tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- OpenBSD CVS updates. 

[ssh.1 ssh.c]
   - ssh -2
   [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
   [session.c sshconnect.c]
   - check payload for (illegal) extra data
   [ALL]
   - whitespace cleanup
This commit is contained in:
Damien Miller 2000-04-16 11:18:38 +10:00
parent 5d1705ecf9
commit 4af51306d9
67 changed files with 779 additions and 646 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ChangeLog
View File

@ -1,7 +1,17 @@
20000415
- OpenBSD CVS updates.
[ssh.1 ssh.c]
- ssh -2
[auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
[session.c sshconnect.c]
- check payload for (illegal) extra data
[ALL]
whitespace cleanup
20000413
- INSTALL doc updates
- Merged OpenBSD updates to include paths.
20000412
- OpenBSD CVS updates:
- [channels.c]

10
auth-krb4.c
View File

@ -19,7 +19,7 @@ extern ServerOptions options;
* return 1 on success, 0 on failure, -1 if krb4 is not available
*/
int
int
auth_krb4_password(struct passwd * pw, const char *password)
{
AUTH_DAT adata;
@ -135,7 +135,7 @@ krb4_cleanup_proc(void *ignore)
}
}
int
int
krb4_init(uid_t uid)
{
static int cleanup_registered = 0;
@ -179,7 +179,7 @@ krb4_init(uid_t uid)
return 0;
}
int
int
auth_krb4(const char *server_user, KTEXT auth, char **client)
{
AUTH_DAT adat = {0};
@ -252,7 +252,7 @@ auth_krb4(const char *server_user, KTEXT auth, char **client)
#endif /* KRB4 */
#ifdef AFS
int
int
auth_kerberos_tgt(struct passwd *pw, const char *string)
{
CREDENTIALS creds;
@ -307,7 +307,7 @@ auth_kerberos_tgt_failure:
return 0;
}
int
int
auth_afs_token(struct passwd *pw, const char *token_string)
{
CREDENTIALS creds;

4
auth-passwd.c
View File

@ -11,7 +11,7 @@
#ifndef USE_PAM
RCSID("$Id: auth-passwd.c,v 1.16 2000/01/22 23:32:03 damien Exp $");
RCSID("$Id: auth-passwd.c,v 1.17 2000/04/16 01:18:39 damien Exp $");
#include "packet.h"
#include "ssh.h"
@ -33,7 +33,7 @@ RCSID("$Id: auth-passwd.c,v 1.16 2000/01/22 23:32:03 damien Exp $");
* Tries to authenticate the user using password. Returns true if
* authentication succeeds.
*/
int
int
auth_password(struct passwd * pw, const char *password)
{
extern ServerOptions options;

14
auth-rh-rsa.c
View File

@ -1,21 +1,21 @@
/*
*
*
* auth-rh-rsa.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sun May 7 03:08:06 1995 ylo
*
*
* Rhosts or /etc/hosts.equiv authentication combined with RSA host
* authentication.
*
*/
#include "includes.h"
RCSID("$Id: auth-rh-rsa.c,v 1.9 2000/04/13 02:26:35 damien Exp $");
RCSID("$Id: auth-rh-rsa.c,v 1.10 2000/04/16 01:18:39 damien Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>
@ -42,7 +42,7 @@ RCSID("$Id: auth-rh-rsa.c,v 1.9 2000/04/13 02:26:35 damien Exp $");
* its host key. Returns true if authentication succeeds.
*/
int
int
auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key)
{
extern ServerOptions options;

18
auth-rhosts.c
View File

@ -1,22 +1,22 @@
/*
*
*
* auth-rhosts.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Fri Mar 17 05:12:18 1995 ylo
*
*
* Rhosts authentication. This file contains code to check whether to admit
* the login based on rhosts authentication. This file also processes
* /etc/hosts.equiv.
*
*
*/
#include "includes.h"
RCSID("$Id: auth-rhosts.c,v 1.7 1999/12/27 12:54:55 damien Exp $");
RCSID("$Id: auth-rhosts.c,v 1.8 2000/04/16 01:18:39 damien Exp $");
#include "packet.h"
#include "ssh.h"
@ -30,7 +30,7 @@ RCSID("$Id: auth-rhosts.c,v 1.7 1999/12/27 12:54:55 damien Exp $");
* based on the file, and returns zero otherwise.
*/
int
int
check_rhosts_file(const char *filename, const char *hostname,
const char *ipaddr, const char *client_user,
const char *server_user)
@ -146,7 +146,7 @@ check_rhosts_file(const char *filename, const char *hostname,
* /etc/hosts.equiv will be considered (.rhosts and .shosts are ignored).
*/
int
int
auth_rhosts(struct passwd *pw, const char *client_user)
{
extern ServerOptions options;

16
auth-rsa.c
View File

@ -1,22 +1,22 @@
/*
*
*
* auth-rsa.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Mon Mar 27 01:46:52 1995 ylo
*
*
* RSA-based authentication. This code determines whether to admit a login
* based on RSA authentication. This file also contains functions to check
* validity of the host key.
*
*
*/
#include "includes.h"
RCSID("$Id: auth-rsa.c,v 1.15 2000/04/13 02:26:35 damien Exp $");
RCSID("$Id: auth-rsa.c,v 1.16 2000/04/16 01:18:39 damien Exp $");
#include "rsa.h"
#include "packet.h"
@ -244,7 +244,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
debug("%.100s, line %lu: bad key syntax",
SSH_USER_PERMITTED_KEYS, linenum);
packet_send_debug("%.100s, line %lu: bad key syntax",
SSH_USER_PERMITTED_KEYS, linenum);
SSH_USER_PERMITTED_KEYS, linenum);
continue;
}
/* cp now points to the comment part. */

18
auth-skey.c
View File

@ -1,7 +1,7 @@
#include "includes.h"
#ifdef SKEY
RCSID("$Id: auth-skey.c,v 1.5 1999/12/06 19:04:57 deraadt Exp $");
RCSID("$Id: auth-skey.c,v 1.6 2000/04/14 10:30:29 markus Exp $");
#include "ssh.h"
#include "packet.h"
@ -15,12 +15,12 @@ RCSID("$Id: auth-skey.c,v 1.5 1999/12/06 19:04:57 deraadt Exp $");
/* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
/*
/*
* try skey authentication,
* return 1 on success, 0 on failure, -1 if skey is not available
* return 1 on success, 0 on failure, -1 if skey is not available
*/
int
int
auth_skey_password(struct passwd * pw, const char *password)
{
if (strncasecmp(password, "s/key", 5) == 0) {
@ -53,18 +53,18 @@ auth_skey_password(struct passwd * pw, const char *password)
*/
static u_int32_t
hash_collapse(s)
u_char *s;
u_char *s;
{
int len, target;
int len, target;
u_int32_t i;
if ((strlen(s) % sizeof(u_int32_t)) == 0)
target = strlen(s); /* Multiple of 4 */
target = strlen(s); /* Multiple of 4 */
else
target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
for (i = 0, len = 0; len < target; len += 4)
i ^= ROUND(s + len);
i ^= ROUND(s + len);
return i;
}

62
auth.c
View File

@ -5,7 +5,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth.c,v 1.2 2000/04/06 08:55:22 markus Exp $");
RCSID("$OpenBSD: auth.c,v 1.4 2000/04/14 10:30:29 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@ -36,9 +36,9 @@ extern char *forced_command;
* DenyUsers or user's primary group is listed in DenyGroups, false will
* be returned. If AllowUsers isn't empty and user isn't listed there, or
* if AllowGroups isn't empty and user isn't listed there, false will be
* returned.
* returned.
* If the user's shell is not executable, false will be returned.
* Otherwise true is returned.
* Otherwise true is returned.
*/
static int
allowed_user(struct passwd * pw)
@ -201,10 +201,10 @@ do_fake_authloop1(char *user)
packet_write_wait();
continue;
} else if (type == SSH_CMSG_AUTH_PASSWORD &&
options.password_authentication &&
(password = packet_get_string(&dlen)) != NULL &&
dlen == 5 &&
strncasecmp(password, "s/key", 5) == 0 ) {
options.password_authentication &&
(password = packet_get_string(&dlen)) != NULL &&
dlen == 5 &&
strncasecmp(password, "s/key", 5) == 0 ) {
packet_send_debug(skeyinfo);
}
if (password != NULL)
@ -457,20 +457,20 @@ do_authloop(struct passwd * pw)
break;
}
/*
* Check if the user is logging in as root and root logins
* are disallowed.
* Note that root login is allowed for forced commands.
*/
if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
if (forced_command) {
log("Root login accepted for forced command.");
} else {
authenticated = 0;
log("ROOT LOGIN REFUSED FROM %.200s",
get_canonical_hostname());
}
}
/*
* Check if the user is logging in as root and root logins
* are disallowed.
* Note that root login is allowed for forced commands.
*/
if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
if (forced_command) {
log("Root login accepted for forced command.");
} else {
authenticated = 0;
log("ROOT LOGIN REFUSED FROM %.200s",
get_canonical_hostname());
}
}
/* Raise logging level */
if (authenticated ||
@ -685,6 +685,7 @@ input_service_request(int type, int plen)
unsigned int len;
int accept = 0;
char *service = packet_get_string(&len);
packet_done();
if (strcmp(service, "ssh-userauth") == 0) {
if (!userauth_success) {
@ -727,6 +728,7 @@ input_userauth_request(int type, int plen)
pw = auth_set_user(user, service);
if (pw && strcmp(service, "ssh-connection")==0) {
if (strcmp(method, "none") == 0 && try == 1) {
packet_done();
#ifdef USE_PAM
/* Do PAM auth with password */
authenticated = auth_pam_password(pw, "");
@ -740,6 +742,7 @@ input_userauth_request(int type, int plen)
if (c)
debug("password change not supported");
password = packet_get_string(&len);
packet_done();
#ifdef USE_PAM
/* Do PAM auth with password */
authenticated = auth_pam_password(pw, password);
@ -751,11 +754,19 @@ input_userauth_request(int type, int plen)
xfree(password);
} else if (strcmp(method, "publickey") == 0) {
/* XXX TODO */
char *pkalg;
char *pkblob;
c = packet_get_char();
char *pkalg, *pkblob, *sig;
int have_sig = packet_get_char();
pkalg = packet_get_string(&len);
pkblob = packet_get_string(&len);
if (have_sig) {
sig = packet_get_string(&len);
/* test for correct signature */
packet_done();
xfree(sig);
} else {
packet_done();
/* test whether pkalg/pkblob are acceptable */
}
xfree(pkalg);
xfree(pkblob);
}
@ -764,7 +775,6 @@ input_userauth_request(int type, int plen)
if (authenticated) {
/* turn off userauth */
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
/* success! */
packet_start(SSH2_MSG_USERAUTH_SUCCESS);
packet_send();
packet_write_wait();
@ -782,7 +792,7 @@ input_userauth_request(int type, int plen)
xfree(user);
xfree(method);
}
void
void
do_authentication2()
{
dispatch_init(&protocol_error);

24
authfd.c
View File

@ -1,20 +1,20 @@
/*
*
*
* authfd.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Wed Mar 29 01:30:28 1995 ylo
*
*
* Functions for connecting the local authentication agent.
*
*
*/
#include "includes.h"
RCSID("$Id: authfd.c,v 1.11 2000/04/13 02:26:35 damien Exp $");
RCSID("$Id: authfd.c,v 1.12 2000/04/16 01:18:40 damien Exp $");
#include "ssh.h"
#include "rsa.h"
@ -69,7 +69,7 @@ ssh_get_authentication_socket()
* ssh_get_authentication_socket().
*/
void
void
ssh_close_authentication_socket(int sock)
{
if (getenv(SSH_AUTHSOCKET_ENV_NAME))
@ -113,7 +113,7 @@ ssh_get_authentication_connection()
* memory.
*/
void
void
ssh_close_authentication_connection(AuthenticationConnection *ac)
{
buffer_free(&ac->packet);
@ -343,7 +343,7 @@ error_cleanup:
* be used by normal applications.
*/
int
int
ssh_add_identity(AuthenticationConnection *auth,
RSA * key, const char *comment)
{
@ -431,7 +431,7 @@ error_cleanup:
* meant to be used by normal applications.
*/
int
int
ssh_remove_identity(AuthenticationConnection *auth, RSA *key)
{
Buffer buffer;
@ -514,7 +514,7 @@ error_cleanup:
* by normal applications.
*/
int
int
ssh_remove_all_identities(AuthenticationConnection *auth)
{
Buffer buffer;

22
authfd.h
View File

@ -1,19 +1,19 @@
/*
*
*
* authfd.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Wed Mar 29 01:17:41 1995 ylo
*
*
* Functions to interface with the SSH_AUTHENTICATION_FD socket.
*
*
*/
/* RCSID("$Id: authfd.h,v 1.4 1999/11/25 00:54:58 damien Exp $"); */
/* RCSID("$Id: authfd.h,v 1.5 2000/04/16 01:18:40 damien Exp $"); */
#ifndef AUTHFD_H
#define AUTHFD_H
@ -67,7 +67,7 @@ void ssh_close_authentication_connection(AuthenticationConnection * ac);
* integers before the call, and free the comment after a successful call
* (before calling ssh_get_next_identity).
*/
int
int
ssh_get_first_identity(AuthenticationConnection * connection,
BIGNUM * e, BIGNUM * n, char **comment);
@ -77,13 +77,13 @@ ssh_get_first_identity(AuthenticationConnection * connection,
* function. This returns 0 if there are no more identities. The caller
* must free comment after a successful return.
*/
int
int
ssh_get_next_identity(AuthenticationConnection * connection,
BIGNUM * e, BIGNUM * n, char **comment);
/* Requests the agent to decrypt the given challenge. Returns true if
the agent claims it was able to decrypt it. */
int
int
ssh_decrypt_challenge(AuthenticationConnection * auth,
BIGNUM * e, BIGNUM * n, BIGNUM * challenge,
unsigned char session_id[16],
@ -95,7 +95,7 @@ ssh_decrypt_challenge(AuthenticationConnection * auth,
* be used by normal applications. This returns true if the identity was
* successfully added.
*/
int
int
ssh_add_identity(AuthenticationConnection * connection, RSA * key,
const char *comment);

14
authfile.c
View File

@ -1,21 +1,21 @@
/*
*
*
* authfile.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Mon Mar 27 03:52:05 1995 ylo
*
*
* This file contains functions for reading and writing identity files, and
* for reading the passphrase from the user.
*
*
*/
#include "includes.h"
RCSID("$Id: authfile.c,v 1.9 2000/04/13 02:26:36 damien Exp $");
RCSID("$Id: authfile.c,v 1.10 2000/04/16 01:18:40 damien Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>

12
bufaux.c
View File

@ -1,14 +1,14 @@
/*
*
*
* bufaux.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Wed Mar 29 02:24:47 1995 ylo
*
*
* Auxiliary functions for storing and retrieving various data types to/from
* Buffers.
*
@ -17,7 +17,7 @@
*/
#include "includes.h"
RCSID("$Id: bufaux.c,v 1.10 2000/04/13 02:26:36 damien Exp $");
RCSID("$Id: bufaux.c,v 1.11 2000/04/16 01:18:40 damien Exp $");
#include "ssh.h"

12
bufaux.h
View File

@ -1,17 +1,17 @@
/*
*
*
* bufaux.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Wed Mar 29 02:18:23 1995 ylo
*
*
*/
/* RCSID("$Id: bufaux.h,v 1.4 2000/04/01 01:09:23 damien Exp $"); */
/* RCSID("$Id: bufaux.h,v 1.5 2000/04/16 01:18:40 damien Exp $"); */
#ifndef BUFAUX_H
#define BUFAUX_H

34
buffer.c
View File

@ -1,20 +1,20 @@
/*
*
*
* buffer.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sat Mar 18 04:15:33 1995 ylo
*
*
* Functions for manipulating fifo buffers (that can grow if needed).
*
*
*/
#include "includes.h"
RCSID("$Id: buffer.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
RCSID("$Id: buffer.c,v 1.5 2000/04/16 01:18:40 damien Exp $");
#include "xmalloc.h"
#include "buffer.h"
@ -22,7 +22,7 @@ RCSID("$Id: buffer.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
/* Initializes the buffer structure. */
void
void
buffer_init(Buffer *buffer)
{
buffer->alloc = 4096;
@ -33,7 +33,7 @@ buffer_init(Buffer *buffer)
/* Frees any memory used for the buffer. */
void
void
buffer_free(Buffer *buffer)
{
memset(buffer->buf, 0, buffer->alloc);
@ -45,7 +45,7 @@ buffer_free(Buffer *buffer)
* zero the memory.
*/
void
void
buffer_clear(Buffer *buffer)
{
buffer->offset = 0;
@ -54,7 +54,7 @@ buffer_clear(Buffer *buffer)
/* Appends data to the buffer, expanding it if necessary. */
void
void
buffer_append(Buffer *buffer, const char *data, unsigned int len)
{
char *cp;
@ -68,7 +68,7 @@ buffer_append(Buffer *buffer, const char *data, unsigned int len)
* to the allocated region.
*/
void
void
buffer_append_space(Buffer *buffer, char **datap, unsigned int len)
{
/* If the buffer is empty, start using it from the beginning. */
@ -102,7 +102,7 @@ restart:
/* Returns the number of bytes of data in the buffer. */
unsigned int
unsigned int
buffer_len(Buffer *buffer)
{
return buffer->end - buffer->offset;
@ -110,7 +110,7 @@ buffer_len(Buffer *buffer)
/* Gets data from the beginning of the buffer. */
void
void
buffer_get(Buffer *buffer, char *buf, unsigned int len)
{
if (len > buffer->end - buffer->offset)
@ -121,7 +121,7 @@ buffer_get(Buffer *buffer, char *buf, unsigned int len)
/* Consumes the given number of bytes from the beginning of the buffer. */
void
void
buffer_consume(Buffer *buffer, unsigned int bytes)
{
if (bytes > buffer->end - buffer->offset)
@ -131,7 +131,7 @@ buffer_consume(Buffer *buffer, unsigned int bytes)
/* Consumes the given number of bytes from the end of the buffer. */
void
void
buffer_consume_end(Buffer *buffer, unsigned int bytes)
{
if (bytes > buffer->end - buffer->offset)
@ -149,7 +149,7 @@ buffer_ptr(Buffer *buffer)
/* Dumps the contents of the buffer to stderr. */
void
void
buffer_dump(Buffer *buffer)
{
int i;

20
canohost.c
View File

@ -1,20 +1,20 @@
/*
*
*
* canohost.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sun Jul 2 17:52:22 1995 ylo
*
*
* Functions for returning the canonical host name of the remote site.
*
*
*/
#include "includes.h"
RCSID("$Id: canohost.c,v 1.8 2000/03/11 09:45:41 damien Exp $");
RCSID("$Id: canohost.c,v 1.9 2000/04/16 01:18:40 damien Exp $");
#include "packet.h"
#include "xmalloc.h"
@ -265,7 +265,7 @@ get_sock_port(int sock, int local)
/* Returns remote/local port number for the current connection. */
int
int
get_port(int local)
{
/*
@ -279,13 +279,13 @@ get_port(int local)
return get_sock_port(packet_get_connection_in(), local);
}
int
int
get_peer_port(int sock)
{
return get_sock_port(sock, 0);
}
int
int
get_remote_port()
{
return get_port(0);

94
channels.c
View File

@ -1,23 +1,23 @@
/*
*
*
* channels.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Fri Mar 24 16:35:24 1995 ylo
*
*
* This file contains functions for generic socket connection forwarding.
* There is also code for initiating connection forwarding for X11 connections,
* arbitrary tcp/ip connections, and the authentication agent connection.
*
*
* SSH2 support added by Markus Friedl.
*/
#include "includes.h"
RCSID("$Id: channels.c,v 1.24 2000/04/12 10:17:38 damien Exp $");
RCSID("$Id: channels.c,v 1.25 2000/04/16 01:18:41 damien Exp $");
#include "ssh.h"
#include "packet.h"
@ -109,7 +109,7 @@ static int have_hostname_in_open = 0;
/* Sets specific protocol options. */
void
void
channel_set_options(int hostname_in_open)
{
have_hostname_in_open = hostname_in_open;
@ -121,7 +121,7 @@ channel_set_options(int hostname_in_open)
* and the server has no way to know but to trust the client anyway.
*/
void
void
channel_permit_all_opens()
{
all_opens_permitted = 1;
@ -150,7 +150,7 @@ channel_lookup(int id)
* remote_name to be freed.
*/
int
int
channel_new(char *ctype, int type, int rfd, int wfd, int efd,
int window, int maxpack, int extended_usage, char *remote_name)
{
@ -226,7 +226,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
debug("channel %d: new [%s]", found, remote_name);
return found;
}
int
int
channel_allocate(int type, int sock, char *remote_name)
{
return channel_new("", type, sock, sock, -1, 0, 0, 0, remote_name);
@ -234,7 +234,7 @@ channel_allocate(int type, int sock, char *remote_name)
/* Free the channel and close its socket. */
void
void
channel_free(int id)
{
Channel *c = channel_lookup(id);
@ -361,7 +361,7 @@ channel_pre_output_draining(Channel *c, fd_set * readset, fd_set * writeset)
{
if (buffer_len(&c->output) == 0)
channel_free(c->self);
else
else
FD_SET(c->sock, writeset);
}
@ -540,8 +540,10 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset)
packet_put_int(newch);
packet_put_int(c->local_window_max);
packet_put_int(c->local_maxpacket);
/* target host and port */
packet_put_string(c->path, strlen(c->path));
packet_put_int(c->host_port);
/* originator host and port */
packet_put_cstring(remote_hostname);
packet_put_int(remote_port);
packet_send();
@ -782,7 +784,7 @@ channel_handler_init(void)
channel_handler_init_15();
}
void
void
channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset)
{
static int did_init = 0;
@ -804,13 +806,13 @@ channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset)
}
}
void
void
channel_prepare_select(fd_set * readset, fd_set * writeset)
{
channel_handler(channel_pre, readset, writeset);
}
void
void
channel_after_select(fd_set * readset, fd_set * writeset)
{
channel_handler(channel_post, readset, writeset);
@ -818,7 +820,7 @@ channel_after_select(fd_set * readset, fd_set * writeset)
/* If there is data to send to the connection, send some of it now. */
void
void
channel_output_poll()
{
int len, i;
@ -909,7 +911,7 @@ channel_output_poll()
* still there.
*/
void
void
channel_input_data(int type, int plen)
{
int id;
@ -934,6 +936,7 @@ channel_input_data(int type, int plen)
/* Get the data. */
data = packet_get_string(&data_len);
packet_done();
if (compat20){
if (data_len > c->local_maxpacket) {
@ -953,7 +956,7 @@ channel_input_data(int type, int plen)
buffer_append(&c->output, data, data_len);
xfree(data);
}
void
void
channel_input_extended_data(int type, int plen)
{
int id;
@ -980,6 +983,7 @@ channel_input_extended_data(int type, int plen)
return;
}
data = packet_get_string(&data_len);
packet_done();
if (data_len > c->local_window) {
log("channel %d: rcvd too much extended_data %d, win %d",
c->self, data_len, c->local_window);
@ -998,7 +1002,7 @@ channel_input_extended_data(int type, int plen)
* more channel is overfull.
*/
int
int
channel_not_very_much_buffered_data()
{
unsigned int i;
@ -1022,7 +1026,7 @@ channel_not_very_much_buffered_data()
return 1;
}
void
void
channel_input_ieof(int type, int plen)
{
int id;
@ -1037,7 +1041,7 @@ channel_input_ieof(int type, int plen)
chan_rcvd_ieof(c);
}
void
void
channel_input_close(int type, int plen)
{
int id;
@ -1076,7 +1080,7 @@ channel_input_close(int type, int plen)
}
/* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */
void
void
channel_input_oclose(int type, int plen)
{
int id = packet_get_int();
@ -1087,12 +1091,13 @@ channel_input_oclose(int type, int plen)
chan_rcvd_oclose(c);
}
void
void
channel_input_close_confirmation(int type, int plen)
{
int id = packet_get_int();
Channel *c = channel_lookup(id);
packet_done();
if (c == NULL)
packet_disconnect("Received close confirmation for "
"out-of-range channel %d.", id);
@ -1102,7 +1107,7 @@ channel_input_close_confirmation(int type, int plen)
channel_free(c->self);
}
void
void
channel_input_open_confirmation(int type, int plen)
{
int id, remote_id;
@ -1125,6 +1130,7 @@ channel_input_open_confirmation(int type, int plen)
if (compat20) {
c->remote_window = packet_get_int();
c->remote_maxpacket = packet_get_int();
packet_done();
if (c->cb_fn != NULL && c->cb_event == type) {
debug("callback start");
c->cb_fn(c->self, c->cb_arg);
@ -1135,7 +1141,7 @@ channel_input_open_confirmation(int type, int plen)
}
}
void
void
channel_input_open_failure(int type, int plen)
{
int id;
@ -1153,8 +1159,11 @@ channel_input_open_failure(int type, int plen)
if (compat20) {
int reason = packet_get_int();
char *msg = packet_get_string(NULL);
char *lang = packet_get_string(NULL);
log("channel_open_failure: %d: reason %d: %s", id, reason, msg);
packet_done();
xfree(msg);
xfree(lang);
}
/* Free the channel. This will also close the socket. */
channel_free(id);
@ -1185,7 +1194,7 @@ debug("cb_fn %p cb_event %d", c->cb_fn , c->cb_event);
}
}
void
void
channel_input_window_adjust(int type, int plen)
{
Channel *c;
@ -1204,6 +1213,7 @@ channel_input_window_adjust(int type, int plen)
return;
}
adjust = packet_get_int();
packet_done();
debug("channel %d: rcvd adjust %d", id, adjust);
c->remote_window += adjust;
}
@ -1213,7 +1223,7 @@ channel_input_window_adjust(int type, int plen)
* might have.
*/
void
void
channel_stop_listening()
{
int i;
@ -1240,7 +1250,7 @@ channel_stop_listening()
* descriptors after a fork.
*/
void
void
channel_close_all()
{
int i;
@ -1252,7 +1262,7 @@ channel_close_all()
/* Returns the maximum file descriptor number used by the channels. */
int
int
channel_max_fd()
{
return channel_max_fd_value;
@ -1260,7 +1270,7 @@ channel_max_fd()
/* Returns true if any channel is still open. */
int
int
channel_still_open()
{
unsigned int i;
@ -1347,7 +1357,7 @@ channel_open_message()
* channel to host:port from remote side.
*/
void
void
channel_request_local_forwarding(u_short port, const char *host,
u_short host_port, int gateway_ports)
{
@ -1435,7 +1445,7 @@ channel_request_local_forwarding(u_short port, const char *host,
* the secure channel to host:port from local side.
*/
void
void
channel_request_remote_forwarding(u_short listen_port, const char *host_to_connect,
u_short port_to_connect)
{
@ -1478,7 +1488,7 @@ channel_request_remote_forwarding(u_short listen_port, const char *host_to_conne
* message if there was an error). This never returns if there was an error.
*/
void
void
channel_input_port_forward_request(int is_root)
{
u_short port, host_port;
@ -1562,7 +1572,7 @@ channel_connect_to(const char *host, u_short host_port)
* or CHANNEL_OPEN_FAILURE.
*/
void
void
channel_input_port_open(int type, int plen)
{
u_short host_port;
@ -1807,7 +1817,7 @@ connect_local_xsocket(unsigned int dnr)
* with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
*/
void
void
x11_input_open(int type, int plen)
{
int remote_channel, display_number, sock = 0, newch;
@ -1911,7 +1921,7 @@ x11_input_open(int type, int plen)
}
freeaddrinfo(aitop);
if (!ai) {
error("connect %.100s port %d: %.100s", buf, 6000 + display_number,
error("connect %.100s port %d: %.100s", buf, 6000 + display_number,
strerror(errno));
goto fail;
}
@ -1945,7 +1955,7 @@ fail:
* data, and enables authentication spoofing.
*/
void
void
x11_request_forwarding_with_spoofing(const char *proto, const char *data)
{
unsigned int data_len = (unsigned int) strlen(data) / 2;
@ -2003,7 +2013,7 @@ x11_request_forwarding_with_spoofing(const char *proto, const char *data)
/* Sends a message to the server to request authentication fd forwarding. */
void
void
auth_request_forwarding()
{
packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING);
@ -2025,7 +2035,7 @@ auth_get_socket_name()
/* removes the agent forwarding socket */
void
void
cleanup_socket(void)
{
remove(channel_forwarded_auth_socket_name);
@ -2037,7 +2047,7 @@ cleanup_socket(void)
* This starts forwarding authentication requests.
*/
void
void
auth_input_request_forwarding(struct passwd * pw)
{
int sock, newch;
@ -2095,7 +2105,7 @@ auth_input_request_forwarding(struct passwd * pw)
/* This is called to process an SSH_SMSG_AGENT_OPEN message. */
void
void
auth_input_open_request(int type, int plen)
{
int remch, sock, newch;

6
channels.h
View File

@ -1,4 +1,4 @@
/* RCSID("$Id: channels.h,v 1.6 2000/04/04 04:39:01 damien Exp $"); */
/* RCSID("$Id: channels.h,v 1.7 2000/04/16 01:18:41 damien Exp $"); */
#ifndef CHANNELS_H
#define CHANNELS_H
@ -149,7 +149,7 @@ char *channel_open_message(void);
* channel to host:port from remote side. This never returns if there was an
* error.
*/
void
void
channel_request_local_forwarding(u_short port, const char *host,
u_short remote_port, int gateway_ports);
@ -159,7 +159,7 @@ channel_request_local_forwarding(u_short port, const char *host,
* there was an error. This registers that open requests for that port are
* permitted.
*/
void
void
channel_request_remote_forwarding(u_short port, const char *host,
u_short remote_port);

34
cipher.c
View File

@ -1,18 +1,18 @@
/*
*
*
* cipher.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Wed Apr 19 17:41:39 1995 ylo
*
*
*/
#include "includes.h"
RCSID("$Id: cipher.c,v 1.18 2000/04/13 02:26:36 damien Exp $");
RCSID("$Id: cipher.c,v 1.19 2000/04/16 01:18:41 damien Exp $");
#include "ssh.h"
#include "cipher.h"
@ -138,7 +138,7 @@ static char *cipher_names[] =
* supported cipher.
*/
unsigned int
unsigned int
cipher_mask1()
{
unsigned int mask = 0;
@ -146,7 +146,7 @@ cipher_mask1()
mask |= 1 << SSH_CIPHER_BLOWFISH;
return mask;
}
unsigned int
unsigned int
cipher_mask2()
{
unsigned int mask = 0;
@ -156,7 +156,7 @@ cipher_mask2()
mask |= 1 << SSH_CIPHER_CAST128_CBC;
return mask;
}
unsigned int
unsigned int
cipher_mask()
{
return cipher_mask1() | cipher_mask2();
@ -218,7 +218,7 @@ cipher_number(const char *name)
* passphrase and using the resulting 16 bytes as the key.
*/
void
void
cipher_set_key_string(CipherContext *context, int cipher, const char *passphrase)
{
MD5_CTX md;
@ -236,7 +236,7 @@ cipher_set_key_string(CipherContext *context, int cipher, const char *passphrase
/* Selects the cipher to use and sets the key. */
void
void
cipher_set_key(CipherContext *context, int cipher, const unsigned char *key,
int keylen)
{
@ -297,9 +297,9 @@ cipher_set_key(CipherContext *context, int cipher, const unsigned char *key,
memset(padded, 0, sizeof(padded));
}
void
void
cipher_set_key_iv(CipherContext * context, int cipher,
const unsigned char *key, int keylen,
const unsigned char *key, int keylen,
const unsigned char *iv, int ivlen)
{
/* Set cipher type. */
@ -357,7 +357,7 @@ cipher_set_key_iv(CipherContext * context, int cipher,
/* Encrypts data using the cipher. */
void
void
cipher_encrypt(CipherContext *context, unsigned char *dest,
const unsigned char *src, unsigned int len)
{
@ -379,14 +379,14 @@ cipher_encrypt(CipherContext *context, unsigned char *dest,
case SSH_CIPHER_BLOWFISH:
swap_bytes(src, dest, len);
BF_cbc_encrypt(dest, dest, len,
&context->u.bf.key, context->u.bf.iv,
&context->u.bf.key, context->u.bf.iv,
BF_ENCRYPT);
swap_bytes(dest, dest, len);
break;
case SSH_CIPHER_BLOWFISH_CBC:
BF_cbc_encrypt((void *)src, dest, len,
&context->u.bf.key, context->u.bf.iv,
&context->u.bf.key, context->u.bf.iv,
BF_ENCRYPT);
break;
@ -412,7 +412,7 @@ cipher_encrypt(CipherContext *context, unsigned char *dest,
/* Decrypts data using the cipher. */
void
void
cipher_decrypt(CipherContext *context, unsigned char *dest,
const unsigned char *src, unsigned int len)
{

24
cipher.h
View File

@ -1,17 +1,17 @@
/*
*
*
* cipher.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Wed Apr 19 16:50:42 1995 ylo
*
*
*/
/* RCSID("$Id: cipher.h,v 1.10 2000/04/13 02:26:36 damien Exp $"); */
/* RCSID("$Id: cipher.h,v 1.11 2000/04/16 01:18:41 damien Exp $"); */
#ifndef CIPHER_H
#define CIPHER_H
@ -95,29 +95,29 @@ int ciphers_valid(const char *names);
* Selects the cipher to use and sets the key. If for_encryption is true,
* the key is setup for encryption; otherwise it is setup for decryption.
*/
void
void
cipher_set_key(CipherContext * context, int cipher,
const unsigned char *key, int keylen);
void
void
cipher_set_key_iv(CipherContext * context, int cipher,
const unsigned char *key, int keylen,
const unsigned char *key, int keylen,
const unsigned char *iv, int ivlen);
/*
* Sets key for the cipher by computing the MD5 checksum of the passphrase,
* and using the resulting 16 bytes as the key.
*/
void
void
cipher_set_key_string(CipherContext * context, int cipher,
const char *passphrase);
/* Encrypts data using the cipher. */
void
void
cipher_encrypt(CipherContext * context, unsigned char *dest,
const unsigned char *src, unsigned int len);
/* Decrypts data using the cipher. */
void
void
cipher_decrypt(CipherContext * context, unsigned char *dest,
const unsigned char *src, unsigned int len);

59
clientloop.c
View File

@ -1,22 +1,22 @@
/*
*
*
* clientloop.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
*
*
* Created: Sat Sep 23 12:23:57 1995 ylo
*
*
* The main loop for the interactive session (client side).
*
*
* SSH2 support added by Markus Friedl.
*/
#include "includes.h"
RCSID("$Id: clientloop.c,v 1.10 2000/04/12 10:17:39 damien Exp $");
RCSID("$Id: clientloop.c,v 1.11 2000/04/16 01:18:41 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
@ -83,7 +83,7 @@ int session_ident = -1;
/* Returns the user\'s terminal to normal mode if it had been put in raw mode. */
void
void
leave_raw_mode()
{
if (!in_raw_mode)
@ -97,7 +97,7 @@ leave_raw_mode()
/* Puts the user\'s terminal in raw mode. */
void
void
enter_raw_mode()
{
struct termios tio;
@ -123,7 +123,7 @@ enter_raw_mode()
/* Restores stdin to blocking mode. */
void
void
leave_non_blocking()
{
if (in_non_blocking_mode) {
@ -135,7 +135,7 @@ leave_non_blocking()
/* Puts stdin terminal in non-blocking mode. */
void
void
enter_non_blocking()
{
in_non_blocking_mode = 1;
@ -148,7 +148,7 @@ enter_non_blocking()
* flag indicating that the window has changed.
*/
void
void
window_change_handler(int sig)
{
received_window_change_signal = 1;
@ -160,7 +160,7 @@ window_change_handler(int sig)
* signals must be trapped to restore terminal modes.
*/
void
void
signal_handler(int sig)
{
if (in_raw_mode)
@ -177,7 +177,7 @@ signal_handler(int sig)
* available resolution.
*/
double
double
get_current_time()
{
struct timeval tv;
@ -191,7 +191,7 @@ get_current_time()
* not appear to wake up when redirecting from /dev/null.
*/
void
void
client_check_initial_eof_on_stdin()
{
int len;
@ -245,7 +245,7 @@ client_check_initial_eof_on_stdin()
* connection.
*/
void
void
client_make_packets_from_stdin_data()
{
unsigned int len;
@ -276,7 +276,7 @@ client_make_packets_from_stdin_data()
* appropriate.
*/
void
void
client_check_window_change()
{
struct winsize ws;
@ -313,7 +313,7 @@ client_check_window_change()
* one of the file descriptors).
*/
void
void
client_wait_until_can_do_something(fd_set * readset, fd_set * writeset)
{
/*debug("client_wait_until_can_do_something"); */
@ -380,7 +380,7 @@ client_wait_until_can_do_something(fd_set * readset, fd_set * writeset)
}
}
void
void
client_suspend_self()
{
struct winsize oldws, newws;
@ -425,7 +425,7 @@ client_suspend_self()
enter_raw_mode();
}
void
void
client_process_net_input(fd_set * readset)
{
int len;
@ -468,7 +468,7 @@ client_process_net_input(fd_set * readset)
}
}
void
void
client_process_input(fd_set * readset)
{
int len, pid;
@ -657,7 +657,7 @@ Supported escape sequences:\r\n\
}
}
void
void
client_process_output(fd_set * writeset)
{
int len;
@ -717,7 +717,7 @@ client_process_output(fd_set * writeset)
* preparatory phase.
*/
void
void
client_process_buffered_input_packets()
{
dispatch_run(DISPATCH_NONBLOCK, &quit_pending);
@ -730,7 +730,7 @@ client_process_buffered_input_packets()
* character for terminating or suspending the session.
*/
int
int
client_loop(int have_pty, int escape_char_arg)
{
extern Options options;
@ -953,7 +953,7 @@ client_input_exit_status(int type, int plen)
quit_pending = 1;
}
void
void
client_init_dispatch_20()
{
dispatch_init(&dispatch_protocol_error);
@ -966,7 +966,7 @@ client_init_dispatch_20()
dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &channel_input_channel_request);
dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
}
void
void
client_init_dispatch_13()
{
dispatch_init(NULL);
@ -983,14 +983,14 @@ client_init_dispatch_13()
dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
dispatch_set(SSH_SMSG_X11_OPEN, &x11_input_open);
}
void
void
client_init_dispatch_15()
{
client_init_dispatch_13();
dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof);
dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, & channel_input_oclose);
}
void
void
client_init_dispatch()
{
if (compat20)
@ -1027,6 +1027,7 @@ client_input_channel_req(int id, void *arg)
} else if (strcmp(rtype, "exit-status") == 0) {
success = 1;
exit_status = packet_get_int();
packet_done();
}
if (reply) {
packet_start(success ?

6
compat.c
View File

@ -28,7 +28,7 @@
*/
#include "includes.h"
RCSID("$Id: compat.c,v 1.7 2000/04/12 10:17:39 damien Exp $");
RCSID("$Id: compat.c,v 1.8 2000/04/16 01:18:42 damien Exp $");
#include "ssh.h"
#include "packet.h"
@ -39,14 +39,14 @@ int compat13 = 0;
int compat20 = 0;
int datafellows = 0;
void
void
enable_compat20(void)
{
verbose("Enabling compatibility mode for protocol 2.0");
compat20 = 1;
packet_set_ssh2_format();
}
void
void
enable_compat13(void)
{
verbose("Enabling compatibility mode for protocol 1.3");

22
compress.c
View File

@ -1,20 +1,20 @@
/*
*
*
* compress.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Wed Oct 25 22:12:46 1995 ylo
*
*
* Interface to packet compression for ssh.
*
*
*/
#include "includes.h"
RCSID("$Id: compress.c,v 1.5 2000/04/01 01:09:24 damien Exp $");
RCSID("$Id: compress.c,v 1.6 2000/04/16 01:18:42 damien Exp $");
#include "ssh.h"
#include "buffer.h"
@ -28,7 +28,7 @@ static z_stream outgoing_stream;
* (as in gzip).
*/
void
void
buffer_compress_init(int level)
{
debug("Enabling compression at level %d.", level);
@ -40,7 +40,7 @@ buffer_compress_init(int level)
/* Frees any data structures allocated for compression. */
void
void
buffer_compress_uninit()
{
debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f",
@ -64,7 +64,7 @@ buffer_compress_uninit()
* receiver. This appends the compressed data to the output buffer.
*/
void
void
buffer_compress(Buffer * input_buffer, Buffer * output_buffer)
{
char buf[4096];
@ -108,7 +108,7 @@ buffer_compress(Buffer * input_buffer, Buffer * output_buffer)
* with that. This appends the uncompressed data to the output buffer.
*/
void
void
buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer)
{
char buf[4096];

14
compress.h
View File

@ -1,19 +1,19 @@
/*
*
*
* compress.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Wed Oct 25 22:12:46 1995 ylo
*
*
* Interface to packet compression for ssh.
*
*
*/
/* RCSID("$Id: compress.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
/* RCSID("$Id: compress.h,v 1.4 2000/04/16 01:18:42 damien Exp $"); */
#ifndef COMPRESS_H
#define COMPRESS_H

14
crc32.h
View File

@ -1,19 +1,19 @@
/*
*
*
* crc32.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1992 Tatu Ylonen, Espoo, Finland
* All rights reserved
*
*
* Created: Tue Feb 11 14:37:27 1992 ylo
*
*
* Functions for computing 32-bit CRC.
*
*
*/
/* RCSID("$Id: crc32.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
/* RCSID("$Id: crc32.h,v 1.4 2000/04/16 01:18:42 damien Exp $"); */
#ifndef CRC32_H
#define CRC32_H

78
dispatch.c Normal file
View File

@ -0,0 +1,78 @@
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Markus Friedl.
* 4. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$Id: dispatch.c,v 1.3 2000/04/16 01:18:42 damien Exp $");
#include "ssh.h"
#include "dispatch.h"
#include "packet.h"
#define DISPATCH_MIN 0
#define DISPATCH_MAX 255
dispatch_fn *dispatch[DISPATCH_MAX];
void
dispatch_protocol_error(int type, int plen)
{
error("Hm, dispatch protocol error: type %d plen %d", type, plen);
}
void
dispatch_init(dispatch_fn *dflt)
{
int i;
for (i = 0; i < DISPATCH_MAX; i++)
dispatch[i] = dflt;
}
void
dispatch_set(int type, dispatch_fn *fn)
{
dispatch[type] = fn;
}
void
dispatch_run(int mode, int *done)
{
for (;;) {
int plen;
int type;
if (mode == DISPATCH_BLOCK) {
type = packet_read(&plen);
} else {
type = packet_read_poll(&plen);
if (type == SSH_MSG_NONE)
return;
}
if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL)
(*dispatch[type])(type, plen);
else
packet_disconnect("protocol error: rcvd type %d", type);
if (done != NULL && *done)
return;
}
}

10
dsa.c
View File

@ -28,7 +28,7 @@
*/
#include "includes.h"
RCSID("$Id: dsa.c,v 1.3 2000/04/12 09:39:10 markus Exp $");
RCSID("$Id: dsa.c,v 1.4 2000/04/14 10:30:31 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@ -108,7 +108,7 @@ dsa_load_private(char *filename)
in = BIO_new(BIO_s_file());
if (in == NULL)
fatal("BIO_new failed");
if (BIO_read_filename(in, filename) <= 0)
if (BIO_read_filename(in, filename) <= 0)
fatal("BIO_read failed %s: %s", filename, strerror(errno));
fprintf(stderr, "read DSA private key\n");
dsa = PEM_read_bio_DSAPrivateKey(in,NULL,NULL,NULL);
@ -182,9 +182,9 @@ dsa_sign(
sig = DSA_do_sign(digest, evp_md->md_size, key->dsa);
rlen = BN_num_bytes(sig->r);
slen = BN_num_bytes(sig->s);
if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
rlen = BN_num_bytes(sig->r);
slen = BN_num_bytes(sig->s);
if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
error("bad sig size %d %d", rlen, slen);
DSA_SIG_free(sig);
return -1;

16
getput.h
View File

@ -1,19 +1,19 @@
/*
*
*
* getput.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Wed Jun 28 22:36:30 1995 ylo
*
*
* Macros for storing and retrieving data in msb first and lsb first order.
*
*
*/
/* RCSID("$Id: getput.h,v 1.2 1999/11/24 13:26:22 damien Exp $"); */
/* RCSID("$Id: getput.h,v 1.3 2000/04/16 01:18:42 damien Exp $"); */
#ifndef GETPUT_H
#define GETPUT_H
@ -21,7 +21,7 @@
/*------------ macros for storing/extracting msb first words -------------*/
#define GET_32BIT(cp) (((unsigned long)(unsigned char)(cp)[0] << 24) | \
((unsigned long)(unsigned char)(cp)[1] << 16) | \
((unsigned long)(unsigned char)(cp)[1] << 16) | \
((unsigned long)(unsigned char)(cp)[2] << 8) | \
((unsigned long)(unsigned char)(cp)[3]))

14
hostfile.c
View File

@ -1,20 +1,20 @@
/*
*
*
* hostfile.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Thu Jun 29 07:10:56 1995 ylo
*
*
* Functions for manipulating the known hosts files.
*
*
*/
#include "includes.h"
RCSID("$OpenBSD: hostfile.c,v 1.15 2000/04/12 09:39:10 markus Exp $");
RCSID("$OpenBSD: hostfile.c,v 1.16 2000/04/14 10:30:31 markus Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>

2
hostfile.h
View File

@ -10,7 +10,7 @@
typedef enum {
HOST_OK, HOST_NEW, HOST_CHANGED
} HostStatus;
HostStatus
HostStatus
check_host_in_hostfile(const char *filename, const char *host, Key *key, Key *found);
/*

12
includes.h
View File

@ -1,16 +1,16 @@
/*
*
*
* includes.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Thu Mar 23 16:29:37 1995 ylo
*
*
* This file includes most of the needed system headers.
*
*
*/
#ifndef INCLUDES_H

12
kex.c
View File

@ -28,7 +28,7 @@
*/
#include "includes.h"
RCSID("$Id: kex.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
RCSID("$Id: kex.c,v 1.5 2000/04/16 01:18:43 damien Exp $");
#include "ssh.h"
#include "ssh2.h"
@ -149,12 +149,12 @@ void
dump_digest(unsigned char *digest, int len)
{
int i;
for (i = 0; i< len; i++){
fprintf(stderr, "%02x", digest[i]);
for (i = 0; i< len; i++){
fprintf(stderr, "%02x", digest[i]);
if(i%2!=0)
fprintf(stderr, " ");
}
fprintf(stderr, "\n");
fprintf(stderr, "\n");
}
unsigned char *
@ -201,7 +201,7 @@ kex_hash(
buffer_free(&b);
#ifdef DEBUG_KEX
dump_digest(digest, evp_md->md_size);
dump_digest(digest, evp_md->md_size);
#endif
return digest;
}
@ -345,7 +345,7 @@ choose_kex(Kex *k, char *client, char *server)
k->name = get_match(client, server);
if (k->name == NULL)
fatal("no kex alg");
if (strcmp(k->name, KEX_DH1) != 0)
if (strcmp(k->name, KEX_DH1) != 0)
fatal("bad kex alg %s", k->name);
}
void

14
log-client.c
View File

@ -1,21 +1,21 @@
/*
*
*
* log-client.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Mon Mar 20 21:13:40 1995 ylo
*
*
* Client-side versions of debug(), log(), etc. These print to stderr.
* This is a stripped down version of log-server.c.
*
*
*/
#include "includes.h"
RCSID("$Id: log-client.c,v 1.5 2000/03/09 10:27:50 damien Exp $");
RCSID("$Id: log-client.c,v 1.6 2000/04/16 01:18:43 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"

16
log-server.c
View File

@ -1,21 +1,21 @@
/*
*
*
* log-server.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Mon Mar 20 21:19:30 1995 ylo
*
*
* Server-side versions of debug(), log(), etc. These normally send the output
* to the system log.
*
*
*/
#include "includes.h"
RCSID("$Id: log-server.c,v 1.8 2000/04/01 01:09:24 damien Exp $");
RCSID("$Id: log-server.c,v 1.9 2000/04/16 01:18:43 damien Exp $");
#include <syslog.h>
#include "packet.h"
@ -38,7 +38,7 @@ static int log_facility = LOG_AUTH;
* level logging level
*/
void
void
log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
{
switch (level) {

20
login.c
View File

@ -1,24 +1,24 @@
/*
*
*
* login.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Fri Mar 24 14:51:08 1995 ylo
*
*
* This file performs some of the things login(1) normally does. We cannot
* easily use something like login -p -h host -f user, because there are
* several different logins around, and it is hard to determined what kind of
* login the current system has. Also, we want to be able to execute commands
* on a tty.
*
*
*/
#include "includes.h"
RCSID("$Id: login.c,v 1.22 2000/02/02 08:17:41 damien Exp $");
RCSID("$Id: login.c,v 1.23 2000/04/16 01:18:43 damien Exp $");
#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
# include <utmpx.h>
@ -49,7 +49,7 @@ RCSID("$Id: login.c,v 1.22 2000/02/02 08:17:41 damien Exp $");
* is found). The name of the host used last time is returned in buf.
*/
unsigned long
unsigned long
get_last_login_time(uid_t uid, const char *logname,
char *buf, unsigned int bufsize)
{
@ -135,7 +135,7 @@ get_last_login_time(uid_t uid, const char *logname,
* were more standardized.
*/
void
void
record_login(int pid, const char *ttyname, const char *user, uid_t uid,
const char *host, struct sockaddr * addr)
{
@ -273,7 +273,7 @@ record_login(int pid, const char *ttyname, const char *user, uid_t uid,
/* Records that the user has logged out. */
void
void
record_logout(int pid, const char *ttyname)
{
#ifdef HAVE_LIBUTIL_LOGIN

16
match.c
View File

@ -1,20 +1,20 @@
/*
*
*
* match.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Thu Jun 22 01:17:50 1995 ylo
*
*
* Simple pattern matching, with '*' and '?' as wildcards.
*
*
*/
#include "includes.h"
RCSID("$Id: match.c,v 1.4 2000/03/26 03:04:53 damien Exp $");
RCSID("$Id: match.c,v 1.5 2000/04/16 01:18:43 damien Exp $");
#include "ssh.h"
@ -23,7 +23,7 @@ RCSID("$Id: match.c,v 1.4 2000/03/26 03:04:53 damien Exp $");
* and * as wildcards), and zero if it does not match.
*/
int
int
match_pattern(const char *s, const char *pattern)
{
for (;;) {

14
mpaux.c
View File

@ -1,21 +1,21 @@
/*
*
*
* mpaux.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sun Jul 16 04:29:30 1995 ylo
*
*
* This file contains various auxiliary functions related to multiple
* precision integers.
*
*
*/
#include "includes.h"
RCSID("$Id: mpaux.c,v 1.10 2000/04/13 02:26:36 damien Exp $");
RCSID("$Id: mpaux.c,v 1.11 2000/04/16 01:18:43 damien Exp $");
#include "getput.h"
#include "xmalloc.h"

14
mpaux.h
View File

@ -1,19 +1,19 @@
/*
*
*
* mpaux.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sun Jul 16 04:29:30 1995 ylo
*
*
* This file contains various auxiliary functions related to multiple
* precision integers.
*/
/* RCSID("$Id: mpaux.h,v 1.4 1999/11/25 00:54:59 damien Exp $"); */
/* RCSID("$Id: mpaux.h,v 1.5 2000/04/16 01:18:43 damien Exp $"); */
#ifndef MPAUX_H
#define MPAUX_H
@ -23,7 +23,7 @@
* session id is computed by concatenating the linearized, msb first
* representations of host_key_n, session_key_n, and the cookie.
*/
void
void
compute_session_id(unsigned char session_id[16],
unsigned char cookie[8],
BIGNUM * host_key_n,

6
nchan.c
View File

@ -28,7 +28,7 @@
*/
#include "includes.h"
RCSID("$Id: nchan.c,v 1.7 2000/04/04 04:39:02 damien Exp $");
RCSID("$Id: nchan.c,v 1.8 2000/04/16 01:18:43 damien Exp $");
#include "ssh.h"
@ -389,11 +389,11 @@ chan_delete_if_full_closed2(Channel *c)
if (!(c->flags & CHAN_CLOSE_SENT)) {
chan_send_close2(c);
}
if ((c->flags & CHAN_CLOSE_SENT) &&
if ((c->flags & CHAN_CLOSE_SENT) &&
(c->flags & CHAN_CLOSE_RCVD)) {
debug("channel %d: full closed2", c->self);
channel_free(c->self);
}
}
}
}

32
packet.c
View File

@ -1,14 +1,14 @@
/*
*
*
* packet.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sat Mar 18 02:40:40 1995 ylo
*
*
* This file contains code implementing the packet protocol and communication
* with the other side. This same code is used both on client and server side.
*
@ -17,7 +17,7 @@
*/
#include "includes.h"
RCSID("$Id: packet.c,v 1.17 2000/04/13 02:26:37 damien Exp $");
RCSID("$Id: packet.c,v 1.18 2000/04/16 01:18:43 damien Exp $");
#ifdef HAVE_OPENSSL
# include <openssl/bn.h>
@ -529,7 +529,7 @@ packet_send2()
unsigned int packet_length = 0;
unsigned int i, padlen, len;
u_int32_t rand = 0;
static unsigned int seqnr = 0;
static unsigned int seqnr = 0;
int type;
Enc *enc = NULL;
Mac *mac = NULL;
@ -611,9 +611,9 @@ packet_send2()
fprintf(stderr, "encrypted: ");
buffer_dump(&output);
#endif
/* increment sequence number for outgoing packets */
if (++seqnr == 0)
log("outgoing seqnr wraps around");
/* increment sequence number for outgoing packets */
if (++seqnr == 0)
log("outgoing seqnr wraps around");
buffer_clear(&outgoing_packet);
if (type == SSH2_MSG_NEWKEYS) {
@ -877,7 +877,7 @@ packet_read_poll2(int *payload_len_ptr)
* compute MAC over seqnr and packet,
* increment sequence number for incoming packet
*/
if (mac && mac->enabled) {
if (mac && mac->enabled) {
macbuf = hmac( mac->md, seqnr,
(unsigned char *) buffer_ptr(&incoming_packet),
buffer_len(&incoming_packet),
@ -888,8 +888,8 @@ packet_read_poll2(int *payload_len_ptr)
DBG(debug("HMAC #%d ok", seqnr));
buffer_consume(&input, mac->mac_len);
}
if (++seqnr == 0)
log("incoming seqnr wraps around");
if (++seqnr == 0)
log("incoming seqnr wraps around");
/* get padlen */
cp = buffer_ptr(&incoming_packet) + 4;
@ -1063,6 +1063,12 @@ packet_get_raw(int *length_ptr)
return buffer_ptr(&incoming_packet);
}
int
packet_remaining(void)
{
return buffer_len(&incoming_packet);
}
/*
* Returns a string from the packet data. The string is allocated using
* xmalloc; it is the responsibility of the calling program to free it when

29
packet.h
View File

@ -1,19 +1,19 @@
/*
*
*
* packet.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sat Mar 18 02:02:14 1995 ylo
*
*
* Interface for the packet protocol functions.
*
*
*/
/* RCSID("$Id: packet.h,v 1.13 2000/04/13 02:26:37 damien Exp $"); */
/* RCSID("$Id: packet.h,v 1.14 2000/04/16 01:18:44 damien Exp $"); */
#ifndef PACKET_H
#define PACKET_H
@ -52,7 +52,7 @@ void packet_close(void);
* key is used for both sending and reception. However, both directions are
* encrypted independently of each other. Cipher types are defined in ssh.h.
*/
void
void
packet_set_encryption_key(const unsigned char *key, unsigned int keylen,
int cipher_type);
@ -201,6 +201,16 @@ do { \
} \
} while (0)
#define packet_done() \
do { \
int _len = packet_remaining(); \
if (_len > 0) { \
log("Packet integrity error (%d bytes remaining) at %s:%d", \
_len ,__FILE__, __LINE__); \
packet_disconnect("Packet integrity error."); \
} \
} while (0)
/* remote host is connected via a socket/ipv4 */
int packet_connection_is_on_socket(void);
int packet_connection_is_ipv4(void);
@ -208,4 +218,7 @@ int packet_connection_is_ipv4(void);
/* enable SSH2 packet format */
void packet_set_ssh2_format(void);
/* returns remaining payload bytes */
int packet_remaining(void);
#endif /* PACKET_H */

22
pty.c
View File

@ -1,20 +1,20 @@
/*
*
*
* pty.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Fri Mar 17 04:37:25 1995 ylo
*
*
* Allocating a pseudo-terminal, and making it the controlling tty.
*
*
*/
#include "includes.h"
RCSID("$Id: pty.c,v 1.17 2000/03/17 12:58:59 damien Exp $");
RCSID("$Id: pty.c,v 1.18 2000/04/16 01:18:44 damien Exp $");
#ifdef HAVE_UTIL_H
# include <util.h>
@ -46,7 +46,7 @@ RCSID("$Id: pty.c,v 1.17 2000/03/17 12:58:59 damien Exp $");
* returned (the buffer must be able to hold at least 64 characters).
*/
int
int
pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
{
#if defined(HAVE_OPENPTY) || defined(BSD4_4)
@ -186,7 +186,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */
void
void
pty_release(const char *ttyname)
{
if (chown(ttyname, (uid_t) 0, (gid_t) 0) < 0)
@ -197,7 +197,7 @@ pty_release(const char *ttyname)
/* Makes the tty the processes controlling tty and sets it to sane modes. */
void
void
pty_make_controlling_tty(int *ttyfd, const char *ttyname)
{
int fd;
@ -250,7 +250,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname)
/* Changes the window size associated with the pty. */
void
void
pty_change_window_size(int ptyfd, int row, int col,
int xpixel, int ypixel)
{

14
pty.h
View File

@ -1,19 +1,19 @@
/*
*
*
* pty.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Fri Mar 17 05:03:28 1995 ylo
*
*
* Functions for allocating a pseudo-terminal and making it the controlling
* tty.
*/
/* RCSID("$Id: pty.h,v 1.7 2000/04/01 01:09:25 damien Exp $"); */
/* RCSID("$Id: pty.h,v 1.8 2000/04/16 01:18:44 damien Exp $"); */
#ifndef PTY_H
#define PTY_H
@ -39,7 +39,7 @@ void pty_release(const char *ttyname);
void pty_make_controlling_tty(int *ttyfd, const char *ttyname);
/* Changes the window size associated with the pty. */
void
void
pty_change_window_size(int ptyfd, int row, int col,
int xpixel, int ypixel);

12
radix.c
View File

@ -1,10 +1,10 @@
/*
* radix.c
*
*
* base-64 encoding pinched from lynx2-7-2, who pinched it from rpem.
* Originally written by Mark Riordan 12 August 1990 and 17 Feb 1991
* and placed in the public domain.
*
*
* Dug Song <dugsong@UMICH.EDU>
*/
@ -23,7 +23,7 @@ char six2pr[64] = {
unsigned char pr2six[256];
int
int
uuencode(unsigned char *bufin, unsigned int nbytes, char *bufcoded)
{
/* ENC is the basic 1 character encoding function to make a char printing */
@ -49,7 +49,7 @@ uuencode(unsigned char *bufin, unsigned int nbytes, char *bufcoded)
return (outptr - bufcoded);
}
int
int
uudecode(const char *bufcoded, unsigned char *bufplain, int outbufsize)
{
/* single character decode */
@ -162,7 +162,7 @@ typedef unsigned short my_u_short;
}
int
int
creds_to_radix(CREDENTIALS *creds, unsigned char *buf)
{
char *p, *s;
@ -216,7 +216,7 @@ creds_to_radix(CREDENTIALS *creds, unsigned char *buf)
return (uuencode((unsigned char *)temp, len, (char *)buf));
}
int
int
radix_to_creds(const char *buf, CREDENTIALS *creds)
{

26
readconf.c
View File

@ -1,20 +1,20 @@
/*
*
*
* readconf.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sat Apr 22 00:03:10 1995 ylo
*
*
* Functions for reading the configuration files.
*
*
*/
#include "includes.h"
RCSID("$Id: readconf.c,v 1.10 2000/04/12 10:17:40 damien Exp $");
RCSID("$Id: readconf.c,v 1.11 2000/04/16 01:18:44 damien Exp $");
#include "ssh.h"
#include "cipher.h"
@ -167,7 +167,7 @@ static struct {
* error.
*/
void
void
add_local_forward(Options *options, u_short port, const char *host,
u_short host_port)
{
@ -188,7 +188,7 @@ add_local_forward(Options *options, u_short port, const char *host,
* an error.
*/
void
void
add_remote_forward(Options *options, u_short port, const char *host,
u_short host_port)
{
@ -207,7 +207,7 @@ add_remote_forward(Options *options, u_short port, const char *host,
* returns if the token is not known.
*/
static OpCodes
static OpCodes
parse_token(const char *cp, const char *filename, int linenum)
{
unsigned int i;
@ -567,7 +567,7 @@ parse_int:
* there is an error. If the file does not exist, this returns immediately.
*/
void
void
read_config_file(const char *filename, const char *host, Options *options)
{
FILE *f;
@ -607,7 +607,7 @@ read_config_file(const char *filename, const char *host, Options *options)
* system config file. Last, fill_default_options is called.
*/
void
void
initialize_options(Options * options)
{
memset(options, 'X', sizeof(*options));
@ -658,7 +658,7 @@ initialize_options(Options * options)
* options for which no value has been specified with their default values.
*/
void
void
fill_default_options(Options * options)
{
if (options->forward_agent == -1)

22
readconf.h
View File

@ -1,19 +1,19 @@
/*
*
*
* readconf.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sat Apr 22 00:25:29 1995 ylo
*
*
* Functions for reading the configuration file.
*
*
*/
/* RCSID("$Id: readconf.h,v 1.7 2000/04/12 10:17:40 damien Exp $"); */
/* RCSID("$Id: readconf.h,v 1.8 2000/04/16 01:18:44 damien Exp $"); */
#ifndef READCONF_H
#define READCONF_H
@ -106,7 +106,7 @@ void fill_default_options(Options * options);
* only sets those values that have not already been set. Returns 0 for legal
* options
*/
int
int
process_config_line(Options * options, const char *host,
char *line, const char *filename, int linenum,
int *activep);
@ -116,7 +116,7 @@ process_config_line(Options * options, const char *host,
* should already be initialized before this call. This never returns if
* there is an error. If the file does not exist, this returns immediately.
*/
void
void
read_config_file(const char *filename, const char *host,
Options * options);
@ -124,7 +124,7 @@ read_config_file(const char *filename, const char *host,
* Adds a local TCP/IP port forward to options. Never returns if there is an
* error.
*/
void
void
add_local_forward(Options * options, u_short port, const char *host,
u_short host_port);
@ -132,7 +132,7 @@ add_local_forward(Options * options, u_short port, const char *host,
* Adds a remote TCP/IP port forward to options. Never returns if there is
* an error.
*/
void
void
add_remote_forward(Options * options, u_short port, const char *host,
u_short host_port);

4
readpass.c
View File

@ -32,7 +32,7 @@
*/
#include "includes.h"
RCSID("$Id: readpass.c,v 1.5 2000/01/22 08:47:21 damien Exp $");
RCSID("$Id: readpass.c,v 1.6 2000/04/16 01:18:44 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
@ -58,7 +58,7 @@ read_passphrase(const char *prompt, int from_stdin)
sigset_t oset, nset;
struct sigaction sa, osa;
int input, output, echo = 0;
if (from_stdin) {
input = STDIN_FILENO;
output = STDERR_FILENO;

30
rsa.c
View File

@ -1,41 +1,41 @@
/*
*
*
* rsa.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Fri Mar 3 22:07:06 1995 ylo
*
*
* Description of the RSA algorithm can be found e.g. from the following sources:
*
*
* Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994.
*
*
* Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to
* Computer Security. Prentice-Hall, 1989.
*
*
* Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill,
* 1994.
*
*
* R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications
* System and Method. US Patent 4,405,829, 1983.
*
*
* Hans Riesel: Prime Numbers and Computer Methods for Factorization.
* Birkhauser, 1994.
*
*
* The RSA Frequently Asked Questions document by RSA Data Security, Inc., 1995.
*
*
* RSA in 3 lines of perl by Adam Back <aba@atlax.ex.ac.uk>, 1995, as included
* below:
*
*
* [gone - had to be deleted - what a pity]
*
*
*/
#include "includes.h"
RCSID("$Id: rsa.c,v 1.13 2000/04/04 04:57:08 damien Exp $");
RCSID("$Id: rsa.c,v 1.14 2000/04/16 01:18:45 damien Exp $");
#include "rsa.h"
#include "ssh.h"

14
rsa.h
View File

@ -1,19 +1,19 @@
/*
*
*
* rsa.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Fri Mar 3 22:01:06 1995 ylo
*
*
* RSA key generation, encryption and decryption.
*
*
*/
/* RCSID("$Id: rsa.h,v 1.7 2000/04/13 02:26:37 damien Exp $"); */
/* RCSID("$Id: rsa.h,v 1.8 2000/04/16 01:18:45 damien Exp $"); */
#ifndef RSA_H
#define RSA_H

20
scp.c
View File

@ -1,13 +1,13 @@
/*
*
*
* scp - secure remote copy. This is basically patched BSD rcp which uses ssh
* to do the data transfer (instead of using rcmd).
*
*
* NOTE: This version should NOT be suid root. (This uses ssh to do the transfer
* and ssh has the necessary privileges.)
*
*
* 1995 Timo Rinne <tri@iki.fi>, Tatu Ylonen <ylo@cs.hut.fi>
*
*
*/
/*
@ -45,7 +45,7 @@
*/
#include "includes.h"
RCSID("$Id: scp.c,v 1.18 2000/03/17 12:40:16 damien Exp $");
RCSID("$Id: scp.c,v 1.19 2000/04/16 01:18:45 damien Exp $");
#include "ssh.h"
#include "xmalloc.h"
@ -109,7 +109,7 @@ char *port = NULL;
* assigns the input and output file descriptors on success.
*/
int
int
do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
{
int pin[2], pout[2], reserved[2];
@ -194,7 +194,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
return 0;
}
void
void
fatal(const char *fmt,...)
{
va_list ap;
@ -257,10 +257,10 @@ main(argc, argv)
switch (ch) {
/* User-visible flags. */
case '4':
IPv4 = 1;
IPv4 = 1;
break;
case '6':
IPv6 = 1;
IPv6 = 1;
break;
case 'p':
pflag = 1;
@ -1008,7 +1008,7 @@ run_err(const char *fmt,...)
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: scp.c,v 1.18 2000/03/17 12:40:16 damien Exp $
* $Id: scp.c,v 1.19 2000/04/16 01:18:45 damien Exp $
*/
char *

24
servconf.c
View File

@ -1,18 +1,18 @@
/*
*
*
* servconf.c
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Mon Aug 21 15:48:58 1995 ylo
*
*
*/
#include "includes.h"
RCSID("$Id: servconf.c,v 1.11 2000/04/12 10:17:40 damien Exp $");
RCSID("$Id: servconf.c,v 1.12 2000/04/16 01:18:45 damien Exp $");
#include "ssh.h"
#include "servconf.h"
@ -24,7 +24,7 @@ void add_listen_addr(ServerOptions *options, char *addr);
/* Initializes the server options to their default values. */
void
void
initialize_server_options(ServerOptions *options)
{
memset(options, 0, sizeof(*options));
@ -73,7 +73,7 @@ initialize_server_options(ServerOptions *options)
options->protocol = SSH_PROTO_UNKNOWN;
}
void
void
fill_default_server_options(ServerOptions *options)
{
if (options->num_ports == 0)
@ -226,7 +226,7 @@ static struct {
* returns if the token is not known.
*/
static ServerOpCodes
static ServerOpCodes
parse_token(const char *cp, const char *filename,
int linenum)
{
@ -244,7 +244,7 @@ parse_token(const char *cp, const char *filename,
/*
* add listen address
*/
void
void
add_listen_addr(ServerOptions *options, char *addr)
{
extern int IPv4or6;
@ -274,7 +274,7 @@ add_listen_addr(ServerOptions *options, char *addr)
/* Reads the server configuration file. */
void
void
read_server_config(ServerOptions *options, const char *filename)
{
FILE *f;
@ -310,7 +310,7 @@ read_server_config(ServerOptions *options, const char *filename)
"ListenAdress.\n", filename, linenum);
if (options->num_ports >= MAX_PORTS)
fatal("%s line %d: too many ports.\n",
filename, linenum);
filename, linenum);
cp = strtok(NULL, WHITESPACE);
if (!cp)
fatal("%s line %d: missing port number.\n",

14
servconf.h
View File

@ -1,19 +1,19 @@
/*
*
*
* servconf.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Mon Aug 21 15:35:03 1995 ylo
*
*
* Definitions for server configuration data and for the functions reading it.
*
*
*/
/* RCSID("$Id: servconf.h,v 1.8 2000/04/12 10:17:40 damien Exp $"); */
/* RCSID("$Id: servconf.h,v 1.9 2000/04/16 01:18:45 damien Exp $"); */
#ifndef SERVCONF_H
#define SERVCONF_H

46
serverloop.c
View File

@ -59,7 +59,7 @@ static volatile int child_wait_status; /* Status from wait(). */
void server_init_dispatch(void);
void
void
sigchld_handler(int sig)
{
int save_errno = errno;
@ -78,7 +78,7 @@ sigchld_handler(int sig)
signal(SIGCHLD, sigchld_handler);
errno = save_errno;
}
void
void
sigchld_handler2(int sig)
{
int save_errno = errno;
@ -92,7 +92,7 @@ sigchld_handler2(int sig)
* Make packets from buffered stderr data, and buffer it for sending
* to the client.
*/
void
void
make_packets_from_stderr_data()
{
int len;
@ -121,7 +121,7 @@ make_packets_from_stderr_data()
* Make packets from buffered stdout data, and buffer it for sending to the
* client.
*/
void
void
make_packets_from_stdout_data()
{
int len;
@ -152,7 +152,7 @@ make_packets_from_stdout_data()
* have data or can accept data. Optionally, a maximum time can be specified
* for the duration of the wait (0 = infinite).
*/
void
void
wait_until_can_do_something(fd_set * readset, fd_set * writeset,
unsigned int max_time_milliseconds)
{
@ -246,7 +246,7 @@ retry_select:
* Processes input from the client and the program. Input data is stored
* in buffers and processed later.
*/
void
void
process_input(fd_set * readset)
{
int len;
@ -299,7 +299,7 @@ process_input(fd_set * readset)
/*
* Sends data from internal buffers to client program stdin.
*/
void
void
process_output(fd_set * writeset)
{
int len;
@ -334,7 +334,7 @@ process_output(fd_set * writeset)
* Wait until all buffered output has been sent to the client.
* This is used when the program terminates.
*/
void
void
drain_output()
{
/* Send any buffered stdout data to the client. */
@ -359,7 +359,7 @@ drain_output()
packet_write_wait();
}
void
void
process_buffered_input_packets()
{
dispatch_run(DISPATCH_NONBLOCK, NULL);
@ -372,7 +372,7 @@ process_buffered_input_packets()
* stdin (of the child program), and reads from stdout and stderr (of the
* child program).
*/
void
void
server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg)
{
int wait_status, wait_pid; /* Status and pid returned by wait(). */
@ -604,7 +604,7 @@ server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg)
/* NOTREACHED */
}
void
void
server_loop2(void)
{
fd_set readset, writeset;
@ -697,16 +697,17 @@ int
input_direct_tcpip(void)
{
int sock;
char *host, *originator;
int host_port, originator_port;
char *target, *originator;
int target_port, originator_port;
host = packet_get_string(NULL);
host_port = packet_get_int();
target = packet_get_string(NULL);
target_port = packet_get_int();
originator = packet_get_string(NULL);
originator_port = packet_get_int();
packet_done();
/* XXX check permission */
sock = channel_connect_to(host, host_port);
xfree(host);
sock = channel_connect_to(target, target_port);
xfree(target);
xfree(originator);
if (sock < 0)
return -1;
@ -714,7 +715,7 @@ input_direct_tcpip(void)
sock, sock, -1, 4*1024, 32*1024, 0, xstrdup("direct-tcpip"));
}
void
void
server_input_channel_open(int type, int plen)
{
Channel *c = NULL;
@ -735,6 +736,7 @@ server_input_channel_open(int type, int plen)
if (strcmp(ctype, "session") == 0) {
debug("open session");
packet_done();
/*
* A server session has no fd to read or write
* until a CHANNEL_REQUEST for a shell is made,
@ -783,7 +785,7 @@ server_input_channel_open(int type, int plen)
xfree(ctype);
}
void
void
server_init_dispatch_20()
{
debug("server_init_dispatch_20");
@ -798,7 +800,7 @@ server_init_dispatch_20()
dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &channel_input_channel_request);
dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
}
void
void
server_init_dispatch_13()
{
debug("server_init_dispatch_13");
@ -813,7 +815,7 @@ server_init_dispatch_13()
dispatch_set(SSH_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
dispatch_set(SSH_MSG_PORT_OPEN, &channel_input_port_open);
}
void
void
server_init_dispatch_15()
{
server_init_dispatch_13();
@ -821,7 +823,7 @@ server_init_dispatch_15()
dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof);
dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, &channel_input_oclose);
}
void
void
server_init_dispatch()
{
if (compat20)

25
session.c
View File

@ -8,7 +8,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: session.c,v 1.2 2000/04/06 08:55:22 markus Exp $");
RCSID("$OpenBSD: session.c,v 1.4 2000/04/14 10:30:33 markus Exp $");
#include "xmalloc.h"
#include "ssh.h"
@ -113,7 +113,7 @@ xauthfile_cleanup_proc(void *ignore)
* Function to perform cleanup if we get aborted abnormally (e.g., due to a
* dropped connection).
*/
void
void
pty_cleanup_proc(void *session)
{
Session *s=session;
@ -136,7 +136,7 @@ pty_cleanup_proc(void *session)
* terminals are allocated, X11, TCP/IP, and authentication agent forwardings
* are requested, etc.
*/
void
void
do_authenticated(struct passwd * pw)
{
Session *s;
@ -366,7 +366,7 @@ do_authenticated(struct passwd * pw)
* will call do_child from the child, and server_loop from the parent after
* setting up file descriptors and such.
*/
void
void
do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
{
int pid;
@ -487,7 +487,7 @@ do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
* setting up file descriptors, controlling tty, updating wtmp, utmp,
* lastlog, and other such operations.
*/
void
void
do_exec_pty(Session *s, const char *command, struct passwd * pw)
{
FILE *f;
@ -660,7 +660,7 @@ do_exec_pty(Session *s, const char *command, struct passwd * pw)
* Sets the value of the given variable in the environment. If the variable
* already exists, its value is overriden.
*/
void
void
child_set_env(char ***envp, unsigned int *envsizep, const char *name,
const char *value)
{
@ -701,7 +701,7 @@ child_set_env(char ***envp, unsigned int *envsizep, const char *name,
* Otherwise, it must consist of empty lines, comments (line starts with '#')
* and assignments of the form name=value. No other forms are allowed.
*/
void
void
read_environment_file(char ***env, unsigned int *envsize,
const char *filename)
{
@ -770,7 +770,7 @@ void do_pam_environment(char ***env, int *envsize)
* environment, closing extra file descriptors, setting the user and group
* ids, and executing the command or shell.
*/
void
void
do_child(const char *command, struct passwd * pw, const char *term,
const char *display, const char *auth_proto,
const char *auth_data, const char *ttyname)
@ -1202,6 +1202,7 @@ session_window_change_req(Session *s)
s->row = packet_get_int();
s->xpixel = packet_get_int();
s->ypixel = packet_get_int();
packet_done();
pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
return 1;
}
@ -1210,14 +1211,17 @@ int
session_pty_req(Session *s)
{
unsigned int len;
char *term_modes; /* encoded terminal modes */
if (s->ttyfd != -1)
return -1;
return 0;
s->term = packet_get_string(&len);
s->col = packet_get_int();
s->row = packet_get_int();
s->xpixel = packet_get_int();
s->ypixel = packet_get_int();
term_modes = packet_get_string(&len);
packet_done();
if (strcmp(s->term, "") == 0) {
xfree(s->term);
@ -1230,7 +1234,8 @@ session_pty_req(Session *s)
s->ptyfd = -1;
s->ttyfd = -1;
error("session_pty_req: session %d alloc failed", s->self);
return -1;
xfree(term_modes);
return 0;
}
debug("session_pty_req: session %d alloc %s", s->self, s->tty);
/*

10
ssh-agent.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-agent.c,v 1.27 2000/04/12 09:39:10 markus Exp $ */
/* $OpenBSD: ssh-agent.c,v 1.28 2000/04/14 10:30:33 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -9,7 +9,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ssh-agent.c,v 1.27 2000/04/12 09:39:10 markus Exp $");
RCSID("$OpenBSD: ssh-agent.c,v 1.28 2000/04/14 10:30:33 markus Exp $");
#include "ssh.h"
#include "rsa.h"
@ -412,7 +412,7 @@ prepare_select(fd_set *readset, fd_set *writeset)
}
}
void
void
after_select(fd_set *readset, fd_set *writeset)
{
unsigned int i;
@ -646,8 +646,8 @@ main(int ac, char **av)
}
signal(SIGINT, SIG_IGN);
signal(SIGPIPE, SIG_IGN);
signal(SIGHUP, cleanup_exit);
signal(SIGTERM, cleanup_exit);
signal(SIGHUP, cleanup_exit);
signal(SIGTERM, cleanup_exit);
while (1) {
FD_ZERO(&readset);
FD_ZERO(&writeset);

4
ssh-keygen.c
View File

@ -7,7 +7,7 @@
*/
#include "includes.h"
RCSID("$Id: ssh-keygen.c,v 1.12 2000/03/17 12:40:17 damien Exp $");
RCSID("$Id: ssh-keygen.c,v 1.13 2000/04/16 01:18:46 damien Exp $");
#include "rsa.h"
#include "ssh.h"
@ -508,7 +508,7 @@ passphrase_again:
if (identity_comment) {
strlcpy(comment, identity_comment, sizeof(comment));
} else {
/* Create default commend field for the passphrase. */
/* Create default commend field for the passphrase. */
if (gethostname(hostname, sizeof(hostname)) < 0) {
perror("gethostname");
exit(1);

8
ssh.1
View File

@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo
.\"
.\" $Id: ssh.1,v 1.21 2000/04/13 02:26:37 damien Exp $
.\" $Id: ssh.1,v 1.22 2000/04/16 01:18:46 damien Exp $
.\"
.Dd September 25, 1999
.Dt SSH 1
@ -24,7 +24,7 @@
.Op Ar command
.Pp
.Nm ssh
.Op Fl afgknqtvxCPX46
.Op Fl afgknqtvxCPX246
.Op Fl c Ar blowfish | 3des
.Op Fl e Ar escape_char
.Op Fl i Ar identity_file
@ -455,6 +455,10 @@ from the local machine.
Port forwardings can also be specified in the configuration file.
Privileged ports can be forwarded only when
logging in as root on the remote machine.
.It Fl 2
Forces
.Nm
to use protocol version 2 only.
.It Fl 4
Forces
.Nm

42
ssh.c
View File

@ -11,7 +11,7 @@
*/
#include "includes.h"
RCSID("$Id: ssh.c,v 1.25 2000/04/12 10:17:40 damien Exp $");
RCSID("$Id: ssh.c,v 1.26 2000/04/16 01:18:46 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
@ -138,6 +138,7 @@ usage()
fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n");
fprintf(stderr, " -4 Use IPv4 only.\n");
fprintf(stderr, " -6 Use IPv6 only.\n");
fprintf(stderr, " -2 Force protocol version 2.\n");
fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n");
exit(1);
}
@ -251,8 +252,8 @@ main(int ac, char **av)
if (host)
break;
if ((cp = strchr(av[optind], '@'))) {
if(cp == av[optind])
usage();
if(cp == av[optind])
usage();
options.user = av[optind];
*cp = '\0';
host = ++cp;
@ -276,39 +277,34 @@ main(int ac, char **av)
optarg = NULL;
}
switch (opt) {
case '2':
options.protocol = SSH_PROTO_2;
break;
case '4':
IPv4or6 = AF_INET;
break;
case '6':
IPv4or6 = AF_INET6;
break;
case 'n':
stdin_null_flag = 1;
break;
case 'f':
fork_after_authentication_flag = 1;
stdin_null_flag = 1;
break;
case 'x':
options.forward_x11 = 0;
break;
case 'X':
options.forward_x11 = 1;
break;
case 'g':
options.gateway_ports = 1;
break;
case 'P':
options.use_privileged_port = 0;
break;
case 'a':
options.forward_agent = 0;
break;
@ -330,11 +326,9 @@ main(int ac, char **av)
options.identity_files[options.num_identity_files++] =
xstrdup(optarg);
break;
case 't':
tty_flag = 1;
break;
case 'v':
case 'V':
fprintf(stderr, "SSH Version %s, protocol versions %d.%d/%d.%d.\n",
@ -347,11 +341,9 @@ main(int ac, char **av)
debug_flag = 1;
options.log_level = SYSLOG_LEVEL_DEBUG;
break;
case 'q':
options.log_level = SYSLOG_LEVEL_QUIET;
break;
case 'e':
if (optarg[0] == '^' && optarg[2] == 0 &&
(unsigned char) optarg[1] >= 64 && (unsigned char) optarg[1] < 128)
@ -365,7 +357,6 @@ main(int ac, char **av)
exit(1);
}
break;
case 'c':
options.cipher = cipher_number(optarg);
if (options.cipher == -1) {
@ -373,15 +364,12 @@ main(int ac, char **av)
exit(1);
}
break;
case 'p':
options.port = atoi(optarg);
break;
case 'l':
options.user = optarg;
break;
case 'R':
if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
&fwd_host_port) != 3 &&
@ -393,7 +381,6 @@ main(int ac, char **av)
}
add_remote_forward(&options, fwd_port, buf, fwd_host_port);
break;
case 'L':
if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
&fwd_host_port) != 3 &&
@ -405,27 +392,22 @@ main(int ac, char **av)
}
add_local_forward(&options, fwd_port, buf, fwd_host_port);
break;
case 'C':
options.compression = 1;
break;
case 'N':
no_shell_flag = 1;
no_tty_flag = 1;
break;
case 'T':
no_tty_flag = 1;
break;
case 'o':
dummy = 1;
if (process_config_line(&options, host ? host : "", optarg,
"command-line", 0, &dummy) != 0)
exit(1);
break;
default:
usage();
}
@ -634,7 +616,7 @@ main(int ac, char **av)
/* Expand ~ in known host file names. */
options.system_hostfile = tilde_expand_filename(options.system_hostfile,
original_real_uid);
original_real_uid);
options.user_hostfile = tilde_expand_filename(options.user_hostfile,
original_real_uid);
@ -803,7 +785,7 @@ ssh_session(void)
options.local_forwards[i].host,
options.local_forwards[i].host_port);
channel_request_local_forwarding(options.local_forwards[i].port,
options.local_forwards[i].host,
options.local_forwards[i].host,
options.local_forwards[i].host_port,
options.gateway_ports);
}
@ -816,11 +798,11 @@ ssh_session(void)
options.remote_forwards[i].host_port);
channel_request_remote_forwarding(options.remote_forwards[i].port,
options.remote_forwards[i].host,
options.remote_forwards[i].host_port);
options.remote_forwards[i].host_port);
}
/* If requested, let ssh continue in the background. */
if (fork_after_authentication_flag)
if (fork_after_authentication_flag)
if (daemon(1, 1) < 0)
fatal("daemon() failed: %.200s", strerror(errno));
@ -859,7 +841,7 @@ init_local_fwd(void)
options.local_forwards[i].host,
options.local_forwards[i].host_port);
channel_request_local_forwarding(options.local_forwards[i].port,
options.local_forwards[i].host,
options.local_forwards[i].host,
options.local_forwards[i].host_port,
options.gateway_ports);
}

30
ssh.h
View File

@ -1,19 +1,19 @@
/*
*
*
* ssh.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Fri Mar 17 17:09:37 1995 ylo
*
*
* Generic header file for ssh.
*
*
*/
/* RCSID("$Id: ssh.h,v 1.31 2000/04/12 10:17:41 damien Exp $"); */
/* RCSID("$Id: ssh.h,v 1.32 2000/04/16 01:18:47 damien Exp $"); */
#ifndef SSH_H
#define SSH_H
@ -279,7 +279,7 @@
* information is not available. This must be called before record_login.
* The host from which the user logged in is stored in buf.
*/
unsigned long
unsigned long
get_last_login_time(uid_t uid, const char *logname,
char *buf, unsigned int bufsize);
@ -287,7 +287,7 @@ get_last_login_time(uid_t uid, const char *logname,
* Records that the user has logged in. This does many things normally done
* by login(1).
*/
void
void
record_login(int pid, const char *ttyname, const char *user, uid_t uid,
const char *host, struct sockaddr *addr);
@ -308,7 +308,7 @@ void record_logout(int pid, const char *ttyname);
* and zero on failure. If the connection is successful, this calls
* packet_set_connection for the connection.
*/
int
int
ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
u_short port, int connection_attempts,
int anonymous, uid_t original_real_uid,
@ -323,7 +323,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
* references from the packet module).
*/
void
void
ssh_login(int host_key_valid, RSA * host_key, const char *host,
struct sockaddr * hostaddr, uid_t original_real_uid);
@ -340,7 +340,7 @@ int auth_rhosts(struct passwd * pw, const char *client_user);
* Tries to authenticate the user using the .rhosts file and the host using
* its host key. Returns true if authentication succeeds.
*/
int
int
auth_rhosts_rsa(struct passwd * pw, const char *client_user, RSA* client_host_key);
/*
@ -409,7 +409,7 @@ char *read_passphrase(const char *prompt, int from_stdin);
* precede the key to provide identification of the key without needing a
* passphrase.
*/
int
int
save_private_key(const char *filename, const char *passphrase,
RSA * private_key, const char *comment);
@ -419,7 +419,7 @@ save_private_key(const char *filename, const char *passphrase,
* comment of the key is returned in comment_return if it is non-NULL; the
* caller must free the value with xfree.
*/
int
int
load_public_key(const char *filename, RSA * pub,
char **comment_return);
@ -430,7 +430,7 @@ load_public_key(const char *filename, RSA * pub,
* comment_return if it is non-NULL; the caller must free the value with
* xfree.
*/
int
int
load_private_key(const char *filename, const char *passphrase,
RSA * private_key, char **comment_return);

20
ssh2.h
View File

@ -1,31 +1,31 @@
/*
* draft-ietf-secsh-architecture-04.txt
* draft-ietf-secsh-architecture-04.txt
*
* Transport layer protocol:
*
*
* 1-19 Transport layer generic (e.g. disconnect, ignore, debug,
* etc)
* 20-29 Algorithm negotiation
* 30-49 Key exchange method specific (numbers can be reused for
* different authentication methods)
*
*
* User authentication protocol:
*
*
* 50-59 User authentication generic
* 60-79 User authentication method specific (numbers can be reused
* for different authentication methods)
*
*
* Connection protocol:
*
*
* 80-89 Connection protocol generic
* 90-127 Channel related messages
*
*
* Reserved for client protocols:
*
*
* 128-191 Reserved
*
*
* Local extensions:
*
*
* 192-255 Local extensions
*/

56
sshconnect.c
View File

@ -10,7 +10,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshconnect.c,v 1.66 2000/04/12 09:39:10 markus Exp $");
RCSID("$OpenBSD: sshconnect.c,v 1.68 2000/04/14 10:30:33 markus Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>
@ -250,7 +250,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
debug("Trying again...");
/* Loop through addresses for this host, and try each one in
sequence until the connection succeeds. */
sequence until the connection succeeds. */
for (ai = aitop; ai; ai = ai->ai_next) {
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
continue;
@ -264,7 +264,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
host, ntop, strport);
/* Create a socket for connecting. */
sock = ssh_create_socket(original_real_uid,
sock = ssh_create_socket(original_real_uid,
!anonymous && geteuid() == 0 && port < IPPORT_RESERVED,
ai->ai_family);
if (sock < 0)
@ -1059,7 +1059,7 @@ ssh_exchange_identification()
break;
}
/* FALLTHROUGH */
default:
default:
mismatch = 1;
break;
}
@ -1363,13 +1363,13 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
debug("Sending KEX init.");
if (options.ciphers != NULL) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
} else if (
options.cipher == SSH_CIPHER_ARCFOUR ||
options.cipher == SSH_CIPHER_3DES_CBC ||
options.cipher == SSH_CIPHER_CAST128_CBC ||
options.cipher == SSH_CIPHER_BLOWFISH_CBC) {
options.cipher == SSH_CIPHER_3DES_CBC ||
options.cipher == SSH_CIPHER_CAST128_CBC ||
options.cipher == SSH_CIPHER_BLOWFISH_CBC) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = cipher_name(options.cipher);
}
@ -1411,6 +1411,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
debug("first kex follow == %d", i);
i = packet_get_int();
debug("reserved == %d", i);
packet_done();
debug("done read kexinit");
kex = kex_choose_conf(cprop, sprop, 0);
@ -1434,7 +1435,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
fprintf(stderr, "\npub= ");
bignum_print(dh->pub_key);
fprintf(stderr, "\n");
DHparams_print_fp(stderr, dh);
DHparams_print_fp(stderr, dh);
#endif
debug("Wait SSH2_MSG_KEXDH_REPLY.");
@ -1466,6 +1467,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
/* signed H */
signature = packet_get_string(&slen);
packet_done();
if (!dh_pub_is_valid(dh, dh_server_pub))
packet_disconnect("bad server public DH value");
@ -1475,14 +1477,14 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
kout = DH_compute_key(kbuf, dh_server_pub, dh);
#ifdef DEBUG_KEXDH
debug("shared secret: len %d/%d", klen, kout);
fprintf(stderr, "shared secret == ");
for (i = 0; i< kout; i++)
fprintf(stderr, "%02x", (kbuf[i])&0xff);
fprintf(stderr, "\n");
fprintf(stderr, "shared secret == ");
for (i = 0; i< kout; i++)
fprintf(stderr, "%02x", (kbuf[i])&0xff);
fprintf(stderr, "\n");
#endif
shared_secret = BN_new();
shared_secret = BN_new();
BN_bin2bn(kbuf, kout, shared_secret);
BN_bin2bn(kbuf, kout, shared_secret);
memset(kbuf, 0, klen);
xfree(kbuf);
@ -1502,10 +1504,10 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
xfree(client_kexinit);
xfree(server_kexinit);
#ifdef DEBUG_KEXDH
fprintf(stderr, "hash == ");
for (i = 0; i< 20; i++)
fprintf(stderr, "%02x", (hash[i])&0xff);
fprintf(stderr, "\n");
fprintf(stderr, "hash == ");
for (i = 0; i< 20; i++)
fprintf(stderr, "%02x", (hash[i])&0xff);
fprintf(stderr, "\n");
#endif
dsa_verify(server_host_key, (unsigned char *)signature, slen, hash, 20);
key_free(server_host_key);
@ -1518,6 +1520,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
debug("Wait SSH2_MSG_NEWKEYS.");
packet_read_expect(&payload_len, SSH2_MSG_NEWKEYS);
packet_done();
debug("GOT SSH2_MSG_NEWKEYS.");
debug("send SSH2_MSG_NEWKEYS.");
@ -1551,7 +1554,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
char *server_user, *local_user;
char *auths;
char *password;
char *service = "ssh-connection"; // service name
char *service = "ssh-connection"; /* service name */
debug("send SSH2_MSG_SERVICE_REQUEST");
packet_start(SSH2_MSG_SERVICE_REQUEST);
@ -1563,8 +1566,15 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
if (type != SSH2_MSG_SERVICE_ACCEPT) {
fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type);
}
/* payload empty for ssh-2.0.13 ?? */
/* reply = packet_get_string(&payload_len); */
if (packet_remaining() > 0) {
char *reply = packet_get_string(&plen);
debug("service_accept: %s", reply);
xfree(reply);
} else {
/* payload empty for ssh-2.0.13 ?? */
log("buggy server: service_accept w/o service");
}
packet_done();
debug("got SSH2_MSG_SERVICE_ACCEPT");
/*XX COMMONCODE: */
@ -1593,6 +1603,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
auths = packet_get_string(&dlen);
debug("authentications that can continue: %s", auths);
partial = packet_get_char();
packet_done();
if (partial)
debug("partial success");
if (strstr(auths, "password") == NULL)
@ -1613,6 +1624,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
packet_send();
packet_write_wait();
}
packet_done();
debug("ssh-userauth2 successfull");
}

54
sshd.c
View File

@ -14,7 +14,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshd.c,v 1.104 2000/04/12 09:39:10 markus Exp $");
RCSID("$OpenBSD: sshd.c,v 1.105 2000/04/14 10:30:33 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@ -67,7 +67,7 @@ ServerOptions options;
/* Name of the server configuration file. */
char *config_file_name = SERVER_CONFIG_FILE;
/*
/*
* Flag indicating whether IPv4 or IPv6. This can be set on the command line.
* Default value is AF_UNSPEC means both IPv4 and IPv6.
*/
@ -162,7 +162,7 @@ close_listen_socks(void)
* the effect is to reread the configuration file (and to regenerate
* the server key).
*/
void
void
sighup_handler(int sig)
{
received_sighup = 1;
@ -173,7 +173,7 @@ sighup_handler(int sig)
* Called from the main program after receiving SIGHUP.
* Restarts the server.
*/
void
void
sighup_restart()
{
log("Received SIGHUP; restarting.");
@ -188,7 +188,7 @@ sighup_restart()
* These close the listen socket; not closing it seems to cause "Address
* already in use" problems on some machines, which is inconvenient.
*/
void
void
sigterm_handler(int sig)
{
log("Received signal %d; terminating.", sig);
@ -200,7 +200,7 @@ sigterm_handler(int sig)
* SIGCHLD handler. This is called whenever a child dies. This will then
* reap any zombies left by exited c.
*/
void
void
main_sigchld_handler(int sig)
{
int save_errno = errno;
@ -216,7 +216,7 @@ main_sigchld_handler(int sig)
/*
* Signal handler for the alarm after the login grace period has expired.
*/
void
void
grace_alarm_handler(int sig)
{
/* Close the connection. */
@ -233,7 +233,7 @@ grace_alarm_handler(int sig)
* Thus there should be no concurrency control/asynchronous execution
* problems.
*/
void
void
key_regeneration_alarm(int sig)
{
int save_errno = errno;
@ -266,15 +266,15 @@ key_regeneration_alarm(int sig)
char *
chop(char *s)
{
char *t = s;
while (*t) {
if(*t == '\n' || *t == '\r') {
*t = '\0';
return s;
}
t++;
}
return s;
char *t = s;
while (*t) {
if(*t == '\n' || *t == '\r') {
*t = '\0';
return s;
}
t++;
}
return s;
}
@ -337,7 +337,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
*/
if (sscanf(client_version_string, "SSH-%d.%d-%[^\n]\n",
&remote_major, &remote_minor, remote_version) != 3) {
s = "Protocol mismatch.\n";
s = "Protocol mismatch.\n";
(void) atomicio(write, sock_out, s, strlen(s));
close(sock_in);
close(sock_out);
@ -377,7 +377,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
break;
}
/* FALLTHROUGH */
default:
default:
mismatch = 1;
break;
}
@ -719,8 +719,8 @@ main(int ac, char **av)
for (i = 0; i < num_listen_socks; i++)
if (listen_socks[i] > maxfd)
maxfd = listen_socks[i];
fdsetsz = howmany(maxfd, NFDBITS) * sizeof(fd_mask);
fdset = (fd_set *)xmalloc(fdsetsz);
fdsetsz = howmany(maxfd, NFDBITS) * sizeof(fd_mask);
fdset = (fd_set *)xmalloc(fdsetsz);
/*
* Stay listening for connections until the system crashes or
@ -1018,7 +1018,7 @@ do_ssh1_kex()
/* Get cipher type and check whether we accept this. */
cipher_type = packet_get_char();
if (!(cipher_mask() & (1 << cipher_type)))
if (!(cipher_mask() & (1 << cipher_type)))
packet_disconnect("Warning: client selects unsupported cipher.");
/* Get check bytes from the packet. These must match those we
@ -1145,7 +1145,7 @@ do_ssh2_kex()
/* KEXINIT */
if (options.ciphers != NULL) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
}
@ -1258,10 +1258,10 @@ do_ssh2_kex()
xfree(client_kexinit);
xfree(server_kexinit);
#ifdef DEBUG_KEXDH
fprintf(stderr, "hash == ");
for (i = 0; i< 20; i++)
fprintf(stderr, "%02x", (hash[i])&0xff);
fprintf(stderr, "\n");
fprintf(stderr, "hash == ");
for (i = 0; i< 20; i++)
fprintf(stderr, "%02x", (hash[i])&0xff);
fprintf(stderr, "\n");
#endif
/* sign H */
dsa_sign(server_host_key, &signature, &slen, hash, 20);

10
ttymodes.c
View File

@ -10,7 +10,7 @@
*/
#include "includes.h"
RCSID("$Id: ttymodes.c,v 1.3 1999/11/25 00:54:59 damien Exp $");
RCSID("$Id: ttymodes.c,v 1.4 2000/04/16 01:18:49 damien Exp $");
#include "packet.h"
#include "ssh.h"
@ -23,7 +23,7 @@ RCSID("$Id: ttymodes.c,v 1.3 1999/11/25 00:54:59 damien Exp $");
* Converts POSIX speed_t to a baud rate. The values of the
* constants for speed_t are not themselves portable.
*/
static int
static int
speed_to_baud(speed_t speed)
{
switch (speed) {
@ -112,7 +112,7 @@ speed_to_baud(speed_t speed)
/*
* Converts a numeric baud rate to a POSIX speed_t.
*/
static speed_t
static speed_t
baud_to_speed(int baud)
{
switch (baud) {
@ -203,7 +203,7 @@ baud_to_speed(int baud)
* in a portable manner, and appends the modes to a packet
* being constructed.
*/
void
void
tty_make_modes(int fd)
{
struct termios tio;
@ -247,7 +247,7 @@ tty_make_modes(int fd)
* Decodes terminal modes for the terminal referenced by fd in a portable
* manner from a packet being read.
*/
void
void
tty_parse_modes(int fd, int *n_bytes_ptr)
{
struct termios tio;

12
ttymodes.h
View File

@ -1,18 +1,18 @@
/*
*
*
* ttymodes.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* SGTTY stuff contributed by Janne Snabb <snabb@niksula.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Tue Mar 21 15:42:09 1995 ylo
*
*
*/
/* RCSID("$Id: ttymodes.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
/* RCSID("$Id: ttymodes.h,v 1.4 2000/04/16 01:18:49 damien Exp $"); */
/* The tty mode description is a stream of bytes. The stream consists of
* opcode-arguments pairs. It is terminated by opcode TTY_OP_END (0).

8
uidswap.c
View File

@ -7,7 +7,7 @@
*/
#include "includes.h"
RCSID("$Id: uidswap.c,v 1.4 2000/01/20 13:18:16 damien Exp $");
RCSID("$Id: uidswap.c,v 1.5 2000/04/16 01:18:49 damien Exp $");
#include "ssh.h"
#include "uidswap.h"
@ -35,7 +35,7 @@ static uid_t saved_euid = 0;
* Temporarily changes to the given uid. If the effective user
* id is not root, this does nothing. This call cannot be nested.
*/
void
void
temporarily_use_uid(uid_t uid)
{
#ifdef SAVED_IDS_WORK_WITH_SETEUID
@ -59,7 +59,7 @@ temporarily_use_uid(uid_t uid)
/*
* Restores to the original uid.
*/
void
void
restore_uid()
{
#ifdef SAVED_IDS_WORK_WITH_SETEUID
@ -80,7 +80,7 @@ restore_uid()
* Permanently sets all uids to the given uid. This cannot be
* called while temporarily_use_uid is effective.
*/
void
void
permanently_set_uid(uid_t uid)
{
if (setuid(uid) < 0)

10
uidswap.h
View File

@ -1,15 +1,15 @@
/*
*
*
* uidswap.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Sat Sep 9 01:43:15 1995 ylo
* Last modified: Sat Sep 9 02:34:04 1995 ylo
*
*
*/
#ifndef UIDSWAP_H

4
xmalloc.c
View File

@ -8,7 +8,7 @@
*/
#include "includes.h"
RCSID("$Id: xmalloc.c,v 1.2 1999/11/24 13:26:23 damien Exp $");
RCSID("$Id: xmalloc.c,v 1.3 2000/04/16 01:18:49 damien Exp $");
#include "ssh.h"
@ -34,7 +34,7 @@ xrealloc(void *ptr, size_t new_size)
return new_ptr;
}
void
void
xfree(void *ptr)
{
if (ptr == NULL)

14
xmalloc.h
View File

@ -1,20 +1,20 @@
/*
*
*
* xmalloc.h
*
*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*
*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
*
* Created: Mon Mar 20 22:09:17 1995 ylo
*
*
* Versions of malloc and friends that check their results, and never return
* failure (they call fatal if they encounter an error).
*
*
*/
/* RCSID("$Id: xmalloc.h,v 1.2 1999/11/24 13:26:23 damien Exp $"); */
/* RCSID("$Id: xmalloc.h,v 1.3 2000/04/16 01:18:49 damien Exp $"); */
#ifndef XMALLOC_H
#define XMALLOC_H