mirror of
https://github.com/PowerShell/openssh-portable.git
synced 2025-07-31 01:35:11 +02:00
- (djm) Clean up. Strip some unnecessary differences with OpenBSD's code,
tidy necessary differences. Use Markus' new debugN() in entropy.c
This commit is contained in:
parent
280e71bcb6
commit
cb5e44a440
@ -2,6 +2,8 @@
|
|||||||
- (djm) Fix SSH2 not terminating until all background tasks done problem.
|
- (djm) Fix SSH2 not terminating until all background tasks done problem.
|
||||||
- (djm) Another off-by-one fix from Pavel Kankovsky
|
- (djm) Another off-by-one fix from Pavel Kankovsky
|
||||||
<peak@argo.troja.mff.cuni.cz>
|
<peak@argo.troja.mff.cuni.cz>
|
||||||
|
- (djm) Clean up. Strip some unnecessary differences with OpenBSD's code,
|
||||||
|
tidy necessary differences. Use Markus' new debugN() in entropy.c
|
||||||
|
|
||||||
20000926
|
20000926
|
||||||
- (djm) Update X11-askpass to 1.0.2 in RPM spec file
|
- (djm) Update X11-askpass to 1.0.2 in RPM spec file
|
||||||
|
@ -479,9 +479,9 @@ load_private_key(const char *filename, const char *passphrase, Key *key,
|
|||||||
if (fd < 0)
|
if (fd < 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
/* check owner and modes. */
|
/* check owner and modes */
|
||||||
#ifdef HAVE_CYGWIN
|
#ifdef HAVE_CYGWIN
|
||||||
if (check_ntsec(filename))
|
if (check_ntsec(filename))
|
||||||
#endif
|
#endif
|
||||||
if (fstat(fd, &st) < 0 ||
|
if (fstat(fd, &st) < 0 ||
|
||||||
(st.st_uid != 0 && st.st_uid != getuid()) ||
|
(st.st_uid != 0 && st.st_uid != getuid()) ||
|
||||||
|
@ -1763,7 +1763,8 @@ x11_create_display_inet(int screen_number, int x11_display_offset)
|
|||||||
error("socket: %.100s", strerror(errno));
|
error("socket: %.100s", strerror(errno));
|
||||||
return NULL;
|
return NULL;
|
||||||
} else {
|
} else {
|
||||||
debug("Socket family %d not supported [X11 disp create]", ai->ai_family);
|
debug("x11_create_display_inet: Socket family %d not supported",
|
||||||
|
ai->ai_family);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
27
entropy.c
27
entropy.c
@ -35,15 +35,12 @@
|
|||||||
# include <floatingpoint.h>
|
# include <floatingpoint.h>
|
||||||
#endif /* HAVE_FLOATINGPOINT_H */
|
#endif /* HAVE_FLOATINGPOINT_H */
|
||||||
|
|
||||||
RCSID("$Id: entropy.c,v 1.19 2000/09/16 05:09:28 djm Exp $");
|
RCSID("$Id: entropy.c,v 1.20 2000/09/29 01:12:36 djm Exp $");
|
||||||
|
|
||||||
#ifndef offsetof
|
#ifndef offsetof
|
||||||
# define offsetof(type, member) ((size_t) &((type *)0)->member)
|
# define offsetof(type, member) ((size_t) &((type *)0)->member)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Print lots of detail */
|
|
||||||
/* #define DEBUG_ENTROPY */
|
|
||||||
|
|
||||||
/* Number of times to pass through command list gathering entropy */
|
/* Number of times to pass through command list gathering entropy */
|
||||||
#define NUM_ENTROPY_RUNS 1
|
#define NUM_ENTROPY_RUNS 1
|
||||||
|
|
||||||
@ -272,10 +269,8 @@ stir_from_programs(void)
|
|||||||
/* Stir it in */
|
/* Stir it in */
|
||||||
RAND_add(hash, sizeof(hash), entropy_estimate);
|
RAND_add(hash, sizeof(hash), entropy_estimate);
|
||||||
|
|
||||||
#ifdef DEBUG_ENTROPY
|
debug3("Got %0.2f bytes of entropy from '%s'", entropy_estimate,
|
||||||
debug("Got %0.2f bytes of entropy from '%s'", entropy_estimate,
|
|
||||||
entropy_sources[c].cmdstring);
|
entropy_sources[c].cmdstring);
|
||||||
#endif
|
|
||||||
|
|
||||||
total_entropy_estimate += entropy_estimate;
|
total_entropy_estimate += entropy_estimate;
|
||||||
|
|
||||||
@ -285,10 +280,8 @@ stir_from_programs(void)
|
|||||||
total_entropy_estimate += stir_rusage(RUSAGE_SELF, 0.1);
|
total_entropy_estimate += stir_rusage(RUSAGE_SELF, 0.1);
|
||||||
total_entropy_estimate += stir_rusage(RUSAGE_CHILDREN, 0.1);
|
total_entropy_estimate += stir_rusage(RUSAGE_CHILDREN, 0.1);
|
||||||
} else {
|
} else {
|
||||||
#ifdef DEBUG_ENTROPY
|
debug2("Command '%s' disabled (badness %d)",
|
||||||
debug("Command '%s' disabled (badness %d)",
|
|
||||||
entropy_sources[c].cmdstring, entropy_sources[c].badness);
|
entropy_sources[c].cmdstring, entropy_sources[c].badness);
|
||||||
#endif
|
|
||||||
|
|
||||||
if (entropy_sources[c].badness > 0)
|
if (entropy_sources[c].badness > 0)
|
||||||
entropy_sources[c].badness--;
|
entropy_sources[c].badness--;
|
||||||
@ -373,6 +366,8 @@ hash_output_from_command(entropy_source_t *src, char *hash)
|
|||||||
int total_bytes_read;
|
int total_bytes_read;
|
||||||
SHA_CTX sha;
|
SHA_CTX sha;
|
||||||
|
|
||||||
|
debug3("Reading output from \'%s\'", src->cmdstring);
|
||||||
|
|
||||||
if (devnull == -1) {
|
if (devnull == -1) {
|
||||||
devnull = open("/dev/null", O_RDWR);
|
devnull = open("/dev/null", O_RDWR);
|
||||||
if (devnull == -1)
|
if (devnull == -1)
|
||||||
@ -470,12 +465,10 @@ hash_output_from_command(entropy_source_t *src, char *hash)
|
|||||||
|
|
||||||
close(p[0]);
|
close(p[0]);
|
||||||
|
|
||||||
#ifdef DEBUG_ENTROPY
|
debug3("Time elapsed: %d msec", msec_elapsed);
|
||||||
debug("Time elapsed: %d msec", msec_elapsed);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if (waitpid(pid, &status, 0) == -1) {
|
if (waitpid(pid, &status, 0) == -1) {
|
||||||
debug("Couldn't wait for child '%s' completion: %s", src->cmdstring,
|
error("Couldn't wait for child '%s' completion: %s", src->cmdstring,
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
return(0.0);
|
return(0.0);
|
||||||
}
|
}
|
||||||
@ -486,7 +479,7 @@ hash_output_from_command(entropy_source_t *src, char *hash)
|
|||||||
/* closing p[0] on timeout causes the entropy command to
|
/* closing p[0] on timeout causes the entropy command to
|
||||||
* SIGPIPE. Take whatever output we got, and mark this command
|
* SIGPIPE. Take whatever output we got, and mark this command
|
||||||
* as slow */
|
* as slow */
|
||||||
debug("Command '%s' timed out", src->cmdstring);
|
debug2("Command '%s' timed out", src->cmdstring);
|
||||||
src->sticky_badness *= 2;
|
src->sticky_badness *= 2;
|
||||||
src->badness = src->sticky_badness;
|
src->badness = src->sticky_badness;
|
||||||
return(total_bytes_read);
|
return(total_bytes_read);
|
||||||
@ -496,13 +489,13 @@ hash_output_from_command(entropy_source_t *src, char *hash)
|
|||||||
if (WEXITSTATUS(status)==0) {
|
if (WEXITSTATUS(status)==0) {
|
||||||
return(total_bytes_read);
|
return(total_bytes_read);
|
||||||
} else {
|
} else {
|
||||||
debug("Command '%s' exit status was %d", src->cmdstring,
|
debug2("Command '%s' exit status was %d", src->cmdstring,
|
||||||
WEXITSTATUS(status));
|
WEXITSTATUS(status));
|
||||||
src->badness = src->sticky_badness = 128;
|
src->badness = src->sticky_badness = 128;
|
||||||
return (0.0);
|
return (0.0);
|
||||||
}
|
}
|
||||||
} else if (WIFSIGNALED(status)) {
|
} else if (WIFSIGNALED(status)) {
|
||||||
debug("Command '%s' returned on uncaught signal %d !", src->cmdstring,
|
debug2("Command '%s' returned on uncaught signal %d !", src->cmdstring,
|
||||||
status);
|
status);
|
||||||
src->badness = src->sticky_badness = 128;
|
src->badness = src->sticky_badness = 128;
|
||||||
return(0.0);
|
return(0.0);
|
||||||
|
20
rsa.c
20
rsa.c
@ -82,21 +82,6 @@ rsa_alive()
|
|||||||
return (1);
|
return (1);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* Key generation progress meter callback
|
|
||||||
*/
|
|
||||||
void
|
|
||||||
keygen_progress(int p, int n, void *arg)
|
|
||||||
{
|
|
||||||
const char progress_chars[] = ".o+O?";
|
|
||||||
|
|
||||||
if ((p < 0) || (p > (sizeof(progress_chars) - 2)))
|
|
||||||
p = sizeof(progress_chars) - 2;
|
|
||||||
|
|
||||||
putchar(progress_chars[p]);
|
|
||||||
fflush(stdout);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generates RSA public and private keys. This initializes the data
|
* Generates RSA public and private keys. This initializes the data
|
||||||
* structures; they should be freed with rsa_clear_private_key and
|
* structures; they should be freed with rsa_clear_private_key and
|
||||||
@ -113,11 +98,8 @@ rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits)
|
|||||||
if (rsa_verbose) {
|
if (rsa_verbose) {
|
||||||
printf("Generating RSA keys: ");
|
printf("Generating RSA keys: ");
|
||||||
fflush(stdout);
|
fflush(stdout);
|
||||||
key = RSA_generate_key(bits, 35, keygen_progress, NULL);
|
|
||||||
printf("\n");
|
|
||||||
} else {
|
|
||||||
key = RSA_generate_key(bits, 35, NULL, NULL);
|
|
||||||
}
|
}
|
||||||
|
key = RSA_generate_key(bits, 35, NULL, NULL);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
fatal("rsa_generate_key: key generation failed.");
|
fatal("rsa_generate_key: key generation failed.");
|
||||||
|
|
||||||
|
66
session.c
66
session.c
@ -867,7 +867,7 @@ void do_pam_environment(char ***env, int *envsize)
|
|||||||
strncpy(var_name, pam_env[i], equals - pam_env[i]);
|
strncpy(var_name, pam_env[i], equals - pam_env[i]);
|
||||||
strcpy(var_val, equals + 1);
|
strcpy(var_val, equals + 1);
|
||||||
|
|
||||||
debug("PAM environment: %s=%s", var_name, var_val);
|
debug3("PAM environment: %s=%s", var_name, var_val);
|
||||||
|
|
||||||
child_set_env(env, envsize, var_name, var_val);
|
child_set_env(env, envsize, var_name, var_val);
|
||||||
}
|
}
|
||||||
@ -875,6 +875,32 @@ void do_pam_environment(char ***env, int *envsize)
|
|||||||
}
|
}
|
||||||
#endif /* USE_PAM */
|
#endif /* USE_PAM */
|
||||||
|
|
||||||
|
|
||||||
|
#ifdef HAVE_CYGWIN
|
||||||
|
void copy_environment(char ***env, int *envsize)
|
||||||
|
{
|
||||||
|
char *equals, var_name[512], var_val[512];
|
||||||
|
int i;
|
||||||
|
|
||||||
|
for(i = 0; environ[i] != NULL; i++) {
|
||||||
|
if ((equals = strstr(environ[i], "=")) == NULL)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
if (strlen(environ[i]) < (sizeof(var_name) - 1)) {
|
||||||
|
memset(var_name, '\0', sizeof(var_name));
|
||||||
|
memset(var_val, '\0', sizeof(var_val));
|
||||||
|
|
||||||
|
strncpy(var_name, environ[i], equals - environ[i]);
|
||||||
|
strcpy(var_val, equals + 1);
|
||||||
|
|
||||||
|
debug3("Copy environment: %s=%s", var_name, var_val);
|
||||||
|
|
||||||
|
child_set_env(env, envsize, var_name, var_val);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(HAVE_GETUSERATTR)
|
#if defined(HAVE_GETUSERATTR)
|
||||||
/*
|
/*
|
||||||
* AIX-specific login initialisation
|
* AIX-specific login initialisation
|
||||||
@ -1107,15 +1133,7 @@ do_child(const char *command, struct passwd * pw, const char *term,
|
|||||||
* The Windows environment contains some setting which are
|
* The Windows environment contains some setting which are
|
||||||
* important for a running system. They must not be dropped.
|
* important for a running system. They must not be dropped.
|
||||||
*/
|
*/
|
||||||
{
|
copy_environment(&env, &envsize);
|
||||||
char **ep;
|
|
||||||
for (ep = environ; *ep; ++ep) {
|
|
||||||
char *esp = strchr(*ep, '=');
|
|
||||||
*esp = '\0';
|
|
||||||
child_set_env(&env, &envsize, *ep, esp + 1);
|
|
||||||
*esp = '=';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (!options.use_login) {
|
if (!options.use_login) {
|
||||||
@ -1126,8 +1144,8 @@ do_child(const char *command, struct passwd * pw, const char *term,
|
|||||||
#ifdef HAVE_LOGIN_CAP
|
#ifdef HAVE_LOGIN_CAP
|
||||||
(void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH);
|
(void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH);
|
||||||
child_set_env(&env, &envsize, "PATH", getenv("PATH"));
|
child_set_env(&env, &envsize, "PATH", getenv("PATH"));
|
||||||
#else
|
#else /* HAVE_LOGIN_CAP */
|
||||||
#ifndef HAVE_CYGWIN
|
# ifndef HAVE_CYGWIN
|
||||||
/*
|
/*
|
||||||
* There's no standard path on Windows. The path contains
|
* There's no standard path on Windows. The path contains
|
||||||
* important components pointing to the system directories,
|
* important components pointing to the system directories,
|
||||||
@ -1135,8 +1153,8 @@ do_child(const char *command, struct passwd * pw, const char *term,
|
|||||||
* remains intact here.
|
* remains intact here.
|
||||||
*/
|
*/
|
||||||
child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
|
child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
|
||||||
#endif
|
# endif /* HAVE_CYGWIN */
|
||||||
#endif
|
#endif /* HAVE_LOGIN_CAP */
|
||||||
|
|
||||||
snprintf(buf, sizeof buf, "%.200s/%.50s",
|
snprintf(buf, sizeof buf, "%.200s/%.50s",
|
||||||
_PATH_MAILDIR, pw->pw_name);
|
_PATH_MAILDIR, pw->pw_name);
|
||||||
@ -1178,15 +1196,11 @@ do_child(const char *command, struct passwd * pw, const char *term,
|
|||||||
original_command);
|
original_command);
|
||||||
|
|
||||||
#ifdef _AIX
|
#ifdef _AIX
|
||||||
{
|
if ((cp = getenv("AUTHSTATE")) != NULL)
|
||||||
char *authstate,*krb5cc;
|
child_set_env(&env, &envsize, "AUTHSTATE", cp);
|
||||||
|
if ((cp = getenv("KRB5CCNAME")) != NULL)
|
||||||
if ((authstate = getenv("AUTHSTATE")) != NULL)
|
child_set_env(&env, &envsize, "KRB5CCNAME", cp);
|
||||||
child_set_env(&env,&envsize,"AUTHSTATE",authstate);
|
read_environment_file(&env, &envsize, "/etc/environment");
|
||||||
|
|
||||||
if ((krb5cc = getenv("KRB5CCNAME")) != NULL)
|
|
||||||
child_set_env(&env,&envsize,"KRB5CCNAME",krb5cc);
|
|
||||||
}
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef KRB4
|
#ifdef KRB4
|
||||||
@ -1203,8 +1217,6 @@ do_child(const char *command, struct passwd * pw, const char *term,
|
|||||||
do_pam_environment(&env, &envsize);
|
do_pam_environment(&env, &envsize);
|
||||||
#endif /* USE_PAM */
|
#endif /* USE_PAM */
|
||||||
|
|
||||||
read_environment_file(&env,&envsize,"/etc/environment");
|
|
||||||
|
|
||||||
if (xauthfile)
|
if (xauthfile)
|
||||||
child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);
|
child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);
|
||||||
if (auth_get_socket_name() != NULL)
|
if (auth_get_socket_name() != NULL)
|
||||||
@ -1313,13 +1325,11 @@ do_child(const char *command, struct passwd * pw, const char *term,
|
|||||||
"Running %.100s add %.100s %.100s %.100s\n",
|
"Running %.100s add %.100s %.100s %.100s\n",
|
||||||
options.xauth_location, display,
|
options.xauth_location, display,
|
||||||
auth_proto, auth_data);
|
auth_proto, auth_data);
|
||||||
#ifndef HAVE_CYGWIN
|
|
||||||
if (screen != NULL)
|
if (screen != NULL)
|
||||||
fprintf(stderr,
|
fprintf(stderr,
|
||||||
"Adding %.*s/unix%s %s %s\n",
|
"Adding %.*s/unix%s %s %s\n",
|
||||||
(int)(screen-display), display,
|
(int)(screen-display), display,
|
||||||
screen, auth_proto, auth_data);
|
screen, auth_proto, auth_data);
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
snprintf(cmd, sizeof cmd, "%s -q -",
|
snprintf(cmd, sizeof cmd, "%s -q -",
|
||||||
options.xauth_location);
|
options.xauth_location);
|
||||||
@ -1327,12 +1337,10 @@ do_child(const char *command, struct passwd * pw, const char *term,
|
|||||||
if (f) {
|
if (f) {
|
||||||
fprintf(f, "add %s %s %s\n", display,
|
fprintf(f, "add %s %s %s\n", display,
|
||||||
auth_proto, auth_data);
|
auth_proto, auth_data);
|
||||||
#ifndef HAVE_CYGWIN
|
|
||||||
if (screen != NULL)
|
if (screen != NULL)
|
||||||
fprintf(f, "add %.*s/unix%s %s %s\n",
|
fprintf(f, "add %.*s/unix%s %s %s\n",
|
||||||
(int)(screen-display), display,
|
(int)(screen-display), display,
|
||||||
screen, auth_proto, auth_data);
|
screen, auth_proto, auth_data);
|
||||||
#endif
|
|
||||||
pclose(f);
|
pclose(f);
|
||||||
} else {
|
} else {
|
||||||
fprintf(stderr, "Could not run %s\n",
|
fprintf(stderr, "Could not run %s\n",
|
||||||
|
4
ssh.c
4
ssh.c
@ -485,11 +485,11 @@ main(int ac, char **av)
|
|||||||
if (!host)
|
if (!host)
|
||||||
usage();
|
usage();
|
||||||
|
|
||||||
|
SSLeay_add_all_algorithms();
|
||||||
|
|
||||||
/* Initialize the command to execute on remote host. */
|
/* Initialize the command to execute on remote host. */
|
||||||
buffer_init(&command);
|
buffer_init(&command);
|
||||||
|
|
||||||
SSLeay_add_all_algorithms();
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Save the command to execute on the remote host in a buffer. There
|
* Save the command to execute on the remote host in a buffer. There
|
||||||
* is no limit on the length of the command, except by the maximum
|
* is no limit on the length of the command, except by the maximum
|
||||||
|
Loading…
x
Reference in New Issue
Block a user