_data) { - u_int32_t rand = 0; + u_int32_t rnd = 0; logit("Warning: No xauth data; " "using fake authentication data for X11 forwarding."); strlcpy(proto, SSH_X11_PROTO, sizeof proto); for (i = 0; i < 16; i++) { if (i % 4 == 0) - rand = arc4random(); + rnd = arc4random(); snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", - rand & 0xff); - rand >>= 8; + rnd & 0xff); + rnd >>= 8; } } } diff --git a/sshconnect.c b/sshconnect.c index 95bb527b2..11008e544 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.157 2004/05/08 00:21:31 djm Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.158 2004/06/21 17:36:31 avsm Exp $"); #include @@ -767,19 +767,19 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, break; case HOST_CHANGED: if (options.check_host_ip && host_ip_differ) { - char *msg; + char *key_msg; if (ip_status == HOST_NEW) - msg = "is unknown"; + key_msg = "is unknown"; else if (ip_status == HOST_OK) - msg = "is unchanged"; + key_msg = "is unchanged"; else - msg = "has a different value"; + key_msg = "has a different value"; error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @"); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("The %s host key for %s has changed,", type, host); error("and the key for the according IP address %s", ip); - error("%s. This could either mean that", msg); + error("%s. This could either mean that", key_msg); error("DNS SPOOFING is happening or the IP address for the host"); error("and its host key have changed at the same time."); if (ip_status != HOST_NEW) diff --git a/sshconnect1.c b/sshconnect1.c index ae33ab39d..61fecab14 100644 --- a/sshconnect1.c +++ b/sshconnect1.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect1.c,v 1.58 2004/05/09 01:19:28 djm Exp $"); +RCSID("$OpenBSD: sshconnect1.c,v 1.59 2004/06/21 17:36:31 avsm Exp $"); #include #include @@ -476,7 +476,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) u_char cookie[8]; u_int supported_ciphers; u_int server_flags, client_flags; - u_int32_t rand = 0; + u_int32_t rnd = 0; debug("Waiting for server public key."); @@ -540,9 +540,9 @@ ssh_kex(char *host, struct sockaddr *hostaddr) */ for (i = 0; i < 32; i++) { if (i % 4 == 0) - rand = arc4random(); - session_key[i] = rand & 0xff; - rand >>= 8; + rnd = arc4random(); + session_key[i] = rnd & 0xff; + rnd >>= 8; } /* diff --git a/sshlogin.c b/sshlogin.c index e1cc4cc82..22cfd344d 100644 --- a/sshlogin.c +++ b/sshlogin.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshlogin.c,v 1.7 2003/06/12 07:57:38 markus Exp $"); +RCSID("$OpenBSD: sshlogin.c,v 1.8 2004/06/21 17:36:31 avsm Exp $"); #include "loginrec.h" @@ -64,12 +64,12 @@ get_last_login_time(uid_t uid, const char *logname, * systems were more standardized. */ void -record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, +record_login(pid_t pid, const char *tty, const char *user, uid_t uid, const char *host, struct sockaddr * addr, socklen_t addrlen) { struct logininfo *li; - li = login_alloc_entry(pid, user, host, ttyname); + li = login_alloc_entry(pid, user, host, tty); login_set_addr(li, addr, addrlen); login_login(li); login_free_entry(li); @@ -91,11 +91,11 @@ record_utmp_only(pid_t pid, const char *ttyname, const char *user, /* Records that the user has logged out. */ void -record_logout(pid_t pid, const char *ttyname, const char *user) +record_logout(pid_t pid, const char *tty, const char *user) { struct logininfo *li; - li = login_alloc_entry(pid, user, NULL, ttyname); + li = login_alloc_entry(pid, user, NULL, tty); login_logout(li); login_free_entry(li); } diff --git a/sshpty.c b/sshpty.c index 0fe3891b6..efd1dfefa 100644 --- a/sshpty.c +++ b/sshpty.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshpty.c,v 1.11 2004/01/11 21:55:06 deraadt Exp $"); +RCSID("$OpenBSD: sshpty.c,v 1.12 2004/06/21 17:36:31 avsm Exp $"); #ifdef HAVE_UTIL_H # include @@ -60,18 +60,18 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) /* Releases the tty. Its ownership is returned to root, and permissions to 0666. */ void -pty_release(const char *ttyname) +pty_release(const char *tty) { - if (chown(ttyname, (uid_t) 0, (gid_t) 0) < 0) - error("chown %.100s 0 0 failed: %.100s", ttyname, strerror(errno)); - if (chmod(ttyname, (mode_t) 0666) < 0) - error("chmod %.100s 0666 failed: %.100s", ttyname, strerror(errno)); + if (chown(tty, (uid_t) 0, (gid_t) 0) < 0) + error("chown %.100s 0 0 failed: %.100s", tty, strerror(errno)); + if (chmod(tty, (mode_t) 0666) < 0) + error("chmod %.100s 0666 failed: %.100s", tty, strerror(errno)); } /* Makes the tty the process's controlling tty and sets it to sane modes. */ void -pty_make_controlling_tty(int *ttyfd, const char *ttyname) +pty_make_controlling_tty(int *ttyfd, const char *tty) { int fd; #ifdef USE_VHANGUP @@ -82,7 +82,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) if (setsid() < 0) error("setsid: %.100s", strerror(errno)); - fd = open(ttyname, O_RDWR|O_NOCTTY); + fd = open(tty, O_RDWR|O_NOCTTY); if (fd != -1) { signal(SIGHUP, SIG_IGN); ioctl(fd, TCVHUP, (char *)NULL); @@ -97,7 +97,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) ioctl(*ttyfd, TCSETCTTY, NULL); fd = open("/dev/tty", O_RDWR); if (fd < 0) - error("%.100s: %.100s", ttyname, strerror(errno)); + error("%.100s: %.100s", tty, strerror(errno)); close(*ttyfd); *ttyfd = fd; #else /* _UNICOS */ @@ -137,9 +137,9 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) vhangup(); signal(SIGHUP, old); #endif /* USE_VHANGUP */ - fd = open(ttyname, O_RDWR); + fd = open(tty, O_RDWR); if (fd < 0) { - error("%.100s: %.100s", ttyname, strerror(errno)); + error("%.100s: %.100s", tty, strerror(errno)); } else { #ifdef USE_VHANGUP close(*ttyfd); @@ -174,7 +174,7 @@ pty_change_window_size(int ptyfd, int row, int col, } void -pty_setowner(struct passwd *pw, const char *ttyname) +pty_setowner(struct passwd *pw, const char *tty) { struct group *grp; gid_t gid; @@ -196,33 +196,33 @@ pty_setowner(struct passwd *pw, const char *ttyname) * Warn but continue if filesystem is read-only and the uids match/ * tty is owned by root. */ - if (stat(ttyname, &st)) - fatal("stat(%.100s) failed: %.100s", ttyname, + if (stat(tty, &st)) + fatal("stat(%.100s) failed: %.100s", tty, strerror(errno)); if (st.st_uid != pw->pw_uid || st.st_gid != gid) { - if (chown(ttyname, pw->pw_uid, gid) < 0) { + if (chown(tty, pw->pw_uid, gid) < 0) { if (errno == EROFS && (st.st_uid == pw->pw_uid || st.st_uid == 0)) debug("chown(%.100s, %u, %u) failed: %.100s", - ttyname, (u_int)pw->pw_uid, (u_int)gid, + tty, (u_int)pw->pw_uid, (u_int)gid, strerror(errno)); else fatal("chown(%.100s, %u, %u) failed: %.100s", - ttyname, (u_int)pw->pw_uid, (u_int)gid, + tty, (u_int)pw->pw_uid, (u_int)gid, strerror(errno)); } } if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) { - if (chmod(ttyname, mode) < 0) { + if (chmod(tty, mode) < 0) { if (errno == EROFS && (st.st_mode & (S_IRGRP | S_IROTH)) == 0) debug("chmod(%.100s, 0%o) failed: %.100s", - ttyname, (u_int)mode, strerror(errno)); + tty, (u_int)mode, strerror(errno)); else fatal("chmod(%.100s, 0%o) failed: %.100s", - ttyname, (u_int)mode, strerror(errno)); + tty, (u_int)mode, strerror(errno)); } } } -- cgit v1.2.3 From fc9597034b819b295966f61d8dc797b53fda45c7 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 17 Jul 2004 16:12:08 +1000 Subject: - deraadt@cvs.openbsd.org 2004/07/11 17:48:47 [channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h sshd.c ttymodes.h] spaces --- ChangeLog | 9 ++++++++- channels.c | 11 +++++------ cipher.c | 32 ++++++++++++++++---------------- clientloop.c | 18 +++++++++--------- clientloop.h | 4 ++-- compat.h | 4 ++-- moduli.c | 48 ++++++++++++++++++++++++------------------------ nchan.c | 16 ++++++++-------- pathnames.h | 4 ++-- progressmeter.c | 18 +++++++++--------- readconf.c | 6 +++--- readconf.h | 4 ++-- servconf.c | 4 ++-- session.c | 6 +++--- sftp-client.c | 8 ++++---- sftp.c | 8 ++++---- ssh-agent.1 | 4 ++-- ssh-keygen.c | 4 ++-- ssh.c | 10 +++++----- ssh1.h | 8 ++++---- sshd.c | 6 +++--- ttymodes.h | 18 +++++++++--------- 22 files changed, 128 insertions(+), 122 deletions(-) (limited to 'channels.c') diff --git a/ChangeLog b/ChangeLog index a36c1dd22..e09a0fc83 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,13 @@ ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces diff vs OpenBSD; ok mouring@, tested by tim@ too. + - (dtucker) OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2004/07/11 17:48:47 + [channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c + readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c + session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h + sshd.c ttymodes.h] + spaces 20040711 - (dtucker) [auth-pam.c] Check for zero from waitpid() too, which allows @@ -1509,4 +1516,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3474 2004/07/17 04:07:42 dtucker Exp $ +$Id: ChangeLog,v 1.3475 2004/07/17 06:12:08 dtucker Exp $ diff --git a/channels.c b/channels.c index a72d9b93d..cf46ce09f 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.207 2004/06/21 17:36:31 avsm Exp $"); +RCSID("$OpenBSD: channels.c,v 1.208 2004/07/11 17:48:47 deraadt Exp $"); #include "ssh.h" #include "ssh1.h" @@ -737,7 +737,7 @@ channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset) FD_SET(c->efd, readset); } /* XXX: What about efd? races? */ - if (compat20 && c->ctl_fd != -1 && + if (compat20 && c->ctl_fd != -1 && c->istate == CHAN_INPUT_OPEN && c->ostate == CHAN_OUTPUT_OPEN) FD_SET(c->ctl_fd, readset); } @@ -2277,7 +2277,7 @@ channel_cancel_rport_listener(const char *host, u_short port) if (c != NULL && c->type == SSH_CHANNEL_RPORT_LISTENER && strncmp(c->path, host, sizeof(c->path)) == 0 && - c->listening_port == port) { + c->listening_port == port) { debug2("%s: close clannel %d", __func__, i); channel_free(c); found = 1; @@ -2364,10 +2364,9 @@ channel_request_remote_forwarding(u_short listen_port, } /* - * Request cancellation of remote forwarding of connection host:port from + * Request cancellation of remote forwarding of connection host:port from * local side. */ - void channel_request_rforward_cancel(u_short port) { @@ -2378,7 +2377,7 @@ channel_request_rforward_cancel(u_short port) return; for (i = 0; i < num_permitted_opens; i++) { - if (permitted_opens[i].host_to_connect != NULL && + if (permitted_opens[i].host_to_connect != NULL && permitted_opens[i].listen_port == port) break; } diff --git a/cipher.c b/cipher.c index 64bd744b8..93f96be6d 100644 --- a/cipher.c +++ b/cipher.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.69 2004/06/21 17:36:31 avsm Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.70 2004/07/11 17:48:47 deraadt Exp $"); #include "xmalloc.h" #include "log.h" @@ -76,19 +76,19 @@ struct Cipher { u_int key_len; const EVP_CIPHER *(*evptype)(void); } ciphers[] = { - { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, - { "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, - { "3des", SSH_CIPHER_3DES, 8, 16, evp_ssh1_3des }, - { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, evp_ssh1_bf }, - - { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc }, - { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, - { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, - { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, + { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, + { "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, + { "3des", SSH_CIPHER_3DES, 8, 16, evp_ssh1_3des }, + { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, evp_ssh1_bf }, + + { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc }, + { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, + { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, + { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, #if OPENSSL_VERSION_NUMBER < 0x00907000L - { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, - { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, - { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, + { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, + { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, + { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, { "rijndael-cbc@lysator.liu.se", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, #else @@ -99,9 +99,9 @@ struct Cipher { SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, #endif #if OPENSSL_VERSION_NUMBER >= 0x00905000L - { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr }, - { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr }, - { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr }, + { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr }, + { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr }, + { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr }, #endif #if defined(EVP_CTRL_SET_ACSS_MODE) { "acss@openssh.org", SSH_CIPHER_SSH2, 16, 5, EVP_acss }, diff --git a/clientloop.c b/clientloop.c index 79aabbe06..def4d8a7b 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.128 2004/06/18 11:11:54 djm Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.129 2004/07/11 17:48:47 deraadt Exp $"); #include "ssh.h" #include "ssh1.h" @@ -402,7 +402,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, if (options.server_alive_interval == 0 || !compat20) tvp = NULL; - else { + else { tv.tv_sec = options.server_alive_interval; tv.tv_usec = 0; tvp = &tv; @@ -517,7 +517,7 @@ client_subsystem_reply(int type, u_int32_t seq, void *ctxt) { int id; Channel *c; - + id = packet_get_int(); packet_check_eom(); @@ -540,13 +540,13 @@ client_extra_session2_setup(int id, void *arg) struct confirm_ctx *cctx = arg; Channel *c; int i; - + if (cctx == NULL) fatal("%s: cctx == NULL", __func__); if ((c = channel_lookup(id)) == NULL) fatal("%s: no channel for id %d", __func__, id); - client_session2_setup(id, cctx->want_tty, cctx->want_subsys, + client_session2_setup(id, cctx->want_tty, cctx->want_subsys, cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env, client_subsystem_reply); @@ -557,7 +557,7 @@ client_extra_session2_setup(int id, void *arg) for (i = 0; cctx->env[i] != NULL; i++) xfree(cctx->env[i]); xfree(cctx->env); - } + } xfree(cctx); } @@ -614,7 +614,7 @@ client_process_control(fd_set * readset) * Accept empty responses and responses consisting * of the word "yes" as affirmative. */ - if (*p == '\0' || *p == '\n' || + if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0) allowed = 1; xfree(p); @@ -714,7 +714,7 @@ client_process_control(fd_set * readset) set_nonblock(client_fd); - c = channel_new("session", SSH_CHANNEL_OPENING, + c = channel_new("session", SSH_CHANNEL_OPENING, new_fd[0], new_fd[1], new_fd[2], CHAN_SES_WINDOW_DEFAULT, CHAN_SES_PACKET_DEFAULT, CHAN_EXTENDED_WRITE, "client-session", /*nonblock*/0); @@ -1673,7 +1673,7 @@ client_input_global_request(int type, u_int32_t seq, void *ctxt) } void -client_session2_setup(int id, int want_tty, int want_subsystem, +client_session2_setup(int id, int want_tty, int want_subsystem, const char *term, struct termios *tiop, int in_fd, Buffer *cmd, char **env, dispatch_fn *subsys_repl) { diff --git a/clientloop.h b/clientloop.h index c34d6674d..9992d5938 100644 --- a/clientloop.h +++ b/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.10 2004/06/17 14:52:48 djm Exp $ */ +/* $OpenBSD: clientloop.h,v 1.11 2004/07/11 17:48:47 deraadt Exp $ */ /* * Author: Tatu Ylonen @@ -38,5 +38,5 @@ /* Client side main loop for the interactive session. */ int client_loop(int, int, int); void client_global_request_reply_fwd(int, u_int32_t, void *); -void client_session2_setup(int, int, int, const char *, struct termios *, +void client_session2_setup(int, int, int, const char *, struct termios *, int, Buffer *, char **, dispatch_fn *); diff --git a/compat.h b/compat.h index efa0f081e..5efb5c29e 100644 --- a/compat.h +++ b/compat.h @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.h,v 1.37 2003/11/02 11:01:03 markus Exp $ */ +/* $OpenBSD: compat.h,v 1.38 2004/07/11 17:48:47 deraadt Exp $ */ /* * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. @@ -27,7 +27,7 @@ #ifndef COMPAT_H #define COMPAT_H -#define SSH_PROTO_UNKNOWN 0x00 +#define SSH_PROTO_UNKNOWN 0x00 #define SSH_PROTO_1 0x01 #define SSH_PROTO_1_PREFERRED 0x02 #define SSH_PROTO_2 0x04 diff --git a/moduli.c b/moduli.c index c8769c0aa..581b03503 100644 --- a/moduli.c +++ b/moduli.c @@ -1,4 +1,4 @@ -/* $OpenBSD: moduli.c,v 1.8 2004/05/21 08:43:03 markus Exp $ */ +/* $OpenBSD: moduli.c,v 1.9 2004/07/11 17:48:47 deraadt Exp $ */ /* * Copyright 1994 Phil Karn * Copyright 1996-1998, 2003 William Allen Simpson @@ -48,68 +48,68 @@ */ /* need line long enough for largest moduli plus headers */ -#define QLINESIZE (100+8192) +#define QLINESIZE (100+8192) /* Type: decimal. * Specifies the internal structure of the prime modulus. */ -#define QTYPE_UNKNOWN (0) -#define QTYPE_UNSTRUCTURED (1) -#define QTYPE_SAFE (2) -#define QTYPE_SCHNOOR (3) -#define QTYPE_SOPHIE_GERMAIN (4) -#define QTYPE_STRONG (5) +#define QTYPE_UNKNOWN (0) +#define QTYPE_UNSTRUCTURED (1) +#define QTYPE_SAFE (2) +#define QTYPE_SCHNOOR (3) +#define QTYPE_SOPHIE_GERMAIN (4) +#define QTYPE_STRONG (5) /* Tests: decimal (bit field). * Specifies the methods used in checking for primality. * Usually, more than one test is used. */ -#define QTEST_UNTESTED (0x00) -#define QTEST_COMPOSITE (0x01) -#define QTEST_SIEVE (0x02) -#define QTEST_MILLER_RABIN (0x04) -#define QTEST_JACOBI (0x08) -#define QTEST_ELLIPTIC (0x10) +#define QTEST_UNTESTED (0x00) +#define QTEST_COMPOSITE (0x01) +#define QTEST_SIEVE (0x02) +#define QTEST_MILLER_RABIN (0x04) +#define QTEST_JACOBI (0x08) +#define QTEST_ELLIPTIC (0x10) /* * Size: decimal. * Specifies the number of the most significant bit (0 to M). * WARNING: internally, usually 1 to N. */ -#define QSIZE_MINIMUM (511) +#define QSIZE_MINIMUM (511) /* * Prime sieving defines */ /* Constant: assuming 8 bit bytes and 32 bit words */ -#define SHIFT_BIT (3) -#define SHIFT_BYTE (2) -#define SHIFT_WORD (SHIFT_BIT+SHIFT_BYTE) -#define SHIFT_MEGABYTE (20) -#define SHIFT_MEGAWORD (SHIFT_MEGABYTE-SHIFT_BYTE) +#define SHIFT_BIT (3) +#define SHIFT_BYTE (2) +#define SHIFT_WORD (SHIFT_BIT+SHIFT_BYTE) +#define SHIFT_MEGABYTE (20) +#define SHIFT_MEGAWORD (SHIFT_MEGABYTE-SHIFT_BYTE) /* * Using virtual memory can cause thrashing. This should be the largest * number that is supported without a large amount of disk activity -- * that would increase the run time from hours to days or weeks! */ -#define LARGE_MINIMUM (8UL) /* megabytes */ +#define LARGE_MINIMUM (8UL) /* megabytes */ /* * Do not increase this number beyond the unsigned integer bit size. * Due to a multiple of 4, it must be LESS than 128 (yielding 2**30 bits). */ -#define LARGE_MAXIMUM (127UL) /* megabytes */ +#define LARGE_MAXIMUM (127UL) /* megabytes */ /* * Constant: when used with 32-bit integers, the largest sieve prime * has to be less than 2**32. */ -#define SMALL_MAXIMUM (0xffffffffUL) +#define SMALL_MAXIMUM (0xffffffffUL) /* Constant: can sieve all primes less than 2**32, as 65537**2 > 2**32-1. */ -#define TINY_NUMBER (1UL<<16) +#define TINY_NUMBER (1UL<<16) /* Ensure enough bit space for testing 2*q. */ #define TEST_MAXIMUM (1UL<<16) diff --git a/nchan.c b/nchan.c index ecf59c5db..aee3f37b0 100644 --- a/nchan.c +++ b/nchan.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: nchan.c,v 1.50 2004/06/21 17:36:31 avsm Exp $"); +RCSID("$OpenBSD: nchan.c,v 1.51 2004/07/11 17:48:47 deraadt Exp $"); #include "ssh1.h" #include "ssh2.h" @@ -42,15 +42,15 @@ RCSID("$OpenBSD: nchan.c,v 1.50 2004/06/21 17:36:31 avsm Exp $"); * tear down of channels: * * 1.3: strict request-ack-protocol: - * CLOSE -> - * <- CLOSE_CONFIRM + * CLOSE -> + * <- CLOSE_CONFIRM * * 1.5: uses variations of: - * IEOF -> - * <- OCLOSE - * <- IEOF - * OCLOSE -> - * i.e. both sides have to close the channel + * IEOF -> + * <- OCLOSE + * <- IEOF + * OCLOSE -> + * i.e. both sides have to close the channel * * 2.0: the EOF messages are optional * diff --git a/pathnames.h b/pathnames.h index 53208cf58..cf42625a4 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.14 2004/01/30 09:48:57 markus Exp $ */ +/* $OpenBSD: pathnames.h,v 1.15 2004/07/11 17:48:47 deraadt Exp $ */ /* * Author: Tatu Ylonen @@ -122,7 +122,7 @@ /* Location of ssh-keysign for hostbased authentication */ #ifndef _PATH_SSH_KEY_SIGN -#define _PATH_SSH_KEY_SIGN "/usr/libexec/ssh-keysign" +#define _PATH_SSH_KEY_SIGN "/usr/libexec/ssh-keysign" #endif /* xauth for X11 forwarding */ diff --git a/progressmeter.c b/progressmeter.c index 629a536b2..93f5a3e62 100644 --- a/progressmeter.c +++ b/progressmeter.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: progressmeter.c,v 1.21 2004/06/21 17:36:31 avsm Exp $"); +RCSID("$OpenBSD: progressmeter.c,v 1.22 2004/07/11 17:48:47 deraadt Exp $"); #include "progressmeter.h" #include "atomicio.h" @@ -48,15 +48,15 @@ void refresh_progress_meter(void); /* signal handler for updating the progress meter */ static void update_progress_meter(int); -static time_t start; /* start progress */ -static time_t last_update; /* last progress update */ -static char *file; /* name of the file being transferred */ -static off_t end_pos; /* ending position of transfer */ -static off_t cur_pos; /* transfer position as of last refresh */ +static time_t start; /* start progress */ +static time_t last_update; /* last progress update */ +static char *file; /* name of the file being transferred */ +static off_t end_pos; /* ending position of transfer */ +static off_t cur_pos; /* transfer position as of last refresh */ static volatile off_t *counter; /* progress counter */ -static long stalled; /* how long we have been stalled */ -static int bytes_per_second; /* current speed in bytes per second */ -static int win_size; /* terminal window size */ +static long stalled; /* how long we have been stalled */ +static int bytes_per_second; /* current speed in bytes per second */ +static int win_size; /* terminal window size */ /* units for format_size */ static const char unit[] = " KMGT"; diff --git a/readconf.c b/readconf.c index 429f69129..a4fe1fe02 100644 --- a/readconf.c +++ b/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.133 2004/06/17 15:10:14 djm Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.134 2004/07/11 17:48:47 deraadt Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -804,7 +804,7 @@ parse_int: */ int -read_config_file(const char *filename, const char *host, Options *options, +read_config_file(const char *filename, const char *host, Options *options, int checkperm) { FILE *f; @@ -818,7 +818,7 @@ read_config_file(const char *filename, const char *host, Options *options, if (checkperm) { struct stat sb; - + if (fstat(fileno(f), &sb) == -1) fatal("fstat %s: %s", filename, strerror(errno)); if (((sb.st_uid != 0 && sb.st_uid != getuid()) || diff --git a/readconf.h b/readconf.h index 5e504bece..ded422585 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.63 2004/06/13 15:03:02 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.64 2004/07/11 17:48:47 deraadt Exp $ */ /* * Author: Tatu Ylonen @@ -103,7 +103,7 @@ typedef struct { int rekey_limit; int no_host_authentication_for_localhost; int identities_only; - int server_alive_interval; + int server_alive_interval; int server_alive_count_max; int num_send_env; diff --git a/servconf.c b/servconf.c index ea67f6288..02fae0fbe 100644 --- a/servconf.c +++ b/servconf.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.134 2004/06/24 19:30:54 djm Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.135 2004/07/11 17:48:47 deraadt Exp $"); #include "ssh.h" #include "log.h" @@ -956,7 +956,7 @@ load_server_config(const char *filename, Buffer *conf) while (fgets(line, sizeof(line), f)) { /* * Trim out comments and strip whitespace - * NB - preserve newlines, they are needed to reproduce + * NB - preserve newlines, they are needed to reproduce * line numbers later for error messages */ if ((cp = strchr(line, '#')) != NULL) diff --git a/session.c b/session.c index a3a7ee784..7c8fe5faf 100644 --- a/session.c +++ b/session.c @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.177 2004/06/30 08:36:59 djm Exp $"); +RCSID("$OpenBSD: session.c,v 1.178 2004/07/11 17:48:47 deraadt Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1001,7 +1001,7 @@ do_setup_env(Session *s, const char *shell) if (!options.use_login) { /* Set basic environment. */ for (i = 0; i < s->num_env; i++) - child_set_env(&env, &envsize, s->env[i].name, + child_set_env(&env, &envsize, s->env[i].name, s->env[i].val); child_set_env(&env, &envsize, "USER", pw->pw_name); @@ -1320,7 +1320,7 @@ do_pwchange(Session *s) { fprintf(stderr, "WARNING: Your password has expired.\n"); if (s->ttyfd != -1) { - fprintf(stderr, + fprintf(stderr, "You must change your password now and login again!\n"); execl(_PATH_PASSWD_PROG, "passwd", (char *)NULL); perror("passwd"); diff --git a/sftp-client.c b/sftp-client.c index 88276cd4a..0ffacbccc 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -20,7 +20,7 @@ /* XXX: copy between two remote sites */ #include "includes.h" -RCSID("$OpenBSD: sftp-client.c,v 1.50 2004/06/03 12:22:20 pedro Exp $"); +RCSID("$OpenBSD: sftp-client.c,v 1.51 2004/07/11 17:48:47 deraadt Exp $"); #include "openbsd-compat/sys-queue.h" @@ -821,7 +821,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, u_int len; /* - * Simulate EOF on interrupt: stop sending new requests and + * Simulate EOF on interrupt: stop sending new requests and * allow outstanding requests to drain gracefully */ if (interrupted) { @@ -1053,9 +1053,9 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, int len; /* - * Can't use atomicio here because it returns 0 on EOF, + * Can't use atomicio here because it returns 0 on EOF, * thus losing the last block of the file. - * Simulate an EOF on interrupt, allowing ACKs from the + * Simulate an EOF on interrupt, allowing ACKs from the * server to drain. */ if (interrupted) diff --git a/sftp.c b/sftp.c index 4002304ec..f01c9194c 100644 --- a/sftp.c +++ b/sftp.c @@ -16,7 +16,7 @@ #include "includes.h" -RCSID("$OpenBSD: sftp.c,v 1.55 2004/06/25 23:21:38 djm Exp $"); +RCSID("$OpenBSD: sftp.c,v 1.56 2004/07/11 17:48:47 deraadt Exp $"); #include "buffer.h" #include "xmalloc.h" @@ -1328,8 +1328,8 @@ connect_to_server(char *path, char **args, int *in, int *out) /* * The underlying ssh is in the same process group, so we must - * ignore SIGINT if we want to gracefully abort commands, - * otherwise the signal will make it to the ssh process and + * ignore SIGINT if we want to gracefully abort commands, + * otherwise the signal will make it to the ssh process and * kill it too */ signal(SIGINT, SIG_IGN); @@ -1415,7 +1415,7 @@ main(int argc, char **argv) fatal("Batch file already specified."); /* Allow "-" as stdin */ - if (strcmp(optarg, "-") != 0 && + if (strcmp(optarg, "-") != 0 && (infile = fopen(optarg, "r")) == NULL) fatal("%s (%s).", strerror(errno), optarg); showprogress = 0; diff --git a/ssh-agent.1 b/ssh-agent.1 index cfefd34e9..226804e5f 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.40 2004/05/13 02:47:50 dtucker Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.41 2004/07/11 17:48:47 deraadt Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -148,7 +148,7 @@ for Bourne-type shells such as or .Xr ksh 1 and -.Cm eval `ssh-agent -c` +.Cm eval `ssh-agent -c` for .Xr csh 1 and derivatives. diff --git a/ssh-keygen.c b/ssh-keygen.c index e8e579b5d..d39e7d881 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.116 2004/06/21 17:36:31 avsm Exp $"); +RCSID("$OpenBSD: ssh-keygen.c,v 1.117 2004/07/11 17:48:47 deraadt Exp $"); #include #include @@ -895,7 +895,7 @@ main(int ac, char **av) if (log_level == SYSLOG_LEVEL_INFO) log_level = SYSLOG_LEVEL_DEBUG1; else { - if (log_level >= SYSLOG_LEVEL_DEBUG1 && + if (log_level >= SYSLOG_LEVEL_DEBUG1 && log_level < SYSLOG_LEVEL_DEBUG3) log_level++; } diff --git a/ssh.c b/ssh.c index f0c284df0..6dff591f1 100644 --- a/ssh.c +++ b/ssh.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.222 2004/06/23 14:31:01 dtucker Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.223 2004/07/11 17:48:47 deraadt Exp $"); #include #include @@ -551,7 +551,7 @@ again: (void)read_config_file(buf, host, &options, 1); /* Read systemwide configuration file after use config. */ - (void)read_config_file(_PATH_HOST_CONFIG_FILE, host, + (void)read_config_file(_PATH_HOST_CONFIG_FILE, host, &options, 0); } @@ -1250,7 +1250,7 @@ control_client(const char *path) Buffer m; char *cp; extern char **environ; - + memset(&addr, '\0', sizeof(addr)); addr.sun_family = AF_UNIX; addr_len = offsetof(struct sockaddr_un, sun_path) + @@ -1291,13 +1291,13 @@ control_client(const char *path) if (options.num_send_env == 0 || environ == NULL) { buffer_put_int(&m, 0); - } else { + } else { /* Pass environment */ num_env = 0; for (i = 0; environ[i] != NULL; i++) if (env_permitted(environ[i])) num_env++; /* Count */ - + buffer_put_int(&m, num_env); for (i = 0; environ[i] != NULL && num_env >= 0; i++) diff --git a/ssh1.h b/ssh1.h index 98d1dc930..cc7fbc8b0 100644 --- a/ssh1.h +++ b/ssh1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh1.h,v 1.3 2001/05/30 12:55:13 markus Exp $ */ +/* $OpenBSD: ssh1.h,v 1.4 2004/07/11 17:48:47 deraadt Exp $ */ /* * Author: Tatu Ylonen @@ -29,8 +29,8 @@ #define SSH_SMSG_AUTH_RSA_CHALLENGE 7 /* int (BIGNUM) */ #define SSH_CMSG_AUTH_RSA_RESPONSE 8 /* int (BIGNUM) */ #define SSH_CMSG_AUTH_PASSWORD 9 /* pass (string) */ -#define SSH_CMSG_REQUEST_PTY 10 /* TERM, tty modes */ -#define SSH_CMSG_WINDOW_SIZE 11 /* row,col,xpix,ypix */ +#define SSH_CMSG_REQUEST_PTY 10 /* TERM, tty modes */ +#define SSH_CMSG_WINDOW_SIZE 11 /* row,col,xpix,ypix */ #define SSH_CMSG_EXEC_SHELL 12 /* */ #define SSH_CMSG_EXEC_CMD 13 /* cmd (string) */ #define SSH_SMSG_SUCCESS 14 /* */ @@ -45,7 +45,7 @@ #define SSH_MSG_CHANNEL_DATA 23 /* ch,data (int,str) */ #define SSH_MSG_CHANNEL_CLOSE 24 /* channel (int) */ #define SSH_MSG_CHANNEL_CLOSE_CONFIRMATION 25 /* channel (int) */ -/* SSH_CMSG_X11_REQUEST_FORWARDING 26 OBSOLETE */ +/* SSH_CMSG_X11_REQUEST_FORWARDING 26 OBSOLETE */ #define SSH_SMSG_X11_OPEN 27 /* channel (int) */ #define SSH_CMSG_PORT_FORWARD_REQUEST 28 /* p,host,hp (i,s,i) */ #define SSH_MSG_PORT_OPEN 29 /* ch,h,p (i,s,i) */ diff --git a/sshd.c b/sshd.c index 6df8f252a..ac62cb506 100644 --- a/sshd.c +++ b/sshd.c @@ -42,7 +42,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.297 2004/06/26 20:07:16 avsm Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.298 2004/07/11 17:48:47 deraadt Exp $"); #include #include @@ -803,7 +803,7 @@ send_rexec_state(int fd, Buffer *conf) buffer_init(&m); buffer_put_cstring(&m, buffer_ptr(conf)); - if (sensitive_data.server_key != NULL && + if (sensitive_data.server_key != NULL && sensitive_data.server_key->type == KEY_RSA1) { buffer_put_int(&m, 1); buffer_put_bignum(&m, sensitive_data.server_key->rsa->e); @@ -1896,7 +1896,7 @@ do_ssh1_kex(void) session_key + sizeof(session_key) - len); derive_ssh1_session_id( - sensitive_data.ssh1_host_key->rsa->n, + sensitive_data.ssh1_host_key->rsa->n, sensitive_data.server_key->rsa->n, cookie, session_id); /* diff --git a/ttymodes.h b/ttymodes.h index 7de4b8362..481282cd7 100644 --- a/ttymodes.h +++ b/ttymodes.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ttymodes.h,v 1.12 2002/03/04 17:27:39 stevesk Exp $ */ +/* $OpenBSD: ttymodes.h,v 1.13 2004/07/11 17:48:47 deraadt Exp $ */ /* * Author: Tatu Ylonen @@ -113,17 +113,17 @@ TTYCHAR(VDISCARD, 18) /* name, field, op */ TTYMODE(IGNPAR, c_iflag, 30) TTYMODE(PARMRK, c_iflag, 31) -TTYMODE(INPCK, c_iflag, 32) +TTYMODE(INPCK, c_iflag, 32) TTYMODE(ISTRIP, c_iflag, 33) -TTYMODE(INLCR, c_iflag, 34) -TTYMODE(IGNCR, c_iflag, 35) -TTYMODE(ICRNL, c_iflag, 36) +TTYMODE(INLCR, c_iflag, 34) +TTYMODE(IGNCR, c_iflag, 35) +TTYMODE(ICRNL, c_iflag, 36) #if defined(IUCLC) -TTYMODE(IUCLC, c_iflag, 37) +TTYMODE(IUCLC, c_iflag, 37) #endif -TTYMODE(IXON, c_iflag, 38) -TTYMODE(IXANY, c_iflag, 39) -TTYMODE(IXOFF, c_iflag, 40) +TTYMODE(IXON, c_iflag, 38) +TTYMODE(IXANY, c_iflag, 39) +TTYMODE(IXOFF, c_iflag, 40) #ifdef IMAXBEL TTYMODE(IMAXBEL,c_iflag, 41) #endif /* IMAXBEL */ -- cgit v1.2.3 From c7a6fc41bfdcd73469b153437a8e75e0b1057894 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 13 Aug 2004 21:18:00 +1000 Subject: - avsm@cvs.openbsd.org 2004/08/11 21:43:05 [channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c] some signed/unsigned int comparison cleanups; markus@ ok --- ChangeLog | 6 +++++- channels.c | 47 ++++++++++++++++++++++++----------------------- channels.h | 4 ++-- clientloop.c | 7 ++++--- misc.c | 4 ++-- misc.h | 6 +++--- serverloop.c | 7 ++++--- ssh-agent.c | 7 ++++--- 8 files changed, 48 insertions(+), 40 deletions(-) (limited to 'channels.c') diff --git a/ChangeLog b/ChangeLog index fe0ff0099..6c5722e4d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,10 @@ 20040813 - (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at redhat.com +- (dtucker) OpenBSD CVS Sync + - avsm@cvs.openbsd.org 2004/08/11 21:43:05 + [channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c] + some signed/unsigned int comparison cleanups; markus@ ok 20040812 - (dtucker) [sshd.c] Remove duplicate variable imported during sync. @@ -1598,4 +1602,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3498 2004/08/13 08:37:21 dtucker Exp $ +$Id: ChangeLog,v 1.3499 2004/08/13 11:18:00 dtucker Exp $ diff --git a/channels.c b/channels.c index cf46ce09f..1f6984aa7 100644 --- a/channels.c +++ b/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.208 2004/07/11 17:48:47 deraadt Exp $"); +RCSID("$OpenBSD: channels.c,v 1.209 2004/08/11 21:43:04 avsm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -68,7 +68,7 @@ static Channel **channels = NULL; * Size of the channel array. All slots of the array must always be * initialized (at least the type field); unused slots set to NULL */ -static int channels_alloc = 0; +static u_int channels_alloc = 0; /* * Maximum file descriptor value used in any of the channels. This is @@ -141,7 +141,7 @@ channel_lookup(int id) { Channel *c; - if (id < 0 || id >= channels_alloc) { + if (id < 0 || (u_int)id >= channels_alloc) { logit("channel_lookup: %d: bad id", id); return NULL; } @@ -209,7 +209,8 @@ Channel * channel_new(char *ctype, int type, int rfd, int wfd, int efd, u_int window, u_int maxpack, int extusage, char *remote_name, int nonblock) { - int i, found; + int found; + u_int i; Channel *c; /* Do initial allocation if this is the first call. */ @@ -223,10 +224,10 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, for (found = -1, i = 0; i < channels_alloc; i++) if (channels[i] == NULL) { /* Found a free slot. */ - found = i; + found = (int)i; break; } - if (found == -1) { + if (found < 0) { /* There are no free slots. Take last+1 slot and expand the array. */ found = channels_alloc; if (channels_alloc > 10000) @@ -273,7 +274,8 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, static int channel_find_maxfd(void) { - int i, max = 0; + u_int i; + int max = 0; Channel *c; for (i = 0; i < channels_alloc; i++) { @@ -322,12 +324,12 @@ void channel_free(Channel *c) { char *s; - int i, n; + u_int i, n; for (n = 0, i = 0; i < channels_alloc; i++) if (channels[i]) n++; - debug("channel %d: free: %s, nchannels %d", c->self, + debug("channel %d: free: %s, nchannels %u", c->self, c->remote_name ? c->remote_name : "???", n); s = channel_open_message(); @@ -353,7 +355,7 @@ channel_free(Channel *c) void channel_free_all(void) { - int i; + u_int i; for (i = 0; i < channels_alloc; i++) if (channels[i] != NULL) @@ -368,7 +370,7 @@ channel_free_all(void) void channel_close_all(void) { - int i; + u_int i; for (i = 0; i < channels_alloc; i++) if (channels[i] != NULL) @@ -382,7 +384,7 @@ channel_close_all(void) void channel_stop_listening(void) { - int i; + u_int i; Channel *c; for (i = 0; i < channels_alloc; i++) { @@ -439,7 +441,7 @@ channel_not_very_much_buffered_data(void) int channel_still_open(void) { - int i; + u_int i; Channel *c; for (i = 0; i < channels_alloc; i++) { @@ -482,7 +484,7 @@ channel_still_open(void) int channel_find_open(void) { - int i; + u_int i; Channel *c; for (i = 0; i < channels_alloc; i++) { @@ -530,7 +532,7 @@ channel_open_message(void) Buffer buffer; Channel *c; char buf[1024], *cp; - int i; + u_int i; buffer_init(&buffer); snprintf(buf, sizeof buf, "The following connections are open:\r\n"); @@ -1674,7 +1676,7 @@ static void channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset) { static int did_init = 0; - int i; + u_int i; Channel *c; if (!did_init) { @@ -1697,10 +1699,9 @@ channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset) */ void channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, - int *nallocp, int rekeying) + u_int *nallocp, int rekeying) { - int n; - u_int sz; + u_int n, sz; n = MAX(*maxfdp, channel_max_fd); @@ -1736,8 +1737,7 @@ void channel_output_poll(void) { Channel *c; - int i; - u_int len; + u_int i, len; for (i = 0; i < channels_alloc; i++) { c = channels[i]; @@ -2270,7 +2270,8 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por int channel_cancel_rport_listener(const char *host, u_short port) { - int i, found = 0; + u_int i; + int found = 0; for(i = 0; i < channels_alloc; i++) { Channel *c = channels[i]; @@ -2572,7 +2573,7 @@ channel_connect_to(const char *host, u_short port) void channel_send_window_changes(void) { - int i; + u_int i; struct winsize ws; for (i = 0; i < channels_alloc; i++) { diff --git a/channels.h b/channels.h index 41f3cedd3..f8dc8249c 100644 --- a/channels.h +++ b/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.73 2004/06/13 15:03:02 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.74 2004/08/11 21:43:04 avsm Exp $ */ /* * Author: Tatu Ylonen @@ -184,7 +184,7 @@ void channel_input_window_adjust(int, u_int32_t, void *); /* file descriptor handling (read/write) */ -void channel_prepare_select(fd_set **, fd_set **, int *, int*, int); +void channel_prepare_select(fd_set **, fd_set **, int *, u_int*, int); void channel_after_select(fd_set *, fd_set *); void channel_output_poll(void); diff --git a/clientloop.c b/clientloop.c index def4d8a7b..0b9a0fb29 100644 --- a/clientloop.c +++ b/clientloop.c @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.129 2004/07/11 17:48:47 deraadt Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.130 2004/08/11 21:43:04 avsm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -348,7 +348,7 @@ server_alive_check(void) */ static void client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, - int *maxfdp, int *nallocp, int rekeying) + int *maxfdp, u_int *nallocp, int rekeying) { struct timeval tv, *tvp; int ret; @@ -1147,7 +1147,8 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) { fd_set *readset = NULL, *writeset = NULL; double start_time, total_time; - int max_fd = 0, max_fd2 = 0, len, rekeying = 0, nalloc = 0; + int max_fd = 0, max_fd2 = 0, len, rekeying = 0; + u_int nalloc = 0; char buf[100]; debug("Entering interactive session."); diff --git a/misc.c b/misc.c index 1c43bc007..8cb411ccc 100644 --- a/misc.c +++ b/misc.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.24 2004/06/14 01:44:39 djm Exp $"); +RCSID("$OpenBSD: misc.c,v 1.25 2004/08/11 21:43:05 avsm Exp $"); #include "misc.h" #include "log.h" @@ -314,7 +314,7 @@ addargs(arglist *args, char *fmt, ...) { va_list ap; char buf[1024]; - int nalloc; + u_int nalloc; va_start(ap, fmt); vsnprintf(buf, sizeof(buf), fmt, ap); diff --git a/misc.h b/misc.h index ffa8d8f27..ec47a611d 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.16 2004/06/17 15:10:14 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.17 2004/08/11 21:43:05 avsm Exp $ */ /* * Author: Tatu Ylonen @@ -29,8 +29,8 @@ struct passwd *pwcopy(struct passwd *); typedef struct arglist arglist; struct arglist { char **list; - int num; - int nalloc; + u_int num; + u_int nalloc; }; void addargs(arglist *, char *, ...) __attribute__((format(printf, 2, 3))); diff --git a/serverloop.c b/serverloop.c index 8d2642d5b..eee1e7959 100644 --- a/serverloop.c +++ b/serverloop.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.116 2004/05/21 11:33:11 djm Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.117 2004/08/11 21:43:05 avsm Exp $"); #include "xmalloc.h" #include "packet.h" @@ -240,7 +240,7 @@ client_alive_check(void) */ static void wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, - int *nallocp, u_int max_time_milliseconds) + u_int *nallocp, u_int max_time_milliseconds) { struct timeval tv, *tvp; int ret; @@ -486,7 +486,8 @@ void server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) { fd_set *readset = NULL, *writeset = NULL; - int max_fd = 0, nalloc = 0; + int max_fd = 0; + u_int nalloc = 0; int wait_status; /* Status returned by wait(). */ pid_t wait_pid; /* pid returned by wait(). */ int waiting_termination = 0; /* Have displayed waiting close message. */ diff --git a/ssh-agent.c b/ssh-agent.c index 54ab4d7a2..bc4d8d33a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include "openbsd-compat/sys-queue.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.119 2004/06/14 01:44:39 djm Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.120 2004/08/11 21:43:05 avsm Exp $"); #include #include @@ -816,7 +816,7 @@ new_socket(sock_type type, int fd) } static int -prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, int *nallocp) +prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp) { u_int i, sz; int n = 0; @@ -1002,7 +1002,8 @@ int main(int ac, char **av) { int c_flag = 0, d_flag = 0, k_flag = 0, s_flag = 0; - int sock, fd, ch, nalloc; + int sock, fd, ch; + u_int nalloc; char *shell, *format, *pidstr, *agentsocket = NULL; fd_set *readsetp = NULL, *writesetp = NULL; struct sockaddr_un sunaddr; -- cgit v1.2.3