tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- deraadt@cvs.openbsd.org 2001/12/19 07:18:56 

[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
     [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
     [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
     [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
     [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
     [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
     [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
     [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
     basic KNF done while i was looking for something else
This commit is contained in:
Damien Miller 2001-12-21 14:45:46 +11:00
parent 89681214ca
commit 9f0f5c64bc
54 changed files with 662 additions and 654 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ChangeLog
View File

@ -28,6 +28,16 @@
[auth-rsa.c]
log fingerprint on successful public key authentication, simplify
usage of key structs; ok markus@
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
20011219
- (stevesk) OpenBSD CVS sync X11 localhost display
@ -7056,4 +7066,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
$Id: ChangeLog,v 1.1700 2001/12/21 01:52:39 djm Exp $
$Id: ChangeLog,v 1.1701 2001/12/21 03:45:46 djm Exp $

94
auth-bsdauth.c
View File

@ -22,7 +22,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-bsdauth.c,v 1.1 2001/05/18 14:13:28 markus Exp $");
RCSID("$OpenBSD: auth-bsdauth.c,v 1.2 2001/12/19 07:18:56 deraadt Exp $");
#ifdef BSD_AUTH
#include "xmalloc.h"
@ -36,74 +36,74 @@ bsdauth_init_ctx(Authctxt *authctxt)
}
static int
bsdauth_query(void *ctx, char **name, char **infotxt,
bsdauth_query(void *ctx, char **name, char **infotxt,
u_int *numprompts, char ***prompts, u_int **echo_on)
{
Authctxt *authctxt = ctx;
char *challenge = NULL;
Authctxt *authctxt = ctx;
char *challenge = NULL;
if (authctxt->as != NULL) {
debug2("bsdauth_query: try reuse session");
challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
if (challenge == NULL) {
auth_close(authctxt->as);
authctxt->as = NULL;
}
}
if (authctxt->as != NULL) {
debug2("bsdauth_query: try reuse session");
challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
if (challenge == NULL) {
auth_close(authctxt->as);
authctxt->as = NULL;
}
}
if (challenge == NULL) {
debug2("bsdauth_query: new bsd auth session");
debug3("bsdauth_query: style %s",
if (challenge == NULL) {
debug2("bsdauth_query: new bsd auth session");
debug3("bsdauth_query: style %s",
authctxt->style ? authctxt->style : "<default>");
authctxt->as = auth_userchallenge(authctxt->user,
authctxt->as = auth_userchallenge(authctxt->user,
authctxt->style, "auth-ssh", &challenge);
if (authctxt->as == NULL)
challenge = NULL;
debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
}
if (challenge == NULL)
return -1;
if (authctxt->as == NULL)
challenge = NULL;
debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
}
*name = xstrdup("");
*infotxt = xstrdup("");
*numprompts = 1;
*prompts = xmalloc(*numprompts * sizeof(char*));
*echo_on = xmalloc(*numprompts * sizeof(u_int));
(*echo_on)[0] = 0;
(*prompts)[0] = xstrdup(challenge);
if (challenge == NULL)
return -1;
return 0;
*name = xstrdup("");
*infotxt = xstrdup("");
*numprompts = 1;
*prompts = xmalloc(*numprompts * sizeof(char*));
*echo_on = xmalloc(*numprompts * sizeof(u_int));
(*echo_on)[0] = 0;
(*prompts)[0] = xstrdup(challenge);
return 0;
}
static int
bsdauth_respond(void *ctx, u_int numresponses, char **responses)
{
Authctxt *authctxt = ctx;
int authok;
if (authctxt->as == 0)
error("bsdauth_respond: no bsd auth session");
Authctxt *authctxt = ctx;
int authok;
if (numresponses != 1)
return -1;
if (authctxt->as == 0)
error("bsdauth_respond: no bsd auth session");
authok = auth_userresponse(authctxt->as, responses[0], 0);
authctxt->as = NULL;
debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
if (numresponses != 1)
return -1;
return (authok == 0) ? -1 : 0;
authok = auth_userresponse(authctxt->as, responses[0], 0);
authctxt->as = NULL;
debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
return (authok == 0) ? -1 : 0;
}
static void
bsdauth_free_ctx(void *ctx)
{
Authctxt *authctxt = ctx;
Authctxt *authctxt = ctx;
if (authctxt && authctxt->as) {
auth_close(authctxt->as);
authctxt->as = NULL;
}
if (authctxt && authctxt->as) {
auth_close(authctxt->as);
authctxt->as = NULL;
}
}
KbdintDevice bsdauth_device = {

74
auth-krb4.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-krb4.c,v 1.24 2001/06/26 16:15:22 dugsong Exp $");
RCSID("$OpenBSD: auth-krb4.c,v 1.25 2001/12/19 07:18:56 deraadt Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -49,7 +49,7 @@ krb4_init(void *context)
const char *tkt_root = TKT_ROOT;
struct stat st;
int fd;
if (!authctxt->krb4_ticket_file) {
/* Set unique ticket string manually since we're still root. */
authctxt->krb4_ticket_file = xmalloc(MAXPATHLEN);
@ -79,13 +79,13 @@ krb4_init(void *context)
}
/* Failure - cancel cleanup function, leaving ticket for inspection. */
log("WARNING: bad ticket file %s", authctxt->krb4_ticket_file);
fatal_remove_cleanup(krb4_cleanup_proc, authctxt);
cleanup_registered = 0;
xfree(authctxt->krb4_ticket_file);
authctxt->krb4_ticket_file = NULL;
return (0);
}
@ -103,10 +103,10 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
char localhost[MAXHOSTNAMELEN], phost[INST_SZ], realm[REALM_SZ];
u_int32_t faddr;
int r;
if ((pw = authctxt->pw) == NULL)
return (0);
/*
* Try Kerberos password authentication only for non-root
* users and only if Kerberos is installed.
@ -128,7 +128,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
}
/* Successful authentication. */
chown(tkt_string(), pw->pw_uid, pw->pw_gid);
/*
* Now that we have a TGT, try to get a local
* "rcmd" ticket to ensure that we are not talking
@ -138,7 +138,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
strlcpy(phost, (char *)krb_get_phost(localhost),
sizeof(phost));
r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33);
if (r == KSUCCESS) {
if ((hp = gethostbyname(localhost)) == NULL) {
log("Couldn't get local host address!");
@ -146,7 +146,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
}
memmove((void *)&faddr, (void *)hp->h_addr,
sizeof(faddr));
/* Verify our "rcmd" ticket. */
r = krb_rd_req(&tkt, KRB4_SERVICE_NAME, phost,
faddr, &adata, "");
@ -186,13 +186,13 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
} else
/* Logging in as root or no local Kerberos realm. */
debug("Unable to authenticate to Kerberos.");
failure:
krb4_cleanup_proc(authctxt);
if (!options.kerberos_or_local_passwd)
return (0);
/* Fall back to ordinary passwd authentication. */
return (-1);
}
@ -220,9 +220,9 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client)
socklen_t slen;
u_int cksum;
int r, s;
s = packet_get_connection_in();
slen = sizeof(local);
memset(&local, 0, sizeof(local));
if (getsockname(s, (struct sockaddr *) & local, &slen) < 0)
@ -235,7 +235,7 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client)
}
instance[0] = '*';
instance[1] = 0;
/* Get the encrypted request, challenge, and session key. */
if ((r = krb_rd_req(auth, KRB4_SERVICE_NAME, instance,
0, &adat, ""))) {
@ -243,11 +243,11 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client)
return (0);
}
des_key_sched((des_cblock *) adat.session, schedule);
*client = xmalloc(MAX_K_NAME_SZ);
(void) snprintf(*client, MAX_K_NAME_SZ, "%s%s%s@%s", adat.pname,
*adat.pinst ? "." : "", adat.pinst, adat.prealm);
/* Check ~/.klogin authorization now. */
if (kuserok(&adat, authctxt->user) != KSUCCESS) {
log("Kerberos v4 .klogin authorization failed for %s to "
@ -259,7 +259,7 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client)
session key. */
cksum = adat.checksum + 1;
cksum = htonl(cksum);
/* If we can't successfully encrypt the checksum, we send back an
empty message, admitting our failure. */
if ((r = krb_mk_priv((u_char *) & cksum, reply.dat, sizeof(cksum) + 1,
@ -269,10 +269,10 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client)
reply.length = 0;
} else
reply.length = r;
/* Clear session key. */
memset(&adat.session, 0, sizeof(&adat.session));
packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
packet_put_string((char *) reply.dat, reply.length);
packet_send();
@ -287,19 +287,19 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string)
{
CREDENTIALS creds;
struct passwd *pw;
if ((pw = authctxt->pw) == NULL)
goto failure;
temporarily_use_uid(pw);
if (!radix_to_creds(string, &creds)) {
log("Protocol error decoding Kerberos v4 TGT");
goto failure;
}
if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */
strlcpy(creds.service, "krbtgt", sizeof creds.service);
if (strcmp(creds.service, "krbtgt")) {
log("Kerberos v4 TGT (%s%s%s@%s) rejected for %s",
creds.pname, creds.pinst[0] ? "." : "", creds.pinst,
@ -308,10 +308,10 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string)
}
if (!krb4_init(authctxt))
goto failure;
if (in_tkt(creds.pname, creds.pinst) != KSUCCESS)
goto failure;
if (save_credentials(creds.service, creds.instance, creds.realm,
creds.session, creds.lifetime, creds.kvno, &creds.ticket_st,
creds.issue_date) != KSUCCESS) {
@ -320,20 +320,20 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string)
}
/* Successful authentication, passed all checks. */
chown(tkt_string(), pw->pw_uid, pw->pw_gid);
debug("Kerberos v4 TGT accepted (%s%s%s@%s)",
creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm);
memset(&creds, 0, sizeof(creds));
restore_uid();
return (1);
failure:
krb4_cleanup_proc(authctxt);
memset(&creds, 0, sizeof(creds));
restore_uid();
return (0);
}
@ -343,22 +343,22 @@ auth_afs_token(Authctxt *authctxt, const char *token_string)
CREDENTIALS creds;
struct passwd *pw;
uid_t uid;
if ((pw = authctxt->pw) == NULL)
return (0);
if (!radix_to_creds(token_string, &creds)) {
log("Protocol error decoding AFS token");
return (0);
}
if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */
strlcpy(creds.service, "afs", sizeof creds.service);
if (strncmp(creds.pname, "AFS ID ", 7) == 0)
uid = atoi(creds.pname + 7);
else
uid = pw->pw_uid;
if (kafs_settoken(creds.realm, uid, &creds)) {
log("AFS token (%s@%s) rejected for %s",
creds.pname, creds.realm, pw->pw_name);
@ -367,7 +367,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string)
}
debug("AFS token accepted (%s@%s)", creds.pname, creds.realm);
memset(&creds, 0, sizeof(creds));
return (1);
}
#endif /* AFS */

22
auth-rhosts.c
View File

@ -14,7 +14,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-rhosts.c,v 1.24 2001/06/23 15:12:17 itojun Exp $");
RCSID("$OpenBSD: auth-rhosts.c,v 1.25 2001/12/19 07:18:56 deraadt Exp $");
#include "packet.h"
#include "xmalloc.h"
@ -186,7 +186,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
* servers.
*/
for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
rhosts_file_index++) {
rhosts_file_index++) {
/* Check users .rhosts or .shosts. */
snprintf(buf, sizeof buf, "%.500s/%.100s",
pw->pw_dir, rhosts_files[rhosts_file_index]);
@ -204,16 +204,16 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
/* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */
if (pw->pw_uid != 0) {
if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, client_user,
pw->pw_name)) {
if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr,
client_user, pw->pw_name)) {
packet_send_debug("Accepted for %.100s [%.100s] by /etc/hosts.equiv.",
hostname, ipaddr);
hostname, ipaddr);
return 1;
}
if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr, client_user,
pw->pw_name)) {
if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr,
client_user, pw->pw_name)) {
packet_send_debug("Accepted for %.100s [%.100s] by %.100s.",
hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV);
hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV);
return 1;
}
}
@ -230,7 +230,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
}
if (options.strict_modes &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
(st.st_mode & 022) != 0)) {
log("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.",
pw->pw_name);
packet_send_debug("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.",
@ -242,7 +242,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
/* Check all .rhosts files (currently .shosts and .rhosts). */
for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
rhosts_file_index++) {
rhosts_file_index++) {
/* Check users .rhosts or .shosts. */
snprintf(buf, sizeof buf, "%.500s/%.100s",
pw->pw_dir, rhosts_files[rhosts_file_index]);
@ -257,7 +257,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
*/
if (options.strict_modes &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
(st.st_mode & 022) != 0)) {
log("Rhosts authentication refused for %.100s: bad modes for %.200s",
pw->pw_name, buf);
packet_send_debug("Bad file modes for %.200s", buf);

8
auth-skey.c
View File

@ -22,7 +22,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-skey.c,v 1.12 2001/05/18 14:13:28 markus Exp $");
RCSID("$OpenBSD: auth-skey.c,v 1.13 2001/12/19 07:18:56 deraadt Exp $");
#ifdef SKEY
@ -40,7 +40,7 @@ skey_init_ctx(Authctxt *authctxt)
#define PROMPT "\nS/Key Password: "
static int
skey_query(void *ctx, char **name, char **infotxt,
skey_query(void *ctx, char **name, char **infotxt,
u_int* numprompts, char ***prompts, u_int **echo_on)
{
Authctxt *authctxt = ctx;
@ -72,9 +72,9 @@ static int
skey_respond(void *ctx, u_int numresponses, char **responses)
{
Authctxt *authctxt = ctx;
if (authctxt->valid &&
numresponses == 1 &&
numresponses == 1 &&
skey_haskey(authctxt->pw->pw_name) == 0 &&
skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1)
return 0;

8
auth.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth.c,v 1.30 2001/11/17 19:14:34 stevesk Exp $");
RCSID("$OpenBSD: auth.c,v 1.31 2001/12/19 07:18:56 deraadt Exp $");
#ifdef HAVE_LOGIN_H
#include <login.h>
@ -272,7 +272,7 @@ expand_filename(const char *filename, struct passwd *pw)
}
if (cp[0] == '%' && cp[1] == 'u') {
buffer_append(&buffer, pw->pw_name,
strlen(pw->pw_name));
strlen(pw->pw_name));
cp++;
continue;
}
@ -326,7 +326,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
if (options.strict_modes &&
(stat(user_hostfile, &st) == 0) &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
(st.st_mode & 022) != 0)) {
log("Authentication refused for %.100s: "
"bad owner or modes for %.200s",
pw->pw_name, user_hostfile);
@ -399,7 +399,7 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
if (stat(buf, &st) < 0 ||
(st.st_uid != 0 && st.st_uid != uid) ||
(st.st_mode & 022) != 0) {
snprintf(err, errlen,
snprintf(err, errlen,
"bad ownership or modes for directory %s", buf);
return -1;
}

6
auth.h
View File

@ -21,7 +21,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $OpenBSD: auth.h,v 1.24 2001/12/18 10:04:21 jakob Exp $
* $OpenBSD: auth.h,v 1.25 2001/12/19 07:18:56 deraadt Exp $
*/
#ifndef AUTH_H
#define AUTH_H
@ -71,8 +71,8 @@ struct Authctxt {
/*
* Keyboard interactive device:
* init_ctx returns: non NULL upon success
* query returns: 0 - success, otherwise failure
* init_ctx returns: non NULL upon success
* query returns: 0 - success, otherwise failure
* respond returns: 0 - success, 1 - need further interaction,
* otherwise - failure
*/

20
auth1.c
View File

@ -10,7 +10,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth1.c,v 1.26 2001/12/05 03:56:39 itojun Exp $");
RCSID("$OpenBSD: auth1.c,v 1.27 2001/12/19 07:18:56 deraadt Exp $");
#include "xmalloc.h"
#include "rsa.h"
@ -77,7 +77,7 @@ do_authloop(Authctxt *authctxt)
struct passwd *pw = authctxt->pw;
debug("Attempting authentication for %s%.100s.",
authctxt->valid ? "" : "illegal user ", authctxt->user);
authctxt->valid ? "" : "illegal user ", authctxt->user);
/* If the user has no password, accept authentication immediately. */
if (options.password_authentication &&
@ -120,17 +120,17 @@ do_authloop(Authctxt *authctxt)
verbose("Kerberos authentication disabled.");
} else {
char *kdata = packet_get_string(&dlen);
packet_integrity_check(plen, 4 + dlen, type);
if (kdata[0] == 4) { /* KRB_PROT_VERSION */
#ifdef KRB4
KTEXT_ST tkt;
tkt.length = dlen;
if (tkt.length < MAX_KTXT_LEN)
memcpy(tkt.dat, kdata, tkt.length);
if (auth_krb4(authctxt, &tkt, &client_user)) {
authenticated = 1;
snprintf(info, sizeof(info),
@ -143,7 +143,7 @@ do_authloop(Authctxt *authctxt)
krb5_data tkt;
tkt.length = dlen;
tkt.data = kdata;
if (auth_krb5(authctxt, &tkt, &client_user)) {
authenticated = 1;
snprintf(info, sizeof(info),
@ -156,7 +156,7 @@ do_authloop(Authctxt *authctxt)
}
break;
#endif /* KRB4 || KRB5 */
#if defined(AFS) || defined(KRB5)
/* XXX - punt on backward compatibility here. */
case SSH_CMSG_HAVE_KERBEROS_TGT:
@ -168,7 +168,7 @@ do_authloop(Authctxt *authctxt)
break;
#endif /* AFS */
#endif /* AFS || KRB5 */
case SSH_CMSG_AUTH_RHOSTS:
if (!options.rhosts_authentication) {
verbose("Rhosts authentication disabled.");
@ -381,7 +381,7 @@ do_authentication(void)
/* XXX - SSH.com Kerberos v5 braindeath. */
if ((p = strchr(user, '@')) != NULL)
*p = '\0';
authctxt = authctxt_new();
authctxt->user = user;
authctxt->style = style;

4
auth2-chall.c
View File

@ -23,7 +23,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-chall.c,v 1.9 2001/12/09 18:45:56 markus Exp $");
RCSID("$OpenBSD: auth2-chall.c,v 1.10 2001/12/19 07:18:56 deraadt Exp $");
#include "ssh2.h"
#include "auth.h"
@ -151,7 +151,7 @@ auth2_challenge(Authctxt *authctxt, char *devs)
if (authctxt->user == NULL || !devs)
return 0;
if (authctxt->kbdintctxt == NULL)
if (authctxt->kbdintctxt == NULL)
authctxt->kbdintctxt = kbdint_alloc(devs);
return auth2_challenge_start(authctxt);
}

4
auth2.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth2.c,v 1.76 2001/12/18 10:05:15 jakob Exp $");
RCSID("$OpenBSD: auth2.c,v 1.77 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/evp.h>
@ -721,7 +721,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
file, linenum);
fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX);
verbose("Found matching %s key: %s",
key_type(found), fp);
key_type(found), fp);
xfree(fp);
break;
}

8
authfile.c
View File

@ -36,7 +36,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: authfile.c,v 1.40 2001/12/05 10:06:12 deraadt Exp $");
RCSID("$OpenBSD: authfile.c,v 1.41 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/err.h>
#include <openssl/evp.h>
@ -147,7 +147,7 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase,
if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) !=
buffer_len(&encrypted)) {
error("write to key file %s failed: %s", filename,
strerror(errno));
strerror(errno));
buffer_free(&encrypted);
close(fd);
unlink(filename);
@ -450,7 +450,7 @@ key_load_private_pem(int fd, int type, const char *passphrase,
debug("PEM_read_PrivateKey failed");
(void)ERR_get_error();
} else if (pk->type == EVP_PKEY_RSA &&
(type == KEY_UNSPEC||type==KEY_RSA)) {
(type == KEY_UNSPEC||type==KEY_RSA)) {
prv = key_new(KEY_UNSPEC);
prv->rsa = EVP_PKEY_get1_RSA(pk);
prv->type = KEY_RSA;
@ -459,7 +459,7 @@ key_load_private_pem(int fd, int type, const char *passphrase,
RSA_print_fp(stderr, prv->rsa, 8);
#endif
} else if (pk->type == EVP_PKEY_DSA &&
(type == KEY_UNSPEC||type==KEY_DSA)) {
(type == KEY_UNSPEC||type==KEY_DSA)) {
prv = key_new(KEY_UNSPEC);
prv->dsa = EVP_PKEY_get1_DSA(pk);
prv->type = KEY_DSA;

8
bufaux.c
View File

@ -37,7 +37,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: bufaux.c,v 1.18 2001/12/05 10:06:12 deraadt Exp $");
RCSID("$OpenBSD: bufaux.c,v 1.19 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/bn.h>
#include "bufaux.h"
@ -62,7 +62,7 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value)
oi = BN_bn2bin(value, buf);
if (oi != bin_size)
fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d",
oi, bin_size);
oi, bin_size);
/* Store the number of bits in the buffer in two bytes, msb first. */
PUT_16BIT(msg, bits);
@ -112,14 +112,14 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value)
oi = BN_bn2bin(value, buf+1);
if (oi != bytes-1)
fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d",
oi, bytes);
oi, bytes);
hasnohigh = (buf[1] & 0x80) ? 0 : 1;
if (value->neg) {
/**XXX should be two's-complement */
int i, carry;
u_char *uc = buf;
log("negativ!");
for(i = bytes-1, carry = 1; i>=0; i--) {
for (i = bytes-1, carry = 1; i>=0; i--) {
uc[i] ^= 0xff;
if (carry)
carry = !++uc[i];

10
canohost.c
View File

@ -12,7 +12,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: canohost.c,v 1.28 2001/12/05 03:56:39 itojun Exp $");
RCSID("$OpenBSD: canohost.c,v 1.29 2001/12/19 07:18:56 deraadt Exp $");
#include "packet.h"
#include "xmalloc.h"
@ -68,13 +68,13 @@ get_remote_hostname(int socket, int reverse_mapping_check)
check_ip_options(socket, ntop);
if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop),
NULL, 0, NI_NUMERICHOST) != 0)
NULL, 0, NI_NUMERICHOST) != 0)
fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
debug3("Trying to reverse map address %.100s.", ntop);
/* Map the IP address to a host name. */
if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
NULL, 0, NI_NAMEREQD) != 0) {
NULL, 0, NI_NAMEREQD) != 0) {
/* Host name not found. Use ip address. */
log("Could not reverse map address %.100s.", ntop);
return xstrdup(ntop);
@ -230,7 +230,7 @@ get_socket_address(int socket, int remote, int flags)
}
/* Get the address in ascii. */
if (getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop),
NULL, 0, flags) != 0) {
NULL, 0, flags) != 0) {
error("get_socket_ipaddr: getnameinfo %d failed", flags);
return NULL;
}
@ -316,7 +316,7 @@ get_sock_port(int sock, int local)
}
/* Return port number. */
if (getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0,
strport, sizeof(strport), NI_NUMERICSERV) != 0)
strport, sizeof(strport), NI_NUMERICSERV) != 0)
fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed");
return atoi(strport);
}

20
channels.c
View File

@ -39,7 +39,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: channels.c,v 1.147 2001/12/08 17:49:28 stevesk Exp $");
RCSID("$OpenBSD: channels.c,v 1.148 2001/12/19 07:18:56 deraadt Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -794,7 +794,7 @@ x11_open_helper(Buffer *b)
data_len = ucp[8] + 256 * ucp[9];
} else {
debug("Initial X11 packet contains bad byte order byte: 0x%x",
ucp[0]);
ucp[0]);
return -1;
}
@ -884,7 +884,7 @@ channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset)
{
u_char *p, *host;
int len, have, i, found;
char username[256];
char username[256];
struct {
u_int8_t version;
u_int8_t command;
@ -931,7 +931,7 @@ channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset)
host = inet_ntoa(s4_req.dest_addr);
strlcpy(c->path, host, sizeof(c->path));
c->host_port = ntohs(s4_req.dest_port);
debug("channel %d: dynamic request: socks4 host %s port %u command %u",
c->self, host, c->host_port, s4_req.command);
@ -1373,7 +1373,7 @@ channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset)
FD_ISSET(c->efd, readset)) {
len = read(c->efd, buf, sizeof(buf));
debug2("channel %d: read %d from efd %d",
c->self, len, c->efd);
c->self, len, c->efd);
if (len < 0 && (errno == EINTR || errno == EAGAIN))
return 1;
if (len <= 0) {
@ -1509,7 +1509,7 @@ static void
channel_handler_init(void)
{
int i;
for(i = 0; i < SSH_CHANNEL_MAX_TYPE; i++) {
for (i = 0; i < SSH_CHANNEL_MAX_TYPE; i++) {
channel_pre[i] = NULL;
channel_post[i] = NULL;
}
@ -2414,8 +2414,8 @@ x11_create_display_inet(int x11_display_offset, int gateway_ports)
int gaierr, n, num_socks = 0, socks[NUM_SOCKS];
for (display_number = x11_display_offset;
display_number < MAX_DISPLAYS;
display_number++) {
display_number < MAX_DISPLAYS;
display_number++) {
port = 6000 + display_number;
memset(&hints, 0, sizeof(hints));
hints.ai_family = IPv4or6;
@ -2541,7 +2541,7 @@ x11_connect_display(void)
/* Connect to the unix domain socket. */
if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) {
error("Could not parse display number from DISPLAY: %.100s",
display);
display);
return -1;
}
/* Create a socket. */
@ -2566,7 +2566,7 @@ x11_connect_display(void)
/* buf now contains the host name. But first we parse the display number. */
if (sscanf(cp + 1, "%d", &display_number) != 1) {
error("Could not parse display number from DISPLAY: %.100s",
display);
display);
return -1;
}

12
cipher.c
View File

@ -35,7 +35,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: cipher.c,v 1.47 2001/08/23 11:31:59 markus Exp $");
RCSID("$OpenBSD: cipher.c,v 1.48 2001/12/19 07:18:56 deraadt Exp $");
#include "xmalloc.h"
#include "log.h"
@ -184,14 +184,14 @@ blowfish_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
}
static void
blowfish_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src,
u_int len)
u_int len)
{
BF_cbc_encrypt((void *)src, dest, len, &cc->u.bf.key, cc->u.bf.iv,
BF_ENCRYPT);
}
static void
blowfish_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src,
u_int len)
u_int len)
{
BF_cbc_encrypt((void *)src, dest, len, &cc->u.bf.key, cc->u.bf.iv,
BF_DECRYPT);
@ -289,7 +289,7 @@ rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen)
static void
rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
{
if (iv == NULL || ivlen != RIJNDAEL_BLOCKSIZE)
if (iv == NULL || ivlen != RIJNDAEL_BLOCKSIZE)
fatal("bad/no IV for %s.", cc->cipher->name);
memcpy(cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE);
}
@ -417,7 +417,7 @@ u_int
cipher_mask_ssh1(int client)
{
u_int mask = 0;
mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */
mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */
mask |= 1 << SSH_CIPHER_BLOWFISH;
if (client) {
mask |= 1 << SSH_CIPHER_DES;
@ -457,7 +457,7 @@ ciphers_valid(const char *names)
return 0;
ciphers = cp = xstrdup(names);
for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0';
(p = strsep(&cp, CIPHER_SEP))) {
(p = strsep(&cp, CIPHER_SEP))) {
c = cipher_by_name(p);
if (c == NULL || c->number != SSH_CIPHER_SSH2) {
debug("bad cipher %s [%s]", p, names);

16
clientloop.c
View File

@ -59,7 +59,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: clientloop.c,v 1.89 2001/12/05 03:50:01 itojun Exp $");
RCSID("$OpenBSD: clientloop.c,v 1.90 2001/12/19 07:18:56 deraadt Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -254,7 +254,7 @@ client_make_packets_from_stdin_data(void)
/* Send buffered stdin data to the server. */
while (buffer_len(&stdin_buffer) > 0 &&
packet_not_very_much_data_to_write()) {
packet_not_very_much_data_to_write()) {
len = buffer_len(&stdin_buffer);
/* Keep the packets at reasonable size. */
if (len > packet_get_maxsize())
@ -417,9 +417,9 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
/* Check if the window size has changed. */
if (ioctl(fileno(stdin), TIOCGWINSZ, &newws) >= 0 &&
(oldws.ws_row != newws.ws_row ||
oldws.ws_col != newws.ws_col ||
oldws.ws_xpixel != newws.ws_xpixel ||
oldws.ws_ypixel != newws.ws_ypixel))
oldws.ws_col != newws.ws_col ||
oldws.ws_xpixel != newws.ws_xpixel ||
oldws.ws_ypixel != newws.ws_ypixel))
received_window_change_signal = 1;
/* OK, we have been continued by the user. Reinitialize buffers. */
@ -994,11 +994,11 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
/* Report bytes transferred, and transfer rates. */
total_time = get_current_time() - start_time;
debug("Transferred: stdin %lu, stdout %lu, stderr %lu bytes in %.1f seconds",
stdin_bytes, stdout_bytes, stderr_bytes, total_time);
stdin_bytes, stdout_bytes, stderr_bytes, total_time);
if (total_time > 0)
debug("Bytes per second: stdin %.1f, stdout %.1f, stderr %.1f",
stdin_bytes / total_time, stdout_bytes / total_time,
stderr_bytes / total_time);
stdin_bytes / total_time, stdout_bytes / total_time,
stderr_bytes / total_time);
/* Return the exit status of the program. */
debug("Exit status %d", exit_status);

18
compat.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: compat.c,v 1.55 2001/12/05 16:54:51 markus Exp $");
RCSID("$OpenBSD: compat.c,v 1.56 2001/12/19 07:18:56 deraadt Exp $");
#include "packet.h"
#include "xmalloc.h"
@ -82,19 +82,19 @@ compat_datafellows(const char *version)
{ "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE },
{ "2.0.13*,"
"2.0.14*,"
"2.0.15*,"
"2.0.16*,"
"2.0.17*,"
"2.0.18*,"
{ "2.0.13*,"
"2.0.14*,"
"2.0.15*,"
"2.0.16*,"
"2.0.17*,"
"2.0.18*,"
"2.0.19*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
SSH_BUG_PKOK|SSH_BUG_RSASIGMD5|
SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE|
SSH_BUG_DUMMYCHAN },
{ "2.0.11*,"
{ "2.0.11*,"
"2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
SSH_OLD_SESSIONID|SSH_BUG_DEBUG|
SSH_BUG_PKSERVICE|SSH_BUG_X11FWD|
@ -124,7 +124,7 @@ compat_datafellows(const char *version)
{ "1.3.2*", SSH_BUG_IGNOREMSG }, /* f-secure */
{ "*SSH Compatible Server*", /* Netscreen */
SSH_BUG_PASSWORDPAD },
{ "*OSU_0*,"
{ "*OSU_0*,"
"OSU_1.0*,"
"OSU_1.1*,"
"OSU_1.2*,"

14
compress.c
View File

@ -12,7 +12,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: compress.c,v 1.15 2001/09/27 11:58:16 markus Exp $");
RCSID("$OpenBSD: compress.c,v 1.16 2001/12/19 07:18:56 deraadt Exp $");
#include "log.h"
#include "buffer.h"
@ -55,13 +55,13 @@ void
buffer_compress_uninit(void)
{
debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f",
outgoing_stream.total_in, outgoing_stream.total_out,
outgoing_stream.total_in == 0 ? 0.0 :
(double) outgoing_stream.total_out / outgoing_stream.total_in);
outgoing_stream.total_in, outgoing_stream.total_out,
outgoing_stream.total_in == 0 ? 0.0 :
(double) outgoing_stream.total_out / outgoing_stream.total_in);
debug("compress incoming: raw data %lu, compressed %lu, factor %.2f",
incoming_stream.total_out, incoming_stream.total_in,
incoming_stream.total_out == 0 ? 0.0 :
(double) incoming_stream.total_in / incoming_stream.total_out);
incoming_stream.total_out, incoming_stream.total_in,
incoming_stream.total_out == 0 ? 0.0 :
(double) incoming_stream.total_in / incoming_stream.total_out);
if (compress_init_recv_called == 1)
inflateEnd(&incoming_stream);
if (compress_init_send_called == 1)

6
deattack.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: deattack.c,v 1.16 2001/12/05 03:56:39 itojun Exp $ */
/* $OpenBSD: deattack.c,v 1.17 2001/12/19 07:18:56 deraadt Exp $ */
/*
* Cryptographic attack detector for ssh - source code
@ -37,7 +37,7 @@
#define HASH_FACTOR(x) ((x)*3/2)
#define HASH_UNUSEDCHAR (0xff)
#define HASH_UNUSED (0xffff)
#define HASH_IV (0xfffe)
#define HASH_IV (0xfffe)
#define HASH_MINBLOCKS (7*SSH_BLOCKSIZE)
@ -135,7 +135,7 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV)
for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
i = (i + 1) & (n - 1)) {
i = (i + 1) & (n - 1)) {
if (h[i] == HASH_IV) {
if (!CMP(c, IV)) {
if (check_crc(c, buf, len, IV))

8
key.c
View File

@ -32,7 +32,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: key.c,v 1.35 2001/12/05 10:06:12 deraadt Exp $");
RCSID("$OpenBSD: key.c,v 1.36 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/evp.h>
@ -219,7 +219,7 @@ key_fingerprint_hex(u_char* dgst_raw, size_t dgst_raw_len)
retval = xmalloc(dgst_raw_len * 3 + 1);
retval[0] = '\0';
for(i = 0; i < dgst_raw_len; i++) {
for (i = 0; i < dgst_raw_len; i++) {
char hex[4];
snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]);
strlcat(retval, hex, dgst_raw_len * 3);
@ -281,7 +281,7 @@ key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
char *retval = NULL;
u_char *dgst_raw;
size_t dgst_raw_len;
dgst_raw = key_fingerprint_raw(k, dgst_type, &dgst_raw_len);
if (!dgst_raw)
fatal("key_fingerprint: null from key_fingerprint_raw()");
@ -641,7 +641,7 @@ key_names_valid2(const char *names)
return 0;
s = cp = xstrdup(names);
for ((p = strsep(&cp, ",")); p && *p != '\0';
(p = strsep(&cp, ","))) {
(p = strsep(&cp, ","))) {
switch (key_type_from_name(p)) {
case KEY_RSA1:
case KEY_UNSPEC:

4
log.c
View File

@ -34,7 +34,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: log.c,v 1.18 2001/06/26 17:27:23 markus Exp $");
RCSID("$OpenBSD: log.c,v 1.19 2001/12/19 07:18:56 deraadt Exp $");
#include "log.h"
#include "xmalloc.h"
@ -242,7 +242,7 @@ fatal_cleanup(void)
for (cu = fatal_cleanups; cu; cu = next_cu) {
next_cu = cu->next;
debug("Calling cleanup 0x%lx(0x%lx)",
(u_long) cu->proc, (u_long) cu->context);
(u_long) cu->proc, (u_long) cu->context);
(*cu->proc) (cu->context);
}
exit(255);

4
mac.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: mac.c,v 1.2 2001/04/05 10:42:51 markus Exp $");
RCSID("$OpenBSD: mac.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/hmac.h>
@ -99,7 +99,7 @@ mac_valid(const char *names)
return (0);
maclist = cp = xstrdup(names);
for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0';
(p = strsep(&cp, MAC_SEP))) {
(p = strsep(&cp, MAC_SEP))) {
if (mac_init(NULL, p) < 0) {
debug("bad mac %s [%s]", p, names);
xfree(maclist);

12
match.c
View File

@ -35,7 +35,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: match.c,v 1.15 2001/12/05 16:54:51 markus Exp $");
RCSID("$OpenBSD: match.c,v 1.16 2001/12/19 07:18:56 deraadt Exp $");
#include "match.h"
#include "xmalloc.h"
@ -133,10 +133,10 @@ match_pattern_list(const char *string, const char *pattern, u_int len,
* subpattern to lowercase.
*/
for (subi = 0;
i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
subi++, i++)
i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
subi++, i++)
sub[subi] = dolower && isupper(pattern[i]) ?
tolower(pattern[i]) : pattern[i];
tolower(pattern[i]) : pattern[i];
/* If subpattern too long, return failure (no match). */
if (subi >= sizeof(sub) - 1)
return 0;
@ -239,7 +239,7 @@ match_list(const char *client, const char *server, u_int *next)
s = sp = xstrdup(server);
for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0';
(p = strsep(&sp, SEP)), i++) {
(p = strsep(&sp, SEP)), i++) {
if (i < MAX_PROP)
sproposals[i] = p;
else
@ -248,7 +248,7 @@ match_list(const char *client, const char *server, u_int *next)
nproposals = i;
for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0';
(p = strsep(&cp, SEP)), i++) {
(p = strsep(&cp, SEP)), i++) {
for (j = 0; j < nproposals; j++) {
if (strcmp(p, sproposals[j]) == 0) {
ret = xstrdup(p);

6
misc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: misc.c,v 1.13 2001/12/05 10:06:12 deraadt Exp $ */
/* $OpenBSD: misc.c,v 1.14 2001/12/19 07:18:56 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -25,7 +25,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: misc.c,v 1.13 2001/12/05 10:06:12 deraadt Exp $");
RCSID("$OpenBSD: misc.c,v 1.14 2001/12/19 07:18:56 deraadt Exp $");
#include "misc.h"
#include "log.h"
@ -298,7 +298,7 @@ addargs(arglist *args, char *fmt, ...)
if (args->list == NULL) {
args->nalloc = 32;
args->num = 0;
} else if (args->num+2 >= args->nalloc)
} else if (args->num+2 >= args->nalloc)
args->nalloc *= 2;
args->list = xrealloc(args->list, args->nalloc * sizeof(char *));

10
nchan.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: nchan.c,v 1.32 2001/10/10 22:18:47 markus Exp $");
RCSID("$OpenBSD: nchan.c,v 1.33 2001/12/19 07:18:56 deraadt Exp $");
#include "ssh1.h"
#include "ssh2.h"
@ -273,7 +273,7 @@ chan_send_oclose1(Channel *c)
break;
default:
error("channel %d: cannot send oclose for ostate %d",
c->self, c->ostate);
c->self, c->ostate);
break;
}
}
@ -322,7 +322,7 @@ chan_ibuf_empty2(Channel *c)
debug("channel %d: ibuf empty", c->self);
if (buffer_len(&c->input)) {
error("channel %d: chan_ibuf_empty for non empty buffer",
c->self);
c->self);
return;
}
switch (c->istate) {
@ -334,7 +334,7 @@ chan_ibuf_empty2(Channel *c)
break;
default:
error("channel %d: chan_ibuf_empty for istate %d",
c->self, c->istate);
c->self, c->istate);
break;
}
}
@ -458,7 +458,7 @@ chan_is_dead(Channel *c, int send)
debug2("channel %d: active efd: %d len %d type %s",
c->self, c->efd, buffer_len(&c->extended),
c->extended_usage==CHAN_EXTENDED_READ ?
"read": "write");
"read": "write");
} else {
if (!(c->flags & CHAN_CLOSE_SENT)) {
if (send) {

8
packet.c
View File

@ -37,7 +37,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: packet.c,v 1.74 2001/12/05 10:06:12 deraadt Exp $");
RCSID("$OpenBSD: packet.c,v 1.75 2001/12/19 07:18:56 deraadt Exp $");
#include "xmalloc.h"
#include "buffer.h"
@ -380,7 +380,7 @@ packet_send1(void)
buffer_compress(&outgoing_packet, &compression_buffer);
buffer_clear(&outgoing_packet);
buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer),
buffer_len(&compression_buffer));
buffer_len(&compression_buffer));
}
/* Compute packet length without padding (add checksum, remove padding). */
len = buffer_len(&outgoing_packet) + 4 - 8;
@ -414,7 +414,7 @@ packet_send1(void)
buffer_append(&output, buf, 4);
buffer_append_space(&output, &cp, buffer_len(&outgoing_packet));
cipher_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet),
buffer_len(&outgoing_packet));
buffer_len(&outgoing_packet));
#ifdef PACKET_DEBUG
fprintf(stderr, "encrypted: ");
@ -1277,7 +1277,7 @@ packet_send_ignore(int nbytes)
packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE);
packet_put_int(nbytes);
for(i = 0; i < nbytes; i++) {
for (i = 0; i < nbytes; i++) {
if (i % 4 == 0)
rand = arc4random();
packet_put_char(rand & 0xff);

32
readconf.c
View File

@ -12,7 +12,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: readconf.c,v 1.92 2001/11/17 19:14:34 stevesk Exp $");
RCSID("$OpenBSD: readconf.c,v 1.93 2001/12/19 07:18:56 deraadt Exp $");
#include "ssh.h"
#include "xmalloc.h"
@ -115,7 +115,7 @@ typedef enum {
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
oClearAllForwardings, oNoHostAuthenticationForLocalhost
oClearAllForwardings, oNoHostAuthenticationForLocalhost
} OpCodes;
/* Textual representations of the tokens. */
@ -185,8 +185,8 @@ static struct {
{ "hostkeyalgorithms", oHostKeyAlgorithms },
{ "bindaddress", oBindAddress },
{ "smartcarddevice", oSmartcardDevice },
{ "clearallforwardings", oClearAllForwardings },
{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
{ "clearallforwardings", oClearAllForwardings },
{ "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
{ NULL, oBadOption }
};
@ -225,7 +225,7 @@ add_remote_forward(Options *options, u_short port, const char *host,
Forward *fwd;
if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
fatal("Too many remote forwards (max %d).",
SSH_MAX_FORWARDS_PER_DIRECTION);
SSH_MAX_FORWARDS_PER_DIRECTION);
fwd = &options->remote_forwards[options->num_remote_forwards++];
fwd->port = port;
fwd->host = xstrdup(host);
@ -394,7 +394,7 @@ parse_flag:
arg = strdelim(&s);
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing yes/no/ask argument.",
filename, linenum);
filename, linenum);
value = 0; /* To avoid compiler warning... */
if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
value = 1;
@ -436,7 +436,7 @@ parse_flag:
intptr = &options->num_identity_files;
if (*intptr >= SSH_MAX_IDENTITY_FILES)
fatal("%.200s line %d: Too many identity files specified (max %d).",
filename, linenum, SSH_MAX_IDENTITY_FILES);
filename, linenum, SSH_MAX_IDENTITY_FILES);
charptr = &options->identity_files[*intptr];
*charptr = xstrdup(arg);
*intptr = *intptr + 1;
@ -536,7 +536,7 @@ parse_int:
value = cipher_number(arg);
if (value == -1)
fatal("%.200s line %d: Bad cipher '%s'.",
filename, linenum, arg ? arg : "<NONE>");
filename, linenum, arg ? arg : "<NONE>");
if (*activep && *intptr == -1)
*intptr = value;
break;
@ -547,7 +547,7 @@ parse_int:
fatal("%.200s line %d: Missing argument.", filename, linenum);
if (!ciphers_valid(arg))
fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
filename, linenum, arg ? arg : "<NONE>");
filename, linenum, arg ? arg : "<NONE>");
if (*activep && options->ciphers == NULL)
options->ciphers = xstrdup(arg);
break;
@ -558,7 +558,7 @@ parse_int:
fatal("%.200s line %d: Missing argument.", filename, linenum);
if (!mac_valid(arg))
fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
filename, linenum, arg ? arg : "<NONE>");
filename, linenum, arg ? arg : "<NONE>");
if (*activep && options->macs == NULL)
options->macs = xstrdup(arg);
break;
@ -569,7 +569,7 @@ parse_int:
fatal("%.200s line %d: Missing argument.", filename, linenum);
if (!key_names_valid2(arg))
fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",
filename, linenum, arg ? arg : "<NONE>");
filename, linenum, arg ? arg : "<NONE>");
if (*activep && options->hostkeyalgorithms == NULL)
options->hostkeyalgorithms = xstrdup(arg);
break;
@ -582,7 +582,7 @@ parse_int:
value = proto_spec(arg);
if (value == SSH_PROTO_UNKNOWN)
fatal("%.200s line %d: Bad protocol spec '%s'.",
filename, linenum, arg ? arg : "<NONE>");
filename, linenum, arg ? arg : "<NONE>");
if (*activep && *intptr == SSH_PROTO_UNKNOWN)
*intptr = value;
break;
@ -593,7 +593,7 @@ parse_int:
value = log_level_number(arg);
if (value == (LogLevel) - 1)
fatal("%.200s line %d: unsupported log level '%s'",
filename, linenum, arg ? arg : "<NONE>");
filename, linenum, arg ? arg : "<NONE>");
if (*activep && (LogLevel) * intptr == -1)
*intptr = (LogLevel) value;
break;
@ -670,7 +670,7 @@ parse_int:
value = SSH_ESCAPECHAR_NONE;
else {
fatal("%.200s line %d: Bad escape character.",
filename, linenum);
filename, linenum);
/* NOTREACHED */
value = 0; /* Avoid compiler warning. */
}
@ -685,7 +685,7 @@ parse_int:
/* Check that there is no garbage at end of line. */
if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
filename, linenum, arg);
filename, linenum, arg);
}
return 0;
}
@ -727,7 +727,7 @@ read_config_file(const char *filename, const char *host, Options *options)
fclose(f);
if (bad_options > 0)
fatal("%s: terminating, %d bad configuration options",
filename, bad_options);
filename, bad_options);
return 1;
}

351
rijndael.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rijndael.c,v 1.12 2001/09/13 09:48:39 markus Exp $ */
/* $OpenBSD: rijndael.c,v 1.13 2001/12/19 07:18:56 deraadt Exp $ */
/**
* rijndael-alg-fst.c
@ -775,32 +775,31 @@ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int
rk[6] = GETU32(cipherKey + 24);
rk[7] = GETU32(cipherKey + 28);
if (keyBits == 256) {
for (;;) {
temp = rk[ 7];
rk[ 8] = rk[ 0] ^
(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
(Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
(Te4[(temp ) & 0xff] & 0x0000ff00) ^
(Te4[(temp >> 24) ] & 0x000000ff) ^
rcon[i];
rk[ 9] = rk[ 1] ^ rk[ 8];
rk[10] = rk[ 2] ^ rk[ 9];
rk[11] = rk[ 3] ^ rk[10];
if (++i == 7) {
return 14;
}
temp = rk[11];
rk[12] = rk[ 4] ^
(Te4[(temp >> 24) ] & 0xff000000) ^
(Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
(Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^
(Te4[(temp ) & 0xff] & 0x000000ff);
rk[13] = rk[ 5] ^ rk[12];
rk[14] = rk[ 6] ^ rk[13];
rk[15] = rk[ 7] ^ rk[14];
for (;;) {
temp = rk[ 7];
rk[ 8] = rk[ 0] ^
(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
(Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^
(Te4[(temp ) & 0xff] & 0x0000ff00) ^
(Te4[(temp >> 24) ] & 0x000000ff) ^
rcon[i];
rk[ 9] = rk[ 1] ^ rk[ 8];
rk[10] = rk[ 2] ^ rk[ 9];
rk[11] = rk[ 3] ^ rk[10];
if (++i == 7) {
return 14;
}
temp = rk[11];
rk[12] = rk[ 4] ^
(Te4[(temp >> 24) ] & 0xff000000) ^
(Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^
(Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^
(Te4[(temp ) & 0xff] & 0x000000ff);
rk[13] = rk[ 5] ^ rk[12];
rk[14] = rk[ 6] ^ rk[13];
rk[15] = rk[ 7] ^ rk[14];
rk += 8;
}
}
}
return 0;
}
@ -917,28 +916,28 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16
t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
if (Nr > 10) {
/* round 10: */
s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
/* round 11: */
t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
if (Nr > 12) {
/* round 12: */
s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
/* round 13: */
t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
}
/* round 10: */
s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
/* round 11: */
t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
if (Nr > 12) {
/* round 12: */
s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
/* round 13: */
t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
}
}
rk += Nr << 2;
#else /* !FULL_UNROLL */
@ -947,60 +946,60 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16
*/
r = Nr >> 1;
for (;;) {
t0 =
Te0[(s0 >> 24) ] ^
Te1[(s1 >> 16) & 0xff] ^
Te2[(s2 >> 8) & 0xff] ^
Te3[(s3 ) & 0xff] ^
rk[4];
t1 =
Te0[(s1 >> 24) ] ^
Te1[(s2 >> 16) & 0xff] ^
Te2[(s3 >> 8) & 0xff] ^
Te3[(s0 ) & 0xff] ^
rk[5];
t2 =
Te0[(s2 >> 24) ] ^
Te1[(s3 >> 16) & 0xff] ^
Te2[(s0 >> 8) & 0xff] ^
Te3[(s1 ) & 0xff] ^
rk[6];
t3 =
Te0[(s3 >> 24) ] ^
Te1[(s0 >> 16) & 0xff] ^
Te2[(s1 >> 8) & 0xff] ^
Te3[(s2 ) & 0xff] ^
rk[7];
t0 =
Te0[(s0 >> 24) ] ^
Te1[(s1 >> 16) & 0xff] ^
Te2[(s2 >> 8) & 0xff] ^
Te3[(s3 ) & 0xff] ^
rk[4];
t1 =
Te0[(s1 >> 24) ] ^
Te1[(s2 >> 16) & 0xff] ^
Te2[(s3 >> 8) & 0xff] ^
Te3[(s0 ) & 0xff] ^
rk[5];
t2 =
Te0[(s2 >> 24) ] ^
Te1[(s3 >> 16) & 0xff] ^
Te2[(s0 >> 8) & 0xff] ^
Te3[(s1 ) & 0xff] ^
rk[6];
t3 =
Te0[(s3 >> 24) ] ^
Te1[(s0 >> 16) & 0xff] ^
Te2[(s1 >> 8) & 0xff] ^
Te3[(s2 ) & 0xff] ^
rk[7];
rk += 8;
if (--r == 0) {
break;
}
rk += 8;
if (--r == 0) {
break;
}
s0 =
Te0[(t0 >> 24) ] ^
Te1[(t1 >> 16) & 0xff] ^
Te2[(t2 >> 8) & 0xff] ^
Te3[(t3 ) & 0xff] ^
rk[0];
s1 =
Te0[(t1 >> 24) ] ^
Te1[(t2 >> 16) & 0xff] ^
Te2[(t3 >> 8) & 0xff] ^
Te3[(t0 ) & 0xff] ^
rk[1];
s2 =
Te0[(t2 >> 24) ] ^
Te1[(t3 >> 16) & 0xff] ^
Te2[(t0 >> 8) & 0xff] ^
Te3[(t1 ) & 0xff] ^
rk[2];
s3 =
Te0[(t3 >> 24) ] ^
Te1[(t0 >> 16) & 0xff] ^
Te2[(t1 >> 8) & 0xff] ^
Te3[(t2 ) & 0xff] ^
rk[3];
s0 =
Te0[(t0 >> 24) ] ^
Te1[(t1 >> 16) & 0xff] ^
Te2[(t2 >> 8) & 0xff] ^
Te3[(t3 ) & 0xff] ^
rk[0];
s1 =
Te0[(t1 >> 24) ] ^
Te1[(t2 >> 16) & 0xff] ^
Te2[(t3 >> 8) & 0xff] ^
Te3[(t0 ) & 0xff] ^
rk[1];
s2 =
Te0[(t2 >> 24) ] ^
Te1[(t3 >> 16) & 0xff] ^
Te2[(t0 >> 8) & 0xff] ^
Te3[(t1 ) & 0xff] ^
rk[2];
s3 =
Te0[(t3 >> 24) ] ^
Te1[(t0 >> 16) & 0xff] ^
Te2[(t1 >> 8) & 0xff] ^
Te3[(t2 ) & 0xff] ^
rk[3];
}
#endif /* ?FULL_UNROLL */
/*
@ -1098,28 +1097,28 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
if (Nr > 10) {
/* round 10: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
/* round 11: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
if (Nr > 12) {
/* round 12: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
/* round 13: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
}
/* round 10: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
/* round 11: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
if (Nr > 12) {
/* round 12: */
s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
/* round 13: */
t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
}
}
rk += Nr << 2;
#else /* !FULL_UNROLL */
@ -1128,60 +1127,60 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16
*/
r = Nr >> 1;
for (;;) {
t0 =
Td0[(s0 >> 24) ] ^
Td1[(s3 >> 16) & 0xff] ^
Td2[(s2 >> 8) & 0xff] ^
Td3[(s1 ) & 0xff] ^
rk[4];
t1 =
Td0[(s1 >> 24) ] ^
Td1[(s0 >> 16) & 0xff] ^
Td2[(s3 >> 8) & 0xff] ^
Td3[(s2 ) & 0xff] ^
rk[5];
t2 =
Td0[(s2 >> 24) ] ^
Td1[(s1 >> 16) & 0xff] ^
Td2[(s0 >> 8) & 0xff] ^
Td3[(s3 ) & 0xff] ^
rk[6];
t3 =
Td0[(s3 >> 24) ] ^
Td1[(s2 >> 16) & 0xff] ^
Td2[(s1 >> 8) & 0xff] ^
Td3[(s0 ) & 0xff] ^
rk[7];
t0 =
Td0[(s0 >> 24) ] ^
Td1[(s3 >> 16) & 0xff] ^
Td2[(s2 >> 8) & 0xff] ^
Td3[(s1 ) & 0xff] ^
rk[4];
t1 =
Td0[(s1 >> 24) ] ^
Td1[(s0 >> 16) & 0xff] ^
Td2[(s3 >> 8) & 0xff] ^
Td3[(s2 ) & 0xff] ^
rk[5];
t2 =
Td0[(s2 >> 24) ] ^
Td1[(s1 >> 16) & 0xff] ^
Td2[(s0 >> 8) & 0xff] ^
Td3[(s3 ) & 0xff] ^
rk[6];
t3 =
Td0[(s3 >> 24) ] ^
Td1[(s2 >> 16) & 0xff] ^
Td2[(s1 >> 8) & 0xff] ^
Td3[(s0 ) & 0xff] ^
rk[7];
rk += 8;
if (--r == 0) {
break;
}
rk += 8;
if (--r == 0) {
break;
}
s0 =
Td0[(t0 >> 24) ] ^
Td1[(t3 >> 16) & 0xff] ^
Td2[(t2 >> 8) & 0xff] ^
Td3[(t1 ) & 0xff] ^
rk[0];
s1 =
Td0[(t1 >> 24) ] ^
Td1[(t0 >> 16) & 0xff] ^
Td2[(t3 >> 8) & 0xff] ^
Td3[(t2 ) & 0xff] ^
rk[1];
s2 =
Td0[(t2 >> 24) ] ^
Td1[(t1 >> 16) & 0xff] ^
Td2[(t0 >> 8) & 0xff] ^
Td3[(t3 ) & 0xff] ^
rk[2];
s3 =
Td0[(t3 >> 24) ] ^
Td1[(t2 >> 16) & 0xff] ^
Td2[(t1 >> 8) & 0xff] ^
Td3[(t0 ) & 0xff] ^
rk[3];
s0 =
Td0[(t0 >> 24) ] ^
Td1[(t3 >> 16) & 0xff] ^
Td2[(t2 >> 8) & 0xff] ^
Td3[(t1 ) & 0xff] ^
rk[0];
s1 =
Td0[(t1 >> 24) ] ^
Td1[(t0 >> 16) & 0xff] ^
Td2[(t3 >> 8) & 0xff] ^
Td3[(t2 ) & 0xff] ^
rk[1];
s2 =
Td0[(t2 >> 24) ] ^
Td1[(t1 >> 16) & 0xff] ^
Td2[(t0 >> 8) & 0xff] ^
Td3[(t3 ) & 0xff] ^
rk[2];
s3 =
Td0[(t3 >> 24) ] ^
Td1[(t2 >> 16) & 0xff] ^
Td2[(t1 >> 8) & 0xff] ^
Td3[(t0 ) & 0xff] ^
rk[3];
}
#endif /* ?FULL_UNROLL */
/*
@ -1222,13 +1221,13 @@ void
rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int encrypt)
{
ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits);
if (encrypt) {
if (encrypt) {
ctx->decrypt = 0;
memset(ctx->dk, 0, sizeof(ctx->dk));
} else {
ctx->decrypt = 1;
memcpy(ctx->dk, ctx->ek, sizeof(ctx->ek));
rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr);
rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr);
}
}

6
rijndael.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rijndael.h,v 1.11 2001/09/13 09:48:39 markus Exp $ */
/* $OpenBSD: rijndael.h,v 1.12 2001/12/19 07:18:56 deraadt Exp $ */
/**
* rijndael-alg-fst.h
@ -32,8 +32,8 @@
#define MAXKB (256/8)
#define MAXNR 14
typedef unsigned char u8;
typedef unsigned short u16;
typedef unsigned char u8;
typedef unsigned short u16;
typedef unsigned int u32;
/* The structure for key information */

16
scard.c
View File

@ -24,7 +24,7 @@
#include "includes.h"
#ifdef SMARTCARD
RCSID("$OpenBSD: scard.c,v 1.15 2001/09/28 09:49:31 djm Exp $");
RCSID("$OpenBSD: scard.c,v 1.16 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/engine.h>
#include <sectok.h>
@ -48,7 +48,7 @@ static int cla = 0x00; /* class */
/* interface to libsectok */
static int
static int
sc_open(void)
{
int sw;
@ -79,7 +79,7 @@ sc_open(void)
return sc_fd;
}
static int
static int
sc_enable_applet(void)
{
static u_char aid[] = {0xfc, 0x53, 0x73, 0x68, 0x2e, 0x62, 0x69, 0x6e};
@ -95,7 +95,7 @@ sc_enable_applet(void)
return 0;
}
static int
static int
sc_init(void)
{
int status;
@ -115,7 +115,7 @@ sc_init(void)
return 0;
}
static int
static int
sc_read_pubkey(Key * k)
{
u_char buf[2], *n;
@ -133,7 +133,7 @@ sc_read_pubkey(Key * k)
/* get key size */
sectok_apdu(sc_fd, CLA_SSH, INS_GET_KEYLENGTH, 0, 0, 0, NULL,
sizeof(buf), buf, &sw);
sizeof(buf), buf, &sw);
if (!sectok_swOK(sw)) {
error("could not obtain key length: %s", sectok_get_sw(sw));
goto err;
@ -204,7 +204,7 @@ sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding)
goto err;
}
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL,
len, padded, &sw);
len, padded, &sw);
if (!sectok_swOK(sw)) {
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s",
sectok_get_sw(sw));
@ -249,7 +249,7 @@ sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding)
goto err;
}
sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL,
len, to, &sw);
len, to, &sw);
if (!sectok_swOK(sw)) {
error("sc_private_decrypt: INS_GET_RESPONSE failed: %s",
sectok_get_sw(sw));

20
servconf.c
View File

@ -10,7 +10,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: servconf.c,v 1.94 2001/12/06 13:30:05 markus Exp $");
RCSID("$OpenBSD: servconf.c,v 1.95 2001/12/19 07:18:56 deraadt Exp $");
#if defined(KRB4) || defined(KRB5)
#include <krb.h>
@ -190,7 +190,7 @@ fill_default_server_options(ServerOptions *options)
if (options->kerberos_tgt_passing == -1)
options->kerberos_tgt_passing = 0;
#endif
#ifdef AFS
#ifdef AFS
if (options->afs_token_passing == -1)
options->afs_token_passing = k_hasafs();
#endif
@ -217,7 +217,7 @@ fill_default_server_options(ServerOptions *options)
if (options->reverse_mapping_check == -1)
options->reverse_mapping_check = 0;
if (options->client_alive_interval == -1)
options->client_alive_interval = 0;
options->client_alive_interval = 0;
if (options->client_alive_count_max == -1)
options->client_alive_count_max = 3;
if (options->authorized_keys_file2 == NULL) {
@ -259,7 +259,7 @@ typedef enum {
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
sBanner, sReverseMappingCheck, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
sDeprecated
} ServerOpCodes;
@ -772,7 +772,7 @@ parse_flag:
value = proto_spec(arg);
if (value == SSH_PROTO_UNKNOWN)
fatal("%s line %d: Bad protocol spec '%s'.",
filename, linenum, arg ? arg : "<NONE>");
filename, linenum, arg ? arg : "<NONE>");
if (*intptr == SSH_PROTO_UNKNOWN)
*intptr = value;
break;
@ -780,21 +780,21 @@ parse_flag:
case sSubsystem:
if (options->num_subsystems >= MAX_SUBSYSTEMS) {
fatal("%s line %d: too many subsystems defined.",
filename, linenum);
filename, linenum);
}
arg = strdelim(&cp);
if (!arg || *arg == '\0')
fatal("%s line %d: Missing subsystem name.",
filename, linenum);
filename, linenum);
for (i = 0; i < options->num_subsystems; i++)
if (strcmp(arg, options->subsystem_name[i]) == 0)
fatal("%s line %d: Subsystem '%s' already defined.",
filename, linenum, arg);
filename, linenum, arg);
options->subsystem_name[options->num_subsystems] = xstrdup(arg);
arg = strdelim(&cp);
if (!arg || *arg == '\0')
fatal("%s line %d: Missing subsystem command.",
filename, linenum);
filename, linenum);
options->subsystem_command[options->num_subsystems] = xstrdup(arg);
options->num_subsystems++;
break;
@ -803,7 +803,7 @@ parse_flag:
arg = strdelim(&cp);
if (!arg || *arg == '\0')
fatal("%s line %d: Missing MaxStartups spec.",
filename, linenum);
filename, linenum);
if ((n = sscanf(arg, "%d:%d:%d",
&options->max_startups_begin,
&options->max_startups_rate,

8
servconf.h
View File

@ -11,7 +11,7 @@
* called by a name other than "ssh" or "Secure Shell".
*/
/* RCSID("$OpenBSD: servconf.h,v 1.50 2001/12/06 13:30:05 markus Exp $"); */
/* RCSID("$OpenBSD: servconf.h,v 1.51 2001/12/19 07:18:56 deraadt Exp $"); */
#ifndef SERVCONF_H
#define SERVCONF_H
@ -117,13 +117,13 @@ typedef struct {
char *banner; /* SSH-2 banner message */
int reverse_mapping_check; /* cross-check ip and dns */
int client_alive_interval; /*
* poke the client this often to
* see if it's still there
* poke the client this often to
* see if it's still there
*/
int client_alive_count_max; /*
* If the client is unresponsive
* for this many intervals above,
* disconnect the session
* disconnect the session
*/
char *authorized_keys_file; /* File containing public keys */

12
serverloop.c
View File

@ -35,7 +35,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: serverloop.c,v 1.85 2001/12/05 03:50:01 itojun Exp $");
RCSID("$OpenBSD: serverloop.c,v 1.86 2001/12/19 07:18:56 deraadt Exp $");
#include "xmalloc.h"
#include "packet.h"
@ -195,12 +195,12 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
int client_alive_scheduled = 0;
/*
* if using client_alive, set the max timeout accordingly,
* if using client_alive, set the max timeout accordingly,
* and indicate that this particular timeout was for client
* alive by setting the client_alive_scheduled flag.
*
* this could be randomized somewhat to make traffic
* analysis more difficult, but we're not doing it yet.
* analysis more difficult, but we're not doing it yet.
*/
if (compat20 &&
max_time_milliseconds == 0 && options.client_alive_interval) {
@ -598,7 +598,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
drain_output();
debug("End of interactive session; stdin %ld, stdout (read %ld, sent %ld), stderr %ld bytes.",
stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes);
stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes);
/* Free and clear the buffers. */
buffer_free(&stdin_buffer);
@ -738,12 +738,12 @@ static void
server_input_channel_failure(int type, int plen, void *ctxt)
{
debug("Got CHANNEL_FAILURE for keepalive");
/*
/*
* reset timeout, since we got a sane answer from the client.
* even if this was generated by something other than
* the bogus CHANNEL_REQUEST we send for keepalives.
*/
client_alive_timeouts = 0;
client_alive_timeouts = 0;
}

46
session.c
View File

@ -33,7 +33,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: session.c,v 1.111 2001/12/06 18:09:23 stevesk Exp $");
RCSID("$OpenBSD: session.c,v 1.112 2001/12/19 07:18:56 deraadt Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -258,7 +258,7 @@ do_authenticated1(Authctxt *authctxt)
compression_level = packet_get_int();
if (compression_level < 1 || compression_level > 9) {
packet_send_debug("Received illegal compression level %d.",
compression_level);
compression_level);
break;
}
/* Enable compression after we have responded with SUCCESS. */
@ -323,7 +323,7 @@ do_authenticated1(Authctxt *authctxt)
if (packet_set_maxsize(packet_get_int()) > 0)
success = 1;
break;
#if defined(AFS) || defined(KRB5)
case SSH_CMSG_HAVE_KERBEROS_TGT:
if (!options.kerberos_tgt_passing) {
@ -331,14 +331,14 @@ do_authenticated1(Authctxt *authctxt)
} else {
char *kdata = packet_get_string(&dlen);
packet_integrity_check(plen, 4 + dlen, type);
/* XXX - 0x41, see creds_to_radix version */
if (kdata[0] != 0x41) {
#ifdef KRB5
krb5_data tgt;
tgt.data = kdata;
tgt.length = dlen;
if (auth_krb5_tgt(s->authctxt, &tgt))
success = 1;
else
@ -356,7 +356,7 @@ do_authenticated1(Authctxt *authctxt)
}
break;
#endif /* AFS || KRB5 */
#ifdef AFS
case SSH_CMSG_HAVE_AFS_TOKEN:
if (!options.afs_token_passing || !k_hasafs()) {
@ -365,7 +365,7 @@ do_authenticated1(Authctxt *authctxt)
/* Accept AFS token. */
char *token = packet_get_string(&dlen);
packet_integrity_check(plen, 4 + dlen, type);
if (auth_afs_token(s->authctxt, token))
success = 1;
else
@ -649,7 +649,7 @@ do_pre_login(Session *s)
if (packet_connection_is_on_socket()) {
fromlen = sizeof(from);
if (getpeername(packet_get_connection_in(),
(struct sockaddr *) & from, &fromlen) < 0) {
(struct sockaddr *) & from, &fromlen) < 0) {
debug("getpeername: %.100s", strerror(errno));
fatal_cleanup();
}
@ -811,7 +811,7 @@ check_quietlogin(Session *s, const char *command)
*/
static void
child_set_env(char ***envp, u_int *envsizep, const char *name,
const char *value)
const char *value)
{
u_int i, namelen;
char **env;
@ -852,7 +852,7 @@ child_set_env(char ***envp, u_int *envsizep, const char *name,
*/
static void
read_environment_file(char ***env, u_int *envsize,
const char *filename)
const char *filename)
{
FILE *f;
char buf[4096];
@ -1304,7 +1304,7 @@ do_child(Session *s, const char *command)
if (auth_get_socket_name() != NULL)
child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
auth_get_socket_name());
auth_get_socket_name());
/* read $HOME/.ssh/environment. */
if (!options.use_login) {
@ -1367,10 +1367,10 @@ do_child(Session *s, const char *command)
/* Try to get AFS tokens for the local cell. */
if (k_hasafs()) {
char cell[64];
if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0)
krb_afslog(cell, 0);
krb_afslog(0, 0);
}
#endif /* AFS */
@ -1487,9 +1487,9 @@ do_child(Session *s, const char *command)
execl(LOGIN_PROGRAM, "login", "-h", hostname,
#ifdef LOGIN_NEEDS_TERM
s->term? s->term : "unknown",
s->term? s->term : "unknown",
#endif
"-p", "-f", "--", pw->pw_name, (char *)NULL);
"-p", "-f", "--", pw->pw_name, (char *)NULL);
/* Login couldn't be executed, die. */
@ -1517,12 +1517,12 @@ session_new(void)
static int did_init = 0;
if (!did_init) {
debug("session_new: init");
for(i = 0; i < MAX_SESSIONS; i++) {
for (i = 0; i < MAX_SESSIONS; i++) {
sessions[i].used = 0;
}
did_init = 1;
}
for(i = 0; i < MAX_SESSIONS; i++) {
for (i = 0; i < MAX_SESSIONS; i++) {
Session *s = &sessions[i];
if (! s->used) {
memset(s, 0, sizeof(*s));
@ -1542,7 +1542,7 @@ static void
session_dump(void)
{
int i;
for(i = 0; i < MAX_SESSIONS; i++) {
for (i = 0; i < MAX_SESSIONS; i++) {
Session *s = &sessions[i];
debug("dump: used %d session %d %p channel %d pid %d",
s->used,
@ -1575,7 +1575,7 @@ static Session *
session_by_channel(int id)
{
int i;
for(i = 0; i < MAX_SESSIONS; i++) {
for (i = 0; i < MAX_SESSIONS; i++) {
Session *s = &sessions[i];
if (s->used && s->chanid == id) {
debug("session_by_channel: session %d channel %d", i, id);
@ -1592,7 +1592,7 @@ session_by_pid(pid_t pid)
{
int i;
debug("session_by_pid: pid %d", pid);
for(i = 0; i < MAX_SESSIONS; i++) {
for (i = 0; i < MAX_SESSIONS; i++) {
Session *s = &sessions[i];
if (s->used && s->pid == pid)
return s;
@ -2001,9 +2001,9 @@ void
session_destroy_all(void)
{
int i;
for(i = 0; i < MAX_SESSIONS; i++) {
for (i = 0; i < MAX_SESSIONS; i++) {
Session *s = &sessions[i];
if (s->used)
if (s->used)
session_close(s);
}
}
@ -2014,7 +2014,7 @@ session_tty_list(void)
static char buf[1024];
int i;
buf[0] = '\0';
for(i = 0; i < MAX_SESSIONS; i++) {
for (i = 0; i < MAX_SESSIONS; i++) {
Session *s = &sessions[i];
if (s->used && s->ttyfd != -1) {
if (buf[0] != '\0')

17
sftp-client.c
View File

@ -29,7 +29,7 @@
/* XXX: copy between two remote sites */
#include "includes.h"
RCSID("$OpenBSD: sftp-client.c,v 1.18 2001/07/14 15:10:16 stevesk Exp $");
RCSID("$OpenBSD: sftp-client.c,v 1.19 2001/12/19 07:18:56 deraadt Exp $");
#include "buffer.h"
#include "bufaux.h"
@ -308,9 +308,8 @@ do_lsreaddir(int fd_in, int fd_out, char *path, int printflag,
*dir = xmalloc(sizeof(**dir));
(*dir)[0] = NULL;
}
for(;;) {
for (;;) {
int count;
id = expected_id = msg_id++;
@ -356,7 +355,7 @@ do_lsreaddir(int fd_in, int fd_out, char *path, int printflag,
if (count == 0)
break;
debug3("Received %d SSH2_FXP_NAME responses", count);
for(i = 0; i < count; i++) {
for (i = 0; i < count; i++) {
char *filename, *longname;
Attrib *a;
@ -404,8 +403,8 @@ do_readdir(int fd_in, int fd_out, char *path, SFTP_DIRENT ***dir)
void free_sftp_dirents(SFTP_DIRENT **s)
{
int i;
for(i = 0; s[i]; i++) {
for (i = 0; s[i]; i++) {
xfree(s[i]->filename);
xfree(s[i]->longname);
xfree(s[i]);
@ -726,7 +725,7 @@ do_download(int fd_in, int fd_out, char *remote_path, char *local_path,
/* Read from remote and write to local */
offset = 0;
for(;;) {
for (;;) {
u_int len;
char *data;
@ -758,7 +757,7 @@ do_download(int fd_in, int fd_out, char *remote_path, char *local_path,
else {
error("Couldn't read from remote "
"file \"%s\" : %s", remote_path,
fx2txt(status));
fx2txt(status));
do_close(fd_in, fd_out, handle, handle_len);
goto done;
}
@ -868,7 +867,7 @@ do_upload(int fd_in, int fd_out, char *local_path, char *remote_path,
/* Read from local and write to remote */
offset = 0;
for(;;) {
for (;;) {
int len;
char data[COPY_SIZE];

22
sftp-glob.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sftp-glob.c,v 1.8 2001/07/14 15:10:17 stevesk Exp $");
RCSID("$OpenBSD: sftp-glob.c,v 1.9 2001/12/19 07:18:56 deraadt Exp $");
#include "buffer.h"
#include "bufaux.h"
@ -49,9 +49,9 @@ static void *
fudge_opendir(const char *path)
{
struct SFTP_OPENDIR *r;
r = xmalloc(sizeof(*r));
if (do_readdir(cur.fd_in, cur.fd_out, (char*)path, &r->dir))
return(NULL);
@ -110,7 +110,7 @@ static void
attrib_to_stat(Attrib *a, struct stat *st)
{
memset(st, 0, sizeof(*st));
if (a->flags & SSH2_FILEXFER_ATTR_SIZE)
st->st_size = a->size;
if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
@ -129,12 +129,12 @@ static int
fudge_lstat(const char *path, struct stat *st)
{
Attrib *a;
if (!(a = do_lstat(cur.fd_in, cur.fd_out, (char*)path, 0)))
return(-1);
attrib_to_stat(a, st);
return(0);
}
@ -142,12 +142,12 @@ static int
fudge_stat(const char *path, struct stat *st)
{
Attrib *a;
if (!(a = do_stat(cur.fd_in, cur.fd_out, (char*)path, 0)))
return(-1);
attrib_to_stat(a, st);
return(0);
}
@ -160,7 +160,7 @@ remote_glob(int fd_in, int fd_out, const char *pattern, int flags,
pglob->gl_closedir = (void (*)(void *))fudge_closedir;
pglob->gl_lstat = fudge_lstat;
pglob->gl_stat = fudge_stat;
memset(&cur, 0, sizeof(cur));
cur.fd_in = fd_in;
cur.fd_out = fd_out;

20
sftp-int.c
View File

@ -26,7 +26,7 @@
/* XXX: recursive operations */
#include "includes.h"
RCSID("$OpenBSD: sftp-int.c,v 1.40 2001/08/14 09:23:02 markus Exp $");
RCSID("$OpenBSD: sftp-int.c,v 1.41 2001/12/19 07:18:56 deraadt Exp $");
#include "buffer.h"
#include "xmalloc.h"
@ -205,7 +205,7 @@ path_append(char *p1, char *p2)
ret = xmalloc(len);
strlcpy(ret, p1, len);
if (strcmp(p1, "/") != 0)
if (strcmp(p1, "/") != 0)
strlcat(ret, "/", len);
strlcat(ret, p2, len);
@ -393,7 +393,7 @@ process_get(int in, int out, char *src, char *dst, char *pwd, int pflag)
goto out;
}
for(i = 0; g.gl_pathv[i]; i++) {
for (i = 0; g.gl_pathv[i]; i++) {
if (infer_path(g.gl_pathv[i], &tmp)) {
err = -1;
goto out;
@ -475,7 +475,7 @@ process_put(int in, int out, char *src, char *dst, char *pwd, int pflag)
goto out;
}
for(i = 0; g.gl_pathv[i]; i++) {
for (i = 0; g.gl_pathv[i]; i++) {
if (infer_path(g.gl_pathv[i], &tmp)) {
err = -1;
goto out;
@ -517,7 +517,7 @@ parse_args(const char **cpp, int *pflag, unsigned long *n_arg,
return(-1);
/* Figure out which command we have */
for(i = 0; cmds[i].c; i++) {
for (i = 0; cmds[i].c; i++) {
int cmdlen = strlen(cmds[i].c);
/* Check for command followed by whitespace */
@ -688,7 +688,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd)
case I_RM:
path1 = make_absolute(path1, *pwd);
remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g);
for(i = 0; g.gl_pathv[i]; i++) {
for (i = 0; g.gl_pathv[i]; i++) {
printf("Removing %s\n", g.gl_pathv[i]);
if (do_rm(in, out, g.gl_pathv[i]) == -1)
err = -1;
@ -781,7 +781,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd)
a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS;
a.perm = n_arg;
remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g);
for(i = 0; g.gl_pathv[i]; i++) {
for (i = 0; g.gl_pathv[i]; i++) {
printf("Changing mode on %s\n", g.gl_pathv[i]);
do_setstat(in, out, g.gl_pathv[i], &a);
}
@ -789,7 +789,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd)
case I_CHOWN:
path1 = make_absolute(path1, *pwd);
remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g);
for(i = 0; g.gl_pathv[i]; i++) {
for (i = 0; g.gl_pathv[i]; i++) {
if (!(aa = do_stat(in, out, g.gl_pathv[i], 0)))
continue;
if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) {
@ -806,7 +806,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd)
case I_CHGRP:
path1 = make_absolute(path1, *pwd);
remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g);
for(i = 0; g.gl_pathv[i]; i++) {
for (i = 0; g.gl_pathv[i]; i++) {
if (!(aa = do_stat(in, out, g.gl_pathv[i], 0)))
continue;
if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) {
@ -899,7 +899,7 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2)
setlinebuf(infile);
#endif
for(;;) {
for (;;) {
char *cp;
printf("sftp> ");

10
sftp-server.c
View File

@ -22,7 +22,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: sftp-server.c,v 1.30 2001/07/31 12:42:50 jakob Exp $");
RCSID("$OpenBSD: sftp-server.c,v 1.31 2001/12/19 07:18:56 deraadt Exp $");
#include "buffer.h"
#include "bufaux.h"
@ -144,7 +144,7 @@ handle_init(void)
{
int i;
for(i = 0; i < sizeof(handles)/sizeof(Handle); i++)
for (i = 0; i < sizeof(handles)/sizeof(Handle); i++)
handles[i].use = HANDLE_UNUSED;
}
@ -153,7 +153,7 @@ handle_new(int use, char *name, int fd, DIR *dirp)
{
int i;
for(i = 0; i < sizeof(handles)/sizeof(Handle); i++) {
for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) {
if (handles[i].use == HANDLE_UNUSED) {
handles[i].use = use;
handles[i].dirp = dirp;
@ -771,7 +771,7 @@ process_readdir(void)
}
if (count > 0) {
send_names(id, count, stats);
for(i = 0; i < count; i++) {
for (i = 0; i < count; i++) {
xfree(stats[i].name);
xfree(stats[i].long_name);
}
@ -897,7 +897,7 @@ process_readlink(void)
send_status(id, errno_to_portable(errno));
else {
Stat s;
link[len] = '\0';
attrib_clear(&s.attrib);
s.name = s.long_name = link;

6
sftp.c
View File

@ -24,7 +24,7 @@
#include "includes.h"
RCSID("$OpenBSD: sftp.c,v 1.21 2001/09/19 19:24:19 stevesk Exp $");
RCSID("$OpenBSD: sftp.c,v 1.22 2001/12/19 07:18:56 deraadt Exp $");
/* XXX: commandline mode */
/* XXX: short-form remote directory listings (like 'ls -C') */
@ -114,7 +114,7 @@ main(int argc, char **argv)
__progname = get_progname(argv[0]);
args.list = NULL;
addargs(&args, "ssh"); /* overwritten with ssh_program */
addargs(&args, "ssh"); /* overwritten with ssh_program */
addargs(&args, "-oFallBackToRsh no");
addargs(&args, "-oForwardX11 no");
addargs(&args, "-oForwardAgent no");
@ -195,7 +195,7 @@ main(int argc, char **argv)
addargs(&args, "-oProtocol %d", sshver);
/* no subsystem if the server-spec contains a '/' */
if (sftp_server == NULL || strchr(sftp_server, '/') == NULL)
if (sftp_server == NULL || strchr(sftp_server, '/') == NULL)
addargs(&args, "-s");
addargs(&args, "%s", host);

18
ssh-add.c
View File

@ -35,7 +35,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ssh-add.c,v 1.46 2001/10/02 08:38:50 djm Exp $");
RCSID("$OpenBSD: ssh-add.c,v 1.47 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/evp.h>
@ -90,7 +90,7 @@ delete_file(AuthenticationConnection *ac, const char *filename)
key_free(public);
xfree(comment);
return ret;
}
@ -160,7 +160,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
xfree(comment);
key_free(private);
return ret;
}
@ -169,11 +169,11 @@ update_card(AuthenticationConnection *ac, int add, const char *id)
{
if (ssh_update_card(ac, add, id)) {
fprintf(stderr, "Card %s: %s\n",
add ? "added" : "removed", id);
add ? "added" : "removed", id);
return 0;
} else {
fprintf(stderr, "Could not %s card: %s\n",
add ? "add" : "remove", id);
add ? "add" : "remove", id);
return -1;
}
}
@ -188,8 +188,8 @@ list_identities(AuthenticationConnection *ac, int do_fp)
for (version = 1; version <= 2; version++) {
for (key = ssh_get_first_identity(ac, &comment, version);
key != NULL;
key = ssh_get_next_identity(ac, &comment, version)) {
key != NULL;
key = ssh_get_next_identity(ac, &comment, version)) {
had_identities = 1;
if (do_fp) {
fp = key_fingerprint(key, SSH_FP_MD5,
@ -248,7 +248,7 @@ main(int argc, char **argv)
fprintf(stderr, "Could not open a connection to your authentication agent.\n");
exit(1);
}
while ((ch = getopt(argc, argv, "lLdDe:s:")) != -1) {
while ((ch = getopt(argc, argv, "lLdDe:s:")) != -1) {
switch (ch) {
case 'l':
case 'L':
@ -267,7 +267,7 @@ main(int argc, char **argv)
sc_reader_id = optarg;
break;
case 'e':
deleting = 1;
deleting = 1;
sc_reader_id = optarg;
break;
default:

10
ssh-agent.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-agent.c,v 1.74 2001/12/05 10:06:12 deraadt Exp $ */
/* $OpenBSD: ssh-agent.c,v 1.75 2001/12/19 07:18:56 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -36,7 +36,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ssh-agent.c,v 1.74 2001/12/05 10:06:12 deraadt Exp $");
RCSID("$OpenBSD: ssh-agent.c,v 1.75 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
@ -457,7 +457,7 @@ process_add_smartcard_key (SocketEntry *e)
Key *n = NULL, *k = NULL;
char *sc_reader_id = NULL;
int success = 0;
sc_reader_id = buffer_get_string(&e->input, NULL);
k = sc_get_key(sc_reader_id);
xfree(sc_reader_id);
@ -615,10 +615,10 @@ process_message(SocketEntry *e)
#ifdef SMARTCARD
case SSH_AGENTC_ADD_SMARTCARD_KEY:
process_add_smartcard_key(e);
break;
break;
case SSH_AGENTC_REMOVE_SMARTCARD_KEY:
process_remove_smartcard_key(e);
break;
break;
#endif /* SMARTCARD */
default:
/* Unknown message. Respond with failure. */

6
ssh-keygen.c
View File

@ -12,7 +12,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ssh-keygen.c,v 1.85 2001/12/05 10:06:12 deraadt Exp $");
RCSID("$OpenBSD: ssh-keygen.c,v 1.86 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/evp.h>
#include <openssl/pem.h>
@ -670,7 +670,7 @@ do_change_passphrase(struct passwd *pw)
read_passphrase("Enter new passphrase (empty for no "
"passphrase): ", RP_ALLOW_STDIN);
passphrase2 = read_passphrase("Enter same passphrase again: ",
RP_ALLOW_STDIN);
RP_ALLOW_STDIN);
/* Verify that they are the same. */
if (strcmp(passphrase1, passphrase2) != 0) {
@ -748,7 +748,7 @@ do_change_comment(struct passwd *pw)
fprintf(stderr, "Comments are only supported for RSA1 keys.\n");
key_free(private);
exit(1);
}
}
printf("Key now has comment '%s'\n", comment);
if (identity_comment) {

8
ssh.c
View File

@ -39,7 +39,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ssh.c,v 1.150 2001/11/30 20:39:28 stevesk Exp $");
RCSID("$OpenBSD: ssh.c,v 1.151 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@ -485,7 +485,7 @@ again:
fwd_host_port);
else if (opt == 'R')
add_remote_forward(&options, fwd_port, buf,
fwd_host_port);
fwd_host_port);
break;
case 'D':
@ -1150,8 +1150,8 @@ ssh_session2_open(void)
channel_send_open(c->self);
if (!no_shell_flag)
channel_register_callback(c->self,
SSH2_MSG_CHANNEL_OPEN_CONFIRMATION,
ssh_session2_setup, (void *)0);
SSH2_MSG_CHANNEL_OPEN_CONFIRMATION,
ssh_session2_setup, (void *)0);
return c->self;
}

16
sshconnect.c
View File

@ -13,7 +13,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshconnect.c,v 1.117 2001/12/06 18:02:32 stevesk Exp $");
RCSID("$OpenBSD: sshconnect.c,v 1.118 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/bn.h>
@ -109,7 +109,7 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw,
/* Create pipes for communicating with the proxy. */
if (pipe(pin) < 0 || pipe(pout) < 0)
fatal("Could not create pipes to communicate with the proxy: %.100s",
strerror(errno));
strerror(errno));
debug("Executing proxy command: %.500s", command_string);
@ -258,7 +258,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
int full_failure = 1;
debug("ssh_connect: getuid %u geteuid %u anon %d",
(u_int) getuid(), (u_int) geteuid(), anonymous);
(u_int) getuid(), (u_int) geteuid(), anonymous);
/* Get default port if port has not been set. */
if (port == 0) {
@ -428,7 +428,7 @@ ssh_exchange_identification(void)
&remote_major, &remote_minor, remote_version) != 3)
fatal("Bad remote protocol version identification: '%.100s'", buf);
debug("Remote protocol version %d.%d, remote software version %.100s",
remote_major, remote_minor, remote_version);
remote_major, remote_minor, remote_version);
compat_datafellows(remote_version);
mismatch = 0;
@ -620,7 +620,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
*/
host_file = user_hostfile;
host_status = check_host_in_hostfile(host_file, host, host_key,
file_key, &host_line);
file_key, &host_line);
if (host_status == HOST_NEW) {
host_file = system_hostfile;
host_status = check_host_in_hostfile(host_file, host, host_key,
@ -663,7 +663,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
"'%.128s' not in list of known hosts.",
type, ip);
else if (!add_host_to_hostfile(user_hostfile, ip,
host_key))
host_key))
log("Failed to add the %s host key for IP "
"address '%.128s' to the list of known "
"hosts (%.30s).", type, ip, user_hostfile);
@ -789,7 +789,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
error("Port forwarding is disabled to avoid "
"man-in-the-middle attacks.");
options.num_local_forwards =
options.num_remote_forwards = 0;
options.num_remote_forwards = 0;
}
/*
* XXX Should permit the user to change to use the new id.
@ -813,7 +813,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
error("Exiting, you have requested strict checking.");
goto fail;
} else if (options.strict_host_key_checking == 2) {
if (!confirm("Are you sure you want "
if (!confirm("Are you sure you want "
"to continue connecting (yes/no)? ")) {
goto fail;
}

200
sshconnect1.c
View File

@ -13,7 +13,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshconnect1.c,v 1.41 2001/10/06 11:18:19 markus Exp $");
RCSID("$OpenBSD: sshconnect1.c,v 1.42 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/bn.h>
#include <openssl/evp.h>
@ -80,8 +80,8 @@ try_agent_authentication(void)
/* Loop through identities served by the agent. */
for (key = ssh_get_first_identity(auth, &comment, 1);
key != NULL;
key = ssh_get_next_identity(auth, &comment, 1)) {
key != NULL;
key = ssh_get_next_identity(auth, &comment, 1)) {
/* Try this identity. */
debug("Trying RSA authentication via agent with '%.100s'", comment);
@ -400,10 +400,10 @@ try_krb4_authentication(void)
/* Don't do anything if we don't have any tickets. */
if (stat(tkt_string(), &st) < 0)
return 0;
strlcpy(inst, (char *)krb_get_phost(get_canonical_hostname(1)),
INST_SZ);
realm = (char *)krb_realmofhost(get_canonical_hostname(1));
if (!realm) {
debug("Kerberos v4: no realm for %s", get_canonical_hostname(1));
@ -411,7 +411,7 @@ try_krb4_authentication(void)
}
/* This can really be anything. */
checksum = (u_long)getpid();
r = krb_mk_req(&auth, KRB4_SERVICE_NAME, inst, realm, checksum);
if (r != KSUCCESS) {
debug("Kerberos v4 krb_mk_req failed: %s", krb_err_txt[r]);
@ -424,22 +424,22 @@ try_krb4_authentication(void)
return 0;
}
des_key_sched((des_cblock *) cred.session, schedule);
/* Send authentication info to server. */
packet_start(SSH_CMSG_AUTH_KERBEROS);
packet_put_string((char *) auth.dat, auth.length);
packet_send();
packet_write_wait();
/* Zero the buffer. */
(void) memset(auth.dat, 0, MAX_KTXT_LEN);
slen = sizeof(local);
memset(&local, 0, sizeof(local));
if (getsockname(packet_get_connection_in(),
(struct sockaddr *)&local, &slen) < 0)
debug("getsockname failed: %s", strerror(errno));
slen = sizeof(foreign);
memset(&foreign, 0, sizeof(foreign));
if (getpeername(packet_get_connection_in(),
@ -455,18 +455,18 @@ try_krb4_authentication(void)
debug("Kerberos v4 authentication failed.");
return 0;
break;
case SSH_SMSG_AUTH_KERBEROS_RESPONSE:
/* SSH_SMSG_AUTH_KERBEROS_SUCCESS */
debug("Kerberos v4 authentication accepted.");
/* Get server's response. */
reply = packet_get_string((u_int *) &auth.length);
memcpy(auth.dat, reply, auth.length);
xfree(reply);
packet_integrity_check(plen, 4 + auth.length, type);
/*
* If his response isn't properly encrypted with the session
* key, and the decrypted checksum fails to match, he's
@ -483,7 +483,7 @@ try_krb4_authentication(void)
memcpy((char *)&cksum, (char *)msg_data.app_data,
sizeof(cksum));
cksum = ntohl(cksum);
/* If it matches, we're golden. */
if (cksum == checksum + 1) {
debug("Kerberos v4 challenge successful.");
@ -491,7 +491,7 @@ try_krb4_authentication(void)
} else
packet_disconnect("Kerberos v4 challenge failed!");
break;
default:
packet_disconnect("Protocol error on Kerberos v4 response: %d", type);
}
@ -513,26 +513,26 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
int type, payload_len;
krb5_ap_rep_enc_part *reply = NULL;
int ret;
memset(&ap, 0, sizeof(ap));
problem = krb5_init_context(context);
if (problem) {
debug("Kerberos v5: krb5_init_context failed");
ret = 0;
goto out;
}
tkfile = krb5_cc_default_name(*context);
if (strncmp(tkfile, "FILE:", 5) == 0)
tkfile += 5;
if (stat(tkfile, &buf) == 0 && getuid() != buf.st_uid) {
debug("Kerberos v5: could not get default ccache (permission denied).");
ret = 0;
goto out;
}
problem = krb5_cc_default(*context, &ccache);
if (problem) {
debug("Kerberos v5: krb5_cc_default failed: %s",
@ -540,9 +540,9 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
ret = 0;
goto out;
}
remotehost = get_canonical_hostname(1);
problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED,
"host", remotehost, NULL, ccache, &ap);
if (problem) {
@ -551,48 +551,48 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
ret = 0;
goto out;
}
packet_start(SSH_CMSG_AUTH_KERBEROS);
packet_put_string((char *) ap.data, ap.length);
packet_send();
packet_write_wait();
xfree(ap.data);
ap.length = 0;
type = packet_read(&payload_len);
switch (type) {
case SSH_SMSG_FAILURE:
/* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
debug("Kerberos v5 authentication failed.");
ret = 0;
break;
case SSH_SMSG_FAILURE:
/* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */
debug("Kerberos v5 authentication failed.");
ret = 0;
break;
case SSH_SMSG_AUTH_KERBEROS_RESPONSE:
/* SSH_SMSG_AUTH_KERBEROS_SUCCESS */
debug("Kerberos v5 authentication accepted.");
/* Get server's response. */
ap.data = packet_get_string((unsigned int *) &ap.length);
packet_integrity_check(payload_len, 4 + ap.length, type);
/* XXX je to dobre? */
problem = krb5_rd_rep(*context, *auth_context, &ap, &reply);
if (problem) {
/* SSH_SMSG_AUTH_KERBEROS_SUCCESS */
debug("Kerberos v5 authentication accepted.");
/* Get server's response. */
ap.data = packet_get_string((unsigned int *) &ap.length);
packet_integrity_check(payload_len, 4 + ap.length, type);
/* XXX je to dobre? */
problem = krb5_rd_rep(*context, *auth_context, &ap, &reply);
if (problem) {
ret = 0;
}
ret = 1;
break;
default:
packet_disconnect("Protocol error on Kerberos v5 response: %d",
type);
ret = 0;
break;
}
out:
if (ccache != NULL)
krb5_cc_close(*context, ccache);
@ -600,7 +600,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
krb5_free_ap_rep_enc_part(*context, reply);
if (ap.length > 0)
krb5_data_free(&ap);
return (ret);
}
@ -614,62 +614,62 @@ send_krb5_tgt(krb5_context context, krb5_auth_context auth_context)
krb5_creds creds;
krb5_kdc_flags flags;
const char *remotehost;
memset(&creds, 0, sizeof(creds));
memset(&outbuf, 0, sizeof(outbuf));
fd = packet_get_connection_in();
problem = krb5_auth_con_setaddrs_from_fd(context, auth_context, &fd);
if (problem)
goto out;
problem = krb5_cc_default(context, &ccache);
if (problem)
goto out;
problem = krb5_cc_get_principal(context, ccache, &creds.client);
if (problem)
goto out;
problem = krb5_build_principal(context, &creds.server,
strlen(creds.client->realm), creds.client->realm,
"krbtgt", creds.client->realm, NULL);
if (problem)
goto out;
creds.times.endtime = 0;
flags.i = 0;
flags.b.forwarded = 1;
flags.b.forwardable = krb5_config_get_bool(context, NULL,
"libdefaults", "forwardable", NULL);
remotehost = get_canonical_hostname(1);
problem = krb5_get_forwarded_creds(context, auth_context,
ccache, flags.i, remotehost, &creds, &outbuf);
if (problem)
goto out;
packet_start(SSH_CMSG_HAVE_KERBEROS_TGT);
packet_put_string((char *)outbuf.data, outbuf.length);
packet_send();
packet_write_wait();
type = packet_read(&payload_len);
if (type == SSH_SMSG_SUCCESS) {
char *pname;
krb5_unparse_name(context, creds.client, &pname);
debug("Kerberos v5 TGT forwarded (%s).", pname);
xfree(pname);
} else
debug("Kerberos v5 TGT forwarding failed.");
return;
out:
if (problem)
debug("Kerberos v5 TGT forwarding failed: %s",
@ -693,44 +693,44 @@ send_krb4_tgt(void)
struct stat st;
char buffer[4096], pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ];
int problem, type, len;
/* Don't do anything if we don't have any tickets. */
if (stat(tkt_string(), &st) < 0)
return;
creds = xmalloc(sizeof(*creds));
problem = krb_get_tf_fullname(TKT_FILE, pname, pinst, prealm);
if (problem)
goto out;
problem = krb_get_cred("krbtgt", prealm, prealm, creds);
if (problem)
goto out;
if (time(0) > krb_life_to_time(creds->issue_date, creds->lifetime)) {
problem = RD_AP_EXP;
goto out;
}
creds_to_radix(creds, (u_char *)buffer, sizeof(buffer));
packet_start(SSH_CMSG_HAVE_KERBEROS_TGT);
packet_put_cstring(buffer);
packet_send();
packet_write_wait();
type = packet_read(&len);
if (type == SSH_SMSG_SUCCESS)
debug("Kerberos v4 TGT forwarded (%s%s%s@%s).",
creds->pname, creds->pinst[0] ? "." : "",
creds->pinst, creds->realm);
else
debug("Kerberos v4 TGT rejected.");
xfree(creds);
return;
out:
debug("Kerberos v4 TGT passing failed: %s", krb_err_txt[problem]);
xfree(creds);
@ -745,7 +745,7 @@ send_afs_tokens(void)
int i, type, len;
char buf[2048], *p, *server_cell;
char buffer[8192];
/* Move over ktc_GetToken, here's something leaner. */
for (i = 0; i < 100; i++) { /* just in case */
parms.in = (char *) &i;
@ -755,7 +755,7 @@ send_afs_tokens(void)
if (k_pioctl(0, VIOCGETTOK, &parms, 0) != 0)
break;
p = buf;
/* Get secret token. */
memcpy(&creds.ticket_st.length, p, sizeof(u_int));
if (creds.ticket_st.length > MAX_KTXT_LEN)
@ -763,7 +763,7 @@ send_afs_tokens(void)
p += sizeof(u_int);
memcpy(creds.ticket_st.dat, p, creds.ticket_st.length);
p += creds.ticket_st.length;
/* Get clear token. */
memcpy(&len, p, sizeof(len));
if (len != sizeof(struct ClearToken))
@ -773,7 +773,7 @@ send_afs_tokens(void)
p += len;
p += sizeof(len); /* primary flag */
server_cell = p;
/* Flesh out our credentials. */
strlcpy(creds.service, "afs", sizeof(creds.service));
creds.instance[0] = '\0';
@ -785,7 +785,7 @@ send_afs_tokens(void)
creds.kvno = ct.AuthHandle;
snprintf(creds.pname, sizeof(creds.pname), "AFS ID %d", ct.ViceId);
creds.pinst[0] = '\0';
/* Encode token, ship it off. */
if (creds_to_radix(&creds, (u_char *)buffer,
sizeof(buffer)) <= 0)
@ -798,7 +798,7 @@ send_afs_tokens(void)
/* Roger, Roger. Clearance, Clarence. What's your vector,
Victor? */
type = packet_read(&len);
if (type == SSH_SMSG_FAILURE)
debug("AFS token for cell %s rejected.", server_cell);
else if (type != SSH_SMSG_SUCCESS)
@ -842,7 +842,7 @@ try_challenge_response_authentication(void)
challenge = packet_get_string(&clen);
packet_integrity_check(payload_len, (4 + clen), type);
snprintf(prompt, sizeof prompt, "%s%s", challenge,
strchr(challenge, '\n') ? "" : "\nResponse: ");
strchr(challenge, '\n') ? "" : "\nResponse: ");
xfree(challenge);
if (i != 0)
error("Permission denied, please try again.");
@ -974,11 +974,11 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
supported_authentications = packet_get_int();
debug("Received server public key (%d bits) and host key (%d bits).",
BN_num_bits(public_key->n), BN_num_bits(host_key->n));
BN_num_bits(public_key->n), BN_num_bits(host_key->n));
packet_integrity_check(payload_len,
8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4,
SSH_SMSG_PUBLIC_KEY);
8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4,
SSH_SMSG_PUBLIC_KEY);
k.type = KEY_RSA1;
k.rsa = host_key;
if (verify_host_key(host, hostaddr, &k) == -1)
@ -1027,10 +1027,10 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
if (BN_num_bits(host_key->n) <
BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED) {
fatal("respond_to_rsa_challenge: host_key %d < public_key %d + "
"SSH_KEY_BITS_RESERVED %d",
BN_num_bits(host_key->n),
BN_num_bits(public_key->n),
SSH_KEY_BITS_RESERVED);
"SSH_KEY_BITS_RESERVED %d",
BN_num_bits(host_key->n),
BN_num_bits(public_key->n),
SSH_KEY_BITS_RESERVED);
}
rsa_public_encrypt(key, key, public_key);
rsa_public_encrypt(key, key, host_key);
@ -1039,10 +1039,10 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
if (BN_num_bits(public_key->n) <
BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED) {
fatal("respond_to_rsa_challenge: public_key %d < host_key %d + "
"SSH_KEY_BITS_RESERVED %d",
BN_num_bits(public_key->n),
BN_num_bits(host_key->n),
SSH_KEY_BITS_RESERVED);
"SSH_KEY_BITS_RESERVED %d",
BN_num_bits(public_key->n),
BN_num_bits(host_key->n),
SSH_KEY_BITS_RESERVED);
}
rsa_public_encrypt(key, key, host_key);
rsa_public_encrypt(key, key, public_key);
@ -1064,7 +1064,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
/* Check that the selected cipher is supported. */
if (!(supported_ciphers & (1 << options.cipher)))
fatal("Selected cipher type %.100s not supported by server.",
cipher_name(options.cipher));
cipher_name(options.cipher));
debug("Encryption type: %.100s", cipher_name(options.cipher));
@ -1117,7 +1117,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
#endif
int i, type;
int payload_len;
if (supported_authentications == 0)
fatal("ssh_userauth1: server supports no auth methods");
@ -1139,12 +1139,12 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
goto success;
if (type != SSH_SMSG_FAILURE)
packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", type);
#ifdef KRB5
if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) &&
options.kerberos_authentication) {
options.kerberos_authentication) {
debug("Trying Kerberos v5 authentication.");
if (try_krb5_authentication(&context, &auth_context)) {
type = packet_read(&payload_len);
if (type == SSH_SMSG_SUCCESS)
@ -1154,12 +1154,12 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
}
}
#endif /* KRB5 */
#ifdef KRB4
if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) &&
options.kerberos_authentication) {
debug("Trying Kerberos v4 authentication.");
if (try_krb4_authentication()) {
type = packet_read(&payload_len);
if (type == SSH_SMSG_SUCCESS)
@ -1169,7 +1169,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
}
}
#endif /* KRB4 */
/*
* Use rhosts authentication if running in privileged socket and we
* do not wish to remain anonymous.
@ -1254,7 +1254,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host,
if (context)
krb5_free_context(context);
#endif
#ifdef AFS
/* Try Kerberos v4 TGT passing if the server supports it. */
if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) &&

8
sshconnect2.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshconnect2.c,v 1.87 2001/12/05 10:06:13 deraadt Exp $");
RCSID("$OpenBSD: sshconnect2.c,v 1.88 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
@ -111,7 +111,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
}
if (options.hostkeyalgorithms != NULL)
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
options.hostkeyalgorithms;
/* start key exchange */
@ -613,7 +613,7 @@ load_identity_file(char *filename)
if (options.batch_mode)
return NULL;
snprintf(prompt, sizeof prompt,
"Enter passphrase for key '%.100s': ", filename);
"Enter passphrase for key '%.100s': ", filename);
for (i = 0; i < options.number_of_password_prompts; i++) {
passphrase = read_passphrase(prompt, 0);
if (strcmp(passphrase, "") != 0) {
@ -646,7 +646,7 @@ identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp,
return -1;
/* private key is stored in external hardware */
if (options.identity_keys[idx]->flags & KEY_FLAG_EXT)
if (options.identity_keys[idx]->flags & KEY_FLAG_EXT)
return key_sign(options.identity_keys[idx], sigp, lenp, data, datalen);
private = load_identity_file(options.identity_files[idx]);

4
sshd.8
View File

@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: sshd.8,v 1.156 2001/12/06 13:30:06 markus Exp $
.\" $OpenBSD: sshd.8,v 1.157 2001/12/19 07:18:56 deraadt Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
@ -253,7 +253,7 @@ authentication, and termination of each connection is logged.
.It Fl t
Test mode.
Only check the validity of the configuration file and sanity of the keys.
This is useful for updating
This is useful for updating
.Nm
reliably as configuration options may change.
.It Fl u Ar len

20
sshd.c
View File

@ -40,7 +40,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshd.c,v 1.216 2001/12/10 16:45:04 stevesk Exp $");
RCSID("$OpenBSD: sshd.c,v 1.217 2001/12/19 07:18:56 deraadt Exp $");
#include <openssl/dh.h>
#include <openssl/bn.h>
@ -399,7 +399,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
fatal_cleanup();
}
debug("Client protocol version %d.%d; client software version %.100s",
remote_major, remote_minor, remote_version);
remote_major, remote_minor, remote_version);
compat_datafellows(remote_version);
@ -467,7 +467,7 @@ destroy_sensitive_data(void)
key_free(sensitive_data.server_key);
sensitive_data.server_key = NULL;
}
for(i = 0; i < options.num_host_key_files; i++) {
for (i = 0; i < options.num_host_key_files; i++) {
if (sensitive_data.host_keys[i]) {
key_free(sensitive_data.host_keys[i]);
sensitive_data.host_keys[i] = NULL;
@ -483,7 +483,7 @@ list_hostkey_types(void)
static char buf[1024];
int i;
buf[0] = '\0';
for(i = 0; i < options.num_host_key_files; i++) {
for (i = 0; i < options.num_host_key_files; i++) {
Key *key = sensitive_data.host_keys[i];
if (key == NULL)
continue;
@ -506,7 +506,7 @@ static Key *
get_hostkey_by_type(int type)
{
int i;
for(i = 0; i < options.num_host_key_files; i++) {
for (i = 0; i < options.num_host_key_files; i++) {
Key *key = sensitive_data.host_keys[i];
if (key != NULL && key->type == type)
return key;
@ -687,9 +687,9 @@ main(int ac, char **av)
utmp_len = atoi(optarg);
break;
case 'o':
if (process_server_config_line(&options, optarg,
if (process_server_config_line(&options, optarg,
"command-line", 0) != 0)
exit(1);
exit(1);
break;
case '?':
default:
@ -734,14 +734,14 @@ main(int ac, char **av)
/* load private host keys */
sensitive_data.host_keys = xmalloc(options.num_host_key_files*sizeof(Key*));
for(i = 0; i < options.num_host_key_files; i++)
for (i = 0; i < options.num_host_key_files; i++)
sensitive_data.host_keys[i] = NULL;
sensitive_data.server_key = NULL;
sensitive_data.ssh1_host_key = NULL;
sensitive_data.have_ssh1_key = 0;
sensitive_data.have_ssh2_key = 0;
for(i = 0; i < options.num_host_key_files; i++) {
for (i = 0; i < options.num_host_key_files; i++) {
key = key_load_private(options.host_key_files[i], "", NULL);
sensitive_data.host_keys[i] = key;
if (key == NULL) {
@ -842,7 +842,7 @@ main(int ac, char **av)
/* Chdir to the root directory so that the current disk can be
unmounted if desired. */
chdir("/");
/* ignore SIGPIPE */
signal(SIGPIPE, SIG_IGN);

4
sshd_config
View File

@ -1,4 +1,4 @@
# $OpenBSD: sshd_config,v 1.42 2001/09/20 20:57:51 mouring Exp $
# $OpenBSD: sshd_config,v 1.43 2001/12/19 07:18:56 deraadt Exp $
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
@ -50,7 +50,7 @@ HostbasedAuthentication no
PasswordAuthentication yes
PermitEmptyPasswords no
# Uncomment to disable s/key passwords
# Uncomment to disable s/key passwords
#ChallengeResponseAuthentication no
# Uncomment to enable PAM keyboard-interactive authentication

4
sshlogin.c
View File

@ -39,7 +39,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshlogin.c,v 1.2 2001/03/24 16:43:27 stevesk Exp $");
RCSID("$OpenBSD: sshlogin.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $");
#include "loginrec.h"
@ -67,7 +67,7 @@ get_last_login_time(uid_t uid, const char *logname,
void
record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
const char *host, struct sockaddr * addr)
const char *host, struct sockaddr * addr)
{
struct logininfo *li;

22
sshpty.c
View File

@ -12,7 +12,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sshpty.c,v 1.3 2001/07/22 21:32:27 markus Exp $");
RCSID("$OpenBSD: sshpty.c,v 1.4 2001/12/19 07:18:56 deraadt Exp $");
#ifdef HAVE_UTIL_H
# include <util.h>
@ -156,7 +156,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
*ttyfd = open(name, O_RDWR | O_NOCTTY);
if (*ttyfd < 0) {
error("Could not open pty slave side %.100s: %.100s",
name, strerror(errno));
name, strerror(errno));
close(*ptyfd);
return 0;
}
@ -328,7 +328,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname)
fd = open(_PATH_TTY, O_WRONLY);
if (fd < 0)
error("open /dev/tty failed - could not set controlling tty: %.100s",
strerror(errno));
strerror(errno));
else {
close(fd);
}
@ -339,7 +339,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname)
void
pty_change_window_size(int ptyfd, int row, int col,
int xpixel, int ypixel)
int xpixel, int ypixel)
{
struct winsize w;
w.ws_row = row;
@ -378,15 +378,15 @@ pty_setowner(struct passwd *pw, const char *ttyname)
if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
if (chown(ttyname, pw->pw_uid, gid) < 0) {
if (errno == EROFS &&
if (errno == EROFS &&
(st.st_uid == pw->pw_uid || st.st_uid == 0))
error("chown(%.100s, %d, %d) failed: %.100s",
ttyname, pw->pw_uid, gid,
strerror(errno));
ttyname, pw->pw_uid, gid,
strerror(errno));
else
fatal("chown(%.100s, %d, %d) failed: %.100s",
ttyname, pw->pw_uid, gid,
strerror(errno));
ttyname, pw->pw_uid, gid,
strerror(errno));
}
}
@ -395,10 +395,10 @@ pty_setowner(struct passwd *pw, const char *ttyname)
if (errno == EROFS &&
(st.st_mode & (S_IRGRP | S_IROTH)) == 0)
error("chmod(%.100s, 0%o) failed: %.100s",
ttyname, mode, strerror(errno));
ttyname, mode, strerror(errno));
else
fatal("chmod(%.100s, 0%o) failed: %.100s",
ttyname, mode, strerror(errno));
ttyname, mode, strerror(errno));
}
}
}

4
sshtty.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshtty.c,v 1.1 2001/04/14 16:33:20 stevesk Exp $ */
/* $OpenBSD: sshtty.c,v 1.2 2001/12/19 07:18:56 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -46,7 +46,7 @@ static int _in_raw_mode = 0;
int
in_raw_mode(void)
{
return _in_raw_mode;
return _in_raw_mode;
}
struct termios

4
ttymodes.c
View File

@ -43,7 +43,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: ttymodes.c,v 1.14 2001/06/24 17:18:31 markus Exp $");
RCSID("$OpenBSD: ttymodes.c,v 1.15 2001/12/19 07:18:56 deraadt Exp $");
#include "packet.h"
#include "log.h"
@ -396,7 +396,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr)
default:
debug("Ignoring unsupported tty mode opcode %d (0x%x)",
opcode, opcode);
opcode, opcode);
if (!compat20) {
/*
* SSH1:

6
uidswap.c
View File

@ -12,7 +12,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: uidswap.c,v 1.18 2001/08/08 21:34:19 markus Exp $");
RCSID("$OpenBSD: uidswap.c,v 1.19 2001/12/19 07:18:56 deraadt Exp $");
#include "log.h"
#include "uidswap.h"
@ -67,7 +67,7 @@ temporarily_use_uid(struct passwd *pw)
privileged = 1;
temporarily_use_uid_effective = 1;
saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups);
saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups);
if (saved_egroupslen < 0)
fatal("getgroups: %.100s", strerror(errno));
@ -76,7 +76,7 @@ temporarily_use_uid(struct passwd *pw)
if (initgroups(pw->pw_name, pw->pw_gid) < 0)
fatal("initgroups: %s: %.100s", pw->pw_name,
strerror(errno));
user_groupslen = getgroups(NGROUPS_MAX, user_groups);
user_groupslen = getgroups(NGROUPS_MAX, user_groups);
if (user_groupslen < 0)
fatal("getgroups: %.100s", strerror(errno));
}