upstream commit

obliterate ssh1.h and some dead code that used it

ok markus@

Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343

channels.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.358 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.359 2017/04/30 23:28:41 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -69,7 +69,6 @@
 #include "openbsd-compat/sys-queue.h"
 #include "xmalloc.h"
 #include "ssh.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "ssherr.h"
 #include "packet.h"
@@ -2621,46 +2620,6 @@ channel_input_ieof(int type, u_int32_t seq, void *ctxt)
 	return 0;
 }
 
-/* ARGSUSED */
-int
-channel_input_close(int type, u_int32_t seq, void *ctxt)
-{
-	int id;
-	Channel *c;
-
-	id = packet_get_int();
-	packet_check_eom();
-	c = channel_lookup(id);
-	if (c == NULL)
-		packet_disconnect("Received close for nonexistent channel %d.", id);
-	if (channel_proxy_upstream(c, type, seq, ctxt))
-		return 0;
-	/*
-	 * Send a confirmation that we have closed the channel and no more
-	 * data is coming for it.
-	 */
-	packet_start(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION);
-	packet_put_int(c->remote_id);
-	packet_send();
-
-	/*
-	 * If the channel is in closed state, we have sent a close request,
-	 * and the other side will eventually respond with a confirmation.
-	 * Thus, we cannot free the channel here, because then there would be
-	 * no-one to receive the confirmation.  The channel gets freed when
-	 * the confirmation arrives.
-	 */
-	if (c->type != SSH_CHANNEL_CLOSED) {
-		/*
-		 * Not a closed channel - mark it as draining, which will
-		 * cause it to be freed later.
-		 */
-		buffer_clear(&c->input);
-		c->type = SSH_CHANNEL_OUTPUT_DRAINING;
-	}
-	return 0;
-}
-
 /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */
 /* ARGSUSED */
 int
@@ -2817,38 +2776,6 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
 	return 0;
 }
 
-/* ARGSUSED */
-int
-channel_input_port_open(int type, u_int32_t seq, void *ctxt)
-{
-	Channel *c = NULL;
-	u_short host_port;
-	char *host, *originator_string;
-	int remote_id;
-
-	remote_id = packet_get_int();
-	host = packet_get_string(NULL);
-	host_port = packet_get_int();
-
-	if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) {
-		originator_string = packet_get_string(NULL);
-	} else {
-		originator_string = xstrdup("unknown (remote did not supply name)");
-	}
-	packet_check_eom();
-	c = channel_connect_to_port(host, host_port,
-	    "connected socket", originator_string, NULL, NULL);
-	free(originator_string);
-	free(host);
-	if (c == NULL) {
-		packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
-		packet_put_int(remote_id);
-		packet_send();
-	} else
-		c->remote_id = remote_id;
-	return 0;
-}
-
 /* ARGSUSED */
 int
 channel_input_status_confirm(int type, u_int32_t seq, void *ctxt)
@@ -4255,81 +4182,6 @@ x11_connect_display(void)
 	return sock;
 }
 
-/*
- * This is called when SSH_SMSG_X11_OPEN is received.  The packet contains
- * the remote channel number.  We should do whatever we want, and respond
- * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
- */
-
-/* ARGSUSED */
-int
-x11_input_open(int type, u_int32_t seq, void *ctxt)
-{
-	Channel *c = NULL;
-	int remote_id, sock = 0;
-	char *remote_host;
-
-	debug("Received X11 open request.");
-
-	remote_id = packet_get_int();
-
-	if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) {
-		remote_host = packet_get_string(NULL);
-	} else {
-		remote_host = xstrdup("unknown (remote did not supply name)");
-	}
-	packet_check_eom();
-
-	/* Obtain a connection to the real X display. */
-	sock = x11_connect_display();
-	if (sock != -1) {
-		/* Allocate a channel for this connection. */
-		c = channel_new("connected x11 socket",
-		    SSH_CHANNEL_X11_OPEN, sock, sock, -1, 0, 0, 0,
-		    remote_host, 1);
-		c->remote_id = remote_id;
-		c->force_drain = 1;
-	}
-	free(remote_host);
-	if (c == NULL) {
-		/* Send refusal to the remote host. */
-		packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
-		packet_put_int(remote_id);
-	} else {
-		/* Send a confirmation to the remote host. */
-		packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
-		packet_put_int(remote_id);
-		packet_put_int(c->self);
-	}
-	packet_send();
-	return 0;
-}
-
-/* dummy protocol handler that denies SSH-1 requests (agent/x11) */
-/* ARGSUSED */
-int
-deny_input_open(int type, u_int32_t seq, void *ctxt)
-{
-	int rchan = packet_get_int();
-
-	switch (type) {
-	case SSH_SMSG_AGENT_OPEN:
-		error("Warning: ssh server tried agent forwarding.");
-		break;
-	case SSH_SMSG_X11_OPEN:
-		error("Warning: ssh server tried X11 forwarding.");
-		break;
-	default:
-		error("deny_input_open: type %d", type);
-		break;
-	}
-	error("Warning: this is probably a break-in attempt by a malicious server.");
-	packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
-	packet_put_int(rchan);
-	packet_send();
-	return 0;
-}
-
 /*
  * Requests forwarding of X11 connections, generates fake authentication
  * data, and enables authentication spoofing.
@@ -4394,16 +4246,3 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
 	packet_write_wait();
 	free(new_data);
 }
-
-
-/* -- agent forwarding */
-
-/* Sends a message to the server to request authentication fd forwarding. */
-
-void
-auth_request_forwarding(void)
-{
-	packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING);
-	packet_send();
-	packet_write_wait();
-}

channels.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.h,v 1.122 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: channels.h,v 1.123 2017/04/30 23:28:41 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -238,7 +238,6 @@ int	 channel_proxy_upstream(Channel *, int, u_int32_t, void *);
 
 /* protocol handler */
 
-int	 channel_input_close(int, u_int32_t, void *);
 int	 channel_input_close_confirmation(int, u_int32_t, void *);
 int	 channel_input_data(int, u_int32_t, void *);
 int	 channel_input_extended_data(int, u_int32_t, void *);
@@ -246,7 +245,6 @@ int	 channel_input_ieof(int, u_int32_t, void *);
 int	 channel_input_oclose(int, u_int32_t, void *);
 int	 channel_input_open_confirmation(int, u_int32_t, void *);
 int	 channel_input_open_failure(int, u_int32_t, void *);
-int	 channel_input_port_open(int, u_int32_t, void *);
 int	 channel_input_window_adjust(int, u_int32_t, void *);
 int	 channel_input_status_confirm(int, u_int32_t, void *);
 
@@ -295,14 +293,8 @@ int	 permitopen_port(const char *);
 void	 channel_set_x11_refuse_time(u_int);
 int	 x11_connect_display(void);
 int	 x11_create_display_inet(int, int, int, u_int *, int **);
-int      x11_input_open(int, u_int32_t, void *);
 void	 x11_request_forwarding_with_spoofing(int, const char *, const char *,
 	     const char *, int);
-int	 deny_input_open(int, u_int32_t, void *);
-
-/* agent forwarding */
-
-void	 auth_request_forwarding(void);
 
 /* channel close */
 

clientloop.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.294 2017/04/30 23:21:54 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.295 2017/04/30 23:28:41 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -89,7 +89,6 @@
 #include "openbsd-compat/sys-queue.h"
 #include "xmalloc.h"
 #include "ssh.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "packet.h"
 #include "buffer.h"

dispatch.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: dispatch.c,v 1.28 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: dispatch.c,v 1.29 2017/04/30 23:28:42 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -30,7 +30,6 @@
 #include <signal.h>
 #include <stdarg.h>
 
-#include "ssh1.h"
 #include "ssh2.h"
 #include "log.h"
 #include "dispatch.h"

nchan.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: nchan.c,v 1.64 2017/04/30 23:13:25 djm Exp $ */
+/* $OpenBSD: nchan.c,v 1.65 2017/04/30 23:28:42 djm Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
  *
@@ -33,7 +33,6 @@
 #include <stdarg.h>
 
 #include "openbsd-compat/sys-queue.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "buffer.h"
 #include "packet.h"

packet.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.251 2017/04/30 23:26:16 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.252 2017/04/30 23:28:42 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -69,7 +69,6 @@
 #include "xmalloc.h"
 #include "crc32.h"
 #include "compat.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "cipher.h"
 #include "sshkey.h"

ssh-keyscan.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.112 2017/04/30 23:18:44 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.113 2017/04/30 23:28:42 djm Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
  *
@@ -32,7 +32,6 @@
 
 #include "xmalloc.h"
 #include "ssh.h"
-#include "ssh1.h"
 #include "sshbuf.h"
 #include "sshkey.h"
 #include "cipher.h"

ssh.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.457 2017/04/30 23:18:44 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.458 2017/04/30 23:28:42 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -81,7 +81,6 @@
 
 #include "xmalloc.h"
 #include "ssh.h"
-#include "ssh1.h"
 #include "ssh2.h"
 #include "canohost.h"
 #include "compat.h"

ssh1.h

@@ -1,91 +0,0 @@
-/* $OpenBSD: ssh1.h,v 1.7 2016/05/04 14:22:33 markus Exp $ */
-
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- *                    All rights reserved
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose.  Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-
-/*
- * Definition of message types.  New values can be added, but old values
- * should not be removed or without careful consideration of the consequences
- * for compatibility.  The maximum value is 254; value 255 is reserved for
- * future extension.
- */
-/* Ranges */
-#define SSH_MSG_MIN				1
-#define SSH_MSG_MAX				254
-/* Message name */			/* msg code */	/* arguments */
-#define SSH_MSG_DISCONNECT			1	/* cause (string) */
-#define SSH_SMSG_PUBLIC_KEY			2	/* ck,msk,srvk,hostk */
-#define SSH_CMSG_SESSION_KEY			3	/* key (BIGNUM) */
-#define SSH_CMSG_USER				4	/* user (string) */
-#define SSH_CMSG_AUTH_RHOSTS			5	/* user (string) */
-#define SSH_CMSG_AUTH_RSA			6	/* modulus (BIGNUM) */
-#define SSH_SMSG_AUTH_RSA_CHALLENGE		7	/* int (BIGNUM) */
-#define SSH_CMSG_AUTH_RSA_RESPONSE		8	/* int (BIGNUM) */
-#define SSH_CMSG_AUTH_PASSWORD			9	/* pass (string) */
-#define SSH_CMSG_REQUEST_PTY			10	/* TERM, tty modes */
-#define SSH_CMSG_WINDOW_SIZE			11	/* row,col,xpix,ypix */
-#define SSH_CMSG_EXEC_SHELL			12	/* */
-#define SSH_CMSG_EXEC_CMD			13	/* cmd (string) */
-#define SSH_SMSG_SUCCESS			14	/* */
-#define SSH_SMSG_FAILURE			15	/* */
-#define SSH_CMSG_STDIN_DATA			16	/* data (string) */
-#define SSH_SMSG_STDOUT_DATA			17	/* data (string) */
-#define SSH_SMSG_STDERR_DATA			18	/* data (string) */
-#define SSH_CMSG_EOF				19	/* */
-#define SSH_SMSG_EXITSTATUS			20	/* status (int) */
-#define SSH_MSG_CHANNEL_OPEN_CONFIRMATION	21	/* channel (int) */
-#define SSH_MSG_CHANNEL_OPEN_FAILURE		22	/* channel (int) */
-#define SSH_MSG_CHANNEL_DATA			23	/* ch,data (int,str) */
-#define SSH_MSG_CHANNEL_CLOSE			24	/* channel (int) */
-#define SSH_MSG_CHANNEL_CLOSE_CONFIRMATION	25	/* channel (int) */
-/*      SSH_CMSG_X11_REQUEST_FORWARDING		26	   OBSOLETE */
-#define SSH_SMSG_X11_OPEN			27	/* channel (int) */
-#define SSH_CMSG_PORT_FORWARD_REQUEST		28	/* p,host,hp (i,s,i) */
-#define SSH_MSG_PORT_OPEN			29	/* ch,h,p (i,s,i) */
-#define SSH_CMSG_AGENT_REQUEST_FORWARDING	30	/* */
-#define SSH_SMSG_AGENT_OPEN			31	/* port (int) */
-#define SSH_MSG_IGNORE				32	/* string */
-#define SSH_CMSG_EXIT_CONFIRMATION		33	/* */
-#define SSH_CMSG_X11_REQUEST_FORWARDING		34	/* proto,data (s,s) */
-#define SSH_CMSG_AUTH_RHOSTS_RSA		35	/* user,mod (s,mpi) */
-#define SSH_MSG_DEBUG				36	/* string */
-#define SSH_CMSG_REQUEST_COMPRESSION		37	/* level 1-9 (int) */
-#define SSH_CMSG_MAX_PACKET_SIZE		38	/* size 4k-1024k (int) */
-#define SSH_CMSG_AUTH_TIS			39	/* we use this for s/key */
-#define SSH_SMSG_AUTH_TIS_CHALLENGE		40	/* challenge (string) */
-#define SSH_CMSG_AUTH_TIS_RESPONSE		41	/* response (string) */
-#define SSH_CMSG_AUTH_KERBEROS			42	/* (KTEXT) */
-#define SSH_SMSG_AUTH_KERBEROS_RESPONSE		43	/* (KTEXT) */
-#define SSH_CMSG_HAVE_KERBEROS_TGT		44	/* credentials (s) */
-#define SSH_CMSG_HAVE_AFS_TOKEN			65	/* token (s) */
-
-/* protocol version 1.5 overloads some version 1.3 message types */
-#define SSH_MSG_CHANNEL_INPUT_EOF	SSH_MSG_CHANNEL_CLOSE
-#define SSH_MSG_CHANNEL_OUTPUT_CLOSE	SSH_MSG_CHANNEL_CLOSE_CONFIRMATION
-
-/*
- * Authentication methods.  New types can be added, but old types should not
- * be removed for compatibility.  The maximum allowed value is 31.
- */
-#define SSH_AUTH_RHOSTS		1
-#define SSH_AUTH_RSA		2
-#define SSH_AUTH_PASSWORD	3
-#define SSH_AUTH_RHOSTS_RSA	4
-#define SSH_AUTH_TIS		5
-#define SSH_AUTH_KERBEROS	6
-#define SSH_PASS_KERBEROS_TGT	7
-				/* 8 to 15 are reserved */
-#define SSH_PASS_AFS_TOKEN	21
-
-/* Protocol flags.  These are bit masks. */
-#define SSH_PROTOFLAG_SCREEN_NUMBER	1	/* X11 forwarding includes screen */
-#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN	2	/* forwarding opens contain host */