- OpenBSD CVS updates.
[ssh.1 ssh.c] - ssh -2 [auth.c channels.c clientloop.c packet.c packet.h serverloop.c] [session.c sshconnect.c] - check payload for (illegal) extra data [ALL] - whitespace cleanup
This commit is contained in:
parent
5d1705ecf9
commit
4af51306d9
10
ChangeLog
10
ChangeLog
|
@ -1,3 +1,13 @@
|
||||||
|
20000415
|
||||||
|
- OpenBSD CVS updates.
|
||||||
|
[ssh.1 ssh.c]
|
||||||
|
- ssh -2
|
||||||
|
[auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
|
||||||
|
[session.c sshconnect.c]
|
||||||
|
- check payload for (illegal) extra data
|
||||||
|
[ALL]
|
||||||
|
whitespace cleanup
|
||||||
|
|
||||||
20000413
|
20000413
|
||||||
- INSTALL doc updates
|
- INSTALL doc updates
|
||||||
- Merged OpenBSD updates to include paths.
|
- Merged OpenBSD updates to include paths.
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
|
|
||||||
#ifndef USE_PAM
|
#ifndef USE_PAM
|
||||||
|
|
||||||
RCSID("$Id: auth-passwd.c,v 1.16 2000/01/22 23:32:03 damien Exp $");
|
RCSID("$Id: auth-passwd.c,v 1.17 2000/04/16 01:18:39 damien Exp $");
|
||||||
|
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: auth-rh-rsa.c,v 1.9 2000/04/13 02:26:35 damien Exp $");
|
RCSID("$Id: auth-rh-rsa.c,v 1.10 2000/04/16 01:18:39 damien Exp $");
|
||||||
|
|
||||||
#ifdef HAVE_OPENSSL
|
#ifdef HAVE_OPENSSL
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: auth-rhosts.c,v 1.7 1999/12/27 12:54:55 damien Exp $");
|
RCSID("$Id: auth-rhosts.c,v 1.8 2000/04/16 01:18:39 damien Exp $");
|
||||||
|
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: auth-rsa.c,v 1.15 2000/04/13 02:26:35 damien Exp $");
|
RCSID("$Id: auth-rsa.c,v 1.16 2000/04/16 01:18:39 damien Exp $");
|
||||||
|
|
||||||
#include "rsa.h"
|
#include "rsa.h"
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
|
@ -244,7 +244,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
|
||||||
debug("%.100s, line %lu: bad key syntax",
|
debug("%.100s, line %lu: bad key syntax",
|
||||||
SSH_USER_PERMITTED_KEYS, linenum);
|
SSH_USER_PERMITTED_KEYS, linenum);
|
||||||
packet_send_debug("%.100s, line %lu: bad key syntax",
|
packet_send_debug("%.100s, line %lu: bad key syntax",
|
||||||
SSH_USER_PERMITTED_KEYS, linenum);
|
SSH_USER_PERMITTED_KEYS, linenum);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
/* cp now points to the comment part. */
|
/* cp now points to the comment part. */
|
||||||
|
|
10
auth-skey.c
10
auth-skey.c
|
@ -1,7 +1,7 @@
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
|
|
||||||
#ifdef SKEY
|
#ifdef SKEY
|
||||||
RCSID("$Id: auth-skey.c,v 1.5 1999/12/06 19:04:57 deraadt Exp $");
|
RCSID("$Id: auth-skey.c,v 1.6 2000/04/14 10:30:29 markus Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
|
@ -53,18 +53,18 @@ auth_skey_password(struct passwd * pw, const char *password)
|
||||||
*/
|
*/
|
||||||
static u_int32_t
|
static u_int32_t
|
||||||
hash_collapse(s)
|
hash_collapse(s)
|
||||||
u_char *s;
|
u_char *s;
|
||||||
{
|
{
|
||||||
int len, target;
|
int len, target;
|
||||||
u_int32_t i;
|
u_int32_t i;
|
||||||
|
|
||||||
if ((strlen(s) % sizeof(u_int32_t)) == 0)
|
if ((strlen(s) % sizeof(u_int32_t)) == 0)
|
||||||
target = strlen(s); /* Multiple of 4 */
|
target = strlen(s); /* Multiple of 4 */
|
||||||
else
|
else
|
||||||
target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
|
target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
|
||||||
|
|
||||||
for (i = 0, len = 0; len < target; len += 4)
|
for (i = 0, len = 0; len < target; len += 4)
|
||||||
i ^= ROUND(s + len);
|
i ^= ROUND(s + len);
|
||||||
|
|
||||||
return i;
|
return i;
|
||||||
}
|
}
|
||||||
|
|
56
auth.c
56
auth.c
|
@ -5,7 +5,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth.c,v 1.2 2000/04/06 08:55:22 markus Exp $");
|
RCSID("$OpenBSD: auth.c,v 1.4 2000/04/14 10:30:29 markus Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "rsa.h"
|
#include "rsa.h"
|
||||||
|
@ -201,10 +201,10 @@ do_fake_authloop1(char *user)
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
continue;
|
continue;
|
||||||
} else if (type == SSH_CMSG_AUTH_PASSWORD &&
|
} else if (type == SSH_CMSG_AUTH_PASSWORD &&
|
||||||
options.password_authentication &&
|
options.password_authentication &&
|
||||||
(password = packet_get_string(&dlen)) != NULL &&
|
(password = packet_get_string(&dlen)) != NULL &&
|
||||||
dlen == 5 &&
|
dlen == 5 &&
|
||||||
strncasecmp(password, "s/key", 5) == 0 ) {
|
strncasecmp(password, "s/key", 5) == 0 ) {
|
||||||
packet_send_debug(skeyinfo);
|
packet_send_debug(skeyinfo);
|
||||||
}
|
}
|
||||||
if (password != NULL)
|
if (password != NULL)
|
||||||
|
@ -457,20 +457,20 @@ do_authloop(struct passwd * pw)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check if the user is logging in as root and root logins
|
* Check if the user is logging in as root and root logins
|
||||||
* are disallowed.
|
* are disallowed.
|
||||||
* Note that root login is allowed for forced commands.
|
* Note that root login is allowed for forced commands.
|
||||||
*/
|
*/
|
||||||
if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
|
if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
|
||||||
if (forced_command) {
|
if (forced_command) {
|
||||||
log("Root login accepted for forced command.");
|
log("Root login accepted for forced command.");
|
||||||
} else {
|
} else {
|
||||||
authenticated = 0;
|
authenticated = 0;
|
||||||
log("ROOT LOGIN REFUSED FROM %.200s",
|
log("ROOT LOGIN REFUSED FROM %.200s",
|
||||||
get_canonical_hostname());
|
get_canonical_hostname());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Raise logging level */
|
/* Raise logging level */
|
||||||
if (authenticated ||
|
if (authenticated ||
|
||||||
|
@ -685,6 +685,7 @@ input_service_request(int type, int plen)
|
||||||
unsigned int len;
|
unsigned int len;
|
||||||
int accept = 0;
|
int accept = 0;
|
||||||
char *service = packet_get_string(&len);
|
char *service = packet_get_string(&len);
|
||||||
|
packet_done();
|
||||||
|
|
||||||
if (strcmp(service, "ssh-userauth") == 0) {
|
if (strcmp(service, "ssh-userauth") == 0) {
|
||||||
if (!userauth_success) {
|
if (!userauth_success) {
|
||||||
|
@ -727,6 +728,7 @@ input_userauth_request(int type, int plen)
|
||||||
pw = auth_set_user(user, service);
|
pw = auth_set_user(user, service);
|
||||||
if (pw && strcmp(service, "ssh-connection")==0) {
|
if (pw && strcmp(service, "ssh-connection")==0) {
|
||||||
if (strcmp(method, "none") == 0 && try == 1) {
|
if (strcmp(method, "none") == 0 && try == 1) {
|
||||||
|
packet_done();
|
||||||
#ifdef USE_PAM
|
#ifdef USE_PAM
|
||||||
/* Do PAM auth with password */
|
/* Do PAM auth with password */
|
||||||
authenticated = auth_pam_password(pw, "");
|
authenticated = auth_pam_password(pw, "");
|
||||||
|
@ -740,6 +742,7 @@ input_userauth_request(int type, int plen)
|
||||||
if (c)
|
if (c)
|
||||||
debug("password change not supported");
|
debug("password change not supported");
|
||||||
password = packet_get_string(&len);
|
password = packet_get_string(&len);
|
||||||
|
packet_done();
|
||||||
#ifdef USE_PAM
|
#ifdef USE_PAM
|
||||||
/* Do PAM auth with password */
|
/* Do PAM auth with password */
|
||||||
authenticated = auth_pam_password(pw, password);
|
authenticated = auth_pam_password(pw, password);
|
||||||
|
@ -751,11 +754,19 @@ input_userauth_request(int type, int plen)
|
||||||
xfree(password);
|
xfree(password);
|
||||||
} else if (strcmp(method, "publickey") == 0) {
|
} else if (strcmp(method, "publickey") == 0) {
|
||||||
/* XXX TODO */
|
/* XXX TODO */
|
||||||
char *pkalg;
|
char *pkalg, *pkblob, *sig;
|
||||||
char *pkblob;
|
int have_sig = packet_get_char();
|
||||||
c = packet_get_char();
|
|
||||||
pkalg = packet_get_string(&len);
|
pkalg = packet_get_string(&len);
|
||||||
pkblob = packet_get_string(&len);
|
pkblob = packet_get_string(&len);
|
||||||
|
if (have_sig) {
|
||||||
|
sig = packet_get_string(&len);
|
||||||
|
/* test for correct signature */
|
||||||
|
packet_done();
|
||||||
|
xfree(sig);
|
||||||
|
} else {
|
||||||
|
packet_done();
|
||||||
|
/* test whether pkalg/pkblob are acceptable */
|
||||||
|
}
|
||||||
xfree(pkalg);
|
xfree(pkalg);
|
||||||
xfree(pkblob);
|
xfree(pkblob);
|
||||||
}
|
}
|
||||||
|
@ -764,7 +775,6 @@ input_userauth_request(int type, int plen)
|
||||||
if (authenticated) {
|
if (authenticated) {
|
||||||
/* turn off userauth */
|
/* turn off userauth */
|
||||||
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
|
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
|
||||||
/* success! */
|
|
||||||
packet_start(SSH2_MSG_USERAUTH_SUCCESS);
|
packet_start(SSH2_MSG_USERAUTH_SUCCESS);
|
||||||
packet_send();
|
packet_send();
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
|
|
2
authfd.c
2
authfd.c
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: authfd.c,v 1.11 2000/04/13 02:26:35 damien Exp $");
|
RCSID("$Id: authfd.c,v 1.12 2000/04/16 01:18:40 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "rsa.h"
|
#include "rsa.h"
|
||||||
|
|
2
authfd.h
2
authfd.h
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: authfd.h,v 1.4 1999/11/25 00:54:58 damien Exp $"); */
|
/* RCSID("$Id: authfd.h,v 1.5 2000/04/16 01:18:40 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef AUTHFD_H
|
#ifndef AUTHFD_H
|
||||||
#define AUTHFD_H
|
#define AUTHFD_H
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: authfile.c,v 1.9 2000/04/13 02:26:36 damien Exp $");
|
RCSID("$Id: authfile.c,v 1.10 2000/04/16 01:18:40 damien Exp $");
|
||||||
|
|
||||||
#ifdef HAVE_OPENSSL
|
#ifdef HAVE_OPENSSL
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
|
2
bufaux.c
2
bufaux.c
|
@ -17,7 +17,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: bufaux.c,v 1.10 2000/04/13 02:26:36 damien Exp $");
|
RCSID("$Id: bufaux.c,v 1.11 2000/04/16 01:18:40 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
||||||
|
|
2
bufaux.h
2
bufaux.h
|
@ -11,7 +11,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: bufaux.h,v 1.4 2000/04/01 01:09:23 damien Exp $"); */
|
/* RCSID("$Id: bufaux.h,v 1.5 2000/04/16 01:18:40 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef BUFAUX_H
|
#ifndef BUFAUX_H
|
||||||
#define BUFAUX_H
|
#define BUFAUX_H
|
||||||
|
|
2
buffer.c
2
buffer.c
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: buffer.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
|
RCSID("$Id: buffer.c,v 1.5 2000/04/16 01:18:40 damien Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "buffer.h"
|
#include "buffer.h"
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: canohost.c,v 1.8 2000/03/11 09:45:41 damien Exp $");
|
RCSID("$Id: canohost.c,v 1.9 2000/04/16 01:18:40 damien Exp $");
|
||||||
|
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
|
|
12
channels.c
12
channels.c
|
@ -17,7 +17,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: channels.c,v 1.24 2000/04/12 10:17:38 damien Exp $");
|
RCSID("$Id: channels.c,v 1.25 2000/04/16 01:18:41 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
|
@ -540,8 +540,10 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset)
|
||||||
packet_put_int(newch);
|
packet_put_int(newch);
|
||||||
packet_put_int(c->local_window_max);
|
packet_put_int(c->local_window_max);
|
||||||
packet_put_int(c->local_maxpacket);
|
packet_put_int(c->local_maxpacket);
|
||||||
|
/* target host and port */
|
||||||
packet_put_string(c->path, strlen(c->path));
|
packet_put_string(c->path, strlen(c->path));
|
||||||
packet_put_int(c->host_port);
|
packet_put_int(c->host_port);
|
||||||
|
/* originator host and port */
|
||||||
packet_put_cstring(remote_hostname);
|
packet_put_cstring(remote_hostname);
|
||||||
packet_put_int(remote_port);
|
packet_put_int(remote_port);
|
||||||
packet_send();
|
packet_send();
|
||||||
|
@ -934,6 +936,7 @@ channel_input_data(int type, int plen)
|
||||||
|
|
||||||
/* Get the data. */
|
/* Get the data. */
|
||||||
data = packet_get_string(&data_len);
|
data = packet_get_string(&data_len);
|
||||||
|
packet_done();
|
||||||
|
|
||||||
if (compat20){
|
if (compat20){
|
||||||
if (data_len > c->local_maxpacket) {
|
if (data_len > c->local_maxpacket) {
|
||||||
|
@ -980,6 +983,7 @@ channel_input_extended_data(int type, int plen)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
data = packet_get_string(&data_len);
|
data = packet_get_string(&data_len);
|
||||||
|
packet_done();
|
||||||
if (data_len > c->local_window) {
|
if (data_len > c->local_window) {
|
||||||
log("channel %d: rcvd too much extended_data %d, win %d",
|
log("channel %d: rcvd too much extended_data %d, win %d",
|
||||||
c->self, data_len, c->local_window);
|
c->self, data_len, c->local_window);
|
||||||
|
@ -1093,6 +1097,7 @@ channel_input_close_confirmation(int type, int plen)
|
||||||
int id = packet_get_int();
|
int id = packet_get_int();
|
||||||
Channel *c = channel_lookup(id);
|
Channel *c = channel_lookup(id);
|
||||||
|
|
||||||
|
packet_done();
|
||||||
if (c == NULL)
|
if (c == NULL)
|
||||||
packet_disconnect("Received close confirmation for "
|
packet_disconnect("Received close confirmation for "
|
||||||
"out-of-range channel %d.", id);
|
"out-of-range channel %d.", id);
|
||||||
|
@ -1125,6 +1130,7 @@ channel_input_open_confirmation(int type, int plen)
|
||||||
if (compat20) {
|
if (compat20) {
|
||||||
c->remote_window = packet_get_int();
|
c->remote_window = packet_get_int();
|
||||||
c->remote_maxpacket = packet_get_int();
|
c->remote_maxpacket = packet_get_int();
|
||||||
|
packet_done();
|
||||||
if (c->cb_fn != NULL && c->cb_event == type) {
|
if (c->cb_fn != NULL && c->cb_event == type) {
|
||||||
debug("callback start");
|
debug("callback start");
|
||||||
c->cb_fn(c->self, c->cb_arg);
|
c->cb_fn(c->self, c->cb_arg);
|
||||||
|
@ -1153,8 +1159,11 @@ channel_input_open_failure(int type, int plen)
|
||||||
if (compat20) {
|
if (compat20) {
|
||||||
int reason = packet_get_int();
|
int reason = packet_get_int();
|
||||||
char *msg = packet_get_string(NULL);
|
char *msg = packet_get_string(NULL);
|
||||||
|
char *lang = packet_get_string(NULL);
|
||||||
log("channel_open_failure: %d: reason %d: %s", id, reason, msg);
|
log("channel_open_failure: %d: reason %d: %s", id, reason, msg);
|
||||||
|
packet_done();
|
||||||
xfree(msg);
|
xfree(msg);
|
||||||
|
xfree(lang);
|
||||||
}
|
}
|
||||||
/* Free the channel. This will also close the socket. */
|
/* Free the channel. This will also close the socket. */
|
||||||
channel_free(id);
|
channel_free(id);
|
||||||
|
@ -1204,6 +1213,7 @@ channel_input_window_adjust(int type, int plen)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
adjust = packet_get_int();
|
adjust = packet_get_int();
|
||||||
|
packet_done();
|
||||||
debug("channel %d: rcvd adjust %d", id, adjust);
|
debug("channel %d: rcvd adjust %d", id, adjust);
|
||||||
c->remote_window += adjust;
|
c->remote_window += adjust;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* RCSID("$Id: channels.h,v 1.6 2000/04/04 04:39:01 damien Exp $"); */
|
/* RCSID("$Id: channels.h,v 1.7 2000/04/16 01:18:41 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef CHANNELS_H
|
#ifndef CHANNELS_H
|
||||||
#define CHANNELS_H
|
#define CHANNELS_H
|
||||||
|
|
6
cipher.c
6
cipher.c
|
@ -12,7 +12,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: cipher.c,v 1.18 2000/04/13 02:26:36 damien Exp $");
|
RCSID("$Id: cipher.c,v 1.19 2000/04/16 01:18:41 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "cipher.h"
|
#include "cipher.h"
|
||||||
|
@ -379,14 +379,14 @@ cipher_encrypt(CipherContext *context, unsigned char *dest,
|
||||||
case SSH_CIPHER_BLOWFISH:
|
case SSH_CIPHER_BLOWFISH:
|
||||||
swap_bytes(src, dest, len);
|
swap_bytes(src, dest, len);
|
||||||
BF_cbc_encrypt(dest, dest, len,
|
BF_cbc_encrypt(dest, dest, len,
|
||||||
&context->u.bf.key, context->u.bf.iv,
|
&context->u.bf.key, context->u.bf.iv,
|
||||||
BF_ENCRYPT);
|
BF_ENCRYPT);
|
||||||
swap_bytes(dest, dest, len);
|
swap_bytes(dest, dest, len);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case SSH_CIPHER_BLOWFISH_CBC:
|
case SSH_CIPHER_BLOWFISH_CBC:
|
||||||
BF_cbc_encrypt((void *)src, dest, len,
|
BF_cbc_encrypt((void *)src, dest, len,
|
||||||
&context->u.bf.key, context->u.bf.iv,
|
&context->u.bf.key, context->u.bf.iv,
|
||||||
BF_ENCRYPT);
|
BF_ENCRYPT);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
|
2
cipher.h
2
cipher.h
|
@ -11,7 +11,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: cipher.h,v 1.10 2000/04/13 02:26:36 damien Exp $"); */
|
/* RCSID("$Id: cipher.h,v 1.11 2000/04/16 01:18:41 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef CIPHER_H
|
#ifndef CIPHER_H
|
||||||
#define CIPHER_H
|
#define CIPHER_H
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: clientloop.c,v 1.10 2000/04/12 10:17:39 damien Exp $");
|
RCSID("$Id: clientloop.c,v 1.11 2000/04/16 01:18:41 damien Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
@ -1027,6 +1027,7 @@ client_input_channel_req(int id, void *arg)
|
||||||
} else if (strcmp(rtype, "exit-status") == 0) {
|
} else if (strcmp(rtype, "exit-status") == 0) {
|
||||||
success = 1;
|
success = 1;
|
||||||
exit_status = packet_get_int();
|
exit_status = packet_get_int();
|
||||||
|
packet_done();
|
||||||
}
|
}
|
||||||
if (reply) {
|
if (reply) {
|
||||||
packet_start(success ?
|
packet_start(success ?
|
||||||
|
|
2
compat.c
2
compat.c
|
@ -28,7 +28,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: compat.c,v 1.7 2000/04/12 10:17:39 damien Exp $");
|
RCSID("$Id: compat.c,v 1.8 2000/04/16 01:18:42 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: compress.c,v 1.5 2000/04/01 01:09:24 damien Exp $");
|
RCSID("$Id: compress.c,v 1.6 2000/04/16 01:18:42 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "buffer.h"
|
#include "buffer.h"
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: compress.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
|
/* RCSID("$Id: compress.h,v 1.4 2000/04/16 01:18:42 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef COMPRESS_H
|
#ifndef COMPRESS_H
|
||||||
#define COMPRESS_H
|
#define COMPRESS_H
|
||||||
|
|
2
crc32.h
2
crc32.h
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: crc32.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
|
/* RCSID("$Id: crc32.h,v 1.4 2000/04/16 01:18:42 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef CRC32_H
|
#ifndef CRC32_H
|
||||||
#define CRC32_H
|
#define CRC32_H
|
||||||
|
|
|
@ -0,0 +1,78 @@
|
||||||
|
/*
|
||||||
|
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* This product includes software developed by Markus Friedl.
|
||||||
|
* 4. The name of the author may not be used to endorse or promote products
|
||||||
|
* derived from this software without specific prior written permission.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
||||||
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
||||||
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||||
|
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||||
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||||
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||||
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||||
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
*/
|
||||||
|
#include "includes.h"
|
||||||
|
RCSID("$Id: dispatch.c,v 1.3 2000/04/16 01:18:42 damien Exp $");
|
||||||
|
#include "ssh.h"
|
||||||
|
#include "dispatch.h"
|
||||||
|
#include "packet.h"
|
||||||
|
|
||||||
|
#define DISPATCH_MIN 0
|
||||||
|
#define DISPATCH_MAX 255
|
||||||
|
|
||||||
|
dispatch_fn *dispatch[DISPATCH_MAX];
|
||||||
|
|
||||||
|
void
|
||||||
|
dispatch_protocol_error(int type, int plen)
|
||||||
|
{
|
||||||
|
error("Hm, dispatch protocol error: type %d plen %d", type, plen);
|
||||||
|
}
|
||||||
|
void
|
||||||
|
dispatch_init(dispatch_fn *dflt)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
for (i = 0; i < DISPATCH_MAX; i++)
|
||||||
|
dispatch[i] = dflt;
|
||||||
|
}
|
||||||
|
void
|
||||||
|
dispatch_set(int type, dispatch_fn *fn)
|
||||||
|
{
|
||||||
|
dispatch[type] = fn;
|
||||||
|
}
|
||||||
|
void
|
||||||
|
dispatch_run(int mode, int *done)
|
||||||
|
{
|
||||||
|
for (;;) {
|
||||||
|
int plen;
|
||||||
|
int type;
|
||||||
|
|
||||||
|
if (mode == DISPATCH_BLOCK) {
|
||||||
|
type = packet_read(&plen);
|
||||||
|
} else {
|
||||||
|
type = packet_read_poll(&plen);
|
||||||
|
if (type == SSH_MSG_NONE)
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL)
|
||||||
|
(*dispatch[type])(type, plen);
|
||||||
|
else
|
||||||
|
packet_disconnect("protocol error: rcvd type %d", type);
|
||||||
|
if (done != NULL && *done)
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
8
dsa.c
8
dsa.c
|
@ -28,7 +28,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: dsa.c,v 1.3 2000/04/12 09:39:10 markus Exp $");
|
RCSID("$Id: dsa.c,v 1.4 2000/04/14 10:30:31 markus Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
|
@ -182,9 +182,9 @@ dsa_sign(
|
||||||
|
|
||||||
sig = DSA_do_sign(digest, evp_md->md_size, key->dsa);
|
sig = DSA_do_sign(digest, evp_md->md_size, key->dsa);
|
||||||
|
|
||||||
rlen = BN_num_bytes(sig->r);
|
rlen = BN_num_bytes(sig->r);
|
||||||
slen = BN_num_bytes(sig->s);
|
slen = BN_num_bytes(sig->s);
|
||||||
if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
|
if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
|
||||||
error("bad sig size %d %d", rlen, slen);
|
error("bad sig size %d %d", rlen, slen);
|
||||||
DSA_SIG_free(sig);
|
DSA_SIG_free(sig);
|
||||||
return -1;
|
return -1;
|
||||||
|
|
4
getput.h
4
getput.h
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: getput.h,v 1.2 1999/11/24 13:26:22 damien Exp $"); */
|
/* RCSID("$Id: getput.h,v 1.3 2000/04/16 01:18:42 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef GETPUT_H
|
#ifndef GETPUT_H
|
||||||
#define GETPUT_H
|
#define GETPUT_H
|
||||||
|
@ -21,7 +21,7 @@
|
||||||
/*------------ macros for storing/extracting msb first words -------------*/
|
/*------------ macros for storing/extracting msb first words -------------*/
|
||||||
|
|
||||||
#define GET_32BIT(cp) (((unsigned long)(unsigned char)(cp)[0] << 24) | \
|
#define GET_32BIT(cp) (((unsigned long)(unsigned char)(cp)[0] << 24) | \
|
||||||
((unsigned long)(unsigned char)(cp)[1] << 16) | \
|
((unsigned long)(unsigned char)(cp)[1] << 16) | \
|
||||||
((unsigned long)(unsigned char)(cp)[2] << 8) | \
|
((unsigned long)(unsigned char)(cp)[2] << 8) | \
|
||||||
((unsigned long)(unsigned char)(cp)[3]))
|
((unsigned long)(unsigned char)(cp)[3]))
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: hostfile.c,v 1.15 2000/04/12 09:39:10 markus Exp $");
|
RCSID("$OpenBSD: hostfile.c,v 1.16 2000/04/14 10:30:31 markus Exp $");
|
||||||
|
|
||||||
#ifdef HAVE_OPENSSL
|
#ifdef HAVE_OPENSSL
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
|
12
kex.c
12
kex.c
|
@ -28,7 +28,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: kex.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
|
RCSID("$Id: kex.c,v 1.5 2000/04/16 01:18:43 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "ssh2.h"
|
#include "ssh2.h"
|
||||||
|
@ -149,12 +149,12 @@ void
|
||||||
dump_digest(unsigned char *digest, int len)
|
dump_digest(unsigned char *digest, int len)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
for (i = 0; i< len; i++){
|
for (i = 0; i< len; i++){
|
||||||
fprintf(stderr, "%02x", digest[i]);
|
fprintf(stderr, "%02x", digest[i]);
|
||||||
if(i%2!=0)
|
if(i%2!=0)
|
||||||
fprintf(stderr, " ");
|
fprintf(stderr, " ");
|
||||||
}
|
}
|
||||||
fprintf(stderr, "\n");
|
fprintf(stderr, "\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
unsigned char *
|
unsigned char *
|
||||||
|
@ -201,7 +201,7 @@ kex_hash(
|
||||||
buffer_free(&b);
|
buffer_free(&b);
|
||||||
|
|
||||||
#ifdef DEBUG_KEX
|
#ifdef DEBUG_KEX
|
||||||
dump_digest(digest, evp_md->md_size);
|
dump_digest(digest, evp_md->md_size);
|
||||||
#endif
|
#endif
|
||||||
return digest;
|
return digest;
|
||||||
}
|
}
|
||||||
|
@ -345,7 +345,7 @@ choose_kex(Kex *k, char *client, char *server)
|
||||||
k->name = get_match(client, server);
|
k->name = get_match(client, server);
|
||||||
if (k->name == NULL)
|
if (k->name == NULL)
|
||||||
fatal("no kex alg");
|
fatal("no kex alg");
|
||||||
if (strcmp(k->name, KEX_DH1) != 0)
|
if (strcmp(k->name, KEX_DH1) != 0)
|
||||||
fatal("bad kex alg %s", k->name);
|
fatal("bad kex alg %s", k->name);
|
||||||
}
|
}
|
||||||
void
|
void
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: log-client.c,v 1.5 2000/03/09 10:27:50 damien Exp $");
|
RCSID("$Id: log-client.c,v 1.6 2000/04/16 01:18:43 damien Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: log-server.c,v 1.8 2000/04/01 01:09:24 damien Exp $");
|
RCSID("$Id: log-server.c,v 1.9 2000/04/16 01:18:43 damien Exp $");
|
||||||
|
|
||||||
#include <syslog.h>
|
#include <syslog.h>
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
|
|
2
login.c
2
login.c
|
@ -18,7 +18,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: login.c,v 1.22 2000/02/02 08:17:41 damien Exp $");
|
RCSID("$Id: login.c,v 1.23 2000/04/16 01:18:43 damien Exp $");
|
||||||
|
|
||||||
#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
|
#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
|
||||||
# include <utmpx.h>
|
# include <utmpx.h>
|
||||||
|
|
2
match.c
2
match.c
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: match.c,v 1.4 2000/03/26 03:04:53 damien Exp $");
|
RCSID("$Id: match.c,v 1.5 2000/04/16 01:18:43 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
||||||
|
|
2
mpaux.c
2
mpaux.c
|
@ -15,7 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: mpaux.c,v 1.10 2000/04/13 02:26:36 damien Exp $");
|
RCSID("$Id: mpaux.c,v 1.11 2000/04/16 01:18:43 damien Exp $");
|
||||||
|
|
||||||
#include "getput.h"
|
#include "getput.h"
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
|
|
2
mpaux.h
2
mpaux.h
|
@ -13,7 +13,7 @@
|
||||||
* precision integers.
|
* precision integers.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: mpaux.h,v 1.4 1999/11/25 00:54:59 damien Exp $"); */
|
/* RCSID("$Id: mpaux.h,v 1.5 2000/04/16 01:18:43 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef MPAUX_H
|
#ifndef MPAUX_H
|
||||||
#define MPAUX_H
|
#define MPAUX_H
|
||||||
|
|
2
nchan.c
2
nchan.c
|
@ -28,7 +28,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: nchan.c,v 1.7 2000/04/04 04:39:02 damien Exp $");
|
RCSID("$Id: nchan.c,v 1.8 2000/04/16 01:18:43 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
||||||
|
|
22
packet.c
22
packet.c
|
@ -17,7 +17,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: packet.c,v 1.17 2000/04/13 02:26:37 damien Exp $");
|
RCSID("$Id: packet.c,v 1.18 2000/04/16 01:18:43 damien Exp $");
|
||||||
|
|
||||||
#ifdef HAVE_OPENSSL
|
#ifdef HAVE_OPENSSL
|
||||||
# include <openssl/bn.h>
|
# include <openssl/bn.h>
|
||||||
|
@ -529,7 +529,7 @@ packet_send2()
|
||||||
unsigned int packet_length = 0;
|
unsigned int packet_length = 0;
|
||||||
unsigned int i, padlen, len;
|
unsigned int i, padlen, len;
|
||||||
u_int32_t rand = 0;
|
u_int32_t rand = 0;
|
||||||
static unsigned int seqnr = 0;
|
static unsigned int seqnr = 0;
|
||||||
int type;
|
int type;
|
||||||
Enc *enc = NULL;
|
Enc *enc = NULL;
|
||||||
Mac *mac = NULL;
|
Mac *mac = NULL;
|
||||||
|
@ -611,9 +611,9 @@ packet_send2()
|
||||||
fprintf(stderr, "encrypted: ");
|
fprintf(stderr, "encrypted: ");
|
||||||
buffer_dump(&output);
|
buffer_dump(&output);
|
||||||
#endif
|
#endif
|
||||||
/* increment sequence number for outgoing packets */
|
/* increment sequence number for outgoing packets */
|
||||||
if (++seqnr == 0)
|
if (++seqnr == 0)
|
||||||
log("outgoing seqnr wraps around");
|
log("outgoing seqnr wraps around");
|
||||||
buffer_clear(&outgoing_packet);
|
buffer_clear(&outgoing_packet);
|
||||||
|
|
||||||
if (type == SSH2_MSG_NEWKEYS) {
|
if (type == SSH2_MSG_NEWKEYS) {
|
||||||
|
@ -877,7 +877,7 @@ packet_read_poll2(int *payload_len_ptr)
|
||||||
* compute MAC over seqnr and packet,
|
* compute MAC over seqnr and packet,
|
||||||
* increment sequence number for incoming packet
|
* increment sequence number for incoming packet
|
||||||
*/
|
*/
|
||||||
if (mac && mac->enabled) {
|
if (mac && mac->enabled) {
|
||||||
macbuf = hmac( mac->md, seqnr,
|
macbuf = hmac( mac->md, seqnr,
|
||||||
(unsigned char *) buffer_ptr(&incoming_packet),
|
(unsigned char *) buffer_ptr(&incoming_packet),
|
||||||
buffer_len(&incoming_packet),
|
buffer_len(&incoming_packet),
|
||||||
|
@ -888,8 +888,8 @@ packet_read_poll2(int *payload_len_ptr)
|
||||||
DBG(debug("HMAC #%d ok", seqnr));
|
DBG(debug("HMAC #%d ok", seqnr));
|
||||||
buffer_consume(&input, mac->mac_len);
|
buffer_consume(&input, mac->mac_len);
|
||||||
}
|
}
|
||||||
if (++seqnr == 0)
|
if (++seqnr == 0)
|
||||||
log("incoming seqnr wraps around");
|
log("incoming seqnr wraps around");
|
||||||
|
|
||||||
/* get padlen */
|
/* get padlen */
|
||||||
cp = buffer_ptr(&incoming_packet) + 4;
|
cp = buffer_ptr(&incoming_packet) + 4;
|
||||||
|
@ -1063,6 +1063,12 @@ packet_get_raw(int *length_ptr)
|
||||||
return buffer_ptr(&incoming_packet);
|
return buffer_ptr(&incoming_packet);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
packet_remaining(void)
|
||||||
|
{
|
||||||
|
return buffer_len(&incoming_packet);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Returns a string from the packet data. The string is allocated using
|
* Returns a string from the packet data. The string is allocated using
|
||||||
* xmalloc; it is the responsibility of the calling program to free it when
|
* xmalloc; it is the responsibility of the calling program to free it when
|
||||||
|
|
15
packet.h
15
packet.h
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: packet.h,v 1.13 2000/04/13 02:26:37 damien Exp $"); */
|
/* RCSID("$Id: packet.h,v 1.14 2000/04/16 01:18:44 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef PACKET_H
|
#ifndef PACKET_H
|
||||||
#define PACKET_H
|
#define PACKET_H
|
||||||
|
@ -201,6 +201,16 @@ do { \
|
||||||
} \
|
} \
|
||||||
} while (0)
|
} while (0)
|
||||||
|
|
||||||
|
#define packet_done() \
|
||||||
|
do { \
|
||||||
|
int _len = packet_remaining(); \
|
||||||
|
if (_len > 0) { \
|
||||||
|
log("Packet integrity error (%d bytes remaining) at %s:%d", \
|
||||||
|
_len ,__FILE__, __LINE__); \
|
||||||
|
packet_disconnect("Packet integrity error."); \
|
||||||
|
} \
|
||||||
|
} while (0)
|
||||||
|
|
||||||
/* remote host is connected via a socket/ipv4 */
|
/* remote host is connected via a socket/ipv4 */
|
||||||
int packet_connection_is_on_socket(void);
|
int packet_connection_is_on_socket(void);
|
||||||
int packet_connection_is_ipv4(void);
|
int packet_connection_is_ipv4(void);
|
||||||
|
@ -208,4 +218,7 @@ int packet_connection_is_ipv4(void);
|
||||||
/* enable SSH2 packet format */
|
/* enable SSH2 packet format */
|
||||||
void packet_set_ssh2_format(void);
|
void packet_set_ssh2_format(void);
|
||||||
|
|
||||||
|
/* returns remaining payload bytes */
|
||||||
|
int packet_remaining(void);
|
||||||
|
|
||||||
#endif /* PACKET_H */
|
#endif /* PACKET_H */
|
||||||
|
|
2
pty.c
2
pty.c
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: pty.c,v 1.17 2000/03/17 12:58:59 damien Exp $");
|
RCSID("$Id: pty.c,v 1.18 2000/04/16 01:18:44 damien Exp $");
|
||||||
|
|
||||||
#ifdef HAVE_UTIL_H
|
#ifdef HAVE_UTIL_H
|
||||||
# include <util.h>
|
# include <util.h>
|
||||||
|
|
2
pty.h
2
pty.h
|
@ -13,7 +13,7 @@
|
||||||
* tty.
|
* tty.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: pty.h,v 1.7 2000/04/01 01:09:25 damien Exp $"); */
|
/* RCSID("$Id: pty.h,v 1.8 2000/04/16 01:18:44 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef PTY_H
|
#ifndef PTY_H
|
||||||
#define PTY_H
|
#define PTY_H
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: readconf.c,v 1.10 2000/04/12 10:17:40 damien Exp $");
|
RCSID("$Id: readconf.c,v 1.11 2000/04/16 01:18:44 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "cipher.h"
|
#include "cipher.h"
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: readconf.h,v 1.7 2000/04/12 10:17:40 damien Exp $"); */
|
/* RCSID("$Id: readconf.h,v 1.8 2000/04/16 01:18:44 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef READCONF_H
|
#ifndef READCONF_H
|
||||||
#define READCONF_H
|
#define READCONF_H
|
||||||
|
|
|
@ -32,7 +32,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: readpass.c,v 1.5 2000/01/22 08:47:21 damien Exp $");
|
RCSID("$Id: readpass.c,v 1.6 2000/04/16 01:18:44 damien Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
2
rsa.c
2
rsa.c
|
@ -35,7 +35,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: rsa.c,v 1.13 2000/04/04 04:57:08 damien Exp $");
|
RCSID("$Id: rsa.c,v 1.14 2000/04/16 01:18:45 damien Exp $");
|
||||||
|
|
||||||
#include "rsa.h"
|
#include "rsa.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
2
rsa.h
2
rsa.h
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: rsa.h,v 1.7 2000/04/13 02:26:37 damien Exp $"); */
|
/* RCSID("$Id: rsa.h,v 1.8 2000/04/16 01:18:45 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef RSA_H
|
#ifndef RSA_H
|
||||||
#define RSA_H
|
#define RSA_H
|
||||||
|
|
8
scp.c
8
scp.c
|
@ -45,7 +45,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: scp.c,v 1.18 2000/03/17 12:40:16 damien Exp $");
|
RCSID("$Id: scp.c,v 1.19 2000/04/16 01:18:45 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
|
@ -257,10 +257,10 @@ main(argc, argv)
|
||||||
switch (ch) {
|
switch (ch) {
|
||||||
/* User-visible flags. */
|
/* User-visible flags. */
|
||||||
case '4':
|
case '4':
|
||||||
IPv4 = 1;
|
IPv4 = 1;
|
||||||
break;
|
break;
|
||||||
case '6':
|
case '6':
|
||||||
IPv6 = 1;
|
IPv6 = 1;
|
||||||
break;
|
break;
|
||||||
case 'p':
|
case 'p':
|
||||||
pflag = 1;
|
pflag = 1;
|
||||||
|
@ -1008,7 +1008,7 @@ run_err(const char *fmt,...)
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
* SUCH DAMAGE.
|
* SUCH DAMAGE.
|
||||||
*
|
*
|
||||||
* $Id: scp.c,v 1.18 2000/03/17 12:40:16 damien Exp $
|
* $Id: scp.c,v 1.19 2000/04/16 01:18:45 damien Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
char *
|
char *
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: servconf.c,v 1.11 2000/04/12 10:17:40 damien Exp $");
|
RCSID("$Id: servconf.c,v 1.12 2000/04/16 01:18:45 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "servconf.h"
|
#include "servconf.h"
|
||||||
|
@ -310,7 +310,7 @@ read_server_config(ServerOptions *options, const char *filename)
|
||||||
"ListenAdress.\n", filename, linenum);
|
"ListenAdress.\n", filename, linenum);
|
||||||
if (options->num_ports >= MAX_PORTS)
|
if (options->num_ports >= MAX_PORTS)
|
||||||
fatal("%s line %d: too many ports.\n",
|
fatal("%s line %d: too many ports.\n",
|
||||||
filename, linenum);
|
filename, linenum);
|
||||||
cp = strtok(NULL, WHITESPACE);
|
cp = strtok(NULL, WHITESPACE);
|
||||||
if (!cp)
|
if (!cp)
|
||||||
fatal("%s line %d: missing port number.\n",
|
fatal("%s line %d: missing port number.\n",
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: servconf.h,v 1.8 2000/04/12 10:17:40 damien Exp $"); */
|
/* RCSID("$Id: servconf.h,v 1.9 2000/04/16 01:18:45 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef SERVCONF_H
|
#ifndef SERVCONF_H
|
||||||
#define SERVCONF_H
|
#define SERVCONF_H
|
||||||
|
|
14
serverloop.c
14
serverloop.c
|
@ -697,16 +697,17 @@ int
|
||||||
input_direct_tcpip(void)
|
input_direct_tcpip(void)
|
||||||
{
|
{
|
||||||
int sock;
|
int sock;
|
||||||
char *host, *originator;
|
char *target, *originator;
|
||||||
int host_port, originator_port;
|
int target_port, originator_port;
|
||||||
|
|
||||||
host = packet_get_string(NULL);
|
target = packet_get_string(NULL);
|
||||||
host_port = packet_get_int();
|
target_port = packet_get_int();
|
||||||
originator = packet_get_string(NULL);
|
originator = packet_get_string(NULL);
|
||||||
originator_port = packet_get_int();
|
originator_port = packet_get_int();
|
||||||
|
packet_done();
|
||||||
/* XXX check permission */
|
/* XXX check permission */
|
||||||
sock = channel_connect_to(host, host_port);
|
sock = channel_connect_to(target, target_port);
|
||||||
xfree(host);
|
xfree(target);
|
||||||
xfree(originator);
|
xfree(originator);
|
||||||
if (sock < 0)
|
if (sock < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -735,6 +736,7 @@ server_input_channel_open(int type, int plen)
|
||||||
|
|
||||||
if (strcmp(ctype, "session") == 0) {
|
if (strcmp(ctype, "session") == 0) {
|
||||||
debug("open session");
|
debug("open session");
|
||||||
|
packet_done();
|
||||||
/*
|
/*
|
||||||
* A server session has no fd to read or write
|
* A server session has no fd to read or write
|
||||||
* until a CHANNEL_REQUEST for a shell is made,
|
* until a CHANNEL_REQUEST for a shell is made,
|
||||||
|
|
11
session.c
11
session.c
|
@ -8,7 +8,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: session.c,v 1.2 2000/04/06 08:55:22 markus Exp $");
|
RCSID("$OpenBSD: session.c,v 1.4 2000/04/14 10:30:33 markus Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
@ -1202,6 +1202,7 @@ session_window_change_req(Session *s)
|
||||||
s->row = packet_get_int();
|
s->row = packet_get_int();
|
||||||
s->xpixel = packet_get_int();
|
s->xpixel = packet_get_int();
|
||||||
s->ypixel = packet_get_int();
|
s->ypixel = packet_get_int();
|
||||||
|
packet_done();
|
||||||
pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
|
pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
@ -1210,14 +1211,17 @@ int
|
||||||
session_pty_req(Session *s)
|
session_pty_req(Session *s)
|
||||||
{
|
{
|
||||||
unsigned int len;
|
unsigned int len;
|
||||||
|
char *term_modes; /* encoded terminal modes */
|
||||||
|
|
||||||
if (s->ttyfd != -1)
|
if (s->ttyfd != -1)
|
||||||
return -1;
|
return 0;
|
||||||
s->term = packet_get_string(&len);
|
s->term = packet_get_string(&len);
|
||||||
s->col = packet_get_int();
|
s->col = packet_get_int();
|
||||||
s->row = packet_get_int();
|
s->row = packet_get_int();
|
||||||
s->xpixel = packet_get_int();
|
s->xpixel = packet_get_int();
|
||||||
s->ypixel = packet_get_int();
|
s->ypixel = packet_get_int();
|
||||||
|
term_modes = packet_get_string(&len);
|
||||||
|
packet_done();
|
||||||
|
|
||||||
if (strcmp(s->term, "") == 0) {
|
if (strcmp(s->term, "") == 0) {
|
||||||
xfree(s->term);
|
xfree(s->term);
|
||||||
|
@ -1230,7 +1234,8 @@ session_pty_req(Session *s)
|
||||||
s->ptyfd = -1;
|
s->ptyfd = -1;
|
||||||
s->ttyfd = -1;
|
s->ttyfd = -1;
|
||||||
error("session_pty_req: session %d alloc failed", s->self);
|
error("session_pty_req: session %d alloc failed", s->self);
|
||||||
return -1;
|
xfree(term_modes);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
debug("session_pty_req: session %d alloc %s", s->self, s->tty);
|
debug("session_pty_req: session %d alloc %s", s->self, s->tty);
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: ssh-agent.c,v 1.27 2000/04/12 09:39:10 markus Exp $ */
|
/* $OpenBSD: ssh-agent.c,v 1.28 2000/04/14 10:30:33 markus Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
|
@ -9,7 +9,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: ssh-agent.c,v 1.27 2000/04/12 09:39:10 markus Exp $");
|
RCSID("$OpenBSD: ssh-agent.c,v 1.28 2000/04/14 10:30:33 markus Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "rsa.h"
|
#include "rsa.h"
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: ssh-keygen.c,v 1.12 2000/03/17 12:40:17 damien Exp $");
|
RCSID("$Id: ssh-keygen.c,v 1.13 2000/04/16 01:18:46 damien Exp $");
|
||||||
|
|
||||||
#include "rsa.h"
|
#include "rsa.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
@ -508,7 +508,7 @@ passphrase_again:
|
||||||
if (identity_comment) {
|
if (identity_comment) {
|
||||||
strlcpy(comment, identity_comment, sizeof(comment));
|
strlcpy(comment, identity_comment, sizeof(comment));
|
||||||
} else {
|
} else {
|
||||||
/* Create default commend field for the passphrase. */
|
/* Create default commend field for the passphrase. */
|
||||||
if (gethostname(hostname, sizeof(hostname)) < 0) {
|
if (gethostname(hostname, sizeof(hostname)) < 0) {
|
||||||
perror("gethostname");
|
perror("gethostname");
|
||||||
exit(1);
|
exit(1);
|
||||||
|
|
8
ssh.1
8
ssh.1
|
@ -9,7 +9,7 @@
|
||||||
.\"
|
.\"
|
||||||
.\" Created: Sat Apr 22 21:55:14 1995 ylo
|
.\" Created: Sat Apr 22 21:55:14 1995 ylo
|
||||||
.\"
|
.\"
|
||||||
.\" $Id: ssh.1,v 1.21 2000/04/13 02:26:37 damien Exp $
|
.\" $Id: ssh.1,v 1.22 2000/04/16 01:18:46 damien Exp $
|
||||||
.\"
|
.\"
|
||||||
.Dd September 25, 1999
|
.Dd September 25, 1999
|
||||||
.Dt SSH 1
|
.Dt SSH 1
|
||||||
|
@ -24,7 +24,7 @@
|
||||||
.Op Ar command
|
.Op Ar command
|
||||||
.Pp
|
.Pp
|
||||||
.Nm ssh
|
.Nm ssh
|
||||||
.Op Fl afgknqtvxCPX46
|
.Op Fl afgknqtvxCPX246
|
||||||
.Op Fl c Ar blowfish | 3des
|
.Op Fl c Ar blowfish | 3des
|
||||||
.Op Fl e Ar escape_char
|
.Op Fl e Ar escape_char
|
||||||
.Op Fl i Ar identity_file
|
.Op Fl i Ar identity_file
|
||||||
|
@ -455,6 +455,10 @@ from the local machine.
|
||||||
Port forwardings can also be specified in the configuration file.
|
Port forwardings can also be specified in the configuration file.
|
||||||
Privileged ports can be forwarded only when
|
Privileged ports can be forwarded only when
|
||||||
logging in as root on the remote machine.
|
logging in as root on the remote machine.
|
||||||
|
.It Fl 2
|
||||||
|
Forces
|
||||||
|
.Nm
|
||||||
|
to use protocol version 2 only.
|
||||||
.It Fl 4
|
.It Fl 4
|
||||||
Forces
|
Forces
|
||||||
.Nm
|
.Nm
|
||||||
|
|
40
ssh.c
40
ssh.c
|
@ -11,7 +11,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: ssh.c,v 1.25 2000/04/12 10:17:40 damien Exp $");
|
RCSID("$Id: ssh.c,v 1.26 2000/04/16 01:18:46 damien Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
@ -138,6 +138,7 @@ usage()
|
||||||
fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n");
|
fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n");
|
||||||
fprintf(stderr, " -4 Use IPv4 only.\n");
|
fprintf(stderr, " -4 Use IPv4 only.\n");
|
||||||
fprintf(stderr, " -6 Use IPv6 only.\n");
|
fprintf(stderr, " -6 Use IPv6 only.\n");
|
||||||
|
fprintf(stderr, " -2 Force protocol version 2.\n");
|
||||||
fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n");
|
fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
@ -251,8 +252,8 @@ main(int ac, char **av)
|
||||||
if (host)
|
if (host)
|
||||||
break;
|
break;
|
||||||
if ((cp = strchr(av[optind], '@'))) {
|
if ((cp = strchr(av[optind], '@'))) {
|
||||||
if(cp == av[optind])
|
if(cp == av[optind])
|
||||||
usage();
|
usage();
|
||||||
options.user = av[optind];
|
options.user = av[optind];
|
||||||
*cp = '\0';
|
*cp = '\0';
|
||||||
host = ++cp;
|
host = ++cp;
|
||||||
|
@ -276,39 +277,34 @@ main(int ac, char **av)
|
||||||
optarg = NULL;
|
optarg = NULL;
|
||||||
}
|
}
|
||||||
switch (opt) {
|
switch (opt) {
|
||||||
|
case '2':
|
||||||
|
options.protocol = SSH_PROTO_2;
|
||||||
|
break;
|
||||||
case '4':
|
case '4':
|
||||||
IPv4or6 = AF_INET;
|
IPv4or6 = AF_INET;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case '6':
|
case '6':
|
||||||
IPv4or6 = AF_INET6;
|
IPv4or6 = AF_INET6;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'n':
|
case 'n':
|
||||||
stdin_null_flag = 1;
|
stdin_null_flag = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'f':
|
case 'f':
|
||||||
fork_after_authentication_flag = 1;
|
fork_after_authentication_flag = 1;
|
||||||
stdin_null_flag = 1;
|
stdin_null_flag = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'x':
|
case 'x':
|
||||||
options.forward_x11 = 0;
|
options.forward_x11 = 0;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'X':
|
case 'X':
|
||||||
options.forward_x11 = 1;
|
options.forward_x11 = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'g':
|
case 'g':
|
||||||
options.gateway_ports = 1;
|
options.gateway_ports = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'P':
|
case 'P':
|
||||||
options.use_privileged_port = 0;
|
options.use_privileged_port = 0;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'a':
|
case 'a':
|
||||||
options.forward_agent = 0;
|
options.forward_agent = 0;
|
||||||
break;
|
break;
|
||||||
|
@ -330,11 +326,9 @@ main(int ac, char **av)
|
||||||
options.identity_files[options.num_identity_files++] =
|
options.identity_files[options.num_identity_files++] =
|
||||||
xstrdup(optarg);
|
xstrdup(optarg);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 't':
|
case 't':
|
||||||
tty_flag = 1;
|
tty_flag = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'v':
|
case 'v':
|
||||||
case 'V':
|
case 'V':
|
||||||
fprintf(stderr, "SSH Version %s, protocol versions %d.%d/%d.%d.\n",
|
fprintf(stderr, "SSH Version %s, protocol versions %d.%d/%d.%d.\n",
|
||||||
|
@ -347,11 +341,9 @@ main(int ac, char **av)
|
||||||
debug_flag = 1;
|
debug_flag = 1;
|
||||||
options.log_level = SYSLOG_LEVEL_DEBUG;
|
options.log_level = SYSLOG_LEVEL_DEBUG;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'q':
|
case 'q':
|
||||||
options.log_level = SYSLOG_LEVEL_QUIET;
|
options.log_level = SYSLOG_LEVEL_QUIET;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'e':
|
case 'e':
|
||||||
if (optarg[0] == '^' && optarg[2] == 0 &&
|
if (optarg[0] == '^' && optarg[2] == 0 &&
|
||||||
(unsigned char) optarg[1] >= 64 && (unsigned char) optarg[1] < 128)
|
(unsigned char) optarg[1] >= 64 && (unsigned char) optarg[1] < 128)
|
||||||
|
@ -365,7 +357,6 @@ main(int ac, char **av)
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'c':
|
case 'c':
|
||||||
options.cipher = cipher_number(optarg);
|
options.cipher = cipher_number(optarg);
|
||||||
if (options.cipher == -1) {
|
if (options.cipher == -1) {
|
||||||
|
@ -373,15 +364,12 @@ main(int ac, char **av)
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'p':
|
case 'p':
|
||||||
options.port = atoi(optarg);
|
options.port = atoi(optarg);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'l':
|
case 'l':
|
||||||
options.user = optarg;
|
options.user = optarg;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'R':
|
case 'R':
|
||||||
if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
|
if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
|
||||||
&fwd_host_port) != 3 &&
|
&fwd_host_port) != 3 &&
|
||||||
|
@ -393,7 +381,6 @@ main(int ac, char **av)
|
||||||
}
|
}
|
||||||
add_remote_forward(&options, fwd_port, buf, fwd_host_port);
|
add_remote_forward(&options, fwd_port, buf, fwd_host_port);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'L':
|
case 'L':
|
||||||
if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
|
if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
|
||||||
&fwd_host_port) != 3 &&
|
&fwd_host_port) != 3 &&
|
||||||
|
@ -405,27 +392,22 @@ main(int ac, char **av)
|
||||||
}
|
}
|
||||||
add_local_forward(&options, fwd_port, buf, fwd_host_port);
|
add_local_forward(&options, fwd_port, buf, fwd_host_port);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'C':
|
case 'C':
|
||||||
options.compression = 1;
|
options.compression = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'N':
|
case 'N':
|
||||||
no_shell_flag = 1;
|
no_shell_flag = 1;
|
||||||
no_tty_flag = 1;
|
no_tty_flag = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'T':
|
case 'T':
|
||||||
no_tty_flag = 1;
|
no_tty_flag = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'o':
|
case 'o':
|
||||||
dummy = 1;
|
dummy = 1;
|
||||||
if (process_config_line(&options, host ? host : "", optarg,
|
if (process_config_line(&options, host ? host : "", optarg,
|
||||||
"command-line", 0, &dummy) != 0)
|
"command-line", 0, &dummy) != 0)
|
||||||
exit(1);
|
exit(1);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
usage();
|
usage();
|
||||||
}
|
}
|
||||||
|
@ -634,7 +616,7 @@ main(int ac, char **av)
|
||||||
|
|
||||||
/* Expand ~ in known host file names. */
|
/* Expand ~ in known host file names. */
|
||||||
options.system_hostfile = tilde_expand_filename(options.system_hostfile,
|
options.system_hostfile = tilde_expand_filename(options.system_hostfile,
|
||||||
original_real_uid);
|
original_real_uid);
|
||||||
options.user_hostfile = tilde_expand_filename(options.user_hostfile,
|
options.user_hostfile = tilde_expand_filename(options.user_hostfile,
|
||||||
original_real_uid);
|
original_real_uid);
|
||||||
|
|
||||||
|
@ -803,7 +785,7 @@ ssh_session(void)
|
||||||
options.local_forwards[i].host,
|
options.local_forwards[i].host,
|
||||||
options.local_forwards[i].host_port);
|
options.local_forwards[i].host_port);
|
||||||
channel_request_local_forwarding(options.local_forwards[i].port,
|
channel_request_local_forwarding(options.local_forwards[i].port,
|
||||||
options.local_forwards[i].host,
|
options.local_forwards[i].host,
|
||||||
options.local_forwards[i].host_port,
|
options.local_forwards[i].host_port,
|
||||||
options.gateway_ports);
|
options.gateway_ports);
|
||||||
}
|
}
|
||||||
|
@ -816,7 +798,7 @@ ssh_session(void)
|
||||||
options.remote_forwards[i].host_port);
|
options.remote_forwards[i].host_port);
|
||||||
channel_request_remote_forwarding(options.remote_forwards[i].port,
|
channel_request_remote_forwarding(options.remote_forwards[i].port,
|
||||||
options.remote_forwards[i].host,
|
options.remote_forwards[i].host,
|
||||||
options.remote_forwards[i].host_port);
|
options.remote_forwards[i].host_port);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If requested, let ssh continue in the background. */
|
/* If requested, let ssh continue in the background. */
|
||||||
|
@ -859,7 +841,7 @@ init_local_fwd(void)
|
||||||
options.local_forwards[i].host,
|
options.local_forwards[i].host,
|
||||||
options.local_forwards[i].host_port);
|
options.local_forwards[i].host_port);
|
||||||
channel_request_local_forwarding(options.local_forwards[i].port,
|
channel_request_local_forwarding(options.local_forwards[i].port,
|
||||||
options.local_forwards[i].host,
|
options.local_forwards[i].host,
|
||||||
options.local_forwards[i].host_port,
|
options.local_forwards[i].host_port,
|
||||||
options.gateway_ports);
|
options.gateway_ports);
|
||||||
}
|
}
|
||||||
|
|
2
ssh.h
2
ssh.h
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: ssh.h,v 1.31 2000/04/12 10:17:41 damien Exp $"); */
|
/* RCSID("$Id: ssh.h,v 1.32 2000/04/16 01:18:47 damien Exp $"); */
|
||||||
|
|
||||||
#ifndef SSH_H
|
#ifndef SSH_H
|
||||||
#define SSH_H
|
#define SSH_H
|
||||||
|
|
50
sshconnect.c
50
sshconnect.c
|
@ -10,7 +10,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshconnect.c,v 1.66 2000/04/12 09:39:10 markus Exp $");
|
RCSID("$OpenBSD: sshconnect.c,v 1.68 2000/04/14 10:30:33 markus Exp $");
|
||||||
|
|
||||||
#ifdef HAVE_OPENSSL
|
#ifdef HAVE_OPENSSL
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
@ -250,7 +250,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
|
||||||
debug("Trying again...");
|
debug("Trying again...");
|
||||||
|
|
||||||
/* Loop through addresses for this host, and try each one in
|
/* Loop through addresses for this host, and try each one in
|
||||||
sequence until the connection succeeds. */
|
sequence until the connection succeeds. */
|
||||||
for (ai = aitop; ai; ai = ai->ai_next) {
|
for (ai = aitop; ai; ai = ai->ai_next) {
|
||||||
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
|
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
|
||||||
continue;
|
continue;
|
||||||
|
@ -1367,9 +1367,9 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
|
||||||
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
|
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
|
||||||
} else if (
|
} else if (
|
||||||
options.cipher == SSH_CIPHER_ARCFOUR ||
|
options.cipher == SSH_CIPHER_ARCFOUR ||
|
||||||
options.cipher == SSH_CIPHER_3DES_CBC ||
|
options.cipher == SSH_CIPHER_3DES_CBC ||
|
||||||
options.cipher == SSH_CIPHER_CAST128_CBC ||
|
options.cipher == SSH_CIPHER_CAST128_CBC ||
|
||||||
options.cipher == SSH_CIPHER_BLOWFISH_CBC) {
|
options.cipher == SSH_CIPHER_BLOWFISH_CBC) {
|
||||||
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
|
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
|
||||||
myproposal[PROPOSAL_ENC_ALGS_STOC] = cipher_name(options.cipher);
|
myproposal[PROPOSAL_ENC_ALGS_STOC] = cipher_name(options.cipher);
|
||||||
}
|
}
|
||||||
|
@ -1411,6 +1411,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
|
||||||
debug("first kex follow == %d", i);
|
debug("first kex follow == %d", i);
|
||||||
i = packet_get_int();
|
i = packet_get_int();
|
||||||
debug("reserved == %d", i);
|
debug("reserved == %d", i);
|
||||||
|
packet_done();
|
||||||
|
|
||||||
debug("done read kexinit");
|
debug("done read kexinit");
|
||||||
kex = kex_choose_conf(cprop, sprop, 0);
|
kex = kex_choose_conf(cprop, sprop, 0);
|
||||||
|
@ -1434,7 +1435,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
|
||||||
fprintf(stderr, "\npub= ");
|
fprintf(stderr, "\npub= ");
|
||||||
bignum_print(dh->pub_key);
|
bignum_print(dh->pub_key);
|
||||||
fprintf(stderr, "\n");
|
fprintf(stderr, "\n");
|
||||||
DHparams_print_fp(stderr, dh);
|
DHparams_print_fp(stderr, dh);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
debug("Wait SSH2_MSG_KEXDH_REPLY.");
|
debug("Wait SSH2_MSG_KEXDH_REPLY.");
|
||||||
|
@ -1466,6 +1467,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
|
||||||
|
|
||||||
/* signed H */
|
/* signed H */
|
||||||
signature = packet_get_string(&slen);
|
signature = packet_get_string(&slen);
|
||||||
|
packet_done();
|
||||||
|
|
||||||
if (!dh_pub_is_valid(dh, dh_server_pub))
|
if (!dh_pub_is_valid(dh, dh_server_pub))
|
||||||
packet_disconnect("bad server public DH value");
|
packet_disconnect("bad server public DH value");
|
||||||
|
@ -1475,14 +1477,14 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
|
||||||
kout = DH_compute_key(kbuf, dh_server_pub, dh);
|
kout = DH_compute_key(kbuf, dh_server_pub, dh);
|
||||||
#ifdef DEBUG_KEXDH
|
#ifdef DEBUG_KEXDH
|
||||||
debug("shared secret: len %d/%d", klen, kout);
|
debug("shared secret: len %d/%d", klen, kout);
|
||||||
fprintf(stderr, "shared secret == ");
|
fprintf(stderr, "shared secret == ");
|
||||||
for (i = 0; i< kout; i++)
|
for (i = 0; i< kout; i++)
|
||||||
fprintf(stderr, "%02x", (kbuf[i])&0xff);
|
fprintf(stderr, "%02x", (kbuf[i])&0xff);
|
||||||
fprintf(stderr, "\n");
|
fprintf(stderr, "\n");
|
||||||
#endif
|
#endif
|
||||||
shared_secret = BN_new();
|
shared_secret = BN_new();
|
||||||
|
|
||||||
BN_bin2bn(kbuf, kout, shared_secret);
|
BN_bin2bn(kbuf, kout, shared_secret);
|
||||||
memset(kbuf, 0, klen);
|
memset(kbuf, 0, klen);
|
||||||
xfree(kbuf);
|
xfree(kbuf);
|
||||||
|
|
||||||
|
@ -1502,10 +1504,10 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
|
||||||
xfree(client_kexinit);
|
xfree(client_kexinit);
|
||||||
xfree(server_kexinit);
|
xfree(server_kexinit);
|
||||||
#ifdef DEBUG_KEXDH
|
#ifdef DEBUG_KEXDH
|
||||||
fprintf(stderr, "hash == ");
|
fprintf(stderr, "hash == ");
|
||||||
for (i = 0; i< 20; i++)
|
for (i = 0; i< 20; i++)
|
||||||
fprintf(stderr, "%02x", (hash[i])&0xff);
|
fprintf(stderr, "%02x", (hash[i])&0xff);
|
||||||
fprintf(stderr, "\n");
|
fprintf(stderr, "\n");
|
||||||
#endif
|
#endif
|
||||||
dsa_verify(server_host_key, (unsigned char *)signature, slen, hash, 20);
|
dsa_verify(server_host_key, (unsigned char *)signature, slen, hash, 20);
|
||||||
key_free(server_host_key);
|
key_free(server_host_key);
|
||||||
|
@ -1518,6 +1520,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
|
||||||
|
|
||||||
debug("Wait SSH2_MSG_NEWKEYS.");
|
debug("Wait SSH2_MSG_NEWKEYS.");
|
||||||
packet_read_expect(&payload_len, SSH2_MSG_NEWKEYS);
|
packet_read_expect(&payload_len, SSH2_MSG_NEWKEYS);
|
||||||
|
packet_done();
|
||||||
debug("GOT SSH2_MSG_NEWKEYS.");
|
debug("GOT SSH2_MSG_NEWKEYS.");
|
||||||
|
|
||||||
debug("send SSH2_MSG_NEWKEYS.");
|
debug("send SSH2_MSG_NEWKEYS.");
|
||||||
|
@ -1551,7 +1554,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
|
||||||
char *server_user, *local_user;
|
char *server_user, *local_user;
|
||||||
char *auths;
|
char *auths;
|
||||||
char *password;
|
char *password;
|
||||||
char *service = "ssh-connection"; // service name
|
char *service = "ssh-connection"; /* service name */
|
||||||
|
|
||||||
debug("send SSH2_MSG_SERVICE_REQUEST");
|
debug("send SSH2_MSG_SERVICE_REQUEST");
|
||||||
packet_start(SSH2_MSG_SERVICE_REQUEST);
|
packet_start(SSH2_MSG_SERVICE_REQUEST);
|
||||||
|
@ -1563,8 +1566,15 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
|
||||||
if (type != SSH2_MSG_SERVICE_ACCEPT) {
|
if (type != SSH2_MSG_SERVICE_ACCEPT) {
|
||||||
fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type);
|
fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type);
|
||||||
}
|
}
|
||||||
/* payload empty for ssh-2.0.13 ?? */
|
if (packet_remaining() > 0) {
|
||||||
/* reply = packet_get_string(&payload_len); */
|
char *reply = packet_get_string(&plen);
|
||||||
|
debug("service_accept: %s", reply);
|
||||||
|
xfree(reply);
|
||||||
|
} else {
|
||||||
|
/* payload empty for ssh-2.0.13 ?? */
|
||||||
|
log("buggy server: service_accept w/o service");
|
||||||
|
}
|
||||||
|
packet_done();
|
||||||
debug("got SSH2_MSG_SERVICE_ACCEPT");
|
debug("got SSH2_MSG_SERVICE_ACCEPT");
|
||||||
|
|
||||||
/*XX COMMONCODE: */
|
/*XX COMMONCODE: */
|
||||||
|
@ -1593,6 +1603,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
|
||||||
auths = packet_get_string(&dlen);
|
auths = packet_get_string(&dlen);
|
||||||
debug("authentications that can continue: %s", auths);
|
debug("authentications that can continue: %s", auths);
|
||||||
partial = packet_get_char();
|
partial = packet_get_char();
|
||||||
|
packet_done();
|
||||||
if (partial)
|
if (partial)
|
||||||
debug("partial success");
|
debug("partial success");
|
||||||
if (strstr(auths, "password") == NULL)
|
if (strstr(auths, "password") == NULL)
|
||||||
|
@ -1613,6 +1624,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
|
||||||
packet_send();
|
packet_send();
|
||||||
packet_write_wait();
|
packet_write_wait();
|
||||||
}
|
}
|
||||||
|
packet_done();
|
||||||
debug("ssh-userauth2 successfull");
|
debug("ssh-userauth2 successfull");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
32
sshd.c
32
sshd.c
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshd.c,v 1.104 2000/04/12 09:39:10 markus Exp $");
|
RCSID("$OpenBSD: sshd.c,v 1.105 2000/04/14 10:30:33 markus Exp $");
|
||||||
|
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
#include "rsa.h"
|
#include "rsa.h"
|
||||||
|
@ -266,15 +266,15 @@ key_regeneration_alarm(int sig)
|
||||||
char *
|
char *
|
||||||
chop(char *s)
|
chop(char *s)
|
||||||
{
|
{
|
||||||
char *t = s;
|
char *t = s;
|
||||||
while (*t) {
|
while (*t) {
|
||||||
if(*t == '\n' || *t == '\r') {
|
if(*t == '\n' || *t == '\r') {
|
||||||
*t = '\0';
|
*t = '\0';
|
||||||
return s;
|
return s;
|
||||||
}
|
}
|
||||||
t++;
|
t++;
|
||||||
}
|
}
|
||||||
return s;
|
return s;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -337,7 +337,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
|
||||||
*/
|
*/
|
||||||
if (sscanf(client_version_string, "SSH-%d.%d-%[^\n]\n",
|
if (sscanf(client_version_string, "SSH-%d.%d-%[^\n]\n",
|
||||||
&remote_major, &remote_minor, remote_version) != 3) {
|
&remote_major, &remote_minor, remote_version) != 3) {
|
||||||
s = "Protocol mismatch.\n";
|
s = "Protocol mismatch.\n";
|
||||||
(void) atomicio(write, sock_out, s, strlen(s));
|
(void) atomicio(write, sock_out, s, strlen(s));
|
||||||
close(sock_in);
|
close(sock_in);
|
||||||
close(sock_out);
|
close(sock_out);
|
||||||
|
@ -1018,7 +1018,7 @@ do_ssh1_kex()
|
||||||
/* Get cipher type and check whether we accept this. */
|
/* Get cipher type and check whether we accept this. */
|
||||||
cipher_type = packet_get_char();
|
cipher_type = packet_get_char();
|
||||||
|
|
||||||
if (!(cipher_mask() & (1 << cipher_type)))
|
if (!(cipher_mask() & (1 << cipher_type)))
|
||||||
packet_disconnect("Warning: client selects unsupported cipher.");
|
packet_disconnect("Warning: client selects unsupported cipher.");
|
||||||
|
|
||||||
/* Get check bytes from the packet. These must match those we
|
/* Get check bytes from the packet. These must match those we
|
||||||
|
@ -1258,10 +1258,10 @@ do_ssh2_kex()
|
||||||
xfree(client_kexinit);
|
xfree(client_kexinit);
|
||||||
xfree(server_kexinit);
|
xfree(server_kexinit);
|
||||||
#ifdef DEBUG_KEXDH
|
#ifdef DEBUG_KEXDH
|
||||||
fprintf(stderr, "hash == ");
|
fprintf(stderr, "hash == ");
|
||||||
for (i = 0; i< 20; i++)
|
for (i = 0; i< 20; i++)
|
||||||
fprintf(stderr, "%02x", (hash[i])&0xff);
|
fprintf(stderr, "%02x", (hash[i])&0xff);
|
||||||
fprintf(stderr, "\n");
|
fprintf(stderr, "\n");
|
||||||
#endif
|
#endif
|
||||||
/* sign H */
|
/* sign H */
|
||||||
dsa_sign(server_host_key, &signature, &slen, hash, 20);
|
dsa_sign(server_host_key, &signature, &slen, hash, 20);
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: ttymodes.c,v 1.3 1999/11/25 00:54:59 damien Exp $");
|
RCSID("$Id: ttymodes.c,v 1.4 2000/04/16 01:18:49 damien Exp $");
|
||||||
|
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$Id: ttymodes.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
|
/* RCSID("$Id: ttymodes.h,v 1.4 2000/04/16 01:18:49 damien Exp $"); */
|
||||||
|
|
||||||
/* The tty mode description is a stream of bytes. The stream consists of
|
/* The tty mode description is a stream of bytes. The stream consists of
|
||||||
* opcode-arguments pairs. It is terminated by opcode TTY_OP_END (0).
|
* opcode-arguments pairs. It is terminated by opcode TTY_OP_END (0).
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: uidswap.c,v 1.4 2000/01/20 13:18:16 damien Exp $");
|
RCSID("$Id: uidswap.c,v 1.5 2000/04/16 01:18:49 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "uidswap.h"
|
#include "uidswap.h"
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: xmalloc.c,v 1.2 1999/11/24 13:26:23 damien Exp $");
|
RCSID("$Id: xmalloc.c,v 1.3 2000/04/16 01:18:49 damien Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue