tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-26 07:15:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

- OpenBSD CVS updates:

Browse Source 
- [readpass.c]
     avoid stdio; based on work by markus, millert, and I
   - [sshd.c]
     make sure the client selects a supported cipher
   - [sshd.c]
     fix sighup handling.  accept would just restart and daemon handled
     sighup only after the next connection was accepted. use poll on
     listen sock now.
   - [sshd.c]
     make that a fatal
This commit is contained in:
Damien Miller 1999-12-09 10:31:37 +11:00
parent bf1c9b2012
commit 50945fa861
3 changed files with 102 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ChangeLog
View File

@ -4,6 +4,17 @@
- "uninstall" rule for Makefile - "uninstall" rule for Makefile
- utmpx support - utmpx support
- Should fix PAM problems on Solaris - Should fix PAM problems on Solaris
- OpenBSD CVS updates:
- [readpass.c]
avoid stdio; based on work by markus, millert, and I
- [sshd.c]
make sure the client selects a supported cipher
- [sshd.c]
fix sighup handling. accept would just restart and daemon handled
sighup only after the next connection was accepted. use poll on
listen sock now.
- [sshd.c]
make that a fatal
19991208 19991208
- Compile fix for Solaris with /dev/ptmx from - Compile fix for Solaris with /dev/ptmx from

165
readpass.c
View File

@ -1,119 +1,94 @@
/* /*
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
* *
* readpass.c * Redistribution and use in source and binary forms, with or without
* * modification, are permitted provided that the following conditions
* Author: Tatu Ylonen <ylo@cs.hut.fi> * are met:
* * 1. Redistributions of source code must retain the above copyright
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * notice, this list of conditions and the following disclaimer.
* All rights reserved * 2. Redistributions in binary form must reproduce the above copyright
* * notice, this list of conditions and the following disclaimer in the
* Created: Mon Jul 10 22:08:59 1995 ylo * documentation and/or other materials provided with the distribution.
* * 3. All advertising materials mentioning features or use of this software
* Functions for reading passphrases and passwords. * must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
* *
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/ */
#include "includes.h" #include "includes.h"
RCSID("$Id: readpass.c,v 1.3 1999/11/25 00:54:59 damien Exp $"); RCSID("$Id: readpass.c,v 1.4 1999/12/08 23:31:37 damien Exp $");
#include "xmalloc.h" #include "xmalloc.h"
#include "ssh.h" #include "ssh.h"
/* Saved old terminal mode for read_passphrase. */
static struct termios saved_tio;
/* Old interrupt signal handler for read_passphrase. */
static void (*old_handler) (int sig) = NULL;
/* Interrupt signal handler for read_passphrase. */
void
intr_handler(int sig)
{
/* Restore terminal modes. */
tcsetattr(fileno(stdin), TCSANOW, &saved_tio);
/* Restore the old signal handler. */
signal(sig, old_handler);
/* Resend the signal, with the old handler. */
kill(getpid(), sig);
}
/* /*
* Reads a passphrase from /dev/tty with echo turned off. Returns the * Reads a passphrase from /dev/tty with echo turned off. Returns the
* passphrase (allocated with xmalloc). Exits if EOF is encountered. The * passphrase (allocated with xmalloc), being very careful to ensure that
* passphrase if read from stdin if from_stdin is true (as is the case with * no other userland buffer is storing the password.
* ssh-keygen).
*/ */
char * char *
read_passphrase(const char *prompt, int from_stdin) read_passphrase(const char *prompt, int from_stdin)
{ {
char buf[1024], *cp; char buf[1024], *p, ch;
struct termios tio; struct termios tio, saved_tio;
FILE *f; sigset_t oset, nset;
int input, output, echo = 0;
if (from_stdin) if (from_stdin) {
f = stdin; input = STDIN_FILENO;
else { output = STDERR_FILENO;
/* } else
* Read the passphrase from /dev/tty to make it possible to input = output = open("/dev/tty", O_RDWR);
* ask it even when stdin has been redirected.
*/
f = fopen("/dev/tty", "r");
if (!f) {
/* No controlling terminal and no DISPLAY. Nowhere to read. */
fprintf(stderr, "You have no controlling tty and no DISPLAY. Cannot read passphrase.\n");
exit(1);
}
}
/* Display the prompt (on stderr because stdout might be redirected). */ if (input == -1)
fflush(stdout); fatal("You have no controlling tty. Cannot read passphrase.\n");
fprintf(stderr, "%s", prompt);
fflush(stderr);
/* Get terminal modes. */ /* block signals, get terminal modes and turn off echo */
tcgetattr(fileno(f), &tio); sigemptyset(&nset);
sigaddset(&nset, SIGINT);
sigaddset(&nset, SIGTSTP);
(void) sigprocmask(SIG_BLOCK, &nset, &oset);
if (tcgetattr(input, &tio) == 0 && (tio.c_lflag & ECHO)) {
echo = 1;
saved_tio = tio; saved_tio = tio;
/* Save signal handler and set the new handler. */
old_handler = signal(SIGINT, intr_handler);
/* Set new terminal modes disabling all echo. */
tio.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL); tio.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL);
tcsetattr(fileno(f), TCSANOW, &tio); (void) tcsetattr(input, TCSANOW, &tio);
/* Read the passphrase from the terminal. */
if (fgets(buf, sizeof(buf), f) == NULL) {
/* Got EOF. Just exit. */
/* Restore terminal modes. */
tcsetattr(fileno(f), TCSANOW, &saved_tio);
/* Restore the signal handler. */
signal(SIGINT, old_handler);
/* Print a newline (the prompt probably didn\'t have one). */
fprintf(stderr, "\n");
/* Close the file. */
if (f != stdin)
fclose(f);
exit(1);
} }
/* Restore terminal modes. */
tcsetattr(fileno(f), TCSANOW, &saved_tio); fflush(stdout);
/* Restore the signal handler. */
(void) signal(SIGINT, old_handler); (void)write(output, prompt, strlen(prompt));
/* Remove newline from the passphrase. */ for (p = buf; read(input, &ch, 1) == 1 && ch != '\n';)
if (strchr(buf, '\n')) if (p < buf + sizeof(buf) - 1)
*strchr(buf, '\n') = 0; *p++ = ch;
/* Allocate a copy of the passphrase. */ *p = '\0';
cp = xstrdup(buf); (void)write(output, "\n", 1);
/*
* Clear the buffer so we don\'t leave copies of the passphrase /* restore terminal modes and allow signals */
* laying around. if (echo)
*/ tcsetattr(input, TCSANOW, &saved_tio);
(void) sigprocmask(SIG_SETMASK, &oset, NULL);
if (!from_stdin)
(void)close(input);
p = xstrdup(buf);
memset(buf, 0, sizeof(buf)); memset(buf, 0, sizeof(buf));
/* Print a newline since the prompt probably didn\'t have one. */ return (p);
fprintf(stderr, "\n");
/* Close the file. */
if (f != stdin)
fclose(f);
return cp;
} }

23
sshd.c
View File

@ -11,7 +11,9 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$Id: sshd.c,v 1.36 1999/12/08 23:16:55 damien Exp $"); RCSID("$Id: sshd.c,v 1.37 1999/12/08 23:31:37 damien Exp $");
#include <poll.h>
#include "xmalloc.h" #include "xmalloc.h"
#include "rsa.h" #include "rsa.h"
@ -419,6 +421,7 @@ main(int ac, char **av)
int opt, aux, sock_in, sock_out, newsock, i, pid, on = 1; int opt, aux, sock_in, sock_out, newsock, i, pid, on = 1;
int remote_major, remote_minor; int remote_major, remote_minor;
int silentrsa = 0; int silentrsa = 0;
struct pollfd fds;
struct sockaddr_in sin; struct sockaddr_in sin;
char buf[100]; /* Must not be larger than remote_version. */ char buf[100]; /* Must not be larger than remote_version. */
char remote_version[100]; /* Must be at least as big as buf. */ char remote_version[100]; /* Must be at least as big as buf. */
@ -688,7 +691,18 @@ main(int ac, char **av)
for (;;) { for (;;) {
if (received_sighup) if (received_sighup)
sighup_restart(); sighup_restart();
/* Wait in accept until there is a connection. */ /* Wait in poll until there is a connection. */
memset(&fds, 0, sizeof(fds));
fds.fd = listen_sock;
fds.events = POLLIN;
if (poll(&fds, 1, -1) == -1) {
if (errno == EINTR)
continue;
fatal("poll: %.100s", strerror(errno));
/*NOTREACHED*/
}
if (fds.revents == 0)
continue;
aux = sizeof(sin); aux = sizeof(sin);
newsock = accept(listen_sock, (struct sockaddr *) & sin, &aux); newsock = accept(listen_sock, (struct sockaddr *) & sin, &aux);
if (received_sighup) if (received_sighup)
@ -1026,9 +1040,12 @@ do_connection()
/* Read clients reply (cipher type and session key). */ /* Read clients reply (cipher type and session key). */
packet_read_expect(&plen, SSH_CMSG_SESSION_KEY); packet_read_expect(&plen, SSH_CMSG_SESSION_KEY);
/* Get cipher type. */ /* Get cipher type and check whether we accept this. */
cipher_type = packet_get_char(); cipher_type = packet_get_char();
if (!(cipher_mask() & (1 << cipher_type)))
packet_disconnect("Warning: client selects unsupported cipher.");
/* Get check bytes from the packet. These must match those we /* Get check bytes from the packet. These must match those we
sent earlier with the public key packet. */ sent earlier with the public key packet. */
for (i = 0; i < 8; i++) for (i = 0; i < 8; i++)